kunlun/plc/inc/mme/plc_mme_auth.h

/****************************************************************************

Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED.

This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT
be copied by any method or incorporated into another program without
the express written consent of Aerospace C.Power. This Information or any portion
thereof remains the property of Aerospace C.Power. The Information contained herein
is believed to be accurate and Aerospace C.Power assumes no responsibility or
liability for its use in any way and conveys no license or title under
any patent or copyright and makes no representation or warranty that this
Information is free from patent or copyright infringement.

****************************************************************************/

#ifndef PLC_MME_AUTH_H
#define PLC_MME_AUTH_H

/* os shim includes */
#include "os_types.h"

/* public api includes */
#include "iot_utils_api.h"

#ifdef __cplusplus
extern "C" {
#endif

/* pack for the structures in the whole file */
#pragma pack(push)  /* save the pack status */
#pragma pack(1)     /* 1 byte align */

/* authorize result codes */
#define MME_AUTH_SUCCESS              0X00
#define MME_AUTH_FAILURE              0X01

/* get key request result codes */
#define MME_KEY_REQ_SUCCESS           0X00
#define MME_KEY_REQ_REFUSED           0X01
#define MME_KEY_REQ_NOSUPP            0X02

/* set key request result codes */
#define MME_SET_KEY_REQ_SUCCESS       0X00
#define MME_SET_KEY_REQ_FAILURE       0X01

/* encrypted indication payload type */
#define MME_ENCRYPTED_PLD_MME         0X00
#define MME_ENCRYPTED_PLD_HLE         0X01

/* encrypted indication payload key type */
#define MME_ENCRYPTED_IND_DAK         0X00
#define MME_ENCRYPTED_IND_NMK         0X01
#define MME_ENCRYPTED_IND_PLAIN       0X0F

/* encrypted transport key type */
#define MME_ENCRYPTED_TRANS_DAK       0X00
#define MME_ENCRYPTED_TRANS_NMK       0X01
#define MME_ENCRYPTED_TRANS_NEK       0X02

/* length of encrypted iv vector for ieee1901 */
#define MME_ENCRYPT_IV_LEN_I1901      16
/* length of encrypted iv vector for state grid */
#define MME_ENCRYPT_IV_LEN            12
/* length of max encrypted iv */
#define MME_ENCRYPT_IV_MAX_LEN        16
/* length of encrypted nmk for ieee1901 */
#define MME_ENCRYPT_NMK_LEN           32
/* length of encrypted cmk */
#define MME_ENCRYPT_CMK_LEN           16
/* length of encrypted cek for state grid */
#define MME_ENCRYPT_CEK_LEN           16

/* result of communication encryption key request */
#define MME_CEK_REQ_OK                0
#define MME_CEK_REQ_FAIL              1

/* communication encryption key request MME */
typedef struct _mme_cek_req {
    /* communication encryption key sequence requesting */
    uint8_t     cek_seq         :2,
    /* reserved for future */
                rsvd            :6;
} mme_cek_req_t;

/* communication encryption key confirm MME */
typedef struct _mme_cek_cnf {
    /* cek request result, see MME_CEK_REQ_XXX */
    uint8_t     result;
    /* communication encryption key sequence, reply requesting cek if
     * request success, otherwise reply currrent using cek
     */
    uint8_t     cek_seq         :2,
    /* reserved for future */
                rsvd            :6;
    /* countdown of using this cek, unit is 10s */
    uint16_t    cek_countdown;
    /* this cek duration valid time, unit is 10s */
    uint16_t    cek_dur;
    /* iv vector, it is randomly generated by CCO, and using for encrypting CEK
     * with CMK
     */
    uint8_t     iv[MME_ENCRYPT_IV_LEN];
    /* communication encryption key requested, and encrypted with cmk */
    uint8_t     cek[MME_ENCRYPT_CEK_LEN];
} mme_cek_cnf_t;

/* communication encryption key update MME */
typedef struct _mme_cek_update {
    /* communication encryption key sequence updating */
    uint8_t     cek_seq         :2,
    /* reserved for future */
                rsvd            :6;
    /* countdown of using this new cek, unit is 10s */
    uint16_t    cek_countdown;
    /* this new cek duration valid time, unit is 10s */
    uint16_t    cek_dur;
    /* iv vector, it is randomly generated by CCO, and using for encrypting CEK
     * with CMK
     */
    uint8_t     iv[MME_ENCRYPT_IV_LEN];
    /* communication encryption key updating, and encrypted with cmk */
    uint8_t     cek[MME_ENCRYPT_CEK_LEN];
} mme_cek_update_t;

/* ieee1901 authorize request MME */
typedef struct _i1901_mme_auth_req {
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* mac address of the station requesting the granted NMK */
    uint8_t             mac[IOT_MAC_ADDR_LEN];
    /* reserved for future */
    uint8_t             rsvd[3];
} i1901_mme_auth_req_t;

/* authorize confirm MME */
typedef struct _i1901_mme_auth_cnf {
    /* authorize result, see MME_AUTH_XXX */
    uint8_t             result;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* your nonce is the last nonce received from the recipient used by the
     * recipient to verify this message
     */
    uint32_t            your_nonce;
    /* mac address of the station requesting the granted NMK */
    uint8_t             mac[IOT_MAC_ADDR_LEN];
    /* the current network management key of the network */
    uint8_t             nmk[MME_ENCRYPT_NMK_LEN];
    /* reserved for future */
    uint8_t             rsvd[2];
} i1901_mme_auth_cnf_t;

/* get key request */
typedef struct _i1901_mme_get_key_req {
    /* requested key type, see MME_ENCRYPTED_TRANS_XXX */
    uint8_t             key_type;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* MAC address of the STA with which the transmitter of this MME shares the
     * requested key
     */
    uint8_t             mac[IOT_MAC_ADDR_LEN];
    /* reserved for future */
    uint8_t             rsvd[2];
} i1901_mme_get_key_req_t;

/* get key confirm */
typedef struct _i1901_mme_get_key_cnf {
    /* get key result, see MME_KEY_REQ_XXX */
    uint8_t             result;
    /* requested key type, see MME_ENCRYPTED_TRANS_XXX */
    uint8_t             key_type;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* your nonce is the last nonce received from the recipient used by the
     * recipient to verify this message
     */
    uint32_t            your_nonce;
    /* reserved for future */
    uint8_t             rsvd[3];
} i1901_mme_get_key_cnf_t;

/* set key request */
typedef struct _i1901_mme_set_key_req {
    /* the type of the key in new key field, see MME_ENCRYPTED_TRANS_XXX */
    uint8_t             key_type;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* your nonce is the last nonce received from the recipient used by the
     * recipient to verify this message
     */
    uint32_t            your_nonce;
    /* the new key field holds the new NMK or NEK that is being set */
    uint8_t             new_key[MME_ENCRYPT_NMK_LEN];
    /* MAC address of the STA with which the recipient of this message
     * shares the key
     */
    uint8_t             mac[IOT_MAC_ADDR_LEN];
    /* reserved for future */
    uint8_t             rsvd[2];
} i1901_mme_set_key_req_t;

/* set key confirm */
typedef struct _i1901_mme_set_key_cnf {
    /* set key result, see MME_SET_KEY_REQ_XXX */
    uint8_t             result;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* my nonce is a random number used to verify next message from other end */
    uint32_t            my_nonce;
    /* your nonce is the last nonce received from the recipient used by the
     * recipient to verify this message
     */
    uint32_t            your_nonce;
    /* reserved for future */
    uint8_t             rsvd[4];
} i1901_mme_set_key_cnf_t;

/* encrypted payload indication structure*/
typedef struct _i1901_mme_encrypted_pld_ind {
    /* payload type, see MME_ENCRYPTED_PLD_XXX*/
    uint8_t             pld_type;
    /* payload encryption key select, see MME_ENCRYPTED_IND_XXX */
    uint8_t             peks;
    /* protocol run sequence */
    uint8_t             run_sn;
    /* protocol message sequence */
    uint16_t            msg_sn;
    /* payload data */
    uint8_t             data[0];
} i1901_mme_encrypted_pld_ind_t;

/* encrypted payload structure */
typedef struct _i1901_mme_encrypted_pld {
    /* payload length */
    uint16_t            length;
    /* initialization vector */
    uint8_t             iv[MME_ENCRYPT_IV_LEN_I1901];
    /* encrypted payload */
    uint8_t             payload[0];
} i1901_mme_encrypted_pld_t;

/* plain payload structure */
typedef struct _i1901_mme_plain_pld {
    /* payload length */
    uint16_t            length;
    /* unencrypted payload */
    uint8_t             payload[0];
} i1901_mme_plain_pld_t;

#pragma pack(pop)  /* restore the pack status */

#ifdef __cplusplus
}
#endif

#endif /* PLC_MME_AUTH_H */