/**************************************************************************** Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED. This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT be copied by any method or incorporated into another program without the express written consent of Aerospace C.Power. This Information or any portion thereof remains the property of Aerospace C.Power. The Information contained herein is believed to be accurate and Aerospace C.Power assumes no responsibility or liability for its use in any way and conveys no license or title under any patent or copyright and makes no representation or warranty that this Information is free from patent or copyright infringement. ****************************************************************************/ #ifndef CVG_SEC_AUTH_DAK_INTERNAL_H #define CVG_SEC_AUTH_DAK_INTERNAL_H /* os shim includes */ #include "os_types.h" #include "os_timer_api.h" /* public api includes */ #include "plc_fr.h" /* cvg module internal includes */ #include "cvg_api.h" #include "cvg.h" #ifdef __cplusplus extern "C" { #endif #if (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK) /* define max length of authorized key buffer */ #define CVG_SEC_AUTH_DAK_KEY_MAX_LEN (32) /* authorized dak list table */ typedef struct _cvg_sec_dak_tab { uint8_t mac[IOT_MAC_ADDR_LEN]; /* TODO: define dak list table */ } cvg_sec_dak_tab_t; /* authorized common info */ typedef struct _cvg_sec_auth { /* enable flag */ uint8_t enable : 1, /* reserved for future */ rsvd : 7; /* DAK information */ cvg_sec_dak_tab_t *dak; /* network membership key */ uint8_t nmk[CVG_SEC_AUTH_DAK_KEY_MAX_LEN]; /* network encryption key */ uint8_t nek[CVG_SEC_AUTH_DAK_KEY_MAX_LEN]; } cvg_sec_auth_t; /* cco authorized dak state info */ typedef struct _cvg_sec_auth_cco { /* authorized check timer */ timer_id_t auth_timer; } cvg_sec_auth_cco_t; /* sta security authorized states */ typedef enum { /* sta device network authorized initial state */ sta_auth_state_init = 1, /* sta device is applying for network nmk */ sta_auth_state_nmking, /* sta device have got nmk, and is applying for network nek */ sta_auth_state_neking, /* sta device network authorized completion state */ sta_auth_state_done, } cvg_sec_auth_sta_state_t; /* security authorized event definitions */ typedef enum { /* start event */ sec_auth_event_start = 1, /* timeout event */ sec_auth_event_timeout, } cvg_sec_auth_event_t; /* persistent info that won't be cleared when auth reset */ typedef struct _cvg_sec_sta_persist_info { /* authorized state, sta_auth_state_XXX */ cvg_sec_auth_sta_state_t auth_state; /* network id */ uint32_t nid : 24, /* reserved for future */ rsvd : 8; /* mac address of cco */ uint8_t cco_addr[IOT_MAC_ADDR_LEN]; } cvg_sec_sta_persist_info_t; /* sta authorized state info */ typedef struct _cvg_sec_auth_sta { /* persistent info that shall not be clear when auth reset */ cvg_sec_sta_persist_info_t pst_info; /* authrozied check timer */ timer_id_t auth_timer; /* protocol run sequence */ uint8_t auth_run_sn; /* protocol message sequence */ uint16_t auth_msg_sn; /* auth nonce, used to verify message from other end */ uint32_t auth_nonce; /* retry count of request for key, nmk or nek */ uint8_t auth_retry_cnt; /* last update nek time stamp. unit is 1s */ uint32_t nek_update_ts; } cvg_sec_auth_sta_t; typedef struct _cvg_sec_auth_vdev { /* authorized common info */ cvg_sec_auth_t auth; union { cvg_sec_auth_sta_t *sta; cvg_sec_auth_cco_t *cco; } desc; } cvg_sec_auth_vdev_t; /* * @brief cvg_sec_auth_dak_init() - init authorized dak state info * @param vdev: pointer to vdev * @param cfg: pointer of vdev configuration * * @return 0 - for success case * @return otherwise - error code */ uint32_t cvg_sec_auth_dak_init(cvg_vdev_t *vdev, cvg_vdev_cfg_t *cfg); /* * @brief cvg_sec_auth_dak_deinit() - deinit authorized dak state info * @param vdev: pointer to vdev */ void cvg_sec_auth_dak_deinit(cvg_vdev_t *vdev); /* * @brief cvg_sec_auth_dak_reset() - reset authorized dak state info * @param vdev: pointer to vdev */ void cvg_sec_auth_dak_reset(cvg_vdev_t *vdev, cvg_vdev_cfg_t *cfg); #if (PLC_SUPPORT_STA_ROLE) /* * @brief cvg_sec_auth_dak_sta_stop() - stop authorized dak vdev state * @param vdev: pointer to vdev */ void cvg_sec_auth_dak_sta_stop(cvg_vdev_t *vdev); /* * cvg_sec_auth_dak_sta_sm() - dak vdev state machine * @vdev: vdev pointer of the state machine * @event: event to be delivered * @data: data pointer of the event * @return: * 0 - restart not required * otherwise - restart required */ uint8_t cvg_sec_auth_dak_sta_sm(cvg_vdev_t *vdev, cvg_sec_auth_event_t event, void *data); #else /* PLC_SUPPORT_STA_ROLE */ #define cvg_sec_auth_dak_sta_stop(vdev) #define cvg_sec_auth_dak_sta_sm(vdev, event, data) (0) #endif /* PLC_SUPPORT_STA_ROLE */ #else /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK) */ #define cvg_sec_auth_dak_init(vdev, cfg) (0) #define cvg_sec_auth_dak_deinit(vdev) #define cvg_sec_auth_dak_reset(vdev, cfg) #define cvg_sec_auth_dak_sta_stop(vdev) #define cvg_sec_auth_dak_sta_sm(vdev, event, data) (0) #endif /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK) */ #ifdef __cplusplus } #endif #endif /* CVG_SEC_AUTH_DAK_INTERNAL_H */