193 lines
5.7 KiB
C
193 lines
5.7 KiB
C
/****************************************************************************
|
|
|
|
Copyright(c) 2019 by Aerospace C.Power (Chongqing) Microelectronics. ALL RIGHTS RESERVED.
|
|
|
|
This Information is proprietary to Aerospace C.Power (Chongqing) Microelectronics and MAY NOT
|
|
be copied by any method or incorporated into another program without
|
|
the express written consent of Aerospace C.Power. This Information or any portion
|
|
thereof remains the property of Aerospace C.Power. The Information contained herein
|
|
is believed to be accurate and Aerospace C.Power assumes no responsibility or
|
|
liability for its use in any way and conveys no license or title under
|
|
any patent or copyright and makes no representation or warranty that this
|
|
Information is free from patent or copyright infringement.
|
|
|
|
****************************************************************************/
|
|
|
|
#ifndef CVG_SEC_AUTH_DAK_INTERNAL_H
|
|
#define CVG_SEC_AUTH_DAK_INTERNAL_H
|
|
|
|
/* os shim includes */
|
|
#include "os_types.h"
|
|
#include "os_timer_api.h"
|
|
|
|
/* public api includes */
|
|
#include "plc_fr.h"
|
|
|
|
/* cvg module internal includes */
|
|
#include "cvg_api.h"
|
|
#include "cvg.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#if (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK)
|
|
|
|
/* define max length of authorized key buffer */
|
|
#define CVG_SEC_AUTH_DAK_KEY_MAX_LEN (32)
|
|
|
|
/* authorized dak list table */
|
|
typedef struct _cvg_sec_dak_tab {
|
|
uint8_t mac[IOT_MAC_ADDR_LEN];
|
|
/* TODO: define dak list table */
|
|
} cvg_sec_dak_tab_t;
|
|
|
|
/* authorized common info */
|
|
typedef struct _cvg_sec_auth {
|
|
/* enable flag */
|
|
uint8_t enable : 1,
|
|
/* reserved for future */
|
|
rsvd : 7;
|
|
/* DAK information */
|
|
cvg_sec_dak_tab_t *dak;
|
|
/* network membership key */
|
|
uint8_t nmk[CVG_SEC_AUTH_DAK_KEY_MAX_LEN];
|
|
/* network encryption key */
|
|
uint8_t nek[CVG_SEC_AUTH_DAK_KEY_MAX_LEN];
|
|
} cvg_sec_auth_t;
|
|
|
|
/* cco authorized dak state info */
|
|
typedef struct _cvg_sec_auth_cco {
|
|
/* authorized check timer */
|
|
timer_id_t auth_timer;
|
|
} cvg_sec_auth_cco_t;
|
|
|
|
/* sta security authorized states */
|
|
typedef enum {
|
|
/* sta device network authorized initial state */
|
|
sta_auth_state_init = 1,
|
|
/* sta device is applying for network nmk */
|
|
sta_auth_state_nmking,
|
|
/* sta device have got nmk, and is applying for network nek */
|
|
sta_auth_state_neking,
|
|
/* sta device network authorized completion state */
|
|
sta_auth_state_done,
|
|
} cvg_sec_auth_sta_state_t;
|
|
|
|
/* security authorized event definitions */
|
|
typedef enum {
|
|
/* start event */
|
|
sec_auth_event_start = 1,
|
|
/* timeout event */
|
|
sec_auth_event_timeout,
|
|
} cvg_sec_auth_event_t;
|
|
|
|
/* persistent info that won't be cleared when auth reset */
|
|
typedef struct _cvg_sec_sta_persist_info {
|
|
/* authorized state, sta_auth_state_XXX */
|
|
cvg_sec_auth_sta_state_t auth_state;
|
|
/* network id */
|
|
uint32_t nid : 24,
|
|
/* reserved for future */
|
|
rsvd : 8;
|
|
/* mac address of cco */
|
|
uint8_t cco_addr[IOT_MAC_ADDR_LEN];
|
|
} cvg_sec_sta_persist_info_t;
|
|
|
|
/* sta authorized state info */
|
|
typedef struct _cvg_sec_auth_sta {
|
|
/* persistent info that shall not be clear when auth reset */
|
|
cvg_sec_sta_persist_info_t pst_info;
|
|
/* authrozied check timer */
|
|
timer_id_t auth_timer;
|
|
/* protocol run sequence */
|
|
uint8_t auth_run_sn;
|
|
/* protocol message sequence */
|
|
uint16_t auth_msg_sn;
|
|
/* auth nonce, used to verify message from other end */
|
|
uint32_t auth_nonce;
|
|
/* retry count of request for key, nmk or nek */
|
|
uint8_t auth_retry_cnt;
|
|
/* last update nek time stamp. unit is 1s */
|
|
uint32_t nek_update_ts;
|
|
} cvg_sec_auth_sta_t;
|
|
|
|
typedef struct _cvg_sec_auth_vdev {
|
|
/* authorized common info */
|
|
cvg_sec_auth_t auth;
|
|
union {
|
|
cvg_sec_auth_sta_t *sta;
|
|
cvg_sec_auth_cco_t *cco;
|
|
} desc;
|
|
} cvg_sec_auth_vdev_t;
|
|
|
|
/*
|
|
* @brief cvg_sec_auth_dak_init() - init authorized dak state info
|
|
* @param vdev: pointer to vdev
|
|
* @param cfg: pointer of vdev configuration
|
|
*
|
|
* @return 0 - for success case
|
|
* @return otherwise - error code
|
|
*/
|
|
uint32_t cvg_sec_auth_dak_init(cvg_vdev_t *vdev, cvg_vdev_cfg_t *cfg);
|
|
|
|
/*
|
|
* @brief cvg_sec_auth_dak_deinit() - deinit authorized dak state info
|
|
* @param vdev: pointer to vdev
|
|
*/
|
|
void cvg_sec_auth_dak_deinit(cvg_vdev_t *vdev);
|
|
|
|
/*
|
|
* @brief cvg_sec_auth_dak_reset() - reset authorized dak state info
|
|
* @param vdev: pointer to vdev
|
|
*/
|
|
void cvg_sec_auth_dak_reset(cvg_vdev_t *vdev, cvg_vdev_cfg_t *cfg);
|
|
|
|
#if (PLC_SUPPORT_STA_ROLE)
|
|
|
|
/*
|
|
* @brief cvg_sec_auth_dak_sta_stop() - stop authorized dak vdev state
|
|
* @param vdev: pointer to vdev
|
|
*/
|
|
void cvg_sec_auth_dak_sta_stop(cvg_vdev_t *vdev);
|
|
|
|
/*
|
|
* cvg_sec_auth_dak_sta_sm() - dak vdev state machine
|
|
* @vdev: vdev pointer of the state machine
|
|
* @event: event to be delivered
|
|
* @data: data pointer of the event
|
|
* @return:
|
|
* 0 - restart not required
|
|
* otherwise - restart required
|
|
*/
|
|
uint8_t cvg_sec_auth_dak_sta_sm(cvg_vdev_t *vdev, cvg_sec_auth_event_t event,
|
|
void *data);
|
|
|
|
#else /* PLC_SUPPORT_STA_ROLE */
|
|
|
|
#define cvg_sec_auth_dak_sta_stop(vdev)
|
|
|
|
#define cvg_sec_auth_dak_sta_sm(vdev, event, data) (0)
|
|
|
|
#endif /* PLC_SUPPORT_STA_ROLE */
|
|
|
|
#else /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK) */
|
|
|
|
#define cvg_sec_auth_dak_init(vdev, cfg) (0)
|
|
|
|
#define cvg_sec_auth_dak_deinit(vdev)
|
|
|
|
#define cvg_sec_auth_dak_reset(vdev, cfg)
|
|
|
|
#define cvg_sec_auth_dak_sta_stop(vdev)
|
|
|
|
#define cvg_sec_auth_dak_sta_sm(vdev, event, data) (0)
|
|
|
|
#endif /* (PLC_SUPPORT_AUTH_TYPE == PLC_AUTH_TYPE_DAK) */
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* CVG_SEC_AUTH_DAK_INTERNAL_H */
|