📄 mac_security.lst
字号:
154 pMSI->micLength = 0;
155 break;
156 default:
157 pMSI->secFlags2420 = 0;
158 pMSI->secMode2420 = 0;
159 pMSI->micLength = 0;
160 break;
161 }
162 } // msecDecodeSecuritySuite
163
164
165
166
167 //-------------------------------------------------------------------------------------------------------
168 // void msecSetupCC2420KeyAndNonce(BOOL isTx, MSEC_SETUP_INFO *pMSI, KEY pKey, BYTE* pCounters)
169 //
170 // DESCRIPTION:
171 // Sets up CC2420 key and (optionally) nonce in CC2420 before RX / TX security operations
172 //
173 // PARAMETERS:
174 // BOOL isTx
175 // TRUE for TX (FALSE for RX)
176 // MSEC_SETUP_INFO *pMSI,
177 // Pointer to the security setup struct in use
178 // KEY pKey,
179 // Pointer to the 16-byte (128 bit) key
180 // BYTE* pCounters
181 // Pointer to the Frame Counter (4 bytes) and Key Sequence Counter (1 byte)
182 //-------------------------------------------------------------------------------------------------------
183 ROOT void msecSetupCC2420KeyAndNonce(BOOL isTx, MSEC_SETUP_INFO *pMSI, KEY pKey, BYTE* pCounters) {
184 UINT16 keyAddressCC2420;
185 UINT8 n;
186 ADDRESS* pExtendedAddress;
187
188 // Write 128-bit key to CC2420 RAM, using KEY0 for TX and KEY1 for RX
189 if (isTx) {
190 keyAddressCC2420 = CC2420RAM_KEY0;
191 } else {
192 keyAddressCC2420 = CC2420RAM_KEY1;
193 }
194
195 // Write key to CC2420 RAM
196 msupWriteRam(pKey, keyAddressCC2420, 16, TRUE);
197
198 // Write nonce/counter to CC2420 RAM, unless we are in CBC-MAC mode where the nonce/counter value is not used.
199 if (pMSI->secFlags2420) {
200
201 DISABLE_GLOBAL_INT();
202 SPI_ENABLE();
203
204 // RAM address
205 if (isTx) {
206 FASTSPI_TX(0x80 | (CC2420RAM_TXNONCE & 0x7F));
207 FASTSPI_TX((CC2420RAM_TXNONCE >> 1) & 0xC0);
208 } else {
209 FASTSPI_TX(0x80 | (CC2420RAM_RXNONCE & 0x7F));
210 FASTSPI_TX((CC2420RAM_RXNONCE >> 1) & 0xC0);
211 }
212
213 // The 2-byte counter is initialized as 0 in counter mode, 1 in CCM
214 FASTSPI_TX(pMSI->secFlags2420 == MAC_CC2420_CCM_FLAGS);
215 FASTSPI_TX(0);
216
217 // Key sequence counter (1 byte) and frame counter (4 bytes)
218 n = 5;
219 pCounters += 4;
220 do {
221 FASTSPI_TX(*(pCounters--));
222 } while (--n);
223
224 if (isTx) {
225 pExtendedAddress = &aExtendedAddress;
226 } else {
227 pExtendedAddress = mrxSecurityInfo.pExtendedAddress;
228 }
229
230 // Extended source address
231 FASTSPI_TX_MANY((BYTE*) pExtendedAddress, 8);
232
233 // Flag byte
234 FASTSPI_TX(pMSI->secFlags2420);
235
236 SPI_DISABLE();
237 ENABLE_GLOBAL_INT();
238 }
239 } // msupSetupCC2420KeyAndNonce
240
241
242
243
244 //-------------------------------------------------------------------------------------------------------
245 // void msecSetupCC2420Regs(MSEC_SETUP_INFO *pMSI)
246 //
247 // DESCRIPTION:
248 // Sets up CC2420 security registers according to the security information struct
249 //
250 // PARAMETERS:
251 // MSEC_SETUP_INFO *pMSI,
252 // Pointer to the security setup struct in use
253 //-------------------------------------------------------------------------------------------------------
254 ROOT void msecSetupCC2420Regs(MSEC_SETUP_INFO *pMSI) {
255 BYTE cleartextLength;
256
257 DISABLE_GLOBAL_INT();
258
259 // Configure CC2420 hardware security registers
260 if (pMSI->secMode2420) {
261 if (pMSI->secFlags2420) {
262
263 cleartextLength = pMSI->clearTextLength;
264 FASTSPI_SETREG(CC2420_SECCTRL1, ((cleartextLength) << 8) | (cleartextLength));
265
266 } else {
267 // l(a) = 0 for CBC-MAC
268 FASTSPI_SETREG(CC2420_SECCTRL1, 0);
269 }
270 }
271
272 // Configure CC2420 hardware security registers
273 FASTSPI_SETREG(CC2420_SECCTRL0, CC2420_SECCTRL0_RXFIFO_PROTECTION | CC2420_SECCTRL0_SEC_CBC_HEAD | CC2420_SECCTRL0_TXKEYSEL0 | CC2420_SECCTRL0_RXKEYSEL1 | ((WORD) pMSI->secMode2420));
274 ENABLE_GLOBAL_INT();
275 } // msecSetupCC2420Regs
276
277
278
279
280 //-------------------------------------------------------------------------------------------------------
281 // UINT8 msecProcessSecurityCounters(MAC_TX_PACKET *pPacket, BYTE *pPayload)
282 //
283 // DESCRIPTION:
284 // Inserts frame counter (4 bytes) and key sequence counter (1 byte) into an outgoing frame,
285 // if the security suite is CTR or CCM.
286 // Counters are inserted from the pointer pPayload, and frame counter is incremented.
287 // pPacket->securitySuite is set to FAILED_SECURITY_CHECK if frame counter overflows.
288 //
289 // PARAMETERS:
290 // MAC_TX_PACKET *pPacket
291 // Pointer to the outgoing packet in which security is to be inserted
292 // BYTE *pPayload
293 // Byte pointer to the location where the pointers should be inserted
294 //
295 // RETURN VALUE
296 // UINT8
297 // Number of bytes (0 or 5) inserted into the frame
298 //-------------------------------------------------------------------------------------------------------
299 ROOT UINT8 msecProcessSecurityCounters(MAC_TX_PACKET *pPacket, BYTE *pPayload) {
300 BYTE *pSource;
301 SECURITY_MATERIAL *pSecurityMaterial;
302
303 // Only CTR mode and CCM mode have the security flags set,
304 // and these modes require frame counter / key sequence counter
305 if (pPacket->securitySetup.secFlags2420) {
306
307 // Set up pointer to security material for faster access
308 pSecurityMaterial = pPacket->pSecurityMaterial;
309
310 // Copy the frame counter / key sequence counter into the frame
311 // with the MOST significant byte being transmitted FIRST
312 pSource = (BYTE*) &pSecurityMaterial->frameCounter + 3;
313
314 *(pPayload++) = *(pSource--);
315 *(pPayload++) = *(pSource--);
316 *(pPayload++) = *(pSource--);
317 *(pPayload++) = *(pSource);
318
319 *(pPayload++) = pSecurityMaterial->keySequenceCounter;
320
321 if (pSecurityMaterial->frameCounter == 0xFFFF) {
322 // Frame counter cannot be incremented
323 pPacket->securitySuite = FAILED_SECURITY_CHECK;
324 } else {
325 // Increment frame counter
326 pSecurityMaterial->frameCounter++;
327 }
328
329 pPacket->securitySetup.clearTextLength += 5;
330
331 return 5; // Frame Counter (4 bytes) and Key Sequence Counter (1 byte)
332
333 // No frame counter / key sequence counter
334 } else {
335 return 0;
336 }
337 }
338
339 #endif // MAC_OPT_SECURITY
340
Segment part sizes:
Function/Label Bytes
-------------- -----
0 bytes of memory
Errors: none
Warnings: none
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -