/*---------------------------------------------------------------------------*/ static int verify_broadcast(struct akes_nbr *sender) { uint8_t mic[ADAPTIVESEC_BROADCAST_MIC_LEN]; #if WITH_BROADCAST_ENCRYPTION adaptivesec_aead(sender->group_key, 1, mic, 0); #endif /* WITH_BROADCAST_ENCRYPTION */ adaptivesec_aead(sender->pairwise_key, 0, mic, 0); return !is_mic_stored(mic); }
/*---------------------------------------------------------------------------*/ static enum cmd_broker_result on_command(uint8_t cmd_id, uint8_t *payload) { struct akes_nbr_entry *entry; uint8_t *max_payload; if(cmd_id != CORESEC_STRATEGY_ANNOUNCE_IDENTIFIER) { return CMD_BROKER_UNCONSUMED; } entry = akes_nbr_get_sender_entry(); if(!entry || !entry->permanent) { return CMD_BROKER_ERROR; } PRINTF("coresec-strategy: Received ANNOUNCE\n"); /* calculate CCM*-MIC location */ payload += 1 + (entry->permanent->foreign_index * ADAPTIVESEC_BROADCAST_MIC_LEN); /* check if CCM*-MIC location is within ANNOUNCE */ max_payload = ((uint8_t *)packetbuf_dataptr()) + packetbuf_datalen() - 1; if(payload + ADAPTIVESEC_BROADCAST_MIC_LEN - 1 > max_payload) { PRINTF("coresec-strategy: Out of bounds\n"); return CMD_BROKER_ERROR; } /* * check if contained CCM*-MIC is already stored, e.g., * due to duplicated ANNOUNCE */ if(is_mic_stored(payload)) { PRINTF("coresec-strategy: Already stored\n"); return CMD_BROKER_ERROR; } /* store CCM*-MIC */ memcpy(mics[next_mic_index].u8, payload, ADAPTIVESEC_BROADCAST_MIC_LEN); if(++next_mic_index == MAX_BUFFERED_MICS) { next_mic_index = 0; } return CMD_BROKER_CONSUMED; }
/*---------------------------------------------------------------------------*/ static int decrypt_verify_broadcast(struct neighbor *sender) { uint8_t mic[ADAPTIVESEC_BROADCAST_MIC_LEN]; if((packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & 3) != (ADAPTIVESEC_BROADCAST_SEC_LVL & 3)) { PRINTF("coresec-strategy: Wrong security level\n"); return 0; } #if WITH_BROADCAST_ENCRYPTION if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) { adaptivesec_aead(sender->group_key, 1, mic, 0); } #endif /* WITH_BROADCAST_ENCRYPTION */ adaptivesec_aead(sender->pairwise_key, 0, mic, 0); return is_mic_stored(mic); }