Paparazzi UAS
v7.0_unstable
Paparazzi is a free software Unmanned Aircraft System.
|
Datalink using Galois Embedded Crypto. More...
#include "pprzlink/pprzlink_transport.h"
#include "pprzlink/pprz_transport.h"
#include "modules/datalink/gec/gec.h"
#include "pprz_mutex.h"
#include "mcu_periph/uart.h"
Go to the source code of this file.
Data Structures | |
struct | gec_whitelist |
Whitelist for sending and receiving unencrypted messages (mostly for KEY_EXCHANGE messages) More... | |
struct | gec_transport |
Macros | |
#define | KEY_EXCHANGE_MSG_ID_UAV 239 |
#define | KEY_EXCHANGE_MSG_ID_GCS 159 |
#define | WHITELIST_LEN 20 |
Functions | |
void | gec_dl_init (void) |
Init function. More... | |
void | gec_dl_event (void) |
Datalink Event. More... | |
void | gec_transport_init (struct gec_transport *t) |
void | gec_check_and_parse (struct link_device *dev, struct gec_transport *trans, uint8_t *buf, bool *msg_available) |
Parsing a frame data and copy the payload to the datalink buffer. More... | |
void | gec_process_sts_msg (struct link_device *dev, struct gec_transport *trans, uint8_t *buf) |
void | respond_sts (struct link_device *dev, struct gec_transport *trans, uint8_t *buf) |
void | finish_sts (struct link_device *dev, struct gec_transport *trans, uint8_t *buf) |
void | gec_add_to_whitelist (struct gec_whitelist *whitelist, uint8_t id) |
bool | gec_is_in_the_whitelist (struct gec_whitelist *whitelist, uint8_t id) |
bool | gec_decrypt_message (uint8_t *buf, volatile uint8_t *payload_len) |
Attemp message decryption If a message is unencrypted, pass it through only if the MSG_ID is in the whitelist Returns Pprzlink message bytes (source_ID . More... | |
bool | gec_encrypt_message (uint8_t *buf, uint8_t *payload_len) |
Attempts message encryption Adds crypto_byte, counter and tag Returns encrypted pprzlink message (crypto_byte . More... | |
void | gec_process_msg1 (uint8_t *buf) |
NOTE: for RESPONDER party only Process incoming message (expected MSG1) if the right (KEY_EXCHANGE) message received with the right data (P_AE) and the right P_AE.len=PPRZ_KEY_LEN, the internal state of Sts gets updated (key derivation etc), and msg2 is prepared to be sent. More... | |
bool | gec_process_msg3 (uint8_t *buf) |
Process incoming message (expected MSG3) if the right (KEY_EXCHANGE) message received with the right data (SIG) and the right SIG.len=PPRZ_SIGN_LEN, and the signature is verified, Ok() is returned. More... | |
Variables | |
struct gec_transport | gec_tp |
PPRZ transport structure. More... | |
Datalink using Galois Embedded Crypto.
Definition in file gec_dl.h.
struct gec_whitelist |
Whitelist for sending and receiving unencrypted messages (mostly for KEY_EXCHANGE messages)
Data Fields | ||
---|---|---|
uint8_t | idx | |
bool | init | |
uint8_t | whitelist[WHITELIST_LEN] |
struct message_buffer |
void finish_sts | ( | struct link_device * | dev, |
struct gec_transport * | trans, | ||
uint8_t * | buf | ||
) |
void gec_add_to_whitelist | ( | struct gec_whitelist * | whitelist, |
uint8_t | id | ||
) |
Definition at line 800 of file gec_dl.c.
References gec_whitelist::idx, gec_whitelist::init, gec_whitelist::whitelist, and WHITELIST_LEN.
Referenced by gec_transport_init().
void gec_check_and_parse | ( | struct link_device * | dev, |
struct gec_transport * | trans, | ||
uint8_t * | buf, | ||
bool * | msg_available | ||
) |
Parsing a frame data and copy the payload to the datalink buffer.
Attemp message decryption If a message is unencrypted, pass it through only if the MSG_ID is in the whitelist Returns Pprzlink message bytes (source_ID .
. msg payload)
Input: expects (CRYPTO_BYTE .. MSG_DATA .. optional TAG) Output: returns stripped message (SENDER_ID .. MSG_PAYLOAD)
Definition at line 430 of file gec_dl.c.
References gec_sym_key::counter, counter, gec_sts_ctx::decrypt_err, gec_bytes_to_counter(), gec_is_in_the_whitelist(), gec_tp, gec_sym_key::key, gec_sym_key::nonce, PPRZ_AUTH_IDX, PPRZ_CNTR_IDX, PPRZ_CRYPTO_OVERHEAD, PPRZ_GEC_IDX, PPRZ_MAC_LEN, PPRZ_MSG_TYPE_ENCRYPTED, PPRZ_MSG_TYPE_PLAINTEXT, gec_sym_key::ready, gec_sts_ctx::rx_counter_err, gec_sts_ctx::rx_sym_key, gec_transport::sts, and gec_transport::whitelist.
Referenced by gec_dl_event().
void gec_dl_event | ( | void | ) |
Datalink Event.
Datalink Event.
While the status != Crypto_OK no message is returned, and all logic is handled internally. Returned message has format of Pprzlink 2.0
or Pprzlink 1.0
and can be directly processed by a parser
NOTE: the KEY_EXCHANGE messages are whitelisted and thus pass through the "decryption" even if they are in plaintext and after the key exchange is established. This is not a problem, because we don't act on them. It would be good to limit "sending" them from other processes, but for now lets assume nobody will want to send this message.
In the future, the KEY_EXCHANGE messages should be handled even in CRYPTO_OK mode and acted upon accordingly (i.e. the key renegotiation will be possible). For now, I am keeping this note here as a reminder.
Definition at line 533 of file gec_dl.c.
References CRYPTO_OK, DatalinkFillDlBuffer, dl_buffer, dl_msg_available, DlCheckAndParse(), DOWNLINK_DEVICE, gec_decrypt_message(), gec_process_msg1(), gec_process_msg3(), gec_tp, GEC_UPDATE_DL, LED_ON, gec_transport::pprz_tp, gec_sts_ctx::protocol_stage, gec_transport::sts, gec_transport::trans_rx, gec_transport::trans_tx, WAIT_MSG1, and WAIT_MSG3.
void gec_dl_init | ( | void | ) |
Init function.
Definition at line 345 of file gec_dl.c.
References DefaultPeriodic, gec_sts_init(), gec_tp, gec_transport_init(), LED_OFF, gec_transport::pprz_tp, register_periodic_telemetry(), send_secure_link_info(), and gec_transport::sts.
Attempts message encryption Adds crypto_byte, counter and tag Returns encrypted pprzlink message (crypto_byte .
. tag) in the same buffer as was the incoming message
Definition at line 371 of file gec_dl.c.
References gec_sym_key::counter, counter, gec_sts_ctx::encrypt_err, gec_counter_to_bytes(), gec_tp, gec_sym_key::key, gec_sym_key::nonce, PPRZ_AUTH_IDX, PPRZ_CNTR_IDX, PPRZ_CRYPTO_OVERHEAD, PPRZ_GEC_IDX, PPRZ_MAC_LEN, PPRZ_MSG_TYPE_ENCRYPTED, gec_sym_key::ready, gec_transport::sts, and gec_sts_ctx::tx_sym_key.
bool gec_is_in_the_whitelist | ( | struct gec_whitelist * | whitelist, |
uint8_t | id | ||
) |
Definition at line 814 of file gec_dl.c.
References gec_whitelist::idx, gec_whitelist::init, and gec_whitelist::whitelist.
Referenced by gec_decrypt_message().
void gec_process_msg1 | ( | uint8_t * | buf | ) |
NOTE: for RESPONDER party only Process incoming message (expected MSG1) if the right (KEY_EXCHANGE) message received with the right data (P_AE) and the right P_AE.len=PPRZ_KEY_LEN, the internal state of Sts gets updated (key derivation etc), and msg2 is prepared to be sent.
Input: decrypted message (source_ID .. msg payload) If all good, it sends response message
Definition at line 597 of file gec_dl.c.
References DOWNLINK_DEVICE, gec_derive_key_material(), gec_generate_ephemeral_keys(), gec_tp, gec_sym_key::key, gec_sts_ctx::last_error, MSG1_ENCRYPT_ERROR, gec_sts_ctx::my_private_ephemeral, gec_sts_ctx::my_private_key, gec_sym_key::nonce, P_AE, P_BE, PPRZ_GEC_IDX, PPRZ_KEY_LEN, PPRZ_MAC_LEN, PPRZ_MSG_TYPE_PLAINTEXT, PPRZ_SIGN_LEN, gec_transport::pprz_tp, gec_privkey::priv, gec_sts_ctx::protocol_stage, gec_privkey::pub, gec_pubkey::pub, gec_privkey::ready, gec_pubkey::ready, gec_transport::sts, gec_sts_ctx::their_public_ephemeral, gec_transport::tx_msg, gec_transport::tx_msg_idx, gec_sts_ctx::tx_sym_key, UNEXPECTED_MSG_DATA_ERROR, UNEXPECTED_MSG_ERROR, UNEXPECTED_MSG_TYPE_ERROR, and WAIT_MSG3.
Referenced by gec_dl_event().
bool gec_process_msg3 | ( | uint8_t * | buf | ) |
Process incoming message (expected MSG3) if the right (KEY_EXCHANGE) message received with the right data (SIG) and the right SIG.len=PPRZ_SIGN_LEN, and the signature is verified, Ok() is returned.
Input: decrypted message (source_ID .. msg payload) Returns true if this party is ready for communication
Definition at line 744 of file gec_dl.c.
References gec_tp, gec_sym_key::key, gec_sts_ctx::last_error, MSG3_DECRYPT_ERROR, MSG3_SIGNVERIFY_ERROR, gec_sts_ctx::my_private_ephemeral, gec_sym_key::nonce, PPRZ_KEY_LEN, PPRZ_MAC_LEN, PPRZ_SIGN_LEN, gec_privkey::pub, gec_pubkey::pub, gec_sts_ctx::rx_sym_key, SIG, sign(), gec_transport::sts, gec_sts_ctx::their_public_ephemeral, gec_sts_ctx::their_public_key, UNEXPECTED_MSG_DATA_ERROR, UNEXPECTED_MSG_ERROR, and UNEXPECTED_MSG_TYPE_ERROR.
Referenced by gec_dl_event().
void gec_process_sts_msg | ( | struct link_device * | dev, |
struct gec_transport * | trans, | ||
uint8_t * | buf | ||
) |
void gec_transport_init | ( | struct gec_transport * | t | ) |
Definition at line 325 of file gec_dl.c.
References gec_add_to_whitelist(), KEY_EXCHANGE_MSG_ID_GCS, KEY_EXCHANGE_MSG_ID_UAV, PPRZ_MUTEX_INIT, gec_transport::trans_rx, gec_transport::trans_tx, and gec_transport::whitelist.
Referenced by gec_dl_init().
void respond_sts | ( | struct link_device * | dev, |
struct gec_transport * | trans, | ||
uint8_t * | buf | ||
) |
|
extern |
PPRZ transport structure.
Definition at line 1 of file gec_dl.c.
Referenced by gec_decrypt_message(), gec_dl_event(), gec_dl_init(), gec_encrypt_message(), gec_process_msg1(), gec_process_msg3(), and send_secure_link_info().