CCM* module now accepts fixed-size 13-byte nonces

also adjusted variable naming conventions in CCM* module
to use 'nonce' and 'iv' in line with RFC 3610 terminology

core/lib/ccm-star.c

@@ -45,30 +45,26 @@
 /* see RFC 3610 */
 #define CCM_STAR_AUTH_FLAGS(Adata, M) ((Adata ? (1u << 6) : 0) | (((M - 2u) >> 1) << 3) | 1u)
 #define CCM_STAR_ENCRYPTION_FLAGS     1
-#define CCM_STAR_NONCE_MAX_IV_LENGTH  13
 
 /*---------------------------------------------------------------------------*/
 static void
-set_nonce(uint8_t *nonce,
+set_nonce(uint8_t *iv,
     uint8_t flags,
-    const uint8_t *iv, uint8_t iv_len,
+    const uint8_t *nonce,
     uint8_t counter)
 {
   /* 1 byte||          8 bytes        ||    4 bytes    || 1 byte  || 2 bytes */
   /* flags || extended_source_address || frame_counter || sec_lvl || counter */
 
-  if(iv_len > CCM_STAR_NONCE_MAX_IV_LENGTH)
+  iv[0] = flags;
-    iv_len = CCM_STAR_NONCE_MAX_IV_LENGTH;
+  memcpy(iv + 1, nonce, CCM_STAR_NONCE_LENGTH);
-
+  iv[14] = 0;
-  nonce[0] = flags;
+  iv[15] = counter;
-  memcpy(nonce + 1, iv, iv_len);
-  memset(nonce + iv_len + 1, 0, 16 - (1 + 1 + iv_len));
-  nonce[15] = counter;
 }
 /*---------------------------------------------------------------------------*/
 /* XORs the block m[pos] ... m[pos + 15] with K_{counter} */
 static void
-ctr_step(const uint8_t *iv, uint8_t iv_len,
+ctr_step(const uint8_t *nonce,
     uint8_t pos,
     uint8_t *m_and_result,
     uint8_t m_len,
@@ -77,7 +73,7 @@ ctr_step(const uint8_t *iv, uint8_t iv_len,
   uint8_t a[AES_128_BLOCK_SIZE];
   uint8_t i;
   
-  set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, iv, iv_len, counter);
+  set_nonce(a, CCM_STAR_ENCRYPTION_FLAGS, nonce, counter);
   AES_128.encrypt(a);
   
   for(i = 0; (pos + i < m_len) && (i < AES_128_BLOCK_SIZE); i++) {
@@ -86,9 +82,9 @@ ctr_step(const uint8_t *iv, uint8_t iv_len,
 }
 /*---------------------------------------------------------------------------*/
 static void
-mic(const uint8_t* m,  uint8_t m_len,
+mic(const uint8_t *m,  uint8_t m_len,
-    const uint8_t* iv, uint8_t iv_len,
+    const uint8_t *nonce,
-    const uint8_t* a,  uint8_t a_len,
+    const uint8_t *a,  uint8_t a_len,
     uint8_t *result,
     uint8_t mic_len)
 {
@@ -96,10 +92,7 @@ mic(const uint8_t* m,  uint8_t m_len,
   uint8_t pos;
   uint8_t i;
   
-  set_nonce(x,
+  set_nonce(x, CCM_STAR_AUTH_FLAGS(a_len, mic_len), nonce, m_len);
-      CCM_STAR_AUTH_FLAGS(a_len, mic_len),
-      iv, iv_len,
-      m_len);
   AES_128.encrypt(x);
   
   if(a_len > 0) {
@@ -132,13 +125,13 @@ mic(const uint8_t* m,  uint8_t m_len,
     }
   }
   
-  ctr_step(iv, iv_len, 0, x, AES_128_BLOCK_SIZE, 0);
+  ctr_step(nonce, 0, x, AES_128_BLOCK_SIZE, 0);
   
   memcpy(result, x, mic_len);
 }
 /*---------------------------------------------------------------------------*/
 static void
-ctr(uint8_t* m, uint8_t m_len, const uint8_t* iv, uint8_t iv_len)
+ctr(uint8_t *m, uint8_t m_len, const uint8_t* nonce)
 {
   uint8_t pos;
   uint8_t counter;
@@ -146,12 +139,12 @@ ctr(uint8_t* m, uint8_t m_len, const uint8_t* iv, uint8_t iv_len)
   pos = 0;
   counter = 1;
   while(pos < m_len) {
-    ctr_step(iv, iv_len, pos, m, m_len, counter++);
+    ctr_step(nonce, pos, m, m_len, counter++);
     pos += AES_128_BLOCK_SIZE;
   }
 }
 /*---------------------------------------------------------------------------*/
-static void set_key(const uint8_t* key) {
+static void set_key(const uint8_t *key) {
     AES_128.set_key((uint8_t*)key);
 }
 /*---------------------------------------------------------------------------*/

core/lib/ccm-star.h

@@ -48,6 +48,8 @@
 #define CCM_STAR ccm_star_driver
 #endif /* CCM_STAR_CONF */
 
+#define CCM_STAR_NONCE_LENGTH 13
+
 /**
  * Structure of CCM* drivers.
  */
@@ -57,13 +59,12 @@ struct ccm_star_driver {
     * \brief             Generates a MIC over the data supplied.
     * \param data        The data buffer to read.
     * \param data_length The data buffer length.
-    * \param iv          The IV to use.
+    * \param nonce       The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
-    * \param iv_length   The IV's length.
     * \param result      The generated MIC will be put here
     * \param mic_len     The size of the MIC to be generated. <= 16.
     */
   void (* mic)(const uint8_t* data, uint8_t data_length,
-      const uint8_t* iv,   uint8_t iv_len,
+      const uint8_t* nonce,
       const uint8_t* add,  uint8_t add_len,
       uint8_t *result,
       uint8_t mic_len);
@@ -72,13 +73,10 @@ struct ccm_star_driver {
    * \brief XORs the frame in the packetbuf with the key stream.
    * \param data        The data buffer to read.
    * \param data_length The data buffer length.
-   * \param iv          The IV to use.
+   * \param nonce       The nonce to use. CCM_STAR_NONCE_LENGTH bytes long.
-   * \param iv_length   The IV's length.
-   * \param mic         Output buffer to hold the MIC to be generated.
-   * \param mic_len     The size of the MIC to be generated. <= 16.
    */
   void (* ctr)(      uint8_t* data, uint8_t data_length,
-               const uint8_t* iv,   uint8_t iv_len);
+               const uint8_t* nonce);
   
   /**
    * \brief Sets the key in use. Default implementation calls AES_128.set_key()

core/net/llsec/ccm-star-packetbuf.c

@@ -18,19 +18,19 @@ void ccm_star_mic_packetbuf(const uint8_t *extended_source_address,
   uint8_t data_len = packetbuf_datalen();
   uint8_t *headerptr = packetbuf_hdrptr();
   uint8_t header_len = packetbuf_hdrlen();
-  uint8_t iv[13];
+  uint8_t nonce[CCM_STAR_NONCE_LENGTH];
   
-  memcpy(iv, extended_source_address, 8);
+  memcpy(nonce, extended_source_address, 8);
-  iv[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
+  nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
-  iv[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
+  nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
-  iv[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
+  nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
-  iv[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
+  nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
-  iv[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
+  nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
 
   if(packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL) & (1 << 2)) {
-    CCM_STAR.mic(dataptr, data_len, iv, 13, headerptr, header_len, result, mic_len);
+    CCM_STAR.mic(dataptr, data_len, nonce, headerptr, header_len, result, mic_len);
   } else {
-    CCM_STAR.mic(dataptr, 0, iv, 13, headerptr, packetbuf_totlen(), result, mic_len);
+    CCM_STAR.mic(dataptr, 0, nonce, headerptr, packetbuf_totlen(), result, mic_len);
   }
 }
 /*---------------------------------------------------------------------------*/
@@ -38,15 +38,15 @@ void ccm_star_ctr_packetbuf(const uint8_t *extended_source_address)
 {
   uint8_t *dataptr = packetbuf_dataptr();
   uint8_t data_len = packetbuf_datalen();
-  uint8_t iv[13];
+  uint8_t nonce[CCM_STAR_NONCE_LENGTH];
   
-  memcpy(iv, extended_source_address, 8);
+  memcpy(nonce, extended_source_address, 8);
-  iv[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
+  nonce[8] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) >> 8;
-  iv[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
+  nonce[9] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_2_3) & 0xff;
-  iv[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
+  nonce[10] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) >> 8;
-  iv[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
+  nonce[11] = packetbuf_attr(PACKETBUF_ATTR_FRAME_COUNTER_BYTES_0_1) & 0xff;
-  iv[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
+  nonce[12] = packetbuf_attr(PACKETBUF_ATTR_SECURITY_LEVEL);
 
-  CCM_STAR.ctr(dataptr, data_len, iv, 13);
+  CCM_STAR.ctr(dataptr, data_len, nonce);
 }
 /*---------------------------------------------------------------------------*/