- L2 GOOSE/SMV security: added code to calculate AES-GMAC (LIB61850-446)

6 months ago · 600ce882ef
parent baba27cd9e
commit 600ce882ef
5 changed files with 89 additions and 5 deletions
--- a/CMakeLists.txt
+++ b/CMakeLists.txt
@ -132,10 +132,10 @@ set(USE_PREBUILD_MBEDTLS 1)
 set(MBEDTLS_INCLUDE_DIR ${CONFIG_EXTERNAL_MBEDTLS_INCLUDE_PATH})
 endif(CONFIG_USE_EXTERNAL_MBEDTLS_DYNLIB)

-if(EXISTS ${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.16)
+if(EXISTS ${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.28)
 set(WITH_MBEDTLS 1)
-set(MBEDTLS_INCLUDE_DIR "${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.16/include")
-endif(EXISTS ${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.16)
+set(MBEDTLS_INCLUDE_DIR "${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.28/include")
+endif(EXISTS ${CMAKE_CURRENT_LIST_DIR}/third_party/mbedtls/mbedtls-2.28)

 if(WITH_MBEDTLS)

--- a/hal/CMakeLists.txt
+++ b/hal/CMakeLists.txt
@ -129,7 +129,7 @@ include_directories(
 if(CONFIG_USE_EXTERNAL_MBEDTLS_DYNLIB)
 link_directories(${CONFIG_EXTERNAL_MBEDTLS_DYNLIB_PATH})
 else()
-file(GLOB tls_SRCS ${CMAKE_CURRENT_LIST_DIR}/../third_party/mbedtls/mbedtls-2.16/library/*.c)
+file(GLOB tls_SRCS ${CMAKE_CURRENT_LIST_DIR}/../third_party/mbedtls/mbedtls-2.28/library/*.c)
 endif(CONFIG_USE_EXTERNAL_MBEDTLS_DYNLIB)

 add_definitions(-DMBEDTLS_CONFIG_FILE="mbedtls_config.h")
--- a/src/goose/goose_sec.c
+++ b/src/goose/goose_sec.c
@ -99,8 +99,15 @@ L2Security_addSecurityExtension(L2Security self, uint8_t* buffer, int start, int
        else if (self->currentSigAlgo == MC_SEC_SIG_ALGO_HMAC_SHA256_256) {
            mACSize = 2 + 32;
        }
+        else if (self->currentSigAlgo == MC_SEC_SIG_ALGO_AES_GMAC_64) {
+            mACSize = 2 + 8;
+        }
+        else if (self->currentSigAlgo == MC_SEC_SIG_ALGO_AES_GMAC_128) {
+            mACSize = 2 + 16;
+        }
        else {
            /* signature algorithm not supported */
+            printf("Signature algorithm not supported\n");
            return 0;
        }

@ -178,11 +185,52 @@ L2Security_addSecurityExtension(L2Security self, uint8_t* buffer, int start, int
                RSessionCrypto_createHMAC(buffer + start, macEnd - start, self->currentKey, self->currentKeySize, buffer + bufPos, 32);
                bufPos += 32;
            }
+            else if (self->currentSigAlgo == MC_SEC_SIG_ALGO_AES_GMAC_64)
+            {
+                /* create IV */
+                uint8_t iv[12];
+                int ivSize = 12;
+
+                if (RSessionCrypto_createRandomData(iv, ivSize) == false) {
+                    printf("ERROR - Failed to create random IV\n");
+                }
+
+                if (RSessionCrypto_createAES_GMAC(self->currentKey, self->currentKeySize, iv, ivSize, buffer + start, macEnd - start, buffer + bufPos, 8) == false)
+                {
+                    printf("ERROR - Failed to create GMAC\n");
+                }
+
+                bufPos += 8;
+            }
+            else if (self->currentSigAlgo == MC_SEC_SIG_ALGO_AES_GMAC_128)
+            {
+                /* create IV */
+                uint8_t iv[12];
+                int ivSize = 12;
+
+                if (RSessionCrypto_createRandomData(iv, ivSize) == false) {
+                    printf("ERROR - Failed to create random IV\n");
+                }
+
+                if (RSessionCrypto_createAES_GMAC(self->currentKey, self->currentKeySize, iv, ivSize, buffer + start, macEnd - start, buffer + bufPos, 16) == false)
+                {
+                    printf("ERROR - Failed to create GMAC\n");
+                }
+
+                bufPos += 16;
+            }
+            else {
+                /* signature algorithm not supported */
+                printf("Signature algorithm not supported\n");
+                return 0;
+            }
        }

        return securityExtensionSize + 2;
    }
-    else {
+    else
+    {
+        printf("L2_SECURITY: no signature algorithm set\n");
        return 0;
    }
 }
--- a/src/r_session/r_session_crypto.h
+++ b/src/r_session/r_session_crypto.h
@ -32,6 +32,9 @@
 LIB61850_INTERNAL bool
 RSessionCrypto_createHMAC(uint8_t* buffer, int bufSize, uint8_t* key, int keySize, uint8_t* hmac, int hmacMaxSize);

+LIB61850_INTERNAL bool
+RSessionCrypto_createAES_GMAC(uint8_t* key, int keySize, uint8_t* iv, int ivSize, uint8_t* addData, int addDataSize, uint8_t* tag, int tagSize);
+
 LIB61850_INTERNAL bool
 RSessionCrypto_gcmEncryptAndTag(uint8_t* key, int keySize, uint8_t* iv, int ivSize, uint8_t* addData, int addDataSize, uint8_t* encryptData, int encryptDataSize, uint8_t* tag, int tagSize);

--- a/src/r_session/r_session_crypto_mbedtls.c
+++ b/src/r_session/r_session_crypto_mbedtls.c
@ -72,6 +72,39 @@ RSessionCrypto_createHMAC(uint8_t* buffer, int bufSize, uint8_t* key, int keySiz
    return true;
 }

+bool
+RSessionCrypto_createAES_GMAC(uint8_t* key, int keySize, uint8_t* iv, int ivSize, uint8_t* addData, int addDataSize, uint8_t* tag, int tagSize)
+{
+    mbedtls_gcm_context gcmCtx;
+
+    mbedtls_gcm_init(&gcmCtx);
+
+    if (mbedtls_gcm_setkey(&gcmCtx, MBEDTLS_CIPHER_ID_AES , (const unsigned char*) key, keySize * 8))
+    {
+        printf("AES-GCM: Failed to set key\n");
+        mbedtls_gcm_free(&gcmCtx);
+        return false;
+    }
+
+    if (mbedtls_gcm_starts(&gcmCtx, MBEDTLS_GCM_ENCRYPT, iv, ivSize, addData, addDataSize))
+    {
+        printf("AES-GCM: Failed to start tag calculation\n");
+        mbedtls_gcm_free(&gcmCtx);
+        return false;
+    }
+
+    if (mbedtls_gcm_finish(&gcmCtx, tag, tagSize))
+    {
+        printf("AES-GCM: Failed to finish tag calculation\n");
+        mbedtls_gcm_free(&gcmCtx);
+        return false;
+    }
+
+    mbedtls_gcm_free(&gcmCtx);
+
+    return true;
+}
+
 bool
 RSessionCrypto_gcmEncryptAndTag(uint8_t* key, int keySize, uint8_t* iv, int ivSize, uint8_t* addData, int addDataSize, uint8_t* encryptData, int encryptDataSize, uint8_t* tag, int tagSize)
 {