2022-05-20 00:28:07 -04:00
|
|
|
/*
|
|
|
|
|
* SPDX-FileCopyrightText: 2018-2022 Espressif Systems (Shanghai) CO LTD
|
|
|
|
|
*
|
|
|
|
|
* SPDX-License-Identifier: Apache-2.0
|
|
|
|
|
*/
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
#pragma once
|
|
|
|
|
|
|
|
|
|
#include <esp_err.h>
|
2023-05-18 03:55:08 -04:00
|
|
|
#include "esp_event.h"
|
2018-07-30 12:03:10 -04:00
|
|
|
|
2019-01-28 04:48:47 -05:00
|
|
|
#ifdef __cplusplus
|
|
|
|
|
extern "C" {
|
|
|
|
|
#endif
|
|
|
|
|
|
2023-05-18 03:55:08 -04:00
|
|
|
ESP_EVENT_DECLARE_BASE(PROTOCOMM_SECURITY_SESSION_EVENT);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @brief Events generated by the protocomm security layer
|
|
|
|
|
*
|
|
|
|
|
* These events are generated while establishing secured session.
|
|
|
|
|
*/
|
|
|
|
|
typedef enum {
|
|
|
|
|
PROTOCOMM_SECURITY_SESSION_SETUP_OK, /**< Secured session established successfully */
|
|
|
|
|
PROTOCOMM_SECURITY_SESSION_INVALID_SECURITY_PARAMS, /**< Received invalid (NULL) security parameters (username / client public-key) */
|
|
|
|
|
PROTOCOMM_SECURITY_SESSION_CREDENTIALS_MISMATCH, /**< Received incorrect credentials (username / PoP) */
|
|
|
|
|
} protocomm_security_session_event_t;
|
|
|
|
|
|
2018-07-30 12:03:10 -04:00
|
|
|
/**
|
2022-05-20 00:28:07 -04:00
|
|
|
* @brief Protocomm Security 1 parameters: Proof Of Possession
|
2018-07-30 12:03:10 -04:00
|
|
|
*/
|
2022-05-20 00:28:07 -04:00
|
|
|
typedef struct protocomm_security1_params {
|
2018-07-30 12:03:10 -04:00
|
|
|
/**
|
|
|
|
|
* Pointer to buffer containing the proof of possession data
|
|
|
|
|
*/
|
|
|
|
|
const uint8_t *data;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Length (in bytes) of the proof of possession data
|
|
|
|
|
*/
|
|
|
|
|
uint16_t len;
|
2022-05-20 00:28:07 -04:00
|
|
|
} protocomm_security1_params_t;
|
|
|
|
|
|
|
|
|
|
typedef protocomm_security1_params_t protocomm_security_pop_t __attribute__((deprecated("Use protocomm_security1_params_t instead")));
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @brief Protocomm Security 2 parameters: Salt and Verifier
|
|
|
|
|
*
|
|
|
|
|
*/
|
|
|
|
|
typedef struct protocomm_security2_params {
|
|
|
|
|
/**
|
|
|
|
|
* Pointer to the buffer containing the salt
|
|
|
|
|
*/
|
|
|
|
|
const char *salt;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Length (in bytes) of the salt
|
|
|
|
|
*/
|
|
|
|
|
uint16_t salt_len;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Pointer to the buffer containing the verifier
|
|
|
|
|
*/
|
|
|
|
|
const char *verifier;
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Length (in bytes) of the verifier
|
|
|
|
|
*/
|
|
|
|
|
uint16_t verifier_len;
|
|
|
|
|
} protocomm_security2_params_t;
|
2018-07-30 12:03:10 -04:00
|
|
|
|
2019-04-12 08:02:38 -04:00
|
|
|
typedef void * protocomm_security_handle_t;
|
|
|
|
|
|
2018-07-30 12:03:10 -04:00
|
|
|
/**
|
|
|
|
|
* @brief Protocomm security object structure.
|
|
|
|
|
*
|
|
|
|
|
* The member functions are used for implementing secure
|
|
|
|
|
* protocomm sessions.
|
|
|
|
|
*
|
|
|
|
|
* @note This structure should not have any dynamic
|
|
|
|
|
* members to allow re-entrancy
|
|
|
|
|
*/
|
|
|
|
|
typedef struct protocomm_security {
|
|
|
|
|
/**
|
2019-02-08 04:51:33 -05:00
|
|
|
* Unique version number of security implementation
|
2018-07-30 12:03:10 -04:00
|
|
|
*/
|
|
|
|
|
int ver;
|
|
|
|
|
|
|
|
|
|
/**
|
2019-02-08 04:51:33 -05:00
|
|
|
* Function for initializing/allocating security
|
2018-07-30 12:03:10 -04:00
|
|
|
* infrastructure
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*init)(protocomm_security_handle_t *handle);
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Function for deallocating security infrastructure
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*cleanup)(protocomm_security_handle_t handle);
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Starts new secure transport session with specified ID
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*new_transport_session)(protocomm_security_handle_t handle,
|
|
|
|
|
uint32_t session_id);
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Closes a secure transport session with specified ID
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*close_transport_session)(protocomm_security_handle_t handle,
|
|
|
|
|
uint32_t session_id);
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Handler function for authenticating connection
|
|
|
|
|
* request and establishing secure session
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*security_req_handler)(protocomm_security_handle_t handle,
|
2022-05-20 00:28:07 -04:00
|
|
|
const void *sec_params,
|
2018-07-30 12:03:10 -04:00
|
|
|
uint32_t session_id,
|
|
|
|
|
const uint8_t *inbuf, ssize_t inlen,
|
|
|
|
|
uint8_t **outbuf, ssize_t *outlen,
|
|
|
|
|
void *priv_data);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Function which implements the encryption algorithm
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*encrypt)(protocomm_security_handle_t handle,
|
|
|
|
|
uint32_t session_id,
|
2018-07-30 12:03:10 -04:00
|
|
|
const uint8_t *inbuf, ssize_t inlen,
|
2022-05-20 00:28:07 -04:00
|
|
|
uint8_t **outbuf, ssize_t *outlen);
|
2018-07-30 12:03:10 -04:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Function which implements the decryption algorithm
|
|
|
|
|
*/
|
2019-04-12 08:02:38 -04:00
|
|
|
esp_err_t (*decrypt)(protocomm_security_handle_t handle,
|
|
|
|
|
uint32_t session_id,
|
2018-07-30 12:03:10 -04:00
|
|
|
const uint8_t *inbuf, ssize_t inlen,
|
2022-05-20 00:28:07 -04:00
|
|
|
uint8_t **outbuf, ssize_t *outlen);
|
2018-07-30 12:03:10 -04:00
|
|
|
} protocomm_security_t;
|
2019-01-28 04:48:47 -05:00
|
|
|
|
|
|
|
|
#ifdef __cplusplus
|
|
|
|
|
}
|
|
|
|
|
#endif
|
