dali/gateway
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add secure transport and OAM router runtime implementations

Browse Source 
- Implement secure transport mechanisms in `gateway_knx_secure_transport.cpp` for handling secure sessions, including AES encryption, session key generation, and secure packet wrapping and unwrapping.
- Introduce `OamRouterRuntime` in `oam_router_runtime.cpp` to manage OAM router identity, individual addresses, and tunnel frame handling.
- Enhance secure session management with functions for session allocation, authentication, and secure packet processing.
- Ensure compatibility with existing KNXnet/IP protocols while adding support for secure communications.

Signed-off-by: Tony <tonylu@tony-cloud.com>
This commit is contained in:
Tony
2026-05-25 08:18:01 +08:00
parent 0467179f70
commit 2b779d5532
22 changed files with 2665 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files
components/gateway_bridge/include/security_storage.h
+28
View File
@@ -3,6 +3,9 @@
#include <cstddef>
#include <cstdint>
#include <string>
#include <vector>
#include "gateway_knx.hpp"
namespace gateway::openknx {
@@ -27,6 +30,14 @@ struct FactoryCertificatePayload {
std::string checksum;
};
struct IpSecureCredentialStatus {
bool activated{false};
bool backboneKeyAvailable{false};
bool deviceAuthenticationKeyAvailable{false};
uint8_t tunnelUserCount{0};
uint64_t routingSequence{0};
};
bool LoadFactoryFdsk(uint8_t* data, size_t len);
FactoryFdskInfo LoadFactoryFdskInfo();
bool GenerateFactoryFdsk(FactoryFdskInfo* info = nullptr);
@@ -34,4 +45,21 @@ bool WriteFactoryFdskHex(const std::string& hex_key, FactoryFdskInfo* info = nul
bool ResetFactoryFdskCache(FactoryFdskInfo* info = nullptr);
FactoryCertificatePayload BuildFactoryCertificatePayload();
bool LoadOamFactoryFdsk(uint8_t* data, size_t len);
FactoryFdskInfo LoadOamFactoryFdskInfo();
bool GenerateOamFactoryFdsk(FactoryFdskInfo* info = nullptr);
bool WriteOamFactoryFdskHex(const std::string& hex_key,
FactoryFdskInfo* info = nullptr);
bool ResetOamFactoryFdskCache(FactoryFdskInfo* info = nullptr);
FactoryCertificatePayload BuildOamFactoryCertificatePayload();
IpSecureCredentialStatus LoadOamIpSecureCredentialStatus();
::gateway::GatewayKnxIpSecureCredentialMaterial LoadOamIpSecureCredentialMaterial();
bool WriteOamIpSecureKeyringHex(const std::string& backbone_key_hex,
const std::vector<std::string>& tunnel_user_key_hex,
const std::string& device_auth_key_hex,
bool activated);
bool StoreOamIpSecureRoutingSequence(uint64_t sequence);
bool ClearOamIpSecureKeyring();
} // namespace gateway::openknx