1 /*
2    Copyright (c) 2022 Eriptic Technologies. See the COPYRIGHT
3    file at the top-level directory of this distribution.
4 
5    Licensed under the Apache License, Version 2.0 <LICENSE-APACHE or
6    http://www.apache.org/licenses/LICENSE-2.0> or the MIT license
7    <LICENSE-MIT or http://opensource.org/licenses/MIT>, at your
8    option. This file may not be copied, modified, or distributed
9    except according to those terms.
10 */
11 
12 #ifndef NVM_H
13 #define NVM_H
14 
15 #include "common/byte_array.h"
16 #include "common/oscore_edhoc_error.h"
17 
18 /**
19  * @brief Public fields of the security context which can be used to find the right slot in the NVM.
20  *        The usage of given fields is up to user's implementation.
21  *        For more details, see nvm_write_ssn and nvm_read_ssn.
22  */
23 struct nvm_key_t {
24 	struct byte_array sender_id;
25 	struct byte_array recipient_id;
26 	struct byte_array id_context;
27 };
28 
29 #ifdef OSCORE_NVM_SUPPORT
30 /**
31 * @brief When the same OSCORE master secret and salt are reused through
32 *        several reboots of the device, e.g., no fresh shared secret is
33 *        derived through EDHOC (or some other method) the Sender Sequence
34 *        Number MUST be stored periodically in NVM.
35 * @param nvm_key part of the context that is permitted to be used for identifying the right store slot in NVM.
36 * @param	ssn SSN to be written in NVM.
37 * @retval ok or error code if storing the SSN was not possible.
38 */
39 enum err nvm_write_ssn(const struct nvm_key_t *nvm_key, uint64_t ssn);
40 
41 /**
42 * @brief When the same OSCORE master secret and salt are reused through
43 *        several reboots of the device, e.g., no fresh shared secret is
44 *        derived through EDHOC (or some other method) the Sender Sequence
45 *        Number MUST be restored from NVM at each reboot.
46 * @param nvm_key part of the context that is permitted to be used for identifying the right store slot in NVM.
47 * @param	ssn SSN to be read out from NVM.
48 * @retval ok or error code if the retrieving the SSN was not possible.
49 */
50 enum err nvm_read_ssn(const struct nvm_key_t *nvm_key, uint64_t *ssn);
51 
52 /**
53  * @brief Periodically stores the SSN in NVM (if needed).
54  *
55  * @param nvm_key part of the context that is permitted to be used for identifying the right store slot in NVM.
56  * @param ssn SSN to be written in NVM.
57  * @param echo_sync_in_progress Indicates if the device is still in the ECHO synchronization mode.
58  * @return enum err
59  */
60 enum err ssn_store_in_nvm(const struct nvm_key_t *nvm_key, uint64_t ssn,
61 			  bool echo_sync_in_progress);
62 #endif
63 
64 /**
65  * @brief Initializes the SSN depending on context freshness.
66  * @param nvm_key part of the context that is permitted to be used for identifying the right store slot in NVM.
67  * @param ssn Pointer which will be updated with the value read from NVM.
68  * @param is_context_fresh Indicates if the context is fresh, or the value needs to be retrieved from NVM.
69  * @retval error code
70 */
71 enum err ssn_init(const struct nvm_key_t *nvm_key, uint64_t *ssn,
72 		  bool is_context_fresh);
73 
74 #endif
75