ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
17,106 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

452 Commits (2a9923f86e069dcad9c19f511e76d39e1f38b51c)

Author SHA1 Message Date
paul-szczepanek-arm 473482d204 move securitydb into generic 2018-05-10 11:08:31 +01:00
Paul Szczepanek 2b02148ab6
Merge branch 'master' into security-manager-dev 2018-05-09 11:23:28 +01:00
Paul Szczepanek 9a0a0865a6
Merge branch 'security-manager-dev' into sm-privacy-nordic 2018-05-08 18:01:41 +01:00
Paul Szczepanek 214656a9ee
fix case in #include 2018-05-08 17:56:38 +01:00
Paul Szczepanek 1a35f3e217
fixed case in name 2018-05-08 17:49:22 +01:00
Vincent Coubard b5e8d4eacb Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-03 09:26:36 +01:00
Vincent Coubard 4e5639f5ca BLE: Support encryption with secure connection key. 2018-05-02 17:51:48 +01:00
Donatien Garnier ba0f18c9ab Fix casing in MemorySecurityDb.h 2018-05-02 17:39:10 +01:00
Vincent Coubard 74bc214961 BLE - Security Manager PAL: Add a function to remove the peer csrk. 
If the the upper layer has registered a peer csrk on the pal security manager then it must remove it once the connection is closed.

This API allows the upper layer to remove the peer csrk registered earlier.
 2018-05-01 11:27:38 +01:00
Vincent Coubard 1e277bad50 BLE: Lookup for non identity addresses when a secure entry is opened. 
A peer may not share a valid IRK and identity address during pairing (in that case the identity address received is all zeros). When this happens, the entry must be retrieved by looking at the address used by the peer during the connection.
 2018-05-01 11:24:44 +01:00
Vincent Coubard c4b78ada0e BLE: Set default mac address to 00:00:00:00:00:00 
Both mac addresses are invalid but the bluetooth specification prefers to use all 0 addresses to represent an invalid address.
 2018-05-01 11:17:47 +01:00
Vincent Coubard 80941af0f6 BLE: Add : LESC authenticated encryption to the list of possible link encryption. 2018-05-01 11:16:41 +01:00
Vincent Coubard db565d38b3 BLE: remove useless flags in GattCharacteristic. 2018-04-26 19:00:43 +01:00
Vincent Coubard 486a3e020c BLE: Add fine grained security to GattCharacteristic. 
This patch adds independent management of security requirement for read, write and update operatiosn of a GattCharacteristic.

Requirements are defined after ble::att_security_requirement_t that maps LE security mode 1 and LE security mode 2.

The functions requireSecurity and getRequiredSecurity are deprecated as SecurityManager::ScurityMode_t does not map well with LE security modes.
 2018-04-26 18:55:42 +01:00
Vincent Coubard 1c18351885 BLE: Remove unwanted documentation block of GattCharacteristic. 2018-04-26 17:29:29 +01:00
Vincent Coubard 9258b9ddb6 BLE: Add security requement support into GattAttribute. 2018-04-26 17:26:15 +01:00
Vincent Coubard 7afd01d84d BLE: Add type describing ATT security requirements. 2018-04-26 17:22:21 +01:00
Vincent Coubard 27d36ba820 BLE: Add missing relational operator to SafeEnum. 2018-04-26 17:07:54 +01:00
Vincent Coubard cbb33ea938 BLE: Add comments to GenericSecurityManager::on_identity_list_retrieved. 2018-04-20 10:22:56 +01:00
Vincent Coubard 0b92397840 BLE: Fix flag IRK stored in Memory security DB. 2018-04-20 10:22:13 +01:00
paul-szczepanek-arm f56f57bf15 reorder enum to add new values at the end 2018-04-17 16:25:35 +01:00
Vincent Coubard 951a6be4c8 BLE: retrieve and fill resolving list at GenericSecurityManager startup. 2018-04-17 15:58:21 +01:00
Vincent Coubard ede3d43743 BLE: Add function to querry the list of identity addresses present in the SecureDB. 2018-04-17 15:57:30 +01:00
Vincent Coubard 77b1903634 BLE: Add bonded device to resolving list at the end of bonding. 2018-04-17 14:16:35 +01:00
Vincent Coubard ae8d5b4de1 BLE: Implement identity retrieval in secure DB. 2018-04-17 14:15:28 +01:00
Vincent Coubard f905d2a4d4 BLE: Improve DB entry lookup. 
The DB entry lookup now looks at the identity address and/or connection address to find a DB entry associated to an address.

If the entry has not been found in the DB and a new entry is returned then the connection address is not stored for private addresses.
 2018-04-17 14:14:53 +01:00
Vincent Coubard a3bb18d724 BLE: store identity address type in DB. 2018-04-17 14:11:05 +01:00
Vincent Coubard 06e0aa3440 BLE: flag that irk has been stored in the security entry. 2018-04-17 14:10:19 +01:00
Vincent Coubard 6fc74fbc44 BLE: Fix MemorySecurityDB constructor warning. 2018-04-17 14:09:00 +01:00
Vincent Coubard 15fa3bfd37 BLE: Add a function to retrieve a device identity. 2018-04-17 14:08:01 +01:00
Vincent Coubard e8041510a6 BLE: Add a flag that indicate if the identity address is public or not. 2018-04-17 14:07:19 +01:00
Vincent Coubard ab6821aab8 BLE: Add a flag indicating if irk is stored in the distribution flags. 2018-04-17 14:06:47 +01:00
Vincent Coubard 9643b57159 BLE: Remove flag SecurityDistributionFlags_t::local_address_is_public 
This flag was not used and not useful.
 2018-04-17 14:06:00 +01:00
Vincent Coubard dfbf383614 BLE: Fix const correctness of ::Gap::getRandomAddressType 2018-04-17 14:03:57 +01:00
Vincent Coubard 51e1c76b4a BLE: Set default mac address to all 00. 2018-04-17 14:03:20 +01:00
Vincent Coubard a7f2384e10 BLE: Add default privacy configuration 2018-04-16 18:18:04 +01:00
Vincent Coubard 90c85955ad BLE: Fix GAP privacy related signatures. 2018-04-12 11:04:44 +01:00
Vincent Coubard 2811e00868 BLE: Fix Gap privacy related documentation 2018-04-12 10:37:13 +01:00
Vincent Coubard 1f02913a2c BLE: Add Gap privacy interfaces. 
This commit adds API to enable and configure the device privacy.
It deprecates address random types present in Gap::AddressType as these types are not appropriate for scan reports, connection initiation and the connection event. Now user should use the function Gap::getRandomAddressType to find the type of a random address.
The function gap::setAddress is deprecated as it is not portable and can colide with privacy.
 2018-04-11 14:18:42 +01:00
Paul Szczepanek 6c900642e5
Merge pull request #28 from paul-szczepanek-arm/signing-counter 
sign counter added
 2018-04-10 17:06:14 +01:00
paul-szczepanek-arm deeb0ea7e0 redundant store for sign counter 2018-04-09 15:11:26 +01:00
paul-szczepanek-arm 637dcb9bc8 missing * 2018-04-09 15:10:25 +01:00
paul-szczepanek-arm 55d3423a5e typedef uint32_t 2018-04-09 13:35:17 +01:00
Vincent Coubard f53a0e4906 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into sc-nordic 2018-04-09 09:09:01 +01:00
paul-szczepanek-arm 57149b69e4 monitor for signing events and set local counter 2018-04-04 19:24:00 +01:00
paul-szczepanek-arm 1d74dfa1f9 redundant funcs removed 2018-04-04 18:02:16 +01:00
Vincent Coubard dcff810457 BLE: replace byte_array_t::buffer with byte_array_t::data 2018-04-04 17:20:08 +01:00
paul-szczepanek-arm 2e1c5fc123 completely redundant 2018-04-04 17:16:16 +01:00
paul-szczepanek-arm 539a11ee31 sign counter added 2018-04-04 15:59:10 +01:00
Vincent Coubard cd39406d20 BLE: Add conversion function from byte_array_t to ArrayView. 2018-04-04 15:28:52 +01:00
Vincent Coubard 5761caff00 BLE: Extend ArrayView to encode size in type. 
With this change, it is possible to encode the size of the array viewed by an ArrayView into the type itself: ArrayView<T, Size>. Such objects are lighter than ArrayView of arbitrary size and allows verification of the size at compile time.

This change also fix operator== and bring new make_ArrayView overloads.
 2018-04-04 15:28:17 +01:00
Vincent Coubard 9e1f0b34f8 BLE: Fix byte_array_t subscript operator 2018-04-04 15:22:15 +01:00
Vincent Coubard d8f3d9c5ef BLE: provide non const overload of byte_array_t::data member function. 2018-04-04 15:21:54 +01:00
Vincent Coubard bf41bb3164 BLE: Export byte_array_t size exploitable at compile time. 2018-04-04 15:21:05 +01:00
paul-szczepanek-arm cbf80e9da5 typos, style and other review fixes 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm f5fee68f99 fixed naming for sig failure count 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 9283413c4c count failures, trigger reparing when verification fails 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 780d8a4375 let the stack know whether csrk is authenticated 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 8d966dbe8c invalid mic event 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 5ae9cc3b53 set peer csrk on pal 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 26b047549c extra comments for api 2018-04-03 15:17:15 +01:00
paul-szczepanek-arm 0a494a0bbc all_zeros now free functions 2018-04-03 14:47:27 +01:00
paul-szczepanek-arm ba5b0f30d2 added comments about address for oob generation 2018-04-03 13:54:29 +01:00
paul-szczepanek-arm 3c1a5a4a56 incorrect retval usage fixed 2018-04-03 12:16:49 +01:00
Vincent Coubard 95cd37b491 BLE: Add const overload for byte_array_t subscribt operator. 2018-03-29 17:22:48 +01:00
Donatien Garnier 8b66c4bd28 [BLE] Fixed inconsistent casing issue for SecurityDb 2018-03-28 10:44:09 +01:00
paul-szczepanek-arm aa90f0df65 rely solely on random vlalue to know if already calculating 
simplify by setting a fake random value at the start so that first run is the same as subsequent runs
 2018-03-27 12:25:50 +01:00
paul-szczepanek-arm 02ba2848a8 avoid recalculating oob fi already calculating 2018-03-26 17:48:32 +01:00
Vincent Coubard db20ecbbde
Merge branch 'security-manager-dev' into oob-gen 2018-03-26 16:49:55 +01:00
paul-szczepanek-arm 98efb9da06 generate oob at will and without passing in connection handle 2018-03-23 18:31:27 +00:00
Vincent Coubard e25d5c9aa3 BLE: qualification of SecurityManager types 2018-03-23 12:06:08 +00:00
paul-szczepanek-arm 909f9513cf allow preloading legacy oob, generate tk 2018-03-22 12:01:34 +00:00
paul-szczepanek-arm 66867d4dd3 oob stored in generic and handed over to pal when requested 2018-03-16 14:48:04 +00:00
paul-szczepanek-arm 1521dee773 add doxygen comment about OOB deneration cause bu setOOBDataUsage 2018-03-09 18:06:56 +00:00
paul-szczepanek-arm 1f8c5c1231 fixed typos 2018-03-09 14:22:28 +00:00
paul-szczepanek-arm b8ba99a184 handling OOB data generation and verification now pushed down to PAL level 2018-03-05 11:29:13 +00:00
Donatien Garnier a3383c139b Addressed Vincent's comments 2018-03-01 20:32:37 +00:00
paul-szczepanek-arm ded1403399 security manager overview doc fixes 2018-03-01 19:55:44 +00:00
paul-szczepanek-arm 371f183a6a added one more sequence diagram 2018-03-01 18:49:43 +00:00
paul-szczepanek-arm 1f52e42bcf more detailed comment for confirmation request 2018-03-01 18:31:16 +00:00
paul-szczepanek-arm e706b41ccf removed redundant event for SC OOB request, fixed comments 2018-03-01 16:39:44 +00:00
Vincent Coubard f0405690b7 BLE: Resolve issue with address type in advertising report. 2018-03-01 15:48:21 +00:00
paul-szczepanek-arm 392ee6ec7c removed get encryption key size from API 2018-03-01 15:29:52 +00:00
Donatien Garnier 00df64b26c Fixed PasskeyAscii constructor 2018-03-01 15:16:47 +00:00
Vincent Coubard 1170b3132d BLE: Remove useless pal sm API 2018-03-01 14:46:12 +00:00
paul-szczepanek-arm f9a79bed15 fixed initiator distribution bug and setting LINK distribution field based on SC 2018-02-28 17:43:54 +00:00
paul-szczepanek-arm d20c4efbf3 documentation overview for securitymanager 2018-02-28 17:00:56 +00:00
paul-szczepanek-arm 701c18b428 missing documentation, removed privacy call from api 2018-02-28 13:49:51 +00:00
paul-szczepanek-arm c52d324dab pass in information about the mitm and sc quality of the ltk to the pal 2018-02-28 12:02:54 +00:00
paul-szczepanek-arm 975544f274 link key distribution decision made in generic security manager 2018-02-27 23:26:34 +00:00
paul-szczepanek-arm 96de1c2752 header guards renamed 2018-02-27 17:25:57 +00:00
paul-szczepanek-arm e186985b26 addressing PR review: added documentation, moved code and renamed vars 2018-02-27 17:22:13 +00:00
paul-szczepanek-arm fc01cff1b3 removed using statements from header 2018-02-27 12:25:01 +00:00
paul-szczepanek-arm d264512c8c remove virtual as per review request 2018-02-27 12:15:40 +00:00
Vincent Coubard 928dbcf325
BLE: Fix prefix of BLEProtocol::AddressType 2018-02-27 12:12:17 +00:00
paul-szczepanek-arm 957cee39fe Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os 2018-02-27 11:57:20 +00:00
paul-szczepanek-arm 0f1fd58c38 removed MIC related functions and events from the user API 2018-02-27 11:57:16 +00:00
Vincent Coubard 0b0d614787 Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os into pr-sm 2018-02-27 11:54:32 +00:00
paul-szczepanek-arm 62e9011525 public key renaned (added coord), also contains missing commit for oob_rand rename 2018-02-27 11:50:04 +00:00
Vincent Coubard 361ae8c7a3 BLE: fix references to oob_rand_t. 2018-02-27 11:48:21 +00:00