ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
19,443 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

931 Commits (a47c6b8139f497c58bc93289df7b9eedafef51e3)

Author SHA1 Message Date
paul-szczepanek-arm c2bbc94b44 handle init of an already initialised security db 2018-05-16 11:01:37 +01:00
Vincent Coubard afcbdfc7dc Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into filedb 2018-05-16 08:43:52 +01:00
Donatien Garnier 288c3952d8 Address Paul's comments 2018-05-15 18:37:50 +01:00
paul-szczepanek-arm 5c598688e4 templates for reading and writing to avoid repetition 2018-05-15 16:35:54 +01:00
Vincent Coubard 2cb6e659a9 Nordic BLE: Backport security fixes from nRF5 to nRF5x 2018-05-15 15:11:33 +01:00
Vincent Coubard ca5a9f359a Nordic BLE: remove unecessary nordic ble libraries. 2018-05-15 14:51:19 +01:00
Vincent Coubard a22b4e5d5e Nordic BLE: Remove nordic gap init. 
This initialization is already done in GattServer.
 2018-05-15 14:51:18 +01:00
Vincent Coubard dd6a5350e2 Nordic BLE: Remove peer manager handling. 2018-05-15 14:51:18 +01:00
Vincent Coubard 6f24078507 Nordic BLE: route event handling correctly. 2018-05-15 14:51:18 +01:00
Vincent Coubard 167a660ac1 Nordic BLE: use pal security manager. 2018-05-15 14:51:18 +01:00
Vincent Coubard 31f8cd18f7 Nordic BLE: Backport Gap from nRF5 2018-05-15 14:51:18 +01:00
Vincent Coubard 39396955a2 Nordic BLE: simplify whitelist management. 2018-05-15 14:51:17 +01:00
Vincent Coubard 6810c02606 Nordic BLE: Fix processing of events. 
If new events are signaled during processing then they should be processed when processEvent is called again. The goal is to let other processing happen and not process sollely ble events.
 2018-05-15 14:51:17 +01:00
Vincent Coubard 8fbecf2e0d Nordic BLE: Fix incorrect assignement 2018-05-15 14:51:17 +01:00
Vincent Coubard 68b3288ba8 Nordic BLE: Fix signature of nRF5xGattServer::hwCallback 2018-05-15 14:51:17 +01:00
Vincent Coubard 4a7c9a9a55 Nordic BLE: expose publically btle_handler 2018-05-15 14:51:17 +01:00
Vincent Coubard 2af5508c4c Nordic BLE: Do not conditionnaly assign sm key pointers. 
This change has been forced by a change in latest softdevice that requires all key pointers to not be NULL unlike what is indicated in the documentation.
 2018-05-15 14:51:17 +01:00
Vincent Coubard dc54da0a2d Nordic BLE: Force signing and link requirements to false. 2018-05-15 14:51:16 +01:00
Vincent Coubard 02e3c13d25 Nordic BLE: Protect event signaled flag. 2018-05-15 14:51:16 +01:00
Vincent Coubard f7f1272647 Nordic: Backport security manager pal for NRF5X targets. 2018-05-15 14:51:15 +01:00
Vincent Coubard 4acb3937e4 Cordio BLE: Fix potential memory leak in GattServer. 2018-05-15 14:32:29 +01:00
Vincent Coubard ee720f30bb BLE: Comment security requirement elevation for signed writes. 2018-05-15 12:17:59 +01:00
Vincent Coubard 2c7ed993ec BLE: Fix security requirements in GattCharacteristic. 2018-05-15 12:17:34 +01:00
Vincent Coubard 2860365a3c BLE: Improve readibility of condition. 2018-05-15 12:16:51 +01:00
paul-szczepanek-arm 49db7e2a2a restoring db file blanks file if set to not restore, allow reusing the db 2018-05-15 11:46:39 +01:00
paul-szczepanek-arm f8244a3d87 review comments, init partly moved to restore, restore setting enabled, null check on filepath 2018-05-15 10:24:59 +01:00
Donatien Garnier 6c6af1b0d5 Added missing masks and fixed bit ordering in is_random_xx_address() functions 2018-05-14 13:59:32 +01:00
Donatien Garnier d8b63fc03d Reordered initializers in GenericGap 2018-05-14 13:53:50 +01:00
Donatien Garnier 67ec6323fc Added update_random_address() implementation in GenericGap 2018-05-14 13:52:29 +01:00
Donatien Garnier 3523cdb264 Missing initializer in GenericGap 2018-05-14 13:37:37 +01:00
Donatien Garnier 472d3de849 Give GenericGap access to the Security Manager's PAL 2018-05-14 13:36:02 +01:00
Donatien Garnier a3d9d6cebd Business logic for handling non-resolvable private addresses 2018-05-14 13:26:39 +01:00
Bartek Szatkowski 38df9306d7 Update wsf_types.h to support updated CMSIS 2018-05-14 12:18:21 +01:00
paul-szczepanek-arm 579cb5e222 avoid setting flags twice 2018-05-14 10:26:44 +01:00
paul-szczepanek-arm f4f3a3c697 store ltk and csrk but not irk sent status 
and missing asserts
 2018-05-14 09:52:49 +01:00
paul-szczepanek-arm a7f8d54761 more doxygen 2018-05-13 23:54:44 +01:00
paul-szczepanek-arm d3524e2407 doxygen 2018-05-13 23:49:44 +01:00
paul-szczepanek-arm 8f90875cd6 reset entry now remove old keys 2018-05-13 23:49:27 +01:00
paul-szczepanek-arm 23c6a69d66 key dist flags only in db now and not in control block of sec manager 2018-05-13 23:26:34 +01:00
Donatien Garnier 69e35c49c8 Handle resolution policy for peripheral in GenericGap 2018-05-13 23:25:52 +01:00
paul-szczepanek-arm ab117737fa write back counter, sync entry by hand;e 2018-05-13 22:55:47 +01:00
Donatien Garnier 21471bb3c9 and make sure it compiles and that policy is only applied if privacy is enabled :) 2018-05-13 22:42:11 +01:00
Donatien Garnier 926efa4018 Filter out advertising reports for unresolved addresses if required 2018-05-13 22:37:59 +01:00
Donatien Garnier 6a2ffaeac0 Update own address type generation in GenericGap 2018-05-13 22:16:08 +01:00
Donatien Garnier 620ebc3f9a Some fixes in GenericGap 2018-05-13 20:38:29 +01:00
Donatien Garnier 2509a88d58 Revert set_privacy() in Cordio GAP PAL impl 2018-05-13 20:37:14 +01:00
Donatien Garnier 1a623e6670 Added method to enable/disable privacy in GAP Pal with Cordio impl 2018-05-13 19:15:20 +01:00
Donatien Garnier 4c5e2a8094 Added method to update resolution settings in GenericGap 2018-05-13 19:14:56 +01:00
Donatien Garnier cf03d40909 Doc fix in PalGap.h 2018-05-13 18:54:11 +01:00
Donatien Garnier 5734fca195 Added set_address_resolution method in GAP Pal with Cordio implementation 2018-05-13 18:53:23 +01:00
Donatien Garnier 7b4a813aca Added stubs in GenericGap for privacy configuration methods 2018-05-13 18:52:54 +01:00
Donatien Garnier e9ad148db0 Added privacy-related methods overrides in GenericGap 2018-05-13 17:57:27 +01:00
Donatien Garnier 33c46f5658 Remove LL resolving 'shorcut' when adding a device to resolving list - this should be controlled by the GAP layer 2018-05-13 17:49:00 +01:00
Cruz Monrreal 2104d8ab5b
Merge pull request #6711 from marcuschangarm/cleanup-nrf5x 
Cleanup TARGET_NRF5 and TARGET_NRF5x
 2018-05-11 19:15:05 -05:00
paul-szczepanek-arm 3af4d0b50f get identity list function argument needs to have its own memory allocated 2018-05-11 19:52:12 +01:00
paul-szczepanek-arm a63f38e767 moved logic to security db and left storage in memory and file dbs 
db created at init now
 2018-05-11 19:41:33 +01:00
Donatien Garnier 40b6813dcf Fix wrong use of DmLlPrivEnabled() 2018-05-11 18:52:27 +01:00
Donatien Garnier 71bd30daf3 More inline doc 2018-05-11 18:37:02 +01:00
Donatien Garnier bcfbeb7f1a Some doc adjustments 2018-05-11 18:23:37 +01:00
Donatien Garnier 3ca3c2db2c Initial implementation of the Security Manager's Privacy feature for Cordio 2018-05-11 18:20:39 +01:00
paul-szczepanek-arm 678d494c5a init _db pointer 2018-05-11 10:20:04 +01:00
paul-szczepanek-arm afa4bdcf1a pull common logic into secure db 2018-05-11 10:19:48 +01:00
Vincent Coubard 40a403e99b Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-10 12:05:36 +01:00
paul-szczepanek-arm 473482d204 move securitydb into generic 2018-05-10 11:08:31 +01:00
Cruz Monrreal c97a8fb216
Merge pull request #6817 from pan-/fix-crypto_toolbox_f4-parameter-types 
GenericSecurityManager: Fix crypto_toolbox_f4 signature.
 2018-05-09 11:33:27 -05:00
Cruz Monrreal e33fb60c3d
Merge pull request #6849 from scartmell-arm/bug-critical-section-nordic 
Add missing semicolon to NRF51 critical_section implementation
 2018-05-09 11:33:10 -05:00
paul-szczepanek-arm b95da8d8c4 remove crypto when missing ECDH 2018-05-09 12:27:43 +01:00
Paul Szczepanek fee986750d
fix case 2018-05-09 12:19:35 +01:00
Paul Szczepanek b4d7bb6020
fix case 2018-05-09 12:19:27 +01:00
Paul Szczepanek 37b11d8ac5
fix case 2018-05-09 12:18:55 +01:00
Paul Szczepanek 367fe345ba
fix case 2018-05-09 12:18:42 +01:00
Paul Szczepanek 79b3bc4fce
fix case 2018-05-09 12:18:26 +01:00
paul-szczepanek-arm b98ffa48da fix uppercase X in nrf5x 2018-05-09 12:16:26 +01:00
paul-szczepanek-arm 6a26a8a6c8 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into security-manager-dev 2018-05-09 11:37:41 +01:00
paul-szczepanek-arm c02b318436 fixed case in filename 2018-05-09 11:37:33 +01:00
Paul Szczepanek 2b02148ab6
Merge branch 'master' into security-manager-dev 2018-05-09 11:23:28 +01:00
paul-szczepanek-arm b8fe37a00e disable ECDH if the platform doesn't support it 
otherwise you get linker errors
 2018-05-09 11:01:10 +01:00
Steven Cartmell 1dfea4168f Add missing semicolon to NRF51 critical_section implementation 2018-05-09 10:54:26 +01:00
Marcus Chang 1aebdcbee5 Reorganize TARGET_MCU_NRF51822_UNIFIED directories 
The unified NRF51 target and feature BLE directories have been
reorganized to follow the naming and directory structure of the
NRF52 implementation.

This reorganization does not include TARGET_MCU_NRF51822 and
derived targets.
 2018-05-08 10:10:01 -07:00
Paul Szczepanek 9a0a0865a6
Merge branch 'security-manager-dev' into sm-privacy-nordic 2018-05-08 18:01:41 +01:00
Paul Szczepanek 214656a9ee
fix case in #include 2018-05-08 17:56:38 +01:00
Paul Szczepanek 1a35f3e217
fixed case in name 2018-05-08 17:49:22 +01:00
Cruz Monrreal adcd7ec002
Merge pull request #6742 from pan-/ble-update-cordio-porting-guide 
BLE: Update cordio porting guide
 2018-05-08 10:42:19 -05:00
Cruz Monrreal 5b5c8ddb4e
Merge pull request #6743 from pan-/ble-cordio-h4-conditionnal-to-fc 
BLE: Conditional compilation of H4 driver
 2018-05-08 10:41:58 -05:00
Vincent Coubard 565921608e Cordio: Improve cordio H4 driver. 
Ommit H4 driver definition if serial flow control is not supported.
 2018-05-04 16:36:05 +01:00
Vincent Coubard 34c9206054 BLE: update cordio porting guide. 
Improve description of the requirements of the H4 driver.
 2018-05-04 16:35:57 +01:00
Vincent Coubard 3f9186faa2 GenericSecurityManager: Fix crypto_toolbox_f4 signature. 
The type exposed in the header file were not aligned to the one used in
the implementation: ble::public_key_t instead of ble::public_key_coord_t.
 2018-05-04 12:11:34 +01:00
Vincent Coubard fd5903c22d GenericGattClient: Fix discovery termination. 
The procedure should be terminated whenever the server returns an error not equal
to ATTRIBUTE_NOT_FOUND. The block was effectivelly terminated but the
procedure was not. As a result the discovery was operating on already
freed memory.
 2018-05-04 11:30:58 +01:00
Vincent Coubard b5e8d4eacb Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-03 09:26:36 +01:00
Vincent Coubard 0a59e00b23 Nordic BLE: Update GATT server security management 
This patch refines permission applied to characteristic and descriptors; instead of a single level of permission , each characteristic receives a permission for the read operation, one for the write operation and another one for the update operation.

As a consequence, updates are not sent if the link does not cover the update permission requirement.

Descriptors also benefits individually from read and write permission.
 2018-05-02 19:15:24 +01:00
Vincent Coubard 4f1e574eff Cordio GattServer: Fix uses of designated initializer. 
These are not legal in C++ code.
 2018-05-02 18:14:54 +01:00
Vincent Coubard 7e043ead96 Nordic BLE: Add stub implementation of remove_peer_csrk in security manager. 2018-05-02 17:52:39 +01:00
Vincent Coubard 4e5639f5ca BLE: Support encryption with secure connection key. 2018-05-02 17:51:48 +01:00
Donatien Garnier ba0f18c9ab Fix casing in MemorySecurityDb.h 2018-05-02 17:39:10 +01:00
Vincent Coubard f79eeb0173 Cordio: Update stack and pal to support LE security mode 2 level 2. 2018-05-02 14:32:38 +01:00
Vincent Coubard 01e3a004a6 Cordio: register server authorization callback. 2018-05-01 12:29:03 +01:00
Vincent Coubard 549a513dfb Cordio: Enable client and server signing 2018-05-01 12:28:37 +01:00
Vincent Coubard d0c4d7a8a3 Cordio: Forward server related events to CordioGattServer 2018-05-01 12:27:49 +01:00
Vincent Coubard 0f64b1c988 CordioGattServer: Global refactoring 
The registration process has been breaked down into several functions that register the service attribute, characteristic declaration attributes, characteristic value attributes and characteristic descriptors.

Service registration now consider all characteristics permissions: read, write and update. Permissions are also considered when updates needs to be propagated to peers.

Handling of user authorization is also a change introduced by this refactoring.
 2018-05-01 12:26:24 +01:00
Vincent Coubard 55eb7033b2 Generic Security Manager: Set csrk to stored when the peer csrk has been received. 2018-05-01 11:54:25 +01:00
Vincent Coubard 41a3442474 Generic Security Manager: Set ltk to stored when the peer ltk has been recveived. 2018-05-01 11:54:03 +01:00
Vincent Coubard f90eacfd27 Generic Security Manager: remove peer csrk at disconnection 2018-05-01 11:53:18 +01:00
Vincent Coubard 1ac95e105b ble - Generic Security Manager: set signing unconditionnal to role reversal. 
A peripheral can act as a GATT client whether it is in the peripheral role or the central role therefore it doesn't make sense to enable signing only if roles will be reversed latter.
 2018-05-01 11:50:59 +01:00
Vincent Coubard 9880db7543 Generic Security Manager: Improve formating 2018-05-01 11:48:22 +01:00
Vincent Coubard 2e3c7e8ab7 Generic Security Manager: Set LinkKey to false unconditionally. 
This key distribution flags is for dual mode devices; mbed does not support BR/EDR.
 2018-05-01 11:45:24 +01:00
Vincent Coubard e39bb4b92c BLE - GenericGattClient: Exploit ENCRYPTED_WITH_SC_AND_MITM encryption. 
IF link is encrypted, authenticated or authenticated with lesc then signed write must be transformed into regular write commands.
 2018-05-01 11:38:30 +01:00
Vincent Coubard 2da6fa3947 Cordio PAL security manager: Copy locally own CSRK 
The stack does not copy csrk when DmSecSetLocalCsrk is invoked; it just retains a pointer to it. Therefore a copy is kept inside the pal.
 2018-05-01 11:35:16 +01:00
Vincent Coubard e4813f4fe9 Cordio PAL Security Manager: Copy locally own IRK. 
The IRK needs to be stored somewhere as it is not copied inside the stack, the stack just keeps a reference to it.
 2018-05-01 11:33:36 +01:00
Vincent Coubard 2924bb4c86 Cordio PAL ATT Client: initialize the local sign counter to 0. 2018-05-01 11:29:45 +01:00
Vincent Coubard 74bc214961 BLE - Security Manager PAL: Add a function to remove the peer csrk. 
If the the upper layer has registered a peer csrk on the pal security manager then it must remove it once the connection is closed.

This API allows the upper layer to remove the peer csrk registered earlier.
 2018-05-01 11:27:38 +01:00
Vincent Coubard 1e277bad50 BLE: Lookup for non identity addresses when a secure entry is opened. 
A peer may not share a valid IRK and identity address during pairing (in that case the identity address received is all zeros). When this happens, the entry must be retrieved by looking at the address used by the peer during the connection.
 2018-05-01 11:24:44 +01:00
Vincent Coubard c4b78ada0e BLE: Set default mac address to 00:00:00:00:00:00 
Both mac addresses are invalid but the bluetooth specification prefers to use all 0 addresses to represent an invalid address.
 2018-05-01 11:17:47 +01:00
Vincent Coubard 80941af0f6 BLE: Add : LESC authenticated encryption to the list of possible link encryption. 2018-05-01 11:16:41 +01:00
Vincent Coubard db565d38b3 BLE: remove useless flags in GattCharacteristic. 2018-04-26 19:00:43 +01:00
Vincent Coubard 486a3e020c BLE: Add fine grained security to GattCharacteristic. 
This patch adds independent management of security requirement for read, write and update operatiosn of a GattCharacteristic.

Requirements are defined after ble::att_security_requirement_t that maps LE security mode 1 and LE security mode 2.

The functions requireSecurity and getRequiredSecurity are deprecated as SecurityManager::ScurityMode_t does not map well with LE security modes.
 2018-04-26 18:55:42 +01:00
Vincent Coubard 1c18351885 BLE: Remove unwanted documentation block of GattCharacteristic. 2018-04-26 17:29:29 +01:00
Vincent Coubard 9258b9ddb6 BLE: Add security requement support into GattAttribute. 2018-04-26 17:26:15 +01:00
Vincent Coubard 7afd01d84d BLE: Add type describing ATT security requirements. 2018-04-26 17:22:21 +01:00
Vincent Coubard 27d36ba820 BLE: Add missing relational operator to SafeEnum. 2018-04-26 17:07:54 +01:00
Vincent Coubard 2c8b9ab3dc BLE: Remove example section from cordio porting guide. 
This section is not applicable in the public version of mbed-os.
 2018-04-25 12:15:28 +01:00
Vincent Coubard 6bb80317f8 BLE: Update cordio porting guide 
Remove the section "Include prebuilt libraries" as it is not applicable
anymore.
 2018-04-25 11:48:23 +01:00
Vincent Coubard b0d5ba33bb BLE: return an error when application tries to turn down encryption. 2018-04-20 15:49:14 +01:00
Vincent Coubard 6a90232b6b BLE: Update cordio stack binaries. 
The new build contains a fix related to permission verification of
characteristic that requires signed write.
 2018-04-20 14:57:14 +01:00
Vincent Coubard cbb33ea938 BLE: Add comments to GenericSecurityManager::on_identity_list_retrieved. 2018-04-20 10:22:56 +01:00
Vincent Coubard 0b92397840 BLE: Fix flag IRK stored in Memory security DB. 2018-04-20 10:22:13 +01:00
paul-szczepanek-arm d1f3e4fd27 don't require master sends keys for signing key 2018-04-20 09:33:54 +01:00
Donatien Garnier f9b371fc0f Handle required BLE5 softdevice commands 2018-04-19 09:40:41 -07:00
Donatien Garnier aeab2ecbbf Fix potential race condition in nRF5xn.cpp 2018-04-19 09:40:41 -07:00
Marcus Chang 97426d63e9 NRF52 BLE: Fix GCC C++11 include error 
Change <memory> include to <new>

From: d001fb1c66
 2018-04-19 09:40:41 -07:00
Donatien Garnier 64baf717e8 Upgrade NRF52 BLE API to version 5 
* Add NRF_SD_BLE_API_VERSION=5 macro to MCU_NRF52832 target
* Added initial Softdevice v5 API support for nRF5XPalGattClient.cpp
* Added initial Softdevice v5 API support for nRF5xGap.h
* Added initial Softdevice v5 API support for nRF5xGattServer.cpp
* Make sure the ah() hash function used by the security manager is declared with C linkage
* Removed 'ARM porting pending' checks in Nordic SDK
* Added BLE configuration to mbed_lib.json for NRF52x targets
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in btle.cpp; adopted polling dispatch model
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in nRF5xn.cpp
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in nRF5xGap.cpp
* Added const qualifier to hwCallbacks's p_ble_evt parameter in nRF5xGattServer
* Add workaround to enable Radio Notification module from Nordic SDK
  * Disabled SWI1 interrupt manually from SWI driver module
    * Added missing include directive for "nrf_nvic.h" in ble_radio_notification.c
* Set correct number of custom UUIDs
* Adjust Softdevice RAM requirements for NRF52832/S132
  * RAM settings for the application were adjusted as follow:
    * Start: 0x20003800
    * Size: 0xC800
* Adjust Softdevice RAM requirements for NRF52840/S140
  * RAM settings for the application were adjusted as follow:
    * Start: 0x20003700 (was 0x20003000)
    * Size: 0xC900
* Added 3dBm as a permitted TX Power value for NRF52832
* Fix address type recovery in GAP
* Return min non-connectable adv interval compatible with infrastrcture's expectations
* Moved BLE driver from TARGET_SDK_14_2/FEATURE_BLE to TARGET_SDK_14_2/TARGET_SOFTDEVICE_COMMON/ble
 2018-04-19 09:40:41 -07:00
Paul Szczepanek a99a4b8593
Merge pull request #33 from pan-/fix-cordio-addresses-type 
BLE: Handle new addresses type in GenericGap.
 2018-04-18 11:34:13 +01:00
Vincent Coubard 169e579de7 BLE: Handle new addresses type in GenericGap. 2018-04-17 17:05:41 +01:00
paul-szczepanek-arm f56f57bf15 reorder enum to add new values at the end 2018-04-17 16:25:35 +01:00
Vincent Coubard 951a6be4c8 BLE: retrieve and fill resolving list at GenericSecurityManager startup. 2018-04-17 15:58:21 +01:00
Vincent Coubard ede3d43743 BLE: Add function to querry the list of identity addresses present in the SecureDB. 2018-04-17 15:57:30 +01:00
Vincent Coubard 77b1903634 BLE: Add bonded device to resolving list at the end of bonding. 2018-04-17 14:16:35 +01:00
Vincent Coubard ae8d5b4de1 BLE: Implement identity retrieval in secure DB. 2018-04-17 14:15:28 +01:00
Vincent Coubard f905d2a4d4 BLE: Improve DB entry lookup. 
The DB entry lookup now looks at the identity address and/or connection address to find a DB entry associated to an address.

If the entry has not been found in the DB and a new entry is returned then the connection address is not stored for private addresses.
 2018-04-17 14:14:53 +01:00
Vincent Coubard a3bb18d724 BLE: store identity address type in DB. 2018-04-17 14:11:05 +01:00
Vincent Coubard 06e0aa3440 BLE: flag that irk has been stored in the security entry. 2018-04-17 14:10:19 +01:00
Vincent Coubard 6fc74fbc44 BLE: Fix MemorySecurityDB constructor warning. 2018-04-17 14:09:00 +01:00
Vincent Coubard 15fa3bfd37 BLE: Add a function to retrieve a device identity. 2018-04-17 14:08:01 +01:00
Vincent Coubard e8041510a6 BLE: Add a flag that indicate if the identity address is public or not. 2018-04-17 14:07:19 +01:00
Vincent Coubard ab6821aab8 BLE: Add a flag indicating if irk is stored in the distribution flags. 2018-04-17 14:06:47 +01:00
Vincent Coubard 9643b57159 BLE: Remove flag SecurityDistributionFlags_t::local_address_is_public 
This flag was not used and not useful.
 2018-04-17 14:06:00 +01:00
Vincent Coubard dfbf383614 BLE: Fix const correctness of ::Gap::getRandomAddressType 2018-04-17 14:03:57 +01:00
Vincent Coubard 51e1c76b4a BLE: Set default mac address to all 00. 2018-04-17 14:03:20 +01:00
Vincent Coubard b3c871c960 BLE: Implement privacy on Nordic targets. 2018-04-16 18:18:05 +01:00
Vincent Coubard 2a9d80c5f0 BLE: Change nRF5xSecurityManager::resolve_address signature 
Return the resolving list entry instead of accepting in parameters.
 2018-04-16 18:18:04 +01:00
Vincent Coubard a18283d897 BLE: change nRF5xSecurityManager::get_resolving_list return 
It now returns a resolving list entry.
 2018-04-16 18:18:04 +01:00
Vincent Coubard fb680db621 BLE: Implement resolving list in Nordic PAL security manager 2018-04-16 18:18:04 +01:00
Vincent Coubard 365f3d2527 BLE: Add ah in Nordic CryptoToolbox. 2018-04-16 18:18:04 +01:00
Vincent Coubard a7f2384e10 BLE: Add default privacy configuration 2018-04-16 18:18:04 +01:00
paul-szczepanek-arm 9a9167602d moved init code into non-const for clarity 2018-04-16 15:58:03 +01:00
paul-szczepanek-arm 12899b1e09 fix const induced recursive call 2018-04-16 15:34:15 +01:00
paul-szczepanek-arm 6b67a6d0a6 missing deref after signature change 2018-04-16 15:06:37 +01:00
Paul Szczepanek d8f5100822
Merge pull request #30 from pan-/sm-privacy 
BLE: Add Gap privacy interfaces.
 2018-04-12 14:59:27 +01:00
Vincent Coubard 90c85955ad BLE: Fix GAP privacy related signatures. 2018-04-12 11:04:44 +01:00
Vincent Coubard 2811e00868 BLE: Fix Gap privacy related documentation 2018-04-12 10:37:13 +01:00
Paul Szczepanek 9be8837f77
Merge pull request #29 from paul-szczepanek-arm/no-sign-when-encrypted 
check encryption before signing
 2018-04-11 15:51:02 +01:00
Vincent Coubard 8643fd55ed BLE: Add stub for signing API in Nordic pal security manager. 2018-04-11 14:22:51 +01:00
Vincent Coubard 1f02913a2c BLE: Add Gap privacy interfaces. 
This commit adds API to enable and configure the device privacy.
It deprecates address random types present in Gap::AddressType as these types are not appropriate for scan reports, connection initiation and the connection event. Now user should use the function Gap::getRandomAddressType to find the type of a random address.
The function gap::setAddress is deprecated as it is not portable and can colide with privacy.
 2018-04-11 14:18:42 +01:00
paul-szczepanek-arm 1e6455da0b check encryption before signing 2018-04-11 13:37:04 +01:00
paul-szczepanek-arm 3aaedf6f48 fixed missed function rename 2018-04-11 12:34:57 +01:00
Paul Szczepanek 6c900642e5
Merge pull request #28 from paul-szczepanek-arm/signing-counter 
sign counter added
 2018-04-10 17:06:14 +01:00
paul-szczepanek-arm 1ba920a338 missing init 2018-04-10 16:47:29 +01:00
paul-szczepanek-arm 70067105d6 class in header 2018-04-10 16:42:43 +01:00
paul-szczepanek-arm a2484b63b0 Signing event monitor proxy to bind both server and client 2018-04-10 14:58:29 +01:00
paul-szczepanek-arm 4fff20583d sign counter kept track by the class using it 2018-04-09 17:49:54 +01:00
paul-szczepanek-arm deeb0ea7e0 redundant store for sign counter 2018-04-09 15:11:26 +01:00
paul-szczepanek-arm 637dcb9bc8 missing * 2018-04-09 15:10:25 +01:00
paul-szczepanek-arm 55d3423a5e typedef uint32_t 2018-04-09 13:35:17 +01:00
paul-szczepanek-arm be912ded5b normalised the getters const insanity 2018-04-09 12:14:52 +01:00
Vincent Coubard f53a0e4906 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into sc-nordic 2018-04-09 09:09:01 +01:00
paul-szczepanek-arm 57149b69e4 monitor for signing events and set local counter 2018-04-04 19:24:00 +01:00
paul-szczepanek-arm 1d74dfa1f9 redundant funcs removed 2018-04-04 18:02:16 +01:00
Vincent Coubard dcff810457 BLE: replace byte_array_t::buffer with byte_array_t::data 2018-04-04 17:20:08 +01:00
paul-szczepanek-arm acfc5b218d set cordio csrk and counter 2018-04-04 17:16:34 +01:00
paul-szczepanek-arm 2e1c5fc123 completely redundant 2018-04-04 17:16:16 +01:00
paul-szczepanek-arm 539a11ee31 sign counter added 2018-04-04 15:59:10 +01:00
Vincent Coubard 17b3e26429 BLE: remove trace in Nordic PAL security manager 2018-04-04 15:42:47 +01:00
Vincent Coubard 04ab07ff16 BLE: Add documentation to CryptoToolbox. 2018-04-04 15:41:20 +01:00
Vincent Coubard 59a301a256 BLE: CryptoToolbox enhancement 
- Rename LescCrypto into CryptoToolbox
- Use ArrayView of fixed size as parameters
- Add licence
 2018-04-04 15:31:31 +01:00
Vincent Coubard cd39406d20 BLE: Add conversion function from byte_array_t to ArrayView. 2018-04-04 15:28:52 +01:00
Vincent Coubard 5761caff00 BLE: Extend ArrayView to encode size in type. 
With this change, it is possible to encode the size of the array viewed by an ArrayView into the type itself: ArrayView<T, Size>. Such objects are lighter than ArrayView of arbitrary size and allows verification of the size at compile time.

This change also fix operator== and bring new make_ArrayView overloads.
 2018-04-04 15:28:17 +01:00
Vincent Coubard 9e1f0b34f8 BLE: Fix byte_array_t subscript operator 2018-04-04 15:22:15 +01:00
Vincent Coubard d8f3d9c5ef BLE: provide non const overload of byte_array_t::data member function. 2018-04-04 15:21:54 +01:00
Vincent Coubard bf41bb3164 BLE: Export byte_array_t size exploitable at compile time. 2018-04-04 15:21:05 +01:00
Vincent Coubard 7bf0eb009a BLE: use ArrayView to pass and get parameters in Crypto API 
This change allow vendor pal code to use its own array format.
 2018-04-04 11:04:13 +01:00
paul-szczepanek-arm cbf80e9da5 typos, style and other review fixes 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm c1e2e07241 missing line from commit 
(github client fail)
 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 15c06acfe4 style fix 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm dfdfcfb25e style fix 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm e276478d58 only bother reacting to verification failures if we want to use signing 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm f5fee68f99 fixed naming for sig failure count 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 9283413c4c count failures, trigger reparing when verification fails 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 780d8a4375 let the stack know whether csrk is authenticated 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 511135f31c signing only for the slave, unless keys requested to be sent by master 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 8d966dbe8c invalid mic event 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 5ae9cc3b53 set peer csrk on pal 2018-04-03 15:41:43 +01:00