ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
20,449 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

1013 Commits (a628eba212556a652b3b478c6b73312ced70e83d)

Author SHA1 Message Date
paul-szczepanek-arm 4b1ce49ee1 use sets to apply limits 2018-06-19 15:18:11 +01:00
paul-szczepanek-arm 588e68bccf add setScanParams overload 2018-06-19 14:36:18 +01:00
Cruz Monrreal 701d49d8eb
Merge pull request #7211 from pan-/ble-workaround-connections-param-update-request 
Nordic BLE: Accept connection parameter update
 2018-06-18 10:09:22 -05:00
Vincent Coubard 14e229e00a Cordio: Add tests that validates a cordio port. 
The first test focuse on the transport by testing that the reset sequence is
correctly sent to the controller and properly received.

The second test validates that the reset sequence fullfill the right state
of the stack and ensure that bluetooth initialization succeed.
 2018-06-14 18:24:23 +01:00
Cruz Monrreal c3e639aad2
Merge pull request #7123 from paul-szczepanek-arm/fix-generate-whitelist 
BLE: check flags to make sure the IRK has been stored before retrieving it
 2018-06-14 10:15:15 -05:00
Vincent Coubard 92fa40b1c7 Nordic BLE: Accept connection parameter update 
A peer device that sends a connection parameter update may get block if it doesn't receive a response.

This patch accept the peer request unconditionnally. At some point this event will be managed by the application.
 2018-06-13 15:54:51 +01:00
Vincent Coubard 5237c3ec40 Nordic BLE: 
Cancel pairing if the device fail to allocate the resources necessary for the pairing operation.
 2018-06-13 15:11:13 +01:00
Vincent Coubard f0c3f14887 Nordic BLE: Fix pairing cancellation. 
Depending on the role and the current state of the local device; pairing cancelation should be made with a call to a specific function. Normally the Nordic stack would reject invalid calls if the device is not in the correct state; therefore it was assumed that it was possible to detect the state from sd errors. Unfortunatelly this is not true with the latest softdevices as some calls succeed even if the device is not in the right state.

To solve that issue cancelation looks at the current state of the device first to select the right function that will trigger the pairing cancellation.

Note: the call to sd_ble_gap_authenticate was missing in the previous algorithm
 2018-06-13 15:10:10 +01:00
Vincent Coubard 301e527af7 Nordic BLE: Store locally role for a given connection. 2018-06-13 15:03:43 +01:00
Vincent Coubard 5c7b8c8ea4 Nordic BLE: Add default parameter to get the local instance of nrF5xn 2018-06-13 15:02:45 +01:00
Vincent Coubard 8e7936d327 Nordic BLE: Improve return of nRF5xn::getGap. 
Return the derived type instead of the abstract one. This is legal as C++ supports covariant returns.
 2018-06-13 15:02:07 +01:00
Cruz Monrreal fff3564012
Merge pull request #7166 from paul-szczepanek-arm/fix-cancel-pairing 
BLE: fix pairing for misconfigured devices (deny pairing correctly)
 2018-06-13 08:45:46 -05:00
Cruz Monrreal 02e90ef469
Merge pull request #7163 from pan-/cordio-driver-hook 
Cordio driver hook
 2018-06-11 08:49:49 -05:00
paul-szczepanek-arm bd8572e20f missing return 
function would potentially send a reject and accept at the same time
 2018-06-07 17:18:08 +01:00
Cruz Monrreal bacf6a9dec
Merge pull request #6860 from andrewleech/nordic_ble_config 
Nordic BLE: Allow configuration of softdevice parameters
 2018-06-07 10:10:23 -05:00
Vincent Coubard 06d9aac14c Cordio BLE: Allow replacement of hci RX handler. 2018-06-07 12:30:34 +01:00
Vincent Coubard 569fd9ed30 Cordio BLE: Add hook to HCI driver and transport. 
A friend class living in the namespace ble::vendor::cordio and named CordioHCITransportDriver can be added in applications requiring access to internal data of the HCI driver and HCI transport driver.

This is meant to be internal and not easily exploitable by application code.
 2018-06-07 12:29:57 +01:00
paul-szczepanek-arm 265132c5a8 check that flags have the IRK stored before retrieving it 2018-06-05 15:15:19 +01:00
Cruz Monrreal 20a4412082
Merge pull request #7089 from paul-szczepanek-arm/fix-master 
BLE fixes (SM whitelist creation, Nordic scatter file fix, missing TLS initialisation)
 2018-06-04 10:44:54 -05:00
Anna Bridge 2d0e5f04b1
Merge pull request #6022 from andrewleech/nrf_asserts_error 
nrf5x: Enable asserts -> mbed_error
 2018-06-04 12:24:58 +01:00
Vincent Coubard 4d0126898c BLE Nordic: Initialize and teardown tls platform context 2018-06-01 17:12:49 +01:00
paul-szczepanek-arm e534f3b997 fix erroneous assert 2018-06-01 15:57:51 +01:00
paul-szczepanek-arm ff7b13837f check for invalid param 2018-06-01 15:57:39 +01:00
paul-szczepanek-arm 3a2dc69f11 fix not updating size of array 2018-06-01 15:57:22 +01:00
Andrew Leech bf313aa1db Move mbed_lib.json from targets folder to feature_ble folder 
The functionality added all affects BLE features in use so this location is a better fit.
 2018-06-01 13:37:16 +10:00
Andrew Leech ff5ca11253 Allow configuration (via defines) of some of the key settings for the NRF51 softdevice. 
* CENTRAL_LINK_COUNT
* PERIPHERAL_LINK_COUNT
* gatts_enable_params.attr_tab_size
* gatts_enable_params.service_changed
* common_enable_params.vs_uuid_count

These settings control the range of functionality enabled in the softdevice as well as ram consumption.
In particular reducing these values is critical to enable usage of 16K nrf51 devices.
 2018-06-01 13:23:01 +10:00
Donatien Garnier 5da5ef45c0 Cordio H4: Added some comments explaining the use of RawSerial as opposed to using Serial 2018-05-31 11:11:28 -05:00
Donatien Garnier 0cb86ded76 BLE: Replace Serial with RawSerial in Cordio H4 Transport Driver 2018-05-31 10:28:45 -05:00
Cruz Monrreal 791620c428
Merge pull request #6932 from paul-szczepanek-arm/security-manager-dev 
BLE privacy, signing, persistent security database
 2018-05-24 10:07:06 -05:00
Donatien Garnier f08ac2e9b2
Merge pull request #52 from pan-/fix-privacy-nrf52 
Fix privacy nrf52
 2018-05-23 11:50:28 -05:00
Vincent Coubard db4d14c89d BLE NRF52: Fix advertising filtering when no bonds are present. 2018-05-23 17:27:18 +01:00
Vincent Coubard ef208912a6 BLE NRF52: Report correct own address type for connection 
The function that gets the address doesn't work when privacy is enabled; report own address as private resolvable.
 2018-05-23 17:27:18 +01:00
Vincent Coubard 30dac7cd8c BLE NRF52: Fix identity address flag in connection request. 2018-05-23 17:27:07 +01:00
Vincent Coubard 1ba5a112f4 BLE: Fix wrong macro name for IAR 2018-05-23 17:11:26 +01:00
paul-szczepanek-arm de41355c5c Fix not processing all advertising reports if one is filtered out 
filtering out individual reports instead of all
 2018-05-23 14:24:54 +01:00
Paul Szczepanek f4b7f32793
Merge pull request #49 from pan-/fix-privacy-backward-compatibility 
Fix privacy backward compatibility
 2018-05-23 14:20:49 +01:00
Vincent Coubard cfe325cf0e BLE NRF51: Do not filter advertising packet in peripheral if the device as no bond. 2018-05-22 17:40:18 +01:00
Vincent Coubard ba61c09ffc BLE NRF51: Resolve private address on connection in peripheral role 
Soft device inconsistency: The address is not resolved automatically if the device is a peripheral.
 2018-05-22 17:39:03 +01:00
Vincent Coubard 755cf5fa5f BLE NRF51: Defer connection to a common function. 
The soft device is not consistent as it is required to force the connection to a resolved resolvable address so it should be known if the  target is an identity address.
 2018-05-22 17:37:57 +01:00
Vincent Coubard d427fcfb59 Nordic BLE: Remove dependency to mbedtls for CryptoToolbox::ah. 2018-05-22 17:33:49 +01:00
paul-szczepanek-arm 69a0c10f00 removing erroneous (and redundant) check 
this is gating on the wrong flag and the call doesn't require a check in the first place
 2018-05-22 14:37:02 +01:00
paul-szczepanek-arm 08cb7aefd2 fix not writing flags in the file 
flags kept with the rest of data for each entry
 2018-05-22 14:08:09 +01:00
paul-szczepanek-arm 84ff831141 measure file size with SEEK_END 
I thought that's not portable but the rest of the codebase uses it so no reason not to
 2018-05-22 12:25:11 +01:00
paul-szczepanek-arm 1cd0c20fd0 fix opening the file in the wrong mode 2018-05-22 12:11:07 +01:00
paul-szczepanek-arm 7d916a9997 fix not writing version number into the file 2018-05-22 11:45:38 +01:00
Andrew Leech 67140a2706 Redirect NRF asserts to mbed error() in TARGET_NRF5x and SDK 14.2 
Add related details to TARGET_NRF5x Readme's
 2018-05-22 11:36:31 +10:00
Andrew Leech cfd248ee05 Enable ASSERTS's in nrf sdk to catch coding errors. 
These will now flow through to mbed standard error handling.
 2018-05-22 11:36:30 +10:00
Vincent Coubard fb9e0dcbe7 BLE: Fix resolvable private address identification. 2018-05-21 15:30:19 +01:00
Vincent Coubard b973a8a490 BLE: Add default constructor to peer_address_type_t 2018-05-21 15:29:54 +01:00
Vincent Coubard bdad5d6496 BLE Generic: Handle peer address type backward compatibility. 2018-05-21 13:29:06 +01:00
Vincent Coubard cc286fe84c BLE: Cordio pal: Handle enhanced connection events. 2018-05-21 13:22:53 +01:00
Vincent Coubard cbba6dd0d6 BLE PAL: Update connection event to support enhanced connection events. 2018-05-21 13:22:31 +01:00
Vincent Coubard 57ffa14b4b Nordic BLE: Backport privacy backward compatibility to NRF51 2018-05-21 13:21:46 +01:00
paul-szczepanek-arm 62ba220100 doxygen fix 2018-05-21 11:42:32 +01:00
paul-szczepanek-arm 17e8ed9401 forward resolving list init 2018-05-21 11:34:40 +01:00
Vincent Coubard 14a1095c31 Nordic BLE: Disable secure connection support on NRF51. 2018-05-21 10:34:09 +01:00
Vincent Coubard 4c1a309117 Nordic BLE: Set own resolvable address to NULL. 
This address is not accessible to the application.
 2018-05-21 10:22:01 +01:00
Vincent Coubard d962fc0174 BLE: factor code in GAP. 2018-05-21 10:20:43 +01:00
Vincent Coubard 28766bd873 BLE: Do not pass peer resolvable address in connection event handler 2018-05-21 10:17:44 +01:00
paul-szczepanek-arm cd9f12ab45 return error codes 2018-05-18 13:59:30 +01:00
paul-szczepanek-arm ace491d430 remove duplicate call 2018-05-18 13:54:15 +01:00
paul-szczepanek-arm 9da64e529e refactor into separate functions for readability and correctness of pal matching db 2018-05-18 13:46:55 +01:00
paul-szczepanek-arm 439d002f7d new API call to change db at runtime 2018-05-18 12:34:52 +01:00
paul-szczepanek-arm 608ad338e8 return error when not initialised 2018-05-18 10:24:16 +01:00
Vincent Coubard c3bcd10cfd BLE NRF52: Implement features related to peer_address_t 
The overload of Gap::connect that accept peer_address_t has been added and gap connection and advertising report process have been updated to exploit peer_address_t in a backward compatible fashion.
 2018-05-18 10:09:07 +01:00
Vincent Coubard d361960aa3 BLE: Use peer_address_type_t instead of the legacy address in security manager. 2018-05-18 10:04:27 +01:00
paul-szczepanek-arm a8ac925b4f privacy doxygen overview 2018-05-17 16:48:49 +01:00
paul-szczepanek-arm 7e69444458 security manager doxygen overview updated 2018-05-17 14:10:57 +01:00
Vincent Coubard a052afdd40 BLE: Update APIs to take advantage of ble::peer_address_type_t 
Deprecation:

* Gap::AdvertisementCallback::addressType has been deprecated in favor of Gap::AdvertisementCallback::peerAddrType.
* Gap::ConnectionCallbackParams::peerAddrType has been deprecated in favor of Gap::ConnectionCallbackParams::peerAddressType.
* Gap::ConnectionCallbackParams::ownAddr has been deprecated in favor of nothing else as this information may be not available.

Overloads added to accept a peer_address_t:

* Gap::connect
* Gap::processConnectionEvent
* Gap::processAdvertisingReport
 2018-05-17 13:27:15 +01:00
Vincent Coubard 0eb680a08b GenericGap: Revert changes introduced to accomodate privacy. 2018-05-17 10:56:29 +01:00
Vincent Coubard 7f05fc0e00 BLE: Define peer_address_type_t 
This type model a peer address, unlike BLEProtocol::AddressType, it is compatible with privacy concepts.
 2018-05-17 10:30:24 +01:00
Vincent Coubard e5d91932fd BLE: Revert address type changes. 
The changes made to BLEProtocol::AddressType was not entirelly backward compatible as BLEProtocol::AddressType split random addresses in three category while the type RANDOM is a superset of these types.
 2018-05-17 10:26:04 +01:00
paul-szczepanek-arm b845a9dc95 fixed doxygen 2018-05-16 17:24:17 +01:00
paul-szczepanek-arm 57a02d6329 fixed signature 2018-05-16 16:54:47 +01:00
Vincent Coubard 37c036ca6b Nordic: Port privacy to softdevice v4. 
Many things have changed; the identity list isn't shared anymore with the whitelist and resolution is handled by the stack itself.
 2018-05-16 16:16:06 +01:00
Vincent Coubard 6c44a78166 Merge branch 'master' of https://github.com/ARMmbed/mbed-os into security-manager-dev 2018-05-16 15:55:15 +01:00
Donatien Garnier ad09ba0dcc Fix handling of security escalation in on_connection_complete() 2018-05-16 13:54:25 +01:00
Donatien Garnier 3f7a7a4213 Merge 2018-05-16 12:44:36 +01:00
Donatien Garnier 7ef7ef553c Fix is_random_xxx_address() functions in GenericGap that I had broken :) 2018-05-16 12:04:04 +01:00
Donatien Garnier 1fdb57e82c Removed set_privacy() API and added is_privacy_supported() check to PAL + Generic GAP 2018-05-16 12:02:21 +01:00
paul-szczepanek-arm 1ae13bc80f don't reset db on security manager reset as the docs require 2018-05-16 11:46:36 +01:00
paul-szczepanek-arm bcca75973e reseting the security db 2018-05-16 11:23:17 +01:00
paul-szczepanek-arm c2bbc94b44 handle init of an already initialised security db 2018-05-16 11:01:37 +01:00
Vincent Coubard afcbdfc7dc Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into filedb 2018-05-16 08:43:52 +01:00
Donatien Garnier 288c3952d8 Address Paul's comments 2018-05-15 18:37:50 +01:00
paul-szczepanek-arm 5c598688e4 templates for reading and writing to avoid repetition 2018-05-15 16:35:54 +01:00
Vincent Coubard 2cb6e659a9 Nordic BLE: Backport security fixes from nRF5 to nRF5x 2018-05-15 15:11:33 +01:00
Vincent Coubard ca5a9f359a Nordic BLE: remove unecessary nordic ble libraries. 2018-05-15 14:51:19 +01:00
Vincent Coubard a22b4e5d5e Nordic BLE: Remove nordic gap init. 
This initialization is already done in GattServer.
 2018-05-15 14:51:18 +01:00
Vincent Coubard dd6a5350e2 Nordic BLE: Remove peer manager handling. 2018-05-15 14:51:18 +01:00
Vincent Coubard 6f24078507 Nordic BLE: route event handling correctly. 2018-05-15 14:51:18 +01:00
Vincent Coubard 167a660ac1 Nordic BLE: use pal security manager. 2018-05-15 14:51:18 +01:00
Vincent Coubard 31f8cd18f7 Nordic BLE: Backport Gap from nRF5 2018-05-15 14:51:18 +01:00
Vincent Coubard 39396955a2 Nordic BLE: simplify whitelist management. 2018-05-15 14:51:17 +01:00
Vincent Coubard 6810c02606 Nordic BLE: Fix processing of events. 
If new events are signaled during processing then they should be processed when processEvent is called again. The goal is to let other processing happen and not process sollely ble events.
 2018-05-15 14:51:17 +01:00
Vincent Coubard 8fbecf2e0d Nordic BLE: Fix incorrect assignement 2018-05-15 14:51:17 +01:00
Vincent Coubard 68b3288ba8 Nordic BLE: Fix signature of nRF5xGattServer::hwCallback 2018-05-15 14:51:17 +01:00
Vincent Coubard 4a7c9a9a55 Nordic BLE: expose publically btle_handler 2018-05-15 14:51:17 +01:00
Vincent Coubard 2af5508c4c Nordic BLE: Do not conditionnaly assign sm key pointers. 
This change has been forced by a change in latest softdevice that requires all key pointers to not be NULL unlike what is indicated in the documentation.
 2018-05-15 14:51:17 +01:00
Vincent Coubard dc54da0a2d Nordic BLE: Force signing and link requirements to false. 2018-05-15 14:51:16 +01:00
Vincent Coubard 02e3c13d25 Nordic BLE: Protect event signaled flag. 2018-05-15 14:51:16 +01:00
Vincent Coubard f7f1272647 Nordic: Backport security manager pal for NRF5X targets. 2018-05-15 14:51:15 +01:00
Vincent Coubard 4acb3937e4 Cordio BLE: Fix potential memory leak in GattServer. 2018-05-15 14:32:29 +01:00
Vincent Coubard ee720f30bb BLE: Comment security requirement elevation for signed writes. 2018-05-15 12:17:59 +01:00
Vincent Coubard 2c7ed993ec BLE: Fix security requirements in GattCharacteristic. 2018-05-15 12:17:34 +01:00
Vincent Coubard 2860365a3c BLE: Improve readibility of condition. 2018-05-15 12:16:51 +01:00
paul-szczepanek-arm 49db7e2a2a restoring db file blanks file if set to not restore, allow reusing the db 2018-05-15 11:46:39 +01:00
paul-szczepanek-arm f8244a3d87 review comments, init partly moved to restore, restore setting enabled, null check on filepath 2018-05-15 10:24:59 +01:00
Donatien Garnier 6c6af1b0d5 Added missing masks and fixed bit ordering in is_random_xx_address() functions 2018-05-14 13:59:32 +01:00
Donatien Garnier d8b63fc03d Reordered initializers in GenericGap 2018-05-14 13:53:50 +01:00
Donatien Garnier 67ec6323fc Added update_random_address() implementation in GenericGap 2018-05-14 13:52:29 +01:00
Donatien Garnier 3523cdb264 Missing initializer in GenericGap 2018-05-14 13:37:37 +01:00
Donatien Garnier 472d3de849 Give GenericGap access to the Security Manager's PAL 2018-05-14 13:36:02 +01:00
Donatien Garnier a3d9d6cebd Business logic for handling non-resolvable private addresses 2018-05-14 13:26:39 +01:00
Bartek Szatkowski 38df9306d7 Update wsf_types.h to support updated CMSIS 2018-05-14 12:18:21 +01:00
paul-szczepanek-arm 579cb5e222 avoid setting flags twice 2018-05-14 10:26:44 +01:00
paul-szczepanek-arm f4f3a3c697 store ltk and csrk but not irk sent status 
and missing asserts
 2018-05-14 09:52:49 +01:00
paul-szczepanek-arm a7f8d54761 more doxygen 2018-05-13 23:54:44 +01:00
paul-szczepanek-arm d3524e2407 doxygen 2018-05-13 23:49:44 +01:00
paul-szczepanek-arm 8f90875cd6 reset entry now remove old keys 2018-05-13 23:49:27 +01:00
paul-szczepanek-arm 23c6a69d66 key dist flags only in db now and not in control block of sec manager 2018-05-13 23:26:34 +01:00
Donatien Garnier 69e35c49c8 Handle resolution policy for peripheral in GenericGap 2018-05-13 23:25:52 +01:00
paul-szczepanek-arm ab117737fa write back counter, sync entry by hand;e 2018-05-13 22:55:47 +01:00
Donatien Garnier 21471bb3c9 and make sure it compiles and that policy is only applied if privacy is enabled :) 2018-05-13 22:42:11 +01:00
Donatien Garnier 926efa4018 Filter out advertising reports for unresolved addresses if required 2018-05-13 22:37:59 +01:00
Donatien Garnier 6a2ffaeac0 Update own address type generation in GenericGap 2018-05-13 22:16:08 +01:00
Donatien Garnier 620ebc3f9a Some fixes in GenericGap 2018-05-13 20:38:29 +01:00
Donatien Garnier 2509a88d58 Revert set_privacy() in Cordio GAP PAL impl 2018-05-13 20:37:14 +01:00
Donatien Garnier 1a623e6670 Added method to enable/disable privacy in GAP Pal with Cordio impl 2018-05-13 19:15:20 +01:00
Donatien Garnier 4c5e2a8094 Added method to update resolution settings in GenericGap 2018-05-13 19:14:56 +01:00
Donatien Garnier cf03d40909 Doc fix in PalGap.h 2018-05-13 18:54:11 +01:00
Donatien Garnier 5734fca195 Added set_address_resolution method in GAP Pal with Cordio implementation 2018-05-13 18:53:23 +01:00
Donatien Garnier 7b4a813aca Added stubs in GenericGap for privacy configuration methods 2018-05-13 18:52:54 +01:00
Donatien Garnier e9ad148db0 Added privacy-related methods overrides in GenericGap 2018-05-13 17:57:27 +01:00
Donatien Garnier 33c46f5658 Remove LL resolving 'shorcut' when adding a device to resolving list - this should be controlled by the GAP layer 2018-05-13 17:49:00 +01:00
Cruz Monrreal 2104d8ab5b
Merge pull request #6711 from marcuschangarm/cleanup-nrf5x 
Cleanup TARGET_NRF5 and TARGET_NRF5x
 2018-05-11 19:15:05 -05:00
paul-szczepanek-arm 3af4d0b50f get identity list function argument needs to have its own memory allocated 2018-05-11 19:52:12 +01:00
paul-szczepanek-arm a63f38e767 moved logic to security db and left storage in memory and file dbs 
db created at init now
 2018-05-11 19:41:33 +01:00
Donatien Garnier 40b6813dcf Fix wrong use of DmLlPrivEnabled() 2018-05-11 18:52:27 +01:00
Donatien Garnier 71bd30daf3 More inline doc 2018-05-11 18:37:02 +01:00
Donatien Garnier bcfbeb7f1a Some doc adjustments 2018-05-11 18:23:37 +01:00
Donatien Garnier 3ca3c2db2c Initial implementation of the Security Manager's Privacy feature for Cordio 2018-05-11 18:20:39 +01:00
paul-szczepanek-arm 678d494c5a init _db pointer 2018-05-11 10:20:04 +01:00
paul-szczepanek-arm afa4bdcf1a pull common logic into secure db 2018-05-11 10:19:48 +01:00
Vincent Coubard 40a403e99b Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-10 12:05:36 +01:00
paul-szczepanek-arm 473482d204 move securitydb into generic 2018-05-10 11:08:31 +01:00
Cruz Monrreal c97a8fb216
Merge pull request #6817 from pan-/fix-crypto_toolbox_f4-parameter-types 
GenericSecurityManager: Fix crypto_toolbox_f4 signature.
 2018-05-09 11:33:27 -05:00
Cruz Monrreal e33fb60c3d
Merge pull request #6849 from scartmell-arm/bug-critical-section-nordic 
Add missing semicolon to NRF51 critical_section implementation
 2018-05-09 11:33:10 -05:00
paul-szczepanek-arm b95da8d8c4 remove crypto when missing ECDH 2018-05-09 12:27:43 +01:00
Paul Szczepanek fee986750d
fix case 2018-05-09 12:19:35 +01:00
Paul Szczepanek b4d7bb6020
fix case 2018-05-09 12:19:27 +01:00
Paul Szczepanek 37b11d8ac5
fix case 2018-05-09 12:18:55 +01:00
Paul Szczepanek 367fe345ba
fix case 2018-05-09 12:18:42 +01:00
Paul Szczepanek 79b3bc4fce
fix case 2018-05-09 12:18:26 +01:00
paul-szczepanek-arm b98ffa48da fix uppercase X in nrf5x 2018-05-09 12:16:26 +01:00
paul-szczepanek-arm 6a26a8a6c8 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into security-manager-dev 2018-05-09 11:37:41 +01:00
paul-szczepanek-arm c02b318436 fixed case in filename 2018-05-09 11:37:33 +01:00
Paul Szczepanek 2b02148ab6
Merge branch 'master' into security-manager-dev 2018-05-09 11:23:28 +01:00
paul-szczepanek-arm b8fe37a00e disable ECDH if the platform doesn't support it 
otherwise you get linker errors
 2018-05-09 11:01:10 +01:00
Steven Cartmell 1dfea4168f Add missing semicolon to NRF51 critical_section implementation 2018-05-09 10:54:26 +01:00
Marcus Chang 1aebdcbee5 Reorganize TARGET_MCU_NRF51822_UNIFIED directories 
The unified NRF51 target and feature BLE directories have been
reorganized to follow the naming and directory structure of the
NRF52 implementation.

This reorganization does not include TARGET_MCU_NRF51822 and
derived targets.
 2018-05-08 10:10:01 -07:00
Paul Szczepanek 9a0a0865a6
Merge branch 'security-manager-dev' into sm-privacy-nordic 2018-05-08 18:01:41 +01:00
Paul Szczepanek 214656a9ee
fix case in #include 2018-05-08 17:56:38 +01:00
Paul Szczepanek 1a35f3e217
fixed case in name 2018-05-08 17:49:22 +01:00
Cruz Monrreal adcd7ec002
Merge pull request #6742 from pan-/ble-update-cordio-porting-guide 
BLE: Update cordio porting guide
 2018-05-08 10:42:19 -05:00
Cruz Monrreal 5b5c8ddb4e
Merge pull request #6743 from pan-/ble-cordio-h4-conditionnal-to-fc 
BLE: Conditional compilation of H4 driver
 2018-05-08 10:41:58 -05:00
Vincent Coubard 565921608e Cordio: Improve cordio H4 driver. 
Ommit H4 driver definition if serial flow control is not supported.
 2018-05-04 16:36:05 +01:00
Vincent Coubard 34c9206054 BLE: update cordio porting guide. 
Improve description of the requirements of the H4 driver.
 2018-05-04 16:35:57 +01:00
Vincent Coubard 3f9186faa2 GenericSecurityManager: Fix crypto_toolbox_f4 signature. 
The type exposed in the header file were not aligned to the one used in
the implementation: ble::public_key_t instead of ble::public_key_coord_t.
 2018-05-04 12:11:34 +01:00
Vincent Coubard fd5903c22d GenericGattClient: Fix discovery termination. 
The procedure should be terminated whenever the server returns an error not equal
to ATTRIBUTE_NOT_FOUND. The block was effectivelly terminated but the
procedure was not. As a result the discovery was operating on already
freed memory.
 2018-05-04 11:30:58 +01:00
Vincent Coubard b5e8d4eacb Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-03 09:26:36 +01:00
Vincent Coubard 0a59e00b23 Nordic BLE: Update GATT server security management 
This patch refines permission applied to characteristic and descriptors; instead of a single level of permission , each characteristic receives a permission for the read operation, one for the write operation and another one for the update operation.

As a consequence, updates are not sent if the link does not cover the update permission requirement.

Descriptors also benefits individually from read and write permission.
 2018-05-02 19:15:24 +01:00
Vincent Coubard 4f1e574eff Cordio GattServer: Fix uses of designated initializer. 
These are not legal in C++ code.
 2018-05-02 18:14:54 +01:00
Vincent Coubard 7e043ead96 Nordic BLE: Add stub implementation of remove_peer_csrk in security manager. 2018-05-02 17:52:39 +01:00
Vincent Coubard 4e5639f5ca BLE: Support encryption with secure connection key. 2018-05-02 17:51:48 +01:00
Donatien Garnier ba0f18c9ab Fix casing in MemorySecurityDb.h 2018-05-02 17:39:10 +01:00
Vincent Coubard f79eeb0173 Cordio: Update stack and pal to support LE security mode 2 level 2. 2018-05-02 14:32:38 +01:00
Vincent Coubard 01e3a004a6 Cordio: register server authorization callback. 2018-05-01 12:29:03 +01:00
Vincent Coubard 549a513dfb Cordio: Enable client and server signing 2018-05-01 12:28:37 +01:00
Vincent Coubard d0c4d7a8a3 Cordio: Forward server related events to CordioGattServer 2018-05-01 12:27:49 +01:00
Vincent Coubard 0f64b1c988 CordioGattServer: Global refactoring 
The registration process has been breaked down into several functions that register the service attribute, characteristic declaration attributes, characteristic value attributes and characteristic descriptors.

Service registration now consider all characteristics permissions: read, write and update. Permissions are also considered when updates needs to be propagated to peers.

Handling of user authorization is also a change introduced by this refactoring.
 2018-05-01 12:26:24 +01:00
Vincent Coubard 55eb7033b2 Generic Security Manager: Set csrk to stored when the peer csrk has been received. 2018-05-01 11:54:25 +01:00
Vincent Coubard 41a3442474 Generic Security Manager: Set ltk to stored when the peer ltk has been recveived. 2018-05-01 11:54:03 +01:00
Vincent Coubard f90eacfd27 Generic Security Manager: remove peer csrk at disconnection 2018-05-01 11:53:18 +01:00
Vincent Coubard 1ac95e105b ble - Generic Security Manager: set signing unconditionnal to role reversal. 
A peripheral can act as a GATT client whether it is in the peripheral role or the central role therefore it doesn't make sense to enable signing only if roles will be reversed latter.
 2018-05-01 11:50:59 +01:00
Vincent Coubard 9880db7543 Generic Security Manager: Improve formating 2018-05-01 11:48:22 +01:00
Vincent Coubard 2e3c7e8ab7 Generic Security Manager: Set LinkKey to false unconditionally. 
This key distribution flags is for dual mode devices; mbed does not support BR/EDR.
 2018-05-01 11:45:24 +01:00
Vincent Coubard e39bb4b92c BLE - GenericGattClient: Exploit ENCRYPTED_WITH_SC_AND_MITM encryption. 
IF link is encrypted, authenticated or authenticated with lesc then signed write must be transformed into regular write commands.
 2018-05-01 11:38:30 +01:00
Vincent Coubard 2da6fa3947 Cordio PAL security manager: Copy locally own CSRK 
The stack does not copy csrk when DmSecSetLocalCsrk is invoked; it just retains a pointer to it. Therefore a copy is kept inside the pal.
 2018-05-01 11:35:16 +01:00
Vincent Coubard e4813f4fe9 Cordio PAL Security Manager: Copy locally own IRK. 
The IRK needs to be stored somewhere as it is not copied inside the stack, the stack just keeps a reference to it.
 2018-05-01 11:33:36 +01:00
Vincent Coubard 2924bb4c86 Cordio PAL ATT Client: initialize the local sign counter to 0. 2018-05-01 11:29:45 +01:00
Vincent Coubard 74bc214961 BLE - Security Manager PAL: Add a function to remove the peer csrk. 
If the the upper layer has registered a peer csrk on the pal security manager then it must remove it once the connection is closed.

This API allows the upper layer to remove the peer csrk registered earlier.
 2018-05-01 11:27:38 +01:00
Vincent Coubard 1e277bad50 BLE: Lookup for non identity addresses when a secure entry is opened. 
A peer may not share a valid IRK and identity address during pairing (in that case the identity address received is all zeros). When this happens, the entry must be retrieved by looking at the address used by the peer during the connection.
 2018-05-01 11:24:44 +01:00
Vincent Coubard c4b78ada0e BLE: Set default mac address to 00:00:00:00:00:00 
Both mac addresses are invalid but the bluetooth specification prefers to use all 0 addresses to represent an invalid address.
 2018-05-01 11:17:47 +01:00
Vincent Coubard 80941af0f6 BLE: Add : LESC authenticated encryption to the list of possible link encryption. 2018-05-01 11:16:41 +01:00
Vincent Coubard db565d38b3 BLE: remove useless flags in GattCharacteristic. 2018-04-26 19:00:43 +01:00
Vincent Coubard 486a3e020c BLE: Add fine grained security to GattCharacteristic. 
This patch adds independent management of security requirement for read, write and update operatiosn of a GattCharacteristic.

Requirements are defined after ble::att_security_requirement_t that maps LE security mode 1 and LE security mode 2.

The functions requireSecurity and getRequiredSecurity are deprecated as SecurityManager::ScurityMode_t does not map well with LE security modes.
 2018-04-26 18:55:42 +01:00
Vincent Coubard 1c18351885 BLE: Remove unwanted documentation block of GattCharacteristic. 2018-04-26 17:29:29 +01:00
Vincent Coubard 9258b9ddb6 BLE: Add security requement support into GattAttribute. 2018-04-26 17:26:15 +01:00
Vincent Coubard 7afd01d84d BLE: Add type describing ATT security requirements. 2018-04-26 17:22:21 +01:00