ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
20,449 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

1013 Commits (a628eba212556a652b3b478c6b73312ced70e83d)

Author SHA1 Message Date
Vincent Coubard 02e3c13d25 Nordic BLE: Protect event signaled flag. 2018-05-15 14:51:16 +01:00
Vincent Coubard f7f1272647 Nordic: Backport security manager pal for NRF5X targets. 2018-05-15 14:51:15 +01:00
Vincent Coubard 4acb3937e4 Cordio BLE: Fix potential memory leak in GattServer. 2018-05-15 14:32:29 +01:00
Vincent Coubard ee720f30bb BLE: Comment security requirement elevation for signed writes. 2018-05-15 12:17:59 +01:00
Vincent Coubard 2c7ed993ec BLE: Fix security requirements in GattCharacteristic. 2018-05-15 12:17:34 +01:00
Vincent Coubard 2860365a3c BLE: Improve readibility of condition. 2018-05-15 12:16:51 +01:00
paul-szczepanek-arm 49db7e2a2a restoring db file blanks file if set to not restore, allow reusing the db 2018-05-15 11:46:39 +01:00
paul-szczepanek-arm f8244a3d87 review comments, init partly moved to restore, restore setting enabled, null check on filepath 2018-05-15 10:24:59 +01:00
Donatien Garnier 6c6af1b0d5 Added missing masks and fixed bit ordering in is_random_xx_address() functions 2018-05-14 13:59:32 +01:00
Donatien Garnier d8b63fc03d Reordered initializers in GenericGap 2018-05-14 13:53:50 +01:00
Donatien Garnier 67ec6323fc Added update_random_address() implementation in GenericGap 2018-05-14 13:52:29 +01:00
Donatien Garnier 3523cdb264 Missing initializer in GenericGap 2018-05-14 13:37:37 +01:00
Donatien Garnier 472d3de849 Give GenericGap access to the Security Manager's PAL 2018-05-14 13:36:02 +01:00
Donatien Garnier a3d9d6cebd Business logic for handling non-resolvable private addresses 2018-05-14 13:26:39 +01:00
Bartek Szatkowski 38df9306d7 Update wsf_types.h to support updated CMSIS 2018-05-14 12:18:21 +01:00
paul-szczepanek-arm 579cb5e222 avoid setting flags twice 2018-05-14 10:26:44 +01:00
paul-szczepanek-arm f4f3a3c697 store ltk and csrk but not irk sent status 
and missing asserts
 2018-05-14 09:52:49 +01:00
paul-szczepanek-arm a7f8d54761 more doxygen 2018-05-13 23:54:44 +01:00
paul-szczepanek-arm d3524e2407 doxygen 2018-05-13 23:49:44 +01:00
paul-szczepanek-arm 8f90875cd6 reset entry now remove old keys 2018-05-13 23:49:27 +01:00
paul-szczepanek-arm 23c6a69d66 key dist flags only in db now and not in control block of sec manager 2018-05-13 23:26:34 +01:00
Donatien Garnier 69e35c49c8 Handle resolution policy for peripheral in GenericGap 2018-05-13 23:25:52 +01:00
paul-szczepanek-arm ab117737fa write back counter, sync entry by hand;e 2018-05-13 22:55:47 +01:00
Donatien Garnier 21471bb3c9 and make sure it compiles and that policy is only applied if privacy is enabled :) 2018-05-13 22:42:11 +01:00
Donatien Garnier 926efa4018 Filter out advertising reports for unresolved addresses if required 2018-05-13 22:37:59 +01:00
Donatien Garnier 6a2ffaeac0 Update own address type generation in GenericGap 2018-05-13 22:16:08 +01:00
Donatien Garnier 620ebc3f9a Some fixes in GenericGap 2018-05-13 20:38:29 +01:00
Donatien Garnier 2509a88d58 Revert set_privacy() in Cordio GAP PAL impl 2018-05-13 20:37:14 +01:00
Donatien Garnier 1a623e6670 Added method to enable/disable privacy in GAP Pal with Cordio impl 2018-05-13 19:15:20 +01:00
Donatien Garnier 4c5e2a8094 Added method to update resolution settings in GenericGap 2018-05-13 19:14:56 +01:00
Donatien Garnier cf03d40909 Doc fix in PalGap.h 2018-05-13 18:54:11 +01:00
Donatien Garnier 5734fca195 Added set_address_resolution method in GAP Pal with Cordio implementation 2018-05-13 18:53:23 +01:00
Donatien Garnier 7b4a813aca Added stubs in GenericGap for privacy configuration methods 2018-05-13 18:52:54 +01:00
Donatien Garnier e9ad148db0 Added privacy-related methods overrides in GenericGap 2018-05-13 17:57:27 +01:00
Donatien Garnier 33c46f5658 Remove LL resolving 'shorcut' when adding a device to resolving list - this should be controlled by the GAP layer 2018-05-13 17:49:00 +01:00
Cruz Monrreal 2104d8ab5b
Merge pull request #6711 from marcuschangarm/cleanup-nrf5x 
Cleanup TARGET_NRF5 and TARGET_NRF5x
 2018-05-11 19:15:05 -05:00
paul-szczepanek-arm 3af4d0b50f get identity list function argument needs to have its own memory allocated 2018-05-11 19:52:12 +01:00
paul-szczepanek-arm a63f38e767 moved logic to security db and left storage in memory and file dbs 
db created at init now
 2018-05-11 19:41:33 +01:00
Donatien Garnier 40b6813dcf Fix wrong use of DmLlPrivEnabled() 2018-05-11 18:52:27 +01:00
Donatien Garnier 71bd30daf3 More inline doc 2018-05-11 18:37:02 +01:00
Donatien Garnier bcfbeb7f1a Some doc adjustments 2018-05-11 18:23:37 +01:00
Donatien Garnier 3ca3c2db2c Initial implementation of the Security Manager's Privacy feature for Cordio 2018-05-11 18:20:39 +01:00
paul-szczepanek-arm 678d494c5a init _db pointer 2018-05-11 10:20:04 +01:00
paul-szczepanek-arm afa4bdcf1a pull common logic into secure db 2018-05-11 10:19:48 +01:00
Vincent Coubard 40a403e99b Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-10 12:05:36 +01:00
paul-szczepanek-arm 473482d204 move securitydb into generic 2018-05-10 11:08:31 +01:00
Cruz Monrreal c97a8fb216
Merge pull request #6817 from pan-/fix-crypto_toolbox_f4-parameter-types 
GenericSecurityManager: Fix crypto_toolbox_f4 signature.
 2018-05-09 11:33:27 -05:00
Cruz Monrreal e33fb60c3d
Merge pull request #6849 from scartmell-arm/bug-critical-section-nordic 
Add missing semicolon to NRF51 critical_section implementation
 2018-05-09 11:33:10 -05:00
paul-szczepanek-arm b95da8d8c4 remove crypto when missing ECDH 2018-05-09 12:27:43 +01:00
Paul Szczepanek fee986750d
fix case 2018-05-09 12:19:35 +01:00
Paul Szczepanek b4d7bb6020
fix case 2018-05-09 12:19:27 +01:00
Paul Szczepanek 37b11d8ac5
fix case 2018-05-09 12:18:55 +01:00
Paul Szczepanek 367fe345ba
fix case 2018-05-09 12:18:42 +01:00
Paul Szczepanek 79b3bc4fce
fix case 2018-05-09 12:18:26 +01:00
paul-szczepanek-arm b98ffa48da fix uppercase X in nrf5x 2018-05-09 12:16:26 +01:00
paul-szczepanek-arm 6a26a8a6c8 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into security-manager-dev 2018-05-09 11:37:41 +01:00
paul-szczepanek-arm c02b318436 fixed case in filename 2018-05-09 11:37:33 +01:00
Paul Szczepanek 2b02148ab6
Merge branch 'master' into security-manager-dev 2018-05-09 11:23:28 +01:00
paul-szczepanek-arm b8fe37a00e disable ECDH if the platform doesn't support it 
otherwise you get linker errors
 2018-05-09 11:01:10 +01:00
Steven Cartmell 1dfea4168f Add missing semicolon to NRF51 critical_section implementation 2018-05-09 10:54:26 +01:00
Marcus Chang 1aebdcbee5 Reorganize TARGET_MCU_NRF51822_UNIFIED directories 
The unified NRF51 target and feature BLE directories have been
reorganized to follow the naming and directory structure of the
NRF52 implementation.

This reorganization does not include TARGET_MCU_NRF51822 and
derived targets.
 2018-05-08 10:10:01 -07:00
Paul Szczepanek 9a0a0865a6
Merge branch 'security-manager-dev' into sm-privacy-nordic 2018-05-08 18:01:41 +01:00
Paul Szczepanek 214656a9ee
fix case in #include 2018-05-08 17:56:38 +01:00
Paul Szczepanek 1a35f3e217
fixed case in name 2018-05-08 17:49:22 +01:00
Cruz Monrreal adcd7ec002
Merge pull request #6742 from pan-/ble-update-cordio-porting-guide 
BLE: Update cordio porting guide
 2018-05-08 10:42:19 -05:00
Cruz Monrreal 5b5c8ddb4e
Merge pull request #6743 from pan-/ble-cordio-h4-conditionnal-to-fc 
BLE: Conditional compilation of H4 driver
 2018-05-08 10:41:58 -05:00
Vincent Coubard 565921608e Cordio: Improve cordio H4 driver. 
Ommit H4 driver definition if serial flow control is not supported.
 2018-05-04 16:36:05 +01:00
Vincent Coubard 34c9206054 BLE: update cordio porting guide. 
Improve description of the requirements of the H4 driver.
 2018-05-04 16:35:57 +01:00
Vincent Coubard 3f9186faa2 GenericSecurityManager: Fix crypto_toolbox_f4 signature. 
The type exposed in the header file were not aligned to the one used in
the implementation: ble::public_key_t instead of ble::public_key_coord_t.
 2018-05-04 12:11:34 +01:00
Vincent Coubard fd5903c22d GenericGattClient: Fix discovery termination. 
The procedure should be terminated whenever the server returns an error not equal
to ATTRIBUTE_NOT_FOUND. The block was effectivelly terminated but the
procedure was not. As a result the discovery was operating on already
freed memory.
 2018-05-04 11:30:58 +01:00
Vincent Coubard b5e8d4eacb Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into fix-encryption-rejection 2018-05-03 09:26:36 +01:00
Vincent Coubard 0a59e00b23 Nordic BLE: Update GATT server security management 
This patch refines permission applied to characteristic and descriptors; instead of a single level of permission , each characteristic receives a permission for the read operation, one for the write operation and another one for the update operation.

As a consequence, updates are not sent if the link does not cover the update permission requirement.

Descriptors also benefits individually from read and write permission.
 2018-05-02 19:15:24 +01:00
Vincent Coubard 4f1e574eff Cordio GattServer: Fix uses of designated initializer. 
These are not legal in C++ code.
 2018-05-02 18:14:54 +01:00
Vincent Coubard 7e043ead96 Nordic BLE: Add stub implementation of remove_peer_csrk in security manager. 2018-05-02 17:52:39 +01:00
Vincent Coubard 4e5639f5ca BLE: Support encryption with secure connection key. 2018-05-02 17:51:48 +01:00
Donatien Garnier ba0f18c9ab Fix casing in MemorySecurityDb.h 2018-05-02 17:39:10 +01:00
Vincent Coubard f79eeb0173 Cordio: Update stack and pal to support LE security mode 2 level 2. 2018-05-02 14:32:38 +01:00
Vincent Coubard 01e3a004a6 Cordio: register server authorization callback. 2018-05-01 12:29:03 +01:00
Vincent Coubard 549a513dfb Cordio: Enable client and server signing 2018-05-01 12:28:37 +01:00
Vincent Coubard d0c4d7a8a3 Cordio: Forward server related events to CordioGattServer 2018-05-01 12:27:49 +01:00
Vincent Coubard 0f64b1c988 CordioGattServer: Global refactoring 
The registration process has been breaked down into several functions that register the service attribute, characteristic declaration attributes, characteristic value attributes and characteristic descriptors.

Service registration now consider all characteristics permissions: read, write and update. Permissions are also considered when updates needs to be propagated to peers.

Handling of user authorization is also a change introduced by this refactoring.
 2018-05-01 12:26:24 +01:00
Vincent Coubard 55eb7033b2 Generic Security Manager: Set csrk to stored when the peer csrk has been received. 2018-05-01 11:54:25 +01:00
Vincent Coubard 41a3442474 Generic Security Manager: Set ltk to stored when the peer ltk has been recveived. 2018-05-01 11:54:03 +01:00
Vincent Coubard f90eacfd27 Generic Security Manager: remove peer csrk at disconnection 2018-05-01 11:53:18 +01:00
Vincent Coubard 1ac95e105b ble - Generic Security Manager: set signing unconditionnal to role reversal. 
A peripheral can act as a GATT client whether it is in the peripheral role or the central role therefore it doesn't make sense to enable signing only if roles will be reversed latter.
 2018-05-01 11:50:59 +01:00
Vincent Coubard 9880db7543 Generic Security Manager: Improve formating 2018-05-01 11:48:22 +01:00
Vincent Coubard 2e3c7e8ab7 Generic Security Manager: Set LinkKey to false unconditionally. 
This key distribution flags is for dual mode devices; mbed does not support BR/EDR.
 2018-05-01 11:45:24 +01:00
Vincent Coubard e39bb4b92c BLE - GenericGattClient: Exploit ENCRYPTED_WITH_SC_AND_MITM encryption. 
IF link is encrypted, authenticated or authenticated with lesc then signed write must be transformed into regular write commands.
 2018-05-01 11:38:30 +01:00
Vincent Coubard 2da6fa3947 Cordio PAL security manager: Copy locally own CSRK 
The stack does not copy csrk when DmSecSetLocalCsrk is invoked; it just retains a pointer to it. Therefore a copy is kept inside the pal.
 2018-05-01 11:35:16 +01:00
Vincent Coubard e4813f4fe9 Cordio PAL Security Manager: Copy locally own IRK. 
The IRK needs to be stored somewhere as it is not copied inside the stack, the stack just keeps a reference to it.
 2018-05-01 11:33:36 +01:00
Vincent Coubard 2924bb4c86 Cordio PAL ATT Client: initialize the local sign counter to 0. 2018-05-01 11:29:45 +01:00
Vincent Coubard 74bc214961 BLE - Security Manager PAL: Add a function to remove the peer csrk. 
If the the upper layer has registered a peer csrk on the pal security manager then it must remove it once the connection is closed.

This API allows the upper layer to remove the peer csrk registered earlier.
 2018-05-01 11:27:38 +01:00
Vincent Coubard 1e277bad50 BLE: Lookup for non identity addresses when a secure entry is opened. 
A peer may not share a valid IRK and identity address during pairing (in that case the identity address received is all zeros). When this happens, the entry must be retrieved by looking at the address used by the peer during the connection.
 2018-05-01 11:24:44 +01:00
Vincent Coubard c4b78ada0e BLE: Set default mac address to 00:00:00:00:00:00 
Both mac addresses are invalid but the bluetooth specification prefers to use all 0 addresses to represent an invalid address.
 2018-05-01 11:17:47 +01:00
Vincent Coubard 80941af0f6 BLE: Add : LESC authenticated encryption to the list of possible link encryption. 2018-05-01 11:16:41 +01:00
Vincent Coubard db565d38b3 BLE: remove useless flags in GattCharacteristic. 2018-04-26 19:00:43 +01:00
Vincent Coubard 486a3e020c BLE: Add fine grained security to GattCharacteristic. 
This patch adds independent management of security requirement for read, write and update operatiosn of a GattCharacteristic.

Requirements are defined after ble::att_security_requirement_t that maps LE security mode 1 and LE security mode 2.

The functions requireSecurity and getRequiredSecurity are deprecated as SecurityManager::ScurityMode_t does not map well with LE security modes.
 2018-04-26 18:55:42 +01:00
Vincent Coubard 1c18351885 BLE: Remove unwanted documentation block of GattCharacteristic. 2018-04-26 17:29:29 +01:00
Vincent Coubard 9258b9ddb6 BLE: Add security requement support into GattAttribute. 2018-04-26 17:26:15 +01:00
Vincent Coubard 7afd01d84d BLE: Add type describing ATT security requirements. 2018-04-26 17:22:21 +01:00
Vincent Coubard 27d36ba820 BLE: Add missing relational operator to SafeEnum. 2018-04-26 17:07:54 +01:00
Vincent Coubard 2c8b9ab3dc BLE: Remove example section from cordio porting guide. 
This section is not applicable in the public version of mbed-os.
 2018-04-25 12:15:28 +01:00
Vincent Coubard 6bb80317f8 BLE: Update cordio porting guide 
Remove the section "Include prebuilt libraries" as it is not applicable
anymore.
 2018-04-25 11:48:23 +01:00
Vincent Coubard b0d5ba33bb BLE: return an error when application tries to turn down encryption. 2018-04-20 15:49:14 +01:00
Vincent Coubard 6a90232b6b BLE: Update cordio stack binaries. 
The new build contains a fix related to permission verification of
characteristic that requires signed write.
 2018-04-20 14:57:14 +01:00
Vincent Coubard cbb33ea938 BLE: Add comments to GenericSecurityManager::on_identity_list_retrieved. 2018-04-20 10:22:56 +01:00
Vincent Coubard 0b92397840 BLE: Fix flag IRK stored in Memory security DB. 2018-04-20 10:22:13 +01:00
paul-szczepanek-arm d1f3e4fd27 don't require master sends keys for signing key 2018-04-20 09:33:54 +01:00
Donatien Garnier f9b371fc0f Handle required BLE5 softdevice commands 2018-04-19 09:40:41 -07:00
Donatien Garnier aeab2ecbbf Fix potential race condition in nRF5xn.cpp 2018-04-19 09:40:41 -07:00
Marcus Chang 97426d63e9 NRF52 BLE: Fix GCC C++11 include error 
Change <memory> include to <new>

From: d001fb1c66
 2018-04-19 09:40:41 -07:00
Donatien Garnier 64baf717e8 Upgrade NRF52 BLE API to version 5 
* Add NRF_SD_BLE_API_VERSION=5 macro to MCU_NRF52832 target
* Added initial Softdevice v5 API support for nRF5XPalGattClient.cpp
* Added initial Softdevice v5 API support for nRF5xGap.h
* Added initial Softdevice v5 API support for nRF5xGattServer.cpp
* Make sure the ah() hash function used by the security manager is declared with C linkage
* Removed 'ARM porting pending' checks in Nordic SDK
* Added BLE configuration to mbed_lib.json for NRF52x targets
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in btle.cpp; adopted polling dispatch model
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in nRF5xn.cpp
* Migrated APIs and events model for Nordic SDK14.2 & SD API v5 in nRF5xGap.cpp
* Added const qualifier to hwCallbacks's p_ble_evt parameter in nRF5xGattServer
* Add workaround to enable Radio Notification module from Nordic SDK
  * Disabled SWI1 interrupt manually from SWI driver module
    * Added missing include directive for "nrf_nvic.h" in ble_radio_notification.c
* Set correct number of custom UUIDs
* Adjust Softdevice RAM requirements for NRF52832/S132
  * RAM settings for the application were adjusted as follow:
    * Start: 0x20003800
    * Size: 0xC800
* Adjust Softdevice RAM requirements for NRF52840/S140
  * RAM settings for the application were adjusted as follow:
    * Start: 0x20003700 (was 0x20003000)
    * Size: 0xC900
* Added 3dBm as a permitted TX Power value for NRF52832
* Fix address type recovery in GAP
* Return min non-connectable adv interval compatible with infrastrcture's expectations
* Moved BLE driver from TARGET_SDK_14_2/FEATURE_BLE to TARGET_SDK_14_2/TARGET_SOFTDEVICE_COMMON/ble
 2018-04-19 09:40:41 -07:00
Paul Szczepanek a99a4b8593
Merge pull request #33 from pan-/fix-cordio-addresses-type 
BLE: Handle new addresses type in GenericGap.
 2018-04-18 11:34:13 +01:00
Vincent Coubard 169e579de7 BLE: Handle new addresses type in GenericGap. 2018-04-17 17:05:41 +01:00
paul-szczepanek-arm f56f57bf15 reorder enum to add new values at the end 2018-04-17 16:25:35 +01:00
Vincent Coubard 951a6be4c8 BLE: retrieve and fill resolving list at GenericSecurityManager startup. 2018-04-17 15:58:21 +01:00
Vincent Coubard ede3d43743 BLE: Add function to querry the list of identity addresses present in the SecureDB. 2018-04-17 15:57:30 +01:00
Vincent Coubard 77b1903634 BLE: Add bonded device to resolving list at the end of bonding. 2018-04-17 14:16:35 +01:00
Vincent Coubard ae8d5b4de1 BLE: Implement identity retrieval in secure DB. 2018-04-17 14:15:28 +01:00
Vincent Coubard f905d2a4d4 BLE: Improve DB entry lookup. 
The DB entry lookup now looks at the identity address and/or connection address to find a DB entry associated to an address.

If the entry has not been found in the DB and a new entry is returned then the connection address is not stored for private addresses.
 2018-04-17 14:14:53 +01:00
Vincent Coubard a3bb18d724 BLE: store identity address type in DB. 2018-04-17 14:11:05 +01:00
Vincent Coubard 06e0aa3440 BLE: flag that irk has been stored in the security entry. 2018-04-17 14:10:19 +01:00
Vincent Coubard 6fc74fbc44 BLE: Fix MemorySecurityDB constructor warning. 2018-04-17 14:09:00 +01:00
Vincent Coubard 15fa3bfd37 BLE: Add a function to retrieve a device identity. 2018-04-17 14:08:01 +01:00
Vincent Coubard e8041510a6 BLE: Add a flag that indicate if the identity address is public or not. 2018-04-17 14:07:19 +01:00
Vincent Coubard ab6821aab8 BLE: Add a flag indicating if irk is stored in the distribution flags. 2018-04-17 14:06:47 +01:00
Vincent Coubard 9643b57159 BLE: Remove flag SecurityDistributionFlags_t::local_address_is_public 
This flag was not used and not useful.
 2018-04-17 14:06:00 +01:00
Vincent Coubard dfbf383614 BLE: Fix const correctness of ::Gap::getRandomAddressType 2018-04-17 14:03:57 +01:00
Vincent Coubard 51e1c76b4a BLE: Set default mac address to all 00. 2018-04-17 14:03:20 +01:00
Vincent Coubard b3c871c960 BLE: Implement privacy on Nordic targets. 2018-04-16 18:18:05 +01:00
Vincent Coubard 2a9d80c5f0 BLE: Change nRF5xSecurityManager::resolve_address signature 
Return the resolving list entry instead of accepting in parameters.
 2018-04-16 18:18:04 +01:00
Vincent Coubard a18283d897 BLE: change nRF5xSecurityManager::get_resolving_list return 
It now returns a resolving list entry.
 2018-04-16 18:18:04 +01:00
Vincent Coubard fb680db621 BLE: Implement resolving list in Nordic PAL security manager 2018-04-16 18:18:04 +01:00
Vincent Coubard 365f3d2527 BLE: Add ah in Nordic CryptoToolbox. 2018-04-16 18:18:04 +01:00
Vincent Coubard a7f2384e10 BLE: Add default privacy configuration 2018-04-16 18:18:04 +01:00
paul-szczepanek-arm 9a9167602d moved init code into non-const for clarity 2018-04-16 15:58:03 +01:00
paul-szczepanek-arm 12899b1e09 fix const induced recursive call 2018-04-16 15:34:15 +01:00
paul-szczepanek-arm 6b67a6d0a6 missing deref after signature change 2018-04-16 15:06:37 +01:00
Paul Szczepanek d8f5100822
Merge pull request #30 from pan-/sm-privacy 
BLE: Add Gap privacy interfaces.
 2018-04-12 14:59:27 +01:00
Vincent Coubard 90c85955ad BLE: Fix GAP privacy related signatures. 2018-04-12 11:04:44 +01:00
Vincent Coubard 2811e00868 BLE: Fix Gap privacy related documentation 2018-04-12 10:37:13 +01:00
Paul Szczepanek 9be8837f77
Merge pull request #29 from paul-szczepanek-arm/no-sign-when-encrypted 
check encryption before signing
 2018-04-11 15:51:02 +01:00
Vincent Coubard 8643fd55ed BLE: Add stub for signing API in Nordic pal security manager. 2018-04-11 14:22:51 +01:00
Vincent Coubard 1f02913a2c BLE: Add Gap privacy interfaces. 
This commit adds API to enable and configure the device privacy.
It deprecates address random types present in Gap::AddressType as these types are not appropriate for scan reports, connection initiation and the connection event. Now user should use the function Gap::getRandomAddressType to find the type of a random address.
The function gap::setAddress is deprecated as it is not portable and can colide with privacy.
 2018-04-11 14:18:42 +01:00
paul-szczepanek-arm 1e6455da0b check encryption before signing 2018-04-11 13:37:04 +01:00
paul-szczepanek-arm 3aaedf6f48 fixed missed function rename 2018-04-11 12:34:57 +01:00
Paul Szczepanek 6c900642e5
Merge pull request #28 from paul-szczepanek-arm/signing-counter 
sign counter added
 2018-04-10 17:06:14 +01:00
paul-szczepanek-arm 1ba920a338 missing init 2018-04-10 16:47:29 +01:00
paul-szczepanek-arm 70067105d6 class in header 2018-04-10 16:42:43 +01:00
paul-szczepanek-arm a2484b63b0 Signing event monitor proxy to bind both server and client 2018-04-10 14:58:29 +01:00
paul-szczepanek-arm 4fff20583d sign counter kept track by the class using it 2018-04-09 17:49:54 +01:00
paul-szczepanek-arm deeb0ea7e0 redundant store for sign counter 2018-04-09 15:11:26 +01:00
paul-szczepanek-arm 637dcb9bc8 missing * 2018-04-09 15:10:25 +01:00
paul-szczepanek-arm 55d3423a5e typedef uint32_t 2018-04-09 13:35:17 +01:00
paul-szczepanek-arm be912ded5b normalised the getters const insanity 2018-04-09 12:14:52 +01:00
Vincent Coubard f53a0e4906 Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into sc-nordic 2018-04-09 09:09:01 +01:00
paul-szczepanek-arm 57149b69e4 monitor for signing events and set local counter 2018-04-04 19:24:00 +01:00
paul-szczepanek-arm 1d74dfa1f9 redundant funcs removed 2018-04-04 18:02:16 +01:00
Vincent Coubard dcff810457 BLE: replace byte_array_t::buffer with byte_array_t::data 2018-04-04 17:20:08 +01:00
paul-szczepanek-arm acfc5b218d set cordio csrk and counter 2018-04-04 17:16:34 +01:00
paul-szczepanek-arm 2e1c5fc123 completely redundant 2018-04-04 17:16:16 +01:00
paul-szczepanek-arm 539a11ee31 sign counter added 2018-04-04 15:59:10 +01:00
Vincent Coubard 17b3e26429 BLE: remove trace in Nordic PAL security manager 2018-04-04 15:42:47 +01:00
Vincent Coubard 04ab07ff16 BLE: Add documentation to CryptoToolbox. 2018-04-04 15:41:20 +01:00
Vincent Coubard 59a301a256 BLE: CryptoToolbox enhancement 
- Rename LescCrypto into CryptoToolbox
- Use ArrayView of fixed size as parameters
- Add licence
 2018-04-04 15:31:31 +01:00
Vincent Coubard cd39406d20 BLE: Add conversion function from byte_array_t to ArrayView. 2018-04-04 15:28:52 +01:00
Vincent Coubard 5761caff00 BLE: Extend ArrayView to encode size in type. 
With this change, it is possible to encode the size of the array viewed by an ArrayView into the type itself: ArrayView<T, Size>. Such objects are lighter than ArrayView of arbitrary size and allows verification of the size at compile time.

This change also fix operator== and bring new make_ArrayView overloads.
 2018-04-04 15:28:17 +01:00
Vincent Coubard 9e1f0b34f8 BLE: Fix byte_array_t subscript operator 2018-04-04 15:22:15 +01:00
Vincent Coubard d8f3d9c5ef BLE: provide non const overload of byte_array_t::data member function. 2018-04-04 15:21:54 +01:00
Vincent Coubard bf41bb3164 BLE: Export byte_array_t size exploitable at compile time. 2018-04-04 15:21:05 +01:00
Vincent Coubard 7bf0eb009a BLE: use ArrayView to pass and get parameters in Crypto API 
This change allow vendor pal code to use its own array format.
 2018-04-04 11:04:13 +01:00
paul-szczepanek-arm cbf80e9da5 typos, style and other review fixes 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm c1e2e07241 missing line from commit 
(github client fail)
 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 15c06acfe4 style fix 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm dfdfcfb25e style fix 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm e276478d58 only bother reacting to verification failures if we want to use signing 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm f5fee68f99 fixed naming for sig failure count 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 9283413c4c count failures, trigger reparing when verification fails 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 780d8a4375 let the stack know whether csrk is authenticated 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 511135f31c signing only for the slave, unless keys requested to be sent by master 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 8d966dbe8c invalid mic event 2018-04-03 15:41:43 +01:00
paul-szczepanek-arm 5ae9cc3b53 set peer csrk on pal 2018-04-03 15:41:43 +01:00
Paul Szczepanek 381b99bc61
Merge pull request #25 from paul-szczepanek-arm/oob-gen 
generate oob at will and without passing in connection handle
 2018-04-03 15:30:21 +01:00
paul-szczepanek-arm 576796b289 reset OOB on use 2018-04-03 15:29:26 +01:00
paul-szczepanek-arm 26b047549c extra comments for api 2018-04-03 15:17:15 +01:00
paul-szczepanek-arm 0a494a0bbc all_zeros now free functions 2018-04-03 14:47:27 +01:00
paul-szczepanek-arm ba5b0f30d2 added comments about address for oob generation 2018-04-03 13:54:29 +01:00
paul-szczepanek-arm 3c1a5a4a56 incorrect retval usage fixed 2018-04-03 12:16:49 +01:00
Vincent Coubard 3272863f83 BLE Nordic: Support LESC. 2018-03-29 17:24:46 +01:00
Vincent Coubard f0e18fa007 BLE: Add LESC crypto toolbox for Nordic. 2018-03-29 17:23:54 +01:00
Vincent Coubard 3218e79805 BLE: Fix reference to security manager in Nordic event handler. 2018-03-29 17:23:24 +01:00
Vincent Coubard 95cd37b491 BLE: Add const overload for byte_array_t subscribt operator. 2018-03-29 17:22:48 +01:00
Donatien Garnier 8b66c4bd28 [BLE] Fixed inconsistent casing issue for SecurityDb 2018-03-28 10:44:09 +01:00
paul-szczepanek-arm aa90f0df65 rely solely on random vlalue to know if already calculating 
simplify by setting a fake random value at the start so that first run is the same as subsequent runs
 2018-03-27 12:25:50 +01:00
paul-szczepanek-arm c542650734 removed unused param from call 2018-03-26 18:07:29 +01:00
paul-szczepanek-arm e1885486fa only generate oob if using oob 2018-03-26 18:00:05 +01:00
paul-szczepanek-arm d1b4713ae6 removed redundancy 2018-03-26 17:53:40 +01:00
paul-szczepanek-arm 02ba2848a8 avoid recalculating oob fi already calculating 2018-03-26 17:48:32 +01:00
Vincent Coubard 87c2045f5e Merge branch 'security-manager-dev' of https://github.com/paul-szczepanek-arm/mbed-os into sc-nordic 2018-03-26 17:12:37 +01:00
Vincent Coubard db20ecbbde
Merge branch 'security-manager-dev' into oob-gen 2018-03-26 16:49:55 +01:00
Vincent Coubard 3579653533 Cordio: Implement missing functions for secure connection 2018-03-26 15:48:59 +01:00
Martin Kojtal afeb3066c3
Revert "BLE: Gatt client unit tests" 2018-03-26 11:51:29 +01:00
paul-szczepanek-arm 98efb9da06 generate oob at will and without passing in connection handle 2018-03-23 18:31:27 +00:00
Cruz Monrreal 387027dddb
Merge pull request #6086 from pan-/gatt-client-unit-tests 
BLE: Gatt client unit tests
 2018-03-23 10:56:09 -05:00
Vincent Coubard b859907481 Cordio: remove generate_public_key from the security manager. 2018-03-23 12:06:08 +00:00
Vincent Coubard 0a710e5331 BLE: Initialize the pal in GenericSecurityManager 2018-03-23 12:06:08 +00:00
Vincent Coubard e25d5c9aa3 BLE: qualification of SecurityManager types 2018-03-23 12:06:08 +00:00
Paul Szczepanek d7595803d0
Merge pull request #23 from paul-szczepanek-arm/legacy-oob 
allow preloading legacy oob, generate tk
 2018-03-23 10:48:11 +00:00
paul-szczepanek-arm 6833c79fb3 don't request encrypt when pending 2018-03-22 17:54:13 +00:00
paul-szczepanek-arm 81cb1f9c83 enable encryption for slave request added 2018-03-22 17:11:15 +00:00
paul-szczepanek-arm 350924129f fix the attempt oob flag if we receive oob 2018-03-22 12:32:01 +00:00
paul-szczepanek-arm 2b2d9a2453 reset pending state when attempt ends, added comments 2018-03-22 12:23:37 +00:00
paul-szczepanek-arm c848c79a5b avoid code redundancy 2018-03-22 12:10:21 +00:00
paul-szczepanek-arm 909f9513cf allow preloading legacy oob, generate tk 2018-03-22 12:01:34 +00:00
paul-szczepanek-arm 66867d4dd3 oob stored in generic and handed over to pal when requested 2018-03-16 14:48:04 +00:00
Vincent Coubard 5e8630dcc6 BLE Nordic: Complete implementation of pal security manager 2018-03-15 11:24:31 +00:00
Vincent Coubard 1638902341 BLE: Whitespace fix 2018-03-15 09:34:41 +00:00
Vincent Coubard 761beafeb3 BLE: Complete nRF5xGap initialization list 2018-03-15 09:34:21 +00:00
Vincent Coubard 288abf5287 BLE: Add nRF5x constructor 2018-03-15 09:33:25 +00:00
Vincent Coubard c3fd90430a BLE: Fix references to ConnectionEventMonitor::EventHandler 2018-03-15 09:32:58 +00:00
Vincent Coubard eb8ec9c22d Merge branch 'nordicpalsm' of https://github.com/donatieng/mbed-os into sc-cordio 2018-03-12 10:15:18 +00:00
paul-szczepanek-arm 1521dee773 add doxygen comment about OOB deneration cause bu setOOBDataUsage 2018-03-09 18:06:56 +00:00
Vincent Coubard 5a2008211a Cordio: Implement missing functions for secure connection 2018-03-09 18:06:22 +00:00
Vincent Coubard 38bee37804 Cordio: remove generate_public_key from the security manager. 2018-03-09 18:05:31 +00:00
Vincent Coubard 36ca6be69a BLE: Initialize the pal in GenericSecurityManager 2018-03-09 18:04:47 +00:00
Vincent Coubard bd7be3d643 BLE: qualification of SecurityManager types 2018-03-09 17:56:59 +00:00
paul-szczepanek-arm 19bb13c8c5 one last typo 2018-03-09 14:56:37 +00:00
paul-szczepanek-arm 1f8c5c1231 fixed typos 2018-03-09 14:22:28 +00:00
paul-szczepanek-arm 7c82e91981 fixed typo 2018-03-09 12:49:10 +00:00
jiangkun1994 af7c1c919d fixes a typo in README.md 2018-03-07 03:33:31 +08:00
jiangkun1994 5be35c92da fixes some typos in README.md 2018-03-07 03:27:45 +08:00
paul-szczepanek-arm b8ba99a184 handling OOB data generation and verification now pushed down to PAL level 2018-03-05 11:29:13 +00:00
Donatien Garnier a3383c139b Addressed Vincent's comments 2018-03-01 20:32:37 +00:00
Donatien Garnier 713ab14d22 Removed deprecated Security Manager 2018-03-01 20:06:38 +00:00
paul-szczepanek-arm ded1403399 security manager overview doc fixes 2018-03-01 19:55:44 +00:00
Donatien Garnier 7b6b02a746 Nordic PAL - Breaks existing SM 2018-03-01 19:50:13 +00:00
paul-szczepanek-arm 371f183a6a added one more sequence diagram 2018-03-01 18:49:43 +00:00
paul-szczepanek-arm 1f52e42bcf more detailed comment for confirmation request 2018-03-01 18:31:16 +00:00
paul-szczepanek-arm 68f25611d5 no need to ask for encryption after pairing, fold deref under the null check 2018-03-01 17:47:18 +00:00
paul-szczepanek-arm e706b41ccf removed redundant event for SC OOB request, fixed comments 2018-03-01 16:39:44 +00:00
Vincent Coubard f0405690b7 BLE: Resolve issue with address type in advertising report. 2018-03-01 15:48:21 +00:00
Vincent Coubard 8e21b5391a Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os into pr-sm 2018-03-01 15:39:56 +00:00
Vincent Coubard 03f79eec39 BLE: Remove Nordic Pal SM draft. 2018-03-01 15:39:51 +00:00
paul-szczepanek-arm 392ee6ec7c removed get encryption key size from API 2018-03-01 15:29:52 +00:00
paul-szczepanek-arm 0870b30aa6 Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os 2018-03-01 15:18:00 +00:00
paul-szczepanek-arm b89f9f2482 added callback on encryption request even if lower and restructured for clarity 2018-03-01 15:17:36 +00:00
Donatien Garnier 00df64b26c Fixed PasskeyAscii constructor 2018-03-01 15:16:47 +00:00
Vincent Coubard e8f29f7327 BLE - Cordio - PAL SM: refine comments and formating. 2018-03-01 14:59:06 +00:00
Vincent Coubard 36247b32b8 BLE - Cordio PAL SM: Implement Keypress notification 2018-03-01 14:58:01 +00:00
Vincent Coubard 56af3cb1be CBLE - Cordio PAL SM: Implement slave security request notification 2018-03-01 14:57:05 +00:00
Vincent Coubard da6ede34a8 BLE - Cordio PAL SM: Select correct on_ltk_request overload. 2018-03-01 14:56:30 +00:00
Vincent Coubard 628ffea6de BLE - Cordio PAL SM: Forward local keys 2018-03-01 14:55:45 +00:00
Vincent Coubard 18c93990b6 BLE - Cordio PAL Sm: generate random passkey displayed. 2018-03-01 14:55:12 +00:00
Vincent Coubard ecc7118490 BLE - Cordio PAL SM: Implement send_keypress_notification 2018-03-01 14:54:06 +00:00
Vincent Coubard 9043714443 BLE - Cordio PAL SM: Select correct security level in enable_encryption 2018-03-01 14:53:33 +00:00
Vincent Coubard 79db2af488 BLE - Cordio PAL SM: Choose correct security level in set_ltk 2018-03-01 14:53:00 +00:00
Vincent Coubard 4858388672 BLE - Cordio PAL SM: comment get_authentication_timeout 2018-03-01 14:52:09 +00:00
Vincent Coubard 054b7808b4 BLE - Cordio PAL SM: implement set_authentication_timeout 2018-03-01 14:51:43 +00:00
Vincent Coubard a057e5c0d2 BLE - Cordio PAL SM: Fix force secure connection. 2018-03-01 14:50:31 +00:00
Vincent Coubard cd7d9c551c Cordio pal SM: comment appropriately privacy related functions. 2018-03-01 14:47:46 +00:00
Vincent Coubard 1170b3132d BLE: Remove useless pal sm API 2018-03-01 14:46:12 +00:00
Vincent Coubard e29ea95fc9 BLE: Return error when security deascalation is requested. 2018-03-01 14:44:18 +00:00
paul-szczepanek-arm 7e2f5ee008 fix not setting the mitm performed state correctly 2018-03-01 14:25:22 +00:00
paul-szczepanek-arm bc11834125 fix not setting encryption state in generic 2018-03-01 13:59:19 +00:00
paul-szczepanek-arm d5b8439bae removed redundant check 
we already checked the current encryption and it is encrypted
 2018-03-01 13:03:49 +00:00
paul-szczepanek-arm 179ad1626f Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os 2018-03-01 12:56:33 +00:00
paul-szczepanek-arm cebc0f8fd7 create encryption result event even when nothing changes 2018-03-01 12:56:29 +00:00
Vincent Coubard c00ae29ca7 Cordio: Update stack binaries. 
New binaries contains a fix in configuration handling.
 2018-03-01 11:01:19 +00:00
Vincent Coubard d050c4e4af BLE: Fix CordioPalSM set_io_capability 2018-03-01 10:24:13 +00:00
Vincent Coubard dbf4a8da49 BLE: Implement CordioSM get_secure_connection_support. 2018-03-01 10:22:42 +00:00
Vincent Coubard 766b8765ad BLE: Accept pairing request when the user authorization is not required. 2018-03-01 10:21:35 +00:00
paul-szczepanek-arm f9a79bed15 fixed initiator distribution bug and setting LINK distribution field based on SC 2018-02-28 17:43:54 +00:00
paul-szczepanek-arm d20c4efbf3 documentation overview for securitymanager 2018-02-28 17:00:56 +00:00
paul-szczepanek-arm 701c18b428 missing documentation, removed privacy call from api 2018-02-28 13:49:51 +00:00
paul-szczepanek-arm c52d324dab pass in information about the mitm and sc quality of the ltk to the pal 2018-02-28 12:02:54 +00:00
paul-szczepanek-arm abcc5db44b fix setting default values which were overriding even when unset 2018-02-28 10:00:58 +00:00
paul-szczepanek-arm 975544f274 link key distribution decision made in generic security manager 2018-02-27 23:26:34 +00:00
paul-szczepanek-arm 96de1c2752 header guards renamed 2018-02-27 17:25:57 +00:00
paul-szczepanek-arm 8e41de2e25 Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os 2018-02-27 17:23:25 +00:00
paul-szczepanek-arm e186985b26 addressing PR review: added documentation, moved code and renamed vars 2018-02-27 17:22:13 +00:00
Vincent Coubard 81126ad7ce BLE: remove draft of nordic pal security manager. 2018-02-27 14:35:56 +00:00
Vincent Coubard bf8204a21b BLE: remove host testing from sm pr 2018-02-27 13:42:03 +00:00
paul-szczepanek-arm fc01cff1b3 removed using statements from header 2018-02-27 12:25:01 +00:00
paul-szczepanek-arm d264512c8c remove virtual as per review request 2018-02-27 12:15:40 +00:00
paul-szczepanek-arm 536f541b93 mic event no longer present in user api, removing call 2018-02-27 12:13:48 +00:00
Vincent Coubard 928dbcf325
BLE: Fix prefix of BLEProtocol::AddressType 2018-02-27 12:12:17 +00:00
paul-szczepanek-arm 957cee39fe Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os 2018-02-27 11:57:20 +00:00
paul-szczepanek-arm 0f1fd58c38 removed MIC related functions and events from the user API 2018-02-27 11:57:16 +00:00
Vincent Coubard 0b0d614787 Merge branch 'master' of https://github.com/paul-szczepanek-arm/mbed-os into pr-sm 2018-02-27 11:54:32 +00:00
paul-szczepanek-arm 62e9011525 public key renaned (added coord), also contains missing commit for oob_rand rename 2018-02-27 11:50:04 +00:00
Vincent Coubard 361ae8c7a3 BLE: fix references to oob_rand_t. 2018-02-27 11:48:21 +00:00
paul-szczepanek-arm 4010bade89 reanmed type as per review request 2018-02-27 11:43:46 +00:00
paul-szczepanek-arm 4fd29630b3 removed redundant type 2018-02-27 11:23:22 +00:00
Vincent Coubard 871ebb6708 BLE: Add host test instructions. 2018-02-27 11:19:59 +00:00
Vincent Coubard c6bca57633 BLE: Improve generic gatt client tests documentation. 2018-02-27 11:15:48 +00:00
paul-szczepanek-arm 8142cb5131 redundant call removed 2018-02-27 10:45:31 +00:00
paul-szczepanek-arm 5de1979f5c types renamed as per review requests 2018-02-27 10:33:35 +00:00
paul-szczepanek-arm b0c7d729fc variable name updated in the undefed cmac blocks 2018-02-27 10:00:07 +00:00
paul-szczepanek-arm 55106362f0 removed redundant type 2018-02-27 09:59:35 +00:00
paul-szczepanek-arm c9690c9f59 upate doxygen since passkey is no longer a pointer 2018-02-27 09:22:36 +00:00