ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
14,947 Commits
52 Branches
336 Tags
624 MiB
Commit Graph

651 Commits (f79eeb0173856a5286b8be00f75c8630fef2b964)

Author SHA1 Message Date
Vincent Coubard f79eeb0173 Cordio: Update stack and pal to support LE security mode 2 level 2. 2018-05-02 14:32:38 +01:00
Vincent Coubard 01e3a004a6 Cordio: register server authorization callback. 2018-05-01 12:29:03 +01:00
Vincent Coubard 549a513dfb Cordio: Enable client and server signing 2018-05-01 12:28:37 +01:00
Vincent Coubard d0c4d7a8a3 Cordio: Forward server related events to CordioGattServer 2018-05-01 12:27:49 +01:00
Vincent Coubard 0f64b1c988 CordioGattServer: Global refactoring 
The registration process has been breaked down into several functions that register the service attribute, characteristic declaration attributes, characteristic value attributes and characteristic descriptors.

Service registration now consider all characteristics permissions: read, write and update. Permissions are also considered when updates needs to be propagated to peers.

Handling of user authorization is also a change introduced by this refactoring.
 2018-05-01 12:26:24 +01:00
Vincent Coubard 55eb7033b2 Generic Security Manager: Set csrk to stored when the peer csrk has been received. 2018-05-01 11:54:25 +01:00
Vincent Coubard 41a3442474 Generic Security Manager: Set ltk to stored when the peer ltk has been recveived. 2018-05-01 11:54:03 +01:00
Vincent Coubard f90eacfd27 Generic Security Manager: remove peer csrk at disconnection 2018-05-01 11:53:18 +01:00
Vincent Coubard 1ac95e105b ble - Generic Security Manager: set signing unconditionnal to role reversal. 
A peripheral can act as a GATT client whether it is in the peripheral role or the central role therefore it doesn't make sense to enable signing only if roles will be reversed latter.
 2018-05-01 11:50:59 +01:00
Vincent Coubard 9880db7543 Generic Security Manager: Improve formating 2018-05-01 11:48:22 +01:00
Vincent Coubard 2e3c7e8ab7 Generic Security Manager: Set LinkKey to false unconditionally. 
This key distribution flags is for dual mode devices; mbed does not support BR/EDR.
 2018-05-01 11:45:24 +01:00
Vincent Coubard e39bb4b92c BLE - GenericGattClient: Exploit ENCRYPTED_WITH_SC_AND_MITM encryption. 
IF link is encrypted, authenticated or authenticated with lesc then signed write must be transformed into regular write commands.
 2018-05-01 11:38:30 +01:00
Vincent Coubard 2da6fa3947 Cordio PAL security manager: Copy locally own CSRK 
The stack does not copy csrk when DmSecSetLocalCsrk is invoked; it just retains a pointer to it. Therefore a copy is kept inside the pal.
 2018-05-01 11:35:16 +01:00
Vincent Coubard e4813f4fe9 Cordio PAL Security Manager: Copy locally own IRK. 
The IRK needs to be stored somewhere as it is not copied inside the stack, the stack just keeps a reference to it.
 2018-05-01 11:33:36 +01:00
Vincent Coubard 2924bb4c86 Cordio PAL ATT Client: initialize the local sign counter to 0. 2018-05-01 11:29:45 +01:00
Vincent Coubard 74bc214961 BLE - Security Manager PAL: Add a function to remove the peer csrk. 
If the the upper layer has registered a peer csrk on the pal security manager then it must remove it once the connection is closed.

This API allows the upper layer to remove the peer csrk registered earlier.
 2018-05-01 11:27:38 +01:00
Vincent Coubard 1e277bad50 BLE: Lookup for non identity addresses when a secure entry is opened. 
A peer may not share a valid IRK and identity address during pairing (in that case the identity address received is all zeros). When this happens, the entry must be retrieved by looking at the address used by the peer during the connection.
 2018-05-01 11:24:44 +01:00
Vincent Coubard c4b78ada0e BLE: Set default mac address to 00:00:00:00:00:00 
Both mac addresses are invalid but the bluetooth specification prefers to use all 0 addresses to represent an invalid address.
 2018-05-01 11:17:47 +01:00
Vincent Coubard 80941af0f6 BLE: Add : LESC authenticated encryption to the list of possible link encryption. 2018-05-01 11:16:41 +01:00
Vincent Coubard db565d38b3 BLE: remove useless flags in GattCharacteristic. 2018-04-26 19:00:43 +01:00
Vincent Coubard 486a3e020c BLE: Add fine grained security to GattCharacteristic. 
This patch adds independent management of security requirement for read, write and update operatiosn of a GattCharacteristic.

Requirements are defined after ble::att_security_requirement_t that maps LE security mode 1 and LE security mode 2.

The functions requireSecurity and getRequiredSecurity are deprecated as SecurityManager::ScurityMode_t does not map well with LE security modes.
 2018-04-26 18:55:42 +01:00
Vincent Coubard 1c18351885 BLE: Remove unwanted documentation block of GattCharacteristic. 2018-04-26 17:29:29 +01:00
Vincent Coubard 9258b9ddb6 BLE: Add security requement support into GattAttribute. 2018-04-26 17:26:15 +01:00
Vincent Coubard 7afd01d84d BLE: Add type describing ATT security requirements. 2018-04-26 17:22:21 +01:00
Vincent Coubard 27d36ba820 BLE: Add missing relational operator to SafeEnum. 2018-04-26 17:07:54 +01:00
Vincent Coubard b0d5ba33bb BLE: return an error when application tries to turn down encryption. 2018-04-20 15:49:14 +01:00
Vincent Coubard 6a90232b6b BLE: Update cordio stack binaries. 
The new build contains a fix related to permission verification of
characteristic that requires signed write.
 2018-04-20 14:57:14 +01:00
paul-szczepanek-arm d1f3e4fd27 don't require master sends keys for signing key 2018-04-20 09:33:54 +01:00
Paul Szczepanek a99a4b8593
Merge pull request #33 from pan-/fix-cordio-addresses-type 
BLE: Handle new addresses type in GenericGap.
 2018-04-18 11:34:13 +01:00
Vincent Coubard 169e579de7 BLE: Handle new addresses type in GenericGap. 2018-04-17 17:05:41 +01:00
paul-szczepanek-arm f56f57bf15 reorder enum to add new values at the end 2018-04-17 16:25:35 +01:00
paul-szczepanek-arm 9a9167602d moved init code into non-const for clarity 2018-04-16 15:58:03 +01:00
paul-szczepanek-arm 12899b1e09 fix const induced recursive call 2018-04-16 15:34:15 +01:00
paul-szczepanek-arm 6b67a6d0a6 missing deref after signature change 2018-04-16 15:06:37 +01:00
Paul Szczepanek d8f5100822
Merge pull request #30 from pan-/sm-privacy 
BLE: Add Gap privacy interfaces.
 2018-04-12 14:59:27 +01:00
Vincent Coubard 90c85955ad BLE: Fix GAP privacy related signatures. 2018-04-12 11:04:44 +01:00
Vincent Coubard 2811e00868 BLE: Fix Gap privacy related documentation 2018-04-12 10:37:13 +01:00
Paul Szczepanek 9be8837f77
Merge pull request #29 from paul-szczepanek-arm/no-sign-when-encrypted 
check encryption before signing
 2018-04-11 15:51:02 +01:00
Vincent Coubard 8643fd55ed BLE: Add stub for signing API in Nordic pal security manager. 2018-04-11 14:22:51 +01:00
Vincent Coubard 1f02913a2c BLE: Add Gap privacy interfaces. 
This commit adds API to enable and configure the device privacy.
It deprecates address random types present in Gap::AddressType as these types are not appropriate for scan reports, connection initiation and the connection event. Now user should use the function Gap::getRandomAddressType to find the type of a random address.
The function gap::setAddress is deprecated as it is not portable and can colide with privacy.
 2018-04-11 14:18:42 +01:00
paul-szczepanek-arm 1e6455da0b check encryption before signing 2018-04-11 13:37:04 +01:00
paul-szczepanek-arm 3aaedf6f48 fixed missed function rename 2018-04-11 12:34:57 +01:00
Paul Szczepanek 6c900642e5
Merge pull request #28 from paul-szczepanek-arm/signing-counter 
sign counter added
 2018-04-10 17:06:14 +01:00
paul-szczepanek-arm 1ba920a338 missing init 2018-04-10 16:47:29 +01:00
paul-szczepanek-arm 70067105d6 class in header 2018-04-10 16:42:43 +01:00
paul-szczepanek-arm a2484b63b0 Signing event monitor proxy to bind both server and client 2018-04-10 14:58:29 +01:00
paul-szczepanek-arm 4fff20583d sign counter kept track by the class using it 2018-04-09 17:49:54 +01:00
paul-szczepanek-arm deeb0ea7e0 redundant store for sign counter 2018-04-09 15:11:26 +01:00
paul-szczepanek-arm 637dcb9bc8 missing * 2018-04-09 15:10:25 +01:00
paul-szczepanek-arm 55d3423a5e typedef uint32_t 2018-04-09 13:35:17 +01:00