Make it possible to provision devices over advertising bearer (PB-ADV).
Many messages in the provisioning protocol are the same for provisioner
and device so much of the code could be reused by only changing when
they are expected to arrive.
This introduces to concept of local and remote device keys. The models
for cfg_cli and cfg_srv have been updated to reflect this concept. Both
the send and receive path in the transport layer have been updated to
support encrypting/decrypting with local and remote device keys.
When a node has been provisioned it is stored in bt_mesh_net.nodes. If
CONFIG_BT_SETTINGS is enabled, they are also saved to settings. If the
callback node_added in bt_mesh_prov has been set, it will be called for
every node that gets provisioned. This includes when they are retrieved
from settings.
The configuration CONFIG_BT_MESH_NODE_COUNT controls how many nodes that
can be provisioned.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
This commit adds an macro to allow UUID 128
to be written in more user-friendly form.
UUID in 128 bit form requires an array creation.
To complicate the whole thing - it requires the array to start from LSB,
so using the readable form, we have to write it down backwards.
Old way to declare example UUID 6E400001-B5A3-F393-E0A9-E50E24DCCA9E:
0x9E, 0xCA, 0xDC, 0x24, 0x0E, 0xE5, 0xA9, 0xE0,
0x93, 0xF3, 0xA3, 0xB5, 0x01, 0x00, 0x40, 0x6E
A form provided by this commit:
BT_UUID_128_ENCODE(0x6E400001, 0xB5A3, 0xF393, 0xE0A9, 0xE50E24DCCA9E)
Signed-off-by: Radoslaw Koppel <radoslaw.koppel@nordicsemi.no>
Add public API function to get the connection handle of the connection.
The connection handle is needed by applications that intend to send
vendor specific commands for a given connection.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the HCI error codes to its own public API header since these
status codes are given in the connection callbacks (connected and
disconnected). This avoids the conn.h header file to depend on the
entire HCI header file.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the Bluetooth device address definition out of the HCI header file.
This definition is used by higher layer which should not have to include
the HCI specific header file to get the address definition used by the
host API.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Move the GAP defines and the GAP related bluetooth assigned numbers out
from hci to a GAP specific public header file.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add public API function in GATT to check if a specific connection has
subscribed to the given attribute.
Without this function the application has to keep track of which
connections has subscribed using the callbacks from BT_GATT_CCC_MANAGED
since the cfg_changed callback of the CCC doesn't carry connection
context.
The other alternative is for the application to parse the information
in the struct _bt_gatt_ccc object. Although this object has structure
information available to the application the structure is marked as
internal, so the application shouldn't rely on this definition.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add support for persisted Service Changed data, to fix the case of a
paired device not reconnecting before a reboot and thus not receiving
SC indication. It also enables support for GATT database being changed
during a firmware update.
Move Service Changed data outside of the CCC struct and make it
persistent by adding support for a bt/sc/... setting.
Signed-off-by: François Delawarde <fnde@oticon.com>
Creates macros for determining model message lengths based on opcode,
payload length and MIC size. Also adds macro wrapping
NET_BUF_SIMPLE_DEFINE to serve the most common use case.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Handle case where:
- Peripheral sends security request after master has sent pairing
request or started encryption procedure.
This packet can be ignored, as long as the slave has not already
responded with pairing response.
- Central wants to start security after peripheral initiated security
request, return error code busy in this case
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This moves check_perm code under GAT and make use of it to check if CCC
write permission can be attended by the connection security level or if
it needs to be increased.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to set different permissions to CCCD so security can
be checked when enabling notification which conforms to:
BLUETOOTH CORE SPECIFICATION Version 5.1 | Vol 3, Part G page 2360:
'3.3.3.3 Client Characteristic Configuration
Authentication and authorization may be required by the server to
write the configuration descriptor.'
In addition to that also ensure that notification are not re-enabled
until the proper security level is reached to conform to the following
statement:
'10.3.1.1 Handling of GATT indications and notifications
A client “requests” a server to send indications and notifications
by appropriately configuring the server via a Client Characteristic
Configuration Descriptor. Since the configuration is persistent
across a disconnection and reconnection, security requirements must
be checked against the configuration upon a reconnection before
sending indications or notifications. When a server reconnects to a
client to send an indication or notification for which security is
required, the server shall initiate or request encryption with the
client prior to sending an indication or notification. If the client
does not have an LTK indicating that the client has lost the bond,
enabling encryption will fail.'
Fixes#17983
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add GATT initializer macro for GATT CCC and allow the
BT_GATT_CCC_MANAGED to accept an already initialized CCC user data.
This allows the application to specify the storage location of the CCC
user data.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adds additional model callback that gets called on node_reset. Will also
erase any user data when this happens.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds user data file in the model settings, allowing each model instance
to store some application specific data without having to reinvent the
settings path encoding for model element/ID combinations. Exposes the
settings_handler interface in the model callback structure and adds a
data store function.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds a structure of callbacks for each model instance. This allows for
more flexible model implementations, that can interact with the Mesh
stack without going through the application.
For now, only an init callback is added, replacing the init mechanism in
the foundation models. The init callback does not provide the primary
flag that used to be in the foundation model callbacks, but replaces
this with an inline function in access.h.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Add iterator function to iterate over all connection objects.
Make type a bitmap so that it can be used as a bitmask to select which
conns to receive foreach callback.
Use foreach function internally where possible.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Allows the user to pass a provisioning input complete callback to the
provisioning module, letting the application stop displaying its output
OOB value when the other party finishes their OOB input.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Endianness bug fix in bt_uuid_create function.
Replaced bt_uuid_create_le with bt_uuid_create which
handles both UUID from air and internal varaiable.
Fixed bug with endianess in case of big endian targets.
Signed-off-by: Akshatha Harishchandra <akhr@oticon.com>
Rename AUTHENTICATION, to AUTH, since this is a well established short
form of the word.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename bt_conn_security to bt_conn_set_security, this makes the API
naming more consistent.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Rename security level enum, using level and number instead of low,
medium, high and fips.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
A security vulnerability in the Bluetooth BR/EDR Bluetooth Core
specification versions 1.0 through 5.1 has been identified as
CVE-2019-9506. The Bluetooth BR/EDR encryption key negotiation
protocol is vulnerable to packet injection that could allow an
unauthenticated user to decrease the size of the entropy of the
encryption key, potentially causing information disclosure and/or
escalation of privileges via adjacent access. There is not currently
any knowledge of this being exploited.
From Core spec erratum 11838:
A device shall enforce an encryption key with at least 128-bit
equivalent strength for all services that require Security Mode 4,
Level 4. For all other services that require encryption, a device
should enforce an encryption key with at least 56-bit equivalent
strength, irrespective of whether the remote device supports Secure
Simple Pairing.
After encryption has been enabled, the Host should check the
encryption key size using either the HCI_Read_Encryption_Key_Size
command (see [Vol 2] Part E, Section 7.5.7) or a vendor-specific
method.
Fixes#18658
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add option to force the host to initiate pairing procedure even if the
host has encryption keys for the peer.
This option can be used to pair with a bonded peer that has deleted its
bonding information without deleting the keys. If new pairing results
in weaker keys the pairing will be aborted.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add security error to security_changed callback. Call this callback when
security has failed and provide current security level and error.
Reason for failure can be.
- Pairing procedure failed, pairing aborted before link encryption.
- Link encrypt procedure failed
- Link key refresh procedure failed.
Fix missing bt_conn_unref on encryption key refresh with error status.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Stop the pairing procedure in the request phase if no storage is
available for the keys. This avoids the pairing procedure from failing
during the key distribution phase.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This changes to the sentence about how attribute parameter is used when
notifying by UUID to sound proper english.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This removes the necessity of registering the storage for CCC and make
it part of the declaration itself.
Fixes#18547
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
This adds support to provide an UUID to bt_gatt_indicate so API user
don't need to hardcode the attribute offset by hand.
Fixes#18572
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Several advertising options were not being picked into the
documentation due to missing doxygen markers.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Consistently place C++ use of extern "C" after all include directives,
within the negative branch of _ASMLANGUAGE if used.
Background from issue #17997:
Declarations that use C linkage should be placed within extern "C"
so the language linkage is correct when the header is included by
a C++ compiler.
Similarly #include directives should be outside the extern "C" to
ensure the language-specific default linkage is applied to any
declarations provided by the included header.
See: https://en.cppreference.com/w/cpp/language/language_linkage
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
Add whitelist support in the bluetooth host.
Supported features:
- Advertising with whitelist on scan requests, connect request ,or both
- Scanning with whitelist
- Creating connections using a whitelist (Auto connection procedure).
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Use the src and dst naming to refer to the identity addresses of the
connection. Keep the device addresses used during connections but rename
them to local and remote instead.
Update documentation to be more descriptive.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Find by type does only accept a UUID with the same length as the UUID
which is stored in the internal list. If a UUID is stored in the short
16 bit format then a request with 128 bit UUID will fail.
Add support for the missing formats.
Signed-off-by: Kim Sekkelund <ksek@oticon.com>
The string "xx:xx:xx:xx:xx:xx (random-id)" is 30 characters including
zero termination.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This introduces a new flag (BT_GATT_SUBSCRIBE_WRITE_PENDING) which is
set when a write operation requires canceling before the parameters can
be reused.
Fixes#17534
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Bluetooth address parsing has been duplicated across the different
sub-shell files. Also missing parsing of identity/resolved addresses.
Move parsing of string close to parsing to string for a symmetrical API
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit moves the BLE GATT heart rate service from
samples/bluetooth/gatt to subsys/bluetooth/services and adds a Kconfig
entry to enable and configure the service.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This commit moves the BLE GATT Battery service
from /samples/bluetooth/gatt to /subsys/bluetooth/services and
adds a Kconfig entry to enable and configure the service;
when enabled, it will register itself automatically.
Signed-off-by: Emanuele Di Santo <emdi@nordicsemi.no>
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Adding Health Thermometer Service sample. Refer to Health Thermometer
Profile Specification for detailed information about the Health
Thermometer Profile.
Signed-off-by: Aaron Tsui <aaron.tsui@outlook.com>
