Move the network buffer header file from zephyr/net/buf.h to
zephyr/net_buf.h as the implementation now lives outside of the networking
subsystem.
Add (deprecated) zephyr/net/buf.h header to maintain compatibility with old
file path.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
Updates Bluetooth mesh specification references:
- Change "Profile" to "Protocol" since the main specification has
changed its name.
- Update/align formating of specification references. This will
make it easier to find spec references in the future.
- Change some section references to point to the correct section of the
newest version of the specification (v1.1).
Signed-off-by: Anders Storrø <anders.storro@nordicsemi.no>
Provisioner should be able to manage received capabilities
unconditionally. Mandatory oob authentication is the node
feature and it is still compile time feature.
Split handling of this feature on provisioner and node part.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Adds separate extended protocol timeout of 120 sec in provisioning
implementation when OOB method Input or Output is used. This
complies with recommendation in the mesh 1.1 protocol spec (5.4.4).
Signed-off-by: Anders Storrø <anders.storro@nordicsemi.no>
Commit gets rid of host dependency to generate DH key.
Mesh uses its own function for it that has synchronous
behavior and correct endianism. It simplifies the provisioning
state machine since it doesn't require waiting for the host HCI
handler.
Also, it removes hidden cross-dependency between BLE Mesh and
SMP in the aspect of competition for the same DH key
(https://github.com/zephyrproject-rtos/zephyr/issues/23292)
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
When we receive `RPR_OP_LINK_CLOSE` message with reason other than
`SUCCESS` we should fail NPPI refresh procedure, not complete it.
Dropping `COMPLETE` flag will result in calling `reprovision_fail`
in `prov_link_closed`, not `reprovision_complete`.
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Adds remote provisioning models rpr_srv and rpr_cli, and exposes them as
a bearer for the provisioning process.
The remote provisioning models provide the following features:
- Remote provisioning of new devices, using a remote provisioning server
as a proxy.
- Reprovisioning of existing devices, generating a new device key and
changing addresses and composition data.
Co-authored-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Implementation of the enhanced provisioning authentication (EPA)
that is based on SHA256 and HMAC security algorithms.
OOB authentication mandates EPA usage.
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
The `bluetooth/common/log.h` and `bluetooth/common/log.c` files have been
removed. Files that were using them have been updated to use
`zephyr/logging/log.h` instead.
Those replacement have been done consequently:
- `/BT_DBG/LOG_DBG/`
- `/BT_ERR/LOG_ERR/`
- `/BT_WARN/LOG_WRN/`
- `/BT_INFO/LOG_INF/`
- `/BT_HEXDUMP_DBG/LOG_HEXDUMP_DBG/`
- `/BT_DBG_OBJ_ID/LOG_DBG_OBJ_ID/`
Also, some files were relying on the `common/log.h` include to include
`zephyr/bluetooth/hci.h`, in those cases the include of `hci.h` has
been added.
For files that were including `common/log.h` but not using any logs,
the include has been removed and not replaced.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
strcpy copies string including terminating null character.
strlen returns length without terminating null symbol.
If oob string is 16 bytes length then strcpy will corrupt byte
after auth array.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Some variables shadow global, which is difficult to handle when
porting to other platforms with shadow warnings turned on.
https://github.com/zephyrproject-rtos/zephyr/pull/50581
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Logging v1 has been removed and log_strdup wrapper function is no
longer needed. Removing the function and its use in the tree.
Signed-off-by: Krzysztof Chruscinski <krzysztof.chruscinski@nordicsemi.no>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
The current implementation has hidden dependencies that break
OOB authentication if provisioner does not have the configured
input or output fields used for device capabilities.
It didn't allow to pass several OOB authentication cases.
After refactoring provisioner behavior is independent to
provisionee settings.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Adds defines for ECC public keys, private keys, DH keys and key
coordinates. Replaces raw numbers throughout.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds length defines for all provisioning PDUs and uses them to split
prov_link.conf_inputs into separate fields.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Align the capitalization of the term "Bluetooth Mesh" to Bluetooth mesh"
in the documentation. This is done to to match the new updated naming
convention done in Bluetooth SIG. In the upcoming spec versions, it its
used "Bluetooth mesh" with the lower case convention.
Signed-off-by: Ingar Kulbrandstad <ingar.kulbrandstad@nordicsemi.no>
When selecting a random count for blink, beep or vibrate, the Bluetooth
Mesh Profile Specification v1.0.1, section 5.4.2.4 states: "the device
shall select a random integer between 0 and 10 to the power of the
Authentication Size exclusive".
This means that if size is 1, the integer should be in the range 1-9,
while the implementation chose an integer in the range 0-9. Reduce the
range and add 1 to the num to correct this for these actions.
Fixes#34209.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Correct format errors, such as oob action 2-octers
should use 0x%04x, and action in prov capalilities pdu
big-ending. When every call `bt_mesh_auth_method_set<*>`
should also clear auth value, otherwise will case confirm
failed.
Provisioner role expect peer public key should be sent
immediately, instead of requiring ACK. After all, ACK may
be lost, and the other device’s public key will be sent
over, and provisioning procedure will be failed..
This is a resubmission of PR (#30086)
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The structure pointer was wrongly cleared before,
`bearer` and `role` in `bt_mesh_prov_link` structure
resulting in illegal pointer access.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
../zephyrNew/subsys/bluetooth/mesh/prov.c: In function
'bt_mesh_prov_reset_state': ../zephyrNew/subsys/bluetooth/mesh
/prov.c:61:2⚠️ '__builtin_memset' offset [52, 292] from
the object at 'bt_mesh_prov_link' is out of the bounds of referenced
subobject 'dhkey' with type 'uint8_t[32]' {aka 'unsigned char[32]'}
at offset 19 [-Warray-bounds] 61 | memset(&bt_mesh_prov_link.dhkey, 0,
Fixes: #29634
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Currently all provisioning procedure into common source
files call `prov.c`, that will not compile separately.
Add `BT_MESH_NODE` to control whether nodes are supported
and device provisioning is supported, this will be used in
provisioner role.
Add more provisioner OOB authentication method.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Adds check for provisioning random values that are identical to our own,
and terminates the provisioning procedure.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
According Mesh Profile Spec 5.4.2.4 Authentication, if device
use Input OOB Authentication method, should send input complete
pub after local public key has been acked.
`bt_mesh_input_string` or `bt_mesh_input_number` directly send
`input_complete`, however does not check whether the pub key has
been sent.
Mesh Provisioning timeout set to `60` seconds, so even this
probability is extremely low, it does not mean that there is no
such probability.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Replaces the current zero length array for provisioner data with
ifdefs, to silence new gcc 10 warnings about array element access.
Fixes#28371.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Reverse the order of these checks because invalid PDU type will
never be expected. If PDU type is invalid we should respond with
error 0x0002 - Invalid format.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Reset provisioning bearers when bt_mesh_reset() is called. Accept
another provisioning attempt after link close.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Splits PB-ADV and PB-GATT into separate modules with a common interface
to modularize prov.c.
Additional trivial fixes from testing:
- Reduces warnings for normal occurances like repeated packets.
- Makes link ack a non-reliable packet to prevent it from being repeated
until prov invite.
- Provisioner does not send link fail, but closes the link (as per spec
section 5.4.4). This prevents lingering zombie links on both sides.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Refactor the handling of network nodes and their keys into a separate
Mesh Configuration Database (CDB). This, not only creates a separation
of the local node and the other nodes, but also makes it possible to
implement functions to manage the whole, or at least parts of the mesh
network.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
Make it possible to provision devices over advertising bearer (PB-ADV).
Many messages in the provisioning protocol are the same for provisioner
and device so much of the code could be reused by only changing when
they are expected to arrive.
This introduces to concept of local and remote device keys. The models
for cfg_cli and cfg_srv have been updated to reflect this concept. Both
the send and receive path in the transport layer have been updated to
support encrypting/decrypting with local and remote device keys.
When a node has been provisioned it is stored in bt_mesh_net.nodes. If
CONFIG_BT_SETTINGS is enabled, they are also saved to settings. If the
callback node_added in bt_mesh_prov has been set, it will be called for
every node that gets provisioned. This includes when they are retrieved
from settings.
The configuration CONFIG_BT_MESH_NODE_COUNT controls how many nodes that
can be provisioned.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
Allows the user to pass a provisioning input complete callback to the
provisioning module, letting the application stop displaying its output
OOB value when the other party finishes their OOB input.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
According to Mesh Profile Specification 1.0.1 Figure 5.17, the
unprovisioned device should send its confirmation value after the
provisioner sends theirs. Previously, the confirmation value would be
sent immediately after OOB input complete. Now it first waits for the
input data, then from confirmation from the provisioner before sending
the confirmation.
Fixes: #18178.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
The code was already rejecting the key, however that rejection
happened only after we had already sent our public key as response,
which got interpreted as acceptance by the tester (PTS).
This fixes issue that d4fd267086a56c270a793114e7575afae9a9befa
supposed to fix. The problem is bt_dh_key_gen is async.
Local public key cannot be sent from the same context
the bt_dh_key_gen is called because we don't know yet
if remote key is valid.
Fixes MESH/NODE/PROV/BI-13-C.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
We've already got GATT services in subsys/bluetooth/services so
subsys/bluetooth/mesh is a more natural place. Aditionally this aims
to fix the Kconfig dependencies to be able to use mesh together with
BT_CUSTOM (i.e. a custom, potentially non-HCI, host stack).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
