Added a new function, bt_conn_is_type, that returns whether
the provided conn object is of the provided type.
This check is then used to ensure that the conn objects
supplied to other bt_conn function are of the right type.
The right type has also been documented for these functions.
This is an initial commit for a larger change in the BT Host,
as similar checks should be added to the L2CAP, GATT, ISO,
Audio and possibly Mesh APIs.
The type check could have been implemented by using the
bt_conn_get_info function, but that requires additional
function calls as well as memory allocation and copy.
Since bt_conn_is_type is designed to be widely used, it
was suited for its own function.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Remove the HCI command & event emulation layer for ECDH commands and
events. This means that we always do the necessary operations in the host.
The existing BT_ECC Kconfig option stays, but now gets automatically
enabled when necessary (e.g. based on the BT_SMP option), which is why this
commit removes so many explicit assignments in prj.conf files.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
Currently, there are build warnings that are triggered when building
for BT central and legacy OOB pairing only:
CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY=y
CONFIG_BT_CENTRAL=y
There was a PR that handled this issue in the past https://github.com/zephyrproject-rtos/zephyr/pull/74400.
Unfortunately, this PR even though it fixed the warnings it also
broke the BT peripheral and legacy OOB pairing only build:
CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY=y
CONFIG_BT_PERIPHERAL=y
https://github.com/zephyrproject-rtos/zephyr/pull/82552 was merged in
order to fix the issue with the peripheral build configuration.
Unfortunately, this PR reintroduced the warnings for BT central and
legacy OOB pairing.
This commit brings changes to make sure that both the BT central and
peripheral builds with OOB legacy pairing are buildable and
warnings free.
Also in this commit, a new build test case is added for the BT central
and legacy OOB pairing along the existing BT peripheral test case
Signed-off-by: Sebastian Panceac <sebastian.panceac@ext.grandcentrix.net>
Add a separate test for public key validity. This needs to be done
synchronously so that we can respond with an early failure message to the
peer device.
Fixes#80218
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
The functions `le_sc_oob_config_set`, `generate_dhkey` and
`display_passkey` in `smp.c` were only defined when
`CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY` was not defined. This created
issues at build time.
Remove the guard as the code calling those functions is not guarded
itself.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
In current, the bondable flag cannot be configured for each specific
BR connection.
But for LE conn, there is a function `bt_conn_set_bondable` for this
purpose.
Improve `bt_conn_set_bondable` to support BR conn.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Add a function bt_l2cap_br_get_remote_fixed_chan to get the remote fixed
channels.
If the fixed channel CID 0x0007 is unsupported, skip the LTK derivation.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
In the handler of SMP_Pairing rsp, the encryption key
flag is cleared incorrectly.
It causes the LE LTK cannot be derived.
Do not modify the encryption key flag to fix the
issue.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
Add missing braces to comply with MISRA C:2012 Rule 15.6 and
also following Zephyr's style guideline.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Move the network buffer header file from zephyr/net/buf.h to
zephyr/net_buf.h as the implementation now lives outside of the networking
subsystem.
Add (deprecated) zephyr/net/buf.h header to maintain compatibility with old
file path.
Signed-off-by: Henrik Brix Andersen <henrik@brixandersen.dk>
When developing Bluetooth applications, you typically run into
some errors. If you are an experienced Bluetooth developer,
you would typically have an HCI error lookup table in your memory.
Others might not.
This commit utilizes defines CONFIG_BT_DEBUG_HCI_ERR_TO_STR
and utilizes bt_hci_err_to_str() to print out HCI error strings
when enabled to improve the user experience.
Several alternatives where considered. This approach was chosen
as it had the best balance between readability, code size, and
implementation complexity.
The alternatives are listed below as a reference.
1. Macro defined format specifier:
```c
#define HCI_ERR_FMT "%s"
#define BT_HCI_ERR_TO_STR(err) (err)
#define HCI_ERR_FMT "%d"
#define BT_HCI_ERR_TO_STR(err) bt_hci_err_to_str((err))
LOG_INF("The event contained " HCI_ERR_FMT " as status",
BT_HCI_ERR_TO_STR(err));
```
Advantage: Space efficient: Code size does not increase
Disadvantage: Code becomes hard to read
2. Format specifier to always include both integer and string:
```c
static inline const char bt_hci_err_to_str(err)
{
return "";
}
LOG_INF("The event contained %s(0x%02x) as status",
bt_hci_err_to_str(err), err);
```
Advantage: Simple to use, implement, and read,
Disadvantage: Increases code size when CONFIG_BT_DEBUG_HCI_ERR_TO_STR
is disabled. The compiler seems unable to optimize away the unused
format specifier. Note: The size increase is only present when
logging is enabled.
3. Always print as string, allocate a stack variable when printing:
```c
const char *bt_hci_err_to_str(char *dst, size_t dst_size, uint8_t err)
{
snprintf(dst, dst_size, 0x%02x, err);
return dst;
}
LOG_INF("The event contained %s as status", BT_HCI_ERR_TO_STR(err));
```
Advantage: Very easy to read.
Disadvantage: Printing error codes becomes slow as it involves calling
snprint.
4. Implement a custom printf specifier, for example E.
This requires a global CONFIG_ERR_AS_STR as I assume we cannot have
one specifier for each type of error code.
Also, I assume we cannot start adding specifiers for each subsystem.
```c
#define BT_HCI_ERR_TO_STR(err) (err)
#define BT_HCI_ERR_TO_STR(err) bt_hci_err_to_str((err))
LOG_INF("The event contained %E as status", BT_HCI_ERR_TO_STR(err));
```
Advantage: Both efficient code and readable code.
Disadvantage: This requires a global CONFIG_ERR_AS_STR as I assume
we cannot have one specifier for each type of error code.
Also, I assume we cannot start adding specifiers for each subsystem.
That is, this approach is hard to implement correctly in a scalable
way.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
The BR SMP fixed channel BR/EDR Security Manager
(CID 0x0007) cannot be set in L2CAP Information
Response. It is caused by the invalid fix channel
definition used.
Move macro `BT_L2CAP_BR_CHANNEL_DEFINE` to
`l2cap_br_interface.h`, that the macro can be
accessed in smp.c. And remove duplicated
header file include `#include "classic/l2cap_
br_interface.h"` from smp.c.
Define fixed channel, BR/EDR Security Manager
(CID 0x0007), by using `BT_L2CAP_BR_CHANNEL_DEFINE`.
Fix the smp L2CAP channel of BR cannot be found
issue. Use `bt_l2cap_br_lookup_tx_cid` to get
the BR SMP L2CAP channel instead of using
`bt_l2cap_le_lookup_tx_cid`.
Fix the invalid SMP L2CAP channel used when
the BR smp failed.
Signed-off-by: Lyle Zhu <lyle.zhu@nxp.com>
It was pointed out in a future PR that they should have
a corresponding experimental Kconfig entry.
See PR #73795.
This updates the APIs added in PR #73826 and PR #74295.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the `include/zephyr/bluetooth` and `subsys/bluetooth`
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
Utilize a code spell-checking tool to scan for and correct spelling errors
in all files within the subsys/bluetooth/host directory.
Signed-off-by: Pisit Sawangvonganan <pisit@ndrsolution.com>
This commit fixes compilation warnings that are present when compiling
with CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY as can be seen in this
compiler log:
"""
In file included from /zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/
include/string.h:215,
from /zephyr/subsys/bluetooth/host/smp.c:15:
In function '__memcpy_ichk',
inlined from 'sc_send_public_key' at /zephyr/subsys/bluetooth/host/
smp.c:3006:2:
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/ssp/string.h:83:1:
warning: argument 2 null where non-null expected [-Wnonnull]
83 | __ssp_bos_icheck3_restrict(memcpy, void *, const void *)
| ^~~~~~~~~~~~~~~~~~~~~~~~~~
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/ssp/string.h:83:1:
note: in a call to built-in function '__builtin_memcpy'
/zephyr/subsys/bluetooth/host/smp.c: In function 'smp_public_key':
/zephyr/subsys/bluetooth/host/smp.c:4214:21: warning: argument 2
null where non-null expected [-Wnonnull]
4214 | memcmp(smp->pkey, sc_public_key, BT_PUB_KEY_COORD_LEN) == 0) {
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/zephyr-sdk-0.16.1/arm-zephyr-eabi/picolibc/include/string.h:62:10: note:
in a call to function 'memcmp' declared 'nonnull'
62 | int memcmp (const void *, const void *, size_t);
| ^~~~~~
"""
The warning is caused by the potential use of NULL "sc_public_key"
global pointer that is not assigned a value in "smp_init()" if
CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is enabled. This commit
conditionally changes the behavior of function "smp_public_key()"
if CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is activated to simply return
and not use the "sc_public_key" variable. Other functions that are not
called anymore by "smp_public_key()" are also conditionally
deactivated when CONFIG_BT_SMP_OOB_LEGACY_PAIR_ONLY is enabled
Signed-off-by: Sebastian Panceac <sebastian.panceac@ext.grandcentrix.net>
This can be useful if application developers
want to print them in the applications.
Later we can also use them in
the host to improve debuggability.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This API converts a SMP error code to a string.
This can be useful if application developers want
to print them in the applications.
BT_SMP_ERR_SUCCESS was added for completeness.
Later we can also use them in the host to improve debuggability.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
This API replaces `bt_l2cap_send()` and `bt_l2cap_send_cb()`.
The difference is that it takes the `struct bt_l2cap_le_chan` object
directly instead of a connection + CID.
We need the channel object in order to put the PDU on the TX queue. It
is inefficient to do a search for every PDU when the caller knows the
channel object's address and can just pass it down.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
Add functions to do XOR on arrays of memory, with one that
takes arbitrary sizes and one for 32 bits and 128 bits as
those are common sizes for this functionality.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Added run-time BT_CENTRAL role check for the path that was
central specific and did not have such check.
When multi-role BT device tried to pair without bonding (peripheral role)
while already previously bonded with the same device on another
Bluetooth identity, pairing failed.
It executed central-specific code, which should not be executed in case
when the device acts as peripheral (as it is even opt-out from code when
CONFIG_BT_CENTRAL is not enabled).
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
If the bonding information has been cleared before pairing had a chance
to complete (probably by the application), indicate this by setting an
appropriate log message.
Also check that keys exist before calling `bt_keys_store`.
Fixes#59788 and #61465
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Fix an issue in the CCC configuration when the Peripheral device
maintains two or more distinct connections on different identities
with the same peer. The issue occurs when the local device performs
the pairing and the bonding procedure on a connection associated
with one of the Bluetooth identities. During the identity resolution,
the peer address field in the CCC descriptor is converted from the
RPA-type address to the Identity Address. However, the destination
address on the remaining connection objects associated with other
Bluetooth identities is not converted. Due to this, their CCC
configuration is reset and GATT indications and notification fail
to be sent even if the Central device subscribed to them.
Added necessary code to iterate over all connection objects during
the identity resolution phase and aligned their destination address
from the RPA-type to the Identity Address.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
Fix a bunch of mismatched CONTAINER_OF, few missing
k_work_delayable_from_work conversions but also many
bt_l2cap_le_chan/bt_l2cap_chan and few others.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fix few instances of delayable work handlers using the k_work pointer
directly in a CONTAINER_OF pointing to a k_work_delayable.
This is harmless since the k_work is the first element in
k_work_delayable, but using k_work_delayable_from_work is the right way
of handling it.
Change a couple of explicit CONTAINER_OF doing the same work as the
macro in the process.
Signed-off-by: Fabio Baltieri <fabiobaltieri@google.com>
Fixes a coverity-reported issue by explicitly ignoring the return value
of the cas-operation. The return value is the old value, but we are not
interested in it in the situation when we just want to initialize a
value if it is in the uninitialized state.
Fixes: https://github.com/zephyrproject-rtos/zephyr/issues/60474
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
The current API for changing the bondable mode uses the global flag.
With Zephyr support for multiple Bluetooth identities, the API for
changing the bondable mode should be more fine-grained.
The bondable requirements of one identity should not have an impact on
another identity which can have a different set of requirements.
This change introduces function to overlay bondable flag per
connection.
Signed-off-by: Mateusz Kapala <mateusz.kapala@nordicsemi.no>
If disconnection has been triggered in between the security update and
the call to `smp_pairing_complete` we need to abort the pairing.
The disconnection may have been triggered by `bt_unpair`, in that case
the keys will have been erased and it will lead to an assertion to
continue as if nothing happened.
To resolve this issue, at the beginning of `smp_pairing_complete` the
`status` is set to `BT_SMP_ERR_UNSPECIFIED` if there is no connection.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Cast `dhkey` to `void*` to avoid a warning from the logging subsystem:
```
<wrn> cbprintf_package: (unsigned) char * used for %p argument.
It's recommended to cast it to void * because it may cause misbehavior
in certain configurations
```
Signed-off-by: Herman Berget <herman.berget@nordicsemi.no>
When central is sending SMP Pairing Request is it unknown if
pairing will be legacy or LE SC so set OOB flag if any OOB
data is present and assume to peer device provides OOB data
that will match pairing type.
This was affecting following qualification test cases:
SM/CEN/OOB/BI-01-C
SM/CEN/OOB/BV-01-C
SM/CEN/OOB/BV-03-C
SM/CEN/OOB/BV-09-C
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Some systems can support only legacy OOB pairing while others only
LE SC OOB pairing.
The existent API function "bt_set_oob_data_flag" was removed.
Two new API functions were added:
* "bt_le_oob_set_legacy_flag" to signal that legacy OOB pairing is used
* "bt_le_oob_set_sc_flag" to signal that LE SC OOB pairing is used
The code will now advertise the presence of OOB flag depending
on the type of pairing method(SC vs legacy)
Signed-off-by: Sebastian Panceac <sebastian.panceac@ext.grandcentrix.net>
In the case of a constrained system that uses dynamic channels (ie, not
much initial credits), the user's log would be flooded with those three
messages.
This is not really an error per se as the stack will handle it properly and
reschedule the sending of the buffers as soon as more credits arrive.
Thus downgrading the severity of
- the l2cap messages, as they are only compiled when dynamic channels are
enabled
- the conn message. Reporting the error belongs in the upper layers.
Signed-off-by: Jonathan Rico <jonathan.rico@nordicsemi.no>
9.4.2 section, Part C, Vol 3 of the Bluetooth Core specification v5.3
states the following in the case that the device is in non-bondable
mode:
If Security Manager pairing is supported, the Host shall set the
Bonding_Flags to ‘No Bonding’ as defined in [Vol 3] Part H, Section
3.5.1 and bonding information shall not be exchanged or stored.
Fixes#54104
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add logging of the fields in the sent and received pairing
requests and responses. This makes it easier to debug
why a pairing would be e.g. rejected, or simply to get
more insight in the resulting pairing.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Added a new Kconfig option for the Bluetooth Host to allow
unauthenticated pairing attempts made by the peer where an
unauthenticated bond already exists on other local identity.
Signed-off-by: Kamil Piszczek <Kamil.Piszczek@nordicsemi.no>
The `bluetooth/common/log.h` and `bluetooth/common/log.c` files have been
removed. Files that were using them have been updated to use
`zephyr/logging/log.h` instead.
Those replacement have been done consequently:
- `/BT_DBG/LOG_DBG/`
- `/BT_ERR/LOG_ERR/`
- `/BT_WARN/LOG_WRN/`
- `/BT_INFO/LOG_INF/`
- `/BT_HEXDUMP_DBG/LOG_HEXDUMP_DBG/`
- `/BT_DBG_OBJ_ID/LOG_DBG_OBJ_ID/`
Also, some files were relying on the `common/log.h` include to include
`zephyr/bluetooth/hci.h`, in those cases the include of `hci.h` has
been added.
For files that were including `common/log.h` but not using any logs,
the include has been removed and not replaced.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
After merging #51809, a few things were spotted that needed tweaking.
Among them:
- Rename the folder from bt_crypto to crypto, since the prefix is
unnecesary
- Remove the include folder
- Remove the path from the global include paths
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Add to the cryptographic toolbox the h8 function, defined in the Bluetooth
Core Vol. 6, part E 1.1.1.
Also add test and SMP self test for this function. The data used for those
are from the Bluetooth Core.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Move functions defined in the Cryptographic toolbox of the Bluetooth
specification inside their own files in the following folder:
`zephyr/subsys/bluetooth/bt_crypto`. The functions were previously
implemented in `zephyr/subsys/bluetooth/host/smp.c`.
The cryptographic toolbox functions can now be accessed from outside of the
host.
In addition to that, tests for each cryptographic toolbox functions have
been added.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Functions related to string manipulation that were defined in
`common/log.h` has been moved to the `common/bt_str.h` file and their
implementation in `common/bt_str.c`.
Files that were using those functions has been updated consequently.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
This commit prevents the assertion error added in the previous commit,
by introducing the following behavior.
When the Host detects that a pairing procedue would result in more than
one local identity having a bond with the same remote address, it will
try to abort the pairing. If the pairing procedure cannot be properly
aborted, it will remove the pairing locally and disconnect.
This commit also introduces a new kconfig `BT_ID_UNPAIR_MATCHING_BONDS`.
This config changes the above-described behavior to instead un-pair the
old bond and continue with the pairing (if the new bond has the same or
better security.)
The new kconfig is not enabled by default. See the help text of the new
kconfig option for more details.
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
