diff --git a/include/bluetooth/bluetooth.h b/include/bluetooth/bluetooth.h index 26abb984c4e..96e842b6bd4 100644 --- a/include/bluetooth/bluetooth.h +++ b/include/bluetooth/bluetooth.h @@ -131,6 +131,38 @@ int bt_connect_le(const bt_addr_le_t *peer); */ int bt_disconnect(struct bt_conn *conn, uint8_t reason); +/*! Security level. */ +typedef enum { + BT_SECURITY_LOW, /*! No encryption and no authentication. */ + BT_SECURITY_MEDIUM, /*! encryption and no authentication (no MITM). */ + BT_SECURITY_HIGH, /*! encryption and authentication (MITM). */ + BT_SECURITY_FIPS, /*! Authenticated LE Secure Connections and + * encryption. + */ +} bt_security_t; + +/*! @brief Set security level for a connection. + * + * This function enable security (encryption) for a connection. If device is + * already paired with sufficiently strong key encryption will be enabled. If + * link is already encrypted with sufficiently strong key this function does + * nothing. + * + * If device is not paired pairing will be initiated. If device is paired and + * keys are too weak but input output capabilities allow for strong enough keys + * pairing will be initiated. + * + * This function may return error if required level of security is not possible + * to achieve due to local or remote device limitation (eg input output + * capabilities). + * + * @param conn Connection object. + * @param sec Requested security level. + * + * @return 0 on success or negative error + */ +int bt_security(struct bt_conn *conn, bt_security_t sec); + /*! @def BT_ADDR_STR_LEN * * @brief Recommended length of user string buffer for Bluetooth address diff --git a/include/bluetooth/conn.h b/include/bluetooth/conn.h index c3c0f502fc3..17045479620 100644 --- a/include/bluetooth/conn.h +++ b/include/bluetooth/conn.h @@ -93,34 +93,4 @@ struct bt_conn_cb { */ void bt_conn_cb_register(struct bt_conn_cb *cb); - -typedef enum { - BT_CONN_SEC_LOW, - BT_CONN_SEC_MEDIUM, - BT_CONN_SEC_HIGH, - BT_CONN_SEC_FIPS, -} bt_conn_security_t; - -/*! @brief Set security level for a connection. - * - * This function enable security (encryption) for a connection. If device is - * already paired with sufficiently strong key encryption will be enabled. If - * link is already encrypted with sufficiently strong key this function does - * nothing. - * - * If device is not paired pairing will be initiated. If device is paired and - * keys are too weak but input output capabilities allow for strong enough keys - * pairing will be initiated. - * - * This function may return error if required level of security is not possible - * to achieve due to local or remote device limitation (eg input output - * capabilities). - * - * @param conn Connection object. - * @param sec Requested security level. - * - * @return 0 on success or negative error - */ -int bt_conn_security(struct bt_conn *conn, bt_conn_security_t sec); - #endif /* __BT_CONN_H */ diff --git a/net/bluetooth/conn.c b/net/bluetooth/conn.c index 13c9d2ff396..040c7c70a23 100644 --- a/net/bluetooth/conn.c +++ b/net/bluetooth/conn.c @@ -390,19 +390,19 @@ const bt_addr_le_t *bt_conn_get_dst(const struct bt_conn *conn) return &conn->dst; } -int bt_conn_security(struct bt_conn *conn, bt_conn_security_t sec) +int bt_security(struct bt_conn *conn, bt_security_t sec) { if (conn->state != BT_CONN_CONNECTED) { return -ENOTCONN; } /* nothing to do */ - if (sec == BT_CONN_SEC_LOW) { + if (sec == BT_SECURITY_LOW) { return 0; } /* for now we only support JustWorks */ - if (sec > BT_CONN_SEC_MEDIUM) { + if (sec > BT_SECURITY_MEDIUM) { return -EINVAL; } diff --git a/samples/bluetooth/shell/src/main.c b/samples/bluetooth/shell/src/main.c index 0d0ed4502a9..c668ff56d21 100644 --- a/samples/bluetooth/shell/src/main.c +++ b/samples/bluetooth/shell/src/main.c @@ -272,7 +272,7 @@ static void cmd_security(int argc, char *argv[]) sec = *argv[3] - '0'; - err = bt_conn_security(conn, sec); + err = bt_security(conn, sec); if (err) { printk("Setting security failed (err %d)\n", err); }