Adds separate extended protocol timeout of 120 sec in provisioning
implementation when OOB method Input or Output is used. This
complies with recommendation in the mesh 1.1 protocol spec (5.4.4).
Signed-off-by: Anders Storrø <anders.storro@nordicsemi.no>
Commit gets rid of host dependency to generate DH key.
Mesh uses its own function for it that has synchronous
behavior and correct endianism. It simplifies the provisioning
state machine since it doesn't require waiting for the host HCI
handler.
Also, it removes hidden cross-dependency between BLE Mesh and
SMP in the aspect of competition for the same DH key
(https://github.com/zephyrproject-rtos/zephyr/issues/23292)
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Commit splits mesh crypto module on security library dependent
and independent parts.
Independent part includes security toolbox implementation.
Dependent part includes security algorithms usage based on
API third party security library.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
When we receive `RPR_OP_LINK_CLOSE` message with reason other than
`SUCCESS` we should fail NPPI refresh procedure, not complete it.
Dropping `COMPLETE` flag will result in calling `reprovision_fail`
in `prov_link_closed`, not `reprovision_complete`.
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Adds remote provisioning models rpr_srv and rpr_cli, and exposes them as
a bearer for the provisioning process.
The remote provisioning models provide the following features:
- Remote provisioning of new devices, using a remote provisioning server
as a proxy.
- Reprovisioning of existing devices, generating a new device key and
changing addresses and composition data.
Co-authored-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Implementation of the enhanced provisioning authentication (EPA)
that is based on SHA256 and HMAC security algorithms.
OOB authentication mandates EPA usage.
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
The current implementation has hidden dependencies that break
OOB authentication if provisioner does not have the configured
input or output fields used for device capabilities.
It didn't allow to pass several OOB authentication cases.
After refactoring provisioner behavior is independent to
provisionee settings.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Adds defines for ECC public keys, private keys, DH keys and key
coordinates. Replaces raw numbers throughout.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds length defines for all provisioning PDUs and uses them to split
prov_link.conf_inputs into separate fields.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Align the capitalization of the term "Bluetooth Mesh" to Bluetooth mesh"
in the documentation. This is done to to match the new updated naming
convention done in Bluetooth SIG. In the upcoming spec versions, it its
used "Bluetooth mesh" with the lower case convention.
Signed-off-by: Ingar Kulbrandstad <ingar.kulbrandstad@nordicsemi.no>
This commit allows an unprovisioned device to exchange its public key
using out-of-band techology (see MeshPRFv1.0.1, table 5.19 and section
5.4.2.3).
For in-band public key exchange, the mesh stack uses HCI commands to
generate public and private keys, and DH key. This, however, doesn't
work for OOB public key exchange since there is no command to generate
DH key with a private key provided by an application. Therefore, this
commit adds direct usage of TinyCrypto into the mesh stack for DH key
generation for OOB public key support.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
The structure pointer was wrongly cleared before,
`bearer` and `role` in `bt_mesh_prov_link` structure
resulting in illegal pointer access.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
Currently all provisioning procedure into common source
files call `prov.c`, that will not compile separately.
Add `BT_MESH_NODE` to control whether nodes are supported
and device provisioning is supported, this will be used in
provisioner role.
Add more provisioner OOB authentication method.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
Splits PB-ADV and PB-GATT into separate modules with a common interface
to modularize prov.c.
Additional trivial fixes from testing:
- Reduces warnings for normal occurances like repeated packets.
- Makes link ack a non-reliable packet to prevent it from being repeated
until prov invite.
- Provisioner does not send link fail, but closes the link (as per spec
section 5.4.4). This prevents lingering zombie links on both sides.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Make it possible to provision devices over advertising bearer (PB-ADV).
Many messages in the provisioning protocol are the same for provisioner
and device so much of the code could be reused by only changing when
they are expected to arrive.
This introduces to concept of local and remote device keys. The models
for cfg_cli and cfg_srv have been updated to reflect this concept. Both
the send and receive path in the transport layer have been updated to
support encrypting/decrypting with local and remote device keys.
When a node has been provisioned it is stored in bt_mesh_net.nodes. If
CONFIG_BT_SETTINGS is enabled, they are also saved to settings. If the
callback node_added in bt_mesh_prov has been set, it will be called for
every node that gets provisioned. This includes when they are retrieved
from settings.
The configuration CONFIG_BT_MESH_NODE_COUNT controls how many nodes that
can be provisioned.
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
We've already got GATT services in subsys/bluetooth/services so
subsys/bluetooth/mesh is a more natural place. Aditionally this aims
to fix the Kconfig dependencies to be able to use mesh together with
BT_CUSTOM (i.e. a custom, potentially non-HCI, host stack).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
2019-07-10 09:41:57 +03:00
Renamed from subsys/bluetooth/host/mesh/prov.h (Browse further)
