Updates Bluetooth mesh specification references:
- Change "Profile" to "Protocol" since the main specification has
changed its name.
- Update/align formating of specification references. This will
make it easier to find spec references in the future.
- Change some section references to point to the correct section of the
newest version of the specification (v1.1).
Signed-off-by: Anders Storrø <anders.storro@nordicsemi.no>
Since the default process dhkey gen in bt rx, will block send
Trans Ack, cause peer device send more package.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The remaining bit should be zero if auth is
shorter than PROV_AUTH_MAX_LEN and it should
be trimmed by removing octets with indexes
higher than PROV_AUTH_MAX_LEN.
Signed-off-by: Alperen Şener <alperen.sener@nordicsemi.no>
Provisioner should be able to manage received capabilities
unconditionally. Mandatory oob authentication is the node
feature and it is still compile time feature.
Split handling of this feature on provisioner and node part.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
According to specification it is possible to provide
static oob value with any length. Mesh should trim or
append\prepend by zeroes if it is longer\shorter than
required value.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Provisionee shall fail if provisioner sent public key
identicall to OOB public key back.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
A mesh key type has been added to be able to choose the different
key representation for different security libraries.
The type as well as some functionality related to Mesh key
management has been added as a public API.
If tynicrypt is chosen then keys have representation
as 16 bytes array. If mbedTLS with PSA is used then keys are
the PSA key id. Raw value is not kept within BLE Mesh stack
for mbedTLS. Keys are imported into the security library
and key ids are gotten back. This refactoring has been done
for the network(including all derivated keys), application,
device, and session keys.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
bt_uuid_str expects UUID in little endian while UUID encoded into
unprovisioned mesh beacon is encoded in big endian. sys_memcpy_swap will
change endianess of uuid so that bt_uuid_str can be used.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
CONFIG_BT_MESH_PROV_DEVICE_LOG_LEVEL_INF may not be present while
CONFIG_BT_MESH_PROV_DEVICE_LOG_LEVEL is always present.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Commit gets rid of host dependency to generate DH key.
Mesh uses its own function for it that has synchronous
behavior and correct endianism. It simplifies the provisioning
state machine since it doesn't require waiting for the host HCI
handler.
Also, it removes hidden cross-dependency between BLE Mesh and
SMP in the aspect of competition for the same DH key
(https://github.com/zephyrproject-rtos/zephyr/issues/23292)
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
When we receive `RPR_OP_LINK_CLOSE` message with reason other than
`SUCCESS` we should fail NPPI refresh procedure, not complete it.
Dropping `COMPLETE` flag will result in calling `reprovision_fail`
in `prov_link_closed`, not `reprovision_complete`.
Signed-off-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Remove Kconfig symbol `BT_DEBUG`. It was not useful anymore with the
previous logging updates.
Replace it, where it was used, by the file local debug symbol.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Adds remote provisioning models rpr_srv and rpr_cli, and exposes them as
a bearer for the provisioning process.
The remote provisioning models provide the following features:
- Remote provisioning of new devices, using a remote provisioning server
as a proxy.
- Reprovisioning of existing devices, generating a new device key and
changing addresses and composition data.
Co-authored-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Implementation of the enhanced provisioning authentication (EPA)
that is based on SHA256 and HMAC security algorithms.
OOB authentication mandates EPA usage.
Co-authored-by: Krzysztof Kopyściński <krzysztof.kopyscinski@codecoup.pl>
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
The `bluetooth/common/log.h` and `bluetooth/common/log.c` files have been
removed. Files that were using them have been updated to use
`zephyr/logging/log.h` instead.
Those replacement have been done consequently:
- `/BT_DBG/LOG_DBG/`
- `/BT_ERR/LOG_ERR/`
- `/BT_WARN/LOG_WRN/`
- `/BT_INFO/LOG_INF/`
- `/BT_HEXDUMP_DBG/LOG_HEXDUMP_DBG/`
- `/BT_DBG_OBJ_ID/LOG_DBG_OBJ_ID/`
Also, some files were relying on the `common/log.h` include to include
`zephyr/bluetooth/hci.h`, in those cases the include of `hci.h` has
been added.
For files that were including `common/log.h` but not using any logs,
the include has been removed and not replaced.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
The sample in the Provisioning protocol spec chapter
is in big endian. Static OOB value should append
zeroes on the little endian platforms.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Functions related to string manipulation that were defined in
`common/log.h` has been moved to the `common/bt_str.h` file and their
implementation in `common/bt_str.c`.
Files that were using those functions has been updated consequently.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
Some variables shadow global, which is difficult to handle when
porting to other platforms with shadow warnings turned on.
https://github.com/zephyrproject-rtos/zephyr/pull/50581
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
As of today <zephyr/zephyr.h> is 100% equivalent to <zephyr/kernel.h>.
This patch proposes to then include <zephyr/kernel.h> instead of
<zephyr/zephyr.h> since it is more clear that you are including the
Kernel APIs and (probably) nothing else. <zephyr/zephyr.h> sounds like a
catch-all header that may be confusing. Most applications need to
include a bunch of other things to compile, e.g. driver headers or
subsystem headers like BT, logging, etc.
The idea of a catch-all header in Zephyr is probably not feasible
anyway. Reason is that Zephyr is not a library, like it could be for
example `libpython`. Zephyr provides many utilities nowadays: a kernel,
drivers, subsystems, etc and things will likely grow. A catch-all header
would be massive, difficult to keep up-to-date. It is also likely that
an application will only build a small subset. Note that subsystem-level
headers may use a catch-all approach to make things easier, though.
NOTE: This patch is **NOT** removing the header, just removing its usage
in-tree. I'd advocate for its deprecation (add a #warning on it), but I
understand many people will have concerns.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
In order to bring consistency in-tree, migrate all subsystems code to
the new prefix <zephyr/...>. Note that the conversion has been scripted,
refer to zephyrproject-rtos#45388 for more details.
Signed-off-by: Gerard Marull-Paretas <gerard.marull@nordicsemi.no>
Bluetooth Mesh uses tinycrypt library for security related
algorithms. This PR encapsulates tinycrypt dependency within
one file to make the current implementation more portable.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Local public key has been logged in little endian but
remote public key in big endian. That has been changed.
Both are logged in big endian to be able to compare in logs.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
Debug configuration for prov and prov_device has been split
since prov general modul and it is used for provisioner as well.
It is not necessary to enable prov_device debugging
to debug provisioner.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
we will no longer need the additional `disconnect` parameter,
such as we only process gatt database from disconnect handler.
Signed-off-by: Lingao Meng <menglingao@xiaomi.com>
The current implementation has hidden dependencies that break
OOB authentication if provisioner does not have the configured
input or output fields used for device capabilities.
It didn't allow to pass several OOB authentication cases.
After refactoring provisioner behavior is independent to
provisionee settings.
Signed-off-by: Aleksandr Khromykh <aleksandr.khromykh@nordicsemi.no>
When Public Key field is set to RFU value then we should send
Provisioning Fail with Invalid Format error.
Signed-off-by: Michał Narajowski <michal.narajowski@codecoup.pl>
Adds defines for ECC public keys, private keys, DH keys and key
coordinates. Replaces raw numbers throughout.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Adds length defines for all provisioning PDUs and uses them to split
prov_link.conf_inputs into separate fields.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
Align the capitalization of the term "Bluetooth Mesh" to Bluetooth mesh"
in the documentation. This is done to to match the new updated naming
convention done in Bluetooth SIG. In the upcoming spec versions, it its
used "Bluetooth mesh" with the lower case convention.
Signed-off-by: Ingar Kulbrandstad <ingar.kulbrandstad@nordicsemi.no>
This commit allows an unprovisioned device to exchange its public key
using out-of-band techology (see MeshPRFv1.0.1, table 5.19 and section
5.4.2.3).
For in-band public key exchange, the mesh stack uses HCI commands to
generate public and private keys, and DH key. This, however, doesn't
work for OOB public key exchange since there is no command to generate
DH key with a private key provided by an application. Therefore, this
commit adds direct usage of TinyCrypto into the mesh stack for DH key
generation for OOB public key support.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Currently all provisioning procedure into common source
files call `prov.c`, that will not compile separately.
Add `BT_MESH_NODE` to control whether nodes are supported
and device provisioning is supported, this will be used in
provisioner role.
Add more provisioner OOB authentication method.
Signed-off-by: Lingao Meng <mengabc1086@gmail.com>
