You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by an...@apache.org on 2023/02/02 22:25:40 UTC

[mynewt-nimble] 01/02: nimble/phy: Add setting for header mask for encryption

This is an automated email from the ASF dual-hosted git repository.

andk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git

commit 5f7ca7062877edd75983b8ef6eccc22e5826d0b0
Author: Andrzej Kaczmarek <an...@codecoup.pl>
AuthorDate: Mon Jan 30 17:26:31 2023 +0100

    nimble/phy: Add setting for header mask for encryption
    
    ISO PDUs require different bits to be masked out in PDU header than
    standard data PDUs (Core 5.3, Vol 6, Part E, 2.2) when generating
    keystream for encryption/decrytpion so we need to be able to set such
    mask.
    
    For now this only works on nRF5340 as it has dedicated support for that.
    
    Header mask is always reset to default (data PDU) to avoid changing lots
    of old code.
---
 nimble/controller/include/controller/ble_ll_pdu.h |  5 +++++
 nimble/controller/include/controller/ble_phy.h    |  2 ++
 nimble/drivers/nrf5x/src/ble_phy.c                | 11 +++++++++++
 3 files changed, 18 insertions(+)

diff --git a/nimble/controller/include/controller/ble_ll_pdu.h b/nimble/controller/include/controller/ble_ll_pdu.h
index 60eef833..b18db944 100644
--- a/nimble/controller/include/controller/ble_ll_pdu.h
+++ b/nimble/controller/include/controller/ble_ll_pdu.h
@@ -26,6 +26,11 @@
 extern "C" {
 #endif
 
+/* Header mask for keystream generation */
+#define BLE_LL_PDU_HEADERMASK_DATA  (0xe3)
+#define BLE_LL_PDU_HEADERMASK_BIS   (0xc3)
+#define BLE_LL_PDU_HEADERMASK_CIS   (0xa3)
+
 #define BLE_LL_PDU_PREAMBLE_1M_LEN  (1)
 #define BLE_LL_PDU_PREAMBLE_2M_LEN  (2)
 #define BLE_LL_PDU_AA_LEN           (4)
diff --git a/nimble/controller/include/controller/ble_phy.h b/nimble/controller/include/controller/ble_phy.h
index 902ac034..bba8bccb 100644
--- a/nimble/controller/include/controller/ble_phy.h
+++ b/nimble/controller/include/controller/ble_phy.h
@@ -165,6 +165,8 @@ uint32_t ble_phy_access_addr_get(void);
 
 /* Enable encryption */
 void ble_phy_encrypt_enable(const uint8_t *key);
+/* Set mask for PDU header (see Core 5.3, Vol 6, Part E, 2.2) */
+void ble_phy_encrypt_header_mask_set(uint8_t mask);
 /* Set encryption IV */
 void ble_phy_encrypt_iv_set(const uint8_t *iv);
 /* Set encryption packet counter and direction bit */
diff --git a/nimble/drivers/nrf5x/src/ble_phy.c b/nimble/drivers/nrf5x/src/ble_phy.c
index 1e5fc5c3..3e095329 100644
--- a/nimble/drivers/nrf5x/src/ble_phy.c
+++ b/nimble/drivers/nrf5x/src/ble_phy.c
@@ -1700,6 +1700,17 @@ ble_phy_encrypt_enable(const uint8_t *key)
     g_ble_phy_data.phy_encrypted = 1;
     NRF_AAR->ENABLE = AAR_ENABLE_ENABLE_Disabled;
     NRF_CCM->ENABLE = CCM_ENABLE_ENABLE_Enabled;
+#ifdef NRF5340_XXAA
+    NRF_CCM->HEADERMASK = BLE_LL_PDU_HEADERMASK_DATA;
+#endif
+}
+
+void
+ble_phy_encrypt_header_mask_set(uint8_t mask)
+{
+#ifdef NRF5340_XXAA
+    NRF_CCM->HEADERMASK = mask;
+#endif
 }
 
 void