You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by cc...@apache.org on 2016/05/25 19:16:55 UTC
[2/9] incubator-mynewt-core git commit: BLE Host - Clarify keys;
our/peer -> mst/slv
BLE Host - Clarify keys; our/peer -> mst/slv
Prior to this change:
* our key = key we generated while we are slave
* peer key = key peer generated while we are master
Now:
* master key = key we should use when we are master (was: peer key).
* slave key = key we should use when we are slave (was: our key).
Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/ba96fba7
Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/ba96fba7
Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/ba96fba7
Branch: refs/heads/develop
Commit: ba96fba7e3d859f34b913c32a30aeabf9a84bbf9
Parents: c7d3c0c
Author: Christopher Collins <cc...@apache.org>
Authored: Wed May 25 11:53:10 2016 -0700
Committer: Christopher Collins <cc...@apache.org>
Committed: Wed May 25 12:16:46 2016 -0700
----------------------------------------------------------------------
net/nimble/host/include/host/ble_store.h | 22 +++---
net/nimble/host/src/ble_l2cap_sm.c | 71 ++++++++++++++------
net/nimble/host/src/ble_store.c | 24 +++----
.../host/src/test/ble_hs_test_util_store.c | 15 +++--
net/nimble/host/src/test/ble_l2cap_sm_test.c | 18 ++---
5 files changed, 90 insertions(+), 60 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/ba96fba7/net/nimble/host/include/host/ble_store.h
----------------------------------------------------------------------
diff --git a/net/nimble/host/include/host/ble_store.h b/net/nimble/host/include/host/ble_store.h
index 5af5b99..0b9910e 100644
--- a/net/nimble/host/include/host/ble_store.h
+++ b/net/nimble/host/include/host/ble_store.h
@@ -25,8 +25,8 @@
/* XXX: Rethink our/peer distinction. Might make sense to unify keys such that
* each entry contains both peers' addresses.
*/
-#define BLE_STORE_OBJ_TYPE_OUR_LTK 1
-#define BLE_STORE_OBJ_TYPE_PEER_LTK 2
+#define BLE_STORE_OBJ_TYPE_MST_LTK 1
+#define BLE_STORE_OBJ_TYPE_SLV_LTK 2
#define BLE_STORE_OBJ_TYPE_CCCD 3
#define BLE_STORE_ADDR_TYPE_NONE 0xff
@@ -37,8 +37,8 @@ struct ble_store_key_ltk {
* Key by peer identity address;
* peer_addr_type=BLE_STORE_ADDR_TYPE_NONE means don't key off peer.
*/
- uint8_t addr[6];
- uint8_t addr_type;
+ uint8_t peer_addr[6];
+ uint8_t peer_addr_type;
/** Key by ediv; ediv_present=0 means don't key off ediv. */
uint16_t ediv;
@@ -50,8 +50,8 @@ struct ble_store_key_ltk {
};
struct ble_store_value_ltk {
- uint8_t addr[6];
- uint8_t addr_type;
+ uint8_t peer_addr[6];
+ uint8_t peer_addr_type;
uint16_t ediv;
uint64_t rand_num;
uint8_t key[16];
@@ -109,12 +109,12 @@ int ble_store_read(int obj_type, union ble_store_key *key,
int ble_store_write(int obj_type, union ble_store_value *val);
int ble_store_delete(int obj_type, union ble_store_key *key);
-int ble_store_read_our_ltk(struct ble_store_key_ltk *key_ltk,
+int ble_store_read_slv_ltk(struct ble_store_key_ltk *key_ltk,
+ struct ble_store_value_ltk *value_ltk);
+int ble_store_write_slv_ltk(struct ble_store_value_ltk *value_ltk);
+int ble_store_read_mst_ltk(struct ble_store_key_ltk *key_ltk,
struct ble_store_value_ltk *value_ltk);
-int ble_store_write_our_ltk(struct ble_store_value_ltk *value_ltk);
-int ble_store_read_peer_ltk(struct ble_store_key_ltk *key_ltk,
- struct ble_store_value_ltk *value_ltk);
-int ble_store_write_peer_ltk(struct ble_store_value_ltk *value_ltk);
+int ble_store_write_mst_ltk(struct ble_store_value_ltk *value_ltk);
int ble_store_read_cccd(struct ble_store_key_cccd *key,
struct ble_store_value_cccd *out_value);
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/ba96fba7/net/nimble/host/src/ble_l2cap_sm.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_l2cap_sm.c b/net/nimble/host/src/ble_l2cap_sm.c
index 73a7209..8e17ad7 100644
--- a/net/nimble/host/src/ble_l2cap_sm.c
+++ b/net/nimble/host/src/ble_l2cap_sm.c
@@ -481,28 +481,55 @@ ble_l2cap_sm_sec_state(struct ble_l2cap_sm_proc *proc,
static void
ble_l2cap_sm_key_exchange_events(struct ble_l2cap_sm_proc *proc)
{
- union ble_store_value store_value;
+ struct ble_store_value_ltk value_ltk;
+ struct ble_hs_conn *conn;
+ uint8_t peer_addr[8];
+ uint8_t peer_addr_type;
+
+ ble_hs_lock();
+
+ conn = ble_hs_conn_find(proc->conn_handle);
+ BLE_HS_DBG_ASSERT(conn != NULL);
+
+ peer_addr_type = conn->bhc_addr_type;
+ memcpy(peer_addr, conn->bhc_addr, sizeof peer_addr);
+
+ ble_hs_unlock();
if (proc->our_keys.ediv_rand_valid && proc->our_keys.ltk_valid) {
- store_value.ltk.ediv = proc->our_keys.ediv;
- store_value.ltk.rand_num = proc->our_keys.rand_val;
- memcpy(store_value.ltk.key, proc->our_keys.ltk,
- sizeof store_value.ltk.key);
- store_value.ltk.authenticated =
+ value_ltk.peer_addr_type = peer_addr_type;
+ memcpy(value_ltk.peer_addr, peer_addr, sizeof value_ltk.peer_addr);
+ value_ltk.ediv = proc->our_keys.ediv;
+ value_ltk.rand_num = proc->our_keys.rand_val;
+ memcpy(value_ltk.key, proc->our_keys.ltk,
+ sizeof value_ltk.key);
+ value_ltk.authenticated =
!!(proc->flags & BLE_L2CAP_SM_PROC_F_AUTHENTICATED);
- store_value.ltk.sc = 0;
- ble_store_write(BLE_STORE_OBJ_TYPE_OUR_LTK, &store_value);
+ value_ltk.sc = 0;
+
+ if (proc->flags & BLE_L2CAP_SM_PROC_F_INITIATOR) {
+ ble_store_write_mst_ltk(&value_ltk);
+ } else {
+ ble_store_write_slv_ltk(&value_ltk);
+ }
}
if (proc->peer_keys.ediv_rand_valid && proc->peer_keys.ltk_valid) {
- store_value.ltk.ediv = proc->peer_keys.ediv;
- store_value.ltk.rand_num = proc->peer_keys.rand_val;
- memcpy(store_value.ltk.key, proc->peer_keys.ltk,
- sizeof store_value.ltk.key);
- store_value.ltk.authenticated =
+ value_ltk.peer_addr_type = peer_addr_type;
+ memcpy(value_ltk.peer_addr, peer_addr, sizeof value_ltk.peer_addr);
+ value_ltk.ediv = proc->our_keys.ediv;
+ value_ltk.rand_num = proc->our_keys.rand_val;
+ memcpy(value_ltk.key, proc->our_keys.ltk,
+ sizeof value_ltk.key);
+ value_ltk.authenticated =
!!(proc->flags & BLE_L2CAP_SM_PROC_F_AUTHENTICATED);
- store_value.ltk.sc = 0;
- ble_store_write(BLE_STORE_OBJ_TYPE_PEER_LTK, &store_value);
+ value_ltk.sc = 0;
+
+ if (proc->flags & BLE_L2CAP_SM_PROC_F_INITIATOR) {
+ ble_store_write_slv_ltk(&value_ltk);
+ } else {
+ ble_store_write_mst_ltk(&value_ltk);
+ }
}
/* XXX: Persist other key data. */
@@ -1771,12 +1798,12 @@ ble_l2cap_sm_lt_key_req_ltk_handle(struct hci_le_lt_key_req *evt)
/* Tell applicaiton to look up LTK by ediv/rand pair. */
/* XXX: Also filter by peer address? */
memset(&store_key, 0, sizeof store_key);
- store_key.ltk.addr_type = BLE_STORE_ADDR_TYPE_NONE;
+ store_key.ltk.peer_addr_type = BLE_STORE_ADDR_TYPE_NONE;
store_key.ltk.ediv = evt->encrypted_diversifier;
store_key.ltk.ediv_present = 1;
store_key.ltk.rand_num = evt->random_number;
store_key.ltk.rand_num_present = 1;
- store_rc = ble_store_read(BLE_STORE_OBJ_TYPE_OUR_LTK, &store_key,
+ store_rc = ble_store_read(BLE_STORE_OBJ_TYPE_MST_LTK, &store_key,
&store_value);
if (store_rc == 0) {
/* Store provided a key; send it to the controller. */
@@ -1972,15 +1999,17 @@ ble_l2cap_sm_rx_sec_req(uint16_t conn_handle, uint8_t op, struct os_mbuf **om)
* locked.
*/
memset(&key_ltk, 0, sizeof key_ltk);
- key_ltk.addr_type = conn->bhc_addr_type;
- memcpy(key_ltk.addr, conn->bhc_addr, 6);
+ key_ltk.peer_addr_type = conn->bhc_addr_type;
+ memcpy(key_ltk.peer_addr, conn->bhc_addr, 6);
}
ble_hs_unlock();
if (rc == 0) {
- /* Query database for an LTK corresonding to the sender. */
- rc = ble_store_read_our_ltk(&key_ltk, &value_ltk);
+ /* Query database for an LTK corresonding to the sender. We are the
+ * master, so retrieve a master key.
+ */
+ rc = ble_store_read_mst_ltk(&key_ltk, &value_ltk);
if (rc == 0) {
/* Found a key corresponding to this peer. Make sure it meets the
* requested minimum authreq.
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/ba96fba7/net/nimble/host/src/ble_store.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_store.c b/net/nimble/host/src/ble_store.c
index 553f7e9..2694d60 100644
--- a/net/nimble/host/src/ble_store.c
+++ b/net/nimble/host/src/ble_store.c
@@ -66,8 +66,8 @@ ble_store_delete(int obj_type, union ble_store_key *key)
}
int
-ble_store_read_our_ltk(struct ble_store_key_ltk *key_ltk,
- struct ble_store_value_ltk *value_ltk)
+ble_store_read_slv_ltk(struct ble_store_key_ltk *key_ltk,
+ struct ble_store_value_ltk *value_ltk)
{
union ble_store_value *store_value;
union ble_store_key *store_key;
@@ -75,24 +75,24 @@ ble_store_read_our_ltk(struct ble_store_key_ltk *key_ltk,
store_key = (void *)key_ltk;
store_value = (void *)value_ltk;
- rc = ble_store_read(BLE_STORE_OBJ_TYPE_OUR_LTK, store_key, store_value);
+ rc = ble_store_read(BLE_STORE_OBJ_TYPE_MST_LTK, store_key, store_value);
return rc;
}
int
-ble_store_write_our_ltk(struct ble_store_value_ltk *value_ltk)
+ble_store_write_slv_ltk(struct ble_store_value_ltk *value_ltk)
{
union ble_store_value *store_value;
int rc;
store_value = (void *)value_ltk;
- rc = ble_store_write(BLE_STORE_OBJ_TYPE_OUR_LTK, store_value);
+ rc = ble_store_write(BLE_STORE_OBJ_TYPE_MST_LTK, store_value);
return rc;
}
int
-ble_store_read_peer_ltk(struct ble_store_key_ltk *key_ltk,
- struct ble_store_value_ltk *value_ltk)
+ble_store_read_mst_ltk(struct ble_store_key_ltk *key_ltk,
+ struct ble_store_value_ltk *value_ltk)
{
union ble_store_value *store_value;
union ble_store_key *store_key;
@@ -100,18 +100,18 @@ ble_store_read_peer_ltk(struct ble_store_key_ltk *key_ltk,
store_key = (void *)key_ltk;
store_value = (void *)value_ltk;
- rc = ble_store_read(BLE_STORE_OBJ_TYPE_PEER_LTK, store_key, store_value);
+ rc = ble_store_read(BLE_STORE_OBJ_TYPE_SLV_LTK, store_key, store_value);
return rc;
}
int
-ble_store_write_peer_ltk(struct ble_store_value_ltk *value_ltk)
+ble_store_write_mst_ltk(struct ble_store_value_ltk *value_ltk)
{
union ble_store_value *store_value;
int rc;
store_value = (void *)value_ltk;
- rc = ble_store_write(BLE_STORE_OBJ_TYPE_PEER_LTK, store_value);
+ rc = ble_store_write(BLE_STORE_OBJ_TYPE_SLV_LTK, store_value);
return rc;
}
@@ -165,8 +165,8 @@ void
ble_store_key_from_value_ltk(struct ble_store_key_ltk *out_key,
struct ble_store_value_ltk *value)
{
- out_key->addr_type = value->addr_type;
- memcpy(out_key->addr, value->addr, sizeof out_key->addr);
+ out_key->peer_addr_type = value->peer_addr_type;
+ memcpy(out_key->peer_addr, value->peer_addr, sizeof out_key->peer_addr);
out_key->ediv = value->ediv;
out_key->ediv_present = 1;
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/ba96fba7/net/nimble/host/src/test/ble_hs_test_util_store.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/test/ble_hs_test_util_store.c b/net/nimble/host/src/test/ble_hs_test_util_store.c
index 76608c1..50188cd 100644
--- a/net/nimble/host/src/test/ble_hs_test_util_store.c
+++ b/net/nimble/host/src/test/ble_hs_test_util_store.c
@@ -92,12 +92,13 @@ ble_hs_test_util_store_read_ltk(struct ble_store_value_ltk *store,
for (i = 0; i < num_values; i++) {
cur = store + i;
- if (key->addr_type != BLE_STORE_ADDR_TYPE_NONE) {
- if (cur->addr_type != key->addr_type) {
+ if (key->peer_addr_type != BLE_STORE_ADDR_TYPE_NONE) {
+ if (cur->peer_addr_type != key->peer_addr_type) {
continue;
}
- if (memcmp(cur->addr, key->addr, sizeof cur->addr) != 0) {
+ if (memcmp(cur->peer_addr, key->peer_addr,
+ sizeof cur->peer_addr) != 0) {
continue;
}
}
@@ -175,14 +176,14 @@ ble_hs_test_util_store_read(int obj_type, union ble_store_key *key,
union ble_store_value *dst)
{
switch (obj_type) {
- case BLE_STORE_OBJ_TYPE_OUR_LTK:
+ case BLE_STORE_OBJ_TYPE_MST_LTK:
return ble_hs_test_util_store_read_ltk(
ble_hs_test_util_store_our_ltks,
ble_hs_test_util_store_num_our_ltks,
&key->ltk,
&dst->ltk);
- case BLE_STORE_OBJ_TYPE_PEER_LTK:
+ case BLE_STORE_OBJ_TYPE_SLV_LTK:
return ble_hs_test_util_store_read_ltk(
ble_hs_test_util_store_peer_ltks,
ble_hs_test_util_store_num_peer_ltks,
@@ -205,14 +206,14 @@ ble_hs_test_util_store_write(int obj_type, union ble_store_value *value)
int idx;
switch (obj_type) {
- case BLE_STORE_OBJ_TYPE_OUR_LTK:
+ case BLE_STORE_OBJ_TYPE_MST_LTK:
BLE_HS_TEST_UTIL_STORE_WRITE_GEN(
ble_hs_test_util_store_our_ltks,
ble_hs_test_util_store_num_our_ltks,
ble_hs_test_util_store_max_our_ltks,
value->ltk, -1);
- case BLE_STORE_OBJ_TYPE_PEER_LTK:
+ case BLE_STORE_OBJ_TYPE_SLV_LTK:
BLE_HS_TEST_UTIL_STORE_WRITE_GEN(
ble_hs_test_util_store_peer_ltks,
ble_hs_test_util_store_num_peer_ltks,
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/ba96fba7/net/nimble/host/src/test/ble_l2cap_sm_test.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/test/ble_l2cap_sm_test.c b/net/nimble/host/src/test/ble_l2cap_sm_test.c
index b5a956e..88cec19 100644
--- a/net/nimble/host/src/test/ble_l2cap_sm_test.c
+++ b/net/nimble/host/src/test/ble_l2cap_sm_test.c
@@ -1138,15 +1138,15 @@ ble_l2cap_sm_test_util_peer_bonding_good(int send_enc_req, uint8_t *ltk,
TEST_ASSERT(ble_l2cap_sm_dbg_num_procs() == 0);
/* Populate the SM database with an LTK for this peer. */
- value_ltk.addr_type = conn->bhc_addr_type;
- memcpy(value_ltk.addr, conn->bhc_addr, sizeof value_ltk.addr);
+ value_ltk.peer_addr_type = conn->bhc_addr_type;
+ memcpy(value_ltk.peer_addr, conn->bhc_addr, sizeof value_ltk.peer_addr);
value_ltk.ediv = ediv;
value_ltk.rand_num = rand_num;
memcpy(value_ltk.key, ltk, sizeof value_ltk.key);
value_ltk.authenticated = authenticated;
value_ltk.sc = 0;
- rc = ble_store_write_our_ltk(&value_ltk);
+ rc = ble_store_write_slv_ltk(&value_ltk);
TEST_ASSERT_FATAL(rc == 0);
if (send_enc_req) {
@@ -1162,8 +1162,8 @@ ble_l2cap_sm_test_util_peer_bonding_good(int send_enc_req, uint8_t *ltk,
/* Ensure the LTK request event got sent to the application. */
TEST_ASSERT(ble_l2cap_sm_test_store_obj_type ==
- BLE_STORE_OBJ_TYPE_OUR_LTK);
- TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.addr_type ==
+ BLE_STORE_OBJ_TYPE_MST_LTK);
+ TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.peer_addr_type ==
BLE_STORE_ADDR_TYPE_NONE);
TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.ediv_present);
TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.ediv == ediv);
@@ -1227,7 +1227,7 @@ ble_l2cap_sm_test_util_peer_bonding_bad(uint16_t ediv, uint64_t rand_num)
/* Ensure the LTK request event got sent to the application. */
TEST_ASSERT(ble_l2cap_sm_test_store_obj_type ==
- BLE_STORE_OBJ_TYPE_OUR_LTK);
+ BLE_STORE_OBJ_TYPE_MST_LTK);
TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.ediv_present);
TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.ediv == ediv);
TEST_ASSERT(ble_l2cap_sm_test_store_key.ltk.rand_num_present);
@@ -1880,15 +1880,15 @@ ble_l2cap_sm_test_util_us_bonding_good(int send_enc_req, uint8_t *ltk,
TEST_ASSERT(ble_l2cap_sm_dbg_num_procs() == 0);
/* Populate the SM database with an LTK for this peer. */
- value_ltk.addr_type = conn->bhc_addr_type;
- memcpy(value_ltk.addr, conn->bhc_addr, sizeof value_ltk.addr);
+ value_ltk.peer_addr_type = conn->bhc_addr_type;
+ memcpy(value_ltk.peer_addr, conn->bhc_addr, sizeof value_ltk.peer_addr);
value_ltk.ediv = ediv;
value_ltk.rand_num = rand_num;
memcpy(value_ltk.key, ltk, sizeof value_ltk.key);
value_ltk.authenticated = authenticated;
value_ltk.sc = 0;
- rc = ble_store_write_our_ltk(&value_ltk);
+ rc = ble_store_write_mst_ltk(&value_ltk);
TEST_ASSERT_FATAL(rc == 0);
if (send_enc_req) {