ble_sec.h
Go to the documentation of this file.
1 
49 #ifndef __BLE_SEC_H__
50 #define __BLE_SEC_H__
51 
52 #include "ble_error.h"
53 #include <stdbool.h>
54 
61 #define AUTH_NONE 0
62 #define AUTH_BOND (1 << 0)
63 #define AUTH_MITM (1 << 2)
64 #define AUTH_SEC_CON (1 << 3)
65 #define AUTH_KEY_PRESS_NOTIFY (1 << 4)
66 #define AUTH_ALL (AUTH_BOND | AUTH_MITM | AUTH_SEC_CON | AUTH_KEY_PRESS_NOTIFY)
72 #define KDIST_NONE 0
73 #define KDIST_ENCKEY (1 << 0)
74 #define KDIST_IDKEY (1 << 1)
75 #define KDIST_SIGNKEY (1 << 2)
76 #define KDIST_ALL (KDIST_ENCKEY | KDIST_IDKEY | KDIST_SIGNKEY)
84 typedef enum
85 {
86  IO_DISPLAY_ONLY = 0x00,
87  IO_DISPLAY_YES_NO = 0x01,
88  IO_KEYBOARD_ONLY = 0x02,
89  IO_NO_INPUT_NO_OUTPUT = 0x03,
90  IO_KEYBOARD_DISPLAY = 0x04
91 } sec_io_cap_t;
92 
96 typedef enum
97 {
98  PAIR_REQ,
99  TK_REQ,
100  OOB_REQ,
101  NC_REQ
102 } sec_enc_req_type_t;
103 
105 typedef enum
106 {
107  KEY_PRESS_STARTED = 0x00,
108  KEY_PRESS_ENTERED = 0x01,
109  KEY_PRESS_ERASED = 0x02,
110  KEY_PRESS_CLEARED = 0x03,
111  KEY_PRESS_COMPLETED = 0x04
112 } sec_keypress_notify_t;
113 
115 typedef enum
116 {
117  ENC_SUCCESS = 0x00,
118  ENC_FAIL_PASSKEY_ENTRY_FAIL = 0x01,
119  ENC_FAIL_OOB_NOT_AVAILBL = 0x02,
120  ENC_FAIL_AUTH_REQ = 0x03,
122  ENC_FAIL_CONFIRM_VAL_FAIL = 0x04,
123  ENC_FAIL_PAIRING_NOT_SUPPORT = 0x05,
124  ENC_FAIL_ENCRPT_KEY_SIZE = 0x06,
125  ENC_FAIL_COMMAND_NOT_SUPPORT = 0x07,
126  ENC_FAIL_UNSPECIFIED = 0x08,
127  ENC_FAIL_REPEAT_ATTEMPT = 0x09,
129  ENC_FAIL_INVALID_PARAM = 0x0A,
131  ENC_FAIL_DHKEY_CHECK_FAIL = 0x0B,
133  ENC_FAIL_NUM_CMP_FAIL = 0x0C,
134  ENC_FAIL_BR_EDR_IN_PROGRESS = 0x0D,
136  ENC_FAIL_KEY_DRIV_GEN_NOT_ALLOW = 0x0E,
138  ENC_FAIL_LTK_MISSING = 0x0F,
139 } sec_enc_ind_t;
140 
142 typedef enum
143 {
144  SEC_MODE1_LEVEL1 = 0x00,
145  SEC_MODE1_LEVEL2 = 0x01,
146  SEC_MODE1_LEVEL3 = 0x02,
147  SEC_MODE1_LEVEL4 = 0x03,
148  SEC_MODE2_LEVEL1 = 0x04,
149  SEC_MODE2_LEVEL2 = 0x05,
150 } sec_mode_level_t;
151 
153 typedef enum
154 {
155  SEC_TK_OOB = 0x00,
156  SEC_TK_DISPLAY,
157  SEC_TK_KEY_ENTRY
158 } sec_tk_type_t;
159 
161 typedef enum
162 {
163  BOND_INFO_LOAD_FAILED = 0x00,
164  LTK_VALID_MASK_ERR,
165  EDIV_RAND_VALUE_ERR
166 } sec_key_missing_reason_t;
172 typedef struct
173 {
174  sec_mode_level_t level;
175  sec_io_cap_t io_cap;
176  bool oob;
177  uint8_t auth;
178  uint8_t key_size;
179  uint8_t ikey_dist;
180  uint8_t rkey_dist;
181 } sec_param_t;
182 
184 typedef struct
185 {
186  uint8_t key[16];
187 } sec_tk_t;
188 
190 typedef struct
191 {
192  uint8_t conf[16];
193  uint8_t rand[16];
194 } sec_oob_t;
195 
197 typedef union
198 {
199  sec_tk_t tk;
200  sec_oob_t oob;
201 } sec_cfm_enc_data_t;
202 
204 typedef struct
205 {
206  sec_enc_req_type_t req_type;
207  bool accept;
208  sec_cfm_enc_data_t data;
209 } sec_cfm_enc_t;
210 
212 typedef struct
213 {
214  uint8_t value[4];
215 } sec_nc_t;
216 
218 typedef union
219 {
220  sec_tk_type_t tk_type;
221  sec_oob_t oob_data;
222  sec_nc_t nc_data;
223 } sec_enc_req_data_t;
224 
226 typedef struct
227 {
228  sec_enc_req_type_t req_type;
229  sec_enc_req_data_t data;
230 } sec_enc_req_t;
231 
233 typedef struct
234 {
235  void (*app_sec_enc_req_cb)(uint8_t conn_idx, sec_enc_req_t *p_enc_req);
236  void (*app_sec_enc_ind_cb)(uint8_t conn_idx, sec_enc_ind_t enc_ind, uint8_t auth);
237  void (*app_sec_keypress_notify_cb)(uint8_t conn_idx, sec_keypress_notify_t notify_type);
238  void (*app_sec_key_missing_cb)(uint8_t conn_idx, sec_key_missing_reason_t reason);
239 } sec_cb_fun_t;
255 uint16_t ble_sec_params_set(sec_param_t *p_sec_param);
256 
273 uint16_t ble_sec_enc_start(uint8_t conn_idx);
274 
289 uint16_t ble_sec_enc_cfm(uint8_t conn_idx, const sec_cfm_enc_t *p_cfm_enc);
290 
303 uint16_t ble_sec_keypress_notify_send(uint8_t conn_idx, uint8_t notify_type);
306 #endif
307 
SEC_MODE1_LEVEL2
@ SEC_MODE1_LEVEL2
Definition: ble_sec.h:145
sec_enc_req_data_t::oob_data
sec_oob_t oob_data
Definition: ble_sec.h:221
sec_cfm_enc_t::req_type
sec_enc_req_type_t req_type
Definition: ble_sec.h:206
sec_param_t::oob
bool oob
Definition: ble_sec.h:176
ENC_FAIL_CONFIRM_VAL_FAIL
@ ENC_FAIL_CONFIRM_VAL_FAIL
Definition: ble_sec.h:122
KEY_PRESS_STARTED
@ KEY_PRESS_STARTED
Definition: ble_sec.h:107
SEC_MODE1_LEVEL1
@ SEC_MODE1_LEVEL1
Definition: ble_sec.h:144
sec_enc_req_type_t
sec_enc_req_type_t
SEC Encryption Request Type.
Definition: ble_sec.h:97
ENC_FAIL_UNSPECIFIED
@ ENC_FAIL_UNSPECIFIED
Definition: ble_sec.h:126
ble_sec_enc_cfm
uint16_t ble_sec_enc_cfm(uint8_t conn_idx, const sec_cfm_enc_t *p_cfm_enc)
Send the encrypt confirm information.
sec_param_t::auth
uint8_t auth
Definition: ble_sec.h:177
PAIR_REQ
@ PAIR_REQ
Definition: ble_sec.h:98
sec_tk_t
TK value.
Definition: ble_sec.h:185
ENC_FAIL_PAIRING_NOT_SUPPORT
@ ENC_FAIL_PAIRING_NOT_SUPPORT
Definition: ble_sec.h:123
sec_keypress_notify_t
sec_keypress_notify_t
SEC Key Press Notify.
Definition: ble_sec.h:106
sec_nc_t
SEC number comparison value.
Definition: ble_sec.h:213
sec_cfm_enc_t
SEC Confirm encryption.
Definition: ble_sec.h:205
sec_enc_req_t::data
sec_enc_req_data_t data
Definition: ble_sec.h:229
sec_oob_t
SEC OOB value.
Definition: ble_sec.h:191
SEC_TK_DISPLAY
@ SEC_TK_DISPLAY
Definition: ble_sec.h:156
sec_cfm_enc_data_t::oob
sec_oob_t oob
Definition: ble_sec.h:200
ble_sec_keypress_notify_send
uint16_t ble_sec_keypress_notify_send(uint8_t conn_idx, uint8_t notify_type)
Send key press notify.
sec_param_t::key_size
uint8_t key_size
Definition: ble_sec.h:178
sec_cfm_enc_data_t::tk
sec_tk_t tk
Definition: ble_sec.h:199
IO_DISPLAY_YES_NO
@ IO_DISPLAY_YES_NO
Definition: ble_sec.h:87
KEY_PRESS_ERASED
@ KEY_PRESS_ERASED
Definition: ble_sec.h:109
sec_io_cap_t
sec_io_cap_t
SEC IO Capability.
Definition: ble_sec.h:85
KEY_PRESS_CLEARED
@ KEY_PRESS_CLEARED
Definition: ble_sec.h:110
ENC_SUCCESS
@ ENC_SUCCESS
Definition: ble_sec.h:117
ble_sec_params_set
uint16_t ble_sec_params_set(sec_param_t *p_sec_param)
Set security parameter.
sec_enc_req_data_t::nc_data
sec_nc_t nc_data
Definition: ble_sec.h:222
SEC_TK_KEY_ENTRY
@ SEC_TK_KEY_ENTRY
Definition: ble_sec.h:157
LTK_VALID_MASK_ERR
@ LTK_VALID_MASK_ERR
Definition: ble_sec.h:164
ENC_FAIL_REPEAT_ATTEMPT
@ ENC_FAIL_REPEAT_ATTEMPT
Definition: ble_sec.h:127
SEC_MODE2_LEVEL1
@ SEC_MODE2_LEVEL1
Definition: ble_sec.h:148
sec_tk_type_t
sec_tk_type_t
SEC TK type.
Definition: ble_sec.h:154
IO_KEYBOARD_ONLY
@ IO_KEYBOARD_ONLY
Definition: ble_sec.h:88
sec_cfm_enc_data_t
SEC Confirm encryption data.
Definition: ble_sec.h:198
sec_key_missing_reason_t
sec_key_missing_reason_t
Key missing reason.
Definition: ble_sec.h:162
ble_error.h
File that contains error codes.
SEC_MODE1_LEVEL4
@ SEC_MODE1_LEVEL4
Definition: ble_sec.h:147
sec_param_t
SEC Parameter.
Definition: ble_sec.h:173
TK_REQ
@ TK_REQ
Definition: ble_sec.h:99
ENC_FAIL_LTK_MISSING
@ ENC_FAIL_LTK_MISSING
Definition: ble_sec.h:138
sec_cb_fun_t
SEC register call back.
Definition: ble_sec.h:234
SEC_TK_OOB
@ SEC_TK_OOB
Definition: ble_sec.h:155
sec_enc_req_data_t
SEC encryption request data.
Definition: ble_sec.h:219
sec_param_t::ikey_dist
uint8_t ikey_dist
Definition: ble_sec.h:179
sec_param_t::rkey_dist
uint8_t rkey_dist
Definition: ble_sec.h:180
EDIV_RAND_VALUE_ERR
@ EDIV_RAND_VALUE_ERR
Definition: ble_sec.h:165
SEC_MODE1_LEVEL3
@ SEC_MODE1_LEVEL3
Definition: ble_sec.h:146
sec_enc_req_data_t::tk_type
sec_tk_type_t tk_type
Definition: ble_sec.h:220
ENC_FAIL_COMMAND_NOT_SUPPORT
@ ENC_FAIL_COMMAND_NOT_SUPPORT
Definition: ble_sec.h:125
SEC_MODE2_LEVEL2
@ SEC_MODE2_LEVEL2
Definition: ble_sec.h:149
sec_enc_req_t::req_type
sec_enc_req_type_t req_type
Definition: ble_sec.h:228
ble_sec_enc_start
uint16_t ble_sec_enc_start(uint8_t conn_idx)
Start security encryption, this interface is used by both slave and master.
ENC_FAIL_AUTH_REQ
@ ENC_FAIL_AUTH_REQ
Definition: ble_sec.h:120
sec_cfm_enc_t::accept
bool accept
Definition: ble_sec.h:207
ENC_FAIL_INVALID_PARAM
@ ENC_FAIL_INVALID_PARAM
Definition: ble_sec.h:129
KEY_PRESS_ENTERED
@ KEY_PRESS_ENTERED
Definition: ble_sec.h:108
sec_cfm_enc_t::data
sec_cfm_enc_data_t data
Definition: ble_sec.h:208
sec_enc_req_t
SEC encryption request.
Definition: ble_sec.h:227
ENC_FAIL_ENCRPT_KEY_SIZE
@ ENC_FAIL_ENCRPT_KEY_SIZE
Definition: ble_sec.h:124
IO_DISPLAY_ONLY
@ IO_DISPLAY_ONLY
Definition: ble_sec.h:86
ENC_FAIL_BR_EDR_IN_PROGRESS
@ ENC_FAIL_BR_EDR_IN_PROGRESS
Definition: ble_sec.h:134
sec_mode_level_t
sec_mode_level_t
SEC mode and level.
Definition: ble_sec.h:143
sec_enc_ind_t
sec_enc_ind_t
SEC pair result.
Definition: ble_sec.h:116
sec_param_t::level
sec_mode_level_t level
Definition: ble_sec.h:174
ENC_FAIL_DHKEY_CHECK_FAIL
@ ENC_FAIL_DHKEY_CHECK_FAIL
Definition: ble_sec.h:131
NC_REQ
@ NC_REQ
Definition: ble_sec.h:101
BOND_INFO_LOAD_FAILED
@ BOND_INFO_LOAD_FAILED
Definition: ble_sec.h:163
ENC_FAIL_NUM_CMP_FAIL
@ ENC_FAIL_NUM_CMP_FAIL
Definition: ble_sec.h:133
KEY_PRESS_COMPLETED
@ KEY_PRESS_COMPLETED
Definition: ble_sec.h:111
sec_param_t::io_cap
sec_io_cap_t io_cap
Definition: ble_sec.h:175
IO_NO_INPUT_NO_OUTPUT
@ IO_NO_INPUT_NO_OUTPUT
Definition: ble_sec.h:89
IO_KEYBOARD_DISPLAY
@ IO_KEYBOARD_DISPLAY
Definition: ble_sec.h:90
ENC_FAIL_OOB_NOT_AVAILBL
@ ENC_FAIL_OOB_NOT_AVAILBL
Definition: ble_sec.h:119
ENC_FAIL_KEY_DRIV_GEN_NOT_ALLOW
@ ENC_FAIL_KEY_DRIV_GEN_NOT_ALLOW
Definition: ble_sec.h:136
ENC_FAIL_PASSKEY_ENTRY_FAIL
@ ENC_FAIL_PASSKEY_ENTRY_FAIL
Definition: ble_sec.h:118
OOB_REQ
@ OOB_REQ
Definition: ble_sec.h:100