This is an automated email from the ASF dual-hosted git repository. andk pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
commit 5f7ca7062877edd75983b8ef6eccc22e5826d0b0 Author: Andrzej Kaczmarek <[email protected]> AuthorDate: Mon Jan 30 17:26:31 2023 +0100 nimble/phy: Add setting for header mask for encryption ISO PDUs require different bits to be masked out in PDU header than standard data PDUs (Core 5.3, Vol 6, Part E, 2.2) when generating keystream for encryption/decrytpion so we need to be able to set such mask. For now this only works on nRF5340 as it has dedicated support for that. Header mask is always reset to default (data PDU) to avoid changing lots of old code. --- nimble/controller/include/controller/ble_ll_pdu.h | 5 +++++ nimble/controller/include/controller/ble_phy.h | 2 ++ nimble/drivers/nrf5x/src/ble_phy.c | 11 +++++++++++ 3 files changed, 18 insertions(+) diff --git a/nimble/controller/include/controller/ble_ll_pdu.h b/nimble/controller/include/controller/ble_ll_pdu.h index 60eef833..b18db944 100644 --- a/nimble/controller/include/controller/ble_ll_pdu.h +++ b/nimble/controller/include/controller/ble_ll_pdu.h @@ -26,6 +26,11 @@ extern "C" { #endif +/* Header mask for keystream generation */ +#define BLE_LL_PDU_HEADERMASK_DATA (0xe3) +#define BLE_LL_PDU_HEADERMASK_BIS (0xc3) +#define BLE_LL_PDU_HEADERMASK_CIS (0xa3) + #define BLE_LL_PDU_PREAMBLE_1M_LEN (1) #define BLE_LL_PDU_PREAMBLE_2M_LEN (2) #define BLE_LL_PDU_AA_LEN (4) diff --git a/nimble/controller/include/controller/ble_phy.h b/nimble/controller/include/controller/ble_phy.h index 902ac034..bba8bccb 100644 --- a/nimble/controller/include/controller/ble_phy.h +++ b/nimble/controller/include/controller/ble_phy.h @@ -165,6 +165,8 @@ uint32_t ble_phy_access_addr_get(void); /* Enable encryption */ void ble_phy_encrypt_enable(const uint8_t *key); +/* Set mask for PDU header (see Core 5.3, Vol 6, Part E, 2.2) */ +void ble_phy_encrypt_header_mask_set(uint8_t mask); /* Set encryption IV */ void ble_phy_encrypt_iv_set(const uint8_t *iv); /* Set encryption packet counter and direction bit */ diff --git a/nimble/drivers/nrf5x/src/ble_phy.c b/nimble/drivers/nrf5x/src/ble_phy.c index 1e5fc5c3..3e095329 100644 --- a/nimble/drivers/nrf5x/src/ble_phy.c +++ b/nimble/drivers/nrf5x/src/ble_phy.c @@ -1700,6 +1700,17 @@ ble_phy_encrypt_enable(const uint8_t *key) g_ble_phy_data.phy_encrypted = 1; NRF_AAR->ENABLE = AAR_ENABLE_ENABLE_Disabled; NRF_CCM->ENABLE = CCM_ENABLE_ENABLE_Enabled; +#ifdef NRF5340_XXAA + NRF_CCM->HEADERMASK = BLE_LL_PDU_HEADERMASK_DATA; +#endif +} + +void +ble_phy_encrypt_header_mask_set(uint8_t mask) +{ +#ifdef NRF5340_XXAA + NRF_CCM->HEADERMASK = mask; +#endif } void
