[GitHub] [mynewt-nimble] apache-mynewt-bot removed a comment on pull request #958: Various Mesh fixes
apache-mynewt-bot removed a comment on pull request #958: URL: https://github.com/apache/mynewt-nimble/pull/958#issuecomment-832584097 ## Style check fail: Payload was too large -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-nimble] apache-mynewt-bot commented on pull request #958: Various Mesh fixes
apache-mynewt-bot commented on pull request #958: URL: https://github.com/apache/mynewt-nimble/pull/958#issuecomment-834071963 ## Style check fail: Payload was too large -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-mcumgr] sw opened a new issue #122: Zephyr port: unnecessary flash alignment check
sw opened a new issue #122: URL: https://github.com/apache/mynewt-mcumgr/issues/122 This relates to https://github.com/apache/mynewt-newtmgr/issues/185 There is a performance problem when using mcumgr CLI to upload firmware images to a Zephyr system. There is an overhead of up to 4x in the data transmitted on the serial port. On the one hand, this is due to sub-optimal frame handling in mcumgr CLI as reported in https://github.com/apache/mynewt-newtmgr/issues/185 But I suspect the MCU side could also be improved. `img_mgmt_impl_upload_inspect` rounds the data length down to a multiple of the flash write block size: https://github.com/apache/mynewt-mcumgr/blob/798f7fe28bb32335ba25d1c180808cd88d73a83c/cmd/img_mgmt/port/zephyr/src/zephyr_img_mgmt.c#L571-L576 But then, buffered write is used in `img_mgmt_impl_write_image_data`: https://github.com/apache/mynewt-mcumgr/blob/798f7fe28bb32335ba25d1c180808cd88d73a83c/cmd/img_mgmt/port/zephyr/src/zephyr_img_mgmt.c#L307 According to the documentation of `flash_img_buffered_write`, this function will store non-complete blocks in RAM until it is called with `flush == true`. So a length that is *not* a multiple of the flash write block size should not pose a problem. My suggestion would be to remove the length truncation in `img_mgmt_impl_upload_inspect`. Or is there some special case that this would break? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-newtmgr] sw opened a new issue #185: Flash alignment mismatch leads to large overhead with Zephyr mcumgr
sw opened a new issue #185: URL: https://github.com/apache/mynewt-newtmgr/issues/185 We are using Nordic's fork of mcumgr (https://github.com/nrfconnect/sdk-mcumgr) but I believe this also affects upstream https://github.com/apache/mynewt-mcumgr. The Zephyr port rounds the write size down to the flash write block size: https://github.com/apache/mynewt-mcumgr/blob/798f7fe28bb32335ba25d1c180808cd88d73a83c/cmd/img_mgmt/port/zephyr/src/zephyr_img_mgmt.c#L571-L576 This smaller size is then reported back in the response. However, the mcumgr takes some time to detect this mismatch, and keeps sending frames with incorrect offsets. This leads to a large overhead of data transmitted on the serial port. This happens with the first frame, which is sent with 0x127 bytes of data; the receiver rounds this down to 0x124. mcumgr CLI then tries to continue at offset 0x127, then offset 0x27b, until it realises something is wrong and restarts at 0x124. The next 64kbyte then go through without a hitch (no offset problems). At the 64k block border though, the problem re-occurs, and from then on every fragment is essentially sent 4 times: 3 times with a wrong offset which is discarded. The image handling in newtmgr should be improved: * to detect a wrong offset sooner, rather than sending up to 3 frames with wrong offset * to only send a multiple of a common flash block size, for example a multiple of 4 bytes. Attached is a log file from `mcumgr image upload file.bin -l debug`: [log.txt](https://github.com/apache/mynewt-newtmgr/files/6434672/log.txt) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-nimble] KKopyscinski commented on issue #951: NimBLE mesh on ESP32 ( Provisioning and configuration data Persistance storage issuse)
KKopyscinski commented on issue #951: URL: https://github.com/apache/mynewt-nimble/issues/951#issuecomment-833467477 Saving provisioning data in persistent storage was recently fixed, does this issue still persist? -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-nimble] rymanluk merged pull request #941: ble_sm: add Secure Connections Only mode
rymanluk merged pull request #941: URL: https://github.com/apache/mynewt-nimble/pull/941 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[mynewt-nimble] branch master updated: ble_sm: add Secure Connections Only mode
This is an automated email from the ASF dual-hosted git repository.
rymek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
The following commit(s) were added to refs/heads/master by this push:
new 4ad4395 ble_sm: add Secure Connections Only mode
4ad4395 is described below
commit 4ad4395d7ca0de9607f766700f5b85708ae7b7a1
Author: Krzysztof Kopyściński
AuthorDate: Thu Mar 18 13:15:02 2021 +0100
ble_sm: add Secure Connections Only mode
Added mode allowing to enforce pairing only in SC mode 1 level 4. This mode
is required to pass
GAP/SEC/SEM/BI testcases. Added BLE_SM_SC_LVL config to allow pairing only
in selected levels.
---
nimble/host/src/ble_att_svr.c | 10
nimble/host/src/ble_sm.c | 25 +--
nimble/host/syscfg.yml | 28 ++
porting/examples/linux/include/syscfg/syscfg.h | 8 +++
.../examples/linux_blemesh/include/syscfg/syscfg.h | 8 +++
porting/examples/nuttx/include/syscfg/syscfg.h | 8 +++
porting/nimble/include/syscfg/syscfg.h | 8 +++
porting/npl/riot/include/syscfg/syscfg.h | 8 +++
8 files changed, 101 insertions(+), 2 deletions(-)
diff --git a/nimble/host/src/ble_att_svr.c b/nimble/host/src/ble_att_svr.c
index 0cfbc7d..7b2611a 100644
--- a/nimble/host/src/ble_att_svr.c
+++ b/nimble/host/src/ble_att_svr.c
@@ -284,6 +284,16 @@ ble_att_svr_check_perms(uint16_t conn_handle, int is_read,
}
ble_att_svr_get_sec_state(conn_handle, _state);
+/* In SC Only mode all characteristics requiring security
+ * require it on level 4
+ */
+if (MYNEWT_VAL(BLE_SM_SC_ONLY)) {
+if (sec_state.key_size != 128 ||
+!sec_state.authenticated ||
+!sec_state.encrypted) {
+return BLE_ATT_ERR_INSUFFICIENT_KEY_SZ;
+}
+}
if ((enc || authen) && !sec_state.encrypted) {
ble_hs_lock();
conn = ble_hs_conn_find(conn_handle);
diff --git a/nimble/host/src/ble_sm.c b/nimble/host/src/ble_sm.c
index b4e8096..c63af40 100644
--- a/nimble/host/src/ble_sm.c
+++ b/nimble/host/src/ble_sm.c
@@ -1726,17 +1726,23 @@ err:
}
static bool
-ble_sm_verify_auth_requirements(uint8_t authreq)
+ble_sm_verify_auth_requirements(uint8_t cmd)
{
/* For now we check only SC only mode. I.e.: when remote indicates
* to not support SC pairing, let us make sure legacy pairing is supported
* on our side. If not, we can fail right away.
*/
-if (!(authreq & BLE_SM_PAIR_AUTHREQ_SC)) {
+if (!(cmd & BLE_SM_PAIR_AUTHREQ_SC)) {
if (MYNEWT_VAL(BLE_SM_LEGACY) == 0) {
return false;
}
}
+/* Fail if Secure Connections level forces MITM protection and remote does
not
+ * support it
+ */
+if (MYNEWT_VAL(BLE_SM_SC_LVL) >= 3 && !(cmd & BLE_SM_PAIR_AUTHREQ_MITM)) {
+return false;
+}
return true;
}
@@ -1817,12 +1823,21 @@ ble_sm_pair_req_rx(uint16_t conn_handle, struct os_mbuf
**om,
if (conn->bhc_flags & BLE_HS_CONN_F_MASTER) {
res->sm_err = BLE_SM_ERR_CMD_NOT_SUPP;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_CMD_NOT_SUPP);
+} else if (MYNEWT_VAL(BLE_SM_SC_LVL) == 1) {
+res->sm_err = BLE_SM_ERR_CMD_NOT_SUPP;
+res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_CMD_NOT_SUPP);
} else if (req->max_enc_key_size < BLE_SM_PAIR_KEY_SZ_MIN) {
res->sm_err = BLE_SM_ERR_ENC_KEY_SZ;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_ENC_KEY_SZ);
} else if (req->max_enc_key_size > BLE_SM_PAIR_KEY_SZ_MAX) {
res->sm_err = BLE_SM_ERR_INVAL;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_INVAL);
+} else if (MYNEWT_VAL(BLE_SM_SC_ONLY) && (req->max_enc_key_size !=
BLE_SM_PAIR_KEY_SZ_MAX)) {
+/* Fail if Secure Connections Only mode is on and remote does not
meet
+* key size requirements - MITM was checked in last step
+*/
+res->sm_err = BLE_SM_ERR_ENC_KEY_SZ;
+res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_ENC_KEY_SZ);
} else if (!ble_sm_verify_auth_requirements(req->authreq)) {
res->sm_err = BLE_SM_ERR_AUTHREQ;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_AUTHREQ);
@@ -1886,6 +1901,12 @@ ble_sm_pair_rsp_rx(uint16_t conn_handle, struct os_mbuf
**om,
} else if (rsp->max_enc_key_size > BLE_SM_PAIR_KEY_SZ_MAX) {
res->sm_err = BLE_SM_ERR_INVAL;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_INVAL);
+} else if (MYNEWT_VAL(BLE_SM_SC_ONLY) && (rsp->max_enc_key_size !=
BLE_SM_PAIR_KEY_SZ_MAX)) {
+/* Fail if Secure Connections Only mode is on and remote does not
meet
+* key size requirements - MITM was checked in last step
+*/
+
[GitHub] [mynewt-nimble] rymanluk merged pull request #971: nimble/host: Fix potential MITM vulnerability in case of secure connection pairing
rymanluk merged pull request #971: URL: https://github.com/apache/mynewt-nimble/pull/971 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[mynewt-nimble] 02/02: nimble/test: Add SC unit test to flag error on same public key
This is an automated email from the ASF dual-hosted git repository.
rymek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
commit b106ddbdd4ddbdefae8cef2692cf2ea268fed870
Author: Prasad Alatkar
AuthorDate: Mon May 3 20:20:14 2021 +0530
nimble/test: Add SC unit test to flag error on same public key
---
nimble/host/test/src/ble_sm_sc_test.c | 606
nimble/host/test/src/ble_sm_test_util.c | 106 +-
nimble/host/test/src/ble_sm_test_util.h | 1 +
3 files changed, 708 insertions(+), 5 deletions(-)
diff --git a/nimble/host/test/src/ble_sm_sc_test.c
b/nimble/host/test/src/ble_sm_sc_test.c
index c3d1955..cd453e0 100644
--- a/nimble/host/test/src/ble_sm_sc_test.c
+++ b/nimble/host/test/src/ble_sm_sc_test.c
@@ -2289,6 +2289,612 @@
TEST_CASE_SELF(ble_sm_sc_us_pk_iio2_rio4_b1_iat0_rat0_ik7_rk5)
* Secure connections pairing
* Master: us
* Pair algorithm: passkey entry
+ * Initiator IO capabilities: 2
+ * Responder IO capabilities: 4
+ * Bonding: true
+ * Initiator address type: 0
+ * Responder address type: 0
+ * Initiator key distribution: 7
+ * Responder key distribution: 5
+ * Peer responds with same public key
+ */
+TEST_CASE_SELF(ble_sm_sc_us_pk_iio2_rio4_b1_iat0_rat0_ik7_rk5_peer_same_pk) {
+struct ble_sm_test_params params;
+
+params = (struct ble_sm_test_params) {
+.init_id_addr = {
+0x01, 0x01, 0x01, 0x07, 0x08, 0x01,
+},
+.resp_id_addr = {
+0xca, 0x61, 0xa0, 0x67, 0x94, 0xe0,
+},
+.pair_req = {
+.io_cap = 0x02,
+.oob_data_flag = 0x00,
+.authreq = 0x0d,
+.max_enc_key_size = 0x10,
+.init_key_dist = 0x07,
+.resp_key_dist = 0x07,
+},
+.pair_rsp = {
+.io_cap = 0x04,
+.oob_data_flag = 0x00,
+.authreq = 0x0d,
+.max_enc_key_size = 0x10,
+.init_key_dist = 0x07,
+.resp_key_dist = 0x05,
+},
+.our_priv_key = {
+0xb1, 0x6b, 0x4f, 0x81, 0xbc, 0xe3, 0x60, 0x9e,
+0x00, 0x20, 0xf1, 0x73, 0x3e, 0xfb, 0xcc, 0x6e,
+0x8c, 0xb6, 0xd2, 0x51, 0xd9, 0x36, 0x8a, 0x6d,
+0xca, 0x8c, 0xd7, 0xbe, 0x96, 0x03, 0xdf, 0xd6,
+},
+.public_key_req = {
+.x = {
+0xe5, 0x0f, 0x02, 0x0a, 0x37, 0x90, 0x94, 0x5a,
+0x06, 0x21, 0xf7, 0xbc, 0xd5, 0xbe, 0xb9, 0x24,
+0x8a, 0x35, 0xfd, 0xf8, 0x5e, 0xe2, 0x70, 0xd5,
+0x5a, 0xe8, 0xe7, 0xdd, 0x13, 0x90, 0xeb, 0xd4,
+},
+.y = {
+0x41, 0xc8, 0x51, 0x1a, 0x25, 0x44, 0x01, 0x53,
+0x42, 0x74, 0x07, 0x9c, 0x18, 0xe6, 0x3b, 0x8a,
+0xce, 0x7a, 0x37, 0x1f, 0x18, 0x5c, 0x02, 0x7c,
+0x67, 0x16, 0xf5, 0x30, 0x2b, 0x31, 0xa9, 0xc7,
+},
+},
+.public_key_rsp = {
+.x = {
+0xe5, 0x0f, 0x02, 0x0a, 0x37, 0x90, 0x94, 0x5a,
+0x06, 0x21, 0xf7, 0xbc, 0xd5, 0xbe, 0xb9, 0x24,
+0x8a, 0x35, 0xfd, 0xf8, 0x5e, 0xe2, 0x70, 0xd5,
+0x5a, 0xe8, 0xe7, 0xdd, 0x13, 0x90, 0xeb, 0xd4,
+},
+.y = {
+0x41, 0xc8, 0x51, 0x1a, 0x25, 0x44, 0x01, 0x53,
+0x42, 0x74, 0x07, 0x9c, 0x18, 0xe6, 0x3b, 0x8a,
+0xce, 0x7a, 0x37, 0x1f, 0x18, 0x5c, 0x02, 0x7c,
+0x67, 0x16, 0xf5, 0x30, 0x2b, 0x31, 0xa9, 0xc7,
+},
+},
+.confirm_req[0] = {
+.value = {
+0x55, 0x2c, 0xaa, 0x41, 0x59, 0x42, 0x4d, 0xfe,
+0x47, 0x74, 0xcd, 0x2b, 0x11, 0xab, 0x21, 0xe6,
+},
+},
+.confirm_rsp[0] = {
+.value = {
+0x6a, 0x3c, 0x45, 0xf5, 0xb2, 0xe2, 0x04, 0x30,
+0xde, 0xd6, 0x3c, 0x6d, 0x85, 0x00, 0x00, 0x2c,
+},
+},
+.random_req[0] = {
+.value = {
+0x78, 0x06, 0x04, 0x60, 0x76, 0xe9, 0xc4, 0x5a,
+0xfb, 0x34, 0x44, 0xae, 0x45, 0xa0, 0x84, 0xde,
+},
+},
+.random_rsp[0] = {
+.value = {
+0x91, 0xc8, 0xfd, 0x1b, 0xb2, 0x85, 0x08, 0x76,
+0xd3, 0xf1, 0xc4, 0xa0, 0xfa, 0x92, 0x8c, 0x94,
+},
+},
+.confirm_req[1] = {
+.value = {
+0xb1, 0x2f, 0x68, 0x35, 0xa1, 0xa5, 0x84, 0xb1,
+0x4f, 0x1a, 0xb1, 0xb5, 0xf0, 0xb2, 0xbe, 0x61,
+},
+},
+.confirm_rsp[1] = {
+.value = {
+0x07, 0xd8, 0x43, 0x74, 0xe8, 0x42, 0xf3, 0xf1,
+0x87, 0x3d, 0x9e, 0x92, 0xea, 0x33, 0xe8, 0x54,
+},
+},
+.random_req[1] = {
+.value = {
+0x4c, 0xb7, 0xcc, 0x6d, 0x90, 0x9f, 0x1e, 0x2d,
+
[mynewt-nimble] 01/02: nimble/host: Fix MITM vulnerability during public key exchange in secure connection
This is an automated email from the ASF dual-hosted git repository.
rymek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
commit 6bb3c0c66839b6422e7eeb69f56733dcaa4b656b
Author: Prasad Alatkar
AuthorDate: Wed Apr 14 20:55:41 2021 +0530
nimble/host: Fix MITM vulnerability during public key exchange in secure
connection
---
nimble/host/src/ble_sm_sc.c | 7 +++
1 file changed, 7 insertions(+)
diff --git a/nimble/host/src/ble_sm_sc.c b/nimble/host/src/ble_sm_sc.c
index 7fae5b1..162a4a2 100644
--- a/nimble/host/src/ble_sm_sc.c
+++ b/nimble/host/src/ble_sm_sc.c
@@ -612,6 +612,13 @@ ble_sm_sc_public_key_rx(uint16_t conn_handle, struct
os_mbuf **om,
}
cmd = (struct ble_sm_public_key *)(*om)->om_data;
+/* Check if the peer public key is same as our generated public key.
+ * Return fail if the public keys match. */
+if (memcmp(cmd, ble_sm_sc_pub_key, 64) == 0) {
+res->enc_cb = 1;
+res->sm_err = BLE_SM_ERR_AUTHREQ;
+return;
+}
ble_hs_lock();
proc = ble_sm_proc_find(conn_handle, BLE_SM_PROC_STATE_PUBLIC_KEY, -1,
[mynewt-nimble] branch master updated (68c2594 -> b106ddb)
This is an automated email from the ASF dual-hosted git repository. rymek pushed a change to branch master in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git. from 68c2594 host/gap: fix doxygen for ble_gap_ext_disc() new 6bb3c0c nimble/host: Fix MITM vulnerability during public key exchange in secure connection new b106ddb nimble/test: Add SC unit test to flag error on same public key The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: nimble/host/src/ble_sm_sc.c | 7 + nimble/host/test/src/ble_sm_sc_test.c | 606 nimble/host/test/src/ble_sm_test_util.c | 106 +- nimble/host/test/src/ble_sm_test_util.h | 1 + 4 files changed, 715 insertions(+), 5 deletions(-)
[GitHub] [mynewt-nimble] dhrishi commented on pull request #971: nimble/host: Fix potential MITM vulnerability in case of secure connection pairing
dhrishi commented on pull request #971: URL: https://github.com/apache/mynewt-nimble/pull/971#issuecomment-833418571 Hi @rymanluk Can you please review the unit test and merge if it looks okay? Post that, we will pull this into Espressif's NimBLE repository. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [mynewt-newtmgr] mniestroj commented on issue #180: Reduce serial TX delay or make configurable
mniestroj commented on issue #180: URL: https://github.com/apache/mynewt-newtmgr/issues/180#issuecomment-833345167 Even though there are other tools allowing to do the same as this project, I share @sw idea that this 20ms time would be good to be configurable or handled smarter. Note that 20ms timeout is good enough for some subset of platforms. When working with https://github.com/zephyrproject-rtos/zephyr/pull/27023 it seemed that 10ms was a problem for Zephyr+nRF52 before mentioned PR was merged. So assuming that somebody was using 2x slower platform, it is very likely that 20ms was not long enough. So changing this hardcoded 20ms to something configurable (either by user, or calculated in runtime) makes a lot of sense, either to improve speed of fast platforms, or make it reliably work with slower platforms! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
