1*042d53a7SEvalZero /*
2*042d53a7SEvalZero * Licensed to the Apache Software Foundation (ASF) under one
3*042d53a7SEvalZero * or more contributor license agreements. See the NOTICE file
4*042d53a7SEvalZero * distributed with this work for additional information
5*042d53a7SEvalZero * regarding copyright ownership. The ASF licenses this file
6*042d53a7SEvalZero * to you under the Apache License, Version 2.0 (the
7*042d53a7SEvalZero * "License"); you may not use this file except in compliance
8*042d53a7SEvalZero * with the License. You may obtain a copy of the License at
9*042d53a7SEvalZero *
10*042d53a7SEvalZero * http://www.apache.org/licenses/LICENSE-2.0
11*042d53a7SEvalZero *
12*042d53a7SEvalZero * Unless required by applicable law or agreed to in writing,
13*042d53a7SEvalZero * software distributed under the License is distributed on an
14*042d53a7SEvalZero * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15*042d53a7SEvalZero * KIND, either express or implied. See the License for the
16*042d53a7SEvalZero * specific language governing permissions and limitations
17*042d53a7SEvalZero * under the License.
18*042d53a7SEvalZero */
19*042d53a7SEvalZero
20*042d53a7SEvalZero #include <assert.h>
21*042d53a7SEvalZero #include <stdio.h>
22*042d53a7SEvalZero #include <string.h>
23*042d53a7SEvalZero #include "host/ble_hs.h"
24*042d53a7SEvalZero #include "host/ble_uuid.h"
25*042d53a7SEvalZero #include "bleprph.h"
26*042d53a7SEvalZero
27*042d53a7SEvalZero /**
28*042d53a7SEvalZero * The vendor specific security test service consists of two characteristics:
29*042d53a7SEvalZero * o random-number-generator: generates a random 32-bit number each time
30*042d53a7SEvalZero * it is read. This characteristic can only be read over an encrypted
31*042d53a7SEvalZero * connection.
32*042d53a7SEvalZero * o static-value: a single-byte characteristic that can always be read,
33*042d53a7SEvalZero * but can only be written over an encrypted connection.
34*042d53a7SEvalZero */
35*042d53a7SEvalZero
36*042d53a7SEvalZero /* 59462f12-9543-9999-12c8-58b459a2712d */
37*042d53a7SEvalZero static const ble_uuid128_t gatt_svr_svc_sec_test_uuid =
38*042d53a7SEvalZero BLE_UUID128_INIT(0x2d, 0x71, 0xa2, 0x59, 0xb4, 0x58, 0xc8, 0x12,
39*042d53a7SEvalZero 0x99, 0x99, 0x43, 0x95, 0x12, 0x2f, 0x46, 0x59);
40*042d53a7SEvalZero
41*042d53a7SEvalZero /* 5c3a659e-897e-45e1-b016-007107c96df6 */
42*042d53a7SEvalZero static const ble_uuid128_t gatt_svr_chr_sec_test_rand_uuid =
43*042d53a7SEvalZero BLE_UUID128_INIT(0xf6, 0x6d, 0xc9, 0x07, 0x71, 0x00, 0x16, 0xb0,
44*042d53a7SEvalZero 0xe1, 0x45, 0x7e, 0x89, 0x9e, 0x65, 0x3a, 0x5c);
45*042d53a7SEvalZero
46*042d53a7SEvalZero /* 5c3a659e-897e-45e1-b016-007107c96df7 */
47*042d53a7SEvalZero static const ble_uuid128_t gatt_svr_chr_sec_test_static_uuid =
48*042d53a7SEvalZero BLE_UUID128_INIT(0xf7, 0x6d, 0xc9, 0x07, 0x71, 0x00, 0x16, 0xb0,
49*042d53a7SEvalZero 0xe1, 0x45, 0x7e, 0x89, 0x9e, 0x65, 0x3a, 0x5c);
50*042d53a7SEvalZero
51*042d53a7SEvalZero static uint8_t gatt_svr_sec_test_static_val;
52*042d53a7SEvalZero
53*042d53a7SEvalZero static int
54*042d53a7SEvalZero gatt_svr_chr_access_sec_test(uint16_t conn_handle, uint16_t attr_handle,
55*042d53a7SEvalZero struct ble_gatt_access_ctxt *ctxt,
56*042d53a7SEvalZero void *arg);
57*042d53a7SEvalZero
58*042d53a7SEvalZero static const struct ble_gatt_svc_def gatt_svr_svcs[] = {
59*042d53a7SEvalZero {
60*042d53a7SEvalZero /*** Service: Security test. */
61*042d53a7SEvalZero .type = BLE_GATT_SVC_TYPE_PRIMARY,
62*042d53a7SEvalZero .uuid = &gatt_svr_svc_sec_test_uuid.u,
63*042d53a7SEvalZero .characteristics = (struct ble_gatt_chr_def[]) { {
64*042d53a7SEvalZero /*** Characteristic: Random number generator. */
65*042d53a7SEvalZero .uuid = &gatt_svr_chr_sec_test_rand_uuid.u,
66*042d53a7SEvalZero .access_cb = gatt_svr_chr_access_sec_test,
67*042d53a7SEvalZero .flags = BLE_GATT_CHR_F_READ | BLE_GATT_CHR_F_READ_ENC,
68*042d53a7SEvalZero }, {
69*042d53a7SEvalZero /*** Characteristic: Static value. */
70*042d53a7SEvalZero .uuid = &gatt_svr_chr_sec_test_static_uuid.u,
71*042d53a7SEvalZero .access_cb = gatt_svr_chr_access_sec_test,
72*042d53a7SEvalZero .flags = BLE_GATT_CHR_F_READ |
73*042d53a7SEvalZero BLE_GATT_CHR_F_WRITE | BLE_GATT_CHR_F_WRITE_ENC,
74*042d53a7SEvalZero }, {
75*042d53a7SEvalZero 0, /* No more characteristics in this service. */
76*042d53a7SEvalZero } },
77*042d53a7SEvalZero },
78*042d53a7SEvalZero
79*042d53a7SEvalZero {
80*042d53a7SEvalZero 0, /* No more services. */
81*042d53a7SEvalZero },
82*042d53a7SEvalZero };
83*042d53a7SEvalZero
84*042d53a7SEvalZero static int
gatt_svr_chr_write(struct os_mbuf * om,uint16_t min_len,uint16_t max_len,void * dst,uint16_t * len)85*042d53a7SEvalZero gatt_svr_chr_write(struct os_mbuf *om, uint16_t min_len, uint16_t max_len,
86*042d53a7SEvalZero void *dst, uint16_t *len)
87*042d53a7SEvalZero {
88*042d53a7SEvalZero uint16_t om_len;
89*042d53a7SEvalZero int rc;
90*042d53a7SEvalZero
91*042d53a7SEvalZero om_len = OS_MBUF_PKTLEN(om);
92*042d53a7SEvalZero if (om_len < min_len || om_len > max_len) {
93*042d53a7SEvalZero return BLE_ATT_ERR_INVALID_ATTR_VALUE_LEN;
94*042d53a7SEvalZero }
95*042d53a7SEvalZero
96*042d53a7SEvalZero rc = ble_hs_mbuf_to_flat(om, dst, max_len, len);
97*042d53a7SEvalZero if (rc != 0) {
98*042d53a7SEvalZero return BLE_ATT_ERR_UNLIKELY;
99*042d53a7SEvalZero }
100*042d53a7SEvalZero
101*042d53a7SEvalZero return 0;
102*042d53a7SEvalZero }
103*042d53a7SEvalZero
104*042d53a7SEvalZero static int
gatt_svr_chr_access_sec_test(uint16_t conn_handle,uint16_t attr_handle,struct ble_gatt_access_ctxt * ctxt,void * arg)105*042d53a7SEvalZero gatt_svr_chr_access_sec_test(uint16_t conn_handle, uint16_t attr_handle,
106*042d53a7SEvalZero struct ble_gatt_access_ctxt *ctxt,
107*042d53a7SEvalZero void *arg)
108*042d53a7SEvalZero {
109*042d53a7SEvalZero const ble_uuid_t *uuid;
110*042d53a7SEvalZero int rand_num;
111*042d53a7SEvalZero int rc;
112*042d53a7SEvalZero
113*042d53a7SEvalZero uuid = ctxt->chr->uuid;
114*042d53a7SEvalZero
115*042d53a7SEvalZero /* Determine which characteristic is being accessed by examining its
116*042d53a7SEvalZero * 128-bit UUID.
117*042d53a7SEvalZero */
118*042d53a7SEvalZero
119*042d53a7SEvalZero if (ble_uuid_cmp(uuid, &gatt_svr_chr_sec_test_rand_uuid.u) == 0) {
120*042d53a7SEvalZero assert(ctxt->op == BLE_GATT_ACCESS_OP_READ_CHR);
121*042d53a7SEvalZero
122*042d53a7SEvalZero /* Respond with a 32-bit random number. */
123*042d53a7SEvalZero rand_num = rand();
124*042d53a7SEvalZero rc = os_mbuf_append(ctxt->om, &rand_num, sizeof rand_num);
125*042d53a7SEvalZero return rc == 0 ? 0 : BLE_ATT_ERR_INSUFFICIENT_RES;
126*042d53a7SEvalZero }
127*042d53a7SEvalZero
128*042d53a7SEvalZero if (ble_uuid_cmp(uuid, &gatt_svr_chr_sec_test_static_uuid.u) == 0) {
129*042d53a7SEvalZero switch (ctxt->op) {
130*042d53a7SEvalZero case BLE_GATT_ACCESS_OP_READ_CHR:
131*042d53a7SEvalZero rc = os_mbuf_append(ctxt->om, &gatt_svr_sec_test_static_val,
132*042d53a7SEvalZero sizeof gatt_svr_sec_test_static_val);
133*042d53a7SEvalZero return rc == 0 ? 0 : BLE_ATT_ERR_INSUFFICIENT_RES;
134*042d53a7SEvalZero
135*042d53a7SEvalZero case BLE_GATT_ACCESS_OP_WRITE_CHR:
136*042d53a7SEvalZero rc = gatt_svr_chr_write(ctxt->om,
137*042d53a7SEvalZero sizeof gatt_svr_sec_test_static_val,
138*042d53a7SEvalZero sizeof gatt_svr_sec_test_static_val,
139*042d53a7SEvalZero &gatt_svr_sec_test_static_val, NULL);
140*042d53a7SEvalZero return rc;
141*042d53a7SEvalZero
142*042d53a7SEvalZero default:
143*042d53a7SEvalZero assert(0);
144*042d53a7SEvalZero return BLE_ATT_ERR_UNLIKELY;
145*042d53a7SEvalZero }
146*042d53a7SEvalZero }
147*042d53a7SEvalZero
148*042d53a7SEvalZero /* Unknown characteristic; the nimble stack should not have called this
149*042d53a7SEvalZero * function.
150*042d53a7SEvalZero */
151*042d53a7SEvalZero assert(0);
152*042d53a7SEvalZero return BLE_ATT_ERR_UNLIKELY;
153*042d53a7SEvalZero }
154*042d53a7SEvalZero
155*042d53a7SEvalZero void
gatt_svr_register_cb(struct ble_gatt_register_ctxt * ctxt,void * arg)156*042d53a7SEvalZero gatt_svr_register_cb(struct ble_gatt_register_ctxt *ctxt, void *arg)
157*042d53a7SEvalZero {
158*042d53a7SEvalZero char buf[BLE_UUID_STR_LEN];
159*042d53a7SEvalZero
160*042d53a7SEvalZero switch (ctxt->op) {
161*042d53a7SEvalZero case BLE_GATT_REGISTER_OP_SVC:
162*042d53a7SEvalZero MODLOG_DFLT(DEBUG, "registered service %s with handle=%d\n",
163*042d53a7SEvalZero ble_uuid_to_str(ctxt->svc.svc_def->uuid, buf),
164*042d53a7SEvalZero ctxt->svc.handle);
165*042d53a7SEvalZero break;
166*042d53a7SEvalZero
167*042d53a7SEvalZero case BLE_GATT_REGISTER_OP_CHR:
168*042d53a7SEvalZero MODLOG_DFLT(DEBUG, "registering characteristic %s with "
169*042d53a7SEvalZero "def_handle=%d val_handle=%d\n",
170*042d53a7SEvalZero ble_uuid_to_str(ctxt->chr.chr_def->uuid, buf),
171*042d53a7SEvalZero ctxt->chr.def_handle,
172*042d53a7SEvalZero ctxt->chr.val_handle);
173*042d53a7SEvalZero break;
174*042d53a7SEvalZero
175*042d53a7SEvalZero case BLE_GATT_REGISTER_OP_DSC:
176*042d53a7SEvalZero MODLOG_DFLT(DEBUG, "registering descriptor %s with handle=%d\n",
177*042d53a7SEvalZero ble_uuid_to_str(ctxt->dsc.dsc_def->uuid, buf),
178*042d53a7SEvalZero ctxt->dsc.handle);
179*042d53a7SEvalZero break;
180*042d53a7SEvalZero
181*042d53a7SEvalZero default:
182*042d53a7SEvalZero assert(0);
183*042d53a7SEvalZero break;
184*042d53a7SEvalZero }
185*042d53a7SEvalZero }
186*042d53a7SEvalZero
187*042d53a7SEvalZero int
gatt_svr_init(void)188*042d53a7SEvalZero gatt_svr_init(void)
189*042d53a7SEvalZero {
190*042d53a7SEvalZero int rc;
191*042d53a7SEvalZero
192*042d53a7SEvalZero rc = ble_gatts_count_cfg(gatt_svr_svcs);
193*042d53a7SEvalZero if (rc != 0) {
194*042d53a7SEvalZero return rc;
195*042d53a7SEvalZero }
196*042d53a7SEvalZero
197*042d53a7SEvalZero rc = ble_gatts_add_svcs(gatt_svr_svcs);
198*042d53a7SEvalZero if (rc != 0) {
199*042d53a7SEvalZero return rc;
200*042d53a7SEvalZero }
201*042d53a7SEvalZero
202*042d53a7SEvalZero return 0;
203*042d53a7SEvalZero }
204