Merge pull request #2510 from dhalbert/bonding-nvm

nrf: Add bonding to BLE pairing support

Author: tannewt

locale/circuitpython.pot

@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-01-07 14:31-0800\n"
+"POT-Creation-Date: 2020-01-13 18:15-0500\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <[email protected]>\n"
@@ -513,21 +513,21 @@ msgstr ""
 msgid "Could not initialize UART"
 msgstr ""
 
-#: shared-module/audiomp3/MP3File.c
+#: shared-module/audiomp3/MP3Decoder.c
 msgid "Couldn't allocate decoder"
 msgstr ""
 
 #: shared-module/audiocore/WaveFile.c shared-module/audiomixer/Mixer.c
-#: shared-module/audiomp3/MP3File.c
+#: shared-module/audiomp3/MP3Decoder.c
 msgid "Couldn't allocate first buffer"
 msgstr ""
 
-#: shared-module/audiomp3/MP3File.c
+#: shared-module/audiomp3/MP3Decoder.c
 msgid "Couldn't allocate input buffer"
 msgstr ""
 
 #: shared-module/audiocore/WaveFile.c shared-module/audiomixer/Mixer.c
-#: shared-module/audiomp3/MP3File.c
+#: shared-module/audiomp3/MP3Decoder.c
 msgid "Couldn't allocate second buffer"
 msgstr ""
 
@@ -620,7 +620,7 @@ msgstr ""
 msgid "Failed sending command."
 msgstr ""
 
-#: ports/nrf/sd_mutex.c
+#: ports/nrf/sd.c ports/nrf/sd_mutex.c
 #, c-format
 msgid "Failed to acquire mutex, err 0x%04x"
 msgstr ""
@@ -643,11 +643,11 @@ msgstr ""
 msgid "Failed to connect: timeout"
 msgstr ""
 
-#: shared-module/audiomp3/MP3File.c
+#: shared-module/audiomp3/MP3Decoder.c
 msgid "Failed to parse MP3 file"
 msgstr ""
 
-#: ports/nrf/sd_mutex.c
+#: ports/nrf/sd.c ports/nrf/sd_mutex.c
 #, c-format
 msgid "Failed to release mutex, err 0x%04x"
 msgstr ""
@@ -660,10 +660,6 @@ msgstr ""
 msgid "File exists"
 msgstr ""
 
-#: ports/nrf/common-hal/nvm/ByteArray.c
-msgid "Flash write failed"
-msgstr ""
-
 #: ports/atmel-samd/common-hal/frequencyio/FrequencyIn.c
 msgid "Frequency captured is above capability. Capture Paused."
 msgstr ""
@@ -1776,7 +1772,7 @@ msgstr ""
 msgid "extra positional arguments given"
 msgstr ""
 
-#: shared-bindings/audiocore/WaveFile.c shared-bindings/audiomp3/MP3File.c
+#: shared-bindings/audiocore/WaveFile.c shared-bindings/audiomp3/MP3Decoder.c
 #: shared-bindings/displayio/OnDiskBitmap.c
 msgid "file must be a file opened in byte mode"
 msgstr ""

ports/atmel-samd/common-hal/nvm/ByteArray.c

@@ -43,9 +43,9 @@ bool common_hal_nvm_bytearray_set_bytes(nvm_bytearray_obj_t *self,
     // whenever we need it instead of storing it long term.
     struct flash_descriptor desc;
     desc.dev.hw = NVMCTRL;
-    flash_write(&desc, (uint32_t) self->start_address + start_index, values, len);
+    bool status = flash_write(&desc, (uint32_t) self->start_address + start_index, values, len) == ERR_NONE;
     assert_heap_ok();
-    return true;
+    return status;
 }
 
 // NVM memory is memory mapped so reading it is easy.

ports/nrf/Makefile

@@ -73,8 +73,6 @@ INC += -I$(BUILD)
 INC += -I$(BUILD)/genhdr
 INC += -I./../../lib/cmsis/inc
 INC += -I./boards/$(BOARD)
-INC += -I./modules/ubluepy
-INC += -I./modules/ble
 INC += -I./nrfx
 INC += -I./nrfx/hal
 INC += -I./nrfx/mdk
@@ -157,6 +155,7 @@ SRC_C += \
 	boards/$(BOARD)/pins.c \
 	device/$(MCU_VARIANT)/startup_$(MCU_SUB_VARIANT).c \
 	bluetooth/ble_drv.c \
+	common-hal/_bleio/bonding.c \
 	lib/libc/string0.c \
 	lib/mp-readline/readline.c \
 	lib/oofatfs/ff.c \

ports/nrf/background.c

@@ -43,6 +43,7 @@
 
 #if CIRCUITPY_BLEIO
 #include "supervisor/shared/bluetooth.h"
+#include "common-hal/_bleio/bonding.h"
 #endif
 
 static bool running_background_tasks = false;
@@ -68,6 +69,7 @@ void run_background_tasks(void) {
 
 #if CIRCUITPY_BLEIO
     supervisor_bluetooth_background();
+    bonding_background();
 #endif
 
     #if CIRCUITPY_DISPLAYIO

ports/nrf/common-hal/_bleio/Adapter.c

@@ -32,6 +32,7 @@
 
 #include "ble.h"
 #include "ble_drv.h"
+#include "bonding.h"
 #include "nrfx_power.h"
 #include "nrf_nvic.h"
 #include "nrf_sdm.h"
@@ -248,6 +249,7 @@ STATIC bool adapter_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             }
             ble_drv_remove_event_handler(connection_on_ble_evt, connection);
             connection->conn_handle = BLE_CONN_HANDLE_INVALID;
+            connection->pair_status = PAIR_NOT_PAIRED;
             if (connection->connection_obj != mp_const_none) {
                 bleio_connection_obj_t* obj = connection->connection_obj;
                 obj->connection = NULL;
@@ -692,6 +694,10 @@ mp_obj_t common_hal_bleio_adapter_get_connections(bleio_adapter_obj_t *self) {
     return self->connection_objs;
 }
 
+void common_hal_bleio_adapter_erase_bonding(bleio_adapter_obj_t *self) {
+    bonding_erase_storage();
+}
+
 void bleio_adapter_gc_collect(bleio_adapter_obj_t* adapter) {
     gc_collect_root((void**)adapter, sizeof(bleio_adapter_obj_t) / sizeof(size_t));
     gc_collect_root((void**)bleio_connections, sizeof(bleio_connections) / sizeof(size_t));

ports/nrf/common-hal/_bleio/Characteristic.c

@@ -33,6 +33,7 @@
 #include "shared-bindings/_bleio/Service.h"
 
 #include "common-hal/_bleio/Adapter.h"
+#include "common-hal/_bleio/bonding.h"
 
 STATIC uint16_t characteristic_get_cccd(uint16_t cccd_handle, uint16_t conn_handle) {
     uint16_t cccd;

ports/nrf/common-hal/_bleio/Connection.c

@@ -46,13 +46,16 @@
 #include "shared-bindings/_bleio/Characteristic.h"
 #include "shared-bindings/_bleio/Service.h"
 #include "shared-bindings/_bleio/UUID.h"
+#include "supervisor/shared/tick.h"
+
+#include "common-hal/_bleio/bonding.h"
 
 #define BLE_ADV_LENGTH_FIELD_SIZE   1
 #define BLE_ADV_AD_TYPE_FIELD_SIZE  1
 #define BLE_AD_TYPE_FLAGS_DATA_SIZE 1
 
 static const ble_gap_sec_params_t pairing_sec_params = {
-    .bond = 0,
+    .bond = 1,
     .mitm = 0,
     .lesc = 0,
     .keypress = 0,
@@ -64,6 +67,13 @@ static const ble_gap_sec_params_t pairing_sec_params = {
     .kdist_peer   = { .enc = 1, .id = 1},
 };
 
+#define CONNECTION_DEBUG (1)
+#if CONNECTION_DEBUG
+  #define CONNECTION_DEBUG_PRINTF(...) printf(__VA_ARGS__)
+#else
+  #define CONNECTION_DEBUG_PRINTF(...)
+#endif
+
 static volatile bool m_discovery_in_process;
 static volatile bool m_discovery_successful;
 
@@ -84,6 +94,7 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
 
     switch (ble_evt->header.evt_id) {
         case BLE_GAP_EVT_DISCONNECTED:
+            // Adapter.c does the work for this event.
             break;
 
         case BLE_GAP_EVT_PHY_UPDATE_REQUEST: {
@@ -137,6 +148,22 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             break;
         }
 
+        case BLE_GATTS_EVT_WRITE:
+            // A client wrote a value.
+            // If we are bonded and it's a CCCD (UUID 0x2902), store the CCCD value.
+            if (self->conn_handle != BLE_CONN_HANDLE_INVALID &&
+                self->pair_status == PAIR_PAIRED &&
+                ble_evt->evt.gatts_evt.params.write.uuid.type == BLE_UUID_TYPE_BLE &&
+                ble_evt->evt.gatts_evt.params.write.uuid.uuid == 0x2902) {
+                //
+                // Save sys_attr data (CCCD state) in bonding area at
+                // next opportunity, but also remember time of this
+                // request, so we can consolidate closely-spaced requests.
+                self->do_bond_cccds = true;
+                self->do_bond_cccds_request_time = supervisor_ticks_ms64();
+            }
+            break;
+
         case BLE_GATTS_EVT_SYS_ATTR_MISSING:
             sd_ble_gatts_sys_attr_set(self->conn_handle, NULL, 0, 0);
             break;
@@ -197,6 +224,15 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             break;
         }
         case BLE_GAP_EVT_SEC_PARAMS_REQUEST: {
+            // First time pairing.
+            // 1. Either we or peer initiate the process
+            // 2. Peer asks for security parameters using BLE_GAP_EVT_SEC_PARAMS_REQUEST.
+            // 3. Pair Key exchange ("just works" implemented now; TODO: out-of-band key pairing)
+            // 4. Connection is secured: BLE_GAP_EVT_CONN_SEC_UPDATE
+            // 5. Long-term Keys exchanged: BLE_GAP_EVT_AUTH_STATUS
+
+            bonding_clear_keys(&self->bonding_keys);
+            self->ediv = EDIV_INVALID;
             ble_gap_sec_keyset_t keyset = {
                 .keys_own = {
                     .p_enc_key  = &self->bonding_keys.own_enc,
@@ -214,7 +250,8 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             };
 
             sd_ble_gap_sec_params_reply(self->conn_handle, BLE_GAP_SEC_STATUS_SUCCESS,
-                                        &pairing_sec_params, &keyset);
+                                        self->is_central ? NULL : &pairing_sec_params,
+                                        &keyset);
             break;
         }
 
@@ -224,13 +261,16 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             break;
 
         case BLE_GAP_EVT_AUTH_STATUS: { // 0x19
-            // Pairing process completed
+            // Key exchange completed.
             ble_gap_evt_auth_status_t* status = &ble_evt->evt.gap_evt.params.auth_status;
             self->sec_status = status->auth_status;
             if (status->auth_status == BLE_GAP_SEC_STATUS_SUCCESS) {
-                // TODO _ediv = bonding_keys->own_enc.master_id.ediv;
+                self->ediv = self->bonding_keys.own_enc.master_id.ediv;
                 self->pair_status = PAIR_PAIRED;
+                // Save keys in bonding area at next opportunity.
+                self->do_bond_keys = true;
             } else {
+                // Inform busy-waiter pairing has failed.
                 self->pair_status = PAIR_NOT_PAIRED;
             }
             break;
@@ -242,17 +282,22 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
             // - Else return NULL --> Initiate key exchange
             ble_gap_evt_sec_info_request_t* sec_info_request = &ble_evt->evt.gap_evt.params.sec_info_request;
             (void) sec_info_request;
-            //if ( bond_load_keys(_role, sec_req->master_id.ediv, &bkeys) ) {
-            //sd_ble_gap_sec_info_reply(_conn_hdl, &bkeys.own_enc.enc_info, &bkeys.peer_id.id_info, NULL);
-            //
-            //_ediv = bkeys.own_enc.master_id.ediv;
-            // } else {
+            if ( bonding_load_keys(self->is_central, sec_info_request->master_id.ediv, &self->bonding_keys) ) {
+                sd_ble_gap_sec_info_reply(
+                    self->conn_handle,
+                    &self->bonding_keys.own_enc.enc_info,
+                    &self->bonding_keys.peer_id.id_info,
+                    NULL);
+                self->ediv = self->bonding_keys.own_enc.master_id.ediv;
+            } else {
+                // We don't have stored keys. Ask for keys.
                 sd_ble_gap_sec_info_reply(self->conn_handle, NULL, NULL, NULL);
-            // }
-                break;
+            }
+            break;
         }
 
         case BLE_GAP_EVT_CONN_SEC_UPDATE: { // 0x1a
+            // We get this both on first-time pairing and on subsequent pairings using stored keys.
             ble_gap_conn_sec_t* conn_sec = &ble_evt->evt.gap_evt.params.conn_sec_update.conn_sec;
             if (conn_sec->sec_mode.sm <= 1 && conn_sec->sec_mode.lv <= 1) {
                 // Security setup did not succeed:
@@ -261,18 +306,17 @@ bool connection_on_ble_evt(ble_evt_t *ble_evt, void *self_in) {
                 // mode >=1 and/or level >=1 means encryption is set up
                 self->pair_status = PAIR_NOT_PAIRED;
             } else {
-                //if ( !bond_load_cccd(_role, _conn_hdl, _ediv) ) {
-                if (true) {  // TODO: no bonding yet
-                    // Initialize system attributes fresh.
+                if (bonding_load_cccd_info(self->is_central, self->conn_handle, self->ediv)) {
+                    // Did an sd_ble_gatts_sys_attr_set() with the stored sys_attr values.
+                } else {
+                    // No matching bonding found, so use fresh system attributes.
                     sd_ble_gatts_sys_attr_set(self->conn_handle, NULL, 0, 0);
                 }
-                // Not quite paired yet: wait for BLE_GAP_EVT_AUTH_STATUS SUCCESS.
-                self->ediv = self->bonding_keys.own_enc.master_id.ediv;
+                self->pair_status = PAIR_PAIRED;
             }
             break;
         }
 
-
         default:
             return false;
     }
@@ -284,8 +328,7 @@ void bleio_connection_clear(bleio_connection_internal_t *self) {
 
     self->conn_handle = BLE_CONN_HANDLE_INVALID;
     self->pair_status = PAIR_NOT_PAIRED;
-
-    memset(&self->bonding_keys, 0, sizeof(self->bonding_keys));
+    bonding_clear_keys(&self->bonding_keys);
 }
 
 bool common_hal_bleio_connection_get_paired(bleio_connection_obj_t *self) {
@@ -565,8 +608,7 @@ STATIC bool discovery_on_ble_evt(ble_evt_t *ble_evt, mp_obj_t payload) {
             break;
 
         default:
-            // For debugging.
-            // mp_printf(&mp_plat_print, "Unhandled discovery event: 0x%04x\n", ble_evt->header.evt_id);
+            // CONNECTION_DEBUG_PRINTF(&mp_plat_print, "Unhandled discovery event: 0x%04x\n", ble_evt->header.evt_id);
             return false;
             break;
     }

ports/nrf/common-hal/_bleio/Connection.h

@@ -36,6 +36,7 @@
 #include "py/objlist.h"
 
 #include "common-hal/_bleio/__init__.h"
+#include "common-hal/_bleio/bonding.h"
 #include "shared-module/_bleio/Address.h"
 #include "common-hal/_bleio/Service.h"
 
@@ -56,16 +57,23 @@ typedef struct {
     // The advertising data and scan response buffers are held by us, not by the SD, so we must
     // maintain them and not change it. If we need to change the contents during advertising,
     // there are tricks to get the SD to notice (see DevZone - TBS).
-    // EDIV: Encrypted Diversifier: Identifies LTK during legacy pairing.
     bonding_keys_t bonding_keys;
+    // EDIV: Encrypted Diversifier: Identifies LTK during legacy pairing.
     uint16_t ediv;
-    pair_status_t pair_status;
+    volatile pair_status_t pair_status;
     uint8_t sec_status; // Internal security status.
     mp_obj_t connection_obj;
     ble_drv_evt_handler_entry_t handler_entry;
     ble_gap_conn_params_t conn_params;
     volatile bool conn_params_updating;
     uint16_t mtu;
+    // Request that CCCD values for this conenction be saved, using sys_attr values.
+    volatile bool do_bond_cccds;
+    // Request that security key info for this connection be saved.
+    volatile bool do_bond_keys;
+    // Time of setting do_bond_ccds: we delay a bit to consolidate multiple CCCD changes
+    // into one write. Time is currently in ticks_ms.
+    uint64_t do_bond_cccds_request_time;
 } bleio_connection_internal_t;
 
 typedef struct {

ports/nrf/common-hal/_bleio/__init__.c

@@ -97,6 +97,7 @@ void bleio_reset() {
         common_hal_bleio_adapter_set_enabled(&common_hal_bleio_adapter_obj, false);
     }
     supervisor_start_bluetooth();
+    bonding_reset();
 }
 
 // The singleton _bleio.Adapter object, bound to _bleio.adapter

ports/nrf/common-hal/_bleio/__init__.h

@@ -30,9 +30,9 @@
 void bleio_reset(void);
 
 typedef struct {
-  ble_gap_enc_key_t own_enc;
-  ble_gap_enc_key_t peer_enc;
-  ble_gap_id_key_t peer_id;
+    ble_gap_enc_key_t own_enc;
+    ble_gap_enc_key_t peer_enc;
+    ble_gap_id_key_t peer_id;
 } bonding_keys_t;
 
 // We assume variable length data.