 |
AIROC™ BTSDK v4.6 - Documentation | |||
|
AIROC™ BTSDK v4.6 - Documentation | |||
Functions | |
| void | wiced_bt_ble_security_grant (wiced_bt_device_address_t bd_addr, uint8_t res) |
| Upon receiving a BTM_SECURITY_REQUEST_EVT in the BT stack management callback (wiced_bt_management_cback_t), this API is used to either grant or deny a pairing attempt by the peer device. More... | |
| wiced_bool_t | wiced_bt_ble_data_signature (wiced_bt_device_address_t bd_addr, uint8_t *p_text, uint16_t len, wiced_dev_ble_signature_t signature) |
| Generates an authentication signature using AES128 CMAC algorithm. More... | |
| wiced_bool_t | wiced_bt_ble_verify_signature (wiced_bt_device_address_t bd_addr, uint8_t *p_orig, uint16_t len, uint32_t counter, uint8_t *p_comp) |
| This function is used to check a given data signature against the original unsigned data. More... | |
| wiced_bool_t | wiced_bt_ble_get_security_state (wiced_bt_device_address_t bd_addr, uint8_t *p_le_sec_flags, uint8_t *p_le_key_size) |
| Get security mode 1 flags and encryption key size for LE peer. More... | |
| wiced_bool_t wiced_bt_ble_data_signature | ( | wiced_bt_device_address_t | bd_addr, |
| uint8_t * | p_text, | ||
| uint16_t | len, | ||
| wiced_dev_ble_signature_t | signature | ||
| ) |
Generates an authentication signature using AES128 CMAC algorithm.
The BD_ADDR given as a parameter is used to find the keys stored by AIROC stack, then the keys are used to generate an authentication signature. This functionality is used to perform host-side authentication in the AIROC stack. Rarely used at the application layer.
| [in] | bd_addr | peer device to sign data for (using stored keys) |
| [in] | p_text | pointer to data being signed |
| [in] | len | length of data in p_text |
| [out] | signature | auth signature output by algorithm |
| wiced_bool_t wiced_bt_ble_get_security_state | ( | wiced_bt_device_address_t | bd_addr, |
| uint8_t * | p_le_sec_flags, | ||
| uint8_t * | p_le_key_size | ||
| ) |
Get security mode 1 flags and encryption key size for LE peer.
The GATT layer of the AIROC stack will check the link's encryption status before triggering GATT read/write events on auth_readable/auth_writable characteristics. For further MITM checking, the below API should be used to verify the encryption status of the link before responding to GATT operations from the peer. This additional checking would occur in the callback wiced_bt_gatt_cback_t registered in wiced_bt_gatt_register.
If BTM_SEC_LE_LINK_PAIRED_WITHOUT_MITM and BTM_SEC_LE_LINK_PAIRED_WITH_MITM are both enabled in the flag, then this indicates that there is an LTK for this connection.
| [in] | bd_addr | address of peer device |
| [out] | p_le_sec_flags | enumerated wiced_bt_ble_sec_flags_e
|
| [out] | p_le_key_size | length of LTK or STK |
| void wiced_bt_ble_security_grant | ( | wiced_bt_device_address_t | bd_addr, |
| uint8_t | res | ||
| ) |
Upon receiving a BTM_SECURITY_REQUEST_EVT in the BT stack management callback (wiced_bt_management_cback_t), this API is used to either grant or deny a pairing attempt by the peer device.
| [in] | bd_addr | address of peer device requesting pairing |
| [in] | res |
|
| wiced_bool_t wiced_bt_ble_verify_signature | ( | wiced_bt_device_address_t | bd_addr, |
| uint8_t * | p_orig, | ||
| uint16_t | len, | ||
| uint32_t | counter, | ||
| uint8_t * | p_comp | ||
| ) |
This function is used to check a given data signature against the original unsigned data.
The function uses the stored keys of the given LE peer device to verify the signature. This functionality is used to perform host-side authentication in the AIROC stack. Rarely used at the application layer.
| [in] | bd_addr | peer device to sign data for (using stored keys) |
| [in] | p_orig | original data to check signature for |
| [in] | len | length of p_orig |
| [in] | counter | counter input of CCM algo (refer to BT spec) |
| [in] | p_comp | sign. to verify wiced_dev_ble_signature_t |
