Encrypted Advertising Data core API#
Provides simple to use API for Advertising, Periodic Advertising and Scan Response data encryption and decryption that is compatible with the Bluetooth Core Encrypted Advertisement Data (EAD) enhancement. For the usage of the APIs defined in sl_bt_ead_core.h please see esl_core_encrypt_message(void *msg, uint8_t *len) and esl_core_decrypt_message(void *msg, uint8_t *len) functions in esl_tag_crypto.c within ESL Tag core component.
Modules#
Typedefs#
Functions#
Macros#
EAD Randomizer size.
EAD Key Material size.
EAD Session Key size.
EAD Nonce size.
EAD IV size.
EAD Message Integrity Check size.
Advertising Data - header length field size.
Advertising Data - header AD Type field size.
Advertising Data header size, Core Ver.5.3, Vol 3. Part C, Fig.11.1.
EAD Message full packet size overhead.
EAD Message packet size overhead without the length field.
Encrypted Data AD Type.
B1 block, octet 2 (header) for EAD encryption, CSS d11, Part A, 1.23.3.
EAD Key Material Characteristics UUID.
Typedef Documentation#
sl_bt_ead_session_key_t#
typedef uint8_t sl_bt_ead_session_key_t[16] [16]
48 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_iv_t#
typedef uint8_t sl_bt_ead_iv_t[8] [8]
51 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_randomizer_t#
typedef uint8_t sl_bt_ead_randomizer_t[5] [5]
54 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_mic_t#
typedef uint8_t sl_bt_ead_mic_t[4] [4]
57 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_key_material_p#
typedef struct sl_bt_ead_key_material_s* sl_bt_ead_key_material_p
60 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_nonce_p#
typedef struct sl_bt_ead_nonce_s* sl_bt_ead_nonce_p
63 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_ad_structure_p#
typedef struct sl_bt_ead_ad_structure_s* sl_bt_ead_ad_structure_p
66 of file common/ead_core/sl_bt_ead_core.hFunction Documentation#
sl_bt_ead_store_key#
sl_status_t sl_bt_ead_store_key (psa_key_usage_t key_usage, psa_key_lifetime_t lifetime, sl_bt_ead_key_material_p key_material, psa_key_id_t * key_id)
| [in] | key_usage | set PSA_KEY_USAGE_ENCRYPT and/or PSA_KEY_USAGE_DECRYPT depending on expected usage. Other psa_key_usage_t flags can be used also, if needed. |
| [in] | lifetime | use PSA_KEY_LIFETIME_VOLATILE or set custom PSA lifetime e.g., PSA_KEY_LIFETIME_FROM_PERSISTENCE_AND_LOCATION( PSA_KEY_PERSISTENCE_DEFAULT, 0x01) on devices with secure key storage (HSE-SVH). Value ignored if RADIOAES is used, and please also note that keys with persistent lifetime may reduce the throughput of cryptography. |
| N/A | key_material | key_material Pointer to the input key material in plain text format as described in Core v5.4, Vol 3, Part C, Section 12.6, that is replaced by key_id on successful key storage when PSA / TZ is used. Otherwise, only the key endianness is changed in- place and the key remains as plain text in RAM (that is, for the RadioAES use case). |
| N/A | key_id | key_id Pointer to the requested key_id value for persistent keys. For volatile keys, the requested ID is ignored and then the pointed value changes to the resulting key_id on successful key import. Set the initial pointed value to PSA_KEY_ID_NULL if any resulting ID is acceptable for you for a persistent key, or request a specific value in the range of 0x0001-0x4000 but make sure the ID in't used for any other purpose because an already existing key with that ID will be overwritten. The pointed key_id value will be set to 0 if RadioAES is selected. |
Store the key from EAD Key material Note
In case of unsuccessful return, the original input key material will remain untouched, and therefore, as it's still sensitive data, the caller shall take care of handling it securely (e.g., to sanitize).
Returns
sl_status_t
174 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_delete_key#
sl_status_t sl_bt_ead_delete_key (sl_bt_ead_key_material_p key_material)
| [in] | key_material | Pointer to the key material to destroy. |
Delete EAD key material from both volatile and, if applicable, non-volatile storage. Returns
sl_status_t
185 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_randomizer_update#
sl_status_t sl_bt_ead_randomizer_update (sl_bt_ead_nonce_p nonce)
| N/A | nonce | nonce - Pointer to the EAD Nonce struct to be updated |
Update the Randomizer field of the EAD Nonce value with newly generated value Returns
sl_status_t
192 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_randomizer_set#
sl_status_t sl_bt_ead_randomizer_set (sl_bt_ead_randomizer_t randomizer, sl_bt_ead_nonce_p nonce)
| [in] | randomizer | - Value to be set in the Nonce |
| [out] | nonce | - Pointer to the EAD Nonce struct to be updated |
Set the Randomizer field of the EAD Nonce value manually to a given value Note
Falls back to sl_bt_ead_randomizer_update() if Randomizer is NULL
Returns
sl_status_t
201 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_session_init#
sl_status_t sl_bt_ead_session_init (sl_bt_ead_key_material_p key_material, sl_bt_ead_randomizer_t randomizer, sl_bt_ead_nonce_p nonce)
| N/A | key_material | key_material - Pointer to the key material in the higher layer |
| [in] | randomizer | - Pointer to the desired Randomizer value type or NULL. The Nonce will get a new random value during the invocation if NULL is passed. |
| [out] | nonce | - Pointer to the complete EAD Nonce structure. This can be omitted by advanced users by passing it as NULL, in which case only the session key is prepared. Although passing the nonce is the recommended use case, omitting it can still be useful for efficient in-place decryption when used with sl_bt_ead_unpack_decrypt(). |
(Re)initialize the entire Nonce value with the IV from the key material given Note
According to the Supplement to the Bluetooth Core Specification v11 Part A, Section 1.23.3: the session key shall be set to a value determined by a higher layer specification or otherwise negotiated between the devices that are sending and receiving the encrypted AD type. Any session keys with at least 128 bits of entropy may be used. sl_bt_ead_store_key() has to be called once on the key material after said key negotiation before the session init invocation!
Returns
sl_status_t
226 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_encrypt#
sl_status_t sl_bt_ead_encrypt (sl_bt_ead_key_material_p key_material, sl_bt_ead_nonce_p nonce, uint8_t length, uint8_t * data, sl_bt_ead_mic_t mic)
| [in] | key_material | - Pointer to the key material in the higher layer |
| [in] | nonce | - Pointer to the complete EAD Nonce structure |
| [in] | length | - Length of the data to be encrypted |
| N/A | data | data - Pointer to the original message, contains encrypted message on success. |
| [out] | mic | - Pointer to the mic storage space |
Encrypt message in-place using EAD encryption Returns
sl_status_t
240 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_decrypt#
sl_status_t sl_bt_ead_decrypt (sl_bt_ead_key_material_p key_material, sl_bt_ead_nonce_p nonce, sl_bt_ead_mic_t mic, uint8_t length, uint8_t * data)
| [in] | key_material | - Pointer to the key material in the higher layer |
| [in] | nonce | - Pointer to the (received!) Nonce structure |
| [in] | mic | - Message integrity check value of the given message |
| [in] | length | - Length of the data to be decrypted |
| N/A | data | data - Pointer to the encrypted message, contains decrypted message on success. |
Decrypt message in-place that is encrypted with EAD Returns
sl_status_t
256 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_unpack_decrypt#
sl_status_t sl_bt_ead_unpack_decrypt (sl_bt_ead_key_material_p key_material, uint8_t ** data, uint8_t * length)
| [in] | key_material | - Pointer to the key material in the higher layer |
| N/A | data | data - Reference of the pointer to the full encrypted message in Advertising, Periodic Advertising, and Scan Response data format specified by Core v5.3, Vol 3, Part C, Section 11. Will be updated to the address to the decrypted message on success. |
| [out] | length | - Length of the decrypted data |
Unpack advertising data that is encrypted with EAD and decrypt the message in place. Note
: This function obfuscates the input data since every operation is done in place for the best possible speed. If the input data memory is allocated on the heap, then its original address and size has to be kept for proper deallocation. Consequently, it's also the caller's responsibility to make a copy of the resulting decrypted message if needed, before freeing up the storage space. Using this method instead of calling sl_bt_ead_unpack_ad_data and then sl_bt_ead_decrypt can be slightly faster, but also requires more care when used.
Returns
sl_status_t
283 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_pack_ad_data#
sl_status_t sl_bt_ead_pack_ad_data (sl_bt_ead_ad_structure_p ad_info, uint8_t * size, uint8_t * pack_buf)
| [in] | ad_info | - Pointer to the AD Data structure to be packed |
| N/A | size | size - In: size of the EAD Data buffer, out: packed length |
| [out] | pack_buf | - Pointer to the complete EAD Data buffer |
Pack encrypted EAD AD_Data to Advertising, Periodic Advertising, and Scan Response data format specified by Core v5.3, Vol 3, Part C, Section 11 Returns
sl_status_t
295 of file common/ead_core/sl_bt_ead_core.hsl_bt_ead_unpack_ad_data#
sl_status_t sl_bt_ead_unpack_ad_data (uint8_t * packed_data, sl_bt_ead_ad_structure_p ad_info)
| [in] | packed_data | - Pointer to the incoming EAD Data |
| N/A | ad_info | ad_info - Pointer to the AD Data struct for unpacked results. The 'length' parameter in the struct must be pre-set to the 'ad_data' buffer size. |
Unpack encrypted EAD Data from Advertising, Periodic Advertising, and Scan Response data format specified by Core v5.3, Vol 3, Part C, Section 11 Returns
sl_status_t
308 of file common/ead_core/sl_bt_ead_core.hMacro Definition Documentation#
SL_BT_EAD_RANDOMIZER_SIZE#
#define SL_BT_EAD_RANDOMIZER_SIZEValue:
sizeof(sl_bt_ead_randomizer_t)
EAD Randomizer size.
94 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_KEY_MATERIAL_SIZE#
#define SL_BT_EAD_KEY_MATERIAL_SIZEValue:
sizeof(struct sl_bt_ead_key_material_s)
EAD Key Material size.
97 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_SESSION_KEY_SIZE#
#define SL_BT_EAD_SESSION_KEY_SIZEValue:
sizeof(sl_bt_ead_session_key_t)
EAD Session Key size.
100 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_NONCE_SIZE#
#define SL_BT_EAD_NONCE_SIZEValue:
sizeof(struct sl_bt_ead_nonce_s)
EAD Nonce size.
103 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_IV_SIZE#
#define SL_BT_EAD_IV_SIZEValue:
sizeof(sl_bt_ead_iv_t)
EAD IV size.
106 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_MIC_SIZE#
#define SL_BT_EAD_MIC_SIZEValue:
sizeof(sl_bt_ead_mic_t)
EAD Message Integrity Check size.
109 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_LENGTH_FIELD_SIZE#
#define SL_BT_EAD_LENGTH_FIELD_SIZEValue:
sizeof(uint8_t)
Advertising Data - header length field size.
112 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_TYPE_FIELD_SIZE#
#define SL_BT_EAD_TYPE_FIELD_SIZEValue:
sizeof(uint8_t)
Advertising Data - header AD Type field size.
115 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_HEADER_SIZE#
#define SL_BT_EAD_HEADER_SIZEValue:
Advertising Data header size, Core Ver.5.3, Vol 3. Part C, Fig.11.1.
118 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_PACKET_OVERHEAD#
#define SL_BT_EAD_PACKET_OVERHEADValue:
EAD Message full packet size overhead.
122 of file common/ead_core/sl_bt_ead_core.hSL_BT_EAD_PACKET_REDUCED_OVERHEAD#
#define SL_BT_EAD_PACKET_REDUCED_OVERHEADValue:
EAD Message packet size overhead without the length field.
127 of file common/ead_core/sl_bt_ead_core.hSL_BT_ENCRYPTED_DATA_AD_TYPE#
#define SL_BT_ENCRYPTED_DATA_AD_TYPEValue:
0x31
Encrypted Data AD Type.
132 of file common/ead_core/sl_bt_ead_core.hSL_BT_ENCRYPTED_DATA_B1_HEADER#
#define SL_BT_ENCRYPTED_DATA_B1_HEADERValue:
0xEA
B1 block, octet 2 (header) for EAD encryption, CSS d11, Part A, 1.23.3.
135 of file common/ead_core/sl_bt_ead_core.hSL_BT_ENCRYPTED_KEY_MATERIAL_UUID#
#define SL_BT_ENCRYPTED_KEY_MATERIAL_UUIDValue:
0x2B88
EAD Key Material Characteristics UUID.
138 of file common/ead_core/sl_bt_ead_core.h