auth_status_tracker.c 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340
  1. /**
  2. * Copyright (c) 2018 - 2020, Nordic Semiconductor ASA
  3. *
  4. * All rights reserved.
  5. *
  6. * Redistribution and use in source and binary forms, with or without modification,
  7. * are permitted provided that the following conditions are met:
  8. *
  9. * 1. Redistributions of source code must retain the above copyright notice, this
  10. * list of conditions and the following disclaimer.
  11. *
  12. * 2. Redistributions in binary form, except as embedded into a Nordic
  13. * Semiconductor ASA integrated circuit in a product or a software update for
  14. * such product, must reproduce the above copyright notice, this list of
  15. * conditions and the following disclaimer in the documentation and/or other
  16. * materials provided with the distribution.
  17. *
  18. * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
  19. * contributors may be used to endorse or promote products derived from this
  20. * software without specific prior written permission.
  21. *
  22. * 4. This software, with or without modification, must only be used with a
  23. * Nordic Semiconductor ASA integrated circuit.
  24. *
  25. * 5. Any software provided in binary form under this license must not be reverse
  26. * engineered, decompiled, modified and/or disassembled.
  27. *
  28. * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
  29. * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
  30. * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
  31. * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
  32. * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
  33. * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
  34. * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  35. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  36. * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
  37. * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  38. *
  39. */
  40. #include "sdk_common.h"
  41. #if NRF_MODULE_ENABLED(PEER_MANAGER) && NRF_MODULE_ENABLED(PM_RA_PROTECTION)
  42. #include "auth_status_tracker.h"
  43. #include "app_timer.h"
  44. #include "id_manager.h"
  45. #define NRF_LOG_MODULE_NAME peer_manager_ast
  46. #if PM_LOG_ENABLED
  47. #define NRF_LOG_LEVEL PM_LOG_LEVEL
  48. #define NRF_LOG_INFO_COLOR PM_LOG_INFO_COLOR
  49. #define NRF_LOG_DEBUG_COLOR PM_LOG_DEBUG_COLOR
  50. #else
  51. #define NRF_LOG_LEVEL 0
  52. #endif // PM_LOG_ENABLED
  53. #include "nrf_log.h"
  54. NRF_LOG_MODULE_REGISTER();
  55. #include "nrf_strerror.h"
  56. // Assume that waiting interval doubles with each failed authentication.
  57. //lint --emacro((647),PENALITY_LVL_TO_PENALITY_MS)
  58. #define PAIR_REWARD_TICKS APP_TIMER_TICKS(PM_RA_PROTECTION_REWARD_PERIOD)
  59. #define PENALITY_LVL_TO_PENALITY_MS(_lvl) (PM_RA_PROTECTION_MIN_WAIT_INTERVAL * (1 << _lvl))
  60. #define PENALITY_LVL_TO_PENALITY_TICKS(_lvl) APP_TIMER_TICKS(PENALITY_LVL_TO_PENALITY_MS(_lvl))
  61. #define PENALITY_LVL_NEXT_SET(_lvl) \
  62. _lvl = (PENALITY_LVL_TO_PENALITY_MS(_lvl) >= (PM_RA_PROTECTION_MAX_WAIT_INTERVAL)) ? \
  63. (_lvl) : (_lvl + 1)
  64. /**@brief Tracked peer state. */
  65. typedef struct
  66. {
  67. ble_gap_addr_t peer_addr; /**< BLE address, used to identify peer. */
  68. uint32_t reward_ticks; /**< Accumulated reward ticks, used to decrease penality level
  69. after achieving certain threshold. */
  70. uint32_t penality_ticks; /**< Accumulated penality ticks, used to determine remaining time
  71. in which pairing attempts should be rejected. */
  72. uint8_t penality_lvl; /**< Accumulated penality level, used to determine waiting interval
  73. after failed authorization attempt. */
  74. bool is_active; /**< Flag indicating that the waiting interval for this peer has not
  75. passed yet. */
  76. bool is_valid; /**< Flag indicating that this entry is valid in the peer blacklist. */
  77. } blacklisted_peer_t;
  78. APP_TIMER_DEF(m_pairing_attempt_timer);
  79. static blacklisted_peer_t m_blacklisted_peers[PM_RA_PROTECTION_TRACKED_PEERS_NUM];
  80. static uint32_t m_ticks_cnt;
  81. /**@brief Function for updating the state of blacklisted peers after timer has been stopped or
  82. * timed out.
  83. *
  84. * @param[in] ticks_passed The number of ticks since the timer has started.
  85. */
  86. static uint32_t blacklisted_peers_state_update(uint32_t ticks_passed)
  87. {
  88. uint32_t minimal_ticks = UINT32_MAX;
  89. for (uint32_t id = 0; id < ARRAY_SIZE(m_blacklisted_peers); id++)
  90. {
  91. blacklisted_peer_t * p_bl_peer = &m_blacklisted_peers[id];
  92. if (p_bl_peer->is_valid)
  93. {
  94. if (p_bl_peer->is_active)
  95. {
  96. if (p_bl_peer->penality_ticks > ticks_passed)
  97. {
  98. p_bl_peer->penality_ticks -= ticks_passed;
  99. minimal_ticks = MIN(minimal_ticks, p_bl_peer->penality_ticks);
  100. }
  101. else
  102. {
  103. p_bl_peer->is_active = false;
  104. if (p_bl_peer->penality_lvl == 0)
  105. {
  106. p_bl_peer->is_valid = false;
  107. NRF_LOG_DEBUG("Peer has been removed from the blacklist, its address:");
  108. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr,
  109. sizeof(p_bl_peer->peer_addr.addr));
  110. }
  111. else
  112. {
  113. minimal_ticks = MIN(minimal_ticks, PAIR_REWARD_TICKS);
  114. }
  115. NRF_LOG_DEBUG("Pairing waiting interval has expired for:");
  116. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr,
  117. sizeof(p_bl_peer->peer_addr.addr));
  118. }
  119. }
  120. else
  121. {
  122. if (p_bl_peer->penality_lvl == 0)
  123. {
  124. p_bl_peer->is_valid = false;
  125. NRF_LOG_DEBUG("Peer has been removed from the blacklist, its address:");
  126. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr,
  127. sizeof(p_bl_peer->peer_addr.addr));
  128. }
  129. else
  130. {
  131. p_bl_peer->reward_ticks += ticks_passed;
  132. if (p_bl_peer->reward_ticks >= PAIR_REWARD_TICKS)
  133. {
  134. p_bl_peer->penality_lvl--;
  135. p_bl_peer->reward_ticks -= PAIR_REWARD_TICKS;
  136. NRF_LOG_DEBUG("Peer penality level has decreased to %d for device:",
  137. p_bl_peer->penality_lvl);
  138. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr,
  139. sizeof(p_bl_peer->peer_addr.addr));
  140. }
  141. minimal_ticks = MIN(minimal_ticks,
  142. (PAIR_REWARD_TICKS - p_bl_peer->reward_ticks));
  143. }
  144. }
  145. }
  146. }
  147. return minimal_ticks;
  148. }
  149. /**@brief Function for handling state transition of blacklisted peers.
  150. *
  151. * @param[in] context Context containing the number of ticks since the timer has started.
  152. */
  153. static void blacklisted_peers_state_transition_handle(void * context)
  154. {
  155. ret_code_t err_code;
  156. uint32_t minimal_ticks;
  157. uint32_t ticks_passed = (uint32_t) context;
  158. minimal_ticks = blacklisted_peers_state_update(ticks_passed);
  159. m_ticks_cnt = app_timer_cnt_get();
  160. if (minimal_ticks != UINT32_MAX)
  161. {
  162. err_code = app_timer_start(m_pairing_attempt_timer,
  163. minimal_ticks,
  164. (void *) minimal_ticks);
  165. if (err_code != NRF_SUCCESS)
  166. {
  167. NRF_LOG_WARNING("app_timer_start() returned %s", nrf_strerror_get(err_code));
  168. }
  169. NRF_LOG_DEBUG("Restarting the timer");
  170. }
  171. }
  172. ret_code_t ast_init(void)
  173. {
  174. ret_code_t err_code = app_timer_create(&m_pairing_attempt_timer,
  175. APP_TIMER_MODE_SINGLE_SHOT,
  176. blacklisted_peers_state_transition_handle);
  177. return err_code;
  178. }
  179. void ast_auth_error_notify(uint16_t conn_handle)
  180. {
  181. ret_code_t err_code;
  182. ble_gap_addr_t peer_addr;
  183. uint32_t new_timeout;
  184. uint32_t free_id = ARRAY_SIZE(m_blacklisted_peers);
  185. bool new_bl_entry = true;
  186. // Get the peer address associated with connection handle.
  187. err_code = im_ble_addr_get(conn_handle, &peer_addr);
  188. if (err_code != NRF_SUCCESS)
  189. {
  190. NRF_LOG_WARNING("im_ble_addr_get() returned %s. conn_handle: %d. "
  191. "Link was likely disconnected.",
  192. nrf_strerror_get(err_code),
  193. conn_handle);
  194. return;
  195. }
  196. // Stop the timer and update the state of all blacklisted peers.
  197. err_code = app_timer_stop(m_pairing_attempt_timer);
  198. if (err_code != NRF_SUCCESS)
  199. {
  200. NRF_LOG_WARNING("app_timer_stop() returned %s", nrf_strerror_get(err_code));
  201. return;
  202. }
  203. new_timeout = blacklisted_peers_state_update(app_timer_cnt_diff_compute(app_timer_cnt_get(),
  204. m_ticks_cnt));
  205. m_ticks_cnt = app_timer_cnt_get();
  206. // Check if authorization has failed for already blacklisted peer.
  207. for (uint32_t id = 0; id < ARRAY_SIZE(m_blacklisted_peers); id++)
  208. {
  209. blacklisted_peer_t * p_bl_peer = &m_blacklisted_peers[id];
  210. if (p_bl_peer->is_valid)
  211. {
  212. if (memcmp(peer_addr.addr, p_bl_peer->peer_addr.addr, BLE_GAP_ADDR_LEN) == 0)
  213. {
  214. uint8_t lvl = p_bl_peer->penality_lvl;
  215. PENALITY_LVL_NEXT_SET(lvl);
  216. p_bl_peer->penality_lvl = lvl;
  217. p_bl_peer->reward_ticks = 0;
  218. p_bl_peer->penality_ticks = PENALITY_LVL_TO_PENALITY_TICKS(lvl);
  219. new_timeout = MIN(new_timeout, p_bl_peer->penality_ticks);
  220. p_bl_peer->is_active = true;
  221. new_bl_entry = false;
  222. NRF_LOG_DEBUG("Pairing waiting interval has been renewed. "
  223. "Penality level: %d for device:",
  224. lvl);
  225. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr,
  226. sizeof(p_bl_peer->peer_addr.addr));
  227. }
  228. }
  229. else
  230. {
  231. free_id = id;
  232. }
  233. }
  234. // Add a new peer to the blacklist.
  235. if (new_bl_entry)
  236. {
  237. if (free_id < ARRAY_SIZE(m_blacklisted_peers))
  238. {
  239. blacklisted_peer_t * p_bl_peer = &m_blacklisted_peers[free_id];
  240. memcpy(&p_bl_peer->peer_addr, &peer_addr, sizeof(peer_addr));
  241. p_bl_peer->penality_lvl = 0;
  242. p_bl_peer->reward_ticks = 0;
  243. p_bl_peer->penality_ticks = PENALITY_LVL_TO_PENALITY_TICKS(p_bl_peer->penality_lvl);
  244. new_timeout = MIN(new_timeout, p_bl_peer->penality_ticks);
  245. p_bl_peer->is_active = true;
  246. p_bl_peer->is_valid = true;
  247. NRF_LOG_DEBUG("New peer has been added to the blacklist:");
  248. NRF_LOG_HEXDUMP_DEBUG(p_bl_peer->peer_addr.addr, sizeof(p_bl_peer->peer_addr.addr));
  249. }
  250. else
  251. {
  252. NRF_LOG_WARNING("No space to blacklist another peer ID");
  253. }
  254. }
  255. // Restart the timer.
  256. if (new_timeout != UINT32_MAX)
  257. {
  258. err_code = app_timer_start(m_pairing_attempt_timer,
  259. new_timeout,
  260. (void *) new_timeout);
  261. if (err_code != NRF_SUCCESS)
  262. {
  263. NRF_LOG_WARNING("app_timer_start() returned %s", nrf_strerror_get(err_code));
  264. }
  265. }
  266. }
  267. bool ast_peer_blacklisted(uint16_t conn_handle)
  268. {
  269. ret_code_t err_code;
  270. ble_gap_addr_t peer_addr;
  271. err_code = im_ble_addr_get(conn_handle, &peer_addr);
  272. if (err_code != NRF_SUCCESS)
  273. {
  274. NRF_LOG_WARNING("im_ble_addr_get() returned %s. conn_handle: %d. "
  275. "Link was likely disconnected.",
  276. nrf_strerror_get(err_code),
  277. conn_handle);
  278. return true;
  279. }
  280. for (uint32_t id = 0; id < ARRAY_SIZE(m_blacklisted_peers); id++)
  281. {
  282. blacklisted_peer_t * p_bl_peer = &m_blacklisted_peers[id];
  283. if (p_bl_peer->is_valid)
  284. {
  285. if ((memcmp(peer_addr.addr, p_bl_peer->peer_addr.addr, BLE_GAP_ADDR_LEN) == 0) &&
  286. (p_bl_peer->is_active))
  287. {
  288. return true;
  289. }
  290. }
  291. }
  292. return false;
  293. }
  294. #endif // NRF_MODULE_ENABLED(PEER_MANAGER) && NRF_MODULE_ENABLED(PM_RA_PROTECTION)