You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: doc/nrf/protocols/bt/bt_mesh/configuring.rst
+42
Original file line number
Diff line number
Diff line change
@@ -246,3 +246,45 @@ Using the :ref:`bluetooth_mesh_sensor_server` sample as an example, configured a
246
246
* Ambient light level gain
247
247
248
248
Adding up all entries, it is worth setting the cache size to minimum 71.
249
+
250
+
Security toolbox
251
+
----------------
252
+
253
+
Zephyr's Mesh security toolbox implementation uses third-party crypto libraries APIs (such as CMAC, AES-CCM, and HMAC-SHA-256) for implementing encryption and authentication functionality.
254
+
255
+
* The following options are available:
256
+
257
+
* :kconfig:option:`CONFIG_BT_MESH_USES_MBEDTLS_PSA` - Enables use of the `Mbed TLS`_ PSA API based security toolbox (default option).
258
+
* :kconfig:option:`CONFIG_BT_MESH_USES_TFM_PSA` - Enables use of the `Trusted Firmware M`_ PSA API based security toolbox (default option for platforms that support TF-M).
259
+
* :kconfig:option:`CONFIG_BT_MESH_USES_TINYCRYPT` - Enables use of Tinycrypt-based security toolbox.
260
+
Zephyr's Mesh operates with open key values, including storing them in the persistent memory.
261
+
The Tinycrypt-based solution has worse security materials protection compared to others due to keeping keys in memory in open form.
262
+
Tinycrypt is not recommended for future designs.
263
+
264
+
The Bluetooth Mesh security toolbox based on the `PSA Certified Crypto API`_ does not operate with open key values.
265
+
After Bluetooth Mesh receives an open key value, it immediately imports the key into the crypto library and receives the unique key identifier.
266
+
The key identifiers are used in the security toolbox and stored in the persistent memory.
267
+
The crypto library is responsible for storing of the open key values in the Internal Trusted Storage (`PSA Certified Secure Storage API 1.0`_).
268
+
Bluetooth Mesh data structures based on Tinycrypt and the PSA API, as well as images of these structures stored in the persistent memory, are not compatible due to different key representations.
269
+
When a provisioned device updates its firmware binary from the Tinycrypt-based toolbox to firmware binary that uses the PSA API based toolbox, a provisioned device must be unprovisioned first and reprovisioned after the update.
270
+
The provisioned device cannot restore data from the persistent memory after firmware update.
271
+
If the image is changed over Mesh DFU, it is recommended to use :c:enumerator:`BT_MESH_DFU_EFFECT_UNPROV`.
272
+
273
+
A provisioned device can update its firmware image from the Tinycrypt-based toolbox to firmware image that uses the PSA API based toolbox without unprovisioning if the key importer functionality is used.
274
+
The :kconfig:option:`CONFIG_BT_MESH_KEY_IMPORTER` Kconfig option enables the key importer functionality.
275
+
The key importer is an application initialization functionality that is called with kernel initialization priority before starting main.
276
+
This functionality reads out the persistently stored Bluetooth Mesh data and if it finds keys stored by the Tinycrypt-based security toolbox, it imports them over the PSA API into the crypto library and stores the key identifiers in a format based on the PSA API toolbox.
277
+
Once the new firmware image starts Bluetooth Mesh initialization, the persistent area already has the stored data in the correct format.
278
+
279
+
Using the key importer might make the device vulnerable for attacks.
280
+
If the device works with the key importer functionality enabled and the attacker writes arbitrary data in the persistent memory, fake keys might be stored and imported to PSA crypto library after the next device reset.
281
+
282
+
Complete the following steps to use the key importer functionality safely:
283
+
284
+
1. Update the images with the Tinycrypt-based toolbox and the PSA API based toolbox with the key importer feature enabled.
285
+
#. Reboot the device to perform the key import after the devices in the network have successfully updated their images.
286
+
#. Update the images with the PSA API based security toolbox with the key importer feature disabled.
287
+
288
+
Even if you have completed these steps, the Tinycrypt-based open key values can be extracted from the settings subsystem backend if there is access to it.
289
+
The keys might still be compromised.
290
+
Start the key refresh procedure according to the specification for all existing keys.
Copy file name to clipboardexpand all lines: doc/nrf/releases_and_maturity/migration/migration_guide_3.0.rst
+16
Original file line number
Diff line number
Diff line change
@@ -249,3 +249,19 @@ Download client
249
249
.. code-block:: C
250
250
251
251
err = downloader_deinit(&dl);
252
+
253
+
Protocols
254
+
=========
255
+
256
+
This section provides detailed lists of changes by :ref:`protocol <protocols>`.
257
+
258
+
Bluetooth Mesh
259
+
--------------
260
+
261
+
.. toggle::
262
+
263
+
* Support for Tinycrypt-based security toolbox (:kconfig:option:`CONFIG_BT_MESH_USES_TINYCRYPT`) has started the deprecation procedure and is not recommended for future designs.
264
+
* For platforms that do not support the TF-M: The default security toolbox is based on the Mbed TLS PSA API (:kconfig:option:`CONFIG_BT_MESH_USES_MBEDTLS_PSA`).
265
+
* For platforms that support the TF-M: The default security toolbox is based on the TF-M PSA API (:kconfig:option:`CONFIG_BT_MESH_USES_TFM_PSA`).
266
+
267
+
The :ref:`ug_bt_mesh_configuring` page provides more information about the updating of the images based on different security toolboxes.
0 commit comments