encryption and decryption of advertising data

Hii nordic;

I need to encrypt and decrypt my advertising data i.e;UUID,Major,Minor,etc.;  of my nrf52832

So it cannot be seen by third parties

my sdk version is 15.2 and softdevice is 132

  • Hi Naralasetty, 

    you can use the ECB peripheral to encrypt the advertisement data. See our Intro to Application-level Security Using the ECB Peripheral blog post. 

    Best regards

    Bjørn

  • We do not have a blog post that has been made using the latest SD API, but it should be very similar, see sd_rand_application_bytes_available_get and sd_ecb_block_encrypt in the S132 v6.1.0.  

    Alternatively, you can use the nrf_crypto library we have a nrf_crypto_aes example that allows you to test the different AES modes, see Testing all AES modes

    Best regards

    Bjørn

  • hi @bjorn-spockeli,

    can you please add aes code to my code

    #include <stdint.h>
    #include <string.h>
    
    #include "ble_advertising.h"
    #include "nordic_common.h"
    #include "nrf.h"
    #include "nrf_soc.h"
    #include "nrf_drv_saadc.h"
    #include "nrf_sdm.h"
    #include "app_error.h"
    #include "ble.h"
    #include "ble_err.h"
    #include "ble_hci.h"
    #include "ble_srv_common.h"
    #include "ble_advdata.h"
    #include "ble_tps.h"
    #include "ble_ias.h"
    #include "ble_lls.h"
    #include "ble_bas.h"
    #include "ble_conn_params.h"
    #include "ble_conn_state.h"
    #include "sensorsim.h"
    #include "nrf_sdh.h"
    #include "nrf_sdh_soc.h"
    #include "nrf_sdh_ble.h"
    #include "nrf_delay.h"
    #include "app_timer.h"
    #include "app_error.h"
    #include "ble_ias_c.h"
    #include "app_util.h"
    #include "bsp_btn_ble.h"
    #include "ble_db_discovery.h"
    #include "peer_manager.h"
    #include "peer_manager_handler.h"
    #include "fds.h"
    #include "ble_conn_state.h"
    #include "nrf_ble_gatt.h"
    #include "nrf_ble_lesc.h"
    #include "nrf_ble_qwr.h"
    //#include "nrf_ble_scan.h"
    #include "nrf_pwr_mgmt.h"
    #include "nrf_fstorage.h"
    
    #include "nrf_log.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_log_default_backends.h"
    
    
    #define DEVICE_NAME                     "NORDIC"                           
    
    #define APP_BLE_OBSERVER_PRIO           3                                       
    #define APP_BLE_CONN_CFG_TAG            1                                       
    
    #define BATTERY_LEVEL_MEAS_INTERVAL     APP_TIMER_TICKS(120000)                 
    
    #define MIN_CONN_INTERVAL               MSEC_TO_UNITS(500, UNIT_1_25_MS)        
    #define MAX_CONN_INTERVAL               MSEC_TO_UNITS(1000, UNIT_1_25_MS)       
    #define SLAVE_LATENCY                   0                                       
    #define CONN_SUP_TIMEOUT                MSEC_TO_UNITS(4000, UNIT_10_MS)         
    
    #define APP_ADV_INTERVAL                40 
    #define APP_ADV_TIMEOUT_IN_SECONDS      80                                      
    #define NON_CONNECTABLE_ADV_INTERVAL    MSEC_TO_UNITS(100, UNIT_0_625_MS)  
    
    #define APP_ADV_DURATION                18000                                    
    #define 	BLE_ADV_DIRECTED_ENABLED   true
     
    #define 	BLE_ADV_DIRECTED_DISABLED   false
     
    #define 	BLE_ADV_DIRECTED_SLOW_ENABLED   true
     
    #define 	BLE_ADV_DIRECTED_SLOW_DISABLED   false
     
    #define 	BLE_ADV_FAST_ENABLED   true
     
    #define 	BLE_ADV_FAST_DISABLED   false
     
    #define 	BLE_ADV_SLOW_ENABLED   true
     
    #define 	BLE_ADV_SLOW_DISABLED   false
     
    #define 	BLE_ADV_WHITELIST_ENABLED   true
     
    #define 	BLE_ADV_WHITELIST_DISABLED   false
    #define FIRST_CONN_PARAMS_UPDATE_DELAY  APP_TIMER_TICKS(5000)                   
    #define NEXT_CONN_PARAMS_UPDATE_DELAY   APP_TIMER_TICKS(30000)                  
    #define MAX_CONN_PARAMS_UPDATE_COUNT    3                                       
    
    #define SEC_PARAM_BOND                  1                                       
    #define SEC_PARAM_MITM                  0                                       
    #define SEC_PARAM_LESC                  0                                       
    #define SEC_PARAM_KEYPRESS              0                                       
    #define SEC_PARAM_IO_CAPABILITIES       BLE_GAP_IO_CAPS_NONE                    
    #define SEC_PARAM_OOB                   0                                       
    #define SEC_PARAM_MIN_KEY_SIZE          7                                       
    #define SEC_PARAM_MAX_KEY_SIZE          16
    #define BLE_GAP_ADV_TYPE_ADV_IND          0x00
    #define BLE_GAP_ADV_TYPE_ADV_DIRECT_IND   0x01
    #define BLE_GAP_ADV_TYPE_ADV_SCAN_IND     0x02
    #define BLE_GAP_ADV_TYPE_ADV_NONCONN_IND  0x03 
    #define BLE_GAP_ADDR_TYPE_PUBLIC                        0x00
    #define BLE_GAP_ADDR_TYPE_RANDOM_STATIC                 0x01
    #define BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_RESOLVABLE     0x02
    #define BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_NON_RESOLVABLE 0x03                                     
    
    #define INITIAL_LLS_ALERT_LEVEL         BLE_CHAR_ALERT_LEVEL_NO_ALERT           
    #define TX_POWER_LEVEL                  (-8)                                    
    
    #define ADC_REF_VOLTAGE_IN_MILLIVOLTS   600                                     
    #define ADC_PRE_SCALING_COMPENSATION    6                                       
    #define DIODE_FWD_VOLT_DROP_MILLIVOLTS  270                                     
    #define ADC_RES_10BIT                   1024                                    
    
    #define DEAD_BEEF                       0xDEADBEEF                              
    
    #define APP_BEACON_INFO_LENGTH          0x17                               
    #define APP_ADV_DATA_LENGTH             0x15                               
    #define APP_DEVICE_TYPE                 0x02                               
    #define APP_MEASURED_RSSI               0xC5                               
    #define APP_COMPANY_IDENTIFIER          0x004C                             
    #define APP_MAJOR_VALUE                 0x00, 0x02                         
    #define APP_MINOR_VALUE                 0x00, 0x02                         
    #define APP_BEACON_UUID                 0x01, 0x12, 0x23, 0x34, \
                                            0x45, 0x56, 0x67, 0x78, \
                                            0x89, 0x9a, 0xab, 0xbc, \
                                            0xcd, 0xde, 0xef, 0xf0            
    
    #define ECB_KEY_LEN            (16UL)
    #define COUNTER_BYTE_LEN       (4UL)
    #define NONCE_RAND_BYTE_LEN    (12UL)
    
    // The RNG wait values are typical and not guaranteed. See Product Specifications for more info.
    #ifdef NRF51
    #define RNG_BYTE_WAIT_US       (677UL)
    #elif defined NRF52
    #define RNG_BYTE_WAIT_US       (124UL)
    #else
    #error "Either NRF51 or NRF52 must be defined."
    #endif
    
    #if defined(USE_UICR_FOR_MAJ_MIN_VALUES)
    #define MAJ_VAL_OFFSET_IN_BEACON_INFO   18                                
    #define UICR_ADDRESS                    0x10001080                         
    #endif
    
    
    #define ADC_RESULT_IN_MILLI_VOLTS(ADC_VALUE)\
            ((((ADC_VALUE) * ADC_REF_VOLTAGE_IN_MILLIVOLTS) / ADC_RES_10BIT) * ADC_PRE_SCALING_COMPENSATION)
    
    
    APP_TIMER_DEF(m_battery_timer_id);                      
    BLE_TPS_DEF(m_tps);                                     
    BLE_IAS_DEF(m_ias, NRF_SDH_BLE_TOTAL_LINK_COUNT);       
    BLE_LLS_DEF(m_lls);                                     
    BLE_BAS_DEF(m_bas);                                     
    BLE_IAS_C_DEF(m_ias_c);                                 
    NRF_BLE_GATT_DEF(m_gatt);                               
    NRF_BLE_QWR_DEF(m_qwr);                                 
    BLE_ADVERTISING_DEF(m_advertising);                     
    BLE_DB_DISCOVERY_DEF(m_ble_db_discovery);               
    
    static volatile bool m_is_high_alert_signalled;         
    static volatile bool m_is_ias_present = false;          
    
    static nrf_saadc_value_t adc_buf[2];
    
    static ble_uuid_t m_adv_uuids[] =                       
    {
        {BLE_UUID_IMMEDIATE_ALERT_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_BATTERY_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_TX_POWER_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_LINK_LOSS_SERVICE, BLE_UUID_TYPE_BLE}
    };
    
    static ble_gap_adv_params_t m_adv_params;                                  
    static uint8_t              m_adv_handle = BLE_GAP_ADV_SET_HANDLE_NOT_SET; 
    static uint8_t              m_enc_advdata[BLE_GAP_ADV_SET_DATA_SIZE_MAX];  
    static uint8_t              m_enc_scandata[BLE_GAP_ADV_SET_DATA_SIZE_MAX];  
    
    
    static ble_gap_adv_data_t m_adv_data =
    {
        .adv_data =
        {
            .p_data = m_enc_advdata,
            .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX
        },
        .scan_rsp_data =
        {
            .p_data = m_enc_scandata,
            .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX
    
        }
    };
    
    
    
    
    static uint8_t m_beacon_info[APP_BEACON_INFO_LENGTH] =                    
    {
        APP_DEVICE_TYPE,     
                             
        APP_ADV_DATA_LENGTH, 
                             
        APP_BEACON_UUID,     
        APP_MAJOR_VALUE,     
        APP_MINOR_VALUE,     
        APP_MEASURED_RSSI    
                             
    };
    
    
    static void on_ias_evt(ble_ias_t * p_ias, ble_ias_evt_t * p_evt);
    static void on_lls_evt(ble_lls_t * p_lls, ble_lls_evt_t * p_evt);
    static void on_ias_c_evt(ble_ias_c_t * p_lls, ble_ias_c_evt_t * p_evt);
    static void on_bas_evt(ble_bas_t * p_bas, ble_bas_evt_t * p_evt);
    static void advertising_init(void);
    static void advertising_start(bool erase_bonds);
    
    
    
    void assert_nrf_callback(uint16_t line_num, const uint8_t * p_file_name)
    {
        app_error_handler(DEAD_BEEF, line_num, p_file_name);
    }
    
    
    
    static void service_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void pm_evt_handler(pm_evt_t const * p_evt)
    {
        pm_handler_on_pm_evt(p_evt);
        pm_handler_flash_clean(p_evt);
    
        switch (p_evt->evt_id)
        {
            case PM_EVT_PEERS_DELETE_SUCCEEDED:
                advertising_start(false);
                break;
    
            default:
                break;
        }
    }
    
    
    
    void saadc_event_handler(nrf_drv_saadc_evt_t const * p_event)
    {
        if (p_event->type == NRF_DRV_SAADC_EVT_DONE)
        {
            nrf_saadc_value_t adc_result;
            uint16_t          batt_lvl_in_milli_volts;
            uint8_t           percentage_batt_lvl;
            uint32_t          err_code;
    
            adc_result = p_event->data.done.p_buffer[0];
    
            err_code = nrf_drv_saadc_buffer_convert(p_event->data.done.p_buffer, 1);
            APP_ERROR_CHECK(err_code);
    
            batt_lvl_in_milli_volts = ADC_RESULT_IN_MILLI_VOLTS(adc_result) +
                                      DIODE_FWD_VOLT_DROP_MILLIVOLTS;
            percentage_batt_lvl = battery_level_in_percent(batt_lvl_in_milli_volts);
    
            err_code = ble_bas_battery_level_update(&m_bas, percentage_batt_lvl, BLE_CONN_HANDLE_ALL);
            if ((err_code != NRF_SUCCESS) &&
                (err_code != NRF_ERROR_INVALID_STATE) &&
                (err_code != NRF_ERROR_RESOURCES) &&
                (err_code != NRF_ERROR_BUSY) &&
                (err_code != BLE_ERROR_GATTS_SYS_ATTR_MISSING)
               )
            {
                APP_ERROR_HANDLER(err_code);
            }
        }
    }
    
    
    
    static void db_disc_handler(ble_db_discovery_evt_t * p_evt)
    {
        ble_ias_c_on_db_disc_evt(&m_ias_c, p_evt);
    }
    
    
    
    static void adc_configure(void)
    {
        ret_code_t err_code = nrf_drv_saadc_init(NULL, saadc_event_handler);
        APP_ERROR_CHECK(err_code);
    
        nrf_saadc_channel_config_t config =
            NRF_DRV_SAADC_DEFAULT_CHANNEL_CONFIG_SE(NRF_SAADC_INPUT_VDD);
        err_code = nrf_drv_saadc_channel_init(0, &config);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_drv_saadc_buffer_convert(&adc_buf[0], 1);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_drv_saadc_buffer_convert(&adc_buf[1], 1);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void battery_level_meas_timeout_handler(void * p_context)
    {
        UNUSED_PARAMETER(p_context);
    
        ret_code_t err_code;
        err_code = nrf_drv_saadc_sample();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void timers_init(void)
    {
        ret_code_t err_code;
    
        
        err_code = app_timer_init();
        APP_ERROR_CHECK(err_code);
    
        
        err_code = app_timer_create(&m_battery_timer_id,
                                    APP_TIMER_MODE_REPEATED,
                                    battery_level_meas_timeout_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void gap_params_init(void)
    {
        ret_code_t              err_code;
        ble_gap_conn_params_t   gap_conn_params;
        ble_gap_conn_sec_mode_t sec_mode;
    
        BLE_GAP_CONN_SEC_MODE_SET_OPEN(&sec_mode);
    
        err_code = sd_ble_gap_device_name_set(&sec_mode,
                                              (const uint8_t *)DEVICE_NAME,
                                              strlen(DEVICE_NAME));
        APP_ERROR_CHECK(err_code);
    
        err_code = sd_ble_gap_appearance_set(BLE_APPEARANCE_GENERIC_KEYRING);
        APP_ERROR_CHECK(err_code);
    
        memset(&gap_conn_params, 0, sizeof(gap_conn_params));
    
        gap_conn_params.min_conn_interval = MIN_CONN_INTERVAL;
        gap_conn_params.max_conn_interval = MAX_CONN_INTERVAL;
        gap_conn_params.slave_latency     = SLAVE_LATENCY;
        gap_conn_params.conn_sup_timeout  = CONN_SUP_TIMEOUT;
    
        err_code = sd_ble_gap_ppcp_set(&gap_conn_params);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void gatt_init(void)
    {
        ret_code_t err_code = nrf_ble_gatt_init(&m_gatt, NULL);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void sleep_mode_enter(void)
    {
        ret_code_t err_code;
    
        err_code = bsp_indication_set(BSP_INDICATE_IDLE);
        APP_ERROR_CHECK(err_code);
    
        
        err_code = bsp_btn_ble_sleep_mode_prepare();
        APP_ERROR_CHECK(err_code);
    
        
        err_code = sd_power_system_off();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void on_adv_evt(ble_adv_evt_t ble_adv_evt)
    {
        ret_code_t err_code;
    
        switch (ble_adv_evt)
        {
            case BLE_ADV_EVT_FAST:
                NRF_LOG_INFO("Fast advertising.");
                err_code = bsp_indication_set(BSP_INDICATE_ADVERTISING);
                APP_ERROR_CHECK(err_code);
                break; // BLE_ADV_EVT_FAST
    
            case BLE_ADV_EVT_IDLE:
                sleep_mode_enter();
                break; // BLE_ADV_EVT_IDLE
    
            default:
                break;
        }
    }
    
    
    
    static void delete_bonds(void)
    {
        ret_code_t err_code;
    
        NRF_LOG_INFO("Erase bonds!");
    
        err_code = pm_peers_delete();
        APP_ERROR_CHECK(err_code);
    }
    
    
    static void advertising_init(void)
    {
        uint32_t      err_code;
        ble_advdata_t advdata;
        ble_advdata_t scandata;
        uint8_t       flags = BLE_GAP_ADV_FLAG_BR_EDR_NOT_SUPPORTED;
    
        ble_advdata_manuf_data_t manuf_specific_data;
    
        manuf_specific_data.company_identifier = APP_COMPANY_IDENTIFIER;
    
    #if defined(USE_UICR_FOR_MAJ_MIN_VALUES)
    
        uint16_t major_value = ((*(uint32_t *)UICR_ADDRESS) & 0xFFFF0000) >> 16;
        uint16_t minor_value = ((*(uint32_t *)UICR_ADDRESS) & 0x0000FFFF);
    
        uint8_t index = MAJ_VAL_OFFSET_IN_BEACON_INFO;
    
        m_beacon_info[index++] = MSB_16(major_value);
        m_beacon_info[index++] = LSB_16(major_value);
    
        m_beacon_info[index++] = MSB_16(minor_value);
        m_beacon_info[index++] = LSB_16(minor_value);
    #endif
    
        manuf_specific_data.data.p_data = (uint8_t *) m_beacon_info;
        manuf_specific_data.data.size   = APP_BEACON_INFO_LENGTH;
    
    
        memset(&advdata, 0, sizeof(advdata));
    
        advdata.name_type             = BLE_ADVDATA_NO_NAME;
        advdata.flags                 = flags;
        advdata.p_manuf_specific_data = &manuf_specific_data;
    
    
        memset(&m_adv_params, 0, sizeof(m_adv_params));
    
        m_adv_params.properties.type = BLE_GAP_ADV_TYPE_CONNECTABLE_SCANNABLE_UNDIRECTED;
        m_adv_params.p_peer_addr     = NULL;    
        m_adv_params.filter_policy   = BLE_GAP_ADV_FP_ANY;
        m_adv_params.interval        = NON_CONNECTABLE_ADV_INTERVAL;
        m_adv_params.duration        = 0;       
    
        err_code = ble_advdata_encode(&advdata, m_adv_data.adv_data.p_data, &m_adv_data.adv_data.len);
        APP_ERROR_CHECK(err_code);
    
    
        memset(&scandata, 0, sizeof(scandata));
    
        scandata.name_type             = BLE_ADVDATA_FULL_NAME;
        scandata.uuids_complete.uuid_cnt = sizeof(m_adv_uuids) / sizeof(m_adv_uuids[0]);
        scandata.uuids_complete.p_uuids  = m_adv_uuids;
    
        err_code = ble_advdata_encode(&scandata, m_adv_data.scan_rsp_data.p_data, &m_adv_data.scan_rsp_data.len);
        APP_ERROR_CHECK(err_code);
    
        err_code = sd_ble_gap_adv_set_configure(&m_adv_handle, &m_adv_data, &m_adv_params);
        APP_ERROR_CHECK(err_code);
    }
    
    /**
     * @brief Uses the RNG to write a 12-byte nonce to a buffer
     * @details The 12 bytes will be written to the buffer starting at index 4 to leave
     *          space for the 4-byte counter value.
     *
     * @param[in]    p_buf    An array of length 16
     */
    void nonce_generate(uint8_t * p_buf)
    {
        uint8_t i         = COUNTER_BYTE_LEN;
        uint8_t remaining = NONCE_RAND_BYTE_LEN;
    
        // The random number pool may not contain enough bytes at the moment so
        // a busy wait may be necessary.
        while(0 != remaining)
        {
            uint32_t err_code;
            uint8_t  available = 0;
    
            err_code = sd_rand_application_bytes_available_get(&available);
            APP_ERROR_CHECK(err_code);
    
            available = ((available > remaining) ? remaining : available);
            if (0 != available)
            {
    	        err_code = sd_rand_application_vector_get((p_buf + i), available);
    	        APP_ERROR_CHECK(err_code);
    
    	        i         += available;
    	        remaining -= available;
    	    }
    
    	    if (0 != remaining)
    	    {
    	        nrf_delay_us(RNG_BYTE_WAIT_US * remaining);
    	    }
        }    
    }
    
    static bool m_initialized = false;
    
    // NOTE: The ECB data must be located in RAM or a HardFault will be triggered.
    static nrf_ecb_hal_data_t m_ecb_data;
    
    /**
     * @brief Initializes the module with the given nonce and key
     * @details The nonce will be copied to an internal buffer so it does not need to
     *          be retained after the function returns. Additionally, a 32-bit counter
     *          will be initialized to zero and placed into the least-significant 4 bytes
     *          of the internal buffer. The nonce value should be generated in a
     *          reasonable manner (e.g. using this module's nonce_generate function).
     *
     * @param[in]    p_nonce    An array of length 16 containing 12 random bytes
     *                          starting at index 4
     * @param[in]    p_ecb_key  An array of length 16 containing the ECB key
     */
    void ctr_init(const uint8_t * p_nonce, const uint8_t * p_ecb_key)
    {
        m_initialized = true;
    
        // Save the key.
        memcpy(&m_ecb_data.key[0], p_ecb_key, ECB_KEY_LEN);
    
        // Copy the nonce.
        memcpy(&m_ecb_data.cleartext[COUNTER_BYTE_LEN],
    	          &p_nonce[COUNTER_BYTE_LEN],
    	          NONCE_RAND_BYTE_LEN);
    
        // Zero the counter value.
        memset(&m_ecb_data.cleartext[0], 0x00, COUNTER_BYTE_LEN);
    }
    
    static uint32_t crypt(uint8_t * buf)
    {
        uint8_t  i;
        uint32_t err_code;
    
        if (!m_initialized)
        {
    	    return NRF_ERROR_INVALID_STATE;
        }
    
        err_code = sd_ecb_block_encrypt(&m_ecb_data);
        if (NRF_SUCCESS != err_code)
        {
    	    return err_code;
        }
    
        for (i=0; i < ECB_KEY_LEN; i++)
        {
    	    buf[i] ^= m_ecb_data.ciphertext[i];
        }
    
        // Increment the counter.
        (*((uint32_t*) m_ecb_data.cleartext))++;
    
        return NRF_SUCCESS;
    }
    
    /**
     * @brief Encrypts the given buffer in-situ
     * @details The encryption step is done separately (using the nonce, counter, and
     *          key) and then the result from the encryption is XOR'd with the given
     *          buffer in-situ. The counter will be incremented only if no error occurs.
     *
     * @param[in]    p_clear_text    An array of length 16 containing the clear text
     *
     * @retval    NRF_SUCCESS                         Success
     * @retval    NRF_ERROR_INVALID_STATE             Module has not been initialized
     * @retval    NRF_ERROR_SOFTDEVICE_NOT_ENABLED    SoftDevice is present, but not enabled
     */
    uint32_t ctr_encrypt(uint8_t * p_clear_text)
    {
        return crypt(p_clear_text);
    }
    
    static void advertising_start(bool erase_bonds)
    {
        ret_code_t err_code;
        if (erase_bonds == true){
            delete_bonds();
            
        }
        else
        {
            err_code = sd_ble_gap_adv_start(m_adv_handle, APP_BLE_CONN_CFG_TAG);
            APP_ERROR_CHECK(err_code);
    
            err_code = bsp_indication_set(BSP_INDICATE_ADVERTISING);
            APP_ERROR_CHECK(err_code);
        }
        
    
        
    }
    
    ///**@brief Function for initializing the Advertising functionality.
    // *
    // * @details Encodes the required advertising data and passes it to the stack.
    // *          Also builds a structure to be passed to the stack when starting advertising.
    // */
    //static void advertising_init(void)
    //{
    //    ret_code_t             err_code;
    //    ble_advertising_init_t init;
    //
    //    memset(&init, 0, sizeof(init));
    //
    //    init.advdata.name_type               = BLE_ADVDATA_FULL_NAME;
    //    init.advdata.include_appearance      = true;
    //    init.advdata.flags                   = BLE_GAP_ADV_FLAGS_LE_ONLY_LIMITED_DISC_MODE;
    //    init.advdata.uuids_complete.uuid_cnt = sizeof(m_adv_uuids) / sizeof(m_adv_uuids[0]);
    //    init.advdata.uuids_complete.p_uuids  = m_adv_uuids;
    //
    //    init.config.ble_adv_fast_enabled  = true;
    //    init.config.ble_adv_fast_interval = APP_ADV_INTERVAL;
    //    init.config.ble_adv_fast_timeout  = APP_ADV_DURATION;
    //
    //    init.evt_handler = on_adv_evt;
    //
    //    err_code = ble_advertising_init(&m_advertising, &init);
    //    APP_ERROR_CHECK(err_code);
    //
    //    ble_advertising_conn_cfg_tag_set(&m_advertising, APP_BLE_CONN_CFG_TAG);
    //}
    
    
    
    static void nrf_qwr_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void qwr_init(void)
    {
        ret_code_t         err_code;
        nrf_ble_qwr_init_t qwr_init_obj = {0};
    
     
        qwr_init_obj.error_handler = nrf_qwr_error_handler;
    
        err_code = nrf_ble_qwr_init(&m_qwr, &qwr_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void tps_init(void)
    {
        ret_code_t     err_code;
        ble_tps_init_t tps_init_obj;
    
        memset(&tps_init_obj, 0, sizeof(tps_init_obj));
        tps_init_obj.initial_tx_power_level = TX_POWER_LEVEL;
    
        tps_init_obj.tpl_rd_sec = SEC_JUST_WORKS;
    
        err_code = ble_tps_init(&m_tps, &tps_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void ias_init(void)
    {
        ret_code_t     err_code;
        ble_ias_init_t ias_init_obj;
    
        memset(&ias_init_obj, 0, sizeof(ias_init_obj));
        ias_init_obj.evt_handler  = on_ias_evt;
    
        ias_init_obj.alert_wr_sec = SEC_JUST_WORKS;
    
        err_code = ble_ias_init(&m_ias, &ias_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void lls_init(void)
    {
        ret_code_t     err_code;
        ble_lls_init_t lls_init_obj;
    
        // Initialize Link Loss Service
        memset(&lls_init_obj, 0, sizeof(lls_init_obj));
    
        lls_init_obj.evt_handler         = on_lls_evt;
        lls_init_obj.error_handler       = service_error_handler;
        lls_init_obj.initial_alert_level = INITIAL_LLS_ALERT_LEVEL;
    
        lls_init_obj.alert_level_rd_sec = SEC_JUST_WORKS;
        lls_init_obj.alert_level_wr_sec = SEC_JUST_WORKS;
    
        err_code = ble_lls_init(&m_lls, &lls_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void bas_init(void)
    {
        ret_code_t     err_code;
        ble_bas_init_t bas_init_obj;
    
        memset(&bas_init_obj, 0, sizeof(bas_init_obj));
    
        bas_init_obj.evt_handler          = on_bas_evt;
        bas_init_obj.support_notification = true;
        bas_init_obj.p_report_ref         = NULL;
        bas_init_obj.initial_batt_level   = 100;
    
        bas_init_obj.bl_rd_sec        = SEC_OPEN;
        bas_init_obj.bl_cccd_wr_sec   = SEC_OPEN;
        bas_init_obj.bl_report_rd_sec = SEC_OPEN;
    
        err_code = ble_bas_init(&m_bas, &bas_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void ias_client_init(void)
    {
        ret_code_t       err_code;
        ble_ias_c_init_t ias_c_init_obj;
    
        memset(&ias_c_init_obj, 0, sizeof(ias_c_init_obj));
    
        m_is_high_alert_signalled = false;
    
        ias_c_init_obj.evt_handler   = on_ias_c_evt;
        ias_c_init_obj.error_handler = service_error_handler;
    
        err_code = ble_ias_c_init(&m_ias_c, &ias_c_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void services_init(void)
    {
        qwr_init();
        tps_init();
        ias_init();
        lls_init();
        bas_init();
        ias_client_init();
    }
    
    
    
    static void db_discovery_init(void)
    {
        ret_code_t err_code = ble_db_discovery_init(db_disc_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    static void conn_params_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void conn_params_init(void)
    {
        ret_code_t             err_code;
        ble_conn_params_init_t cp_init;
    
        memset(&cp_init, 0, sizeof(cp_init));
    
        cp_init.p_conn_params                  = NULL;
        cp_init.first_conn_params_update_delay = FIRST_CONN_PARAMS_UPDATE_DELAY;
        cp_init.next_conn_params_update_delay  = NEXT_CONN_PARAMS_UPDATE_DELAY;
        cp_init.max_conn_params_update_count   = MAX_CONN_PARAMS_UPDATE_COUNT;
        cp_init.start_on_notify_cccd_handle    = BLE_GATT_HANDLE_INVALID;
        cp_init.disconnect_on_fail             = true;
        cp_init.evt_handler                    = NULL;
        cp_init.error_handler                  = conn_params_error_handler;
    
        err_code = ble_conn_params_init(&cp_init);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void alert_signal(uint8_t alert_level)
    {
        ret_code_t err_code;
    
        switch (alert_level)
        {
            case BLE_CHAR_ALERT_LEVEL_NO_ALERT:
                NRF_LOG_INFO("No Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_OFF);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_NO_ALERT
    
            case BLE_CHAR_ALERT_LEVEL_MILD_ALERT:
                NRF_LOG_INFO("Mild Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_0);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_MILD_ALERT
    
            case BLE_CHAR_ALERT_LEVEL_HIGH_ALERT:
                NRF_LOG_INFO("HIGH Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_3);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_HIGH_ALERT
    
            default:
    
                break;
        }
    }
    
    
    
    static void on_ias_evt(ble_ias_t * p_ias, ble_ias_evt_t * p_evt)
    {
        switch (p_evt->evt_type)
        {
            case BLE_IAS_EVT_ALERT_LEVEL_UPDATED:
                if (p_evt->p_link_ctx != NULL)
                {
                    alert_signal(p_evt->p_link_ctx->alert_level);
                }
                break; // BLE_IAS_EVT_ALERT_LEVEL_UPDATED
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void on_lls_evt(ble_lls_t * p_lls, ble_lls_evt_t * p_evt)
    {
        switch (p_evt->evt_type)
        {
            case BLE_LLS_EVT_LINK_LOSS_ALERT:
                alert_signal(p_evt->params.alert_level);
                break; // BLE_LLS_EVT_LINK_LOSS_ALERT
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    
    static void on_ias_c_evt(ble_ias_c_t * p_ias_c, ble_ias_c_evt_t * p_evt)
    {
        ret_code_t err_code;
    
        switch (p_evt->evt_type)
        {
            case BLE_IAS_C_EVT_DISCOVERY_COMPLETE:
                // IAS is found on peer. The Find Me Locator functionality of this app will work.
                err_code = ble_ias_c_handles_assign(&m_ias_c,
                                                    p_evt->conn_handle,
                                                    p_evt->alert_level.handle_value);
                APP_ERROR_CHECK(err_code);
    
                m_is_ias_present = true;
                break; // BLE_IAS_C_EVT_DISCOVERY_COMPLETE
    
            case BLE_IAS_C_EVT_DISCOVERY_FAILED:
                // IAS is not found on peer. The Find Me Locator functionality of this app will NOT work.
                break; // BLE_IAS_C_EVT_DISCOVERY_FAILED
    
            case BLE_IAS_C_EVT_DISCONN_COMPLETE:
                // Disable alert buttons
                m_is_ias_present = false;
                break; // BLE_IAS_C_EVT_DISCONN_COMPLETE
    
            default:
                break;
        }
    }
    
    
    
    static void on_bas_evt(ble_bas_t * p_bas, ble_bas_evt_t * p_evt)
    {
        ret_code_t err_code;
    
        switch (p_evt->evt_type)
        {
            case BLE_BAS_EVT_NOTIFICATION_ENABLED:
                // Start battery timer
                err_code = app_timer_start(m_battery_timer_id, BATTERY_LEVEL_MEAS_INTERVAL, NULL);
                APP_ERROR_CHECK(err_code);
                break; // BLE_BAS_EVT_NOTIFICATION_ENABLED
    
            case BLE_BAS_EVT_NOTIFICATION_DISABLED:
                err_code = app_timer_stop(m_battery_timer_id);
                APP_ERROR_CHECK(err_code);
                break; // BLE_BAS_EVT_NOTIFICATION_DISABLED
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void ble_evt_handler(ble_evt_t const * p_ble_evt, void * p_context)
    {
        ret_code_t err_code = NRF_SUCCESS;
    
        switch (p_ble_evt->header.evt_id)
        {
            case BLE_GAP_EVT_DISCONNECTED:
                NRF_LOG_INFO("Disconnected.");
                // LED indication will be changed when advertising starts.
                break;
    
            case BLE_GAP_EVT_CONNECTED:
            {
                NRF_LOG_INFO("Connected.");
                err_code = bsp_indication_set(BSP_INDICATE_CONNECTED);
                APP_ERROR_CHECK(err_code);
    
                // Assign connection handle to the Queued Write module.
                err_code = nrf_ble_qwr_conn_handle_assign(&m_qwr, p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
    
                // Discover peer's services.
                err_code = ble_db_discovery_start(&m_ble_db_discovery,
                                                  p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GAP_EVT_PHY_UPDATE_REQUEST:
            {
                NRF_LOG_DEBUG("PHY update request.");
                ble_gap_phys_t const phys =
                {
                    .rx_phys = BLE_GAP_PHY_AUTO,
                    .tx_phys = BLE_GAP_PHY_AUTO,
                };
                err_code = sd_ble_gap_phy_update(p_ble_evt->evt.gap_evt.conn_handle, &phys);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GATTC_EVT_TIMEOUT:
                // Disconnect on GATT Client timeout event.
                NRF_LOG_DEBUG("GATT Client Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gattc_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GATTS_EVT_TIMEOUT:
                // Disconnect on GATT Server timeout event.
                NRF_LOG_DEBUG("GATT Server Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gatts_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void ble_stack_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_sdh_enable_request();
        APP_ERROR_CHECK(err_code);
    
        // Configure the BLE stack using the default settings.
        // Fetch the start address of the application RAM.
        uint32_t ram_start = 0;
        err_code = nrf_sdh_ble_default_cfg_set(APP_BLE_CONN_CFG_TAG, &ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Enable BLE stack.
        err_code = nrf_sdh_ble_enable(&ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Register a handler for BLE events.
        NRF_SDH_BLE_OBSERVER(m_ble_observer, APP_BLE_OBSERVER_PRIO, ble_evt_handler, NULL);
    }
    
    
    static void peer_manager_init(void)
    {
        ble_gap_sec_params_t sec_param;
        ret_code_t           err_code;
    
        err_code = pm_init();
        APP_ERROR_CHECK(err_code);
    
        memset(&sec_param, 0, sizeof(ble_gap_sec_params_t));
    
        // Security parameters to be used for all security procedures.
        sec_param.bond           = SEC_PARAM_BOND;
        sec_param.mitm           = SEC_PARAM_MITM;
        sec_param.lesc           = SEC_PARAM_LESC;
        sec_param.keypress       = SEC_PARAM_KEYPRESS;
        sec_param.io_caps        = SEC_PARAM_IO_CAPABILITIES;
        sec_param.oob            = SEC_PARAM_OOB;
        sec_param.min_key_size   = SEC_PARAM_MIN_KEY_SIZE;
        sec_param.max_key_size   = SEC_PARAM_MAX_KEY_SIZE;
        sec_param.kdist_own.enc  = 1;
        sec_param.kdist_own.id   = 1;
        sec_param.kdist_peer.enc = 1;
        sec_param.kdist_peer.id  = 1;
    
        err_code = pm_sec_params_set(&sec_param);
        APP_ERROR_CHECK(err_code);
    
        err_code = pm_register(pm_evt_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void bsp_event_handler(bsp_event_t event)
    {
        ret_code_t err_code;
    
        switch (event)
        {
            case BSP_EVENT_SLEEP:
                sleep_mode_enter();
                break;
    
            case BSP_EVENT_DISCONNECT:
                err_code = sd_ble_gap_disconnect(m_ias_c.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                if (err_code != NRF_ERROR_INVALID_STATE)
                {
                    APP_ERROR_CHECK(err_code);
                }
                break;
    
            case BSP_EVENT_KEY_0:
            {
                if (m_is_ias_present)
                {
                    if (!m_is_high_alert_signalled)
                    {
                        err_code =
                            ble_ias_c_send_alert_level(&m_ias_c, BLE_CHAR_ALERT_LEVEL_HIGH_ALERT);
                    }
                    else
                    {
                        err_code = ble_ias_c_send_alert_level(&m_ias_c, BLE_CHAR_ALERT_LEVEL_NO_ALERT);
                    }
    
                    if (err_code == NRF_SUCCESS)
                    {
                        m_is_high_alert_signalled = !m_is_high_alert_signalled;
                    }
                    else if (
                        (err_code != NRF_ERROR_RESOURCES)
                        &&
                        (err_code != BLE_ERROR_GATTS_SYS_ATTR_MISSING)
                        &&
                        (err_code != NRF_ERROR_NOT_FOUND)
                            )
                    {
                        APP_ERROR_HANDLER(err_code);
                    }
                }
            } break;
    
            case BSP_EVENT_KEY_1:
                NRF_LOG_INFO("Alert Off.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_OFF);
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                break;
        }
    }
    
    
    
    static void buttons_leds_init(bool * p_erase_bonds)
    {
        ret_code_t err_code;
        bsp_event_t startup_event;
    
        err_code = bsp_init(BSP_INIT_LEDS | BSP_INIT_BUTTONS, bsp_event_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = bsp_btn_ble_init(NULL, &startup_event);
        APP_ERROR_CHECK(err_code);
    
        *p_erase_bonds = (startup_event == BSP_EVENT_CLEAR_BONDING_DATA);
    }
    
    
    
    static void log_init(void)
    {
        ret_code_t err_code = NRF_LOG_INIT(NULL);
        APP_ERROR_CHECK(err_code);
    
        NRF_LOG_DEFAULT_BACKENDS_INIT();
    }
    
    
    
    static void power_management_init(void)
    {
        ret_code_t err_code;
        err_code = nrf_pwr_mgmt_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void idle_state_handle(void)
    {
        if (NRF_LOG_PROCESS() == false)
        {
            nrf_pwr_mgmt_run();
        }
    }
    
    
    
    ///**@brief Function for starting advertising.
    // */
    //static void advertising_start(bool erase_bonds)
    //{
    //    if (erase_bonds == true){
    //        delete_bonds();
    //        // Advertising is started by PM_EVT_PEERS_DELETE_SUCEEDED event.
    //    }
    //    else
    //    {
    //        uint32_t err_code = ble_advertising_start(&m_advertising, BLE_ADV_MODE_FAST);
    //
    //        APP_ERROR_CHECK(err_code);
    //    }
    //}
    
    
    
    static void tx_power_set(void)
    {
        ret_code_t err_code = sd_ble_gap_tx_power_set(BLE_GAP_TX_POWER_ROLE_ADV, m_advertising.adv_handle, TX_POWER_LEVEL);
        APP_ERROR_CHECK(err_code);
    }
    
    
    int main(void)
    {
        bool erase_bonds;
    
        // Initialize.
        log_init();
        timers_init();
        buttons_leds_init(&erase_bonds);
        power_management_init();
        ble_stack_init();
        adc_configure();
        gap_params_init();
        gatt_init();
        advertising_init();
        db_discovery_init();
        services_init();
        conn_params_init();
        peer_manager_init();
    
        // Start execution.
        NRF_LOG_INFO("Proximity example started.");
        advertising_start(erase_bonds);
        tx_power_set();
    
        // Enter main loop.
        for (;;)
        {
            idle_state_handle();
        }
    }

    i had added the code but it is not encrypting

  • : You are not calling the ctr_init, the nonce_generate or the ctr_encrypt functions, so its no wonder that you're not encrypting anything. 
    You need to create a ECB key, you can use a generator like this one to do that. Then you need do generate the nounce with the nonce_generate function, provide the nounce and the ecb key to the ctr_init function and then call crypt on the data you want to encrypt. 

    Best regards 
    Bjørn