This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

encryption and decryption of advertising data

Hii nordic;

I need to encrypt and decrypt my advertising data i.e;UUID,Major,Minor,etc.;  of my nrf52832

So it cannot be seen by third parties

my sdk version is 15.2 and softdevice is 132

Parents
  • Hi Naralasetty, 

    you can use the ECB peripheral to encrypt the advertisement data. See our Intro to Application-level Security Using the ECB Peripheral blog post. 

    Best regards

    Bjørn

  • Hi bjorn, 

    I need the code for latest soft device 132  

  • hi @bjorn-spockeli,

    thanks for the reply and for reference code

    i used the given code as reference and added code then also my beacon data is not being encrypted

    it is same as shown in picture

    #include <stdint.h>
    #include <string.h>
    
    #include "ble_advertising.h"
    #include "nordic_common.h"
    #include "nrf.h"
    #include "nrf_soc.h"
    #include "nrf_drv_saadc.h"
    #include "nrf_sdm.h"
    #include "app_error.h"
    #include "ble.h"
    #include "ble_err.h"
    #include "ble_hci.h"
    #include "ble_srv_common.h"
    #include "ble_advdata.h"
    #include "ble_tps.h"
    #include "ble_ias.h"
    #include "ble_lls.h"
    #include "ble_bas.h"
    #include "ble_conn_params.h"
    #include "ble_conn_state.h"
    #include "sensorsim.h"
    #include "nrf_sdh.h"
    #include "nrf_sdh_soc.h"
    #include "nrf_sdh_ble.h"
    #include "nrf_delay.h"
    #include "app_timer.h"
    #include "app_error.h"
    #include "ble_ias_c.h"
    #include "app_util.h"
    #include "bsp_btn_ble.h"
    #include "ble_db_discovery.h"
    #include "peer_manager.h"
    #include "peer_manager_handler.h"
    #include "fds.h"
    #include "ble_conn_state.h"
    #include "nrf_ble_gatt.h"
    #include "nrf_ble_lesc.h"
    #include "nrf_ble_qwr.h"
    //#include "nrf_ble_scan.h"
    #include "nrf_pwr_mgmt.h"
    #include "nrf_fstorage.h"
    
    #include "nrf_log.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_log_default_backends.h"
    
    
    #define DEVICE_NAME                     "NORDIC"                           
    
    #define APP_BLE_OBSERVER_PRIO           3                                       
    #define APP_BLE_CONN_CFG_TAG            1                                       
    
    #define BATTERY_LEVEL_MEAS_INTERVAL     APP_TIMER_TICKS(120000)                 
    
    #define MIN_CONN_INTERVAL               MSEC_TO_UNITS(500, UNIT_1_25_MS)        
    #define MAX_CONN_INTERVAL               MSEC_TO_UNITS(1000, UNIT_1_25_MS)       
    #define SLAVE_LATENCY                   0                                       
    #define CONN_SUP_TIMEOUT                MSEC_TO_UNITS(4000, UNIT_10_MS)         
    
    #define APP_ADV_INTERVAL                40 
    #define APP_ADV_TIMEOUT_IN_SECONDS      80                                      
    #define NON_CONNECTABLE_ADV_INTERVAL    MSEC_TO_UNITS(100, UNIT_0_625_MS)  
    
    #define APP_ADV_DURATION                18000                                    
    #define 	BLE_ADV_DIRECTED_ENABLED   true
    #define 	BLE_ADV_DIRECTED_DISABLED   false
    #define 	BLE_ADV_DIRECTED_SLOW_ENABLED   true
    #define 	BLE_ADV_DIRECTED_SLOW_DISABLED   false
    #define 	BLE_ADV_FAST_ENABLED   true
    #define 	BLE_ADV_FAST_DISABLED   false
    #define 	BLE_ADV_SLOW_ENABLED   true
    #define 	BLE_ADV_SLOW_DISABLED   false
    #define 	BLE_ADV_WHITELIST_ENABLED   true
    #define 	BLE_ADV_WHITELIST_DISABLED   false
    
    #define FIRST_CONN_PARAMS_UPDATE_DELAY  APP_TIMER_TICKS(5000)                   
    #define NEXT_CONN_PARAMS_UPDATE_DELAY   APP_TIMER_TICKS(30000)                  
    #define MAX_CONN_PARAMS_UPDATE_COUNT    3                                       
    
    #define SEC_PARAM_BOND                  1                                       
    #define SEC_PARAM_MITM                  0                                       
    #define SEC_PARAM_LESC                  0                                       
    #define SEC_PARAM_KEYPRESS              0                                       
    #define SEC_PARAM_IO_CAPABILITIES       BLE_GAP_IO_CAPS_NONE                    
    #define SEC_PARAM_OOB                   0                                       
    #define SEC_PARAM_MIN_KEY_SIZE          7                                       
    #define SEC_PARAM_MAX_KEY_SIZE          16
    #define BLE_GAP_ADV_TYPE_ADV_IND          0x00
    #define BLE_GAP_ADV_TYPE_ADV_DIRECT_IND   0x01
    #define BLE_GAP_ADV_TYPE_ADV_SCAN_IND     0x02
    #define BLE_GAP_ADV_TYPE_ADV_NONCONN_IND  0x03 
    #define BLE_GAP_ADDR_TYPE_PUBLIC                        0x00
    #define BLE_GAP_ADDR_TYPE_RANDOM_STATIC                 0x01
    #define BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_RESOLVABLE     0x02
    #define BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_NON_RESOLVABLE 0x03                                     
    
    #define INITIAL_LLS_ALERT_LEVEL         BLE_CHAR_ALERT_LEVEL_NO_ALERT           
    #define TX_POWER_LEVEL                  (-8)                                    
    
    #define ADC_REF_VOLTAGE_IN_MILLIVOLTS   600                                     
    #define ADC_PRE_SCALING_COMPENSATION    6                                       
    #define DIODE_FWD_VOLT_DROP_MILLIVOLTS  270                                     
    #define ADC_RES_10BIT                   1024                                    
    
    #define DEAD_BEEF                       0xDEADBEEF  
    #define ECB_KEY_LEN            (16UL)
    #define COUNTER_BYTE_LEN       (4UL)
    #define NONCE_RAND_BYTE_LEN    (12UL)
    
    static uint8_t m_ecb_key[16] = {0xC4,0xB1,0xC4,0x95,0x81,0x1D,0x6D,0xD9,0x6A,0xAD,0x3E,0x09,0xFB,0x2D,0xAD,0xA3};
    
    // The RNG wait values are typical and not guaranteed. See Product Specifications for more info.
    #ifdef NRF51
    #define RNG_BYTE_WAIT_US       (677UL)
    #elif defined NRF52
    #define RNG_BYTE_WAIT_US       (124UL)
    #else
    #error "Either NRF51 or NRF52 must be defined."
    #endif                            
    
    #define APP_BEACON_INFO_LENGTH          0x17                               
    #define APP_ADV_DATA_LENGTH             0x15                               
    #define APP_DEVICE_TYPE                 0x02                               
    #define APP_MEASURED_RSSI               0xC5                               
    #define APP_COMPANY_IDENTIFIER          0x004C                             
    #define APP_MAJOR_VALUE                 0x00, 0x02                         
    #define APP_MINOR_VALUE                 0x00, 0x02                         
    #define APP_BEACON_UUID                 0x01, 0x12, 0x23, 0x34, \
                                            0x45, 0x56, 0x67, 0x78, \
                                            0x89, 0x9a, 0xab, 0xbc, \
                                            0xcd, 0xde, 0xef, 0xf0            
    
    #if defined(USE_UICR_FOR_MAJ_MIN_VALUES)
    #define MAJ_VAL_OFFSET_IN_BEACON_INFO   18                                
    #define UICR_ADDRESS                    0x10001080                         
    #endif
    
    
    #define ADC_RESULT_IN_MILLI_VOLTS(ADC_VALUE)\
            ((((ADC_VALUE) * ADC_REF_VOLTAGE_IN_MILLIVOLTS) / ADC_RES_10BIT) * ADC_PRE_SCALING_COMPENSATION)
    
    
    APP_TIMER_DEF(m_battery_timer_id);                      
    BLE_TPS_DEF(m_tps);                                     
    BLE_IAS_DEF(m_ias, NRF_SDH_BLE_TOTAL_LINK_COUNT);       
    BLE_LLS_DEF(m_lls);                                     
    BLE_BAS_DEF(m_bas);                                     
    BLE_IAS_C_DEF(m_ias_c);                                 
    NRF_BLE_GATT_DEF(m_gatt);                               
    NRF_BLE_QWR_DEF(m_qwr);                                 
    BLE_ADVERTISING_DEF(m_advertising);                     
    BLE_DB_DISCOVERY_DEF(m_ble_db_discovery);               
    
    static volatile bool m_is_high_alert_signalled;         
    static volatile bool m_is_ias_present = false;          
    
    static nrf_saadc_value_t adc_buf[2];
    
    static ble_uuid_t m_adv_uuids[] =                       
    {
        {BLE_UUID_IMMEDIATE_ALERT_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_BATTERY_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_TX_POWER_SERVICE, BLE_UUID_TYPE_BLE},
        {BLE_UUID_LINK_LOSS_SERVICE, BLE_UUID_TYPE_BLE}
    };
    
    static ble_gap_adv_params_t m_adv_params;                                  
    static uint8_t              m_adv_handle = BLE_GAP_ADV_SET_HANDLE_NOT_SET; 
    static uint8_t              m_enc_advdata[BLE_GAP_ADV_SET_DATA_SIZE_MAX];  
    static uint8_t              m_enc_scandata[BLE_GAP_ADV_SET_DATA_SIZE_MAX];  
    
    
    static ble_gap_adv_data_t m_adv_data =
    {
        .adv_data =
        {
            .p_data = m_enc_advdata,
            .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX
        },
        .scan_rsp_data =
        {
            .p_data = m_enc_scandata,
            .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX
    
        }
    };
    
    
    
    
    static uint8_t m_beacon_info[APP_BEACON_INFO_LENGTH] =                    
    {
        APP_DEVICE_TYPE,     
                             
        APP_ADV_DATA_LENGTH, 
                             
        APP_BEACON_UUID,     
        APP_MAJOR_VALUE,     
        APP_MINOR_VALUE,     
        APP_MEASURED_RSSI    
                             
    };
    
    
    static void on_ias_evt(ble_ias_t * p_ias, ble_ias_evt_t * p_evt);
    static void on_lls_evt(ble_lls_t * p_lls, ble_lls_evt_t * p_evt);
    static void on_ias_c_evt(ble_ias_c_t * p_lls, ble_ias_c_evt_t * p_evt);
    static void on_bas_evt(ble_bas_t * p_bas, ble_bas_evt_t * p_evt);
    static void advertising_init(void);
    static void advertising_start(bool erase_bonds);
    
    
    
    void assert_nrf_callback(uint16_t line_num, const uint8_t * p_file_name)
    {
        app_error_handler(DEAD_BEEF, line_num, p_file_name);
    }
    
    
    
    static void service_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void pm_evt_handler(pm_evt_t const * p_evt)
    {
        pm_handler_on_pm_evt(p_evt);
        pm_handler_flash_clean(p_evt);
    
        switch (p_evt->evt_id)
        {
            case PM_EVT_PEERS_DELETE_SUCCEEDED:
                advertising_start(false);
                break;
    
            default:
                break;
        }
    }
    
    
    
    void saadc_event_handler(nrf_drv_saadc_evt_t const * p_event)
    {
        if (p_event->type == NRF_DRV_SAADC_EVT_DONE)
        {
            nrf_saadc_value_t adc_result;
            uint16_t          batt_lvl_in_milli_volts;
            uint8_t           percentage_batt_lvl;
            uint32_t          err_code;
    
            adc_result = p_event->data.done.p_buffer[0];
    
            err_code = nrf_drv_saadc_buffer_convert(p_event->data.done.p_buffer, 1);
            APP_ERROR_CHECK(err_code);
    
            batt_lvl_in_milli_volts = ADC_RESULT_IN_MILLI_VOLTS(adc_result) +
                                      DIODE_FWD_VOLT_DROP_MILLIVOLTS;
            percentage_batt_lvl = battery_level_in_percent(batt_lvl_in_milli_volts);
    
            err_code = ble_bas_battery_level_update(&m_bas, percentage_batt_lvl, BLE_CONN_HANDLE_ALL);
            if ((err_code != NRF_SUCCESS) &&
                (err_code != NRF_ERROR_INVALID_STATE) &&
                (err_code != NRF_ERROR_RESOURCES) &&
                (err_code != NRF_ERROR_BUSY) &&
                (err_code != BLE_ERROR_GATTS_SYS_ATTR_MISSING)
               )
            {
                APP_ERROR_HANDLER(err_code);
            }
        }
    }
    
    
    
    static void db_disc_handler(ble_db_discovery_evt_t * p_evt)
    {
        ble_ias_c_on_db_disc_evt(&m_ias_c, p_evt);
    }
    
    
    
    static void adc_configure(void)
    {
        ret_code_t err_code = nrf_drv_saadc_init(NULL, saadc_event_handler);
        APP_ERROR_CHECK(err_code);
    
        nrf_saadc_channel_config_t config =
            NRF_DRV_SAADC_DEFAULT_CHANNEL_CONFIG_SE(NRF_SAADC_INPUT_VDD);
        err_code = nrf_drv_saadc_channel_init(0, &config);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_drv_saadc_buffer_convert(&adc_buf[0], 1);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_drv_saadc_buffer_convert(&adc_buf[1], 1);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void battery_level_meas_timeout_handler(void * p_context)
    {
        UNUSED_PARAMETER(p_context);
    
        ret_code_t err_code;
        err_code = nrf_drv_saadc_sample();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void timers_init(void)
    {
        ret_code_t err_code;
    
        
        err_code = app_timer_init();
        APP_ERROR_CHECK(err_code);
    
        
        err_code = app_timer_create(&m_battery_timer_id,
                                    APP_TIMER_MODE_REPEATED,
                                    battery_level_meas_timeout_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void gap_params_init(void)
    {
        ret_code_t              err_code;
        ble_gap_conn_params_t   gap_conn_params;
        ble_gap_conn_sec_mode_t sec_mode;
    
        BLE_GAP_CONN_SEC_MODE_SET_OPEN(&sec_mode);
    
        err_code = sd_ble_gap_device_name_set(&sec_mode,
                                              (const uint8_t *)DEVICE_NAME,
                                              strlen(DEVICE_NAME));
        APP_ERROR_CHECK(err_code);
    
        err_code = sd_ble_gap_appearance_set(BLE_APPEARANCE_GENERIC_KEYRING);
        APP_ERROR_CHECK(err_code);
    
        memset(&gap_conn_params, 0, sizeof(gap_conn_params));
    
        gap_conn_params.min_conn_interval = MIN_CONN_INTERVAL;
        gap_conn_params.max_conn_interval = MAX_CONN_INTERVAL;
        gap_conn_params.slave_latency     = SLAVE_LATENCY;
        gap_conn_params.conn_sup_timeout  = CONN_SUP_TIMEOUT;
    
        err_code = sd_ble_gap_ppcp_set(&gap_conn_params);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void gatt_init(void)
    {
        ret_code_t err_code = nrf_ble_gatt_init(&m_gatt, NULL);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void sleep_mode_enter(void)
    {
        ret_code_t err_code;
    
        err_code = bsp_indication_set(BSP_INDICATE_IDLE);
        APP_ERROR_CHECK(err_code);
    
        
        err_code = bsp_btn_ble_sleep_mode_prepare();
        APP_ERROR_CHECK(err_code);
    
        
        err_code = sd_power_system_off();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void on_adv_evt(ble_adv_evt_t ble_adv_evt)
    {
        ret_code_t err_code;
    
        switch (ble_adv_evt)
        {
            case BLE_ADV_EVT_FAST:
                NRF_LOG_INFO("Fast advertising.");
                err_code = bsp_indication_set(BSP_INDICATE_ADVERTISING);
                APP_ERROR_CHECK(err_code);
                break; // BLE_ADV_EVT_FAST
    
            case BLE_ADV_EVT_IDLE:
                sleep_mode_enter();
                break; // BLE_ADV_EVT_IDLE
    
            default:
                break;
        }
    }
    
    
    
    static void delete_bonds(void)
    {
        ret_code_t err_code;
    
        NRF_LOG_INFO("Erase bonds!");
    
        err_code = pm_peers_delete();
        APP_ERROR_CHECK(err_code);
    }
    
    
    static void advertising_init(void)
    {
        uint32_t      err_code;
        ble_advdata_t advdata;
        ble_advdata_t scandata;
        uint8_t       flags = BLE_GAP_ADV_FLAG_BR_EDR_NOT_SUPPORTED;
    
        ble_advdata_manuf_data_t manuf_specific_data;
    
        manuf_specific_data.company_identifier = APP_COMPANY_IDENTIFIER;
    
    #if defined(USE_UICR_FOR_MAJ_MIN_VALUES)
    
        uint16_t major_value = ((*(uint32_t *)UICR_ADDRESS) & 0xFFFF0000) >> 16;
        uint16_t minor_value = ((*(uint32_t *)UICR_ADDRESS) & 0x0000FFFF);
    
        uint8_t index = MAJ_VAL_OFFSET_IN_BEACON_INFO;
    
        m_beacon_info[index++] = MSB_16(major_value);
        m_beacon_info[index++] = LSB_16(major_value);
    
        m_beacon_info[index++] = MSB_16(minor_value);
        m_beacon_info[index++] = LSB_16(minor_value);
    #endif
    
        manuf_specific_data.data.p_data = (uint8_t *) m_beacon_info;
        manuf_specific_data.data.size   = APP_BEACON_INFO_LENGTH;
    
    
        memset(&advdata, 0, sizeof(advdata));
    
        advdata.name_type             = BLE_ADVDATA_NO_NAME;
        advdata.flags                 = flags;
        advdata.p_manuf_specific_data = &manuf_specific_data;
    
    
        memset(&m_adv_params, 0, sizeof(m_adv_params));
    
        m_adv_params.properties.type = BLE_GAP_ADV_TYPE_CONNECTABLE_SCANNABLE_UNDIRECTED;
        m_adv_params.p_peer_addr     = NULL;    
        m_adv_params.filter_policy   = BLE_GAP_ADV_FP_ANY;
        m_adv_params.interval        = NON_CONNECTABLE_ADV_INTERVAL;
        m_adv_params.duration        = 0;       
    
        err_code = ble_advdata_encode(&advdata, m_adv_data.adv_data.p_data, &m_adv_data.adv_data.len);
        APP_ERROR_CHECK(err_code);
    
    
        memset(&scandata, 0, sizeof(scandata));
    
        scandata.name_type             = BLE_ADVDATA_FULL_NAME;
        scandata.uuids_complete.uuid_cnt = sizeof(m_adv_uuids) / sizeof(m_adv_uuids[0]);
        scandata.uuids_complete.p_uuids  = m_adv_uuids;
    
        ble_gap_addr_t gap_address;
        gap_address.addr_type = BLE_GAP_ADDR_TYPE_PUBLIC;
        memcpy(&gap_address.addr, "\xbb\xaa\xcc\xbb\xaa\xAC", sizeof(gap_address.addr));
        err_code = sd_ble_gap_addr_set(&gap_address);
        APP_ERROR_CHECK(err_code);
    
        err_code = ble_advdata_encode(&scandata, m_adv_data.scan_rsp_data.p_data, &m_adv_data.scan_rsp_data.len);
        APP_ERROR_CHECK(err_code);
    
        err_code = sd_ble_gap_adv_set_configure(&m_adv_handle, &m_adv_data, &m_adv_params);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void advertising_start(bool erase_bonds)
    {
        ret_code_t err_code;
        if (erase_bonds == true){
            delete_bonds();
            
        }
        else
        {
            err_code = sd_ble_gap_adv_start(m_adv_handle, APP_BLE_CONN_CFG_TAG);
            APP_ERROR_CHECK(err_code);
    
            err_code = bsp_indication_set(BSP_INDICATE_ADVERTISING);
            APP_ERROR_CHECK(err_code);
        }
        
        
    }
    
    /**
     * @brief Uses the RNG to write a 12-byte nonce to a buffer
     * @details The 12 bytes will be written to the buffer starting at index 4 to leave
     *          space for the 4-byte counter value.
     *
     * @param[in]    p_buf    An array of length 16
     */
    void nonce_generate(uint8_t * p_buf)
    {
        uint8_t i         = COUNTER_BYTE_LEN;
        uint8_t remaining = NONCE_RAND_BYTE_LEN;
    
        // The random number pool may not contain enough bytes at the moment so
        // a busy wait may be necessary.
        while(0 != remaining)
        {
            uint32_t err_code;
            uint8_t  available = 0;
    
            err_code = sd_rand_application_bytes_available_get(&available);
            APP_ERROR_CHECK(err_code);
    
            available = ((available > remaining) ? remaining : available);
            if (0 != available)
            {
    	        err_code = sd_rand_application_vector_get((p_buf + i), available);
    	        APP_ERROR_CHECK(err_code);
    
    	        i         += available;
    	        remaining -= available;
    	    }
    
    	    if (0 != remaining)
    	    {
    	        nrf_delay_us(RNG_BYTE_WAIT_US * remaining);
    	    }
        }
    }
    
    static bool m_initialized = false;
    
    // NOTE: The ECB data must be located in RAM or a HardFault will be triggered.
    static nrf_ecb_hal_data_t m_ecb_data;
    
    /**
     * @brief Initializes the module with the given nonce and key
     * @details The nonce will be copied to an internal buffer so it does not need to
     *          be retained after the function returns. Additionally, a 32-bit counter
     *          will be initialized to zero and placed into the least-significant 4 bytes
     *          of the internal buffer. The nonce value should be generated in a
     *          reasonable manner (e.g. using this module's nonce_generate function).
     *
     * @param[in]    p_nonce    An array of length 16 containing 12 random bytes
     *                          starting at index 4
     * @param[in]    p_ecb_key  An array of length 16 containing the ECB key
     */
    void ctr_init(const uint8_t * p_nonce, const uint8_t * p_ecb_key)
    {
        m_initialized = true;
    
        // Save the key.
        memcpy(&m_ecb_data.key[0], p_ecb_key, ECB_KEY_LEN);
    
        // Copy the nonce.
        memcpy(&m_ecb_data.cleartext[COUNTER_BYTE_LEN],
    	          &p_nonce[COUNTER_BYTE_LEN],
    	          NONCE_RAND_BYTE_LEN);
    
        // Zero the counter value.
        memset(&m_ecb_data.cleartext[0], 0x00, COUNTER_BYTE_LEN);
    }
    
    static uint32_t crypt(uint8_t * buf)
    {
        uint8_t  i;
        uint32_t err_code;
    
        if (!m_initialized)
        {
    	    return NRF_ERROR_INVALID_STATE;
        }
    
        err_code = sd_ecb_block_encrypt(&m_ecb_data);
        if (NRF_SUCCESS != err_code)
        {
    	    return err_code;
        }
    
        for (i=0; i < ECB_KEY_LEN; i++)
        {
    	    buf[i] ^= m_ecb_data.ciphertext[i];
        }
    
        // Increment the counter.
        (*((uint32_t*) m_ecb_data.cleartext))++;
    
        return NRF_SUCCESS;
    }
    
    /**
     * @brief Encrypts the given buffer in-situ
     * @details The encryption step is done separately (using the nonce, counter, and
     *          key) and then the result from the encryption is XOR'd with the given
     *          buffer in-situ. The counter will be incremented only if no error occurs.
     *
     * @param[in]    p_clear_text    An array of length 16 containing the clear text
     *
     * @retval    NRF_SUCCESS                         Success
     * @retval    NRF_ERROR_INVALID_STATE             Module has not been initialized
     * @retval    NRF_ERROR_SOFTDEVICE_NOT_ENABLED    SoftDevice is present, but not enabled
     */
    uint32_t ctr_encrypt(uint8_t * p_clear_text)
    {
        return crypt(p_clear_text);
    }
    
    /**
     * @brief Decrypts the given buffer in-situ
     * @details The encryption step is done separately (using the nonce, counter, and
     *          key) and then the result from the encryption is XOR'd with the given
     *          buffer in-situ. The counter will be incremented only if no error occurs.
     *
     * @param[in]    p_cipher_text    An array of length 16 containing the cipher text
     *
     * @retval    NRF_SUCCESS                         Succeess
     * @retval    NRF_ERROR_INVALID_STATE             Module has not been initialized
     * @retval    NRF_ERROR_SOFTDEVICE_NOT_ENABLED    SoftDevice is present, but not enabled
     */
    uint32_t ctr_decrypt(uint8_t * p_cipher_text)
    {
        return crypt(p_cipher_text);
    }
    
    
    ///**@brief Function for initializing the Advertising functionality.
    // *
    // * @details Encodes the required advertising data and passes it to the stack.
    // *          Also builds a structure to be passed to the stack when starting advertising.
    // */
    //static void advertising_init(void)
    //{
    //    ret_code_t             err_code;
    //    ble_advertising_init_t init;
    //
    //    memset(&init, 0, sizeof(init));
    //
    //    init.advdata.name_type               = BLE_ADVDATA_FULL_NAME;
    //    init.advdata.include_appearance      = true;
    //    init.advdata.flags                   = BLE_GAP_ADV_FLAGS_LE_ONLY_LIMITED_DISC_MODE;
    //    init.advdata.uuids_complete.uuid_cnt = sizeof(m_adv_uuids) / sizeof(m_adv_uuids[0]);
    //    init.advdata.uuids_complete.p_uuids  = m_adv_uuids;
    //
    //    init.config.ble_adv_fast_enabled  = true;
    //    init.config.ble_adv_fast_interval = APP_ADV_INTERVAL;
    //    init.config.ble_adv_fast_timeout  = APP_ADV_DURATION;
    //
    //    init.evt_handler = on_adv_evt;
    //
    //    err_code = ble_advertising_init(&m_advertising, &init);
    //    APP_ERROR_CHECK(err_code);
    //
    //    ble_advertising_conn_cfg_tag_set(&m_advertising, APP_BLE_CONN_CFG_TAG);
    //}
    
    
    
    static void nrf_qwr_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void qwr_init(void)
    {
        ret_code_t         err_code;
        nrf_ble_qwr_init_t qwr_init_obj = {0};
    
     
        qwr_init_obj.error_handler = nrf_qwr_error_handler;
    
        err_code = nrf_ble_qwr_init(&m_qwr, &qwr_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void tps_init(void)
    {
        ret_code_t     err_code;
        ble_tps_init_t tps_init_obj;
    
        memset(&tps_init_obj, 0, sizeof(tps_init_obj));
        tps_init_obj.initial_tx_power_level = TX_POWER_LEVEL;
    
        tps_init_obj.tpl_rd_sec = SEC_JUST_WORKS;
    
        err_code = ble_tps_init(&m_tps, &tps_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void ias_init(void)
    {
        ret_code_t     err_code;
        ble_ias_init_t ias_init_obj;
    
        memset(&ias_init_obj, 0, sizeof(ias_init_obj));
        ias_init_obj.evt_handler  = on_ias_evt;
    
        ias_init_obj.alert_wr_sec = SEC_JUST_WORKS;
    
        err_code = ble_ias_init(&m_ias, &ias_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void lls_init(void)
    {
        ret_code_t     err_code;
        ble_lls_init_t lls_init_obj;
    
        // Initialize Link Loss Service
        memset(&lls_init_obj, 0, sizeof(lls_init_obj));
    
        lls_init_obj.evt_handler         = on_lls_evt;
        lls_init_obj.error_handler       = service_error_handler;
        lls_init_obj.initial_alert_level = INITIAL_LLS_ALERT_LEVEL;
    
        lls_init_obj.alert_level_rd_sec = SEC_JUST_WORKS;
        lls_init_obj.alert_level_wr_sec = SEC_JUST_WORKS;
    
        err_code = ble_lls_init(&m_lls, &lls_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void bas_init(void)
    {
        ret_code_t     err_code;
        ble_bas_init_t bas_init_obj;
    
        memset(&bas_init_obj, 0, sizeof(bas_init_obj));
    
        bas_init_obj.evt_handler          = on_bas_evt;
        bas_init_obj.support_notification = true;
        bas_init_obj.p_report_ref         = NULL;
        bas_init_obj.initial_batt_level   = 100;
    
        bas_init_obj.bl_rd_sec        = SEC_OPEN;
        bas_init_obj.bl_cccd_wr_sec   = SEC_OPEN;
        bas_init_obj.bl_report_rd_sec = SEC_OPEN;
    
        err_code = ble_bas_init(&m_bas, &bas_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void ias_client_init(void)
    {
        ret_code_t       err_code;
        ble_ias_c_init_t ias_c_init_obj;
    
        memset(&ias_c_init_obj, 0, sizeof(ias_c_init_obj));
    
        m_is_high_alert_signalled = false;
    
        ias_c_init_obj.evt_handler   = on_ias_c_evt;
        ias_c_init_obj.error_handler = service_error_handler;
    
        err_code = ble_ias_c_init(&m_ias_c, &ias_c_init_obj);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void services_init(void)
    {
        qwr_init();
        tps_init();
        ias_init();
        lls_init();
        bas_init();
        ias_client_init();
    }
    
    
    
    static void db_discovery_init(void)
    {
        ret_code_t err_code = ble_db_discovery_init(db_disc_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    static void conn_params_error_handler(uint32_t nrf_error)
    {
        APP_ERROR_HANDLER(nrf_error);
    }
    
    
    
    static void conn_params_init(void)
    {
        ret_code_t             err_code;
        ble_conn_params_init_t cp_init;
    
        memset(&cp_init, 0, sizeof(cp_init));
    
        cp_init.p_conn_params                  = NULL;
        cp_init.first_conn_params_update_delay = FIRST_CONN_PARAMS_UPDATE_DELAY;
        cp_init.next_conn_params_update_delay  = NEXT_CONN_PARAMS_UPDATE_DELAY;
        cp_init.max_conn_params_update_count   = MAX_CONN_PARAMS_UPDATE_COUNT;
        cp_init.start_on_notify_cccd_handle    = BLE_GATT_HANDLE_INVALID;
        cp_init.disconnect_on_fail             = true;
        cp_init.evt_handler                    = NULL;
        cp_init.error_handler                  = conn_params_error_handler;
    
        err_code = ble_conn_params_init(&cp_init);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void alert_signal(uint8_t alert_level)
    {
        ret_code_t err_code;
    
        switch (alert_level)
        {
            case BLE_CHAR_ALERT_LEVEL_NO_ALERT:
                NRF_LOG_INFO("No Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_OFF);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_NO_ALERT
    
            case BLE_CHAR_ALERT_LEVEL_MILD_ALERT:
                NRF_LOG_INFO("Mild Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_0);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_MILD_ALERT
    
            case BLE_CHAR_ALERT_LEVEL_HIGH_ALERT:
                NRF_LOG_INFO("HIGH Alert.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_3);
                APP_ERROR_CHECK(err_code);
                break; // BLE_CHAR_ALERT_LEVEL_HIGH_ALERT
    
            default:
    
                break;
        }
    }
    
    
    
    static void on_ias_evt(ble_ias_t * p_ias, ble_ias_evt_t * p_evt)
    {
        switch (p_evt->evt_type)
        {
            case BLE_IAS_EVT_ALERT_LEVEL_UPDATED:
                if (p_evt->p_link_ctx != NULL)
                {
                    alert_signal(p_evt->p_link_ctx->alert_level);
                }
                break; // BLE_IAS_EVT_ALERT_LEVEL_UPDATED
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void on_lls_evt(ble_lls_t * p_lls, ble_lls_evt_t * p_evt)
    {
        switch (p_evt->evt_type)
        {
            case BLE_LLS_EVT_LINK_LOSS_ALERT:
                alert_signal(p_evt->params.alert_level);
                break; // BLE_LLS_EVT_LINK_LOSS_ALERT
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    
    static void on_ias_c_evt(ble_ias_c_t * p_ias_c, ble_ias_c_evt_t * p_evt)
    {
        ret_code_t err_code;
    
        switch (p_evt->evt_type)
        {
            case BLE_IAS_C_EVT_DISCOVERY_COMPLETE:
                // IAS is found on peer. The Find Me Locator functionality of this app will work.
                err_code = ble_ias_c_handles_assign(&m_ias_c,
                                                    p_evt->conn_handle,
                                                    p_evt->alert_level.handle_value);
                APP_ERROR_CHECK(err_code);
    
                m_is_ias_present = true;
                break; // BLE_IAS_C_EVT_DISCOVERY_COMPLETE
    
            case BLE_IAS_C_EVT_DISCOVERY_FAILED:
                // IAS is not found on peer. The Find Me Locator functionality of this app will NOT work.
                break; // BLE_IAS_C_EVT_DISCOVERY_FAILED
    
            case BLE_IAS_C_EVT_DISCONN_COMPLETE:
                // Disable alert buttons
                m_is_ias_present = false;
                break; // BLE_IAS_C_EVT_DISCONN_COMPLETE
    
            default:
                break;
        }
    }
    
    
    
    static void on_bas_evt(ble_bas_t * p_bas, ble_bas_evt_t * p_evt)
    {
        ret_code_t err_code;
    
        switch (p_evt->evt_type)
        {
            case BLE_BAS_EVT_NOTIFICATION_ENABLED:
                // Start battery timer
                err_code = app_timer_start(m_battery_timer_id, BATTERY_LEVEL_MEAS_INTERVAL, NULL);
                APP_ERROR_CHECK(err_code);
                break; // BLE_BAS_EVT_NOTIFICATION_ENABLED
    
            case BLE_BAS_EVT_NOTIFICATION_DISABLED:
                err_code = app_timer_stop(m_battery_timer_id);
                APP_ERROR_CHECK(err_code);
                break; // BLE_BAS_EVT_NOTIFICATION_DISABLED
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void ble_evt_handler(ble_evt_t const * p_ble_evt, void * p_context)
    {
        ret_code_t err_code = NRF_SUCCESS;
    
        switch (p_ble_evt->header.evt_id)
        {
            case BLE_GAP_EVT_DISCONNECTED:
                NRF_LOG_INFO("Disconnected.");
                // LED indication will be changed when advertising starts.
                break;
    
            case BLE_GAP_EVT_CONNECTED:
            {
                NRF_LOG_INFO("Connected.");
                err_code = bsp_indication_set(BSP_INDICATE_CONNECTED);
                APP_ERROR_CHECK(err_code);
    
                // Assign connection handle to the Queued Write module.
                err_code = nrf_ble_qwr_conn_handle_assign(&m_qwr, p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
    
                // Discover peer's services.
                err_code = ble_db_discovery_start(&m_ble_db_discovery,
                                                  p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GAP_EVT_PHY_UPDATE_REQUEST:
            {
                NRF_LOG_DEBUG("PHY update request.");
                ble_gap_phys_t const phys =
                {
                    .rx_phys = BLE_GAP_PHY_AUTO,
                    .tx_phys = BLE_GAP_PHY_AUTO,
                };
                err_code = sd_ble_gap_phy_update(p_ble_evt->evt.gap_evt.conn_handle, &phys);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GATTC_EVT_TIMEOUT:
                // Disconnect on GATT Client timeout event.
                NRF_LOG_DEBUG("GATT Client Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gattc_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GATTS_EVT_TIMEOUT:
                // Disconnect on GATT Server timeout event.
                NRF_LOG_DEBUG("GATT Server Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gatts_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                // No implementation needed.
                break;
        }
    }
    
    
    
    static void ble_stack_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_sdh_enable_request();
        APP_ERROR_CHECK(err_code);
    
        // Configure the BLE stack using the default settings.
        // Fetch the start address of the application RAM.
        uint32_t ram_start = 0;
        err_code = nrf_sdh_ble_default_cfg_set(APP_BLE_CONN_CFG_TAG, &ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Enable BLE stack.
        err_code = nrf_sdh_ble_enable(&ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Register a handler for BLE events.
        NRF_SDH_BLE_OBSERVER(m_ble_observer, APP_BLE_OBSERVER_PRIO, ble_evt_handler, NULL);
    }
    
    
    static void peer_manager_init(void)
    {
        ble_gap_sec_params_t sec_param;
        ret_code_t           err_code;
    
        err_code = pm_init();
        APP_ERROR_CHECK(err_code);
    
        memset(&sec_param, 0, sizeof(ble_gap_sec_params_t));
    
        // Security parameters to be used for all security procedures.
        sec_param.bond           = SEC_PARAM_BOND;
        sec_param.mitm           = SEC_PARAM_MITM;
        sec_param.lesc           = SEC_PARAM_LESC;
        sec_param.keypress       = SEC_PARAM_KEYPRESS;
        sec_param.io_caps        = SEC_PARAM_IO_CAPABILITIES;
        sec_param.oob            = SEC_PARAM_OOB;
        sec_param.min_key_size   = SEC_PARAM_MIN_KEY_SIZE;
        sec_param.max_key_size   = SEC_PARAM_MAX_KEY_SIZE;
        sec_param.kdist_own.enc  = 1;
        sec_param.kdist_own.id   = 1;
        sec_param.kdist_peer.enc = 1;
        sec_param.kdist_peer.id  = 1;
    
        err_code = pm_sec_params_set(&sec_param);
        APP_ERROR_CHECK(err_code);
    
        err_code = pm_register(pm_evt_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void bsp_event_handler(bsp_event_t event)
    {
        ret_code_t err_code;
    
        switch (event)
        {
            case BSP_EVENT_SLEEP:
                sleep_mode_enter();
                break;
    
            case BSP_EVENT_DISCONNECT:
                err_code = sd_ble_gap_disconnect(m_ias_c.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                if (err_code != NRF_ERROR_INVALID_STATE)
                {
                    APP_ERROR_CHECK(err_code);
                }
                break;
    
            case BSP_EVENT_KEY_0:
            {
                if (m_is_ias_present)
                {
                    if (!m_is_high_alert_signalled)
                    {
                        err_code =
                            ble_ias_c_send_alert_level(&m_ias_c, BLE_CHAR_ALERT_LEVEL_HIGH_ALERT);
                    }
                    else
                    {
                        err_code = ble_ias_c_send_alert_level(&m_ias_c, BLE_CHAR_ALERT_LEVEL_NO_ALERT);
                    }
    
                    if (err_code == NRF_SUCCESS)
                    {
                        m_is_high_alert_signalled = !m_is_high_alert_signalled;
                    }
                    else if (
                        (err_code != NRF_ERROR_RESOURCES)
                        &&
                        (err_code != BLE_ERROR_GATTS_SYS_ATTR_MISSING)
                        &&
                        (err_code != NRF_ERROR_NOT_FOUND)
                            )
                    {
                        APP_ERROR_HANDLER(err_code);
                    }
                }
            } break;
    
            case BSP_EVENT_KEY_1:
                NRF_LOG_INFO("Alert Off.");
                err_code = bsp_indication_set(BSP_INDICATE_ALERT_OFF);
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                break;
        }
    }
    
    
    
    static void buttons_leds_init(bool * p_erase_bonds)
    {
        ret_code_t err_code;
        bsp_event_t startup_event;
    
        err_code = bsp_init(BSP_INIT_LEDS | BSP_INIT_BUTTONS, bsp_event_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = bsp_btn_ble_init(NULL, &startup_event);
        APP_ERROR_CHECK(err_code);
    
        *p_erase_bonds = (startup_event == BSP_EVENT_CLEAR_BONDING_DATA);
    }
    
    
    
    static void log_init(void)
    {
        ret_code_t err_code = NRF_LOG_INIT(NULL);
        APP_ERROR_CHECK(err_code);
    
        NRF_LOG_DEFAULT_BACKENDS_INIT();
    }
    
    
    
    static void power_management_init(void)
    {
        ret_code_t err_code;
        err_code = nrf_pwr_mgmt_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    
    static void idle_state_handle(void)
    {
        if (NRF_LOG_PROCESS() == false)
        {
            nrf_pwr_mgmt_run();
        }
    }
    
    
    
    ///**@brief Function for starting advertising.
    // */
    //static void advertising_start(bool erase_bonds)
    //{
    //    if (erase_bonds == true){
    //        delete_bonds();
    //        // Advertising is started by PM_EVT_PEERS_DELETE_SUCEEDED event.
    //    }
    //    else
    //    {
    //        uint32_t err_code = ble_advertising_start(&m_advertising, BLE_ADV_MODE_FAST);
    //
    //        APP_ERROR_CHECK(err_code);
    //    }
    //}
    
    
    
    static void tx_power_set(void)
    {
        ret_code_t err_code = sd_ble_gap_tx_power_set(BLE_GAP_TX_POWER_ROLE_ADV, m_advertising.adv_handle, TX_POWER_LEVEL);
        APP_ERROR_CHECK(err_code);
    }
    
    
    int main(void)
    {
        bool erase_bonds;
    
        // Initialize.
        log_init();
        timers_init();
        buttons_leds_init(&erase_bonds);
        power_management_init();
        ble_stack_init();
        adc_configure();
        gap_params_init();
        gatt_init();
        advertising_init();
        db_discovery_init();
        services_init();
        conn_params_init();
        peer_manager_init();
    
        // Start execution.
        NRF_LOG_INFO("Proximity example started.");
            NRF_LOG_INFO("Unencrypted plaintext:");
        uint8_t plaintext[] = "DATATOENCRYPT";
        uint8_t nounce[16] = {0};
    
        NRF_LOG_HEXDUMP_INFO(plaintext, sizeof(plaintext));
        
        nonce_generate(nounce);
    
        ctr_init(nounce,m_ecb_key);
    
        ctr_encrypt(plaintext);
        
        NRF_LOG_INFO("Encrypted plaintext:");
        NRF_LOG_HEXDUMP_INFO(plaintext, sizeof(plaintext));
    
        /* Reset the counter so that the message can be decrypted on this device.
        /  When ciphertext is sent to another device, then the counter will be incremented from zero and upwards after decrypting. 
        */
        
        m_ecb_data.cleartext[0] = 0x00;
        m_ecb_data.cleartext[1] = 0x00;
        m_ecb_data.cleartext[2] = 0x00;
        m_ecb_data.cleartext[3] = 0x00;
    
        // Decrypt the ciphertext with the same counter value, i.e. 0x00,0x00,0x00,0x00, that was used for encrypting. 
        ctr_decrypt(plaintext);
        
        
        NRF_LOG_INFO("Decrypted plaintext:");
        NRF_LOG_HEXDUMP_INFO(plaintext, sizeof(plaintext));
        advertising_start(erase_bonds);
        tx_power_set();
    
        // Enter main loop.
        for (;;)
        {
            idle_state_handle();
        }
    }

    i am getting like this as output

    please say how to encrypt that advertising data

  • You need to replace the plaintext array with the data that you want to encrypt.... 

    If you want to encrypt the data that is placed in the advertisement packet then you need to call the following code in the ble_app_beacon example main.c

     nonce_generate(nounce);
    ctr_init(nounce,m_ecb_key);
    ctr_encrypt(m_beacon_info);
    ctr_encrypt(&m_beacon_info[16]);

    before you call  advertising_init();

    See the attached main.c file.

     

    #include <stdio.h>
    #include <stdint.h>
    #include <stdbool.h>
    #include "nordic_common.h"
    #include "app_error.h"
    #include "app_uart.h"
    #include "ble_db_discovery.h"
    #include "app_timer.h"
    #include "app_util.h"
    #include "bsp_btn_ble.h"
    #include "ble.h"
    #include "ble_gap.h"
    #include "ble_hci.h"
    #include "nrf_sdh.h"
    #include "nrf_sdh_ble.h"
    #include "nrf_sdh_soc.h"
    #include "ble_nus_c.h"
    #include "nrf_ble_gatt.h"
    #include "nrf_pwr_mgmt.h"
    #include "nrf_ble_scan.h"
    
    #include "nrf_log.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_log_default_backends.h"
    
    #include "nrf_delay.h"
    #include "ble_srv_common.h"
    
    #include "ble_advdata.h"
    
    #define APP_BLE_CONN_CFG_TAG    1                                       /**< Tag that refers to the BLE stack configuration set with @ref sd_ble_cfg_set. The default tag is @ref BLE_CONN_CFG_TAG_DEFAULT. */
    #define APP_BLE_OBSERVER_PRIO   3                                       /**< BLE observer priority of the application. There is no need to modify this value. */
    
    #define UART_TX_BUF_SIZE        256                                     /**< UART TX buffer size. */
    #define UART_RX_BUF_SIZE        256                                     /**< UART RX buffer size. */
    
    #define NUS_SERVICE_UUID_TYPE   BLE_UUID_TYPE_VENDOR_BEGIN              /**< UUID type for the Nordic UART Service (vendor specific). */
    
    #define ECHOBACK_BLE_UART_DATA  1                                       /**< Echo the UART data that is received over the Nordic UART Service (NUS) back to the sender. */
    #define ECB_KEY_LEN            (16UL)
    #define COUNTER_BYTE_LEN       (4UL)
    #define NONCE_RAND_BYTE_LEN    (12UL)
    
    
    
    // The RNG wait values are typical and not guaranteed. See Product Specifications for more info.
    #ifdef NRF51
    #define RNG_BYTE_WAIT_US       (677UL)
    #elif defined NRF52
    #define RNG_BYTE_WAIT_US       (124UL)
    #else
    #error "Either NRF51 or NRF52 must be defined."
    #endif     
    
    BLE_NUS_C_DEF(m_ble_nus_c);                                             /**< BLE Nordic UART Service (NUS) client instance. */
    NRF_BLE_GATT_DEF(m_gatt);                                               /**< GATT module instance. */
    BLE_DB_DISCOVERY_DEF(m_db_disc);                                        /**< Database discovery module instance. */
    NRF_BLE_SCAN_DEF(m_scan);                                               /**< Scanning Module instance. */
    
    static uint16_t m_ble_nus_max_data_len = BLE_GATT_ATT_MTU_DEFAULT - OPCODE_LENGTH - HANDLE_LENGTH; /**< Maximum length of data (in bytes) that can be transmitted to the peer by the Nordic UART service module. */
    
    static bool m_initialized = false;
    static nrf_ecb_hal_data_t m_ecb_data;
    static uint8_t m_ecb_key[16] = {0x6E,0x88,0x90,0x8D,0x75,0xBB,0x95,0xEA,0x2C,0x65,0x93,0x01,0x43,0xF8,0x1B,0x5F};
    static uint8_t nounce[16];
    static uint8_t m_beacon_info[0x17];
    
    /**@brief NUS UUID. */
    static ble_uuid_t const m_nus_uuid =
    {
        .uuid = BLE_UUID_IMMEDIATE_ALERT_SERVICE,
        .type = BLE_UUID_TYPE_BLE
    };
    
    
    void assert_nrf_callback(uint16_t line_num, const uint8_t * p_file_name)
    {
        app_error_handler(0xDEADBEEF, line_num, p_file_name);
    }
    
    
    void ctr_init(const uint8_t * p_nonce, const uint8_t * p_ecb_key)
    {
        m_initialized = true;
    
        // Save the key.
        memcpy(&m_ecb_data.key[0], p_ecb_key, ECB_KEY_LEN);
    
        // Copy the nonce.
        memcpy(&m_ecb_data.ciphertext[COUNTER_BYTE_LEN],
    	          &p_nonce[COUNTER_BYTE_LEN],
    	          NONCE_RAND_BYTE_LEN);
    
        // Zero the counter value.
        memset(&m_ecb_data.cleartext[0], 0x00, COUNTER_BYTE_LEN);
    }
    
    static uint32_t crypt(uint8_t * buf)
    {
        uint8_t  i;
        uint32_t err_code;
    
        if (!m_initialized)
        {
    	    return NRF_ERROR_INVALID_STATE;
        }
    
        err_code = sd_ecb_block_encrypt(&m_ecb_data);
        if (NRF_SUCCESS != err_code)
        {
    	    return err_code;
        }
    
        for (i=0; i < ECB_KEY_LEN; i++)
        {
    	    buf[i] ^= m_ecb_data.ciphertext[i];
        }
    
        // Increment the counter.
        (*((uint32_t*) m_ecb_data.cleartext))++;
    
        return NRF_SUCCESS;
    }
    
    
    uint32_t ctr_encrypt(uint8_t * p_clear_text)
    {
        return crypt(p_clear_text);
    }
    
    
    uint32_t ctr_decrypt(uint8_t * p_cipher_text)
    {
        return crypt(p_cipher_text);
    }
    
    
    /**@brief Function for starting scanning. */
    static void scan_start(void)
    {
        ret_code_t ret;
    
        ret = nrf_ble_scan_start(&m_scan);
        APP_ERROR_CHECK(ret);
    
        ret = bsp_indication_set(BSP_INDICATE_SCANNING);
        APP_ERROR_CHECK(ret);
    }
    
    
    /**@brief Function for handling Scanning Module events.
     */
    static void scan_evt_handler(scan_evt_t const * p_scan_evt)
    {
        ret_code_t err_code;
    
        switch(p_scan_evt->scan_evt_id)
        {
             case NRF_BLE_SCAN_EVT_CONNECTING_ERROR:
             {
                  err_code = p_scan_evt->params.connecting_err.err_code;
                  APP_ERROR_CHECK(err_code);
             } break;
    
             case NRF_BLE_SCAN_EVT_CONNECTED:
             {
                  ble_gap_evt_connected_t const * p_connected =
                                   p_scan_evt->params.connected.p_connected;
                 // Scan is automatically stopped by the connection.
                 NRF_LOG_INFO("Connecting to target %02x%02x%02x%02x%02x%02x",
                          p_connected->peer_addr.addr[0],
                          p_connected->peer_addr.addr[1],
                          p_connected->peer_addr.addr[2],
                          p_connected->peer_addr.addr[3],
                          p_connected->peer_addr.addr[4],
                          p_connected->peer_addr.addr[5]
                          );
             } break;
    
             case NRF_BLE_SCAN_EVT_SCAN_TIMEOUT:
             {
                 NRF_LOG_INFO("Scan timed out.");
                 scan_start();
             } break;
    
             case NRF_BLE_SCAN_EVT_SCAN_REQ_REPORT:
             {
                NRF_LOG_INFO("Scan Request Report received!");
                break;
             }
             case NRF_BLE_SCAN_EVT_FILTER_MATCH:
             {
                NRF_LOG_INFO("Received Advertisment Report that matches the scan filter(s)!");
                break;
             }
             default:
                 break;
        }
    }
    
    
    /**@brief Function for initializing the scanning and setting the filters.
     */
    static void scan_init(void)
    {
        ret_code_t          err_code;
        nrf_ble_scan_init_t init_scan;
        ble_gap_scan_params_t scan_params;
        
        memset(&scan_params,0,sizeof(scan_params));
        scan_params.active        = 1;
        scan_params.interval      = NRF_BLE_SCAN_SCAN_INTERVAL;
        scan_params.window        = NRF_BLE_SCAN_SCAN_WINDOW;
        scan_params.timeout       = 0;
        scan_params.filter_policy = BLE_GAP_SCAN_FP_ACCEPT_ALL;
        scan_params.scan_phys     = BLE_GAP_PHY_1MBPS;
        //scan_params.report_incomplete_evts = true;
    
        memset(&init_scan, 0, sizeof(init_scan));
    
        init_scan.connect_if_match = false;
        init_scan.conn_cfg_tag     = APP_BLE_CONN_CFG_TAG;
        init_scan.p_scan_param = &scan_params;
    
        err_code = nrf_ble_scan_init(&m_scan, &init_scan, scan_evt_handler);
        APP_ERROR_CHECK(err_code);
    /*
        err_code = nrf_ble_scan_filter_set(&m_scan, SCAN_UUID_FILTER, &m_nus_uuid);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_ble_scan_filters_enable(&m_scan, NRF_BLE_SCAN_UUID_FILTER, false);
        APP_ERROR_CHECK(err_code);
    */
    }
    
    
    
    static void db_disc_handler(ble_db_discovery_evt_t * p_evt)
    {
        ble_nus_c_on_db_disc_evt(&m_ble_nus_c, p_evt);
    }
    
    
    
    static void ble_nus_chars_received_uart_print(uint8_t * p_data, uint16_t data_len)
    {
        ret_code_t ret_val;
    
        NRF_LOG_DEBUG("Receiving data.");
        NRF_LOG_HEXDUMP_DEBUG(p_data, data_len);
    
        for (uint32_t i = 0; i < data_len; i++)
        {
            do
            {
                ret_val = app_uart_put(p_data[i]);
                if ((ret_val != NRF_SUCCESS) && (ret_val != NRF_ERROR_BUSY))
                {
                    NRF_LOG_ERROR("app_uart_put failed for index 0x%04x.", i);
                    APP_ERROR_CHECK(ret_val);
                }
            } while (ret_val == NRF_ERROR_BUSY);
        }
        if (p_data[data_len-1] == '\r')
        {
            while (app_uart_put('\n') == NRF_ERROR_BUSY);
        }
        if (ECHOBACK_BLE_UART_DATA)
        {
            // Send data back to the peripheral.
            do
            {
                ret_val = ble_nus_c_string_send(&m_ble_nus_c, p_data, data_len);
                if ((ret_val != NRF_SUCCESS) && (ret_val != NRF_ERROR_BUSY))
                {
                    NRF_LOG_ERROR("Failed sending NUS message. Error 0x%x. ", ret_val);
                    APP_ERROR_CHECK(ret_val);
                }
            } while (ret_val == NRF_ERROR_BUSY);
        }
    }
    
    
    
    void uart_event_handle(app_uart_evt_t * p_event)
    {
        static uint8_t data_array[BLE_NUS_MAX_DATA_LEN];
        static uint16_t index = 0;
        uint32_t ret_val;
    
        switch (p_event->evt_type)
        {
            /**@snippet [Handling data from UART] */
            case APP_UART_DATA_READY:
                UNUSED_VARIABLE(app_uart_get(&data_array[index]));
                index++;
    
                if ((data_array[index - 1] == '\n') || (index >= (m_ble_nus_max_data_len)))
                {
                    NRF_LOG_DEBUG("Ready to send data over BLE NUS");
                    NRF_LOG_HEXDUMP_DEBUG(data_array, index);
    
                    do
                    {
                        ret_val = ble_nus_c_string_send(&m_ble_nus_c, data_array, index);
                        if ( (ret_val != NRF_ERROR_INVALID_STATE) && (ret_val != NRF_ERROR_RESOURCES) )
                        {
                            APP_ERROR_CHECK(ret_val);
                        }
                    } while (ret_val == NRF_ERROR_RESOURCES);
    
                    index = 0;
                }
                break;
    
            /**@snippet [Handling data from UART] */
            case APP_UART_COMMUNICATION_ERROR:
                NRF_LOG_ERROR("Communication error occurred while handling UART.");
                APP_ERROR_HANDLER(p_event->data.error_communication);
                break;
    
            case APP_UART_FIFO_ERROR:
                NRF_LOG_ERROR("Error occurred in FIFO module used by UART.");
                APP_ERROR_HANDLER(p_event->data.error_code);
                break;
    
            default:
                break;
        }
    }
    
    
    
    
    /**@snippet [Handling events from the ble_nus_c module] */
    static void ble_nus_c_evt_handler(ble_nus_c_t * p_ble_nus_c, ble_nus_c_evt_t const * p_ble_nus_evt)
    {
        ret_code_t err_code;
    
        switch (p_ble_nus_evt->evt_type)
        {
            case BLE_NUS_C_EVT_DISCOVERY_COMPLETE:
                NRF_LOG_INFO("Discovery complete.");
                err_code = ble_nus_c_handles_assign(p_ble_nus_c, p_ble_nus_evt->conn_handle, &p_ble_nus_evt->handles);
                APP_ERROR_CHECK(err_code);
    
                err_code = ble_nus_c_tx_notif_enable(p_ble_nus_c);
                APP_ERROR_CHECK(err_code);
                NRF_LOG_INFO("Connected to device with Nordic UART Service.");
                break;
    
            case BLE_NUS_C_EVT_NUS_TX_EVT:
                ble_nus_chars_received_uart_print(p_ble_nus_evt->p_data, p_ble_nus_evt->data_len);
                break;
    
            case BLE_NUS_C_EVT_DISCONNECTED:
                NRF_LOG_INFO("Disconnected.");
                scan_start();
                break;
        }
    }
    /**@snippet [Handling events from the ble_nus_c module] */
    
    
    /**
     * @brief Function for handling shutdown events.
     *
     * @param[in]   event       Shutdown type.
     */
    static bool shutdown_handler(nrf_pwr_mgmt_evt_t event)
    {
        ret_code_t err_code;
    
        err_code = bsp_indication_set(BSP_INDICATE_IDLE);
        APP_ERROR_CHECK(err_code);
    
        switch (event)
        {
            case NRF_PWR_MGMT_EVT_PREPARE_WAKEUP:
                // Prepare wakeup buttons.
                err_code = bsp_btn_ble_sleep_mode_prepare();
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                break;
        }
    
        return true;
    }
    
    NRF_PWR_MGMT_HANDLER_REGISTER(shutdown_handler, APP_SHUTDOWN_HANDLER_PRIORITY);
    
    
    /**@brief Function for handling BLE events.
     *
     * @param[in]   p_ble_evt   Bluetooth stack event.
     * @param[in]   p_context   Unused.
     */
    static void ble_evt_handler(ble_evt_t const * p_ble_evt, void * p_context)
    {
        ret_code_t            err_code;
        ble_gap_evt_t const * p_gap_evt = &p_ble_evt->evt.gap_evt;
        uint8_t uuid[26];
    
        switch (p_ble_evt->header.evt_id)
        {
            case BLE_GAP_EVT_CONNECTED:
                err_code = ble_nus_c_handles_assign(&m_ble_nus_c, p_ble_evt->evt.gap_evt.conn_handle, NULL);
                APP_ERROR_CHECK(err_code);
    
                err_code = bsp_indication_set(BSP_INDICATE_CONNECTED);
                APP_ERROR_CHECK(err_code);
    
                // start discovery of services. The NUS Client waits for a discovery result
                err_code = ble_db_discovery_start(&m_db_disc, p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_DISCONNECTED:
    
                NRF_LOG_INFO("Disconnected. conn_handle: 0x%x, reason: 0x%x",
                             p_gap_evt->conn_handle,
                             p_gap_evt->params.disconnected.reason);
                break;
    
            case BLE_GAP_EVT_TIMEOUT:
                if (p_gap_evt->params.timeout.src == BLE_GAP_TIMEOUT_SRC_CONN)
                {
                    NRF_LOG_INFO("Connection Request timed out.");
                }
                break;
    
            case BLE_GAP_EVT_SEC_PARAMS_REQUEST:
                // Pairing not supported.
                err_code = sd_ble_gap_sec_params_reply(p_ble_evt->evt.gap_evt.conn_handle, BLE_GAP_SEC_STATUS_PAIRING_NOT_SUPP, NULL, NULL);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_CONN_PARAM_UPDATE_REQUEST:
                // Accepting parameters requested by peer.
                err_code = sd_ble_gap_conn_param_update(p_gap_evt->conn_handle,
                                                        &p_gap_evt->params.conn_param_update_request.conn_params);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_PHY_UPDATE_REQUEST:
            {
                NRF_LOG_DEBUG("PHY update request.");
                ble_gap_phys_t const phys =
                {
                    .rx_phys = BLE_GAP_PHY_AUTO,
                    .tx_phys = BLE_GAP_PHY_AUTO,
                };
                err_code = sd_ble_gap_phy_update(p_ble_evt->evt.gap_evt.conn_handle, &phys);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GATTC_EVT_TIMEOUT:
                // Disconnect on GATT Client timeout event.
                NRF_LOG_DEBUG("GATT Client Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gattc_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GATTS_EVT_TIMEOUT:
                // Disconnect on GATT Server timeout event.
                NRF_LOG_DEBUG("GATT Server Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gatts_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
                case BLE_GAP_EVT_ADV_REPORT:
                {
                   //NRF_LOG_INFO("Advertise received");
                   scan_start();
    
                    /*//nrf_gpio_pin_toggle(LED1_PIN);    
                    NRF_LOG_INFO("Scannable: %d",p_gap_evt->params.adv_report.type.scannable);
                    NRF_LOG_INFO("Scan-response: %d",p_gap_evt->params.adv_report.type.scan_response);
                    */
                    ble_gap_addr_t  addr;
                    memcpy(addr.addr, p_gap_evt->params.adv_report.peer_addr.addr, 6);
                   /* NRF_LOG_INFO("Beacon address: %02x:%02x:%02x:%02x:%02x:%02x",
                    p_gap_evt->params.adv_report.peer_addr.addr[5],
                    p_gap_evt->params.adv_report.peer_addr.addr[4],
                    p_gap_evt->params.adv_report.peer_addr.addr[3],
                    p_gap_evt->params.adv_report.peer_addr.addr[2],
                    p_gap_evt->params.adv_report.peer_addr.addr[1],
                    p_gap_evt->params.adv_report.peer_addr.addr[0]);
                    */
                    
                    // Filter on peripheral address. Should iterate over a list of known peripherals.
                    uint8_t beacon_addr[6] ={0xec,0x97,0x40,0x5b,0xaf,0xfa};
                    if(!memcmp(addr.addr,beacon_addr, sizeof(beacon_addr))){
    
                        //NRF_LOG_INFO("Scannable: %d",p_gap_evt->params.adv_report.type.scan_response);
                        uint16_t data_offset = 0;
                        uint16_t maunf_data_len;
    
                        //Check if it is a scan response packet
                        if(p_gap_evt->params.adv_report.type.scan_response)
                        {
                            NRF_LOG_INFO("Scan response report received");
                            
                            // Search for manuf data in the scan response packet
                             maunf_data_len = ble_advdata_search(p_gap_evt->params.adv_report.data.p_data, p_gap_evt->params.adv_report.data.len,&data_offset,BLE_GAP_AD_TYPE_MANUFACTURER_SPECIFIC_DATA);
                             NRF_LOG_HEXDUMP_INFO((p_gap_evt->params.adv_report.data.p_data+data_offset),maunf_data_len);
                              
                              // Extract nounce
                              memcpy(nounce,p_gap_evt->params.adv_report.data.p_data+data_offset,maunf_data_len);
                              // Intialize the crypto module
                              ctr_init(nounce,m_ecb_key);
                        } 
                        else 
                        {
    
                        // Find the manuf data in the advertisment packet
                         maunf_data_len = ble_advdata_search(p_gap_evt->params.adv_report.data.p_data, p_gap_evt->params.adv_report.data.len,&data_offset,BLE_GAP_AD_TYPE_MANUFACTURER_SPECIFIC_DATA);
                         NRF_LOG_HEXDUMP_INFO((p_gap_evt->params.adv_report.data.p_data+data_offset),maunf_data_len);
                         // Copy manuf data to beacon info array
                         memcpy(m_beacon_info,p_gap_evt->params.adv_report.data.p_data+data_offset,maunf_data_len);
    
                        // Decrypt the advertisment manuf data
                        ctr_decrypt(m_beacon_info);
                        ctr_decrypt(&m_beacon_info[16]);
    
                        NRF_LOG_INFO("Decrypted info:");
                        NRF_LOG_HEXDUMP_INFO(m_beacon_info, sizeof(m_beacon_info));
    
                        // Reset counter values for next decrypt
                        m_ecb_data.cleartext[0] = 0x00;
                        m_ecb_data.cleartext[1] = 0x00;
                        m_ecb_data.cleartext[2] = 0x00;
                        m_ecb_data.cleartext[3] = 0x00;
    
                        memmove(uuid, p_gap_evt->params.adv_report.data.p_data, p_gap_evt->params.adv_report.data.len);
    
                        NRF_LOG_INFO("UUID: %02x%02x%02x%02x%02x%02x", uuid[9], uuid[10], uuid[11], uuid[12], uuid[13], uuid[14]);
    
                        NRF_LOG_INFO("TX_POWER: %02x", p_gap_evt->params.adv_report.tx_power);
    
                        NRF_LOG_INFO("RSSI: %02x", p_gap_evt->params.adv_report.rssi);
                        }
    
                        // uint8_t           batt_lvl;
                        // NRF_LOG_INFO("battery level: %02x", p_gap_evt->params.adv_report.batt_lvl);
                    }
    
                } break;
    
                case BLE_GAP_EVT_SCAN_REQ_REPORT:
                  NRF_LOG_INFO("Scan response report received");
                  break;
    
                default:
                break;
        }
    }
    
    
    /**@brief Function for initializing the BLE stack.
     *
     * @details Initializes the SoftDevice and the BLE event interrupt.
     */
    static void ble_stack_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_sdh_enable_request();
        APP_ERROR_CHECK(err_code);
    
        // Configure the BLE stack using the default settings.
        // Fetch the start address of the application RAM.
        uint32_t ram_start = 0;
        err_code = nrf_sdh_ble_default_cfg_set(APP_BLE_CONN_CFG_TAG, &ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Enable BLE stack.
        err_code = nrf_sdh_ble_enable(&ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Register a handler for BLE events.
        NRF_SDH_BLE_OBSERVER(m_ble_observer, APP_BLE_OBSERVER_PRIO, ble_evt_handler, NULL);
    }
    
    
    /**@brief Function for handling events from the GATT library. */
    void gatt_evt_handler(nrf_ble_gatt_t * p_gatt, nrf_ble_gatt_evt_t const * p_evt)
    {
        if (p_evt->evt_id == NRF_BLE_GATT_EVT_ATT_MTU_UPDATED)
        {
            NRF_LOG_INFO("ATT MTU exchange completed.");
    
            m_ble_nus_max_data_len = p_evt->params.att_mtu_effective - OPCODE_LENGTH - HANDLE_LENGTH;
            NRF_LOG_INFO("Ble NUS max data length set to 0x%X(%d)", m_ble_nus_max_data_len, m_ble_nus_max_data_len);
        }
    }
    
    
    /**@brief Function for initializing the GATT library. */
    void gatt_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_ble_gatt_init(&m_gatt, gatt_evt_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_ble_gatt_att_mtu_central_set(&m_gatt, NRF_SDH_BLE_GATT_MAX_MTU_SIZE);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for handling events from the BSP module.
     *
     * @param[in] event  Event generated by button press.
     */
    void bsp_event_handler(bsp_event_t event)
    {
        ret_code_t err_code;
    
        switch (event)
        {
            case BSP_EVENT_SLEEP:
                nrf_pwr_mgmt_shutdown(NRF_PWR_MGMT_SHUTDOWN_GOTO_SYSOFF);
                break;
    
            case BSP_EVENT_DISCONNECT:
                err_code = sd_ble_gap_disconnect(m_ble_nus_c.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                if (err_code != NRF_ERROR_INVALID_STATE)
                {
                    APP_ERROR_CHECK(err_code);
                }
                break;
    
            default:
                break;
        }
    }
    
    /**@brief Function for initializing the UART. */
    static void uart_init(void)
    {
        ret_code_t err_code;
    
        app_uart_comm_params_t const comm_params =
        {
            .rx_pin_no    = RX_PIN_NUMBER,
            .tx_pin_no    = TX_PIN_NUMBER,
            .rts_pin_no   = RTS_PIN_NUMBER,
            .cts_pin_no   = CTS_PIN_NUMBER,
            .flow_control = APP_UART_FLOW_CONTROL_DISABLED,
            .use_parity   = false,
            .baud_rate    = UART_BAUDRATE_BAUDRATE_Baud115200
        };
    
        APP_UART_FIFO_INIT(&comm_params,
                           UART_RX_BUF_SIZE,
                           UART_TX_BUF_SIZE,
                           uart_event_handle,
                           APP_IRQ_PRIORITY_LOWEST,
                           err_code);
    
        APP_ERROR_CHECK(err_code);
    }
    
    /**@brief Function for initializing the Nordic UART Service (NUS) client. */
    static void nus_c_init(void)
    {
        ret_code_t       err_code;
        ble_nus_c_init_t init;
    
        init.evt_handler = ble_nus_c_evt_handler;
    
        err_code = ble_nus_c_init(&m_ble_nus_c, &init);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing buttons and leds. */
    static void buttons_leds_init(void)
    {
        ret_code_t err_code;
        bsp_event_t startup_event;
    
        err_code = bsp_init(BSP_INIT_LEDS, bsp_event_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = bsp_btn_ble_init(NULL, &startup_event);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing the timer. */
    static void timer_init(void)
    {
        ret_code_t err_code = app_timer_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing the nrf log module. */
    static void log_init(void)
    {
        ret_code_t err_code = NRF_LOG_INIT(NULL);
        APP_ERROR_CHECK(err_code);
    
        NRF_LOG_DEFAULT_BACKENDS_INIT();
    }
    
    
    /**@brief Function for initializing power management.
     */
    static void power_management_init(void)
    {
        ret_code_t err_code;
        err_code = nrf_pwr_mgmt_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    /** @brief Function for initializing the database discovery module. */
    static void db_discovery_init(void)
    {
        ret_code_t err_code = ble_db_discovery_init(db_disc_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for handling the idle state (main loop).
     *
     * @details Handles any pending log operations, then sleeps until the next event occurs.
     */
    static void idle_state_handle(void)
    {
        if (NRF_LOG_PROCESS() == false)
        {
            nrf_pwr_mgmt_run();
        }
    }
    
    void nonce_generate(uint8_t * p_buf)
    {
        uint8_t i         = COUNTER_BYTE_LEN;
        uint8_t remaining = NONCE_RAND_BYTE_LEN;
    
    
        while(0 != remaining)
        {
            uint32_t err_code;
            uint8_t  available = 0;
    
            err_code = sd_rand_application_bytes_available_get(&available);
            APP_ERROR_CHECK(err_code);
    
            available = ((available > remaining) ? remaining : available);
            if (0 != available)
            {
    	        err_code = sd_rand_application_vector_get((p_buf + i), available);
    	        APP_ERROR_CHECK(err_code);
    
    	        i         += available;
    	        remaining -= available;
    	    }
    
    	    if (0 != remaining)
    	    {
    	        nrf_delay_us(RNG_BYTE_WAIT_US * remaining);
    	    }
        }
    }
    
    
    
    int main(void)
    {
        uint32_t err_code;  
    
        // Initialize.
        log_init();
        timer_init();
        uart_init();
        buttons_leds_init();
        db_discovery_init();
        power_management_init();
        ble_stack_init();
        gatt_init();
        nus_c_init();
        scan_init();
        printf("BLE UART central example started.\r\n");
        NRF_LOG_INFO("BLE UART central example started.");
        scan_start();
    
    
        ble_gap_addr_t gap_address;
        err_code = sd_ble_gap_addr_get(&gap_address);
        APP_ERROR_CHECK(err_code);
        NRF_LOG_HEXDUMP_INFO(&gap_address.addr,sizeof(gap_address.addr));
    
    
        uint8_t nonce[16] = {0};
        uint8_t m_beacon_info[16];
    
        ctr_init(nonce,m_ecb_key);
        NRF_LOG_INFO("Encrypted info:");
        NRF_LOG_HEXDUMP_INFO(m_beacon_info, sizeof(m_beacon_info));
    
        
        m_ecb_data.cleartext[0] = 0x00;
        m_ecb_data.cleartext[1] = 0x00;
        m_ecb_data.cleartext[2] = 0x00;
        m_ecb_data.cleartext[3] = 0x00;
    
        // Decrypt the ciphertext with the same counter value, i.e. 0x00,0x00,0x00,0x00, that was used for encrypting. 
        ctr_decrypt(m_beacon_info);
        ctr_decrypt(&m_beacon_info[16]);
            
        NRF_LOG_INFO("Decrypted info:");
        NRF_LOG_HEXDUMP_INFO(m_beacon_info, sizeof(m_beacon_info));
        // Start execution.
    
        // Enter main loop.
        for (;;)
        {
            idle_state_handle();
        }
    }

  • hi @bjorn-spockeli,

    now i should only without connecting scan the beacons using another nrf52832 and this nrf52832 should decrypt the data that was encrypted in the beacon 

Reply Children
  • OK, then you should use one of the BLE Central examples as the reference for your scanner device. In order for the scanner device to decrypt the advertising data it will need to have the m_ecb_key and it needs use the same counter values as the advertiser. So If you're only encrypting the beacon data once, then the scanner only need to use counter=0 for the first 16 bytes and then counter =1 for the next 16 bytes. 

    Best regards

    Bjørn

  • hi @bjorn-spockeli,

    i wrote the code for decryption using ble_app_uart_c example on the central side but i am not getting the values that i encrypted on the peripheral side, please check my code and tell if any changes are needed

    /**
     * Copyright (c) 2016 - 2019, Nordic Semiconductor ASA
     *
     * All rights reserved.
     *
     * Redistribution and use in source and binary forms, with or without modification,
     * are permitted provided that the following conditions are met:
     *
     * 1. Redistributions of source code must retain the above copyright notice, this
     *    list of conditions and the following disclaimer.
     *
     * 2. Redistributions in binary form, except as embedded into a Nordic
     *    Semiconductor ASA integrated circuit in a product or a software update for
     *    such product, must reproduce the above copyright notice, this list of
     *    conditions and the following disclaimer in the documentation and/or other
     *    materials provided with the distribution.
     *
     * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
     *    contributors may be used to endorse or promote products derived from this
     *    software without specific prior written permission.
     *
     * 4. This software, with or without modification, must only be used with a
     *    Nordic Semiconductor ASA integrated circuit.
     *
     * 5. Any software provided in binary form under this license must not be reverse
     *    engineered, decompiled, modified and/or disassembled.
     *
     * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
     * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
     * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
     * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
     * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
     * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
     * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
     * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
     * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
     *
     */
    #include <stdio.h>
    #include <stdint.h>
    #include <stdbool.h>
    #include "nordic_common.h"
    #include "app_error.h"
    #include "app_uart.h"
    #include "ble_db_discovery.h"
    #include "app_timer.h"
    #include "app_util.h"
    #include "bsp_btn_ble.h"
    #include "ble.h"
    #include "ble_gap.h"
    #include "ble_hci.h"
    #include "nrf_sdh.h"
    #include "nrf_sdh_ble.h"
    #include "nrf_sdh_soc.h"
    #include "ble_nus_c.h"
    #include "nrf_ble_gatt.h"
    #include "nrf_pwr_mgmt.h"
    #include "nrf_ble_scan.h"
    
    #include "nrf_log.h"
    #include "nrf_log_ctrl.h"
    #include "nrf_log_default_backends.h"
    
    
    #define APP_BLE_CONN_CFG_TAG    1                                       /**< Tag that refers to the BLE stack configuration set with @ref sd_ble_cfg_set. The default tag is @ref BLE_CONN_CFG_TAG_DEFAULT. */
    #define APP_BLE_OBSERVER_PRIO   3                                       /**< BLE observer priority of the application. There is no need to modify this value. */
    
    #define UART_TX_BUF_SIZE        256                                     /**< UART TX buffer size. */
    #define UART_RX_BUF_SIZE        256                                     /**< UART RX buffer size. */
    
    #define NUS_SERVICE_UUID_TYPE   BLE_UUID_TYPE_VENDOR_BEGIN              /**< UUID type for the Nordic UART Service (vendor specific). */
    
    #define ECHOBACK_BLE_UART_DATA  1                                       /**< Echo the UART data that is received over the Nordic UART Service (NUS) back to the sender. */
    #define ECB_KEY_LEN            (16UL)
    #define COUNTER_BYTE_LEN       (4UL)
    #define NONCE_RAND_BYTE_LEN    (12UL)
    
    static uint8_t m_ecb_key[16] = {0x6E,0x88,0x90,0x8D,0x75,0xBB,0x95,0xEA,0x2C,0x65,0x93,0x01,0x43,0xF8,0x1B,0x5F};
    
    // The RNG wait values are typical and not guaranteed. See Product Specifications for more info.
    #ifdef NRF51
    #define RNG_BYTE_WAIT_US       (677UL)
    #elif defined NRF52
    #define RNG_BYTE_WAIT_US       (124UL)
    #else
    #error "Either NRF51 or NRF52 must be defined."
    #endif     
    
    BLE_NUS_C_DEF(m_ble_nus_c);                                             /**< BLE Nordic UART Service (NUS) client instance. */
    NRF_BLE_GATT_DEF(m_gatt);                                               /**< GATT module instance. */
    BLE_DB_DISCOVERY_DEF(m_db_disc);                                        /**< Database discovery module instance. */
    NRF_BLE_SCAN_DEF(m_scan);                                               /**< Scanning Module instance. */
    
    static uint16_t m_ble_nus_max_data_len = BLE_GATT_ATT_MTU_DEFAULT - OPCODE_LENGTH - HANDLE_LENGTH; /**< Maximum length of data (in bytes) that can be transmitted to the peer by the Nordic UART service module. */
    
    /**@brief NUS UUID. */
    static ble_uuid_t const m_nus_uuid =
    {
        .uuid = BLE_UUID_NUS_SERVICE,
        .type = NUS_SERVICE_UUID_TYPE
    };
    
    
    /**@brief Function for handling asserts in the SoftDevice.
     *
     * @details This function is called in case of an assert in the SoftDevice.
     *
     * @warning This handler is only an example and is not meant for the final product. You need to analyze
     *          how your product is supposed to react in case of assert.
     * @warning On assert from the SoftDevice, the system can only recover on reset.
     *
     * @param[in] line_num     Line number of the failing assert call.
     * @param[in] p_file_name  File name of the failing assert call.
     */
    void assert_nrf_callback(uint16_t line_num, const uint8_t * p_file_name)
    {
        app_error_handler(0xDEADBEEF, line_num, p_file_name);
    }
    
    
    /**@brief Function for starting scanning. */
    static void scan_start(void)
    {
        ret_code_t ret;
    
        ret = nrf_ble_scan_start(&m_scan);
        APP_ERROR_CHECK(ret);
    
        ret = bsp_indication_set(BSP_INDICATE_SCANNING);
        APP_ERROR_CHECK(ret);
    }
    
    
    /**@brief Function for handling Scanning Module events.
     */
    static void scan_evt_handler(scan_evt_t const * p_scan_evt)
    {
        ret_code_t err_code;
    
        switch(p_scan_evt->scan_evt_id)
        {
             case NRF_BLE_SCAN_EVT_CONNECTING_ERROR:
             {
                  err_code = p_scan_evt->params.connecting_err.err_code;
                  APP_ERROR_CHECK(err_code);
             } break;
    
             case NRF_BLE_SCAN_EVT_CONNECTED:
             {
                  ble_gap_evt_connected_t const * p_connected =
                                   p_scan_evt->params.connected.p_connected;
                 // Scan is automatically stopped by the connection.
                 NRF_LOG_INFO("Connecting to target %02x%02x%02x%02x%02x%02x",
                          p_connected->peer_addr.addr[0],
                          p_connected->peer_addr.addr[1],
                          p_connected->peer_addr.addr[2],
                          p_connected->peer_addr.addr[3],
                          p_connected->peer_addr.addr[4],
                          p_connected->peer_addr.addr[5]
                          );
             } break;
    
             case NRF_BLE_SCAN_EVT_SCAN_TIMEOUT:
             {
                 NRF_LOG_INFO("Scan timed out.");
                 scan_start();
             } break;
    
             default:
                 break;
        }
    }
    
    
    /**@brief Function for initializing the scanning and setting the filters.
     */
    static void scan_init(void)
    {
        ret_code_t          err_code;
        nrf_ble_scan_init_t init_scan;
    
        memset(&init_scan, 0, sizeof(init_scan));
    
        init_scan.connect_if_match = true;
        init_scan.conn_cfg_tag     = APP_BLE_CONN_CFG_TAG;
    
        err_code = nrf_ble_scan_init(&m_scan, &init_scan, scan_evt_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_ble_scan_filter_set(&m_scan, SCAN_UUID_FILTER, &m_nus_uuid);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_ble_scan_filters_enable(&m_scan, NRF_BLE_SCAN_UUID_FILTER, false);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for handling database discovery events.
     *
     * @details This function is a callback function to handle events from the database discovery module.
     *          Depending on the UUIDs that are discovered, this function forwards the events
     *          to their respective services.
     *
     * @param[in] p_event  Pointer to the database discovery event.
     */
    static void db_disc_handler(ble_db_discovery_evt_t * p_evt)
    {
        ble_nus_c_on_db_disc_evt(&m_ble_nus_c, p_evt);
    }
    
    
    /**@brief Function for handling characters received by the Nordic UART Service (NUS).
     *
     * @details This function takes a list of characters of length data_len and prints the characters out on UART.
     *          If @ref ECHOBACK_BLE_UART_DATA is set, the data is sent back to sender.
     */
    static void ble_nus_chars_received_uart_print(uint8_t * p_data, uint16_t data_len)
    {
        ret_code_t ret_val;
    
        NRF_LOG_DEBUG("Receiving data.");
        NRF_LOG_HEXDUMP_DEBUG(p_data, data_len);
    
        for (uint32_t i = 0; i < data_len; i++)
        {
            do
            {
                ret_val = app_uart_put(p_data[i]);
                if ((ret_val != NRF_SUCCESS) && (ret_val != NRF_ERROR_BUSY))
                {
                    NRF_LOG_ERROR("app_uart_put failed for index 0x%04x.", i);
                    APP_ERROR_CHECK(ret_val);
                }
            } while (ret_val == NRF_ERROR_BUSY);
        }
        if (p_data[data_len-1] == '\r')
        {
            while (app_uart_put('\n') == NRF_ERROR_BUSY);
        }
        if (ECHOBACK_BLE_UART_DATA)
        {
            // Send data back to the peripheral.
            do
            {
                ret_val = ble_nus_c_string_send(&m_ble_nus_c, p_data, data_len);
                if ((ret_val != NRF_SUCCESS) && (ret_val != NRF_ERROR_BUSY))
                {
                    NRF_LOG_ERROR("Failed sending NUS message. Error 0x%x. ", ret_val);
                    APP_ERROR_CHECK(ret_val);
                }
            } while (ret_val == NRF_ERROR_BUSY);
        }
    }
    
    
    /**@brief   Function for handling app_uart events.
     *
     * @details This function receives a single character from the app_uart module and appends it to
     *          a string. The string is sent over BLE when the last character received is a
     *          'new line' '\n' (hex 0x0A) or if the string reaches the maximum data length.
     */
    void uart_event_handle(app_uart_evt_t * p_event)
    {
        static uint8_t data_array[BLE_NUS_MAX_DATA_LEN];
        static uint16_t index = 0;
        uint32_t ret_val;
    
        switch (p_event->evt_type)
        {
            /**@snippet [Handling data from UART] */
            case APP_UART_DATA_READY:
                UNUSED_VARIABLE(app_uart_get(&data_array[index]));
                index++;
    
                if ((data_array[index - 1] == '\n') || (index >= (m_ble_nus_max_data_len)))
                {
                    NRF_LOG_DEBUG("Ready to send data over BLE NUS");
                    NRF_LOG_HEXDUMP_DEBUG(data_array, index);
    
                    do
                    {
                        ret_val = ble_nus_c_string_send(&m_ble_nus_c, data_array, index);
                        if ( (ret_val != NRF_ERROR_INVALID_STATE) && (ret_val != NRF_ERROR_RESOURCES) )
                        {
                            APP_ERROR_CHECK(ret_val);
                        }
                    } while (ret_val == NRF_ERROR_RESOURCES);
    
                    index = 0;
                }
                break;
    
            /**@snippet [Handling data from UART] */
            case APP_UART_COMMUNICATION_ERROR:
                NRF_LOG_ERROR("Communication error occurred while handling UART.");
                APP_ERROR_HANDLER(p_event->data.error_communication);
                break;
    
            case APP_UART_FIFO_ERROR:
                NRF_LOG_ERROR("Error occurred in FIFO module used by UART.");
                APP_ERROR_HANDLER(p_event->data.error_code);
                break;
    
            default:
                break;
        }
    }
    
    
    /**@brief Callback handling Nordic UART Service (NUS) client events.
     *
     * @details This function is called to notify the application of NUS client events.
     *
     * @param[in]   p_ble_nus_c   NUS client handle. This identifies the NUS client.
     * @param[in]   p_ble_nus_evt Pointer to the NUS client event.
     */
    
    /**@snippet [Handling events from the ble_nus_c module] */
    static void ble_nus_c_evt_handler(ble_nus_c_t * p_ble_nus_c, ble_nus_c_evt_t const * p_ble_nus_evt)
    {
        ret_code_t err_code;
    
        switch (p_ble_nus_evt->evt_type)
        {
            case BLE_NUS_C_EVT_DISCOVERY_COMPLETE:
                NRF_LOG_INFO("Discovery complete.");
                err_code = ble_nus_c_handles_assign(p_ble_nus_c, p_ble_nus_evt->conn_handle, &p_ble_nus_evt->handles);
                APP_ERROR_CHECK(err_code);
    
                err_code = ble_nus_c_tx_notif_enable(p_ble_nus_c);
                APP_ERROR_CHECK(err_code);
                NRF_LOG_INFO("Connected to device with Nordic UART Service.");
                break;
    
            case BLE_NUS_C_EVT_NUS_TX_EVT:
                ble_nus_chars_received_uart_print(p_ble_nus_evt->p_data, p_ble_nus_evt->data_len);
                break;
    
            case BLE_NUS_C_EVT_DISCONNECTED:
                NRF_LOG_INFO("Disconnected.");
                scan_start();
                break;
        }
    }
    /**@snippet [Handling events from the ble_nus_c module] */
    
    
    /**
     * @brief Function for handling shutdown events.
     *
     * @param[in]   event       Shutdown type.
     */
    static bool shutdown_handler(nrf_pwr_mgmt_evt_t event)
    {
        ret_code_t err_code;
    
        err_code = bsp_indication_set(BSP_INDICATE_IDLE);
        APP_ERROR_CHECK(err_code);
    
        switch (event)
        {
            case NRF_PWR_MGMT_EVT_PREPARE_WAKEUP:
                // Prepare wakeup buttons.
                err_code = bsp_btn_ble_sleep_mode_prepare();
                APP_ERROR_CHECK(err_code);
                break;
    
            default:
                break;
        }
    
        return true;
    }
    
    NRF_PWR_MGMT_HANDLER_REGISTER(shutdown_handler, APP_SHUTDOWN_HANDLER_PRIORITY);
    
    
    /**@brief Function for handling BLE events.
     *
     * @param[in]   p_ble_evt   Bluetooth stack event.
     * @param[in]   p_context   Unused.
     */
    static void ble_evt_handler(ble_evt_t const * p_ble_evt, void * p_context)
    {
        ret_code_t            err_code;
        ble_gap_evt_t const * p_gap_evt = &p_ble_evt->evt.gap_evt;
        uint8_t uuid[26];
    
        switch (p_ble_evt->header.evt_id)
        {
            case BLE_GAP_EVT_CONNECTED:
                err_code = ble_nus_c_handles_assign(&m_ble_nus_c, p_ble_evt->evt.gap_evt.conn_handle, NULL);
                APP_ERROR_CHECK(err_code);
    
                err_code = bsp_indication_set(BSP_INDICATE_CONNECTED);
                APP_ERROR_CHECK(err_code);
    
                // start discovery of services. The NUS Client waits for a discovery result
                err_code = ble_db_discovery_start(&m_db_disc, p_ble_evt->evt.gap_evt.conn_handle);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_DISCONNECTED:
    
                NRF_LOG_INFO("Disconnected. conn_handle: 0x%x, reason: 0x%x",
                             p_gap_evt->conn_handle,
                             p_gap_evt->params.disconnected.reason);
                break;
    
            case BLE_GAP_EVT_TIMEOUT:
                if (p_gap_evt->params.timeout.src == BLE_GAP_TIMEOUT_SRC_CONN)
                {
                    NRF_LOG_INFO("Connection Request timed out.");
                }
                break;
    
            case BLE_GAP_EVT_SEC_PARAMS_REQUEST:
                // Pairing not supported.
                err_code = sd_ble_gap_sec_params_reply(p_ble_evt->evt.gap_evt.conn_handle, BLE_GAP_SEC_STATUS_PAIRING_NOT_SUPP, NULL, NULL);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_CONN_PARAM_UPDATE_REQUEST:
                // Accepting parameters requested by peer.
                err_code = sd_ble_gap_conn_param_update(p_gap_evt->conn_handle,
                                                        &p_gap_evt->params.conn_param_update_request.conn_params);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GAP_EVT_PHY_UPDATE_REQUEST:
            {
                NRF_LOG_DEBUG("PHY update request.");
                ble_gap_phys_t const phys =
                {
                    .rx_phys = BLE_GAP_PHY_AUTO,
                    .tx_phys = BLE_GAP_PHY_AUTO,
                };
                err_code = sd_ble_gap_phy_update(p_ble_evt->evt.gap_evt.conn_handle, &phys);
                APP_ERROR_CHECK(err_code);
            } break;
    
            case BLE_GATTC_EVT_TIMEOUT:
                // Disconnect on GATT Client timeout event.
                NRF_LOG_DEBUG("GATT Client Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gattc_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
    
            case BLE_GATTS_EVT_TIMEOUT:
                // Disconnect on GATT Server timeout event.
                NRF_LOG_DEBUG("GATT Server Timeout.");
                err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gatts_evt.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
                break;
     /*      case BLE_GAP_EVT_ADV_REPORT:
    			
                            {
    				NRF_LOG_INFO("Advertise received");
    				scan_start();
                                    
    	//			nrf_gpio_pin_toggle(LED1_PIN);
    				
    				memmove(uuid, p_gap_evt->params.adv_report.data.p_data, p_gap_evt->params.adv_report.data.len);
    				
    				NRF_LOG_INFO("UUID: %02x%02x%02x%02x%02x%02x", uuid[0], uuid[1], uuid[2], uuid[3], uuid[4], uuid[5]);
    				
    				NRF_LOG_INFO("TX_POWER: %02x", p_gap_evt->params.adv_report.tx_power);
    				
    				NRF_LOG_INFO("RSSI: %02x", p_gap_evt->params.adv_report.rssi);
                           
                                     ble_gap_addr_t  addr;
    
                                        NRF_LOG_INFO("  MAC ADDRESS:  %02x:%02x:%02x:%02x:%02x:%02x ", 
                                         addr.addr[5],addr.addr[4],addr.addr[3],
                                         addr.addr[2],addr.addr[1],addr.addr[0] );
                                                                         
                                        // p_ble_evt->evt.gap_evt.params.connected.peer_addr.addr_type);
    				
    			} break;*/
    
            default:
                break;
        }
    }
    
    
    /**@brief Function for initializing the BLE stack.
     *
     * @details Initializes the SoftDevice and the BLE event interrupt.
     */
    static void ble_stack_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_sdh_enable_request();
        APP_ERROR_CHECK(err_code);
    
        // Configure the BLE stack using the default settings.
        // Fetch the start address of the application RAM.
        uint32_t ram_start = 0;
        err_code = nrf_sdh_ble_default_cfg_set(APP_BLE_CONN_CFG_TAG, &ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Enable BLE stack.
        err_code = nrf_sdh_ble_enable(&ram_start);
        APP_ERROR_CHECK(err_code);
    
        // Register a handler for BLE events.
        NRF_SDH_BLE_OBSERVER(m_ble_observer, APP_BLE_OBSERVER_PRIO, ble_evt_handler, NULL);
    }
    
    
    /**@brief Function for handling events from the GATT library. */
    void gatt_evt_handler(nrf_ble_gatt_t * p_gatt, nrf_ble_gatt_evt_t const * p_evt)
    {
        if (p_evt->evt_id == NRF_BLE_GATT_EVT_ATT_MTU_UPDATED)
        {
            NRF_LOG_INFO("ATT MTU exchange completed.");
    
            m_ble_nus_max_data_len = p_evt->params.att_mtu_effective - OPCODE_LENGTH - HANDLE_LENGTH;
            NRF_LOG_INFO("Ble NUS max data length set to 0x%X(%d)", m_ble_nus_max_data_len, m_ble_nus_max_data_len);
        }
    }
    
    
    /**@brief Function for initializing the GATT library. */
    void gatt_init(void)
    {
        ret_code_t err_code;
    
        err_code = nrf_ble_gatt_init(&m_gatt, gatt_evt_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = nrf_ble_gatt_att_mtu_central_set(&m_gatt, NRF_SDH_BLE_GATT_MAX_MTU_SIZE);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for handling events from the BSP module.
     *
     * @param[in] event  Event generated by button press.
     */
    void bsp_event_handler(bsp_event_t event)
    {
        ret_code_t err_code;
    
        switch (event)
        {
            case BSP_EVENT_SLEEP:
                nrf_pwr_mgmt_shutdown(NRF_PWR_MGMT_SHUTDOWN_GOTO_SYSOFF);
                break;
    
            case BSP_EVENT_DISCONNECT:
                err_code = sd_ble_gap_disconnect(m_ble_nus_c.conn_handle,
                                                 BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                if (err_code != NRF_ERROR_INVALID_STATE)
                {
                    APP_ERROR_CHECK(err_code);
                }
                break;
    
            default:
                break;
        }
    }
    
    /**@brief Function for initializing the UART. */
    static void uart_init(void)
    {
        ret_code_t err_code;
    
        app_uart_comm_params_t const comm_params =
        {
            .rx_pin_no    = RX_PIN_NUMBER,
            .tx_pin_no    = TX_PIN_NUMBER,
            .rts_pin_no   = RTS_PIN_NUMBER,
            .cts_pin_no   = CTS_PIN_NUMBER,
            .flow_control = APP_UART_FLOW_CONTROL_DISABLED,
            .use_parity   = false,
            .baud_rate    = UART_BAUDRATE_BAUDRATE_Baud115200
        };
    
        APP_UART_FIFO_INIT(&comm_params,
                           UART_RX_BUF_SIZE,
                           UART_TX_BUF_SIZE,
                           uart_event_handle,
                           APP_IRQ_PRIORITY_LOWEST,
                           err_code);
    
        APP_ERROR_CHECK(err_code);
    }
    
    /**@brief Function for initializing the Nordic UART Service (NUS) client. */
    static void nus_c_init(void)
    {
        ret_code_t       err_code;
        ble_nus_c_init_t init;
    
        init.evt_handler = ble_nus_c_evt_handler;
    
        err_code = ble_nus_c_init(&m_ble_nus_c, &init);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing buttons and leds. */
    static void buttons_leds_init(void)
    {
        ret_code_t err_code;
        bsp_event_t startup_event;
    
        err_code = bsp_init(BSP_INIT_LEDS, bsp_event_handler);
        APP_ERROR_CHECK(err_code);
    
        err_code = bsp_btn_ble_init(NULL, &startup_event);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing the timer. */
    static void timer_init(void)
    {
        ret_code_t err_code = app_timer_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for initializing the nrf log module. */
    static void log_init(void)
    {
        ret_code_t err_code = NRF_LOG_INIT(NULL);
        APP_ERROR_CHECK(err_code);
    
        NRF_LOG_DEFAULT_BACKENDS_INIT();
    }
    
    
    /**@brief Function for initializing power management.
     */
    static void power_management_init(void)
    {
        ret_code_t err_code;
        err_code = nrf_pwr_mgmt_init();
        APP_ERROR_CHECK(err_code);
    }
    
    
    /** @brief Function for initializing the database discovery module. */
    static void db_discovery_init(void)
    {
        ret_code_t err_code = ble_db_discovery_init(db_disc_handler);
        APP_ERROR_CHECK(err_code);
    }
    
    
    /**@brief Function for handling the idle state (main loop).
     *
     * @details Handles any pending log operations, then sleeps until the next event occurs.
     */
    static void idle_state_handle(void)
    {
        if (NRF_LOG_PROCESS() == false)
        {
            nrf_pwr_mgmt_run();
        }
    }
    
    void nonce_generate(uint8_t * p_buf)
    {
        uint8_t i         = COUNTER_BYTE_LEN;
        uint8_t remaining = NONCE_RAND_BYTE_LEN;
    
    
        while(0 != remaining)
        {
            uint32_t err_code;
            uint8_t  available = 0;
    
            err_code = sd_rand_application_bytes_available_get(&available);
            APP_ERROR_CHECK(err_code);
    
            available = ((available > remaining) ? remaining : available);
            if (0 != available)
            {
    	        err_code = sd_rand_application_vector_get((p_buf + i), available);
    	        APP_ERROR_CHECK(err_code);
    
    	        i         += available;
    	        remaining -= available;
    	    }
    
    	    if (0 != remaining)
    	    {
    	        nrf_delay_us(RNG_BYTE_WAIT_US * remaining);
    	    }
        }
    }
    
    static bool m_initialized = false;
    
    
    static nrf_ecb_hal_data_t m_ecb_data;
    
    
    void ctr_init(const uint8_t * p_nonce, const uint8_t * p_ecb_key)
    {
        m_initialized = true;
    
        // Save the key.
        memcpy(&m_ecb_data.key[0], p_ecb_key, ECB_KEY_LEN);
    
        // Copy the nonce.
        memcpy(&m_ecb_data.cleartext[COUNTER_BYTE_LEN],
    	          &p_nonce[COUNTER_BYTE_LEN],
    	          NONCE_RAND_BYTE_LEN);
    
        // Zero the counter value.
        memset(&m_ecb_data.cleartext[0], 0x00, COUNTER_BYTE_LEN);
    }
    
    static uint32_t crypt(uint8_t * buf)
    {
        uint8_t  i;
        uint32_t err_code;
    
        if (!m_initialized)
        {
    	    return NRF_ERROR_INVALID_STATE;
        }
    
        err_code = sd_ecb_block_encrypt(&m_ecb_data);
        if (NRF_SUCCESS != err_code)
        {
    	    return err_code;
        }
    
        for (i=0; i < ECB_KEY_LEN; i++)
        {
    	    buf[i] ^= m_ecb_data.ciphertext[i];
        }
    
        // Increment the counter.
        (*((uint32_t*) m_ecb_data.cleartext))++;
    
        return NRF_SUCCESS;
    }
    
    
    uint32_t ctr_encrypt(uint8_t * p_clear_text)
    {
        return crypt(p_clear_text);
    }
    
    
    uint32_t ctr_decrypt(uint8_t * p_cipher_text)
    {
        return crypt(p_cipher_text);
    }
    
    
    int main(void)
    {
        // Initialize.
        log_init();
        timer_init();
        uart_init();
        buttons_leds_init();
        db_discovery_init();
        power_management_init();
        ble_stack_init();
        gatt_init();
        nus_c_init();
        scan_init();
        uint8_t nounce[16] = {0};
        NRF_LOG_INFO("Encrypted plaintext:");
        NRF_LOG_HEXDUMP_INFO(m_ecb_data.ciphertext, sizeof(m_ecb_data.ciphertext));
    
        /* Reset the counter so that the message can be decrypted on this device.
        /  When ciphertext is sent to another device, then the counter will be incremented from zero and upwards after decrypting. 
        */
        
        m_ecb_data.cleartext[0] = 0x00;
        m_ecb_data.cleartext[1] = 0x00;
        m_ecb_data.cleartext[2] = 0x00;
        m_ecb_data.cleartext[3] = 0x00;
    
        // Decrypt the ciphertext with the same counter value, i.e. 0x00,0x00,0x00,0x00, that was used for encrypting. 
        ctr_decrypt(m_ecb_data.ciphertext);
        
        
        NRF_LOG_INFO("Decrypted plaintext:");
        NRF_LOG_HEXDUMP_INFO(m_ecb_data.cleartext, sizeof(m_ecb_data.cleartext));
        // Start execution.
        printf("BLE UART central example started.\r\n");
        NRF_LOG_INFO("BLE UART central example started.");
        scan_start();
    
        // Enter main loop.
        for (;;)
        {
            idle_state_handle();
        }
    }
    

    Thank you

  • You need to send the nounce used by the advertiser to the central in order to decrypt the message on the central side. 

    Since you are basing this on advertisement data, then you would have to place the nounce in the advertisement packet or the scan response packet for the central to decrypt the advertisment data. In addition you would have to make sure that the counters are in sync as well. In addition the advertisment data is the beacon UUID, major, minor etc, which is fixed and will not be changed during the lifetime of the device, so you will in reality only encrypt this once with counter values 0x00 and 0x01. 

    Hence,  I am beginning to doubt that this is the correct way of encrypting advertisment data. I think it might be much easier to just use an XOR cipher instead, i.e. just XOR the advertisement data with the m_ecb_key. That way you would not need to send any nounce nor keep any counters in sync. 

    It would be helpful if you could share a bit more on what the use case for the code is.

    Best regards

    Bjørn

  • bjorn-spockeli

    We are working on an application based on Id cards which broadcasts its information and gateway reads the information it and sends to a server. Now the problem is that the ID card's information should not be cloned by any third party.

Related