2016-07-20 21:10:36 +00:00
|
|
|
|
/* mbed Microcontroller Library
|
|
|
|
|
|
* Copyright (c) 2006-2015 ARM Limited
|
|
|
|
|
|
*
|
|
|
|
|
|
* Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
|
* you may not use this file except in compliance with the License.
|
|
|
|
|
|
* You may obtain a copy of the License at
|
|
|
|
|
|
*
|
|
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
*
|
|
|
|
|
|
* Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
|
* distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
|
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
|
* See the License for the specific language governing permissions and
|
|
|
|
|
|
* limitations under the License.
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
|
|
#ifndef __SECURITY_MANAGER_H__
|
|
|
|
|
|
#define __SECURITY_MANAGER_H__
|
|
|
|
|
|
|
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
|
|
|
|
|
|
|
#include "Gap.h"
|
|
|
|
|
|
#include "CallChainOfFunctionPointersWithContext.h"
|
2018-01-17 21:22:48 +00:00
|
|
|
|
#include "ble/BLETypes.h"
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
2018-01-04 15:08:40 +00:00
|
|
|
|
class SecurityManagerEventHandler;
|
|
|
|
|
|
class LegacySecurityManagerEventHandler;
|
2017-12-22 15:53:54 +00:00
|
|
|
|
|
2018-01-12 12:00:34 +00:00
|
|
|
|
using ble::connection_handle_t;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
using ble::pairing_failure_t;
|
2018-01-19 15:56:18 +00:00
|
|
|
|
using ble::link_encryption_t;
|
2018-01-24 10:22:53 +00:00
|
|
|
|
using ble::csrk_t;
|
2018-01-12 12:00:34 +00:00
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
class SecurityManager {
|
|
|
|
|
|
public:
|
2018-01-02 17:54:22 +00:00
|
|
|
|
enum Keypress_t {
|
2018-01-30 22:49:35 +00:00
|
|
|
|
KEYPRESS_STARTED, /**< Passkey entry started */
|
|
|
|
|
|
KEYPRESS_ENTERED, /**< Passkey digit entered */
|
|
|
|
|
|
KEYPRESS_ERASED, /**< Passkey digit erased */
|
|
|
|
|
|
KEYPRESS_CLEARED, /**< Passkey cleared */
|
|
|
|
|
|
KEYPRESS_COMPLETED, /**< Passkey entry completed */
|
2018-01-02 17:54:22 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
enum SecurityMode_t {
|
|
|
|
|
|
SECURITY_MODE_NO_ACCESS,
|
|
|
|
|
|
SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
|
|
|
|
|
|
SECURITY_MODE_ENCRYPTION_NO_MITM, /**< Require encryption, but no MITM protection. */
|
|
|
|
|
|
SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
|
|
|
|
|
|
SECURITY_MODE_SIGNED_NO_MITM, /**< Require signing or encryption, but no MITM protection. */
|
|
|
|
|
|
SECURITY_MODE_SIGNED_WITH_MITM, /**< Require signing or encryption, and MITM protection. */
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @brief Defines possible security status or states.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @details Defines possible security status or states of a link when requested by getLinkSecurity().
|
|
|
|
|
|
*/
|
|
|
|
|
|
enum LinkSecurityStatus_t {
|
|
|
|
|
|
NOT_ENCRYPTED, /**< The link is not secured. */
|
|
|
|
|
|
ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
|
|
|
|
|
|
ENCRYPTED /**< The link is secure.*/
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
enum SecurityIOCapabilities_t {
|
2018-01-30 22:49:35 +00:00
|
|
|
|
IO_CAPS_DISPLAY_ONLY = 0x00, /**< Display only. */
|
|
|
|
|
|
IO_CAPS_DISPLAY_YESNO = 0x01, /**< Display and yes/no entry. */
|
|
|
|
|
|
IO_CAPS_KEYBOARD_ONLY = 0x02, /**< Keyboard only. */
|
|
|
|
|
|
IO_CAPS_NONE = 0x03, /**< No I/O capabilities. */
|
2018-01-19 15:56:18 +00:00
|
|
|
|
IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
|
2016-07-20 21:10:36 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
enum SecurityCompletionStatus_t {
|
|
|
|
|
|
SEC_STATUS_SUCCESS = 0x00, /**< Procedure completed with success. */
|
|
|
|
|
|
SEC_STATUS_TIMEOUT = 0x01, /**< Procedure timed out. */
|
|
|
|
|
|
SEC_STATUS_PDU_INVALID = 0x02, /**< Invalid PDU received. */
|
2018-01-12 14:50:09 +00:00
|
|
|
|
SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81, /**< Passkey entry failed (user cancelled or other). */
|
2016-07-20 21:10:36 +00:00
|
|
|
|
SEC_STATUS_OOB_NOT_AVAILABLE = 0x82, /**< Out of Band Key not available. */
|
|
|
|
|
|
SEC_STATUS_AUTH_REQ = 0x83, /**< Authentication requirements not met. */
|
|
|
|
|
|
SEC_STATUS_CONFIRM_VALUE = 0x84, /**< Confirm value failed. */
|
|
|
|
|
|
SEC_STATUS_PAIRING_NOT_SUPP = 0x85, /**< Pairing not supported. */
|
|
|
|
|
|
SEC_STATUS_ENC_KEY_SIZE = 0x86, /**< Encryption key size. */
|
|
|
|
|
|
SEC_STATUS_SMP_CMD_UNSUPPORTED = 0x87, /**< Unsupported SMP command. */
|
|
|
|
|
|
SEC_STATUS_UNSPECIFIED = 0x88, /**< Unspecified reason. */
|
|
|
|
|
|
SEC_STATUS_REPEATED_ATTEMPTS = 0x89, /**< Too little time elapsed since last attempt. */
|
|
|
|
|
|
SEC_STATUS_INVALID_PARAMS = 0x8A, /**< Invalid parameters. */
|
2018-01-12 14:50:09 +00:00
|
|
|
|
SEC_STATUS_DHKEY_CHECK_FAILED = 0x8B, /**< DHKey received doesn’t match locally calculated one. */
|
|
|
|
|
|
SEC_STATUS_COMPARISON_FAILED = 0x8C, /**< Values in the numeric comparison protocol do not match. */
|
2016-07-20 21:10:36 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Declaration of type containing a passkey to be used during pairing. This
|
|
|
|
|
|
* is passed into initializeSecurity() to specify a pre-programmed passkey
|
|
|
|
|
|
* for authentication instead of generating a random one.
|
|
|
|
|
|
*/
|
|
|
|
|
|
static const unsigned PASSKEY_LEN = 6;
|
2018-01-30 22:49:35 +00:00
|
|
|
|
typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
|
2017-12-22 15:53:54 +00:00
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
|
|
|
|
|
|
typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/* legacy callbacks, please use SecurityManagerEventHandler instead */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
typedef void (*HandleSpecificEvent_t)(connection_handle_t connectionHandle);
|
2018-01-30 22:49:35 +00:00
|
|
|
|
typedef void (*SecuritySetupInitiatedCallback_t)(connection_handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
|
|
|
|
|
|
typedef void (*SecuritySetupCompletedCallback_t)(connection_handle_t, SecurityCompletionStatus_t status);
|
2018-01-31 17:27:32 +00:00
|
|
|
|
typedef void (*LinkSecuredCallback_t)(connection_handle_t connectionHandle, SecurityMode_t securityMode);
|
|
|
|
|
|
typedef void (*PasskeyDisplayCallback_t)(connection_handle_t connectionHandle, const Passkey_t passkey);
|
2018-01-30 22:49:35 +00:00
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/** The stack will use these functions to signal events to the application,
|
|
|
|
|
|
* subclass to override handlers. Use SecurityManager::setSecurityManagerEventHandler
|
|
|
|
|
|
* to set the interface implementation to be used. */
|
2018-01-16 11:23:33 +00:00
|
|
|
|
class SecurityManagerEventHandler {
|
|
|
|
|
|
public:
|
|
|
|
|
|
SecurityManagerEventHandler() {};
|
|
|
|
|
|
virtual ~SecurityManagerEventHandler() {};
|
|
|
|
|
|
|
2018-01-17 21:22:48 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Pairing
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Request application to accept or reject pairing. Application should respond by
|
|
|
|
|
|
* calling the appropriate function: acceptPairingRequest or cancelPairingRequest
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void pairingRequest(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application that pairing has completed.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @param[in] result result of the pairing indicating success or reason for failure
|
|
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void pairingResult(connection_handle_t connectionHandle, SecurityCompletionStatus_t result) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-19 16:41:18 +00:00
|
|
|
|
(void)result;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Security
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application that the set timeout time has elapsed without
|
|
|
|
|
|
* receiving a packet with a valid MIC.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void validMicTimeout(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Deliver the requested whitelist to the application.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] whitelist whitelist created based on the bonding table,
|
|
|
|
|
|
* caller transfers the memory ownership
|
|
|
|
|
|
*/
|
2018-01-17 21:22:48 +00:00
|
|
|
|
virtual void whitelistFromBondTable(Gap::Whitelist_t* whitelist) {
|
|
|
|
|
|
if (whitelist) {
|
|
|
|
|
|
delete whitelist;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-18 20:14:35 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Encryption
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Inform the device of the encryption state of a given link.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @param[in] result encryption state of the link
|
|
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void linkEncryptionResult(connection_handle_t connectionHandle, link_encryption_t result) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-19 16:41:18 +00:00
|
|
|
|
(void)result;
|
2018-01-16 11:23:33 +00:00
|
|
|
|
}
|
2018-01-17 21:22:48 +00:00
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// MITM
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Display the given passkey on the local device.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @param[in] passkey 6 digit passkey to be displayed
|
|
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void passkeyDisplay(connection_handle_t connectionHandle, const SecurityManager::Passkey_t passkey) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-16 11:23:33 +00:00
|
|
|
|
(void)passkey;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application that a confirmation is required. The application should
|
|
|
|
|
|
* proceed by supplying the confirmation confirmationEntered function.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void confirmationRequest(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application that a passkey is required. The application should
|
|
|
|
|
|
* proceed by supplying the passkey through the passkeyEntered function.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void passkeyRequest(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Notify the application that a key was pressed by the peer during passkey entry.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @param[in] keypress type of keypress event
|
|
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void keypressNotification(connection_handle_t connectionHandle, SecurityManager::Keypress_t keypress) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-16 11:23:33 +00:00
|
|
|
|
(void)keypress;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application it needs to return out of band data to the stack.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void legacyPairingOobRequest(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Indicate to the application it needs to return out of band data to the stack.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void oobRequest(connection_handle_t connectionHandle) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-17 21:22:48 +00:00
|
|
|
|
}
|
2018-01-21 18:26:35 +00:00
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Keys
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-30 22:49:35 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Deliver the signing key to the application.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] connectionHandle connection connectionHandle
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @param[in] csrk signing key, pointer only valid during call
|
|
|
|
|
|
* @param[in] authenticated indicates if the signing key is authenticated
|
|
|
|
|
|
*/
|
2018-01-31 17:27:32 +00:00
|
|
|
|
virtual void signingKey(connection_handle_t connectionHandle, const csrk_t *csrk, bool authenticated) {
|
|
|
|
|
|
(void)connectionHandle;
|
2018-01-21 18:26:35 +00:00
|
|
|
|
(void)csrk;
|
|
|
|
|
|
(void)authenticated;
|
|
|
|
|
|
}
|
2018-01-16 11:23:33 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/*
|
|
|
|
|
|
* The following functions are meant to be overridden in the platform-specific sub-class.
|
|
|
|
|
|
*/
|
|
|
|
|
|
public:
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// SM lifecycle management
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Enable the BLE stack's Security Manager. The Security Manager implements
|
|
|
|
|
|
* the actual cryptographic algorithms and protocol exchanges that allow two
|
|
|
|
|
|
* devices to securely exchange data and privately detect each other.
|
|
|
|
|
|
* Calling this API is a prerequisite for encryption and pairing (bonding).
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] enableBonding Allow for bonding.
|
|
|
|
|
|
* @param[in] requireMITM Require protection for man-in-the-middle attacks.
|
|
|
|
|
|
* @param[in] iocaps To specify the I/O capabilities of this peripheral,
|
|
|
|
|
|
* such as availability of a display or keyboard, to
|
|
|
|
|
|
* support out-of-band exchanges of security data.
|
|
|
|
|
|
* @param[in] passkey To specify a static passkey.
|
2018-01-21 18:26:35 +00:00
|
|
|
|
* @param[in] signing Generate and distribute signing key during pairing
|
2016-07-20 21:10:36 +00:00
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE on success.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t init(bool enableBonding = true,
|
|
|
|
|
|
bool requireMITM = true,
|
|
|
|
|
|
SecurityIOCapabilities_t iocaps = IO_CAPS_NONE,
|
2018-01-21 18:26:35 +00:00
|
|
|
|
const Passkey_t passkey = NULL,
|
|
|
|
|
|
bool signing = true) {
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/* Avoid compiler warnings about unused variables. */
|
|
|
|
|
|
(void)enableBonding;
|
|
|
|
|
|
(void)requireMITM;
|
|
|
|
|
|
(void)iocaps;
|
|
|
|
|
|
(void)passkey;
|
|
|
|
|
|
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2018-01-15 22:05:44 +00:00
|
|
|
|
* Notify all registered onShutdown callbacks that the SecurityManager is
|
|
|
|
|
|
* about to be shutdown and clear all SecurityManager state of the
|
|
|
|
|
|
* associated object.
|
2016-07-20 21:10:36 +00:00
|
|
|
|
*
|
2018-01-15 22:05:44 +00:00
|
|
|
|
* This function is meant to be overridden in the platform-specific
|
|
|
|
|
|
* sub-class. Nevertheless, the sub-class is only expected to reset its
|
|
|
|
|
|
* state and not the data held in SecurityManager members. This shall be
|
|
|
|
|
|
* achieved by a call to SecurityManager::reset() from the sub-class'
|
|
|
|
|
|
* reset() implementation.
|
2016-07-20 21:10:36 +00:00
|
|
|
|
*
|
2018-01-15 22:05:44 +00:00
|
|
|
|
* @return BLE_ERROR_NONE on success.
|
2016-07-20 21:10:36 +00:00
|
|
|
|
*/
|
2018-01-15 22:05:44 +00:00
|
|
|
|
virtual ble_error_t reset(void) {
|
|
|
|
|
|
/* Notify that the instance is about to shutdown */
|
|
|
|
|
|
shutdownCallChain.call(this);
|
|
|
|
|
|
shutdownCallChain.clear();
|
|
|
|
|
|
if (eventHandler != &defaultEventHandler) {
|
|
|
|
|
|
delete eventHandler;
|
2018-01-16 11:23:33 +00:00
|
|
|
|
eventHandler = &defaultEventHandler;
|
2018-01-15 22:05:44 +00:00
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
return BLE_ERROR_NONE;
|
2018-01-08 11:28:48 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Normally all bonding information is lost when device is reset, this requests that the stack
|
|
|
|
|
|
* attempts to save the information and reload it during initialisation. This is not guaranteed.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] enable if true the stack will attempt to preserve bonding information on reset.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t preserveBondingStateOnReset(bool enable) {
|
|
|
|
|
|
/* Avoid compiler warnings about unused variables */
|
|
|
|
|
|
(void) enable;
|
|
|
|
|
|
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// List management
|
|
|
|
|
|
//
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Delete all peer device context and all related bonding information from
|
|
|
|
|
|
* the database within the security manager.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
|
|
|
|
|
|
* @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
|
|
|
|
|
|
* application registration.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t purgeAllBondingState(void) {
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-17 10:30:34 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Create a list of addresses from all peers in the bond table and generate
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* an event which returns it as a whitelist. Pass in the container for the whitelist.
|
|
|
|
|
|
* This will be returned by the event.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] whitelist Preallocated whitelist which will be filled up to its capacity.
|
|
|
|
|
|
* If whitelist already contains entries this will be appended to.
|
|
|
|
|
|
* Ownership of memory is trasnferred from the caller. It will be
|
|
|
|
|
|
* returned in the generated event.
|
2018-01-17 10:30:34 +00:00
|
|
|
|
*
|
|
|
|
|
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t generateWhitelistFromBondTable(Gap::Whitelist_t *whitelist) const {
|
2018-01-17 10:30:34 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-19 14:24:28 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Pairing
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Request pairing with the peer. Called by the master.
|
|
|
|
|
|
* @note Slave can call requestAuthentication or setLinkEncryption to achieve security.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t requestPairing(connection_handle_t connectionHandle) {
|
2018-01-19 14:24:28 +00:00
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Accept the pairing request. Called as a result of pairingRequest being called
|
|
|
|
|
|
* on the event handler.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t acceptPairingRequest(connection_handle_t connectionHandle) {
|
2018-01-19 14:24:28 +00:00
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Reject pairing request if the local device is the slave or cancel an outstanding
|
|
|
|
|
|
* pairing request if master.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t canceltPairingRequest(connection_handle_t connectionHandle) {
|
2018-01-19 14:24:28 +00:00
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Tell the stack whether the application needs to authorise pairing requests or should
|
|
|
|
|
|
* they be automatically accepted.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] required If set to true, pairingRequest in the event handler will
|
|
|
|
|
|
* will be called and will require an action from the application
|
|
|
|
|
|
* to continue with pairing by calling acceptPairingRequest
|
|
|
|
|
|
* or canceltPairingRequest if the user wishes to reject it.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-19 14:24:28 +00:00
|
|
|
|
virtual ble_error_t setPairingRequestAuthorisation(bool required = true) {
|
|
|
|
|
|
(void) required;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Feature support
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Allow of disallow the use of legacy pairing in case the application only wants
|
|
|
|
|
|
* to force the use of Secure Connections. If legacy pairing is disallowed and either
|
|
|
|
|
|
* side doesn't support Secure Connections the pairing will fail.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[out] allow If true legacy pairing will be used if either side doesn't support Secure Connections.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-16 14:48:08 +00:00
|
|
|
|
virtual ble_error_t allowLegacyPairing(bool allow = true) {
|
|
|
|
|
|
(void) allow;
|
2018-01-15 22:05:44 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Check if the Secure Connections feature is supported by the stack and controller.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[out] enabled true if SC are supported
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-16 14:48:08 +00:00
|
|
|
|
virtual ble_error_t getSecureConnectionsSupport(bool *enabled) {
|
2018-01-15 22:05:44 +00:00
|
|
|
|
(void) enabled;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Security settings
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the IO capability of the local device.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] iocaps type of IO capabilities available on the local device
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-19 10:30:38 +00:00
|
|
|
|
virtual ble_error_t setIoCapability(SecurityIOCapabilities_t iocaps) {
|
|
|
|
|
|
(void) iocaps;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-17 11:04:37 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the passkey that is displayed on the local device instead of using
|
|
|
|
|
|
* a randomly generated one
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] passkey asci string of 6 digits
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
2018-01-17 11:04:37 +00:00
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t setDisplayPasskey(const Passkey_t passkey) {
|
2018-01-15 22:05:44 +00:00
|
|
|
|
(void) passkey;
|
2018-01-08 11:28:48 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the time after which an event will be generated unless we received a packet with
|
|
|
|
|
|
* a valid MIC.
|
|
|
|
|
|
* @param[in] connection connection handle
|
|
|
|
|
|
* @param[in] timeout_in_10ms time measured in units of 10 milliseconds
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t setAuthenticationTimeout(connection_handle_t connectionHandle, uint32_t timeout_in_ms) {
|
|
|
|
|
|
(void) connectionHandle;
|
2018-01-09 16:55:12 +00:00
|
|
|
|
(void) timeout_in_ms;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
2018-01-15 22:05:44 +00:00
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Get the time after which an event will be generated unless we received a packet with
|
|
|
|
|
|
* a valid MIC.
|
|
|
|
|
|
* @param[in] connection connection handle
|
|
|
|
|
|
* @param[out] timeout_in_10ms time measured in units of 10 milliseconds
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t getAuthenticationTimeout(connection_handle_t connectionHandle, uint32_t *timeout_in_ms) {
|
|
|
|
|
|
(void) connectionHandle;
|
2018-01-09 16:55:12 +00:00
|
|
|
|
(void) timeout_in_ms;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the security mode on a connection. Useful for elevating the security mode
|
|
|
|
|
|
* once certain conditions are met, e.g., a particular service is found.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] securityMode Requested security mode.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t setLinkSecurity(connection_handle_t connectionHandle, SecurityMode_t securityMode) {
|
2018-01-15 22:05:44 +00:00
|
|
|
|
/* Avoid compiler warnings about unused variables. */
|
|
|
|
|
|
(void)connectionHandle;
|
|
|
|
|
|
(void)securityMode;
|
|
|
|
|
|
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-16 18:16:15 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set whether or not we want to send and receive keypress notifications
|
|
|
|
|
|
* during passkey entry.
|
|
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] enabled if true pairing will try to enable keypress notifications
|
2018-01-16 18:16:15 +00:00
|
|
|
|
* (dependant on other side supporting it)
|
|
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t setKeypressNotification(bool enabled = true) {
|
|
|
|
|
|
(void)enabled;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Request generation and exchange of signing keys so that packet signing can be utilised
|
|
|
|
|
|
* on this connection.
|
|
|
|
|
|
* @note This does not generate a signingKey event. Use getSigningKey for that.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] enabled If set to true, signing keys will be exchanged
|
|
|
|
|
|
* during subsequent pairing.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t enableSigning(connection_handle_t connectionHandle, bool enabled = true) {
|
2018-01-21 18:26:35 +00:00
|
|
|
|
(void) enabled;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-22 16:21:30 +00:00
|
|
|
|
/**
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* Give a hint to the stack that the master/slave role might change in the future.
|
2018-01-22 16:21:30 +00:00
|
|
|
|
*
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @param[in] enable If set to true it hints the roles are likely to swap in the future.
|
2018-01-22 16:21:30 +00:00
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t setHintFutureRoleReversal(bool enable = true) {
|
|
|
|
|
|
(void)enable;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Encryption
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Current state of encryption on the link.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[out] encryption
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t getLinkEncryption(connection_handle_t connectionHandle, link_encryption_t *encryption) {
|
2018-01-15 22:05:44 +00:00
|
|
|
|
(void)connectionHandle;
|
2018-01-21 18:26:35 +00:00
|
|
|
|
(void)encryption;
|
2018-01-08 11:28:48 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Enabled or disable encryption on the link. The result of this request will be indicated
|
|
|
|
|
|
* by a call to linkEncryptionResult in the event handler when the action is completed.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] encryption
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-21 22:57:05 +00:00
|
|
|
|
virtual ble_error_t setLinkEncryption(connection_handle_t connectionHandle, link_encryption_t encryption) {
|
|
|
|
|
|
(void)connectionHandle;
|
|
|
|
|
|
(void)encryption;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Return the size of the encryption key used on this link.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[out] size Size of the encryption key in bytes
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t getEncryptionKeySize(connection_handle_t connectionHandle, uint8_t *byteSize) {
|
|
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
(void) byteSize;
|
2018-01-08 11:28:48 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the requirements for encryption key size. If the peer cannot comply with the requirements
|
|
|
|
|
|
* paring will fail.
|
|
|
|
|
|
*
|
2018-02-06 10:17:31 +00:00
|
|
|
|
* @param[in] minimumByteSize Smallest allowed encryption key size in bytes. (no smaller than 7)
|
|
|
|
|
|
* @param[in] maximumByteSize Largest allowed encryption key size in bytes. (no larger than 16)
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-19 12:18:36 +00:00
|
|
|
|
virtual ble_error_t setEncryptionKeyRequirements(uint8_t minimumByteSize, uint8_t maximumByteSize) {
|
|
|
|
|
|
(void) minimumByteSize;
|
|
|
|
|
|
(void) maximumByteSize;
|
2018-01-18 20:14:35 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Privacy
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Set the time after which the private adress will be regenerated.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] timeout_in_seconds How often (in seconds) the private address should be regenerated.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-15 22:05:44 +00:00
|
|
|
|
virtual ble_error_t setPrivateAddressTimeout(uint16_t timeout_in_seconds) {
|
|
|
|
|
|
(void) timeout_in_seconds;
|
2018-01-08 11:28:48 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
2018-01-08 11:40:27 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Authentication
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Request that the link be authenticated (keys with MITM protection). This might trigger encryption
|
|
|
|
|
|
* or pairing/re-pairing. The success will be indicated through an event indicating security level change.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t requestAuthentication(connection_handle_t connectionHandle) {
|
2018-01-02 17:54:22 +00:00
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// MITM
|
|
|
|
|
|
//
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Enable OOB data usage during paring.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] useOOB If set to true, authenticate using OOB data.
|
|
|
|
|
|
* @param[in] OOBProvidesMITM If set to true keys exchanged during pairing using OOB data
|
|
|
|
|
|
* will provide MITM protection. This indicates that the form
|
|
|
|
|
|
* of exchange used by the OOB data itself provides MITM protection.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t setOOBDataUsage(connection_handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = true) {
|
2018-01-15 22:05:44 +00:00
|
|
|
|
/* Avoid compiler warnings about unused variables */
|
|
|
|
|
|
(void) connectionHandle;
|
|
|
|
|
|
(void) useOOB;
|
|
|
|
|
|
(void) OOBProvidesMITM;
|
2018-01-05 17:32:49 +00:00
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Report to the stack if the passkey matches or not. Used during pairing to provide MITM protection.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] confirmation True value indicates the passkey displayed matches.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t confirmationEntered(connection_handle_t connectionHandle, bool confirmation) {
|
|
|
|
|
|
(void) connectionHandle;
|
2018-01-05 17:32:49 +00:00
|
|
|
|
(void) confirmation;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
2018-01-31 17:27:32 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Supply the stack with the user entered passkey.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] passkey ASCI string of digits entered by the user.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t passkeyEntered(connection_handle_t connectionHandle, Passkey_t passkey) {
|
|
|
|
|
|
(void) connectionHandle;
|
2018-01-05 17:32:49 +00:00
|
|
|
|
(void) passkey;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
2018-01-31 17:27:32 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Send a notification to the peer that the user pressed a key on the local device.
|
|
|
|
|
|
* @note This will only be delivered if the keypress notifications have been enabled during pairing.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] keypress Type of keypress event.
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t sendKeypressNotification(connection_handle_t connectionHandle, Keypress_t keypress) {
|
|
|
|
|
|
(void) connectionHandle;
|
2018-01-05 17:32:49 +00:00
|
|
|
|
(void) keypress;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-19 17:55:53 +00:00
|
|
|
|
////////////////////////////////////////////////////////////////////////////
|
|
|
|
|
|
// Keys
|
|
|
|
|
|
//
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Retrieves a signing key through a signingKey event.
|
|
|
|
|
|
* If a signing key is not present, pairing/authentication will be attempted.
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* @note This will attempt to retrieve the key even if enableSigning hasn't been called prior to pairing.
|
2018-01-19 17:55:53 +00:00
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[in] authenticated Whether the signing key needs to be authenticated
|
|
|
|
|
|
* (provide MITM protection).
|
|
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
virtual ble_error_t getSigningKey(connection_handle_t connectionHandle, bool authenticated) {
|
2018-01-19 17:55:53 +00:00
|
|
|
|
(void)connectionHandle;
|
|
|
|
|
|
(void)authenticated;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/* Event callback handlers. */
|
|
|
|
|
|
public:
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Setup a callback to be invoked to notify the user application that the
|
|
|
|
|
|
* SecurityManager instance is about to shutdown (possibly as a result of a call
|
|
|
|
|
|
* to BLE::shutdown()).
|
|
|
|
|
|
*
|
|
|
|
|
|
* @note It is possible to chain together multiple onShutdown callbacks
|
|
|
|
|
|
* (potentially from different modules of an application) to be notified
|
|
|
|
|
|
* before the SecurityManager is shutdown.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @note It is also possible to set up a callback into a member function of
|
|
|
|
|
|
* some object.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @note It is possible to unregister a callback using onShutdown().detach(callback)
|
|
|
|
|
|
*/
|
|
|
|
|
|
void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
|
|
|
|
|
|
shutdownCallChain.add(callback);
|
|
|
|
|
|
}
|
|
|
|
|
|
template <typename T>
|
|
|
|
|
|
void onShutdown(T *objPtr, void (T::*memberPtr)(const SecurityManager *)) {
|
|
|
|
|
|
shutdownCallChain.add(objPtr, memberPtr);
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
2018-01-31 17:27:32 +00:00
|
|
|
|
* Provide access to the callchain of shutdown event callbacks.
|
|
|
|
|
|
* It is possible to register callbacks using onShutdown().add(callback).
|
|
|
|
|
|
* It is possible to unregister callbacks using onShutdown().detach(callback).
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* @return The shutdown event callbacks chain
|
|
|
|
|
|
*/
|
|
|
|
|
|
SecurityManagerShutdownCallbackChain_t& onShutdown() {
|
|
|
|
|
|
return shutdownCallChain;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
/**
|
|
|
|
|
|
* Assign the event handler implementation that will be used by the stack to signal events
|
|
|
|
|
|
* back to the application.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] handler Event Handler interface implementation.
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void setSecurityManagerEventHandler(SecurityManagerEventHandler* handler) {
|
|
|
|
|
|
if (handler) {
|
2018-01-10 15:12:59 +00:00
|
|
|
|
if (eventHandler && (eventHandler != &defaultEventHandler)) {
|
2018-01-04 15:08:40 +00:00
|
|
|
|
delete eventHandler;
|
|
|
|
|
|
}
|
|
|
|
|
|
eventHandler = handler;
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
protected:
|
|
|
|
|
|
SecurityManager() {
|
|
|
|
|
|
eventHandler = &defaultEventHandler;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
virtual ~SecurityManager() { };
|
|
|
|
|
|
|
2018-01-15 22:05:44 +00:00
|
|
|
|
public:
|
2018-01-19 14:58:07 +00:00
|
|
|
|
/**
|
2018-01-30 22:49:35 +00:00
|
|
|
|
* @deprecated use generateWhitelistFromBondTable instead
|
2018-01-19 14:58:07 +00:00
|
|
|
|
*
|
|
|
|
|
|
* Get a list of addresses from all peers in the bond table.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in,out] addresses
|
|
|
|
|
|
* (on input) addresses.capacity contains the maximum
|
|
|
|
|
|
* number of addresses to be returned.
|
|
|
|
|
|
* (on output) The populated table with copies of the
|
|
|
|
|
|
* addresses in the implementation's whitelist.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
|
|
|
|
|
|
* @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
|
|
|
|
|
|
* application registration.
|
|
|
|
|
|
*/
|
|
|
|
|
|
virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
|
|
|
|
|
|
/* Avoid compiler warnings about unused variables */
|
|
|
|
|
|
(void) addresses;
|
|
|
|
|
|
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
|
* @deprecated
|
|
|
|
|
|
*
|
|
|
|
|
|
* Get the security status of a connection.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @param[in] connectionHandle Handle to identify the connection.
|
|
|
|
|
|
* @param[out] securityStatusP Security status.
|
|
|
|
|
|
*
|
|
|
|
|
|
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
|
|
|
|
|
|
*/
|
2018-01-30 22:49:35 +00:00
|
|
|
|
ble_error_t getLinkSecurity(connection_handle_t connectionHandle, LinkSecurityStatus_t *securityStatus) {
|
2018-01-19 15:56:18 +00:00
|
|
|
|
link_encryption_t encryption(link_encryption_t::NOT_ENCRYPTED);
|
|
|
|
|
|
ble_error_t status = getLinkEncryption(connectionHandle, &encryption);
|
|
|
|
|
|
/* legacy support limits the return values */
|
|
|
|
|
|
if (encryption.value() == link_encryption_t::ENCRYPTED_WITH_MITM) {
|
|
|
|
|
|
*securityStatus = ENCRYPTED;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
*securityStatus = (LinkSecurityStatus_t)encryption.value();
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
return status;
|
2018-01-19 14:58:07 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/**
|
2018-01-03 15:03:13 +00:00
|
|
|
|
* @deprecated
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* To indicate that a security procedure for the link has started.
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {
|
|
|
|
|
|
defaultEventHandler.securitySetupInitiatedCallback = callback;
|
|
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
2018-01-03 15:03:13 +00:00
|
|
|
|
* @deprecated
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* To indicate that the security procedure for the link has completed.
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {
|
|
|
|
|
|
defaultEventHandler.securitySetupCompletedCallback = callback;
|
|
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
2018-01-03 15:03:13 +00:00
|
|
|
|
* @deprecated
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* To indicate that the link with the peer is secured. For bonded devices,
|
|
|
|
|
|
* subsequent reconnections with a bonded peer will result only in this callback
|
|
|
|
|
|
* when the link is secured; setup procedures will not occur (unless the
|
|
|
|
|
|
* bonding information is either lost or deleted on either or both sides).
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void onLinkSecured(LinkSecuredCallback_t callback) {
|
|
|
|
|
|
defaultEventHandler.linkSecuredCallback = callback;
|
|
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
|
|
|
|
|
/**
|
2018-01-03 15:03:13 +00:00
|
|
|
|
* @deprecated
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* To indicate that device context is stored persistently.
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {
|
|
|
|
|
|
defaultEventHandler.securityContextStoredCallback = callback;
|
|
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated
|
|
|
|
|
|
*
|
2016-07-20 21:10:36 +00:00
|
|
|
|
* To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
|
|
|
|
|
|
*/
|
2018-01-04 15:08:40 +00:00
|
|
|
|
virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {
|
|
|
|
|
|
defaultEventHandler.passkeyDisplayCallback = callback;
|
2018-01-03 18:04:22 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
/* Entry points for the underlying stack to report events back to the user. */
|
|
|
|
|
|
public:
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
void processSecuritySetupInitiatedEvent(connection_handle_t connectionHandle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
|
2018-01-18 14:38:25 +00:00
|
|
|
|
if (defaultEventHandler.securitySetupInitiatedCallback) {
|
2018-01-31 17:27:32 +00:00
|
|
|
|
defaultEventHandler.securitySetupInitiatedCallback(connectionHandle, allowBonding, requireMITM, iocaps);
|
2018-01-18 14:38:25 +00:00
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
}
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
void processSecuritySetupCompletedEvent(connection_handle_t connectionHandle, SecurityCompletionStatus_t status) {
|
|
|
|
|
|
eventHandler->pairingResult(connectionHandle, status);
|
2016-07-20 21:10:36 +00:00
|
|
|
|
}
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
void processLinkSecuredEvent(connection_handle_t connectionHandle, SecurityMode_t securityMode) {
|
2018-01-19 11:30:27 +00:00
|
|
|
|
if (securityMode == SECURITY_MODE_ENCRYPTION_NO_MITM) {
|
2018-01-31 17:27:32 +00:00
|
|
|
|
eventHandler->linkEncryptionResult(connectionHandle, link_encryption_t::ENCRYPTED);
|
2018-01-18 20:14:35 +00:00
|
|
|
|
} else {
|
2018-01-31 17:27:32 +00:00
|
|
|
|
eventHandler->linkEncryptionResult(connectionHandle, link_encryption_t::NOT_ENCRYPTED);
|
2018-01-18 20:14:35 +00:00
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
}
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
void processSecurityContextStoredEvent(connection_handle_t connectionHandle) {
|
2018-01-18 14:38:25 +00:00
|
|
|
|
if (defaultEventHandler.securityContextStoredCallback) {
|
2018-01-31 17:27:32 +00:00
|
|
|
|
defaultEventHandler.securityContextStoredCallback(connectionHandle);
|
2018-01-18 14:38:25 +00:00
|
|
|
|
}
|
2016-07-20 21:10:36 +00:00
|
|
|
|
}
|
2018-01-03 15:03:13 +00:00
|
|
|
|
/** @deprecated */
|
2018-01-31 17:27:32 +00:00
|
|
|
|
void processPasskeyDisplayEvent(connection_handle_t connectionHandle, const Passkey_t passkey) {
|
|
|
|
|
|
eventHandler->passkeyDisplay(connectionHandle, passkey);
|
2018-01-02 17:54:22 +00:00
|
|
|
|
}
|
|
|
|
|
|
|
2018-01-31 17:27:32 +00:00
|
|
|
|
private:
|
|
|
|
|
|
/* Legacy compatibility with old callbacks (from both sides so any
|
|
|
|
|
|
* combination of new and old works) */
|
|
|
|
|
|
class LegacySecurityManagerEventHandler : public SecurityManagerEventHandler {
|
|
|
|
|
|
public:
|
|
|
|
|
|
LegacySecurityManagerEventHandler() :
|
|
|
|
|
|
securitySetupInitiatedCallback(),
|
|
|
|
|
|
securitySetupCompletedCallback(),
|
|
|
|
|
|
linkSecuredCallback(),
|
|
|
|
|
|
securityContextStoredCallback(),
|
|
|
|
|
|
passkeyDisplayCallback() { };
|
|
|
|
|
|
|
|
|
|
|
|
virtual void pairingResult(connection_handle_t connectionHandle, SecurityCompletionStatus_t result) {
|
|
|
|
|
|
if (securitySetupCompletedCallback) {
|
|
|
|
|
|
securitySetupCompletedCallback(connectionHandle, result);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
virtual void linkEncryptionResult(connection_handle_t connectionHandle, link_encryption_t result) {
|
|
|
|
|
|
if (linkSecuredCallback) {
|
|
|
|
|
|
SecurityManager::SecurityMode_t securityMode;
|
|
|
|
|
|
if (result == link_encryption_t::ENCRYPTED) {
|
|
|
|
|
|
securityMode = SECURITY_MODE_ENCRYPTION_NO_MITM;
|
|
|
|
|
|
} else if (result == link_encryption_t::ENCRYPTED_WITH_MITM) {
|
|
|
|
|
|
securityMode = SECURITY_MODE_ENCRYPTION_WITH_MITM;
|
|
|
|
|
|
} else {
|
|
|
|
|
|
securityMode = SECURITY_MODE_ENCRYPTION_OPEN_LINK;
|
|
|
|
|
|
}
|
|
|
|
|
|
linkSecuredCallback(connectionHandle, securityMode);
|
|
|
|
|
|
}
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
virtual void passkeyDisplay(connection_handle_t connectionHandle, const SecurityManager::Passkey_t passkey) {
|
|
|
|
|
|
if (passkeyDisplayCallback) {
|
|
|
|
|
|
passkeyDisplayCallback(connectionHandle, passkey);
|
|
|
|
|
|
}
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
|
|
SecurityManager::SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
|
|
|
|
|
|
SecurityManager::SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
|
|
|
|
|
|
SecurityManager::LinkSecuredCallback_t linkSecuredCallback;
|
|
|
|
|
|
SecurityManager::HandleSpecificEvent_t securityContextStoredCallback;
|
|
|
|
|
|
SecurityManager::PasskeyDisplayCallback_t passkeyDisplayCallback;
|
|
|
|
|
|
};
|
|
|
|
|
|
|
2018-01-04 15:08:40 +00:00
|
|
|
|
private:
|
|
|
|
|
|
SecurityManagerShutdownCallbackChain_t shutdownCallChain;
|
2018-01-03 18:04:22 +00:00
|
|
|
|
|
2018-01-16 12:13:14 +00:00
|
|
|
|
protected:
|
2018-01-31 17:27:32 +00:00
|
|
|
|
SecurityManagerEventHandler* eventHandler;
|
|
|
|
|
|
LegacySecurityManagerEventHandler defaultEventHandler;
|
2018-01-04 15:08:40 +00:00
|
|
|
|
};
|
|
|
|
|
|
|
2016-07-20 21:10:36 +00:00
|
|
|
|
#endif /*__SECURITY_MANAGER_H__*/
|
