slave request handling

2018-01-22 21:01:05 +00:00 · 2018-01-22 21:01:05 +00:00 · 10b5e648fd
parent 8b84b93b2c
commit 10b5e648fd
2 changed files with 47 additions and 10 deletions
--- a/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h
+++ b/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h
@ -45,6 +45,7 @@ struct SecurityEntry_t {

    uint8_t connected:1;
    uint8_t authenticated:1; /**< have we authenticated during this connection */
+    uint8_t master:1;

    uint8_t sign_data:1;

@ -59,6 +60,7 @@ struct SecurityEntry_t {
    uint8_t signing_key:1;
    uint8_t signing_requested:1;
    uint8_t encryption_key:1;
+
 };

 struct SecurityEntryKeys_t {
--- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
+++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
@ -258,9 +258,16 @@ public:

        entry->signing_requested = enabled;

+        if (entry->encrypted) {
+            return BLE_ERROR_INVALID_STATE;
+        }
        if (!entry->signing_key && entry->signing_requested) {
            initSigning();
+            if (entry->master) {
                return requestPairing(connection);
+            } else {
+                return slave_security_request(connection);
+            }
        }

        return BLE_ERROR_NONE;
@ -271,6 +278,16 @@ public:
        return BLE_ERROR_NONE;
    }

+    virtual ble_error_t slave_security_request(connection_handle_t connection) {
+        SecurityEntry_t *entry = db.get_entry(connection);
+        if (!entry) {
+            return BLE_ERROR_INVALID_PARAM;
+        }
+        AuthenticationMask link_authentication(default_authentication);
+        link_authentication.set_mitm(entry->mitm_requested);
+        return pal.slave_security_request(connection, link_authentication);
+    }
+
    ////////////////////////////////////////////////////////////////////////////
    // Encryption
    //
@ -382,11 +399,23 @@ public:
    }

    virtual ble_error_t enable_encryption(connection_handle_t connection) {
+        SecurityEntry_t *entry = db.get_entry(connection);
+        if (!entry) {
+            return BLE_ERROR_INVALID_PARAM;
+        }
+        if (entry->master) {
+            if (entry->encryption_key) {
                db.get_entry_peer_keys(
                    mbed::callback(this, &GenericSecurityManager::enable_encryption_cb),
                    connection
                );
                return BLE_ERROR_NONE;
+            } else {
+                return requestPairing(connection);
+            }
+        } else {
+            return slave_security_request(connection);
+        }
    }

    /**
@ -437,8 +466,10 @@ public:
             * keys exchange will create the signingKey event */
            if (authenticated) {
                return requestAuthentication(connection);
-            } else {
+            } else if (entry->master) {
                return requestPairing(connection);
+            } else {
+                return slave_security_request(connection);
            }
        }
    }
@ -490,7 +521,11 @@ public:
            }
        } else {
            entry->mitm_requested = true;
+            if (entry->master) {
                return requestPairing(connection);
+            } else {
+                return slave_security_request(connection);
+            }
        }
    }