Merge pull request #31 from pan-/signing-nordic-fix

BLE: Add stub for signing API in Nordic pal security manager.
2018-04-11 15:19:07 +01:00 · 2018-04-11 15:19:07 +01:00 · 1f81d20914
parent 3aaedf6f48 8643fd55ed
commit 1f81d20914
3 changed files with 41 additions and 14 deletions
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp
@ -85,6 +85,7 @@ struct nRF5xSecurityManager::pairing_control_block_t {

 nRF5xSecurityManager::nRF5xSecurityManager()
    : ::ble::pal::SecurityManager(),
+    _sign_counter(),
    _io_capability(io_capability_t::NO_INPUT_NO_OUTPUT),
    _min_encryption_key_size(7),
    _max_encryption_key_size(16),
@ -508,12 +509,24 @@ ble_error_t nRF5xSecurityManager::set_irk(const irk_t& irk)
    return convert_sd_error(err);
 }

-ble_error_t nRF5xSecurityManager::set_csrk(const csrk_t& csrk)
-{
+ble_error_t nRF5xSecurityManager::set_csrk(
+    const csrk_t& csrk,
+    sign_count_t sign_counter
+) {
    _csrk = csrk;
+    _sign_counter = sign_counter;
    return BLE_ERROR_NONE;
 }

+ble_error_t nRF5xSecurityManager::set_peer_csrk(
+    connection_handle_t connection,
+    const csrk_t &csrk,
+    bool authenticated,
+    sign_count_t sign_counter
+) {
+    return BLE_ERROR_NOT_IMPLEMENTED;
+}
+
 ////////////////////////////////////////////////////////////////////////////
 // Authentication
 //
@ -630,23 +643,21 @@ ble_error_t nRF5xSecurityManager::send_keypress_notification(
 }


-ble_error_t nRF5xSecurityManager::generate_secure_connections_oob(
-    connection_handle_t connection
-) {
+ble_error_t nRF5xSecurityManager::generate_secure_connections_oob()
+{
    ble_gap_lesc_p256_pk_t own_secret;
    ble_gap_lesc_oob_data_t oob_data;

    memcpy(own_secret.pk, secret.data(), secret.size());

    uint32_t err = sd_ble_gap_lesc_oob_data_get(
-        connection,
+        BLE_CONN_HANDLE_INVALID,
        &own_secret,
        &oob_data
    );

    if (!err) {
        get_event_handler()->on_secure_connections_oob_generated(
-            connection,
            oob_data.r,
            oob_data.c
        );
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h
@ -237,7 +237,18 @@ public:
    /**
     * @see ::ble::pal::SecurityManager::set_csrk
     */
-    virtual ble_error_t set_csrk(const csrk_t &csrk);
+    virtual ble_error_t set_csrk(const csrk_t &csrk, sign_count_t sign_counter);
+
+    /**
+     * @see ::ble::pal::SecurityManager::set_peer_csrk
+     */
+    virtual ble_error_t set_peer_csrk(
+        connection_handle_t connection,
+        const csrk_t &csrk,
+        bool authenticated,
+        sign_count_t sign_counter
+    );
+

    ////////////////////////////////////////////////////////////////////////////
    // Authentication
@ -300,9 +311,7 @@ public:
    /**
     * @see ::ble::pal::SecurityManager::generate_secure_connections_oob
     */
-    virtual ble_error_t generate_secure_connections_oob(
-        connection_handle_t connection
-    );
+    virtual ble_error_t generate_secure_connections_oob();

    // singleton of nordic Security Manager
    static nRF5xSecurityManager& get_security_manager();
@ -312,6 +321,7 @@ public:

 private:
    csrk_t _csrk;
+    sign_count_t _sign_counter;
    io_capability_t _io_capability;
    uint8_t _min_encryption_key_size;
    uint8_t _max_encryption_key_size;
--- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xn.cpp
+++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xn.cpp
@ -125,7 +125,7 @@ ble_error_t nRF5xn::init(BLE::InstanceID_t instanceID, FunctionPointerWithContex
        return BLE_ERROR_ALREADY_INITIALIZED;
    }

-    instanceID   = instanceID;
+    this->instanceID = instanceID;

    /* ToDo: Clear memory contents, reset the SD, etc. */
    if (btle_init() != ERROR_NONE) {
@ -209,11 +209,17 @@ SecurityManager& nRF5xn::getSecurityManager()
 const SecurityManager& nRF5xn::getSecurityManager() const
 {
    static ble::pal::MemorySecurityDb m_db;
-    ble::pal::vendor::nordic::nRF5xSecurityManager &m_pal = ble::pal::vendor::nordic::nRF5xSecurityManager::get_security_manager();
+    ble::pal::vendor::nordic::nRF5xSecurityManager &m_pal =
+        ble::pal::vendor::nordic::nRF5xSecurityManager::get_security_manager();
+    static struct : ble::pal::SigningEventMonitor {
+        virtual void set_signing_event_handler(EventHandler *signing_event_handler) { }
+    } dummy_signing_event_monitor;
+
    static ble::generic::GenericSecurityManager m_instance(
        m_pal,
        m_db,
-        const_cast<nRF5xGap&>(getGap())
+        const_cast<nRF5xGap&>(getGap()),
+        dummy_signing_event_monitor
    );

    return m_instance;