From 55045010d60d806bdda05cb132980df881fa88c1 Mon Sep 17 00:00:00 2001 From: paul-szczepanek-arm <33840200+paul-szczepanek-arm@users.noreply.github.com> Date: Tue, 13 Feb 2018 11:01:30 +0000 Subject: [PATCH] fixed all the compilation errors and recent pal changes --- features/FEATURE_BLE/ble/BLETypes.h | 10 +- .../ble/generic/GenericSecurityDb.h | 8 +- .../ble/generic/GenericSecurityManager.h | 9 +- .../FEATURE_BLE/ble/pal/PalSecurityManager.h | 14 ++- .../TARGET_CORDIO/CordioPalSecurityManager.h | 79 +++++++++---- .../TARGET_CORDIO/CordioSecurityManager.h | 18 ++- .../source/CordioPalSecurityManager.cpp | 109 ++++++++++++------ 7 files changed, 163 insertions(+), 84 deletions(-) diff --git a/features/FEATURE_BLE/ble/BLETypes.h b/features/FEATURE_BLE/ble/BLETypes.h index 66d006cc51..3bc5e8f75d 100644 --- a/features/FEATURE_BLE/ble/BLETypes.h +++ b/features/FEATURE_BLE/ble/BLETypes.h @@ -273,7 +273,7 @@ struct octet_type_t { * * @param input_value value of the data. */ - octet_type_t(const uint8_t (&input_value)[octet_size]) { + octet_type_t(const uint8_t *input_value) { memcpy(_value, input_value, sizeof(_value)); } @@ -334,10 +334,10 @@ protected: }; /** 128 bit keys used by paired devices */ -struct key_t : public octet_type_t<16> {} ; -struct irk_t : public key_t {}; -struct csrk_t : public key_t {}; -struct ltk_t : public key_t {}; +typedef octet_type_t<16> key_t; +typedef octet_type_t<16> irk_t; +typedef octet_type_t<16> csrk_t; +typedef octet_type_t<16> ltk_t; /** Used to identify LTK for legacy pairing connections */ typedef octet_type_t<2> ediv_t; diff --git a/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h b/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h index 8735a35509..68390393a6 100644 --- a/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h +++ b/features/FEATURE_BLE/ble/generic/GenericSecurityDb.h @@ -686,11 +686,11 @@ public: virtual void set_entry_peer_ltk( connection_handle_t connection, - const ltk_t *ltk + const ltk_t <k ) { db_store_t *store = get_store(connection); if (store) { - store->peer_keys.ltk = *ltk; + store->peer_keys.ltk = ltk; } } @@ -852,7 +852,7 @@ public: virtual void disconnect_entry(connection_handle_t connection) { } - virtual void remove_entry(address_t peer_identity_address); + virtual void remove_entry(address_t peer_identity_address) { } virtual void clear_entries() { for (size_t i = 0; i < MAX_ENTRIES; i++) { @@ -887,6 +887,8 @@ public: virtual void update_whitelist(Gap::Whitelist_t &whitelist) { } + virtual void set_whitelist(const Gap::Whitelist_t &whitelist) { }; + virtual void add_whitelist_entry(const address_t &address) { } virtual void remove_whitelist_entry(const address_t &address) { } diff --git a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h index b34b515661..b48ded0d76 100644 --- a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h +++ b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h @@ -22,6 +22,7 @@ #include "ble/generic/GenericSecurityDb.h" #include "Callback.h" #include "ble/Gap.h" +#include "ble/pal/PalSecurityManager.h" namespace ble { namespace generic { @@ -227,7 +228,7 @@ public: /* ends implements SecurityManager */ -protected: +public: GenericSecurityManager( ble::pal::SecurityManager &palImpl, GenericSecurityDb &dbImpl, @@ -540,12 +541,6 @@ public: connection_handle_t connection ); - /** @copydoc SecurityManagerEventHandler::on_oob_request - */ - virtual void on_oob_request( - connection_handle_t connection - ); - /** @copydoc SecurityManagerEventHandler::on_oob_data_verification_request */ virtual void on_oob_data_verification_request( diff --git a/features/FEATURE_BLE/ble/pal/PalSecurityManager.h b/features/FEATURE_BLE/ble/pal/PalSecurityManager.h index 280cb3fa30..8ad17d495f 100644 --- a/features/FEATURE_BLE/ble/pal/PalSecurityManager.h +++ b/features/FEATURE_BLE/ble/pal/PalSecurityManager.h @@ -314,7 +314,7 @@ public: */ virtual void on_passkey_display( connection_handle_t connection, - const passkey_num_t passkey + passkey_num_t passkey ) = 0; /** @@ -574,7 +574,7 @@ public: */ virtual ble_error_t add_device_to_resolving_list( advertising_peer_address_type_t peer_identity_address_type, - address_t peer_identity_address, + const address_t &peer_identity_address, const irk_t &peer_irk ) = 0; @@ -620,7 +620,7 @@ public: AuthenticationMask authentication_requirements, KeyDistribution initiator_dist, KeyDistribution responder_dist - ); + ) = 0; /** * Send a pairing response to a master. @@ -862,8 +862,10 @@ public: /** * Generate the Public key. This will also generate the private key. * Public key will be returned as an event handler callback when it's ready. + * + * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure */ - virtual void generate_public_key() = 0; + virtual ble_error_t generate_public_key() = 0; //////////////////////////////////////////////////////////////////////////// // Authentication @@ -916,7 +918,7 @@ public: * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure */ virtual ble_error_t set_display_passkey( - const passkey_num_t passkey + passkey_num_t passkey ) = 0; /** @@ -926,7 +928,7 @@ public: */ virtual ble_error_t passkey_request_reply( connection_handle_t connection, - const passkey_num_t passkey + passkey_num_t passkey ) = 0; /** diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h b/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h index d5e9720be7..ccb854ed19 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h @@ -65,9 +65,8 @@ public: */ virtual ble_error_t add_device_to_resolving_list( advertising_peer_address_type_t peer_identity_address_type, - address_t peer_identity_address, - const irk_t peer_irk, - const irk_t local_irk + const address_t &peer_identity_address, + const irk_t &peer_irk ); /** @@ -75,7 +74,7 @@ public: */ virtual ble_error_t remove_device_from_resolving_list( advertising_peer_address_type_t peer_identity_address_type, - const address_t& peer_identity_address + const address_t &peer_identity_address ); /** @@ -119,6 +118,11 @@ public: connection_handle_t, uint16_t &timeout_in_10ms ); + virtual ble_error_t slave_security_request( + connection_handle_t connection, + AuthenticationMask authentication + ); + //////////////////////////////////////////////////////////////////////////// // Encryption // @@ -126,7 +130,20 @@ public: /** * @see ::ble::pal::SecurityManager::enable_encryption */ - virtual ble_error_t enable_encryption(connection_handle_t connection); + virtual ble_error_t enable_encryption( + connection_handle_t connection, + const ltk_t <k, + const rand_t &rand, + const ediv_t &ediv + ); + + /** + * @see ::ble::pal::SecurityManager::enable_encryption + */ + virtual ble_error_t enable_encryption( + connection_handle_t connection, + const ltk_t <k + ); /** * @see ::ble::pal::SecurityManager::disable_encryption @@ -148,9 +165,12 @@ public: ); /** - * @see ::ble::pal::SecurityManager::refresh_encryption_key + * @see ::ble::pal::SecurityManager::encrypt_data */ - virtual ble_error_t refresh_encryption_key(connection_handle_t connection); + virtual ble_error_t encrypt_data( + const key_t &key, + encryption_block_t &data + ); //////////////////////////////////////////////////////////////////////////// // Privacy @@ -168,27 +188,29 @@ public: /** * @see ::ble::pal::SecurityManager::set_ltk */ - virtual ble_error_t set_ltk(connection_handle_t connection, const ltk_t ltk); + virtual ble_error_t set_ltk(connection_handle_t connection, const ltk_t <k); + + /** + * @see ::ble::pal::SecurityManager::set_ltk_not_found + */ + virtual ble_error_t set_ltk_not_found( + connection_handle_t connection + ); /** * @see ::ble::pal::SecurityManager::set_irk */ - virtual ble_error_t set_irk(const irk_t irk); + virtual ble_error_t set_irk(const irk_t &irk); /** * @see ::ble::pal::SecurityManager::set_csrk */ - virtual ble_error_t set_csrk(const csrk_t csrk); + virtual ble_error_t set_csrk(const csrk_t &csrk); /** - * @see ::ble::pal::SecurityManager::generate_irk + * @see ::ble::pal::SecurityManager::generate_public_key */ - virtual ble_error_t generate_irk(); - - /** - * @see ::ble::pal::SecurityManager::generate_csrk - */ - virtual ble_error_t generate_csrk(); + virtual ble_error_t generate_public_key(); //////////////////////////////////////////////////////////////////////////// // Global parameters @@ -197,7 +219,7 @@ public: /** * @see ::ble::pal::SecurityManager::set_display_passkey */ - virtual ble_error_t set_display_passkey(const passkey_num_t passkey); + virtual ble_error_t set_display_passkey(passkey_num_t passkey); /** * @see ::ble::pal::SecurityManager::set_io_capability @@ -263,14 +285,16 @@ public: * @see ::ble::pal::SecurityManager::passkey_request_reply */ virtual ble_error_t passkey_request_reply( - connection_handle_t connection, const passkey_num_t passkey + connection_handle_t connection, + passkey_num_t passkey ); /** - * @see ::ble::pal::SecurityManager::oob_data_request_reply + * @see ::ble::pal::SecurityManager::legacy_pairing_oob_data_request_reply */ - virtual ble_error_t oob_data_request_reply( - connection_handle_t connection, const oob_data_t oob_data + virtual ble_error_t legacy_pairing_oob_data_request_reply( + connection_handle_t connection, + const oob_tk_t &oob_data ); /** @@ -287,8 +311,17 @@ public: connection_handle_t connection, Keypress_t keypress ); + /** + * @see ::ble::pal::SecurityManager::oob_data_verified + */ + virtual ble_error_t oob_data_verified( + connection_handle_t connection, + const oob_rand_t &local_random, + const oob_rand_t &peer_random + ); + // singleton of the ARM Cordio Security Manager - static CordioSecurityManager& get_security_manager(); + static CordioSecurityManager &get_security_manager(); // Event handler static bool sm_handler(const wsfMsgHdr_t* msg); diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioSecurityManager.h b/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioSecurityManager.h index 6522a0f50b..f44533e2b1 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioSecurityManager.h +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/CordioSecurityManager.h @@ -19,24 +19,34 @@ #include +#include "ble/generic/GenericSecurityManager.h" +#include "ble/generic/GenericSecurityDb.h" +#include "ble/pal/PalSecurityManager.h" +#include "CordioPalSecurityManager.h" +#include "CordioGap.h" #include "ble/SecurityManager.h" namespace ble { namespace vendor { namespace cordio { -class SecurityManager : public ::SecurityManager +class SecurityManager : public generic::GenericSecurityManager { public: static SecurityManager &getInstance() { - static SecurityManager m_instance; + static generic::MemoryGenericSecurityDb m_db; + static pal::vendor::cordio::CordioSecurityManager m_pal; + static SecurityManager m_instance(m_pal, m_db, cordio::Gap::getInstance()); return m_instance; } public: - SecurityManager() - { + SecurityManager( + pal::SecurityManager &palImpl, + generic::GenericSecurityDb &dbImpl, + Gap &gapImpl + ) : generic::GenericSecurityManager(palImpl, dbImpl, gapImpl) { /* empty */ } }; diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp index 4c3e6f158f..5544c2cc26 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp @@ -68,9 +68,8 @@ uint8_t CordioSecurityManager::read_resolving_list_capacity() ble_error_t CordioSecurityManager::add_device_to_resolving_list( advertising_peer_address_type_t peer_identity_address_type, - address_t peer_identity_address, - const irk_t peer_irk, - const irk_t local_irk + const address_t &peer_identity_address, + const irk_t &peer_irk ) { return BLE_ERROR_NOT_IMPLEMENTED; } @@ -119,12 +118,30 @@ ble_error_t CordioSecurityManager::get_authentication_timeout( return BLE_ERROR_NOT_IMPLEMENTED; } +ble_error_t CordioSecurityManager::slave_security_request( + connection_handle_t connection, + AuthenticationMask authentication +) { + return BLE_ERROR_NOT_IMPLEMENTED; +} + //////////////////////////////////////////////////////////////////////////// // Encryption // -ble_error_t CordioSecurityManager::enable_encryption(connection_handle_t connection) -{ +ble_error_t CordioSecurityManager::enable_encryption( + connection_handle_t connection, + const ltk_t <k, + const rand_t &rand, + const ediv_t &ediv +) { + return BLE_ERROR_NOT_IMPLEMENTED; +} + +ble_error_t CordioSecurityManager::enable_encryption( + connection_handle_t connection, + const ltk_t <k +) { return BLE_ERROR_NOT_IMPLEMENTED; } @@ -145,8 +162,10 @@ ble_error_t CordioSecurityManager::get_encryption_key_size( return BLE_ERROR_NOT_IMPLEMENTED; } -ble_error_t CordioSecurityManager::refresh_encryption_key(connection_handle_t connection) -{ +ble_error_t CordioSecurityManager::encrypt_data( + const key_t &key, + encryption_block_t &data +) { return BLE_ERROR_NOT_IMPLEMENTED; } @@ -166,36 +185,39 @@ ble_error_t CordioSecurityManager::set_private_address_timeout( // ble_error_t CordioSecurityManager::set_ltk( - connection_handle_t connection, const ltk_t ltk + connection_handle_t connection, const ltk_t& ltk ) { // FIXME: get access to the security level of a key DmSecLtkRsp( connection, /* key found */ true, /* sec level ??? */ DM_SEC_LEVEL_ENC_AUTH, - const_cast(ltk) + const_cast(ltk.data()) ); return BLE_ERROR_NOT_IMPLEMENTED; } -ble_error_t CordioSecurityManager::set_irk(const irk_t irk) -{ - DmSecSetLocalIrk(const_cast(irk)); - return BLE_ERROR_NONE; -} - -ble_error_t CordioSecurityManager::set_csrk(const csrk_t csrk) -{ - DmSecSetLocalCsrk(const_cast(csrk)); - return BLE_ERROR_NONE; -} - -ble_error_t CordioSecurityManager::generate_irk() -{ +ble_error_t CordioSecurityManager::set_ltk_not_found( + connection_handle_t connection +) { + ltk_t ltk; + set_ltk(connection, ltk); return BLE_ERROR_NOT_IMPLEMENTED; } -ble_error_t CordioSecurityManager::generate_csrk() +ble_error_t CordioSecurityManager::set_irk(const irk_t& irk) +{ + DmSecSetLocalIrk(const_cast(irk.data())); + return BLE_ERROR_NONE; +} + +ble_error_t CordioSecurityManager::set_csrk(const csrk_t& csrk) +{ + DmSecSetLocalCsrk(const_cast(csrk.data())); + return BLE_ERROR_NONE; +} + +ble_error_t CordioSecurityManager::generate_public_key() { return BLE_ERROR_NOT_IMPLEMENTED; } @@ -204,7 +226,7 @@ ble_error_t CordioSecurityManager::generate_csrk() // Global parameters // -ble_error_t CordioSecurityManager::set_display_passkey(const passkey_num_t passkey) +ble_error_t CordioSecurityManager::set_display_passkey(passkey_num_t passkey) { if (passkey) { _use_default_passkey = true; @@ -302,24 +324,25 @@ ble_error_t CordioSecurityManager::get_random_data(random_data_t &random_data) // ble_error_t CordioSecurityManager::passkey_request_reply( - connection_handle_t connection, const passkey_num_t passkey + connection_handle_t connection, passkey_num_t passkey ) { DmSecAuthRsp( connection, 3, - reinterpret_cast(const_cast(&passkey)) + reinterpret_cast(&passkey) ); return BLE_ERROR_NONE; } -ble_error_t CordioSecurityManager::oob_data_request_reply( - connection_handle_t connection, const oob_data_t oob_data +ble_error_t CordioSecurityManager::legacy_pairing_oob_data_request_reply( + connection_handle_t connection, + const oob_tk_t &oob_data ) { DmSecAuthRsp( connection, 16, - const_cast(oob_data) + const_cast(oob_data.data()) ); return BLE_ERROR_NONE; @@ -337,6 +360,14 @@ ble_error_t CordioSecurityManager::send_keypress_notification( return BLE_ERROR_NOT_IMPLEMENTED; } +ble_error_t CordioSecurityManager::oob_data_verified( + connection_handle_t connection, + const oob_rand_t &local_random, + const oob_rand_t &peer_random +) { + return BLE_ERROR_NOT_IMPLEMENTED; +} + CordioSecurityManager& CordioSecurityManager::get_security_manager() { static CordioSecurityManager _security_manager; @@ -391,13 +422,13 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) { dmSecEncryptIndEvt_t* evt = (dmSecEncryptIndEvt_t*) msg; // note: the field usingLtk of the message indicates if an LTK was // used to encrypt the link - handler->on_link_encryption_result(evt->hdr.param, true); + handler->on_link_encryption_result(evt->hdr.param, link_encryption_t::ENCRYPTED); return true; } case DM_SEC_ENCRYPT_FAIL_IND: { // note: msg->status contains the encryption failure status - handler->on_link_encryption_result(msg->param, false); + handler->on_link_encryption_result(msg->param, link_encryption_t::NOT_ENCRYPTED); return true; } @@ -406,7 +437,7 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) { connection_handle_t connection = evt->hdr.param; if (evt->oob) { - handler->on_oob_request(connection); + handler->on_legacy_pairing_oob_request(connection); } else if (evt->display) { if (get_security_manager()._use_default_passkey) { handler->on_passkey_display( @@ -457,10 +488,13 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) { break; case DM_KEY_PEER_LTK: - handler->on_keys_distributed_ltk(connection, evt->keyData.ltk.key); + handler->on_keys_distributed_ltk( + connection, + ltk_t(reinterpret_cast(evt->keyData.ltk.key)) + ); handler->on_keys_distributed_ediv_rand( connection, - reinterpret_cast(&(evt->keyData.ltk.ediv)), + ediv_t(reinterpret_cast(&(evt->keyData.ltk.ediv))), evt->keyData.ltk.rand ); break; @@ -471,7 +505,10 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) { (advertising_peer_address_type_t::type) evt->keyData.irk.addrType, evt->keyData.irk.bdAddr ); - handler->on_keys_distributed_irk(connection, evt->keyData.irk.key); + handler->on_keys_distributed_irk( + connection, + irk_t(reinterpret_cast(evt->keyData.irk.key)) + ); break; case DM_KEY_CSRK: