fixed all the compilation errors and recent pal changes

features/FEATURE_BLE/ble/BLETypes.h

@@ -273,7 +273,7 @@ struct octet_type_t {
      *
      * @param input_value value of the data.
      */
-    octet_type_t(const uint8_t (&input_value)[octet_size]) {
+    octet_type_t(const uint8_t *input_value) {
         memcpy(_value, input_value, sizeof(_value));
     }
 
@@ -334,10 +334,10 @@ protected:
 };
 
 /** 128 bit keys used by paired devices */
-struct key_t : public octet_type_t<16> {} ;
+typedef octet_type_t<16> key_t;
-struct irk_t : public key_t {};
+typedef octet_type_t<16> irk_t;
-struct csrk_t : public key_t {};
+typedef octet_type_t<16> csrk_t;
-struct ltk_t : public key_t {};
+typedef octet_type_t<16> ltk_t;
 
 /** Used to identify LTK for legacy pairing connections */
 typedef octet_type_t<2> ediv_t;

features/FEATURE_BLE/ble/generic/GenericSecurityDb.h

@@ -686,11 +686,11 @@ public:
 
     virtual void set_entry_peer_ltk(
         connection_handle_t connection,
-        const ltk_t *ltk
+        const ltk_t &ltk
     ) {
         db_store_t *store = get_store(connection);
         if (store) {
-            store->peer_keys.ltk = *ltk;
+            store->peer_keys.ltk = ltk;
         }
     }
 
@@ -852,7 +852,7 @@ public:
 
     virtual void disconnect_entry(connection_handle_t connection) { }
 
-    virtual void remove_entry(address_t peer_identity_address);
+    virtual void remove_entry(address_t peer_identity_address) { }
 
     virtual void clear_entries() {
         for (size_t i = 0; i < MAX_ENTRIES; i++) {
@@ -887,6 +887,8 @@ public:
 
     virtual void update_whitelist(Gap::Whitelist_t &whitelist) { }
 
+    virtual void set_whitelist(const Gap::Whitelist_t &whitelist) { };
+
     virtual void add_whitelist_entry(const address_t &address) { }
 
     virtual void remove_whitelist_entry(const address_t &address) { }

features/FEATURE_BLE/ble/generic/GenericSecurityManager.h

@@ -22,6 +22,7 @@
 #include "ble/generic/GenericSecurityDb.h"
 #include "Callback.h"
 #include "ble/Gap.h"
+#include "ble/pal/PalSecurityManager.h"
 
 namespace ble {
 namespace generic {
@@ -227,7 +228,7 @@ public:
 
     /* ends implements SecurityManager */
 
-protected:
+public:
     GenericSecurityManager(
         ble::pal::SecurityManager &palImpl,
         GenericSecurityDb &dbImpl,
@@ -540,12 +541,6 @@ public:
         connection_handle_t connection
     );
 
-    /** @copydoc SecurityManagerEventHandler::on_oob_request
-     */
-    virtual void on_oob_request(
-        connection_handle_t connection
-    );
-
     /** @copydoc SecurityManagerEventHandler::on_oob_data_verification_request
      */
     virtual void on_oob_data_verification_request(

features/FEATURE_BLE/ble/pal/PalSecurityManager.h

@@ -314,7 +314,7 @@ public:
      */
     virtual void on_passkey_display(
         connection_handle_t connection,
-        const passkey_num_t passkey
+        passkey_num_t passkey
     ) = 0;
 
     /**
@@ -574,7 +574,7 @@ public:
      */
     virtual ble_error_t add_device_to_resolving_list(
         advertising_peer_address_type_t peer_identity_address_type,
-        address_t peer_identity_address,
+        const address_t &peer_identity_address,
         const irk_t &peer_irk
     ) = 0;
 
@@ -620,7 +620,7 @@ public:
         AuthenticationMask authentication_requirements,
         KeyDistribution initiator_dist,
         KeyDistribution responder_dist
-    );
+    ) = 0;
 
     /**
      * Send a pairing response to a master.
@@ -862,8 +862,10 @@ public:
     /**
      * Generate the Public key. This will also generate the private key.
      * Public key will be returned as an event handler callback when it's ready.
+     *
+     * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
      */
-    virtual void generate_public_key() = 0;
+    virtual ble_error_t generate_public_key() = 0;
 
     ////////////////////////////////////////////////////////////////////////////
     // Authentication
@@ -916,7 +918,7 @@ public:
      * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
      */
     virtual ble_error_t set_display_passkey(
-        const passkey_num_t passkey
+        passkey_num_t passkey
     ) = 0;
 
     /**
@@ -926,7 +928,7 @@ public:
      */
     virtual ble_error_t passkey_request_reply(
         connection_handle_t connection,
-        const passkey_num_t passkey
+        passkey_num_t passkey
     ) = 0;
 
     /**

features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h

@@ -65,9 +65,8 @@ public:
      */
     virtual ble_error_t add_device_to_resolving_list(
         advertising_peer_address_type_t peer_identity_address_type,
-        address_t peer_identity_address,
+        const address_t &peer_identity_address,
-        const irk_t peer_irk,
+        const irk_t &peer_irk
-        const irk_t local_irk
     );
 
     /**
@@ -75,7 +74,7 @@ public:
      */
     virtual ble_error_t remove_device_from_resolving_list(
         advertising_peer_address_type_t peer_identity_address_type,
-        const address_t& peer_identity_address
+        const address_t &peer_identity_address
     );
 
     /**
@@ -119,6 +118,11 @@ public:
         connection_handle_t, uint16_t &timeout_in_10ms
     );
 
+    virtual ble_error_t slave_security_request(
+        connection_handle_t connection,
+        AuthenticationMask authentication
+    );
+
     ////////////////////////////////////////////////////////////////////////////
     // Encryption
     //
@@ -126,7 +130,20 @@ public:
     /**
      * @see ::ble::pal::SecurityManager::enable_encryption
      */
-    virtual ble_error_t enable_encryption(connection_handle_t connection);
+    virtual ble_error_t enable_encryption(
+        connection_handle_t connection,
+        const ltk_t &ltk,
+        const rand_t &rand,
+        const ediv_t &ediv
+    );
+
+    /**
+     * @see ::ble::pal::SecurityManager::enable_encryption
+     */
+    virtual ble_error_t enable_encryption(
+        connection_handle_t connection,
+        const ltk_t &ltk
+    );
 
     /**
      * @see ::ble::pal::SecurityManager::disable_encryption
@@ -148,9 +165,12 @@ public:
     );
 
     /**
-     * @see ::ble::pal::SecurityManager::refresh_encryption_key
+     * @see ::ble::pal::SecurityManager::encrypt_data
      */
-    virtual ble_error_t refresh_encryption_key(connection_handle_t connection);
+    virtual ble_error_t encrypt_data(
+        const key_t &key,
+        encryption_block_t &data
+    );
 
     ////////////////////////////////////////////////////////////////////////////
     // Privacy
@@ -168,27 +188,29 @@ public:
     /**
      * @see ::ble::pal::SecurityManager::set_ltk
      */
-    virtual ble_error_t set_ltk(connection_handle_t connection, const ltk_t ltk);
+    virtual ble_error_t set_ltk(connection_handle_t connection, const ltk_t &ltk);
+
+    /**
+     * @see ::ble::pal::SecurityManager::set_ltk_not_found
+     */
+    virtual ble_error_t set_ltk_not_found(
+        connection_handle_t connection
+    );
 
     /**
      * @see ::ble::pal::SecurityManager::set_irk
      */
-    virtual ble_error_t set_irk(const irk_t irk);
+    virtual ble_error_t set_irk(const irk_t &irk);
 
     /**
      * @see ::ble::pal::SecurityManager::set_csrk
      */
-    virtual ble_error_t set_csrk(const csrk_t csrk);
+    virtual ble_error_t set_csrk(const csrk_t &csrk);
 
     /**
-     * @see ::ble::pal::SecurityManager::generate_irk
+     * @see ::ble::pal::SecurityManager::generate_public_key
      */
-    virtual ble_error_t generate_irk();
+    virtual ble_error_t generate_public_key();
-
-    /**
-     * @see ::ble::pal::SecurityManager::generate_csrk
-     */
-    virtual ble_error_t generate_csrk();
 
     ////////////////////////////////////////////////////////////////////////////
     // Global parameters
@@ -197,7 +219,7 @@ public:
     /**
      * @see ::ble::pal::SecurityManager::set_display_passkey
      */
-    virtual ble_error_t set_display_passkey(const passkey_num_t passkey);
+    virtual ble_error_t set_display_passkey(passkey_num_t passkey);
 
     /**
      * @see ::ble::pal::SecurityManager::set_io_capability
@@ -263,14 +285,16 @@ public:
      * @see ::ble::pal::SecurityManager::passkey_request_reply
      */
     virtual ble_error_t passkey_request_reply(
-        connection_handle_t connection, const passkey_num_t passkey
+        connection_handle_t connection,
+        passkey_num_t passkey
     );
 
     /**
-     * @see ::ble::pal::SecurityManager::oob_data_request_reply
+     * @see ::ble::pal::SecurityManager::legacy_pairing_oob_data_request_reply
      */
-    virtual ble_error_t oob_data_request_reply(
+    virtual ble_error_t legacy_pairing_oob_data_request_reply(
-        connection_handle_t connection, const oob_data_t oob_data
+        connection_handle_t connection,
+        const oob_tk_t &oob_data
     );
 
     /**
@@ -287,8 +311,17 @@ public:
         connection_handle_t connection, Keypress_t keypress
     );
 
+    /**
+     * @see ::ble::pal::SecurityManager::oob_data_verified
+     */
+    virtual ble_error_t oob_data_verified(
+        connection_handle_t connection,
+        const oob_rand_t &local_random,
+        const oob_rand_t &peer_random
+    );
+
     // singleton of the ARM Cordio Security Manager
-    static CordioSecurityManager& get_security_manager();
+    static CordioSecurityManager &get_security_manager();
 
     // Event handler
     static bool sm_handler(const wsfMsgHdr_t* msg);

features/FEATURE_BLE/targets/TARGET_CORDIO/CordioSecurityManager.h

@@ -19,24 +19,34 @@
 
 #include <stddef.h>
 
+#include "ble/generic/GenericSecurityManager.h"
+#include "ble/generic/GenericSecurityDb.h"
+#include "ble/pal/PalSecurityManager.h"
+#include "CordioPalSecurityManager.h"
+#include "CordioGap.h"
 #include "ble/SecurityManager.h"
 
 namespace ble {
 namespace vendor {
 namespace cordio {
 
-class SecurityManager : public ::SecurityManager
+class SecurityManager : public generic::GenericSecurityManager
 {
 public:
     static SecurityManager &getInstance()
     {
-        static SecurityManager m_instance;
+        static generic::MemoryGenericSecurityDb m_db;
+        static pal::vendor::cordio::CordioSecurityManager m_pal;
+        static SecurityManager m_instance(m_pal, m_db, cordio::Gap::getInstance());
         return m_instance;
     }
 
 public:
-    SecurityManager()
+    SecurityManager(
-    {
+        pal::SecurityManager &palImpl,
+        generic::GenericSecurityDb &dbImpl,
+        Gap &gapImpl
+    ) : generic::GenericSecurityManager(palImpl, dbImpl, gapImpl) {
         /* empty */
     }
 };

features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp

@@ -68,9 +68,8 @@ uint8_t CordioSecurityManager::read_resolving_list_capacity()
 
 ble_error_t CordioSecurityManager::add_device_to_resolving_list(
     advertising_peer_address_type_t peer_identity_address_type,
-    address_t peer_identity_address,
+    const address_t &peer_identity_address,
-    const irk_t peer_irk,
+    const irk_t &peer_irk
-    const irk_t local_irk
 ) {
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
@@ -119,12 +118,30 @@ ble_error_t CordioSecurityManager::get_authentication_timeout(
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
+ble_error_t CordioSecurityManager::slave_security_request(
+    connection_handle_t connection,
+    AuthenticationMask authentication
+) {
+    return BLE_ERROR_NOT_IMPLEMENTED;
+}
+
 ////////////////////////////////////////////////////////////////////////////
 // Encryption
 //
 
-ble_error_t CordioSecurityManager::enable_encryption(connection_handle_t connection)
+ble_error_t CordioSecurityManager::enable_encryption(
-{
+    connection_handle_t connection,
+    const ltk_t &ltk,
+    const rand_t &rand,
+    const ediv_t &ediv
+) {
+    return BLE_ERROR_NOT_IMPLEMENTED;
+}
+
+ble_error_t CordioSecurityManager::enable_encryption(
+    connection_handle_t connection,
+    const ltk_t &ltk
+) {
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
@@ -145,8 +162,10 @@ ble_error_t CordioSecurityManager::get_encryption_key_size(
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
-ble_error_t CordioSecurityManager::refresh_encryption_key(connection_handle_t connection)
+ble_error_t CordioSecurityManager::encrypt_data(
-{
+    const key_t &key,
+    encryption_block_t &data
+) {
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
@@ -166,36 +185,39 @@ ble_error_t CordioSecurityManager::set_private_address_timeout(
 //
 
 ble_error_t CordioSecurityManager::set_ltk(
-    connection_handle_t connection, const ltk_t ltk
+    connection_handle_t connection, const ltk_t& ltk
 ) {
     // FIXME: get access to the security level of a key
     DmSecLtkRsp(
         connection,
         /* key found */ true,
         /* sec level ??? */ DM_SEC_LEVEL_ENC_AUTH,
-        const_cast<uint8_t*>(ltk)
+        const_cast<uint8_t*>(ltk.data())
     );
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
-ble_error_t CordioSecurityManager::set_irk(const irk_t irk)
+ble_error_t CordioSecurityManager::set_ltk_not_found(
-{
+    connection_handle_t connection
-    DmSecSetLocalIrk(const_cast<uint8_t*>(irk));
+) {
-    return BLE_ERROR_NONE;
+    ltk_t ltk;
-}
+    set_ltk(connection, ltk);
-
-ble_error_t CordioSecurityManager::set_csrk(const csrk_t csrk)
-{
-    DmSecSetLocalCsrk(const_cast<uint8_t*>(csrk));
-    return BLE_ERROR_NONE;
-}
-
-ble_error_t CordioSecurityManager::generate_irk()
-{
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
-ble_error_t CordioSecurityManager::generate_csrk()
+ble_error_t CordioSecurityManager::set_irk(const irk_t& irk)
+{
+    DmSecSetLocalIrk(const_cast<uint8_t*>(irk.data()));
+    return BLE_ERROR_NONE;
+}
+
+ble_error_t CordioSecurityManager::set_csrk(const csrk_t& csrk)
+{
+    DmSecSetLocalCsrk(const_cast<uint8_t*>(csrk.data()));
+    return BLE_ERROR_NONE;
+}
+
+ble_error_t CordioSecurityManager::generate_public_key()
 {
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
@@ -204,7 +226,7 @@ ble_error_t CordioSecurityManager::generate_csrk()
 // Global parameters
 //
 
-ble_error_t CordioSecurityManager::set_display_passkey(const passkey_num_t passkey)
+ble_error_t CordioSecurityManager::set_display_passkey(passkey_num_t passkey)
 {
     if (passkey) {
         _use_default_passkey = true;
@@ -302,24 +324,25 @@ ble_error_t CordioSecurityManager::get_random_data(random_data_t &random_data)
 //
 
 ble_error_t CordioSecurityManager::passkey_request_reply(
-    connection_handle_t connection, const passkey_num_t passkey
+    connection_handle_t connection, passkey_num_t passkey
 ) {
     DmSecAuthRsp(
         connection,
         3,
-        reinterpret_cast<uint8_t*>(const_cast<passkey_num_t*>(&passkey))
+        reinterpret_cast<uint8_t*>(&passkey)
     );
 
     return BLE_ERROR_NONE;
 }
 
-ble_error_t CordioSecurityManager::oob_data_request_reply(
+ble_error_t CordioSecurityManager::legacy_pairing_oob_data_request_reply(
-    connection_handle_t connection, const oob_data_t oob_data
+    connection_handle_t connection,
+    const oob_tk_t &oob_data
 ) {
     DmSecAuthRsp(
         connection,
         16,
-        const_cast<uint8_t*>(oob_data)
+        const_cast<uint8_t*>(oob_data.data())
     );
 
     return BLE_ERROR_NONE;
@@ -337,6 +360,14 @@ ble_error_t CordioSecurityManager::send_keypress_notification(
     return BLE_ERROR_NOT_IMPLEMENTED;
 }
 
+ble_error_t CordioSecurityManager::oob_data_verified(
+    connection_handle_t connection,
+    const oob_rand_t &local_random,
+    const oob_rand_t &peer_random
+) {
+    return BLE_ERROR_NOT_IMPLEMENTED;
+}
+
 CordioSecurityManager& CordioSecurityManager::get_security_manager()
 {
     static CordioSecurityManager _security_manager;
@@ -391,13 +422,13 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) {
             dmSecEncryptIndEvt_t* evt = (dmSecEncryptIndEvt_t*) msg;
             // note: the field usingLtk of the message indicates if an LTK was
             // used to encrypt the link
-            handler->on_link_encryption_result(evt->hdr.param, true);
+            handler->on_link_encryption_result(evt->hdr.param, link_encryption_t::ENCRYPTED);
             return true;
         }
 
         case DM_SEC_ENCRYPT_FAIL_IND: {
             // note: msg->status contains the encryption failure status
-            handler->on_link_encryption_result(msg->param, false);
+            handler->on_link_encryption_result(msg->param, link_encryption_t::NOT_ENCRYPTED);
             return true;
         }
 
@@ -406,7 +437,7 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) {
             connection_handle_t connection = evt->hdr.param;
 
             if (evt->oob) {
-                handler->on_oob_request(connection);
+                handler->on_legacy_pairing_oob_request(connection);
             } else if (evt->display) {
                 if (get_security_manager()._use_default_passkey) {
                     handler->on_passkey_display(
@@ -457,10 +488,13 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) {
                     break;
 
                 case DM_KEY_PEER_LTK:
-                    handler->on_keys_distributed_ltk(connection, evt->keyData.ltk.key);
+                    handler->on_keys_distributed_ltk(
+                        connection,
+                        ltk_t(reinterpret_cast<uint8_t*>(evt->keyData.ltk.key))
+                    );
                     handler->on_keys_distributed_ediv_rand(
                         connection,
-                        reinterpret_cast<uint8_t*>(&(evt->keyData.ltk.ediv)),
+                        ediv_t(reinterpret_cast<uint8_t*>(&(evt->keyData.ltk.ediv))),
                         evt->keyData.ltk.rand
                     );
                     break;
@@ -471,7 +505,10 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) {
                         (advertising_peer_address_type_t::type) evt->keyData.irk.addrType,
                         evt->keyData.irk.bdAddr
                     );
-                    handler->on_keys_distributed_irk(connection, evt->keyData.irk.key);
+                    handler->on_keys_distributed_irk(
+                        connection,
+                        irk_t(reinterpret_cast<uint8_t*>(evt->keyData.irk.key))
+                    );
                     break;
 
                 case DM_KEY_CSRK: