mirror of https://github.com/ARMmbed/mbed-os.git
pointers changed to references for a consistent PAL
paul-szczepanek-arm
parent
68db4dd52f
commit
934d8f9235
|
|
@ -334,10 +334,10 @@ protected:
|
|||
};
|
||||
|
||||
/** 128 bit keys used by paired devices */
|
||||
class key_t : public octet_type_t<16> {} ;
|
||||
class irk_t : public key_t {};
|
||||
class csrk_t : public key_t {};
|
||||
class ltk_t : public key_t {};
|
||||
struct key_t : public octet_type_t<16> {} ;
|
||||
struct irk_t : public key_t {};
|
||||
struct csrk_t : public key_t {};
|
||||
struct ltk_t : public key_t {};
|
||||
|
||||
/** Used to identify LTK for legacy pairing connections */
|
||||
typedef octet_type_t<2> ediv_t;
|
||||
|
|
@ -361,7 +361,7 @@ typedef octet_type_t<32> dhkey_t;
|
|||
/**
|
||||
* MAC address data type.
|
||||
*/
|
||||
struct address_t : public octet_type_t<6>{
|
||||
struct address_t : public octet_type_t<6> {
|
||||
/**
|
||||
* Create an invalid mac address, equal to FF:FF:FF:FF:FF:FF
|
||||
*/
|
||||
|
|
|
|||
|
|
@ -182,8 +182,19 @@ public:
|
|||
virtual void get_entry_local_keys(
|
||||
SecurityEntryKeysDbCb_t cb,
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Retrieve stored LTK generated during secure connections pairing.
|
||||
*
|
||||
* @param[in] cb callback that will receive the LTK struct
|
||||
* @param[in] connection handle for the connection requesting the key
|
||||
*/
|
||||
virtual void get_entry_local_keys(
|
||||
SecurityEntryKeysDbCb_t cb,
|
||||
connection_handle_t connection
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -195,7 +206,7 @@ public:
|
|||
*/
|
||||
virtual void set_entry_local_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -207,8 +218,8 @@ public:
|
|||
*/
|
||||
virtual void set_entry_local_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/* peer's keys */
|
||||
|
|
@ -237,29 +248,6 @@ public:
|
|||
connection_handle_t connection
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Update all values in one call.
|
||||
*
|
||||
* @param[in] connection for which the values are being updated
|
||||
* @param[in] address_is_public is the address public or private
|
||||
* @param[in] peer_address identity address of the peer
|
||||
* @param[in] ediv EDIV value
|
||||
* @param[in] rand RAND value
|
||||
* @param[in] ltk LTK value
|
||||
* @param[in] irk IRK value
|
||||
* @param[in] csrk CSRK value
|
||||
*/
|
||||
virtual void set_entry_peer(
|
||||
connection_handle_t connection,
|
||||
bool address_is_public,
|
||||
const address_t &peer_address,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand,
|
||||
const ltk_t *ltk,
|
||||
const irk_t *irk,
|
||||
const csrk_t *csrk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Save new LTK received from the peer.
|
||||
*
|
||||
|
|
@ -269,7 +257,7 @@ public:
|
|||
*/
|
||||
virtual void set_entry_peer_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -281,8 +269,8 @@ public:
|
|||
*/
|
||||
virtual void set_entry_peer_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -293,7 +281,7 @@ public:
|
|||
*/
|
||||
virtual void set_entry_peer_irk(
|
||||
connection_handle_t connection,
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -317,7 +305,7 @@ public:
|
|||
*/
|
||||
virtual void set_entry_peer_csrk(
|
||||
connection_handle_t connection,
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) = 0;
|
||||
|
||||
/* local csrk */
|
||||
|
|
@ -335,7 +323,7 @@ public:
|
|||
* @param[in] csrk new CSRK value
|
||||
*/
|
||||
virtual void set_local_csrk(
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) = 0;
|
||||
|
||||
/* public keys */
|
||||
|
|
@ -361,8 +349,8 @@ public:
|
|||
* @param[in] public_key_y new public key value of the y coordinate
|
||||
*/
|
||||
virtual void set_public_key(
|
||||
const public_key_t& public_key_x,
|
||||
const public_key_t& public_key_y
|
||||
const public_key_t &public_key_x,
|
||||
const public_key_t &public_key_y
|
||||
) = 0;
|
||||
|
||||
/* oob data */
|
||||
|
|
@ -401,10 +389,10 @@ public:
|
|||
* @param[out] local_random random number chosen by the local device
|
||||
*/
|
||||
virtual void get_sc_oob_data(
|
||||
address_t& peer_address,
|
||||
oob_rand_t& peer_random,
|
||||
oob_confirm_t& peer_confirm,
|
||||
oob_rand_t& local_random
|
||||
address_t &peer_address,
|
||||
oob_rand_t &peer_random,
|
||||
oob_confirm_t &peer_confirm,
|
||||
oob_rand_t &local_random
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -424,9 +412,9 @@ public:
|
|||
* on the random number, its public key and address
|
||||
*/
|
||||
virtual void set_peer_sc_oob_data(
|
||||
const address_t& address,
|
||||
const oob_rand_t& random,
|
||||
const oob_confirm_t& confirm
|
||||
const address_t &address,
|
||||
const oob_rand_t &random,
|
||||
const oob_confirm_t &confirm
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -435,7 +423,7 @@ public:
|
|||
* @param random random number chosen by the local device
|
||||
*/
|
||||
virtual void set_local_sc_oob_random(
|
||||
const oob_rand_t& random
|
||||
const oob_rand_t &random
|
||||
) = 0;
|
||||
|
||||
/* list management */
|
||||
|
|
@ -454,8 +442,8 @@ public:
|
|||
virtual SecurityEntry_t* connect_entry(
|
||||
connection_handle_t connection,
|
||||
BLEProtocol::AddressType_t peer_address_type,
|
||||
const address_t& peer_address,
|
||||
const address_t& local_address
|
||||
const address_t &peer_address,
|
||||
const address_t &local_address
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -515,7 +503,7 @@ public:
|
|||
* @param[in] whitelist
|
||||
*/
|
||||
virtual void set_whitelist(
|
||||
const Gap::Whitelist_t& whitelist
|
||||
const Gap::Whitelist_t &whitelist
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -609,8 +597,8 @@ public:
|
|||
virtual void get_entry_local_keys(
|
||||
SecurityEntryKeysDbCb_t cb,
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
SecurityEntry_t *entry = NULL;
|
||||
db_store_t *store = get_store(connection);
|
||||
|
|
@ -619,35 +607,53 @@ public:
|
|||
}
|
||||
|
||||
/* validate we have the correct key */
|
||||
if (ediv && rand
|
||||
&& *ediv == store->local_keys.ediv
|
||||
&& *rand == store->local_keys.rand) {
|
||||
if (ediv == store->local_keys.ediv
|
||||
&& rand == store->local_keys.rand) {
|
||||
cb(entry, &store->local_keys);
|
||||
} else {
|
||||
cb(entry, NULL);
|
||||
}
|
||||
}
|
||||
|
||||
virtual void get_entry_local_keys(
|
||||
SecurityEntryKeysDbCb_t cb,
|
||||
connection_handle_t connection
|
||||
) {
|
||||
SecurityEntry_t *entry = NULL;
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
entry = &store->entry;
|
||||
}
|
||||
|
||||
/* validate we have the correct key */
|
||||
if (entry->secure_connections_paired) {
|
||||
cb(entry, &store->local_keys);
|
||||
} else {
|
||||
cb(entry, NULL);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
/* set */
|
||||
virtual void set_entry_local_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
store->local_keys.ltk = *ltk;
|
||||
store->local_keys.ltk = ltk;
|
||||
}
|
||||
}
|
||||
|
||||
virtual void set_entry_local_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
store->local_keys.ediv = *ediv;
|
||||
store->local_keys.rand = *rand;
|
||||
store->local_keys.ediv = ediv;
|
||||
store->local_keys.rand = rand;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -683,27 +689,6 @@ public:
|
|||
}
|
||||
|
||||
/* set */
|
||||
virtual void set_entry_peer(
|
||||
connection_handle_t connection,
|
||||
bool address_is_public,
|
||||
const address_t &peer_address,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand,
|
||||
const ltk_t *ltk,
|
||||
const irk_t *irk,
|
||||
const csrk_t *csrk
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
store->peer_keys.ltk = *ltk;
|
||||
store->peer_keys.ediv = *ediv;
|
||||
store->peer_keys.rand = *rand;
|
||||
store->csrk = *csrk;
|
||||
size_t index = store - _db;
|
||||
_identities[index].irk = *irk;
|
||||
_identities[index].identity_address = peer_address;
|
||||
}
|
||||
}
|
||||
|
||||
virtual void set_entry_peer_ltk(
|
||||
connection_handle_t connection,
|
||||
|
|
@ -717,24 +702,24 @@ public:
|
|||
|
||||
virtual void set_entry_peer_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
store->peer_keys.ediv = *ediv;
|
||||
store->peer_keys.rand = *rand;
|
||||
store->peer_keys.ediv = ediv;
|
||||
store->peer_keys.rand = rand;
|
||||
}
|
||||
}
|
||||
|
||||
virtual void set_entry_peer_irk(
|
||||
connection_handle_t connection,
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
size_t index = store - _db;
|
||||
_identities[index].irk = *irk;
|
||||
_identities[index].irk = irk;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -752,11 +737,11 @@ public:
|
|||
|
||||
virtual void set_entry_peer_csrk(
|
||||
connection_handle_t connection,
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) {
|
||||
db_store_t *store = get_store(connection);
|
||||
if (store) {
|
||||
store->csrk = *csrk;
|
||||
store->csrk = csrk;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -766,8 +751,8 @@ public:
|
|||
return &_local_csrk;
|
||||
}
|
||||
|
||||
virtual void set_local_csrk(const csrk_t *csrk) {
|
||||
_local_csrk = *csrk;
|
||||
virtual void set_local_csrk(const csrk_t &csrk) {
|
||||
_local_csrk = csrk;
|
||||
}
|
||||
|
||||
/* public key */
|
||||
|
|
@ -781,8 +766,8 @@ public:
|
|||
}
|
||||
|
||||
virtual void set_public_key(
|
||||
const public_key_t& public_key_x,
|
||||
const public_key_t& public_key_y
|
||||
const public_key_t &public_key_x,
|
||||
const public_key_t &public_key_y
|
||||
) {
|
||||
_public_key_x = public_key_x;
|
||||
_public_key_y = public_key_y;
|
||||
|
|
@ -805,10 +790,10 @@ public:
|
|||
}
|
||||
|
||||
virtual void get_sc_oob_data(
|
||||
address_t& peer_address,
|
||||
oob_rand_t& peer_random,
|
||||
oob_confirm_t& peer_confirm,
|
||||
oob_rand_t& local_random
|
||||
address_t &peer_address,
|
||||
oob_rand_t &peer_random,
|
||||
oob_confirm_t &peer_confirm,
|
||||
oob_rand_t &local_random
|
||||
) {
|
||||
peer_address = _peer_sc_oob_address;
|
||||
peer_random = _peer_sc_oob_random;
|
||||
|
|
@ -821,9 +806,9 @@ public:
|
|||
}
|
||||
|
||||
virtual void set_peer_sc_oob_data(
|
||||
const address_t& address,
|
||||
const oob_rand_t& random,
|
||||
const oob_confirm_t& confirm
|
||||
const address_t &address,
|
||||
const oob_rand_t &random,
|
||||
const oob_confirm_t &confirm
|
||||
) {
|
||||
_peer_sc_oob_address = address;
|
||||
_peer_sc_oob_random = random;
|
||||
|
|
@ -831,7 +816,7 @@ public:
|
|||
}
|
||||
|
||||
virtual void set_local_sc_oob_random(
|
||||
const oob_rand_t& random
|
||||
const oob_rand_t &random
|
||||
) {
|
||||
_local_sc_oob_random = random;
|
||||
}
|
||||
|
|
@ -841,8 +826,8 @@ public:
|
|||
virtual SecurityEntry_t* connect_entry(
|
||||
connection_handle_t connection,
|
||||
BLEProtocol::AddressType_t peer_address_type,
|
||||
const address_t& peer_address,
|
||||
const address_t& local_address
|
||||
const address_t &peer_address,
|
||||
const address_t &local_address
|
||||
) {
|
||||
const bool peer_address_public =
|
||||
(peer_address_type == BLEProtocol::AddressType::PUBLIC);
|
||||
|
|
@ -906,7 +891,7 @@ public:
|
|||
cb(whitelist);
|
||||
}
|
||||
|
||||
virtual void update_whitelist(Gap::Whitelist_t& whitelist) { }
|
||||
virtual void update_whitelist(Gap::Whitelist_t &whitelist) { }
|
||||
|
||||
virtual void add_whitelist_entry(const address_t &address) { }
|
||||
|
||||
|
|
|
|||
|
|
@ -363,6 +363,14 @@ private:
|
|||
);
|
||||
#endif
|
||||
|
||||
/**
|
||||
* Set the MITM protection setting on the database entry
|
||||
*
|
||||
* @param[in] connectionHandle Handle to identify the connection.
|
||||
* @param[in] enable if true set the MITM protection to on.
|
||||
*/
|
||||
virtual void set_mitm_performed(connection_handle_t connection, bool enable = true);
|
||||
|
||||
/**
|
||||
* Inform the security manager that a device has been disconnected and its
|
||||
* entry can be put in NVM storage. Called by GAP.
|
||||
|
|
@ -492,10 +500,6 @@ public:
|
|||
// MITM
|
||||
//
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::set_mitm_performed
|
||||
*/
|
||||
virtual void set_mitm_performed(connection_handle_t connection, bool enable = true);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_passkey_display
|
||||
*/
|
||||
virtual void on_passkey_display(
|
||||
|
|
@ -549,57 +553,44 @@ public:
|
|||
*/
|
||||
virtual void on_secure_connections_ltk_generated(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed
|
||||
*/
|
||||
virtual void on_keys_distributed(
|
||||
connection_handle_t connection,
|
||||
advertising_peer_address_type_t peer_address_type,
|
||||
const address_t &peer_identity_address,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand,
|
||||
const ltk_t *ltk,
|
||||
const irk_t *irk,
|
||||
const csrk_t *csrk
|
||||
const ltk_t <k
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_ltk
|
||||
*/
|
||||
virtual void on_keys_distributed_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_ediv_rand
|
||||
*/
|
||||
virtual void on_keys_distributed_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_local_ltk
|
||||
*/
|
||||
virtual void on_keys_distributed_local_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_local_ediv_rand
|
||||
*/
|
||||
virtual void on_keys_distributed_local_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_irk
|
||||
*/
|
||||
virtual void on_keys_distributed_irk(
|
||||
connection_handle_t connection,
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_keys_distributed_bdaddr
|
||||
|
|
@ -614,15 +605,21 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_csrk(
|
||||
connection_handle_t connection,
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_ltk_requeston_ltk_request
|
||||
*/
|
||||
virtual void on_ltk_request(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
);
|
||||
|
||||
/** @copydoc SecurityManagerEventHandler::on_ltk_requeston_ltk_request
|
||||
*/
|
||||
virtual void on_ltk_request(
|
||||
connection_handle_t connection
|
||||
);
|
||||
|
||||
/* end implements ble::pal::SecurityManagerEventHandler */
|
||||
|
|
|
|||
|
|
@ -398,30 +398,7 @@ public:
|
|||
*/
|
||||
virtual void on_secure_connections_ltk_generated(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Store the results of key distribution after all the keys have been received.
|
||||
*
|
||||
* @param[in] connection connection handle
|
||||
* @param[in] peer_address_type public or private address indication from the SMP
|
||||
* @param[in] peer_address identity address from the peer
|
||||
* @param[in] ediv encryption diversifier from the peer
|
||||
* @param[in] rand random value from the peer
|
||||
* @param[in] ltk long term key from the peer
|
||||
* @param[in] irk identity resolution key
|
||||
* @param[in] csrk signing key
|
||||
*/
|
||||
virtual void on_keys_distributed(
|
||||
connection_handle_t connection,
|
||||
advertising_peer_address_type_t peer_address_type,
|
||||
const address_t &peer_address,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand,
|
||||
const ltk_t *ltk,
|
||||
const irk_t *irk,
|
||||
const csrk_t *csrk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -432,7 +409,7 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -443,8 +420,8 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -456,7 +433,7 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_local_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -471,8 +448,8 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_local_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -483,7 +460,7 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_irk(
|
||||
connection_handle_t connection,
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -507,7 +484,7 @@ public:
|
|||
*/
|
||||
virtual void on_keys_distributed_csrk(
|
||||
connection_handle_t connection,
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -521,8 +498,19 @@ public:
|
|||
*/
|
||||
virtual void on_ltk_request(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Request the LTK since the peer is asking us to encrypt the link.
|
||||
* @note No EDIV or RAND is provided as this requests a secure
|
||||
* connections LTK where their values are all zeroes
|
||||
*
|
||||
* @param[in] connection connection handle
|
||||
*/
|
||||
virtual void on_ltk_request(
|
||||
connection_handle_t connection
|
||||
) = 0;
|
||||
};
|
||||
|
||||
|
|
@ -770,9 +758,22 @@ public:
|
|||
*/
|
||||
virtual ble_error_t enable_encryption(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk,
|
||||
const rand_t *rand = NULL,
|
||||
const ediv_t *ediv = NULL
|
||||
const ltk_t <k,
|
||||
const rand_t &rand,
|
||||
const ediv_t &ediv
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Enabled encryption using the LTK given on a connection established with secure
|
||||
* connections pairing.
|
||||
*
|
||||
* @param[in] connection connection handle
|
||||
* @param[in] ltk long term key from the peer
|
||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t enable_encryption(
|
||||
connection_handle_t connection,
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
virtual ble_error_t disable_encryption(
|
||||
|
|
@ -800,7 +801,7 @@ public:
|
|||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t encrypt_data(
|
||||
const key_t *key,
|
||||
const key_t &key,
|
||||
encryption_block_t &data
|
||||
) = 0;
|
||||
|
||||
|
|
@ -820,12 +821,22 @@ public:
|
|||
* Set the LTK that is to be used for encryption.
|
||||
*
|
||||
* @param[in] connection connection handle
|
||||
* @param[in] ltk long term key, NULL if key has not been found
|
||||
* @param[in] ltk long term key
|
||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t set_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
* Inform the stack we don't have the LTK.
|
||||
*
|
||||
* @param[in] connection connection handle
|
||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t set_ltk_not_found(
|
||||
connection_handle_t connection
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -835,7 +846,7 @@ public:
|
|||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t set_irk(
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
@ -845,7 +856,7 @@ public:
|
|||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||
*/
|
||||
virtual ble_error_t set_csrk(
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) = 0;
|
||||
|
||||
/**
|
||||
|
|
|
|||
|
|
@ -539,9 +539,9 @@ ble_error_t GenericSecurityManager::init_signing() {
|
|||
}
|
||||
|
||||
pcsrk = &csrk;
|
||||
_db.set_local_csrk(pcsrk);
|
||||
_db.set_local_csrk(csrk);
|
||||
}
|
||||
return _pal.set_csrk(pcsrk);
|
||||
return _pal.set_csrk(*pcsrk);
|
||||
}
|
||||
|
||||
ble_error_t GenericSecurityManager::get_random_data(uint8_t *buffer, size_t size) {
|
||||
|
|
@ -598,7 +598,11 @@ void GenericSecurityManager::enable_encryption_cb(
|
|||
const SecurityEntryKeys_t* entryKeys
|
||||
) {
|
||||
if (entry && entryKeys) {
|
||||
_pal.enable_encryption(entry->handle, &entryKeys->ltk, &entryKeys->rand, &entryKeys->ediv);
|
||||
if (entry->secure_connections_paired) {
|
||||
_pal.enable_encryption(entry->handle, entryKeys->ltk);
|
||||
} else {
|
||||
_pal.enable_encryption(entry->handle, entryKeys->ltk, entryKeys->rand, entryKeys->ediv);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -608,9 +612,9 @@ void GenericSecurityManager::set_ltk_cb(
|
|||
) {
|
||||
if (entry) {
|
||||
if (entryKeys) {
|
||||
_pal.set_ltk(entry->handle, &entryKeys->ltk);
|
||||
_pal.set_ltk(entry->handle, entryKeys->ltk);
|
||||
} else {
|
||||
_pal.set_ltk(entry->handle, NULL);
|
||||
_pal.set_ltk_not_found(entry->handle);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
@ -716,6 +720,13 @@ bool GenericSecurityManager::crypto_toolbox_f4(
|
|||
}
|
||||
#endif
|
||||
|
||||
void GenericSecurityManager::set_mitm_performed(connection_handle_t connection, bool enable) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (entry) {
|
||||
entry->mitm_performed = true;
|
||||
}
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_disconnected(connection_handle_t connection) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (!entry) {
|
||||
|
|
@ -922,13 +933,6 @@ void GenericSecurityManager::on_link_encryption_request_timed_out(
|
|||
// MITM
|
||||
//
|
||||
|
||||
void GenericSecurityManager::set_mitm_performed(connection_handle_t connection, bool enable) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (entry) {
|
||||
entry->mitm_performed = true;
|
||||
}
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_passkey_display(
|
||||
connection_handle_t connection,
|
||||
passkey_num_t passkey
|
||||
|
|
@ -1011,7 +1015,7 @@ void GenericSecurityManager::on_public_key_generated(
|
|||
|
||||
void GenericSecurityManager::on_secure_connections_ltk_generated(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (!entry) {
|
||||
|
|
@ -1024,45 +1028,9 @@ void GenericSecurityManager::on_secure_connections_ltk_generated(
|
|||
_db.set_entry_peer_ltk(connection, ltk);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_keys_distributed(
|
||||
connection_handle_t connection,
|
||||
advertising_peer_address_type_t peer_address_type,
|
||||
const address_t &peer_identity_address,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand,
|
||||
const ltk_t *ltk,
|
||||
const irk_t *irk,
|
||||
const csrk_t *csrk
|
||||
) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (!entry) {
|
||||
return;
|
||||
}
|
||||
|
||||
entry->ltk_mitm_protected = entry->mitm_performed;
|
||||
entry->csrk_mitm_protected = entry->mitm_performed;
|
||||
|
||||
_db.set_entry_peer(
|
||||
connection,
|
||||
(peer_address_type == advertising_peer_address_type_t::PUBLIC_ADDRESS),
|
||||
peer_identity_address,
|
||||
ediv,
|
||||
rand,
|
||||
ltk,
|
||||
irk,
|
||||
csrk
|
||||
);
|
||||
|
||||
eventHandler->signingKey(
|
||||
connection,
|
||||
csrk,
|
||||
entry->csrk_mitm_protected
|
||||
);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_keys_distributed_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (!entry) {
|
||||
|
|
@ -1074,30 +1042,30 @@ void GenericSecurityManager::on_keys_distributed_ltk(
|
|||
|
||||
void GenericSecurityManager::on_keys_distributed_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
_db.set_entry_peer_ediv_rand(connection, ediv, rand);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_keys_distributed_local_ltk(
|
||||
connection_handle_t connection,
|
||||
const ltk_t *ltk
|
||||
const ltk_t <k
|
||||
) {
|
||||
_db.set_entry_local_ltk(connection, ltk);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_keys_distributed_local_ediv_rand(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
_db.set_entry_local_ediv_rand(connection, ediv, rand);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_keys_distributed_irk(
|
||||
connection_handle_t connection,
|
||||
const irk_t *irk
|
||||
const irk_t &irk
|
||||
) {
|
||||
_db.set_entry_peer_irk(connection, irk);
|
||||
}
|
||||
|
|
@ -1116,7 +1084,7 @@ void GenericSecurityManager::on_keys_distributed_bdaddr(
|
|||
|
||||
void GenericSecurityManager::on_keys_distributed_csrk(
|
||||
connection_handle_t connection,
|
||||
const csrk_t *csrk
|
||||
const csrk_t &csrk
|
||||
) {
|
||||
SecurityEntry_t *entry = _db.get_entry(connection);
|
||||
if (!entry) {
|
||||
|
|
@ -1129,15 +1097,15 @@ void GenericSecurityManager::on_keys_distributed_csrk(
|
|||
|
||||
eventHandler->signingKey(
|
||||
connection,
|
||||
csrk,
|
||||
&csrk,
|
||||
entry->csrk_mitm_protected
|
||||
);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_ltk_request(
|
||||
connection_handle_t connection,
|
||||
const ediv_t *ediv,
|
||||
const rand_t *rand
|
||||
const ediv_t &ediv,
|
||||
const rand_t &rand
|
||||
) {
|
||||
_db.get_entry_local_keys(
|
||||
mbed::callback(this, &GenericSecurityManager::set_ltk_cb),
|
||||
|
|
@ -1147,5 +1115,14 @@ void GenericSecurityManager::on_ltk_request(
|
|||
);
|
||||
}
|
||||
|
||||
void GenericSecurityManager::on_ltk_request(
|
||||
connection_handle_t connection
|
||||
) {
|
||||
_db.get_entry_local_keys(
|
||||
mbed::callback(this, &GenericSecurityManager::set_ltk_cb),
|
||||
connection
|
||||
);
|
||||
}
|
||||
|
||||
} /* namespace generic */
|
||||
} /* namespace ble */
|
||||
|
|
|
|||
Loading…
Reference in New Issue