refactor into separate functions for readability and correctness of pal matching db

2018-05-18 13:46:55 +01:00 · 2018-05-18 13:46:55 +01:00 · 9da64e529e
parent 439d002f7d
commit 9da64e529e
3 changed files with 82 additions and 32 deletions
--- a/features/FEATURE_BLE/ble/SecurityManager.h
+++ b/features/FEATURE_BLE/ble/SecurityManager.h
@ -464,15 +464,17 @@ public:
    }

    /**
-     * Change the file used for the security datagse. If path is invalid or a NULL is passed
+     * Change the file used for the security database. If path is invalid or a NULL is passed
     * keys will only be stored in memory.
     *
+     * @note This operation is only allowed with no active connections.
+     *
     * @param[in]  dbPath        Path to the file used to store keys in the filesystem,
     *                           if NULL keys will be only stored in memory
     *
     * @return BLE_ERROR_NONE on success.
     */
-    virtual ble_error_t setDatabaseFile(const char *dbFilepath = NULL) {
+    virtual ble_error_t setDatabaseFilepath(const char *dbFilepath = NULL) {
        (void)dbFilepath;
        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
    }
--- a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
+++ b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
@ -53,7 +53,7 @@ public:
        const char* db_path = NULL
    );

-    virtual ble_error_t setDatabaseFile(const char *db_path = NULL);
+    virtual ble_error_t setDatabaseFilepath(const char *db_path = NULL);

    virtual ble_error_t reset();

@ -265,6 +265,22 @@ public:
    //

 private:
+
+    /**
+     * Initialise the database, if database already exists it will close it and open the new one.
+     *
+     * @param db_path path to file to store secure db
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    ble_error_t init_database(const char *db_path = NULL);
+
+    /**
+     * Generate identity list based on the database of IRK and apply it to the resolving list.
+     *
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    ble_error_t init_resolving_list();
+
    /**
     * Generate the CSRK if needed.
     *
--- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
+++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
@ -48,7 +48,7 @@ ble_error_t GenericSecurityManager::init(
    	return result;
    }

-    result = setDatabaseFile(db_path);
+    result = init_database(db_path);
    if (result != BLE_ERROR_NONE) {
        return result;
    }
@ -79,49 +79,38 @@ ble_error_t GenericSecurityManager::init(
        init_signing();
    }

+    init_resolving_list();
+
    _connection_monitor.set_connection_event_handler(this);
    _signing_monitor.set_signing_event_handler(this);
    _pal.set_event_handler(this);

-    uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
-    SecurityEntryIdentity_t* identity_list_p =
-        new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
-
-    if (identity_list_p) {
-        ArrayView<SecurityEntryIdentity_t> identity_list(
-            identity_list_p,
-            resolving_list_capacity
-        );
-
-        _db->get_identity_list(
-            mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
-            identity_list
-        );
-    }
-
    return BLE_ERROR_NONE;
 }

-ble_error_t GenericSecurityManager::setDatabaseFile(
+ble_error_t GenericSecurityManager::setDatabaseFilepath(
    const char *db_path
 ) {
-    if (_db) {
-        delete _db;
+    if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
+
+    /* operation only allowed with no connections active */
+    for (size_t i = 0; i < MAX_CONTROL_BLOCKS; i++) {
+        if (_control_blocks[i].connected) {
+            return BLE_ERROR_OPERATION_NOT_PERMITTED;
+        }
    }

-    FILE* db_file = FileSecurityDb::open_db_file(db_path);
-
-    if (db_file) {
-        _db = new (std::nothrow) FileSecurityDb(db_file);
-    } else {
-        _db = new (std::nothrow) MemorySecurityDb();
+    ble_error_t result = init_database(db_path);
+    if (result != BLE_ERROR_NONE) {
+        return result;
    }

-    if (!_db) {
-        return BLE_ERROR_NO_MEM;
+    result = init_database(db_path);
+    if (result != BLE_ERROR_NONE) {
+        return result;
    }

-    _db->restore();
+    init_resolving_list();

    return BLE_ERROR_NONE;
 }
@ -779,6 +768,49 @@ ble_error_t GenericSecurityManager::oobReceived(
 // Helper functions
 //

+ble_error_t GenericSecurityManager::init_database(
+    const char *db_path
+) {
+    if (_db) {
+        delete _db;
+    }
+
+    FILE* db_file = FileSecurityDb::open_db_file(db_path);
+
+    if (db_file) {
+        _db = new (std::nothrow) FileSecurityDb(db_file);
+    } else {
+        _db = new (std::nothrow) MemorySecurityDb();
+    }
+
+    if (!_db) {
+        return BLE_ERROR_NO_MEM;
+    }
+
+    _db->restore();
+
+    return BLE_ERROR_NONE;
+}
+
+ble_error_t GenericSecurityManager::init_resolving_list() {
+    /* match the resolving list to the currently stored set of IRKs */
+    uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
+    SecurityEntryIdentity_t* identity_list_p =
+        new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
+
+    if (identity_list_p) {
+        ArrayView<SecurityEntryIdentity_t> identity_list(
+            identity_list_p,
+            resolving_list_capacity
+        );
+
+        _db->get_identity_list(
+            mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
+            identity_list
+        );
+    }
+}
+
 ble_error_t GenericSecurityManager::init_signing() {
    if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
    const csrk_t *pcsrk = _db->get_local_csrk();