refactor into separate functions for readability and correctness of pal matching db

pull/6932/head
paul-szczepanek-arm 2018-05-18 13:46:55 +01:00
parent 439d002f7d
commit 9da64e529e
3 changed files with 82 additions and 32 deletions

View File

@ -464,15 +464,17 @@ public:
}
/**
* Change the file used for the security datagse. If path is invalid or a NULL is passed
* Change the file used for the security database. If path is invalid or a NULL is passed
* keys will only be stored in memory.
*
* @note This operation is only allowed with no active connections.
*
* @param[in] dbPath Path to the file used to store keys in the filesystem,
* if NULL keys will be only stored in memory
*
* @return BLE_ERROR_NONE on success.
*/
virtual ble_error_t setDatabaseFile(const char *dbFilepath = NULL) {
virtual ble_error_t setDatabaseFilepath(const char *dbFilepath = NULL) {
(void)dbFilepath;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}

View File

@ -53,7 +53,7 @@ public:
const char* db_path = NULL
);
virtual ble_error_t setDatabaseFile(const char *db_path = NULL);
virtual ble_error_t setDatabaseFilepath(const char *db_path = NULL);
virtual ble_error_t reset();
@ -265,6 +265,22 @@ public:
//
private:
/**
* Initialise the database, if database already exists it will close it and open the new one.
*
* @param db_path path to file to store secure db
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
ble_error_t init_database(const char *db_path = NULL);
/**
* Generate identity list based on the database of IRK and apply it to the resolving list.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
ble_error_t init_resolving_list();
/**
* Generate the CSRK if needed.
*

View File

@ -48,7 +48,7 @@ ble_error_t GenericSecurityManager::init(
return result;
}
result = setDatabaseFile(db_path);
result = init_database(db_path);
if (result != BLE_ERROR_NONE) {
return result;
}
@ -79,49 +79,38 @@ ble_error_t GenericSecurityManager::init(
init_signing();
}
init_resolving_list();
_connection_monitor.set_connection_event_handler(this);
_signing_monitor.set_signing_event_handler(this);
_pal.set_event_handler(this);
uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
SecurityEntryIdentity_t* identity_list_p =
new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
if (identity_list_p) {
ArrayView<SecurityEntryIdentity_t> identity_list(
identity_list_p,
resolving_list_capacity
);
_db->get_identity_list(
mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
identity_list
);
}
return BLE_ERROR_NONE;
}
ble_error_t GenericSecurityManager::setDatabaseFile(
ble_error_t GenericSecurityManager::setDatabaseFilepath(
const char *db_path
) {
if (_db) {
delete _db;
if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
/* operation only allowed with no connections active */
for (size_t i = 0; i < MAX_CONTROL_BLOCKS; i++) {
if (_control_blocks[i].connected) {
return BLE_ERROR_OPERATION_NOT_PERMITTED;
}
}
FILE* db_file = FileSecurityDb::open_db_file(db_path);
if (db_file) {
_db = new (std::nothrow) FileSecurityDb(db_file);
} else {
_db = new (std::nothrow) MemorySecurityDb();
ble_error_t result = init_database(db_path);
if (result != BLE_ERROR_NONE) {
return result;
}
if (!_db) {
return BLE_ERROR_NO_MEM;
result = init_database(db_path);
if (result != BLE_ERROR_NONE) {
return result;
}
_db->restore();
init_resolving_list();
return BLE_ERROR_NONE;
}
@ -779,6 +768,49 @@ ble_error_t GenericSecurityManager::oobReceived(
// Helper functions
//
ble_error_t GenericSecurityManager::init_database(
const char *db_path
) {
if (_db) {
delete _db;
}
FILE* db_file = FileSecurityDb::open_db_file(db_path);
if (db_file) {
_db = new (std::nothrow) FileSecurityDb(db_file);
} else {
_db = new (std::nothrow) MemorySecurityDb();
}
if (!_db) {
return BLE_ERROR_NO_MEM;
}
_db->restore();
return BLE_ERROR_NONE;
}
ble_error_t GenericSecurityManager::init_resolving_list() {
/* match the resolving list to the currently stored set of IRKs */
uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
SecurityEntryIdentity_t* identity_list_p =
new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
if (identity_list_p) {
ArrayView<SecurityEntryIdentity_t> identity_list(
identity_list_p,
resolving_list_capacity
);
_db->get_identity_list(
mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
identity_list
);
}
}
ble_error_t GenericSecurityManager::init_signing() {
if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
const csrk_t *pcsrk = _db->get_local_csrk();