diff --git a/features/FEATURE_BLE/ble/SecurityManager.h b/features/FEATURE_BLE/ble/SecurityManager.h index 65a4b64ad5..a16fc89fd9 100644 --- a/features/FEATURE_BLE/ble/SecurityManager.h +++ b/features/FEATURE_BLE/ble/SecurityManager.h @@ -119,11 +119,7 @@ public: (void)handle; } - virtual void pairingError(connection_handle_t handle, pairing_failure_t error) { - (void)handle; - } - - virtual void pairingCompleted(connection_handle_t handle) { + virtual void pairingResult(connection_handle_t handle, SecurityManager::SecurityCompletionStatus_t result) { (void)handle; } @@ -196,15 +192,9 @@ private: // Pairing // - void pairingError(connection_handle_t handle, pairing_failure_t error) { + void pairingResult(connection_handle_t handle, SecurityManager::SecurityCompletionStatus_t result) { if (securitySetupCompletedCallback) { - /* translate error codes to what the callback expects */ - securitySetupCompletedCallback(handle, (SecurityManager::SecurityCompletionStatus_t)(error.value() | 0x80)); - } - } - void pairingCompleted(connection_handle_t handle) { - if (securitySetupCompletedCallback) { - securitySetupCompletedCallback(handle, SecurityManager::SecurityCompletionStatus_t::SEC_STATUS_SUCCESS); + securitySetupCompletedCallback(handle, result); } } @@ -649,14 +639,7 @@ public: } /** @deprecated */ void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) { - if (status & 0x80) { - pairing_failure_t error(status & ~0x80); - eventHandler->pairingError(handle, error); - } else if (status == SecurityManager::SecurityCompletionStatus_t::SEC_STATUS_SUCCESS) { - eventHandler->pairingCompleted(handle); - } else { - eventHandler->pairingError(handle, pairing_failure_t::UNSPECIFIED_REASON); - } + eventHandler->pairingResult(handle, status); } /** @deprecated */ void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) { diff --git a/features/FEATURE_BLE/ble/pal/PalSecurityManager.h b/features/FEATURE_BLE/ble/pal/PalSecurityManager.h index e19b475cbc..f3fefa9c43 100644 --- a/features/FEATURE_BLE/ble/pal/PalSecurityManager.h +++ b/features/FEATURE_BLE/ble/pal/PalSecurityManager.h @@ -263,25 +263,20 @@ public: pairing_failure_t error ) = 0; + /** + * To indicate that the pairing has timed out. + */ + virtual void on_pairing_timed_out(connection_handle_t connection) = 0; + /** * To indicate that the pairing for the link has completed. */ - virtual void on_pairing_completed( - connection_handle_t connection - ) = 0; + virtual void on_pairing_completed(connection_handle_t connection) = 0; //////////////////////////////////////////////////////////////////////////// // Security // - /** - * reports change of encryption status or result of encryption request - */ - virtual void on_link_encryption_result( - connection_handle_t connection, - bool encrypted - ) = 0; - /** * To indicate that the authentication timeout has elapsed * and we received no packets with a valid MIC @@ -289,6 +284,25 @@ public: */ virtual void on_valid_mic_timeout(connection_handle_t connection) = 0; + //////////////////////////////////////////////////////////////////////////// + // Encryption + // + + /** + * To indicate the result of an encryption request. + * @note Do no call if request timed out, call on_link_encryption_request_timed_out + * instead. + */ + virtual void on_link_encryption_result( + connection_handle_t connection, + bool encrypted + ) = 0; + + /** + * To indicate that the encryption request failed due to time out. + */ + virtual void on_link_encryption_request_timed_out(connection_handle_t connection) = 0; + //////////////////////////////////////////////////////////////////////////// // MITM // diff --git a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp index 27f1259a90..5aa5e932c7 100644 --- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp +++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp @@ -361,7 +361,7 @@ public: if (entry->authenticated) { return BLE_ERROR_NONE; } else { - pal.enable_encryption(connection); + return pal.enable_encryption(connection); } } else { /* don't change the default value of authentication */ @@ -472,13 +472,28 @@ public: void on_pairing_error(connection_handle_t connection, pairing_failure_t error) { if (_app_event_handler) { - _app_event_handler->pairingError(connection, error); + _app_event_handler->pairingResult( + connection, + (SecurityManager::SecurityCompletionStatus_t)(error.value() | 0x80) + ); + } + } + + void on_pairing_timed_out(connection_handle_t connection) { + if (_app_event_handler) { + _app_event_handler->pairingResult( + connection, + SecurityManager::SEC_STATUS_TIMEOUT + ); } } void on_pairing_completed(connection_handle_t connection) { if (_app_event_handler) { - _app_event_handler->pairingCompleted(connection); + _app_event_handler->pairingResult( + connection, + SecurityManager::SEC_STATUS_SUCCESS + ); } } @@ -486,6 +501,16 @@ public: // Security // + void on_valid_mic_timeout(connection_handle_t connection) { + if (_app_event_handler) { + _app_event_handler->validMicTimeout(connection); + } + } + + //////////////////////////////////////////////////////////////////////////// + // Encryption + // + void on_link_encryption_result(connection_handle_t connection, bool encrypted) { if (_app_event_handler) { @@ -493,9 +518,9 @@ public: } } - void on_valid_mic_timeout(connection_handle_t connection) { + void on_link_encryption_request_timed_out(connection_handle_t connection) { if (_app_event_handler) { - _app_event_handler->validMicTimeout(connection); + _app_event_handler->linkEncryptionResult(connection, false); } }