mirror of https://github.com/ARMmbed/mbed-os.git
pass in information about the mitm and sc quality of the ltk to the pal
paul-szczepanek-arm
parent
abcc5db44b
commit
c52d324dab
|
|
@ -766,13 +766,15 @@ public:
|
||||||
* @param[in] ltk long term key from the peer
|
* @param[in] ltk long term key from the peer
|
||||||
* @param[in] ediv encryption diversifier from the peer
|
* @param[in] ediv encryption diversifier from the peer
|
||||||
* @param[in] rand random value from the peer
|
* @param[in] rand random value from the peer
|
||||||
|
* @param[in] mitm does the LTK have man in the middle protection
|
||||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||||
*/
|
*/
|
||||||
virtual ble_error_t enable_encryption(
|
virtual ble_error_t enable_encryption(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k,
|
const ltk_t <k,
|
||||||
const rand_t &rand,
|
const rand_t &rand,
|
||||||
const ediv_t &ediv
|
const ediv_t &ediv,
|
||||||
|
bool mitm
|
||||||
) = 0;
|
) = 0;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -781,11 +783,13 @@ public:
|
||||||
*
|
*
|
||||||
* @param[in] connection connection handle
|
* @param[in] connection connection handle
|
||||||
* @param[in] ltk long term key from the peer
|
* @param[in] ltk long term key from the peer
|
||||||
|
* @param[in] mitm does the LTK have man in the middle protection
|
||||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||||
*/
|
*/
|
||||||
virtual ble_error_t enable_encryption(
|
virtual ble_error_t enable_encryption(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k
|
const ltk_t <k,
|
||||||
|
bool mitm
|
||||||
) = 0;
|
) = 0;
|
||||||
|
|
||||||
virtual ble_error_t disable_encryption(
|
virtual ble_error_t disable_encryption(
|
||||||
|
|
@ -834,11 +838,15 @@ public:
|
||||||
*
|
*
|
||||||
* @param[in] connection connection handle
|
* @param[in] connection connection handle
|
||||||
* @param[in] ltk long term key
|
* @param[in] ltk long term key
|
||||||
|
* @param[in] mitm does the LTK have man in the middle protection
|
||||||
|
* @param[in] secure_connections is this a secure_connections pairing
|
||||||
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
* @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
|
||||||
*/
|
*/
|
||||||
virtual ble_error_t set_ltk(
|
virtual ble_error_t set_ltk(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k
|
const ltk_t <k,
|
||||||
|
bool mitm,
|
||||||
|
bool secure_connections
|
||||||
) = 0;
|
) = 0;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
|
||||||
|
|
@ -654,9 +654,9 @@ void GenericSecurityManager::enable_encryption_cb(
|
||||||
|
|
||||||
if (cb && entryKeys) {
|
if (cb && entryKeys) {
|
||||||
if (cb->secure_connections_paired) {
|
if (cb->secure_connections_paired) {
|
||||||
_pal.enable_encryption(cb->connection, entryKeys->ltk);
|
_pal.enable_encryption(cb->connection, entryKeys->ltk, cb->ltk_mitm_protected);
|
||||||
} else {
|
} else {
|
||||||
_pal.enable_encryption(cb->connection, entryKeys->ltk, entryKeys->rand, entryKeys->ediv);
|
_pal.enable_encryption(cb->connection, entryKeys->ltk, entryKeys->rand, entryKeys->ediv, cb->ltk_mitm_protected);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -669,7 +669,7 @@ void GenericSecurityManager::set_ltk_cb(
|
||||||
|
|
||||||
if (cb) {
|
if (cb) {
|
||||||
if (entryKeys) {
|
if (entryKeys) {
|
||||||
_pal.set_ltk(cb->connection, entryKeys->ltk);
|
_pal.set_ltk(cb->connection, entryKeys->ltk, cb->ltk_mitm_protected, cb->secure_connections_paired);
|
||||||
} else {
|
} else {
|
||||||
_pal.set_ltk_not_found(cb->connection);
|
_pal.set_ltk_not_found(cb->connection);
|
||||||
}
|
}
|
||||||
|
|
@ -1206,8 +1206,8 @@ void GenericSecurityManager::on_ltk_request(
|
||||||
GenericSecurityManager::ControlBlock_t::ControlBlock_t() :
|
GenericSecurityManager::ControlBlock_t::ControlBlock_t() :
|
||||||
pal::SecurityDistributionFlags_t(),
|
pal::SecurityDistributionFlags_t(),
|
||||||
connection(0),
|
connection(0),
|
||||||
local_address(),
|
|
||||||
db_entry(0),
|
db_entry(0),
|
||||||
|
local_address(),
|
||||||
connected(false),
|
connected(false),
|
||||||
authenticated(false),
|
authenticated(false),
|
||||||
is_master(false),
|
is_master(false),
|
||||||
|
|
|
||||||
|
|
@ -134,7 +134,8 @@ public:
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k,
|
const ltk_t <k,
|
||||||
const rand_t &rand,
|
const rand_t &rand,
|
||||||
const ediv_t &ediv
|
const ediv_t &ediv,
|
||||||
|
bool mitm
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -142,7 +143,8 @@ public:
|
||||||
*/
|
*/
|
||||||
virtual ble_error_t enable_encryption(
|
virtual ble_error_t enable_encryption(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k
|
const ltk_t <k,
|
||||||
|
bool mitm
|
||||||
);
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
|
|
@ -188,7 +190,12 @@ public:
|
||||||
/**
|
/**
|
||||||
* @see ::ble::pal::SecurityManager::set_ltk
|
* @see ::ble::pal::SecurityManager::set_ltk
|
||||||
*/
|
*/
|
||||||
virtual ble_error_t set_ltk(connection_handle_t connection, const ltk_t <k);
|
virtual ble_error_t set_ltk(
|
||||||
|
connection_handle_t connection,
|
||||||
|
const ltk_t <k,
|
||||||
|
bool mitm,
|
||||||
|
bool secure_connections
|
||||||
|
);
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @see ::ble::pal::SecurityManager::set_ltk_not_found
|
* @see ::ble::pal::SecurityManager::set_ltk_not_found
|
||||||
|
|
|
||||||
|
|
@ -134,7 +134,8 @@ ble_error_t CordioSecurityManager::enable_encryption(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k,
|
const ltk_t <k,
|
||||||
const rand_t &rand,
|
const rand_t &rand,
|
||||||
const ediv_t &ediv
|
const ediv_t &ediv,
|
||||||
|
bool mitm
|
||||||
) {
|
) {
|
||||||
dmSecLtk_t sec_ltk;
|
dmSecLtk_t sec_ltk;
|
||||||
memcpy(sec_ltk.key, ltk.data(), ltk.size());
|
memcpy(sec_ltk.key, ltk.data(), ltk.size());
|
||||||
|
|
@ -152,7 +153,8 @@ ble_error_t CordioSecurityManager::enable_encryption(
|
||||||
|
|
||||||
ble_error_t CordioSecurityManager::enable_encryption(
|
ble_error_t CordioSecurityManager::enable_encryption(
|
||||||
connection_handle_t connection,
|
connection_handle_t connection,
|
||||||
const ltk_t <k
|
const ltk_t <k,
|
||||||
|
bool mitm
|
||||||
) {
|
) {
|
||||||
dmSecLtk_t sec_ltk = { 0 };
|
dmSecLtk_t sec_ltk = { 0 };
|
||||||
memcpy(sec_ltk.key, ltk.data(), ltk.size());
|
memcpy(sec_ltk.key, ltk.data(), ltk.size());
|
||||||
|
|
@ -207,7 +209,10 @@ ble_error_t CordioSecurityManager::set_private_address_timeout(
|
||||||
//
|
//
|
||||||
|
|
||||||
ble_error_t CordioSecurityManager::set_ltk(
|
ble_error_t CordioSecurityManager::set_ltk(
|
||||||
connection_handle_t connection, const ltk_t& ltk
|
connection_handle_t connection,
|
||||||
|
const ltk_t& ltk,
|
||||||
|
bool mitm,
|
||||||
|
bool secure_connections
|
||||||
) {
|
) {
|
||||||
// FIXME: get access to the security level of a key
|
// FIXME: get access to the security level of a key
|
||||||
DmSecLtkRsp(
|
DmSecLtkRsp(
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue