From d361960aa35a98d4d11fb401c2c23ae8b62a5ed3 Mon Sep 17 00:00:00 2001
From: Vincent Coubard <vincent.coubard@arm.com>
Date: Fri, 18 May 2018 10:04:27 +0100
Subject: [PATCH] BLE: Use peer_address_type_t instead of the legacy address in
 security manager.

---
 .../ble/generic/GenericSecurityManager.h         |  5 +++--
 features/FEATURE_BLE/ble/generic/SecurityDb.h    | 16 ++++++++--------
 .../FEATURE_BLE/ble/pal/ConnectionEventMonitor.h |  7 +++++--
 .../source/generic/GenericSecurityManager.cpp    | 14 +++++++++++---
 4 files changed, 27 insertions(+), 15 deletions(-)

diff --git a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
index f5f060a5e6..b2c74248bc 100644
--- a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
+++ b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
@@ -381,11 +381,12 @@ private:
     virtual void on_connected(
         connection_handle_t connection,
         Gap::Role_t role,
-        BLEProtocol::AddressType_t peer_address_type,
+        peer_address_type_t peer_address_type,
         const BLEProtocol::AddressBytes_t peer_address,
         BLEProtocol::AddressType_t local_address_type,
         const BLEProtocol::AddressBytes_t local_address,
-        const Gap::ConnectionParams_t *connection_params
+        const Gap::ConnectionParams_t *connection_params,
+        const BLEProtocol::AddressBytes_t resolved_peer_address
     );
 
     /**
diff --git a/features/FEATURE_BLE/ble/generic/SecurityDb.h b/features/FEATURE_BLE/ble/generic/SecurityDb.h
index 009d769554..b8c2ea25c8 100644
--- a/features/FEATURE_BLE/ble/generic/SecurityDb.h
+++ b/features/FEATURE_BLE/ble/generic/SecurityDb.h
@@ -440,7 +440,7 @@ public:
      * @return A handle to the entry.
      */
     virtual entry_handle_t open_entry(
-        BLEProtocol::AddressType_t peer_address_type,
+        peer_address_type_t peer_address_type,
         const address_t &peer_address
     ) {
         entry_handle_t db_handle = find_entry_by_peer_address(peer_address_type, peer_address);
@@ -451,8 +451,8 @@ public:
         SecurityDistributionFlags_t* flags = get_free_entry_flags();
         if (flags) {
             const bool peer_address_public =
-                (peer_address_type == BLEProtocol::AddressType::PUBLIC) ||
-                (peer_address_type == BLEProtocol::AddressType::PUBLIC_IDENTITY);
+                (peer_address_type == peer_address_type_t::PUBLIC) ||
+                (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY);
             /* we need some address to store, so we store even random ones
              * this address will be used as an id, possibly replaced later
              * by identity address */
@@ -473,12 +473,12 @@ public:
      * @return A handle to the entry.
      */
     virtual entry_handle_t find_entry_by_peer_address(
-        BLEProtocol::AddressType_t peer_address_type,
+        peer_address_type_t peer_address_type,
         const address_t &peer_address
     ) {
         const bool peer_address_public =
-            (peer_address_type == BLEProtocol::AddressType::PUBLIC) ||
-            (peer_address_type == BLEProtocol::AddressType::PUBLIC_IDENTITY);
+            (peer_address_type == peer_address_type_t::PUBLIC) ||
+            (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY);
 
         for (size_t i = 0; i < get_entry_count(); i++) {
             entry_handle_t db_handle = get_entry_handle_by_index(i);
@@ -486,7 +486,7 @@ public:
 
             /* only look among disconnected entries */
             if (flags && !flags->connected) {
-                if (peer_address_type == BLEProtocol::AddressType::PUBLIC_IDENTITY &&
+                if (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY &&
                     flags->irk_stored == false) {
                     continue;
                 }
@@ -536,7 +536,7 @@ public:
      * @return A handle to the entry.
      */
     virtual void remove_entry(
-        BLEProtocol::AddressType_t peer_address_type,
+        peer_address_type_t peer_address_type,
         const address_t &peer_address
     ) {
         entry_handle_t db_handle = find_entry_by_peer_address(peer_address_type, peer_address);
diff --git a/features/FEATURE_BLE/ble/pal/ConnectionEventMonitor.h b/features/FEATURE_BLE/ble/pal/ConnectionEventMonitor.h
index d0a0325bde..0695bf1197 100644
--- a/features/FEATURE_BLE/ble/pal/ConnectionEventMonitor.h
+++ b/features/FEATURE_BLE/ble/pal/ConnectionEventMonitor.h
@@ -48,15 +48,18 @@ public:
          * @param[in] local_address_type type of address of the local device.
          * @param[in] local_address Address of the local device that was used during connection.
          * @param[in] connection_params connection parameters like interval, latency and timeout.
+         * @param[in] resolved_peer_address resolved address of the peer; may
+         * be NULL.
          */
         virtual void on_connected(
             connection_handle_t connection,
             ::Gap::Role_t role,
-            BLEProtocol::AddressType_t peer_address_type,
+            ble::peer_address_type_t peer_address_type,
             const BLEProtocol::AddressBytes_t peer_address,
             BLEProtocol::AddressType_t local_address_type,
             const BLEProtocol::AddressBytes_t local_address,
-            const ::Gap::ConnectionParams_t *connection_params
+            const ::Gap::ConnectionParams_t *connection_params,
+            const BLEProtocol::AddressBytes_t resolved_peer_address
         ) = 0;
 
         /**
diff --git a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
index bb03c2f548..9fef7c4cc8 100644
--- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
+++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
@@ -964,11 +964,12 @@ void GenericSecurityManager::set_mitm_performed(connection_handle_t connection,
 void GenericSecurityManager::on_connected(
     connection_handle_t connection,
     Gap::Role_t role,
-    BLEProtocol::AddressType_t peer_address_type,
+    peer_address_type_t peer_address_type,
     const BLEProtocol::AddressBytes_t peer_address,
     BLEProtocol::AddressType_t local_address_type,
     const BLEProtocol::AddressBytes_t local_address,
-    const Gap::ConnectionParams_t *connection_params
+    const Gap::ConnectionParams_t *connection_params,
+    const BLEProtocol::AddressBytes_t resolved_peer_address
 ) {
     MBED_ASSERT(_db);
     ControlBlock_t *cb = acquire_control_block(connection);
@@ -980,13 +981,20 @@ void GenericSecurityManager::on_connected(
     cb->local_address = local_address;
     cb->is_master = (role == Gap::CENTRAL);
 
+    // normalize the address
+    if (resolved_peer_address && resolved_peer_address != ble::address_t()) {
+        peer_address = resolved_peer_address;
+    }
+
     // get the associated db handle and the distribution flags if any
     cb->db_entry = _db->open_entry(peer_address_type, peer_address);
 
     SecurityDistributionFlags_t* flags = _db->get_distribution_flags(cb->db_entry);
 
     flags->peer_address = peer_address;
-    flags->peer_address_is_public = (peer_address_type == BLEProtocol::AddressType::PUBLIC);
+    flags->peer_address_is_public =
+        (peer_address_type == peer_address_type_t::PUBLIC) ||
+        (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY);
 
     const bool signing = cb->signing_override_default ?
                          cb->signing_requested :