ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge branch 'palsm' into palsm-interface-improvement

pull/6188/head
Vincent Coubard 2018-01-16 10:23:45 +00:00 committed by GitHub
parent e78840427a b95943b28e
commit d3ca4a9cb3
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 478 additions and 175 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

250
features/FEATURE_BLE/ble/SecurityManager.h
View File

@ -110,6 +110,10 @@ public:
* The following functions are meant to be overridden in the platform-specific sub-class.
*/
public:
////////////////////////////////////////////////////////////////////////////
// SM lifecycle management
//
/**
* Enable the BLE stack's Security Manager. The Security Manager implements
* the actual cryptographic algorithms and protocol exchanges that allow two
@ -139,45 +143,33 @@ public:
}
/**
* @deprecated
* Notify all registered onShutdown callbacks that the SecurityManager is
* about to be shutdown and clear all SecurityManager state of the
* associated object.
*
* Get the security status of a connection.
* This function is meant to be overridden in the platform-specific
* sub-class. Nevertheless, the sub-class is only expected to reset its
* state and not the data held in SecurityManager members. This shall be
* achieved by a call to SecurityManager::reset() from the sub-class'
* reset() implementation.
*
* @param[in] connectionHandle Handle to identify the connection.
* @param[out] securityStatusP Security status.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
* @return BLE_ERROR_NONE on success.
*/
virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
/* Avoid compiler warnings about unused variables. */
(void)connectionHandle;
(void)securityStatusP;
virtual ble_error_t reset(void) {
/* Notify that the instance is about to shutdown */
shutdownCallChain.call(this);
shutdownCallChain.clear();
if (eventHandler != &defaultEventHandler) {
delete eventHandler;
eventHandler = defaultEventHandler;
}
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
return BLE_ERROR_NONE;
}
virtual ble_error_t getLinkSecurity(Gap::Handle_t handle, SecurityMode_t &mode) {
(void) handle;
(void) mode;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
/**
* Set the security mode on a connection. Useful for elevating the security mode
* once certain conditions are met, e.g., a particular service is found.
*
* @param[in] connectionHandle Handle to identify the connection.
* @param[in] securityMode Requested security mode.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
/* Avoid compiler warnings about unused variables. */
(void)connectionHandle;
(void)securityMode;
return BLE_ERROR_NOT_IMPLEMENTED;
}
////////////////////////////////////////////////////////////////////////////
// List management
//
/**
* Delete all peer device context and all related bonding information from
@ -211,21 +203,9 @@ public:
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setPrivateAddressTimeout(uint16_t timeout_in_seconds) {
(void) timeout_in_seconds;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setAuthenticationTimeout(connection_handle_t handle, uint32_t timeout_in_ms) {
(void) handle;
(void) timeout_in_ms;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t getAuthenticationTimeout(connection_handle_t handle, uint32_t *timeout_in_ms) {
(void) handle;
(void) timeout_in_ms;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// Feature support
//
virtual ble_error_t setSecureConnectionsSupport(bool enabled, bool secure_connections_only = false) {
(void) enabled;
@ -239,39 +219,9 @@ public:
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t getEncryptionKeySize(Gap::Handle_t handle, uint8_t *size) {
(void) handle;
(void) size;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t requestPairing(bool authentication_required = true) {
(void) authentication_required;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setPairingRequestAuthorisation(bool required = true) {
(void) required;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t acceptPairingRequest(bool accept = true, bool authentication_required = true) {
(void) authentication_required;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t requestAuthentication() {
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setOOBDataUsage(Gap::Handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = false) {
/* Avoid compiler warnings about unused variables */
(void) connectionHandle;
(void) useOOB;
(void) OOBProvidesMITM;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// Security settings
//
virtual ble_error_t setPinCode(uint8_t pinLength, uint8_t * pinCode, bool isStatic = false) {
(void) pinLength;
@ -283,7 +233,119 @@ public:
virtual ble_error_t setPasskey(const Passkey_t passkey) {
(void) passkey;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setAuthenticationTimeout(connection_handle_t handle, uint32_t timeout_in_ms) {
(void) handle;
(void) timeout_in_ms;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t getAuthenticationTimeout(connection_handle_t handle, uint32_t *timeout_in_ms) {
(void) handle;
(void) timeout_in_ms;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
/**
* Set the security mode on a connection. Useful for elevating the security mode
* once certain conditions are met, e.g., a particular service is found.
*
* @param[in] connectionHandle Handle to identify the connection.
* @param[in] securityMode Requested security mode.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
/* Avoid compiler warnings about unused variables. */
(void)connectionHandle;
(void)securityMode;
return BLE_ERROR_NOT_IMPLEMENTED;
}
virtual ble_error_t getLinkSecurity(Gap::Handle_t handle, SecurityMode_t *securityMode) {
(void) handle;
(void) securityMode;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// Encryption
//
/**
* @deprecated
*
* Get the security status of a connection.
*
* @param[in] connectionHandle Handle to identify the connection.
* @param[out] securityStatusP Security status.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
/* Avoid compiler warnings about unused variables. */
(void)connectionHandle;
(void)securityStatusP;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t getEncryptionKeySize(Gap::Handle_t handle, uint8_t *size) {
(void) handle;
(void) size;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// Privacy
//
virtual ble_error_t setPrivateAddressTimeout(uint16_t timeout_in_seconds) {
(void) timeout_in_seconds;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// Authentication
//
virtual ble_error_t requestPairing(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t acceptPairingRequest(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t canceltPairingRequest(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t requestAuthentication(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
virtual ble_error_t setPairingRequestAuthorisation(bool required = true) {
(void) required;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
////////////////////////////////////////////////////////////////////////////
// MITM
//
virtual ble_error_t setOOBDataUsage(Gap::Handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = false) {
/* Avoid compiler warnings about unused variables */
(void) connectionHandle;
(void) useOOB;
(void) OOBProvidesMITM;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
@ -392,32 +454,8 @@ protected:
}
virtual ~SecurityManager() { };
public:
/**
* Notify all registered onShutdown callbacks that the SecurityManager is
* about to be shutdown and clear all SecurityManager state of the
* associated object.
*
* This function is meant to be overridden in the platform-specific
* sub-class. Nevertheless, the sub-class is only expected to reset its
* state and not the data held in SecurityManager members. This shall be
* achieved by a call to SecurityManager::reset() from the sub-class'
* reset() implementation.
*
* @return BLE_ERROR_NONE on success.
*/
virtual ble_error_t reset(void) {
/* Notify that the instance is about to shutdown */
shutdownCallChain.call(this);
shutdownCallChain.clear();
if (eventHandler != &defaultEventHandler) {
delete eventHandler;
eventHandler = defaultEventHandler;
}
return BLE_ERROR_NONE;
}
/**
* @deprecated
*

3
features/FEATURE_BLE/ble/pal/PalSecurityManager.h
View File

@ -23,7 +23,7 @@
#include "ble/SafeEnum.h"
#include "ble/BLEProtocol.h"
#include "ble/SecurityManager.h"
#include "ble/pal/GapTypes"
#include "ble/pal/GapTypes.h"
namespace ble {
namespace pal {
@ -204,6 +204,7 @@ public:
ediv_t &ediv,
rand_t &rand,
ltk_t &ltk,
irk_t &irk,
csrk_t &csrk
) = 0;

400
features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
View File

@ -20,11 +20,13 @@
#include "SecurityManager.h"
#include "PalSecurityManager.h"
#include "Callback.h"
#include "ble/pal/GapTypes.h"
namespace ble {
namespace generic {
using ble::pal::address_t;
using ble::pal::advertising_peer_address_type_t;
using ble::pal::authentication_t;
using ble::pal::key_distribution_t;
using ble::pal::irk_t;
@ -36,17 +38,26 @@ using SecurityManager::SecurityIOCapabilities_t;
static const uint8_t NUMBER_OFFSET = '0';
/* separate structs to allow db implementation to minimise memory usage */
struct SecurityEntry_t {
connection_handle_t handle;
address_t identity_address;
irk_t irk;
csrk_t csrk;
uint8_t peer_address_is_public:1;
uint8_t mitm_protection:1; /**< does the key provide mitm */
uint8_t is_authenticated:1; /**< have we authenticated during this connection */
uint8_t is_connected:1;
};
struct SecurityEntryKeys_t {
ltk_t ltk;
ediv_t ediv;
rand_t rand;
bool mitm;
bool authenticated;
bool connected;
};
struct SecurityEntryIdentity_t {
irk_t irk;
csrk_t csrk;
};
enum DbCbAction_t {
@ -56,18 +67,31 @@ enum DbCbAction_t {
};
typedef mbed::Callback<DbCbAction_t(SecurityEntry_t&)> SecurityEntryDbCb_t;
typedef mbed::Callback<DbCbAction_t(SecurityEntry_t&, SecurityEntryKeys_t&)> SecurityEntryKeysDbCb_t;
typedef mbed::Callback<DbCbAction_t(SecurityEntry_t&, SecurityEntryIdentity_t&)> SecurityEntryIdentityDbCb_t;
typedef mbed::Callback<DbCbAction_t(Gap::Whitelist_t&)> WhitelistDbCb_t;
class GenericSecurityManagerEventHandler;
class SecurityDb {
public:
SecurityDb() {};
~SecurityDb() {};
void get_entry(SecurityEntryDbCb_t cb, ediv_t ediv, rand_t rand);
void get_entry(SecurityEntryDbCb_t cb, address_t identity_address);
void get_entry(SecurityEntryDbCb_t cb, connection_handle_t handle);
void get_entry(SecurityEntryKeysDbCb_t cb, ediv_t ediv, rand_t rand);
void get_entry(SecurityEntryIdentityDbCb_t cb, address_t identity_address);
void update_entry(SecurityEntry_t&);
void update_entry(connection_handle_t handle,
bool address_is_public,
address_t &peer_address,
ediv_t &ediv,
rand_t &rand,
ltk_t &ltk,
irk_t &irk,
csrk_t &csrk);
void remove_entry(SecurityEntry_t&);
void clear_entries(SecurityEntry_t&);
@ -75,27 +99,36 @@ public:
void update_whitelist(Gap::Whitelist_t&);
void add_whitelist_entry(address_t);
void remove_whitelist_entry(address_t);
void clear_whitelist();
private:
};
class GenericSecurityManagerEventHandler : public ble::pal::SecurityManagerEventHandler {
};
class GenericSecurityManager : public SecurityManager {
class GenericSecurityManager : public SecurityManager,
public ble::pal::SecurityManagerEventHandler {
public:
virtual ble_error_t init(bool enableBonding = true,
bool requireMITM = true,
SecurityIOCapabilities_t initIocaps = IO_CAPS_NONE,
const Passkey_t defaultPasskey = NULL) {
////////////////////////////////////////////////////////////////////////////
// SM lifecycle management
//
ble_error_t init(bool initBondable = true,
bool initMITM = true,
SecurityIOCapabilities_t initIocaps = IO_CAPS_NONE,
const Passkey_t initPasskey = NULL) {
loadState();
bonding = enableBonding;
mitm = requireMITM;
bondable = initBondable;
mitm = initMITM;
iocaps = initIocaps;
passkey = defaultPasskey;
passkey = initPasskey;
return BLE_ERROR_NONE;
}
ble_error_t reset(void) {
saveState();
SecurityManager::reset();
return BLE_ERROR_NONE;
}
@ -112,43 +145,42 @@ public:
}
}
virtual ble_error_t setAuthenticationTimeout(connection_handle_t handle, uint32_t timeout_in_ms) {
return pal.set_authentication_timeout(handle, timeout_in_ms / 10);
}
virtual ble_error_t getAuthenticationTimeout(connection_handle_t handle, uint32_t *timeout_in_ms) {
uint16_t timeout_in_10ms;
ble_error_t status = pal.get_authentication_timeout(handle, timeout_in_10ms);
timeout_in_ms = 10 * timeout_in_10ms;
return status;
}
virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
return pal.get_encryption_status(connectionHandle, *securityStatusP);
}
ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
//return pal.set_security_mode(connectionHandle, securityMode);
}
ble_error_t purgeAllBondingState(void) {
ble::pal::bonded_list_t empty_list = { NULL, 0, 0 };
return pal.clear_bonded_list();
}
ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
return pal.get_whitelist(addresses);
}
ble_error_t setOOBDataUsage(Gap::Handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = false) {
return BLE_ERROR_NONE;
}
ble_error_t preserveBondingStateOnReset(bool enabled) {
saveStateEnabled = enabled;
return BLE_ERROR_NONE;
}
ble_error_t setPinCode(uint8_t pinLength, uint8_t *pinCode, bool isStatic = false) {
////////////////////////////////////////////////////////////////////////////
// List management
//
ble_error_t purgeAllBondingState(void) {
return BLE_ERROR_NOT_IMPLEMENTED;
}
ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
return BLE_ERROR_NOT_IMPLEMENTED;
}
////////////////////////////////////////////////////////////////////////////
// Feature support
//
ble_error_t setSecureConnectionsSupport(bool enabled, bool secure_connections_only = false) {
return pal.set_secure_connections_support(enabled, secure_connections_only);
}
ble_error_t getSecureConnectionsSupport(bool *enabled, bool *secure_connections_only) {
return pal.get_secure_connections_support(*enabled, *secure_connections_only);
}
////////////////////////////////////////////////////////////////////////////
// Security settings
//
ble_error_t setPinCode(uint8_t pinLength, uint8_t *pinCode,
bool isStatic = false) {
return pal.set_pin_code(pinLength, pinCode, isStatic);
}
@ -160,45 +192,277 @@ public:
return pal.set_passkey(passkey);
}
void setSecurityManagerEventHandler(SecurityManagerEventHandler* handler) {
ble_error_t setAuthenticationTimeout(connection_handle_t handle,
uint32_t timeout_in_ms) {
return pal.set_authentication_timeout(handle, timeout_in_ms / 10);
}
ble_error_t getAuthenticationTimeout(connection_handle_t handle,
uint32_t *timeout_in_ms) {
uint16_t timeout_in_10ms;
ble_error_t status = pal.get_authentication_timeout(handle, timeout_in_10ms);
timeout_in_ms = 10 * timeout_in_10ms;
return status;
}
ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle,
SecurityMode_t securityMode) {
return BLE_ERROR_NOT_IMPLEMENTED;
}
ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle,
SecurityMode_t *securityMode) {
return BLE_ERROR_NOT_IMPLEMENTED;
}
////////////////////////////////////////////////////////////////////////////
// Encryption
//
/**
* @deprecated
*
* Get the security status of a connection.
*
* @param[in] connectionHandle Handle to identify the connection.
* @param[out] securityStatusP Security status.
*
* @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
*/
ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
return pal.get_encryption_status(connectionHandle, *securityStatusP);
}
ble_error_t getEncryptionKeySize(Gap::Handle_t handle, uint8_t *size) {
return pal.get_encryption_key_size(handle, *size); //todo this needs event?
}
////////////////////////////////////////////////////////////////////////////
// Privacy
//
virtual ble_error_t setPrivateAddressTimeout(uint16_t timeout_in_seconds) {
return pal.set_private_address_timeout(timeout_in_seconds);
}
////////////////////////////////////////////////////////////////////////////
// Keys
//
DbCbAction_t setLtkCb(SecurityEntry_t& entry, SecurityEntryKeys_t& entryKeys) {
pal.set_ltk(entry.handle, entryKeys.ltk);
return DB_CB_ACTION_UPDATE;
}
////////////////////////////////////////////////////////////////////////////
// Authentication
//
ble_error_t requestPairing(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
ble_error_t acceptPairingRequest(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
ble_error_t canceltPairingRequest(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
ble_error_t requestAuthentication(Gap::Handle_t connectionHandle) {
(void) connectionHandle;
return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
}
ble_error_t setPairingRequestAuthorisation(bool required = true) {
authorisationRequired = required;
return BLE_ERROR_NONE;
}
////////////////////////////////////////////////////////////////////////////
// MITM
//
ble_error_t setOOBDataUsage(Gap::Handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = false) {
return BLE_ERROR_NONE;
}
virtual ble_error_t confirmationEntered(Gap::Handle_t handle, bool confirmation) {
return pal.confirmation_entered(handle, confirmation);
}
virtual ble_error_t passkeyEntered(Gap::Handle_t handle, Passkey_t passkey) {
return pal.passkey_entered(handle, passkey);
}
virtual ble_error_t sendKeypressNotification(Gap::Handle_t handle, Keypress_t keypress) {
return pal.send_keypress_notification(handle, keypress);
}
////////////////////////////////////////////////////////////////////////////
// Event handler
//
void setSecurityManagerEventHandler(::SecurityManagerEventHandler* handler) {
SecurityManager::setSecurityManagerEventHandler(handler);
/* handler is always a valid pointer */
palEventHandler.set_app_event_handler(eventHandler);
if (handler) {
_app_event_handler = handler;
}
}
protected:
GenericSecurityManager(ble::pal::SecurityManager& palImpl) : pal(palImpl), saveStateEnabled(false) {
palEventHandler.set_app_event_handler(&defaultEventHandler);
pal.set_event_handler(&palEventHandler);
}
public:
ble_error_t reset(void) {
saveState();
SecurityManager::reset();
return BLE_ERROR_NONE;
_app_event_handler = &defaultEventHandler;
pal.set_event_handler(this);
}
private:
ble::pal::SecurityManager& pal;
GenericSecurityManagerEventHandler palEventHandler;
bool saveStateEnabled;
SecurityDb db;
SecurityIOCapabilities_t iocaps;
Passkey_t passkey;
bool mitm;
bool bonding;
bool bondable;
bool authorisationRequired;
bool useOob;
authentication_t authentication;
uint8_t minKeySize;
uint8_t maxKeySize;
key_distribution_t initiatorDist;
key_distribution_t responderDist;
/* implements ble::pal::SecurityManagerEventHandler */
public:
void security_setup_initiated(connection_handle_t handle, bool allow_bonding,
bool require_mitm, SecurityIOCapabilities_t iocaps) {
if (_app_event_handler) {
_app_event_handler->securitySetupInitiated(handle, allow_bonding, require_mitm, iocaps);
}
}
void security_setup_completed(connection_handle_t handle,
SecurityManager::SecurityCompletionStatus_t status) {
if (_app_event_handler) {
_app_event_handler->securitySetupCompleted(handle, status);
}
}
void link_secured(connection_handle_t handle, SecurityManager::SecurityMode_t security_mode) {
if (_app_event_handler) {
_app_event_handler->linkSecured(handle, security_mode);
}
}
void security_context_stored(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->securityContextStored(handle);
}
}
void passkey_display(connection_handle_t handle, const SecurityManager::Passkey_t passkey) {
if (_app_event_handler) {
_app_event_handler->passkeyDisplay(handle, passkey);
}
}
void valid_mic_timeout(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->validMicTimeout(handle);
}
}
void link_key_failure(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->linkKeyFailure(handle);
}
}
void keypress_notification(connection_handle_t handle, SecurityManager::Keypress_t keypress) {
if (_app_event_handler) {
_app_event_handler->keypressNotification(handle, keypress);
}
}
void legacy_pariring_oob_request(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->legacyPairingOobRequest(handle);
}
}
void oob_request(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->oobRequest(handle);
}
}
void pin_request(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->pinRequest(handle);
}
}
void passkey_request(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->passkeyRequest(handle);
}
}
void confirmation_request(connection_handle_t handle) {
if (_app_event_handler) {
_app_event_handler->confirmationRequest(handle);
}
}
void accept_pairing_request(connection_handle_t handle,
SecurityIOCapabilities_t iocaps,
bool use_oob,
authentication_t authentication,
uint8_t max_key_size,
key_distribution_t initiator_dist,
key_distribution_t responder_dist) {
if (_app_event_handler && authorisationRequired) {
_app_event_handler->acceptPairingRequest(handle);
}
}
void keys_exchanged(connection_handle_t handle,
advertising_peer_address_type_t peer_address_type,
address_t &peer_address,
ediv_t &ediv,
rand_t &rand,
ltk_t &ltk,
irk_t &irk,
csrk_t &csrk) {
db.update_entry(
handle,
(peer_address_type == advertising_peer_address_type_t::PUBLIC_ADDRESS),
peer_address,
ediv,
rand,
ltk,
irk,
csrk
);
}
void ltk_request(connection_handle_t handle, ediv_t &ediv, rand_t &rand) {
db.get_entry(
mbed::callback(this, &GenericSecurityManager::setLtkCb),
ediv,
rand
);
}
private:
/* handler is always a valid pointer */
::SecurityManagerEventHandler *_app_event_handler;
};
} /* namespace generic */
} /* namespace ble */