Cordio: Update stack and pal to support LE security mode 2 level 2.

features/FEATURE_BLE/targets/TARGET_CORDIO/CordioPalSecurityManager.h

@@ -22,6 +22,7 @@
 #include "wsf_os.h"
 #include "sec_api.h"
 #include "smp_defs.h"
+#include "cfg_stack.h"
 
 namespace ble {
 namespace pal {
@@ -252,6 +253,8 @@ public:
         sign_count_t sign_counter
     );
 
+    virtual ble_error_t remove_peer_csrk(connection_handle_t connection);
+
     ////////////////////////////////////////////////////////////////////////////
     // Authentication
     //
@@ -322,12 +325,15 @@ public:
     static bool sm_handler(const wsfMsgHdr_t* msg);
 
 private:
+    void cleanup_peer_csrks();
+
     bool _use_default_passkey;
     passkey_num_t _default_passkey;
     bool _lesc_keys_generated;
     uint8_t _public_key_x[SEC_ECC_KEY_LEN];
     irk_t _irk;
     csrk_t _csrk;
+    csrk_t* _peer_csrks[DM_CONN_MAX];
 };
 
 } // cordio

features/FEATURE_BLE/targets/TARGET_CORDIO/source/CordioPalSecurityManager.cpp

@@ -33,7 +33,8 @@ CordioSecurityManager::CordioSecurityManager() :
     _use_default_passkey(false),
     _default_passkey(0),
     _lesc_keys_generated(false),
-    _public_key_x()
+    _public_key_x(),
+    _peer_csrks()
 {
 
 }
@@ -53,6 +54,7 @@ ble_error_t CordioSecurityManager::initialize()
     _use_default_passkey = false;
     _default_passkey = 0;
     _lesc_keys_generated = false;
+    memset(_peer_csrks, 0, sizeof(_peer_csrks));
 
 #if 0
     // FIXME: need help from the stack or local calculation
@@ -65,11 +67,13 @@ ble_error_t CordioSecurityManager::initialize()
 
 ble_error_t CordioSecurityManager::terminate()
 {
+    cleanup_peer_csrks();
     return BLE_ERROR_NONE;
 }
 
 ble_error_t CordioSecurityManager::reset()
 {
+    cleanup_peer_csrks();
     initialize();
     return BLE_ERROR_NONE;
 }
@@ -287,9 +291,40 @@ ble_error_t CordioSecurityManager::set_peer_csrk(
     bool authenticated,
     sign_count_t sign_counter
 ) {
-    AttsSetCsrk(connection, const_cast<uint8_t*>(csrk.data()));
-    AttsSetSignCounter(connection, sign_counter);
+    if (connection == 0 || connection > DM_CONN_MAX) {
+        return BLE_ERROR_INVALID_PARAM;
+    }
 
+    size_t connection_index = connection - 1;
+
+    if (_peer_csrks[connection_index]) {
+        *_peer_csrks[connection_index] = csrk;
+    } else {
+        _peer_csrks[connection_index] = new (std::nothrow) csrk_t(csrk);
+        if (_peer_csrks[connection_index] == NULL) {
+            return BLE_ERROR_NO_MEM;
+        }
+    }
+
+    AttsSetCsrk(connection, _peer_csrks[connection_index]->data(), authenticated);
+    AttsSetSignCounter(connection, sign_counter);
+    return BLE_ERROR_NONE;
+}
+
+ble_error_t CordioSecurityManager::remove_peer_csrk(connection_handle_t connection)
+{
+    if (connection == 0 || connection > DM_CONN_MAX) {
+        return BLE_ERROR_INVALID_PARAM;
+    }
+
+    size_t connection_index = connection - 1;
+
+    if (_peer_csrks[connection_index]) {
+        delete _peer_csrks[connection_index];
+        _peer_csrks[connection_index] = NULL;
+    }
+
+    AttsSetCsrk(connection, NULL, false);
     return BLE_ERROR_NONE;
 }
 
@@ -695,6 +730,14 @@ bool CordioSecurityManager::sm_handler(const wsfMsgHdr_t* msg) {
     }
 }
 
+void CordioSecurityManager::cleanup_peer_csrks() {
+    for (size_t i = 0; i < DM_CONN_MAX; ++i) {
+        if (_peer_csrks[i]) {
+            delete _peer_csrks[i];
+            _peer_csrks[i] = NULL;
+        }
+    }
+}
 
 } // cordio
 } // vendor

features/FEATURE_BLE/targets/TARGET_CORDIO/stack/cordio_stack/sw/stack/include/att_api.h

@@ -565,7 +565,7 @@ uint16_t AttsCccEnabled(dmConnId_t connId, uint8_t idx);
  *  \return None.
  */
 /*************************************************************************************************/
-void AttsSetCsrk(dmConnId_t connId, uint8_t *pCsrk);
+void AttsSetCsrk(dmConnId_t connId, uint8_t *pCsrk, bool_t authenticated);
 
 /*************************************************************************************************/
 /*!