BLE Security Manager API Improvements

06 Nov 2019

After reviewing the BLE Security Manager API a bit more in detail for this this PR, I feel that there are some improvements that could be made to make it more flexible for advanced users.

For one:

Currently, the BLE SM only gives users the option of using a volatile, RAM-based Security Database or a file-based one that relies on Mbed's filesystem and C retargeting APIs. While this may be appropriate for most users, it would be nice to be able to give the security manager a customized SecurityDatabase subclass. This could allow for applications that want to take care of caching security information and write it to a secure, non-volatile location periodically. The file I/O implementation, while convenient, does not provide as much control over the sensitive security info or any guarantees that it has been written to flash (such is the caveat of OS-managed file I/O)

You need to log in to post a reply