Lancaster University / BLE_API

Lancaster University's fork of the mbed BLE API. Lives on github, https://github.com/lancaster-university/BLE_API

Dependents:   microbit-dal microbit-dal microbit-ble-open microbit-dal ... more

Fork of BLE_API by Bluetooth Low Energy

ble/SecurityManager.h@1140:dd2f69fad8c6, 2016-04-06 (annotated)

Committer:
LancasterUniversity
Date:
Wed Apr 06 18:40:40 2016 +0100
Revision:
1140:dd2f69fad8c6
Parent:
1137:290d499dd0e8 
Synchronized with git rev bbc2dc58

Author: Joe Finney

microbit: Additional callback to indicate to applications when System

Attributes require initialisation from persistent storage.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
LancasterUniversity 1131:73c11a85c6d6 1 /* mbed Microcontroller Library
LancasterUniversity 1131:73c11a85c6d6 2 * Copyright (c) 2006-2015 ARM Limited
LancasterUniversity 1131:73c11a85c6d6 3 *
LancasterUniversity 1131:73c11a85c6d6 4 * Licensed under the Apache License, Version 2.0 (the "License");
LancasterUniversity 1131:73c11a85c6d6 5 * you may not use this file except in compliance with the License.
LancasterUniversity 1131:73c11a85c6d6 6 * You may obtain a copy of the License at
LancasterUniversity 1131:73c11a85c6d6 7 *
LancasterUniversity 1131:73c11a85c6d6 8 * http://www.apache.org/licenses/LICENSE-2.0
LancasterUniversity 1131:73c11a85c6d6 9 *
LancasterUniversity 1131:73c11a85c6d6 10 * Unless required by applicable law or agreed to in writing, software
LancasterUniversity 1131:73c11a85c6d6 11 * distributed under the License is distributed on an "AS IS" BASIS,
LancasterUniversity 1131:73c11a85c6d6 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
LancasterUniversity 1131:73c11a85c6d6 13 * See the License for the specific language governing permissions and
LancasterUniversity 1131:73c11a85c6d6 14 * limitations under the License.
LancasterUniversity 1131:73c11a85c6d6 15 */
LancasterUniversity 1131:73c11a85c6d6 16
LancasterUniversity 1131:73c11a85c6d6 17 #ifndef __SECURITY_MANAGER_H__
LancasterUniversity 1131:73c11a85c6d6 18 #define __SECURITY_MANAGER_H__
LancasterUniversity 1131:73c11a85c6d6 19
LancasterUniversity 1131:73c11a85c6d6 20 #include <stdint.h>
LancasterUniversity 1131:73c11a85c6d6 21
LancasterUniversity 1131:73c11a85c6d6 22 #include "Gap.h"
LancasterUniversity 1137:290d499dd0e8 23 #include "CallChainOfFunctionPointersWithContext.h"
LancasterUniversity 1131:73c11a85c6d6 24
LancasterUniversity 1131:73c11a85c6d6 25 class SecurityManager {
LancasterUniversity 1131:73c11a85c6d6 26 public:
LancasterUniversity 1131:73c11a85c6d6 27 enum SecurityMode_t {
LancasterUniversity 1131:73c11a85c6d6 28 SECURITY_MODE_NO_ACCESS,
LancasterUniversity 1131:73c11a85c6d6 29 SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
LancasterUniversity 1131:73c11a85c6d6 30 SECURITY_MODE_ENCRYPTION_NO_MITM, /**< Require encryption, but no MITM protection. */
LancasterUniversity 1131:73c11a85c6d6 31 SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
LancasterUniversity 1131:73c11a85c6d6 32 SECURITY_MODE_SIGNED_NO_MITM, /**< Require signing or encryption, but no MITM protection. */
LancasterUniversity 1131:73c11a85c6d6 33 SECURITY_MODE_SIGNED_WITH_MITM, /**< Require signing or encryption, and MITM protection. */
LancasterUniversity 1131:73c11a85c6d6 34 };
LancasterUniversity 1131:73c11a85c6d6 35
LancasterUniversity 1131:73c11a85c6d6 36 /**
LancasterUniversity 1131:73c11a85c6d6 37 * @brief Defines possible security status or states.
LancasterUniversity 1131:73c11a85c6d6 38 *
LancasterUniversity 1131:73c11a85c6d6 39 * @details Defines possible security status or states of a link when requested by getLinkSecurity().
LancasterUniversity 1131:73c11a85c6d6 40 */
LancasterUniversity 1131:73c11a85c6d6 41 enum LinkSecurityStatus_t {
LancasterUniversity 1131:73c11a85c6d6 42 NOT_ENCRYPTED, /**< The link is not secured. */
LancasterUniversity 1131:73c11a85c6d6 43 ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
LancasterUniversity 1131:73c11a85c6d6 44 ENCRYPTED /**< The link is secure.*/
LancasterUniversity 1131:73c11a85c6d6 45 };
LancasterUniversity 1131:73c11a85c6d6 46
LancasterUniversity 1131:73c11a85c6d6 47 enum SecurityIOCapabilities_t {
LancasterUniversity 1131:73c11a85c6d6 48 IO_CAPS_DISPLAY_ONLY = 0x00, /**< Display only. */
LancasterUniversity 1131:73c11a85c6d6 49 IO_CAPS_DISPLAY_YESNO = 0x01, /**< Display and yes/no entry. */
LancasterUniversity 1131:73c11a85c6d6 50 IO_CAPS_KEYBOARD_ONLY = 0x02, /**< Keyboard only. */
LancasterUniversity 1131:73c11a85c6d6 51 IO_CAPS_NONE = 0x03, /**< No I/O capabilities. */
LancasterUniversity 1131:73c11a85c6d6 52 IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
LancasterUniversity 1131:73c11a85c6d6 53 };
LancasterUniversity 1131:73c11a85c6d6 54
LancasterUniversity 1131:73c11a85c6d6 55 enum SecurityCompletionStatus_t {
LancasterUniversity 1131:73c11a85c6d6 56 SEC_STATUS_SUCCESS = 0x00, /**< Procedure completed with success. */
LancasterUniversity 1131:73c11a85c6d6 57 SEC_STATUS_TIMEOUT = 0x01, /**< Procedure timed out. */
LancasterUniversity 1131:73c11a85c6d6 58 SEC_STATUS_PDU_INVALID = 0x02, /**< Invalid PDU received. */
LancasterUniversity 1131:73c11a85c6d6 59 SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81, /**< Passkey entry failed (user canceled or other). */
LancasterUniversity 1131:73c11a85c6d6 60 SEC_STATUS_OOB_NOT_AVAILABLE = 0x82, /**< Out of Band Key not available. */
LancasterUniversity 1131:73c11a85c6d6 61 SEC_STATUS_AUTH_REQ = 0x83, /**< Authentication requirements not met. */
LancasterUniversity 1131:73c11a85c6d6 62 SEC_STATUS_CONFIRM_VALUE = 0x84, /**< Confirm value failed. */
LancasterUniversity 1131:73c11a85c6d6 63 SEC_STATUS_PAIRING_NOT_SUPP = 0x85, /**< Pairing not supported. */
LancasterUniversity 1131:73c11a85c6d6 64 SEC_STATUS_ENC_KEY_SIZE = 0x86, /**< Encryption key size. */
LancasterUniversity 1131:73c11a85c6d6 65 SEC_STATUS_SMP_CMD_UNSUPPORTED = 0x87, /**< Unsupported SMP command. */
LancasterUniversity 1131:73c11a85c6d6 66 SEC_STATUS_UNSPECIFIED = 0x88, /**< Unspecified reason. */
LancasterUniversity 1131:73c11a85c6d6 67 SEC_STATUS_REPEATED_ATTEMPTS = 0x89, /**< Too little time elapsed since last attempt. */
LancasterUniversity 1131:73c11a85c6d6 68 SEC_STATUS_INVALID_PARAMS = 0x8A, /**< Invalid parameters. */
LancasterUniversity 1131:73c11a85c6d6 69 };
LancasterUniversity 1131:73c11a85c6d6 70
LancasterUniversity 1131:73c11a85c6d6 71 /**
LancasterUniversity 1131:73c11a85c6d6 72 * Declaration of type containing a passkey to be used during pairing. This
LancasterUniversity 1131:73c11a85c6d6 73 * is passed into initializeSecurity() to specify a pre-programmed passkey
LancasterUniversity 1131:73c11a85c6d6 74 * for authentication instead of generating a random one.
LancasterUniversity 1131:73c11a85c6d6 75 */
LancasterUniversity 1131:73c11a85c6d6 76 static const unsigned PASSKEY_LEN = 6;
LancasterUniversity 1131:73c11a85c6d6 77 typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
LancasterUniversity 1131:73c11a85c6d6 78
LancasterUniversity 1131:73c11a85c6d6 79 public:
LancasterUniversity 1131:73c11a85c6d6 80 typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
LancasterUniversity 1131:73c11a85c6d6 81 typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
LancasterUniversity 1131:73c11a85c6d6 82 typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
LancasterUniversity 1131:73c11a85c6d6 83 typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
LancasterUniversity 1131:73c11a85c6d6 84 typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
LancasterUniversity 1131:73c11a85c6d6 85
LancasterUniversity 1137:290d499dd0e8 86 typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
LancasterUniversity 1137:290d499dd0e8 87 typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
LancasterUniversity 1137:290d499dd0e8 88
LancasterUniversity 1131:73c11a85c6d6 89 /*
LancasterUniversity 1131:73c11a85c6d6 90 * The following functions are meant to be overridden in the platform-specific sub-class.
LancasterUniversity 1131:73c11a85c6d6 91 */
LancasterUniversity 1131:73c11a85c6d6 92 public:
LancasterUniversity 1131:73c11a85c6d6 93 /**
LancasterUniversity 1131:73c11a85c6d6 94 * Enable the BLE stack's Security Manager. The Security Manager implements
LancasterUniversity 1131:73c11a85c6d6 95 * the actual cryptographic algorithms and protocol exchanges that allow two
LancasterUniversity 1131:73c11a85c6d6 96 * devices to securely exchange data and privately detect each other.
LancasterUniversity 1131:73c11a85c6d6 97 * Calling this API is a prerequisite for encryption and pairing (bonding).
LancasterUniversity 1131:73c11a85c6d6 98 *
LancasterUniversity 1131:73c11a85c6d6 99 * @param[in] enableBonding Allow for bonding.
LancasterUniversity 1131:73c11a85c6d6 100 * @param[in] requireMITM Require protection for man-in-the-middle attacks.
LancasterUniversity 1131:73c11a85c6d6 101 * @param[in] iocaps To specify the I/O capabilities of this peripheral,
LancasterUniversity 1131:73c11a85c6d6 102 * such as availability of a display or keyboard, to
LancasterUniversity 1131:73c11a85c6d6 103 * support out-of-band exchanges of security data.
LancasterUniversity 1131:73c11a85c6d6 104 * @param[in] passkey To specify a static passkey.
LancasterUniversity 1131:73c11a85c6d6 105 *
LancasterUniversity 1131:73c11a85c6d6 106 * @return BLE_ERROR_NONE on success.
LancasterUniversity 1131:73c11a85c6d6 107 */
LancasterUniversity 1131:73c11a85c6d6 108 virtual ble_error_t init(bool enableBonding = true,
LancasterUniversity 1131:73c11a85c6d6 109 bool requireMITM = true,
LancasterUniversity 1131:73c11a85c6d6 110 SecurityIOCapabilities_t iocaps = IO_CAPS_NONE,
LancasterUniversity 1131:73c11a85c6d6 111 const Passkey_t passkey = NULL) {
LancasterUniversity 1131:73c11a85c6d6 112 /* Avoid compiler warnings about unused variables. */
LancasterUniversity 1131:73c11a85c6d6 113 (void)enableBonding;
LancasterUniversity 1131:73c11a85c6d6 114 (void)requireMITM;
LancasterUniversity 1131:73c11a85c6d6 115 (void)iocaps;
LancasterUniversity 1131:73c11a85c6d6 116 (void)passkey;
LancasterUniversity 1131:73c11a85c6d6 117
LancasterUniversity 1131:73c11a85c6d6 118 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
LancasterUniversity 1131:73c11a85c6d6 119 }
LancasterUniversity 1131:73c11a85c6d6 120
LancasterUniversity 1131:73c11a85c6d6 121 /**
LancasterUniversity 1131:73c11a85c6d6 122 * Get the security status of a connection.
LancasterUniversity 1131:73c11a85c6d6 123 *
LancasterUniversity 1131:73c11a85c6d6 124 * @param[in] connectionHandle Handle to identify the connection.
LancasterUniversity 1131:73c11a85c6d6 125 * @param[out] securityStatusP Security status.
LancasterUniversity 1131:73c11a85c6d6 126 *
LancasterUniversity 1137:290d499dd0e8 127 * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
LancasterUniversity 1131:73c11a85c6d6 128 */
LancasterUniversity 1131:73c11a85c6d6 129 virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
LancasterUniversity 1131:73c11a85c6d6 130 /* Avoid compiler warnings about unused variables. */
LancasterUniversity 1131:73c11a85c6d6 131 (void)connectionHandle;
LancasterUniversity 1131:73c11a85c6d6 132 (void)securityStatusP;
LancasterUniversity 1131:73c11a85c6d6 133
LancasterUniversity 1131:73c11a85c6d6 134 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
LancasterUniversity 1131:73c11a85c6d6 135 }
LancasterUniversity 1131:73c11a85c6d6 136
LancasterUniversity 1131:73c11a85c6d6 137 /**
LancasterUniversity 1137:290d499dd0e8 138 * Set the security mode on a connection. Useful for elevating the security mode
LancasterUniversity 1137:290d499dd0e8 139 * once certain conditions are met, e.g., a particular service is found.
LancasterUniversity 1137:290d499dd0e8 140 *
LancasterUniversity 1137:290d499dd0e8 141 * @param[in] connectionHandle Handle to identify the connection.
LancasterUniversity 1137:290d499dd0e8 142 * @param[in] securityMode Requested security mode.
LancasterUniversity 1137:290d499dd0e8 143 *
LancasterUniversity 1137:290d499dd0e8 144 * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
LancasterUniversity 1137:290d499dd0e8 145 */
LancasterUniversity 1137:290d499dd0e8 146 virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
LancasterUniversity 1137:290d499dd0e8 147 /* Avoid compiler warnings about unused variables. */
LancasterUniversity 1137:290d499dd0e8 148 (void)connectionHandle;
LancasterUniversity 1137:290d499dd0e8 149 (void)securityMode;
LancasterUniversity 1137:290d499dd0e8 150
LancasterUniversity 1137:290d499dd0e8 151 return BLE_ERROR_NOT_IMPLEMENTED;
LancasterUniversity 1137:290d499dd0e8 152 }
LancasterUniversity 1137:290d499dd0e8 153
LancasterUniversity 1137:290d499dd0e8 154 /**
LancasterUniversity 1131:73c11a85c6d6 155 * Delete all peer device context and all related bonding information from
LancasterUniversity 1131:73c11a85c6d6 156 * the database within the security manager.
LancasterUniversity 1131:73c11a85c6d6 157 *
LancasterUniversity 1131:73c11a85c6d6 158 * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
LancasterUniversity 1131:73c11a85c6d6 159 * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
LancasterUniversity 1131:73c11a85c6d6 160 * application registration.
LancasterUniversity 1131:73c11a85c6d6 161 */
LancasterUniversity 1131:73c11a85c6d6 162 virtual ble_error_t purgeAllBondingState(void) {
LancasterUniversity 1131:73c11a85c6d6 163 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
LancasterUniversity 1131:73c11a85c6d6 164 }
LancasterUniversity 1131:73c11a85c6d6 165
LancasterUniversity 1137:290d499dd0e8 166 /**
LancasterUniversity 1137:290d499dd0e8 167 * Get a list of addresses from all peers in the bond table.
LancasterUniversity 1137:290d499dd0e8 168 *
LancasterUniversity 1137:290d499dd0e8 169 * @param[in/out] addresses
LancasterUniversity 1137:290d499dd0e8 170 * (on input) addresses.capacity contains the maximum
LancasterUniversity 1137:290d499dd0e8 171 * number of addresses to be returned.
LancasterUniversity 1137:290d499dd0e8 172 * (on output) The populated table with copies of the
LancasterUniversity 1137:290d499dd0e8 173 * addresses in the implementation's whitelist.
LancasterUniversity 1137:290d499dd0e8 174 *
LancasterUniversity 1137:290d499dd0e8 175 * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
LancasterUniversity 1137:290d499dd0e8 176 * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
LancasterUniversity 1137:290d499dd0e8 177 * application registration.
LancasterUniversity 1137:290d499dd0e8 178 *
LancasterUniversity 1137:290d499dd0e8 179 * @experimental
LancasterUniversity 1137:290d499dd0e8 180 */
LancasterUniversity 1137:290d499dd0e8 181 virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
LancasterUniversity 1137:290d499dd0e8 182 /* Avoid compiler warnings about unused variables */
LancasterUniversity 1137:290d499dd0e8 183 (void) addresses;
LancasterUniversity 1137:290d499dd0e8 184
LancasterUniversity 1137:290d499dd0e8 185 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
LancasterUniversity 1137:290d499dd0e8 186 }
LancasterUniversity 1137:290d499dd0e8 187
LancasterUniversity 1131:73c11a85c6d6 188 /* Event callback handlers. */
LancasterUniversity 1131:73c11a85c6d6 189 public:
LancasterUniversity 1131:73c11a85c6d6 190 /**
LancasterUniversity 1137:290d499dd0e8 191 * Setup a callback to be invoked to notify the user application that the
LancasterUniversity 1137:290d499dd0e8 192 * SecurityManager instance is about to shutdown (possibly as a result of a call
LancasterUniversity 1137:290d499dd0e8 193 * to BLE::shutdown()).
LancasterUniversity 1137:290d499dd0e8 194 *
LancasterUniversity 1137:290d499dd0e8 195 * @Note: It is possible to chain together multiple onShutdown callbacks
LancasterUniversity 1137:290d499dd0e8 196 * (potentially from different modules of an application) to be notified
LancasterUniversity 1137:290d499dd0e8 197 * before the SecurityManager is shutdown.
LancasterUniversity 1137:290d499dd0e8 198 *
LancasterUniversity 1137:290d499dd0e8 199 * @Note: It is also possible to set up a callback into a member function of
LancasterUniversity 1137:290d499dd0e8 200 * some object.
LancasterUniversity 1137:290d499dd0e8 201 *
LancasterUniversity 1137:290d499dd0e8 202 * @Note It is possible to unregister a callback using onShutdown().detach(callback)
LancasterUniversity 1137:290d499dd0e8 203 */
LancasterUniversity 1137:290d499dd0e8 204 void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
LancasterUniversity 1137:290d499dd0e8 205 shutdownCallChain.add(callback);
LancasterUniversity 1137:290d499dd0e8 206 }
LancasterUniversity 1137:290d499dd0e8 207 template <typename T>
LancasterUniversity 1137:290d499dd0e8 208 void onShutdown(T *objPtr, void (T::*memberPtr)(void)) {
LancasterUniversity 1137:290d499dd0e8 209 shutdownCallChain.add(objPtr, memberPtr);
LancasterUniversity 1137:290d499dd0e8 210 }
LancasterUniversity 1137:290d499dd0e8 211
LancasterUniversity 1137:290d499dd0e8 212 /**
LancasterUniversity 1137:290d499dd0e8 213 * @brief provide access to the callchain of shutdown event callbacks
LancasterUniversity 1137:290d499dd0e8 214 * It is possible to register callbacks using onShutdown().add(callback);
LancasterUniversity 1137:290d499dd0e8 215 * It is possible to unregister callbacks using onShutdown().detach(callback)
LancasterUniversity 1137:290d499dd0e8 216 * @return The shutdown event callbacks chain
LancasterUniversity 1137:290d499dd0e8 217 */
LancasterUniversity 1137:290d499dd0e8 218 SecurityManagerShutdownCallbackChain_t& onShutdown() {
LancasterUniversity 1137:290d499dd0e8 219 return shutdownCallChain;
LancasterUniversity 1137:290d499dd0e8 220 }
LancasterUniversity 1137:290d499dd0e8 221
LancasterUniversity 1137:290d499dd0e8 222 /**
LancasterUniversity 1131:73c11a85c6d6 223 * To indicate that a security procedure for the link has started.
LancasterUniversity 1131:73c11a85c6d6 224 */
LancasterUniversity 1131:73c11a85c6d6 225 virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
LancasterUniversity 1131:73c11a85c6d6 226
LancasterUniversity 1131:73c11a85c6d6 227 /**
LancasterUniversity 1131:73c11a85c6d6 228 * To indicate that the security procedure for the link has completed.
LancasterUniversity 1131:73c11a85c6d6 229 */
LancasterUniversity 1131:73c11a85c6d6 230 virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
LancasterUniversity 1131:73c11a85c6d6 231
LancasterUniversity 1131:73c11a85c6d6 232 /**
LancasterUniversity 1131:73c11a85c6d6 233 * To indicate that the link with the peer is secured. For bonded devices,
LancasterUniversity 1131:73c11a85c6d6 234 * subsequent reconnections with a bonded peer will result only in this callback
LancasterUniversity 1131:73c11a85c6d6 235 * when the link is secured; setup procedures will not occur (unless the
LancasterUniversity 1131:73c11a85c6d6 236 * bonding information is either lost or deleted on either or both sides).
LancasterUniversity 1131:73c11a85c6d6 237 */
LancasterUniversity 1131:73c11a85c6d6 238 virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
LancasterUniversity 1131:73c11a85c6d6 239
LancasterUniversity 1131:73c11a85c6d6 240 /**
LancasterUniversity 1131:73c11a85c6d6 241 * To indicate that device context is stored persistently.
LancasterUniversity 1131:73c11a85c6d6 242 */
LancasterUniversity 1131:73c11a85c6d6 243 virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
LancasterUniversity 1131:73c11a85c6d6 244
LancasterUniversity 1131:73c11a85c6d6 245 /**
LancasterUniversity 1131:73c11a85c6d6 246 * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
LancasterUniversity 1131:73c11a85c6d6 247 */
LancasterUniversity 1131:73c11a85c6d6 248 virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
LancasterUniversity 1131:73c11a85c6d6 249
LancasterUniversity 1131:73c11a85c6d6 250 /* Entry points for the underlying stack to report events back to the user. */
LancasterUniversity 1131:73c11a85c6d6 251 public:
LancasterUniversity 1131:73c11a85c6d6 252 void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
LancasterUniversity 1131:73c11a85c6d6 253 if (securitySetupInitiatedCallback) {
LancasterUniversity 1131:73c11a85c6d6 254 securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
LancasterUniversity 1131:73c11a85c6d6 255 }
LancasterUniversity 1131:73c11a85c6d6 256 }
LancasterUniversity 1131:73c11a85c6d6 257
LancasterUniversity 1131:73c11a85c6d6 258 void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
LancasterUniversity 1131:73c11a85c6d6 259 if (securitySetupCompletedCallback) {
LancasterUniversity 1131:73c11a85c6d6 260 securitySetupCompletedCallback(handle, status);
LancasterUniversity 1131:73c11a85c6d6 261 }
LancasterUniversity 1131:73c11a85c6d6 262 }
LancasterUniversity 1131:73c11a85c6d6 263
LancasterUniversity 1131:73c11a85c6d6 264 void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
LancasterUniversity 1131:73c11a85c6d6 265 if (linkSecuredCallback) {
LancasterUniversity 1131:73c11a85c6d6 266 linkSecuredCallback(handle, securityMode);
LancasterUniversity 1131:73c11a85c6d6 267 }
LancasterUniversity 1131:73c11a85c6d6 268 }
LancasterUniversity 1131:73c11a85c6d6 269
LancasterUniversity 1131:73c11a85c6d6 270 void processSecurityContextStoredEvent(Gap::Handle_t handle) {
LancasterUniversity 1131:73c11a85c6d6 271 if (securityContextStoredCallback) {
LancasterUniversity 1131:73c11a85c6d6 272 securityContextStoredCallback(handle);
LancasterUniversity 1131:73c11a85c6d6 273 }
LancasterUniversity 1131:73c11a85c6d6 274 }
LancasterUniversity 1131:73c11a85c6d6 275
LancasterUniversity 1131:73c11a85c6d6 276 void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
LancasterUniversity 1131:73c11a85c6d6 277 if (passkeyDisplayCallback) {
LancasterUniversity 1131:73c11a85c6d6 278 passkeyDisplayCallback(handle, passkey);
LancasterUniversity 1131:73c11a85c6d6 279 }
LancasterUniversity 1131:73c11a85c6d6 280 }
LancasterUniversity 1131:73c11a85c6d6 281
LancasterUniversity 1131:73c11a85c6d6 282 protected:
LancasterUniversity 1131:73c11a85c6d6 283 SecurityManager() :
LancasterUniversity 1131:73c11a85c6d6 284 securitySetupInitiatedCallback(),
LancasterUniversity 1131:73c11a85c6d6 285 securitySetupCompletedCallback(),
LancasterUniversity 1131:73c11a85c6d6 286 linkSecuredCallback(),
LancasterUniversity 1131:73c11a85c6d6 287 securityContextStoredCallback(),
LancasterUniversity 1131:73c11a85c6d6 288 passkeyDisplayCallback() {
LancasterUniversity 1131:73c11a85c6d6 289 /* empty */
LancasterUniversity 1131:73c11a85c6d6 290 }
LancasterUniversity 1131:73c11a85c6d6 291
LancasterUniversity 1137:290d499dd0e8 292 public:
LancasterUniversity 1137:290d499dd0e8 293 /**
LancasterUniversity 1137:290d499dd0e8 294 * Notify all registered onShutdown callbacks that the SecurityManager is
LancasterUniversity 1137:290d499dd0e8 295 * about to be shutdown and clear all SecurityManager state of the
LancasterUniversity 1137:290d499dd0e8 296 * associated object.
LancasterUniversity 1137:290d499dd0e8 297 *
LancasterUniversity 1137:290d499dd0e8 298 * This function is meant to be overridden in the platform-specific
LancasterUniversity 1137:290d499dd0e8 299 * sub-class. Nevertheless, the sub-class is only expected to reset its
LancasterUniversity 1137:290d499dd0e8 300 * state and not the data held in SecurityManager members. This shall be
LancasterUniversity 1137:290d499dd0e8 301 * achieved by a call to SecurityManager::reset() from the sub-class'
LancasterUniversity 1137:290d499dd0e8 302 * reset() implementation.
LancasterUniversity 1137:290d499dd0e8 303 *
LancasterUniversity 1137:290d499dd0e8 304 * @return BLE_ERROR_NONE on success.
LancasterUniversity 1137:290d499dd0e8 305 */
LancasterUniversity 1137:290d499dd0e8 306 virtual ble_error_t reset(void) {
LancasterUniversity 1137:290d499dd0e8 307 /* Notify that the instance is about to shutdown */
LancasterUniversity 1137:290d499dd0e8 308 shutdownCallChain.call(this);
LancasterUniversity 1137:290d499dd0e8 309 shutdownCallChain.clear();
LancasterUniversity 1137:290d499dd0e8 310
LancasterUniversity 1137:290d499dd0e8 311 securitySetupInitiatedCallback = NULL;
LancasterUniversity 1137:290d499dd0e8 312 securitySetupCompletedCallback = NULL;
LancasterUniversity 1137:290d499dd0e8 313 linkSecuredCallback = NULL;
LancasterUniversity 1137:290d499dd0e8 314 securityContextStoredCallback = NULL;
LancasterUniversity 1137:290d499dd0e8 315 passkeyDisplayCallback = NULL;
LancasterUniversity 1137:290d499dd0e8 316
LancasterUniversity 1137:290d499dd0e8 317 return BLE_ERROR_NONE;
LancasterUniversity 1137:290d499dd0e8 318 }
LancasterUniversity 1137:290d499dd0e8 319
LancasterUniversity 1131:73c11a85c6d6 320 protected:
LancasterUniversity 1131:73c11a85c6d6 321 SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
LancasterUniversity 1131:73c11a85c6d6 322 SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
LancasterUniversity 1131:73c11a85c6d6 323 LinkSecuredCallback_t linkSecuredCallback;
LancasterUniversity 1131:73c11a85c6d6 324 HandleSpecificEvent_t securityContextStoredCallback;
LancasterUniversity 1131:73c11a85c6d6 325 PasskeyDisplayCallback_t passkeyDisplayCallback;
LancasterUniversity 1137:290d499dd0e8 326
LancasterUniversity 1137:290d499dd0e8 327 private:
LancasterUniversity 1137:290d499dd0e8 328 SecurityManagerShutdownCallbackChain_t shutdownCallChain;
LancasterUniversity 1131:73c11a85c6d6 329 };
LancasterUniversity 1131:73c11a85c6d6 330
rgrover1 716:11b41f651697 331 #endif /*__SECURITY_MANAGER_H__*/