Junichi Katsu
test
Fork of
nRF51822
by 
Lancaster University
source/nRF5xSecurityManager.h@616:a8f9b022d8fd, 2016-04-06 (annotated)
- Committer:
- LancasterUniversity
- Date:
- Wed Apr 06 22:39:17 2016 +0100
- Revision:
- 616:a8f9b022d8fd
- Parent:
- 615:65ea2acfc6a2
Synchronized with git rev 67d0ac73
Author: Joe Finney
microbit: Update to indicate when system attributes require intialisation
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| LancasterUniversity | 615:65ea2acfc6a2 | 1 | /* mbed Microcontroller Library |
| LancasterUniversity | 615:65ea2acfc6a2 | 2 | * Copyright (c) 2006-2013 ARM Limited |
| LancasterUniversity | 615:65ea2acfc6a2 | 3 | * |
| LancasterUniversity | 615:65ea2acfc6a2 | 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| LancasterUniversity | 615:65ea2acfc6a2 | 5 | * you may not use this file except in compliance with the License. |
| LancasterUniversity | 615:65ea2acfc6a2 | 6 | * You may obtain a copy of the License at |
| LancasterUniversity | 615:65ea2acfc6a2 | 7 | * |
| LancasterUniversity | 615:65ea2acfc6a2 | 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| LancasterUniversity | 615:65ea2acfc6a2 | 9 | * |
| LancasterUniversity | 615:65ea2acfc6a2 | 10 | * Unless required by applicable law or agreed to in writing, software |
| LancasterUniversity | 615:65ea2acfc6a2 | 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| LancasterUniversity | 615:65ea2acfc6a2 | 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| LancasterUniversity | 615:65ea2acfc6a2 | 13 | * See the License for the specific language governing permissions and |
| LancasterUniversity | 615:65ea2acfc6a2 | 14 | * limitations under the License. |
| LancasterUniversity | 615:65ea2acfc6a2 | 15 | */ |
| LancasterUniversity | 615:65ea2acfc6a2 | 16 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 17 | #ifndef __NRF51822_SECURITY_MANAGER_H__ |
| LancasterUniversity | 615:65ea2acfc6a2 | 18 | #define __NRF51822_SECURITY_MANAGER_H__ |
| LancasterUniversity | 615:65ea2acfc6a2 | 19 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 20 | #include <stddef.h> |
| LancasterUniversity | 615:65ea2acfc6a2 | 21 | |
| LancasterUniversity | 616:a8f9b022d8fd | 22 | #include "nRF5xGap.h" |
| LancasterUniversity | 615:65ea2acfc6a2 | 23 | #include "ble/SecurityManager.h" |
| LancasterUniversity | 615:65ea2acfc6a2 | 24 | #include "btle_security.h" |
| LancasterUniversity | 615:65ea2acfc6a2 | 25 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 26 | class nRF5xSecurityManager : public SecurityManager |
| LancasterUniversity | 615:65ea2acfc6a2 | 27 | { |
| LancasterUniversity | 615:65ea2acfc6a2 | 28 | public: |
| LancasterUniversity | 615:65ea2acfc6a2 | 29 | /* Functions that must be implemented from SecurityManager */ |
| LancasterUniversity | 615:65ea2acfc6a2 | 30 | virtual ble_error_t init(bool enableBonding, |
| LancasterUniversity | 615:65ea2acfc6a2 | 31 | bool requireMITM, |
| LancasterUniversity | 615:65ea2acfc6a2 | 32 | SecurityIOCapabilities_t iocaps, |
| LancasterUniversity | 615:65ea2acfc6a2 | 33 | const Passkey_t passkey) { |
| LancasterUniversity | 615:65ea2acfc6a2 | 34 | return btle_initializeSecurity(enableBonding, requireMITM, iocaps, passkey); |
| LancasterUniversity | 615:65ea2acfc6a2 | 35 | } |
| LancasterUniversity | 615:65ea2acfc6a2 | 36 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 37 | virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) { |
| LancasterUniversity | 615:65ea2acfc6a2 | 38 | return btle_getLinkSecurity(connectionHandle, securityStatusP); |
| LancasterUniversity | 615:65ea2acfc6a2 | 39 | } |
| LancasterUniversity | 615:65ea2acfc6a2 | 40 | |
| LancasterUniversity | 616:a8f9b022d8fd | 41 | virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) { |
| LancasterUniversity | 616:a8f9b022d8fd | 42 | return btle_setLinkSecurity(connectionHandle, securityMode); |
| LancasterUniversity | 616:a8f9b022d8fd | 43 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 44 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 45 | virtual ble_error_t purgeAllBondingState(void) { |
| LancasterUniversity | 615:65ea2acfc6a2 | 46 | return btle_purgeAllBondingState(); |
| LancasterUniversity | 615:65ea2acfc6a2 | 47 | } |
| LancasterUniversity | 615:65ea2acfc6a2 | 48 | |
| LancasterUniversity | 616:a8f9b022d8fd | 49 | /** |
| LancasterUniversity | 616:a8f9b022d8fd | 50 | * @brief Returns a list of addresses from peers in the stacks bond table. |
| LancasterUniversity | 616:a8f9b022d8fd | 51 | * |
| LancasterUniversity | 616:a8f9b022d8fd | 52 | * @param[in/out] addresses |
| LancasterUniversity | 616:a8f9b022d8fd | 53 | * (on input) @ref Gap::Whitelist_t structure where at |
| LancasterUniversity | 616:a8f9b022d8fd | 54 | * most addresses.capacity addresses from bonded peers will |
| LancasterUniversity | 616:a8f9b022d8fd | 55 | * be stored. |
| LancasterUniversity | 616:a8f9b022d8fd | 56 | * (on output) A copy of the addresses from bonded peers. |
| LancasterUniversity | 616:a8f9b022d8fd | 57 | * |
| LancasterUniversity | 616:a8f9b022d8fd | 58 | * @return |
| LancasterUniversity | 616:a8f9b022d8fd | 59 | * BLE_ERROR_NONE if successful. |
| LancasterUniversity | 616:a8f9b022d8fd | 60 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 61 | virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const { |
| LancasterUniversity | 616:a8f9b022d8fd | 62 | uint8_t i; |
| LancasterUniversity | 616:a8f9b022d8fd | 63 | |
| LancasterUniversity | 616:a8f9b022d8fd | 64 | ble_gap_whitelist_t whitelistFromBondTable; |
| LancasterUniversity | 616:a8f9b022d8fd | 65 | ble_gap_addr_t *addressPtr[YOTTA_CFG_WHITELIST_MAX_SIZE]; |
| LancasterUniversity | 616:a8f9b022d8fd | 66 | ble_gap_irk_t *irkPtr[YOTTA_CFG_IRK_TABLE_MAX_SIZE]; |
| LancasterUniversity | 616:a8f9b022d8fd | 67 | |
| LancasterUniversity | 616:a8f9b022d8fd | 68 | /* Initialize the structure so that we get as many addreses as the whitelist can hold */ |
| LancasterUniversity | 616:a8f9b022d8fd | 69 | whitelistFromBondTable.addr_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE; |
| LancasterUniversity | 616:a8f9b022d8fd | 70 | whitelistFromBondTable.pp_addrs = addressPtr; |
| LancasterUniversity | 616:a8f9b022d8fd | 71 | whitelistFromBondTable.irk_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE; |
| LancasterUniversity | 616:a8f9b022d8fd | 72 | whitelistFromBondTable.pp_irks = irkPtr; |
| LancasterUniversity | 616:a8f9b022d8fd | 73 | |
| LancasterUniversity | 616:a8f9b022d8fd | 74 | ble_error_t error = createWhitelistFromBondTable(whitelistFromBondTable); |
| LancasterUniversity | 616:a8f9b022d8fd | 75 | if (error != BLE_ERROR_NONE) { |
| LancasterUniversity | 616:a8f9b022d8fd | 76 | addresses.size = 0; |
| LancasterUniversity | 616:a8f9b022d8fd | 77 | addresses.bonds = 0; |
| LancasterUniversity | 616:a8f9b022d8fd | 78 | return error; |
| LancasterUniversity | 616:a8f9b022d8fd | 79 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 80 | |
| LancasterUniversity | 616:a8f9b022d8fd | 81 | addresses.bonds = whitelistFromBondTable.irk_count; |
| LancasterUniversity | 616:a8f9b022d8fd | 82 | |
| LancasterUniversity | 616:a8f9b022d8fd | 83 | /* Put all the addresses in the structure */ |
| LancasterUniversity | 616:a8f9b022d8fd | 84 | for (i = 0; i < whitelistFromBondTable.addr_count; ++i) { |
| LancasterUniversity | 616:a8f9b022d8fd | 85 | if (i >= addresses.capacity) { |
| LancasterUniversity | 616:a8f9b022d8fd | 86 | /* Ran out of space in the output Gap::Whitelist_t */ |
| LancasterUniversity | 616:a8f9b022d8fd | 87 | addresses.size = i; |
| LancasterUniversity | 616:a8f9b022d8fd | 88 | return BLE_ERROR_NONE; |
| LancasterUniversity | 616:a8f9b022d8fd | 89 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 90 | memcpy(&addresses.addresses[i], whitelistFromBondTable.pp_addrs[i], sizeof(BLEProtocol::Address_t)); |
| LancasterUniversity | 616:a8f9b022d8fd | 91 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 92 | |
| LancasterUniversity | 616:a8f9b022d8fd | 93 | /* Update the current address count */ |
| LancasterUniversity | 616:a8f9b022d8fd | 94 | addresses.size = i; |
| LancasterUniversity | 616:a8f9b022d8fd | 95 | |
| LancasterUniversity | 616:a8f9b022d8fd | 96 | /* The assumption here is that the underlying implementation of |
| LancasterUniversity | 616:a8f9b022d8fd | 97 | * createWhitelistFromBondTable() will not return the private resolvable |
| LancasterUniversity | 616:a8f9b022d8fd | 98 | * addresses (which is the case in the SoftDevice). Rather it returns the |
| LancasterUniversity | 616:a8f9b022d8fd | 99 | * IRKs, so we need to generate the private resolvable address by ourselves. |
| LancasterUniversity | 616:a8f9b022d8fd | 100 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 101 | for (i = 0; i < whitelistFromBondTable.irk_count; ++i) { |
| LancasterUniversity | 616:a8f9b022d8fd | 102 | if (i + addresses.size >= addresses.capacity) { |
| LancasterUniversity | 616:a8f9b022d8fd | 103 | /* Ran out of space in the output Gap::Whitelist_t */ |
| LancasterUniversity | 616:a8f9b022d8fd | 104 | addresses.size += i; |
| LancasterUniversity | 616:a8f9b022d8fd | 105 | return BLE_ERROR_NONE; |
| LancasterUniversity | 616:a8f9b022d8fd | 106 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 107 | btle_generateResolvableAddress( |
| LancasterUniversity | 616:a8f9b022d8fd | 108 | *whitelistFromBondTable.pp_irks[i], |
| LancasterUniversity | 616:a8f9b022d8fd | 109 | (ble_gap_addr_t &) addresses.addresses[i + addresses.size] |
| LancasterUniversity | 616:a8f9b022d8fd | 110 | ); |
| LancasterUniversity | 616:a8f9b022d8fd | 111 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 112 | |
| LancasterUniversity | 616:a8f9b022d8fd | 113 | /* Update the current address count */ |
| LancasterUniversity | 616:a8f9b022d8fd | 114 | addresses.size += i; |
| LancasterUniversity | 616:a8f9b022d8fd | 115 | |
| LancasterUniversity | 616:a8f9b022d8fd | 116 | return BLE_ERROR_NONE; |
| LancasterUniversity | 616:a8f9b022d8fd | 117 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 118 | |
| LancasterUniversity | 616:a8f9b022d8fd | 119 | /** |
| LancasterUniversity | 616:a8f9b022d8fd | 120 | * @brief Clear nRF5xSecurityManager's state. |
| LancasterUniversity | 616:a8f9b022d8fd | 121 | * |
| LancasterUniversity | 616:a8f9b022d8fd | 122 | * @return |
| LancasterUniversity | 616:a8f9b022d8fd | 123 | * BLE_ERROR_NONE if successful. |
| LancasterUniversity | 616:a8f9b022d8fd | 124 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 125 | virtual ble_error_t reset(void) |
| LancasterUniversity | 616:a8f9b022d8fd | 126 | { |
| LancasterUniversity | 616:a8f9b022d8fd | 127 | if (SecurityManager::reset() != BLE_ERROR_NONE) { |
| LancasterUniversity | 616:a8f9b022d8fd | 128 | return BLE_ERROR_INVALID_STATE; |
| LancasterUniversity | 616:a8f9b022d8fd | 129 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 130 | |
| LancasterUniversity | 616:a8f9b022d8fd | 131 | return BLE_ERROR_NONE; |
| LancasterUniversity | 616:a8f9b022d8fd | 132 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 133 | |
| LancasterUniversity | 616:a8f9b022d8fd | 134 | bool hasInitialized(void) const { |
| LancasterUniversity | 616:a8f9b022d8fd | 135 | return btle_hasInitializedSecurity(); |
| LancasterUniversity | 616:a8f9b022d8fd | 136 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 137 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 138 | public: |
| LancasterUniversity | 616:a8f9b022d8fd | 139 | /* |
| LancasterUniversity | 616:a8f9b022d8fd | 140 | * Allow instantiation from nRF5xn when required. |
| LancasterUniversity | 616:a8f9b022d8fd | 141 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 142 | friend class nRF5xn; |
| LancasterUniversity | 616:a8f9b022d8fd | 143 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 144 | nRF5xSecurityManager() { |
| LancasterUniversity | 615:65ea2acfc6a2 | 145 | /* empty */ |
| LancasterUniversity | 615:65ea2acfc6a2 | 146 | } |
| LancasterUniversity | 615:65ea2acfc6a2 | 147 | |
| LancasterUniversity | 615:65ea2acfc6a2 | 148 | private: |
| LancasterUniversity | 615:65ea2acfc6a2 | 149 | nRF5xSecurityManager(const nRF5xSecurityManager &); |
| LancasterUniversity | 615:65ea2acfc6a2 | 150 | const nRF5xSecurityManager& operator=(const nRF5xSecurityManager &); |
| LancasterUniversity | 616:a8f9b022d8fd | 151 | |
| LancasterUniversity | 616:a8f9b022d8fd | 152 | /* |
| LancasterUniversity | 616:a8f9b022d8fd | 153 | * Expose an interface that allows us to query the SoftDevice bond table |
| LancasterUniversity | 616:a8f9b022d8fd | 154 | * and extract a whitelist. |
| LancasterUniversity | 616:a8f9b022d8fd | 155 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 156 | ble_error_t createWhitelistFromBondTable(ble_gap_whitelist_t &whitelistFromBondTable) const { |
| LancasterUniversity | 616:a8f9b022d8fd | 157 | return btle_createWhitelistFromBondTable(&whitelistFromBondTable); |
| LancasterUniversity | 616:a8f9b022d8fd | 158 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 159 | |
| LancasterUniversity | 616:a8f9b022d8fd | 160 | /* |
| LancasterUniversity | 616:a8f9b022d8fd | 161 | * Given a BLE address and a IRK this function check whether the address |
| LancasterUniversity | 616:a8f9b022d8fd | 162 | * can be generated from the IRK. To do so, this function uses the hash |
| LancasterUniversity | 616:a8f9b022d8fd | 163 | * function and algorithm described in the Bluetooth low Energy |
| LancasterUniversity | 616:a8f9b022d8fd | 164 | * Specification. Internally, Nordic SDK functions are used. |
| LancasterUniversity | 616:a8f9b022d8fd | 165 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 166 | bool matchAddressAndIrk(ble_gap_addr_t *address, ble_gap_irk_t *irk) const { |
| LancasterUniversity | 616:a8f9b022d8fd | 167 | return btle_matchAddressAndIrk(address, irk); |
| LancasterUniversity | 616:a8f9b022d8fd | 168 | } |
| LancasterUniversity | 616:a8f9b022d8fd | 169 | |
| LancasterUniversity | 616:a8f9b022d8fd | 170 | /* |
| LancasterUniversity | 616:a8f9b022d8fd | 171 | * Give nRF5xGap access to createWhitelistFromBondTable() and |
| LancasterUniversity | 616:a8f9b022d8fd | 172 | * matchAddressAndIrk() |
| LancasterUniversity | 616:a8f9b022d8fd | 173 | */ |
| LancasterUniversity | 616:a8f9b022d8fd | 174 | friend class nRF5xGap; |
| LancasterUniversity | 615:65ea2acfc6a2 | 175 | }; |
| LancasterUniversity | 615:65ea2acfc6a2 | 176 | |
| rgrover1 | 388:db85a09c27ef | 177 | #endif // ifndef __NRF51822_SECURITY_MANAGER_H__ |