Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Fork of nRF51822 by
nRF5xSecurityManager.h
00001 /* mbed Microcontroller Library 00002 * Copyright (c) 2006-2013 ARM Limited 00003 * 00004 * Licensed under the Apache License, Version 2.0 (the "License"); 00005 * you may not use this file except in compliance with the License. 00006 * You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 */ 00016 00017 #ifndef __NRF51822_SECURITY_MANAGER_H__ 00018 #define __NRF51822_SECURITY_MANAGER_H__ 00019 00020 #include <stddef.h> 00021 00022 #include "nRF5xGap.h" 00023 #include "ble/SecurityManager.h" 00024 #include "btle_security.h" 00025 00026 class nRF5xSecurityManager : public SecurityManager 00027 { 00028 public: 00029 /* Functions that must be implemented from SecurityManager */ 00030 virtual ble_error_t init(bool enableBonding, 00031 bool requireMITM, 00032 SecurityIOCapabilities_t iocaps, 00033 const Passkey_t passkey) { 00034 return btle_initializeSecurity(enableBonding, requireMITM, iocaps, passkey); 00035 } 00036 00037 virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) { 00038 return btle_getLinkSecurity(connectionHandle, securityStatusP); 00039 } 00040 00041 virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) { 00042 return btle_setLinkSecurity(connectionHandle, securityMode); 00043 } 00044 00045 virtual ble_error_t purgeAllBondingState(void) { 00046 return btle_purgeAllBondingState(); 00047 } 00048 00049 /** 00050 * @brief Returns a list of addresses from peers in the stacks bond table. 00051 * 00052 * @param[in/out] addresses 00053 * (on input) @ref Gap::Whitelist_t structure where at 00054 * most addresses.capacity addresses from bonded peers will 00055 * be stored. 00056 * (on output) A copy of the addresses from bonded peers. 00057 * 00058 * @return 00059 * BLE_ERROR_NONE if successful. 00060 */ 00061 virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const { 00062 uint8_t i; 00063 00064 ble_gap_whitelist_t whitelistFromBondTable; 00065 ble_gap_addr_t *addressPtr[YOTTA_CFG_WHITELIST_MAX_SIZE]; 00066 ble_gap_irk_t *irkPtr[YOTTA_CFG_IRK_TABLE_MAX_SIZE]; 00067 00068 /* Initialize the structure so that we get as many addreses as the whitelist can hold */ 00069 whitelistFromBondTable.addr_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE; 00070 whitelistFromBondTable.pp_addrs = addressPtr; 00071 whitelistFromBondTable.irk_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE; 00072 whitelistFromBondTable.pp_irks = irkPtr; 00073 00074 ble_error_t error = createWhitelistFromBondTable(whitelistFromBondTable); 00075 if (error != BLE_ERROR_NONE) { 00076 addresses.size = 0; 00077 addresses.bonds = 0; 00078 return error; 00079 } 00080 00081 addresses.bonds = whitelistFromBondTable.irk_count; 00082 00083 /* Put all the addresses in the structure */ 00084 for (i = 0; i < whitelistFromBondTable.addr_count; ++i) { 00085 if (i >= addresses.capacity) { 00086 /* Ran out of space in the output Gap::Whitelist_t */ 00087 addresses.size = i; 00088 return BLE_ERROR_NONE; 00089 } 00090 memcpy(&addresses.addresses[i], whitelistFromBondTable.pp_addrs[i], sizeof(BLEProtocol::Address_t)); 00091 } 00092 00093 /* Update the current address count */ 00094 addresses.size = i; 00095 00096 /* The assumption here is that the underlying implementation of 00097 * createWhitelistFromBondTable() will not return the private resolvable 00098 * addresses (which is the case in the SoftDevice). Rather it returns the 00099 * IRKs, so we need to generate the private resolvable address by ourselves. 00100 */ 00101 for (i = 0; i < whitelistFromBondTable.irk_count; ++i) { 00102 if (i + addresses.size >= addresses.capacity) { 00103 /* Ran out of space in the output Gap::Whitelist_t */ 00104 addresses.size += i; 00105 return BLE_ERROR_NONE; 00106 } 00107 btle_generateResolvableAddress( 00108 *whitelistFromBondTable.pp_irks[i], 00109 (ble_gap_addr_t &) addresses.addresses[i + addresses.size] 00110 ); 00111 } 00112 00113 /* Update the current address count */ 00114 addresses.size += i; 00115 00116 return BLE_ERROR_NONE; 00117 } 00118 00119 /** 00120 * @brief Clear nRF5xSecurityManager's state. 00121 * 00122 * @return 00123 * BLE_ERROR_NONE if successful. 00124 */ 00125 virtual ble_error_t reset(void) 00126 { 00127 if (SecurityManager::reset() != BLE_ERROR_NONE) { 00128 return BLE_ERROR_INVALID_STATE; 00129 } 00130 00131 return BLE_ERROR_NONE; 00132 } 00133 00134 bool hasInitialized(void) const { 00135 return btle_hasInitializedSecurity(); 00136 } 00137 00138 public: 00139 /* 00140 * Allow instantiation from nRF5xn when required. 00141 */ 00142 friend class nRF5xn; 00143 00144 nRF5xSecurityManager() { 00145 /* empty */ 00146 } 00147 00148 private: 00149 nRF5xSecurityManager(const nRF5xSecurityManager &); 00150 const nRF5xSecurityManager& operator=(const nRF5xSecurityManager &); 00151 00152 /* 00153 * Expose an interface that allows us to query the SoftDevice bond table 00154 * and extract a whitelist. 00155 */ 00156 ble_error_t createWhitelistFromBondTable(ble_gap_whitelist_t &whitelistFromBondTable) const { 00157 return btle_createWhitelistFromBondTable(&whitelistFromBondTable); 00158 } 00159 00160 /* 00161 * Given a BLE address and a IRK this function check whether the address 00162 * can be generated from the IRK. To do so, this function uses the hash 00163 * function and algorithm described in the Bluetooth low Energy 00164 * Specification. Internally, Nordic SDK functions are used. 00165 */ 00166 bool matchAddressAndIrk(ble_gap_addr_t *address, ble_gap_irk_t *irk) const { 00167 return btle_matchAddressAndIrk(address, irk); 00168 } 00169 00170 /* 00171 * Give nRF5xGap access to createWhitelistFromBondTable() and 00172 * matchAddressAndIrk() 00173 */ 00174 friend class nRF5xGap; 00175 }; 00176 00177 #endif // ifndef __NRF51822_SECURITY_MANAGER_H__
Generated on Fri Jul 15 2022 12:51:28 by
