config changes

Fork of nRF51822 by Nordic Semiconductor

Committer:
Vincent Coubard
Date:
Wed Sep 14 14:39:43 2016 +0100
Revision:
638:c90ae1400bf2
Sync with bdab10dc0f90748b6989c8b577771bb403ca6bd8 from ARMmbed/mbed-os.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
Vincent Coubard 638:c90ae1400bf2 1 /* mbed Microcontroller Library
Vincent Coubard 638:c90ae1400bf2 2 * Copyright (c) 2006-2013 ARM Limited
Vincent Coubard 638:c90ae1400bf2 3 *
Vincent Coubard 638:c90ae1400bf2 4 * Licensed under the Apache License, Version 2.0 (the "License");
Vincent Coubard 638:c90ae1400bf2 5 * you may not use this file except in compliance with the License.
Vincent Coubard 638:c90ae1400bf2 6 * You may obtain a copy of the License at
Vincent Coubard 638:c90ae1400bf2 7 *
Vincent Coubard 638:c90ae1400bf2 8 * http://www.apache.org/licenses/LICENSE-2.0
Vincent Coubard 638:c90ae1400bf2 9 *
Vincent Coubard 638:c90ae1400bf2 10 * Unless required by applicable law or agreed to in writing, software
Vincent Coubard 638:c90ae1400bf2 11 * distributed under the License is distributed on an "AS IS" BASIS,
Vincent Coubard 638:c90ae1400bf2 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Vincent Coubard 638:c90ae1400bf2 13 * See the License for the specific language governing permissions and
Vincent Coubard 638:c90ae1400bf2 14 * limitations under the License.
Vincent Coubard 638:c90ae1400bf2 15 */
Vincent Coubard 638:c90ae1400bf2 16
Vincent Coubard 638:c90ae1400bf2 17 #include "btle.h"
Vincent Coubard 638:c90ae1400bf2 18
Vincent Coubard 638:c90ae1400bf2 19 #include "nRF5xn.h"
Vincent Coubard 638:c90ae1400bf2 20
Vincent Coubard 638:c90ae1400bf2 21 extern "C" {
Vincent Coubard 638:c90ae1400bf2 22 #include "pstorage.h"
Vincent Coubard 638:c90ae1400bf2 23 #include "device_manager.h"
Vincent Coubard 638:c90ae1400bf2 24 #include "id_manager.h"
Vincent Coubard 638:c90ae1400bf2 25 }
Vincent Coubard 638:c90ae1400bf2 26
Vincent Coubard 638:c90ae1400bf2 27 #include "btle_security.h"
Vincent Coubard 638:c90ae1400bf2 28
Vincent Coubard 638:c90ae1400bf2 29 static dm_application_instance_t applicationInstance;
Vincent Coubard 638:c90ae1400bf2 30 static bool initialized = false;
Vincent Coubard 638:c90ae1400bf2 31 static ret_code_t dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t event_result);
Vincent Coubard 638:c90ae1400bf2 32
Vincent Coubard 638:c90ae1400bf2 33 // default security parameters. Avoid "holes" between member assigments in order to compile by gcc++11.
Vincent Coubard 638:c90ae1400bf2 34 static ble_gap_sec_params_t securityParameters = {
Vincent Coubard 638:c90ae1400bf2 35 .bond = true, /**< Perform bonding. */
Vincent Coubard 638:c90ae1400bf2 36 .mitm = true, /**< Man In The Middle protection required. */
Vincent Coubard 638:c90ae1400bf2 37 .lesc = false, /**< Enable LE Secure Connection pairing. */
Vincent Coubard 638:c90ae1400bf2 38 .keypress = false, /**< Enable generation of keypress notifications. */
Vincent Coubard 638:c90ae1400bf2 39 .io_caps = SecurityManager::IO_CAPS_NONE, /**< IO capabilities, see @ref BLE_GAP_IO_CAPS. */
Vincent Coubard 638:c90ae1400bf2 40 .oob = 0, /**< Out Of Band data available. */
Vincent Coubard 638:c90ae1400bf2 41 .min_key_size = 16, /**< Minimum encryption key size in octets between 7 and 16. If 0 then not applicable in this instance. */
Vincent Coubard 638:c90ae1400bf2 42 .max_key_size = 16, /**< Maximum encryption key size in octets between min_key_size and 16. */
Vincent Coubard 638:c90ae1400bf2 43 .kdist_own = {
Vincent Coubard 638:c90ae1400bf2 44 .enc = 0, /**< Long Term Key and Master Identification. */
Vincent Coubard 638:c90ae1400bf2 45 .id = 0, /**< Identity Resolving Key and Identity Address Information. */
Vincent Coubard 638:c90ae1400bf2 46 .sign = 0, /**< Connection Signature Resolving Key. */
Vincent Coubard 638:c90ae1400bf2 47 .link = 0 /**< Derive the Link Key from the LTK. */
Vincent Coubard 638:c90ae1400bf2 48 }, /**< Key distribution bitmap: keys that the local device will distribute. */
Vincent Coubard 638:c90ae1400bf2 49 .kdist_peer = {
Vincent Coubard 638:c90ae1400bf2 50 .enc = 1, /**< Long Term Key and Master Identification. */
Vincent Coubard 638:c90ae1400bf2 51 .id = 1, /**< Identity Resolving Key and Identity Address Information. */
Vincent Coubard 638:c90ae1400bf2 52 .sign = 1, /**< Connection Signature Resolving Key. */
Vincent Coubard 638:c90ae1400bf2 53 .link = 0 /**< Derive the Link Key from the LTK. */
Vincent Coubard 638:c90ae1400bf2 54 } /**< Key distribution bitmap: keys that the peripheral device will distribute. */
Vincent Coubard 638:c90ae1400bf2 55 };
Vincent Coubard 638:c90ae1400bf2 56
Vincent Coubard 638:c90ae1400bf2 57 bool
Vincent Coubard 638:c90ae1400bf2 58 btle_hasInitializedSecurity(void)
Vincent Coubard 638:c90ae1400bf2 59 {
Vincent Coubard 638:c90ae1400bf2 60 return initialized;
Vincent Coubard 638:c90ae1400bf2 61 }
Vincent Coubard 638:c90ae1400bf2 62
Vincent Coubard 638:c90ae1400bf2 63 ble_error_t
Vincent Coubard 638:c90ae1400bf2 64 btle_initializeSecurity(bool enableBonding,
Vincent Coubard 638:c90ae1400bf2 65 bool requireMITM,
Vincent Coubard 638:c90ae1400bf2 66 SecurityManager::SecurityIOCapabilities_t iocaps,
Vincent Coubard 638:c90ae1400bf2 67 const SecurityManager::Passkey_t passkey)
Vincent Coubard 638:c90ae1400bf2 68 {
Vincent Coubard 638:c90ae1400bf2 69 /* guard against multiple initializations */
Vincent Coubard 638:c90ae1400bf2 70 if (initialized) {
Vincent Coubard 638:c90ae1400bf2 71 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 72 }
Vincent Coubard 638:c90ae1400bf2 73
Vincent Coubard 638:c90ae1400bf2 74 if (pstorage_init() != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 75 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 76 }
Vincent Coubard 638:c90ae1400bf2 77
Vincent Coubard 638:c90ae1400bf2 78 ret_code_t rc;
Vincent Coubard 638:c90ae1400bf2 79 if (passkey) {
Vincent Coubard 638:c90ae1400bf2 80 ble_opt_t opts;
Vincent Coubard 638:c90ae1400bf2 81 opts.gap_opt.passkey.p_passkey = const_cast<uint8_t *>(passkey);
Vincent Coubard 638:c90ae1400bf2 82 if ((rc = sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &opts)) != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 83 switch (rc) {
Vincent Coubard 638:c90ae1400bf2 84 case BLE_ERROR_INVALID_CONN_HANDLE:
Vincent Coubard 638:c90ae1400bf2 85 case NRF_ERROR_INVALID_ADDR:
Vincent Coubard 638:c90ae1400bf2 86 case NRF_ERROR_INVALID_PARAM:
Vincent Coubard 638:c90ae1400bf2 87 default:
Vincent Coubard 638:c90ae1400bf2 88 return BLE_ERROR_INVALID_PARAM;
Vincent Coubard 638:c90ae1400bf2 89 case NRF_ERROR_INVALID_STATE:
Vincent Coubard 638:c90ae1400bf2 90 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 91 case NRF_ERROR_BUSY:
Vincent Coubard 638:c90ae1400bf2 92 return BLE_STACK_BUSY;
Vincent Coubard 638:c90ae1400bf2 93 }
Vincent Coubard 638:c90ae1400bf2 94 }
Vincent Coubard 638:c90ae1400bf2 95 }
Vincent Coubard 638:c90ae1400bf2 96
Vincent Coubard 638:c90ae1400bf2 97 dm_init_param_t dm_init_param = {
Vincent Coubard 638:c90ae1400bf2 98 .clear_persistent_data = false /* Set to true in case the module should clear all persistent data. */
Vincent Coubard 638:c90ae1400bf2 99 };
Vincent Coubard 638:c90ae1400bf2 100 if (dm_init(&dm_init_param) != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 101 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 102 }
Vincent Coubard 638:c90ae1400bf2 103
Vincent Coubard 638:c90ae1400bf2 104 // update default security parameters with function call parameters
Vincent Coubard 638:c90ae1400bf2 105 securityParameters.bond = enableBonding;
Vincent Coubard 638:c90ae1400bf2 106 securityParameters.mitm = requireMITM;
Vincent Coubard 638:c90ae1400bf2 107 securityParameters.io_caps = iocaps;
Vincent Coubard 638:c90ae1400bf2 108
Vincent Coubard 638:c90ae1400bf2 109 const dm_application_param_t dm_param = {
Vincent Coubard 638:c90ae1400bf2 110 .evt_handler = dm_handler,
Vincent Coubard 638:c90ae1400bf2 111 .service_type = DM_PROTOCOL_CNTXT_GATT_CLI_ID,
Vincent Coubard 638:c90ae1400bf2 112 .sec_param = securityParameters
Vincent Coubard 638:c90ae1400bf2 113 };
Vincent Coubard 638:c90ae1400bf2 114
Vincent Coubard 638:c90ae1400bf2 115 if ((rc = dm_register(&applicationInstance, &dm_param)) != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 116 switch (rc) {
Vincent Coubard 638:c90ae1400bf2 117 case NRF_ERROR_INVALID_STATE:
Vincent Coubard 638:c90ae1400bf2 118 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 119 case NRF_ERROR_NO_MEM:
Vincent Coubard 638:c90ae1400bf2 120 return BLE_ERROR_NO_MEM;
Vincent Coubard 638:c90ae1400bf2 121 default:
Vincent Coubard 638:c90ae1400bf2 122 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 123 }
Vincent Coubard 638:c90ae1400bf2 124 }
Vincent Coubard 638:c90ae1400bf2 125
Vincent Coubard 638:c90ae1400bf2 126 initialized = true;
Vincent Coubard 638:c90ae1400bf2 127 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 128 }
Vincent Coubard 638:c90ae1400bf2 129
Vincent Coubard 638:c90ae1400bf2 130 ble_error_t
Vincent Coubard 638:c90ae1400bf2 131 btle_purgeAllBondingState(void)
Vincent Coubard 638:c90ae1400bf2 132 {
Vincent Coubard 638:c90ae1400bf2 133 ret_code_t rc;
Vincent Coubard 638:c90ae1400bf2 134 if ((rc = dm_device_delete_all(&applicationInstance)) == NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 135 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 136 }
Vincent Coubard 638:c90ae1400bf2 137
Vincent Coubard 638:c90ae1400bf2 138 switch (rc) {
Vincent Coubard 638:c90ae1400bf2 139 case NRF_ERROR_INVALID_STATE:
Vincent Coubard 638:c90ae1400bf2 140 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 141 case NRF_ERROR_NO_MEM:
Vincent Coubard 638:c90ae1400bf2 142 return BLE_ERROR_NO_MEM;
Vincent Coubard 638:c90ae1400bf2 143 default:
Vincent Coubard 638:c90ae1400bf2 144 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 145 }
Vincent Coubard 638:c90ae1400bf2 146 }
Vincent Coubard 638:c90ae1400bf2 147
Vincent Coubard 638:c90ae1400bf2 148 ble_error_t
Vincent Coubard 638:c90ae1400bf2 149 btle_getLinkSecurity(Gap::Handle_t connectionHandle, SecurityManager::LinkSecurityStatus_t *securityStatusP)
Vincent Coubard 638:c90ae1400bf2 150 {
Vincent Coubard 638:c90ae1400bf2 151 ret_code_t rc;
Vincent Coubard 638:c90ae1400bf2 152 dm_handle_t dmHandle = {
Vincent Coubard 638:c90ae1400bf2 153 .appl_id = applicationInstance,
Vincent Coubard 638:c90ae1400bf2 154 };
Vincent Coubard 638:c90ae1400bf2 155 if ((rc = dm_handle_get(connectionHandle, &dmHandle)) != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 156 if (rc == NRF_ERROR_NOT_FOUND) {
Vincent Coubard 638:c90ae1400bf2 157 return BLE_ERROR_INVALID_PARAM;
Vincent Coubard 638:c90ae1400bf2 158 } else {
Vincent Coubard 638:c90ae1400bf2 159 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 160 }
Vincent Coubard 638:c90ae1400bf2 161 }
Vincent Coubard 638:c90ae1400bf2 162
Vincent Coubard 638:c90ae1400bf2 163 if ((rc = dm_security_status_req(&dmHandle, reinterpret_cast<dm_security_status_t *>(securityStatusP))) != NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 164 switch (rc) {
Vincent Coubard 638:c90ae1400bf2 165 case NRF_ERROR_INVALID_STATE:
Vincent Coubard 638:c90ae1400bf2 166 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 167 case NRF_ERROR_NO_MEM:
Vincent Coubard 638:c90ae1400bf2 168 return BLE_ERROR_NO_MEM;
Vincent Coubard 638:c90ae1400bf2 169 default:
Vincent Coubard 638:c90ae1400bf2 170 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 171 }
Vincent Coubard 638:c90ae1400bf2 172 }
Vincent Coubard 638:c90ae1400bf2 173
Vincent Coubard 638:c90ae1400bf2 174 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 175 }
Vincent Coubard 638:c90ae1400bf2 176
Vincent Coubard 638:c90ae1400bf2 177 ble_error_t
Vincent Coubard 638:c90ae1400bf2 178 btle_setLinkSecurity(Gap::Handle_t connectionHandle, SecurityManager::SecurityMode_t securityMode)
Vincent Coubard 638:c90ae1400bf2 179 {
Vincent Coubard 638:c90ae1400bf2 180 // use default and updated parameters as starting point
Vincent Coubard 638:c90ae1400bf2 181 // and modify structure based on security mode.
Vincent Coubard 638:c90ae1400bf2 182 ble_gap_sec_params_t params = securityParameters;
Vincent Coubard 638:c90ae1400bf2 183
Vincent Coubard 638:c90ae1400bf2 184 switch (securityMode) {
Vincent Coubard 638:c90ae1400bf2 185 case SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK:
Vincent Coubard 638:c90ae1400bf2 186 /**< Require no protection, open link. */
Vincent Coubard 638:c90ae1400bf2 187 securityParameters.bond = false;
Vincent Coubard 638:c90ae1400bf2 188 securityParameters.mitm = false;
Vincent Coubard 638:c90ae1400bf2 189 break;
Vincent Coubard 638:c90ae1400bf2 190
Vincent Coubard 638:c90ae1400bf2 191 case SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM:
Vincent Coubard 638:c90ae1400bf2 192 /**< Require encryption, but no MITM protection. */
Vincent Coubard 638:c90ae1400bf2 193 securityParameters.bond = true;
Vincent Coubard 638:c90ae1400bf2 194 securityParameters.mitm = false;
Vincent Coubard 638:c90ae1400bf2 195 break;
Vincent Coubard 638:c90ae1400bf2 196
Vincent Coubard 638:c90ae1400bf2 197 // not yet implemented security modes
Vincent Coubard 638:c90ae1400bf2 198 case SecurityManager::SECURITY_MODE_NO_ACCESS:
Vincent Coubard 638:c90ae1400bf2 199 case SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM:
Vincent Coubard 638:c90ae1400bf2 200 /**< Require encryption and MITM protection. */
Vincent Coubard 638:c90ae1400bf2 201 case SecurityManager::SECURITY_MODE_SIGNED_NO_MITM:
Vincent Coubard 638:c90ae1400bf2 202 /**< Require signing or encryption, but no MITM protection. */
Vincent Coubard 638:c90ae1400bf2 203 case SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM:
Vincent Coubard 638:c90ae1400bf2 204 /**< Require signing or encryption, and MITM protection. */
Vincent Coubard 638:c90ae1400bf2 205 default:
Vincent Coubard 638:c90ae1400bf2 206 return BLE_ERROR_NOT_IMPLEMENTED;
Vincent Coubard 638:c90ae1400bf2 207 }
Vincent Coubard 638:c90ae1400bf2 208
Vincent Coubard 638:c90ae1400bf2 209 // update security settings for given connection
Vincent Coubard 638:c90ae1400bf2 210 uint32_t result = sd_ble_gap_authenticate(connectionHandle, &params);
Vincent Coubard 638:c90ae1400bf2 211
Vincent Coubard 638:c90ae1400bf2 212 if (result == NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 213 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 214 } else {
Vincent Coubard 638:c90ae1400bf2 215 return BLE_ERROR_UNSPECIFIED;
Vincent Coubard 638:c90ae1400bf2 216 }
Vincent Coubard 638:c90ae1400bf2 217 }
Vincent Coubard 638:c90ae1400bf2 218
Vincent Coubard 638:c90ae1400bf2 219 ret_code_t
Vincent Coubard 638:c90ae1400bf2 220 dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t event_result)
Vincent Coubard 638:c90ae1400bf2 221 {
Vincent Coubard 638:c90ae1400bf2 222 nRF5xn &ble = nRF5xn::Instance(BLE::DEFAULT_INSTANCE);
Vincent Coubard 638:c90ae1400bf2 223 nRF5xSecurityManager &securityManager = (nRF5xSecurityManager &) ble.getSecurityManager();
Vincent Coubard 638:c90ae1400bf2 224
Vincent Coubard 638:c90ae1400bf2 225 switch (p_event->event_id) {
Vincent Coubard 638:c90ae1400bf2 226 case DM_EVT_SECURITY_SETUP: /* started */ {
Vincent Coubard 638:c90ae1400bf2 227 const ble_gap_sec_params_t *peerParams = &p_event->event_param.p_gap_param->params.sec_params_request.peer_params;
Vincent Coubard 638:c90ae1400bf2 228 securityManager.processSecuritySetupInitiatedEvent(p_event->event_param.p_gap_param->conn_handle,
Vincent Coubard 638:c90ae1400bf2 229 peerParams->bond,
Vincent Coubard 638:c90ae1400bf2 230 peerParams->mitm,
Vincent Coubard 638:c90ae1400bf2 231 (SecurityManager::SecurityIOCapabilities_t)peerParams->io_caps);
Vincent Coubard 638:c90ae1400bf2 232 break;
Vincent Coubard 638:c90ae1400bf2 233 }
Vincent Coubard 638:c90ae1400bf2 234 case DM_EVT_SECURITY_SETUP_COMPLETE:
Vincent Coubard 638:c90ae1400bf2 235 securityManager.
Vincent Coubard 638:c90ae1400bf2 236 processSecuritySetupCompletedEvent(p_event->event_param.p_gap_param->conn_handle,
Vincent Coubard 638:c90ae1400bf2 237 (SecurityManager::SecurityCompletionStatus_t)(p_event->event_param.p_gap_param->params.auth_status.auth_status));
Vincent Coubard 638:c90ae1400bf2 238 break;
Vincent Coubard 638:c90ae1400bf2 239 case DM_EVT_LINK_SECURED: {
Vincent Coubard 638:c90ae1400bf2 240 unsigned securityMode = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.sm;
Vincent Coubard 638:c90ae1400bf2 241 unsigned level = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.lv;
Vincent Coubard 638:c90ae1400bf2 242 SecurityManager::SecurityMode_t resolvedSecurityMode = SecurityManager::SECURITY_MODE_NO_ACCESS;
Vincent Coubard 638:c90ae1400bf2 243 switch (securityMode) {
Vincent Coubard 638:c90ae1400bf2 244 case 1:
Vincent Coubard 638:c90ae1400bf2 245 switch (level) {
Vincent Coubard 638:c90ae1400bf2 246 case 1:
Vincent Coubard 638:c90ae1400bf2 247 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK;
Vincent Coubard 638:c90ae1400bf2 248 break;
Vincent Coubard 638:c90ae1400bf2 249 case 2:
Vincent Coubard 638:c90ae1400bf2 250 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM;
Vincent Coubard 638:c90ae1400bf2 251 break;
Vincent Coubard 638:c90ae1400bf2 252 case 3:
Vincent Coubard 638:c90ae1400bf2 253 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM;
Vincent Coubard 638:c90ae1400bf2 254 break;
Vincent Coubard 638:c90ae1400bf2 255 }
Vincent Coubard 638:c90ae1400bf2 256 break;
Vincent Coubard 638:c90ae1400bf2 257 case 2:
Vincent Coubard 638:c90ae1400bf2 258 switch (level) {
Vincent Coubard 638:c90ae1400bf2 259 case 1:
Vincent Coubard 638:c90ae1400bf2 260 resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_NO_MITM;
Vincent Coubard 638:c90ae1400bf2 261 break;
Vincent Coubard 638:c90ae1400bf2 262 case 2:
Vincent Coubard 638:c90ae1400bf2 263 resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM;
Vincent Coubard 638:c90ae1400bf2 264 break;
Vincent Coubard 638:c90ae1400bf2 265 }
Vincent Coubard 638:c90ae1400bf2 266 break;
Vincent Coubard 638:c90ae1400bf2 267 }
Vincent Coubard 638:c90ae1400bf2 268
Vincent Coubard 638:c90ae1400bf2 269 securityManager.processLinkSecuredEvent(p_event->event_param.p_gap_param->conn_handle, resolvedSecurityMode);
Vincent Coubard 638:c90ae1400bf2 270 break;
Vincent Coubard 638:c90ae1400bf2 271 }
Vincent Coubard 638:c90ae1400bf2 272 case DM_EVT_DEVICE_CONTEXT_STORED:
Vincent Coubard 638:c90ae1400bf2 273 securityManager.processSecurityContextStoredEvent(p_event->event_param.p_gap_param->conn_handle);
Vincent Coubard 638:c90ae1400bf2 274 break;
Vincent Coubard 638:c90ae1400bf2 275 default:
Vincent Coubard 638:c90ae1400bf2 276 break;
Vincent Coubard 638:c90ae1400bf2 277 }
Vincent Coubard 638:c90ae1400bf2 278
Vincent Coubard 638:c90ae1400bf2 279 return NRF_SUCCESS;
Vincent Coubard 638:c90ae1400bf2 280 }
Vincent Coubard 638:c90ae1400bf2 281
Vincent Coubard 638:c90ae1400bf2 282 ble_error_t
Vincent Coubard 638:c90ae1400bf2 283 btle_createWhitelistFromBondTable(ble_gap_whitelist_t *p_whitelist)
Vincent Coubard 638:c90ae1400bf2 284 {
Vincent Coubard 638:c90ae1400bf2 285 if (!btle_hasInitializedSecurity()) {
Vincent Coubard 638:c90ae1400bf2 286 return BLE_ERROR_INITIALIZATION_INCOMPLETE;
Vincent Coubard 638:c90ae1400bf2 287 }
Vincent Coubard 638:c90ae1400bf2 288 ret_code_t err = dm_whitelist_create(&applicationInstance, p_whitelist);
Vincent Coubard 638:c90ae1400bf2 289 if (err == NRF_SUCCESS) {
Vincent Coubard 638:c90ae1400bf2 290 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 291 } else if (err == NRF_ERROR_NULL) {
Vincent Coubard 638:c90ae1400bf2 292 return BLE_ERROR_PARAM_OUT_OF_RANGE;
Vincent Coubard 638:c90ae1400bf2 293 } else {
Vincent Coubard 638:c90ae1400bf2 294 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 295 }
Vincent Coubard 638:c90ae1400bf2 296 }
Vincent Coubard 638:c90ae1400bf2 297
Vincent Coubard 638:c90ae1400bf2 298
Vincent Coubard 638:c90ae1400bf2 299 bool
Vincent Coubard 638:c90ae1400bf2 300 btle_matchAddressAndIrk(ble_gap_addr_t const * p_addr, ble_gap_irk_t const * p_irk)
Vincent Coubard 638:c90ae1400bf2 301 {
Vincent Coubard 638:c90ae1400bf2 302 /*
Vincent Coubard 638:c90ae1400bf2 303 * Use a helper function from the Nordic SDK to test whether the BLE
Vincent Coubard 638:c90ae1400bf2 304 * address can be generated using the IRK.
Vincent Coubard 638:c90ae1400bf2 305 */
Vincent Coubard 638:c90ae1400bf2 306 return im_address_resolve(p_addr, p_irk);
Vincent Coubard 638:c90ae1400bf2 307 }
Vincent Coubard 638:c90ae1400bf2 308
Vincent Coubard 638:c90ae1400bf2 309 void
Vincent Coubard 638:c90ae1400bf2 310 btle_generateResolvableAddress(const ble_gap_irk_t &irk, ble_gap_addr_t &address)
Vincent Coubard 638:c90ae1400bf2 311 {
Vincent Coubard 638:c90ae1400bf2 312 /* Set type to resolvable */
Vincent Coubard 638:c90ae1400bf2 313 address.addr_type = BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_RESOLVABLE;
Vincent Coubard 638:c90ae1400bf2 314
Vincent Coubard 638:c90ae1400bf2 315 /*
Vincent Coubard 638:c90ae1400bf2 316 * Assign a random number to the most significant 3 bytes
Vincent Coubard 638:c90ae1400bf2 317 * of the address.
Vincent Coubard 638:c90ae1400bf2 318 */
Vincent Coubard 638:c90ae1400bf2 319 address.addr[BLE_GAP_ADDR_LEN - 3] = 0x8E;
Vincent Coubard 638:c90ae1400bf2 320 address.addr[BLE_GAP_ADDR_LEN - 2] = 0x4F;
Vincent Coubard 638:c90ae1400bf2 321 address.addr[BLE_GAP_ADDR_LEN - 1] = 0x7C;
Vincent Coubard 638:c90ae1400bf2 322
Vincent Coubard 638:c90ae1400bf2 323 /* Calculate the hash and store it in the top half of the address */
Vincent Coubard 638:c90ae1400bf2 324 ah(irk.irk, &address.addr[BLE_GAP_ADDR_LEN - 3], address.addr);
Vincent Coubard 638:c90ae1400bf2 325 }