config changes

Fork of nRF51822 by Nordic Semiconductor

Committer:
Vincent Coubard
Date:
Wed Sep 14 14:39:43 2016 +0100
Revision:
638:c90ae1400bf2
Sync with bdab10dc0f90748b6989c8b577771bb403ca6bd8 from ARMmbed/mbed-os.

Who changed what in which revision?

UserRevisionLine numberNew contents of line
Vincent Coubard 638:c90ae1400bf2 1 /* mbed Microcontroller Library
Vincent Coubard 638:c90ae1400bf2 2 * Copyright (c) 2006-2013 ARM Limited
Vincent Coubard 638:c90ae1400bf2 3 *
Vincent Coubard 638:c90ae1400bf2 4 * Licensed under the Apache License, Version 2.0 (the "License");
Vincent Coubard 638:c90ae1400bf2 5 * you may not use this file except in compliance with the License.
Vincent Coubard 638:c90ae1400bf2 6 * You may obtain a copy of the License at
Vincent Coubard 638:c90ae1400bf2 7 *
Vincent Coubard 638:c90ae1400bf2 8 * http://www.apache.org/licenses/LICENSE-2.0
Vincent Coubard 638:c90ae1400bf2 9 *
Vincent Coubard 638:c90ae1400bf2 10 * Unless required by applicable law or agreed to in writing, software
Vincent Coubard 638:c90ae1400bf2 11 * distributed under the License is distributed on an "AS IS" BASIS,
Vincent Coubard 638:c90ae1400bf2 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
Vincent Coubard 638:c90ae1400bf2 13 * See the License for the specific language governing permissions and
Vincent Coubard 638:c90ae1400bf2 14 * limitations under the License.
Vincent Coubard 638:c90ae1400bf2 15 */
Vincent Coubard 638:c90ae1400bf2 16
Vincent Coubard 638:c90ae1400bf2 17 #ifndef __NRF51822_SECURITY_MANAGER_H__
Vincent Coubard 638:c90ae1400bf2 18 #define __NRF51822_SECURITY_MANAGER_H__
Vincent Coubard 638:c90ae1400bf2 19
Vincent Coubard 638:c90ae1400bf2 20 #include <stddef.h>
Vincent Coubard 638:c90ae1400bf2 21
Vincent Coubard 638:c90ae1400bf2 22 #include "nRF5xGap.h"
Vincent Coubard 638:c90ae1400bf2 23 #include "ble/SecurityManager.h"
Vincent Coubard 638:c90ae1400bf2 24 #include "btle_security.h"
Vincent Coubard 638:c90ae1400bf2 25
Vincent Coubard 638:c90ae1400bf2 26 class nRF5xSecurityManager : public SecurityManager
Vincent Coubard 638:c90ae1400bf2 27 {
Vincent Coubard 638:c90ae1400bf2 28 public:
Vincent Coubard 638:c90ae1400bf2 29 /* Functions that must be implemented from SecurityManager */
Vincent Coubard 638:c90ae1400bf2 30 virtual ble_error_t init(bool enableBonding,
Vincent Coubard 638:c90ae1400bf2 31 bool requireMITM,
Vincent Coubard 638:c90ae1400bf2 32 SecurityIOCapabilities_t iocaps,
Vincent Coubard 638:c90ae1400bf2 33 const Passkey_t passkey) {
Vincent Coubard 638:c90ae1400bf2 34 return btle_initializeSecurity(enableBonding, requireMITM, iocaps, passkey);
Vincent Coubard 638:c90ae1400bf2 35 }
Vincent Coubard 638:c90ae1400bf2 36
Vincent Coubard 638:c90ae1400bf2 37 virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
Vincent Coubard 638:c90ae1400bf2 38 return btle_getLinkSecurity(connectionHandle, securityStatusP);
Vincent Coubard 638:c90ae1400bf2 39 }
Vincent Coubard 638:c90ae1400bf2 40
Vincent Coubard 638:c90ae1400bf2 41 virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
Vincent Coubard 638:c90ae1400bf2 42 return btle_setLinkSecurity(connectionHandle, securityMode);
Vincent Coubard 638:c90ae1400bf2 43 }
Vincent Coubard 638:c90ae1400bf2 44
Vincent Coubard 638:c90ae1400bf2 45 virtual ble_error_t purgeAllBondingState(void) {
Vincent Coubard 638:c90ae1400bf2 46 return btle_purgeAllBondingState();
Vincent Coubard 638:c90ae1400bf2 47 }
Vincent Coubard 638:c90ae1400bf2 48
Vincent Coubard 638:c90ae1400bf2 49 /**
Vincent Coubard 638:c90ae1400bf2 50 * @brief Returns a list of addresses from peers in the stacks bond table.
Vincent Coubard 638:c90ae1400bf2 51 *
Vincent Coubard 638:c90ae1400bf2 52 * @param[in/out] addresses
Vincent Coubard 638:c90ae1400bf2 53 * (on input) @ref Gap::Whitelist_t structure where at
Vincent Coubard 638:c90ae1400bf2 54 * most addresses.capacity addresses from bonded peers will
Vincent Coubard 638:c90ae1400bf2 55 * be stored.
Vincent Coubard 638:c90ae1400bf2 56 * (on output) A copy of the addresses from bonded peers.
Vincent Coubard 638:c90ae1400bf2 57 *
Vincent Coubard 638:c90ae1400bf2 58 * @return
Vincent Coubard 638:c90ae1400bf2 59 * BLE_ERROR_NONE if successful.
Vincent Coubard 638:c90ae1400bf2 60 */
Vincent Coubard 638:c90ae1400bf2 61 virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
Vincent Coubard 638:c90ae1400bf2 62 uint8_t i;
Vincent Coubard 638:c90ae1400bf2 63
Vincent Coubard 638:c90ae1400bf2 64 ble_gap_whitelist_t whitelistFromBondTable;
Vincent Coubard 638:c90ae1400bf2 65 ble_gap_addr_t *addressPtr[YOTTA_CFG_WHITELIST_MAX_SIZE];
Vincent Coubard 638:c90ae1400bf2 66 ble_gap_irk_t *irkPtr[YOTTA_CFG_IRK_TABLE_MAX_SIZE];
Vincent Coubard 638:c90ae1400bf2 67
Vincent Coubard 638:c90ae1400bf2 68 /* Initialize the structure so that we get as many addreses as the whitelist can hold */
Vincent Coubard 638:c90ae1400bf2 69 whitelistFromBondTable.addr_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE;
Vincent Coubard 638:c90ae1400bf2 70 whitelistFromBondTable.pp_addrs = addressPtr;
Vincent Coubard 638:c90ae1400bf2 71 whitelistFromBondTable.irk_count = YOTTA_CFG_IRK_TABLE_MAX_SIZE;
Vincent Coubard 638:c90ae1400bf2 72 whitelistFromBondTable.pp_irks = irkPtr;
Vincent Coubard 638:c90ae1400bf2 73
Vincent Coubard 638:c90ae1400bf2 74 ble_error_t error = createWhitelistFromBondTable(whitelistFromBondTable);
Vincent Coubard 638:c90ae1400bf2 75 if (error != BLE_ERROR_NONE) {
Vincent Coubard 638:c90ae1400bf2 76 addresses.size = 0;
Vincent Coubard 638:c90ae1400bf2 77 return error;
Vincent Coubard 638:c90ae1400bf2 78 }
Vincent Coubard 638:c90ae1400bf2 79
Vincent Coubard 638:c90ae1400bf2 80 /* Put all the addresses in the structure */
Vincent Coubard 638:c90ae1400bf2 81 for (i = 0; i < whitelistFromBondTable.addr_count; ++i) {
Vincent Coubard 638:c90ae1400bf2 82 if (i >= addresses.capacity) {
Vincent Coubard 638:c90ae1400bf2 83 /* Ran out of space in the output Gap::Whitelist_t */
Vincent Coubard 638:c90ae1400bf2 84 addresses.size = i;
Vincent Coubard 638:c90ae1400bf2 85 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 86 }
Vincent Coubard 638:c90ae1400bf2 87 memcpy(&addresses.addresses[i], whitelistFromBondTable.pp_addrs[i], sizeof(BLEProtocol::Address_t));
Vincent Coubard 638:c90ae1400bf2 88 }
Vincent Coubard 638:c90ae1400bf2 89
Vincent Coubard 638:c90ae1400bf2 90 /* Update the current address count */
Vincent Coubard 638:c90ae1400bf2 91 addresses.size = i;
Vincent Coubard 638:c90ae1400bf2 92
Vincent Coubard 638:c90ae1400bf2 93 /* The assumption here is that the underlying implementation of
Vincent Coubard 638:c90ae1400bf2 94 * createWhitelistFromBondTable() will not return the private resolvable
Vincent Coubard 638:c90ae1400bf2 95 * addresses (which is the case in the SoftDevice). Rather it returns the
Vincent Coubard 638:c90ae1400bf2 96 * IRKs, so we need to generate the private resolvable address by ourselves.
Vincent Coubard 638:c90ae1400bf2 97 */
Vincent Coubard 638:c90ae1400bf2 98 for (i = 0; i < whitelistFromBondTable.irk_count; ++i) {
Vincent Coubard 638:c90ae1400bf2 99 if (i + addresses.size >= addresses.capacity) {
Vincent Coubard 638:c90ae1400bf2 100 /* Ran out of space in the output Gap::Whitelist_t */
Vincent Coubard 638:c90ae1400bf2 101 addresses.size += i;
Vincent Coubard 638:c90ae1400bf2 102 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 103 }
Vincent Coubard 638:c90ae1400bf2 104 btle_generateResolvableAddress(
Vincent Coubard 638:c90ae1400bf2 105 *whitelistFromBondTable.pp_irks[i],
Vincent Coubard 638:c90ae1400bf2 106 (ble_gap_addr_t &) addresses.addresses[i + addresses.size]
Vincent Coubard 638:c90ae1400bf2 107 );
Vincent Coubard 638:c90ae1400bf2 108 }
Vincent Coubard 638:c90ae1400bf2 109
Vincent Coubard 638:c90ae1400bf2 110 /* Update the current address count */
Vincent Coubard 638:c90ae1400bf2 111 addresses.size += i;
Vincent Coubard 638:c90ae1400bf2 112
Vincent Coubard 638:c90ae1400bf2 113 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 114 }
Vincent Coubard 638:c90ae1400bf2 115
Vincent Coubard 638:c90ae1400bf2 116 /**
Vincent Coubard 638:c90ae1400bf2 117 * @brief Clear nRF5xSecurityManager's state.
Vincent Coubard 638:c90ae1400bf2 118 *
Vincent Coubard 638:c90ae1400bf2 119 * @return
Vincent Coubard 638:c90ae1400bf2 120 * BLE_ERROR_NONE if successful.
Vincent Coubard 638:c90ae1400bf2 121 */
Vincent Coubard 638:c90ae1400bf2 122 virtual ble_error_t reset(void)
Vincent Coubard 638:c90ae1400bf2 123 {
Vincent Coubard 638:c90ae1400bf2 124 if (SecurityManager::reset() != BLE_ERROR_NONE) {
Vincent Coubard 638:c90ae1400bf2 125 return BLE_ERROR_INVALID_STATE;
Vincent Coubard 638:c90ae1400bf2 126 }
Vincent Coubard 638:c90ae1400bf2 127
Vincent Coubard 638:c90ae1400bf2 128 return BLE_ERROR_NONE;
Vincent Coubard 638:c90ae1400bf2 129 }
Vincent Coubard 638:c90ae1400bf2 130
Vincent Coubard 638:c90ae1400bf2 131 bool hasInitialized(void) const {
Vincent Coubard 638:c90ae1400bf2 132 return btle_hasInitializedSecurity();
Vincent Coubard 638:c90ae1400bf2 133 }
Vincent Coubard 638:c90ae1400bf2 134
Vincent Coubard 638:c90ae1400bf2 135 public:
Vincent Coubard 638:c90ae1400bf2 136 /*
Vincent Coubard 638:c90ae1400bf2 137 * Allow instantiation from nRF5xn when required.
Vincent Coubard 638:c90ae1400bf2 138 */
Vincent Coubard 638:c90ae1400bf2 139 friend class nRF5xn;
Vincent Coubard 638:c90ae1400bf2 140
Vincent Coubard 638:c90ae1400bf2 141 nRF5xSecurityManager() {
Vincent Coubard 638:c90ae1400bf2 142 /* empty */
Vincent Coubard 638:c90ae1400bf2 143 }
Vincent Coubard 638:c90ae1400bf2 144
Vincent Coubard 638:c90ae1400bf2 145 private:
Vincent Coubard 638:c90ae1400bf2 146 nRF5xSecurityManager(const nRF5xSecurityManager &);
Vincent Coubard 638:c90ae1400bf2 147 const nRF5xSecurityManager& operator=(const nRF5xSecurityManager &);
Vincent Coubard 638:c90ae1400bf2 148
Vincent Coubard 638:c90ae1400bf2 149 /*
Vincent Coubard 638:c90ae1400bf2 150 * Expose an interface that allows us to query the SoftDevice bond table
Vincent Coubard 638:c90ae1400bf2 151 * and extract a whitelist.
Vincent Coubard 638:c90ae1400bf2 152 */
Vincent Coubard 638:c90ae1400bf2 153 ble_error_t createWhitelistFromBondTable(ble_gap_whitelist_t &whitelistFromBondTable) const {
Vincent Coubard 638:c90ae1400bf2 154 return btle_createWhitelistFromBondTable(&whitelistFromBondTable);
Vincent Coubard 638:c90ae1400bf2 155 }
Vincent Coubard 638:c90ae1400bf2 156
Vincent Coubard 638:c90ae1400bf2 157 /*
Vincent Coubard 638:c90ae1400bf2 158 * Given a BLE address and a IRK this function check whether the address
Vincent Coubard 638:c90ae1400bf2 159 * can be generated from the IRK. To do so, this function uses the hash
Vincent Coubard 638:c90ae1400bf2 160 * function and algorithm described in the Bluetooth low Energy
Vincent Coubard 638:c90ae1400bf2 161 * Specification. Internally, Nordic SDK functions are used.
Vincent Coubard 638:c90ae1400bf2 162 */
Vincent Coubard 638:c90ae1400bf2 163 bool matchAddressAndIrk(ble_gap_addr_t *address, ble_gap_irk_t *irk) const {
Vincent Coubard 638:c90ae1400bf2 164 return btle_matchAddressAndIrk(address, irk);
Vincent Coubard 638:c90ae1400bf2 165 }
Vincent Coubard 638:c90ae1400bf2 166
Vincent Coubard 638:c90ae1400bf2 167 /*
Vincent Coubard 638:c90ae1400bf2 168 * Give nRF5xGap access to createWhitelistFromBondTable() and
Vincent Coubard 638:c90ae1400bf2 169 * matchAddressAndIrk()
Vincent Coubard 638:c90ae1400bf2 170 */
Vincent Coubard 638:c90ae1400bf2 171 friend class nRF5xGap;
Vincent Coubard 638:c90ae1400bf2 172 };
Vincent Coubard 638:c90ae1400bf2 173
Vincent Coubard 638:c90ae1400bf2 174 #endif // ifndef __NRF51822_SECURITY_MANAGER_H__