Arch X
/
BLE_Micro_Release
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependencies: BLE_API Buffer mbed
Fork of
BLE_LEDBlinker
by 
Bluetooth Low Energy
Embed:
(wiki syntax)
Show/hide line numbers
btle_security.cpp
00001 /* mbed Microcontroller Library 00002 * Copyright (c) 2006-2013 ARM Limited 00003 * 00004 * Licensed under the Apache License, Version 2.0 (the "License"); 00005 * you may not use this file except in compliance with the License. 00006 * You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 */ 00016 00017 #include "btle.h" 00018 00019 #include "nRF5xGap.h" 00020 #include "nRF5xSecurityManager.h" 00021 00022 extern "C" { 00023 #include "pstorage.h " 00024 #include "device_manager.h " 00025 } 00026 00027 #include "btle_security.h" 00028 00029 static dm_application_instance_t applicationInstance; 00030 static ret_code_t dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t event_result); 00031 00032 ble_error_t 00033 btle_initializeSecurity(bool enableBonding, 00034 bool requireMITM, 00035 SecurityManager::SecurityIOCapabilities_t iocaps, 00036 const SecurityManager::Passkey_t passkey) 00037 { 00038 /* guard against multiple initializations */ 00039 static bool initialized = false; 00040 if (initialized) { 00041 return BLE_ERROR_NONE; 00042 } 00043 00044 if (pstorage_init() != NRF_SUCCESS) { 00045 return BLE_ERROR_UNSPECIFIED; 00046 } 00047 00048 ret_code_t rc; 00049 if (passkey) { 00050 ble_opt_t opts; 00051 opts.gap_opt.passkey.p_passkey = const_cast<uint8_t *>(passkey); 00052 if ((rc = sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &opts)) != NRF_SUCCESS) { 00053 switch (rc) { 00054 case BLE_ERROR_INVALID_CONN_HANDLE: 00055 case NRF_ERROR_INVALID_ADDR: 00056 case NRF_ERROR_INVALID_PARAM: 00057 default: 00058 return BLE_ERROR_INVALID_PARAM; 00059 case NRF_ERROR_INVALID_STATE: 00060 return BLE_ERROR_INVALID_STATE; 00061 case NRF_ERROR_BUSY: 00062 return BLE_STACK_BUSY; 00063 } 00064 } 00065 } 00066 00067 dm_init_param_t dm_init_param = { 00068 .clear_persistent_data = false /* Set to true in case the module should clear all persistent data. */ 00069 }; 00070 if (dm_init(&dm_init_param) != NRF_SUCCESS) { 00071 return BLE_ERROR_UNSPECIFIED; 00072 } 00073 00074 const dm_application_param_t dm_param = { 00075 .evt_handler = dm_handler, 00076 .service_type = DM_PROTOCOL_CNTXT_GATT_CLI_ID, 00077 .sec_param = { 00078 .bond = enableBonding,/**< Perform bonding. */ 00079 .mitm = requireMITM, /**< Man In The Middle protection required. */ 00080 .io_caps = iocaps, /**< IO capabilities, see @ref BLE_GAP_IO_CAPS. */ 00081 .oob = 0, /**< Out Of Band data available. */ 00082 .min_key_size = 16, /**< Minimum encryption key size in octets between 7 and 16. If 0 then not applicable in this instance. */ 00083 .max_key_size = 16, /**< Maximum encryption key size in octets between min_key_size and 16. */ 00084 .kdist_periph = { 00085 .enc = 1, /**< Long Term Key and Master Identification. */ 00086 .id = 1, /**< Identity Resolving Key and Identity Address Information. */ 00087 .sign = 1, /**< Connection Signature Resolving Key. */ 00088 }, /**< Key distribution bitmap: keys that the peripheral device will distribute. */ 00089 } 00090 }; 00091 00092 if ((rc = dm_register(&applicationInstance, &dm_param)) != NRF_SUCCESS) { 00093 switch (rc) { 00094 case NRF_ERROR_INVALID_STATE: 00095 return BLE_ERROR_INVALID_STATE; 00096 case NRF_ERROR_NO_MEM: 00097 return BLE_ERROR_NO_MEM; 00098 default: 00099 return BLE_ERROR_UNSPECIFIED; 00100 } 00101 } 00102 00103 initialized = true; 00104 return BLE_ERROR_NONE; 00105 } 00106 00107 ble_error_t 00108 btle_purgeAllBondingState(void) 00109 { 00110 ret_code_t rc; 00111 if ((rc = dm_device_delete_all(&applicationInstance)) == NRF_SUCCESS) { 00112 return BLE_ERROR_NONE; 00113 } 00114 00115 switch (rc) { 00116 case NRF_ERROR_INVALID_STATE: 00117 return BLE_ERROR_INVALID_STATE; 00118 case NRF_ERROR_NO_MEM: 00119 return BLE_ERROR_NO_MEM; 00120 default: 00121 return BLE_ERROR_UNSPECIFIED; 00122 } 00123 } 00124 00125 ble_error_t 00126 btle_getLinkSecurity(Gap::Handle_t connectionHandle, SecurityManager::LinkSecurityStatus_t *securityStatusP) 00127 { 00128 ret_code_t rc; 00129 dm_handle_t dmHandle = { 00130 .appl_id = applicationInstance, 00131 }; 00132 if ((rc = dm_handle_get(connectionHandle, &dmHandle)) != NRF_SUCCESS) { 00133 if (rc == NRF_ERROR_NOT_FOUND) { 00134 return BLE_ERROR_INVALID_PARAM; 00135 } else { 00136 return BLE_ERROR_UNSPECIFIED; 00137 } 00138 } 00139 00140 if ((rc = dm_security_status_req(&dmHandle, reinterpret_cast<dm_security_status_t *>(securityStatusP))) != NRF_SUCCESS) { 00141 switch (rc) { 00142 case NRF_ERROR_INVALID_STATE: 00143 return BLE_ERROR_INVALID_STATE; 00144 case NRF_ERROR_NO_MEM: 00145 return BLE_ERROR_NO_MEM; 00146 default: 00147 return BLE_ERROR_UNSPECIFIED; 00148 } 00149 } 00150 00151 return BLE_ERROR_NONE; 00152 } 00153 00154 ret_code_t 00155 dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t event_result) 00156 { 00157 switch (p_event->event_id) { 00158 case DM_EVT_SECURITY_SETUP: /* started */ { 00159 const ble_gap_sec_params_t *peerParams = &p_event->event_param.p_gap_param->params.sec_params_request.peer_params; 00160 nRF5xSecurityManager::getInstance().processSecuritySetupInitiatedEvent(p_event->event_param.p_gap_param->conn_handle, 00161 peerParams->bond, 00162 peerParams->mitm, 00163 (SecurityManager::SecurityIOCapabilities_t)peerParams->io_caps); 00164 break; 00165 } 00166 case DM_EVT_SECURITY_SETUP_COMPLETE: 00167 nRF5xSecurityManager::getInstance(). 00168 processSecuritySetupCompletedEvent(p_event->event_param.p_gap_param->conn_handle, 00169 (SecurityManager::SecurityCompletionStatus_t)(p_event->event_param.p_gap_param->params.auth_status.auth_status)); 00170 break; 00171 case DM_EVT_LINK_SECURED: { 00172 unsigned securityMode = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.sm; 00173 unsigned level = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.lv; 00174 SecurityManager::SecurityMode_t resolvedSecurityMode = SecurityManager::SECURITY_MODE_NO_ACCESS; 00175 switch (securityMode) { 00176 case 1: 00177 switch (level) { 00178 case 1: 00179 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK; 00180 break; 00181 case 2: 00182 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM; 00183 break; 00184 case 3: 00185 resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM; 00186 break; 00187 } 00188 break; 00189 case 2: 00190 switch (level) { 00191 case 1: 00192 resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_NO_MITM; 00193 break; 00194 case 2: 00195 resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM; 00196 break; 00197 } 00198 break; 00199 } 00200 00201 nRF5xSecurityManager::getInstance().processLinkSecuredEvent(p_event->event_param.p_gap_param->conn_handle, resolvedSecurityMode); 00202 break; 00203 } 00204 case DM_EVT_DEVICE_CONTEXT_STORED: 00205 nRF5xSecurityManager::getInstance().processSecurityContextStoredEvent(p_event->event_param.p_gap_param->conn_handle); 00206 break; 00207 default: 00208 break; 00209 } 00210 00211 return NRF_SUCCESS; 00212 }
Generated on Tue Jul 12 2022 19:00:01 by
1.7.2