Kenji Arai
mbed-os5 only for TYBLE16
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
features/FEATURE_BLE/ble/pal/PalSecurityManager.h@0:5b88d5760320, 2019-12-17 (annotated)
- Committer:
- kenjiArai
- Date:
- Tue Dec 17 23:23:45 2019 +0000
- Revision:
- 0:5b88d5760320
mbed-os5 only for TYBLE16
Who changed what in which revision?
| User | Revision | Line number | New contents of line |
|---|---|---|---|
| kenjiArai | 0:5b88d5760320 | 1 | /* mbed Microcontroller Library |
| kenjiArai | 0:5b88d5760320 | 2 | * Copyright (c) 2017-2018 ARM Limited |
| kenjiArai | 0:5b88d5760320 | 3 | * |
| kenjiArai | 0:5b88d5760320 | 4 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| kenjiArai | 0:5b88d5760320 | 5 | * you may not use this file except in compliance with the License. |
| kenjiArai | 0:5b88d5760320 | 6 | * You may obtain a copy of the License at |
| kenjiArai | 0:5b88d5760320 | 7 | * |
| kenjiArai | 0:5b88d5760320 | 8 | * http://www.apache.org/licenses/LICENSE-2.0 |
| kenjiArai | 0:5b88d5760320 | 9 | * |
| kenjiArai | 0:5b88d5760320 | 10 | * Unless required by applicable law or agreed to in writing, software |
| kenjiArai | 0:5b88d5760320 | 11 | * distributed under the License is distributed on an "AS IS" BASIS, |
| kenjiArai | 0:5b88d5760320 | 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| kenjiArai | 0:5b88d5760320 | 13 | * See the License for the specific language governing permissions and |
| kenjiArai | 0:5b88d5760320 | 14 | * limitations under the License. |
| kenjiArai | 0:5b88d5760320 | 15 | */ |
| kenjiArai | 0:5b88d5760320 | 16 | |
| kenjiArai | 0:5b88d5760320 | 17 | #ifndef MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_ |
| kenjiArai | 0:5b88d5760320 | 18 | #define MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_ |
| kenjiArai | 0:5b88d5760320 | 19 | |
| kenjiArai | 0:5b88d5760320 | 20 | #include "ble/common/StaticInterface.h" |
| kenjiArai | 0:5b88d5760320 | 21 | #include "platform/Callback.h" |
| kenjiArai | 0:5b88d5760320 | 22 | #include "platform/NonCopyable.h" |
| kenjiArai | 0:5b88d5760320 | 23 | #include "ble/BLETypes.h" |
| kenjiArai | 0:5b88d5760320 | 24 | #include "ble/BLEProtocol.h" |
| kenjiArai | 0:5b88d5760320 | 25 | #include "ble/SecurityManager.h" |
| kenjiArai | 0:5b88d5760320 | 26 | #include "ble/pal/GapTypes.h" |
| kenjiArai | 0:5b88d5760320 | 27 | |
| kenjiArai | 0:5b88d5760320 | 28 | namespace ble { |
| kenjiArai | 0:5b88d5760320 | 29 | namespace pal { |
| kenjiArai | 0:5b88d5760320 | 30 | |
| kenjiArai | 0:5b88d5760320 | 31 | typedef ::SecurityManager::SecurityCompletionStatus_t SecurityCompletionStatus_t; |
| kenjiArai | 0:5b88d5760320 | 32 | typedef ::SecurityManager::SecurityMode_t SecurityMode_t; |
| kenjiArai | 0:5b88d5760320 | 33 | typedef ::SecurityManager::LinkSecurityStatus_t LinkSecurityStatus_t; |
| kenjiArai | 0:5b88d5760320 | 34 | typedef ::SecurityManager::Keypress_t Keypress_t; |
| kenjiArai | 0:5b88d5760320 | 35 | |
| kenjiArai | 0:5b88d5760320 | 36 | /** |
| kenjiArai | 0:5b88d5760320 | 37 | * Key distribution as required by the SMP with convenient setters and getters, |
| kenjiArai | 0:5b88d5760320 | 38 | * use value() to get the octet you can use directly in the PDU. |
| kenjiArai | 0:5b88d5760320 | 39 | */ |
| kenjiArai | 0:5b88d5760320 | 40 | class KeyDistribution { |
| kenjiArai | 0:5b88d5760320 | 41 | public: |
| kenjiArai | 0:5b88d5760320 | 42 | enum KeyDistributionFlags_t { |
| kenjiArai | 0:5b88d5760320 | 43 | KEY_DISTRIBUTION_NONE = 0x00, |
| kenjiArai | 0:5b88d5760320 | 44 | KEY_DISTRIBUTION_ENCRYPTION = 0x01, |
| kenjiArai | 0:5b88d5760320 | 45 | KEY_DISTRIBUTION_IDENTITY = 0x02, |
| kenjiArai | 0:5b88d5760320 | 46 | KEY_DISTRIBUTION_SIGNING = 0x04, |
| kenjiArai | 0:5b88d5760320 | 47 | KEY_DISTRIBUTION_LINK = 0x08, |
| kenjiArai | 0:5b88d5760320 | 48 | KEY_DISTRIBUTION_ALL = 0x0F |
| kenjiArai | 0:5b88d5760320 | 49 | }; |
| kenjiArai | 0:5b88d5760320 | 50 | |
| kenjiArai | 0:5b88d5760320 | 51 | KeyDistribution() : _value(0) { } |
| kenjiArai | 0:5b88d5760320 | 52 | KeyDistribution(uint8_t value) : _value(value) { } |
| kenjiArai | 0:5b88d5760320 | 53 | KeyDistribution(bool encryption, |
| kenjiArai | 0:5b88d5760320 | 54 | bool identity, |
| kenjiArai | 0:5b88d5760320 | 55 | bool signing, |
| kenjiArai | 0:5b88d5760320 | 56 | bool link) : _value(0) { |
| kenjiArai | 0:5b88d5760320 | 57 | set_encryption(encryption); |
| kenjiArai | 0:5b88d5760320 | 58 | set_identity(identity); |
| kenjiArai | 0:5b88d5760320 | 59 | set_signing(signing); |
| kenjiArai | 0:5b88d5760320 | 60 | set_link(link); |
| kenjiArai | 0:5b88d5760320 | 61 | } |
| kenjiArai | 0:5b88d5760320 | 62 | |
| kenjiArai | 0:5b88d5760320 | 63 | bool get_encryption() const { |
| kenjiArai | 0:5b88d5760320 | 64 | return _value & KEY_DISTRIBUTION_ENCRYPTION; |
| kenjiArai | 0:5b88d5760320 | 65 | } |
| kenjiArai | 0:5b88d5760320 | 66 | bool get_identity() const { |
| kenjiArai | 0:5b88d5760320 | 67 | return _value & KEY_DISTRIBUTION_IDENTITY; |
| kenjiArai | 0:5b88d5760320 | 68 | } |
| kenjiArai | 0:5b88d5760320 | 69 | bool get_signing() const { |
| kenjiArai | 0:5b88d5760320 | 70 | return _value & KEY_DISTRIBUTION_SIGNING; |
| kenjiArai | 0:5b88d5760320 | 71 | } |
| kenjiArai | 0:5b88d5760320 | 72 | bool get_link() const { |
| kenjiArai | 0:5b88d5760320 | 73 | return _value & KEY_DISTRIBUTION_LINK; |
| kenjiArai | 0:5b88d5760320 | 74 | } |
| kenjiArai | 0:5b88d5760320 | 75 | |
| kenjiArai | 0:5b88d5760320 | 76 | void set_encryption(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 77 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 78 | _value |= KEY_DISTRIBUTION_ENCRYPTION; |
| kenjiArai | 0:5b88d5760320 | 79 | } else { |
| kenjiArai | 0:5b88d5760320 | 80 | _value &= ~KEY_DISTRIBUTION_ENCRYPTION; |
| kenjiArai | 0:5b88d5760320 | 81 | } |
| kenjiArai | 0:5b88d5760320 | 82 | } |
| kenjiArai | 0:5b88d5760320 | 83 | void set_identity(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 84 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 85 | _value |= KEY_DISTRIBUTION_IDENTITY; |
| kenjiArai | 0:5b88d5760320 | 86 | } else { |
| kenjiArai | 0:5b88d5760320 | 87 | _value &= ~KEY_DISTRIBUTION_IDENTITY; |
| kenjiArai | 0:5b88d5760320 | 88 | } |
| kenjiArai | 0:5b88d5760320 | 89 | } |
| kenjiArai | 0:5b88d5760320 | 90 | void set_signing(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 91 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 92 | _value |= KEY_DISTRIBUTION_SIGNING; |
| kenjiArai | 0:5b88d5760320 | 93 | } else { |
| kenjiArai | 0:5b88d5760320 | 94 | _value &= ~KEY_DISTRIBUTION_SIGNING; |
| kenjiArai | 0:5b88d5760320 | 95 | } |
| kenjiArai | 0:5b88d5760320 | 96 | } |
| kenjiArai | 0:5b88d5760320 | 97 | void set_link(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 98 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 99 | _value |= KEY_DISTRIBUTION_LINK; |
| kenjiArai | 0:5b88d5760320 | 100 | } else { |
| kenjiArai | 0:5b88d5760320 | 101 | _value &= ~KEY_DISTRIBUTION_LINK; |
| kenjiArai | 0:5b88d5760320 | 102 | } |
| kenjiArai | 0:5b88d5760320 | 103 | } |
| kenjiArai | 0:5b88d5760320 | 104 | |
| kenjiArai | 0:5b88d5760320 | 105 | operator uint8_t() { |
| kenjiArai | 0:5b88d5760320 | 106 | return _value; |
| kenjiArai | 0:5b88d5760320 | 107 | } |
| kenjiArai | 0:5b88d5760320 | 108 | |
| kenjiArai | 0:5b88d5760320 | 109 | KeyDistribution operator&(const KeyDistribution& other) const { |
| kenjiArai | 0:5b88d5760320 | 110 | KeyDistribution result(this->value() & other.value()); |
| kenjiArai | 0:5b88d5760320 | 111 | return result; |
| kenjiArai | 0:5b88d5760320 | 112 | } |
| kenjiArai | 0:5b88d5760320 | 113 | |
| kenjiArai | 0:5b88d5760320 | 114 | KeyDistribution& operator&=(const KeyDistribution& other) { |
| kenjiArai | 0:5b88d5760320 | 115 | this->_value = this->_value & other.value(); |
| kenjiArai | 0:5b88d5760320 | 116 | return *this; |
| kenjiArai | 0:5b88d5760320 | 117 | } |
| kenjiArai | 0:5b88d5760320 | 118 | |
| kenjiArai | 0:5b88d5760320 | 119 | uint8_t value() const { |
| kenjiArai | 0:5b88d5760320 | 120 | return _value; |
| kenjiArai | 0:5b88d5760320 | 121 | } |
| kenjiArai | 0:5b88d5760320 | 122 | |
| kenjiArai | 0:5b88d5760320 | 123 | private: |
| kenjiArai | 0:5b88d5760320 | 124 | uint8_t _value; |
| kenjiArai | 0:5b88d5760320 | 125 | }; |
| kenjiArai | 0:5b88d5760320 | 126 | |
| kenjiArai | 0:5b88d5760320 | 127 | /** |
| kenjiArai | 0:5b88d5760320 | 128 | * Authentication mask as required by the SMP with convenient setters and getters, |
| kenjiArai | 0:5b88d5760320 | 129 | * use value() to get the octet you can use directly in the PDU. |
| kenjiArai | 0:5b88d5760320 | 130 | */ |
| kenjiArai | 0:5b88d5760320 | 131 | class AuthenticationMask { |
| kenjiArai | 0:5b88d5760320 | 132 | public: |
| kenjiArai | 0:5b88d5760320 | 133 | enum AuthenticationFlags_t { |
| kenjiArai | 0:5b88d5760320 | 134 | AUTHENTICATION_BONDABLE = 0x01, |
| kenjiArai | 0:5b88d5760320 | 135 | AUTHENTICATION_MITM = 0x04, /* 0x02 missing because bonding uses two bits */ |
| kenjiArai | 0:5b88d5760320 | 136 | AUTHENTICATION_SECURE_CONNECTIONS = 0x08, |
| kenjiArai | 0:5b88d5760320 | 137 | AUTHENTICATION_KEYPRESS_NOTIFICATION = 0x10 |
| kenjiArai | 0:5b88d5760320 | 138 | }; |
| kenjiArai | 0:5b88d5760320 | 139 | |
| kenjiArai | 0:5b88d5760320 | 140 | AuthenticationMask() : _value(0) { } |
| kenjiArai | 0:5b88d5760320 | 141 | AuthenticationMask(uint8_t value) : _value(value) { } |
| kenjiArai | 0:5b88d5760320 | 142 | AuthenticationMask(bool bondable, |
| kenjiArai | 0:5b88d5760320 | 143 | bool mitm, |
| kenjiArai | 0:5b88d5760320 | 144 | bool secure_connections, |
| kenjiArai | 0:5b88d5760320 | 145 | bool keypress) : _value(0) { |
| kenjiArai | 0:5b88d5760320 | 146 | set_bondable(bondable); |
| kenjiArai | 0:5b88d5760320 | 147 | set_mitm(mitm); |
| kenjiArai | 0:5b88d5760320 | 148 | set_secure_connections(secure_connections); |
| kenjiArai | 0:5b88d5760320 | 149 | set_keypress_notification(keypress); |
| kenjiArai | 0:5b88d5760320 | 150 | } |
| kenjiArai | 0:5b88d5760320 | 151 | |
| kenjiArai | 0:5b88d5760320 | 152 | bool get_bondable() const { |
| kenjiArai | 0:5b88d5760320 | 153 | return _value & AUTHENTICATION_BONDABLE; |
| kenjiArai | 0:5b88d5760320 | 154 | } |
| kenjiArai | 0:5b88d5760320 | 155 | bool get_mitm() const { |
| kenjiArai | 0:5b88d5760320 | 156 | return _value & AUTHENTICATION_MITM; |
| kenjiArai | 0:5b88d5760320 | 157 | } |
| kenjiArai | 0:5b88d5760320 | 158 | bool get_secure_connections() const { |
| kenjiArai | 0:5b88d5760320 | 159 | return _value & AUTHENTICATION_SECURE_CONNECTIONS; |
| kenjiArai | 0:5b88d5760320 | 160 | } |
| kenjiArai | 0:5b88d5760320 | 161 | bool get_keypress_notification() const { |
| kenjiArai | 0:5b88d5760320 | 162 | return _value & AUTHENTICATION_KEYPRESS_NOTIFICATION; |
| kenjiArai | 0:5b88d5760320 | 163 | } |
| kenjiArai | 0:5b88d5760320 | 164 | |
| kenjiArai | 0:5b88d5760320 | 165 | void set_bondable(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 166 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 167 | _value |= AUTHENTICATION_BONDABLE; |
| kenjiArai | 0:5b88d5760320 | 168 | } else { |
| kenjiArai | 0:5b88d5760320 | 169 | _value &= ~AUTHENTICATION_BONDABLE; |
| kenjiArai | 0:5b88d5760320 | 170 | } |
| kenjiArai | 0:5b88d5760320 | 171 | } |
| kenjiArai | 0:5b88d5760320 | 172 | void set_mitm(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 173 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 174 | _value |= AUTHENTICATION_MITM; |
| kenjiArai | 0:5b88d5760320 | 175 | } else { |
| kenjiArai | 0:5b88d5760320 | 176 | _value &= ~AUTHENTICATION_MITM; |
| kenjiArai | 0:5b88d5760320 | 177 | } |
| kenjiArai | 0:5b88d5760320 | 178 | } |
| kenjiArai | 0:5b88d5760320 | 179 | void set_secure_connections(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 180 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 181 | _value |= AUTHENTICATION_SECURE_CONNECTIONS; |
| kenjiArai | 0:5b88d5760320 | 182 | } else { |
| kenjiArai | 0:5b88d5760320 | 183 | _value &= ~AUTHENTICATION_SECURE_CONNECTIONS; |
| kenjiArai | 0:5b88d5760320 | 184 | } |
| kenjiArai | 0:5b88d5760320 | 185 | } |
| kenjiArai | 0:5b88d5760320 | 186 | void set_keypress_notification(bool enabled = true) { |
| kenjiArai | 0:5b88d5760320 | 187 | if (enabled) { |
| kenjiArai | 0:5b88d5760320 | 188 | _value |= AUTHENTICATION_KEYPRESS_NOTIFICATION; |
| kenjiArai | 0:5b88d5760320 | 189 | } else { |
| kenjiArai | 0:5b88d5760320 | 190 | _value &= ~AUTHENTICATION_KEYPRESS_NOTIFICATION; |
| kenjiArai | 0:5b88d5760320 | 191 | } |
| kenjiArai | 0:5b88d5760320 | 192 | } |
| kenjiArai | 0:5b88d5760320 | 193 | |
| kenjiArai | 0:5b88d5760320 | 194 | operator uint8_t() { |
| kenjiArai | 0:5b88d5760320 | 195 | return _value; |
| kenjiArai | 0:5b88d5760320 | 196 | } |
| kenjiArai | 0:5b88d5760320 | 197 | uint8_t value() const { |
| kenjiArai | 0:5b88d5760320 | 198 | return _value; |
| kenjiArai | 0:5b88d5760320 | 199 | } |
| kenjiArai | 0:5b88d5760320 | 200 | |
| kenjiArai | 0:5b88d5760320 | 201 | private: |
| kenjiArai | 0:5b88d5760320 | 202 | uint8_t _value; |
| kenjiArai | 0:5b88d5760320 | 203 | }; |
| kenjiArai | 0:5b88d5760320 | 204 | |
| kenjiArai | 0:5b88d5760320 | 205 | /** |
| kenjiArai | 0:5b88d5760320 | 206 | * Handle events generated by ble::pal::SecurityManager |
| kenjiArai | 0:5b88d5760320 | 207 | */ |
| kenjiArai | 0:5b88d5760320 | 208 | template<class Impl> |
| kenjiArai | 0:5b88d5760320 | 209 | class SecurityManagerEventHandler : |
| kenjiArai | 0:5b88d5760320 | 210 | public StaticInterface<Impl, SecurityManagerEventHandler> |
| kenjiArai | 0:5b88d5760320 | 211 | { |
| kenjiArai | 0:5b88d5760320 | 212 | using StaticInterface<Impl, ble::pal::SecurityManagerEventHandler>::impl; |
| kenjiArai | 0:5b88d5760320 | 213 | |
| kenjiArai | 0:5b88d5760320 | 214 | public: |
| kenjiArai | 0:5b88d5760320 | 215 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 216 | // Pairing |
| kenjiArai | 0:5b88d5760320 | 217 | // |
| kenjiArai | 0:5b88d5760320 | 218 | |
| kenjiArai | 0:5b88d5760320 | 219 | /** |
| kenjiArai | 0:5b88d5760320 | 220 | * Request pairing. This is called on the slave in response to a request from the master. |
| kenjiArai | 0:5b88d5760320 | 221 | * Upper layer shall either send a pairing response (send_pairing_response) |
| kenjiArai | 0:5b88d5760320 | 222 | * or cancel the pairing procedure (cancel_pairing). |
| kenjiArai | 0:5b88d5760320 | 223 | * |
| kenjiArai | 0:5b88d5760320 | 224 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 225 | * @param[in] oob_data_flag is out of band data present |
| kenjiArai | 0:5b88d5760320 | 226 | * @param[in] authentication_requirements authentication requirements |
| kenjiArai | 0:5b88d5760320 | 227 | * @param[in] initiator_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 228 | * @param[in] responder_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 229 | */ |
| kenjiArai | 0:5b88d5760320 | 230 | void on_pairing_request( |
| kenjiArai | 0:5b88d5760320 | 231 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 232 | bool oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 233 | AuthenticationMask authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 234 | KeyDistribution initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 235 | KeyDistribution responder_dist |
| kenjiArai | 0:5b88d5760320 | 236 | ) { |
| kenjiArai | 0:5b88d5760320 | 237 | impl()->on_pairing_request_( |
| kenjiArai | 0:5b88d5760320 | 238 | connection, |
| kenjiArai | 0:5b88d5760320 | 239 | oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 240 | authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 241 | initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 242 | responder_dist |
| kenjiArai | 0:5b88d5760320 | 243 | ); |
| kenjiArai | 0:5b88d5760320 | 244 | } |
| kenjiArai | 0:5b88d5760320 | 245 | |
| kenjiArai | 0:5b88d5760320 | 246 | /** |
| kenjiArai | 0:5b88d5760320 | 247 | * Indicate that the pairing has failed. |
| kenjiArai | 0:5b88d5760320 | 248 | * |
| kenjiArai | 0:5b88d5760320 | 249 | * @note Any subsequent pairing procedure shall restart from the Pairing |
| kenjiArai | 0:5b88d5760320 | 250 | * Feature Exchange phase. |
| kenjiArai | 0:5b88d5760320 | 251 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 252 | * @param[in] error reason for the failed pairing |
| kenjiArai | 0:5b88d5760320 | 253 | */ |
| kenjiArai | 0:5b88d5760320 | 254 | void on_pairing_error( |
| kenjiArai | 0:5b88d5760320 | 255 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 256 | pairing_failure_t error |
| kenjiArai | 0:5b88d5760320 | 257 | ) { |
| kenjiArai | 0:5b88d5760320 | 258 | impl()->on_pairing_error_(connection, error); |
| kenjiArai | 0:5b88d5760320 | 259 | } |
| kenjiArai | 0:5b88d5760320 | 260 | |
| kenjiArai | 0:5b88d5760320 | 261 | /** |
| kenjiArai | 0:5b88d5760320 | 262 | * Indicate that the pairing has timed out. |
| kenjiArai | 0:5b88d5760320 | 263 | * |
| kenjiArai | 0:5b88d5760320 | 264 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 265 | */ |
| kenjiArai | 0:5b88d5760320 | 266 | void on_pairing_timed_out( |
| kenjiArai | 0:5b88d5760320 | 267 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 268 | ) { |
| kenjiArai | 0:5b88d5760320 | 269 | impl()->on_pairing_timed_out_(connection); |
| kenjiArai | 0:5b88d5760320 | 270 | } |
| kenjiArai | 0:5b88d5760320 | 271 | |
| kenjiArai | 0:5b88d5760320 | 272 | /** |
| kenjiArai | 0:5b88d5760320 | 273 | * Indicate that the pairing for the link has completed. |
| kenjiArai | 0:5b88d5760320 | 274 | * |
| kenjiArai | 0:5b88d5760320 | 275 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 276 | */ |
| kenjiArai | 0:5b88d5760320 | 277 | void on_pairing_completed( |
| kenjiArai | 0:5b88d5760320 | 278 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 279 | ) { |
| kenjiArai | 0:5b88d5760320 | 280 | impl()->on_pairing_completed_(connection); |
| kenjiArai | 0:5b88d5760320 | 281 | } |
| kenjiArai | 0:5b88d5760320 | 282 | |
| kenjiArai | 0:5b88d5760320 | 283 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 284 | // Security |
| kenjiArai | 0:5b88d5760320 | 285 | // |
| kenjiArai | 0:5b88d5760320 | 286 | |
| kenjiArai | 0:5b88d5760320 | 287 | /** |
| kenjiArai | 0:5b88d5760320 | 288 | * Indicate that the authentication timeout time has elapsed |
| kenjiArai | 0:5b88d5760320 | 289 | * and we received no packets with a valid MIC in that time. |
| kenjiArai | 0:5b88d5760320 | 290 | * |
| kenjiArai | 0:5b88d5760320 | 291 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 292 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 6, Part B, 5.4 |
| kenjiArai | 0:5b88d5760320 | 293 | */ |
| kenjiArai | 0:5b88d5760320 | 294 | void on_valid_mic_timeout( |
| kenjiArai | 0:5b88d5760320 | 295 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 296 | ) { |
| kenjiArai | 0:5b88d5760320 | 297 | impl()->on_valid_mic_timeout_(connection); |
| kenjiArai | 0:5b88d5760320 | 298 | } |
| kenjiArai | 0:5b88d5760320 | 299 | |
| kenjiArai | 0:5b88d5760320 | 300 | /** |
| kenjiArai | 0:5b88d5760320 | 301 | * Ask the stack to evaluate the security request received from the slave. |
| kenjiArai | 0:5b88d5760320 | 302 | * This might result in the stack enabling encryption, or pairing/re-pairing. |
| kenjiArai | 0:5b88d5760320 | 303 | * |
| kenjiArai | 0:5b88d5760320 | 304 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 305 | * @param[in] authentication authentication requirements from the slave |
| kenjiArai | 0:5b88d5760320 | 306 | */ |
| kenjiArai | 0:5b88d5760320 | 307 | void on_slave_security_request( |
| kenjiArai | 0:5b88d5760320 | 308 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 309 | AuthenticationMask authentication |
| kenjiArai | 0:5b88d5760320 | 310 | ) { |
| kenjiArai | 0:5b88d5760320 | 311 | impl()->on_slave_security_request_(connection, authentication); |
| kenjiArai | 0:5b88d5760320 | 312 | } |
| kenjiArai | 0:5b88d5760320 | 313 | |
| kenjiArai | 0:5b88d5760320 | 314 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 315 | // Encryption |
| kenjiArai | 0:5b88d5760320 | 316 | // |
| kenjiArai | 0:5b88d5760320 | 317 | |
| kenjiArai | 0:5b88d5760320 | 318 | /** |
| kenjiArai | 0:5b88d5760320 | 319 | * Inform the application of the result of an encryption request. |
| kenjiArai | 0:5b88d5760320 | 320 | * @note Do no call if request timed out, call on_link_encryption_request_timed_out |
| kenjiArai | 0:5b88d5760320 | 321 | * instead. |
| kenjiArai | 0:5b88d5760320 | 322 | * |
| kenjiArai | 0:5b88d5760320 | 323 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 324 | * @param[in] result encryption state of the link |
| kenjiArai | 0:5b88d5760320 | 325 | */ |
| kenjiArai | 0:5b88d5760320 | 326 | void on_link_encryption_result( |
| kenjiArai | 0:5b88d5760320 | 327 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 328 | link_encryption_t result |
| kenjiArai | 0:5b88d5760320 | 329 | ) { |
| kenjiArai | 0:5b88d5760320 | 330 | impl()->on_link_encryption_result_(connection, result); |
| kenjiArai | 0:5b88d5760320 | 331 | } |
| kenjiArai | 0:5b88d5760320 | 332 | |
| kenjiArai | 0:5b88d5760320 | 333 | /** |
| kenjiArai | 0:5b88d5760320 | 334 | * Indicate that the encryption request failed due to timeout. |
| kenjiArai | 0:5b88d5760320 | 335 | * |
| kenjiArai | 0:5b88d5760320 | 336 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 337 | */ |
| kenjiArai | 0:5b88d5760320 | 338 | void on_link_encryption_request_timed_out( |
| kenjiArai | 0:5b88d5760320 | 339 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 340 | ) { |
| kenjiArai | 0:5b88d5760320 | 341 | impl()->on_link_encryption_request_timed_out_(connection); |
| kenjiArai | 0:5b88d5760320 | 342 | } |
| kenjiArai | 0:5b88d5760320 | 343 | |
| kenjiArai | 0:5b88d5760320 | 344 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 345 | // MITM |
| kenjiArai | 0:5b88d5760320 | 346 | // |
| kenjiArai | 0:5b88d5760320 | 347 | |
| kenjiArai | 0:5b88d5760320 | 348 | /** |
| kenjiArai | 0:5b88d5760320 | 349 | * Inform the application that should display a passkey. |
| kenjiArai | 0:5b88d5760320 | 350 | * |
| kenjiArai | 0:5b88d5760320 | 351 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 352 | * @param[in] passkey passkey to be displayed |
| kenjiArai | 0:5b88d5760320 | 353 | */ |
| kenjiArai | 0:5b88d5760320 | 354 | void on_passkey_display( |
| kenjiArai | 0:5b88d5760320 | 355 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 356 | passkey_num_t passkey |
| kenjiArai | 0:5b88d5760320 | 357 | ) { |
| kenjiArai | 0:5b88d5760320 | 358 | impl()->on_passkey_display_( |
| kenjiArai | 0:5b88d5760320 | 359 | connection, |
| kenjiArai | 0:5b88d5760320 | 360 | passkey |
| kenjiArai | 0:5b88d5760320 | 361 | ); |
| kenjiArai | 0:5b88d5760320 | 362 | } |
| kenjiArai | 0:5b88d5760320 | 363 | |
| kenjiArai | 0:5b88d5760320 | 364 | /** |
| kenjiArai | 0:5b88d5760320 | 365 | * Indicate that user confirmation is required to confirm matching |
| kenjiArai | 0:5b88d5760320 | 366 | * passkeys displayed on devices. |
| kenjiArai | 0:5b88d5760320 | 367 | * |
| kenjiArai | 0:5b88d5760320 | 368 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 369 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E, 7.7.42 |
| kenjiArai | 0:5b88d5760320 | 370 | */ |
| kenjiArai | 0:5b88d5760320 | 371 | void on_confirmation_request( |
| kenjiArai | 0:5b88d5760320 | 372 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 373 | ) { |
| kenjiArai | 0:5b88d5760320 | 374 | impl()->on_confirmation_request_(connection); |
| kenjiArai | 0:5b88d5760320 | 375 | } |
| kenjiArai | 0:5b88d5760320 | 376 | |
| kenjiArai | 0:5b88d5760320 | 377 | /** |
| kenjiArai | 0:5b88d5760320 | 378 | * Request the passkey entered during pairing. |
| kenjiArai | 0:5b88d5760320 | 379 | * |
| kenjiArai | 0:5b88d5760320 | 380 | * @note shall be followed by: pal::SecurityManager::passkey_request_reply |
| kenjiArai | 0:5b88d5760320 | 381 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 382 | * or a cancellation of the procedure. |
| kenjiArai | 0:5b88d5760320 | 383 | */ |
| kenjiArai | 0:5b88d5760320 | 384 | void on_passkey_request( |
| kenjiArai | 0:5b88d5760320 | 385 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 386 | ) { |
| kenjiArai | 0:5b88d5760320 | 387 | impl()->on_passkey_request_(connection); |
| kenjiArai | 0:5b88d5760320 | 388 | } |
| kenjiArai | 0:5b88d5760320 | 389 | |
| kenjiArai | 0:5b88d5760320 | 390 | /** |
| kenjiArai | 0:5b88d5760320 | 391 | * Indicate that a key has been pressed by the peer. |
| kenjiArai | 0:5b88d5760320 | 392 | * |
| kenjiArai | 0:5b88d5760320 | 393 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 394 | * @param[in] keypress type of keypress event |
| kenjiArai | 0:5b88d5760320 | 395 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H, 3.5.8 |
| kenjiArai | 0:5b88d5760320 | 396 | */ |
| kenjiArai | 0:5b88d5760320 | 397 | void on_keypress_notification( |
| kenjiArai | 0:5b88d5760320 | 398 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 399 | Keypress_t keypress |
| kenjiArai | 0:5b88d5760320 | 400 | ) { |
| kenjiArai | 0:5b88d5760320 | 401 | impl()->on_keypress_notification_(connection, keypress); |
| kenjiArai | 0:5b88d5760320 | 402 | } |
| kenjiArai | 0:5b88d5760320 | 403 | |
| kenjiArai | 0:5b88d5760320 | 404 | /** |
| kenjiArai | 0:5b88d5760320 | 405 | * Request OOB data from the user application. |
| kenjiArai | 0:5b88d5760320 | 406 | * |
| kenjiArai | 0:5b88d5760320 | 407 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 408 | * @note shall be followed by: pal::SecurityManager::secure_connections_oob_request_reply |
| kenjiArai | 0:5b88d5760320 | 409 | * or a cancellation of the procedure. |
| kenjiArai | 0:5b88d5760320 | 410 | */ |
| kenjiArai | 0:5b88d5760320 | 411 | void on_secure_connections_oob_request( |
| kenjiArai | 0:5b88d5760320 | 412 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 413 | ) { |
| kenjiArai | 0:5b88d5760320 | 414 | impl()->on_secure_connections_oob_request_(connection); |
| kenjiArai | 0:5b88d5760320 | 415 | } |
| kenjiArai | 0:5b88d5760320 | 416 | |
| kenjiArai | 0:5b88d5760320 | 417 | /** |
| kenjiArai | 0:5b88d5760320 | 418 | * Request OOB data from the user application. |
| kenjiArai | 0:5b88d5760320 | 419 | * |
| kenjiArai | 0:5b88d5760320 | 420 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 421 | * @note shall be followed by: pal::SecurityManager::legacy_pairing_oob_request_reply |
| kenjiArai | 0:5b88d5760320 | 422 | * or a cancellation of the procedure. |
| kenjiArai | 0:5b88d5760320 | 423 | */ |
| kenjiArai | 0:5b88d5760320 | 424 | void on_legacy_pairing_oob_request( |
| kenjiArai | 0:5b88d5760320 | 425 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 426 | ) { |
| kenjiArai | 0:5b88d5760320 | 427 | impl()->on_legacy_pairing_oob_request_(connection); |
| kenjiArai | 0:5b88d5760320 | 428 | } |
| kenjiArai | 0:5b88d5760320 | 429 | |
| kenjiArai | 0:5b88d5760320 | 430 | /** |
| kenjiArai | 0:5b88d5760320 | 431 | * Send OOB data to the application for transport to the peer. |
| kenjiArai | 0:5b88d5760320 | 432 | * |
| kenjiArai | 0:5b88d5760320 | 433 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 434 | * @param[in] random random number used to generate the confirmation |
| kenjiArai | 0:5b88d5760320 | 435 | * @param[in] confirm confirmation value to be use for authentication |
| kenjiArai | 0:5b88d5760320 | 436 | * in secure connections pairing |
| kenjiArai | 0:5b88d5760320 | 437 | * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason. |
| kenjiArai | 0:5b88d5760320 | 438 | */ |
| kenjiArai | 0:5b88d5760320 | 439 | void on_secure_connections_oob_generated( |
| kenjiArai | 0:5b88d5760320 | 440 | const oob_lesc_value_t &random, |
| kenjiArai | 0:5b88d5760320 | 441 | const oob_confirm_t &confirm |
| kenjiArai | 0:5b88d5760320 | 442 | ) { |
| kenjiArai | 0:5b88d5760320 | 443 | impl()->on_secure_connections_oob_generated_(random, confirm); |
| kenjiArai | 0:5b88d5760320 | 444 | } |
| kenjiArai | 0:5b88d5760320 | 445 | |
| kenjiArai | 0:5b88d5760320 | 446 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 447 | // Keys |
| kenjiArai | 0:5b88d5760320 | 448 | // |
| kenjiArai | 0:5b88d5760320 | 449 | |
| kenjiArai | 0:5b88d5760320 | 450 | /** |
| kenjiArai | 0:5b88d5760320 | 451 | * Store the results of key generation of the stage 2 of secure connections pairing |
| kenjiArai | 0:5b88d5760320 | 452 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 2.3.5.6.5 |
| kenjiArai | 0:5b88d5760320 | 453 | * |
| kenjiArai | 0:5b88d5760320 | 454 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 455 | * @param[in] ltk long term key from the peer |
| kenjiArai | 0:5b88d5760320 | 456 | */ |
| kenjiArai | 0:5b88d5760320 | 457 | void on_secure_connections_ltk_generated( |
| kenjiArai | 0:5b88d5760320 | 458 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 459 | const ltk_t <k |
| kenjiArai | 0:5b88d5760320 | 460 | ) { |
| kenjiArai | 0:5b88d5760320 | 461 | impl()->on_secure_connections_ltk_generated_(connection, ltk); |
| kenjiArai | 0:5b88d5760320 | 462 | } |
| kenjiArai | 0:5b88d5760320 | 463 | |
| kenjiArai | 0:5b88d5760320 | 464 | /** |
| kenjiArai | 0:5b88d5760320 | 465 | * Store the results of key distribution after LTK has been received. |
| kenjiArai | 0:5b88d5760320 | 466 | * |
| kenjiArai | 0:5b88d5760320 | 467 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 468 | * @param[in] ltk long term key from the peer |
| kenjiArai | 0:5b88d5760320 | 469 | */ |
| kenjiArai | 0:5b88d5760320 | 470 | void on_keys_distributed_ltk( |
| kenjiArai | 0:5b88d5760320 | 471 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 472 | const ltk_t <k |
| kenjiArai | 0:5b88d5760320 | 473 | ) { |
| kenjiArai | 0:5b88d5760320 | 474 | impl()->on_keys_distributed_ltk_(connection, ltk); |
| kenjiArai | 0:5b88d5760320 | 475 | } |
| kenjiArai | 0:5b88d5760320 | 476 | |
| kenjiArai | 0:5b88d5760320 | 477 | /** |
| kenjiArai | 0:5b88d5760320 | 478 | * Store the results of key distribution after EDIV and RAND has been received. |
| kenjiArai | 0:5b88d5760320 | 479 | * |
| kenjiArai | 0:5b88d5760320 | 480 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 481 | * @param[in] ltk long term key from the peer |
| kenjiArai | 0:5b88d5760320 | 482 | */ |
| kenjiArai | 0:5b88d5760320 | 483 | void on_keys_distributed_ediv_rand( |
| kenjiArai | 0:5b88d5760320 | 484 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 485 | const ediv_t &ediv, |
| kenjiArai | 0:5b88d5760320 | 486 | const rand_t &rand |
| kenjiArai | 0:5b88d5760320 | 487 | ) { |
| kenjiArai | 0:5b88d5760320 | 488 | impl()->on_keys_distributed_ediv_rand_(connection, ediv, rand); |
| kenjiArai | 0:5b88d5760320 | 489 | } |
| kenjiArai | 0:5b88d5760320 | 490 | |
| kenjiArai | 0:5b88d5760320 | 491 | /** |
| kenjiArai | 0:5b88d5760320 | 492 | * Store the local key, if we are slave now or in the future |
| kenjiArai | 0:5b88d5760320 | 493 | * this will be used to encrypt. |
| kenjiArai | 0:5b88d5760320 | 494 | * |
| kenjiArai | 0:5b88d5760320 | 495 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 496 | * @param[in] ltk key sent to the peer |
| kenjiArai | 0:5b88d5760320 | 497 | */ |
| kenjiArai | 0:5b88d5760320 | 498 | void on_keys_distributed_local_ltk( |
| kenjiArai | 0:5b88d5760320 | 499 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 500 | const ltk_t <k |
| kenjiArai | 0:5b88d5760320 | 501 | ) { |
| kenjiArai | 0:5b88d5760320 | 502 | impl()->on_keys_distributed_local_ltk_(connection, ltk); |
| kenjiArai | 0:5b88d5760320 | 503 | } |
| kenjiArai | 0:5b88d5760320 | 504 | |
| kenjiArai | 0:5b88d5760320 | 505 | /** |
| kenjiArai | 0:5b88d5760320 | 506 | * Store the EDIV and RAND that will be used to identify |
| kenjiArai | 0:5b88d5760320 | 507 | * the stored local LTK. if we are slave that LTK will be |
| kenjiArai | 0:5b88d5760320 | 508 | * used to encrypt, otherwise this will be stored to |
| kenjiArai | 0:5b88d5760320 | 509 | * be used in case of role reversal. |
| kenjiArai | 0:5b88d5760320 | 510 | * |
| kenjiArai | 0:5b88d5760320 | 511 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 512 | * @param[in] ediv identifies LTK |
| kenjiArai | 0:5b88d5760320 | 513 | * @param[in] rand identifies LTK |
| kenjiArai | 0:5b88d5760320 | 514 | */ |
| kenjiArai | 0:5b88d5760320 | 515 | void on_keys_distributed_local_ediv_rand( |
| kenjiArai | 0:5b88d5760320 | 516 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 517 | const ediv_t &ediv, |
| kenjiArai | 0:5b88d5760320 | 518 | const rand_t &rand |
| kenjiArai | 0:5b88d5760320 | 519 | ) { |
| kenjiArai | 0:5b88d5760320 | 520 | impl()->on_keys_distributed_local_ediv_rand_(connection, ediv, rand); |
| kenjiArai | 0:5b88d5760320 | 521 | } |
| kenjiArai | 0:5b88d5760320 | 522 | |
| kenjiArai | 0:5b88d5760320 | 523 | /** |
| kenjiArai | 0:5b88d5760320 | 524 | * Store the results of key distribution after IRK has been received. |
| kenjiArai | 0:5b88d5760320 | 525 | * |
| kenjiArai | 0:5b88d5760320 | 526 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 527 | * @param[in] irk identity resolution key |
| kenjiArai | 0:5b88d5760320 | 528 | */ |
| kenjiArai | 0:5b88d5760320 | 529 | void on_keys_distributed_irk( |
| kenjiArai | 0:5b88d5760320 | 530 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 531 | const irk_t &irk |
| kenjiArai | 0:5b88d5760320 | 532 | ) { |
| kenjiArai | 0:5b88d5760320 | 533 | impl()->on_keys_distributed_irk_(connection, irk); |
| kenjiArai | 0:5b88d5760320 | 534 | } |
| kenjiArai | 0:5b88d5760320 | 535 | |
| kenjiArai | 0:5b88d5760320 | 536 | /** |
| kenjiArai | 0:5b88d5760320 | 537 | * Store the identity address of the peer after it has been distributed. |
| kenjiArai | 0:5b88d5760320 | 538 | * |
| kenjiArai | 0:5b88d5760320 | 539 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 540 | * @param[in] peer_identity_address_type public or private address indication |
| kenjiArai | 0:5b88d5760320 | 541 | * @param[in] peer_identity_address peer address |
| kenjiArai | 0:5b88d5760320 | 542 | */ |
| kenjiArai | 0:5b88d5760320 | 543 | void on_keys_distributed_bdaddr( |
| kenjiArai | 0:5b88d5760320 | 544 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 545 | advertising_peer_address_type_t peer_identity_address_type, |
| kenjiArai | 0:5b88d5760320 | 546 | const address_t &peer_identity_address |
| kenjiArai | 0:5b88d5760320 | 547 | ) { |
| kenjiArai | 0:5b88d5760320 | 548 | impl()->on_keys_distributed_bdaddr_(connection, peer_identity_address_type, peer_identity_address); |
| kenjiArai | 0:5b88d5760320 | 549 | } |
| kenjiArai | 0:5b88d5760320 | 550 | |
| kenjiArai | 0:5b88d5760320 | 551 | /** |
| kenjiArai | 0:5b88d5760320 | 552 | * Store the peer's CSRK after it has been distributed. |
| kenjiArai | 0:5b88d5760320 | 553 | * |
| kenjiArai | 0:5b88d5760320 | 554 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 555 | * @param[in] csrk signing key |
| kenjiArai | 0:5b88d5760320 | 556 | */ |
| kenjiArai | 0:5b88d5760320 | 557 | void on_keys_distributed_csrk( |
| kenjiArai | 0:5b88d5760320 | 558 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 559 | const csrk_t &csrk |
| kenjiArai | 0:5b88d5760320 | 560 | ) { |
| kenjiArai | 0:5b88d5760320 | 561 | impl()->on_keys_distributed_csrk_(connection, csrk); |
| kenjiArai | 0:5b88d5760320 | 562 | } |
| kenjiArai | 0:5b88d5760320 | 563 | |
| kenjiArai | 0:5b88d5760320 | 564 | /** |
| kenjiArai | 0:5b88d5760320 | 565 | * Request the LTK since the peer is asking us to encrypt the link. We need to |
| kenjiArai | 0:5b88d5760320 | 566 | * provide the LTK based on the EDIV and RAND provided by the other side. This |
| kenjiArai | 0:5b88d5760320 | 567 | * is called on the slave. |
| kenjiArai | 0:5b88d5760320 | 568 | * |
| kenjiArai | 0:5b88d5760320 | 569 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 570 | * @param[in] ediv identifies LTK |
| kenjiArai | 0:5b88d5760320 | 571 | * @param[in] rand identifies LTK |
| kenjiArai | 0:5b88d5760320 | 572 | */ |
| kenjiArai | 0:5b88d5760320 | 573 | void on_ltk_request( |
| kenjiArai | 0:5b88d5760320 | 574 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 575 | const ediv_t &ediv, |
| kenjiArai | 0:5b88d5760320 | 576 | const rand_t &rand |
| kenjiArai | 0:5b88d5760320 | 577 | ) { |
| kenjiArai | 0:5b88d5760320 | 578 | impl()->on_ltk_request_(connection, ediv, rand); |
| kenjiArai | 0:5b88d5760320 | 579 | } |
| kenjiArai | 0:5b88d5760320 | 580 | |
| kenjiArai | 0:5b88d5760320 | 581 | /** |
| kenjiArai | 0:5b88d5760320 | 582 | * Request the LTK since the peer is asking us to encrypt the link. |
| kenjiArai | 0:5b88d5760320 | 583 | * @note No EDIV or RAND is provided as this requests a secure |
| kenjiArai | 0:5b88d5760320 | 584 | * connections LTK where their values are all zeroes |
| kenjiArai | 0:5b88d5760320 | 585 | * |
| kenjiArai | 0:5b88d5760320 | 586 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 587 | */ |
| kenjiArai | 0:5b88d5760320 | 588 | void on_ltk_request( |
| kenjiArai | 0:5b88d5760320 | 589 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 590 | ) { |
| kenjiArai | 0:5b88d5760320 | 591 | impl()->on_ltk_request_(connection); |
| kenjiArai | 0:5b88d5760320 | 592 | } |
| kenjiArai | 0:5b88d5760320 | 593 | }; |
| kenjiArai | 0:5b88d5760320 | 594 | |
| kenjiArai | 0:5b88d5760320 | 595 | |
| kenjiArai | 0:5b88d5760320 | 596 | /** |
| kenjiArai | 0:5b88d5760320 | 597 | * Adaptation layer of the Security Manager. |
| kenjiArai | 0:5b88d5760320 | 598 | */ |
| kenjiArai | 0:5b88d5760320 | 599 | template<class Impl, class EventHandler> |
| kenjiArai | 0:5b88d5760320 | 600 | class SecurityManager : private mbed::NonCopyable<SecurityManager<Impl, EventHandler> > { |
| kenjiArai | 0:5b88d5760320 | 601 | |
| kenjiArai | 0:5b88d5760320 | 602 | Impl* impl() { |
| kenjiArai | 0:5b88d5760320 | 603 | return static_cast<Impl*>(this); |
| kenjiArai | 0:5b88d5760320 | 604 | } |
| kenjiArai | 0:5b88d5760320 | 605 | |
| kenjiArai | 0:5b88d5760320 | 606 | public: |
| kenjiArai | 0:5b88d5760320 | 607 | SecurityManager() : _pal_event_handler(NULL) { }; |
| kenjiArai | 0:5b88d5760320 | 608 | |
| kenjiArai | 0:5b88d5760320 | 609 | ~SecurityManager() { }; |
| kenjiArai | 0:5b88d5760320 | 610 | |
| kenjiArai | 0:5b88d5760320 | 611 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 612 | // SM lifecycle management |
| kenjiArai | 0:5b88d5760320 | 613 | // |
| kenjiArai | 0:5b88d5760320 | 614 | |
| kenjiArai | 0:5b88d5760320 | 615 | /** |
| kenjiArai | 0:5b88d5760320 | 616 | * Initialise stack. Called before first use. |
| kenjiArai | 0:5b88d5760320 | 617 | * |
| kenjiArai | 0:5b88d5760320 | 618 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 619 | */ |
| kenjiArai | 0:5b88d5760320 | 620 | ble_error_t initialize() { |
| kenjiArai | 0:5b88d5760320 | 621 | return impl()->initialize_(); |
| kenjiArai | 0:5b88d5760320 | 622 | } |
| kenjiArai | 0:5b88d5760320 | 623 | |
| kenjiArai | 0:5b88d5760320 | 624 | /** |
| kenjiArai | 0:5b88d5760320 | 625 | * Finalise all actions. Called before shutdown. |
| kenjiArai | 0:5b88d5760320 | 626 | * |
| kenjiArai | 0:5b88d5760320 | 627 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 628 | */ |
| kenjiArai | 0:5b88d5760320 | 629 | ble_error_t terminate() { |
| kenjiArai | 0:5b88d5760320 | 630 | return impl()->terminate_(); |
| kenjiArai | 0:5b88d5760320 | 631 | } |
| kenjiArai | 0:5b88d5760320 | 632 | |
| kenjiArai | 0:5b88d5760320 | 633 | /** |
| kenjiArai | 0:5b88d5760320 | 634 | * Reset to same state as after initialize. |
| kenjiArai | 0:5b88d5760320 | 635 | * |
| kenjiArai | 0:5b88d5760320 | 636 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 637 | */ |
| kenjiArai | 0:5b88d5760320 | 638 | ble_error_t reset() { |
| kenjiArai | 0:5b88d5760320 | 639 | return impl()->reset_(); |
| kenjiArai | 0:5b88d5760320 | 640 | } |
| kenjiArai | 0:5b88d5760320 | 641 | |
| kenjiArai | 0:5b88d5760320 | 642 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 643 | // Resolving list management |
| kenjiArai | 0:5b88d5760320 | 644 | // |
| kenjiArai | 0:5b88d5760320 | 645 | /** |
| kenjiArai | 0:5b88d5760320 | 646 | * Return the number of address translation entries that can be stored by the |
| kenjiArai | 0:5b88d5760320 | 647 | * subsystem. |
| kenjiArai | 0:5b88d5760320 | 648 | * |
| kenjiArai | 0:5b88d5760320 | 649 | * @warning: The number of entries is considered fixed. |
| kenjiArai | 0:5b88d5760320 | 650 | * |
| kenjiArai | 0:5b88d5760320 | 651 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.41 |
| kenjiArai | 0:5b88d5760320 | 652 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 653 | */ |
| kenjiArai | 0:5b88d5760320 | 654 | uint8_t read_resolving_list_capacity() { |
| kenjiArai | 0:5b88d5760320 | 655 | return impl()->read_resolving_list_capacity_(); |
| kenjiArai | 0:5b88d5760320 | 656 | } |
| kenjiArai | 0:5b88d5760320 | 657 | |
| kenjiArai | 0:5b88d5760320 | 658 | /** |
| kenjiArai | 0:5b88d5760320 | 659 | * Add a device definition into the resolving list of the LE subsystem. |
| kenjiArai | 0:5b88d5760320 | 660 | * |
| kenjiArai | 0:5b88d5760320 | 661 | * @param[in] peer_identity_address_type public/private indicator |
| kenjiArai | 0:5b88d5760320 | 662 | * @param[in] peer_identity_address address of the device whose entry is to be added |
| kenjiArai | 0:5b88d5760320 | 663 | * @param[in] peer_irk peer identity resolving key |
| kenjiArai | 0:5b88d5760320 | 664 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.38 |
| kenjiArai | 0:5b88d5760320 | 665 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 666 | */ |
| kenjiArai | 0:5b88d5760320 | 667 | ble_error_t add_device_to_resolving_list( |
| kenjiArai | 0:5b88d5760320 | 668 | advertising_peer_address_type_t peer_identity_address_type, |
| kenjiArai | 0:5b88d5760320 | 669 | const address_t &peer_identity_address, |
| kenjiArai | 0:5b88d5760320 | 670 | const irk_t &peer_irk |
| kenjiArai | 0:5b88d5760320 | 671 | ) { |
| kenjiArai | 0:5b88d5760320 | 672 | return impl()->add_device_to_resolving_list_( |
| kenjiArai | 0:5b88d5760320 | 673 | peer_identity_address_type, |
| kenjiArai | 0:5b88d5760320 | 674 | peer_identity_address, |
| kenjiArai | 0:5b88d5760320 | 675 | peer_irk |
| kenjiArai | 0:5b88d5760320 | 676 | ); |
| kenjiArai | 0:5b88d5760320 | 677 | } |
| kenjiArai | 0:5b88d5760320 | 678 | |
| kenjiArai | 0:5b88d5760320 | 679 | /** |
| kenjiArai | 0:5b88d5760320 | 680 | * Add a device definition from the resolving list of the LE subsystem. |
| kenjiArai | 0:5b88d5760320 | 681 | * |
| kenjiArai | 0:5b88d5760320 | 682 | * @param[in] peer_identity_address_type public/private indicator |
| kenjiArai | 0:5b88d5760320 | 683 | * @param[in] peer_identity_address address of the device whose entry is to be removed |
| kenjiArai | 0:5b88d5760320 | 684 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.39 |
| kenjiArai | 0:5b88d5760320 | 685 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 686 | */ |
| kenjiArai | 0:5b88d5760320 | 687 | ble_error_t remove_device_from_resolving_list( |
| kenjiArai | 0:5b88d5760320 | 688 | advertising_peer_address_type_t peer_identity_address_type, |
| kenjiArai | 0:5b88d5760320 | 689 | const address_t &peer_identity_address |
| kenjiArai | 0:5b88d5760320 | 690 | ) { |
| kenjiArai | 0:5b88d5760320 | 691 | return impl()->remove_device_from_resolving_list_( |
| kenjiArai | 0:5b88d5760320 | 692 | peer_identity_address_type, |
| kenjiArai | 0:5b88d5760320 | 693 | peer_identity_address |
| kenjiArai | 0:5b88d5760320 | 694 | ); |
| kenjiArai | 0:5b88d5760320 | 695 | } |
| kenjiArai | 0:5b88d5760320 | 696 | |
| kenjiArai | 0:5b88d5760320 | 697 | /** |
| kenjiArai | 0:5b88d5760320 | 698 | * Remove all devices from the resolving list. |
| kenjiArai | 0:5b88d5760320 | 699 | * |
| kenjiArai | 0:5b88d5760320 | 700 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.40 |
| kenjiArai | 0:5b88d5760320 | 701 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 702 | */ |
| kenjiArai | 0:5b88d5760320 | 703 | ble_error_t clear_resolving_list() { |
| kenjiArai | 0:5b88d5760320 | 704 | return impl()->clear_resolving_list_(); |
| kenjiArai | 0:5b88d5760320 | 705 | } |
| kenjiArai | 0:5b88d5760320 | 706 | |
| kenjiArai | 0:5b88d5760320 | 707 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 708 | // Pairing |
| kenjiArai | 0:5b88d5760320 | 709 | // |
| kenjiArai | 0:5b88d5760320 | 710 | |
| kenjiArai | 0:5b88d5760320 | 711 | /** |
| kenjiArai | 0:5b88d5760320 | 712 | * Send a pairing request to a slave. |
| kenjiArai | 0:5b88d5760320 | 713 | * |
| kenjiArai | 0:5b88d5760320 | 714 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 715 | * @param[in] oob_data_flag is oob data present |
| kenjiArai | 0:5b88d5760320 | 716 | * @param[in] authentication_requirements authentication requirements |
| kenjiArai | 0:5b88d5760320 | 717 | * @param[in] initiator_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 718 | * @param[in] responder_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 719 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.1 |
| kenjiArai | 0:5b88d5760320 | 720 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 721 | */ |
| kenjiArai | 0:5b88d5760320 | 722 | ble_error_t send_pairing_request( |
| kenjiArai | 0:5b88d5760320 | 723 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 724 | bool oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 725 | AuthenticationMask authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 726 | KeyDistribution initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 727 | KeyDistribution responder_dist |
| kenjiArai | 0:5b88d5760320 | 728 | ) { |
| kenjiArai | 0:5b88d5760320 | 729 | return impl()->send_pairing_request_( |
| kenjiArai | 0:5b88d5760320 | 730 | connection, |
| kenjiArai | 0:5b88d5760320 | 731 | oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 732 | authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 733 | initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 734 | responder_dist |
| kenjiArai | 0:5b88d5760320 | 735 | ); |
| kenjiArai | 0:5b88d5760320 | 736 | } |
| kenjiArai | 0:5b88d5760320 | 737 | |
| kenjiArai | 0:5b88d5760320 | 738 | /** |
| kenjiArai | 0:5b88d5760320 | 739 | * Send a pairing response to a master. |
| kenjiArai | 0:5b88d5760320 | 740 | * |
| kenjiArai | 0:5b88d5760320 | 741 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.2* |
| kenjiArai | 0:5b88d5760320 | 742 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 743 | * @param[in] oob_data_flag is oob data present |
| kenjiArai | 0:5b88d5760320 | 744 | * @param[in] authentication_requirements authentication requirements |
| kenjiArai | 0:5b88d5760320 | 745 | * @param[in] initiator_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 746 | * @param[in] responder_dist key distribution |
| kenjiArai | 0:5b88d5760320 | 747 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 748 | */ |
| kenjiArai | 0:5b88d5760320 | 749 | ble_error_t send_pairing_response( |
| kenjiArai | 0:5b88d5760320 | 750 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 751 | bool oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 752 | AuthenticationMask authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 753 | KeyDistribution initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 754 | KeyDistribution responder_dist |
| kenjiArai | 0:5b88d5760320 | 755 | ) { |
| kenjiArai | 0:5b88d5760320 | 756 | return impl()->send_pairing_response_( |
| kenjiArai | 0:5b88d5760320 | 757 | connection, |
| kenjiArai | 0:5b88d5760320 | 758 | oob_data_flag, |
| kenjiArai | 0:5b88d5760320 | 759 | authentication_requirements, |
| kenjiArai | 0:5b88d5760320 | 760 | initiator_dist, |
| kenjiArai | 0:5b88d5760320 | 761 | responder_dist |
| kenjiArai | 0:5b88d5760320 | 762 | ); |
| kenjiArai | 0:5b88d5760320 | 763 | } |
| kenjiArai | 0:5b88d5760320 | 764 | |
| kenjiArai | 0:5b88d5760320 | 765 | /** |
| kenjiArai | 0:5b88d5760320 | 766 | * Cancel an ongoing pairing. |
| kenjiArai | 0:5b88d5760320 | 767 | * |
| kenjiArai | 0:5b88d5760320 | 768 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 769 | * @param[in] reason pairing failure error |
| kenjiArai | 0:5b88d5760320 | 770 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.5 |
| kenjiArai | 0:5b88d5760320 | 771 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 772 | */ |
| kenjiArai | 0:5b88d5760320 | 773 | ble_error_t cancel_pairing( |
| kenjiArai | 0:5b88d5760320 | 774 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 775 | pairing_failure_t reason |
| kenjiArai | 0:5b88d5760320 | 776 | ) { |
| kenjiArai | 0:5b88d5760320 | 777 | return impl()->cancel_pairing_( |
| kenjiArai | 0:5b88d5760320 | 778 | connection, |
| kenjiArai | 0:5b88d5760320 | 779 | reason |
| kenjiArai | 0:5b88d5760320 | 780 | ); |
| kenjiArai | 0:5b88d5760320 | 781 | } |
| kenjiArai | 0:5b88d5760320 | 782 | |
| kenjiArai | 0:5b88d5760320 | 783 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 784 | // Feature support |
| kenjiArai | 0:5b88d5760320 | 785 | // |
| kenjiArai | 0:5b88d5760320 | 786 | |
| kenjiArai | 0:5b88d5760320 | 787 | /** |
| kenjiArai | 0:5b88d5760320 | 788 | * Check if the Secure Connections feature is supported by the stack and controller. |
| kenjiArai | 0:5b88d5760320 | 789 | * |
| kenjiArai | 0:5b88d5760320 | 790 | * @param[out] enabled true if SC are supported |
| kenjiArai | 0:5b88d5760320 | 791 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 792 | */ |
| kenjiArai | 0:5b88d5760320 | 793 | ble_error_t get_secure_connections_support( |
| kenjiArai | 0:5b88d5760320 | 794 | bool &enabled |
| kenjiArai | 0:5b88d5760320 | 795 | ) { |
| kenjiArai | 0:5b88d5760320 | 796 | return impl()->get_secure_connections_support_(enabled); |
| kenjiArai | 0:5b88d5760320 | 797 | } |
| kenjiArai | 0:5b88d5760320 | 798 | |
| kenjiArai | 0:5b88d5760320 | 799 | /** |
| kenjiArai | 0:5b88d5760320 | 800 | * Set the IO capability that will be used during pairing feature exchange. |
| kenjiArai | 0:5b88d5760320 | 801 | * |
| kenjiArai | 0:5b88d5760320 | 802 | * @param[in] io_capability type of IO capabilities available on the local device |
| kenjiArai | 0:5b88d5760320 | 803 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 804 | */ |
| kenjiArai | 0:5b88d5760320 | 805 | ble_error_t set_io_capability( |
| kenjiArai | 0:5b88d5760320 | 806 | io_capability_t io_capability |
| kenjiArai | 0:5b88d5760320 | 807 | ) { |
| kenjiArai | 0:5b88d5760320 | 808 | return impl()->set_io_capability_(io_capability); |
| kenjiArai | 0:5b88d5760320 | 809 | } |
| kenjiArai | 0:5b88d5760320 | 810 | |
| kenjiArai | 0:5b88d5760320 | 811 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 812 | // Security settings |
| kenjiArai | 0:5b88d5760320 | 813 | // |
| kenjiArai | 0:5b88d5760320 | 814 | |
| kenjiArai | 0:5b88d5760320 | 815 | /** |
| kenjiArai | 0:5b88d5760320 | 816 | * Set the time after which an event will be generated unless we received a packet with |
| kenjiArai | 0:5b88d5760320 | 817 | * a valid MIC. |
| kenjiArai | 0:5b88d5760320 | 818 | * |
| kenjiArai | 0:5b88d5760320 | 819 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 820 | * @param[in] timeout_in_10ms time measured in units of 10 milliseconds |
| kenjiArai | 0:5b88d5760320 | 821 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 822 | */ |
| kenjiArai | 0:5b88d5760320 | 823 | ble_error_t set_authentication_timeout( |
| kenjiArai | 0:5b88d5760320 | 824 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 825 | uint16_t timeout_in_10ms |
| kenjiArai | 0:5b88d5760320 | 826 | ) { |
| kenjiArai | 0:5b88d5760320 | 827 | return impl()->set_authentication_timeout_( |
| kenjiArai | 0:5b88d5760320 | 828 | connection, |
| kenjiArai | 0:5b88d5760320 | 829 | timeout_in_10ms |
| kenjiArai | 0:5b88d5760320 | 830 | ); |
| kenjiArai | 0:5b88d5760320 | 831 | } |
| kenjiArai | 0:5b88d5760320 | 832 | |
| kenjiArai | 0:5b88d5760320 | 833 | /** |
| kenjiArai | 0:5b88d5760320 | 834 | * Get the time after which an event will be generated unless we received a packet with |
| kenjiArai | 0:5b88d5760320 | 835 | * a valid MIC. |
| kenjiArai | 0:5b88d5760320 | 836 | * |
| kenjiArai | 0:5b88d5760320 | 837 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 838 | * @param[out] timeout_in_10ms time measured in units of 10 milliseconds |
| kenjiArai | 0:5b88d5760320 | 839 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 840 | */ |
| kenjiArai | 0:5b88d5760320 | 841 | ble_error_t get_authentication_timeout( |
| kenjiArai | 0:5b88d5760320 | 842 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 843 | uint16_t &timeout_in_10ms |
| kenjiArai | 0:5b88d5760320 | 844 | ) { |
| kenjiArai | 0:5b88d5760320 | 845 | return impl()->get_authentication_timeout_( |
| kenjiArai | 0:5b88d5760320 | 846 | connection, |
| kenjiArai | 0:5b88d5760320 | 847 | timeout_in_10ms |
| kenjiArai | 0:5b88d5760320 | 848 | ); |
| kenjiArai | 0:5b88d5760320 | 849 | } |
| kenjiArai | 0:5b88d5760320 | 850 | |
| kenjiArai | 0:5b88d5760320 | 851 | /** |
| kenjiArai | 0:5b88d5760320 | 852 | * Set the key size boundaries that will be used during pairing feature |
| kenjiArai | 0:5b88d5760320 | 853 | * exchange. |
| kenjiArai | 0:5b88d5760320 | 854 | * |
| kenjiArai | 0:5b88d5760320 | 855 | * @param[in] min_encryption_key_size The minimum encryption key size in bytes |
| kenjiArai | 0:5b88d5760320 | 856 | * required for pairing. This value shall be in the range [7 : 16]. |
| kenjiArai | 0:5b88d5760320 | 857 | * |
| kenjiArai | 0:5b88d5760320 | 858 | * @param[in] max_encryption_key_size The maximum encryption key size in bytes |
| kenjiArai | 0:5b88d5760320 | 859 | * required for pairing. This value shall be in the range |
| kenjiArai | 0:5b88d5760320 | 860 | * [min_encryption_key_size : 16]. |
| kenjiArai | 0:5b88d5760320 | 861 | * |
| kenjiArai | 0:5b88d5760320 | 862 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 863 | */ |
| kenjiArai | 0:5b88d5760320 | 864 | ble_error_t set_encryption_key_requirements( |
| kenjiArai | 0:5b88d5760320 | 865 | uint8_t min_encryption_key_size, |
| kenjiArai | 0:5b88d5760320 | 866 | uint8_t max_encryption_key_size |
| kenjiArai | 0:5b88d5760320 | 867 | ) { |
| kenjiArai | 0:5b88d5760320 | 868 | return impl()->set_encryption_key_requirements_( |
| kenjiArai | 0:5b88d5760320 | 869 | min_encryption_key_size, |
| kenjiArai | 0:5b88d5760320 | 870 | max_encryption_key_size |
| kenjiArai | 0:5b88d5760320 | 871 | ); |
| kenjiArai | 0:5b88d5760320 | 872 | } |
| kenjiArai | 0:5b88d5760320 | 873 | |
| kenjiArai | 0:5b88d5760320 | 874 | /** |
| kenjiArai | 0:5b88d5760320 | 875 | * Request change of security level from the master. This is called by the slave when |
| kenjiArai | 0:5b88d5760320 | 876 | * it needs to elevate the security level as it can't change it itself. This will be |
| kenjiArai | 0:5b88d5760320 | 877 | * received by the master who will take the decision about what action to take |
| kenjiArai | 0:5b88d5760320 | 878 | * (encryption, pairing, re-paring). |
| kenjiArai | 0:5b88d5760320 | 879 | * |
| kenjiArai | 0:5b88d5760320 | 880 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 881 | * @param[in] authentication authentication requirements |
| kenjiArai | 0:5b88d5760320 | 882 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 883 | */ |
| kenjiArai | 0:5b88d5760320 | 884 | ble_error_t slave_security_request( |
| kenjiArai | 0:5b88d5760320 | 885 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 886 | AuthenticationMask authentication |
| kenjiArai | 0:5b88d5760320 | 887 | ) { |
| kenjiArai | 0:5b88d5760320 | 888 | return impl()->slave_security_request_( |
| kenjiArai | 0:5b88d5760320 | 889 | connection, |
| kenjiArai | 0:5b88d5760320 | 890 | authentication |
| kenjiArai | 0:5b88d5760320 | 891 | ); |
| kenjiArai | 0:5b88d5760320 | 892 | } |
| kenjiArai | 0:5b88d5760320 | 893 | |
| kenjiArai | 0:5b88d5760320 | 894 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 895 | // Encryption |
| kenjiArai | 0:5b88d5760320 | 896 | // |
| kenjiArai | 0:5b88d5760320 | 897 | |
| kenjiArai | 0:5b88d5760320 | 898 | /** |
| kenjiArai | 0:5b88d5760320 | 899 | * Enabled encryption using the LTK given. The EDIV and RAND will be sent to the peer and |
| kenjiArai | 0:5b88d5760320 | 900 | * used to identify the LTK. This is called by the master. This will refresh the key if |
| kenjiArai | 0:5b88d5760320 | 901 | * enabled on an already encrypted link. |
| kenjiArai | 0:5b88d5760320 | 902 | * |
| kenjiArai | 0:5b88d5760320 | 903 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 904 | * @param[in] ltk long term key from the peer |
| kenjiArai | 0:5b88d5760320 | 905 | * @param[in] ediv encryption diversifier from the peer |
| kenjiArai | 0:5b88d5760320 | 906 | * @param[in] rand random value from the peer |
| kenjiArai | 0:5b88d5760320 | 907 | * @param[in] mitm does the LTK have man in the middle protection |
| kenjiArai | 0:5b88d5760320 | 908 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 909 | */ |
| kenjiArai | 0:5b88d5760320 | 910 | ble_error_t enable_encryption( |
| kenjiArai | 0:5b88d5760320 | 911 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 912 | const ltk_t <k, |
| kenjiArai | 0:5b88d5760320 | 913 | const rand_t &rand, |
| kenjiArai | 0:5b88d5760320 | 914 | const ediv_t &ediv, |
| kenjiArai | 0:5b88d5760320 | 915 | bool mitm |
| kenjiArai | 0:5b88d5760320 | 916 | ) { |
| kenjiArai | 0:5b88d5760320 | 917 | return impl()->enable_encryption_( |
| kenjiArai | 0:5b88d5760320 | 918 | connection, |
| kenjiArai | 0:5b88d5760320 | 919 | ltk, |
| kenjiArai | 0:5b88d5760320 | 920 | rand, |
| kenjiArai | 0:5b88d5760320 | 921 | ediv, |
| kenjiArai | 0:5b88d5760320 | 922 | mitm |
| kenjiArai | 0:5b88d5760320 | 923 | ); |
| kenjiArai | 0:5b88d5760320 | 924 | } |
| kenjiArai | 0:5b88d5760320 | 925 | |
| kenjiArai | 0:5b88d5760320 | 926 | /** |
| kenjiArai | 0:5b88d5760320 | 927 | * Enabled encryption using the LTK given on a connection established with secure |
| kenjiArai | 0:5b88d5760320 | 928 | * connections pairing. |
| kenjiArai | 0:5b88d5760320 | 929 | * |
| kenjiArai | 0:5b88d5760320 | 930 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 931 | * @param[in] ltk long term key from the peer |
| kenjiArai | 0:5b88d5760320 | 932 | * @param[in] mitm does the LTK have man in the middle protection |
| kenjiArai | 0:5b88d5760320 | 933 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 934 | */ |
| kenjiArai | 0:5b88d5760320 | 935 | ble_error_t enable_encryption( |
| kenjiArai | 0:5b88d5760320 | 936 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 937 | const ltk_t <k, |
| kenjiArai | 0:5b88d5760320 | 938 | bool mitm |
| kenjiArai | 0:5b88d5760320 | 939 | ) { |
| kenjiArai | 0:5b88d5760320 | 940 | return impl()->enable_encryption_( |
| kenjiArai | 0:5b88d5760320 | 941 | connection, |
| kenjiArai | 0:5b88d5760320 | 942 | ltk, |
| kenjiArai | 0:5b88d5760320 | 943 | mitm |
| kenjiArai | 0:5b88d5760320 | 944 | ); |
| kenjiArai | 0:5b88d5760320 | 945 | } |
| kenjiArai | 0:5b88d5760320 | 946 | |
| kenjiArai | 0:5b88d5760320 | 947 | /** |
| kenjiArai | 0:5b88d5760320 | 948 | * Encrypt data with a given key. This uses the facility on the controller to |
| kenjiArai | 0:5b88d5760320 | 949 | * perform the encryption. |
| kenjiArai | 0:5b88d5760320 | 950 | * |
| kenjiArai | 0:5b88d5760320 | 951 | * @param[in] key encryption key |
| kenjiArai | 0:5b88d5760320 | 952 | * @param[in,out] data data to be encrypted, if successful contains the result |
| kenjiArai | 0:5b88d5760320 | 953 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 954 | */ |
| kenjiArai | 0:5b88d5760320 | 955 | ble_error_t encrypt_data( |
| kenjiArai | 0:5b88d5760320 | 956 | const byte_array_t<16> &key, |
| kenjiArai | 0:5b88d5760320 | 957 | encryption_block_t &data |
| kenjiArai | 0:5b88d5760320 | 958 | ) { |
| kenjiArai | 0:5b88d5760320 | 959 | return impl()->encrypt_data_(key, data); |
| kenjiArai | 0:5b88d5760320 | 960 | } |
| kenjiArai | 0:5b88d5760320 | 961 | |
| kenjiArai | 0:5b88d5760320 | 962 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 963 | // Privacy |
| kenjiArai | 0:5b88d5760320 | 964 | // |
| kenjiArai | 0:5b88d5760320 | 965 | |
| kenjiArai | 0:5b88d5760320 | 966 | ble_error_t set_private_address_timeout( |
| kenjiArai | 0:5b88d5760320 | 967 | uint16_t timeout_in_seconds |
| kenjiArai | 0:5b88d5760320 | 968 | ) { |
| kenjiArai | 0:5b88d5760320 | 969 | return impl()->set_private_address_timeout(timeout_in_seconds); |
| kenjiArai | 0:5b88d5760320 | 970 | } |
| kenjiArai | 0:5b88d5760320 | 971 | |
| kenjiArai | 0:5b88d5760320 | 972 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 973 | // Keys |
| kenjiArai | 0:5b88d5760320 | 974 | // |
| kenjiArai | 0:5b88d5760320 | 975 | |
| kenjiArai | 0:5b88d5760320 | 976 | /** |
| kenjiArai | 0:5b88d5760320 | 977 | * Set the LTK that is to be used for encryption. |
| kenjiArai | 0:5b88d5760320 | 978 | * |
| kenjiArai | 0:5b88d5760320 | 979 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 980 | * @param[in] ltk long term key |
| kenjiArai | 0:5b88d5760320 | 981 | * @param[in] mitm does the LTK have man in the middle protection |
| kenjiArai | 0:5b88d5760320 | 982 | * @param[in] secure_connections is this a secure_connections pairing |
| kenjiArai | 0:5b88d5760320 | 983 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 984 | */ |
| kenjiArai | 0:5b88d5760320 | 985 | ble_error_t set_ltk( |
| kenjiArai | 0:5b88d5760320 | 986 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 987 | const ltk_t <k, |
| kenjiArai | 0:5b88d5760320 | 988 | bool mitm, |
| kenjiArai | 0:5b88d5760320 | 989 | bool secure_connections |
| kenjiArai | 0:5b88d5760320 | 990 | ) { |
| kenjiArai | 0:5b88d5760320 | 991 | return impl()->set_ltk_(connection, ltk, mitm, secure_connections); |
| kenjiArai | 0:5b88d5760320 | 992 | } |
| kenjiArai | 0:5b88d5760320 | 993 | |
| kenjiArai | 0:5b88d5760320 | 994 | /** |
| kenjiArai | 0:5b88d5760320 | 995 | * Inform the stack we don't have the LTK. |
| kenjiArai | 0:5b88d5760320 | 996 | * |
| kenjiArai | 0:5b88d5760320 | 997 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 998 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 999 | */ |
| kenjiArai | 0:5b88d5760320 | 1000 | ble_error_t set_ltk_not_found( |
| kenjiArai | 0:5b88d5760320 | 1001 | connection_handle_t connection |
| kenjiArai | 0:5b88d5760320 | 1002 | ) { |
| kenjiArai | 0:5b88d5760320 | 1003 | return impl()->set_ltk_not_found_(connection); |
| kenjiArai | 0:5b88d5760320 | 1004 | } |
| kenjiArai | 0:5b88d5760320 | 1005 | |
| kenjiArai | 0:5b88d5760320 | 1006 | /** |
| kenjiArai | 0:5b88d5760320 | 1007 | * Set the local IRK. |
| kenjiArai | 0:5b88d5760320 | 1008 | * |
| kenjiArai | 0:5b88d5760320 | 1009 | * @param[in] irk identity resolution key |
| kenjiArai | 0:5b88d5760320 | 1010 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1011 | */ |
| kenjiArai | 0:5b88d5760320 | 1012 | ble_error_t set_irk( |
| kenjiArai | 0:5b88d5760320 | 1013 | const irk_t &irk |
| kenjiArai | 0:5b88d5760320 | 1014 | ) { |
| kenjiArai | 0:5b88d5760320 | 1015 | return impl()->set_irk_(irk); |
| kenjiArai | 0:5b88d5760320 | 1016 | } |
| kenjiArai | 0:5b88d5760320 | 1017 | |
| kenjiArai | 0:5b88d5760320 | 1018 | /** |
| kenjiArai | 0:5b88d5760320 | 1019 | * Set the local CSRK. |
| kenjiArai | 0:5b88d5760320 | 1020 | * |
| kenjiArai | 0:5b88d5760320 | 1021 | * @param[in] csrk local signing key |
| kenjiArai | 0:5b88d5760320 | 1022 | * @param[in] sign_counter local signing counter |
| kenjiArai | 0:5b88d5760320 | 1023 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1024 | */ |
| kenjiArai | 0:5b88d5760320 | 1025 | ble_error_t set_csrk( |
| kenjiArai | 0:5b88d5760320 | 1026 | const csrk_t &csrk, |
| kenjiArai | 0:5b88d5760320 | 1027 | sign_count_t sign_counter |
| kenjiArai | 0:5b88d5760320 | 1028 | ) { |
| kenjiArai | 0:5b88d5760320 | 1029 | return impl()->set_csrk_(csrk, sign_counter); |
| kenjiArai | 0:5b88d5760320 | 1030 | } |
| kenjiArai | 0:5b88d5760320 | 1031 | |
| kenjiArai | 0:5b88d5760320 | 1032 | /** |
| kenjiArai | 0:5b88d5760320 | 1033 | * Set the peer CSRK for particular connection. |
| kenjiArai | 0:5b88d5760320 | 1034 | * |
| kenjiArai | 0:5b88d5760320 | 1035 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 1036 | * @param[in] csrk signing key |
| kenjiArai | 0:5b88d5760320 | 1037 | * @param[in] authenticated is the CSRK authenticated |
| kenjiArai | 0:5b88d5760320 | 1038 | * @param[in] sign_counter signing counter |
| kenjiArai | 0:5b88d5760320 | 1039 | * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1040 | */ |
| kenjiArai | 0:5b88d5760320 | 1041 | ble_error_t set_peer_csrk( |
| kenjiArai | 0:5b88d5760320 | 1042 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1043 | const csrk_t &csrk, |
| kenjiArai | 0:5b88d5760320 | 1044 | bool authenticated, |
| kenjiArai | 0:5b88d5760320 | 1045 | sign_count_t sign_counter |
| kenjiArai | 0:5b88d5760320 | 1046 | ) { |
| kenjiArai | 0:5b88d5760320 | 1047 | return impl()->set_peer_csrk_( |
| kenjiArai | 0:5b88d5760320 | 1048 | connection, |
| kenjiArai | 0:5b88d5760320 | 1049 | csrk, |
| kenjiArai | 0:5b88d5760320 | 1050 | authenticated, |
| kenjiArai | 0:5b88d5760320 | 1051 | sign_counter |
| kenjiArai | 0:5b88d5760320 | 1052 | ); |
| kenjiArai | 0:5b88d5760320 | 1053 | } |
| kenjiArai | 0:5b88d5760320 | 1054 | |
| kenjiArai | 0:5b88d5760320 | 1055 | ble_error_t remove_peer_csrk(connection_handle_t connection) { |
| kenjiArai | 0:5b88d5760320 | 1056 | return impl()->remove_peer_csrk_(connection); |
| kenjiArai | 0:5b88d5760320 | 1057 | } |
| kenjiArai | 0:5b88d5760320 | 1058 | |
| kenjiArai | 0:5b88d5760320 | 1059 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 1060 | // Authentication |
| kenjiArai | 0:5b88d5760320 | 1061 | // |
| kenjiArai | 0:5b88d5760320 | 1062 | |
| kenjiArai | 0:5b88d5760320 | 1063 | /** |
| kenjiArai | 0:5b88d5760320 | 1064 | * Generate and return 8 octets of random data compliant with [FIPS PUB 140-2] |
| kenjiArai | 0:5b88d5760320 | 1065 | * |
| kenjiArai | 0:5b88d5760320 | 1066 | * @param[out] random_data returns 8 octets of random data |
| kenjiArai | 0:5b88d5760320 | 1067 | * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part H 2 |
| kenjiArai | 0:5b88d5760320 | 1068 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1069 | */ |
| kenjiArai | 0:5b88d5760320 | 1070 | ble_error_t get_random_data( |
| kenjiArai | 0:5b88d5760320 | 1071 | byte_array_t<8> &random_data |
| kenjiArai | 0:5b88d5760320 | 1072 | ) { |
| kenjiArai | 0:5b88d5760320 | 1073 | return impl()->get_random_data_(random_data); |
| kenjiArai | 0:5b88d5760320 | 1074 | } |
| kenjiArai | 0:5b88d5760320 | 1075 | |
| kenjiArai | 0:5b88d5760320 | 1076 | //////////////////////////////////////////////////////////////////////////// |
| kenjiArai | 0:5b88d5760320 | 1077 | // MITM |
| kenjiArai | 0:5b88d5760320 | 1078 | // |
| kenjiArai | 0:5b88d5760320 | 1079 | |
| kenjiArai | 0:5b88d5760320 | 1080 | /** |
| kenjiArai | 0:5b88d5760320 | 1081 | * Set the default passkey that will be used when the SM needs a passkey to |
| kenjiArai | 0:5b88d5760320 | 1082 | * be displayed. |
| kenjiArai | 0:5b88d5760320 | 1083 | * |
| kenjiArai | 0:5b88d5760320 | 1084 | * By default, the pal security manager generates a random passkey when a |
| kenjiArai | 0:5b88d5760320 | 1085 | * passkey has to be displayed by the application. A call to this function |
| kenjiArai | 0:5b88d5760320 | 1086 | * with a valid passkey alter this behaviour and the SecurityManager shall |
| kenjiArai | 0:5b88d5760320 | 1087 | * pass the passkey set into SecurityManagerEvent::on_passkey_display . |
| kenjiArai | 0:5b88d5760320 | 1088 | * |
| kenjiArai | 0:5b88d5760320 | 1089 | * A call to this function with a zero value will reset the behaviour and |
| kenjiArai | 0:5b88d5760320 | 1090 | * indicates to the security manager that passkeys passed to |
| kenjiArai | 0:5b88d5760320 | 1091 | * SecurityManagerEvent::on_passkey_display shall be randomly generated. |
| kenjiArai | 0:5b88d5760320 | 1092 | * |
| kenjiArai | 0:5b88d5760320 | 1093 | * @param[in] passkey Set the passkey that shall be used by the security |
| kenjiArai | 0:5b88d5760320 | 1094 | * manager when SecurityManagerEvent::on_passkey_display is called. If |
| kenjiArai | 0:5b88d5760320 | 1095 | * passkey is set to 0 then the security manager generates a random |
| kenjiArai | 0:5b88d5760320 | 1096 | * passkey every time it calls SecurityManagerEvent::on_passkey_display. |
| kenjiArai | 0:5b88d5760320 | 1097 | * |
| kenjiArai | 0:5b88d5760320 | 1098 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1099 | */ |
| kenjiArai | 0:5b88d5760320 | 1100 | ble_error_t set_display_passkey( |
| kenjiArai | 0:5b88d5760320 | 1101 | passkey_num_t passkey |
| kenjiArai | 0:5b88d5760320 | 1102 | ) { |
| kenjiArai | 0:5b88d5760320 | 1103 | return impl()->set_display_passkey_(passkey); |
| kenjiArai | 0:5b88d5760320 | 1104 | } |
| kenjiArai | 0:5b88d5760320 | 1105 | |
| kenjiArai | 0:5b88d5760320 | 1106 | /** |
| kenjiArai | 0:5b88d5760320 | 1107 | * Reply to a passkey request received from the SecurityManagerEventHandler. |
| kenjiArai | 0:5b88d5760320 | 1108 | * |
| kenjiArai | 0:5b88d5760320 | 1109 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1110 | */ |
| kenjiArai | 0:5b88d5760320 | 1111 | ble_error_t passkey_request_reply( |
| kenjiArai | 0:5b88d5760320 | 1112 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1113 | passkey_num_t passkey |
| kenjiArai | 0:5b88d5760320 | 1114 | ) { |
| kenjiArai | 0:5b88d5760320 | 1115 | return impl()->passkey_request_reply_(connection, passkey); |
| kenjiArai | 0:5b88d5760320 | 1116 | } |
| kenjiArai | 0:5b88d5760320 | 1117 | |
| kenjiArai | 0:5b88d5760320 | 1118 | /** |
| kenjiArai | 0:5b88d5760320 | 1119 | * Reply to a Secure Connections oob data request received from the SecurityManagerEventHandler. |
| kenjiArai | 0:5b88d5760320 | 1120 | * |
| kenjiArai | 0:5b88d5760320 | 1121 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 1122 | * @param[in] local_random local random number used for the last oob exchange |
| kenjiArai | 0:5b88d5760320 | 1123 | * @param[in] peer_random random number used to generate the confirmation on peer |
| kenjiArai | 0:5b88d5760320 | 1124 | * @param[in] peer_confirm confirmation value to be use for authentication |
| kenjiArai | 0:5b88d5760320 | 1125 | * in secure connections pairing |
| kenjiArai | 0:5b88d5760320 | 1126 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1127 | */ |
| kenjiArai | 0:5b88d5760320 | 1128 | ble_error_t secure_connections_oob_request_reply( |
| kenjiArai | 0:5b88d5760320 | 1129 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1130 | const oob_lesc_value_t &local_random, |
| kenjiArai | 0:5b88d5760320 | 1131 | const oob_lesc_value_t &peer_random, |
| kenjiArai | 0:5b88d5760320 | 1132 | const oob_confirm_t &peer_confirm |
| kenjiArai | 0:5b88d5760320 | 1133 | ) { |
| kenjiArai | 0:5b88d5760320 | 1134 | return impl()->secure_connections_oob_request_reply_( |
| kenjiArai | 0:5b88d5760320 | 1135 | connection, |
| kenjiArai | 0:5b88d5760320 | 1136 | local_random, |
| kenjiArai | 0:5b88d5760320 | 1137 | peer_random, |
| kenjiArai | 0:5b88d5760320 | 1138 | peer_confirm |
| kenjiArai | 0:5b88d5760320 | 1139 | ); |
| kenjiArai | 0:5b88d5760320 | 1140 | } |
| kenjiArai | 0:5b88d5760320 | 1141 | |
| kenjiArai | 0:5b88d5760320 | 1142 | /** |
| kenjiArai | 0:5b88d5760320 | 1143 | * Reply to a legacy pairing oob data request received from the SecurityManagerEventHandler. |
| kenjiArai | 0:5b88d5760320 | 1144 | * |
| kenjiArai | 0:5b88d5760320 | 1145 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 1146 | * @param[in] oob_data pointer to out of band data |
| kenjiArai | 0:5b88d5760320 | 1147 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1148 | */ |
| kenjiArai | 0:5b88d5760320 | 1149 | ble_error_t legacy_pairing_oob_request_reply( |
| kenjiArai | 0:5b88d5760320 | 1150 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1151 | const oob_tk_t &oob_data |
| kenjiArai | 0:5b88d5760320 | 1152 | ) { |
| kenjiArai | 0:5b88d5760320 | 1153 | return impl()->legacy_pairing_oob_request_reply_(connection, oob_data); |
| kenjiArai | 0:5b88d5760320 | 1154 | } |
| kenjiArai | 0:5b88d5760320 | 1155 | |
| kenjiArai | 0:5b88d5760320 | 1156 | /** |
| kenjiArai | 0:5b88d5760320 | 1157 | * Notify the stack that the user has confirmed the values during numerical |
| kenjiArai | 0:5b88d5760320 | 1158 | * comparison stage of pairing. |
| kenjiArai | 0:5b88d5760320 | 1159 | * |
| kenjiArai | 0:5b88d5760320 | 1160 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 1161 | * @param[in] confirmation true if the user indicated the numbers match |
| kenjiArai | 0:5b88d5760320 | 1162 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1163 | */ |
| kenjiArai | 0:5b88d5760320 | 1164 | ble_error_t confirmation_entered( |
| kenjiArai | 0:5b88d5760320 | 1165 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1166 | bool confirmation |
| kenjiArai | 0:5b88d5760320 | 1167 | ) { |
| kenjiArai | 0:5b88d5760320 | 1168 | return impl()->confirmation_entered_(connection, confirmation); |
| kenjiArai | 0:5b88d5760320 | 1169 | } |
| kenjiArai | 0:5b88d5760320 | 1170 | |
| kenjiArai | 0:5b88d5760320 | 1171 | /** |
| kenjiArai | 0:5b88d5760320 | 1172 | * Notify the stack that the user pressed a key. This will be sent to the peer and create |
| kenjiArai | 0:5b88d5760320 | 1173 | * an appropriate event there if the keypress protocol is enabled. |
| kenjiArai | 0:5b88d5760320 | 1174 | * |
| kenjiArai | 0:5b88d5760320 | 1175 | * @param[in] connection connection handle |
| kenjiArai | 0:5b88d5760320 | 1176 | * @param[in] keypress type of keypress event |
| kenjiArai | 0:5b88d5760320 | 1177 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1178 | */ |
| kenjiArai | 0:5b88d5760320 | 1179 | ble_error_t send_keypress_notification( |
| kenjiArai | 0:5b88d5760320 | 1180 | connection_handle_t connection, |
| kenjiArai | 0:5b88d5760320 | 1181 | Keypress_t keypress |
| kenjiArai | 0:5b88d5760320 | 1182 | ) { |
| kenjiArai | 0:5b88d5760320 | 1183 | return impl()->send_keypress_notification_(connection, keypress); |
| kenjiArai | 0:5b88d5760320 | 1184 | } |
| kenjiArai | 0:5b88d5760320 | 1185 | |
| kenjiArai | 0:5b88d5760320 | 1186 | /** |
| kenjiArai | 0:5b88d5760320 | 1187 | * Generate local OOB data to be sent to the application which sends it to the peer. |
| kenjiArai | 0:5b88d5760320 | 1188 | * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure |
| kenjiArai | 0:5b88d5760320 | 1189 | */ |
| kenjiArai | 0:5b88d5760320 | 1190 | ble_error_t generate_secure_connections_oob() { |
| kenjiArai | 0:5b88d5760320 | 1191 | return impl()->generate_secure_connections_oob_(); |
| kenjiArai | 0:5b88d5760320 | 1192 | } |
| kenjiArai | 0:5b88d5760320 | 1193 | |
| kenjiArai | 0:5b88d5760320 | 1194 | /* Entry points for the underlying stack to report events back to the user. */ |
| kenjiArai | 0:5b88d5760320 | 1195 | public: |
| kenjiArai | 0:5b88d5760320 | 1196 | /** |
| kenjiArai | 0:5b88d5760320 | 1197 | * Sets the event handler that us called by the PAL porters to notify the stack of events |
| kenjiArai | 0:5b88d5760320 | 1198 | * which will in turn be passed onto the user application when appropriate. |
| kenjiArai | 0:5b88d5760320 | 1199 | * |
| kenjiArai | 0:5b88d5760320 | 1200 | * @param[in] event_handler the new event handler interface implementation. Memory |
| kenjiArai | 0:5b88d5760320 | 1201 | * owned by caller who is responsible for updating this pointer if interface changes. |
| kenjiArai | 0:5b88d5760320 | 1202 | */ |
| kenjiArai | 0:5b88d5760320 | 1203 | void set_event_handler( |
| kenjiArai | 0:5b88d5760320 | 1204 | EventHandler *event_handler |
| kenjiArai | 0:5b88d5760320 | 1205 | ) { |
| kenjiArai | 0:5b88d5760320 | 1206 | _pal_event_handler = event_handler; |
| kenjiArai | 0:5b88d5760320 | 1207 | } |
| kenjiArai | 0:5b88d5760320 | 1208 | |
| kenjiArai | 0:5b88d5760320 | 1209 | EventHandler* get_event_handler() { |
| kenjiArai | 0:5b88d5760320 | 1210 | return _pal_event_handler; |
| kenjiArai | 0:5b88d5760320 | 1211 | } |
| kenjiArai | 0:5b88d5760320 | 1212 | |
| kenjiArai | 0:5b88d5760320 | 1213 | private: |
| kenjiArai | 0:5b88d5760320 | 1214 | EventHandler *_pal_event_handler; |
| kenjiArai | 0:5b88d5760320 | 1215 | |
| kenjiArai | 0:5b88d5760320 | 1216 | }; |
| kenjiArai | 0:5b88d5760320 | 1217 | |
| kenjiArai | 0:5b88d5760320 | 1218 | } /* namespace pal */ |
| kenjiArai | 0:5b88d5760320 | 1219 | } /* namespace ble */ |
| kenjiArai | 0:5b88d5760320 | 1220 | |
| kenjiArai | 0:5b88d5760320 | 1221 | #endif /* MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_ */ |