mbed-os5 only for TYBLE16

Dependents:   TYBLE16_simple_data_logger TYBLE16_MP3_Air

Committer:
kenjiArai
Date:
Tue Dec 31 06:02:27 2019 +0000
Revision:
1:9db0e321a9f4
Parent:
0:5b88d5760320
updated based on mbed-os5.15.0

Who changed what in which revision?

UserRevisionLine numberNew contents of line
kenjiArai 0:5b88d5760320 1 /* mbed Microcontroller Library
kenjiArai 0:5b88d5760320 2 * Copyright (c) 2017-2018 ARM Limited
kenjiArai 0:5b88d5760320 3 *
kenjiArai 0:5b88d5760320 4 * Licensed under the Apache License, Version 2.0 (the "License");
kenjiArai 0:5b88d5760320 5 * you may not use this file except in compliance with the License.
kenjiArai 0:5b88d5760320 6 * You may obtain a copy of the License at
kenjiArai 0:5b88d5760320 7 *
kenjiArai 0:5b88d5760320 8 * http://www.apache.org/licenses/LICENSE-2.0
kenjiArai 0:5b88d5760320 9 *
kenjiArai 0:5b88d5760320 10 * Unless required by applicable law or agreed to in writing, software
kenjiArai 0:5b88d5760320 11 * distributed under the License is distributed on an "AS IS" BASIS,
kenjiArai 0:5b88d5760320 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
kenjiArai 0:5b88d5760320 13 * See the License for the specific language governing permissions and
kenjiArai 0:5b88d5760320 14 * limitations under the License.
kenjiArai 0:5b88d5760320 15 */
kenjiArai 0:5b88d5760320 16
kenjiArai 0:5b88d5760320 17 #ifndef MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_
kenjiArai 0:5b88d5760320 18 #define MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_
kenjiArai 0:5b88d5760320 19
kenjiArai 0:5b88d5760320 20 #include "ble/common/StaticInterface.h"
kenjiArai 0:5b88d5760320 21 #include "platform/Callback.h"
kenjiArai 0:5b88d5760320 22 #include "platform/NonCopyable.h"
kenjiArai 0:5b88d5760320 23 #include "ble/BLETypes.h"
kenjiArai 0:5b88d5760320 24 #include "ble/BLEProtocol.h"
kenjiArai 0:5b88d5760320 25 #include "ble/SecurityManager.h"
kenjiArai 0:5b88d5760320 26 #include "ble/pal/GapTypes.h"
kenjiArai 0:5b88d5760320 27
kenjiArai 0:5b88d5760320 28 namespace ble {
kenjiArai 0:5b88d5760320 29 namespace pal {
kenjiArai 0:5b88d5760320 30
kenjiArai 0:5b88d5760320 31 typedef ::SecurityManager::SecurityCompletionStatus_t SecurityCompletionStatus_t;
kenjiArai 0:5b88d5760320 32 typedef ::SecurityManager::SecurityMode_t SecurityMode_t;
kenjiArai 0:5b88d5760320 33 typedef ::SecurityManager::LinkSecurityStatus_t LinkSecurityStatus_t;
kenjiArai 0:5b88d5760320 34 typedef ::SecurityManager::Keypress_t Keypress_t;
kenjiArai 0:5b88d5760320 35
kenjiArai 0:5b88d5760320 36 /**
kenjiArai 0:5b88d5760320 37 * Key distribution as required by the SMP with convenient setters and getters,
kenjiArai 0:5b88d5760320 38 * use value() to get the octet you can use directly in the PDU.
kenjiArai 0:5b88d5760320 39 */
kenjiArai 0:5b88d5760320 40 class KeyDistribution {
kenjiArai 0:5b88d5760320 41 public:
kenjiArai 0:5b88d5760320 42 enum KeyDistributionFlags_t {
kenjiArai 0:5b88d5760320 43 KEY_DISTRIBUTION_NONE = 0x00,
kenjiArai 0:5b88d5760320 44 KEY_DISTRIBUTION_ENCRYPTION = 0x01,
kenjiArai 0:5b88d5760320 45 KEY_DISTRIBUTION_IDENTITY = 0x02,
kenjiArai 0:5b88d5760320 46 KEY_DISTRIBUTION_SIGNING = 0x04,
kenjiArai 0:5b88d5760320 47 KEY_DISTRIBUTION_LINK = 0x08,
kenjiArai 0:5b88d5760320 48 KEY_DISTRIBUTION_ALL = 0x0F
kenjiArai 0:5b88d5760320 49 };
kenjiArai 0:5b88d5760320 50
kenjiArai 0:5b88d5760320 51 KeyDistribution() : _value(0) { }
kenjiArai 0:5b88d5760320 52 KeyDistribution(uint8_t value) : _value(value) { }
kenjiArai 0:5b88d5760320 53 KeyDistribution(bool encryption,
kenjiArai 0:5b88d5760320 54 bool identity,
kenjiArai 0:5b88d5760320 55 bool signing,
kenjiArai 0:5b88d5760320 56 bool link) : _value(0) {
kenjiArai 0:5b88d5760320 57 set_encryption(encryption);
kenjiArai 0:5b88d5760320 58 set_identity(identity);
kenjiArai 0:5b88d5760320 59 set_signing(signing);
kenjiArai 0:5b88d5760320 60 set_link(link);
kenjiArai 0:5b88d5760320 61 }
kenjiArai 0:5b88d5760320 62
kenjiArai 0:5b88d5760320 63 bool get_encryption() const {
kenjiArai 0:5b88d5760320 64 return _value & KEY_DISTRIBUTION_ENCRYPTION;
kenjiArai 0:5b88d5760320 65 }
kenjiArai 0:5b88d5760320 66 bool get_identity() const {
kenjiArai 0:5b88d5760320 67 return _value & KEY_DISTRIBUTION_IDENTITY;
kenjiArai 0:5b88d5760320 68 }
kenjiArai 0:5b88d5760320 69 bool get_signing() const {
kenjiArai 0:5b88d5760320 70 return _value & KEY_DISTRIBUTION_SIGNING;
kenjiArai 0:5b88d5760320 71 }
kenjiArai 0:5b88d5760320 72 bool get_link() const {
kenjiArai 0:5b88d5760320 73 return _value & KEY_DISTRIBUTION_LINK;
kenjiArai 0:5b88d5760320 74 }
kenjiArai 0:5b88d5760320 75
kenjiArai 0:5b88d5760320 76 void set_encryption(bool enabled = true) {
kenjiArai 0:5b88d5760320 77 if (enabled) {
kenjiArai 0:5b88d5760320 78 _value |= KEY_DISTRIBUTION_ENCRYPTION;
kenjiArai 0:5b88d5760320 79 } else {
kenjiArai 0:5b88d5760320 80 _value &= ~KEY_DISTRIBUTION_ENCRYPTION;
kenjiArai 0:5b88d5760320 81 }
kenjiArai 0:5b88d5760320 82 }
kenjiArai 0:5b88d5760320 83 void set_identity(bool enabled = true) {
kenjiArai 0:5b88d5760320 84 if (enabled) {
kenjiArai 0:5b88d5760320 85 _value |= KEY_DISTRIBUTION_IDENTITY;
kenjiArai 0:5b88d5760320 86 } else {
kenjiArai 0:5b88d5760320 87 _value &= ~KEY_DISTRIBUTION_IDENTITY;
kenjiArai 0:5b88d5760320 88 }
kenjiArai 0:5b88d5760320 89 }
kenjiArai 0:5b88d5760320 90 void set_signing(bool enabled = true) {
kenjiArai 0:5b88d5760320 91 if (enabled) {
kenjiArai 0:5b88d5760320 92 _value |= KEY_DISTRIBUTION_SIGNING;
kenjiArai 0:5b88d5760320 93 } else {
kenjiArai 0:5b88d5760320 94 _value &= ~KEY_DISTRIBUTION_SIGNING;
kenjiArai 0:5b88d5760320 95 }
kenjiArai 0:5b88d5760320 96 }
kenjiArai 0:5b88d5760320 97 void set_link(bool enabled = true) {
kenjiArai 0:5b88d5760320 98 if (enabled) {
kenjiArai 0:5b88d5760320 99 _value |= KEY_DISTRIBUTION_LINK;
kenjiArai 0:5b88d5760320 100 } else {
kenjiArai 0:5b88d5760320 101 _value &= ~KEY_DISTRIBUTION_LINK;
kenjiArai 0:5b88d5760320 102 }
kenjiArai 0:5b88d5760320 103 }
kenjiArai 0:5b88d5760320 104
kenjiArai 0:5b88d5760320 105 operator uint8_t() {
kenjiArai 0:5b88d5760320 106 return _value;
kenjiArai 0:5b88d5760320 107 }
kenjiArai 0:5b88d5760320 108
kenjiArai 0:5b88d5760320 109 KeyDistribution operator&(const KeyDistribution& other) const {
kenjiArai 0:5b88d5760320 110 KeyDistribution result(this->value() & other.value());
kenjiArai 0:5b88d5760320 111 return result;
kenjiArai 0:5b88d5760320 112 }
kenjiArai 0:5b88d5760320 113
kenjiArai 0:5b88d5760320 114 KeyDistribution& operator&=(const KeyDistribution& other) {
kenjiArai 0:5b88d5760320 115 this->_value = this->_value & other.value();
kenjiArai 0:5b88d5760320 116 return *this;
kenjiArai 0:5b88d5760320 117 }
kenjiArai 0:5b88d5760320 118
kenjiArai 0:5b88d5760320 119 uint8_t value() const {
kenjiArai 0:5b88d5760320 120 return _value;
kenjiArai 0:5b88d5760320 121 }
kenjiArai 0:5b88d5760320 122
kenjiArai 0:5b88d5760320 123 private:
kenjiArai 0:5b88d5760320 124 uint8_t _value;
kenjiArai 0:5b88d5760320 125 };
kenjiArai 0:5b88d5760320 126
kenjiArai 0:5b88d5760320 127 /**
kenjiArai 0:5b88d5760320 128 * Authentication mask as required by the SMP with convenient setters and getters,
kenjiArai 0:5b88d5760320 129 * use value() to get the octet you can use directly in the PDU.
kenjiArai 0:5b88d5760320 130 */
kenjiArai 0:5b88d5760320 131 class AuthenticationMask {
kenjiArai 0:5b88d5760320 132 public:
kenjiArai 0:5b88d5760320 133 enum AuthenticationFlags_t {
kenjiArai 0:5b88d5760320 134 AUTHENTICATION_BONDABLE = 0x01,
kenjiArai 0:5b88d5760320 135 AUTHENTICATION_MITM = 0x04, /* 0x02 missing because bonding uses two bits */
kenjiArai 0:5b88d5760320 136 AUTHENTICATION_SECURE_CONNECTIONS = 0x08,
kenjiArai 0:5b88d5760320 137 AUTHENTICATION_KEYPRESS_NOTIFICATION = 0x10
kenjiArai 0:5b88d5760320 138 };
kenjiArai 0:5b88d5760320 139
kenjiArai 0:5b88d5760320 140 AuthenticationMask() : _value(0) { }
kenjiArai 0:5b88d5760320 141 AuthenticationMask(uint8_t value) : _value(value) { }
kenjiArai 0:5b88d5760320 142 AuthenticationMask(bool bondable,
kenjiArai 0:5b88d5760320 143 bool mitm,
kenjiArai 0:5b88d5760320 144 bool secure_connections,
kenjiArai 0:5b88d5760320 145 bool keypress) : _value(0) {
kenjiArai 0:5b88d5760320 146 set_bondable(bondable);
kenjiArai 0:5b88d5760320 147 set_mitm(mitm);
kenjiArai 0:5b88d5760320 148 set_secure_connections(secure_connections);
kenjiArai 0:5b88d5760320 149 set_keypress_notification(keypress);
kenjiArai 0:5b88d5760320 150 }
kenjiArai 0:5b88d5760320 151
kenjiArai 0:5b88d5760320 152 bool get_bondable() const {
kenjiArai 0:5b88d5760320 153 return _value & AUTHENTICATION_BONDABLE;
kenjiArai 0:5b88d5760320 154 }
kenjiArai 0:5b88d5760320 155 bool get_mitm() const {
kenjiArai 0:5b88d5760320 156 return _value & AUTHENTICATION_MITM;
kenjiArai 0:5b88d5760320 157 }
kenjiArai 0:5b88d5760320 158 bool get_secure_connections() const {
kenjiArai 0:5b88d5760320 159 return _value & AUTHENTICATION_SECURE_CONNECTIONS;
kenjiArai 0:5b88d5760320 160 }
kenjiArai 0:5b88d5760320 161 bool get_keypress_notification() const {
kenjiArai 0:5b88d5760320 162 return _value & AUTHENTICATION_KEYPRESS_NOTIFICATION;
kenjiArai 0:5b88d5760320 163 }
kenjiArai 0:5b88d5760320 164
kenjiArai 0:5b88d5760320 165 void set_bondable(bool enabled = true) {
kenjiArai 0:5b88d5760320 166 if (enabled) {
kenjiArai 0:5b88d5760320 167 _value |= AUTHENTICATION_BONDABLE;
kenjiArai 0:5b88d5760320 168 } else {
kenjiArai 0:5b88d5760320 169 _value &= ~AUTHENTICATION_BONDABLE;
kenjiArai 0:5b88d5760320 170 }
kenjiArai 0:5b88d5760320 171 }
kenjiArai 0:5b88d5760320 172 void set_mitm(bool enabled = true) {
kenjiArai 0:5b88d5760320 173 if (enabled) {
kenjiArai 0:5b88d5760320 174 _value |= AUTHENTICATION_MITM;
kenjiArai 0:5b88d5760320 175 } else {
kenjiArai 0:5b88d5760320 176 _value &= ~AUTHENTICATION_MITM;
kenjiArai 0:5b88d5760320 177 }
kenjiArai 0:5b88d5760320 178 }
kenjiArai 0:5b88d5760320 179 void set_secure_connections(bool enabled = true) {
kenjiArai 0:5b88d5760320 180 if (enabled) {
kenjiArai 0:5b88d5760320 181 _value |= AUTHENTICATION_SECURE_CONNECTIONS;
kenjiArai 0:5b88d5760320 182 } else {
kenjiArai 0:5b88d5760320 183 _value &= ~AUTHENTICATION_SECURE_CONNECTIONS;
kenjiArai 0:5b88d5760320 184 }
kenjiArai 0:5b88d5760320 185 }
kenjiArai 0:5b88d5760320 186 void set_keypress_notification(bool enabled = true) {
kenjiArai 0:5b88d5760320 187 if (enabled) {
kenjiArai 0:5b88d5760320 188 _value |= AUTHENTICATION_KEYPRESS_NOTIFICATION;
kenjiArai 0:5b88d5760320 189 } else {
kenjiArai 0:5b88d5760320 190 _value &= ~AUTHENTICATION_KEYPRESS_NOTIFICATION;
kenjiArai 0:5b88d5760320 191 }
kenjiArai 0:5b88d5760320 192 }
kenjiArai 0:5b88d5760320 193
kenjiArai 0:5b88d5760320 194 operator uint8_t() {
kenjiArai 0:5b88d5760320 195 return _value;
kenjiArai 0:5b88d5760320 196 }
kenjiArai 0:5b88d5760320 197 uint8_t value() const {
kenjiArai 0:5b88d5760320 198 return _value;
kenjiArai 0:5b88d5760320 199 }
kenjiArai 0:5b88d5760320 200
kenjiArai 0:5b88d5760320 201 private:
kenjiArai 0:5b88d5760320 202 uint8_t _value;
kenjiArai 0:5b88d5760320 203 };
kenjiArai 0:5b88d5760320 204
kenjiArai 0:5b88d5760320 205 /**
kenjiArai 0:5b88d5760320 206 * Handle events generated by ble::pal::SecurityManager
kenjiArai 0:5b88d5760320 207 */
kenjiArai 0:5b88d5760320 208 template<class Impl>
kenjiArai 0:5b88d5760320 209 class SecurityManagerEventHandler :
kenjiArai 0:5b88d5760320 210 public StaticInterface<Impl, SecurityManagerEventHandler>
kenjiArai 0:5b88d5760320 211 {
kenjiArai 0:5b88d5760320 212 using StaticInterface<Impl, ble::pal::SecurityManagerEventHandler>::impl;
kenjiArai 0:5b88d5760320 213
kenjiArai 0:5b88d5760320 214 public:
kenjiArai 0:5b88d5760320 215 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 216 // Pairing
kenjiArai 0:5b88d5760320 217 //
kenjiArai 0:5b88d5760320 218
kenjiArai 0:5b88d5760320 219 /**
kenjiArai 0:5b88d5760320 220 * Request pairing. This is called on the slave in response to a request from the master.
kenjiArai 0:5b88d5760320 221 * Upper layer shall either send a pairing response (send_pairing_response)
kenjiArai 0:5b88d5760320 222 * or cancel the pairing procedure (cancel_pairing).
kenjiArai 0:5b88d5760320 223 *
kenjiArai 0:5b88d5760320 224 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 225 * @param[in] oob_data_flag is out of band data present
kenjiArai 0:5b88d5760320 226 * @param[in] authentication_requirements authentication requirements
kenjiArai 0:5b88d5760320 227 * @param[in] initiator_dist key distribution
kenjiArai 0:5b88d5760320 228 * @param[in] responder_dist key distribution
kenjiArai 0:5b88d5760320 229 */
kenjiArai 0:5b88d5760320 230 void on_pairing_request(
kenjiArai 0:5b88d5760320 231 connection_handle_t connection,
kenjiArai 0:5b88d5760320 232 bool oob_data_flag,
kenjiArai 0:5b88d5760320 233 AuthenticationMask authentication_requirements,
kenjiArai 0:5b88d5760320 234 KeyDistribution initiator_dist,
kenjiArai 0:5b88d5760320 235 KeyDistribution responder_dist
kenjiArai 0:5b88d5760320 236 ) {
kenjiArai 0:5b88d5760320 237 impl()->on_pairing_request_(
kenjiArai 0:5b88d5760320 238 connection,
kenjiArai 0:5b88d5760320 239 oob_data_flag,
kenjiArai 0:5b88d5760320 240 authentication_requirements,
kenjiArai 0:5b88d5760320 241 initiator_dist,
kenjiArai 0:5b88d5760320 242 responder_dist
kenjiArai 0:5b88d5760320 243 );
kenjiArai 0:5b88d5760320 244 }
kenjiArai 0:5b88d5760320 245
kenjiArai 0:5b88d5760320 246 /**
kenjiArai 0:5b88d5760320 247 * Indicate that the pairing has failed.
kenjiArai 0:5b88d5760320 248 *
kenjiArai 0:5b88d5760320 249 * @note Any subsequent pairing procedure shall restart from the Pairing
kenjiArai 0:5b88d5760320 250 * Feature Exchange phase.
kenjiArai 0:5b88d5760320 251 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 252 * @param[in] error reason for the failed pairing
kenjiArai 0:5b88d5760320 253 */
kenjiArai 0:5b88d5760320 254 void on_pairing_error(
kenjiArai 0:5b88d5760320 255 connection_handle_t connection,
kenjiArai 0:5b88d5760320 256 pairing_failure_t error
kenjiArai 0:5b88d5760320 257 ) {
kenjiArai 0:5b88d5760320 258 impl()->on_pairing_error_(connection, error);
kenjiArai 0:5b88d5760320 259 }
kenjiArai 0:5b88d5760320 260
kenjiArai 0:5b88d5760320 261 /**
kenjiArai 0:5b88d5760320 262 * Indicate that the pairing has timed out.
kenjiArai 0:5b88d5760320 263 *
kenjiArai 0:5b88d5760320 264 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 265 */
kenjiArai 0:5b88d5760320 266 void on_pairing_timed_out(
kenjiArai 0:5b88d5760320 267 connection_handle_t connection
kenjiArai 0:5b88d5760320 268 ) {
kenjiArai 0:5b88d5760320 269 impl()->on_pairing_timed_out_(connection);
kenjiArai 0:5b88d5760320 270 }
kenjiArai 0:5b88d5760320 271
kenjiArai 0:5b88d5760320 272 /**
kenjiArai 0:5b88d5760320 273 * Indicate that the pairing for the link has completed.
kenjiArai 0:5b88d5760320 274 *
kenjiArai 0:5b88d5760320 275 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 276 */
kenjiArai 0:5b88d5760320 277 void on_pairing_completed(
kenjiArai 0:5b88d5760320 278 connection_handle_t connection
kenjiArai 0:5b88d5760320 279 ) {
kenjiArai 0:5b88d5760320 280 impl()->on_pairing_completed_(connection);
kenjiArai 0:5b88d5760320 281 }
kenjiArai 0:5b88d5760320 282
kenjiArai 0:5b88d5760320 283 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 284 // Security
kenjiArai 0:5b88d5760320 285 //
kenjiArai 0:5b88d5760320 286
kenjiArai 0:5b88d5760320 287 /**
kenjiArai 0:5b88d5760320 288 * Indicate that the authentication timeout time has elapsed
kenjiArai 0:5b88d5760320 289 * and we received no packets with a valid MIC in that time.
kenjiArai 0:5b88d5760320 290 *
kenjiArai 0:5b88d5760320 291 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 292 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 6, Part B, 5.4
kenjiArai 0:5b88d5760320 293 */
kenjiArai 0:5b88d5760320 294 void on_valid_mic_timeout(
kenjiArai 0:5b88d5760320 295 connection_handle_t connection
kenjiArai 0:5b88d5760320 296 ) {
kenjiArai 0:5b88d5760320 297 impl()->on_valid_mic_timeout_(connection);
kenjiArai 0:5b88d5760320 298 }
kenjiArai 0:5b88d5760320 299
kenjiArai 0:5b88d5760320 300 /**
kenjiArai 0:5b88d5760320 301 * Ask the stack to evaluate the security request received from the slave.
kenjiArai 0:5b88d5760320 302 * This might result in the stack enabling encryption, or pairing/re-pairing.
kenjiArai 0:5b88d5760320 303 *
kenjiArai 0:5b88d5760320 304 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 305 * @param[in] authentication authentication requirements from the slave
kenjiArai 0:5b88d5760320 306 */
kenjiArai 0:5b88d5760320 307 void on_slave_security_request(
kenjiArai 0:5b88d5760320 308 connection_handle_t connection,
kenjiArai 0:5b88d5760320 309 AuthenticationMask authentication
kenjiArai 0:5b88d5760320 310 ) {
kenjiArai 0:5b88d5760320 311 impl()->on_slave_security_request_(connection, authentication);
kenjiArai 0:5b88d5760320 312 }
kenjiArai 0:5b88d5760320 313
kenjiArai 0:5b88d5760320 314 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 315 // Encryption
kenjiArai 0:5b88d5760320 316 //
kenjiArai 0:5b88d5760320 317
kenjiArai 0:5b88d5760320 318 /**
kenjiArai 0:5b88d5760320 319 * Inform the application of the result of an encryption request.
kenjiArai 0:5b88d5760320 320 * @note Do no call if request timed out, call on_link_encryption_request_timed_out
kenjiArai 0:5b88d5760320 321 * instead.
kenjiArai 0:5b88d5760320 322 *
kenjiArai 0:5b88d5760320 323 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 324 * @param[in] result encryption state of the link
kenjiArai 0:5b88d5760320 325 */
kenjiArai 0:5b88d5760320 326 void on_link_encryption_result(
kenjiArai 0:5b88d5760320 327 connection_handle_t connection,
kenjiArai 0:5b88d5760320 328 link_encryption_t result
kenjiArai 0:5b88d5760320 329 ) {
kenjiArai 0:5b88d5760320 330 impl()->on_link_encryption_result_(connection, result);
kenjiArai 0:5b88d5760320 331 }
kenjiArai 0:5b88d5760320 332
kenjiArai 0:5b88d5760320 333 /**
kenjiArai 0:5b88d5760320 334 * Indicate that the encryption request failed due to timeout.
kenjiArai 0:5b88d5760320 335 *
kenjiArai 0:5b88d5760320 336 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 337 */
kenjiArai 0:5b88d5760320 338 void on_link_encryption_request_timed_out(
kenjiArai 0:5b88d5760320 339 connection_handle_t connection
kenjiArai 0:5b88d5760320 340 ) {
kenjiArai 0:5b88d5760320 341 impl()->on_link_encryption_request_timed_out_(connection);
kenjiArai 0:5b88d5760320 342 }
kenjiArai 0:5b88d5760320 343
kenjiArai 0:5b88d5760320 344 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 345 // MITM
kenjiArai 0:5b88d5760320 346 //
kenjiArai 0:5b88d5760320 347
kenjiArai 0:5b88d5760320 348 /**
kenjiArai 0:5b88d5760320 349 * Inform the application that should display a passkey.
kenjiArai 0:5b88d5760320 350 *
kenjiArai 0:5b88d5760320 351 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 352 * @param[in] passkey passkey to be displayed
kenjiArai 0:5b88d5760320 353 */
kenjiArai 0:5b88d5760320 354 void on_passkey_display(
kenjiArai 0:5b88d5760320 355 connection_handle_t connection,
kenjiArai 0:5b88d5760320 356 passkey_num_t passkey
kenjiArai 0:5b88d5760320 357 ) {
kenjiArai 0:5b88d5760320 358 impl()->on_passkey_display_(
kenjiArai 0:5b88d5760320 359 connection,
kenjiArai 0:5b88d5760320 360 passkey
kenjiArai 0:5b88d5760320 361 );
kenjiArai 0:5b88d5760320 362 }
kenjiArai 0:5b88d5760320 363
kenjiArai 0:5b88d5760320 364 /**
kenjiArai 0:5b88d5760320 365 * Indicate that user confirmation is required to confirm matching
kenjiArai 0:5b88d5760320 366 * passkeys displayed on devices.
kenjiArai 0:5b88d5760320 367 *
kenjiArai 0:5b88d5760320 368 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 369 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E, 7.7.42
kenjiArai 0:5b88d5760320 370 */
kenjiArai 0:5b88d5760320 371 void on_confirmation_request(
kenjiArai 0:5b88d5760320 372 connection_handle_t connection
kenjiArai 0:5b88d5760320 373 ) {
kenjiArai 0:5b88d5760320 374 impl()->on_confirmation_request_(connection);
kenjiArai 0:5b88d5760320 375 }
kenjiArai 0:5b88d5760320 376
kenjiArai 0:5b88d5760320 377 /**
kenjiArai 0:5b88d5760320 378 * Request the passkey entered during pairing.
kenjiArai 0:5b88d5760320 379 *
kenjiArai 0:5b88d5760320 380 * @note shall be followed by: pal::SecurityManager::passkey_request_reply
kenjiArai 0:5b88d5760320 381 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 382 * or a cancellation of the procedure.
kenjiArai 0:5b88d5760320 383 */
kenjiArai 0:5b88d5760320 384 void on_passkey_request(
kenjiArai 0:5b88d5760320 385 connection_handle_t connection
kenjiArai 0:5b88d5760320 386 ) {
kenjiArai 0:5b88d5760320 387 impl()->on_passkey_request_(connection);
kenjiArai 0:5b88d5760320 388 }
kenjiArai 0:5b88d5760320 389
kenjiArai 0:5b88d5760320 390 /**
kenjiArai 0:5b88d5760320 391 * Indicate that a key has been pressed by the peer.
kenjiArai 0:5b88d5760320 392 *
kenjiArai 0:5b88d5760320 393 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 394 * @param[in] keypress type of keypress event
kenjiArai 0:5b88d5760320 395 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H, 3.5.8
kenjiArai 0:5b88d5760320 396 */
kenjiArai 0:5b88d5760320 397 void on_keypress_notification(
kenjiArai 0:5b88d5760320 398 connection_handle_t connection,
kenjiArai 0:5b88d5760320 399 Keypress_t keypress
kenjiArai 0:5b88d5760320 400 ) {
kenjiArai 0:5b88d5760320 401 impl()->on_keypress_notification_(connection, keypress);
kenjiArai 0:5b88d5760320 402 }
kenjiArai 0:5b88d5760320 403
kenjiArai 0:5b88d5760320 404 /**
kenjiArai 0:5b88d5760320 405 * Request OOB data from the user application.
kenjiArai 0:5b88d5760320 406 *
kenjiArai 0:5b88d5760320 407 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 408 * @note shall be followed by: pal::SecurityManager::secure_connections_oob_request_reply
kenjiArai 0:5b88d5760320 409 * or a cancellation of the procedure.
kenjiArai 0:5b88d5760320 410 */
kenjiArai 0:5b88d5760320 411 void on_secure_connections_oob_request(
kenjiArai 0:5b88d5760320 412 connection_handle_t connection
kenjiArai 0:5b88d5760320 413 ) {
kenjiArai 0:5b88d5760320 414 impl()->on_secure_connections_oob_request_(connection);
kenjiArai 0:5b88d5760320 415 }
kenjiArai 0:5b88d5760320 416
kenjiArai 0:5b88d5760320 417 /**
kenjiArai 0:5b88d5760320 418 * Request OOB data from the user application.
kenjiArai 0:5b88d5760320 419 *
kenjiArai 0:5b88d5760320 420 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 421 * @note shall be followed by: pal::SecurityManager::legacy_pairing_oob_request_reply
kenjiArai 0:5b88d5760320 422 * or a cancellation of the procedure.
kenjiArai 0:5b88d5760320 423 */
kenjiArai 0:5b88d5760320 424 void on_legacy_pairing_oob_request(
kenjiArai 0:5b88d5760320 425 connection_handle_t connection
kenjiArai 0:5b88d5760320 426 ) {
kenjiArai 0:5b88d5760320 427 impl()->on_legacy_pairing_oob_request_(connection);
kenjiArai 0:5b88d5760320 428 }
kenjiArai 0:5b88d5760320 429
kenjiArai 0:5b88d5760320 430 /**
kenjiArai 0:5b88d5760320 431 * Send OOB data to the application for transport to the peer.
kenjiArai 0:5b88d5760320 432 *
kenjiArai 0:5b88d5760320 433 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 434 * @param[in] random random number used to generate the confirmation
kenjiArai 0:5b88d5760320 435 * @param[in] confirm confirmation value to be use for authentication
kenjiArai 0:5b88d5760320 436 * in secure connections pairing
kenjiArai 0:5b88d5760320 437 * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
kenjiArai 0:5b88d5760320 438 */
kenjiArai 0:5b88d5760320 439 void on_secure_connections_oob_generated(
kenjiArai 0:5b88d5760320 440 const oob_lesc_value_t &random,
kenjiArai 0:5b88d5760320 441 const oob_confirm_t &confirm
kenjiArai 0:5b88d5760320 442 ) {
kenjiArai 0:5b88d5760320 443 impl()->on_secure_connections_oob_generated_(random, confirm);
kenjiArai 0:5b88d5760320 444 }
kenjiArai 0:5b88d5760320 445
kenjiArai 0:5b88d5760320 446 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 447 // Keys
kenjiArai 0:5b88d5760320 448 //
kenjiArai 0:5b88d5760320 449
kenjiArai 0:5b88d5760320 450 /**
kenjiArai 0:5b88d5760320 451 * Store the results of key generation of the stage 2 of secure connections pairing
kenjiArai 0:5b88d5760320 452 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 2.3.5.6.5
kenjiArai 0:5b88d5760320 453 *
kenjiArai 0:5b88d5760320 454 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 455 * @param[in] ltk long term key from the peer
kenjiArai 0:5b88d5760320 456 */
kenjiArai 0:5b88d5760320 457 void on_secure_connections_ltk_generated(
kenjiArai 0:5b88d5760320 458 connection_handle_t connection,
kenjiArai 0:5b88d5760320 459 const ltk_t &ltk
kenjiArai 0:5b88d5760320 460 ) {
kenjiArai 0:5b88d5760320 461 impl()->on_secure_connections_ltk_generated_(connection, ltk);
kenjiArai 0:5b88d5760320 462 }
kenjiArai 0:5b88d5760320 463
kenjiArai 0:5b88d5760320 464 /**
kenjiArai 0:5b88d5760320 465 * Store the results of key distribution after LTK has been received.
kenjiArai 0:5b88d5760320 466 *
kenjiArai 0:5b88d5760320 467 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 468 * @param[in] ltk long term key from the peer
kenjiArai 0:5b88d5760320 469 */
kenjiArai 0:5b88d5760320 470 void on_keys_distributed_ltk(
kenjiArai 0:5b88d5760320 471 connection_handle_t connection,
kenjiArai 0:5b88d5760320 472 const ltk_t &ltk
kenjiArai 0:5b88d5760320 473 ) {
kenjiArai 0:5b88d5760320 474 impl()->on_keys_distributed_ltk_(connection, ltk);
kenjiArai 0:5b88d5760320 475 }
kenjiArai 0:5b88d5760320 476
kenjiArai 0:5b88d5760320 477 /**
kenjiArai 0:5b88d5760320 478 * Store the results of key distribution after EDIV and RAND has been received.
kenjiArai 0:5b88d5760320 479 *
kenjiArai 0:5b88d5760320 480 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 481 * @param[in] ltk long term key from the peer
kenjiArai 0:5b88d5760320 482 */
kenjiArai 0:5b88d5760320 483 void on_keys_distributed_ediv_rand(
kenjiArai 0:5b88d5760320 484 connection_handle_t connection,
kenjiArai 0:5b88d5760320 485 const ediv_t &ediv,
kenjiArai 0:5b88d5760320 486 const rand_t &rand
kenjiArai 0:5b88d5760320 487 ) {
kenjiArai 0:5b88d5760320 488 impl()->on_keys_distributed_ediv_rand_(connection, ediv, rand);
kenjiArai 0:5b88d5760320 489 }
kenjiArai 0:5b88d5760320 490
kenjiArai 0:5b88d5760320 491 /**
kenjiArai 0:5b88d5760320 492 * Store the local key, if we are slave now or in the future
kenjiArai 0:5b88d5760320 493 * this will be used to encrypt.
kenjiArai 0:5b88d5760320 494 *
kenjiArai 0:5b88d5760320 495 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 496 * @param[in] ltk key sent to the peer
kenjiArai 0:5b88d5760320 497 */
kenjiArai 0:5b88d5760320 498 void on_keys_distributed_local_ltk(
kenjiArai 0:5b88d5760320 499 connection_handle_t connection,
kenjiArai 0:5b88d5760320 500 const ltk_t &ltk
kenjiArai 0:5b88d5760320 501 ) {
kenjiArai 0:5b88d5760320 502 impl()->on_keys_distributed_local_ltk_(connection, ltk);
kenjiArai 0:5b88d5760320 503 }
kenjiArai 0:5b88d5760320 504
kenjiArai 0:5b88d5760320 505 /**
kenjiArai 0:5b88d5760320 506 * Store the EDIV and RAND that will be used to identify
kenjiArai 0:5b88d5760320 507 * the stored local LTK. if we are slave that LTK will be
kenjiArai 0:5b88d5760320 508 * used to encrypt, otherwise this will be stored to
kenjiArai 0:5b88d5760320 509 * be used in case of role reversal.
kenjiArai 0:5b88d5760320 510 *
kenjiArai 0:5b88d5760320 511 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 512 * @param[in] ediv identifies LTK
kenjiArai 0:5b88d5760320 513 * @param[in] rand identifies LTK
kenjiArai 0:5b88d5760320 514 */
kenjiArai 0:5b88d5760320 515 void on_keys_distributed_local_ediv_rand(
kenjiArai 0:5b88d5760320 516 connection_handle_t connection,
kenjiArai 0:5b88d5760320 517 const ediv_t &ediv,
kenjiArai 0:5b88d5760320 518 const rand_t &rand
kenjiArai 0:5b88d5760320 519 ) {
kenjiArai 0:5b88d5760320 520 impl()->on_keys_distributed_local_ediv_rand_(connection, ediv, rand);
kenjiArai 0:5b88d5760320 521 }
kenjiArai 0:5b88d5760320 522
kenjiArai 0:5b88d5760320 523 /**
kenjiArai 0:5b88d5760320 524 * Store the results of key distribution after IRK has been received.
kenjiArai 0:5b88d5760320 525 *
kenjiArai 0:5b88d5760320 526 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 527 * @param[in] irk identity resolution key
kenjiArai 0:5b88d5760320 528 */
kenjiArai 0:5b88d5760320 529 void on_keys_distributed_irk(
kenjiArai 0:5b88d5760320 530 connection_handle_t connection,
kenjiArai 0:5b88d5760320 531 const irk_t &irk
kenjiArai 0:5b88d5760320 532 ) {
kenjiArai 0:5b88d5760320 533 impl()->on_keys_distributed_irk_(connection, irk);
kenjiArai 0:5b88d5760320 534 }
kenjiArai 0:5b88d5760320 535
kenjiArai 0:5b88d5760320 536 /**
kenjiArai 0:5b88d5760320 537 * Store the identity address of the peer after it has been distributed.
kenjiArai 0:5b88d5760320 538 *
kenjiArai 0:5b88d5760320 539 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 540 * @param[in] peer_identity_address_type public or private address indication
kenjiArai 0:5b88d5760320 541 * @param[in] peer_identity_address peer address
kenjiArai 0:5b88d5760320 542 */
kenjiArai 0:5b88d5760320 543 void on_keys_distributed_bdaddr(
kenjiArai 0:5b88d5760320 544 connection_handle_t connection,
kenjiArai 0:5b88d5760320 545 advertising_peer_address_type_t peer_identity_address_type,
kenjiArai 0:5b88d5760320 546 const address_t &peer_identity_address
kenjiArai 0:5b88d5760320 547 ) {
kenjiArai 0:5b88d5760320 548 impl()->on_keys_distributed_bdaddr_(connection, peer_identity_address_type, peer_identity_address);
kenjiArai 0:5b88d5760320 549 }
kenjiArai 0:5b88d5760320 550
kenjiArai 0:5b88d5760320 551 /**
kenjiArai 0:5b88d5760320 552 * Store the peer's CSRK after it has been distributed.
kenjiArai 0:5b88d5760320 553 *
kenjiArai 0:5b88d5760320 554 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 555 * @param[in] csrk signing key
kenjiArai 0:5b88d5760320 556 */
kenjiArai 0:5b88d5760320 557 void on_keys_distributed_csrk(
kenjiArai 0:5b88d5760320 558 connection_handle_t connection,
kenjiArai 0:5b88d5760320 559 const csrk_t &csrk
kenjiArai 0:5b88d5760320 560 ) {
kenjiArai 0:5b88d5760320 561 impl()->on_keys_distributed_csrk_(connection, csrk);
kenjiArai 0:5b88d5760320 562 }
kenjiArai 0:5b88d5760320 563
kenjiArai 0:5b88d5760320 564 /**
kenjiArai 0:5b88d5760320 565 * Request the LTK since the peer is asking us to encrypt the link. We need to
kenjiArai 0:5b88d5760320 566 * provide the LTK based on the EDIV and RAND provided by the other side. This
kenjiArai 0:5b88d5760320 567 * is called on the slave.
kenjiArai 0:5b88d5760320 568 *
kenjiArai 0:5b88d5760320 569 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 570 * @param[in] ediv identifies LTK
kenjiArai 0:5b88d5760320 571 * @param[in] rand identifies LTK
kenjiArai 0:5b88d5760320 572 */
kenjiArai 0:5b88d5760320 573 void on_ltk_request(
kenjiArai 0:5b88d5760320 574 connection_handle_t connection,
kenjiArai 0:5b88d5760320 575 const ediv_t &ediv,
kenjiArai 0:5b88d5760320 576 const rand_t &rand
kenjiArai 0:5b88d5760320 577 ) {
kenjiArai 0:5b88d5760320 578 impl()->on_ltk_request_(connection, ediv, rand);
kenjiArai 0:5b88d5760320 579 }
kenjiArai 0:5b88d5760320 580
kenjiArai 0:5b88d5760320 581 /**
kenjiArai 0:5b88d5760320 582 * Request the LTK since the peer is asking us to encrypt the link.
kenjiArai 0:5b88d5760320 583 * @note No EDIV or RAND is provided as this requests a secure
kenjiArai 0:5b88d5760320 584 * connections LTK where their values are all zeroes
kenjiArai 0:5b88d5760320 585 *
kenjiArai 0:5b88d5760320 586 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 587 */
kenjiArai 0:5b88d5760320 588 void on_ltk_request(
kenjiArai 0:5b88d5760320 589 connection_handle_t connection
kenjiArai 0:5b88d5760320 590 ) {
kenjiArai 0:5b88d5760320 591 impl()->on_ltk_request_(connection);
kenjiArai 0:5b88d5760320 592 }
kenjiArai 0:5b88d5760320 593 };
kenjiArai 0:5b88d5760320 594
kenjiArai 0:5b88d5760320 595
kenjiArai 0:5b88d5760320 596 /**
kenjiArai 0:5b88d5760320 597 * Adaptation layer of the Security Manager.
kenjiArai 0:5b88d5760320 598 */
kenjiArai 0:5b88d5760320 599 template<class Impl, class EventHandler>
kenjiArai 0:5b88d5760320 600 class SecurityManager : private mbed::NonCopyable<SecurityManager<Impl, EventHandler> > {
kenjiArai 0:5b88d5760320 601
kenjiArai 0:5b88d5760320 602 Impl* impl() {
kenjiArai 0:5b88d5760320 603 return static_cast<Impl*>(this);
kenjiArai 0:5b88d5760320 604 }
kenjiArai 0:5b88d5760320 605
kenjiArai 0:5b88d5760320 606 public:
kenjiArai 0:5b88d5760320 607 SecurityManager() : _pal_event_handler(NULL) { };
kenjiArai 0:5b88d5760320 608
kenjiArai 0:5b88d5760320 609 ~SecurityManager() { };
kenjiArai 0:5b88d5760320 610
kenjiArai 0:5b88d5760320 611 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 612 // SM lifecycle management
kenjiArai 0:5b88d5760320 613 //
kenjiArai 0:5b88d5760320 614
kenjiArai 0:5b88d5760320 615 /**
kenjiArai 0:5b88d5760320 616 * Initialise stack. Called before first use.
kenjiArai 0:5b88d5760320 617 *
kenjiArai 0:5b88d5760320 618 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 619 */
kenjiArai 0:5b88d5760320 620 ble_error_t initialize() {
kenjiArai 0:5b88d5760320 621 return impl()->initialize_();
kenjiArai 0:5b88d5760320 622 }
kenjiArai 0:5b88d5760320 623
kenjiArai 0:5b88d5760320 624 /**
kenjiArai 0:5b88d5760320 625 * Finalise all actions. Called before shutdown.
kenjiArai 0:5b88d5760320 626 *
kenjiArai 0:5b88d5760320 627 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 628 */
kenjiArai 0:5b88d5760320 629 ble_error_t terminate() {
kenjiArai 0:5b88d5760320 630 return impl()->terminate_();
kenjiArai 0:5b88d5760320 631 }
kenjiArai 0:5b88d5760320 632
kenjiArai 0:5b88d5760320 633 /**
kenjiArai 0:5b88d5760320 634 * Reset to same state as after initialize.
kenjiArai 0:5b88d5760320 635 *
kenjiArai 0:5b88d5760320 636 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 637 */
kenjiArai 0:5b88d5760320 638 ble_error_t reset() {
kenjiArai 0:5b88d5760320 639 return impl()->reset_();
kenjiArai 0:5b88d5760320 640 }
kenjiArai 0:5b88d5760320 641
kenjiArai 0:5b88d5760320 642 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 643 // Resolving list management
kenjiArai 0:5b88d5760320 644 //
kenjiArai 0:5b88d5760320 645 /**
kenjiArai 0:5b88d5760320 646 * Return the number of address translation entries that can be stored by the
kenjiArai 0:5b88d5760320 647 * subsystem.
kenjiArai 0:5b88d5760320 648 *
kenjiArai 0:5b88d5760320 649 * @warning: The number of entries is considered fixed.
kenjiArai 0:5b88d5760320 650 *
kenjiArai 0:5b88d5760320 651 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.41
kenjiArai 0:5b88d5760320 652 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 653 */
kenjiArai 0:5b88d5760320 654 uint8_t read_resolving_list_capacity() {
kenjiArai 0:5b88d5760320 655 return impl()->read_resolving_list_capacity_();
kenjiArai 0:5b88d5760320 656 }
kenjiArai 0:5b88d5760320 657
kenjiArai 0:5b88d5760320 658 /**
kenjiArai 0:5b88d5760320 659 * Add a device definition into the resolving list of the LE subsystem.
kenjiArai 0:5b88d5760320 660 *
kenjiArai 0:5b88d5760320 661 * @param[in] peer_identity_address_type public/private indicator
kenjiArai 0:5b88d5760320 662 * @param[in] peer_identity_address address of the device whose entry is to be added
kenjiArai 0:5b88d5760320 663 * @param[in] peer_irk peer identity resolving key
kenjiArai 0:5b88d5760320 664 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.38
kenjiArai 0:5b88d5760320 665 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 666 */
kenjiArai 0:5b88d5760320 667 ble_error_t add_device_to_resolving_list(
kenjiArai 0:5b88d5760320 668 advertising_peer_address_type_t peer_identity_address_type,
kenjiArai 0:5b88d5760320 669 const address_t &peer_identity_address,
kenjiArai 0:5b88d5760320 670 const irk_t &peer_irk
kenjiArai 0:5b88d5760320 671 ) {
kenjiArai 0:5b88d5760320 672 return impl()->add_device_to_resolving_list_(
kenjiArai 0:5b88d5760320 673 peer_identity_address_type,
kenjiArai 0:5b88d5760320 674 peer_identity_address,
kenjiArai 0:5b88d5760320 675 peer_irk
kenjiArai 0:5b88d5760320 676 );
kenjiArai 0:5b88d5760320 677 }
kenjiArai 0:5b88d5760320 678
kenjiArai 0:5b88d5760320 679 /**
kenjiArai 0:5b88d5760320 680 * Add a device definition from the resolving list of the LE subsystem.
kenjiArai 0:5b88d5760320 681 *
kenjiArai 0:5b88d5760320 682 * @param[in] peer_identity_address_type public/private indicator
kenjiArai 0:5b88d5760320 683 * @param[in] peer_identity_address address of the device whose entry is to be removed
kenjiArai 0:5b88d5760320 684 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.39
kenjiArai 0:5b88d5760320 685 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 686 */
kenjiArai 0:5b88d5760320 687 ble_error_t remove_device_from_resolving_list(
kenjiArai 0:5b88d5760320 688 advertising_peer_address_type_t peer_identity_address_type,
kenjiArai 0:5b88d5760320 689 const address_t &peer_identity_address
kenjiArai 0:5b88d5760320 690 ) {
kenjiArai 0:5b88d5760320 691 return impl()->remove_device_from_resolving_list_(
kenjiArai 0:5b88d5760320 692 peer_identity_address_type,
kenjiArai 0:5b88d5760320 693 peer_identity_address
kenjiArai 0:5b88d5760320 694 );
kenjiArai 0:5b88d5760320 695 }
kenjiArai 0:5b88d5760320 696
kenjiArai 0:5b88d5760320 697 /**
kenjiArai 0:5b88d5760320 698 * Remove all devices from the resolving list.
kenjiArai 0:5b88d5760320 699 *
kenjiArai 0:5b88d5760320 700 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part E: 7.8.40
kenjiArai 0:5b88d5760320 701 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 702 */
kenjiArai 0:5b88d5760320 703 ble_error_t clear_resolving_list() {
kenjiArai 0:5b88d5760320 704 return impl()->clear_resolving_list_();
kenjiArai 0:5b88d5760320 705 }
kenjiArai 0:5b88d5760320 706
kenjiArai 0:5b88d5760320 707 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 708 // Pairing
kenjiArai 0:5b88d5760320 709 //
kenjiArai 0:5b88d5760320 710
kenjiArai 0:5b88d5760320 711 /**
kenjiArai 0:5b88d5760320 712 * Send a pairing request to a slave.
kenjiArai 0:5b88d5760320 713 *
kenjiArai 0:5b88d5760320 714 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 715 * @param[in] oob_data_flag is oob data present
kenjiArai 0:5b88d5760320 716 * @param[in] authentication_requirements authentication requirements
kenjiArai 0:5b88d5760320 717 * @param[in] initiator_dist key distribution
kenjiArai 0:5b88d5760320 718 * @param[in] responder_dist key distribution
kenjiArai 0:5b88d5760320 719 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.1
kenjiArai 0:5b88d5760320 720 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 721 */
kenjiArai 0:5b88d5760320 722 ble_error_t send_pairing_request(
kenjiArai 0:5b88d5760320 723 connection_handle_t connection,
kenjiArai 0:5b88d5760320 724 bool oob_data_flag,
kenjiArai 0:5b88d5760320 725 AuthenticationMask authentication_requirements,
kenjiArai 0:5b88d5760320 726 KeyDistribution initiator_dist,
kenjiArai 0:5b88d5760320 727 KeyDistribution responder_dist
kenjiArai 0:5b88d5760320 728 ) {
kenjiArai 0:5b88d5760320 729 return impl()->send_pairing_request_(
kenjiArai 0:5b88d5760320 730 connection,
kenjiArai 0:5b88d5760320 731 oob_data_flag,
kenjiArai 0:5b88d5760320 732 authentication_requirements,
kenjiArai 0:5b88d5760320 733 initiator_dist,
kenjiArai 0:5b88d5760320 734 responder_dist
kenjiArai 0:5b88d5760320 735 );
kenjiArai 0:5b88d5760320 736 }
kenjiArai 0:5b88d5760320 737
kenjiArai 0:5b88d5760320 738 /**
kenjiArai 0:5b88d5760320 739 * Send a pairing response to a master.
kenjiArai 0:5b88d5760320 740 *
kenjiArai 0:5b88d5760320 741 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.2*
kenjiArai 0:5b88d5760320 742 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 743 * @param[in] oob_data_flag is oob data present
kenjiArai 0:5b88d5760320 744 * @param[in] authentication_requirements authentication requirements
kenjiArai 0:5b88d5760320 745 * @param[in] initiator_dist key distribution
kenjiArai 0:5b88d5760320 746 * @param[in] responder_dist key distribution
kenjiArai 0:5b88d5760320 747 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 748 */
kenjiArai 0:5b88d5760320 749 ble_error_t send_pairing_response(
kenjiArai 0:5b88d5760320 750 connection_handle_t connection,
kenjiArai 0:5b88d5760320 751 bool oob_data_flag,
kenjiArai 0:5b88d5760320 752 AuthenticationMask authentication_requirements,
kenjiArai 0:5b88d5760320 753 KeyDistribution initiator_dist,
kenjiArai 0:5b88d5760320 754 KeyDistribution responder_dist
kenjiArai 0:5b88d5760320 755 ) {
kenjiArai 0:5b88d5760320 756 return impl()->send_pairing_response_(
kenjiArai 0:5b88d5760320 757 connection,
kenjiArai 0:5b88d5760320 758 oob_data_flag,
kenjiArai 0:5b88d5760320 759 authentication_requirements,
kenjiArai 0:5b88d5760320 760 initiator_dist,
kenjiArai 0:5b88d5760320 761 responder_dist
kenjiArai 0:5b88d5760320 762 );
kenjiArai 0:5b88d5760320 763 }
kenjiArai 0:5b88d5760320 764
kenjiArai 0:5b88d5760320 765 /**
kenjiArai 0:5b88d5760320 766 * Cancel an ongoing pairing.
kenjiArai 0:5b88d5760320 767 *
kenjiArai 0:5b88d5760320 768 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 769 * @param[in] reason pairing failure error
kenjiArai 0:5b88d5760320 770 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 3.5.5
kenjiArai 0:5b88d5760320 771 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 772 */
kenjiArai 0:5b88d5760320 773 ble_error_t cancel_pairing(
kenjiArai 0:5b88d5760320 774 connection_handle_t connection,
kenjiArai 0:5b88d5760320 775 pairing_failure_t reason
kenjiArai 0:5b88d5760320 776 ) {
kenjiArai 0:5b88d5760320 777 return impl()->cancel_pairing_(
kenjiArai 0:5b88d5760320 778 connection,
kenjiArai 0:5b88d5760320 779 reason
kenjiArai 0:5b88d5760320 780 );
kenjiArai 0:5b88d5760320 781 }
kenjiArai 0:5b88d5760320 782
kenjiArai 0:5b88d5760320 783 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 784 // Feature support
kenjiArai 0:5b88d5760320 785 //
kenjiArai 0:5b88d5760320 786
kenjiArai 0:5b88d5760320 787 /**
kenjiArai 0:5b88d5760320 788 * Check if the Secure Connections feature is supported by the stack and controller.
kenjiArai 0:5b88d5760320 789 *
kenjiArai 0:5b88d5760320 790 * @param[out] enabled true if SC are supported
kenjiArai 0:5b88d5760320 791 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 792 */
kenjiArai 0:5b88d5760320 793 ble_error_t get_secure_connections_support(
kenjiArai 0:5b88d5760320 794 bool &enabled
kenjiArai 0:5b88d5760320 795 ) {
kenjiArai 0:5b88d5760320 796 return impl()->get_secure_connections_support_(enabled);
kenjiArai 0:5b88d5760320 797 }
kenjiArai 0:5b88d5760320 798
kenjiArai 0:5b88d5760320 799 /**
kenjiArai 0:5b88d5760320 800 * Set the IO capability that will be used during pairing feature exchange.
kenjiArai 0:5b88d5760320 801 *
kenjiArai 0:5b88d5760320 802 * @param[in] io_capability type of IO capabilities available on the local device
kenjiArai 0:5b88d5760320 803 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 804 */
kenjiArai 0:5b88d5760320 805 ble_error_t set_io_capability(
kenjiArai 0:5b88d5760320 806 io_capability_t io_capability
kenjiArai 0:5b88d5760320 807 ) {
kenjiArai 0:5b88d5760320 808 return impl()->set_io_capability_(io_capability);
kenjiArai 0:5b88d5760320 809 }
kenjiArai 0:5b88d5760320 810
kenjiArai 0:5b88d5760320 811 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 812 // Security settings
kenjiArai 0:5b88d5760320 813 //
kenjiArai 0:5b88d5760320 814
kenjiArai 0:5b88d5760320 815 /**
kenjiArai 0:5b88d5760320 816 * Set the time after which an event will be generated unless we received a packet with
kenjiArai 0:5b88d5760320 817 * a valid MIC.
kenjiArai 0:5b88d5760320 818 *
kenjiArai 0:5b88d5760320 819 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 820 * @param[in] timeout_in_10ms time measured in units of 10 milliseconds
kenjiArai 0:5b88d5760320 821 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 822 */
kenjiArai 0:5b88d5760320 823 ble_error_t set_authentication_timeout(
kenjiArai 0:5b88d5760320 824 connection_handle_t connection,
kenjiArai 0:5b88d5760320 825 uint16_t timeout_in_10ms
kenjiArai 0:5b88d5760320 826 ) {
kenjiArai 0:5b88d5760320 827 return impl()->set_authentication_timeout_(
kenjiArai 0:5b88d5760320 828 connection,
kenjiArai 0:5b88d5760320 829 timeout_in_10ms
kenjiArai 0:5b88d5760320 830 );
kenjiArai 0:5b88d5760320 831 }
kenjiArai 0:5b88d5760320 832
kenjiArai 0:5b88d5760320 833 /**
kenjiArai 0:5b88d5760320 834 * Get the time after which an event will be generated unless we received a packet with
kenjiArai 0:5b88d5760320 835 * a valid MIC.
kenjiArai 0:5b88d5760320 836 *
kenjiArai 0:5b88d5760320 837 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 838 * @param[out] timeout_in_10ms time measured in units of 10 milliseconds
kenjiArai 0:5b88d5760320 839 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 840 */
kenjiArai 0:5b88d5760320 841 ble_error_t get_authentication_timeout(
kenjiArai 0:5b88d5760320 842 connection_handle_t connection,
kenjiArai 0:5b88d5760320 843 uint16_t &timeout_in_10ms
kenjiArai 0:5b88d5760320 844 ) {
kenjiArai 0:5b88d5760320 845 return impl()->get_authentication_timeout_(
kenjiArai 0:5b88d5760320 846 connection,
kenjiArai 0:5b88d5760320 847 timeout_in_10ms
kenjiArai 0:5b88d5760320 848 );
kenjiArai 0:5b88d5760320 849 }
kenjiArai 0:5b88d5760320 850
kenjiArai 0:5b88d5760320 851 /**
kenjiArai 0:5b88d5760320 852 * Set the key size boundaries that will be used during pairing feature
kenjiArai 0:5b88d5760320 853 * exchange.
kenjiArai 0:5b88d5760320 854 *
kenjiArai 0:5b88d5760320 855 * @param[in] min_encryption_key_size The minimum encryption key size in bytes
kenjiArai 0:5b88d5760320 856 * required for pairing. This value shall be in the range [7 : 16].
kenjiArai 0:5b88d5760320 857 *
kenjiArai 0:5b88d5760320 858 * @param[in] max_encryption_key_size The maximum encryption key size in bytes
kenjiArai 0:5b88d5760320 859 * required for pairing. This value shall be in the range
kenjiArai 0:5b88d5760320 860 * [min_encryption_key_size : 16].
kenjiArai 0:5b88d5760320 861 *
kenjiArai 0:5b88d5760320 862 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 863 */
kenjiArai 0:5b88d5760320 864 ble_error_t set_encryption_key_requirements(
kenjiArai 0:5b88d5760320 865 uint8_t min_encryption_key_size,
kenjiArai 0:5b88d5760320 866 uint8_t max_encryption_key_size
kenjiArai 0:5b88d5760320 867 ) {
kenjiArai 0:5b88d5760320 868 return impl()->set_encryption_key_requirements_(
kenjiArai 0:5b88d5760320 869 min_encryption_key_size,
kenjiArai 0:5b88d5760320 870 max_encryption_key_size
kenjiArai 0:5b88d5760320 871 );
kenjiArai 0:5b88d5760320 872 }
kenjiArai 0:5b88d5760320 873
kenjiArai 0:5b88d5760320 874 /**
kenjiArai 0:5b88d5760320 875 * Request change of security level from the master. This is called by the slave when
kenjiArai 0:5b88d5760320 876 * it needs to elevate the security level as it can't change it itself. This will be
kenjiArai 0:5b88d5760320 877 * received by the master who will take the decision about what action to take
kenjiArai 0:5b88d5760320 878 * (encryption, pairing, re-paring).
kenjiArai 0:5b88d5760320 879 *
kenjiArai 0:5b88d5760320 880 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 881 * @param[in] authentication authentication requirements
kenjiArai 0:5b88d5760320 882 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 883 */
kenjiArai 0:5b88d5760320 884 ble_error_t slave_security_request(
kenjiArai 0:5b88d5760320 885 connection_handle_t connection,
kenjiArai 0:5b88d5760320 886 AuthenticationMask authentication
kenjiArai 0:5b88d5760320 887 ) {
kenjiArai 0:5b88d5760320 888 return impl()->slave_security_request_(
kenjiArai 0:5b88d5760320 889 connection,
kenjiArai 0:5b88d5760320 890 authentication
kenjiArai 0:5b88d5760320 891 );
kenjiArai 0:5b88d5760320 892 }
kenjiArai 0:5b88d5760320 893
kenjiArai 0:5b88d5760320 894 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 895 // Encryption
kenjiArai 0:5b88d5760320 896 //
kenjiArai 0:5b88d5760320 897
kenjiArai 0:5b88d5760320 898 /**
kenjiArai 0:5b88d5760320 899 * Enabled encryption using the LTK given. The EDIV and RAND will be sent to the peer and
kenjiArai 0:5b88d5760320 900 * used to identify the LTK. This is called by the master. This will refresh the key if
kenjiArai 0:5b88d5760320 901 * enabled on an already encrypted link.
kenjiArai 0:5b88d5760320 902 *
kenjiArai 0:5b88d5760320 903 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 904 * @param[in] ltk long term key from the peer
kenjiArai 0:5b88d5760320 905 * @param[in] ediv encryption diversifier from the peer
kenjiArai 0:5b88d5760320 906 * @param[in] rand random value from the peer
kenjiArai 0:5b88d5760320 907 * @param[in] mitm does the LTK have man in the middle protection
kenjiArai 0:5b88d5760320 908 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 909 */
kenjiArai 0:5b88d5760320 910 ble_error_t enable_encryption(
kenjiArai 0:5b88d5760320 911 connection_handle_t connection,
kenjiArai 0:5b88d5760320 912 const ltk_t &ltk,
kenjiArai 0:5b88d5760320 913 const rand_t &rand,
kenjiArai 0:5b88d5760320 914 const ediv_t &ediv,
kenjiArai 0:5b88d5760320 915 bool mitm
kenjiArai 0:5b88d5760320 916 ) {
kenjiArai 0:5b88d5760320 917 return impl()->enable_encryption_(
kenjiArai 0:5b88d5760320 918 connection,
kenjiArai 0:5b88d5760320 919 ltk,
kenjiArai 0:5b88d5760320 920 rand,
kenjiArai 0:5b88d5760320 921 ediv,
kenjiArai 0:5b88d5760320 922 mitm
kenjiArai 0:5b88d5760320 923 );
kenjiArai 0:5b88d5760320 924 }
kenjiArai 0:5b88d5760320 925
kenjiArai 0:5b88d5760320 926 /**
kenjiArai 0:5b88d5760320 927 * Enabled encryption using the LTK given on a connection established with secure
kenjiArai 0:5b88d5760320 928 * connections pairing.
kenjiArai 0:5b88d5760320 929 *
kenjiArai 0:5b88d5760320 930 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 931 * @param[in] ltk long term key from the peer
kenjiArai 0:5b88d5760320 932 * @param[in] mitm does the LTK have man in the middle protection
kenjiArai 0:5b88d5760320 933 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 934 */
kenjiArai 0:5b88d5760320 935 ble_error_t enable_encryption(
kenjiArai 0:5b88d5760320 936 connection_handle_t connection,
kenjiArai 0:5b88d5760320 937 const ltk_t &ltk,
kenjiArai 0:5b88d5760320 938 bool mitm
kenjiArai 0:5b88d5760320 939 ) {
kenjiArai 0:5b88d5760320 940 return impl()->enable_encryption_(
kenjiArai 0:5b88d5760320 941 connection,
kenjiArai 0:5b88d5760320 942 ltk,
kenjiArai 0:5b88d5760320 943 mitm
kenjiArai 0:5b88d5760320 944 );
kenjiArai 0:5b88d5760320 945 }
kenjiArai 0:5b88d5760320 946
kenjiArai 0:5b88d5760320 947 /**
kenjiArai 0:5b88d5760320 948 * Encrypt data with a given key. This uses the facility on the controller to
kenjiArai 0:5b88d5760320 949 * perform the encryption.
kenjiArai 0:5b88d5760320 950 *
kenjiArai 0:5b88d5760320 951 * @param[in] key encryption key
kenjiArai 0:5b88d5760320 952 * @param[in,out] data data to be encrypted, if successful contains the result
kenjiArai 0:5b88d5760320 953 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 954 */
kenjiArai 0:5b88d5760320 955 ble_error_t encrypt_data(
kenjiArai 0:5b88d5760320 956 const byte_array_t<16> &key,
kenjiArai 0:5b88d5760320 957 encryption_block_t &data
kenjiArai 0:5b88d5760320 958 ) {
kenjiArai 0:5b88d5760320 959 return impl()->encrypt_data_(key, data);
kenjiArai 0:5b88d5760320 960 }
kenjiArai 0:5b88d5760320 961
kenjiArai 0:5b88d5760320 962 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 963 // Privacy
kenjiArai 0:5b88d5760320 964 //
kenjiArai 0:5b88d5760320 965
kenjiArai 0:5b88d5760320 966 ble_error_t set_private_address_timeout(
kenjiArai 0:5b88d5760320 967 uint16_t timeout_in_seconds
kenjiArai 0:5b88d5760320 968 ) {
kenjiArai 0:5b88d5760320 969 return impl()->set_private_address_timeout(timeout_in_seconds);
kenjiArai 0:5b88d5760320 970 }
kenjiArai 0:5b88d5760320 971
kenjiArai 0:5b88d5760320 972 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 973 // Keys
kenjiArai 0:5b88d5760320 974 //
kenjiArai 0:5b88d5760320 975
kenjiArai 0:5b88d5760320 976 /**
kenjiArai 0:5b88d5760320 977 * Set the LTK that is to be used for encryption.
kenjiArai 0:5b88d5760320 978 *
kenjiArai 0:5b88d5760320 979 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 980 * @param[in] ltk long term key
kenjiArai 0:5b88d5760320 981 * @param[in] mitm does the LTK have man in the middle protection
kenjiArai 0:5b88d5760320 982 * @param[in] secure_connections is this a secure_connections pairing
kenjiArai 0:5b88d5760320 983 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 984 */
kenjiArai 0:5b88d5760320 985 ble_error_t set_ltk(
kenjiArai 0:5b88d5760320 986 connection_handle_t connection,
kenjiArai 0:5b88d5760320 987 const ltk_t &ltk,
kenjiArai 0:5b88d5760320 988 bool mitm,
kenjiArai 0:5b88d5760320 989 bool secure_connections
kenjiArai 0:5b88d5760320 990 ) {
kenjiArai 0:5b88d5760320 991 return impl()->set_ltk_(connection, ltk, mitm, secure_connections);
kenjiArai 0:5b88d5760320 992 }
kenjiArai 0:5b88d5760320 993
kenjiArai 0:5b88d5760320 994 /**
kenjiArai 0:5b88d5760320 995 * Inform the stack we don't have the LTK.
kenjiArai 0:5b88d5760320 996 *
kenjiArai 0:5b88d5760320 997 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 998 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 999 */
kenjiArai 0:5b88d5760320 1000 ble_error_t set_ltk_not_found(
kenjiArai 0:5b88d5760320 1001 connection_handle_t connection
kenjiArai 0:5b88d5760320 1002 ) {
kenjiArai 0:5b88d5760320 1003 return impl()->set_ltk_not_found_(connection);
kenjiArai 0:5b88d5760320 1004 }
kenjiArai 0:5b88d5760320 1005
kenjiArai 0:5b88d5760320 1006 /**
kenjiArai 0:5b88d5760320 1007 * Set the local IRK.
kenjiArai 0:5b88d5760320 1008 *
kenjiArai 0:5b88d5760320 1009 * @param[in] irk identity resolution key
kenjiArai 0:5b88d5760320 1010 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1011 */
kenjiArai 0:5b88d5760320 1012 ble_error_t set_irk(
kenjiArai 0:5b88d5760320 1013 const irk_t &irk
kenjiArai 0:5b88d5760320 1014 ) {
kenjiArai 0:5b88d5760320 1015 return impl()->set_irk_(irk);
kenjiArai 0:5b88d5760320 1016 }
kenjiArai 0:5b88d5760320 1017
kenjiArai 0:5b88d5760320 1018 /**
kenjiArai 0:5b88d5760320 1019 * Set the local CSRK.
kenjiArai 0:5b88d5760320 1020 *
kenjiArai 0:5b88d5760320 1021 * @param[in] csrk local signing key
kenjiArai 0:5b88d5760320 1022 * @param[in] sign_counter local signing counter
kenjiArai 0:5b88d5760320 1023 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1024 */
kenjiArai 0:5b88d5760320 1025 ble_error_t set_csrk(
kenjiArai 0:5b88d5760320 1026 const csrk_t &csrk,
kenjiArai 0:5b88d5760320 1027 sign_count_t sign_counter
kenjiArai 0:5b88d5760320 1028 ) {
kenjiArai 0:5b88d5760320 1029 return impl()->set_csrk_(csrk, sign_counter);
kenjiArai 0:5b88d5760320 1030 }
kenjiArai 0:5b88d5760320 1031
kenjiArai 0:5b88d5760320 1032 /**
kenjiArai 0:5b88d5760320 1033 * Set the peer CSRK for particular connection.
kenjiArai 0:5b88d5760320 1034 *
kenjiArai 0:5b88d5760320 1035 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 1036 * @param[in] csrk signing key
kenjiArai 0:5b88d5760320 1037 * @param[in] authenticated is the CSRK authenticated
kenjiArai 0:5b88d5760320 1038 * @param[in] sign_counter signing counter
kenjiArai 0:5b88d5760320 1039 * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1040 */
kenjiArai 0:5b88d5760320 1041 ble_error_t set_peer_csrk(
kenjiArai 0:5b88d5760320 1042 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1043 const csrk_t &csrk,
kenjiArai 0:5b88d5760320 1044 bool authenticated,
kenjiArai 0:5b88d5760320 1045 sign_count_t sign_counter
kenjiArai 0:5b88d5760320 1046 ) {
kenjiArai 0:5b88d5760320 1047 return impl()->set_peer_csrk_(
kenjiArai 0:5b88d5760320 1048 connection,
kenjiArai 0:5b88d5760320 1049 csrk,
kenjiArai 0:5b88d5760320 1050 authenticated,
kenjiArai 0:5b88d5760320 1051 sign_counter
kenjiArai 0:5b88d5760320 1052 );
kenjiArai 0:5b88d5760320 1053 }
kenjiArai 0:5b88d5760320 1054
kenjiArai 0:5b88d5760320 1055 ble_error_t remove_peer_csrk(connection_handle_t connection) {
kenjiArai 0:5b88d5760320 1056 return impl()->remove_peer_csrk_(connection);
kenjiArai 0:5b88d5760320 1057 }
kenjiArai 0:5b88d5760320 1058
kenjiArai 0:5b88d5760320 1059 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 1060 // Authentication
kenjiArai 0:5b88d5760320 1061 //
kenjiArai 0:5b88d5760320 1062
kenjiArai 0:5b88d5760320 1063 /**
kenjiArai 0:5b88d5760320 1064 * Generate and return 8 octets of random data compliant with [FIPS PUB 140-2]
kenjiArai 0:5b88d5760320 1065 *
kenjiArai 0:5b88d5760320 1066 * @param[out] random_data returns 8 octets of random data
kenjiArai 0:5b88d5760320 1067 * @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 2, Part H 2
kenjiArai 0:5b88d5760320 1068 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1069 */
kenjiArai 0:5b88d5760320 1070 ble_error_t get_random_data(
kenjiArai 0:5b88d5760320 1071 byte_array_t<8> &random_data
kenjiArai 0:5b88d5760320 1072 ) {
kenjiArai 0:5b88d5760320 1073 return impl()->get_random_data_(random_data);
kenjiArai 0:5b88d5760320 1074 }
kenjiArai 0:5b88d5760320 1075
kenjiArai 0:5b88d5760320 1076 ////////////////////////////////////////////////////////////////////////////
kenjiArai 0:5b88d5760320 1077 // MITM
kenjiArai 0:5b88d5760320 1078 //
kenjiArai 0:5b88d5760320 1079
kenjiArai 0:5b88d5760320 1080 /**
kenjiArai 0:5b88d5760320 1081 * Set the default passkey that will be used when the SM needs a passkey to
kenjiArai 0:5b88d5760320 1082 * be displayed.
kenjiArai 0:5b88d5760320 1083 *
kenjiArai 0:5b88d5760320 1084 * By default, the pal security manager generates a random passkey when a
kenjiArai 0:5b88d5760320 1085 * passkey has to be displayed by the application. A call to this function
kenjiArai 0:5b88d5760320 1086 * with a valid passkey alter this behaviour and the SecurityManager shall
kenjiArai 0:5b88d5760320 1087 * pass the passkey set into SecurityManagerEvent::on_passkey_display .
kenjiArai 0:5b88d5760320 1088 *
kenjiArai 0:5b88d5760320 1089 * A call to this function with a zero value will reset the behaviour and
kenjiArai 0:5b88d5760320 1090 * indicates to the security manager that passkeys passed to
kenjiArai 0:5b88d5760320 1091 * SecurityManagerEvent::on_passkey_display shall be randomly generated.
kenjiArai 0:5b88d5760320 1092 *
kenjiArai 0:5b88d5760320 1093 * @param[in] passkey Set the passkey that shall be used by the security
kenjiArai 0:5b88d5760320 1094 * manager when SecurityManagerEvent::on_passkey_display is called. If
kenjiArai 0:5b88d5760320 1095 * passkey is set to 0 then the security manager generates a random
kenjiArai 0:5b88d5760320 1096 * passkey every time it calls SecurityManagerEvent::on_passkey_display.
kenjiArai 0:5b88d5760320 1097 *
kenjiArai 0:5b88d5760320 1098 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1099 */
kenjiArai 0:5b88d5760320 1100 ble_error_t set_display_passkey(
kenjiArai 0:5b88d5760320 1101 passkey_num_t passkey
kenjiArai 0:5b88d5760320 1102 ) {
kenjiArai 0:5b88d5760320 1103 return impl()->set_display_passkey_(passkey);
kenjiArai 0:5b88d5760320 1104 }
kenjiArai 0:5b88d5760320 1105
kenjiArai 0:5b88d5760320 1106 /**
kenjiArai 0:5b88d5760320 1107 * Reply to a passkey request received from the SecurityManagerEventHandler.
kenjiArai 0:5b88d5760320 1108 *
kenjiArai 0:5b88d5760320 1109 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1110 */
kenjiArai 0:5b88d5760320 1111 ble_error_t passkey_request_reply(
kenjiArai 0:5b88d5760320 1112 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1113 passkey_num_t passkey
kenjiArai 0:5b88d5760320 1114 ) {
kenjiArai 0:5b88d5760320 1115 return impl()->passkey_request_reply_(connection, passkey);
kenjiArai 0:5b88d5760320 1116 }
kenjiArai 0:5b88d5760320 1117
kenjiArai 0:5b88d5760320 1118 /**
kenjiArai 0:5b88d5760320 1119 * Reply to a Secure Connections oob data request received from the SecurityManagerEventHandler.
kenjiArai 0:5b88d5760320 1120 *
kenjiArai 0:5b88d5760320 1121 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 1122 * @param[in] local_random local random number used for the last oob exchange
kenjiArai 0:5b88d5760320 1123 * @param[in] peer_random random number used to generate the confirmation on peer
kenjiArai 0:5b88d5760320 1124 * @param[in] peer_confirm confirmation value to be use for authentication
kenjiArai 0:5b88d5760320 1125 * in secure connections pairing
kenjiArai 0:5b88d5760320 1126 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1127 */
kenjiArai 0:5b88d5760320 1128 ble_error_t secure_connections_oob_request_reply(
kenjiArai 0:5b88d5760320 1129 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1130 const oob_lesc_value_t &local_random,
kenjiArai 0:5b88d5760320 1131 const oob_lesc_value_t &peer_random,
kenjiArai 0:5b88d5760320 1132 const oob_confirm_t &peer_confirm
kenjiArai 0:5b88d5760320 1133 ) {
kenjiArai 0:5b88d5760320 1134 return impl()->secure_connections_oob_request_reply_(
kenjiArai 0:5b88d5760320 1135 connection,
kenjiArai 0:5b88d5760320 1136 local_random,
kenjiArai 0:5b88d5760320 1137 peer_random,
kenjiArai 0:5b88d5760320 1138 peer_confirm
kenjiArai 0:5b88d5760320 1139 );
kenjiArai 0:5b88d5760320 1140 }
kenjiArai 0:5b88d5760320 1141
kenjiArai 0:5b88d5760320 1142 /**
kenjiArai 0:5b88d5760320 1143 * Reply to a legacy pairing oob data request received from the SecurityManagerEventHandler.
kenjiArai 0:5b88d5760320 1144 *
kenjiArai 0:5b88d5760320 1145 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 1146 * @param[in] oob_data pointer to out of band data
kenjiArai 0:5b88d5760320 1147 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1148 */
kenjiArai 0:5b88d5760320 1149 ble_error_t legacy_pairing_oob_request_reply(
kenjiArai 0:5b88d5760320 1150 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1151 const oob_tk_t &oob_data
kenjiArai 0:5b88d5760320 1152 ) {
kenjiArai 0:5b88d5760320 1153 return impl()->legacy_pairing_oob_request_reply_(connection, oob_data);
kenjiArai 0:5b88d5760320 1154 }
kenjiArai 0:5b88d5760320 1155
kenjiArai 0:5b88d5760320 1156 /**
kenjiArai 0:5b88d5760320 1157 * Notify the stack that the user has confirmed the values during numerical
kenjiArai 0:5b88d5760320 1158 * comparison stage of pairing.
kenjiArai 0:5b88d5760320 1159 *
kenjiArai 0:5b88d5760320 1160 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 1161 * @param[in] confirmation true if the user indicated the numbers match
kenjiArai 0:5b88d5760320 1162 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1163 */
kenjiArai 0:5b88d5760320 1164 ble_error_t confirmation_entered(
kenjiArai 0:5b88d5760320 1165 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1166 bool confirmation
kenjiArai 0:5b88d5760320 1167 ) {
kenjiArai 0:5b88d5760320 1168 return impl()->confirmation_entered_(connection, confirmation);
kenjiArai 0:5b88d5760320 1169 }
kenjiArai 0:5b88d5760320 1170
kenjiArai 0:5b88d5760320 1171 /**
kenjiArai 0:5b88d5760320 1172 * Notify the stack that the user pressed a key. This will be sent to the peer and create
kenjiArai 0:5b88d5760320 1173 * an appropriate event there if the keypress protocol is enabled.
kenjiArai 0:5b88d5760320 1174 *
kenjiArai 0:5b88d5760320 1175 * @param[in] connection connection handle
kenjiArai 0:5b88d5760320 1176 * @param[in] keypress type of keypress event
kenjiArai 0:5b88d5760320 1177 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1178 */
kenjiArai 0:5b88d5760320 1179 ble_error_t send_keypress_notification(
kenjiArai 0:5b88d5760320 1180 connection_handle_t connection,
kenjiArai 0:5b88d5760320 1181 Keypress_t keypress
kenjiArai 0:5b88d5760320 1182 ) {
kenjiArai 0:5b88d5760320 1183 return impl()->send_keypress_notification_(connection, keypress);
kenjiArai 0:5b88d5760320 1184 }
kenjiArai 0:5b88d5760320 1185
kenjiArai 0:5b88d5760320 1186 /**
kenjiArai 0:5b88d5760320 1187 * Generate local OOB data to be sent to the application which sends it to the peer.
kenjiArai 0:5b88d5760320 1188 * @return BLE_ERROR_NONE On success, else an error code indicating reason for failure
kenjiArai 0:5b88d5760320 1189 */
kenjiArai 0:5b88d5760320 1190 ble_error_t generate_secure_connections_oob() {
kenjiArai 0:5b88d5760320 1191 return impl()->generate_secure_connections_oob_();
kenjiArai 0:5b88d5760320 1192 }
kenjiArai 0:5b88d5760320 1193
kenjiArai 0:5b88d5760320 1194 /* Entry points for the underlying stack to report events back to the user. */
kenjiArai 0:5b88d5760320 1195 public:
kenjiArai 0:5b88d5760320 1196 /**
kenjiArai 0:5b88d5760320 1197 * Sets the event handler that us called by the PAL porters to notify the stack of events
kenjiArai 0:5b88d5760320 1198 * which will in turn be passed onto the user application when appropriate.
kenjiArai 0:5b88d5760320 1199 *
kenjiArai 0:5b88d5760320 1200 * @param[in] event_handler the new event handler interface implementation. Memory
kenjiArai 0:5b88d5760320 1201 * owned by caller who is responsible for updating this pointer if interface changes.
kenjiArai 0:5b88d5760320 1202 */
kenjiArai 0:5b88d5760320 1203 void set_event_handler(
kenjiArai 0:5b88d5760320 1204 EventHandler *event_handler
kenjiArai 0:5b88d5760320 1205 ) {
kenjiArai 0:5b88d5760320 1206 _pal_event_handler = event_handler;
kenjiArai 0:5b88d5760320 1207 }
kenjiArai 0:5b88d5760320 1208
kenjiArai 0:5b88d5760320 1209 EventHandler* get_event_handler() {
kenjiArai 0:5b88d5760320 1210 return _pal_event_handler;
kenjiArai 0:5b88d5760320 1211 }
kenjiArai 0:5b88d5760320 1212
kenjiArai 0:5b88d5760320 1213 private:
kenjiArai 0:5b88d5760320 1214 EventHandler *_pal_event_handler;
kenjiArai 0:5b88d5760320 1215
kenjiArai 0:5b88d5760320 1216 };
kenjiArai 0:5b88d5760320 1217
kenjiArai 0:5b88d5760320 1218 } /* namespace pal */
kenjiArai 0:5b88d5760320 1219 } /* namespace ble */
kenjiArai 0:5b88d5760320 1220
kenjiArai 0:5b88d5760320 1221 #endif /* MBED_OS_FEATURES_FEATURE_BLE_BLE_PAL_PALSM_H_ */