Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: TYBLE16_simple_data_logger TYBLE16_MP3_Air
SecurityDb.h
00001 /* mbed Microcontroller Library 00002 * Copyright (c) 2018 ARM Limited 00003 * 00004 * Licensed under the Apache License, Version 2.0 (the "License"); 00005 * you may not use this file except in compliance with the License. 00006 * You may obtain a copy of the License at 00007 * 00008 * http://www.apache.org/licenses/LICENSE-2.0 00009 * 00010 * Unless required by applicable law or agreed to in writing, software 00011 * distributed under the License is distributed on an "AS IS" BASIS, 00012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 00013 * See the License for the specific language governing permissions and 00014 * limitations under the License. 00015 */ 00016 00017 #ifndef GENERIC_SECURITY_MANAGER_DB_H__ 00018 #define GENERIC_SECURITY_MANAGER_DB_H__ 00019 00020 #include "platform/Callback.h" 00021 #include "ble/pal/GapTypes.h" 00022 #include "ble/BLETypes.h" 00023 #include "ble/Gap.h" 00024 #include <stdlib.h> 00025 00026 namespace ble { 00027 namespace generic { 00028 00029 00030 /** 00031 * Security flags associated with a bond. 00032 */ 00033 struct SecurityDistributionFlags_t { 00034 SecurityDistributionFlags_t() : 00035 peer_address(), 00036 encryption_key_size(0), 00037 peer_address_is_public(false), 00038 csrk_stored(false), 00039 ltk_stored(false), 00040 ltk_sent(false), 00041 irk_stored(false), 00042 csrk_mitm_protected(false), 00043 ltk_mitm_protected(false), 00044 secure_connections_paired(false), 00045 connected(false) { 00046 } 00047 00048 /** peer address */ 00049 address_t peer_address; 00050 00051 /** encryption key size */ 00052 uint8_t encryption_key_size; 00053 /** true if peer address is public, false if it's static random */ 00054 uint8_t peer_address_is_public:1; 00055 00056 /** CSRK (Connection Signature Resolving Key) has been distributed and stored */ 00057 uint8_t csrk_stored:1; 00058 /** LTK (Long Term Key) has been distributed and stored */ 00059 uint8_t ltk_stored:1; 00060 uint8_t ltk_sent:1; 00061 /** the security entry has been distributed and stored */ 00062 uint8_t irk_stored:1; 00063 00064 /** CSRK that is stored has MITM protection */ 00065 uint8_t csrk_mitm_protected:1; 00066 /** LTK that is stored has MITM protection */ 00067 uint8_t ltk_mitm_protected:1; 00068 /** the current pairing was done using Secure Connections */ 00069 uint8_t secure_connections_paired:1; 00070 uint8_t connected:1; 00071 }; 00072 00073 /** Long Term Key and data used to identify it */ 00074 struct SecurityEntryKeys_t { 00075 /** Long Term Key */ 00076 ltk_t ltk; 00077 /** EDIV (Encryption diversifier) used to identify LTK during legacy pairing */ 00078 ediv_t ediv; 00079 /** Rand (random number) used to identify LTK during legacy pairing */ 00080 rand_t rand; 00081 }; 00082 00083 /** CSRK and sign counter used to verify messages */ 00084 struct SecurityEntrySigning_t { 00085 SecurityEntrySigning_t() : counter(0) { }; 00086 /** Signing key */ 00087 csrk_t csrk; 00088 /** counter used to verify message to guard from replay attacks */ 00089 sign_count_t counter; 00090 }; 00091 00092 /** Data for resolving random resolvable addresses */ 00093 struct SecurityEntryIdentity_t { 00094 /** identity address */ 00095 address_t identity_address; 00096 /** Identity Resolving Key */ 00097 irk_t irk; 00098 /** true if peer identity address is public, false if it's static random */ 00099 uint8_t identity_address_is_public:1; 00100 }; 00101 00102 /** 00103 * SecurityDb holds the state for active connections and bonded devices. 00104 * Keys can be stored in NVM and are returned via callbacks. 00105 * SecurityDb is responsible for serialising any requests and keeping 00106 * the store in a consistent state. 00107 * Active connections state must be returned immediately. 00108 */ 00109 class SecurityDb { 00110 public: 00111 /** 00112 * Opaque type representing a handle to a database entry. 00113 */ 00114 typedef void* entry_handle_t; 00115 00116 /* callbacks for asynchronous data retrieval from the security db */ 00117 00118 typedef mbed::Callback<void(entry_handle_t, const SecurityEntryKeys_t*)> 00119 SecurityEntryKeysDbCb_t; 00120 typedef mbed::Callback<void(entry_handle_t, const SecurityEntrySigning_t*)> 00121 SecurityEntrySigningDbCb_t; 00122 typedef mbed::Callback<void(entry_handle_t, const SecurityEntryIdentity_t*)> 00123 SecurityEntryIdentityDbCb_t; 00124 typedef mbed::Callback<void(Span<SecurityEntryIdentity_t>&, size_t count)> 00125 IdentitylistDbCb_t; 00126 typedef mbed::Callback<void(::Gap::Whitelist_t*)> 00127 WhitelistDbCb_t; 00128 00129 SecurityDb() : _local_sign_counter(0) { }; 00130 virtual ~SecurityDb() { }; 00131 00132 /** 00133 * Return immediately security flags associated to a db entry. 00134 * 00135 * @param[in] db_handle Entry of the database queried. 00136 * @return pointer to the flags or NULL if the entry do not have any 00137 * associated flags. 00138 */ 00139 virtual SecurityDistributionFlags_t* get_distribution_flags( 00140 entry_handle_t db_handle 00141 ) = 0; 00142 00143 /** 00144 * Set the distribution flags of a DB entry. 00145 * 00146 * @param[in] db_handle Entry of the database that will store the flags. 00147 * @param[in] flags Distribution flags to store in @p db_handle. 00148 */ 00149 virtual void set_distribution_flags( 00150 entry_handle_t db_handle, 00151 const SecurityDistributionFlags_t& new_flags 00152 ) { 00153 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00154 if (flags) { 00155 *flags = new_flags; 00156 } 00157 } 00158 00159 /* local keys */ 00160 00161 /** 00162 * Retrieve stored LTK based on passed in EDIV and RAND values. 00163 * 00164 * @param[in] cb callback that will receive the LTK struct 00165 * @param[in] db_handle handle of the entry being queried. 00166 * @param[in] ediv one of the values used to identify the LTK 00167 * @param[in] rand one of the values used to identify the LTK 00168 */ 00169 virtual void get_entry_local_keys( 00170 SecurityEntryKeysDbCb_t cb, 00171 entry_handle_t db_handle, 00172 const ediv_t &ediv, 00173 const rand_t &rand 00174 ) { 00175 SecurityEntryKeys_t* keys = read_in_entry_local_keys(db_handle); 00176 /* validate we have the correct key */ 00177 if (keys && ediv == keys->ediv && rand == keys->rand) { 00178 cb(db_handle, keys); 00179 } else { 00180 cb(db_handle, NULL); 00181 } 00182 } 00183 00184 /** 00185 * Retrieve stored LTK generated during secure connections pairing. 00186 * 00187 * @param[in] cb callback that will receive the LTK struct 00188 * @param[in] db_handle handle of the entry being queried. 00189 */ 00190 virtual void get_entry_local_keys( 00191 SecurityEntryKeysDbCb_t cb, 00192 entry_handle_t db_handle 00193 ) { 00194 SecurityEntryKeys_t* keys = read_in_entry_local_keys(db_handle); 00195 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00196 /* validate we have the correct key */ 00197 if (flags && keys && flags->secure_connections_paired) { 00198 cb(db_handle, keys); 00199 } else { 00200 cb(db_handle, NULL); 00201 } 00202 } 00203 00204 /** 00205 * Save new local LTK for a connection. 00206 * 00207 * @param[in] db_handle handle of the entry being updated. 00208 * @param[in] ltk the new LTK, if the device is slave, this is the LTK that 00209 * will be used when link is encrypted 00210 */ 00211 virtual void set_entry_local_ltk( 00212 entry_handle_t db_handle, 00213 const ltk_t <k 00214 ) = 0; 00215 00216 /** 00217 * Update EDIV and RAND used to identify the LTK. 00218 * 00219 * @param[in] db_handle handle of the entry being updated. 00220 * @param[in] ediv new EDIV value 00221 * @param[in] rand new RAND value 00222 */ 00223 virtual void set_entry_local_ediv_rand( 00224 entry_handle_t db_handle, 00225 const ediv_t &ediv, 00226 const rand_t &rand 00227 ) = 0; 00228 00229 /* peer's keys */ 00230 00231 /** 00232 * Return asynchronously the peer signing key through a callback 00233 * so that signed packets can be verified. 00234 * 00235 * @param[in] cb callback which will receive the key 00236 * @param[in] db_handle handle of the entry being queried. 00237 */ 00238 virtual void get_entry_peer_csrk( 00239 SecurityEntrySigningDbCb_t cb, 00240 entry_handle_t db_handle 00241 ) { 00242 SecurityEntrySigning_t* signing = read_in_entry_peer_signing(db_handle); 00243 cb(db_handle, signing); 00244 } 00245 00246 /** 00247 * Return asynchronously the peer encryption key through a callback 00248 * so that encryption can be enabled. 00249 * 00250 * @param[in] cb callback which will receive the key 00251 * @param[in] db_handle handle of the entry being queried. 00252 */ 00253 virtual void get_entry_peer_keys( 00254 SecurityEntryKeysDbCb_t cb, 00255 entry_handle_t db_handle 00256 ) { 00257 SecurityEntryKeys_t* keys = read_in_entry_peer_keys(db_handle); 00258 cb(db_handle, keys); 00259 } 00260 00261 /** 00262 * Save new LTK received from the peer. 00263 * 00264 * @param[in] db_handle handle of the entry being updated. 00265 * @param[in] ltk the new LTK, if the peer device is slave, this is the LTK 00266 * that will be used when link is encrypted 00267 */ 00268 virtual void set_entry_peer_ltk( 00269 entry_handle_t db_handle, 00270 const ltk_t <k 00271 ) = 0; 00272 00273 /** 00274 * Update EDIV and RAND used to identify the LTK sent by the peer. 00275 * 00276 * @param[in] db_handle handle of the entry being updated. 00277 * @param[in] ediv new EDIV value 00278 * @param[in] rand new RAND value 00279 */ 00280 virtual void set_entry_peer_ediv_rand( 00281 entry_handle_t db_handle, 00282 const ediv_t &ediv, 00283 const rand_t &rand 00284 ) = 0; 00285 00286 /** 00287 * Update IRK for this connection. 00288 * 00289 * @param[in] db_handle handle of the entry being updated. 00290 * @param[in] irk new IRK value 00291 */ 00292 virtual void set_entry_peer_irk( 00293 entry_handle_t db_handle, 00294 const irk_t &irk 00295 ) = 0; 00296 00297 /** 00298 * Update the identity address of the peer. 00299 * 00300 * @param[in] db_handle handle of the entry being updated. 00301 * @param[in] address_is_public is the identity address public or private 00302 * @param[in] peer_address the new address 00303 */ 00304 virtual void set_entry_peer_bdaddr( 00305 entry_handle_t db_handle, 00306 bool address_is_public, 00307 const address_t &peer_address 00308 ) = 0; 00309 00310 /** 00311 * Retrieve stored identity address and IRK. 00312 * 00313 * @param[in] cb callback that will receive the SecurityEntryIdentity_t struct 00314 * @param[in] db_handle handle of the entry being queried. 00315 */ 00316 virtual void get_entry_identity( 00317 SecurityEntryIdentityDbCb_t cb, 00318 entry_handle_t db_handle 00319 ) { 00320 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00321 if (flags && flags->irk_stored) { 00322 SecurityEntryIdentity_t* peer_identity = read_in_entry_peer_identity(db_handle); 00323 if (peer_identity) { 00324 cb(db_handle, peer_identity); 00325 return; 00326 } 00327 } 00328 /* avoid duplicate else */ 00329 cb(db_handle, NULL); 00330 } 00331 00332 /** 00333 * Asynchronously return the identity list stored in NVM through a callback. 00334 * Function takes ownership of the memory. The identity list and the 00335 * ownership will be returned in the callback. 00336 * 00337 * @param[in] cb callback that will receive the whitelist 00338 * @param[in] identity_list preallocated identity_list that will be filled 00339 * in. 00340 */ 00341 virtual void get_identity_list( 00342 IdentitylistDbCb_t cb, 00343 Span<SecurityEntryIdentity_t>& identity_list 00344 ) { 00345 size_t count = 0; 00346 for (size_t i = 0; i < get_entry_count() && count < identity_list.size(); ++i) { 00347 00348 entry_handle_t db_handle = get_entry_handle_by_index(i); 00349 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00350 00351 00352 if (flags && flags->irk_stored) { 00353 SecurityEntryIdentity_t* peer_identity = read_in_entry_peer_identity(db_handle); 00354 if (peer_identity) { 00355 identity_list[count] = *peer_identity; 00356 count++; 00357 } 00358 } 00359 } 00360 00361 cb(identity_list, count); 00362 } 00363 00364 /** 00365 * Update peer signing key. 00366 * 00367 * @param[in] db_handle handle of the entry being updated. 00368 * @param[in] csrk new CSRK value 00369 */ 00370 virtual void set_entry_peer_csrk( 00371 entry_handle_t db_handle, 00372 const csrk_t &csrk 00373 ) = 0; 00374 00375 /** 00376 * Update peer signing counter. 00377 * 00378 * @param[in] db_handle handle of the entry being updated. 00379 * @param[in] sign_counter new signing counter value 00380 */ 00381 virtual void set_entry_peer_sign_counter( 00382 entry_handle_t db_handle, 00383 sign_count_t sign_counter 00384 ) = 0; 00385 00386 /* local csrk */ 00387 00388 /** 00389 * Return local signing key used for signing packets. 00390 * 00391 * @return pointer to local CSRK 00392 */ 00393 virtual const csrk_t * get_local_csrk() { 00394 return &_local_csrk; 00395 } 00396 00397 /** 00398 * Return local signing counter. 00399 * 00400 * @return signing counter 00401 */ 00402 virtual sign_count_t get_local_sign_counter() { 00403 return _local_sign_counter; 00404 } 00405 00406 /** 00407 * Update local signing key. 00408 * 00409 * @param[in] csrk new CSRK value 00410 */ 00411 virtual void set_local_csrk( 00412 const csrk_t &csrk 00413 ) { 00414 _local_csrk = csrk; 00415 } 00416 00417 /** 00418 * Update local signing counter. 00419 * 00420 * @param[in] sign_counter new signing counter value 00421 */ 00422 virtual void set_local_sign_counter( 00423 sign_count_t sign_counter 00424 ) { 00425 _local_sign_counter = sign_counter; 00426 } 00427 00428 /* list management */ 00429 00430 /** 00431 * Open a database entry. 00432 * 00433 * While this entry is opened; it can be queried and updated with the help 00434 * of the database setter and getter functions. 00435 * 00436 * @param[in] peer_address_type type of address 00437 * @param[in] peer_address this address will be used to locate an existing 00438 * entry. 00439 * 00440 * @return A handle to the entry. 00441 */ 00442 virtual entry_handle_t open_entry( 00443 peer_address_type_t peer_address_type, 00444 const address_t &peer_address 00445 ) { 00446 entry_handle_t db_handle = find_entry_by_peer_address(peer_address_type, peer_address); 00447 if (db_handle) { 00448 return db_handle; 00449 } 00450 00451 SecurityDistributionFlags_t* flags = get_free_entry_flags(); 00452 if (flags) { 00453 const bool peer_address_public = 00454 (peer_address_type == peer_address_type_t::PUBLIC) || 00455 (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY); 00456 /* we need some address to store, so we store even random ones 00457 * this address will be used as an id, possibly replaced later 00458 * by identity address */ 00459 flags->peer_address = peer_address; 00460 flags->peer_address_is_public = peer_address_public; 00461 return flags; 00462 } 00463 00464 return NULL; 00465 } 00466 00467 /** 00468 * Find a database entry based on peer address. 00469 * 00470 * @param[in] peer_address_type type of address 00471 * @param[in] peer_address this address will be used to locate an existing entry. 00472 * 00473 * @return A handle to the entry. 00474 */ 00475 virtual entry_handle_t find_entry_by_peer_address( 00476 peer_address_type_t peer_address_type, 00477 const address_t &peer_address 00478 ) { 00479 const bool peer_address_public = 00480 (peer_address_type == peer_address_type_t::PUBLIC) || 00481 (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY); 00482 00483 for (size_t i = 0; i < get_entry_count(); i++) { 00484 entry_handle_t db_handle = get_entry_handle_by_index(i); 00485 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00486 00487 /* only look among disconnected entries */ 00488 if (flags && !flags->connected) { 00489 if (peer_address_type == peer_address_type_t::PUBLIC_IDENTITY && 00490 flags->irk_stored == false) { 00491 continue; 00492 } 00493 00494 /* lookup for connection address used during bonding */ 00495 if (flags->peer_address == peer_address && 00496 flags->peer_address_is_public == peer_address_public) { 00497 return flags; 00498 } 00499 00500 /* look for the identity address if stored */ 00501 if (flags->irk_stored) { 00502 SecurityEntryIdentity_t* identity = read_in_entry_peer_identity(db_handle); 00503 00504 if (identity && 00505 identity->identity_address == peer_address && 00506 identity->identity_address_is_public == peer_address_public) { 00507 return flags; 00508 } 00509 } 00510 } 00511 } 00512 00513 return NULL; 00514 } 00515 00516 /** 00517 * Close a connection entry. 00518 * 00519 * @param[in] db_handle this handle will be freed up from the security db. 00520 */ 00521 virtual void close_entry(entry_handle_t db_handle) { 00522 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00523 if (flags) { 00524 flags->connected = false; 00525 } 00526 sync(db_handle); 00527 } 00528 00529 /** 00530 * Remove entry for this peer from NVM. 00531 * 00532 * @param[in] peer_address_type type of address 00533 * @param[in] peer_address this address will be used to locate an existing 00534 * entry. 00535 * 00536 * @return A handle to the entry. 00537 */ 00538 virtual void remove_entry( 00539 peer_address_type_t peer_address_type, 00540 const address_t &peer_address 00541 ) { 00542 entry_handle_t db_handle = find_entry_by_peer_address(peer_address_type, peer_address); 00543 if (db_handle) { 00544 reset_entry(db_handle); 00545 } 00546 } 00547 00548 /** 00549 * Remove all entries from the security DB. 00550 */ 00551 virtual void clear_entries() { 00552 for (size_t i = 0; i < get_entry_count(); i++) { 00553 entry_handle_t db_handle = get_entry_handle_by_index(i); 00554 reset_entry(db_handle); 00555 } 00556 _local_identity = SecurityEntryIdentity_t(); 00557 _local_csrk = csrk_t (); 00558 } 00559 00560 /** 00561 * Asynchronously return the whitelist stored in NVM through a callback. 00562 * Function takes ownership of the memory. The whitelist and the ownership 00563 * will be returned in the callback. 00564 * 00565 * @param[in] cb callback that will receive the whitelist 00566 * @param[in] whitelist preallocated whitelist that will be filled in 00567 */ 00568 virtual void get_whitelist( 00569 WhitelistDbCb_t cb, 00570 ::Gap::Whitelist_t *whitelist 00571 ) { 00572 /*TODO: fill whitelist*/ 00573 cb(whitelist); 00574 } 00575 00576 /** 00577 * Asynchronously return a whitelist through a callback, generated from the 00578 * bond table. 00579 * 00580 * @param[in] cb callback that will receive the whitelist 00581 * @param[in] whitelist preallocated whitelist that will be filled in 00582 */ 00583 virtual void generate_whitelist_from_bond_table( 00584 WhitelistDbCb_t cb, 00585 ::Gap::Whitelist_t *whitelist 00586 ) { 00587 for (size_t i = 0; i < get_entry_count() && whitelist->size < whitelist->capacity; i++) { 00588 entry_handle_t db_handle = get_entry_handle_by_index(i); 00589 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00590 00591 if (!flags || !flags->irk_stored) { 00592 continue; 00593 } 00594 00595 SecurityEntryIdentity_t* identity = read_in_entry_peer_identity(db_handle); 00596 if (!identity) { 00597 continue; 00598 } 00599 00600 memcpy( 00601 whitelist->addresses[whitelist->size].address, 00602 identity->identity_address.data(), 00603 sizeof(BLEProtocol::AddressBytes_t) 00604 ); 00605 00606 if (identity->identity_address_is_public) { 00607 whitelist->addresses[whitelist->size].type = BLEProtocol::AddressType::PUBLIC; 00608 } else { 00609 whitelist->addresses[whitelist->size].type = BLEProtocol::AddressType::RANDOM_STATIC; 00610 } 00611 00612 whitelist->size++; 00613 } 00614 00615 cb(whitelist); 00616 } 00617 00618 /** 00619 * Update the whitelist stored in NVM by replacing it with new one. 00620 * 00621 * @param[in] whitelist 00622 */ 00623 virtual void set_whitelist(const ::Gap::Whitelist_t &whitelist) { }; 00624 00625 /** 00626 * Add a new entry to the whitelist in the NVM. 00627 * 00628 * @param[in] address new whitelist entry 00629 */ 00630 virtual void add_whitelist_entry(const address_t &address) { }; 00631 00632 /** 00633 * Remove whitelist entry from NVM. 00634 * 00635 * @param[in] address entry to be removed 00636 */ 00637 virtual void remove_whitelist_entry(const address_t &address) { }; 00638 00639 /** 00640 *Remove all whitelist entries stored in the NVM. 00641 */ 00642 virtual void clear_whitelist() { }; 00643 00644 /* saving and loading from nvm */ 00645 00646 /** 00647 * Read values from storage. 00648 */ 00649 virtual void restore() { }; 00650 00651 /** 00652 * Flush all values which might be stored in memory into NVM. 00653 */ 00654 virtual void sync(entry_handle_t db_handle) { }; 00655 00656 /** 00657 * Toggle whether values should be preserved across resets. 00658 * 00659 * @param[in] reload if true values will be preserved across resets. 00660 */ 00661 virtual void set_restore(bool reload) { }; 00662 00663 private: 00664 /** 00665 * Get an entry for a new connection not present in the db yet. This will find a free entry 00666 * or use a disconnected entry by reseting all the stored information. 00667 * @return empty entry for the new connection 00668 */ 00669 virtual SecurityDistributionFlags_t* get_free_entry_flags() { 00670 /* get a free one if available */ 00671 SecurityDistributionFlags_t* match = NULL; 00672 for (size_t i = 0; i < get_entry_count(); i++) { 00673 entry_handle_t db_handle = get_entry_handle_by_index(i); 00674 SecurityDistributionFlags_t* flags = get_distribution_flags(db_handle); 00675 00676 if (flags && !flags->connected) { 00677 /* we settle for any disconnected if we don't find an empty one */ 00678 match = flags; 00679 if (!flags->csrk_stored 00680 && !flags->ltk_stored 00681 && !flags->ltk_sent 00682 && !flags->irk_stored) { 00683 /* empty one found, stop looking*/ 00684 break; 00685 } 00686 } 00687 } 00688 00689 if (match) { 00690 reset_entry(match); 00691 } 00692 00693 return match; 00694 } 00695 00696 /** 00697 * How many entries can be stored in the databes. 00698 * @return max number of entries 00699 */ 00700 virtual uint8_t get_entry_count() = 0; 00701 00702 /** 00703 * Return database entry based on its index. 00704 * @param index index from 0 to get_entry_count() 00705 * @return databse entry stored at index 00706 */ 00707 virtual SecurityDistributionFlags_t* get_entry_handle_by_index(uint8_t index) = 0; 00708 00709 /** 00710 * Delete all the information. 00711 * @param db_handle handle for the entry to be reset 00712 */ 00713 virtual void reset_entry(entry_handle_t db_handle) = 0; 00714 00715 /** 00716 * This will read in the requested information into a buffer that will remain valid 00717 * until another read_in call is made. 00718 * @param db_handle handle of the entry to be read 00719 * @return pointer to buffer holding the query result, NULL when not found 00720 */ 00721 virtual SecurityEntryIdentity_t* read_in_entry_peer_identity(entry_handle_t db_handle) = 0; 00722 00723 /** 00724 * This will read in the requested information into a buffer that will remain valid 00725 * until another read_in call is made. 00726 * @param db_handle handle of the entry to be read 00727 * @return pointer to buffer holding the query result, NULL when not found 00728 */ 00729 virtual SecurityEntryKeys_t* read_in_entry_peer_keys(entry_handle_t db_handle) = 0; 00730 00731 /** 00732 * This will read in the requested information into a buffer that will remain valid 00733 * until another read_in call is made. 00734 * @param db_handle handle of the entry to be read 00735 * @return pointer to buffer holding the query result, NULL when not found 00736 */ 00737 virtual SecurityEntryKeys_t* read_in_entry_local_keys(entry_handle_t db_handle) = 0; 00738 00739 /** 00740 * This will read in the requested information into a buffer that will remain valid 00741 * until another read_in call is made. 00742 * @param db_handle handle of the entry to be read 00743 * @return pointer to buffer holding the query result, NULL when not found 00744 */ 00745 virtual SecurityEntrySigning_t* read_in_entry_peer_signing(entry_handle_t db_handle) = 0; 00746 00747 protected: 00748 SecurityEntryIdentity_t _local_identity; 00749 csrk_t _local_csrk; 00750 sign_count_t _local_sign_counter; 00751 }; 00752 00753 } /* namespace pal */ 00754 } /* namespace ble */ 00755 00756 #endif /*GENERIC_SECURITY_MANAGER_DB_H__*/
Generated on Tue Jul 12 2022 13:54:49 by
