Kevin Kadooka / mbed-dev

Important changes to repositories hosted on mbed.com

Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.

To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.

It is also possible to export all your personal repositories from the account settings page.

Fork of mbed-dev by mbed official

targets/hal/TARGET_NORDIC/TARGET_NRF5/sdk/ble/peer_manager/security_manager.h@144:ef7eb2e8f9f7, 2016-09-02 (annotated)

Committer:
<>
Date:
Fri Sep 02 15:07:44 2016 +0100
Revision:
144:ef7eb2e8f9f7
This updates the lib to the mbed lib v125

Who changed what in which revision?

UserRevisionLine numberNew contents of line
<> 144:ef7eb2e8f9f7 1 /*
<> 144:ef7eb2e8f9f7 2 * Copyright (c) 2015 Nordic Semiconductor ASA
<> 144:ef7eb2e8f9f7 3 * All rights reserved.
<> 144:ef7eb2e8f9f7 4 *
<> 144:ef7eb2e8f9f7 5 * Redistribution and use in source and binary forms, with or without modification,
<> 144:ef7eb2e8f9f7 6 * are permitted provided that the following conditions are met:
<> 144:ef7eb2e8f9f7 7 *
<> 144:ef7eb2e8f9f7 8 * 1. Redistributions of source code must retain the above copyright notice, this list
<> 144:ef7eb2e8f9f7 9 * of conditions and the following disclaimer.
<> 144:ef7eb2e8f9f7 10 *
<> 144:ef7eb2e8f9f7 11 * 2. Redistributions in binary form, except as embedded into a Nordic Semiconductor ASA
<> 144:ef7eb2e8f9f7 12 * integrated circuit in a product or a software update for such product, must reproduce
<> 144:ef7eb2e8f9f7 13 * the above copyright notice, this list of conditions and the following disclaimer in
<> 144:ef7eb2e8f9f7 14 * the documentation and/or other materials provided with the distribution.
<> 144:ef7eb2e8f9f7 15 *
<> 144:ef7eb2e8f9f7 16 * 3. Neither the name of Nordic Semiconductor ASA nor the names of its contributors may be
<> 144:ef7eb2e8f9f7 17 * used to endorse or promote products derived from this software without specific prior
<> 144:ef7eb2e8f9f7 18 * written permission.
<> 144:ef7eb2e8f9f7 19 *
<> 144:ef7eb2e8f9f7 20 * 4. This software, with or without modification, must only be used with a
<> 144:ef7eb2e8f9f7 21 * Nordic Semiconductor ASA integrated circuit.
<> 144:ef7eb2e8f9f7 22 *
<> 144:ef7eb2e8f9f7 23 * 5. Any software provided in binary or object form under this license must not be reverse
<> 144:ef7eb2e8f9f7 24 * engineered, decompiled, modified and/or disassembled.
<> 144:ef7eb2e8f9f7 25 *
<> 144:ef7eb2e8f9f7 26 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
<> 144:ef7eb2e8f9f7 27 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
<> 144:ef7eb2e8f9f7 28 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
<> 144:ef7eb2e8f9f7 29 * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
<> 144:ef7eb2e8f9f7 30 * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
<> 144:ef7eb2e8f9f7 31 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
<> 144:ef7eb2e8f9f7 32 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
<> 144:ef7eb2e8f9f7 33 * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
<> 144:ef7eb2e8f9f7 34 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
<> 144:ef7eb2e8f9f7 35 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
<> 144:ef7eb2e8f9f7 36 *
<> 144:ef7eb2e8f9f7 37 */
<> 144:ef7eb2e8f9f7 38
<> 144:ef7eb2e8f9f7 39
<> 144:ef7eb2e8f9f7 40
<> 144:ef7eb2e8f9f7 41 #ifndef SECURITY_MANAGER_H__
<> 144:ef7eb2e8f9f7 42 #define SECURITY_MANAGER_H__
<> 144:ef7eb2e8f9f7 43
<> 144:ef7eb2e8f9f7 44 #include <stdint.h>
<> 144:ef7eb2e8f9f7 45 #include "sdk_errors.h"
<> 144:ef7eb2e8f9f7 46 #include "nrf_ble.h"
<> 144:ef7eb2e8f9f7 47 #include "nrf_ble_gap.h"
<> 144:ef7eb2e8f9f7 48 #include "peer_manager_types.h"
<> 144:ef7eb2e8f9f7 49 #include "security_dispatcher.h"
<> 144:ef7eb2e8f9f7 50
<> 144:ef7eb2e8f9f7 51
<> 144:ef7eb2e8f9f7 52 /**
<> 144:ef7eb2e8f9f7 53 * @cond NO_DOXYGEN
<> 144:ef7eb2e8f9f7 54 * @defgroup security_manager Security Manager
<> 144:ef7eb2e8f9f7 55 * @ingroup peer_manager
<> 144:ef7eb2e8f9f7 56 * @{
<> 144:ef7eb2e8f9f7 57 * @brief An internal module of @ref peer_manager. A module for streamlining pairing, bonding, and
<> 144:ef7eb2e8f9f7 58 * encryption, including flash storage of shared data.
<> 144:ef7eb2e8f9f7 59 */
<> 144:ef7eb2e8f9f7 60
<> 144:ef7eb2e8f9f7 61
<> 144:ef7eb2e8f9f7 62 /**@brief Events that can come from the Security Manager module.
<> 144:ef7eb2e8f9f7 63 */
<> 144:ef7eb2e8f9f7 64 typedef enum
<> 144:ef7eb2e8f9f7 65 {
<> 144:ef7eb2e8f9f7 66 // SM_EVT_PARAMS_REQ = SMD_EVT_PARAMS_REQ, /**< Parameters are required for a pairing procedure on the specified connection. The user must provide them using @ref sm_sec_params_set or @ref sm_sec_params_reply (only this procedure, currently unimplemented). */
<> 144:ef7eb2e8f9f7 67 SM_EVT_SLAVE_SECURITY_REQ = SMD_EVT_SLAVE_SECURITY_REQ, /**< The peer (peripheral) has requested link encryption, which has been enabled. */
<> 144:ef7eb2e8f9f7 68 SM_EVT_SEC_PROCEDURE_START = SMD_EVT_SEC_PROCEDURE_START, /**< A security procedure has started. */
<> 144:ef7eb2e8f9f7 69 SM_EVT_PAIRING_SUCCESS = SMD_EVT_PAIRING_SUCCESS, /**< A pairing procedure (and bonding if applicable) has completed with success. */
<> 144:ef7eb2e8f9f7 70 SM_EVT_PAIRING_FAIL = SMD_EVT_PAIRING_FAIL, /**< A pairing procedure has failed which means no encryption and no bond could be established. */
<> 144:ef7eb2e8f9f7 71 SM_EVT_LINK_ENCRYPTION_UPDATE = SMD_EVT_LINK_ENCRYPTION_UPDATE, /**< The security level of the link has been updated. The link is encrypted. */
<> 144:ef7eb2e8f9f7 72 SM_EVT_LINK_ENCRYPTION_FAILED = SMD_EVT_LINK_ENCRYPTION_FAILED, /**< An attempt to start encryption on an unencrypted link failed because the peripheral did not have the correct keys. If the peer is the peripheral, the force_repairing flag should be set when reattempting @ref sm_link_secure. */
<> 144:ef7eb2e8f9f7 73 SM_EVT_BONDING_INFO_STORED = SMD_EVT_BONDING_INFO_STORED, /**< Information exchanged during bonding with a peer has been stored persistently. */
<> 144:ef7eb2e8f9f7 74 SM_EVT_ERROR_BONDING_INFO = SMD_EVT_ERROR_BONDING_INFO, /**< Information exchanged during bonding with a peer could not be stored persistently, because of an unexpected error. */
<> 144:ef7eb2e8f9f7 75 SM_EVT_ERROR_UNEXPECTED = SMD_EVT_ERROR_UNEXPECTED, /**< An operation failed with an unexpected error. The error is provided. This is possibly a fatal error. */
<> 144:ef7eb2e8f9f7 76 SM_EVT_ERROR_NO_MEM /*= SMD_EVT_ERROR_NO_MEM*/, /**< An operation failed because there was no available storage room in persistent storage. Please free up room and the operation will automatically continue after the next compression. */
<> 144:ef7eb2e8f9f7 77 SM_EVT_ERROR_SMP_TIMEOUT, /**< An operation failed because there has been an SMP timeout on the link, which entails that no more security operations can be performed on it. */
<> 144:ef7eb2e8f9f7 78 SM_EVT_CONN_SEC_CONFIG_REQ, /**< The peer (central) has requested pairing, but a bond already exists with that peer. Reply by calling @ref sm_conn_sec_config_reply before the event handler returns. If no reply is sent, a default is used. */
<> 144:ef7eb2e8f9f7 79 } sm_evt_id_t;
<> 144:ef7eb2e8f9f7 80
<> 144:ef7eb2e8f9f7 81
<> 144:ef7eb2e8f9f7 82 typedef struct
<> 144:ef7eb2e8f9f7 83 {
<> 144:ef7eb2e8f9f7 84 sm_evt_id_t evt_id;
<> 144:ef7eb2e8f9f7 85 uint16_t conn_handle;
<> 144:ef7eb2e8f9f7 86 smd_evt_params_t params;
<> 144:ef7eb2e8f9f7 87 } sm_evt_t;
<> 144:ef7eb2e8f9f7 88
<> 144:ef7eb2e8f9f7 89
<> 144:ef7eb2e8f9f7 90
<> 144:ef7eb2e8f9f7 91 /**@brief Event handler for events from the Security Manager module.
<> 144:ef7eb2e8f9f7 92 *
<> 144:ef7eb2e8f9f7 93 * @param[in] event The event that has happened.
<> 144:ef7eb2e8f9f7 94 * @param[in] conn_handle The connection handle the event pertains to.
<> 144:ef7eb2e8f9f7 95 */
<> 144:ef7eb2e8f9f7 96 typedef void (*sm_evt_handler_t)(sm_evt_t const * p_event);
<> 144:ef7eb2e8f9f7 97
<> 144:ef7eb2e8f9f7 98
<> 144:ef7eb2e8f9f7 99 /**@brief Function for registering with the Security Manager module. This function also
<> 144:ef7eb2e8f9f7 100 * initializes the module if uninitialized.
<> 144:ef7eb2e8f9f7 101 *
<> 144:ef7eb2e8f9f7 102 * @param[in] evt_handler Callback for events from the Security Manager module.
<> 144:ef7eb2e8f9f7 103 *
<> 144:ef7eb2e8f9f7 104 * @retval NRF_SUCCESS Registration was successful.
<> 144:ef7eb2e8f9f7 105 * @retval NRF_ERROR_NO_MEM No more registrations possible.
<> 144:ef7eb2e8f9f7 106 * @retval NRF_ERROR_NULL evt_handler was NULL.
<> 144:ef7eb2e8f9f7 107 * @retval NRF_ERROR_INTERNAL An unexpected error occurred.
<> 144:ef7eb2e8f9f7 108 */
<> 144:ef7eb2e8f9f7 109 ret_code_t sm_register(sm_evt_handler_t evt_handler);
<> 144:ef7eb2e8f9f7 110
<> 144:ef7eb2e8f9f7 111
<> 144:ef7eb2e8f9f7 112 /**@brief Function for dispatching SoftDevice events to the Security Manager module.
<> 144:ef7eb2e8f9f7 113 *
<> 144:ef7eb2e8f9f7 114 * @param[in] ble_evt The SoftDevice event.
<> 144:ef7eb2e8f9f7 115 */
<> 144:ef7eb2e8f9f7 116 void sm_ble_evt_handler(ble_evt_t * ble_evt);
<> 144:ef7eb2e8f9f7 117
<> 144:ef7eb2e8f9f7 118
<> 144:ef7eb2e8f9f7 119 /**@brief Function for providing pairing and bonding parameters to use for pairing procedures.
<> 144:ef7eb2e8f9f7 120 *
<> 144:ef7eb2e8f9f7 121 * @details Until this is called, all bonding procedures initiated by the peer will be rejected.
<> 144:ef7eb2e8f9f7 122 * This function can be called multiple times, even with NULL p_sec_params, in which case
<> 144:ef7eb2e8f9f7 123 * it will go back to rejecting all procedures.
<> 144:ef7eb2e8f9f7 124 *
<> 144:ef7eb2e8f9f7 125 * @param[in] p_sec_params The security parameters to use for this link. Can be NULL to reject
<> 144:ef7eb2e8f9f7 126 * all pairing procedures.
<> 144:ef7eb2e8f9f7 127 *
<> 144:ef7eb2e8f9f7 128 * @retval NRF_SUCCESS Success.
<> 144:ef7eb2e8f9f7 129 * @retval NRF_ERROR_INVALID_PARAM Invalid combination of parameters.
<> 144:ef7eb2e8f9f7 130 * @retval NRF_ERROR_INVALID_STATE Module is not initialized.
<> 144:ef7eb2e8f9f7 131 */
<> 144:ef7eb2e8f9f7 132 ret_code_t sm_sec_params_set(ble_gap_sec_params_t * p_sec_params);
<> 144:ef7eb2e8f9f7 133
<> 144:ef7eb2e8f9f7 134
<> 144:ef7eb2e8f9f7 135 /**@brief Function for providing security configuration for a link.
<> 144:ef7eb2e8f9f7 136 *
<> 144:ef7eb2e8f9f7 137 * @details This function is optional, and must be called in reply to a @ref
<> 144:ef7eb2e8f9f7 138 * SM_EVT_CONN_SEC_CONFIG_REQ event, before the Peer Manager event handler returns. If it
<> 144:ef7eb2e8f9f7 139 * is not called in time, a default configuration is used. See @ref pm_conn_sec_config_t
<> 144:ef7eb2e8f9f7 140 * for the value of the default.
<> 144:ef7eb2e8f9f7 141 *
<> 144:ef7eb2e8f9f7 142 * @param[in] conn_handle The connection to set the configuration for.
<> 144:ef7eb2e8f9f7 143 * @param[in] p_conn_sec_config The configuration.
<> 144:ef7eb2e8f9f7 144 */
<> 144:ef7eb2e8f9f7 145 void sm_conn_sec_config_reply(uint16_t conn_handle, pm_conn_sec_config_t * p_conn_sec_config);
<> 144:ef7eb2e8f9f7 146
<> 144:ef7eb2e8f9f7 147
<> 144:ef7eb2e8f9f7 148 /**@brief Experimental function for specifying the public key to use for LESC operations.
<> 144:ef7eb2e8f9f7 149 *
<> 144:ef7eb2e8f9f7 150 * @details This function can be called multiple times. The specified public key will be used for
<> 144:ef7eb2e8f9f7 151 * all subsequent LESC (LE Secure Connections) operations until the next time this function
<> 144:ef7eb2e8f9f7 152 * is called.
<> 144:ef7eb2e8f9f7 153 *
<> 144:ef7eb2e8f9f7 154 * @note The key must continue to reside in application memory as it is not copied by Peer Manager.
<> 144:ef7eb2e8f9f7 155 *
<> 144:ef7eb2e8f9f7 156 * @param[in] p_public_key The public key to use for all subsequent LESC operations.
<> 144:ef7eb2e8f9f7 157 *
<> 144:ef7eb2e8f9f7 158 * @retval NRF_SUCCESS Pairing initiated successfully.
<> 144:ef7eb2e8f9f7 159 * @retval NRF_ERROR_INVALID_STATE Peer Manager is not initialized.
<> 144:ef7eb2e8f9f7 160 */
<> 144:ef7eb2e8f9f7 161 ret_code_t sm_lesc_public_key_set(ble_gap_lesc_p256_pk_t * p_public_key);
<> 144:ef7eb2e8f9f7 162
<> 144:ef7eb2e8f9f7 163
<> 144:ef7eb2e8f9f7 164 /**@brief Function for providing pairing and bonding parameters to use for the current pairing
<> 144:ef7eb2e8f9f7 165 * procedure on a connection.
<> 144:ef7eb2e8f9f7 166 *
<> 144:ef7eb2e8f9f7 167 * @warning This function is not yet implemented.
<> 144:ef7eb2e8f9f7 168 *
<> 144:ef7eb2e8f9f7 169 * @note If this function returns an @ref NRF_ERROR_NULL, @ref NRF_ERROR_INVALID_PARAM, @ref
<> 144:ef7eb2e8f9f7 170 * BLE_ERROR_INVALID_CONN_HANDLE, or @ref NRF_ERROR_NO_MEM, this function can be called again
<> 144:ef7eb2e8f9f7 171 * after corrective action.
<> 144:ef7eb2e8f9f7 172 *
<> 144:ef7eb2e8f9f7 173 * @note To reject a request, call this function with NULL p_sec_params.
<> 144:ef7eb2e8f9f7 174 *
<> 144:ef7eb2e8f9f7 175 * @param[in] conn_handle The connection handle of the connection the pairing is happening on.
<> 144:ef7eb2e8f9f7 176 * @param[in] p_sec_params The security parameters to use for this link.
<> 144:ef7eb2e8f9f7 177 *
<> 144:ef7eb2e8f9f7 178 * @retval NRF_SUCCESS Success.
<> 144:ef7eb2e8f9f7 179 * @retval NRF_ERROR_INVALID_STATE Module is not initialized, or no parameters have been
<> 144:ef7eb2e8f9f7 180 * requested on that conn_handle, or this error originates
<> 144:ef7eb2e8f9f7 181 * from the SoftDevice.
<> 144:ef7eb2e8f9f7 182 * @retval NRF_ERROR_INVALID_PARAM Invalid combination of parameters (not including conn_handle).
<> 144:ef7eb2e8f9f7 183 * @retval NRF_ERROR_TIMEOUT There has been an SMP timeout, so no more SMP operations
<> 144:ef7eb2e8f9f7 184 * can be performed on this link.
<> 144:ef7eb2e8f9f7 185 * @retval BLE_ERROR_INVALID_CONN_HANDLE Invalid connection handle.
<> 144:ef7eb2e8f9f7 186 * @retval NRF_ERROR_NO_MEM No more room in flash. Fix and reattempt later.
<> 144:ef7eb2e8f9f7 187 * @retval NRF_ERROR_BUSY No write buffer. Reattempt later.
<> 144:ef7eb2e8f9f7 188 */
<> 144:ef7eb2e8f9f7 189 ret_code_t sm_sec_params_reply(uint16_t conn_handle, ble_gap_sec_params_t * p_sec_params);
<> 144:ef7eb2e8f9f7 190
<> 144:ef7eb2e8f9f7 191
<> 144:ef7eb2e8f9f7 192 /**@brief Function for initiating security on the link, with the specified parameters.
<> 144:ef7eb2e8f9f7 193 *
<> 144:ef7eb2e8f9f7 194 * @note If the connection is a peripheral connection, this will send a security request to the
<> 144:ef7eb2e8f9f7 195 * master, but the master is not obligated to initiate pairing or encryption in response.
<> 144:ef7eb2e8f9f7 196 * @note If the connection is a central connection and a key is available, the parameters will be
<> 144:ef7eb2e8f9f7 197 * used to determine whether to re-pair or to encrypt using the existing key. If no key is
<> 144:ef7eb2e8f9f7 198 * available, pairing will be started.
<> 144:ef7eb2e8f9f7 199 *
<> 144:ef7eb2e8f9f7 200 * @param[in] conn_handle Handle of the connection to initiate pairing on.
<> 144:ef7eb2e8f9f7 201 * @param[in] force_repairing Whether to force a pairing procedure to happen regardless of whether
<> 144:ef7eb2e8f9f7 202 * an encryption key already exists. This argument is only relevant for
<> 144:ef7eb2e8f9f7 203 * the central role. Recommended value: false
<> 144:ef7eb2e8f9f7 204 *
<> 144:ef7eb2e8f9f7 205 * @retval NRF_SUCCESS Success.
<> 144:ef7eb2e8f9f7 206 * @retval NRF_ERROR_TIMEOUT There has been an SMP timeout, so no more SMP operations
<> 144:ef7eb2e8f9f7 207 * can be performed on this link.
<> 144:ef7eb2e8f9f7 208 * @retval BLE_ERROR_INVALID_CONN_HANDLE Invalid connection handle.
<> 144:ef7eb2e8f9f7 209 * @retval NRF_ERROR_NOT_FOUND Security parameters have not been set.
<> 144:ef7eb2e8f9f7 210 * @retval NRF_ERROR_INVALID_STATE Module is not initialized.
<> 144:ef7eb2e8f9f7 211 * @retval NRF_ERROR_INTERNAL An unexpected error occurred.
<> 144:ef7eb2e8f9f7 212 */
<> 144:ef7eb2e8f9f7 213 ret_code_t sm_link_secure(uint16_t conn_handle, bool force_repairing);
<> 144:ef7eb2e8f9f7 214
<> 144:ef7eb2e8f9f7 215 /** @}
<> 144:ef7eb2e8f9f7 216 * @endcond
<> 144:ef7eb2e8f9f7 217 */
<> 144:ef7eb2e8f9f7 218
<> 144:ef7eb2e8f9f7 219 #endif /* SECURITY_MANAGER_H__ */