Igor Levkov
/
BLE_API
Important changes to repositories hosted on mbed.com
Mbed hosted mercurial repositories are deprecated and are due to be permanently deleted in July 2026.
To keep a copy of this software download the repository Zip archive or clone locally using Mercurial.
It is also possible to export all your personal repositories from the account settings page.
Dependents: BLE_PowerBank_HeyFaradey
Fork of
BLE_API
by 
Bluetooth Low Energy
Diff: ble/SecurityManager.h
- Revision:
- 1126:08db6549adef
- Parent:
- 1090:148d8b9b56a5
- Child:
- 1127:0f8fed8cda0d
--- a/ble/SecurityManager.h Mon Jan 11 08:52:05 2016 +0000
+++ b/ble/SecurityManager.h Tue Jan 12 19:47:50 2016 +0000
@@ -1,309 +1,329 @@
-/* mbed Microcontroller Library
- * Copyright (c) 2006-2015 ARM Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SECURITY_MANAGER_H__
-#define __SECURITY_MANAGER_H__
-
-#include <stdint.h>
-
-#include "Gap.h"
-#include "CallChainOfFunctionPointersWithContext.h"
-
-class SecurityManager {
-public:
- enum SecurityMode_t {
- SECURITY_MODE_NO_ACCESS,
- SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
- SECURITY_MODE_ENCRYPTION_NO_MITM, /**< Require encryption, but no MITM protection. */
- SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
- SECURITY_MODE_SIGNED_NO_MITM, /**< Require signing or encryption, but no MITM protection. */
- SECURITY_MODE_SIGNED_WITH_MITM, /**< Require signing or encryption, and MITM protection. */
- };
-
- /**
- * @brief Defines possible security status or states.
- *
- * @details Defines possible security status or states of a link when requested by getLinkSecurity().
- */
- enum LinkSecurityStatus_t {
- NOT_ENCRYPTED, /**< The link is not secured. */
- ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
- ENCRYPTED /**< The link is secure.*/
- };
-
- enum SecurityIOCapabilities_t {
- IO_CAPS_DISPLAY_ONLY = 0x00, /**< Display only. */
- IO_CAPS_DISPLAY_YESNO = 0x01, /**< Display and yes/no entry. */
- IO_CAPS_KEYBOARD_ONLY = 0x02, /**< Keyboard only. */
- IO_CAPS_NONE = 0x03, /**< No I/O capabilities. */
- IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
- };
-
- enum SecurityCompletionStatus_t {
- SEC_STATUS_SUCCESS = 0x00, /**< Procedure completed with success. */
- SEC_STATUS_TIMEOUT = 0x01, /**< Procedure timed out. */
- SEC_STATUS_PDU_INVALID = 0x02, /**< Invalid PDU received. */
- SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81, /**< Passkey entry failed (user canceled or other). */
- SEC_STATUS_OOB_NOT_AVAILABLE = 0x82, /**< Out of Band Key not available. */
- SEC_STATUS_AUTH_REQ = 0x83, /**< Authentication requirements not met. */
- SEC_STATUS_CONFIRM_VALUE = 0x84, /**< Confirm value failed. */
- SEC_STATUS_PAIRING_NOT_SUPP = 0x85, /**< Pairing not supported. */
- SEC_STATUS_ENC_KEY_SIZE = 0x86, /**< Encryption key size. */
- SEC_STATUS_SMP_CMD_UNSUPPORTED = 0x87, /**< Unsupported SMP command. */
- SEC_STATUS_UNSPECIFIED = 0x88, /**< Unspecified reason. */
- SEC_STATUS_REPEATED_ATTEMPTS = 0x89, /**< Too little time elapsed since last attempt. */
- SEC_STATUS_INVALID_PARAMS = 0x8A, /**< Invalid parameters. */
- };
-
- /**
- * Declaration of type containing a passkey to be used during pairing. This
- * is passed into initializeSecurity() to specify a pre-programmed passkey
- * for authentication instead of generating a random one.
- */
- static const unsigned PASSKEY_LEN = 6;
- typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
-
-public:
- typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
- typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
- typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
- typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
- typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
-
- typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
- typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
-
- /*
- * The following functions are meant to be overridden in the platform-specific sub-class.
- */
-public:
- /**
- * Enable the BLE stack's Security Manager. The Security Manager implements
- * the actual cryptographic algorithms and protocol exchanges that allow two
- * devices to securely exchange data and privately detect each other.
- * Calling this API is a prerequisite for encryption and pairing (bonding).
- *
- * @param[in] enableBonding Allow for bonding.
- * @param[in] requireMITM Require protection for man-in-the-middle attacks.
- * @param[in] iocaps To specify the I/O capabilities of this peripheral,
- * such as availability of a display or keyboard, to
- * support out-of-band exchanges of security data.
- * @param[in] passkey To specify a static passkey.
- *
- * @return BLE_ERROR_NONE on success.
- */
- virtual ble_error_t init(bool enableBonding = true,
- bool requireMITM = true,
- SecurityIOCapabilities_t iocaps = IO_CAPS_NONE,
- const Passkey_t passkey = NULL) {
- /* Avoid compiler warnings about unused variables. */
- (void)enableBonding;
- (void)requireMITM;
- (void)iocaps;
- (void)passkey;
-
- return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
- }
-
- /**
- * Get the security status of a connection.
- *
- * @param[in] connectionHandle Handle to identify the connection.
- * @param[out] securityStatusP Security status.
- *
- * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
- */
- virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
- /* Avoid compiler warnings about unused variables. */
- (void)connectionHandle;
- (void)securityStatusP;
-
- return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
- }
-
- /**
- * Set the security mode on a connection. Useful for elevating the security mode
- * once certain conditions are met, e.g., a particular service is found.
- *
- * @param[in] connectionHandle Handle to identify the connection.
- * @param[in] securityMode Requested security mode.
- *
- * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
- */
- virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
- /* Avoid compiler warnings about unused variables. */
- (void)connectionHandle;
- (void)securityMode;
-
- return BLE_ERROR_NOT_IMPLEMENTED;
- }
-
- /**
- * Delete all peer device context and all related bonding information from
- * the database within the security manager.
- *
- * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
- * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
- * application registration.
- */
- virtual ble_error_t purgeAllBondingState(void) {
- return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
- }
-
- /* Event callback handlers. */
-public:
- /**
- * Setup a callback to be invoked to notify the user application that the
- * SecurityManager instance is about to shutdown (possibly as a result of a call
- * to BLE::shutdown()).
- *
- * @Note: It is possible to chain together multiple onShutdown callbacks
- * (potentially from different modules of an application) to be notified
- * before the SecurityManager is shutdown.
- *
- * @Note: It is also possible to set up a callback into a member function of
- * some object.
- *
- * @Note It is possible to unregister a callback using onShutdown().detach(callback)
- */
- void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
- shutdownCallChain.add(callback);
- }
- template <typename T>
- void onShutdown(T *objPtr, void (T::*memberPtr)(void)) {
- shutdownCallChain.add(objPtr, memberPtr);
- }
-
- /**
- * @brief provide access to the callchain of shutdown event callbacks
- * It is possible to register callbacks using onShutdown().add(callback);
- * It is possible to unregister callbacks using onShutdown().detach(callback)
- * @return The shutdown event callbacks chain
- */
- SecurityManagerShutdownCallbackChain_t& onShutdown() {
- return shutdownCallChain;
- }
-
- /**
- * To indicate that a security procedure for the link has started.
- */
- virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
-
- /**
- * To indicate that the security procedure for the link has completed.
- */
- virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
-
- /**
- * To indicate that the link with the peer is secured. For bonded devices,
- * subsequent reconnections with a bonded peer will result only in this callback
- * when the link is secured; setup procedures will not occur (unless the
- * bonding information is either lost or deleted on either or both sides).
- */
- virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
-
- /**
- * To indicate that device context is stored persistently.
- */
- virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
-
- /**
- * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
- */
- virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
-
- /* Entry points for the underlying stack to report events back to the user. */
-public:
- void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
- if (securitySetupInitiatedCallback) {
- securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
- }
- }
-
- void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
- if (securitySetupCompletedCallback) {
- securitySetupCompletedCallback(handle, status);
- }
- }
-
- void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
- if (linkSecuredCallback) {
- linkSecuredCallback(handle, securityMode);
- }
- }
-
- void processSecurityContextStoredEvent(Gap::Handle_t handle) {
- if (securityContextStoredCallback) {
- securityContextStoredCallback(handle);
- }
- }
-
- void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
- if (passkeyDisplayCallback) {
- passkeyDisplayCallback(handle, passkey);
- }
- }
-
-protected:
- SecurityManager() :
- securitySetupInitiatedCallback(),
- securitySetupCompletedCallback(),
- linkSecuredCallback(),
- securityContextStoredCallback(),
- passkeyDisplayCallback() {
- /* empty */
- }
-
-public:
- /**
- * Notify all registered onShutdown callbacks that the SecurityManager is
- * about to be shutdown and clear all SecurityManager state of the
- * associated object.
- *
- * This function is meant to be overridden in the platform-specific
- * sub-class. Nevertheless, the sub-class is only expected to reset its
- * state and not the data held in SecurityManager members. This shall be
- * achieved by a call to SecurityManager::reset() from the sub-class'
- * reset() implementation.
- *
- * @return BLE_ERROR_NONE on success.
- */
- virtual ble_error_t reset(void) {
- /* Notify that the instance is about to shutdown */
- shutdownCallChain.call(this);
- shutdownCallChain.clear();
-
- securitySetupInitiatedCallback = NULL;
- securitySetupCompletedCallback = NULL;
- linkSecuredCallback = NULL;
- securityContextStoredCallback = NULL;
- passkeyDisplayCallback = NULL;
-
- return BLE_ERROR_NONE;
- }
-
-protected:
- SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
- SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
- LinkSecuredCallback_t linkSecuredCallback;
- HandleSpecificEvent_t securityContextStoredCallback;
- PasskeyDisplayCallback_t passkeyDisplayCallback;
-
-private:
- SecurityManagerShutdownCallbackChain_t shutdownCallChain;
-};
-
+/* mbed Microcontroller Library
+ * Copyright (c) 2006-2015 ARM Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __SECURITY_MANAGER_H__
+#define __SECURITY_MANAGER_H__
+
+#include <stdint.h>
+
+#include "Gap.h"
+#include "CallChainOfFunctionPointersWithContext.h"
+
+class SecurityManager {
+public:
+ enum SecurityMode_t {
+ SECURITY_MODE_NO_ACCESS,
+ SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
+ SECURITY_MODE_ENCRYPTION_NO_MITM, /**< Require encryption, but no MITM protection. */
+ SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
+ SECURITY_MODE_SIGNED_NO_MITM, /**< Require signing or encryption, but no MITM protection. */
+ SECURITY_MODE_SIGNED_WITH_MITM, /**< Require signing or encryption, and MITM protection. */
+ };
+
+ /**
+ * @brief Defines possible security status or states.
+ *
+ * @details Defines possible security status or states of a link when requested by getLinkSecurity().
+ */
+ enum LinkSecurityStatus_t {
+ NOT_ENCRYPTED, /**< The link is not secured. */
+ ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
+ ENCRYPTED /**< The link is secure.*/
+ };
+
+ enum SecurityIOCapabilities_t {
+ IO_CAPS_DISPLAY_ONLY = 0x00, /**< Display only. */
+ IO_CAPS_DISPLAY_YESNO = 0x01, /**< Display and yes/no entry. */
+ IO_CAPS_KEYBOARD_ONLY = 0x02, /**< Keyboard only. */
+ IO_CAPS_NONE = 0x03, /**< No I/O capabilities. */
+ IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
+ };
+
+ enum SecurityCompletionStatus_t {
+ SEC_STATUS_SUCCESS = 0x00, /**< Procedure completed with success. */
+ SEC_STATUS_TIMEOUT = 0x01, /**< Procedure timed out. */
+ SEC_STATUS_PDU_INVALID = 0x02, /**< Invalid PDU received. */
+ SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81, /**< Passkey entry failed (user canceled or other). */
+ SEC_STATUS_OOB_NOT_AVAILABLE = 0x82, /**< Out of Band Key not available. */
+ SEC_STATUS_AUTH_REQ = 0x83, /**< Authentication requirements not met. */
+ SEC_STATUS_CONFIRM_VALUE = 0x84, /**< Confirm value failed. */
+ SEC_STATUS_PAIRING_NOT_SUPP = 0x85, /**< Pairing not supported. */
+ SEC_STATUS_ENC_KEY_SIZE = 0x86, /**< Encryption key size. */
+ SEC_STATUS_SMP_CMD_UNSUPPORTED = 0x87, /**< Unsupported SMP command. */
+ SEC_STATUS_UNSPECIFIED = 0x88, /**< Unspecified reason. */
+ SEC_STATUS_REPEATED_ATTEMPTS = 0x89, /**< Too little time elapsed since last attempt. */
+ SEC_STATUS_INVALID_PARAMS = 0x8A, /**< Invalid parameters. */
+ };
+
+ /**
+ * Declaration of type containing a passkey to be used during pairing. This
+ * is passed into initializeSecurity() to specify a pre-programmed passkey
+ * for authentication instead of generating a random one.
+ */
+ static const unsigned PASSKEY_LEN = 6;
+ typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
+
+public:
+ typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
+ typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
+ typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
+ typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
+ typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
+
+ typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
+ typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
+
+ /*
+ * The following functions are meant to be overridden in the platform-specific sub-class.
+ */
+public:
+ /**
+ * Enable the BLE stack's Security Manager. The Security Manager implements
+ * the actual cryptographic algorithms and protocol exchanges that allow two
+ * devices to securely exchange data and privately detect each other.
+ * Calling this API is a prerequisite for encryption and pairing (bonding).
+ *
+ * @param[in] enableBonding Allow for bonding.
+ * @param[in] requireMITM Require protection for man-in-the-middle attacks.
+ * @param[in] iocaps To specify the I/O capabilities of this peripheral,
+ * such as availability of a display or keyboard, to
+ * support out-of-band exchanges of security data.
+ * @param[in] passkey To specify a static passkey.
+ *
+ * @return BLE_ERROR_NONE on success.
+ */
+ virtual ble_error_t init(bool enableBonding = true,
+ bool requireMITM = true,
+ SecurityIOCapabilities_t iocaps = IO_CAPS_NONE,
+ const Passkey_t passkey = NULL) {
+ /* Avoid compiler warnings about unused variables. */
+ (void)enableBonding;
+ (void)requireMITM;
+ (void)iocaps;
+ (void)passkey;
+
+ return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+ }
+
+ /**
+ * Get the security status of a connection.
+ *
+ * @param[in] connectionHandle Handle to identify the connection.
+ * @param[out] securityStatusP Security status.
+ *
+ * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+ */
+ virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
+ /* Avoid compiler warnings about unused variables. */
+ (void)connectionHandle;
+ (void)securityStatusP;
+
+ return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+ }
+
+ /**
+ * Set the security mode on a connection. Useful for elevating the security mode
+ * once certain conditions are met, e.g., a particular service is found.
+ *
+ * @param[in] connectionHandle Handle to identify the connection.
+ * @param[in] securityMode Requested security mode.
+ *
+ * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+ */
+ virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
+ /* Avoid compiler warnings about unused variables. */
+ (void)connectionHandle;
+ (void)securityMode;
+
+ return BLE_ERROR_NOT_IMPLEMENTED;
+ }
+
+ /**
+ * Delete all peer device context and all related bonding information from
+ * the database within the security manager.
+ *
+ * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
+ * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
+ * application registration.
+ */
+ virtual ble_error_t purgeAllBondingState(void) {
+ return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+ }
+
+ /**
+ * Get a list of addresses from all peers in the bond table.
+ *
+ * @param[in/out] addresses
+ * (on input) addresses.capacity contains the maximum
+ * number of addresses to be returned.
+ * (on output) The populated table with copies of the
+ * addresses in the implementation's whitelist.
+ *
+ * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
+ * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
+ * application registration.
+ */
+ virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) {
+ /* Avoid compiler warnings about unused variables */
+ (void) addresses;
+
+ return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+ }
+
+ /* Event callback handlers. */
+public:
+ /**
+ * Setup a callback to be invoked to notify the user application that the
+ * SecurityManager instance is about to shutdown (possibly as a result of a call
+ * to BLE::shutdown()).
+ *
+ * @Note: It is possible to chain together multiple onShutdown callbacks
+ * (potentially from different modules of an application) to be notified
+ * before the SecurityManager is shutdown.
+ *
+ * @Note: It is also possible to set up a callback into a member function of
+ * some object.
+ *
+ * @Note It is possible to unregister a callback using onShutdown().detach(callback)
+ */
+ void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
+ shutdownCallChain.add(callback);
+ }
+ template <typename T>
+ void onShutdown(T *objPtr, void (T::*memberPtr)(void)) {
+ shutdownCallChain.add(objPtr, memberPtr);
+ }
+
+ /**
+ * @brief provide access to the callchain of shutdown event callbacks
+ * It is possible to register callbacks using onShutdown().add(callback);
+ * It is possible to unregister callbacks using onShutdown().detach(callback)
+ * @return The shutdown event callbacks chain
+ */
+ SecurityManagerShutdownCallbackChain_t& onShutdown() {
+ return shutdownCallChain;
+ }
+
+ /**
+ * To indicate that a security procedure for the link has started.
+ */
+ virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
+
+ /**
+ * To indicate that the security procedure for the link has completed.
+ */
+ virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
+
+ /**
+ * To indicate that the link with the peer is secured. For bonded devices,
+ * subsequent reconnections with a bonded peer will result only in this callback
+ * when the link is secured; setup procedures will not occur (unless the
+ * bonding information is either lost or deleted on either or both sides).
+ */
+ virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
+
+ /**
+ * To indicate that device context is stored persistently.
+ */
+ virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
+
+ /**
+ * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
+ */
+ virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
+
+ /* Entry points for the underlying stack to report events back to the user. */
+public:
+ void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
+ if (securitySetupInitiatedCallback) {
+ securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
+ }
+ }
+
+ void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
+ if (securitySetupCompletedCallback) {
+ securitySetupCompletedCallback(handle, status);
+ }
+ }
+
+ void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
+ if (linkSecuredCallback) {
+ linkSecuredCallback(handle, securityMode);
+ }
+ }
+
+ void processSecurityContextStoredEvent(Gap::Handle_t handle) {
+ if (securityContextStoredCallback) {
+ securityContextStoredCallback(handle);
+ }
+ }
+
+ void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
+ if (passkeyDisplayCallback) {
+ passkeyDisplayCallback(handle, passkey);
+ }
+ }
+
+protected:
+ SecurityManager() :
+ securitySetupInitiatedCallback(),
+ securitySetupCompletedCallback(),
+ linkSecuredCallback(),
+ securityContextStoredCallback(),
+ passkeyDisplayCallback() {
+ /* empty */
+ }
+
+public:
+ /**
+ * Notify all registered onShutdown callbacks that the SecurityManager is
+ * about to be shutdown and clear all SecurityManager state of the
+ * associated object.
+ *
+ * This function is meant to be overridden in the platform-specific
+ * sub-class. Nevertheless, the sub-class is only expected to reset its
+ * state and not the data held in SecurityManager members. This shall be
+ * achieved by a call to SecurityManager::reset() from the sub-class'
+ * reset() implementation.
+ *
+ * @return BLE_ERROR_NONE on success.
+ */
+ virtual ble_error_t reset(void) {
+ /* Notify that the instance is about to shutdown */
+ shutdownCallChain.call(this);
+ shutdownCallChain.clear();
+
+ securitySetupInitiatedCallback = NULL;
+ securitySetupCompletedCallback = NULL;
+ linkSecuredCallback = NULL;
+ securityContextStoredCallback = NULL;
+ passkeyDisplayCallback = NULL;
+
+ return BLE_ERROR_NONE;
+ }
+
+protected:
+ SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
+ SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
+ LinkSecuredCallback_t linkSecuredCallback;
+ HandleSpecificEvent_t securityContextStoredCallback;
+ PasskeyDisplayCallback_t passkeyDisplayCallback;
+
+private:
+ SecurityManagerShutdownCallbackChain_t shutdownCallChain;
+};
+
#endif /*__SECURITY_MANAGER_H__*/
\ No newline at end of file