Preliminary main mbed library for nexpaq development

Committer:
nexpaq
Date:
Fri Nov 04 20:27:58 2016 +0000
Revision:
0:6c56fb4bc5f0
Moving to library for sharing updates

Who changed what in which revision?

UserRevisionLine numberNew contents of line
nexpaq 0:6c56fb4bc5f0 1 /* mbed Microcontroller Library
nexpaq 0:6c56fb4bc5f0 2 * Copyright (c) 2006-2015 ARM Limited
nexpaq 0:6c56fb4bc5f0 3 *
nexpaq 0:6c56fb4bc5f0 4 * Licensed under the Apache License, Version 2.0 (the "License");
nexpaq 0:6c56fb4bc5f0 5 * you may not use this file except in compliance with the License.
nexpaq 0:6c56fb4bc5f0 6 * You may obtain a copy of the License at
nexpaq 0:6c56fb4bc5f0 7 *
nexpaq 0:6c56fb4bc5f0 8 * http://www.apache.org/licenses/LICENSE-2.0
nexpaq 0:6c56fb4bc5f0 9 *
nexpaq 0:6c56fb4bc5f0 10 * Unless required by applicable law or agreed to in writing, software
nexpaq 0:6c56fb4bc5f0 11 * distributed under the License is distributed on an "AS IS" BASIS,
nexpaq 0:6c56fb4bc5f0 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
nexpaq 0:6c56fb4bc5f0 13 * See the License for the specific language governing permissions and
nexpaq 0:6c56fb4bc5f0 14 * limitations under the License.
nexpaq 0:6c56fb4bc5f0 15 */
nexpaq 0:6c56fb4bc5f0 16
nexpaq 0:6c56fb4bc5f0 17 #ifndef __SECURITY_MANAGER_H__
nexpaq 0:6c56fb4bc5f0 18 #define __SECURITY_MANAGER_H__
nexpaq 0:6c56fb4bc5f0 19
nexpaq 0:6c56fb4bc5f0 20 #include <stdint.h>
nexpaq 0:6c56fb4bc5f0 21
nexpaq 0:6c56fb4bc5f0 22 #include "Gap.h"
nexpaq 0:6c56fb4bc5f0 23 #include "CallChainOfFunctionPointersWithContext.h"
nexpaq 0:6c56fb4bc5f0 24
nexpaq 0:6c56fb4bc5f0 25 class SecurityManager {
nexpaq 0:6c56fb4bc5f0 26 public:
nexpaq 0:6c56fb4bc5f0 27 enum SecurityMode_t {
nexpaq 0:6c56fb4bc5f0 28 SECURITY_MODE_NO_ACCESS,
nexpaq 0:6c56fb4bc5f0 29 SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
nexpaq 0:6c56fb4bc5f0 30 SECURITY_MODE_ENCRYPTION_NO_MITM, /**< Require encryption, but no MITM protection. */
nexpaq 0:6c56fb4bc5f0 31 SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
nexpaq 0:6c56fb4bc5f0 32 SECURITY_MODE_SIGNED_NO_MITM, /**< Require signing or encryption, but no MITM protection. */
nexpaq 0:6c56fb4bc5f0 33 SECURITY_MODE_SIGNED_WITH_MITM, /**< Require signing or encryption, and MITM protection. */
nexpaq 0:6c56fb4bc5f0 34 };
nexpaq 0:6c56fb4bc5f0 35
nexpaq 0:6c56fb4bc5f0 36 /**
nexpaq 0:6c56fb4bc5f0 37 * @brief Defines possible security status or states.
nexpaq 0:6c56fb4bc5f0 38 *
nexpaq 0:6c56fb4bc5f0 39 * @details Defines possible security status or states of a link when requested by getLinkSecurity().
nexpaq 0:6c56fb4bc5f0 40 */
nexpaq 0:6c56fb4bc5f0 41 enum LinkSecurityStatus_t {
nexpaq 0:6c56fb4bc5f0 42 NOT_ENCRYPTED, /**< The link is not secured. */
nexpaq 0:6c56fb4bc5f0 43 ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
nexpaq 0:6c56fb4bc5f0 44 ENCRYPTED /**< The link is secure.*/
nexpaq 0:6c56fb4bc5f0 45 };
nexpaq 0:6c56fb4bc5f0 46
nexpaq 0:6c56fb4bc5f0 47 enum SecurityIOCapabilities_t {
nexpaq 0:6c56fb4bc5f0 48 IO_CAPS_DISPLAY_ONLY = 0x00, /**< Display only. */
nexpaq 0:6c56fb4bc5f0 49 IO_CAPS_DISPLAY_YESNO = 0x01, /**< Display and yes/no entry. */
nexpaq 0:6c56fb4bc5f0 50 IO_CAPS_KEYBOARD_ONLY = 0x02, /**< Keyboard only. */
nexpaq 0:6c56fb4bc5f0 51 IO_CAPS_NONE = 0x03, /**< No I/O capabilities. */
nexpaq 0:6c56fb4bc5f0 52 IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
nexpaq 0:6c56fb4bc5f0 53 };
nexpaq 0:6c56fb4bc5f0 54
nexpaq 0:6c56fb4bc5f0 55 enum SecurityCompletionStatus_t {
nexpaq 0:6c56fb4bc5f0 56 SEC_STATUS_SUCCESS = 0x00, /**< Procedure completed with success. */
nexpaq 0:6c56fb4bc5f0 57 SEC_STATUS_TIMEOUT = 0x01, /**< Procedure timed out. */
nexpaq 0:6c56fb4bc5f0 58 SEC_STATUS_PDU_INVALID = 0x02, /**< Invalid PDU received. */
nexpaq 0:6c56fb4bc5f0 59 SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81, /**< Passkey entry failed (user canceled or other). */
nexpaq 0:6c56fb4bc5f0 60 SEC_STATUS_OOB_NOT_AVAILABLE = 0x82, /**< Out of Band Key not available. */
nexpaq 0:6c56fb4bc5f0 61 SEC_STATUS_AUTH_REQ = 0x83, /**< Authentication requirements not met. */
nexpaq 0:6c56fb4bc5f0 62 SEC_STATUS_CONFIRM_VALUE = 0x84, /**< Confirm value failed. */
nexpaq 0:6c56fb4bc5f0 63 SEC_STATUS_PAIRING_NOT_SUPP = 0x85, /**< Pairing not supported. */
nexpaq 0:6c56fb4bc5f0 64 SEC_STATUS_ENC_KEY_SIZE = 0x86, /**< Encryption key size. */
nexpaq 0:6c56fb4bc5f0 65 SEC_STATUS_SMP_CMD_UNSUPPORTED = 0x87, /**< Unsupported SMP command. */
nexpaq 0:6c56fb4bc5f0 66 SEC_STATUS_UNSPECIFIED = 0x88, /**< Unspecified reason. */
nexpaq 0:6c56fb4bc5f0 67 SEC_STATUS_REPEATED_ATTEMPTS = 0x89, /**< Too little time elapsed since last attempt. */
nexpaq 0:6c56fb4bc5f0 68 SEC_STATUS_INVALID_PARAMS = 0x8A, /**< Invalid parameters. */
nexpaq 0:6c56fb4bc5f0 69 };
nexpaq 0:6c56fb4bc5f0 70
nexpaq 0:6c56fb4bc5f0 71 /**
nexpaq 0:6c56fb4bc5f0 72 * Declaration of type containing a passkey to be used during pairing. This
nexpaq 0:6c56fb4bc5f0 73 * is passed into initializeSecurity() to specify a pre-programmed passkey
nexpaq 0:6c56fb4bc5f0 74 * for authentication instead of generating a random one.
nexpaq 0:6c56fb4bc5f0 75 */
nexpaq 0:6c56fb4bc5f0 76 static const unsigned PASSKEY_LEN = 6;
nexpaq 0:6c56fb4bc5f0 77 typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
nexpaq 0:6c56fb4bc5f0 78
nexpaq 0:6c56fb4bc5f0 79 public:
nexpaq 0:6c56fb4bc5f0 80 typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
nexpaq 0:6c56fb4bc5f0 81 typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
nexpaq 0:6c56fb4bc5f0 82 typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
nexpaq 0:6c56fb4bc5f0 83 typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
nexpaq 0:6c56fb4bc5f0 84 typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
nexpaq 0:6c56fb4bc5f0 85
nexpaq 0:6c56fb4bc5f0 86 typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
nexpaq 0:6c56fb4bc5f0 87 typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
nexpaq 0:6c56fb4bc5f0 88
nexpaq 0:6c56fb4bc5f0 89 /*
nexpaq 0:6c56fb4bc5f0 90 * The following functions are meant to be overridden in the platform-specific sub-class.
nexpaq 0:6c56fb4bc5f0 91 */
nexpaq 0:6c56fb4bc5f0 92 public:
nexpaq 0:6c56fb4bc5f0 93 /**
nexpaq 0:6c56fb4bc5f0 94 * Enable the BLE stack's Security Manager. The Security Manager implements
nexpaq 0:6c56fb4bc5f0 95 * the actual cryptographic algorithms and protocol exchanges that allow two
nexpaq 0:6c56fb4bc5f0 96 * devices to securely exchange data and privately detect each other.
nexpaq 0:6c56fb4bc5f0 97 * Calling this API is a prerequisite for encryption and pairing (bonding).
nexpaq 0:6c56fb4bc5f0 98 *
nexpaq 0:6c56fb4bc5f0 99 * @param[in] enableBonding Allow for bonding.
nexpaq 0:6c56fb4bc5f0 100 * @param[in] requireMITM Require protection for man-in-the-middle attacks.
nexpaq 0:6c56fb4bc5f0 101 * @param[in] iocaps To specify the I/O capabilities of this peripheral,
nexpaq 0:6c56fb4bc5f0 102 * such as availability of a display or keyboard, to
nexpaq 0:6c56fb4bc5f0 103 * support out-of-band exchanges of security data.
nexpaq 0:6c56fb4bc5f0 104 * @param[in] passkey To specify a static passkey.
nexpaq 0:6c56fb4bc5f0 105 *
nexpaq 0:6c56fb4bc5f0 106 * @return BLE_ERROR_NONE on success.
nexpaq 0:6c56fb4bc5f0 107 */
nexpaq 0:6c56fb4bc5f0 108 virtual ble_error_t init(bool enableBonding = true,
nexpaq 0:6c56fb4bc5f0 109 bool requireMITM = true,
nexpaq 0:6c56fb4bc5f0 110 SecurityIOCapabilities_t iocaps = IO_CAPS_NONE,
nexpaq 0:6c56fb4bc5f0 111 const Passkey_t passkey = NULL) {
nexpaq 0:6c56fb4bc5f0 112 /* Avoid compiler warnings about unused variables. */
nexpaq 0:6c56fb4bc5f0 113 (void)enableBonding;
nexpaq 0:6c56fb4bc5f0 114 (void)requireMITM;
nexpaq 0:6c56fb4bc5f0 115 (void)iocaps;
nexpaq 0:6c56fb4bc5f0 116 (void)passkey;
nexpaq 0:6c56fb4bc5f0 117
nexpaq 0:6c56fb4bc5f0 118 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
nexpaq 0:6c56fb4bc5f0 119 }
nexpaq 0:6c56fb4bc5f0 120
nexpaq 0:6c56fb4bc5f0 121 /**
nexpaq 0:6c56fb4bc5f0 122 * Get the security status of a connection.
nexpaq 0:6c56fb4bc5f0 123 *
nexpaq 0:6c56fb4bc5f0 124 * @param[in] connectionHandle Handle to identify the connection.
nexpaq 0:6c56fb4bc5f0 125 * @param[out] securityStatusP Security status.
nexpaq 0:6c56fb4bc5f0 126 *
nexpaq 0:6c56fb4bc5f0 127 * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
nexpaq 0:6c56fb4bc5f0 128 */
nexpaq 0:6c56fb4bc5f0 129 virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
nexpaq 0:6c56fb4bc5f0 130 /* Avoid compiler warnings about unused variables. */
nexpaq 0:6c56fb4bc5f0 131 (void)connectionHandle;
nexpaq 0:6c56fb4bc5f0 132 (void)securityStatusP;
nexpaq 0:6c56fb4bc5f0 133
nexpaq 0:6c56fb4bc5f0 134 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
nexpaq 0:6c56fb4bc5f0 135 }
nexpaq 0:6c56fb4bc5f0 136
nexpaq 0:6c56fb4bc5f0 137 /**
nexpaq 0:6c56fb4bc5f0 138 * Set the security mode on a connection. Useful for elevating the security mode
nexpaq 0:6c56fb4bc5f0 139 * once certain conditions are met, e.g., a particular service is found.
nexpaq 0:6c56fb4bc5f0 140 *
nexpaq 0:6c56fb4bc5f0 141 * @param[in] connectionHandle Handle to identify the connection.
nexpaq 0:6c56fb4bc5f0 142 * @param[in] securityMode Requested security mode.
nexpaq 0:6c56fb4bc5f0 143 *
nexpaq 0:6c56fb4bc5f0 144 * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
nexpaq 0:6c56fb4bc5f0 145 */
nexpaq 0:6c56fb4bc5f0 146 virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
nexpaq 0:6c56fb4bc5f0 147 /* Avoid compiler warnings about unused variables. */
nexpaq 0:6c56fb4bc5f0 148 (void)connectionHandle;
nexpaq 0:6c56fb4bc5f0 149 (void)securityMode;
nexpaq 0:6c56fb4bc5f0 150
nexpaq 0:6c56fb4bc5f0 151 return BLE_ERROR_NOT_IMPLEMENTED;
nexpaq 0:6c56fb4bc5f0 152 }
nexpaq 0:6c56fb4bc5f0 153
nexpaq 0:6c56fb4bc5f0 154 /**
nexpaq 0:6c56fb4bc5f0 155 * Delete all peer device context and all related bonding information from
nexpaq 0:6c56fb4bc5f0 156 * the database within the security manager.
nexpaq 0:6c56fb4bc5f0 157 *
nexpaq 0:6c56fb4bc5f0 158 * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
nexpaq 0:6c56fb4bc5f0 159 * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
nexpaq 0:6c56fb4bc5f0 160 * application registration.
nexpaq 0:6c56fb4bc5f0 161 */
nexpaq 0:6c56fb4bc5f0 162 virtual ble_error_t purgeAllBondingState(void) {
nexpaq 0:6c56fb4bc5f0 163 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
nexpaq 0:6c56fb4bc5f0 164 }
nexpaq 0:6c56fb4bc5f0 165
nexpaq 0:6c56fb4bc5f0 166 /**
nexpaq 0:6c56fb4bc5f0 167 * Get a list of addresses from all peers in the bond table.
nexpaq 0:6c56fb4bc5f0 168 *
nexpaq 0:6c56fb4bc5f0 169 * @param[in,out] addresses
nexpaq 0:6c56fb4bc5f0 170 * (on input) addresses.capacity contains the maximum
nexpaq 0:6c56fb4bc5f0 171 * number of addresses to be returned.
nexpaq 0:6c56fb4bc5f0 172 * (on output) The populated table with copies of the
nexpaq 0:6c56fb4bc5f0 173 * addresses in the implementation's whitelist.
nexpaq 0:6c56fb4bc5f0 174 *
nexpaq 0:6c56fb4bc5f0 175 * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure.
nexpaq 0:6c56fb4bc5f0 176 * @retval BLE_ERROR_INVALID_STATE If the API is called without module initialization or
nexpaq 0:6c56fb4bc5f0 177 * application registration.
nexpaq 0:6c56fb4bc5f0 178 *
nexpaq 0:6c56fb4bc5f0 179 * @experimental
nexpaq 0:6c56fb4bc5f0 180 */
nexpaq 0:6c56fb4bc5f0 181 virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) const {
nexpaq 0:6c56fb4bc5f0 182 /* Avoid compiler warnings about unused variables */
nexpaq 0:6c56fb4bc5f0 183 (void) addresses;
nexpaq 0:6c56fb4bc5f0 184
nexpaq 0:6c56fb4bc5f0 185 return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
nexpaq 0:6c56fb4bc5f0 186 }
nexpaq 0:6c56fb4bc5f0 187
nexpaq 0:6c56fb4bc5f0 188 /* Event callback handlers. */
nexpaq 0:6c56fb4bc5f0 189 public:
nexpaq 0:6c56fb4bc5f0 190 /**
nexpaq 0:6c56fb4bc5f0 191 * Setup a callback to be invoked to notify the user application that the
nexpaq 0:6c56fb4bc5f0 192 * SecurityManager instance is about to shutdown (possibly as a result of a call
nexpaq 0:6c56fb4bc5f0 193 * to BLE::shutdown()).
nexpaq 0:6c56fb4bc5f0 194 *
nexpaq 0:6c56fb4bc5f0 195 * @note It is possible to chain together multiple onShutdown callbacks
nexpaq 0:6c56fb4bc5f0 196 * (potentially from different modules of an application) to be notified
nexpaq 0:6c56fb4bc5f0 197 * before the SecurityManager is shutdown.
nexpaq 0:6c56fb4bc5f0 198 *
nexpaq 0:6c56fb4bc5f0 199 * @note It is also possible to set up a callback into a member function of
nexpaq 0:6c56fb4bc5f0 200 * some object.
nexpaq 0:6c56fb4bc5f0 201 *
nexpaq 0:6c56fb4bc5f0 202 * @note It is possible to unregister a callback using onShutdown().detach(callback)
nexpaq 0:6c56fb4bc5f0 203 */
nexpaq 0:6c56fb4bc5f0 204 void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
nexpaq 0:6c56fb4bc5f0 205 shutdownCallChain.add(callback);
nexpaq 0:6c56fb4bc5f0 206 }
nexpaq 0:6c56fb4bc5f0 207 template <typename T>
nexpaq 0:6c56fb4bc5f0 208 void onShutdown(T *objPtr, void (T::*memberPtr)(const SecurityManager *)) {
nexpaq 0:6c56fb4bc5f0 209 shutdownCallChain.add(objPtr, memberPtr);
nexpaq 0:6c56fb4bc5f0 210 }
nexpaq 0:6c56fb4bc5f0 211
nexpaq 0:6c56fb4bc5f0 212 /**
nexpaq 0:6c56fb4bc5f0 213 * @brief provide access to the callchain of shutdown event callbacks
nexpaq 0:6c56fb4bc5f0 214 * It is possible to register callbacks using onShutdown().add(callback);
nexpaq 0:6c56fb4bc5f0 215 * It is possible to unregister callbacks using onShutdown().detach(callback)
nexpaq 0:6c56fb4bc5f0 216 * @return The shutdown event callbacks chain
nexpaq 0:6c56fb4bc5f0 217 */
nexpaq 0:6c56fb4bc5f0 218 SecurityManagerShutdownCallbackChain_t& onShutdown() {
nexpaq 0:6c56fb4bc5f0 219 return shutdownCallChain;
nexpaq 0:6c56fb4bc5f0 220 }
nexpaq 0:6c56fb4bc5f0 221
nexpaq 0:6c56fb4bc5f0 222 /**
nexpaq 0:6c56fb4bc5f0 223 * To indicate that a security procedure for the link has started.
nexpaq 0:6c56fb4bc5f0 224 */
nexpaq 0:6c56fb4bc5f0 225 virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
nexpaq 0:6c56fb4bc5f0 226
nexpaq 0:6c56fb4bc5f0 227 /**
nexpaq 0:6c56fb4bc5f0 228 * To indicate that the security procedure for the link has completed.
nexpaq 0:6c56fb4bc5f0 229 */
nexpaq 0:6c56fb4bc5f0 230 virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
nexpaq 0:6c56fb4bc5f0 231
nexpaq 0:6c56fb4bc5f0 232 /**
nexpaq 0:6c56fb4bc5f0 233 * To indicate that the link with the peer is secured. For bonded devices,
nexpaq 0:6c56fb4bc5f0 234 * subsequent reconnections with a bonded peer will result only in this callback
nexpaq 0:6c56fb4bc5f0 235 * when the link is secured; setup procedures will not occur (unless the
nexpaq 0:6c56fb4bc5f0 236 * bonding information is either lost or deleted on either or both sides).
nexpaq 0:6c56fb4bc5f0 237 */
nexpaq 0:6c56fb4bc5f0 238 virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
nexpaq 0:6c56fb4bc5f0 239
nexpaq 0:6c56fb4bc5f0 240 /**
nexpaq 0:6c56fb4bc5f0 241 * To indicate that device context is stored persistently.
nexpaq 0:6c56fb4bc5f0 242 */
nexpaq 0:6c56fb4bc5f0 243 virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
nexpaq 0:6c56fb4bc5f0 244
nexpaq 0:6c56fb4bc5f0 245 /**
nexpaq 0:6c56fb4bc5f0 246 * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
nexpaq 0:6c56fb4bc5f0 247 */
nexpaq 0:6c56fb4bc5f0 248 virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
nexpaq 0:6c56fb4bc5f0 249
nexpaq 0:6c56fb4bc5f0 250 /* Entry points for the underlying stack to report events back to the user. */
nexpaq 0:6c56fb4bc5f0 251 public:
nexpaq 0:6c56fb4bc5f0 252 void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
nexpaq 0:6c56fb4bc5f0 253 if (securitySetupInitiatedCallback) {
nexpaq 0:6c56fb4bc5f0 254 securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
nexpaq 0:6c56fb4bc5f0 255 }
nexpaq 0:6c56fb4bc5f0 256 }
nexpaq 0:6c56fb4bc5f0 257
nexpaq 0:6c56fb4bc5f0 258 void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
nexpaq 0:6c56fb4bc5f0 259 if (securitySetupCompletedCallback) {
nexpaq 0:6c56fb4bc5f0 260 securitySetupCompletedCallback(handle, status);
nexpaq 0:6c56fb4bc5f0 261 }
nexpaq 0:6c56fb4bc5f0 262 }
nexpaq 0:6c56fb4bc5f0 263
nexpaq 0:6c56fb4bc5f0 264 void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
nexpaq 0:6c56fb4bc5f0 265 if (linkSecuredCallback) {
nexpaq 0:6c56fb4bc5f0 266 linkSecuredCallback(handle, securityMode);
nexpaq 0:6c56fb4bc5f0 267 }
nexpaq 0:6c56fb4bc5f0 268 }
nexpaq 0:6c56fb4bc5f0 269
nexpaq 0:6c56fb4bc5f0 270 void processSecurityContextStoredEvent(Gap::Handle_t handle) {
nexpaq 0:6c56fb4bc5f0 271 if (securityContextStoredCallback) {
nexpaq 0:6c56fb4bc5f0 272 securityContextStoredCallback(handle);
nexpaq 0:6c56fb4bc5f0 273 }
nexpaq 0:6c56fb4bc5f0 274 }
nexpaq 0:6c56fb4bc5f0 275
nexpaq 0:6c56fb4bc5f0 276 void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
nexpaq 0:6c56fb4bc5f0 277 if (passkeyDisplayCallback) {
nexpaq 0:6c56fb4bc5f0 278 passkeyDisplayCallback(handle, passkey);
nexpaq 0:6c56fb4bc5f0 279 }
nexpaq 0:6c56fb4bc5f0 280 }
nexpaq 0:6c56fb4bc5f0 281
nexpaq 0:6c56fb4bc5f0 282 protected:
nexpaq 0:6c56fb4bc5f0 283 SecurityManager() :
nexpaq 0:6c56fb4bc5f0 284 securitySetupInitiatedCallback(),
nexpaq 0:6c56fb4bc5f0 285 securitySetupCompletedCallback(),
nexpaq 0:6c56fb4bc5f0 286 linkSecuredCallback(),
nexpaq 0:6c56fb4bc5f0 287 securityContextStoredCallback(),
nexpaq 0:6c56fb4bc5f0 288 passkeyDisplayCallback() {
nexpaq 0:6c56fb4bc5f0 289 /* empty */
nexpaq 0:6c56fb4bc5f0 290 }
nexpaq 0:6c56fb4bc5f0 291
nexpaq 0:6c56fb4bc5f0 292 public:
nexpaq 0:6c56fb4bc5f0 293 /**
nexpaq 0:6c56fb4bc5f0 294 * Notify all registered onShutdown callbacks that the SecurityManager is
nexpaq 0:6c56fb4bc5f0 295 * about to be shutdown and clear all SecurityManager state of the
nexpaq 0:6c56fb4bc5f0 296 * associated object.
nexpaq 0:6c56fb4bc5f0 297 *
nexpaq 0:6c56fb4bc5f0 298 * This function is meant to be overridden in the platform-specific
nexpaq 0:6c56fb4bc5f0 299 * sub-class. Nevertheless, the sub-class is only expected to reset its
nexpaq 0:6c56fb4bc5f0 300 * state and not the data held in SecurityManager members. This shall be
nexpaq 0:6c56fb4bc5f0 301 * achieved by a call to SecurityManager::reset() from the sub-class'
nexpaq 0:6c56fb4bc5f0 302 * reset() implementation.
nexpaq 0:6c56fb4bc5f0 303 *
nexpaq 0:6c56fb4bc5f0 304 * @return BLE_ERROR_NONE on success.
nexpaq 0:6c56fb4bc5f0 305 */
nexpaq 0:6c56fb4bc5f0 306 virtual ble_error_t reset(void) {
nexpaq 0:6c56fb4bc5f0 307 /* Notify that the instance is about to shutdown */
nexpaq 0:6c56fb4bc5f0 308 shutdownCallChain.call(this);
nexpaq 0:6c56fb4bc5f0 309 shutdownCallChain.clear();
nexpaq 0:6c56fb4bc5f0 310
nexpaq 0:6c56fb4bc5f0 311 securitySetupInitiatedCallback = NULL;
nexpaq 0:6c56fb4bc5f0 312 securitySetupCompletedCallback = NULL;
nexpaq 0:6c56fb4bc5f0 313 linkSecuredCallback = NULL;
nexpaq 0:6c56fb4bc5f0 314 securityContextStoredCallback = NULL;
nexpaq 0:6c56fb4bc5f0 315 passkeyDisplayCallback = NULL;
nexpaq 0:6c56fb4bc5f0 316
nexpaq 0:6c56fb4bc5f0 317 return BLE_ERROR_NONE;
nexpaq 0:6c56fb4bc5f0 318 }
nexpaq 0:6c56fb4bc5f0 319
nexpaq 0:6c56fb4bc5f0 320 protected:
nexpaq 0:6c56fb4bc5f0 321 SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
nexpaq 0:6c56fb4bc5f0 322 SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
nexpaq 0:6c56fb4bc5f0 323 LinkSecuredCallback_t linkSecuredCallback;
nexpaq 0:6c56fb4bc5f0 324 HandleSpecificEvent_t securityContextStoredCallback;
nexpaq 0:6c56fb4bc5f0 325 PasskeyDisplayCallback_t passkeyDisplayCallback;
nexpaq 0:6c56fb4bc5f0 326
nexpaq 0:6c56fb4bc5f0 327 private:
nexpaq 0:6c56fb4bc5f0 328 SecurityManagerShutdownCallbackChain_t shutdownCallChain;
nexpaq 0:6c56fb4bc5f0 329 };
nexpaq 0:6c56fb4bc5f0 330
nexpaq 0:6c56fb4bc5f0 331 #endif /*__SECURITY_MANAGER_H__*/