Bike service

Fork of BLE_API by Bluetooth Low Energy

Revision:
1126:08db6549adef
Parent:
1090:148d8b9b56a5
Child:
1127:0f8fed8cda0d
--- a/ble/SecurityManager.h	Mon Jan 11 08:52:05 2016 +0000
+++ b/ble/SecurityManager.h	Tue Jan 12 19:47:50 2016 +0000
@@ -1,309 +1,329 @@
-/* mbed Microcontroller Library
- * Copyright (c) 2006-2015 ARM Limited
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *     http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#ifndef __SECURITY_MANAGER_H__
-#define __SECURITY_MANAGER_H__
-
-#include <stdint.h>
-
-#include "Gap.h"
-#include "CallChainOfFunctionPointersWithContext.h"
-
-class SecurityManager {
-public:
-    enum SecurityMode_t {
-        SECURITY_MODE_NO_ACCESS,
-        SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
-        SECURITY_MODE_ENCRYPTION_NO_MITM,   /**< Require encryption, but no MITM protection. */
-        SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
-        SECURITY_MODE_SIGNED_NO_MITM,       /**< Require signing or encryption, but no MITM protection. */
-        SECURITY_MODE_SIGNED_WITH_MITM,     /**< Require signing or encryption, and MITM protection. */
-    };
-
-    /**
-     * @brief Defines possible security status or states.
-     *
-     * @details Defines possible security status or states of a link when requested by getLinkSecurity().
-     */
-    enum LinkSecurityStatus_t {
-        NOT_ENCRYPTED,          /**< The link is not secured. */
-        ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
-        ENCRYPTED               /**< The link is secure.*/
-    };
-
-    enum SecurityIOCapabilities_t {
-      IO_CAPS_DISPLAY_ONLY     = 0x00,   /**< Display only. */
-      IO_CAPS_DISPLAY_YESNO    = 0x01,   /**< Display and yes/no entry. */
-      IO_CAPS_KEYBOARD_ONLY    = 0x02,   /**< Keyboard only. */
-      IO_CAPS_NONE             = 0x03,   /**< No I/O capabilities. */
-      IO_CAPS_KEYBOARD_DISPLAY = 0x04,   /**< Keyboard and display. */
-    };
-
-    enum SecurityCompletionStatus_t {
-        SEC_STATUS_SUCCESS              = 0x00,  /**< Procedure completed with success. */
-        SEC_STATUS_TIMEOUT              = 0x01,  /**< Procedure timed out. */
-        SEC_STATUS_PDU_INVALID          = 0x02,  /**< Invalid PDU received. */
-        SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81,  /**< Passkey entry failed (user canceled or other). */
-        SEC_STATUS_OOB_NOT_AVAILABLE    = 0x82,  /**< Out of Band Key not available. */
-        SEC_STATUS_AUTH_REQ             = 0x83,  /**< Authentication requirements not met. */
-        SEC_STATUS_CONFIRM_VALUE        = 0x84,  /**< Confirm value failed. */
-        SEC_STATUS_PAIRING_NOT_SUPP     = 0x85,  /**< Pairing not supported.  */
-        SEC_STATUS_ENC_KEY_SIZE         = 0x86,  /**< Encryption key size. */
-        SEC_STATUS_SMP_CMD_UNSUPPORTED  = 0x87,  /**< Unsupported SMP command. */
-        SEC_STATUS_UNSPECIFIED          = 0x88,  /**< Unspecified reason. */
-        SEC_STATUS_REPEATED_ATTEMPTS    = 0x89,  /**< Too little time elapsed since last attempt. */
-        SEC_STATUS_INVALID_PARAMS       = 0x8A,  /**< Invalid parameters. */
-    };
-
-    /**
-     * Declaration of type containing a passkey to be used during pairing. This
-     * is passed into initializeSecurity() to specify a pre-programmed passkey
-     * for authentication instead of generating a random one.
-     */
-    static const unsigned PASSKEY_LEN = 6;
-    typedef uint8_t Passkey_t[PASSKEY_LEN];         /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
-
-public:
-    typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
-    typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
-    typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
-    typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
-    typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
-
-    typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
-    typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
-
-    /*
-     * The following functions are meant to be overridden in the platform-specific sub-class.
-     */
-public:
-    /**
-     * Enable the BLE stack's Security Manager. The Security Manager implements
-     * the actual cryptographic algorithms and protocol exchanges that allow two
-     * devices to securely exchange data and privately detect each other.
-     * Calling this API is a prerequisite for encryption and pairing (bonding).
-     *
-     * @param[in]  enableBonding Allow for bonding.
-     * @param[in]  requireMITM   Require protection for man-in-the-middle attacks.
-     * @param[in]  iocaps        To specify the I/O capabilities of this peripheral,
-     *                           such as availability of a display or keyboard, to
-     *                           support out-of-band exchanges of security data.
-     * @param[in]  passkey       To specify a static passkey.
-     *
-     * @return BLE_ERROR_NONE on success.
-     */
-    virtual ble_error_t init(bool                     enableBonding = true,
-                             bool                     requireMITM   = true,
-                             SecurityIOCapabilities_t iocaps        = IO_CAPS_NONE,
-                             const Passkey_t          passkey       = NULL) {
-        /* Avoid compiler warnings about unused variables. */
-        (void)enableBonding;
-        (void)requireMITM;
-        (void)iocaps;
-        (void)passkey;
-
-        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
-    }
-
-    /**
-     * Get the security status of a connection.
-     *
-     * @param[in]  connectionHandle   Handle to identify the connection.
-     * @param[out] securityStatusP    Security status.
-     *
-     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
-     */
-    virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
-        /* Avoid compiler warnings about unused variables. */
-        (void)connectionHandle;
-        (void)securityStatusP;
-
-        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
-    }
-
-    /**
-     * Set the security mode on a connection. Useful for elevating the security mode
-     * once certain conditions are met, e.g., a particular service is found.
-     *
-     * @param[in]  connectionHandle   Handle to identify the connection.
-     * @param[in]  securityMode       Requested security mode.
-     *
-     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
-     */
-    virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
-        /* Avoid compiler warnings about unused variables. */
-        (void)connectionHandle;
-        (void)securityMode;
-
-        return BLE_ERROR_NOT_IMPLEMENTED;
-    }
-
-    /**
-     * Delete all peer device context and all related bonding information from
-     * the database within the security manager.
-     *
-     * @retval BLE_ERROR_NONE             On success, else an error code indicating reason for failure.
-     * @retval BLE_ERROR_INVALID_STATE    If the API is called without module initialization or
-     *                                    application registration.
-     */
-    virtual ble_error_t purgeAllBondingState(void) {
-        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
-    }
-
-    /* Event callback handlers. */
-public:
-    /**
-     * Setup a callback to be invoked to notify the user application that the
-     * SecurityManager instance is about to shutdown (possibly as a result of a call
-     * to BLE::shutdown()).
-     *
-     * @Note: It is possible to chain together multiple onShutdown callbacks
-     * (potentially from different modules of an application) to be notified
-     * before the SecurityManager is shutdown.
-     *
-     * @Note: It is also possible to set up a callback into a member function of
-     * some object.
-     *
-     * @Note It is possible to unregister a callback using onShutdown().detach(callback)
-     */
-    void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
-        shutdownCallChain.add(callback);
-    }
-    template <typename T>
-    void onShutdown(T *objPtr, void (T::*memberPtr)(void)) {
-        shutdownCallChain.add(objPtr, memberPtr);
-    }
-
-    /**
-     * @brief provide access to the callchain of shutdown event callbacks
-     * It is possible to register callbacks using onShutdown().add(callback);
-     * It is possible to unregister callbacks using onShutdown().detach(callback)
-     * @return The shutdown event callbacks chain
-     */
-    SecurityManagerShutdownCallbackChain_t& onShutdown() {
-        return shutdownCallChain;
-    }
-
-    /**
-     * To indicate that a security procedure for the link has started.
-     */
-    virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
-
-    /**
-     * To indicate that the security procedure for the link has completed.
-     */
-    virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
-
-    /**
-     * To indicate that the link with the peer is secured. For bonded devices,
-     * subsequent reconnections with a bonded peer will result only in this callback
-     * when the link is secured; setup procedures will not occur (unless the
-     * bonding information is either lost or deleted on either or both sides).
-     */
-    virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
-
-    /**
-     * To indicate that device context is stored persistently.
-     */
-    virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
-
-    /**
-     * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
-     */
-    virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
-
-    /* Entry points for the underlying stack to report events back to the user. */
-public:
-    void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
-        if (securitySetupInitiatedCallback) {
-            securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
-        }
-    }
-
-    void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
-        if (securitySetupCompletedCallback) {
-            securitySetupCompletedCallback(handle, status);
-        }
-    }
-
-    void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
-        if (linkSecuredCallback) {
-            linkSecuredCallback(handle, securityMode);
-        }
-    }
-
-    void processSecurityContextStoredEvent(Gap::Handle_t handle) {
-        if (securityContextStoredCallback) {
-            securityContextStoredCallback(handle);
-        }
-    }
-
-    void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
-        if (passkeyDisplayCallback) {
-            passkeyDisplayCallback(handle, passkey);
-        }
-    }
-
-protected:
-    SecurityManager() :
-        securitySetupInitiatedCallback(),
-        securitySetupCompletedCallback(),
-        linkSecuredCallback(),
-        securityContextStoredCallback(),
-        passkeyDisplayCallback() {
-        /* empty */
-    }
-
-public:
-    /**
-     * Notify all registered onShutdown callbacks that the SecurityManager is
-     * about to be shutdown and clear all SecurityManager state of the
-     * associated object.
-     *
-     * This function is meant to be overridden in the platform-specific
-     * sub-class. Nevertheless, the sub-class is only expected to reset its
-     * state and not the data held in SecurityManager members. This shall be
-     * achieved by a call to SecurityManager::reset() from the sub-class'
-     * reset() implementation.
-     *
-     * @return BLE_ERROR_NONE on success.
-     */
-    virtual ble_error_t reset(void) {
-        /* Notify that the instance is about to shutdown */
-        shutdownCallChain.call(this);
-        shutdownCallChain.clear();
-
-        securitySetupInitiatedCallback = NULL;
-        securitySetupCompletedCallback = NULL;
-        linkSecuredCallback            = NULL;
-        securityContextStoredCallback  = NULL;
-        passkeyDisplayCallback         = NULL;
-
-        return BLE_ERROR_NONE;
-    }
-
-protected:
-    SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
-    SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
-    LinkSecuredCallback_t            linkSecuredCallback;
-    HandleSpecificEvent_t            securityContextStoredCallback;
-    PasskeyDisplayCallback_t         passkeyDisplayCallback;
-
-private:
-    SecurityManagerShutdownCallbackChain_t shutdownCallChain;
-};
-
+/* mbed Microcontroller Library
+ * Copyright (c) 2006-2015 ARM Limited
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#ifndef __SECURITY_MANAGER_H__
+#define __SECURITY_MANAGER_H__
+
+#include <stdint.h>
+
+#include "Gap.h"
+#include "CallChainOfFunctionPointersWithContext.h"
+
+class SecurityManager {
+public:
+    enum SecurityMode_t {
+        SECURITY_MODE_NO_ACCESS,
+        SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
+        SECURITY_MODE_ENCRYPTION_NO_MITM,   /**< Require encryption, but no MITM protection. */
+        SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
+        SECURITY_MODE_SIGNED_NO_MITM,       /**< Require signing or encryption, but no MITM protection. */
+        SECURITY_MODE_SIGNED_WITH_MITM,     /**< Require signing or encryption, and MITM protection. */
+    };
+
+    /**
+     * @brief Defines possible security status or states.
+     *
+     * @details Defines possible security status or states of a link when requested by getLinkSecurity().
+     */
+    enum LinkSecurityStatus_t {
+        NOT_ENCRYPTED,          /**< The link is not secured. */
+        ENCRYPTION_IN_PROGRESS, /**< Link security is being established.*/
+        ENCRYPTED               /**< The link is secure.*/
+    };
+
+    enum SecurityIOCapabilities_t {
+      IO_CAPS_DISPLAY_ONLY     = 0x00,   /**< Display only. */
+      IO_CAPS_DISPLAY_YESNO    = 0x01,   /**< Display and yes/no entry. */
+      IO_CAPS_KEYBOARD_ONLY    = 0x02,   /**< Keyboard only. */
+      IO_CAPS_NONE             = 0x03,   /**< No I/O capabilities. */
+      IO_CAPS_KEYBOARD_DISPLAY = 0x04,   /**< Keyboard and display. */
+    };
+
+    enum SecurityCompletionStatus_t {
+        SEC_STATUS_SUCCESS              = 0x00,  /**< Procedure completed with success. */
+        SEC_STATUS_TIMEOUT              = 0x01,  /**< Procedure timed out. */
+        SEC_STATUS_PDU_INVALID          = 0x02,  /**< Invalid PDU received. */
+        SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81,  /**< Passkey entry failed (user canceled or other). */
+        SEC_STATUS_OOB_NOT_AVAILABLE    = 0x82,  /**< Out of Band Key not available. */
+        SEC_STATUS_AUTH_REQ             = 0x83,  /**< Authentication requirements not met. */
+        SEC_STATUS_CONFIRM_VALUE        = 0x84,  /**< Confirm value failed. */
+        SEC_STATUS_PAIRING_NOT_SUPP     = 0x85,  /**< Pairing not supported.  */
+        SEC_STATUS_ENC_KEY_SIZE         = 0x86,  /**< Encryption key size. */
+        SEC_STATUS_SMP_CMD_UNSUPPORTED  = 0x87,  /**< Unsupported SMP command. */
+        SEC_STATUS_UNSPECIFIED          = 0x88,  /**< Unspecified reason. */
+        SEC_STATUS_REPEATED_ATTEMPTS    = 0x89,  /**< Too little time elapsed since last attempt. */
+        SEC_STATUS_INVALID_PARAMS       = 0x8A,  /**< Invalid parameters. */
+    };
+
+    /**
+     * Declaration of type containing a passkey to be used during pairing. This
+     * is passed into initializeSecurity() to specify a pre-programmed passkey
+     * for authentication instead of generating a random one.
+     */
+    static const unsigned PASSKEY_LEN = 6;
+    typedef uint8_t Passkey_t[PASSKEY_LEN];         /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
+
+public:
+    typedef void (*HandleSpecificEvent_t)(Gap::Handle_t handle);
+    typedef void (*SecuritySetupInitiatedCallback_t)(Gap::Handle_t, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps);
+    typedef void (*SecuritySetupCompletedCallback_t)(Gap::Handle_t, SecurityCompletionStatus_t status);
+    typedef void (*LinkSecuredCallback_t)(Gap::Handle_t handle, SecurityMode_t securityMode);
+    typedef void (*PasskeyDisplayCallback_t)(Gap::Handle_t handle, const Passkey_t passkey);
+
+    typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
+    typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
+
+    /*
+     * The following functions are meant to be overridden in the platform-specific sub-class.
+     */
+public:
+    /**
+     * Enable the BLE stack's Security Manager. The Security Manager implements
+     * the actual cryptographic algorithms and protocol exchanges that allow two
+     * devices to securely exchange data and privately detect each other.
+     * Calling this API is a prerequisite for encryption and pairing (bonding).
+     *
+     * @param[in]  enableBonding Allow for bonding.
+     * @param[in]  requireMITM   Require protection for man-in-the-middle attacks.
+     * @param[in]  iocaps        To specify the I/O capabilities of this peripheral,
+     *                           such as availability of a display or keyboard, to
+     *                           support out-of-band exchanges of security data.
+     * @param[in]  passkey       To specify a static passkey.
+     *
+     * @return BLE_ERROR_NONE on success.
+     */
+    virtual ble_error_t init(bool                     enableBonding = true,
+                             bool                     requireMITM   = true,
+                             SecurityIOCapabilities_t iocaps        = IO_CAPS_NONE,
+                             const Passkey_t          passkey       = NULL) {
+        /* Avoid compiler warnings about unused variables. */
+        (void)enableBonding;
+        (void)requireMITM;
+        (void)iocaps;
+        (void)passkey;
+
+        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+    }
+
+    /**
+     * Get the security status of a connection.
+     *
+     * @param[in]  connectionHandle   Handle to identify the connection.
+     * @param[out] securityStatusP    Security status.
+     *
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) {
+        /* Avoid compiler warnings about unused variables. */
+        (void)connectionHandle;
+        (void)securityStatusP;
+
+        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+    }
+
+    /**
+     * Set the security mode on a connection. Useful for elevating the security mode
+     * once certain conditions are met, e.g., a particular service is found.
+     *
+     * @param[in]  connectionHandle   Handle to identify the connection.
+     * @param[in]  securityMode       Requested security mode.
+     *
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    virtual ble_error_t setLinkSecurity(Gap::Handle_t connectionHandle, SecurityMode_t securityMode) {
+        /* Avoid compiler warnings about unused variables. */
+        (void)connectionHandle;
+        (void)securityMode;
+
+        return BLE_ERROR_NOT_IMPLEMENTED;
+    }
+
+    /**
+     * Delete all peer device context and all related bonding information from
+     * the database within the security manager.
+     *
+     * @retval BLE_ERROR_NONE             On success, else an error code indicating reason for failure.
+     * @retval BLE_ERROR_INVALID_STATE    If the API is called without module initialization or
+     *                                    application registration.
+     */
+    virtual ble_error_t purgeAllBondingState(void) {
+        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+    }
+
+    /**
+     * Get a list of addresses from all peers in the bond table.
+     *
+     * @param[in/out]   addresses
+     *                  (on input) addresses.capacity contains the maximum
+     *                  number of addresses to be returned.
+     *                  (on output) The populated table with copies of the
+     *                  addresses in the implementation's whitelist.
+     *
+     * @retval BLE_ERROR_NONE             On success, else an error code indicating reason for failure.
+     * @retval BLE_ERROR_INVALID_STATE    If the API is called without module initialization or
+     *                                    application registration.
+     */
+    virtual ble_error_t getAddressesFromBondTable(Gap::Whitelist_t &addresses) {
+        /* Avoid compiler warnings about unused variables */
+        (void) addresses;
+
+        return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
+    }
+
+    /* Event callback handlers. */
+public:
+    /**
+     * Setup a callback to be invoked to notify the user application that the
+     * SecurityManager instance is about to shutdown (possibly as a result of a call
+     * to BLE::shutdown()).
+     *
+     * @Note: It is possible to chain together multiple onShutdown callbacks
+     * (potentially from different modules of an application) to be notified
+     * before the SecurityManager is shutdown.
+     *
+     * @Note: It is also possible to set up a callback into a member function of
+     * some object.
+     *
+     * @Note It is possible to unregister a callback using onShutdown().detach(callback)
+     */
+    void onShutdown(const SecurityManagerShutdownCallback_t& callback) {
+        shutdownCallChain.add(callback);
+    }
+    template <typename T>
+    void onShutdown(T *objPtr, void (T::*memberPtr)(void)) {
+        shutdownCallChain.add(objPtr, memberPtr);
+    }
+
+    /**
+     * @brief provide access to the callchain of shutdown event callbacks
+     * It is possible to register callbacks using onShutdown().add(callback);
+     * It is possible to unregister callbacks using onShutdown().detach(callback)
+     * @return The shutdown event callbacks chain
+     */
+    SecurityManagerShutdownCallbackChain_t& onShutdown() {
+        return shutdownCallChain;
+    }
+
+    /**
+     * To indicate that a security procedure for the link has started.
+     */
+    virtual void onSecuritySetupInitiated(SecuritySetupInitiatedCallback_t callback) {securitySetupInitiatedCallback = callback;}
+
+    /**
+     * To indicate that the security procedure for the link has completed.
+     */
+    virtual void onSecuritySetupCompleted(SecuritySetupCompletedCallback_t callback) {securitySetupCompletedCallback = callback;}
+
+    /**
+     * To indicate that the link with the peer is secured. For bonded devices,
+     * subsequent reconnections with a bonded peer will result only in this callback
+     * when the link is secured; setup procedures will not occur (unless the
+     * bonding information is either lost or deleted on either or both sides).
+     */
+    virtual void onLinkSecured(LinkSecuredCallback_t callback) {linkSecuredCallback = callback;}
+
+    /**
+     * To indicate that device context is stored persistently.
+     */
+    virtual void onSecurityContextStored(HandleSpecificEvent_t callback) {securityContextStoredCallback = callback;}
+
+    /**
+     * To set the callback for when the passkey needs to be displayed on a peripheral with DISPLAY capability.
+     */
+    virtual void onPasskeyDisplay(PasskeyDisplayCallback_t callback) {passkeyDisplayCallback = callback;}
+
+    /* Entry points for the underlying stack to report events back to the user. */
+public:
+    void processSecuritySetupInitiatedEvent(Gap::Handle_t handle, bool allowBonding, bool requireMITM, SecurityIOCapabilities_t iocaps) {
+        if (securitySetupInitiatedCallback) {
+            securitySetupInitiatedCallback(handle, allowBonding, requireMITM, iocaps);
+        }
+    }
+
+    void processSecuritySetupCompletedEvent(Gap::Handle_t handle, SecurityCompletionStatus_t status) {
+        if (securitySetupCompletedCallback) {
+            securitySetupCompletedCallback(handle, status);
+        }
+    }
+
+    void processLinkSecuredEvent(Gap::Handle_t handle, SecurityMode_t securityMode) {
+        if (linkSecuredCallback) {
+            linkSecuredCallback(handle, securityMode);
+        }
+    }
+
+    void processSecurityContextStoredEvent(Gap::Handle_t handle) {
+        if (securityContextStoredCallback) {
+            securityContextStoredCallback(handle);
+        }
+    }
+
+    void processPasskeyDisplayEvent(Gap::Handle_t handle, const Passkey_t passkey) {
+        if (passkeyDisplayCallback) {
+            passkeyDisplayCallback(handle, passkey);
+        }
+    }
+
+protected:
+    SecurityManager() :
+        securitySetupInitiatedCallback(),
+        securitySetupCompletedCallback(),
+        linkSecuredCallback(),
+        securityContextStoredCallback(),
+        passkeyDisplayCallback() {
+        /* empty */
+    }
+
+public:
+    /**
+     * Notify all registered onShutdown callbacks that the SecurityManager is
+     * about to be shutdown and clear all SecurityManager state of the
+     * associated object.
+     *
+     * This function is meant to be overridden in the platform-specific
+     * sub-class. Nevertheless, the sub-class is only expected to reset its
+     * state and not the data held in SecurityManager members. This shall be
+     * achieved by a call to SecurityManager::reset() from the sub-class'
+     * reset() implementation.
+     *
+     * @return BLE_ERROR_NONE on success.
+     */
+    virtual ble_error_t reset(void) {
+        /* Notify that the instance is about to shutdown */
+        shutdownCallChain.call(this);
+        shutdownCallChain.clear();
+
+        securitySetupInitiatedCallback = NULL;
+        securitySetupCompletedCallback = NULL;
+        linkSecuredCallback            = NULL;
+        securityContextStoredCallback  = NULL;
+        passkeyDisplayCallback         = NULL;
+
+        return BLE_ERROR_NONE;
+    }
+
+protected:
+    SecuritySetupInitiatedCallback_t securitySetupInitiatedCallback;
+    SecuritySetupCompletedCallback_t securitySetupCompletedCallback;
+    LinkSecuredCallback_t            linkSecuredCallback;
+    HandleSpecificEvent_t            securityContextStoredCallback;
+    PasskeyDisplayCallback_t         passkeyDisplayCallback;
+
+private:
+    SecurityManagerShutdownCallbackChain_t shutdownCallChain;
+};
+
 #endif /*__SECURITY_MANAGER_H__*/
\ No newline at end of file