diff --git a/btle/btle.cpp b/btle/btle.cpp index 3b0231f..8600bd8 100644 --- a/btle/btle.cpp +++ b/btle/btle.cpp @@ -33,6 +33,8 @@ #include "GapEvents.h" #include "nRF51Gap.h" #include "nRF51GattServer.h" +#include "nRF51SecurityManager.h" + #include "device_manager.h" #include "ble_hci.h" @@ -151,7 +153,7 @@ static void btle_handler(ble_evt_t *p_ble_evt) } case BLE_GAP_EVT_PASSKEY_DISPLAY: - nRF51Gap::getInstance().processPasskeyDisplayEvent(p_ble_evt->evt.gap_evt.conn_handle, p_ble_evt->evt.gap_evt.params.passkey_display.passkey); + nRF51SecurityManager::getInstance().processPasskeyDisplayEvent(p_ble_evt->evt.gap_evt.conn_handle, p_ble_evt->evt.gap_evt.params.passkey_display.passkey); break; case BLE_GAP_EVT_TIMEOUT: diff --git a/btle/btle_security.cpp b/btle/btle_security.cpp index 2e30ac8..20143da 100644 --- a/btle/btle_security.cpp +++ b/btle/btle_security.cpp @@ -16,7 +16,10 @@ #include "btle.h" #include "pstorage.h" + #include "nRF51Gap.h" +#include "nRF51SecurityManager.h" + #include "device_manager.h" #include "btle_security.h" @@ -24,7 +27,10 @@ static dm_application_instance_t applicationInstance; static ret_code_t dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t event_result); ble_error_t -btle_initializeSecurity(bool enableBonding, bool requireMITM, Gap::SecurityIOCapabilities_t iocaps, const Gap::Passkey_t passkey) +btle_initializeSecurity(bool enableBonding, + bool requireMITM, + SecurityManager::SecurityIOCapabilities_t iocaps, + const SecurityManager::Passkey_t passkey) { /* guard against multiple initializations */ static bool initialized = false; @@ -114,7 +120,7 @@ btle_purgeAllBondingState(void) } ble_error_t -btle_getLinkSecurity(Gap::Handle_t connectionHandle, Gap::LinkSecurityStatus_t *securityStatusP) +btle_getLinkSecurity(Gap::Handle_t connectionHandle, SecurityManager::LinkSecurityStatus_t *securityStatusP) { ret_code_t rc; dm_handle_t dmHandle = { @@ -148,51 +154,52 @@ dm_handler(dm_handle_t const *p_handle, dm_event_t const *p_event, ret_code_t ev switch (p_event->event_id) { case DM_EVT_SECURITY_SETUP: /* started */ { const ble_gap_sec_params_t *peerParams = &p_event->event_param.p_gap_param->params.sec_params_request.peer_params; - nRF51Gap::getInstance().processSecuritySetupInitiatedEvent(p_event->event_param.p_gap_param->conn_handle, - peerParams->bond, - peerParams->mitm, - (Gap::SecurityIOCapabilities_t)peerParams->io_caps); + nRF51SecurityManager::getInstance().processSecuritySetupInitiatedEvent(p_event->event_param.p_gap_param->conn_handle, + peerParams->bond, + peerParams->mitm, + (SecurityManager::SecurityIOCapabilities_t)peerParams->io_caps); break; } case DM_EVT_SECURITY_SETUP_COMPLETE: - nRF51Gap::getInstance().processSecuritySetupCompletedEvent(p_event->event_param.p_gap_param->conn_handle, - (Gap::SecurityCompletionStatus_t)(p_event->event_param.p_gap_param->params.auth_status.auth_status)); + nRF51SecurityManager::getInstance(). + processSecuritySetupCompletedEvent(p_event->event_param.p_gap_param->conn_handle, + (SecurityManager::SecurityCompletionStatus_t)(p_event->event_param.p_gap_param->params.auth_status.auth_status)); break; case DM_EVT_LINK_SECURED: { unsigned securityMode = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.sm; unsigned level = p_event->event_param.p_gap_param->params.conn_sec_update.conn_sec.sec_mode.lv; - Gap::SecurityMode_t resolvedSecurityMode = Gap::SECURITY_MODE_NO_ACCESS; + SecurityManager::SecurityMode_t resolvedSecurityMode = SecurityManager::SECURITY_MODE_NO_ACCESS; switch (securityMode) { case 1: switch (level) { case 1: - resolvedSecurityMode = Gap::SECURITY_MODE_ENCRYPTION_OPEN_LINK; + resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK; break; case 2: - resolvedSecurityMode = Gap::SECURITY_MODE_ENCRYPTION_NO_MITM; + resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM; break; case 3: - resolvedSecurityMode = Gap::SECURITY_MODE_ENCRYPTION_WITH_MITM; + resolvedSecurityMode = SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM; break; } break; case 2: switch (level) { case 1: - resolvedSecurityMode = Gap::SECURITY_MODE_SIGNED_NO_MITM; + resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_NO_MITM; break; case 2: - resolvedSecurityMode = Gap::SECURITY_MODE_SIGNED_WITH_MITM; + resolvedSecurityMode = SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM; break; } break; } - nRF51Gap::getInstance().processLinkSecuredEvent(p_event->event_param.p_gap_param->conn_handle, resolvedSecurityMode); + nRF51SecurityManager::getInstance().processLinkSecuredEvent(p_event->event_param.p_gap_param->conn_handle, resolvedSecurityMode); break; } case DM_EVT_DEVICE_CONTEXT_STORED: - nRF51Gap::getInstance().processSecurityContextStoredEvent(p_event->event_param.p_gap_param->conn_handle); + nRF51SecurityManager::getInstance().processSecurityContextStoredEvent(p_event->event_param.p_gap_param->conn_handle); break; default: break; diff --git a/btle/btle_security.h b/btle/btle_security.h index 31dff9f..b37f037 100644 --- a/btle/btle_security.h +++ b/btle/btle_security.h @@ -18,6 +18,7 @@ #define _BTLE_SECURITY_H_ #include "Gap.h" +#include "SecurityManager.h" /** * Enable Nordic's Device Manager, which brings in functionality from the @@ -34,10 +35,10 @@ * * @return BLE_ERROR_NONE on success. */ -ble_error_t btle_initializeSecurity(bool enableBonding = true, - bool requireMITM = true, - Gap::SecurityIOCapabilities_t iocaps = Gap::IO_CAPS_NONE, - const Gap::Passkey_t passkey = NULL); +ble_error_t btle_initializeSecurity(bool enableBonding = true, + bool requireMITM = true, + SecurityManager::SecurityIOCapabilities_t iocaps = SecurityManager::IO_CAPS_NONE, + const SecurityManager::Passkey_t passkey = NULL); /** * Get the security status of a link. @@ -49,7 +50,7 @@ ble_error_t btle_initializeSecurity(bool enableBonding * * @return BLE_SUCCESS Or appropriate error code indicating reason for failure. */ -ble_error_t btle_getLinkSecurity(Gap::Handle_t connectionHandle, Gap::LinkSecurityStatus_t *securityStatusP); +ble_error_t btle_getLinkSecurity(Gap::Handle_t connectionHandle, SecurityManager::LinkSecurityStatus_t *securityStatusP); /** * Function for deleting all peer device context and all related bonding diff --git a/btle/custom/custom_helper.cpp b/btle/custom/custom_helper.cpp index 2254fe7..ba4b303 100644 --- a/btle/custom/custom_helper.cpp +++ b/btle/custom/custom_helper.cpp @@ -200,7 +200,7 @@ error_t custom_decode_uuid_base(uint8_t const *const p_uuid_base, error_t custom_add_in_characteristic(uint16_t service_handle, ble_uuid_t *p_uuid, uint8_t properties, - Gap::SecurityMode_t requiredSecurity, + SecurityManager::SecurityMode_t requiredSecurity, uint8_t *p_data, uint16_t min_length, uint16_t max_length, @@ -246,19 +246,19 @@ error_t custom_add_in_characteristic(uint16_t service_handle, if (char_props.read || char_props.notify || char_props.indicate) { switch (requiredSecurity) { - case Gap::SECURITY_MODE_ENCRYPTION_OPEN_LINK : + case SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK : BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.read_perm); break; - case Gap::SECURITY_MODE_ENCRYPTION_NO_MITM : + case SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM : BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm); break; - case Gap::SECURITY_MODE_ENCRYPTION_WITH_MITM : + case SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM : BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(&attr_md.read_perm); break; - case Gap::SECURITY_MODE_SIGNED_NO_MITM : + case SecurityManager::SECURITY_MODE_SIGNED_NO_MITM : BLE_GAP_CONN_SEC_MODE_SET_SIGNED_NO_MITM(&attr_md.read_perm); break; - case Gap::SECURITY_MODE_SIGNED_WITH_MITM : + case SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM : BLE_GAP_CONN_SEC_MODE_SET_SIGNED_WITH_MITM(&attr_md.read_perm); break; default: @@ -268,19 +268,19 @@ error_t custom_add_in_characteristic(uint16_t service_handle, if (char_props.write || char_props.write_wo_resp) { switch (requiredSecurity) { - case Gap::SECURITY_MODE_ENCRYPTION_OPEN_LINK : + case SecurityManager::SECURITY_MODE_ENCRYPTION_OPEN_LINK : BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.write_perm); break; - case Gap::SECURITY_MODE_ENCRYPTION_NO_MITM : + case SecurityManager::SECURITY_MODE_ENCRYPTION_NO_MITM : BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm); break; - case Gap::SECURITY_MODE_ENCRYPTION_WITH_MITM : + case SecurityManager::SECURITY_MODE_ENCRYPTION_WITH_MITM : BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(&attr_md.write_perm); break; - case Gap::SECURITY_MODE_SIGNED_NO_MITM : + case SecurityManager::SECURITY_MODE_SIGNED_NO_MITM : BLE_GAP_CONN_SEC_MODE_SET_SIGNED_NO_MITM(&attr_md.write_perm); break; - case Gap::SECURITY_MODE_SIGNED_WITH_MITM : + case SecurityManager::SECURITY_MODE_SIGNED_WITH_MITM : BLE_GAP_CONN_SEC_MODE_SET_SIGNED_WITH_MITM(&attr_md.write_perm); break; default: diff --git a/btle/custom/custom_helper.h b/btle/custom/custom_helper.h index 9ff0380..8a5fde7 100644 --- a/btle/custom/custom_helper.h +++ b/btle/custom/custom_helper.h @@ -34,7 +34,7 @@ ble_uuid_t custom_convert_to_nordic_uuid(const UUID &uuid); error_t custom_add_in_characteristic(uint16_t service_handle, ble_uuid_t *p_uuid, uint8_t properties, - Gap::SecurityMode_t requiredSecurity, + SecurityManager::SecurityMode_t requiredSecurity, uint8_t *p_data, uint16_t min_length, uint16_t max_length, diff --git a/nRF51822n.h b/nRF51822n.h index f9528c0..3378548 100644 --- a/nRF51822n.h +++ b/nRF51822n.h @@ -23,8 +23,8 @@ #include "nRF51Gap.h" #include "nRF51GattServer.h" #include "nRF51GattClient.h" +#include "nRF51SecurityManager.h" #include "btle.h" -#include "btle_security.h" class nRF51822n : public BLEInstanceBase { @@ -32,6 +32,8 @@ public: nRF51822n(void); virtual ~nRF51822n(void); + virtual ble_error_t init(void); + virtual ble_error_t shutdown(void); virtual const char *getVersion(void); virtual Gap &getGap() { @@ -49,15 +51,11 @@ public: virtual GattClient &getGattClient() { return nRF51GattClient::getInstance(); } - - virtual ble_error_t init(void); - virtual ble_error_t shutdown(void); - virtual ble_error_t reset(void); - virtual ble_error_t initializeSecurity(bool enableBonding = true, - bool requireMITM = true, - Gap::SecurityIOCapabilities_t iocaps = Gap::IO_CAPS_NONE, - const Gap::Passkey_t passkey = NULL) { - return btle_initializeSecurity(enableBonding, requireMITM, iocaps, passkey); + virtual const SecurityManager &getSecurityManager() const { + return nRF51SecurityManager::getInstance(); + } + virtual SecurityManager &getSecurityManager() { + return nRF51SecurityManager::getInstance(); } virtual void waitForEvent(void); }; diff --git a/nRF51Gap.h b/nRF51Gap.h index 1e102d5..b591c73 100644 --- a/nRF51Gap.h +++ b/nRF51Gap.h @@ -54,11 +54,6 @@ public: virtual ble_error_t connect(const Address_t, Gap::AddressType_t peerAddrType, const ConnectionParams_t *connectionParams, const GapScanningParams *scanParams); virtual ble_error_t disconnect(DisconnectionReason_t reason); - virtual ble_error_t purgeAllBondingState(void) {return btle_purgeAllBondingState();} - virtual ble_error_t getLinkSecurity(Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) { - return btle_getLinkSecurity(connectionHandle, securityStatusP); - } - virtual ble_error_t setDeviceName(const uint8_t *deviceName); virtual ble_error_t getDeviceName(uint8_t *deviceName, unsigned *lengthP); virtual ble_error_t setAppearance(GapAdvertisingData::Appearance appearance); diff --git a/nRF51SecurityManager.cpp b/nRF51SecurityManager.cpp new file mode 100644 index 0000000..05c6559 --- /dev/null +++ b/nRF51SecurityManager.cpp @@ -0,0 +1,22 @@ +/* mbed Microcontroller Library + * Copyright (c) 2006-2013 ARM Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "nRF51SecurityManager.h" + +nRF51SecurityManager &nRF51SecurityManager::getInstance(void) { + static nRF51SecurityManager m_instance; + return m_instance; +} diff --git a/nRF51SecurityManager.h b/nRF51SecurityManager.h new file mode 100644 index 0000000..8d3d08d --- /dev/null +++ b/nRF51SecurityManager.h @@ -0,0 +1,56 @@ +/* mbed Microcontroller Library + * Copyright (c) 2006-2013 ARM Limited + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#ifndef __NRF51822_SECURITY_MANAGER_H__ +#define __NRF51822_SECURITY_MANAGER_H__ + +#include + +#include "SecurityManager.h" +#include "btle_security.h" + +class nRF51SecurityManager : public SecurityManager +{ +public: + static nRF51SecurityManager &getInstance(); + + /* Functions that must be implemented from SecurityManager */ + virtual ble_error_t init(bool enableBonding, + bool requireMITM, + SecurityIOCapabilities_t iocaps, + const Passkey_t passkey) { + return btle_initializeSecurity(enableBonding, requireMITM, iocaps, passkey); + } + + virtual ble_error_t getLinkSecurity(Gap::Handle_t connectionHandle, LinkSecurityStatus_t *securityStatusP) { + return btle_getLinkSecurity(connectionHandle, securityStatusP); + } + + virtual ble_error_t purgeAllBondingState(void) { + return btle_purgeAllBondingState(); + } + +public: + nRF51SecurityManager() { + /* empty */ + } + +private: + nRF51SecurityManager(const nRF51SecurityManager &); + const nRF51SecurityManager& operator=(const nRF51SecurityManager &); +}; + +#endif // ifndef __NRF51822_SECURITY_MANAGER_H__