Merge pull request ARMmbed#31 from pan-/signing-nordic-fix

BLE: Add stub for signing API in Nordic pal security manager.
pan- · Apr 11, 2018 · 1f81d20 · 1f81d20
2 parents 3aaedf6 + 8643fd5
commit 1f81d20
Show file tree

Hide file tree

Showing 3 changed files with 41 additions and 14 deletions.
diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.cpp
@@ -85,6 +85,7 @@ struct nRF5xSecurityManager::pairing_control_block_t {
 
 nRF5xSecurityManager::nRF5xSecurityManager()
     : ::ble::pal::SecurityManager(),
+    _sign_counter(),
     _io_capability(io_capability_t::NO_INPUT_NO_OUTPUT),
     _min_encryption_key_size(7),
     _max_encryption_key_size(16),
@@ -508,12 +509,24 @@ ble_error_t nRF5xSecurityManager::set_irk(const irk_t& irk)
     return convert_sd_error(err);
 }
 
-ble_error_t nRF5xSecurityManager::set_csrk(const csrk_t& csrk)
-{
+ble_error_t nRF5xSecurityManager::set_csrk(
+    const csrk_t& csrk,
+    sign_count_t sign_counter
+) {
     _csrk = csrk;
+    _sign_counter = sign_counter;
     return BLE_ERROR_NONE;
 }
 
+ble_error_t nRF5xSecurityManager::set_peer_csrk(
+    connection_handle_t connection,
+    const csrk_t &csrk,
+    bool authenticated,
+    sign_count_t sign_counter
+) {
+    return BLE_ERROR_NOT_IMPLEMENTED;
+}
+
 ////////////////////////////////////////////////////////////////////////////
 // Authentication
 //
@@ -630,23 +643,21 @@ ble_error_t nRF5xSecurityManager::send_keypress_notification(
 }
 
 
-ble_error_t nRF5xSecurityManager::generate_secure_connections_oob(
-    connection_handle_t connection
-) {
+ble_error_t nRF5xSecurityManager::generate_secure_connections_oob()
+{
     ble_gap_lesc_p256_pk_t own_secret;
     ble_gap_lesc_oob_data_t oob_data;
 
     memcpy(own_secret.pk, secret.data(), secret.size());
 
     uint32_t err = sd_ble_gap_lesc_oob_data_get(
-        connection,
+        BLE_CONN_HANDLE_INVALID,
         &own_secret,
         &oob_data
     );
 
     if (!err) {
         get_event_handler()->on_secure_connections_oob_generated(
-            connection,
             oob_data.r,
             oob_data.c
         );

diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xPalSecurityManager.h
@@ -237,7 +237,18 @@ class nRF5xSecurityManager : public ::ble::pal::SecurityManager {
     /**
      * @see ::ble::pal::SecurityManager::set_csrk
      */
-    virtual ble_error_t set_csrk(const csrk_t &csrk);
+    virtual ble_error_t set_csrk(const csrk_t &csrk, sign_count_t sign_counter);
+
+    /**
+     * @see ::ble::pal::SecurityManager::set_peer_csrk
+     */
+    virtual ble_error_t set_peer_csrk(
+        connection_handle_t connection,
+        const csrk_t &csrk,
+        bool authenticated,
+        sign_count_t sign_counter
+    );
+
 
     ////////////////////////////////////////////////////////////////////////////
     // Authentication
@@ -300,9 +311,7 @@ class nRF5xSecurityManager : public ::ble::pal::SecurityManager {
     /**
      * @see ::ble::pal::SecurityManager::generate_secure_connections_oob
      */
-    virtual ble_error_t generate_secure_connections_oob(
-        connection_handle_t connection
-    );
+    virtual ble_error_t generate_secure_connections_oob();
 
     // singleton of nordic Security Manager
     static nRF5xSecurityManager& get_security_manager();
@@ -312,6 +321,7 @@ class nRF5xSecurityManager : public ::ble::pal::SecurityManager {
 
 private:
     csrk_t _csrk;
+    sign_count_t _sign_counter;
     io_capability_t _io_capability;
     uint8_t _min_encryption_key_size;
     uint8_t _max_encryption_key_size;

diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xn.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF5/source/nRF5xn.cpp
@@ -125,7 +125,7 @@ ble_error_t nRF5xn::init(BLE::InstanceID_t instanceID, FunctionPointerWithContex
         return BLE_ERROR_ALREADY_INITIALIZED;
     }
 
-    instanceID   = instanceID;
+    this->instanceID = instanceID;
 
     /* ToDo: Clear memory contents, reset the SD, etc. */
     if (btle_init() != ERROR_NONE) {
@@ -209,11 +209,17 @@ SecurityManager& nRF5xn::getSecurityManager()
 const SecurityManager& nRF5xn::getSecurityManager() const
 {
     static ble::pal::MemorySecurityDb m_db;
-    ble::pal::vendor::nordic::nRF5xSecurityManager &m_pal = ble::pal::vendor::nordic::nRF5xSecurityManager::get_security_manager();
+    ble::pal::vendor::nordic::nRF5xSecurityManager &m_pal =
+        ble::pal::vendor::nordic::nRF5xSecurityManager::get_security_manager();
+    static struct : ble::pal::SigningEventMonitor {
+        virtual void set_signing_event_handler(EventHandler *signing_event_handler) { }
+    } dummy_signing_event_monitor;
+
     static ble::generic::GenericSecurityManager m_instance(
         m_pal,
         m_db,
-        const_cast<nRF5xGap&>(getGap())
+        const_cast<nRF5xGap&>(getGap()),
+        dummy_signing_event_monitor
     );
 
     return m_instance;