refactor into separate functions for readability and correctness of pal matching db

Author: paul-szczepanek-arm

features/FEATURE_BLE/ble/SecurityManager.h

@@ -464,15 +464,17 @@ class SecurityManager {
     }
 
     /**
-     * Change the file used for the security datagse. If path is invalid or a NULL is passed
+     * Change the file used for the security database. If path is invalid or a NULL is passed
      * keys will only be stored in memory.
      *
+     * @note This operation is only allowed with no active connections.
+     *
      * @param[in]  dbPath        Path to the file used to store keys in the filesystem,
      *                           if NULL keys will be only stored in memory
      *
      * @return BLE_ERROR_NONE on success.
      */
-    virtual ble_error_t setDatabaseFile(const char *dbFilepath = NULL) {
+    virtual ble_error_t setDatabaseFilepath(const char *dbFilepath = NULL) {
         (void)dbFilepath;
         return BLE_ERROR_NOT_IMPLEMENTED; /* Requesting action from porters: override this API if security is supported. */
     }

features/FEATURE_BLE/ble/generic/GenericSecurityManager.h

@@ -53,7 +53,7 @@ class GenericSecurityManager : public SecurityManager,
         const char* db_path = NULL
     );
 
-    virtual ble_error_t setDatabaseFile(const char *db_path = NULL);
+    virtual ble_error_t setDatabaseFilepath(const char *db_path = NULL);
 
     virtual ble_error_t reset();
 
@@ -265,6 +265,22 @@ class GenericSecurityManager : public SecurityManager,
     //
 
 private:
+
+    /**
+     * Initialise the database, if database already exists it will close it and open the new one.
+     *
+     * @param db_path path to file to store secure db
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    ble_error_t init_database(const char *db_path = NULL);
+
+    /**
+     * Generate identity list based on the database of IRK and apply it to the resolving list.
+     *
+     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
+     */
+    ble_error_t init_resolving_list();
+
     /**
      * Generate the CSRK if needed.
      *

features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp

@@ -48,7 +48,7 @@ ble_error_t GenericSecurityManager::init(
     	return result;
     }
 
-    result = setDatabaseFile(db_path);
+    result = init_database(db_path);
     if (result != BLE_ERROR_NONE) {
         return result;
     }
@@ -79,49 +79,38 @@ ble_error_t GenericSecurityManager::init(
         init_signing();
     }
 
+    init_resolving_list();
+
     _connection_monitor.set_connection_event_handler(this);
     _signing_monitor.set_signing_event_handler(this);
     _pal.set_event_handler(this);
 
-    uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
-    SecurityEntryIdentity_t* identity_list_p =
-        new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
-
-    if (identity_list_p) {
-        ArrayView<SecurityEntryIdentity_t> identity_list(
-            identity_list_p,
-            resolving_list_capacity
-        );
-
-        _db->get_identity_list(
-            mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
-            identity_list
-        );
-    }
-
     return BLE_ERROR_NONE;
 }
 
-ble_error_t GenericSecurityManager::setDatabaseFile(
+ble_error_t GenericSecurityManager::setDatabaseFilepath(
     const char *db_path
 ) {
-    if (_db) {
-        delete _db;
-    }
+    if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
 
-    FILE* db_file = FileSecurityDb::open_db_file(db_path);
+    /* operation only allowed with no connections active */
+    for (size_t i = 0; i < MAX_CONTROL_BLOCKS; i++) {
+        if (_control_blocks[i].connected) {
+            return BLE_ERROR_OPERATION_NOT_PERMITTED;
+        }
+    }
 
-    if (db_file) {
-        _db = new (std::nothrow) FileSecurityDb(db_file);
-    } else {
-        _db = new (std::nothrow) MemorySecurityDb();
+    ble_error_t result = init_database(db_path);
+    if (result != BLE_ERROR_NONE) {
+        return result;
     }
 
-    if (!_db) {
-        return BLE_ERROR_NO_MEM;
+    result = init_database(db_path);
+    if (result != BLE_ERROR_NONE) {
+        return result;
     }
 
-    _db->restore();
+    init_resolving_list();
 
     return BLE_ERROR_NONE;
 }
@@ -779,6 +768,49 @@ ble_error_t GenericSecurityManager::oobReceived(
 // Helper functions
 //
 
+ble_error_t GenericSecurityManager::init_database(
+    const char *db_path
+) {
+    if (_db) {
+        delete _db;
+    }
+
+    FILE* db_file = FileSecurityDb::open_db_file(db_path);
+
+    if (db_file) {
+        _db = new (std::nothrow) FileSecurityDb(db_file);
+    } else {
+        _db = new (std::nothrow) MemorySecurityDb();
+    }
+
+    if (!_db) {
+        return BLE_ERROR_NO_MEM;
+    }
+
+    _db->restore();
+
+    return BLE_ERROR_NONE;
+}
+
+ble_error_t GenericSecurityManager::init_resolving_list() {
+    /* match the resolving list to the currently stored set of IRKs */
+    uint8_t resolving_list_capacity = _pal.read_resolving_list_capacity();
+    SecurityEntryIdentity_t* identity_list_p =
+        new (std::nothrow) SecurityEntryIdentity_t[resolving_list_capacity];
+
+    if (identity_list_p) {
+        ArrayView<SecurityEntryIdentity_t> identity_list(
+            identity_list_p,
+            resolving_list_capacity
+        );
+
+        _db->get_identity_list(
+            mbed::callback(this, &GenericSecurityManager::on_identity_list_retrieved),
+            identity_list
+        );
+    }
+}
+
 ble_error_t GenericSecurityManager::init_signing() {
     if (!_db) return BLE_ERROR_INITIALIZATION_INCOMPLETE;
     const csrk_t *pcsrk = _db->get_local_csrk();