Merge pull request #32 from pan-/sm-privacy-nordic

Sm privacy nordic

Author: paul-szczepanek-arm

features/FEATURE_BLE/ble/BLETypes.h

@@ -426,10 +426,10 @@ typedef uint32_t sign_count_t;
  */
 struct address_t : public byte_array_t<6> {
     /**
-     * Create an invalid mac address, equal to FF:FF:FF:FF:FF:FF
+     * Create an invalid mac address, equal to 00:00:00:00:00:00
      */
     address_t() {
-        memset(_value, 0xFF, sizeof(_value));
+        memset(_value, 0x00, sizeof(_value));
     }
 
     /**

features/FEATURE_BLE/ble/Gap.h

@@ -887,6 +887,12 @@ class Gap {
      */
     static const uint16_t UNIT_1_25_MS  = 1250;
 
+    static const PeripheralPrivacyConfiguration_t
+        default_peripheral_privacy_configuration;
+
+    static const CentralPrivacyConfiguration_t
+        default_central_privacy_configuration;
+
     /**
      * Convert milliseconds into 1.25ms units.
      *
@@ -1062,7 +1068,7 @@ class Gap {
      * the address in input was not identifiable as a random address.
      */
     static ble_error_t getRandomAddressType(
-        BLEProtocol::AddressBytes_t address,
+        const BLEProtocol::AddressBytes_t address,
         RandomAddressType_t* addressType
     );
 

features/FEATURE_BLE/ble/generic/GenericSecurityManager.h

@@ -25,6 +25,7 @@
 #include "ble/pal/SigningEventMonitor.h"
 #include "ble/generic/GenericGap.h"
 #include "ble/pal/PalSecurityManager.h"
+#include "ble/ArrayView.h"
 
 namespace ble {
 namespace generic {
@@ -400,21 +401,28 @@ class GenericSecurityManager : public SecurityManager,
     );
 
     /**
-     * Inform the security manager of a new connection.
-     *
-     * @param[in] params information about the new connection.
+     * Callback invoked by the secure DB when an identity entry has been
+     * retrieved.
+     * @param entry Handle of the entry.
+     * @param identity The identity associated with the entry; may be NULL.
      */
-    void connection_callback(
-        const Gap::ConnectionCallbackParams_t* params
+    void on_security_entry_retrieved(
+        pal::SecurityDb::entry_handle_t entry,
+        const pal::SecurityEntryIdentity_t* identity
     );
 
     /**
-     * Inform the security manager that a connection ended.
+     * Callback invoked by the secure DB when the identity list has been
+     * retrieved.
+     *
+     * @param identity View to the array passed to the secure DB. It contains
+     * identity entries retrieved.
      *
-     * @param[in] params handle and reason of the disconnection.
+     * @param count Number of identities entries retrieved.
      */
-    void disconnection_callback(
-        const Gap::DisconnectionCallbackParams_t* params
+    void on_identity_list_retrieved(
+        ble::ArrayView<pal::SecurityEntryIdentity_t*>& identity_list,
+        size_t count
     );
 
 private:

features/FEATURE_BLE/ble/pal/MemorySecurityDb.h

@@ -17,7 +17,8 @@
 #ifndef PAL_MEMORY_SECURITY_DB_H_
 #define PAL_MEMORY_SECURITY_DB_H_
 
-#include "SecurityDB.h"
+#include "ble/Gap.h"
+#include "SecurityDb.h"
 
 namespace ble {
 namespace pal {
@@ -49,8 +50,9 @@ class MemorySecurityDb : public SecurityDb {
     }
 
 public:
-    MemorySecurityDb() { };
-    virtual ~MemorySecurityDb() { };
+    MemorySecurityDb() : _local_sign_counter(0) { }
+
+    virtual ~MemorySecurityDb() { }
 
     virtual const SecurityDistributionFlags_t* get_distribution_flags(
         entry_handle_t entry_handle
@@ -173,6 +175,35 @@ class MemorySecurityDb : public SecurityDb {
         cb(entry_handle, key);
     }
 
+    virtual void get_entry_identity(
+        SecurityEntryIdentityDbCb_t cb,
+        entry_handle_t entry_handle
+    ) {
+        entry_t *entry = as_entry(entry_handle);
+        if (entry && entry->flags.irk_stored) {
+            cb(entry_handle, &entry->peer_identity);
+        } else {
+            cb(entry_handle, NULL);
+        }
+    }
+
+    virtual void get_identity_list(
+        IdentitylistDbCb_t cb,
+        ArrayView<SecurityEntryIdentity_t*>& entries
+    ) {
+        size_t count = 0;
+        for (size_t i = 0; i < MAX_ENTRIES && count < entries.size(); ++i) {
+            entry_t& e = _entries[i];
+
+            if (e.state == ENTRY_WRITTEN && e.flags.irk_stored) {
+                entries[count] = &e.peer_identity;
+                ++count;
+            }
+        }
+
+        cb(entries, count);
+    }
+
     /* set */
 
     virtual void set_entry_peer_ltk(
@@ -207,6 +238,7 @@ class MemorySecurityDb : public SecurityDb {
         if (entry) {
             entry->state = ENTRY_WRITTEN;
             entry->peer_identity.irk = irk;
+            entry->flags.irk_stored = true;
         }
     }
 
@@ -219,6 +251,7 @@ class MemorySecurityDb : public SecurityDb {
         if (entry) {
             entry->state = ENTRY_WRITTEN;
             entry->peer_identity.identity_address = peer_address;
+            entry->peer_identity.identity_address_is_public = address_is_public;
         }
     }
 
@@ -271,23 +304,61 @@ class MemorySecurityDb : public SecurityDb {
         const address_t &peer_address
     ) {
         const bool peer_address_public =
-            (peer_address_type == BLEProtocol::AddressType::PUBLIC);
+            (peer_address_type == BLEProtocol::AddressType::PUBLIC) ||
+            (peer_address_type == BLEProtocol::AddressType::PUBLIC_IDENTITY);
 
         for (size_t i = 0; i < MAX_ENTRIES; i++) {
-            if (_entries[i].state == ENTRY_FREE) {
+            entry_t& e = _entries[i];
+
+            if (e.state == ENTRY_FREE) {
                 continue;
-            } else if (peer_address == _entries[i].peer_identity.identity_address
-                && _entries[i].flags.peer_address_is_public == peer_address_public) {
-                return &_entries[i];
+            } else {
+                if (peer_address_type == BLEProtocol::AddressType::PUBLIC_IDENTITY &&
+                    e.flags.irk_stored == false
+                ) {
+                    continue;
+                }
+
+                // lookup for the identity address then the connection address.
+                if (e.flags.irk_stored &&
+                    e.peer_identity.identity_address == peer_address &&
+                    e.peer_identity.identity_address_is_public == peer_address_public
+                ) {
+                    return &e;
+                // lookup for connection address used during bonding
+                } else if (e.flags.peer_address == peer_address &&
+                           e.flags.peer_address_is_public == peer_address_public
+                ) {
+                    return &e;
+                }
+            }
+        }
+
+        // determine if the address in input is private or not.
+        bool is_private_address = false;
+        if (peer_address_type == BLEProtocol::AddressType::RANDOM) {
+            ::Gap::RandomAddressType_t random_type(::Gap::RandomAddressType_t::STATIC);
+            ble_error_t err = ::Gap::getRandomAddressType(peer_address.data(), &random_type);
+            if (err) {
+                return NULL;
+            }
+            if (random_type != ::Gap::RandomAddressType_t::STATIC) {
+                is_private_address = true;
             }
         }
 
         /* if we din't find one grab the first disconnected slot*/
         for (size_t i = 0; i < MAX_ENTRIES; i++) {
             if (_entries[i].state == ENTRY_FREE) {
                 _entries[i] = entry_t();
-                _entries[i].flags.peer_address = peer_address;
-                _entries[i].flags.peer_address_is_public = peer_address_public;
+                // do not store private addresses in the flags; just store public
+                // or random static address so it can be reused latter.
+                if (is_private_address == false) {
+                    _entries[i].flags.peer_address = peer_address;
+                    _entries[i].flags.peer_address_is_public = peer_address_public;
+                } else {
+                    _entries[i].flags.peer_address = address_t();
+                }
                 _entries[i].state = ENTRY_RESERVED;
                 return &_entries[i];
             }

features/FEATURE_BLE/ble/pal/SecurityDb.h

@@ -35,12 +35,12 @@ struct SecurityDistributionFlags_t {
         peer_address(),
         encryption_key_size(0),
         peer_address_is_public(false),
-        local_address_is_public(false),
         csrk_stored(false),
         csrk_mitm_protected(false),
         ltk_stored(false),
         ltk_mitm_protected(false),
-        secure_connections_paired(false) {
+        secure_connections_paired(false),
+        irk_stored(false) {
     }
 
     /** peer address */
@@ -50,8 +50,6 @@ struct SecurityDistributionFlags_t {
     uint8_t encryption_key_size;
     /** true if peer address is public, false if it's static random */
     uint8_t peer_address_is_public:1;
-    /** true if local address is public, false if it's static random */
-    uint8_t local_address_is_public:1;
 
     /** CSRK (Connection Signature Resolving Key) has been distributed and stored */
     uint8_t csrk_stored:1;
@@ -63,6 +61,8 @@ struct SecurityDistributionFlags_t {
     uint8_t ltk_mitm_protected:1;
     /** the current pairing was done using Secure Connections */
     uint8_t secure_connections_paired:1;
+    /** the security entry has been distributed and stored */
+    uint8_t irk_stored:1;
 };
 
 /** Long Term Key and data used to identify it */
@@ -81,6 +81,8 @@ struct SecurityEntryIdentity_t {
     address_t identity_address;
     /** Identity Resolving Key */
     irk_t irk;
+    /** true if peer identity address is public, false if it's static random */
+    uint8_t identity_address_is_public:1;
 };
 
 /**
@@ -103,6 +105,10 @@ class SecurityDb {
         SecurityEntryKeysDbCb_t;
     typedef mbed::Callback<void(entry_handle_t, const csrk_t*, uint32_t sign_counter)>
         SecurityEntryCsrkDbCb_t;
+    typedef mbed::Callback<void(entry_handle_t, const SecurityEntryIdentity_t*)>
+        SecurityEntryIdentityDbCb_t;
+    typedef mbed::Callback<void(ArrayView<SecurityEntryIdentity_t*>&, size_t count)>
+        IdentitylistDbCb_t;
     typedef mbed::Callback<void(::Gap::Whitelist_t*)>
         WhitelistDbCb_t;
 
@@ -259,6 +265,31 @@ class SecurityDb {
         const address_t &peer_address
     ) = 0;
 
+    /**
+     * Retrieve stored identity address and IRK.
+     *
+     * @param[in] cb callback that will receive the SecurityEntryIdentity_t struct
+     * @param[in] db_entry handle of the entry being queried.
+     */
+    virtual void get_entry_identity(
+        SecurityEntryIdentityDbCb_t cb,
+        entry_handle_t db_entry
+    ) = 0;
+
+    /**
+     * Asynchronously return the identity list stored in NVM through a callback.
+     * Function takes ownership of the memory. The identity list and the
+     * ownership will be returned in the callback.
+     *
+     * @param[in] cb callback that will receive the whitelist
+     * @param[in] identity_list preallocated identity_list that will be filled
+     * in.
+     */
+    virtual void get_identity_list(
+        IdentitylistDbCb_t cb,
+        ArrayView<SecurityEntryIdentity_t*>& identity_list
+    ) = 0;
+
     /**
      * Update peer signing key.
      *

features/FEATURE_BLE/source/Gap.cpp

@@ -17,7 +17,7 @@
 #include "ble/Gap.h"
 
 ble_error_t Gap::getRandomAddressType(
-    BLEProtocol::AddressBytes_t address,
+    const BLEProtocol::AddressBytes_t address,
     RandomAddressType_t* type
 ) {
     // see section Device address in Bluetooth Link Layer specification
@@ -36,3 +36,13 @@ ble_error_t Gap::getRandomAddressType(
             return BLE_ERROR_INVALID_PARAM;
     }
 }
+
+const Gap::PeripheralPrivacyConfiguration_t Gap::default_peripheral_privacy_configuration = {
+    /* use_non_resolvable_random_address */ false,
+    /* resolution_strategy */ PeripheralPrivacyConfiguration_t::PERFORM_PAIRING_PROCEDURE
+};
+
+const Gap::CentralPrivacyConfiguration_t Gap::default_central_privacy_configuration = {
+    /* use_non_resolvable_random_address */ false,
+    /* resolution_strategy */ CentralPrivacyConfiguration_t::DO_NOT_RESOLVE
+};