Feat: Implement clearAllBondings using iterative gap_delete_bonding

This commit introduces a functional implementation for `BLESecureClass::clearAllBondings()`, designed to remove all LE bonding information stored by BTstack.

The method now performs the following:
1.  **Initial State Logging**: Dumps the LE Device Database using `le_device_db_dump()` and logs the count of bonded devices reported by `le_device_db_count()` before any deletion attempts.
2.  **Iterative Deletion**:
    * Loops through all potential physical slots in the LE Device Database (up to `NVM_NUM_DEVICE_DB_ENTRIES`).
    * For each slot, it calls `le_device_db_info()` to retrieve the address and address type of any stored bond.
    * If a valid LE device (public or random address type) is found in a slot, `gap_delete_bonding(addr_type, addr)` is invoked for that specific device. This is the recommended high-level API to request bond removal.
    * `le_device_db_dump()` is called after each `gap_delete_bonding` call to provide insight into the immediate effect on the database (though flash changes might have backend latencies).
3.  **Final State Logging**: After iterating through all slots, `le_device_db_dump()` is called again, and the final count from `le_device_db_count()` is logged to assess the outcome.
4.  **Informational Messages**: Includes detailed serial logging throughout the process to aid in debugging and understanding the function's behavior.

This approach aims to systematically request the deletion of each stored bond via the GAP layer, which should then instruct the LE Device DB (TLV on flash) and the Security Manager to remove the associated security information.

Also added a test example `ClearBondingTest`` for the new function.

Author: IoT-gamer

README.md

@@ -316,6 +316,7 @@ The library includes several example platformIO projects demonstrating its usage
 - **SecurePairingMedium**: Basic encryption without MITM protection using the "Just Works" method
 - **SecurePairingHigh**: Encryption with MITM protection using passkey or numeric comparison
 - **SecurePairingHighSC**: The highest security level using Secure Connections
+- **ClearBondingTest**: Clears bonding information in flash memory via BOOTSEL button press
 
 ### Test with nRF Connect mobile app
 - connect pico-W to computer with USB

examples/ClearBondingTest/.gitignore

@@ -0,0 +1,6 @@
+.pio
+.vscode/.browse.c_cpp.db*
+.vscode/c_cpp_properties.json
+.vscode/launch.json
+.vscode/ipch
+logs/

examples/ClearBondingTest/.vscode/extensions.json

@@ -0,0 +1,10 @@
+{
+    // See http://go.microsoft.com/fwlink/?LinkId=827846
+    // for the documentation about the extensions.json format
+    "recommendations": [
+        "platformio.platformio-ide"
+    ],
+    "unwantedRecommendations": [
+        "ms-vscode.cpptools-extension-pack"
+    ]
+}

examples/ClearBondingTest/include/README

@@ -0,0 +1,37 @@
+
+This directory is intended for project header files.
+
+A header file is a file containing C declarations and macro definitions
+to be shared between several project source files. You request the use of a
+header file in your project source file (C, C++, etc) located in `src` folder
+by including it, with the C preprocessing directive `#include'.
+
+```src/main.c
+
+#include "header.h"
+
+int main (void)
+{
+ ...
+}
+```
+
+Including a header file produces the same results as copying the header file
+into each source file that needs it. Such copying would be time-consuming
+and error-prone. With a header file, the related declarations appear
+in only one place. If they need to be changed, they can be changed in one
+place, and programs that include the header file will automatically use the
+new version when next recompiled. The header file eliminates the labor of
+finding and changing all the copies as well as the risk that a failure to
+find one copy will result in inconsistencies within a program.
+
+In C, the convention is to give header files names that end with `.h'.
+
+Read more about using header files in official GCC documentation:
+
+* Include Syntax
+* Include Operation
+* Once-Only Headers
+* Computed Includes
+
+https://gcc.gnu.org/onlinedocs/cpp/Header-Files.html

examples/ClearBondingTest/lib/README

@@ -0,0 +1,46 @@
+
+This directory is intended for project specific (private) libraries.
+PlatformIO will compile them to static libraries and link into the executable file.
+
+The source code of each library should be placed in a separate directory
+("lib/your_library_name/[Code]").
+
+For example, see the structure of the following example libraries `Foo` and `Bar`:
+
+|--lib
+|  |
+|  |--Bar
+|  |  |--docs
+|  |  |--examples
+|  |  |--src
+|  |     |- Bar.c
+|  |     |- Bar.h
+|  |  |- library.json (optional. for custom build options, etc) https://docs.platformio.org/page/librarymanager/config.html
+|  |
+|  |--Foo
+|  |  |- Foo.c
+|  |  |- Foo.h
+|  |
+|  |- README --> THIS FILE
+|
+|- platformio.ini
+|--src
+   |- main.c
+
+Example contents of `src/main.c` using Foo and Bar:
+```
+#include <Foo.h>
+#include <Bar.h>
+
+int main (void)
+{
+  ...
+}
+
+```
+
+The PlatformIO Library Dependency Finder will find automatically dependent
+libraries by scanning project source files.
+
+More information about PlatformIO Library Dependency Finder
+- https://docs.platformio.org/page/librarymanager/ldf.html

examples/ClearBondingTest/platformio.ini

@@ -0,0 +1,25 @@
+; PlatformIO Project Configuration File
+;
+;   Build options: build flags, source filter
+;   Upload options: custom upload port, speed and extra flags
+;   Library options: dependencies, extra library storages
+;   Advanced options: extra scripting
+;
+; Please visit documentation for the other options and examples
+; https://docs.platformio.org/page/projectconf.html
+
+[env:rpipicow]
+platform = https://github.com/maxgerhardt/platform-raspberrypi.git
+board = rpipicow
+framework = arduino
+monitor_filters = default, time, log2file
+board_build.core = earlephilhower
+board_build.filesystem_size = 0.5m
+build_flags = 
+    -DPIO_FRAMEWORK_ARDUINO_ENABLE_BLUETOOTH
+    -DPIO_FRAMEWORK_ARDUINO_ENABLE_IPV4
+; lib_extra_dirs = ../../..   
+lib_deps =
+    ; https://github.com/IoT-gamer/pico-ble-secure
+    pico-ble-secure
+    pico-ble-notify

examples/ClearBondingTest/src/main.cpp

@@ -0,0 +1,148 @@
+#include <Arduino.h>
+#include <BTstackLib.h>
+#include <BLESecure.h>
+#include "ble/le_device_db.h" // required for le_device_db_dump
+
+// Configuration
+const char* DEVICE_NAME = "BondClearTestPico";
+const BLESecurityLevel SECURITY_LEVEL = SECURITY_MEDIUM;
+const io_capability_t IO_CAPABILITY = IO_CAPABILITY_NO_INPUT_NO_OUTPUT;
+
+// Global State
+bool deviceConnected = false;
+BLEDevice* connectedDevicePtr = nullptr;
+
+// Callbacks
+void bleDeviceConnectedCallback(BLEStatus status, BLEDevice* device) {
+    if (status == BLE_STATUS_OK) {
+        Serial.println("Device connected!");
+        digitalWrite(LED_BUILTIN, HIGH);
+        deviceConnected = true;
+        connectedDevicePtr = device;
+    } else {
+        Serial.print("Connection failed, status: ");
+        Serial.println(status);
+        digitalWrite(LED_BUILTIN, LOW);
+    }
+}
+
+void bleDeviceDisconnectedCallback(BLEDevice* device) {
+    Serial.println("Device disconnected!");
+    digitalWrite(LED_BUILTIN, LOW);
+    deviceConnected = false;
+    connectedDevicePtr = nullptr;
+    // Only restart advertising if we are not in the middle of a BOOTSEL reset
+    // The BOOTSEL logic will handle restarting advertising.
+    if (!BOOTSEL) { // Assuming BOOTSEL is low when not pressed after initial check
+         Serial.println("Restarting advertising after normal disconnect.");
+         BTstack.startAdvertising();
+    }
+}
+
+void onPairingStatusCallback(BLEPairingStatus status, BLEDevice* device) {
+    Serial.print("Pairing Status: ");
+    switch (status) {
+        case PAIRING_IDLE: Serial.println("IDLE"); break;
+        case PAIRING_STARTED: Serial.println("STARTED"); break;
+        case PAIRING_COMPLETE: 
+            Serial.println("COMPLETE - Device Bonded/Re-encrypted.");
+            Serial.println("LE Device DB Dump after pairing/re-encryption:");
+            le_device_db_dump(); // See what's in the DB now
+            break;
+        case PAIRING_FAILED: Serial.println("FAILED"); break;
+        default: Serial.println("UNKNOWN"); break;
+    }
+}
+
+void setup() {
+    Serial.begin(115200);
+    // Wait for serial, with timeout, but not indefinitely
+    // unsigned long setupStartTime = millis();
+    // while (!Serial && (millis() - setupStartTime < 3000)) {
+    //     delay(100);
+    // }
+    while (!Serial) delay(10); // Wait for serial to be ready
+    delay(100); // Give some time for the serial to stabilize
+    Serial.println();
+    Serial.println("BLESecure ClearBondingTest Example (with LTK Reconstruction Toggle)");
+
+    pinMode(LED_BUILTIN, OUTPUT);
+    digitalWrite(LED_BUILTIN, LOW);
+
+    BTstack.setup(DEVICE_NAME); // Initializes BTstack, HCI, L2CAP, SM, GATT client/server
+
+    // Initial BLESecure configuration for normal operation
+    BLESecure.begin(IO_CAPABILITY);
+    BLESecure.setSecurityLevel(SECURITY_LEVEL, true); // Enable bonding
+    BLESecure.requestPairingOnConnect(true);      
+    BLESecure.allowReconnectionWithoutDatabaseEntry(true); // Default: allow LTK reconstruction
+
+    BLESecure.setBLEDeviceConnectedCallback(bleDeviceConnectedCallback);
+    BLESecure.setBLEDeviceDisconnectedCallback(bleDeviceDisconnectedCallback);
+    BLESecure.setPairingStatusCallback(onPairingStatusCallback);
+
+    BTstack.startAdvertising();
+    Serial.println("Advertising started. Waiting for connections...");
+    Serial.println("Press and HOLD BOOTSEL button to clear all bondings and disable LTK reconstruction for next pairing.");
+}
+
+void loop() {
+    BTstack.loop();
+
+    static bool bootsel_action_taken = false;
+    static unsigned long bootsel_press_start_time = 0;
+    const unsigned long BOOTSEL_HOLD_DURATION_MS = 500; 
+
+    if (BOOTSEL) { 
+        if (bootsel_press_start_time == 0) { 
+            bootsel_press_start_time = millis();
+        } else if (!bootsel_action_taken && (millis() - bootsel_press_start_time >= BOOTSEL_HOLD_DURATION_MS)) {
+            Serial.println("BOOTSEL button held - triggering bond clear action!");
+            
+            if (deviceConnected && connectedDevicePtr) {
+                Serial.println("Disconnecting current device...");
+                BTstack.bleDisconnect(connectedDevicePtr);
+                // Give BTstack time to process disconnection
+                for(int i=0; i<100; ++i) { BTstack.loop(); delay(10); } 
+            }
+
+            Serial.println("Attempting to clear all BLE bondings (e.g., flash erase)...");
+            BLESecure.clearAllBondings(); // This is your v6 from Canvas (attempts flash erase)
+
+            Serial.println("BOOTSEL: Temporarily DISALLOWING LTK reconstruction for next pairing attempt.");
+            BLESecure.allowReconnectionWithoutDatabaseEntry(false); // *** KEY STEP ***
+
+            // Re-initialize BLESecure's SM settings after clearing and changing LTK policy
+            Serial.println("BOOTSEL: Re-applying Security Manager settings.");
+            BLESecure.begin(IO_CAPABILITY); 
+            BLESecure.setSecurityLevel(SECURITY_LEVEL, true); 
+            BLESecure.requestPairingOnConnect(true); 
+            // At this point, LTK reconstruction is still false.
+            // It will be set back to true only after a successful new pairing,
+            // or upon next full device reset/setup.
+
+            Serial.println("BOOTSEL: Restarting advertising...");
+            BTstack.startAdvertising();
+            
+            bootsel_action_taken = true; 
+            Serial.println("Action complete. Release BOOTSEL. Pico is ready for a fresh pairing.");
+        }
+    } else { 
+        if (bootsel_press_start_time != 0) { // If it was pressed
+             Serial.println("BOOTSEL button released.");
+        }
+        bootsel_press_start_time = 0; 
+        bootsel_action_taken = false; 
+    }
+
+    static unsigned long lastBlinkTime = 0;
+    if (!deviceConnected && (millis() - lastBlinkTime > 1000)) {
+        digitalWrite(LED_BUILTIN, !digitalRead(LED_BUILTIN));
+        lastBlinkTime = millis();
+    }
+    if(deviceConnected) {
+      digitalWrite(LED_BUILTIN, HIGH);
+    }
+
+    delay(10); 
+}

examples/ClearBondingTest/test/README

@@ -0,0 +1,11 @@
+
+This directory is intended for PlatformIO Test Runner and project tests.
+
+Unit Testing is a software testing method by which individual units of
+source code, sets of one or more MCU program modules together with associated
+control data, usage procedures, and operating procedures, are tested to
+determine whether they are fit for use. Unit testing finds problems early
+in the development cycle.
+
+More information about PlatformIO Unit Testing:
+- https://docs.platformio.org/en/latest/advanced/unit-testing/index.html

library.json

@@ -42,6 +42,13 @@
         "files": [
           "src/main.cpp"
         ]
+      },
+      {
+        "name": "ClearBondingTest",
+        "base": "examples/ClearBondingTest",
+        "files": [
+          "src/main.cpp"
+        ]
       }
     ],
     "export": {
@@ -60,10 +67,16 @@
           "examples/SecurePairingHighSC/logs/",
           "examples/SecurePairingMedium/.pio",
           "examples/SecurePairingMedium/.vscode/.browse.c_cpp.db*",
-          "examples/SecurePairingMedium.vscode/c_cpp_properties.json",
+          "examples/SecurePairingMedium/.vscode/c_cpp_properties.json",
           "examples/SecurePairingMedium/.vscode/launch.json",
           "examples/SecurePairingMedium/.vscode/ipch",
           "examples/SecurePairingMedium/logs/",
+          "examples/ClearBondingTest/.pio",
+          "examples/ClearBondingTest/.vscode/.browse.c_cpp.db*",
+          "examples/ClearBondingTest/.vscode/c_cpp_properties.json",
+          "examples/ClearBondingTest/.vscode/launch.json",
+          "examples/ClearBondingTest/.vscode/ipch",
+          "examples/ClearBondingTest/logs/",
           ".git",
           ".github",
           "*.sh",