5#ifndef ELEC_C7222_BLE_SECURITY_MANAGER_H_
6#define ELEC_C7222_BLE_SECURITY_MANAGER_H_
343 uint32_t numeric_value)
const {}
364 uint8_t status_code)
const {}
371 uint8_t status_code)
const {}
475 bool authorization_required,
476 bool encryption_required)
const;
506 return handlers_.size();
545 void DispatchNumericComparisonRequest(
ConnectionHandle con_handle, uint32_t number)
const;
546 void DispatchPasskeyDisplay(
ConnectionHandle con_handle, uint32_t passkey)
const;
550 uint8_t status_code)
const;
551 void DispatchReencryptionComplete(
ConnectionHandle con_handle, uint8_t status)
const;
558 std::list<const EventHandler*> handlers_{};
559 bool configured_ =
false;
560 bool applied_ =
false;
571 static_cast<uint8_t
>(rhs));
578 static_cast<uint8_t
>(rhs));
585 static_cast<uint8_t
>(rhs));
Disable both copy and move operations.
Definition non_copyable.hpp:75
Manages BLE security configuration and pairing-related events.
Definition security_manager.hpp:100
BleError RequestPairing(ConnectionHandle con_handle)
Initiate pairing as a client or server.
PairingStatus
Pairing outcome classification.
Definition security_manager.hpp:197
@ kUnknown
Unknown or unclassified result.
@ kTimeout
Pairing timed out.
@ kUnsupported
Pairing not supported by peer or stack.
@ kSuccess
Pairing completed successfully.
BleError SetBondable(bool bondable)
Enable or disable bonding.
void AddEventHandler(const EventHandler &handler)
Add an event handler (stored as a pointer).
BleError DispatchBleHciPacket(uint8_t packet_type, const uint8_t *packet, uint16_t size)
Dispatch a raw HCI packet into the security event pipeline.
BleError SetGattClientRequiredSecurityLevel(GattClientSecurityLevel level)
Set required security level for GATT client operations.
bool IsApplied() const
Check whether the configuration has been applied to the platform stack.
Definition security_manager.hpp:464
BleError SetEncryptionKeySizeRange(uint8_t min_key_size, uint8_t max_key_size)
Set minimum and maximum encryption key sizes.
BleError SetSecureConnectionsOnly(bool enabled)
Enable or disable Secure Connections only mode.
bool ValidateConfiguration(bool authentication_required, bool authorization_required, bool encryption_required) const
Validate that the current configuration can satisfy requirements.
GattClientSecurityLevel
Required security level for the BTstack GATT client.
Definition security_manager.hpp:258
@ kLevel0
No required security.
@ kLevel4
Secure Connections authenticated + encrypted.
@ kLevel3
Authorized + authenticated + encrypted link required.
@ kLevel2
Authenticated + encrypted link required.
@ kLevel1
Encrypted link required.
AuthenticationRequirement
Authentication requirement flags.
Definition security_manager.hpp:171
@ kSecureConnections
Require LE Secure Connections.
@ kNone
No additional authentication requirements.
@ kMitmProtection
Require MITM protection.
@ kKeypressNotifications
Enable keypress notifications (SC only).
@ kBonding
Enable bonding (store keys for reconnection).
AuthorizationResult
Authorization decision.
Definition security_manager.hpp:223
@ kGranted
Authorization granted.
@ kDenied
Authorization denied.
size_t GetEventHandlerCount() const
Get the number of registered event handlers.
Definition security_manager.hpp:505
bool RemoveEventHandler(const EventHandler &handler)
Remove an event handler.
IoCapability
Local device IO capabilities used during pairing.
Definition security_manager.hpp:143
@ kKeyboardOnly
Device can only input a passkey.
@ kDisplayYesNo
Device can display and confirm yes/no.
@ kDisplayOnly
Device can only display a passkey.
@ kKeyboardDisplay
Device can both display and input.
@ kNoInputNoOutput
Device has no input and no output.
BleError SetFixedPasskeyDisplay(uint32_t passkey)
Configure fixed passkey for display role.
BleError ConfirmJustWorks(ConnectionHandle con_handle)
Confirm a "Just Works" pairing request.
BleError SetAuthenticationRequirements(AuthenticationRequirement auth)
Set authentication requirement bitfield.
BleError SetAuthorization(ConnectionHandle con_handle, AuthorizationResult result)
Provide an authorization decision for the given connection.
static SecurityManager * GetInstance()
Get the singleton instance.
BleError ClearFixedPasskey()
Clear fixed passkey configuration.
bool RemoveEventHandler(const EventHandler *handler)
Remove an event handler pointer.
void ClearEventHandlers()
Remove all registered event handlers.
bool IsConfigured() const
Check whether security has been explicitly configured by the application.
Definition security_manager.hpp:455
SecurityParameters GetSecurityParameters() const
Get the cached security parameters.
Definition security_manager.hpp:446
BleError ConfirmNumericComparison(ConnectionHandle con_handle, bool accept)
Accept or reject a numeric comparison pairing request.
BleError Configure(const SecurityParameters ¶ms)
Apply a full configuration object at once.
BleError SetIoCapability(IoCapability capability)
Set the local IO capability.
FixedPasskeyRole
Role used for fixed passkey configuration.
Definition security_manager.hpp:237
@ kNone
Fixed passkey not configured.
@ kKeyboard
Device inputs a fixed passkey.
@ kDisplay
Device displays a fixed passkey.
EventId
Security-related event identifiers.
Definition security_manager.hpp:105
@ kReencryptionComplete
Re-encryption complete indication.
@ kPasskeyInput
Passkey input requested (keyboard role).
@ kPairingComplete
Pairing complete indication.
@ kAuthorizationRequest
Authorization request for an authenticated operation.
@ kJustWorksRequest
"Just Works" confirmation requested by the stack.
@ kAuthorizationResult
Authorization decision result.
@ kNumericComparisonRequest
Numeric comparison requested by the stack.
@ kPasskeyDisplay
Passkey display requested (display role).
void AddEventHandler(const EventHandler *handler)
Add an event handler pointer (no ownership).
BleError SetFixedPasskeyKeyboard(uint32_t passkey)
Configure fixed passkey for keyboard role.
BleError ProvidePasskey(ConnectionHandle con_handle, uint32_t passkey)
Provide a passkey for keyboard input role.
Provides a C++ wrapper for the BTstack Generic Access Profile (GAP).
C7222 course abstractions namespace.
Definition ble.hpp:20
uint16_t ConnectionHandle
Definition gap.hpp:23
constexpr uint16_t operator|=(uint16_t &lhs, Attribute::Properties rhs)
Bitwise OR assignment: uint16_t |= Properties.
Definition attribute.hpp:853
constexpr uint16_t operator|(Attribute::Properties lhs, Attribute::Properties rhs)
Bitwise OR for two Properties values.
Definition attribute.hpp:821
BleError
BLE error codes used across HCI/L2CAP/ATT/GATT and BTstack helpers.
Definition ble_error.hpp:19
constexpr uint16_t operator&=(uint16_t &lhs, Attribute::Properties rhs)
Bitwise AND assignment: uint16_t &= Properties.
Definition attribute.hpp:862
std::ostream & operator<<(std::ostream &os, const BleAddress &addr)
constexpr uint16_t operator^=(uint16_t &lhs, Attribute::Properties rhs)
Bitwise XOR assignment: uint16_t ^= Properties.
Definition attribute.hpp:871
constexpr uint16_t operator^(Attribute::Properties lhs, Attribute::Properties rhs)
Bitwise XOR for two Properties values.
Definition attribute.hpp:837
constexpr uint16_t operator&(Attribute::Properties lhs, Attribute::Properties rhs)
Bitwise AND for two Properties values.
Definition attribute.hpp:829
constexpr uint16_t operator~(Attribute::Properties value)
Bitwise NOT for a Properties value.
Definition attribute.hpp:845
Base classes to control copy/move semantics.
Security Manager event callback interface.
Definition security_manager.hpp:331
virtual void OnPasskeyInput(ConnectionHandle connection_handle) const
Called when the stack requests passkey input.
Definition security_manager.hpp:354
virtual void OnAuthorizationResult(ConnectionHandle connection_handle, AuthorizationResult result) const
Called when an authorization decision is available.
Definition security_manager.hpp:382
virtual void OnPasskeyDisplay(ConnectionHandle connection_handle, uint32_t passkey) const
Called when the stack requests passkey display.
Definition security_manager.hpp:349
virtual void OnPairingComplete(ConnectionHandle connection_handle, PairingStatus status, uint8_t status_code) const
Called when pairing completes.
Definition security_manager.hpp:362
virtual void OnAuthorizationRequest(ConnectionHandle connection_handle) const
Called when authorization is required.
Definition security_manager.hpp:376
virtual void OnJustWorksRequest(ConnectionHandle connection_handle) const
Called when "Just Works" confirmation is requested.
Definition security_manager.hpp:336
virtual void OnNumericComparisonRequest(ConnectionHandle connection_handle, uint32_t numeric_value) const
Called when numeric comparison is requested.
Definition security_manager.hpp:342
virtual void OnReencryptionComplete(ConnectionHandle connection_handle, uint8_t status_code) const
Called when re-encryption completes.
Definition security_manager.hpp:370
Cached security configuration parameters.
Definition security_manager.hpp:284
IoCapability io_capability
IO capability used to select pairing method.
Definition security_manager.hpp:288
FixedPasskeyRole fixed_passkey_role
Role used for fixed passkey display/input.
Definition security_manager.hpp:323
bool secure_connections_only
Whether to allow only LE Secure Connections.
Definition security_manager.hpp:308
uint8_t min_encryption_key_size
Minimum encryption key size (7..16).
Definition security_manager.hpp:296
bool bondable
Whether the device is bondable.
Definition security_manager.hpp:304
uint8_t max_encryption_key_size
Maximum encryption key size (7..16).
Definition security_manager.hpp:300
GattClientSecurityLevel gatt_client_required_security_level
Required security level for the GATT client (0 disables).
Definition security_manager.hpp:315
uint32_t fixed_passkey
Fixed passkey configuration (0 disables).
Definition security_manager.hpp:319
AuthenticationRequirement authentication
Authentication requirement bitfield.
Definition security_manager.hpp:292
1.9.8