SecurityManager.h

/* mbed Microcontroller Library
 * Copyright (c) 2006-2020 ARM Limited
 *
 * SPDX-License-Identifier: Apache-2.0
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
 
#ifndef BLE_SECURITY_MANAGER_H_
#define BLE_SECURITY_MANAGER_H_
 
#include <cstdint>
 
#include "ble/common/BLETypes.h"
#include "ble/common/blecommon.h"
#include "ble/common/CallChainOfFunctionPointersWithContext.h"
 
namespace ble {
 
#if !defined(DOXYGEN_ONLY)
namespace impl {
class SecurityManager;
}
#endif // !defined(DOXYGEN_ONLY)
 
/**
 * Overview
 *
 * Security Manager is used to provide link security through encryption, signing and authentication
 * which are made possible by pairing and optionally bonding. Pairing is the process of establishing
 * and/or exchanging keys used for the current connection. Bonding means saving this information so that
 * it can later be used after reconnecting without having to pair again. This saves time and power.
 *
 * @par Paring
 *
 * There are several ways to provide different levels of security during pairing depending on your requirements
 * and the facilities provided by the application. The process starts with initialising the SecurityManager
 * with default options for new connections. Some settings can later be changed per link or globally.
 *
 * The important settings in the init() function are the MITM requirement and IO capabilities. Man in the
 * Middle (MITM) protection prevents an attack where one device can impersonate another device by
 * pairing with both devices at the same time. This protection is achieved by sharing some information
 * between the devices through some independent channel. The IO capabilities of both devices dictate
 * what algorithm is used. For details @see BLUETOOTH SPECIFICATION Version 5.0 | Vol 3, Part H - 2.3.5.1.
 * You can change the IO capabilities after initialisation with setIoCapability(). This will take effect
 * for all subsequent pairings.
 *
 * @par Out of Band data used in pairing
 *
 * Sharing this information through IO capabilities means user interaction which limits the degree of
 * protection due to the limit of the amount of data that we can expect the user to transfer. Another
 * solution is using OOB (out of band) communication to transfer this data instead which can send much
 * more data making MITM attack even less likely to succeed. OOB data has to be exchanged by the application
 * and provided to the Security Manager. Use setOOBDataUsage() to indicate you want to use it. The same call also
 * allows you to set whether or not the communication channel you are using to transmit the OOB data is
 * itself secure against MITM protection - this will set the level of the link security achieved using pairing
 * that uses this data.
 *
 * The most secure pairing is provided by Secure Connections which relies on Elliptical Curve Cryptography.
 * Support for Secure Connections is dependent on both the stack and controller on both sides supporting
 * it. If either side doesn't support it Legacy Pairing will be used. This is an older standard of pairing.
 * If higher security is required legacy pairing can be disabled by calling allowLegacyPairing(false);
 *
 * @par Signing
 *
 * Applications may require a level of security providing confidence that data transfers are coming
 * from a trusted source. This can be achieved by encrypting the link which also provides added confidentiality.
 * Encryption is a good choice when a device stays connected but introduces latency due to the need of encrypting the
 * link if the device only connects periodically to transfer data. If confidentiality is not required data GATT
 * server may allow writes to happen over an unencrypted link but authenticated by a signature present in each packet.
 * This signature relies on having sent a signing key to the peer during pairing prior to sending any signed packets.
 *
 * @par Persistence of Security information
 *
 * Security Manager stores all the data required for its operation on active links. Depending on resources
 * available on the device it will also attempt to store data for disconnected devices which have bonded to be
 * reused when reconnected.
 *
 * If the application has initialised a filesystem and the Security Manager has been provided with a
 * filepath during the init() call it may also provide data persistence across resets. This must be enabled by
 * calling preserveBondingStateOnReset(). Persistence is not guaranteed and may fail if abnormally terminated.
 * The Security Manager may also fall back to a non-persistent implementation if the resources are too limited.
 *
 * @par How to use
 *
 * First thing you need to do is to initialise the manager by calling init() with your chosen settings.
 *
 * The SecurityManager communicates with your application through events. These will trigger calls in
 * the EventHandler which you must provide by calling the setSecurityManagerEventHandler() function.
 *
 * The most important process is pairing. This may be triggered manually by calling requestPairing() or
 * may be called as a result of the application requiring encryption by calling setLinkEncryption() or
 * as a result of the application requiring MITM protection through requestAuthentication().
 *
 * All these can be implicitly called by using setLinkSecurity() to conveniently set the required
 * security for the link. The SecurityManager will trigger all the process required to achieve the set
 * security level. Security level can only be escalated. Asking the Security Manager for a lower
 * security level than the existing one will not fail but will result in a event informing the
 * application through linkEncryptionResult() of the current level (which remains unchanged).
 *
 * Depending on the IO capabilities and OOB usage settings different pairing algorithms will be chosen.
 * They will produce appropriate events which must be handled by your EventHandler. If your event handler
 * doesn't support all the calls you must not set IO capabilities or set OOB usage in such a way that would
 * trigger them or else the pairing will fail (usually by timing out).
 *
 * The simplest example is a pairing of a device with no IO capabilities and no OOB data available.
 * With such limited pairing capabilities the "just works" method will be employed. This does not provide
 * any MITM protection. The pairing (triggered implicitly or called explicitly) will result in an event
 * being generated on the peer calling pairingRequest(). The event handler must make a decision (either in
 * the application itself or based on user interaction) whether to accept the pairing and call
 * accetPairing() or cancelPairing(). The result will be communicated on both peers through an event calling
 * pairingResult() in the EventHandler.
 *
 * @par Sequence diagrams
 *
 * Sequence diagram "Just Works" pairing
 *
 * \verbatim
 *  /-------- Device 1 ---------\  *----- BLE link -----*  /----------- Device 2-----------\
 *
 * App  EventHandler      SecurityManager            SecurityManager    EventHandler      App
 *  |        |                  |                          |                 |             |
 *  |-------------------> requestPairing()                 |                 |             |
 *  |        |                  |-----[pairing start]----->|                 |             |
 *  |        |                  |                          |---------> pairingRequest() -->|
 *  |        |                  |                   acceptPairing() <--------------------- |
 *  |        |                  |<--[pairing complete]---->|                 |             |
 *  |<- pairingResult() <-------|                          |---------> pairingResult() --->|
 *  |        |                  |                          |                 |             |
 * @endverbatim
 *
 *  @note the requestPairing() call isn't required to trigger pairing. Pairing will also be triggered
 *  if you request encryption and authentication and no bonding information is available. The sequence will
 *  be the same save for the lack of explicit requestPairing() call.
 *
 *
 *  Sequence diagram Encryption request when bonding information is available
 *
 * \verbatim
 *  /--------- Device 1 ---------\  *------ BLE link ------*  /--------- Device 2 ---------\
 *
 * App  EventHandler       SecurityManager              SecurityManager   EventHandler    App
 *  |       |                    |                            |                |           |
 *  |--------------------> setLinkEncryption()                |                |           |
 *  |       |                    |<-[encryption established]->|                |           |
 *  |<- linkEncryptionResult() <-|                            |-> linkEncryptionResult() ->|
 *  |       |                    |                            |                |           |
 * @endverbatim
 *
 * @note if bonding information is not available, pairing will be triggered
 *
 *
 * Sequence diagram for Secure Connections passkey entry pairing with one device having a display only
 * and other a keyboard
 *
 * \verbatim
 *  /---- Device 1 (keyboard) ---\  *------ BLE link ------*  /----- Device 2 (display) ---\
 *
 * App  EventHandler       SecurityManager              SecurityManager  EventHandler     App
 *  |       |                    |                            |               |            |
 *  |--------------------> requestPairing()                   |               |            |
 *  |        |                   |------[pairing start]------>|               |            |
 *  |        |                   |                            |-------> pairingRequest() ->|
 *  |        |                   |                        acceptPairing() <--------------- |
 *  |        |                   |<---[secure con. pairing]-->|               |            |
 *  |<- passkeyRequest() <-------|                            |-------> passkeyDisplay() ->|
 *  |        |                   |                            |               |            |
 *
 *                  user reads the passkey on Device 2 and inputs it on Device 1
 *
 *  |        |                   |                            |               |            |
 *  |------------------->passkeyEntered()                     |               |            |
 *  |        |                   |<---[pairing complete]----->|               |            |
 *  |<- pairingResult() <--------|                            |-------> pairingResult() -->|
 *  |        |                   |                            |               |            |
 * @endverbatim
 *
 */
class SecurityManager
{
public:
    /** level of security required from the link by the application */
    enum SecurityMode_t {
        SECURITY_MODE_NO_ACCESS,
        SECURITY_MODE_ENCRYPTION_OPEN_LINK, /**< Require no protection, open link. */
        SECURITY_MODE_ENCRYPTION_NO_MITM,   /**< Require encryption, but no MITM protection. */
        SECURITY_MODE_ENCRYPTION_WITH_MITM, /**< Require encryption and MITM protection. */
        SECURITY_MODE_SIGNED_NO_MITM,       /**< Require signing or encryption, but no MITM protection. */
        SECURITY_MODE_SIGNED_WITH_MITM,     /**< Require signing or encryption, and MITM protection. */
    };
 
    /** Input/output capability of the device and application */
    enum SecurityIOCapabilities_t {
        IO_CAPS_DISPLAY_ONLY = 0x00,     /**< Display only. */
        IO_CAPS_DISPLAY_YESNO = 0x01,    /**< Display and yes/no entry. */
        IO_CAPS_KEYBOARD_ONLY = 0x02,    /**< Keyboard only. */
        IO_CAPS_NONE = 0x03,             /**< No I/O capabilities. */
        IO_CAPS_KEYBOARD_DISPLAY = 0x04, /**< Keyboard and display. */
    };
 
    /** Result of security requests */
    enum SecurityCompletionStatus_t {
        SEC_STATUS_SUCCESS              = 0x00,  /**< Procedure completed with success. */
        SEC_STATUS_TIMEOUT              = 0x01,  /**< Procedure timed out. */
        SEC_STATUS_PDU_INVALID          = 0x02,  /**< Invalid PDU received. */
        SEC_STATUS_PASSKEY_ENTRY_FAILED = 0x81,  /**< Passkey entry failed (user cancelled or other). */
        SEC_STATUS_OOB_NOT_AVAILABLE    = 0x82,  /**< Out of Band Key not available. */
        SEC_STATUS_AUTH_REQ             = 0x83,  /**< Authentication requirements not met. */
        SEC_STATUS_CONFIRM_VALUE        = 0x84,  /**< Confirm value failed. */
        SEC_STATUS_PAIRING_NOT_SUPP     = 0x85,  /**< Pairing not supported.  */
        SEC_STATUS_ENC_KEY_SIZE         = 0x86,  /**< Encryption key size. */
        SEC_STATUS_SMP_CMD_UNSUPPORTED  = 0x87,  /**< Unsupported SMP command. */
        SEC_STATUS_UNSPECIFIED          = 0x88,  /**< Unspecified reason. */
        SEC_STATUS_REPEATED_ATTEMPTS    = 0x89,  /**< Too little time elapsed since last attempt. */
        SEC_STATUS_INVALID_PARAMS       = 0x8A,  /**< Invalid parameters. */
        SEC_STATUS_DHKEY_CHECK_FAILED   = 0x8B,  /**< DHKey received doesn’t match locally calculated one. */
        SEC_STATUS_COMPARISON_FAILED    = 0x8C,  /**< Values in the numeric comparison protocol do not match. */
    };
 
    /**
     * Declaration of type containing a passkey to be used during pairing. This
     * is passed into initializeSecurity() to specify a pre-programmed passkey
     * for authentication instead of generating a random one.
     */
    static const unsigned PASSKEY_LEN = 6;
    typedef uint8_t Passkey_t[PASSKEY_LEN]; /**< 6-digit passkey in ASCII ('0'-'9' digits only). */
 
    typedef FunctionPointerWithContext<const SecurityManager *> SecurityManagerShutdownCallback_t;
    typedef CallChainOfFunctionPointersWithContext<const SecurityManager *> SecurityManagerShutdownCallbackChain_t;
 
    /** The stack will use these functions to signal events to the application,
     *  subclass to override handlers. Use SecurityManager::setSecurityManagerEventHandler
     *  to set the interface implementation to be used. */
    class EventHandler {
    public:
        ////////////////////////////////////////////////////////////////////////////
        // Pairing
        //
 
#if BLE_ROLE_PERIPHERAL
        /**
         * Called when a pairing request is received. Application should respond by
         * calling the appropriate function: acceptPairingRequest() or cancelPairingRequest().
         * This event will only trigger if setPairingRequestAuthorisation() was called with true.
         * Otherwise the stack will handle the requests.
         *
         * @param[in] connectionHandle connection connectionHandle
         *
         * @see requestPairing()
         * @see requestAuthentication()
         * @see setLinkEncryption()
         * @see setPairingRequestAuthorisation()
         */
        virtual void pairingRequest(ble::connection_handle_t connectionHandle) {
            (void)connectionHandle;
        }
#endif // BLE_ROLE_PERIPHERAL
 
        /**
         * Indicate to the application that pairing has completed.
         *
         * @param[in] connectionHandle connection connectionHandle
         * @param[in] result result of the pairing indicating success or reason for failure
         *
         * @see acceptPairingRequest()
         * @see requestPairing()
         */
        virtual void pairingResult(ble::connection_handle_t connectionHandle, SecurityCompletionStatus_t result) {
            (void)connectionHandle;
            (void)result;
        }
 
        /**
         * Indicate that a peer address has been saved by the security manager or if we are
         * bonded to the peer the identity has been retrieved from the database on connection.
         *
         * @param[in] connectionHandle Connection handle.
         * @param[in] peer_address Peer address that has been saved by the security database, NULL it not found.
         * @param[in] address_is_public Address type, true if public. Invalid if peer_address NULL.
         *
         * @see getPeerIdentity()
         */
        virtual void peerIdentity(ble::connection_handle_t connectionHandle,
                                  const address_t *peer_address,
                                  bool address_is_public) {
            (void)connectionHandle;
            (void)peer_address;
            (void)address_is_public;
        }
 
        ////////////////////////////////////////////////////////////////////////////
        // Security
        //
 
        /**
         * Deliver the requested whitelist to the application.
         *
         * @param[in] whitelist pointer to the whitelist filled with entries based on bonding information
         *
         * @see generateWhitelistFromBondTable()
         */
        virtual void whitelistFromBondTable(::ble::whitelist_t* whitelist) {
            (void)whitelist;
        }
 
        ////////////////////////////////////////////////////////////////////////////
        // Encryption
        //
 
        /**
         * Triggered by change of encryption state on a link. This change can be initiated
         * locally or by the remote peer.
         *
         * @param[in] connectionHandle connection connectionHandle
         * @param[in] result encryption state of the link
         *
         * @see requestAuthentication()
         * @see setLinkEncryption()
         */
        virtual void linkEncryptionResult(ble::connection_handle_t connectionHandle, ble::link_encryption_t result) {
            (void)connectionHandle;
            (void)result;
        }
 
        ////////////////////////////////////////////////////////////////////////////
        // MITM
        //
 
        /**
         * Triggered during pairing based on IO capabilities of devices. Display the given
         * passkey on the local device for user verification.
         *
         * @param[in] connectionHandle connection connectionHandle
         * @param[in] passkey 6 digit passkey to be displayed
         *
         * @see init()
         * @see setIoCapability()
         */
#if BLE_PASSKEY_DISPLAY_REVERSED_DIGITS_DEPRECATION
        MBED_DEPRECATED_SINCE("mbed-os-6.8.0", "This returns the passkey in reverse order. Please set the config option ble.ble-passkey-display-reversed-digits-deprecation in your mbed_app.json override section to false. This will then return the passkey in the correct order.")
#endif // BLE_PASSKEY_DISPLAY_REVERSED_DIGITS_DEPRECATION
        virtual void passkeyDisplay(ble::connection_handle_t connectionHandle, const Passkey_t passkey) {
            (void)connectionHandle;
            (void)passkey;
        }
 
#if BLE_FEATURE_SECURE_CONNECTIONS
        /**
         * Indicate to the application that a confirmation is required. This is used
         * when the device does not have a keyboard but has a yes/no button. The device
         * displays numbers on its display in response to passkeyDisplay and the user
         * checks if they are the same on both devices. The application should proceed
         * by supplying the confirmation using the confirmationEntered function.
         *
         * @param[in] connectionHandle connection connectionHandle
         *
         * @see init()
         * @see setIoCapability()
         * @see confirmationEntered()
         */
        virtual void confirmationRequest(ble::connection_handle_t connectionHandle) {
            (void)connectionHandle;
        }
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
        /**
         * Indicate to the application that a passkey is required. The application should
         * proceed by supplying the passkey through the passkeyEntered function.
         *
         * @param[in] connectionHandle connection connectionHandle
         *
         * @see init()
         * @see setIoCapability()
         * @see passkeyEntered()
         */
        virtual void passkeyRequest(ble::connection_handle_t connectionHandle) {
            (void)connectionHandle;
        }
 
#if BLE_FEATURE_SECURE_CONNECTIONS
        /**
         * Notify the application that a key was pressed by the peer during passkey entry.
         * This is only informative to provide feedback to the user. These events will only
         * be triggered if you call setKeypressNotification()
         *
         * @param[in] connectionHandle connection connectionHandle
         * @param[in] keypress type of keypress event
         *
         * @see setKeypressNotification()
         */
        virtual void keypressNotification(ble::connection_handle_t connectionHandle, ble::Keypress_t keypress) {
            (void)connectionHandle;
            (void)keypress;
        }
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
        /**
         * Indicate to the application it needs to return legacy pairing OOB to the stack
         * using legacyPairingOobReceived().
         *
         * @param[in] connectionHandle connection connectionHandle
         *
         * @see legacyPairingOobReceived()
         */
        virtual void legacyPairingOobRequest(ble::connection_handle_t connectionHandle) {
            (void)connectionHandle;
        }
 
        /**
         * Indicate that the application needs to send legacy pairing OOB data to the peer through
         * another communication channel.
         *
         * @param[in] address address that will be used in the pairing
         * @param[in] temporaryKey temporary key to be used in legacy pairing
         */
        virtual void legacyPairingOobGenerated(const ble::address_t *address,
                                               const ble::oob_tk_t *temporaryKey) {
            (void)address;
            (void)temporaryKey;
        }
 
        /**
         * Indicate that the application needs to send secure connections OOB data to the peer.
         *
         * @param[in] address address that will be used in the pairing
         * @param[in] random random number used to generate the confirmation
         * @param[in] confirm confirmation value to be use for authentication
         *                    in secure connections pairing
         *
         * @see generateOOB()
         */
        virtual void oobGenerated(const ble::address_t *address,
                                  const ble::oob_lesc_value_t *random,
                                  const ble::oob_confirm_t *confirm) {
            (void)address;
            (void)random;
            (void)confirm;
        }
 
        ////////////////////////////////////////////////////////////////////////////
        // Keys
        //
 
#if BLE_FEATURE_SIGNING
        /**
         * Deliver the signing key to the application.
         *
         * @param[in] connectionHandle connection connectionHandle
         * @param[in] csrk signing key, pointer only valid during call
         * @param[in] authenticated indicates if the signing key is authenticated
         *
         * @see getSigningKey()
         */
        virtual void signingKey(ble::connection_handle_t connectionHandle, const ble::csrk_t *csrk, bool authenticated) {
            (void)connectionHandle;
            (void)csrk;
            (void)authenticated;
        }
#endif // BLE_FEATURE_SIGNING
 
        /**
         * Prevent polymorphic deletion and avoid unnecessary virtual destructor
         * as the SecurityManager class will never delete the instance it contains.
         */
        ~EventHandler() = default;
    };
 
    /*
     * The following functions are meant to be overridden in the platform-specific sub-class.
     */
public:
    ////////////////////////////////////////////////////////////////////////////
    // SM lifecycle management
    //
 
    /**
     * Enable the BLE stack's Security Manager. The Security Manager implements
     * the actual cryptographic algorithms and protocol exchanges that allow two
     * devices to securely exchange data and privately detect each other.
     * Calling this API is a prerequisite for encryption and pairing (bonding).
     *
     * @param[in]  enableBonding Allow for bonding.
     * @param[in]  requireMITM   Require protection for man-in-the-middle attacks.
     * @param[in]  iocaps        To specify the I/O capabilities of this peripheral,
     *                           such as availability of a display or keyboard, to
     *                           support out-of-band exchanges of security data.
     * @param[in]  passkey       To specify a static passkey.
     * @param[in]  signing       Generate and distribute signing key during pairing
     * @param[in]  dbFilepath    Path to the file used to store keys in the filesystem,
     *                           if NULL keys will be only stored in memory
     *
     *
     * @return BLE_ERROR_NONE on success.
     */
    ble_error_t init(
        bool                     enableBonding = true,
        bool                     requireMITM   = true,
        SecurityIOCapabilities_t iocaps        = IO_CAPS_NONE,
        const Passkey_t          passkey       = nullptr,
        bool                     signing       = true,
        const char              *dbFilepath    = nullptr
    );
 
    /**
     * Change the file used for the security database. If path is invalid or a NULL is passed
     * keys will only be stored in memory.
     *
     * @note This operation is only allowed with no active connections.
     *
     * @param[in]  dbFilepath    Path to the file used to store keys in the filesystem,
     *                           if NULL keys will be only stored in memory
     *
     * @return BLE_ERROR_NONE on success.
     */
    ble_error_t setDatabaseFilepath(const char *dbFilepath = nullptr);
 
    /**
     * Notify all registered onShutdown callbacks that the SecurityManager is
     * about to be shutdown and clear all SecurityManager state of the
     * associated object.
     *
     * This function is meant to be overridden in the platform-specific
     * sub-class. Nevertheless, the sub-class is only expected to reset its
     * state and not the data held in SecurityManager members. This shall be
     * achieved by a call to SecurityManager::reset() from the sub-class'
     * reset() implementation.
     *
     * @return BLE_ERROR_NONE on success.
     */
    ble_error_t reset();
 
    /**
     * Normally all bonding information is lost when device is reset, this requests that the stack
     * attempts to save the information and reload it during initialisation. This is not guaranteed.
     *
     * @note This option is itself saved together with bonding data. When data is read after reset,
     * the state of this option decides if data should be restored. If this option has not been saved
     * the data will not be restored even if partial data is present.
     *
     * @param[in] enable if true the stack will attempt to preserve bonding information on reset.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t preserveBondingStateOnReset(bool enable);
 
    /**
     * Some or all of bonding information may be stored in memory while in use. This will write
     * bonding data to persistent storage. This will have no effect if no persistent storage is enabled.
     *
     * @note This implicitly also calls preserveBondingStateOnReset(true) inside.
     *
     * @note Depending on the driver used to implement the storage solution used this may be a disruptive
     * operation and may cause active connections to drop due to failed processing deadlines.
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t writeBondingStateToPersistentStorage();
 
    ////////////////////////////////////////////////////////////////////////////
    // List management
    //
 
    /**
     * Delete all peer device context and all related bonding information from
     * the database within the security manager.
     *
     * @retval BLE_ERROR_NONE             On success, else an error code indicating reason for failure.
     * @retval BLE_ERROR_INVALID_STATE    If the API is called without module initialization or
     *                                    application registration.
     */
    ble_error_t purgeAllBondingState();
 
    /**
     * Create a list of addresses from all peers in the bond table and generate
     * an event which returns it as a whitelist. Pass in the container for the whitelist.
     * This will be returned by the event.
     *
     * @param[in] whitelist Preallocated whitelist which will be filled up to its capacity.
     *                      If whitelist already contains entries this will be appended to.
     *                      Do not access the whitelist until callback has been called,
     *                      returning the filled whitelist.
     *
     * @retval BLE_ERROR_NONE On success, else an error code indicating reason for failure
     */
    ble_error_t generateWhitelistFromBondTable(::ble::whitelist_t *whitelist) const;
 
    ////////////////////////////////////////////////////////////////////////////
    // Pairing
    //
 
#if BLE_ROLE_CENTRAL
    /**
     * Request pairing with the peer. Called by the master.
     * @note Slave can call requestAuthentication or setLinkEncryption to achieve security.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::pairingResult()
     */
    ble_error_t requestPairing(ble::connection_handle_t connectionHandle);
#endif // BLE_ROLE_CENTRAL
 
#if BLE_ROLE_PERIPHERAL
    /**
     * Accept the pairing request. Called as a result of pairingRequest being called
     * on the event handler.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::pairingRequest()
     */
    ble_error_t acceptPairingRequest(ble::connection_handle_t connectionHandle);
#endif // BLE_ROLE_PERIPHERAL
 
    /**
     * Reject pairing request if the local device is the slave or cancel an outstanding
     * pairing request if master.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::pairingRequest()
     */
    ble_error_t cancelPairingRequest(ble::connection_handle_t connectionHandle);
 
    /**
     * Tell the stack whether the application needs to authorise pairing requests or should
     * they be automatically accepted.
     *
     * @param[in] required If set to true, pairingRequest in the event handler will
     *                     will be called and will require an action from the application
     *                     to continue with pairing by calling acceptPairingRequest
     *                     or cancelPairingRequest if the user wishes to reject it.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::pairingRequest()
     * @see EventHandler::acceptPairingRequest()
     * @see EventHandler::cancelPairingRequest()
     */
    ble_error_t setPairingRequestAuthorisation(bool required = true);
 
    /**
     * Retrieve identity address for the peer on the given connection.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::peerIdentity()
     */
    ble_error_t getPeerIdentity(ble::connection_handle_t connectionHandle);
 
    ////////////////////////////////////////////////////////////////////////////
    // Feature support
    //
 
#if BLE_FEATURE_SECURE_CONNECTIONS
    /**
     * Allow or disallow the use of legacy pairing in case the application only wants
     * to force the use of Secure Connections. If legacy pairing is disallowed and either
     * side doesn't support Secure Connections the pairing will fail.
     *
     * @param[out] allow If true legacy pairing will be used if either side doesn't support Secure Connections.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t allowLegacyPairing(bool allow = true);
 
    /**
     * Check if the Secure Connections feature is supported by the stack and controller.
     *
     * @param[out] enabled true if SC are supported
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t getSecureConnectionsSupport(bool *enabled);
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
    ////////////////////////////////////////////////////////////////////////////
    // Security settings
    //
 
    /**
     * Set the IO capability of the local device.
     *
     * @param[in] iocaps type of IO capabilities available on the local device
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setIoCapability(SecurityIOCapabilities_t iocaps);
 
    /**
     * Set the passkey that is displayed on the local device instead of using
     * a randomly generated one. This will be used during pairing
     *
     * @param[in] passkey ASCII string of 6 digits
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::passkeyRequest() - this will be called on the peer which will have
     * to use passkeyEntered() to send this passkey back to us.
     */
    ble_error_t setDisplayPasskey(const Passkey_t passkey);
 
    /**
     * Set the security mode on a connection. Useful for elevating the security mode
     * once certain conditions are met, e.g., a particular service is found.
     * This call is a request for the stack to take appropriate action and may result
     * in (re)pairing or encryption. Wait for events in your registered EventHandler.
     *
     * @param[in]  connectionHandle   Handle to identify the connection.
     * @param[in]  securityMode       Requested security mode.
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::linkEncryptionResult()
     * @see EventHandler::pairingResult()
     */
    ble_error_t setLinkSecurity(ble::connection_handle_t connectionHandle, SecurityMode_t securityMode);
 
    /**
     * Set whether or not we want to send and receive keypress notifications
     * during passkey entry.
     *
     * @param[in] enabled if true pairing will try to enable keypress notifications
     * (dependent on other side supporting it)
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setKeypressNotification(bool enabled = true);
 
#if BLE_FEATURE_SIGNING
    /**
     * Request generation and exchange of signing keys so that packet signing can be utilised
     * on this connection.
     * @note This does not generate a signingKey event. Use getSigningKey for that.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] enabled          If set to true, signing keys will be exchanged
     *                             during subsequent pairing.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t enableSigning(ble::connection_handle_t connectionHandle, bool enabled = true);
#endif // BLE_FEATURE_SIGNING
 
    /**
     * Give a hint to the stack that the master/slave role might change in the future.
     *
     * @param[in] enable If set to true it hints the roles are likely to swap in the future.
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setHintFutureRoleReversal(bool enable = true);
 
    ////////////////////////////////////////////////////////////////////////////
    // Encryption
    //
 
    /**
     * Current state of encryption on the link.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[out] encryption
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t getLinkEncryption(ble::connection_handle_t connectionHandle, ble::link_encryption_t *encryption);
 
    /**
     * Enabled or disable encryption on the link. The result of this request will be indicated
     * by a call to linkEncryptionResult in the event handler when the action is completed.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] encryption encryption state requested
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::linkEncryptionResult()
     */
    ble_error_t setLinkEncryption(ble::connection_handle_t connectionHandle, ble::link_encryption_t encryption);
 
    /**
     * Set the requirements for encryption key size. If the peer cannot comply with the requirements
     * paring will fail.
     *
     * @param[in] minimumByteSize Smallest allowed encryption key size in bytes. (no smaller than 7)
     * @param[in] maximumByteSize Largest allowed encryption key size in bytes. (no larger than 16)
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setEncryptionKeyRequirements(uint8_t minimumByteSize, uint8_t maximumByteSize);
 
    /**
     * Get encryption key size for given connection.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[out] size Returns the key size in bits.
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t getEncryptionKeySize(
        connection_handle_t connectionHandle,
        uint8_t *size
    );
 
    ////////////////////////////////////////////////////////////////////////////
    // Authentication
    //
 
    /**
     * Request that the link be authenticated (keys with MITM protection). This might trigger encryption
     * or pairing/re-pairing. The success will be indicated through an event indicating security level change.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::linkEncryptionResult()
     * @see EventHandler::pairingResult()
     */
    ble_error_t requestAuthentication(ble::connection_handle_t connectionHandle);
 
    ////////////////////////////////////////////////////////////////////////////
    // MITM
    //
 
    /**
     * Generate OOB data with the given address. If Secure Connections is supported this will
     * also generate Secure Connections OOB data on top of legacy pairing OOB data. This can be used
     * to generate such data before the connection takes place.
     *
     * In this model the OOB exchange takes place before the devices connect. Devices should establish
     * communication over another channel and exchange the OOB data. The address provided will be used
     * by the peer to associate the received data with the address of the device it will then connect
     * to over BLE.
     *
     * @param[in] address The local address you will use in the connection using this OOB data. This
     *                    address will be returned along with the rest of the OOB data when generation
     *                    is complete. Using an invalid address is illegal.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::oobGenerated()
     */
    ble_error_t generateOOB(const ble::address_t *address);
 
    /**
     * Enable OOB data usage during paring. If Secure Connections is supported enabling useOOB will
     * generate Secure Connections OOB data through oobGenerated() on top of legacy pairing OOB data.
     *
     * You do not have to call this function to return received OOB data. Use legacyPairingOobReceived
     * or oobReceived to hand it in. This will allow the stack to use it if possible. You only need to
     * call this function to attempt legacy OOB data exchange after pairing start and to inform
     * the stack OOB data does not provide MITM protection (by default it is set to provide this).
     *
     * In this model the OOB exchange takes places after the devices have connected but possibly
     * prior to pairing. For secure connections pairing must not be started until after the OOB
     * data has been sent and/or received. The address in the OOB data generated will match
     * the original address used to establish the connection and will be used by the peer to
     * identify which connection the OOB data belongs to.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] useOOB If set to true, authenticate using OOB data.
     * @param[in] OOBProvidesMITM If set to true keys exchanged during pairing using OOB data
     *                            will provide Man-in-the-Middle protection. This indicates that
     *                            the form of exchange used by the OOB data itself provides MITM
     *                            protection.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setOOBDataUsage(ble::connection_handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = true);
 
#if BLE_FEATURE_SECURE_CONNECTIONS
    /**
     * Report to the stack if the passkey matches or not. Used during pairing to provide MITM protection.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] confirmation True value indicates the passkey displayed matches.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::confirmationRequest()
     */
    ble_error_t confirmationEntered(ble::connection_handle_t connectionHandle, bool confirmation);
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
    /**
     * Supply the stack with the user entered passkey.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] passkey ASCII string of digits entered by the user.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::passkeyRequest()
     */
    ble_error_t passkeyEntered(ble::connection_handle_t connectionHandle, Passkey_t passkey);
 
#if BLE_FEATURE_SECURE_CONNECTIONS
    /**
     * Send a notification to the peer that the user pressed a key on the local device.
     * @note This will only be delivered if the keypress notifications have been enabled during pairing.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] keypress Type of keypress event.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::keypressNotification() - this will be trigger on the peer
     */
    ble_error_t sendKeypressNotification(ble::connection_handle_t connectionHandle, ble::Keypress_t keypress);
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
    /**
     * Supply the stack with the OOB data for legacy connections.
     *
     * @param[in] address address of the peer device this data comes from
     * @param[in] tk pointer to out of band data received containing the temporary key.
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see legacyPairingOobRequest
     */
    ble_error_t legacyPairingOobReceived(const ble::address_t *address, const ble::oob_tk_t *tk);
 
#if BLE_FEATURE_SECURE_CONNECTIONS
    /**
     * Supply the stack with the OOB data for secure connections. This data is generated on the peer
     * and is received through another communication channel.
     *
     * @param[in] address address of the peer device this data comes from
     * @param[in] random random number used to generate the confirmation
     * @param[in] confirm confirmation value to be use for authentication
     *                    in secure connections pairing
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t oobReceived(const ble::address_t *address, const ble::oob_lesc_value_t *random, const ble::oob_confirm_t *confirm);
#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
    ////////////////////////////////////////////////////////////////////////////
    // Keys
    //
 
#if BLE_FEATURE_SIGNING
    /**
     * Retrieves a signing key through a signingKey event.
     * If a signing key is not present, pairing/authentication will be attempted.
     * @note This will attempt to retrieve the key even if enableSigning hasn't been called prior to pairing.
     *
     * @param[in] connectionHandle Handle to identify the connection.
     * @param[in] authenticated    Whether the signing key needs to be authenticated
     *                             (provide MITM protection).
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     *
     * @see EventHandler::signingKey()
     */
    ble_error_t getSigningKey(ble::connection_handle_t connectionHandle, bool authenticated);
#endif // BLE_FEATURE_SIGNING
 
    ////////////////////////////////////////////////////////////////////////////
    // Privacy
    //
 
#if BLE_FEATURE_PRIVACY
    /**
     * Sets how often the address is rotated when privacy is enabled.
     *
     * @param[in] timeout_in_seconds How many seconds to wait before starting generation of a new address.
     *
     * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
     */
    ble_error_t setPrivateAddressTimeout(
        uint16_t timeout_in_seconds
    );
#endif // BLE_FEATURE_PRIVACY
 
    /* Event callback handlers. */
public:
    /**
     * Setup a callback to be invoked to notify the user application that the
     * SecurityManager instance is about to shutdown (possibly as a result of a call
     * to BLE::shutdown()).
     *
     * @note  It is possible to chain together multiple onShutdown callbacks
     * (potentially from different modules of an application) to be notified
     * before the SecurityManager is shutdown.
     *
     * @note  It is also possible to set up a callback into a member function of
     * some object.
     *
     * @note It is possible to unregister a callback using onShutdown().detach(callback)
     */
    void onShutdown(const SecurityManagerShutdownCallback_t& callback);
 
    template <typename T>
    void onShutdown(T *objPtr, void (T::*memberPtr)(const SecurityManager *))
    {
        onShutdown({objPtr, memberPtr});
    }
 
    /**
     * Provide access to the callchain of shutdown event callbacks.
     * It is possible to register callbacks using onShutdown().add(callback).
     * It is possible to unregister callbacks using onShutdown().detach(callback).
     *
     * @return The shutdown event callbacks chain
     */
    SecurityManagerShutdownCallbackChain_t& onShutdown();
 
    /**
     * Assign the event handler implementation that will be used by the stack to signal events
     * back to the application.
     *
     * @param[in] handler Event Handler interface implementation.
     */
    void setSecurityManagerEventHandler(EventHandler* handler);
 
public:
#if !defined(DOXYGEN_ONLY)
    /** For backwards compatibility. This enum is now in BLETypes.h
     * @deprecated use the enum in ble namespace */
    typedef ble::Keypress_t Keypress_t;
 
    SecurityManager(impl::SecurityManager* impl) : impl(impl) {}
    SecurityManager(const SecurityManager&) = delete;
    SecurityManager& operator=(const SecurityManager&) = delete;
#endif // !defined(DOXYGEN_ONLY)
 
private:
    impl::SecurityManager *impl;
};
 
} // ble
 
/** @deprecated Use the namespaced ble::SecurityManager instead of the global SecurityManager. */
using ble::SecurityManager;
 
#endif /*BLE_SECURITY_MANAGER_H_*/