BLE: Conditional compilation of the security manager

Depends on the role (central or peripheral), signing enabled and secure connection enabled.

Author: pan-

connectivity/FEATURE_BLE/include/ble/SecurityManager.h

@@ -247,6 +247,7 @@ class SecurityManager
         // Pairing
         //
 
+#if BLE_ROLE_PERIPHERAL
         /**
          * Request application to accept or reject pairing. Application should respond by
          * calling the appropriate function: acceptPairingRequest or cancelPairingRequest
@@ -256,6 +257,7 @@ class SecurityManager
         virtual void pairingRequest(ble::connection_handle_t connectionHandle) {
             (void)connectionHandle;
         }
+#endif // BLE_ROLE_PERIPHERAL
 
         /**
          * Indicate to the application that pairing has completed.
@@ -327,6 +329,7 @@ class SecurityManager
             (void)passkey;
         }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
         /**
          * Indicate to the application that a confirmation is required. This is used
          * when the device does not have a keyboard but has a yes/no button. The device
@@ -339,6 +342,7 @@ class SecurityManager
         virtual void confirmationRequest(ble::connection_handle_t connectionHandle) {
             (void)connectionHandle;
         }
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
         /**
          * Indicate to the application that a passkey is required. The application should
@@ -350,6 +354,7 @@ class SecurityManager
             (void)connectionHandle;
         }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
         /**
          * Notify the application that a key was pressed by the peer during passkey entry.
          *
@@ -360,6 +365,7 @@ class SecurityManager
             (void)connectionHandle;
             (void)keypress;
         }
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
         /**
          * Indicate to the application it needs to return legacy pairing OOB to the stack.
@@ -402,6 +408,7 @@ class SecurityManager
         // Keys
         //
 
+#if BLE_FEATURE_SIGNING
         /**
          * Deliver the signing key to the application.
          *
@@ -414,6 +421,8 @@ class SecurityManager
             (void)csrk;
             (void)authenticated;
         }
+#endif // BLE_FEATURE_SIGNING
+
         /**
          * Prevent polymorphic deletion and avoid unnecessary virtual destructor
          * as the SecurityManager class will never delete the instance it contains.
@@ -526,6 +535,7 @@ class SecurityManager
     // Pairing
     //
 
+#if BLE_ROLE_CENTRAL
     /**
      * Request pairing with the peer. Called by the master.
      * @note Slave can call requestAuthentication or setLinkEncryption to achieve security.
@@ -534,7 +544,9 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t requestPairing(ble::connection_handle_t connectionHandle);
+#endif // BLE_ROLE_CENTRAL
 
+#if BLE_ROLE_PERIPHERAL
     /**
      * Accept the pairing request. Called as a result of pairingRequest being called
      * on the event handler.
@@ -543,6 +555,7 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t acceptPairingRequest(ble::connection_handle_t connectionHandle);
+#endif // BLE_ROLE_PERIPHERAL
 
     /**
      * Reject pairing request if the local device is the slave or cancel an outstanding
@@ -577,6 +590,7 @@ class SecurityManager
     // Feature support
     //
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
     /**
      * Allow of disallow the use of legacy pairing in case the application only wants
      * to force the use of Secure Connections. If legacy pairing is disallowed and either
@@ -594,6 +608,7 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t getSecureConnectionsSupport(bool *enabled);
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
     ////////////////////////////////////////////////////////////////////////////
     // Security settings
@@ -766,6 +781,7 @@ class SecurityManager
      */
     ble_error_t setOOBDataUsage(ble::connection_handle_t connectionHandle, bool useOOB, bool OOBProvidesMITM = true);
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
     /**
      * Report to the stack if the passkey matches or not. Used during pairing to provide MITM protection.
      *
@@ -774,6 +790,7 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t confirmationEntered(ble::connection_handle_t connectionHandle, bool confirmation);
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
     /**
      * Supply the stack with the user entered passkey.
@@ -784,6 +801,7 @@ class SecurityManager
      */
     ble_error_t passkeyEntered(ble::connection_handle_t connectionHandle, Passkey_t passkey);
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
     /**
      * Send a notification to the peer that the user pressed a key on the local device.
      * @note This will only be delivered if the keypress notifications have been enabled during pairing.
@@ -793,6 +811,7 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t sendKeypressNotification(ble::connection_handle_t connectionHandle, ble::Keypress_t keypress);
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
     /**
      * Supply the stack with the OOB data for legacy connections.
@@ -803,6 +822,7 @@ class SecurityManager
      */
     ble_error_t legacyPairingOobReceived(const ble::address_t *address, const ble::oob_tk_t *tk);
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
     /**
      * Supply the stack with the OOB data for secure connections.
      *
@@ -813,11 +833,13 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t oobReceived(const ble::address_t *address, const ble::oob_lesc_value_t *random, const ble::oob_confirm_t *confirm);
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
     ////////////////////////////////////////////////////////////////////////////
     // Keys
     //
 
+#if BLE_FEATURE_SIGNING
     /**
      * Retrieves a signing key through a signingKey event.
      * If a signing key is not present, pairing/authentication will be attempted.
@@ -830,6 +852,7 @@ class SecurityManager
      * @return BLE_ERROR_NONE or appropriate error code indicating the failure reason.
      */
     ble_error_t getSigningKey(ble::connection_handle_t connectionHandle, bool authenticated);
+#endif // BLE_FEATURE_SIGNING
 
     ////////////////////////////////////////////////////////////////////////////
     // Privacy

connectivity/FEATURE_BLE/source/SecurityManager.cpp

@@ -57,15 +57,19 @@ ble_error_t SecurityManager::generateWhitelistFromBondTable(::ble::whitelist_t *
     return impl->generateWhitelistFromBondTable(whitelist);
 }
 
+#if BLE_ROLE_CENTRAL
 ble_error_t SecurityManager::requestPairing(ble::connection_handle_t connectionHandle)
 {
     return impl->requestPairing(connectionHandle);
 }
+#endif
 
+#if BLE_ROLE_PERIPHERAL
 ble_error_t SecurityManager::acceptPairingRequest(ble::connection_handle_t connectionHandle)
 {
     return impl->acceptPairingRequest(connectionHandle);
 }
+#endif
 
 ble_error_t SecurityManager::cancelPairingRequest(ble::connection_handle_t connectionHandle)
 {
@@ -82,6 +86,7 @@ ble_error_t SecurityManager::getPeerIdentity(ble::connection_handle_t connection
     return impl->getPeerIdentity(connectionHandle);
 }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
 ble_error_t SecurityManager::allowLegacyPairing(bool allow)
 {
     return impl->allowLegacyPairing(allow);
@@ -91,6 +96,7 @@ ble_error_t SecurityManager::getSecureConnectionsSupport(bool *enabled)
 {
     return impl->getSecureConnectionsSupport(enabled);
 }
+#endif
 
 ble_error_t SecurityManager::setIoCapability(SecurityIOCapabilities_t iocaps)
 {
@@ -162,35 +168,43 @@ ble_error_t SecurityManager::setOOBDataUsage(ble::connection_handle_t connection
     return impl->setOOBDataUsage(connectionHandle, useOOB, OOBProvidesMITM);
 }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
 ble_error_t SecurityManager::confirmationEntered(ble::connection_handle_t connectionHandle, bool confirmation)
 {
     return impl->confirmationEntered(connectionHandle, confirmation);
 }
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
 ble_error_t SecurityManager::passkeyEntered(ble::connection_handle_t connectionHandle, Passkey_t passkey)
 {
     return impl->passkeyEntered(connectionHandle, passkey);
 }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
 ble_error_t SecurityManager::sendKeypressNotification(ble::connection_handle_t connectionHandle, ble::Keypress_t keypress)
 {
     return impl->sendKeypressNotification(connectionHandle, keypress);
 }
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
 ble_error_t SecurityManager::legacyPairingOobReceived(const ble::address_t *address, const ble::oob_tk_t *tk)
 {
     return impl->legacyPairingOobReceived(address, tk);
 }
 
+#if BLE_FEATURE_SECURE_CONNECTIONS
 ble_error_t SecurityManager::oobReceived(const ble::address_t *address, const ble::oob_lesc_value_t *random, const ble::oob_confirm_t *confirm)
 {
     return impl->oobReceived(address, random, confirm);
 }
+#endif // BLE_FEATURE_SECURE_CONNECTIONS
 
+#if BLE_FEATURE_SIGNING
 ble_error_t SecurityManager::getSigningKey(ble::connection_handle_t connectionHandle, bool authenticated)
 {
     return impl->getSigningKey(connectionHandle, authenticated);
 }
+#endif // BLE_FEATURE_SIGNING
 
 #if BLE_FEATURE_PRIVACY
 ble_error_t SecurityManager::setPrivateAddressTimeout(