sjanc commented on code in PR #1396: URL: https://github.com/apache/mynewt-nimble/pull/1396#discussion_r992396802
########## nimble/host/include/host/ble_store.h: ########## @@ -178,6 +178,36 @@ struct ble_store_status_event { }; }; +/* blestore.ltk_periph, ediv and rand are valid */ +#define BLE_STORE_KEYS_MASK_LTK 0x01 +/* ble_store_keys.irk is valid */ +#define BLE_STORE_KEYS_MASK_IRK 0x02 +/* ble_store_keys.csrk is valid */ +#define BLE_STORE_KEYS_MASK_CSRK 0x04 + +struct ble_store_keys { + uint8_t ltk_periph[16]; + uint16_t ediv; + uint64_t rand; + uint8_t irk[16]; + uint8_t csrk[16]; +}; + +/** + * Generates keys required by security module. + * This can be used to use custom routines to generate keys instead of simply + * randomizing them. + * + * @param keys_mask Keys that shall be generated. + * @param keys Storage for generated keys. Only keys indicated + * by keys mask should be updated. + * + * @return 0 if keys were generated successfully + * Other nonzero on error. + */ +typedef int ble_store_gen_keys_fn(uint8_t keys_mask, Review Comment: key instead of keys_mask, since we always ask for single key ########## nimble/host/include/host/ble_store.h: ########## @@ -178,6 +178,36 @@ struct ble_store_status_event { }; }; +/* blestore.ltk_periph, ediv and rand are valid */ +#define BLE_STORE_KEYS_MASK_LTK 0x01 +/* ble_store_keys.irk is valid */ +#define BLE_STORE_KEYS_MASK_IRK 0x02 +/* ble_store_keys.csrk is valid */ +#define BLE_STORE_KEYS_MASK_CSRK 0x04 + +struct ble_store_keys { + uint8_t ltk_periph[16]; Review Comment: make this union ########## nimble/host/src/ble_hs_startup.c: ########## @@ -372,7 +373,18 @@ ble_hs_startup_go(void) return rc; } - ble_hs_pvcy_set_our_irk(NULL); + if (ble_hs_cfg.store_gen_keys_cb) { + rc = ble_hs_cfg.store_gen_keys_cb(BLE_STORE_KEYS_MASK_IRK, &keys); Review Comment: maybe memset keys before calling callback -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@mynewt.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org