alex/esp-idf
alex/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf.git synced 2024-10-05 20:47:46 -04:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Component/bt: fix SC_MITM_BOND failed in smp for iphones

Browse Source
This commit is contained in:
zhiweijian 2018-07-27 11:18:52 +08:00 committed by bot
parent b674fa0b99
commit 163dbc3200
6 changed files with 21 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/bt/bluedroid/stack/btm/btm_ble.c
View File

@ -1225,7 +1225,7 @@ void btm_sec_save_le_key(BD_ADDR bd_addr, tBTM_LE_KEY_TYPE key_type, tBTM_LE_KEY
/* Set that link key is known since this shares field with BTM_SEC_FLAG_LKEY_KNOWN flag in stack/btm_api.h*/ /* Set that link key is known since this shares field with BTM_SEC_FLAG_LKEY_KNOWN flag in stack/btm_api.h*/
p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_KNOWN; p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_KNOWN;
if ( p_keys->pcsrk_key.sec_level == SMP_SEC_AUTHENTICATED) { if ( p_keys->lenc_key.sec_level == SMP_SEC_AUTHENTICATED) {
p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_AUTHED; p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_AUTHED;
} else { } else {
p_rec->sec_flags &= ~BTM_SEC_LE_LINK_KEY_AUTHED; p_rec->sec_flags &= ~BTM_SEC_LE_LINK_KEY_AUTHED;

13
components/bt/bluedroid/stack/btm/btm_sec.c
View File

@ -1361,7 +1361,7 @@ tBTM_STATUS BTM_SetEncryption (BD_ADDR bd_addr, tBT_TRANSPORT transport, tBTM_SE
return (BTM_SUCCESS); return (BTM_SUCCESS);
} }
p_dev_rec->enc_init_by_we = TRUE;
/* enqueue security request if security is active */ /* enqueue security request if security is active */
if (p_dev_rec->p_callback || (p_dev_rec->sec_state != BTM_SEC_STATE_IDLE)) { if (p_dev_rec->p_callback || (p_dev_rec->sec_state != BTM_SEC_STATE_IDLE)) {
BTM_TRACE_WARNING ("Security Manager: BTM_SetEncryption busy, enqueue request\n"); BTM_TRACE_WARNING ("Security Manager: BTM_SetEncryption busy, enqueue request\n");
@ -4018,7 +4018,6 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
#if BLE_INCLUDED == TRUE && SMP_INCLUDED == TRUE #if BLE_INCLUDED == TRUE && SMP_INCLUDED == TRUE
tACL_CONN *p_acl = NULL; tACL_CONN *p_acl = NULL;
UINT8 acl_idx = btm_handle_to_acl_index(handle); UINT8 acl_idx = btm_handle_to_acl_index(handle);
tGATT_TCB *p_tcb = NULL;
#endif #endif
BTM_TRACE_EVENT ("Security Manager: encrypt_change status:%d State:%d, encr_enable = %d\n", BTM_TRACE_EVENT ("Security Manager: encrypt_change status:%d State:%d, encr_enable = %d\n",
status, (p_dev_rec) ? p_dev_rec->sec_state : 0, encr_enable); status, (p_dev_rec) ? p_dev_rec->sec_state : 0, encr_enable);
@ -4046,14 +4045,6 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED; p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
} }
} else { } else {
#if BLE_INCLUDED == TRUE
/* Before the application layer has received the connection event, the device has received an
encrypted request from the peer device. The device should wait until the application layer
receives the connection event before updating 'sec_flags'. */
if ((p_tcb = gatt_find_tcb_by_addr(p_dev_rec->ble.pseudo_addr, BT_TRANSPORT_LE)) == NULL) {
//do nothing
} else
#endif
p_dev_rec->sec_flags |= (BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED); p_dev_rec->sec_flags |= (BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED);
} }
} }
@ -4543,7 +4534,7 @@ void btm_sec_disconnected (UINT16 handle, UINT8 reason)
if (!p_dev_rec) { if (!p_dev_rec) {
return; return;
} }
p_dev_rec->enc_init_by_we = FALSE;
transport = (handle == p_dev_rec->hci_handle) ? BT_TRANSPORT_BR_EDR : BT_TRANSPORT_LE; transport = (handle == p_dev_rec->hci_handle) ? BT_TRANSPORT_BR_EDR : BT_TRANSPORT_LE;
p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */ p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */

2
components/bt/bluedroid/stack/btm/include/btm_int.h
View File

@ -618,7 +618,7 @@ typedef struct {
// btla-specific -- // btla-specific --
#define BTM_SEC_NO_LAST_SERVICE_ID 0 #define BTM_SEC_NO_LAST_SERVICE_ID 0
UINT8 last_author_service_id; /* ID of last serviced authorized: Reset after each l2cap connection */ UINT8 last_author_service_id; /* ID of last serviced authorized: Reset after each l2cap connection */
BOOLEAN enc_init_by_we;
} tBTM_SEC_DEV_REC; } tBTM_SEC_DEV_REC;
#define BTM_SEC_IS_SM4(sm) ((BOOLEAN)(BTM_SM4_TRUE == ((sm)&BTM_SM4_TRUE))) #define BTM_SEC_IS_SM4(sm) ((BOOLEAN)(BTM_SM4_TRUE == ((sm)&BTM_SM4_TRUE)))

2
components/bt/bluedroid/stack/l2cap/l2c_api.c
View File

@ -1887,7 +1887,7 @@ BOOLEAN L2CA_RemoveFixedChnl (UINT16 fixed_cid, BD_ADDR rem_bda)
p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport); p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport);
if ( ((p_lcb) == NULL) || (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) ) { if ( ((p_lcb) == NULL) || (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) ) {
L2CAP_TRACE_WARNING ("L2CA_RemoveFixedChnl() CID: 0x%04x BDA: %08x%04x not connected", fixed_cid, L2CAP_TRACE_DEBUG ("L2CA_RemoveFixedChnl() CID: 0x%04x BDA: %08x%04x not connected", fixed_cid,
(rem_bda[0] << 24) + (rem_bda[1] << 16) + (rem_bda[2] << 8) + rem_bda[3], (rem_bda[4] << 8) + rem_bda[5]); (rem_bda[0] << 24) + (rem_bda[1] << 16) + (rem_bda[2] << 8) + rem_bda[3], (rem_bda[4] << 8) + rem_bda[5]);
return (FALSE); return (FALSE);
} }

14
components/bt/bluedroid/stack/smp/smp_act.c
View File

@ -1831,7 +1831,7 @@ void smp_set_local_oob_random_commitment(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable) void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable)
{ {
tSMP_CB *p_cb = &smp_cb; tSMP_CB *p_cb = &smp_cb;
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
SMP_TRACE_DEBUG("%s encr_enable=%d\n", __func__, encr_enable); SMP_TRACE_DEBUG("%s encr_enable=%d\n", __func__, encr_enable);
if (memcmp(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN) == 0) { if (memcmp(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN) == 0) {
@ -1844,6 +1844,18 @@ void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable)
smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable); smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable);
} }
else if(p_dev_rec && !p_dev_rec->enc_init_by_we){
/*
if enc_init_by_we is false, it means that client initiates encryption before slave calls esp_ble_set_encryption()
we need initiate pairing_bda and p_cb->role then encryption, for example iPhones
*/
memcpy(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN);
p_cb->state = SMP_STATE_ENCRYPTION_PENDING;
p_cb->role = HCI_ROLE_SLAVE;
p_dev_rec->enc_init_by_we = FALSE;
smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable);
}
} }
/******************************************************************************* /*******************************************************************************

3
examples/bluetooth/gatt_security_server/main/example_ble_sec_gatts_demo.c
View File

@ -320,6 +320,9 @@ static void gap_event_handler(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param
(bd_addr[4] << 8) + bd_addr[5]); (bd_addr[4] << 8) + bd_addr[5]);
ESP_LOGI(GATTS_TABLE_TAG, "address type = %d", param->ble_security.auth_cmpl.addr_type); ESP_LOGI(GATTS_TABLE_TAG, "address type = %d", param->ble_security.auth_cmpl.addr_type);
ESP_LOGI(GATTS_TABLE_TAG, "pair status = %s",param->ble_security.auth_cmpl.success ? "success" : "fail"); ESP_LOGI(GATTS_TABLE_TAG, "pair status = %s",param->ble_security.auth_cmpl.success ? "success" : "fail");
if(!param->ble_security.auth_cmpl.success) {
ESP_LOGI(GATTS_TABLE_TAG, "fail reason = 0x%x",param->ble_security.auth_cmpl.fail_reason);
}
show_bonded_devices(); show_bonded_devices();
break; break;
} }