mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
Component/bt: fix SC_MITM_BOND failed in smp for iphones
This commit is contained in:
parent
485ed4cc22
commit
512e4d5836
@ -1225,7 +1225,7 @@ void btm_sec_save_le_key(BD_ADDR bd_addr, tBTM_LE_KEY_TYPE key_type, tBTM_LE_KEY
|
||||
|
||||
/* Set that link key is known since this shares field with BTM_SEC_FLAG_LKEY_KNOWN flag in stack/btm_api.h*/
|
||||
p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_KNOWN;
|
||||
if ( p_keys->pcsrk_key.sec_level == SMP_SEC_AUTHENTICATED) {
|
||||
if ( p_keys->lenc_key.sec_level == SMP_SEC_AUTHENTICATED) {
|
||||
p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_AUTHED;
|
||||
} else {
|
||||
p_rec->sec_flags &= ~BTM_SEC_LE_LINK_KEY_AUTHED;
|
||||
|
@ -1361,7 +1361,7 @@ tBTM_STATUS BTM_SetEncryption (BD_ADDR bd_addr, tBT_TRANSPORT transport, tBTM_SE
|
||||
|
||||
return (BTM_SUCCESS);
|
||||
}
|
||||
|
||||
p_dev_rec->enc_init_by_we = TRUE;
|
||||
/* enqueue security request if security is active */
|
||||
if (p_dev_rec->p_callback || (p_dev_rec->sec_state != BTM_SEC_STATE_IDLE)) {
|
||||
BTM_TRACE_WARNING ("Security Manager: BTM_SetEncryption busy, enqueue request\n");
|
||||
@ -4018,7 +4018,6 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
|
||||
#if BLE_INCLUDED == TRUE && SMP_INCLUDED == TRUE
|
||||
tACL_CONN *p_acl = NULL;
|
||||
UINT8 acl_idx = btm_handle_to_acl_index(handle);
|
||||
tGATT_TCB *p_tcb = NULL;
|
||||
#endif
|
||||
BTM_TRACE_EVENT ("Security Manager: encrypt_change status:%d State:%d, encr_enable = %d\n",
|
||||
status, (p_dev_rec) ? p_dev_rec->sec_state : 0, encr_enable);
|
||||
@ -4046,14 +4045,6 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
|
||||
p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
|
||||
}
|
||||
} else {
|
||||
#if BLE_INCLUDED == TRUE
|
||||
/* Before the application layer has received the connection event, the device has received an
|
||||
encrypted request from the peer device. The device should wait until the application layer
|
||||
receives the connection event before updating 'sec_flags'. */
|
||||
if ((p_tcb = gatt_find_tcb_by_addr(p_dev_rec->ble.pseudo_addr, BT_TRANSPORT_LE)) == NULL) {
|
||||
//do nothing
|
||||
} else
|
||||
#endif
|
||||
p_dev_rec->sec_flags |= (BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED);
|
||||
}
|
||||
}
|
||||
@ -4543,7 +4534,7 @@ void btm_sec_disconnected (UINT16 handle, UINT8 reason)
|
||||
if (!p_dev_rec) {
|
||||
return;
|
||||
}
|
||||
|
||||
p_dev_rec->enc_init_by_we = FALSE;
|
||||
transport = (handle == p_dev_rec->hci_handle) ? BT_TRANSPORT_BR_EDR : BT_TRANSPORT_LE;
|
||||
|
||||
p_dev_rec->rs_disc_pending = BTM_SEC_RS_NOT_PENDING; /* reset flag */
|
||||
|
@ -618,7 +618,7 @@ typedef struct {
|
||||
// btla-specific --
|
||||
#define BTM_SEC_NO_LAST_SERVICE_ID 0
|
||||
UINT8 last_author_service_id; /* ID of last serviced authorized: Reset after each l2cap connection */
|
||||
|
||||
BOOLEAN enc_init_by_we;
|
||||
} tBTM_SEC_DEV_REC;
|
||||
|
||||
#define BTM_SEC_IS_SM4(sm) ((BOOLEAN)(BTM_SM4_TRUE == ((sm)&BTM_SM4_TRUE)))
|
||||
|
@ -1887,7 +1887,7 @@ BOOLEAN L2CA_RemoveFixedChnl (UINT16 fixed_cid, BD_ADDR rem_bda)
|
||||
p_lcb = l2cu_find_lcb_by_bd_addr (rem_bda, transport);
|
||||
|
||||
if ( ((p_lcb) == NULL) || (!p_lcb->p_fixed_ccbs[fixed_cid - L2CAP_FIRST_FIXED_CHNL]) ) {
|
||||
L2CAP_TRACE_WARNING ("L2CA_RemoveFixedChnl() CID: 0x%04x BDA: %08x%04x not connected", fixed_cid,
|
||||
L2CAP_TRACE_DEBUG ("L2CA_RemoveFixedChnl() CID: 0x%04x BDA: %08x%04x not connected", fixed_cid,
|
||||
(rem_bda[0] << 24) + (rem_bda[1] << 16) + (rem_bda[2] << 8) + rem_bda[3], (rem_bda[4] << 8) + rem_bda[5]);
|
||||
return (FALSE);
|
||||
}
|
||||
|
@ -1831,7 +1831,7 @@ void smp_set_local_oob_random_commitment(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
|
||||
void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable)
|
||||
{
|
||||
tSMP_CB *p_cb = &smp_cb;
|
||||
|
||||
tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (bda);
|
||||
SMP_TRACE_DEBUG("%s encr_enable=%d\n", __func__, encr_enable);
|
||||
|
||||
if (memcmp(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN) == 0) {
|
||||
@ -1842,6 +1842,18 @@ void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable)
|
||||
btm_ble_update_sec_key_size(bda, p_cb->loc_enc_size);
|
||||
}
|
||||
|
||||
smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable);
|
||||
}
|
||||
else if(p_dev_rec && !p_dev_rec->enc_init_by_we){
|
||||
|
||||
/*
|
||||
if enc_init_by_we is false, it means that client initiates encryption before slave calls esp_ble_set_encryption()
|
||||
we need initiate pairing_bda and p_cb->role then encryption, for example iPhones
|
||||
*/
|
||||
memcpy(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN);
|
||||
p_cb->state = SMP_STATE_ENCRYPTION_PENDING;
|
||||
p_cb->role = HCI_ROLE_SLAVE;
|
||||
p_dev_rec->enc_init_by_we = FALSE;
|
||||
smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable);
|
||||
}
|
||||
}
|
||||
|
@ -320,6 +320,9 @@ static void gap_event_handler(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param
|
||||
(bd_addr[4] << 8) + bd_addr[5]);
|
||||
ESP_LOGI(GATTS_TABLE_TAG, "address type = %d", param->ble_security.auth_cmpl.addr_type);
|
||||
ESP_LOGI(GATTS_TABLE_TAG, "pair status = %s",param->ble_security.auth_cmpl.success ? "success" : "fail");
|
||||
if(!param->ble_security.auth_cmpl.success) {
|
||||
ESP_LOGI(GATTS_TABLE_TAG, "fail reason = 0x%x",param->ble_security.auth_cmpl.fail_reason);
|
||||
}
|
||||
show_bonded_devices();
|
||||
break;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user