Component/bt: fix auth_mode error when reconnection in SMP

components/bt/bluedroid/bta/dm/bta_dm_act.c

@@ -4475,7 +4475,8 @@ void bta_dm_add_ble_device (tBTA_DM_MSG *p_data)
 {
     if (!BTM_SecAddBleDevice (p_data->add_ble_device.bd_addr, NULL,
                               p_data->add_ble_device.dev_type  ,
-                              p_data->add_ble_device.addr_type)) {
+                              p_data->add_ble_device.addr_type,
+                              p_data->add_ble_device.auth_mode)) {
         APPL_TRACE_ERROR ("BTA_DM: Error adding BLE Device for device %08x%04x",
                           (p_data->add_ble_device.bd_addr[0] << 24) + (p_data->add_ble_device.bd_addr[1] << 16) + \
                           (p_data->add_ble_device.bd_addr[2] << 8) + p_data->add_ble_device.bd_addr[3],

components/bt/bluedroid/bta/dm/bta_dm_api.c

@@ -797,12 +797,13 @@ void BTA_DmAddBleKey (BD_ADDR bd_addr, tBTA_LE_KEY_VALUE *p_le_key, tBTA_LE_KEY_
 **
 ** Parameters:      bd_addr          - BD address of the peer
 **                  dev_type         - Remote device's device type.
+**                  auth_mode        - auth mode
 **                  addr_type        - LE device address type.
 **
 ** Returns          void
 **
 *******************************************************************************/
-void BTA_DmAddBleDevice(BD_ADDR bd_addr, tBLE_ADDR_TYPE addr_type, tBT_DEVICE_TYPE dev_type)
+void BTA_DmAddBleDevice(BD_ADDR bd_addr, tBLE_ADDR_TYPE addr_type, int auth_mode, tBT_DEVICE_TYPE dev_type)
 {
     tBTA_DM_API_ADD_BLE_DEVICE *p_msg;
 
@@ -812,6 +813,7 @@ void BTA_DmAddBleDevice(BD_ADDR bd_addr, tBLE_ADDR_TYPE addr_type, tBT_DEVICE_TY
         p_msg->hdr.event = BTA_DM_API_ADD_BLEDEVICE_EVT;
         bdcpy(p_msg->bd_addr, bd_addr);
         p_msg->addr_type = addr_type;
+        p_msg->auth_mode = auth_mode;
         p_msg->dev_type = dev_type;
 
         bta_sys_sendmsg(p_msg);

components/bt/bluedroid/bta/dm/include/bta_dm_int.h

@@ -445,6 +445,7 @@ typedef struct {
     BT_HDR                  hdr;
     BD_ADDR                 bd_addr;
     tBT_DEVICE_TYPE         dev_type ;
+    UINT32                  auth_mode;
     tBLE_ADDR_TYPE          addr_type;
 
 } tBTA_DM_API_ADD_BLE_DEVICE;

components/bt/bluedroid/bta/include/bta/bta_api.h

@@ -1870,12 +1870,13 @@ extern void BTA_DmBleConfirmReply(BD_ADDR bd_addr, BOOLEAN accept);
 **
 ** Parameters:      bd_addr          - BD address of the peer
 **                  dev_type         - Remote device's device type.
+**                  auth_mode        - auth mode
 **                  addr_type        - LE device address type.
 **
 ** Returns          void
 **
 *******************************************************************************/
-extern void BTA_DmAddBleDevice(BD_ADDR bd_addr, tBLE_ADDR_TYPE addr_type,
+extern void BTA_DmAddBleDevice(BD_ADDR bd_addr, tBLE_ADDR_TYPE addr_type, int auth_mode,
                                tBT_DEVICE_TYPE dev_type);
 
 

components/bt/bluedroid/btc/core/btc_ble_storage.c

@@ -553,6 +553,91 @@ bt_status_t btc_storage_remove_ble_dev_type(bt_bdaddr_t *remote_bd_addr, bool fl
     return ret;
 }
 
+static bt_status_t _btc_storage_set_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, uint8_t auth_mode, bool flush)
+{
+    int ret;
+    bdstr_t bdstr;
+
+    bdaddr_to_string(remote_bd_addr, bdstr, sizeof(bdstr_t));
+    ret = btc_config_set_int(bdstr, BTC_BLE_STORAGE_LE_AUTH_MODE_STR, (int)auth_mode);
+    if (ret == false) {
+        return BT_STATUS_FAIL;
+    }
+
+    if (flush) {
+        _btc_storage_save();
+    }
+
+    return BT_STATUS_SUCCESS;
+}
+
+bt_status_t btc_storage_set_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, uint8_t auth_mode, bool flush)
+{
+    bt_status_t ret;
+
+    btc_config_lock();
+    ret = _btc_storage_set_ble_dev_auth_mode(remote_bd_addr, auth_mode, flush);
+    btc_config_unlock();
+
+    return ret;
+}
+
+static bt_status_t _btc_storage_get_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, int* auth_mode)
+{
+    bdstr_t bdstr;
+    bdaddr_to_string(remote_bd_addr, bdstr, sizeof(bdstr));
+    int ret = btc_config_get_int(bdstr, BTC_BLE_STORAGE_LE_AUTH_MODE_STR, auth_mode);
+    return ret ? BT_STATUS_SUCCESS : BT_STATUS_FAIL;
+}
+
+bt_status_t btc_storage_get_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, int* auth_mode)
+{
+    bt_status_t ret;
+
+    btc_config_lock();
+    ret = _btc_storage_get_ble_dev_auth_mode(remote_bd_addr, auth_mode);
+    btc_config_unlock();
+
+    return ret;
+}
+
+static bt_status_t _btc_storage_remove_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, bool flush)
+{
+    bool ret = true;
+    bdstr_t bdstr;
+    uint32_t auth_mode = 0;
+
+    bdaddr_to_string(remote_bd_addr, bdstr, sizeof(bdstr));
+
+    ret = btc_config_get_int(bdstr, BTC_BLE_STORAGE_LE_AUTH_MODE_STR, (int *)&auth_mode);
+    if (ret == false) {
+        //cannot find the key, just return SUCCESS, indicate already removed
+        return BT_STATUS_SUCCESS;
+    }
+
+    ret = btc_config_remove(bdstr, BTC_BLE_STORAGE_LE_AUTH_MODE_STR);
+    if (ret == false) {
+        return BT_STATUS_FAIL;
+    }
+
+    if (flush) {
+        _btc_storage_save();
+    }
+
+    return  BT_STATUS_SUCCESS;
+}
+
+bt_status_t btc_storage_remove_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, bool flush)
+{
+    bt_status_t ret;
+
+    btc_config_lock();
+    ret = _btc_storage_remove_ble_dev_auth_mode(remote_bd_addr, flush);
+    btc_config_unlock();
+
+    return ret;
+}
+
 static bt_status_t _btc_storage_set_remote_addr_type(bt_bdaddr_t *remote_bd_addr, uint8_t addr_type, bool flush)
 {
     int ret;
@@ -657,7 +742,11 @@ static void _btc_read_le_key(const uint8_t key_type, const size_t key_len, bt_bd
             bdcpy(bta_bd_addr, bd_addr.address);
 
             if (!*device_added) {
-                BTA_DmAddBleDevice(bta_bd_addr, addr_type, BT_DEVICE_TYPE_BLE);
+                int auth_mode = 0;
+                if(_btc_storage_get_ble_dev_auth_mode(&bd_addr, &auth_mode) != BT_STATUS_SUCCESS) {
+                    BTC_TRACE_WARNING("%s Failed to get auth mode from flash, please erase flash and download the firmware again", __func__);
+                }
+                BTA_DmAddBleDevice(bta_bd_addr, addr_type, auth_mode, BT_DEVICE_TYPE_BLE);
                 *device_added = true;
             }
 

components/bt/bluedroid/btc/core/btc_dm.c

@@ -176,6 +176,7 @@ static void btc_dm_remove_ble_bonding_keys(void)
     bdcpy(bd_addr.address, pairing_cb.bd_addr);
 
     btc_storage_remove_remote_addr_type(&bd_addr, false);
+    btc_storage_remove_ble_dev_auth_mode(&bd_addr, false);
     btc_storage_remove_ble_dev_type(&bd_addr, false);
     btc_storage_remove_ble_bonding_keys(&bd_addr);
 }
@@ -264,6 +265,7 @@ static void btc_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
          if (btc_storage_get_remote_addr_type(&bdaddr, &addr_type) != BT_STATUS_SUCCESS) {
             btc_storage_set_remote_addr_type(&bdaddr, p_auth_cmpl->addr_type, true);
         }
+        btc_storage_set_ble_dev_auth_mode(&bdaddr, p_auth_cmpl->auth_mode, true);
         btc_dm_save_ble_bonding_keys();
     } else {
         /*Map the HCI fail reason  to  bt status  */
@@ -638,6 +640,7 @@ void btc_dm_sec_cb_handler(btc_msg_t *msg)
             //remove the bonded key in the config and nvs flash.
             btc_storage_remove_ble_dev_type(&bd_addr, false);
             btc_storage_remove_remote_addr_type(&bd_addr, false);
+            btc_storage_remove_ble_dev_auth_mode(&bd_addr, false);
             param.remove_bond_dev_cmpl.status = btc_storage_remove_ble_bonding_keys(&bd_addr);
         }
         ble_msg.act = ESP_GAP_BLE_REMOVE_BOND_DEV_COMPLETE_EVT;

components/bt/bluedroid/btc/include/btc/btc_ble_storage.h

@@ -32,6 +32,7 @@
 #define BTC_BLE_STORAGE_LE_KEY_LENC_STR             "LE_KEY_LENC"
 #define BTC_BLE_STORAGE_LE_KEY_LID_STR              "LE_KEY_LID"
 #define BTC_BLE_STORAGE_LE_KEY_LCSRK_STR            "LE_KEY_LCSRK"
+#define BTC_BLE_STORAGE_LE_AUTH_MODE_STR            "AuthMode"
 
 #define BTC_BLE_STORAGE_LOCAL_ADAPTER_STR           "Adapter"
 #define BTC_BLE_STORAGE_LE_LOCAL_KEY_IR_STR         "LE_LOCAL_KEY_IR"
@@ -66,6 +67,12 @@ bt_status_t btc_storage_remove_ble_local_keys(void);
 
 bt_status_t btc_storage_get_ble_local_key(uint8_t key_type, char *key_value, int key_len);
 
+bt_status_t btc_storage_set_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, uint8_t auth_mode, bool flush);
+
+bt_status_t btc_storage_get_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, int* auth_mode);
+
+bt_status_t btc_storage_remove_ble_dev_auth_mode(bt_bdaddr_t *remote_bd_addr, bool flush);
+
 bt_status_t btc_storage_get_remote_addr_type(bt_bdaddr_t *remote_bd_addr, int *addr_type);
 
 bt_status_t btc_storage_set_remote_addr_type(bt_bdaddr_t *remote_bd_addr, uint8_t addr_type, bool flush);

components/bt/bluedroid/stack/btm/btm_ble.c

@@ -66,13 +66,14 @@ extern void gatt_notify_enc_cmpl(BD_ADDR bd_addr);
 **                  bd_name          - Name of the peer device.  NULL if unknown.
 **                  dev_type         - Remote device's device type.
 **                  addr_type        - LE device address type.
+**                  auth_mode        - auth mode             
 **
 ** Returns          TRUE if added OK, else FALSE
 **
 *******************************************************************************/
 #if (SMP_INCLUDED == TRUE)
 BOOLEAN BTM_SecAddBleDevice (BD_ADDR bd_addr, BD_NAME bd_name, tBT_DEVICE_TYPE dev_type,
-                             tBLE_ADDR_TYPE addr_type)
+                             tBLE_ADDR_TYPE addr_type, UINT32 auth_mode)
 {
     tBTM_SEC_DEV_REC  *p_dev_rec;
     UINT8               i = 0;
@@ -125,6 +126,7 @@ BOOLEAN BTM_SecAddBleDevice (BD_ADDR bd_addr, BD_NAME bd_name, tBT_DEVICE_TYPE d
     }
     p_dev_rec->device_type |= dev_type;
     p_dev_rec->ble.ble_addr_type = addr_type;
+    p_dev_rec->ble.auth_mode = auth_mode;
 
     memcpy (p_dev_rec->ble.pseudo_addr, bd_addr, BD_ADDR_LEN);
     /* sync up with the Inq Data base*/

components/bt/bluedroid/stack/btm/include/btm_int.h

@@ -489,6 +489,7 @@ typedef struct {
     tBTM_LE_KEY_TYPE    key_type;       /* bit mask of valid key types in record */
     tBTM_SEC_BLE_KEYS   keys;           /* LE device security info in slave rode */
     bool skip_update_conn_param;        /* skip update connection paraams or not*/
+    UINT16 auth_mode;                   /* Authentication mode */
 #endif
 #if (BLE_PRIVACY_SPT == TRUE)
     tBLE_ADDR_TYPE      current_addr_type; /* current adv addr type*/

components/bt/bluedroid/stack/include/stack/btm_ble_api.h

@@ -903,13 +903,14 @@ void BTM_BleRegiseterConnParamCallback(tBTM_UPDATE_CONN_PARAM_CBACK *update_conn
 **                  bd_name          - Name of the peer device.  NULL if unknown.
 **                  dev_type         - Remote device's device type.
 **                  addr_type        - LE device address type.
+**                  auth_mode        - auth mode
 **
 ** Returns          TRUE if added OK, else FALSE
 **
 *******************************************************************************/
 //extern
 BOOLEAN BTM_SecAddBleDevice (BD_ADDR bd_addr, BD_NAME bd_name,
-                             tBT_DEVICE_TYPE dev_type, tBLE_ADDR_TYPE addr_type);
+                             tBT_DEVICE_TYPE dev_type, tBLE_ADDR_TYPE addr_type, UINT32 auth_mode);
 
 /*******************************************************************************
 **

components/bt/bluedroid/stack/smp/smp_act.c

@@ -625,7 +625,7 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
         if(p_cb->peer_auth_req & p_cb->loc_auth_req & SMP_AUTH_GEN_BOND) {
             auth |= SMP_AUTH_GEN_BOND;
         }
-         p_cb->auth_mode = auth;
+        p_cb->auth_mode = auth;
         if (p_cb->accept_specified_sec_auth) {
             if ((auth & p_cb->origin_loc_auth_req) != p_cb->origin_loc_auth_req ) {
                 SMP_TRACE_ERROR("%s pairing failed - master requires auth is 0x%x but peer auth is 0x%x local auth is 0x%x",
@@ -1365,7 +1365,6 @@ void smp_decide_association_model(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
 void smp_process_io_response(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
 {
     uint8_t reason = SMP_PAIR_AUTH_FAIL;
-
     SMP_TRACE_DEBUG("%s\n", __func__);
     if (p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD) {
         /* pairing started by local (slave) Security Request */

components/bt/bluedroid/stack/smp/smp_utils.c

@@ -964,7 +964,7 @@ void smp_proc_pairing_cmpl(tSMP_CB *p_cb)
     tSMP_EVT_DATA   evt_data = {0};
     tSMP_CALLBACK   *p_callback = p_cb->p_callback;
     BD_ADDR         pairing_bda;
-    tBTM_SEC_DEV_REC    *p_rec;
+    tBTM_SEC_DEV_REC    *p_rec = btm_find_dev (p_cb->pairing_bda);
 
     SMP_TRACE_DEBUG ("smp_proc_pairing_cmpl \n");
 
@@ -973,7 +973,14 @@ void smp_proc_pairing_cmpl(tSMP_CB *p_cb)
     evt_data.cmplt.auth_mode = 0;
     if (p_cb->status == SMP_SUCCESS) {
         evt_data.cmplt.sec_level = p_cb->sec_level;
-        evt_data.cmplt.auth_mode = p_cb->auth_mode;
+        if (p_cb->auth_mode) { // the first encryption
+            evt_data.cmplt.auth_mode = p_cb->auth_mode;
+            if (p_rec) {
+                p_rec->ble.auth_mode = p_cb->auth_mode;
+            }
+        } else if (p_rec) {
+            evt_data.cmplt.auth_mode =  p_rec->ble.auth_mode;
+        }
     }
 
     evt_data.cmplt.is_pair_cancel  = FALSE;
@@ -990,7 +997,6 @@ void smp_proc_pairing_cmpl(tSMP_CB *p_cb)
     memcpy (pairing_bda, p_cb->pairing_bda, BD_ADDR_LEN);
 
     if (p_cb->role == HCI_ROLE_SLAVE) {
-        p_rec = btm_find_dev (p_cb->pairing_bda);
         if(p_rec && p_rec->ble.skip_update_conn_param) {
             //clear flag
             p_rec->ble.skip_update_conn_param = false;