From e5f2f1ba78e6f4fcaa8fcc24d95bff63382f24d6 Mon Sep 17 00:00:00 2001 From: zhiweijian Date: Thu, 27 Sep 2018 16:22:31 +0800 Subject: [PATCH] Component/bt: add only accept sepecified Authentication --- .../api/include/api/esp_gap_ble_api.h | 7 +++- components/bt/bluedroid/bta/dm/bta_dm_act.c | 11 +++-- components/bt/bluedroid/bta/dm/bta_dm_co.c | 38 ++++++++++++++++-- .../bt/bluedroid/bta/include/bta/bta_api.h | 1 + .../bt/bluedroid/bta/include/bta/bta_dm_co.h | 6 +++ components/bt/bluedroid/btc/core/btc_dm.c | 1 + .../btc/profile/std/gap/btc_gap_ble.c | 6 +++ .../common/include/common/bte_appl.h | 1 + components/bt/bluedroid/stack/btm/btm_ble.c | 33 +++++++++++++++ .../bluedroid/stack/include/stack/btm_api.h | 1 + .../stack/include/stack/btm_ble_api.h | 15 +++++++ .../bluedroid/stack/include/stack/smp_api.h | 3 ++ .../bt/bluedroid/stack/smp/include/smp_int.h | 2 + components/bt/bluedroid/stack/smp/smp_act.c | 17 ++++++++ components/bt/bluedroid/stack/smp/smp_api.c | 35 ++++++++++++++++ components/bt/bluedroid/stack/smp/smp_utils.c | 3 +- .../main/example_ble_sec_gattc_demo.c | 40 ++++++++++++++++++- .../main/example_ble_sec_gatts_demo.c | 39 +++++++++++++++++- .../bluetooth/gatt_server/main/gatts_demo.c | 2 +- .../main/gatts_table_creat_demo.c | 2 +- 20 files changed, 250 insertions(+), 13 deletions(-) diff --git a/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h b/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h index 9765c1b2b3..b0247abe2c 100644 --- a/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h +++ b/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h @@ -60,6 +60,9 @@ typedef uint8_t esp_ble_key_type_t; #define ESP_LE_AUTH_REQ_SC_MITM_BOND (ESP_LE_AUTH_REQ_MITM | ESP_LE_AUTH_REQ_SC_ONLY | ESP_LE_AUTH_BOND) /*!< 1101 */ /* relate to BTM_LE_AUTH_REQ_SC_MITM_BOND in stack/btm_api.h */ typedef uint8_t esp_ble_auth_req_t; /*!< combination of the above bit pattern */ +#define ESP_BLE_ONLY_ACCEPT_SPECIFIED_AUTH_DISABLE 0 +#define ESP_BLE_ONLY_ACCEPT_SPECIFIED_AUTH_ENABLE 1 + /* relate to BTM_IO_CAP_xxx in stack/btm_api.h */ #define ESP_IO_CAP_OUT 0 /*!< DisplayOnly */ /* relate to BTM_IO_CAP_OUT in stack/btm_api.h */ #define ESP_IO_CAP_IO 1 /*!< DisplayYesNo */ /* relate to BTM_IO_CAP_IO in stack/btm_api.h */ @@ -266,6 +269,7 @@ typedef enum { ESP_BLE_SM_MAX_KEY_SIZE, ESP_BLE_SM_SET_STATIC_PASSKEY, ESP_BLE_SM_CLEAR_STATIC_PASSKEY, + ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH, ESP_BLE_SM_MAX_PARAM, } esp_ble_sm_param_t; @@ -511,7 +515,8 @@ typedef struct uint8_t fail_reason; /*!< The HCI reason/error code for when success=FALSE */ esp_ble_addr_type_t addr_type; /*!< Peer device address type */ esp_bt_dev_type_t dev_type; /*!< Device type */ -} esp_ble_auth_cmpl_t; /*!< The ble authentication complite cb type */ + esp_ble_auth_req_t auth_mode; /*!< authentication mode */ +} esp_ble_auth_cmpl_t; /*!< The ble authentication complete cb type */ /** * @brief union associated with ble security diff --git a/components/bt/bluedroid/bta/dm/bta_dm_act.c b/components/bt/bluedroid/bta/dm/bta_dm_act.c index 257f12d8f8..74a95c99c8 100644 --- a/components/bt/bluedroid/bta/dm/bta_dm_act.c +++ b/components/bt/bluedroid/bta/dm/bta_dm_act.c @@ -4249,9 +4249,11 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D memset(&sec_event, 0, sizeof(tBTA_DM_SEC)); switch (event) { - case BTM_LE_IO_REQ_EVT: - // #if (BTM_LOCAL_IO_CAPS != BTM_IO_CAP_NONE) - + case BTM_LE_IO_REQ_EVT: { + // #if (BT_SSP_INCLUDED == TRUE) + UINT8 enable = bta_dm_co_ble_get_accept_auth_enable(); + UINT8 origin_auth = bta_dm_co_ble_get_auth_req(); + BTM_BleSetAcceptAuthMode(enable, origin_auth); bta_dm_co_ble_io_req(bda, &p_data->io_req.io_cap, &p_data->io_req.oob_data, @@ -4266,6 +4268,7 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D APPL_TRACE_EVENT("io mitm: %d oob_data:%d\n", p_data->io_req.auth_req, p_data->io_req.oob_data); break; + } case BTM_LE_SEC_REQUEST_EVT: bdcpy(sec_event.ble_req.bd_addr, bda); @@ -4341,7 +4344,7 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D } } - + sec_event.auth_cmpl.auth_mode = p_data->complt.auth_mode; if (bta_dm_cb.p_sec_cback) { //bta_dm_cb.p_sec_cback(BTA_DM_AUTH_CMPL_EVT, &sec_event); bta_dm_cb.p_sec_cback(BTA_DM_BLE_AUTH_CMPL_EVT, &sec_event); diff --git a/components/bt/bluedroid/bta/dm/bta_dm_co.c b/components/bt/bluedroid/bta/dm/bta_dm_co.c index dbfabc3b7a..cb13209508 100644 --- a/components/bt/bluedroid/bta/dm/bta_dm_co.c +++ b/components/bt/bluedroid/bta/dm/bta_dm_co.c @@ -31,6 +31,10 @@ #endif /* #if (defined(BTIF_INCLUDED) && BTIF_INCLUDED == TRUE) */ #if (defined BLE_INCLUDED && BLE_INCLUDED == TRUE && SMP_INCLUDED == TRUE) #include "common/bte_appl.h" + +#define BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_DISABLE 0 +#define BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_ENABLE 1 + tBTE_APPL_CFG bte_appl_cfg = { #if SMP_INCLUDED == TRUE BTA_LE_AUTH_REQ_SC_MITM_BOND, // Authentication requirements @@ -40,7 +44,8 @@ tBTE_APPL_CFG bte_appl_cfg = { BTM_LOCAL_IO_CAPS_BLE, BTM_BLE_INITIATOR_KEY_SIZE, BTM_BLE_RESPONDER_KEY_SIZE, - BTM_BLE_MAX_KEY_SIZE + BTM_BLE_MAX_KEY_SIZE, + BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_DISABLE }; #endif @@ -319,7 +324,7 @@ void bta_dm_co_ble_io_req(BD_ADDR bd_addr, tBTA_IO_CAP *p_io_cap, #endif ///SMP_INCLUDED == TRUE } -void bta_dm_co_ble_set_io_cap(UINT8 ble_io_cap) +void bta_dm_co_ble_set_io_cap(UINT8 ble_io_cap) { #if (SMP_INCLUDED == TRUE) if(ble_io_cap < BTM_IO_CAP_MAX ) { @@ -330,7 +335,7 @@ void bta_dm_co_ble_set_io_cap(UINT8 ble_io_cap) #endif ///SMP_INCLUDED == TRUE } -void bta_dm_co_ble_set_auth_req(UINT8 ble_auth_req) +void bta_dm_co_ble_set_auth_req(UINT8 ble_auth_req) { #if (SMP_INCLUDED == TRUE) bte_appl_cfg.ble_auth_req = ble_auth_req; @@ -363,5 +368,32 @@ void bta_dm_co_ble_set_max_key_size(UINT8 ble_key_size) } #endif ///SMP_INCLUDED == TRUE } + +void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable) +{ +#if (SMP_INCLUDED == TRUE) + if (enable) { + enable = BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_ENABLE; + } + bte_appl_cfg.ble_accept_auth_enable = enable; +#endif ///SMP_INCLUDED == TRUE +} + +UINT8 bta_dm_co_ble_get_accept_auth_enable(void) +{ +#if (SMP_INCLUDED == TRUE) + return bte_appl_cfg.ble_accept_auth_enable; +#endif ///SMP_INCLUDED == TRUE + return 0; +} + +UINT8 bta_dm_co_ble_get_auth_req(void) +{ +#if (SMP_INCLUDED == TRUE) + return bte_appl_cfg.ble_auth_req; +#endif ///SMP_INCLUDED == TRUE + return 0; +} + #endif diff --git a/components/bt/bluedroid/bta/include/bta/bta_api.h b/components/bt/bluedroid/bta/include/bta/bta_api.h index 7151467317..9df81399d9 100644 --- a/components/bt/bluedroid/bta/include/bta/bta_api.h +++ b/components/bt/bluedroid/bta/include/bta/bta_api.h @@ -763,6 +763,7 @@ typedef struct { UINT8 fail_reason; /* The HCI reason/error code for when success=FALSE */ tBLE_ADDR_TYPE addr_type; /* Peer device address type */ tBT_DEVICE_TYPE dev_type; + UINT8 auth_mode; } tBTA_DM_AUTH_CMPL; diff --git a/components/bt/bluedroid/bta/include/bta/bta_dm_co.h b/components/bt/bluedroid/bta/include/bta/bta_dm_co.h index 1f1f648a9f..ebdd055563 100644 --- a/components/bt/bluedroid/bta/include/bta/bta_dm_co.h +++ b/components/bt/bluedroid/bta/include/bta/bta_dm_co.h @@ -190,4 +190,10 @@ extern void bta_dm_co_ble_set_init_key_req(UINT8 init_key); extern void bta_dm_co_ble_set_rsp_key_req(UINT8 rsp_key); extern void bta_dm_co_ble_set_max_key_size(UINT8 ble_key_size); + +extern void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable); + +extern UINT8 bta_dm_co_ble_get_accept_auth_enable(void); + +extern UINT8 bta_dm_co_ble_get_auth_req(void); #endif diff --git a/components/bt/bluedroid/btc/core/btc_dm.c b/components/bt/bluedroid/btc/core/btc_dm.c index 4578b76c6d..db7e2140a0 100644 --- a/components/bt/bluedroid/btc/core/btc_dm.c +++ b/components/bt/bluedroid/btc/core/btc_dm.c @@ -584,6 +584,7 @@ void btc_dm_sec_cb_handler(btc_msg_t *msg) param.ble_security.auth_cmpl.key_present = p_data->auth_cmpl.key_present; memcpy(param.ble_security.auth_cmpl.bd_addr, p_data->auth_cmpl.bd_addr, sizeof(BD_ADDR)); memcpy(param.ble_security.auth_cmpl.key, p_data->auth_cmpl.key, sizeof(LINK_KEY)); + param.ble_security.auth_cmpl.auth_mode = p_data->auth_cmpl.auth_mode; btc_dm_ble_auth_cmpl_evt(&p_data->auth_cmpl); break; } diff --git a/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c b/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c index 33e1ea6701..86cc125ae8 100644 --- a/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c +++ b/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c @@ -1129,6 +1129,12 @@ void btc_gap_ble_call_handler(btc_msg_t *msg) BTA_DmBleSetStaticPasskey(false, 0); break; } + case ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH: { + uint8_t enable = 0; + STREAM_TO_UINT8(enable, value); + bta_dm_co_ble_set_accept_auth_enable(enable); + break; + } default: break; } diff --git a/components/bt/bluedroid/common/include/common/bte_appl.h b/components/bt/bluedroid/common/include/common/bte_appl.h index 4850250b8a..11538c939f 100644 --- a/components/bt/bluedroid/common/include/common/bte_appl.h +++ b/components/bt/bluedroid/common/include/common/bte_appl.h @@ -31,6 +31,7 @@ typedef struct { UINT8 ble_init_key; UINT8 ble_resp_key; UINT8 ble_max_key_size; + UINT8 ble_accept_auth_enable; #endif } tBTE_APPL_CFG; diff --git a/components/bt/bluedroid/stack/btm/btm_ble.c b/components/bt/bluedroid/stack/btm/btm_ble.c index 3470fbf17f..4d5a214b40 100644 --- a/components/bt/bluedroid/stack/btm/btm_ble.c +++ b/components/bt/bluedroid/stack/btm/btm_ble.c @@ -423,12 +423,45 @@ void BTM_BlePasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey) #endif } +/******************************************************************************* +** +** Function BTM_BleSetStaticPasskey +** +** Description This function is called to set static passkey +** +** +** Parameters: add - set static passkey when add is TRUE +** clear static passkey when add is FALSE +** passkey - static passkey +** +** +*******************************************************************************/ void BTM_BleSetStaticPasskey(BOOLEAN add, UINT32 passkey) { #if SMP_INCLUDED == TRUE SMP_SetStaticPasskey(add, passkey); #endif } + +/******************************************************************************* +** +** Function BTM_BleSetAcceptAuthMode +** +** Description This function is called to set only accept specified Authentication +** +** +** Parameters: enable - Whether to enable this function +** +** auth_mode - Authentication mode +** +** +*******************************************************************************/ +void BTM_BleSetAcceptAuthMode(UINT8 enable, UINT8 auth_mode) +{ +#if SMP_INCLUDED == TRUE + SMP_SetAcceptAuthMode(enable, auth_mode); +#endif +} /******************************************************************************* ** ** Function BTM_BleConfirmReply diff --git a/components/bt/bluedroid/stack/include/stack/btm_api.h b/components/bt/bluedroid/stack/include/stack/btm_api.h index c483268aec..f686a12175 100644 --- a/components/bt/bluedroid/stack/include/stack/btm_api.h +++ b/components/bt/bluedroid/stack/include/stack/btm_api.h @@ -1642,6 +1642,7 @@ typedef struct { UINT8 sec_level; BOOLEAN is_pair_cancel; BOOLEAN smp_over_br; + tSMP_AUTH_REQ auth_mode; } tBTM_LE_COMPLT; #endif diff --git a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h index 0a07c643b4..62ff55f847 100644 --- a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h +++ b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h @@ -1330,6 +1330,21 @@ void BTM_BlePasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey); *******************************************************************************/ void BTM_BleSetStaticPasskey(BOOLEAN add, UINT32 passkey); +/******************************************************************************* +** +** Function BTM_BleSetAcceptAuthMode +** +** Description This function is called to set only accept specified Authentication +** +** +** Parameters: enable - Whether to enable this function +** +** auth_mode - Authentication mode +** +** +*******************************************************************************/ +void BTM_BleSetAcceptAuthMode(UINT8 enable, UINT8 auth_mode); + /******************************************************************************* ** ** Function BTM_BleConfirmReply diff --git a/components/bt/bluedroid/stack/include/stack/smp_api.h b/components/bt/bluedroid/stack/include/stack/smp_api.h index 6a3ca5afa8..b4b6af14b3 100644 --- a/components/bt/bluedroid/stack/include/stack/smp_api.h +++ b/components/bt/bluedroid/stack/include/stack/smp_api.h @@ -224,6 +224,7 @@ typedef struct { tSMP_SEC_LEVEL sec_level; BOOLEAN is_pair_cancel; BOOLEAN smp_over_br; + tSMP_AUTH_REQ auth_mode; } tSMP_CMPL; typedef struct { @@ -416,6 +417,8 @@ extern void SMP_PasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey); *******************************************************************************/ extern void SMP_SetStaticPasskey (BOOLEAN add, UINT32 passkey); +extern void SMP_SetAcceptAuthMode (UINT8 enable, UINT8 auth_mode); + /******************************************************************************* ** ** Function SMP_ConfirmReply diff --git a/components/bt/bluedroid/stack/smp/include/smp_int.h b/components/bt/bluedroid/stack/smp/include/smp_int.h index 029869efcc..55bf3e279b 100644 --- a/components/bt/bluedroid/stack/smp/include/smp_int.h +++ b/components/bt/bluedroid/stack/smp/include/smp_int.h @@ -335,6 +335,8 @@ typedef struct { BOOLEAN wait_for_authorization_complete; BOOLEAN use_static_passkey; UINT32 static_passkey; + BOOLEAN accept_specified_sec_auth; + tSMP_AUTH_REQ origin_loc_auth_req; } tSMP_CB; /* Server Action functions are of this type */ diff --git a/components/bt/bluedroid/stack/smp/smp_act.c b/components/bt/bluedroid/stack/smp/smp_act.c index bf3fe7def6..2534a587ef 100644 --- a/components/bt/bluedroid/stack/smp/smp_act.c +++ b/components/bt/bluedroid/stack/smp/smp_act.c @@ -551,6 +551,14 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); return; } + if(p_cb->accept_specified_sec_auth) { + if((p_cb->origin_loc_auth_req & p_cb->peer_auth_req & p_cb->loc_auth_req) != p_cb->origin_loc_auth_req ) { + SMP_TRACE_ERROR("%s pairing failed - slave requires 0x%x auth but peer auth req 0x%x local auth req 0x%x", + __func__, p_cb->origin_loc_auth_req, p_cb->peer_auth_req, p_cb->loc_auth_req); + reason = SMP_PAIR_AUTH_FAIL; + smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); + } + } if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) { if (smp_request_oob_data(p_cb)) { @@ -573,6 +581,15 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) return; } + if (p_cb->accept_specified_sec_auth) { + if ((p_cb->origin_loc_auth_req & p_cb->peer_auth_req & p_cb->loc_auth_req) != p_cb->origin_loc_auth_req ) { + SMP_TRACE_ERROR("%s pairing failed - master requires 0x%x auth but peer auth req 0x%x local auth req 0x%x", + __func__, p_cb->origin_loc_auth_req, p_cb->peer_auth_req, p_cb->loc_auth_req); + reason = SMP_PAIR_AUTH_FAIL; + smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); + } + } + if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) { if (smp_request_oob_data(p_cb)) { return; diff --git a/components/bt/bluedroid/stack/smp/smp_api.c b/components/bt/bluedroid/stack/smp/smp_api.c index ecd222c22a..8ec1394dd8 100644 --- a/components/bt/bluedroid/stack/smp/smp_api.c +++ b/components/bt/bluedroid/stack/smp/smp_api.c @@ -328,6 +328,19 @@ void SMP_PasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey) return; } +/******************************************************************************* +** +** Function SMP_SetStaticPasskey +** +** Description This function is called to set static passkey +** +** +** Parameters: add - set static passkey when add is TRUE +** clear static passkey when add is FALSE +** passkey - static passkey +** +** +*******************************************************************************/ void SMP_SetStaticPasskey (BOOLEAN add, UINT32 passkey) { SMP_TRACE_DEBUG("static passkey %6d", passkey); @@ -340,6 +353,28 @@ void SMP_SetStaticPasskey (BOOLEAN add, UINT32 passkey) p_cb->use_static_passkey = false; } } + +/******************************************************************************* +** +** Function SMP_SetAcceptAuthMode +** +** Description This function is called to set only accept specified Authentication +** +** +** Parameters: enable - Whether to enable this function +** +** auth_mode - Authentication mode +** +** +*******************************************************************************/ +void SMP_SetAcceptAuthMode (UINT8 enable, UINT8 auth_mode) +{ + tSMP_CB *p_cb = & smp_cb; + + p_cb->accept_specified_sec_auth = enable; + p_cb->origin_loc_auth_req = auth_mode; + +} /******************************************************************************* ** ** Function SMP_ConfirmReply diff --git a/components/bt/bluedroid/stack/smp/smp_utils.c b/components/bt/bluedroid/stack/smp/smp_utils.c index 31497591f0..4af028248b 100644 --- a/components/bt/bluedroid/stack/smp/smp_utils.c +++ b/components/bt/bluedroid/stack/smp/smp_utils.c @@ -962,9 +962,10 @@ void smp_proc_pairing_cmpl(tSMP_CB *p_cb) evt_data.cmplt.reason = p_cb->status; evt_data.cmplt.smp_over_br = p_cb->smp_over_br; - + evt_data.cmplt.auth_mode = 0; if (p_cb->status == SMP_SUCCESS) { evt_data.cmplt.sec_level = p_cb->sec_level; + evt_data.cmplt.auth_mode = (p_cb->peer_auth_req & p_cb->loc_auth_req); } evt_data.cmplt.is_pair_cancel = FALSE; diff --git a/examples/bluetooth/gatt_security_client/main/example_ble_sec_gattc_demo.c b/examples/bluetooth/gatt_security_client/main/example_ble_sec_gattc_demo.c index a4408cccb6..d2de988cb6 100644 --- a/examples/bluetooth/gatt_security_client/main/example_ble_sec_gattc_demo.c +++ b/examples/bluetooth/gatt_security_client/main/example_ble_sec_gattc_demo.c @@ -126,6 +126,39 @@ static const char *esp_key_type_to_str(esp_ble_key_type_t key_type) return key_str; } +static char *esp_auth_req_to_str(esp_ble_auth_req_t auth_req) +{ + char *auth_str = NULL; + switch(auth_req) { + case ESP_LE_AUTH_NO_BOND: + auth_str = "ESP_LE_AUTH_NO_BOND"; + break; + case ESP_LE_AUTH_BOND: + auth_str = "ESP_LE_AUTH_BOND"; + break; + case ESP_LE_AUTH_REQ_MITM: + auth_str = "ESP_LE_AUTH_REQ_MITM"; + break; + case ESP_LE_AUTH_REQ_SC_ONLY: + auth_str = "ESP_LE_AUTH_REQ_SC_ONLY"; + break; + case ESP_LE_AUTH_REQ_SC_BOND: + auth_str = "ESP_LE_AUTH_REQ_SC_BOND"; + break; + case ESP_LE_AUTH_REQ_SC_MITM: + auth_str = "ESP_LE_AUTH_REQ_SC_MITM"; + break; + case ESP_LE_AUTH_REQ_SC_MITM_BOND: + auth_str = "ESP_LE_AUTH_REQ_SC_MITM_BOND"; + break; + default: + auth_str = "INVALID BLE AUTH REQ"; + break; + } + + return auth_str; +} + static void gattc_profile_event_handler(esp_gattc_cb_event_t event, esp_gatt_if_t gattc_if, esp_ble_gattc_cb_param_t *param) { esp_ble_gattc_cb_param_t *p_data = (esp_ble_gattc_cb_param_t *)param; @@ -302,7 +335,7 @@ static void gattc_profile_event_handler(esp_gattc_cb_event_t event, esp_gatt_if_ ESP_LOGI(GATTC_TAG, "Write char success "); break; case ESP_GATTC_DISCONNECT_EVT: - ESP_LOGI(GATTC_TAG, "ESP_GATTC_DISCONNECT_EVT, reason = %d", p_data->disconnect.reason); + ESP_LOGI(GATTC_TAG, "ESP_GATTC_DISCONNECT_EVT, reason = 0x%x", p_data->disconnect.reason); connect = false; get_service = false; break; @@ -379,6 +412,11 @@ static void esp_gap_cb(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param_t *par (bd_addr[4] << 8) + bd_addr[5]); ESP_LOGI(GATTC_TAG, "address type = %d", param->ble_security.auth_cmpl.addr_type); ESP_LOGI(GATTC_TAG, "pair status = %s",param->ble_security.auth_cmpl.success ? "success" : "fail"); + if (!param->ble_security.auth_cmpl.success) { + ESP_LOGI(GATTC_TAG, "fail reason = 0x%x",param->ble_security.auth_cmpl.fail_reason); + } else { + ESP_LOGI(GATTC_TAG, "auth mode = %s",esp_auth_req_to_str(param->ble_security.auth_cmpl.auth_mode)); + } break; } case ESP_GAP_BLE_SCAN_RESULT_EVT: { diff --git a/examples/bluetooth/gatt_security_server/main/example_ble_sec_gatts_demo.c b/examples/bluetooth/gatt_security_server/main/example_ble_sec_gatts_demo.c index 1f99bd82b6..8f3f11a6b9 100644 --- a/examples/bluetooth/gatt_security_server/main/example_ble_sec_gatts_demo.c +++ b/examples/bluetooth/gatt_security_server/main/example_ble_sec_gatts_demo.c @@ -227,6 +227,39 @@ static char *esp_key_type_to_str(esp_ble_key_type_t key_type) return key_str; } +static char *esp_auth_req_to_str(esp_ble_auth_req_t auth_req) +{ + char *auth_str = NULL; + switch(auth_req) { + case ESP_LE_AUTH_NO_BOND: + auth_str = "ESP_LE_AUTH_NO_BOND"; + break; + case ESP_LE_AUTH_BOND: + auth_str = "ESP_LE_AUTH_BOND"; + break; + case ESP_LE_AUTH_REQ_MITM: + auth_str = "ESP_LE_AUTH_REQ_MITM"; + break; + case ESP_LE_AUTH_REQ_SC_ONLY: + auth_str = "ESP_LE_AUTH_REQ_SC_ONLY"; + break; + case ESP_LE_AUTH_REQ_SC_BOND: + auth_str = "ESP_LE_AUTH_REQ_SC_BOND"; + break; + case ESP_LE_AUTH_REQ_SC_MITM: + auth_str = "ESP_LE_AUTH_REQ_SC_MITM"; + break; + case ESP_LE_AUTH_REQ_SC_MITM_BOND: + auth_str = "ESP_LE_AUTH_REQ_SC_MITM_BOND"; + break; + default: + auth_str = "INVALID BLE AUTH REQ"; + break; + } + + return auth_str; +} + static void show_bonded_devices(void) { int dev_num = esp_ble_get_bond_device_num(); @@ -322,6 +355,8 @@ static void gap_event_handler(esp_gap_ble_cb_event_t event, esp_ble_gap_cb_param ESP_LOGI(GATTS_TABLE_TAG, "pair status = %s",param->ble_security.auth_cmpl.success ? "success" : "fail"); if(!param->ble_security.auth_cmpl.success) { ESP_LOGI(GATTS_TABLE_TAG, "fail reason = 0x%x",param->ble_security.auth_cmpl.fail_reason); + } else { + ESP_LOGI(GATTS_TABLE_TAG, "auth mode = %s",esp_auth_req_to_str(param->ble_security.auth_cmpl.auth_mode)); } show_bonded_devices(); break; @@ -398,7 +433,7 @@ static void gatts_profile_event_handler(esp_gatts_cb_event_t event, esp_ble_set_encryption(param->connect.remote_bda, ESP_BLE_SEC_ENCRYPT_MITM); break; case ESP_GATTS_DISCONNECT_EVT: - ESP_LOGI(GATTS_TABLE_TAG, "ESP_GATTS_DISCONNECT_EVT"); + ESP_LOGI(GATTS_TABLE_TAG, "ESP_GATTS_DISCONNECT_EVT, disconnect reason 0x%x", param->disconnect.reason); /* start advertising again when missing the connect */ esp_ble_gap_start_advertising(&heart_rate_adv_params); break; @@ -525,10 +560,12 @@ void app_main() uint8_t rsp_key = ESP_BLE_ENC_KEY_MASK | ESP_BLE_ID_KEY_MASK; //set static passkey uint32_t passkey = 123456; + uint8_t auth_option = ESP_BLE_ONLY_ACCEPT_SPECIFIED_AUTH_DISABLE; esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, &passkey, sizeof(uint32_t)); esp_ble_gap_set_security_param(ESP_BLE_SM_AUTHEN_REQ_MODE, &auth_req, sizeof(uint8_t)); esp_ble_gap_set_security_param(ESP_BLE_SM_IOCAP_MODE, &iocap, sizeof(uint8_t)); esp_ble_gap_set_security_param(ESP_BLE_SM_MAX_KEY_SIZE, &key_size, sizeof(uint8_t)); + esp_ble_gap_set_security_param(ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH, &auth_option, sizeof(uint8_t)); /* If your BLE device act as a Slave, the init_key means you hope which types of key of the master should distribut to you, and the response key means which key you can distribut to the Master; If your BLE device act as a master, the response key means you hope which types of key of the slave should distribut to you, diff --git a/examples/bluetooth/gatt_server/main/gatts_demo.c b/examples/bluetooth/gatt_server/main/gatts_demo.c index 57f17b1dd2..1cb7afb9e9 100644 --- a/examples/bluetooth/gatt_server/main/gatts_demo.c +++ b/examples/bluetooth/gatt_server/main/gatts_demo.c @@ -481,7 +481,7 @@ static void gatts_profile_a_event_handler(esp_gatts_cb_event_t event, esp_gatt_i break; } case ESP_GATTS_DISCONNECT_EVT: - ESP_LOGI(GATTS_TAG, "ESP_GATTS_DISCONNECT_EVT"); + ESP_LOGI(GATTS_TAG, "ESP_GATTS_DISCONNECT_EVT, disconnect reason 0x%x", param->disconnect.reason); esp_ble_gap_start_advertising(&adv_params); break; case ESP_GATTS_CONF_EVT: diff --git a/examples/bluetooth/gatt_server_service_table/main/gatts_table_creat_demo.c b/examples/bluetooth/gatt_server_service_table/main/gatts_table_creat_demo.c index 704e735b90..92b1c06301 100644 --- a/examples/bluetooth/gatt_server_service_table/main/gatts_table_creat_demo.c +++ b/examples/bluetooth/gatt_server_service_table/main/gatts_table_creat_demo.c @@ -452,7 +452,7 @@ static void gatts_profile_event_handler(esp_gatts_cb_event_t event, esp_gatt_if_ esp_ble_gap_update_conn_params(&conn_params); break; case ESP_GATTS_DISCONNECT_EVT: - ESP_LOGI(GATTS_TABLE_TAG, "ESP_GATTS_DISCONNECT_EVT, reason = %d", param->disconnect.reason); + ESP_LOGI(GATTS_TABLE_TAG, "ESP_GATTS_DISCONNECT_EVT, reason = 0x%x", param->disconnect.reason); esp_ble_gap_start_advertising(&adv_params); break; case ESP_GATTS_CREAT_ATTR_TAB_EVT:{