diff --git a/components/bt/bluedroid/bta/dm/bta_dm_act.c b/components/bt/bluedroid/bta/dm/bta_dm_act.c index 95a17a480..c2f5e1dac 100644 --- a/components/bt/bluedroid/bta/dm/bta_dm_act.c +++ b/components/bt/bluedroid/bta/dm/bta_dm_act.c @@ -4296,9 +4296,6 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D switch (event) { case BTM_LE_IO_REQ_EVT: { // #if (BT_SSP_INCLUDED == TRUE) - UINT8 enable = bta_dm_co_ble_get_accept_auth_enable(); - UINT8 origin_auth = bta_dm_co_ble_get_auth_req(); - BTM_BleSetAcceptAuthMode(enable, origin_auth); bta_dm_co_ble_io_req(bda, &p_data->io_req.io_cap, &p_data->io_req.oob_data, diff --git a/components/bt/bluedroid/stack/btm/btm_ble.c b/components/bt/bluedroid/stack/btm/btm_ble.c index 259a54ffb..bdd991c95 100644 --- a/components/bt/bluedroid/stack/btm/btm_ble.c +++ b/components/bt/bluedroid/stack/btm/btm_ble.c @@ -443,25 +443,6 @@ void BTM_BleSetStaticPasskey(BOOLEAN add, UINT32 passkey) #endif } -/******************************************************************************* -** -** Function BTM_BleSetAcceptAuthMode -** -** Description This function is called to set only accept specified Authentication -** -** -** Parameters: enable - Whether to enable this function -** -** auth_mode - Authentication mode -** -** -*******************************************************************************/ -void BTM_BleSetAcceptAuthMode(UINT8 enable, UINT8 auth_mode) -{ -#if SMP_INCLUDED == TRUE - SMP_SetAcceptAuthMode(enable, auth_mode); -#endif -} /******************************************************************************* ** ** Function BTM_BleConfirmReply diff --git a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h index cadf970ed..e0d67ee63 100644 --- a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h +++ b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h @@ -1332,21 +1332,6 @@ void BTM_BlePasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey); *******************************************************************************/ void BTM_BleSetStaticPasskey(BOOLEAN add, UINT32 passkey); -/******************************************************************************* -** -** Function BTM_BleSetAcceptAuthMode -** -** Description This function is called to set only accept specified Authentication -** -** -** Parameters: enable - Whether to enable this function -** -** auth_mode - Authentication mode -** -** -*******************************************************************************/ -void BTM_BleSetAcceptAuthMode(UINT8 enable, UINT8 auth_mode); - /******************************************************************************* ** ** Function BTM_BleConfirmReply diff --git a/components/bt/bluedroid/stack/include/stack/smp_api.h b/components/bt/bluedroid/stack/include/stack/smp_api.h index b4b6af14b..390f6209e 100644 --- a/components/bt/bluedroid/stack/include/stack/smp_api.h +++ b/components/bt/bluedroid/stack/include/stack/smp_api.h @@ -417,8 +417,6 @@ extern void SMP_PasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey); *******************************************************************************/ extern void SMP_SetStaticPasskey (BOOLEAN add, UINT32 passkey); -extern void SMP_SetAcceptAuthMode (UINT8 enable, UINT8 auth_mode); - /******************************************************************************* ** ** Function SMP_ConfirmReply diff --git a/components/bt/bluedroid/stack/smp/include/smp_int.h b/components/bt/bluedroid/stack/smp/include/smp_int.h index 55bf3e279..a261e14cb 100644 --- a/components/bt/bluedroid/stack/smp/include/smp_int.h +++ b/components/bt/bluedroid/stack/smp/include/smp_int.h @@ -301,6 +301,7 @@ typedef struct { tSMP_OOB_FLAG loc_oob_flag; tSMP_AUTH_REQ peer_auth_req; tSMP_AUTH_REQ loc_auth_req; + tSMP_AUTH_REQ auth_mode; BOOLEAN secure_connections_only_mode_required;/* TRUE if locally SM is required to operate */ /* either in Secure Connections mode or not at all */ tSMP_ASSO_MODEL selected_association_model; diff --git a/components/bt/bluedroid/stack/smp/smp_act.c b/components/bt/bluedroid/stack/smp/smp_act.c index 2534a587e..87d7b978d 100644 --- a/components/bt/bluedroid/stack/smp/smp_act.c +++ b/components/bt/bluedroid/stack/smp/smp_act.c @@ -52,6 +52,9 @@ const tSMP_ACT smp_distribute_act [] = { smp_set_derive_link_key }; +extern UINT8 bta_dm_co_ble_get_accept_auth_enable(void); +extern UINT8 bta_dm_co_ble_get_auth_req(void); + static bool lmp_version_below(BD_ADDR bda, uint8_t version) { tACL_CONN *acl = btm_bda_to_acl(bda, BT_TRANSPORT_LE); @@ -498,6 +501,33 @@ void smp_proc_pair_fail(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) p_cb->status = *(UINT8 *)p_data; } +/******************************************************************************* +** Function smp_get_auth_mode +** Description Get the SMP pairing auth mode +*******************************************************************************/ +uint16_t smp_get_auth_mode (tSMP_ASSO_MODEL model) +{ + SMP_TRACE_DEBUG("%s model %d", __func__, model); + uint16_t auth = 0; + if (model == SMP_MODEL_ENCRYPTION_ONLY || model == SMP_MODEL_SEC_CONN_JUSTWORKS) { + //No MITM + if(model == SMP_MODEL_SEC_CONN_JUSTWORKS) { + //SC SMP_SC_SUPPORT_BIT + auth |= SMP_SC_SUPPORT_BIT; + } + } else if (model <= SMP_MODEL_KEY_NOTIF) { + //NO SC, MITM + auth |= SMP_AUTH_YN_BIT; + } else if (model <= SMP_MODEL_SEC_CONN_OOB) { + //SC, MITM + auth |= SMP_SC_SUPPORT_BIT; + auth |= SMP_AUTH_YN_BIT; + } else { + auth = 0; + } + return auth; +} + /******************************************************************************* ** Function smp_proc_pair_cmd ** Description Process the SMP pairing request/response from peer device @@ -528,7 +558,8 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); return; } - + p_cb->accept_specified_sec_auth = bta_dm_co_ble_get_accept_auth_enable(); + p_cb->origin_loc_auth_req = bta_dm_co_ble_get_auth_req(); if (p_cb->role == HCI_ROLE_SLAVE) { if (!(p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD)) { /* peer (master) started pairing sending Pairing Request */ @@ -551,10 +582,18 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); return; } - if(p_cb->accept_specified_sec_auth) { - if((p_cb->origin_loc_auth_req & p_cb->peer_auth_req & p_cb->loc_auth_req) != p_cb->origin_loc_auth_req ) { - SMP_TRACE_ERROR("%s pairing failed - slave requires 0x%x auth but peer auth req 0x%x local auth req 0x%x", + uint16_t auth = smp_get_auth_mode(p_cb->selected_association_model); + if(p_cb->peer_auth_req & p_cb->loc_auth_req & SMP_AUTH_GEN_BOND) { + auth |= SMP_AUTH_GEN_BOND; + } + p_cb->auth_mode = auth; + if (p_cb->accept_specified_sec_auth) { + if ((auth & p_cb->origin_loc_auth_req) != p_cb->origin_loc_auth_req ) { + SMP_TRACE_ERROR("%s pairing failed - slave requires auth is 0x%x but peer auth is 0x%x local auth is 0x%x", __func__, p_cb->origin_loc_auth_req, p_cb->peer_auth_req, p_cb->loc_auth_req); + if (BTM_IsAclConnectionUp(p_cb->pairing_bda, BT_TRANSPORT_LE)) { + btm_remove_acl (p_cb->pairing_bda, BT_TRANSPORT_LE); + } reason = SMP_PAIR_AUTH_FAIL; smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); } @@ -581,10 +620,18 @@ void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) return; } + uint16_t auth = smp_get_auth_mode(p_cb->selected_association_model); + if(p_cb->peer_auth_req & p_cb->loc_auth_req & SMP_AUTH_GEN_BOND) { + auth |= SMP_AUTH_GEN_BOND; + } + p_cb->auth_mode = auth; if (p_cb->accept_specified_sec_auth) { - if ((p_cb->origin_loc_auth_req & p_cb->peer_auth_req & p_cb->loc_auth_req) != p_cb->origin_loc_auth_req ) { - SMP_TRACE_ERROR("%s pairing failed - master requires 0x%x auth but peer auth req 0x%x local auth req 0x%x", + if ((auth & p_cb->origin_loc_auth_req) != p_cb->origin_loc_auth_req ) { + SMP_TRACE_ERROR("%s pairing failed - master requires auth is 0x%x but peer auth is 0x%x local auth is 0x%x", __func__, p_cb->origin_loc_auth_req, p_cb->peer_auth_req, p_cb->loc_auth_req); + if (BTM_IsAclConnectionUp(p_cb->pairing_bda, BT_TRANSPORT_LE)) { + btm_remove_acl (p_cb->pairing_bda, BT_TRANSPORT_LE); + } reason = SMP_PAIR_AUTH_FAIL; smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); } @@ -1334,6 +1381,22 @@ void smp_process_io_response(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); return; } + uint16_t auth = smp_get_auth_mode(p_cb->selected_association_model); + if(p_cb->peer_auth_req & p_cb->loc_auth_req & SMP_AUTH_GEN_BOND) { + auth |= SMP_AUTH_GEN_BOND; + } + p_cb->auth_mode = auth; + if (p_cb->accept_specified_sec_auth) { + if ((auth & p_cb->origin_loc_auth_req) != p_cb->origin_loc_auth_req ) { + SMP_TRACE_ERROR("pairing failed - slave requires auth is 0x%x but peer auth is 0x%x local auth is 0x%x", + p_cb->origin_loc_auth_req, p_cb->peer_auth_req, p_cb->loc_auth_req); + if (BTM_IsAclConnectionUp(p_cb->pairing_bda, BT_TRANSPORT_LE)) { + btm_remove_acl (p_cb->pairing_bda, BT_TRANSPORT_LE); + } + reason = SMP_PAIR_AUTH_FAIL; + smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); + } + } if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) { if (smp_request_oob_data(p_cb)) { diff --git a/components/bt/bluedroid/stack/smp/smp_api.c b/components/bt/bluedroid/stack/smp/smp_api.c index 8ec1394dd..36811cd24 100644 --- a/components/bt/bluedroid/stack/smp/smp_api.c +++ b/components/bt/bluedroid/stack/smp/smp_api.c @@ -354,27 +354,6 @@ void SMP_SetStaticPasskey (BOOLEAN add, UINT32 passkey) } } -/******************************************************************************* -** -** Function SMP_SetAcceptAuthMode -** -** Description This function is called to set only accept specified Authentication -** -** -** Parameters: enable - Whether to enable this function -** -** auth_mode - Authentication mode -** -** -*******************************************************************************/ -void SMP_SetAcceptAuthMode (UINT8 enable, UINT8 auth_mode) -{ - tSMP_CB *p_cb = & smp_cb; - - p_cb->accept_specified_sec_auth = enable; - p_cb->origin_loc_auth_req = auth_mode; - -} /******************************************************************************* ** ** Function SMP_ConfirmReply diff --git a/components/bt/bluedroid/stack/smp/smp_utils.c b/components/bt/bluedroid/stack/smp/smp_utils.c index eeaf66b29..37460cf29 100644 --- a/components/bt/bluedroid/stack/smp/smp_utils.c +++ b/components/bt/bluedroid/stack/smp/smp_utils.c @@ -973,7 +973,7 @@ void smp_proc_pairing_cmpl(tSMP_CB *p_cb) evt_data.cmplt.auth_mode = 0; if (p_cb->status == SMP_SUCCESS) { evt_data.cmplt.sec_level = p_cb->sec_level; - evt_data.cmplt.auth_mode = (p_cb->peer_auth_req & p_cb->loc_auth_req); + evt_data.cmplt.auth_mode = p_cb->auth_mode; } evt_data.cmplt.is_pair_cancel = FALSE;