diff --git a/ble/att_server.c b/ble/att_server.c index d3cd8728c..293d03c79 100644 --- a/ble/att_server.c +++ b/ble/att_server.c @@ -160,8 +160,8 @@ static void att_event_packet_handler (uint8_t packet_type, uint16_t channel, uin case HCI_EVENT_ENCRYPTION_KEY_REFRESH_COMPLETE: // check handle if (att_connection.con_handle != READ_BT_16(packet, 3)) break; - att_connection.encryption_key_size = sm_encryption_key_size(att_client_addr_type, att_client_address); - att_connection.authenticated = sm_authenticated(att_client_addr_type, att_client_address); + att_connection.encryption_key_size = sm_encryption_key_size(att_connection.con_handle); + att_connection.authenticated = sm_authenticated(att_connection.con_handle); break; case HCI_EVENT_DISCONNECTION_COMPLETE: @@ -290,10 +290,10 @@ static void att_run(void){ && (att_response_buffer[4] == ATT_ERROR_INSUFFICIENT_AUTHORIZATION) && (att_connection.authenticated)){ - switch (sm_authorization_state(att_client_addr_type, att_client_address)){ + switch (sm_authorization_state(att_connection.con_handle)){ case AUTHORIZATION_UNKNOWN: l2cap_release_packet_buffer(); - sm_request_pairing(att_client_addr_type, att_client_address); + sm_request_pairing(att_connection.con_handle); return; case AUTHORIZATION_PENDING: l2cap_release_packet_buffer(); diff --git a/ble/sm.c b/ble/sm.c index 707f6991a..42de706f2 100644 --- a/ble/sm.c +++ b/ble/sm.c @@ -2338,29 +2338,23 @@ static sm_connection_t * sm_get_connection_for_handle(uint16_t con_handle){ return &hci_con->sm_connection; } -static sm_connection_t * sm_get_connection(uint8_t addr_type, bd_addr_t address){ - hci_connection_t * hci_con = hci_connection_for_bd_addr_and_type(address, (bd_addr_type_t)addr_type); - if (!hci_con) return NULL; - return &hci_con->sm_connection; -} - // @returns 0 if not encrypted, 7-16 otherwise -int sm_encryption_key_size(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +int sm_encryption_key_size(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return 0; // wrong connection if (!sm_conn->sm_connection_encrypted) return 0; return sm_conn->sm_actual_encryption_key_size; } -int sm_authenticated(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +int sm_authenticated(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return 0; // wrong connection if (!sm_conn->sm_connection_encrypted) return 0; // unencrypted connection cannot be authenticated return sm_conn->sm_connection_authenticated; } -authorization_state_t sm_authorization_state(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +authorization_state_t sm_authorization_state(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return AUTHORIZATION_UNKNOWN; // wrong connection if (!sm_conn->sm_connection_encrypted) return AUTHORIZATION_UNKNOWN; // unencrypted connection cannot be authorized if (!sm_conn->sm_connection_authenticated) return AUTHORIZATION_UNKNOWN; // unauthenticatd connection cannot be authorized @@ -2389,8 +2383,8 @@ void sm_send_security_request(uint16_t handle){ } // request pairing -void sm_request_pairing(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_request_pairing(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection log_info("sm_request_pairing in role %u, state %u", sm_conn->sm_role, sm_conn->sm_engine_state); @@ -2423,15 +2417,15 @@ void sm_request_pairing(uint8_t addr_type, bd_addr_t address){ } // called by client app on authorization request -void sm_authorization_decline(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_authorization_decline(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection sm_conn->sm_connection_authorization_state = AUTHORIZATION_DECLINED; sm_notify_client_authorization(SM_AUTHORIZATION_RESULT, sm_conn->sm_handle, sm_conn->sm_peer_addr_type, sm_conn->sm_peer_address, 0); } -void sm_authorization_grant(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_authorization_grant(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection sm_conn->sm_connection_authorization_state = AUTHORIZATION_GRANTED; sm_notify_client_authorization(SM_AUTHORIZATION_RESULT, sm_conn->sm_handle, sm_conn->sm_peer_addr_type, sm_conn->sm_peer_address, 1); @@ -2439,8 +2433,8 @@ void sm_authorization_grant(uint8_t addr_type, bd_addr_t address){ // GAP Bonding API -void sm_bonding_decline(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_bonding_decline(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection setup->sm_user_response = SM_USER_RESPONSE_DECLINE; @@ -2452,8 +2446,8 @@ void sm_bonding_decline(uint8_t addr_type, bd_addr_t address){ sm_run(); } -void sm_just_works_confirm(uint8_t addr_type, bd_addr_t address){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_just_works_confirm(uint16_t handle){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection setup->sm_user_response = SM_USER_RESPONSE_CONFIRM; if (sm_conn->sm_engine_state == SM_PH1_W4_USER_RESPONSE){ @@ -2462,8 +2456,8 @@ void sm_just_works_confirm(uint8_t addr_type, bd_addr_t address){ sm_run(); } -void sm_passkey_input(uint8_t addr_type, bd_addr_t address, uint32_t passkey){ - sm_connection_t * sm_conn = sm_get_connection(addr_type, address); +void sm_passkey_input(uint16_t handle, uint32_t passkey){ + sm_connection_t * sm_conn = sm_get_connection_for_handle(handle); if (!sm_conn) return; // wrong connection sm_reset_tk(); net_store_32(setup->sm_tk, 12, passkey); diff --git a/ble/sm.h b/ble/sm.h index f0b13e1bc..b28ec8a50 100644 --- a/ble/sm.h +++ b/ble/sm.h @@ -202,20 +202,20 @@ void sm_send_security_request(uint16_t handle); * @brief Decline bonding triggered by event before * @param addr_type and address */ -void sm_bonding_decline(uint8_t addr_type, bd_addr_t address); +void sm_bonding_decline(uint16_t handle); /** * @brief Confirm Just Works bonding * @param addr_type and address */ -void sm_just_works_confirm(uint8_t addr_type, bd_addr_t address); +void sm_just_works_confirm(uint16_t handle); /** * @brief Reports passkey input by user * @param addr_type and address * @param passkey in [0..999999] */ -void sm_passkey_input(uint8_t addr_type, bd_addr_t address, uint32_t passkey); +void sm_passkey_input(uint16_t handle, uint32_t passkey); /** * @@ -223,39 +223,39 @@ void sm_passkey_input(uint8_t addr_type, bd_addr_t address, uint32_t passkey); * @param addr_type and address * @return 0 if not encrypted, 7-16 otherwise */ -int sm_encryption_key_size(uint8_t addr_type, bd_addr_t address); +int sm_encryption_key_size(uint16_t handle); /** * @brief Get authentication property. * @param addr_type and address * @return 1 if bonded with OOB/Passkey (AND MITM protection) */ -int sm_authenticated(uint8_t addr_type, bd_addr_t address); +int sm_authenticated(uint16_t handle); /** * @brief Queries authorization state. * @param addr_type and address * @return authorization_state for the current session */ -authorization_state_t sm_authorization_state(uint8_t addr_type, bd_addr_t address); +authorization_state_t sm_authorization_state(uint16_t handle); /** * @brief Used by att_server.c to request user authorization. * @param addr_type and address */ -void sm_request_pairing(uint8_t addr_type, bd_addr_t address); +void sm_request_pairing(uint16_t handle); /** * @brief Report user authorization decline. * @param addr_type and address */ -void sm_authorization_decline(uint8_t addr_type, bd_addr_t address); +void sm_authorization_decline(uint16_t handle); /** * @brief Report user authorization grant. * @param addr_type and address */ -void sm_authorization_grant(uint8_t addr_type, bd_addr_t address); +void sm_authorization_grant(uint16_t handle); /** * @brief Support for signed writes, used by att_server. diff --git a/ble/sm_minimal.c b/ble/sm_minimal.c index d56e7b7b9..efce5c96b 100644 --- a/ble/sm_minimal.c +++ b/ble/sm_minimal.c @@ -69,9 +69,9 @@ void sm_set_authentication_requirements(uint8_t auth_req){} void sm_set_io_capabilities(io_capability_t io_capability){} void sm_send_security_request(uint16_t handle){} -void sm_bonding_decline(uint8_t addr_type, bd_addr_t address){} -void sm_just_works_confirm(uint8_t addr_type, bd_addr_t address){} -void sm_passkey_input(uint8_t addr_type, bd_addr_t address, uint32_t passkey){} +void sm_bonding_decline(uint16_t handle){} +void sm_just_works_confirm(uint16_t handle){} +void sm_passkey_input(uint16_t handle, uint32_t passkey){} // @returns 0 if not encrypted, 7-16 otherwise int sm_encryption_key_size(uint8_t addr_type, bd_addr_t address){ diff --git a/test/pts/ble_central_test.c b/test/pts/ble_central_test.c index 68230b5f9..8c4622d0c 100644 --- a/test/pts/ble_central_test.c +++ b/test/pts/ble_central_test.c @@ -383,14 +383,14 @@ void app_packet_handler (uint8_t packet_type, uint16_t channel, uint8_t *packet, case SM_JUST_WORKS_REQUEST: // auto-authorize connection if requested sm_event = (sm_event_t *) packet; - sm_just_works_confirm(sm_event->addr_type, sm_event->address); + sm_just_works_confirm(sm_event->handle); printf("Just Works request confirmed\n"); break; case SM_AUTHORIZATION_REQUEST: // auto-authorize connection if requested sm_event = (sm_event_t *) packet; - sm_authorization_grant(sm_event->addr_type, sm_event->address); + sm_authorization_grant(sm_event->handle); break; case GAP_LE_ADVERTISING_REPORT: @@ -886,7 +886,7 @@ static int ui_process_digits_for_passkey(char buffer){ ui_digits_for_passkey--; if (ui_digits_for_passkey == 0){ printf("\nSending Passkey %u (0x%x)\n", ui_passkey, ui_passkey); - sm_passkey_input(peer_addr_type, peer_address, ui_passkey); + sm_passkey_input(handle, ui_passkey); } return 0; } @@ -1189,7 +1189,7 @@ static void ui_process_command(char buffer){ show_usage(); break; case 'b': - sm_request_pairing(current_pts_address_type, current_pts_address); + sm_request_pairing(handle); break; case 'c': gap_connectable = 0; diff --git a/test/pts/ble_peripheral_test.c b/test/pts/ble_peripheral_test.c index 2c5d3b5bc..c19235145 100644 --- a/test/pts/ble_peripheral_test.c +++ b/test/pts/ble_peripheral_test.c @@ -570,7 +570,7 @@ static void app_packet_handler (uint8_t packet_type, uint16_t channel, uint8_t * case SM_JUST_WORKS_REQUEST: { printf("SM_JUST_WORKS_REQUEST\n"); sm_event_t * event = (sm_event_t *) packet; - sm_just_works_confirm(event->addr_type, event->address); + sm_just_works_confirm(event->handle); break; } @@ -600,7 +600,7 @@ static void app_packet_handler (uint8_t packet_type, uint16_t channel, uint8_t * case SM_AUTHORIZATION_REQUEST: { // auto-authorize connection if requested sm_event_t * event = (sm_event_t *) packet; - sm_authorization_grant(event->addr_type, event->address); + sm_authorization_grant(event->handle); break; } case ATT_HANDLE_VALUE_INDICATION_COMPLETE: @@ -718,7 +718,7 @@ int stdin_process(struct data_source *ds){ ui_digits_for_passkey--; if (ui_digits_for_passkey == 0){ printf("\nSending Passkey '%06x'\n", ui_passkey); - sm_passkey_input(master_addr_type, master_address, ui_passkey); + sm_passkey_input(handle, ui_passkey); } return 0; } diff --git a/test/security_manager/security_manager.c b/test/security_manager/security_manager.c index a6238b0ff..4c8b4c0b9 100644 --- a/test/security_manager/security_manager.c +++ b/test/security_manager/security_manager.c @@ -144,14 +144,14 @@ void app_packet_handler (uint8_t packet_type, uint16_t channel, uint8_t *packet, case SM_JUST_WORKS_REQUEST: // auto-authorize connection if requested sm_event = (sm_event_t *) packet; - sm_just_works_confirm(sm_event->addr_type, sm_event->address); + sm_just_works_confirm(sm_event->handle); printf("Just Works request confirmed\n"); break; case SM_AUTHORIZATION_REQUEST: // auto-authorize connection if requested sm_event = (sm_event_t *) packet; - sm_authorization_grant(sm_event->addr_type, sm_event->address); + sm_authorization_grant(sm_event->handle); break; default: