sm: numeric comparison for secure connections in initiator role

port/libusb/gap_le_connect_to_1111.c

@@ -85,8 +85,9 @@ static void gap_le_connect_to_1111_setup(void){
     // sm_set_io_capabilities(IO_CAPABILITY_DISPLAY_ONLY);
     sm_set_authentication_requirements(SM_AUTHREQ_MITM_PROTECTION);
 #ifdef ENABLE_LE_SECURE_CONNECTIONS
-   // sm_set_authentication_requirements(SM_AUTHREQ_SECURE_CONNECTION|SM_AUTHREQ_MITM_PROTECTION);
-   sm_set_authentication_requirements(SM_AUTHREQ_SECURE_CONNECTION);
+    sm_set_authentication_requirements(SM_AUTHREQ_SECURE_CONNECTION|SM_AUTHREQ_MITM_PROTECTION);
+    // Just Works (no MITM requested)
+    // sm_set_authentication_requirements(SM_AUTHREQ_SECURE_CONNECTION);
 #endif
 }
 

src/ble/sm.c

@@ -2611,11 +2611,16 @@ static void sm_pdu_handler(uint8_t packet_type, hci_con_handle_t con_handle, uin
             }
 #ifdef ENABLE_LE_SECURE_CONNECTIONS
             if (setup->sm_use_secure_connections){
-                sm_conn->sm_engine_state = SM_PH1_W4_USER_RESPONSE;
-                sm_trigger_user_response(sm_conn);
-                if (setup->sm_user_response == SM_USER_RESPONSE_IDLE){
+                // SC Numeric Comparison will trigger user response after public keys & nonces have been exchanged                
+                if (setup->sm_stk_generation_method == JUST_WORKS){
+                    sm_conn->sm_engine_state = SM_PH1_W4_USER_RESPONSE;
+                    sm_trigger_user_response(sm_conn);
+                    if (setup->sm_user_response == SM_USER_RESPONSE_IDLE){
+                        sm_conn->sm_engine_state = SM_PH2_SEND_PUBLIC_KEY_COMMAND;
+                    } 
+                } else {
                     sm_conn->sm_engine_state = SM_PH2_SEND_PUBLIC_KEY_COMMAND;
-                } 
+                }
                 break;
             } 
 #endif