mirror/btstack
1
0
Fork 0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-04-07 16:20:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

ble/att_db: extract att_validate_security_get_settings

Browse Source
This commit is contained in:
Matthias Ringwald 2021-06-21 17:46:52 +02:00
parent 4eb382490a
commit b6e793c0e2
1 changed files with 21 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
src/ble/att_db.c
View File

@ -294,36 +294,46 @@ static inline uint16_t setup_error_invalid_pdu(uint8_t *response_buffer, uint16_
return setup_error(response_buffer, request, 0, ATT_ERROR_INVALID_PDU); return setup_error(response_buffer, request, 0, ATT_ERROR_INVALID_PDU);
} }
static uint8_t att_validate_security(att_connection_t * att_connection, att_operation_t operation, att_iterator_t * it){ struct att_security_settings {
int required_security_level = 0; uint8_t required_security_level;
bool requires_secure_connection = false; bool requires_secure_connection;
};
static void att_validate_security_get_settings(struct att_security_settings * security_settings, att_operation_t operation, att_iterator_t *it){
security_settings->required_security_level = 0;
security_settings->requires_secure_connection = false;
switch (operation){ switch (operation){
case ATT_READ: case ATT_READ:
if ((it->flags & ATT_PROPERTY_READ_PERMISSION_BIT_0) != 0u){ if ((it->flags & ATT_PROPERTY_READ_PERMISSION_BIT_0) != 0u){
required_security_level |= 1; security_settings->required_security_level |= 1;
} }
if ((it->flags & ATT_PROPERTY_READ_PERMISSION_BIT_1) != 0u){ if ((it->flags & ATT_PROPERTY_READ_PERMISSION_BIT_1) != 0u){
required_security_level |= 2; security_settings->required_security_level |= 2;
} }
if ((it->flags & ATT_PROPERTY_READ_PERMISSION_SC) != 0u){ if ((it->flags & ATT_PROPERTY_READ_PERMISSION_SC) != 0u){
requires_secure_connection = true; security_settings->requires_secure_connection = true;
} }
break; break;
case ATT_WRITE: case ATT_WRITE:
if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_BIT_0) != 0u){ if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_BIT_0) != 0u){
required_security_level |= 1; security_settings->required_security_level |= 1;
} }
if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_BIT_1) != 0u){ if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_BIT_1) != 0u){
required_security_level |= 2; security_settings->required_security_level |= 2;
} }
if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_SC) != 0u){ if ((it->flags & ATT_PROPERTY_WRITE_PERMISSION_SC) != 0u){
requires_secure_connection = true; security_settings->requires_secure_connection = true;
} }
break; break;
default: default:
btstack_assert(false); btstack_assert(false);
break; break;
} }
}
static uint8_t att_validate_security(att_connection_t * att_connection, att_operation_t operation, att_iterator_t * it){
struct att_security_settings security_settings;
att_validate_security_get_settings(&security_settings, operation, it);
uint8_t required_encryption_size = it->flags >> 12; uint8_t required_encryption_size = it->flags >> 12;
if (required_encryption_size != 0) required_encryption_size++; // store -1 to fit into 4 bit if (required_encryption_size != 0) required_encryption_size++; // store -1 to fit into 4 bit
@ -331,8 +341,8 @@ static uint8_t att_validate_security(att_connection_t * att_connection, att_oper
log_debug("att_validate_security. flags 0x%04x (=> security level %u, key size %u) authorized %u, authenticated %u, encryption_key_size %u, secure connection %u", log_debug("att_validate_security. flags 0x%04x (=> security level %u, key size %u) authorized %u, authenticated %u, encryption_key_size %u, secure connection %u",
it->flags, required_security_level, required_encryption_size, att_connection->authorized, att_connection->authenticated, att_connection->encryption_key_size, att_connection->secure_connection); it->flags, required_security_level, required_encryption_size, att_connection->authorized, att_connection->authenticated, att_connection->encryption_key_size, att_connection->secure_connection);
bool sc_missing = requires_secure_connection && (att_connection->secure_connection == 0u); bool sc_missing = security_settings.requires_secure_connection && (att_connection->secure_connection == 0u);
switch (required_security_level){ switch (security_settings.required_security_level){
case ATT_SECURITY_AUTHORIZED: case ATT_SECURITY_AUTHORIZED:
if ((att_connection->authorized == 0u) || sc_missing){ if ((att_connection->authorized == 0u) || sc_missing){
return ATT_ERROR_INSUFFICIENT_AUTHORIZATION; return ATT_ERROR_INSUFFICIENT_AUTHORIZATION;