Merge branch 'feat/add_test_api_for_sec_v5.2' into 'release/v5.2'

Feat/add test api for sec v5.2

See merge request espressif/esp-idf!29169

components/bt/host/bluedroid/api/include/api/esp_gap_bt_api.h

@@ -226,6 +226,22 @@ typedef enum {
     ESP_BT_GAP_DISCOVERY_STARTED,                   /*!< Device discovery started */
 } esp_bt_gap_discovery_state_t;
 
+/// Type of link key
+#define ESP_BT_LINK_KEY_COMB                (0x00)  /*!< Combination Key */
+#define ESP_BT_LINK_KEY_DBG_COMB            (0x03)  /*!< Debug Combination Key */
+#define ESP_BT_LINK_KEY_UNAUTHED_COMB_P192  (0x04)  /*!< Unauthenticated Combination Key generated from P-192 */
+#define ESP_BT_LINK_KEY_AUTHED_COMB_P192    (0x05)  /*!< Authenticated Combination Key generated from P-192 */
+#define ESP_BT_LINK_KEY_CHG_COMB            (0x06)  /*!< Changed Combination Key */
+#define ESP_BT_LINK_KEY_UNAUTHED_COMB_P256  (0x07)  /*!< Unauthenticated Combination Key generated from P-256 */
+#define ESP_BT_LINK_KEY_AUTHED_COMB_P256    (0x08)  /*!< Authenticated Combination Key generated from P-256 */
+typedef uint8_t esp_bt_link_key_type_t;
+
+/// Type of encryption
+#define ESP_BT_ENC_MODE_OFF                 (0x00)  /*!< Link Level Encryption is OFF */
+#define ESP_BT_ENC_MODE_E0                  (0x01)  /*!< Link Level Encryption is ON with E0 */
+#define ESP_BT_ENC_MODE_AES                 (0x02)  /*!< Link Level Encryption is ON with AES-CCM */
+typedef uint8_t esp_bt_enc_mode_t;
+
 /// BT GAP callback events
 typedef enum {
     ESP_BT_GAP_DISC_RES_EVT = 0,                    /*!< Device discovery result event */
@@ -249,6 +265,7 @@ typedef enum {
     ESP_BT_GAP_SET_PAGE_TO_EVT,                     /*!< Set page timeout event */
     ESP_BT_GAP_GET_PAGE_TO_EVT,                     /*!< Get page timeout event */
     ESP_BT_GAP_ACL_PKT_TYPE_CHANGED_EVT,            /*!< Set ACL packet types event */
+    ESP_BT_GAP_ENC_CHG_EVT,                         /*!< Encryption change event */
     ESP_BT_GAP_EVT_MAX,
 } esp_bt_gap_cb_event_t;
 
@@ -331,9 +348,18 @@ typedef union {
     struct auth_cmpl_param {
         esp_bd_addr_t bda;                     /*!< remote bluetooth device address*/
         esp_bt_status_t stat;                  /*!< authentication complete status */
+        esp_bt_link_key_type_t lk_type;        /*!< type of link key generated */
         uint8_t device_name[ESP_BT_GAP_MAX_BDNAME_LEN + 1]; /*!< device name */
     } auth_cmpl;                               /*!< authentication complete parameter struct */
 
+    /**
+     * @brief ESP_BT_GAP_ENC_CHG_EVT
+     */
+    struct enc_chg_param {
+        esp_bd_addr_t bda;                     /*!< remote bluetooth device address*/
+        esp_bt_enc_mode_t enc_mode;            /*!< encryption mode */
+    } enc_chg;                                 /*!< encryption change parameter struct */
+
     /**
      * @brief ESP_BT_GAP_PIN_REQ_EVT
      */

components/bt/host/bluedroid/bta/dm/bta_dm_act.c

@@ -77,9 +77,10 @@ static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
 static void bta_dm_acl_link_stat_cback(tBTM_ACL_LINK_STAT_EVENT_DATA *p_data);
 static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);
 
-/* Extended Inquiry Response */
 #if (CLASSIC_BT_INCLUDED == TRUE)
+static void bta_dm_encryption_change_cback(BD_ADDR bd_addr, UINT8 enc_mode);
 static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
+/* Extended Inquiry Response */
 static void bta_dm_set_eir (char *local_name);
 #endif
 #if (SDP_INCLUDED == TRUE)
@@ -231,9 +232,11 @@ const tBTM_APPL_INFO bta_security = {
     &bta_dm_authentication_complete_cback,
     &bta_dm_bond_cancel_complete_cback,
 #if (CLASSIC_BT_INCLUDED == TRUE)
+    &bta_dm_encryption_change_cback,
     &bta_dm_sp_cback,
 #else
     NULL,
+    NULL,
 #endif
 #if BLE_INCLUDED == TRUE
     &bta_dm_ble_smp_cback,
@@ -3093,6 +3096,27 @@ static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_
     bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
     return BTM_CMD_STARTED;
 }
+
+/*******************************************************************************
+**
+** Function         bta_dm_new_link_key_cback
+**
+** Description      Callback from BTM to notify new link key
+**
+** Returns          void
+**
+*******************************************************************************/
+static void bta_dm_encryption_change_cback(BD_ADDR bd_addr, UINT8 enc_mode)
+{
+    if (bta_dm_cb.p_sec_cback) {
+        tBTA_DM_SEC sec_event;
+        memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
+        bdcpy(sec_event.enc_chg.bd_addr, bd_addr);
+        sec_event.enc_chg.enc_mode = enc_mode;
+
+        bta_dm_cb.p_sec_cback(BTA_DM_ENC_CHG_EVT, &sec_event);
+    }
+}
 #endif ///CLASSIC_BT_INCLUDED == TRUE
 
 /*******************************************************************************

components/bt/host/bluedroid/bta/include/bta/bta_api.h

@@ -669,6 +669,7 @@ typedef UINT8 tBTA_SIG_STRENGTH_MASK;
 #define BTA_DM_ACL_LINK_STAT_EVT        32      /* ACL connection status report event */
 #define BTA_DM_BLE_SC_OOB_REQ_EVT       33      /* BLE SMP SC OOB request event */
 #define BTA_DM_BLE_SC_CR_LOC_OOB_EVT    34      /* BLE SMP SC Create Local OOB request event */
+#define BTA_DM_ENC_CHG_EVT              35      /* Encryption change event */
 
 typedef UINT8 tBTA_DM_SEC_EVT;
 
@@ -993,6 +994,11 @@ typedef struct {
     BT_OCTET16      local_oob_r;    /* Local OOB Data Randomizer */
 } tBTA_DM_LOC_OOB_DATA;
 
+typedef struct {
+    BD_ADDR bd_addr;                /* BD address peer device */
+    UINT8 enc_mode;                 /* Encryption mode */
+} tBTA_DM_ENC_CHG;
+
 /* Union of all security callback structures */
 typedef union {
     tBTA_DM_ENABLE              enable;             /* BTA enabled */
@@ -1018,6 +1024,7 @@ typedef union {
     tBTA_DM_MODE_CHG            mode_chg;           /* mode change event */
 #endif ///BTA_DM_PM_INCLUDED
     tBTA_DM_LOC_OOB_DATA        local_oob_data;     /* Local OOB data generated by us */
+    tBTA_DM_ENC_CHG             enc_chg;            /* Encryption change event */
 } tBTA_DM_SEC;
 
 /* Security callback */

components/bt/host/bluedroid/btc/core/btc_dm.c

@@ -413,6 +413,7 @@ static void btc_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
     msg->pid = BTC_PID_GAP_BT;
     msg->act = BTC_GAP_BT_AUTH_CMPL_EVT;
     param.auth_cmpl.stat = status;
+    param.auth_cmpl.lk_type = p_auth_cmpl->key_type;
     memcpy(param.auth_cmpl.bda, p_auth_cmpl->bd_addr, ESP_BD_ADDR_LEN);
     memcpy(param.auth_cmpl.device_name, p_auth_cmpl->bd_name, ESP_BT_GAP_MAX_BDNAME_LEN + 1);
     memcpy(msg->arg, &param, sizeof(esp_bt_gap_cb_param_t));
@@ -428,6 +429,34 @@ static void btc_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
     (void) status;
 }
 
+static void btc_dm_enc_chg_evt (tBTA_DM_ENC_CHG *p_enc_chg)
+{
+#if (BTC_GAP_BT_INCLUDED == TRUE)
+    esp_bt_gap_cb_param_t param;
+    bt_status_t ret;
+    btc_msg_t *msg;
+
+    msg = (btc_msg_t *)osi_malloc(sizeof(btc_msg_t) + sizeof(esp_bt_gap_cb_param_t));
+    if (msg == NULL) {
+        BTC_TRACE_ERROR("%s malloc fail", __func__);
+        return;
+    }
+    msg->sig = BTC_SIG_API_CB;
+    msg->pid = BTC_PID_GAP_BT;
+    msg->act = BTC_GAP_BT_ENC_CHG_EVT;
+    param.enc_chg.enc_mode = p_enc_chg->enc_mode;
+    memcpy(param.enc_chg.bda, p_enc_chg->bd_addr, ESP_BD_ADDR_LEN);
+    memcpy(msg->arg, &param, sizeof(esp_bt_gap_cb_param_t));
+
+    ret = btc_inter_profile_call(msg);
+    osi_free(msg);
+
+    if (ret != BT_STATUS_SUCCESS) {
+        BTC_TRACE_ERROR("%s btc_inter_profile_call failed\n", __func__);
+    }
+#endif /// BTC_GAP_BT_INCLUDED == TRUE
+}
+
 static void btc_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
 {
 #if (BTC_GAP_BT_INCLUDED == TRUE)
@@ -782,6 +811,9 @@ void btc_dm_sec_cb_handler(btc_msg_t *msg)
     case BTA_DM_AUTH_CMPL_EVT:
         btc_dm_auth_cmpl_evt(&p_data->auth_cmpl);
         break;
+    case BTA_DM_ENC_CHG_EVT:
+        btc_dm_enc_chg_evt(&p_data->enc_chg);
+        break;
     case BTA_DM_BOND_CANCEL_CMPL_EVT:
         BTC_TRACE_DEBUG("BTA_DM_BOND_CANCEL_CMPL_EVT");
         break;

components/bt/host/bluedroid/btc/profile/std/gap/btc_gap_bt.c

@@ -1086,6 +1086,7 @@ void btc_gap_bt_cb_deep_free(btc_msg_t *msg)
     case BTC_GAP_BT_READ_RSSI_DELTA_EVT:
     case BTC_GAP_BT_CONFIG_EIR_DATA_EVT:
     case BTC_GAP_BT_AUTH_CMPL_EVT:
+    case BTC_GAP_BT_ENC_CHG_EVT:
     case BTC_GAP_BT_PIN_REQ_EVT:
     case BTC_GAP_BT_SET_AFH_CHANNELS_EVT:
     case BTC_GAP_BT_READ_REMOTE_NAME_EVT:
@@ -1134,6 +1135,10 @@ void btc_gap_bt_cb_handler(btc_msg_t *msg)
         btc_gap_bt_cb_to_app(ESP_BT_GAP_AUTH_CMPL_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
         break;
     }
+    case BTC_GAP_BT_ENC_CHG_EVT:{
+        btc_gap_bt_cb_to_app(ESP_BT_GAP_ENC_CHG_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
+        break;
+    }
     case BTC_GAP_BT_PIN_REQ_EVT:{
         btc_gap_bt_cb_to_app(ESP_BT_GAP_PIN_REQ_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
         break;

components/bt/host/bluedroid/btc/profile/std/include/btc_gap_bt.h

@@ -20,6 +20,7 @@ typedef enum {
     BTC_GAP_BT_SEARCH_SERVICES_EVT,
     BTC_GAP_BT_SEARCH_SERVICE_RECORD_EVT,
     BTC_GAP_BT_AUTH_CMPL_EVT,
+    BTC_GAP_BT_ENC_CHG_EVT,
     BTC_GAP_BT_PIN_REQ_EVT,
     BTC_GAP_BT_CFM_REQ_EVT,
     BTC_GAP_BT_KEY_NOTIF_EVT,

components/bt/host/bluedroid/stack/btm/btm_dev.c

@@ -82,6 +82,7 @@ BOOLEAN BTM_SecAddDevice (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
                 memcpy (p_dev_rec->bd_addr, bd_addr, BD_ADDR_LEN);
                 p_dev_rec->hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_BR_EDR);
                 p_dev_rec->ble_hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_LE);
+                p_dev_rec->enc_mode = BTM_ENC_MODE_UNKNOWN;
 
 #if BLE_INCLUDED == TRUE
                 /* use default value for background connection params */

components/bt/host/bluedroid/stack/btm/btm_sec.c

@@ -4092,6 +4092,13 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
                     p_dev_rec->link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256) {
                 p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
             }
+            if (p_dev_rec->enc_mode != encr_enable) {
+                p_dev_rec->enc_mode = encr_enable;
+                /* Report the encryption change state of BR/EDR to upper layer */
+                if (btm_cb.api.p_enc_change_callback) {
+                    (*btm_cb.api.p_enc_change_callback) (p_dev_rec->bd_addr, encr_enable);
+                }
+            }
         } else {
             p_dev_rec->sec_flags |= BTM_SEC_LE_ENCRYPTED;
         }
@@ -4102,6 +4109,13 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
     if ((status == HCI_SUCCESS) && !encr_enable) {
         if (p_dev_rec->hci_handle == handle) {
             p_dev_rec->sec_flags &= ~BTM_SEC_ENCRYPTED;
+            if (p_dev_rec->enc_mode != encr_enable) {
+                p_dev_rec->enc_mode = encr_enable;
+                /* Report the encryption change state of BR/EDR to upper layer */
+                if (btm_cb.api.p_enc_change_callback) {
+                    (*btm_cb.api.p_enc_change_callback) (p_dev_rec->bd_addr, encr_enable);
+                }
+            }
         } else {
             p_dev_rec->sec_flags &= ~BTM_SEC_LE_ENCRYPTED;
         }

components/bt/host/bluedroid/stack/btm/include/btm_int.h

@@ -668,6 +668,9 @@ struct tBTM_SEC_DEV_REC{
     secure connection. This will be helpful to know when peer device downgrades it's security. */
 
     UINT16              ble_hci_handle;         /* use in DUMO connection */
+
+#define BTM_ENC_MODE_UNKNOWN  0xff
+    UINT8               enc_mode;               /* encryption mode of current link */
     UINT8               enc_key_size;           /* current link encryption key size */
     tBT_DEVICE_TYPE     device_type;
     BOOLEAN             new_encryption_key_is_p256; /* Set to TRUE when the newly generated LK

components/bt/host/bluedroid/stack/include/stack/btm_api.h

@@ -1492,6 +1492,12 @@ typedef void (tBTM_RMT_NAME_CALLBACK) (BD_ADDR bd_addr, DEV_CLASS dc,
 typedef UINT8 (tBTM_AUTH_COMPLETE_CALLBACK) (BD_ADDR bd_addr, DEV_CLASS dev_class,
         tBTM_BD_NAME bd_name, int result);
 
+/* Encryption changed for the connection.  Parameters are
+**              BD Address of remote
+**              Encryption mode
+*/
+typedef void (tBTM_ENC_CHANGE_CALLBACK) (BD_ADDR bd_addr, UINT8 enc_mode);
+
 enum {
     BTM_SP_IO_REQ_EVT,      /* received IO_CAPABILITY_REQUEST event */
     BTM_SP_IO_RSP_EVT,      /* received IO_CAPABILITY_RESPONSE event */
@@ -1869,6 +1875,7 @@ typedef struct {
     tBTM_LINK_KEY_CALLBACK      *p_link_key_callback;
     tBTM_AUTH_COMPLETE_CALLBACK *p_auth_complete_callback;
     tBTM_BOND_CANCEL_CMPL_CALLBACK *p_bond_cancel_cmpl_callback;
+    tBTM_ENC_CHANGE_CALLBACK    *p_enc_change_callback;
     tBTM_SP_CALLBACK            *p_sp_callback;
 #if BLE_INCLUDED == TRUE
 #if SMP_INCLUDED == TRUE

examples/bluetooth/bluedroid/classic_bt/a2dp_sink/main/main.c

@@ -59,6 +59,14 @@ static void bt_app_gap_cb(esp_bt_gap_cb_event_t event, esp_bt_gap_cb_param_t *pa
         } else {
             ESP_LOGE(BT_AV_TAG, "authentication failed, status: %d", param->auth_cmpl.stat);
         }
+        ESP_LOGI(BT_AV_TAG, "link key type of current link is: %d", param->auth_cmpl.lk_type);
+        break;
+    }
+    case ESP_BT_GAP_ENC_CHG_EVT: {
+        char *str_enc[3] = {"OFF", "E0", "AES"};
+        bda = (uint8_t *)param->enc_chg.bda;
+        ESP_LOGI(BT_AV_TAG, "Encryption mode to [%02x:%02x:%02x:%02x:%02x:%02x] changed to %s",
+                 bda[0], bda[1], bda[2], bda[3], bda[4], bda[5], str_enc[param->enc_chg.enc_mode]);
         break;
     }