diff --git a/components/bt/bluedroid/api/esp_gap_ble_api.c b/components/bt/bluedroid/api/esp_gap_ble_api.c index 5c43a381bcb..5e32851c52d 100644 --- a/components/bt/bluedroid/api/esp_gap_ble_api.c +++ b/components/bt/bluedroid/api/esp_gap_ble_api.c @@ -705,6 +705,16 @@ esp_err_t esp_ble_gap_disconnect(esp_bd_addr_t remote_device) return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gap_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); } +esp_err_t esp_gap_ble_set_authorization(esp_bd_addr_t bd_addr, bool authorize) +{ + if (!bd_addr) { + return ESP_ERR_INVALID_ARG; + } + if (BTM_Ble_Authorization(bd_addr, authorize)) { + return ESP_OK; + } + return ESP_FAIL; +} diff --git a/components/bt/bluedroid/api/esp_gattc_api.c b/components/bt/bluedroid/api/esp_gattc_api.c index e1e55ef1a11..655116ae84a 100644 --- a/components/bt/bluedroid/api/esp_gattc_api.c +++ b/components/bt/bluedroid/api/esp_gattc_api.c @@ -350,6 +350,39 @@ esp_err_t esp_ble_gattc_read_char (esp_gatt_if_t gattc_if, return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gattc_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); } +esp_err_t esp_ble_gattc_read_by_type (esp_gatt_if_t gattc_if, + uint16_t conn_id, + uint16_t start_handle, + uint16_t end_handle, + esp_bt_uuid_t *uuid, + esp_gatt_auth_req_t auth_req) +{ + btc_msg_t msg; + btc_ble_gattc_args_t arg; + + ESP_BLUEDROID_STATUS_CHECK(ESP_BLUEDROID_STATUS_ENABLED); + + if (uuid == NULL) { + return ESP_GATT_ILLEGAL_PARAMETER; + } + + if (L2CA_CheckIsCongest(L2CAP_ATT_CID, conn_id)) { + LOG_DEBUG("%s, the l2cap chanel is congest.", __func__); + return ESP_FAIL; + } + + msg.sig = BTC_SIG_API_CALL; + msg.pid = BTC_PID_GATTC; + msg.act = BTC_GATTC_ACT_READ_BY_TYPE; + arg.read_by_type.conn_id = BTC_GATT_CREATE_CONN_ID(gattc_if, conn_id); + arg.read_by_type.s_handle = start_handle; + arg.read_by_type.e_handle = end_handle; + arg.read_by_type.auth_req = auth_req; + memcpy(&(arg.read_by_type.uuid), uuid, sizeof(esp_bt_uuid_t)); + + return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gattc_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL); +} + esp_err_t esp_ble_gattc_read_multiple(esp_gatt_if_t gattc_if, uint16_t conn_id, esp_gattc_multi_t *read_multi, esp_gatt_auth_req_t auth_req) diff --git a/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h b/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h index 12bc48f1b10..d13de3f0cab 100644 --- a/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h +++ b/components/bt/bluedroid/api/include/api/esp_gap_ble_api.h @@ -287,6 +287,8 @@ typedef enum { ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH, /* Enable/Disable OOB support */ ESP_BLE_SM_OOB_SUPPORT, + /* Appl encryption key size */ + ESP_BLE_APP_ENC_KEY_SIZE, ESP_BLE_SM_MAX_PARAM, } esp_ble_sm_param_t; @@ -895,7 +897,7 @@ esp_err_t esp_ble_gap_update_conn_params(esp_ble_conn_update_params_t *params); esp_err_t esp_ble_gap_set_pkt_data_len(esp_bd_addr_t remote_device, uint16_t tx_data_length); /** - * @brief This function sets the random address for the application + * @brief This function sets the static Random Address and Non-Resolvable Private Address for the application * * @param[in] rand_addr: the random address which should be setting * @@ -1243,6 +1245,18 @@ esp_err_t esp_ble_oob_req_reply(esp_bd_addr_t bd_addr, uint8_t *TK, uint8_t len) */ esp_err_t esp_ble_gap_disconnect(esp_bd_addr_t remote_device); + +/** +* @brief This function is called to authorized a link after Authentication(MITM protection) +* +* @param[in] bd_addr: BD address of the peer device. +* @param[out] authorize: Authorized the link or not. +* +* @return - ESP_OK : success +* - other : failed +* +*/ +esp_err_t esp_gap_ble_set_authorization(esp_bd_addr_t bd_addr, bool authorize); #ifdef __cplusplus } #endif diff --git a/components/bt/bluedroid/api/include/api/esp_gatt_defs.h b/components/bt/bluedroid/api/include/api/esp_gatt_defs.h index 615ea418bb3..03f427db9e2 100644 --- a/components/bt/bluedroid/api/include/api/esp_gatt_defs.h +++ b/components/bt/bluedroid/api/include/api/esp_gatt_defs.h @@ -278,6 +278,8 @@ typedef enum { #define ESP_GATT_PERM_WRITE_ENC_MITM (1 << 6) /* bit 6 - 0x0040 */ /* relate to BTA_GATT_PERM_WRITE_ENC_MITM in bta/bta_gatt_api.h */ #define ESP_GATT_PERM_WRITE_SIGNED (1 << 7) /* bit 7 - 0x0080 */ /* relate to BTA_GATT_PERM_WRITE_SIGNED in bta/bta_gatt_api.h */ #define ESP_GATT_PERM_WRITE_SIGNED_MITM (1 << 8) /* bit 8 - 0x0100 */ /* relate to BTA_GATT_PERM_WRITE_SIGNED_MITM in bta/bta_gatt_api.h */ +#define ESP_GATT_PERM_READ_AUTHORIZATION (1 << 9) /* bit 9 - 0x0200 */ +#define ESP_GATT_PERM_WRITE_AUTHORIZATION (1 << 10) /* bit 10 - 0x0400 */ typedef uint16_t esp_gatt_perm_t; /* relate to BTA_GATT_CHAR_PROP_BIT_xxx in bta/bta_gatt_api.h */ diff --git a/components/bt/bluedroid/api/include/api/esp_gattc_api.h b/components/bt/bluedroid/api/include/api/esp_gattc_api.h index b494bcfd398..c7465253ad6 100644 --- a/components/bt/bluedroid/api/include/api/esp_gattc_api.h +++ b/components/bt/bluedroid/api/include/api/esp_gattc_api.h @@ -603,6 +603,29 @@ esp_err_t esp_ble_gattc_read_char (esp_gatt_if_t gattc_if, uint16_t conn_id, uint16_t handle, esp_gatt_auth_req_t auth_req); +/** + * @brief This function is called to read a service's characteristics of + * the given characteristic UUID + * + * @param[in] gattc_if: Gatt client access interface. + * @param[in] conn_id : connection ID. + * @param[in] start_handle : the attribute start handle. + * @param[in] end_handle : the attribute end handle + * @param[in] uuid : The UUID of attribute which will be read. + * @param[in] auth_req : authenticate request type + * + * @return + * - ESP_OK: success + * - other: failed + * + */ +esp_err_t esp_ble_gattc_read_by_type (esp_gatt_if_t gattc_if, + uint16_t conn_id, + uint16_t start_handle, + uint16_t end_handle, + esp_bt_uuid_t *uuid, + esp_gatt_auth_req_t auth_req); + /** * @brief This function is called to read multiple characteristic or diff --git a/components/bt/bluedroid/bta/dm/bta_dm_co.c b/components/bt/bluedroid/bta/dm/bta_dm_co.c index 5fdf0812a5f..2a8bff6cbee 100644 --- a/components/bt/bluedroid/bta/dm/bta_dm_co.c +++ b/components/bt/bluedroid/bta/dm/bta_dm_co.c @@ -51,6 +51,7 @@ tBTE_APPL_CFG bte_appl_cfg = { BTM_BLE_MIN_KEY_SIZE, BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_DISABLE, BTM_BLE_OOB_DISABLE, + BTM_BLE_APPL_ENC_KEY_SIZE, }; #endif @@ -427,6 +428,17 @@ void bta_dm_co_ble_set_min_key_size(UINT8 ble_key_size) #endif ///SMP_INCLUDED == TRUE } +void bta_dm_co_ble_set_appl_enc_key_size(UINT8 ble_key_size) +{ +#if (SMP_INCLUDED == TRUE) + if(ble_key_size >= bte_appl_cfg.ble_min_key_size && ble_key_size <= bte_appl_cfg.ble_max_key_size) { + bte_appl_cfg.ble_appl_enc_key_size = ble_key_size; + } else { + APPL_TRACE_ERROR("%s error:Invalid key size value, key_size =%d",__func__, ble_key_size); + } +#endif ///SMP_INCLUDED == TRUE +} + void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable) { #if (SMP_INCLUDED == TRUE) diff --git a/components/bt/bluedroid/bta/gatt/bta_gattc_act.c b/components/bt/bluedroid/bta/gatt/bta_gattc_act.c index 4ae5eba31eb..5d30185b53f 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gattc_act.c +++ b/components/bt/bluedroid/bta/gatt/bta_gattc_act.c @@ -1099,6 +1099,41 @@ void bta_gattc_read(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) } /******************************************************************************* ** +** Function bta_gattc_read_by_type +** +** Description Read an attribute +** +** Returns None. +** +*******************************************************************************/ +void bta_gattc_read_by_type(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) +{ + if (!bta_gattc_enqueue(p_clcb, p_data)) { + return; + } + + tGATT_READ_PARAM read_param; + memset (&read_param, 0 ,sizeof(tGATT_READ_PARAM)); + read_param.service.auth_req = p_data->api_read.auth_req; + read_param.service.s_handle = p_data->api_read.s_handle; + read_param.service.e_handle = p_data->api_read.e_handle; + memcpy(&(read_param.service.uuid), &(p_data->api_read.uuid), sizeof(tBT_UUID)); + + tBTA_GATT_STATUS status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_TYPE, &read_param); + + /* read fail */ + if (status != BTA_GATT_OK) { + /* Dequeue the data, if it was enqueued */ + if (p_clcb->p_q_cmd == p_data) { + p_clcb->p_q_cmd = NULL; + bta_gattc_pop_command_to_send(p_clcb); + } + + bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status, NULL); + } +} +/******************************************************************************* +** ** Function bta_gattc_read_multi ** ** Description read multiple @@ -1392,7 +1427,7 @@ void bta_gattc_op_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data) return; } if (p_clcb->p_q_cmd->hdr.event != bta_gattc_opcode_to_int_evt[op - GATTC_OPTYPE_READ]) { - if (p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_MULTI_EVT) { + if ((p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_MULTI_EVT)&&(p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_BY_TYPE_EVT)) { mapped_op = p_clcb->p_q_cmd->hdr.event - BTA_GATTC_API_READ_EVT + GATTC_OPTYPE_READ; if ( mapped_op > GATTC_OPTYPE_INDICATION) { mapped_op = 0; diff --git a/components/bt/bluedroid/bta/gatt/bta_gattc_api.c b/components/bt/bluedroid/bta/gatt/bta_gattc_api.c index bd5335a5745..d75c5a96a5a 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gattc_api.c +++ b/components/bt/bluedroid/bta/gatt/bta_gattc_api.c @@ -562,6 +562,39 @@ void BTA_GATTC_ReadMultiple(UINT16 conn_id, tBTA_GATTC_MULTI *p_read_multi, return; } +/******************************************************************************* +** +** Function BTA_GATTC_Read_by_type +** +** Description This function is called to read a attribute value by uuid +** +** Parameters conn_id - connection ID. +** s_handle - start handle. +** e_handle - end hanle +** uuid - The attribute UUID. +** +** Returns None +** +*******************************************************************************/ +void BTA_GATTC_Read_by_type(UINT16 conn_id, UINT16 s_handle,UINT16 e_handle, tBT_UUID *uuid, tBTA_GATT_AUTH_REQ auth_req) +{ + tBTA_GATTC_API_READ *p_buf; + + if ((p_buf = (tBTA_GATTC_API_READ *) osi_malloc(sizeof(tBTA_GATTC_API_READ))) != NULL) { + memset(p_buf, 0, sizeof(tBTA_GATTC_API_READ)); + + p_buf->hdr.event = BTA_GATTC_API_READ_BY_TYPE_EVT; + p_buf->hdr.layer_specific = conn_id; + p_buf->auth_req = auth_req; + p_buf->s_handle = s_handle; + p_buf->e_handle = e_handle; + memcpy(&(p_buf->uuid), uuid, sizeof(tBT_UUID)); + p_buf->cmpl_evt = BTA_GATTC_READ_CHAR_EVT; + + bta_sys_sendmsg(p_buf); + } + return; +} /******************************************************************************* ** diff --git a/components/bt/bluedroid/bta/gatt/bta_gattc_main.c b/components/bt/bluedroid/bta/gatt/bta_gattc_main.c index e20efe499e5..e1bdce2d39d 100644 --- a/components/bt/bluedroid/bta/gatt/bta_gattc_main.c +++ b/components/bt/bluedroid/bta/gatt/bta_gattc_main.c @@ -65,6 +65,7 @@ enum { BTA_GATTC_DISC_CLOSE, BTA_GATTC_RESTART_DISCOVER, BTA_GATTC_CFG_MTU, + BTA_GATTC_READ_BY_TYPE, BTA_GATTC_IGNORE }; @@ -98,7 +99,8 @@ const tBTA_GATTC_ACTION bta_gattc_action[] = { bta_gattc_ignore_op_cmpl, bta_gattc_disc_close, bta_gattc_restart_discover, - bta_gattc_cfg_mtu + bta_gattc_cfg_mtu, + bta_gattc_read_by_type }; @@ -133,6 +135,7 @@ static const UINT8 bta_gattc_st_idle[][BTA_GATTC_NUM_COLS] = { /* BTA_GATTC_OP_CMPL_EVT */ {BTA_GATTC_IGNORE, BTA_GATTC_IDLE_ST}, /* BTA_GATTC_INT_DISCONN_EVT */ {BTA_GATTC_IGNORE, BTA_GATTC_IDLE_ST}, + /* BTA_GATTC_API_READ_BY_TYPE_EVT */ {BTA_GATTC_FAIL, BTA_GATTC_IDLE_ST}, }; /* state table for wait for open state */ @@ -161,6 +164,7 @@ static const UINT8 bta_gattc_st_w4_conn[][BTA_GATTC_NUM_COLS] = { /* BTA_GATTC_OP_CMPL_EVT */ {BTA_GATTC_IGNORE, BTA_GATTC_W4_CONN_ST}, /* BTA_GATTC_INT_DISCONN_EVT */ {BTA_GATTC_OPEN_FAIL, BTA_GATTC_IDLE_ST}, + /* BTA_GATTC_API_READ_BY_TYPE_EVT */ {BTA_GATTC_FAIL, BTA_GATTC_W4_CONN_ST}, }; /* state table for open state */ @@ -190,6 +194,7 @@ static const UINT8 bta_gattc_st_connected[][BTA_GATTC_NUM_COLS] = { /* BTA_GATTC_INT_DISCONN_EVT */ {BTA_GATTC_CLOSE, BTA_GATTC_IDLE_ST}, + /* BTA_GATTC_API_READ_BY_TYPE_EVT */ {BTA_GATTC_READ_BY_TYPE, BTA_GATTC_CONN_ST}, }; /* state table for discover state */ @@ -218,6 +223,7 @@ static const UINT8 bta_gattc_st_discover[][BTA_GATTC_NUM_COLS] = { /* BTA_GATTC_OP_CMPL_EVT */ {BTA_GATTC_IGNORE_OP_CMPL, BTA_GATTC_DISCOVER_ST}, /* BTA_GATTC_INT_DISCONN_EVT */ {BTA_GATTC_CLOSE, BTA_GATTC_IDLE_ST}, + /* BTA_GATTC_API_READ_BY_TYPE_EVT */ {BTA_GATTC_Q_CMD, BTA_GATTC_DISCOVER_ST}, }; /* type for state table */ @@ -470,6 +476,8 @@ static char *gattc_evt_code(tBTA_GATTC_INT_EVT evt_code) return "BTA_GATTC_API_DISABLE_EVT"; case BTA_GATTC_API_CFG_MTU_EVT: return "BTA_GATTC_API_CFG_MTU_EVT"; + case BTA_GATTC_API_READ_BY_TYPE_EVT: + return "BTA_GATTC_API_READ_BY_TYPE_EVT"; default: return "unknown GATTC event code"; } diff --git a/components/bt/bluedroid/bta/gatt/include/bta_gattc_int.h b/components/bt/bluedroid/bta/gatt/include/bta_gattc_int.h index 5c2b1a85a53..c1c909ab2a5 100644 --- a/components/bt/bluedroid/bta/gatt/include/bta_gattc_int.h +++ b/components/bt/bluedroid/bta/gatt/include/bta_gattc_int.h @@ -59,6 +59,8 @@ enum { BTA_GATTC_OP_CMPL_EVT, BTA_GATTC_INT_DISCONN_EVT, + BTA_GATTC_API_READ_BY_TYPE_EVT, + BTA_GATTC_INT_START_IF_EVT, BTA_GATTC_API_REG_EVT, BTA_GATTC_API_DEREG_EVT, @@ -136,6 +138,9 @@ typedef struct { BT_HDR hdr; tBTA_GATT_AUTH_REQ auth_req; UINT16 handle; + UINT16 s_handle; + UINT16 e_handle; + tBT_UUID uuid; tBTA_GATTC_EVT cmpl_evt; } tBTA_GATTC_API_READ; @@ -449,6 +454,7 @@ extern void bta_gattc_disc_close(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_dat extern void bta_gattc_start_discover(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); extern void bta_gattc_disc_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); extern void bta_gattc_read(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); +extern void bta_gattc_read_by_type(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); extern void bta_gattc_write(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); extern void bta_gattc_op_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); extern void bta_gattc_q_cmd(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data); diff --git a/components/bt/bluedroid/bta/include/bta/bta_dm_co.h b/components/bt/bluedroid/bta/include/bta/bta_dm_co.h index 99667cb0163..42e5fd54b35 100644 --- a/components/bt/bluedroid/bta/include/bta/bta_dm_co.h +++ b/components/bt/bluedroid/bta/include/bta/bta_dm_co.h @@ -214,4 +214,6 @@ extern UINT8 bta_dm_co_ble_get_accept_auth_enable(void); extern UINT8 bta_dm_co_ble_get_auth_req(void); extern void bta_dm_co_ble_oob_support(UINT8 enable); + +extern void bta_dm_co_ble_set_appl_enc_key_size(UINT8 ble_key_size); #endif diff --git a/components/bt/bluedroid/bta/include/bta/bta_gatt_api.h b/components/bt/bluedroid/bta/include/bta/bta_gatt_api.h index 997d7b7d16d..59dc1a1bb96 100644 --- a/components/bt/bluedroid/bta/include/bta/bta_gatt_api.h +++ b/components/bt/bluedroid/bta/include/bta/bta_gatt_api.h @@ -479,6 +479,8 @@ typedef tGATT_IF tBTA_GATTS_IF; #define BTA_GATT_PERM_WRITE_ENC_MITM GATT_PERM_WRITE_ENC_MITM /* bit 6 - 0x0040 */ #define BTA_GATT_PERM_WRITE_SIGNED GATT_PERM_WRITE_SIGNED /* bit 7 - 0x0080 */ #define BTA_GATT_PERM_WRITE_SIGNED_MITM GATT_PERM_WRITE_SIGNED_MITM /* bit 8 - 0x0100 */ +#define BTA_GATT_PERM_READ_AUTHORIZATION GATT_PERM_READ_AUTHORIZATION /* bit 9 - 0x0200 */ +#define BTA_GATT_PERM_WRITE_AUTHORIZATION GATT_PERM_WRITE_AUTHORIZATION /* bit 10 - 0x0400 */ typedef UINT16 tBTA_GATT_PERM; typedef tGATT_ATTR_VAL tBTA_GATT_ATTR_VAL; typedef tGATTS_ATTR_CONTROL tBTA_GATTS_ATTR_CONTROL; @@ -937,6 +939,22 @@ void BTA_GATTC_ReadCharacteristic(UINT16 conn_id, UINT16 handle, tBTA_GATT_AUTH_ *******************************************************************************/ void BTA_GATTC_ReadCharDescr (UINT16 conn_id, UINT16 handle, tBTA_GATT_AUTH_REQ auth_req); +/******************************************************************************* +** +** Function BTA_GATTC_Read_by_type +** +** Description This function is called to read a attribute value by uuid +** +** Parameters conn_id - connection ID. +** s_handle - start handle. +** e_handle - end hanle +** uuid - The attribute UUID. +** +** Returns None +** +*******************************************************************************/ +void BTA_GATTC_Read_by_type(UINT16 conn_id, UINT16 s_handle,UINT16 e_handle, tBT_UUID *uuid, tBTA_GATT_AUTH_REQ auth_req); + /******************************************************************************* ** ** Function BTA_GATTC_WriteCharValue diff --git a/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c b/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c index 505488fa09b..66623bc27b7 100644 --- a/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c +++ b/components/bt/bluedroid/btc/profile/std/gap/btc_gap_ble.c @@ -856,22 +856,38 @@ static void btc_ble_set_rand_addr (BD_ADDR rand_addr, tBTA_SET_RAND_ADDR_CBACK * • The two most significant bits of the address shall be equal to 1 • All bits of the random part of the address shall not be equal to 1 • All bits of the random part of the address shall not be equal to 0 + A non-resolvable private address is a 48-bit randomly generated address and shall meet the following requirements: + • The two most significant bits of the address shall be equal to 0 + • All bits of the random part of the address shall not be equal to 1 + • All bits of the random part of the address shall not be equal to 0 */ BD_ADDR invalid_rand_addr_a, invalid_rand_addr_b; memset(invalid_rand_addr_a, 0xff, sizeof(BD_ADDR)); memset(invalid_rand_addr_b, 0x00, sizeof(BD_ADDR)); - invalid_rand_addr_b[0] = invalid_rand_addr_b[0] | BT_STATIC_RAND_ADDR_MASK; - if((rand_addr[0] & BT_STATIC_RAND_ADDR_MASK) == BT_STATIC_RAND_ADDR_MASK - && memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0 - && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0){ - BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback); - } else { + + if((rand_addr[0] & BT_STATIC_RAND_ADDR_MASK) == BT_STATIC_RAND_ADDR_MASK) { + invalid_rand_addr_b[0] = invalid_rand_addr_b[0] | BT_STATIC_RAND_ADDR_MASK; + if (memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0 && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0) { + BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback); + } else { + btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR); + BTC_TRACE_ERROR("Invalid static random address, the high bit should be 0b11, bits of the random part shall not be all 1 or 0"); + } + } else if ((rand_addr[0] | BT_NON_RPA_MASK) == BT_NON_RPA_MASK) { + invalid_rand_addr_a[0] = invalid_rand_addr_a[0] & BT_NON_RPA_MASK; + if (memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0 && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0) { + BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback); + } else { + btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR); + BTC_TRACE_ERROR("Invalid non-resolvable private address, the high bit should be 0b00, bits of the random part shall not be all 1 or 0"); + } + }else { btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR); - BTC_TRACE_ERROR("Invalid random address, the high bit should be 0b11, bits of the random part shall not be all 1 or 0"); + BTC_TRACE_ERROR("Invalid random address type"); } } else { btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR); - BTC_TRACE_ERROR("Invalid random addressm, the address value is NULL"); + BTC_TRACE_ERROR("Invalid address, the address value is NULL"); } } @@ -1220,6 +1236,12 @@ void btc_gap_ble_call_handler(btc_msg_t *msg) bta_dm_co_ble_oob_support(enable); break; } + case ESP_BLE_APP_ENC_KEY_SIZE: { + uint8_t key_size = 0; + STREAM_TO_UINT8(key_size, value); + bta_dm_co_ble_set_appl_enc_key_size(key_size); + break; + } default: break; } diff --git a/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c b/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c index 300d802f914..5fd852ccb3a 100644 --- a/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c +++ b/components/bt/bluedroid/btc/profile/std/gatt/btc_gattc.c @@ -613,6 +613,14 @@ static void btc_gattc_read_char_descr(btc_ble_gattc_args_t *arg) BTA_GATTC_ReadCharDescr(arg->read_descr.conn_id, arg->read_descr.handle, arg->read_descr.auth_req); } + +static void btc_gattc_read_by_type(btc_ble_gattc_args_t *arg) +{ + tBT_UUID uuid; + btc_to_bta_uuid(&uuid, &(arg->read_by_type.uuid)); + BTA_GATTC_Read_by_type(arg->read_by_type.conn_id, arg->read_by_type.s_handle, arg->read_by_type.e_handle, &uuid, arg->read_by_type.auth_req); +} + static void btc_gattc_write_char(btc_ble_gattc_args_t *arg) { BTA_GATTC_WriteCharValue(arg->write_char.conn_id, @@ -724,6 +732,9 @@ void btc_gattc_call_handler(btc_msg_t *msg) case BTC_GATTC_ACT_READ_CHAR_DESCR: btc_gattc_read_char_descr(arg); break; + case BTC_GATTC_ACT_READ_BY_TYPE: + btc_gattc_read_by_type(arg); + break; case BTC_GATTC_ACT_WRITE_CHAR: btc_gattc_write_char(arg); break; diff --git a/components/bt/bluedroid/btc/profile/std/include/btc_gattc.h b/components/bt/bluedroid/btc/profile/std/include/btc_gattc.h index afc3e4ba910..e9c484576e1 100644 --- a/components/bt/bluedroid/btc/profile/std/include/btc_gattc.h +++ b/components/bt/bluedroid/btc/profile/std/include/btc_gattc.h @@ -30,6 +30,7 @@ typedef enum { BTC_GATTC_ACT_READ_CHAR, BTC_GATTC_ACT_READ_MULTIPLE_CHAR, BTC_GATTC_ACT_READ_CHAR_DESCR, + BTC_GATTC_ACT_READ_BY_TYPE, BTC_GATTC_ACT_WRITE_CHAR, BTC_GATTC_ACT_WRITE_CHAR_DESCR, BTC_GATTC_ACT_PREPARE_WRITE, @@ -112,6 +113,14 @@ typedef union { uint16_t handle; esp_gatt_auth_req_t auth_req; } read_descr; + // BTC_GATTC_ACT_READ_BY_TYPE + struct read_by_type_arg { + uint16_t conn_id; + uint16_t s_handle; + uint16_t e_handle; + esp_bt_uuid_t uuid; + esp_gatt_auth_req_t auth_req; + } read_by_type; //BTC_GATTC_ACT_WRITE_CHAR, struct write_char_arg { uint16_t conn_id; diff --git a/components/bt/bluedroid/common/include/common/bte_appl.h b/components/bt/bluedroid/common/include/common/bte_appl.h index 67f4108358e..573b86dba0b 100644 --- a/components/bt/bluedroid/common/include/common/bte_appl.h +++ b/components/bt/bluedroid/common/include/common/bte_appl.h @@ -34,6 +34,7 @@ typedef struct { UINT8 ble_min_key_size; UINT8 ble_accept_auth_enable; UINT8 oob_support; + UINT8 ble_appl_enc_key_size; #endif } tBTE_APPL_CFG; diff --git a/components/bt/bluedroid/stack/btm/btm_ble_gap.c b/components/bt/bluedroid/stack/btm/btm_ble_gap.c index fa439914932..ef59251a6a8 100644 --- a/components/bt/bluedroid/stack/btm/btm_ble_gap.c +++ b/components/bt/bluedroid/stack/btm/btm_ble_gap.c @@ -4375,5 +4375,27 @@ BOOLEAN btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask) return rt; } +/******************************************************************************* + ** + ** Function BTM_Ble_Authorization + ** + ** Description This function is used to authorize a specified device + ** + ** Returns TRUE or FALSE + ** + *******************************************************************************/ +BOOLEAN BTM_Ble_Authorization(BD_ADDR bd_addr, BOOLEAN authorize) +{ + if (bd_addr == NULL) { + BTM_TRACE_ERROR("bd_addr is NULL"); + return FALSE; + } + if (btm_sec_dev_authorization(bd_addr, authorize)) { + return TRUE; + } + + BTM_TRACE_ERROR("Authorization fail"); + return FALSE; +} #endif /* BLE_INCLUDED */ diff --git a/components/bt/bluedroid/stack/btm/btm_sec.c b/components/bt/bluedroid/stack/btm/btm_sec.c index a6fc873344c..fad74e1e10d 100644 --- a/components/bt/bluedroid/stack/btm/btm_sec.c +++ b/components/bt/bluedroid/stack/btm/btm_sec.c @@ -4065,7 +4065,7 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable) p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED; } } else { - p_dev_rec->sec_flags |= (BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED); + p_dev_rec->sec_flags |= BTM_SEC_LE_ENCRYPTED; } } @@ -6258,3 +6258,39 @@ void btm_sec_handle_remote_legacy_auth_cmp(UINT16 handle) } #endif /// (CLASSIC_BT_INCLUDED == TRUE) #endif ///SMP_INCLUDED == TRUE + +/****************************************************************************** + ** + ** Function btm_sec_dev_authorization + ** + ** Description This function is used to authorize a specified device(BLE) + ** + ****************************************************************************** + */ +#if (BLE_INCLUDED == TRUE) +BOOLEAN btm_sec_dev_authorization(BD_ADDR bd_addr, BOOLEAN authorized) +{ +#if (SMP_INCLUDED == TRUE) + UINT8 sec_flag = 0; + tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr); + if (p_dev_rec) { + sec_flag = (UINT8)(p_dev_rec->sec_flags >> 8); + if (!(sec_flag & BTM_SEC_LINK_KEY_AUTHED)) { + BTM_TRACE_ERROR("Authorized should after successful Authentication(MITM protection)\n"); + return FALSE; + } + + if (authorized) { + p_dev_rec->sec_flags |= BTM_SEC_LE_AUTHORIZATION; + } else { + p_dev_rec->sec_flags &= ~(BTM_SEC_LE_AUTHORIZATION); + } + } else { + BTM_TRACE_ERROR("%s, can't find device\n", __func__); + return FALSE; + } + return TRUE; +#endif ///SMP_INCLUDED == TRUE + return FALSE; +} +#endif /// BLE_INCLUDE == TRUE diff --git a/components/bt/bluedroid/stack/btm/include/btm_int.h b/components/bt/bluedroid/stack/btm/include/btm_int.h index fb42a99879b..ec06bd6f8ac 100644 --- a/components/bt/bluedroid/stack/btm/include/btm_int.h +++ b/components/bt/bluedroid/stack/btm/include/btm_int.h @@ -546,6 +546,7 @@ typedef struct { #define BTM_SEC_ROLE_SWITCHED 0x40 #define BTM_SEC_IN_USE 0x80 /* LE link security flag */ +#define BTM_SEC_LE_AUTHORIZATION 0x0100 /* LE link is authorized */ #define BTM_SEC_LE_AUTHENTICATED 0x0200 /* LE link is encrypted after pairing with MITM */ #define BTM_SEC_LE_ENCRYPTED 0x0400 /* LE link is encrypted */ #define BTM_SEC_LE_NAME_KNOWN 0x0800 /* not used */ @@ -1161,6 +1162,7 @@ void btm_sec_handle_remote_legacy_auth_cmp(UINT16 handle); void btm_sec_update_legacy_auth_state(tACL_CONN *p_acl_cb, UINT8 legacy_auth_state); BOOLEAN btm_sec_legacy_authentication_mutual (tBTM_SEC_DEV_REC *p_dev_rec); +BOOLEAN btm_sec_dev_authorization(BD_ADDR bd_addr, BOOLEAN authorized); /* #ifdef __cplusplus } diff --git a/components/bt/bluedroid/stack/gatt/gatt_db.c b/components/bt/bluedroid/stack/gatt/gatt_db.c index e0ee0119c50..eb5eb6d2470 100644 --- a/components/bt/bluedroid/stack/gatt/gatt_db.c +++ b/components/bt/bluedroid/stack/gatt/gatt_db.c @@ -34,6 +34,7 @@ #include "gatt_int.h" #include "stack/l2c_api.h" #include "btm_int.h" +#include "common/bte_appl.h" /******************************************************************************** ** L O C A L F U N C T I O N P R O T O T Y P E S * @@ -124,10 +125,15 @@ static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr, tGATT_PERM perm = p_attr->permission; UNUSED(offset); + +#if SMP_INCLUDED == TRUE + min_key_size = bte_appl_cfg.ble_appl_enc_key_size; +#else min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12)); if (min_key_size != 0 ) { min_key_size += 6; } +#endif if (!(perm & GATT_READ_ALLOWED)) { GATT_TRACE_ERROR( "GATT_READ_NOT_PERMIT\n"); @@ -155,6 +161,11 @@ static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr, return GATT_INSUF_KEY_SIZE; } + /* LE Authorization check*/ + if ((perm & GATT_READ_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))) { + GATT_TRACE_ERROR( "GATT_INSUF_AUTHORIZATION\n"); + return GATT_INSUF_AUTHORIZATION; + } if (read_long) { switch (p_attr->uuid) { @@ -1068,10 +1079,16 @@ tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code, while (p_attr != NULL) { if (p_attr->handle == handle) { perm = p_attr->permission; + + #if SMP_INCLUDED == TRUE + min_key_size = bte_appl_cfg.ble_appl_enc_key_size; + #else min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12)); if (min_key_size != 0 ) { min_key_size += 6; } + + #endif GATT_TRACE_DEBUG( "gatts_write_attr_perm_check p_attr->permission =0x%04x min_key_size==0x%04x", p_attr->permission, min_key_size); @@ -1118,6 +1135,11 @@ tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code, status = GATT_INSUF_KEY_SIZE; GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_KEY_SIZE"); } + /* LE Authorization check*/ + else if ((perm & GATT_WRITE_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))){ + status = GATT_INSUF_AUTHORIZATION; + GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHORIZATION"); + } /* LE security mode 2 attribute */ else if (perm & GATT_WRITE_SIGNED_PERM && op_code != GATT_SIGN_CMD_WRITE && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED) && (perm & GATT_WRITE_ALLOWED) == 0) { diff --git a/components/bt/bluedroid/stack/gatt/gatt_utils.c b/components/bt/bluedroid/stack/gatt/gatt_utils.c index 5d2b387e4b7..8ef2c8f0a82 100644 --- a/components/bt/bluedroid/stack/gatt/gatt_utils.c +++ b/components/bt/bluedroid/stack/gatt/gatt_utils.c @@ -1423,7 +1423,7 @@ void gatt_sr_get_sec_info(BD_ADDR rem_bda, tBT_TRANSPORT transport, UINT8 *p_sec BTM_GetSecurityFlagsByTransport(rem_bda, &sec_flag, transport); - sec_flag &= (GATT_SEC_FLAG_LKEY_UNAUTHED | GATT_SEC_FLAG_LKEY_AUTHED | GATT_SEC_FLAG_ENCRYPTED); + sec_flag &= (GATT_SEC_FLAG_LKEY_UNAUTHED | GATT_SEC_FLAG_LKEY_AUTHED | GATT_SEC_FLAG_ENCRYPTED | GATT_SEC_FLAG_AUTHORIZATION); #if (SMP_INCLUDED == TRUE) *p_key_size = btm_ble_read_sec_key_size(rem_bda); #endif ///SMP_INCLUDED == TRUE diff --git a/components/bt/bluedroid/stack/gatt/include/gatt_int.h b/components/bt/bluedroid/stack/gatt/include/gatt_int.h index 0762b519f13..eaebe7c4010 100644 --- a/components/bt/bluedroid/stack/gatt/include/gatt_int.h +++ b/components/bt/bluedroid/stack/gatt/include/gatt_int.h @@ -95,6 +95,7 @@ typedef UINT8 tGATT_SEC_ACTION; #define GATT_SEC_FLAG_LKEY_UNAUTHED BTM_SEC_FLAG_LKEY_KNOWN #define GATT_SEC_FLAG_LKEY_AUTHED BTM_SEC_FLAG_LKEY_AUTHED #define GATT_SEC_FLAG_ENCRYPTED BTM_SEC_FLAG_ENCRYPTED +#define GATT_SEC_FLAG_AUTHORIZATION BTM_SEC_FLAG_AUTHORIZED typedef UINT8 tGATT_SEC_FLAG; /* Find Information Response Type diff --git a/components/bt/bluedroid/stack/include/stack/bt_types.h b/components/bt/bluedroid/stack/include/stack/bt_types.h index adbc30d10e0..6994f7d4208 100644 --- a/components/bt/bluedroid/stack/include/stack/bt_types.h +++ b/components/bt/bluedroid/stack/include/stack/bt_types.h @@ -52,6 +52,7 @@ typedef bool BOOLEAN; #define BT_EVT_MASK 0xFF00 #define BT_SUB_EVT_MASK 0x00FF #define BT_STATIC_RAND_ADDR_MASK 0xC0 +#define BT_NON_RPA_MASK 0x3F /* To Bluetooth Upper Layers */ /************************************/ #define BT_EVT_TO_BTU_L2C_EVT 0x0900 /* L2CAP event */ diff --git a/components/bt/bluedroid/stack/include/stack/btm_api.h b/components/bt/bluedroid/stack/include/stack/btm_api.h index 754a2b945ca..29d8502cb70 100644 --- a/components/bt/bluedroid/stack/include/stack/btm_api.h +++ b/components/bt/bluedroid/stack/include/stack/btm_api.h @@ -1430,6 +1430,7 @@ typedef UINT8 tBTM_IO_CAP; #define BTM_BLE_RESPONDER_KEY_SIZE 15 #define BTM_BLE_MAX_KEY_SIZE 16 #define BTM_BLE_MIN_KEY_SIZE 7 +#define BTM_BLE_APPL_ENC_KEY_SIZE 7 typedef UINT8 tBTM_AUTH_REQ; diff --git a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h index 8931ca91b30..e244c51b739 100644 --- a/components/bt/bluedroid/stack/include/stack/btm_ble_api.h +++ b/components/bt/bluedroid/stack/include/stack/btm_ble_api.h @@ -2099,6 +2099,17 @@ tBTM_STATUS BTM_SetBleDataLength(BD_ADDR bd_addr, UINT16 tx_pdu_length); *******************************************************************************/ tBTM_STATUS BTM_UpdateBleDuplicateExceptionalList(uint8_t subcode, uint32_t type, BD_ADDR device_info, tBTM_UPDATE_DUPLICATE_EXCEPTIONAL_LIST_CMPL_CBACK update_exceptional_list_cmp_cb); + +/******************************************************************************* +** +** Function BTM_Ble_Authorization +** +** Description This function is used to authorize a specified device +** +** Returns TRUE or FALSE +** +*******************************************************************************/ +BOOLEAN BTM_Ble_Authorization(BD_ADDR bd_addr, BOOLEAN authorize); /* #ifdef __cplusplus } diff --git a/components/bt/bluedroid/stack/include/stack/gatt_api.h b/components/bt/bluedroid/stack/include/stack/gatt_api.h index c9014d1be1d..bb3a98a4f11 100644 --- a/components/bt/bluedroid/stack/include/stack/gatt_api.h +++ b/components/bt/bluedroid/stack/include/stack/gatt_api.h @@ -174,18 +174,21 @@ typedef UINT16 tGATT_DISCONN_REASON; #define GATT_PERM_WRITE_ENC_MITM (1 << 6) /* bit 6 */ #define GATT_PERM_WRITE_SIGNED (1 << 7) /* bit 7 */ #define GATT_PERM_WRITE_SIGNED_MITM (1 << 8) /* bit 8 */ +#define GATT_PERM_READ_AUTHORIZATION (1 << 9) /* bit 9 */ +#define GATT_PERM_WRITE_AUTHORIZATION (1 << 10)/* bit 10 */ typedef UINT16 tGATT_PERM; #define GATT_ENCRYPT_KEY_SIZE_MASK (0xF000) /* the MS nibble of tGATT_PERM; key size 7=0; size 16=9 */ -#define GATT_READ_ALLOWED (GATT_PERM_READ | GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM) +#define GATT_READ_ALLOWED (GATT_PERM_READ | GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM | GATT_PERM_READ_AUTHORIZATION) #define GATT_READ_AUTH_REQUIRED (GATT_PERM_READ_ENCRYPTED) #define GATT_READ_MITM_REQUIRED (GATT_PERM_READ_ENC_MITM) #define GATT_READ_ENCRYPTED_REQUIRED (GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM) +#define GATT_READ_AUTHORIZATION (GATT_PERM_READ_AUTHORIZATION) #define GATT_WRITE_ALLOWED (GATT_PERM_WRITE | GATT_PERM_WRITE_ENCRYPTED | GATT_PERM_WRITE_ENC_MITM | \ - GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM) + GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM | GATT_PERM_WRITE_AUTHORIZATION) #define GATT_WRITE_AUTH_REQUIRED (GATT_PERM_WRITE_ENCRYPTED | GATT_PERM_WRITE_SIGNED) @@ -195,6 +198,7 @@ typedef UINT16 tGATT_PERM; #define GATT_WRITE_SIGNED_PERM (GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM) +#define GATT_WRITE_AUTHORIZATION (GATT_PERM_WRITE_AUTHORIZATION) /* Characteristic properties */