Skip to content

Bluetooth SMP: added support for Legacy pairing (MITM) with passkey #16364

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
May 28, 2025
Merged
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 16 additions & 0 deletions wireless/bluetooth/Kconfig
Original file line number Diff line number Diff line change
@@ -174,6 +174,22 @@ config BLUETOOTH_CNTRL_HOST_FLOW_DISABLE
indicate to the Host when its buffers are nearly full, allowing the Host to
stop sending data until buffer space becomes available.

config BLUETOOTH_SMP_IO_CAPABILITY
int "Bluetooth SMP I/O Capability"
default 3
range 0 4
---help---
Defines the Input/Output capabilities of this device
for SMP pairing purposes.
Values based on Bluetooth Core Spec v4.2, Vol 3, Part H, Section 2.3.2:
0: DisplayOnly (Can display a 6-digit code)
1: DisplayYesNo (Can display a 6-digit code and has Yes/No input)
2: KeyboardOnly (Has numeric keyboard input, no display)
3: NoInputNoOutput (Cannot display or input codes, e.g., headset)
4: KeyboardDisplay (Has both display and keyboard)

NOTE: Current implementation supports NoInputNoOutput and DisplayOnly.

menu "Kernel Thread Configuration"

config BLUETOOTH_TXCMD_STACKSIZE
19 changes: 14 additions & 5 deletions wireless/bluetooth/bt_att.c
Original file line number Diff line number Diff line change
@@ -1037,22 +1037,31 @@ static uint8_t check_perm(FAR struct bt_conn_s *conn,
FAR const struct bt_gatt_attr_s *attr,
uint8_t mask)
{
if ((mask & BT_GATT_PERM_READ) && !(attr->perm & BT_GATT_PERM_READ))
if ((mask & BT_GATT_PERM_READ) &&
(!(attr->perm & BT_GATT_PERM_READ_MASK) || !attr->read))
{
return BT_ATT_ERR_READ_NOT_PERMITTED;
}

if ((mask & BT_GATT_PERM_WRITE) && !(attr->perm & BT_GATT_PERM_WRITE))
if ((mask & BT_GATT_PERM_WRITE) &&
(!(attr->perm & BT_GATT_PERM_WRITE_MASK) || !attr->write))
{
return BT_ATT_ERR_READ_NOT_PERMITTED;
return BT_ATT_ERR_WRITE_NOT_PERMITTED;
}

mask &= attr->perm;
if (mask & BT_GATT_PERM_AUTHEN_MASK)
{
/* TODO: Check conn authentication */
if (!conn->encrypt || conn->sec_level < BT_SECURITY_HIGH)
{
wlerr("Auth Fail - encrypt=%d, level=%d (need >= %d)\n",
conn->encrypt, conn->sec_level, BT_SECURITY_HIGH);
return BT_ATT_ERR_AUTHENTICATION;
}

return BT_ATT_ERR_AUTHENTICATION;
wlinfo("Auth OK - encrypt=%d, level=%d\n",
conn->encrypt, conn->sec_level);
mask &= ~BT_GATT_PERM_AUTHEN_MASK;
}

if ((mask & BT_GATT_PERM_ENCRYPT_MASK) && !conn->encrypt)
8 changes: 6 additions & 2 deletions wireless/bluetooth/bt_conn.c
Original file line number Diff line number Diff line change
@@ -853,16 +853,20 @@ int bt_conn_security(FAR struct bt_conn_s *conn, enum bt_security_e sec)
return -ENOTCONN;
}

/* Store the requested security level */

conn->sec_level = sec;

/* Nothing to do */

if (sec == BT_SECURITY_LOW)
{
return 0;
}

/* For now we only support JustWorks */
/* For now we only support Just Works and MITM with passkey (Legacy only) */

if (sec > BT_SECURITY_MEDIUM)
if (sec > BT_SECURITY_HIGH)
{
return -EINVAL;
}
1 change: 1 addition & 0 deletions wireless/bluetooth/bt_conn.h
Original file line number Diff line number Diff line change
@@ -102,6 +102,7 @@ struct bt_conn_s
FAR void *smp;

uint8_t le_conn_interval;
enum bt_security_e sec_level;
bt_atomic_t ref;
enum bt_conn_state_e state;

1 change: 1 addition & 0 deletions wireless/bluetooth/bt_keys.h
Original file line number Diff line number Diff line change
@@ -62,6 +62,7 @@ struct bt_ltk_s
uint64_t rand;
uint16_t ediv;
uint8_t val[16];
enum bt_security_e level;
FAR struct bt_keys_s *next;
};

Loading
Oops, something went wrong.
Loading
Oops, something went wrong.