Skip to content

Commit

Permalink
Merge branch 'feat/add_test_api_for_sec' into 'master'
Browse files Browse the repository at this point in the history
Feat/add test api for sec

Closes BT-3578 and BT-3579

See merge request espressif/esp-idf!28191
  • Loading branch information
wmy-espressif committed Feb 18, 2024
2 parents dee34c2 + 057eb70 commit 28ff8e3
Show file tree
Hide file tree
Showing 11 changed files with 129 additions and 1 deletion.
26 changes: 26 additions & 0 deletions components/bt/host/bluedroid/api/include/api/esp_gap_bt_api.h
Original file line number Diff line number Diff line change
Expand Up @@ -226,6 +226,22 @@ typedef enum {
ESP_BT_GAP_DISCOVERY_STARTED, /*!< Device discovery started */
} esp_bt_gap_discovery_state_t;

/// Type of link key
#define ESP_BT_LINK_KEY_COMB (0x00) /*!< Combination Key */
#define ESP_BT_LINK_KEY_DBG_COMB (0x03) /*!< Debug Combination Key */
#define ESP_BT_LINK_KEY_UNAUTHED_COMB_P192 (0x04) /*!< Unauthenticated Combination Key generated from P-192 */
#define ESP_BT_LINK_KEY_AUTHED_COMB_P192 (0x05) /*!< Authenticated Combination Key generated from P-192 */
#define ESP_BT_LINK_KEY_CHG_COMB (0x06) /*!< Changed Combination Key */
#define ESP_BT_LINK_KEY_UNAUTHED_COMB_P256 (0x07) /*!< Unauthenticated Combination Key generated from P-256 */
#define ESP_BT_LINK_KEY_AUTHED_COMB_P256 (0x08) /*!< Authenticated Combination Key generated from P-256 */
typedef uint8_t esp_bt_link_key_type_t;

/// Type of encryption
#define ESP_BT_ENC_MODE_OFF (0x00) /*!< Link Level Encryption is OFF */
#define ESP_BT_ENC_MODE_E0 (0x01) /*!< Link Level Encryption is ON with E0 */
#define ESP_BT_ENC_MODE_AES (0x02) /*!< Link Level Encryption is ON with AES-CCM */
typedef uint8_t esp_bt_enc_mode_t;

/// BT GAP callback events
typedef enum {
ESP_BT_GAP_DISC_RES_EVT = 0, /*!< Device discovery result event */
Expand All @@ -249,6 +265,7 @@ typedef enum {
ESP_BT_GAP_SET_PAGE_TO_EVT, /*!< Set page timeout event */
ESP_BT_GAP_GET_PAGE_TO_EVT, /*!< Get page timeout event */
ESP_BT_GAP_ACL_PKT_TYPE_CHANGED_EVT, /*!< Set ACL packet types event */
ESP_BT_GAP_ENC_CHG_EVT, /*!< Encryption change event */
ESP_BT_GAP_EVT_MAX,
} esp_bt_gap_cb_event_t;

Expand Down Expand Up @@ -331,9 +348,18 @@ typedef union {
struct auth_cmpl_param {
esp_bd_addr_t bda; /*!< remote bluetooth device address*/
esp_bt_status_t stat; /*!< authentication complete status */
esp_bt_link_key_type_t lk_type; /*!< type of link key generated */
uint8_t device_name[ESP_BT_GAP_MAX_BDNAME_LEN + 1]; /*!< device name */
} auth_cmpl; /*!< authentication complete parameter struct */

/**
* @brief ESP_BT_GAP_ENC_CHG_EVT
*/
struct enc_chg_param {
esp_bd_addr_t bda; /*!< remote bluetooth device address*/
esp_bt_enc_mode_t enc_mode; /*!< encryption mode */
} enc_chg; /*!< encryption change parameter struct */

/**
* @brief ESP_BT_GAP_PIN_REQ_EVT
*/
Expand Down
26 changes: 25 additions & 1 deletion components/bt/host/bluedroid/bta/dm/bta_dm_act.c
Original file line number Diff line number Diff line change
Expand Up @@ -77,9 +77,10 @@ static void bta_dm_bl_change_cback (tBTM_BL_EVENT_DATA *p_data);
static void bta_dm_acl_link_stat_cback(tBTM_ACL_LINK_STAT_EVENT_DATA *p_data);
static void bta_dm_policy_cback(tBTA_SYS_CONN_STATUS status, UINT8 id, UINT8 app_id, BD_ADDR peer_addr);

/* Extended Inquiry Response */
#if (CLASSIC_BT_INCLUDED == TRUE)
static void bta_dm_encryption_change_cback(BD_ADDR bd_addr, UINT8 enc_mode);
static UINT8 bta_dm_sp_cback (tBTM_SP_EVT event, tBTM_SP_EVT_DATA *p_data);
/* Extended Inquiry Response */
static void bta_dm_set_eir (char *local_name);
#endif
#if (SDP_INCLUDED == TRUE)
Expand Down Expand Up @@ -231,9 +232,11 @@ const tBTM_APPL_INFO bta_security = {
&bta_dm_authentication_complete_cback,
&bta_dm_bond_cancel_complete_cback,
#if (CLASSIC_BT_INCLUDED == TRUE)
&bta_dm_encryption_change_cback,
&bta_dm_sp_cback,
#else
NULL,
NULL,
#endif
#if BLE_INCLUDED == TRUE
&bta_dm_ble_smp_cback,
Expand Down Expand Up @@ -3093,6 +3096,27 @@ static UINT8 bta_dm_pin_cback (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_
bta_dm_cb.p_sec_cback(BTA_DM_PIN_REQ_EVT, &sec_event);
return BTM_CMD_STARTED;
}

/*******************************************************************************
**
** Function bta_dm_new_link_key_cback
**
** Description Callback from BTM to notify new link key
**
** Returns void
**
*******************************************************************************/
static void bta_dm_encryption_change_cback(BD_ADDR bd_addr, UINT8 enc_mode)
{
if (bta_dm_cb.p_sec_cback) {
tBTA_DM_SEC sec_event;
memset (&sec_event, 0, sizeof(tBTA_DM_SEC));
bdcpy(sec_event.enc_chg.bd_addr, bd_addr);
sec_event.enc_chg.enc_mode = enc_mode;

bta_dm_cb.p_sec_cback(BTA_DM_ENC_CHG_EVT, &sec_event);
}
}
#endif ///CLASSIC_BT_INCLUDED == TRUE

/*******************************************************************************
Expand Down
7 changes: 7 additions & 0 deletions components/bt/host/bluedroid/bta/include/bta/bta_api.h
Original file line number Diff line number Diff line change
Expand Up @@ -669,6 +669,7 @@ typedef UINT8 tBTA_SIG_STRENGTH_MASK;
#define BTA_DM_ACL_LINK_STAT_EVT 32 /* ACL connection status report event */
#define BTA_DM_BLE_SC_OOB_REQ_EVT 33 /* BLE SMP SC OOB request event */
#define BTA_DM_BLE_SC_CR_LOC_OOB_EVT 34 /* BLE SMP SC Create Local OOB request event */
#define BTA_DM_ENC_CHG_EVT 35 /* Encryption change event */

typedef UINT8 tBTA_DM_SEC_EVT;

Expand Down Expand Up @@ -993,6 +994,11 @@ typedef struct {
BT_OCTET16 local_oob_r; /* Local OOB Data Randomizer */
} tBTA_DM_LOC_OOB_DATA;

typedef struct {
BD_ADDR bd_addr; /* BD address peer device */
UINT8 enc_mode; /* Encryption mode */
} tBTA_DM_ENC_CHG;

/* Union of all security callback structures */
typedef union {
tBTA_DM_ENABLE enable; /* BTA enabled */
Expand All @@ -1018,6 +1024,7 @@ typedef union {
tBTA_DM_MODE_CHG mode_chg; /* mode change event */
#endif ///BTA_DM_PM_INCLUDED
tBTA_DM_LOC_OOB_DATA local_oob_data; /* Local OOB data generated by us */
tBTA_DM_ENC_CHG enc_chg; /* Encryption change event */
} tBTA_DM_SEC;

/* Security callback */
Expand Down
32 changes: 32 additions & 0 deletions components/bt/host/bluedroid/btc/core/btc_dm.c
Original file line number Diff line number Diff line change
Expand Up @@ -413,6 +413,7 @@ static void btc_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
msg->pid = BTC_PID_GAP_BT;
msg->act = BTC_GAP_BT_AUTH_CMPL_EVT;
param.auth_cmpl.stat = status;
param.auth_cmpl.lk_type = p_auth_cmpl->key_type;
memcpy(param.auth_cmpl.bda, p_auth_cmpl->bd_addr, ESP_BD_ADDR_LEN);
memcpy(param.auth_cmpl.device_name, p_auth_cmpl->bd_name, ESP_BT_GAP_MAX_BDNAME_LEN + 1);
memcpy(msg->arg, &param, sizeof(esp_bt_gap_cb_param_t));
Expand All @@ -428,6 +429,34 @@ static void btc_dm_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl)
(void) status;
}

static void btc_dm_enc_chg_evt (tBTA_DM_ENC_CHG *p_enc_chg)
{
#if (BTC_GAP_BT_INCLUDED == TRUE)
esp_bt_gap_cb_param_t param;
bt_status_t ret;
btc_msg_t *msg;

msg = (btc_msg_t *)osi_malloc(sizeof(btc_msg_t) + sizeof(esp_bt_gap_cb_param_t));
if (msg == NULL) {
BTC_TRACE_ERROR("%s malloc fail", __func__);
return;
}
msg->sig = BTC_SIG_API_CB;
msg->pid = BTC_PID_GAP_BT;
msg->act = BTC_GAP_BT_ENC_CHG_EVT;
param.enc_chg.enc_mode = p_enc_chg->enc_mode;
memcpy(param.enc_chg.bda, p_enc_chg->bd_addr, ESP_BD_ADDR_LEN);
memcpy(msg->arg, &param, sizeof(esp_bt_gap_cb_param_t));

ret = btc_inter_profile_call(msg);
osi_free(msg);

if (ret != BT_STATUS_SUCCESS) {
BTC_TRACE_ERROR("%s btc_inter_profile_call failed\n", __func__);
}
#endif /// BTC_GAP_BT_INCLUDED == TRUE
}

static void btc_dm_pin_req_evt(tBTA_DM_PIN_REQ *p_pin_req)
{
#if (BTC_GAP_BT_INCLUDED == TRUE)
Expand Down Expand Up @@ -782,6 +811,9 @@ void btc_dm_sec_cb_handler(btc_msg_t *msg)
case BTA_DM_AUTH_CMPL_EVT:
btc_dm_auth_cmpl_evt(&p_data->auth_cmpl);
break;
case BTA_DM_ENC_CHG_EVT:
btc_dm_enc_chg_evt(&p_data->enc_chg);
break;
case BTA_DM_BOND_CANCEL_CMPL_EVT:
BTC_TRACE_DEBUG("BTA_DM_BOND_CANCEL_CMPL_EVT");
break;
Expand Down
5 changes: 5 additions & 0 deletions components/bt/host/bluedroid/btc/profile/std/gap/btc_gap_bt.c
Original file line number Diff line number Diff line change
Expand Up @@ -1086,6 +1086,7 @@ void btc_gap_bt_cb_deep_free(btc_msg_t *msg)
case BTC_GAP_BT_READ_RSSI_DELTA_EVT:
case BTC_GAP_BT_CONFIG_EIR_DATA_EVT:
case BTC_GAP_BT_AUTH_CMPL_EVT:
case BTC_GAP_BT_ENC_CHG_EVT:
case BTC_GAP_BT_PIN_REQ_EVT:
case BTC_GAP_BT_SET_AFH_CHANNELS_EVT:
case BTC_GAP_BT_READ_REMOTE_NAME_EVT:
Expand Down Expand Up @@ -1134,6 +1135,10 @@ void btc_gap_bt_cb_handler(btc_msg_t *msg)
btc_gap_bt_cb_to_app(ESP_BT_GAP_AUTH_CMPL_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
break;
}
case BTC_GAP_BT_ENC_CHG_EVT:{
btc_gap_bt_cb_to_app(ESP_BT_GAP_ENC_CHG_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
break;
}
case BTC_GAP_BT_PIN_REQ_EVT:{
btc_gap_bt_cb_to_app(ESP_BT_GAP_PIN_REQ_EVT, (esp_bt_gap_cb_param_t *)msg->arg);
break;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -20,6 +20,7 @@ typedef enum {
BTC_GAP_BT_SEARCH_SERVICES_EVT,
BTC_GAP_BT_SEARCH_SERVICE_RECORD_EVT,
BTC_GAP_BT_AUTH_CMPL_EVT,
BTC_GAP_BT_ENC_CHG_EVT,
BTC_GAP_BT_PIN_REQ_EVT,
BTC_GAP_BT_CFM_REQ_EVT,
BTC_GAP_BT_KEY_NOTIF_EVT,
Expand Down
1 change: 1 addition & 0 deletions components/bt/host/bluedroid/stack/btm/btm_dev.c
Original file line number Diff line number Diff line change
Expand Up @@ -82,6 +82,7 @@ BOOLEAN BTM_SecAddDevice (BD_ADDR bd_addr, DEV_CLASS dev_class, BD_NAME bd_name,
memcpy (p_dev_rec->bd_addr, bd_addr, BD_ADDR_LEN);
p_dev_rec->hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_BR_EDR);
p_dev_rec->ble_hci_handle = BTM_GetHCIConnHandle (bd_addr, BT_TRANSPORT_LE);
p_dev_rec->enc_mode = BTM_ENC_MODE_UNKNOWN;

#if BLE_INCLUDED == TRUE
/* use default value for background connection params */
Expand Down
14 changes: 14 additions & 0 deletions components/bt/host/bluedroid/stack/btm/btm_sec.c
Original file line number Diff line number Diff line change
Expand Up @@ -4092,6 +4092,13 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
p_dev_rec->link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256) {
p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
}
if (p_dev_rec->enc_mode != encr_enable) {
p_dev_rec->enc_mode = encr_enable;
/* Report the encryption change state of BR/EDR to upper layer */
if (btm_cb.api.p_enc_change_callback) {
(*btm_cb.api.p_enc_change_callback) (p_dev_rec->bd_addr, encr_enable);
}
}
} else {
p_dev_rec->sec_flags |= BTM_SEC_LE_ENCRYPTED;
}
Expand All @@ -4102,6 +4109,13 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
if ((status == HCI_SUCCESS) && !encr_enable) {
if (p_dev_rec->hci_handle == handle) {
p_dev_rec->sec_flags &= ~BTM_SEC_ENCRYPTED;
if (p_dev_rec->enc_mode != encr_enable) {
p_dev_rec->enc_mode = encr_enable;
/* Report the encryption change state of BR/EDR to upper layer */
if (btm_cb.api.p_enc_change_callback) {
(*btm_cb.api.p_enc_change_callback) (p_dev_rec->bd_addr, encr_enable);
}
}
} else {
p_dev_rec->sec_flags &= ~BTM_SEC_LE_ENCRYPTED;
}
Expand Down
3 changes: 3 additions & 0 deletions components/bt/host/bluedroid/stack/btm/include/btm_int.h
Original file line number Diff line number Diff line change
Expand Up @@ -668,6 +668,9 @@ struct tBTM_SEC_DEV_REC{
secure connection. This will be helpful to know when peer device downgrades it's security. */

UINT16 ble_hci_handle; /* use in DUMO connection */

#define BTM_ENC_MODE_UNKNOWN 0xff
UINT8 enc_mode; /* encryption mode of current link */
UINT8 enc_key_size; /* current link encryption key size */
tBT_DEVICE_TYPE device_type;
BOOLEAN new_encryption_key_is_p256; /* Set to TRUE when the newly generated LK
Expand Down
7 changes: 7 additions & 0 deletions components/bt/host/bluedroid/stack/include/stack/btm_api.h
Original file line number Diff line number Diff line change
Expand Up @@ -1492,6 +1492,12 @@ typedef void (tBTM_RMT_NAME_CALLBACK) (BD_ADDR bd_addr, DEV_CLASS dc,
typedef UINT8 (tBTM_AUTH_COMPLETE_CALLBACK) (BD_ADDR bd_addr, DEV_CLASS dev_class,
tBTM_BD_NAME bd_name, int result);

/* Encryption changed for the connection. Parameters are
** BD Address of remote
** Encryption mode
*/
typedef void (tBTM_ENC_CHANGE_CALLBACK) (BD_ADDR bd_addr, UINT8 enc_mode);

enum {
BTM_SP_IO_REQ_EVT, /* received IO_CAPABILITY_REQUEST event */
BTM_SP_IO_RSP_EVT, /* received IO_CAPABILITY_RESPONSE event */
Expand Down Expand Up @@ -1869,6 +1875,7 @@ typedef struct {
tBTM_LINK_KEY_CALLBACK *p_link_key_callback;
tBTM_AUTH_COMPLETE_CALLBACK *p_auth_complete_callback;
tBTM_BOND_CANCEL_CMPL_CALLBACK *p_bond_cancel_cmpl_callback;
tBTM_ENC_CHANGE_CALLBACK *p_enc_change_callback;
tBTM_SP_CALLBACK *p_sp_callback;
#if BLE_INCLUDED == TRUE
#if SMP_INCLUDED == TRUE
Expand Down
8 changes: 8 additions & 0 deletions examples/bluetooth/bluedroid/classic_bt/a2dp_sink/main/main.c
Original file line number Diff line number Diff line change
Expand Up @@ -79,6 +79,14 @@ static void bt_app_gap_cb(esp_bt_gap_cb_event_t event, esp_bt_gap_cb_param_t *pa
} else {
ESP_LOGE(BT_AV_TAG, "authentication failed, status: %d", param->auth_cmpl.stat);
}
ESP_LOGI(BT_AV_TAG, "link key type of current link is: %d", param->auth_cmpl.lk_type);
break;
}
case ESP_BT_GAP_ENC_CHG_EVT: {
char *str_enc[3] = {"OFF", "E0", "AES"};
bda = (uint8_t *)param->enc_chg.bda;
ESP_LOGI(BT_AV_TAG, "Encryption mode to [%02x:%02x:%02x:%02x:%02x:%02x] changed to %s",
bda[0], bda[1], bda[2], bda[3], bda[4], bda[5], str_enc[param->enc_chg.enc_mode]);
break;
}

Expand Down

0 comments on commit 28ff8e3

Please sign in to comment.