You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mynewt.apache.org by an...@apache.org on 2017/04/05 13:06:47 UTC
[2/4] incubator-mynewt-core git commit: nimble/sm: Fix Secure
Connection only mode
nimble/sm: Fix Secure Connection only mode
This patch fix scenarion when one device has set SC only mode
and second device Legacy pairing
Project: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/commit/51d35533
Tree: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/tree/51d35533
Diff: http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/diff/51d35533
Branch: refs/heads/develop
Commit: 51d355330554af2ac86a7119f8b8b0bdc624642c
Parents: ea988a0
Author: \u0141ukasz Rymanowski <lu...@codecoup.pl>
Authored: Wed Mar 22 23:48:46 2017 +0100
Committer: \u0141ukasz Rymanowski <lu...@codecoup.pl>
Committed: Thu Mar 23 09:44:15 2017 +0100
----------------------------------------------------------------------
net/nimble/host/src/ble_sm.c | 50 +++++++++++++++++++++++----------
net/nimble/host/src/ble_sm_lgcy.c | 19 ++++++-------
net/nimble/host/src/ble_sm_priv.h | 8 +++---
net/nimble/host/src/ble_sm_sc.c | 51 ++++++++++++++++++++++++----------
4 files changed, 85 insertions(+), 43 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/51d35533/net/nimble/host/src/ble_sm.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_sm.c b/net/nimble/host/src/ble_sm.c
index ef2f41b..f37d4fc 100644
--- a/net/nimble/host/src/ble_sm.c
+++ b/net/nimble/host/src/ble_sm.c
@@ -710,12 +710,12 @@ ble_sm_build_authreq(void)
}
static int
-ble_sm_io_action(struct ble_sm_proc *proc)
+ble_sm_io_action(struct ble_sm_proc *proc, uint8_t *action)
{
if (proc->flags & BLE_SM_PROC_F_SC) {
- return ble_sm_sc_io_action(proc);
+ return ble_sm_sc_io_action(proc, action);
} else {
- return ble_sm_lgcy_io_action(proc);
+ return ble_sm_lgcy_io_action(proc, action);
}
}
@@ -744,8 +744,13 @@ int
ble_sm_proc_can_advance(struct ble_sm_proc *proc)
{
uint8_t ioact;
+ int rc;
+
+ rc = ble_sm_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
- ioact = ble_sm_io_action(proc);
if (ble_sm_ioact_state(ioact) != proc->state) {
return 1;
}
@@ -1379,7 +1384,13 @@ ble_sm_confirm_rx(uint16_t conn_handle, struct os_mbuf **om,
proc->state = BLE_SM_PROC_STATE_RANDOM;
res->execute = 1;
} else {
- ioact = ble_sm_io_action(proc);
+ int rc;
+
+ rc = ble_sm_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
+
if (ble_sm_ioact_state(ioact) == proc->state) {
proc->flags |= BLE_SM_PROC_F_ADVANCE_ON_IO;
}
@@ -1503,7 +1514,9 @@ ble_sm_pair_exec(struct ble_sm_proc *proc, struct ble_sm_result *res,
ble_sm_pair_cfg(proc);
proc->state = ble_sm_state_after_pair(proc);
- ioact = ble_sm_io_action(proc);
+ rc = ble_sm_io_action(proc, &ioact);
+ BLE_HS_DBG_ASSERT(rc == 0);
+
if (ble_sm_ioact_state(ioact) == proc->state) {
res->passkey_params.action = ioact;
}
@@ -1621,15 +1634,23 @@ ble_sm_pair_rsp_rx(uint16_t conn_handle, struct os_mbuf **om,
res->sm_err = BLE_SM_ERR_INVAL;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_INVAL);
} else {
+ int rc;
+
ble_sm_pair_cfg(proc);
- proc->state = ble_sm_state_after_pair(proc);
- ioact = ble_sm_io_action(proc);
- if (ble_sm_ioact_state(ioact) == proc->state) {
- res->passkey_params.action = ioact;
- }
- if (ble_sm_proc_can_advance(proc)) {
- res->execute = 1;
+ rc = ble_sm_io_action(proc, &ioact);
+ if (rc != 0) {
+ res->sm_err = BLE_SM_ERR_AUTHREQ;
+ res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_AUTHREQ);
+ res->enc_cb = 1;
+ } else {
+ proc->state = ble_sm_state_after_pair(proc);
+ if (ble_sm_ioact_state(ioact) == proc->state) {
+ res->passkey_params.action = ioact;
+ }
+ if (ble_sm_proc_can_advance(proc)) {
+ res->execute = 1;
+ }
}
}
}
@@ -2373,6 +2394,7 @@ ble_sm_inject_io(uint16_t conn_handle, struct ble_sm_io *pkey)
struct ble_sm_result res;
struct ble_sm_proc *proc;
int rc;
+ uint8_t action;
memset(&res, 0, sizeof res);
@@ -2383,7 +2405,7 @@ ble_sm_inject_io(uint16_t conn_handle, struct ble_sm_io *pkey)
rc = BLE_HS_ENOENT;
} else if (proc->flags & BLE_SM_PROC_F_IO_INJECTED) {
rc = BLE_HS_EALREADY;
- } else if (pkey->action != ble_sm_io_action(proc)) {
+ } else if ((ble_sm_io_action(proc, &action) == 0) && pkey->action != action) {
/* Application provided incorrect IO type. */
rc = BLE_HS_EINVAL;
} else if (ble_sm_ioact_state(pkey->action) != proc->state) {
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/51d35533/net/nimble/host/src/ble_sm_lgcy.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_sm_lgcy.c b/net/nimble/host/src/ble_sm_lgcy.c
index 1447028..ff53b1e 100644
--- a/net/nimble/host/src/ble_sm_lgcy.c
+++ b/net/nimble/host/src/ble_sm_lgcy.c
@@ -61,31 +61,30 @@ static const uint8_t ble_sm_lgcy_resp_ioa[5 /*resp*/ ][5 /*init*/ ] =
};
int
-ble_sm_lgcy_io_action(struct ble_sm_proc *proc)
+ble_sm_lgcy_io_action(struct ble_sm_proc *proc, uint8_t *action)
{
struct ble_sm_pair_cmd *pair_req, *pair_rsp;
- int action;
pair_req = (struct ble_sm_pair_cmd *) &proc->pair_req[1];
pair_rsp = (struct ble_sm_pair_cmd *) &proc->pair_rsp[1];
if (pair_req->oob_data_flag == BLE_SM_PAIR_OOB_YES &&
pair_rsp->oob_data_flag == BLE_SM_PAIR_OOB_YES) {
- action = BLE_SM_IOACT_OOB;
+ *action = BLE_SM_IOACT_OOB;
} else if (!(pair_req->authreq & BLE_SM_PAIR_AUTHREQ_MITM) &&
!(pair_rsp->authreq & BLE_SM_PAIR_AUTHREQ_MITM)) {
- action = BLE_SM_IOACT_NONE;
+ *action = BLE_SM_IOACT_NONE;
} else if (pair_req->io_cap >= BLE_SM_IO_CAP_RESERVED ||
pair_rsp->io_cap >= BLE_SM_IO_CAP_RESERVED) {
- action = BLE_SM_IOACT_NONE;
+ *action = BLE_SM_IOACT_NONE;
} else if (proc->flags & BLE_SM_PROC_F_INITIATOR) {
- action = ble_sm_lgcy_init_ioa[pair_rsp->io_cap][pair_req->io_cap];
+ *action = ble_sm_lgcy_init_ioa[pair_rsp->io_cap][pair_req->io_cap];
} else {
- action = ble_sm_lgcy_resp_ioa[pair_rsp->io_cap][pair_req->io_cap];
+ *action = ble_sm_lgcy_resp_ioa[pair_rsp->io_cap][pair_req->io_cap];
}
- switch (action) {
+ switch (*action) {
case BLE_SM_IOACT_NONE:
proc->pair_alg = BLE_SM_PAIR_ALG_JW;
break;
@@ -103,10 +102,10 @@ ble_sm_lgcy_io_action(struct ble_sm_proc *proc)
default:
BLE_HS_DBG_ASSERT(0);
- break;
+ return BLE_HS_EINVAL;
}
- return action;
+ return 0;
}
void
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/51d35533/net/nimble/host/src/ble_sm_priv.h
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_sm_priv.h b/net/nimble/host/src/ble_sm_priv.h
index 86c31da..0263dda 100644
--- a/net/nimble/host/src/ble_sm_priv.h
+++ b/net/nimble/host/src/ble_sm_priv.h
@@ -332,7 +332,7 @@ void ble_sm_enc_key_refresh_rx(struct hci_encrypt_key_refresh *evt);
int ble_sm_ltk_req_rx(struct hci_le_lt_key_req *evt);
#if MYNEWT_VAL(BLE_SM_LEGACY)
-int ble_sm_lgcy_io_action(struct ble_sm_proc *proc);
+int ble_sm_lgcy_io_action(struct ble_sm_proc *proc, uint8_t *action);
void ble_sm_lgcy_confirm_exec(struct ble_sm_proc *proc,
struct ble_sm_result *res);
void ble_sm_lgcy_random_exec(struct ble_sm_proc *proc,
@@ -340,14 +340,14 @@ void ble_sm_lgcy_random_exec(struct ble_sm_proc *proc,
void ble_sm_lgcy_random_rx(struct ble_sm_proc *proc,
struct ble_sm_result *res);
#else
-#define ble_sm_lgcy_io_action(proc) (BLE_HS_ENOTSUP)
+#define ble_sm_lgcy_io_action(proc, action) (BLE_HS_ENOTSUP)
#define ble_sm_lgcy_confirm_exec(proc, res)
#define ble_sm_lgcy_random_exec(proc, res)
#define ble_sm_lgcy_random_rx(proc, res)
#endif
#if MYNEWT_VAL(BLE_SM_SC)
-int ble_sm_sc_io_action(struct ble_sm_proc *proc);
+int ble_sm_sc_io_action(struct ble_sm_proc *proc, uint8_t *action);
void ble_sm_sc_confirm_exec(struct ble_sm_proc *proc,
struct ble_sm_result *res);
void ble_sm_sc_random_exec(struct ble_sm_proc *proc,
@@ -364,7 +364,7 @@ void ble_sm_sc_dhkey_check_rx(uint16_t conn_handle, struct os_mbuf **rxom,
struct ble_sm_result *res);
void ble_sm_sc_init(void);
#else
-#define ble_sm_sc_io_action(proc) (BLE_SM_IOACT_NONE)
+#define ble_sm_sc_io_action(proc, action) (BLE_HS_ENOTSUP)
#define ble_sm_sc_confirm_exec(proc, res)
#define ble_sm_sc_random_exec(proc, res)
#define ble_sm_sc_random_rx(proc, res)
http://git-wip-us.apache.org/repos/asf/incubator-mynewt-core/blob/51d35533/net/nimble/host/src/ble_sm_sc.c
----------------------------------------------------------------------
diff --git a/net/nimble/host/src/ble_sm_sc.c b/net/nimble/host/src/ble_sm_sc.c
index f78b049..8f6bc85 100644
--- a/net/nimble/host/src/ble_sm_sc.c
+++ b/net/nimble/host/src/ble_sm_sc.c
@@ -108,31 +108,30 @@ ble_sm_dbg_set_sc_keys(uint8_t *pubkey, uint8_t *privkey)
#endif
int
-ble_sm_sc_io_action(struct ble_sm_proc *proc)
+ble_sm_sc_io_action(struct ble_sm_proc *proc, uint8_t *action)
{
struct ble_sm_pair_cmd *pair_req, *pair_rsp;
- int action;
pair_req = (struct ble_sm_pair_cmd *) &proc->pair_req[1];
pair_rsp = (struct ble_sm_pair_cmd *) &proc->pair_rsp[1];
if (pair_req->oob_data_flag == BLE_SM_PAIR_OOB_YES ||
pair_rsp->oob_data_flag == BLE_SM_PAIR_OOB_YES) {
- action = BLE_SM_IOACT_OOB;
+ *action = BLE_SM_IOACT_OOB;
} else if (!(pair_req->authreq & BLE_SM_PAIR_AUTHREQ_MITM) &&
!(pair_rsp->authreq & BLE_SM_PAIR_AUTHREQ_MITM)) {
- action = BLE_SM_IOACT_NONE;
+ *action = BLE_SM_IOACT_NONE;
} else if (pair_req->io_cap >= BLE_SM_IO_CAP_RESERVED ||
pair_rsp->io_cap >= BLE_SM_IO_CAP_RESERVED) {
- action = BLE_SM_IOACT_NONE;
+ *action = BLE_SM_IOACT_NONE;
} else if (proc->flags & BLE_SM_PROC_F_INITIATOR) {
- action = ble_sm_sc_init_ioa[pair_rsp->io_cap][pair_req->io_cap];
+ *action = ble_sm_sc_init_ioa[pair_rsp->io_cap][pair_req->io_cap];
} else {
- action = ble_sm_sc_resp_ioa[pair_rsp->io_cap][pair_req->io_cap];
+ *action = ble_sm_sc_resp_ioa[pair_rsp->io_cap][pair_req->io_cap];
}
- switch (action) {
+ switch (*action) {
case BLE_SM_IOACT_NONE:
proc->pair_alg = BLE_SM_PAIR_ALG_JW;
break;
@@ -155,10 +154,10 @@ ble_sm_sc_io_action(struct ble_sm_proc *proc)
default:
BLE_HS_DBG_ASSERT(0);
- break;
+ return BLE_HS_EINVAL;
}
- return action;
+ return 0;
}
static int
@@ -403,7 +402,9 @@ ble_sm_sc_random_exec(struct ble_sm_proc *proc, struct ble_sm_result *res)
return;
}
- ioact = ble_sm_sc_io_action(proc);
+ rc = ble_sm_sc_io_action(proc, &ioact);
+ BLE_HS_DBG_ASSERT(rc == 0);
+
if (ble_sm_ioact_state(ioact) == proc->state &&
!(proc->flags & BLE_SM_PROC_F_IO_INJECTED)) {
@@ -480,8 +481,13 @@ ble_sm_sc_random_rx(struct ble_sm_proc *proc, struct ble_sm_result *res)
if (proc->flags & BLE_SM_PROC_F_INITIATOR) {
ble_sm_sc_random_advance(proc);
+ int rc;
+
+ rc = ble_sm_sc_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
- ioact = ble_sm_sc_io_action(proc);
if (ble_sm_ioact_state(ioact) == proc->state &&
!(proc->flags & BLE_SM_PROC_F_IO_INJECTED)) {
@@ -531,8 +537,13 @@ ble_sm_sc_public_key_exec(struct ble_sm_proc *proc, struct ble_sm_result *res,
if (!(proc->flags & BLE_SM_PROC_F_INITIATOR)) {
proc->state = BLE_SM_PROC_STATE_CONFIRM;
+ int rc;
+
+ rc = ble_sm_sc_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
- ioact = ble_sm_sc_io_action(proc);
if (ble_sm_ioact_state(ioact) == proc->state) {
res->passkey_params.action = ioact;
}
@@ -588,9 +599,15 @@ ble_sm_sc_public_key_rx(uint16_t conn_handle, struct os_mbuf **om,
res->enc_cb = 1;
} else {
if (proc->flags & BLE_SM_PROC_F_INITIATOR) {
+ int rc;
+
proc->state = BLE_SM_PROC_STATE_CONFIRM;
- ioact = ble_sm_sc_io_action(proc);
+ rc = ble_sm_sc_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
+
if (ble_sm_ioact_state(ioact) == proc->state) {
res->passkey_params.action = ioact;
}
@@ -690,6 +707,7 @@ ble_sm_dhkey_check_process(struct ble_sm_proc *proc,
ble_addr_t peer_addr;
uint8_t *iocap;
uint8_t ioact;
+ int rc;
if (proc->flags & BLE_SM_PROC_F_INITIATOR) {
struct ble_sm_pair_cmd *pair_rsp;
@@ -729,8 +747,11 @@ ble_sm_dhkey_check_process(struct ble_sm_proc *proc,
return;
}
+ rc = ble_sm_sc_io_action(proc, &ioact);
+ if (rc != 0) {
+ BLE_HS_DBG_ASSERT(0);
+ }
- ioact = ble_sm_sc_io_action(proc);
if (ble_sm_ioact_state(ioact) == proc->state) {
proc->flags |= BLE_SM_PROC_F_ADVANCE_ON_IO;
}