Commit 8af12a5

committed

fix(ble): Fix security for Bluedroid

1 parent 20c0dde commit 8af12a5Copy full SHA for 8af12a5

File tree

15 files changed

+648

-144

lines changed

libraries/BLE/src

15 files changed

+648

-144

lines changed

`‎libraries/BLE/src/BLECharacteristic.cpp`

Lines changed: 55 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -582,6 +582,34 @@ void BLECharacteristic::handleGATTServerEvent(esp_gatts_cb_event_t event, esp_ga`
`582`	`582`	`// we save the new value. Next we look at the need_rsp flag which indicates whether or not we need`
`583`	`583`	`// to send a response. If we do, then we formulate a response and send it.`
`584`	`584`	`if (param->write.handle == m_handle) {`
	`585`	`+`
	`586`	`+ // Check for authorization requirement`
	`587`	`+ if (m_permissions & ESP_GATT_PERM_WRITE_AUTHORIZATION) {`
	`588`	`+ bool authorized = false;`
	`589`	`+`
	`590`	`+ if (BLEDevice::m_securityCallbacks != nullptr) {`
	`591`	`+ log_i("Authorization required for write operation. Checking authorization...");`
	`592`	`+ authorized = BLEDevice::m_securityCallbacks->onAuthorizationRequest(`
	`593`	`+ param->write.conn_id, m_handle, false`
	`594`	`+ );`
	`595`	`+ } else {`
	`596`	`+ log_w("onAuthorizationRequest not implemented. Rejecting write authorization request");`
	`597`	`+ }`
	`598`	`+`
	`599`	`+ if (!authorized) {`
	`600`	`+ log_i("Write authorization rejected");`
	`601`	`+ if (param->write.need_rsp) {`
	`602`	`+ esp_err_t errRc = ::esp_ble_gatts_send_response(gatts_if, param->write.conn_id, param->write.trans_id, ESP_GATT_INSUF_AUTHORIZATION, nullptr);`
	`603`	`+ if (errRc != ESP_OK) {`
	`604`	`+ log_e("esp_ble_gatts_send_response (authorization failed): rc=%d %s", errRc, GeneralUtils::errorToString(errRc));`
	`605`	`+ }`
	`606`	`+ }`
	`607`	`+ return; // Exit early, don't process the write`
	`608`	`+ } else {`
	`609`	`+ log_i("Write authorization granted");`
	`610`	`+ }`
	`611`	`+ }`
	`612`	`+`
`585`	`613`	`if (param->write.is_prep) {`
`586`	`614`	`m_value.addPart(param->write.value, param->write.len);`
`587`	`615`	`m_writeEvt = true;`
`@@ -637,6 +665,33 @@ void BLECharacteristic::handleGATTServerEvent(esp_gatts_cb_event_t event, esp_ga`
`637`	`665`	`{`
`638`	`666`	`if (param->read.handle == m_handle) {`
`639`	`667`
	`668`	`+ // Check for authorization requirement`
	`669`	`+ if (m_permissions & ESP_GATT_PERM_READ_AUTHORIZATION) {`
	`670`	`+ bool authorized = false;`
	`671`	`+`
	`672`	`+ if (BLEDevice::m_securityCallbacks != nullptr) {`
	`673`	`+ log_i("Authorization required for read operation. Checking authorization...");`
	`674`	`+ authorized = BLEDevice::m_securityCallbacks->onAuthorizationRequest(`
	`675`	`+ param->read.conn_id, m_handle, true`
	`676`	`+ );`
	`677`	`+ } else {`
	`678`	`+ log_w("onAuthorizationRequest not implemented. Rejecting read authorization request");`
	`679`	`+ }`
	`680`	`+`
	`681`	`+ if (!authorized) {`
	`682`	`+ log_i("Read authorization rejected");`
	`683`	`+ if (param->read.need_rsp) {`
	`684`	`+ esp_err_t errRc = ::esp_ble_gatts_send_response(gatts_if, param->read.conn_id, param->read.trans_id, ESP_GATT_INSUF_AUTHORIZATION, nullptr);`
	`685`	`+ if (errRc != ESP_OK) {`
	`686`	`+ log_e("esp_ble_gatts_send_response (authorization failed): rc=%d %s", errRc, GeneralUtils::errorToString(errRc));`
	`687`	`+ }`
	`688`	`+ }`
	`689`	`+ return; // Exit early, don't process the read`
	`690`	`+ } else {`
	`691`	`+ log_i("Read authorization granted");`
	`692`	`+ }`
	`693`	`+ }`
	`694`	`+`
`640`	`695`	`// Here's an interesting thing. The read request has the option of saying whether we need a response`
`641`	`696`	`// or not. What would it "mean" to receive a read request and NOT send a response back? That feels like`
`642`	`697`	`// a very strange read.`

`‎libraries/BLE/src/BLECharacteristic.h`

Lines changed: 10 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -140,17 +140,25 @@ class BLECharacteristic {`
`140`	`140`
`141`	`141`	`#if defined(CONFIG_BLUEDROID_ENABLED)`
`142`	`142`	`static const uint32_t PROPERTY_READ = 1 << 0;`
	`143`	`+ static const uint32_t PROPERTY_READ_ENC = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
	`144`	`+ static const uint32_t PROPERTY_READ_AUTHEN = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
	`145`	`+ static const uint32_t PROPERTY_READ_AUTHOR = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
`143`	`146`	`static const uint32_t PROPERTY_WRITE = 1 << 1;`
	`147`	`+ static const uint32_t PROPERTY_WRITE_NR = 1 << 5;`
	`148`	`+ static const uint32_t PROPERTY_WRITE_ENC = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
	`149`	`+ static const uint32_t PROPERTY_WRITE_AUTHEN = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
	`150`	`+ static const uint32_t PROPERTY_WRITE_AUTHOR = 0; // Not supported by Bluedroid. Use setAccessPermissions() instead.`
`144`	`151`	`static const uint32_t PROPERTY_NOTIFY = 1 << 2;`
`145`	`152`	`static const uint32_t PROPERTY_BROADCAST = 1 << 3;`
`146`	`153`	`static const uint32_t PROPERTY_INDICATE = 1 << 4;`
`147`		`- static const uint32_t PROPERTY_WRITE_NR = 1 << 5;`
`148`	`154`	`#endif`
`149`	`155`
`150`	`156`	`/***************************************************************************`
`151`	`157`	`* NimBLE public properties *`
`152`	`158`	`***************************************************************************/`
`153`	`159`
	`160`	`+`
	`161`	`+`
`154`	`162`	`#if defined(CONFIG_NIMBLE_ENABLED)`
`155`	`163`	`static const uint32_t PROPERTY_READ = BLE_GATT_CHR_F_READ;`
`156`	`164`	`static const uint32_t PROPERTY_READ_ENC = BLE_GATT_CHR_F_READ_ENC;`
`@@ -161,8 +169,8 @@ class BLECharacteristic {`
`161`	`169`	`static const uint32_t PROPERTY_WRITE_ENC = BLE_GATT_CHR_F_WRITE_ENC;`
`162`	`170`	`static const uint32_t PROPERTY_WRITE_AUTHEN = BLE_GATT_CHR_F_WRITE_AUTHEN;`
`163`	`171`	`static const uint32_t PROPERTY_WRITE_AUTHOR = BLE_GATT_CHR_F_WRITE_AUTHOR;`
`164`		`- static const uint32_t PROPERTY_BROADCAST = BLE_GATT_CHR_F_BROADCAST;`
`165`	`172`	`static const uint32_t PROPERTY_NOTIFY = BLE_GATT_CHR_F_NOTIFY;`
	`173`	`+ static const uint32_t PROPERTY_BROADCAST = BLE_GATT_CHR_F_BROADCAST;`
`166`	`174`	`static const uint32_t PROPERTY_INDICATE = BLE_GATT_CHR_F_INDICATE;`
`167`	`175`	`#endif`
`168`	`176`

`‎libraries/BLE/src/BLEClient.cpp`

Lines changed: 59 additions & 33 deletions

Original file line number	Diff line number	Diff line change
`@@ -19,6 +19,7 @@`
`19`	`19`	`* Common includes *`
`20`	`20`	`***************************************************************************/`
`21`	`21`
	`22`	`+#include "Arduino.h"`
`22`	`23`	`#include <esp_bt.h>`
`23`	`24`	`#include "BLEClient.h"`
`24`	`25`	`#include "BLEUtils.h"`
`@@ -29,6 +30,7 @@`
`29`	`30`	`#include <unordered_set>`
`30`	`31`	`#include "BLEDevice.h"`
`31`	`32`	`#include "esp32-hal-log.h"`
	`33`	`+#include "BLESecurity.h"`
`32`	`34`
`33`	`35`	`/***************************************************************************`
`34`	`36`	`* Bluedroid includes *`
`@@ -598,11 +600,11 @@ void BLEClient::gattClientEventHandler(esp_gattc_cb_event_t event, esp_gatt_if_t`
`598`	`600`	`if (errRc != ESP_OK) {`
`599`	`601`	`log_e("esp_ble_gattc_send_mtu_req: rc=%d %s", errRc, GeneralUtils::errorToString(errRc));`
`600`	`602`	`}`
`601`		`-#ifdef CONFIG_BLE_SMP_ENABLE // Check that BLE SMP (security) is configured in make menuconfig`
`602`		`- if (BLEDevice::m_securityLevel) {`
`603`		`- esp_ble_set_encryption(evtParam->connect.remote_bda, BLEDevice::m_securityLevel);`
	`603`	`+ // Set encryption on connect for BlueDroid when security is enabled`
	`604`	`+ // This ensures security is established before any secure operations`
	`605`	`+ if (BLESecurity::m_securityEnabled && BLESecurity::m_forceSecurity) {`
	`606`	`+ BLESecurity::startSecurity(evtParam->connect.remote_bda);`
`604`	`607`	`}`
`605`		`-#endif // CONFIG_BLE_SMP_ENABLE`
`606`	`608`	`break;`
`607`	`609`	`} // ESP_GATTC_CONNECT_EVT`
`608`	`610`
`@@ -1006,6 +1008,10 @@ int BLEClient::handleGAPEvent(struct ble_gap_event event, void arg) {`
`1006`	`1008`	`break;`
`1007`	`1009`	`}`
`1008`	`1010`
	`1011`	`+ if(BLESecurity::m_securityEnabled) {`
	`1012`	`+ BLESecurity::startSecurity(client->m_conn_id);`
	`1013`	`+ }`
	`1014`	`+`
`1009`	`1015`	`// In the case of a multiconnecting device we ignore this device when`
`1010`	`1016`	`// scanning since we are already connected to it`
`1011`	`1017`	`// BLEDevice::addIgnored(client->m_peerAddress);`
`@@ -1136,8 +1142,6 @@ int BLEClient::handleGAPEvent(struct ble_gap_event event, void arg) {`
`1136`	`1142`	`ble_store_util_delete_peer(&desc.peer_id_addr);`
`1137`	`1143`	`} else if (BLEDevice::m_securityCallbacks != nullptr) {`
`1138`	`1144`	`BLEDevice::m_securityCallbacks->onAuthenticationComplete(&desc);`
`1139`		`- } else {`
`1140`		`- client->m_pClientCallbacks->onAuthenticationComplete(&desc);`
`1141`	`1145`	`}`
`1142`	`1146`	`}`
`1143`	`1147`
`@@ -1164,52 +1168,88 @@ int BLEClient::handleGAPEvent(struct ble_gap_event event, void arg) {`
`1164`	`1168`	`}`
`1165`	`1169`
`1166`	`1170`	`if (event->passkey.params.action == BLE_SM_IOACT_DISP) {`
	`1171`	`+ // Display the passkey on this device`
	`1172`	`+ log_d("BLE_SM_IOACT_DISP");`
	`1173`	`+`
`1167`	`1174`	`pkey.action = event->passkey.params.action;`
`1168`		`- pkey.passkey = BLESecurity::m_passkey; // This is the passkey to be entered on peer`
	`1175`	`+ pkey.passkey = BLESecurity::getPassKey(); // This is the passkey to be entered on peer`
	`1176`	`+`
	`1177`	`+ if(!BLESecurity::m_passkeySet) {`
	`1178`	`+ log_w("No passkey set");`
	`1179`	`+ }`
	`1180`	`+`
	`1181`	`+ if (BLESecurity::m_staticPasskey && pkey.passkey == BLE_SM_DEFAULT_PASSKEY) {`
	`1182`	`+ log_w("ATTENTION Using default passkey: %06d", BLE_SM_DEFAULT_PASSKEY);`
	`1183`	`+ log_w("ATTENTION Please use a random passkey or set a different static passkey");`
	`1184`	`+ } else {`
	`1185`	`+ log_i("Passkey: %d", pkey.passkey);`
	`1186`	`+ }`
	`1187`	`+`
	`1188`	`+ if (BLEDevice::m_securityCallbacks != nullptr) {`
	`1189`	`+ BLEDevice::m_securityCallbacks->onPassKeyNotify(pkey.passkey);`
	`1190`	`+ }`
	`1191`	`+`
`1169`	`1192`	`rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);`
`1170`	`1193`	`log_d("ble_sm_inject_io result: %d", rc);`
`1171`	`1194`
`1172`	`1195`	`} else if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) {`
	`1196`	`+ // Check if the passkey on the peer device is correct`
	`1197`	`+ log_d("BLE_SM_IOACT_NUMCMP");`
	`1198`	`+`
`1173`	`1199`	`log_d("Passkey on device's display: %d", event->passkey.params.numcmp);`
`1174`	`1200`	`pkey.action = event->passkey.params.action;`
`1175`		`-// Compatibility only - Do not use, should be removed the in future`
	`1201`	`+`
`1176`	`1202`	`if (BLEDevice::m_securityCallbacks != nullptr) {`
`1177`	`1203`	`pkey.numcmp_accept = BLEDevice::m_securityCallbacks->onConfirmPIN(event->passkey.params.numcmp);`
`1178`		`- ////////////////////////////////////////////////////`
`1179`	`1204`	`} else {`
`1180`		`- pkey.numcmp_accept = client->m_pClientCallbacks->onConfirmPIN(event->passkey.params.numcmp);`
	`1205`	`+ log_e("onConfirmPIN not implemented. Rejecting connection");`
	`1206`	`+ pkey.numcmp_accept = 0;`
`1181`	`1207`	`}`
`1182`	`1208`
`1183`	`1209`	`rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);`
`1184`	`1210`	`log_d("ble_sm_inject_io result: %d", rc);`
`1185`	`1211`
`1186`		`- //TODO: Handle out of band pairing`
`1187`	`1212`	`} else if (event->passkey.params.action == BLE_SM_IOACT_OOB) {`
	`1213`	`+ // Out of band pairing`
	`1214`	`+ // TODO: Handle out of band pairing`
	`1215`	`+ log_w("BLE_SM_IOACT_OOB: Not implemented");`
	`1216`	`+`
`1188`	`1217`	`static uint8_t tem_oob[16] = {0};`
`1189`	`1218`	`pkey.action = event->passkey.params.action;`
`1190`	`1219`	`for (int i = 0; i < 16; i++) {`
`1191`	`1220`	`pkey.oob[i] = tem_oob[i];`
`1192`	`1221`	`}`
`1193`	`1222`	`rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);`
`1194`	`1223`	`log_d("ble_sm_inject_io result: %d", rc);`
`1195`		`- ////////`
`1196`	`1224`	`} else if (event->passkey.params.action == BLE_SM_IOACT_INPUT) {`
`1197`		`- log_d("Enter the passkey");`
	`1225`	`+ // Input passkey from peer device`
	`1226`	`+ log_d("BLE_SM_IOACT_INPUT");`
	`1227`	`+`
`1198`	`1228`	`pkey.action = event->passkey.params.action;`
	`1229`	`+ pkey.passkey = BLESecurity::getPassKey();`
	`1230`	`+`
	`1231`	`+ if (!BLESecurity::m_passkeySet) {`
	`1232`	`+ if (BLEDevice::m_securityCallbacks != nullptr) {`
	`1233`	`+ log_i("No passkey set, getting passkey from onPassKeyRequest");`
	`1234`	`+ pkey.passkey = BLEDevice::m_securityCallbacks->onPassKeyRequest();`
	`1235`	`+ } else {`
	`1236`	`+ log_w("ATTENTION onPassKeyRequest not implemented and no static passkey set.");`
	`1237`	`+ }`
	`1238`	`+ }`
`1199`	`1239`
`1200`		`- // Compatibility only - Do not use, should be removed the in future`
`1201`		`- if (BLEDevice::m_securityCallbacks != nullptr) {`
`1202`		`- pkey.passkey = BLEDevice::m_securityCallbacks->onPassKeyRequest();`
`1203`		`- /////////////////////////////////////////////`
	`1240`	`+ if (BLESecurity::m_staticPasskey && pkey.passkey == BLE_SM_DEFAULT_PASSKEY) {`
	`1241`	`+ log_w("ATTENTION Using default passkey: %06d", BLE_SM_DEFAULT_PASSKEY);`
	`1242`	`+ log_w("ATTENTION Please use a random passkey or set a different static passkey");`
`1204`	`1243`	`} else {`
`1205`		`- pkey.passkey = client->m_pClientCallbacks->onPassKeyRequest();`
	`1244`	`+ log_i("Passkey: %d", pkey.passkey);`
`1206`	`1245`	`}`
`1207`	`1246`
`1208`	`1247`	`rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);`
`1209`	`1248`	`log_d("ble_sm_inject_io result: %d", rc);`
`1210`	`1249`
`1211`	`1250`	`} else if (event->passkey.params.action == BLE_SM_IOACT_NONE) {`
`1212`		`- log_d("No passkey action required");`
	`1251`	`+ log_d("BLE_SM_IOACT_NONE");`
	`1252`	`+ log_i("No passkey action required");`
`1213`	`1253`	`}`
`1214`	`1254`
`1215`	`1255`	`return 0;`
`@@ -1255,20 +1295,6 @@ bool BLEClientCallbacks::onConnParamsUpdateRequest(BLEClient *pClient, const ble`
`1255`	`1295`	`return true;`
`1256`	`1296`	`}`
`1257`	`1297`
`1258`		`-uint32_t BLEClientCallbacks::onPassKeyRequest() {`
`1259`		`- log_d("onPassKeyRequest: default: 123456");`
`1260`		`- return 123456;`
`1261`		`-}`
`1262`		`-`
`1263`		`-void BLEClientCallbacks::onAuthenticationComplete(ble_gap_conn_desc *desc) {`
`1264`		`- log_d("onAuthenticationComplete: default");`
`1265`		`-}`
`1266`		`-`
`1267`		`-bool BLEClientCallbacks::onConfirmPIN(uint32_t pin) {`
`1268`		`- log_d("onConfirmPIN: default: true");`
`1269`		`- return true;`
`1270`		`-}`
`1271`		`-`
`1272`	`1298`	`#endif // CONFIG_NIMBLE_ENABLED`
`1273`	`1299`
`1274`	`1300`	`#endif /* CONFIG_BLUEDROID_ENABLED \|\| CONFIG_NIMBLE_ENABLED */`

`‎libraries/BLE/src/BLEClient.h`

Lines changed: 0 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -209,9 +209,6 @@ class BLEClientCallbacks {`
`209`	`209`
`210`	`210`	`#if defined(CONFIG_NIMBLE_ENABLED)`
`211`	`211`	`virtual bool onConnParamsUpdateRequest(BLEClient pClient, const ble_gap_upd_params params);`
`212`		`- virtual uint32_t onPassKeyRequest();`
`213`		`- virtual void onAuthenticationComplete(ble_gap_conn_desc *desc);`
`214`		`- virtual bool onConfirmPIN(uint32_t pin);`
`215`	`212`	`#endif`
`216`	`213`	`};`
`217`	`214`

`‎libraries/BLE/src/BLEDescriptor.h`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -42,6 +42,8 @@`
`42`	`42`	`#include <host/ble_att.h>`
`43`	`43`	`#include "BLEConnInfo.h"`
`44`	`44`
	`45`	`+// Bluedroid compatibility`
	`46`	`+// NimBLE does not support signed reads and writes`
`45`	`47`	`#define ESP_GATT_PERM_READ BLE_ATT_F_READ`
`46`	`48`	`#define ESP_GATT_PERM_WRITE BLE_ATT_F_WRITE`
`47`	`49`	`#define ESP_GATT_PERM_READ_ENCRYPTED BLE_ATT_F_READ_ENC`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 8af12a5

File tree

15 files changed

15 files changed

`‎libraries/BLE/src/BLECharacteristic.cpp`

`‎libraries/BLE/src/BLECharacteristic.h`

`‎libraries/BLE/src/BLEClient.cpp`

`‎libraries/BLE/src/BLEClient.h`

`‎libraries/BLE/src/BLEDescriptor.h`

0 commit comments