From 0b6337538c5b9a1a8f052f34fd1c3fa1c3eb4ba0 Mon Sep 17 00:00:00 2001 From: h2zero <32826625+h2zero@users.noreply.github.com> Date: Sun, 21 Aug 2022 21:33:39 -0600 Subject: [PATCH] Remove NimBLESecurity class. (#75) --- CHANGELOG.md | 8 +++ CMakeLists.txt | 1 - src/NimBLEClient.cpp | 19 +---- src/NimBLEDevice.cpp | 16 ----- src/NimBLEDevice.h | 3 - src/NimBLESecurity.cpp | 158 ----------------------------------------- src/NimBLESecurity.h | 131 ---------------------------------- src/NimBLEServer.cpp | 25 +------ src/NimBLEServer.h | 1 - 9 files changed, 13 insertions(+), 349 deletions(-) delete mode 100644 src/NimBLESecurity.cpp delete mode 100644 src/NimBLESecurity.h diff --git a/CHANGELOG.md b/CHANGELOG.md index d6b5d80..f8b6e42 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,14 @@ # Changelog All notable changes to this project will be documented in this file. +## [Unreleased] + +### Changed +- NimBLESecurity class removed. + +### Added +- `NimBLEDevice::setDeviceName` to change the device name after initialization. +- `NimBLEHIDDevice::batteryLevel` returns the HID device battery level characteristic. ## [1.4.0] - 2022-07-31 diff --git a/CMakeLists.txt b/CMakeLists.txt index eb6349f..ae10819 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -45,7 +45,6 @@ idf_component_register( "src/NimBLERemoteDescriptor.cpp" "src/NimBLERemoteService.cpp" "src/NimBLEScan.cpp" - "src/NimBLESecurity.cpp" "src/NimBLEServer.cpp" "src/NimBLEService.cpp" "src/NimBLEUtils.cpp" diff --git a/src/NimBLEClient.cpp b/src/NimBLEClient.cpp index d923e6a..bc255dc 100644 --- a/src/NimBLEClient.cpp +++ b/src/NimBLEClient.cpp @@ -1113,8 +1113,6 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) { if (event->enc_change.status == (BLE_HS_ERR_HCI_BASE + BLE_ERR_PINKEY_MISSING)) { // Key is missing, try deleting. ble_store_util_delete_peer(&desc.peer_id_addr); - } else if(NimBLEDevice::m_securityCallbacks != nullptr) { - NimBLEDevice::m_securityCallbacks->onAuthenticationComplete(&desc); } else { client->m_pClientCallbacks->onAuthenticationComplete(&desc); } @@ -1150,13 +1148,7 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) { } else if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) { NIMBLE_LOGD(LOG_TAG, "Passkey on device's display: %" PRIu32, event->passkey.params.numcmp); pkey.action = event->passkey.params.action; - // Compatibility only - Do not use, should be removed the in future - if(NimBLEDevice::m_securityCallbacks != nullptr) { - pkey.numcmp_accept = NimBLEDevice::m_securityCallbacks->onConfirmPIN(event->passkey.params.numcmp); - //////////////////////////////////////////////////// - } else { - pkey.numcmp_accept = client->m_pClientCallbacks->onConfirmPIN(event->passkey.params.numcmp); - } + pkey.numcmp_accept = client->m_pClientCallbacks->onConfirmPIN(event->passkey.params.numcmp); rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey); NIMBLE_LOGD(LOG_TAG, "ble_sm_inject_io result: %d", rc); @@ -1174,14 +1166,7 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) { } else if (event->passkey.params.action == BLE_SM_IOACT_INPUT) { NIMBLE_LOGD(LOG_TAG, "Enter the passkey"); pkey.action = event->passkey.params.action; - - // Compatibility only - Do not use, should be removed the in future - if(NimBLEDevice::m_securityCallbacks != nullptr) { - pkey.passkey = NimBLEDevice::m_securityCallbacks->onPassKeyRequest(); - ///////////////////////////////////////////// - } else { - pkey.passkey = client->m_pClientCallbacks->onPassKeyRequest(); - } + pkey.passkey = client->m_pClientCallbacks->onPassKeyRequest(); rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey); NIMBLE_LOGD(LOG_TAG, "ble_sm_inject_io result: %d", rc); diff --git a/src/NimBLEDevice.cpp b/src/NimBLEDevice.cpp index 7852812..1504864 100644 --- a/src/NimBLEDevice.cpp +++ b/src/NimBLEDevice.cpp @@ -83,7 +83,6 @@ std::list NimBLEDevice::m_cList; #endif std::list NimBLEDevice::m_ignoreList; std::vector NimBLEDevice::m_whiteList; -NimBLESecurityCallbacks* NimBLEDevice::m_securityCallbacks = nullptr; uint8_t NimBLEDevice::m_own_addr_type = BLE_OWN_ADDR_PUBLIC; #ifdef ESP_PLATFORM uint16_t NimBLEDevice::m_scanDuplicateSize = CONFIG_BTDM_SCAN_DUPL_CACHE_SIZE; @@ -963,10 +962,6 @@ void NimBLEDevice::deinit(bool clearAll) { #endif m_ignoreList.clear(); - - if(m_securityCallbacks != nullptr) { - delete m_securityCallbacks; - } } } } // deinit @@ -1088,17 +1083,6 @@ uint32_t NimBLEDevice::getSecurityPasskey() { } // getSecurityPasskey -/** - * @brief Set callbacks that will be used to handle encryption negotiation events and authentication events - * @param [in] callbacks Pointer to NimBLESecurityCallbacks class - * @deprecated For backward compatibility, New code should use client/server callback methods. - */ -/*STATIC*/ -void NimBLEDevice::setSecurityCallbacks(NimBLESecurityCallbacks* callbacks) { - NimBLEDevice::m_securityCallbacks = callbacks; -} // setSecurityCallbacks - - #ifdef ESP_PLATFORM /** * @brief Set the own address type. diff --git a/src/NimBLEDevice.h b/src/NimBLEDevice.h index 92c2187..1fa236d 100644 --- a/src/NimBLEDevice.h +++ b/src/NimBLEDevice.h @@ -39,7 +39,6 @@ #endif #include "NimBLEUtils.h" -#include "NimBLESecurity.h" #include "NimBLEAddress.h" #ifdef ESP_PLATFORM @@ -135,7 +134,6 @@ public: static void setSecurityRespKey(uint8_t init_key); static void setSecurityPasskey(uint32_t pin); static uint32_t getSecurityPasskey(); - static void setSecurityCallbacks(NimBLESecurityCallbacks* pCallbacks); static int startSecurity(uint16_t conn_id); static int setMTU(uint16_t mtu); static uint16_t getMTU(); @@ -223,7 +221,6 @@ private: static std::list m_cList; #endif static std::list m_ignoreList; - static NimBLESecurityCallbacks* m_securityCallbacks; static uint32_t m_passkey; static ble_gap_event_listener m_listener; static gap_event_handler m_customGapHandler; diff --git a/src/NimBLESecurity.cpp b/src/NimBLESecurity.cpp deleted file mode 100644 index 0a0b72b..0000000 --- a/src/NimBLESecurity.cpp +++ /dev/null @@ -1,158 +0,0 @@ -/* - * NimBLESecurity.cpp - * - * Created: on Feb 22 2020 - * Author H2zero - * - * Originally: - * - * BLESecurity.cpp - * - * Created on: Dec 17, 2017 - * Author: chegewara - */ - -#include "nimconfig.h" -#if defined(CONFIG_BT_ENABLED) - -#include "NimBLESecurity.h" -#include "NimBLEDevice.h" - -NimBLESecurity::NimBLESecurity() { -} - -NimBLESecurity::~NimBLESecurity() { -} - - -/** - * @brief Set requested authentication mode - * @param [in] auth_req A bitmask containing one or more of: - * * ESP_LE_AUTH_NO_BOND 0x00 - * * ESP_LE_AUTH_BOND 0x01 - * * ESP_LE_AUTH_REQ_MITM (1 << 2) - * * ESP_LE_AUTH_REQ_BOND_MITM (ESP_LE_AUTH_BOND | ESP_LE_AUTH_REQ_MITM) - * * ESP_LE_AUTH_REQ_SC_ONLY (1 << 3) - * * ESP_LE_AUTH_REQ_SC_BOND (ESP_LE_AUTH_BOND | ESP_LE_AUTH_REQ_SC_ONLY) - * * ESP_LE_AUTH_REQ_SC_MITM (ESP_LE_AUTH_REQ_MITM | ESP_LE_AUTH_REQ_SC_ONLY) - * * ESP_LE_AUTH_REQ_SC_MITM_BOND (ESP_LE_AUTH_REQ_MITM | ESP_LE_AUTH_REQ_SC_ONLY | ESP_LE_AUTH_BOND) - */ -void NimBLESecurity::setAuthenticationMode(esp_ble_auth_req_t auth_req) { - NimBLEDevice::setSecurityAuth((auth_req & BLE_SM_PAIR_AUTHREQ_BOND)>0, - (auth_req & BLE_SM_PAIR_AUTHREQ_MITM)>0, - (auth_req & BLE_SM_PAIR_AUTHREQ_SC)>0); -} - - -/** - * @brief Set our device IO capability to let end user perform authorization - * either by displaying or entering generated 6-digit pin code or use \"just works\". - * @param [in] iocap The IO capabilites our device has.\n - * Can be set to one of: - * * ESP_IO_CAP_OUT 0 - * * ESP_IO_CAP_IO 1 - * * ESP_IO_CAP_IN 2 - * * ESP_IO_CAP_NONE 3 - * * ESP_IO_CAP_KBDISP 4 - */ -void NimBLESecurity::setCapability(esp_ble_io_cap_t iocap) { - NimBLEDevice::setSecurityIOCap(iocap); -} // setCapability - - -/** - * @brief Sets the keys we will distribute during encryption. - * @param [in] init_key A bitmask of the keys we will distribute.\n - * Can be one or more of: - * * ESP_BLE_ENC_KEY_MASK (1 << 0) - * * ESP_BLE_ID_KEY_MASK (1 << 1) - * * ESP_BLE_CSR_KEY_MASK (1 << 2) - * * ESP_BLE_LINK_KEY_MASK (1 << 3) - */ -void NimBLESecurity::setInitEncryptionKey(uint8_t init_key) { - NimBLEDevice::setSecurityInitKey(init_key); -} // setInitEncryptionKey - - -/** - * @brief Sets the keys we will accept during encryption. - * @param [in] resp_key A bitmask of the keys we will accept.\n - * Can be one or more of: - * * ESP_BLE_ENC_KEY_MASK (1 << 0) - * * ESP_BLE_ID_KEY_MASK (1 << 1) - * * ESP_BLE_CSR_KEY_MASK (1 << 2) - * * ESP_BLE_LINK_KEY_MASK (1 << 3) - */ -void NimBLESecurity::setRespEncryptionKey(uint8_t resp_key) { - NimBLEDevice::setSecurityRespKey(resp_key); -} // setRespEncryptionKey - - -/** - *@todo Requires implementation - */ -void NimBLESecurity::setKeySize(uint8_t key_size) { - - //m_keySize = key_size; - //esp_ble_gap_set_security_param(ESP_BLE_SM_MAX_KEY_SIZE, &m_keySize, sizeof(uint8_t)); -} //setKeySize - - -/** - * @brief Sets a static PIN used to authenticate/encrypt the connection. - * @param [in] pin The 6 digit pin code to accept. - */ -void NimBLESecurity::setStaticPIN(uint32_t pin){ - //uint32_t passkey = pin; - //esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, &passkey, sizeof(uint32_t)); - NimBLEDevice::setSecurityPasskey(pin); - setCapability(ESP_IO_CAP_OUT); - setKeySize(); - setAuthenticationMode(ESP_LE_AUTH_REQ_SC_ONLY); - setInitEncryptionKey(ESP_BLE_ENC_KEY_MASK | ESP_BLE_ID_KEY_MASK); -} - - -/** - * @brief Debug function to display what keys are exchanged by peers - */ - /* -char* BLESecurity::esp_key_type_to_str(esp_ble_key_type_t key_type) { - char* key_str = nullptr; - switch (key_type) { - case ESP_LE_KEY_NONE: - key_str = (char*) "ESP_LE_KEY_NONE"; - break; - case ESP_LE_KEY_PENC: - key_str = (char*) "ESP_LE_KEY_PENC"; - break; - case ESP_LE_KEY_PID: - key_str = (char*) "ESP_LE_KEY_PID"; - break; - case ESP_LE_KEY_PCSRK: - key_str = (char*) "ESP_LE_KEY_PCSRK"; - break; - case ESP_LE_KEY_PLK: - key_str = (char*) "ESP_LE_KEY_PLK"; - break; - case ESP_LE_KEY_LLK: - key_str = (char*) "ESP_LE_KEY_LLK"; - break; - case ESP_LE_KEY_LENC: - key_str = (char*) "ESP_LE_KEY_LENC"; - break; - case ESP_LE_KEY_LID: - key_str = (char*) "ESP_LE_KEY_LID"; - break; - case ESP_LE_KEY_LCSRK: - key_str = (char*) "ESP_LE_KEY_LCSRK"; - break; - default: - key_str = (char*) "INVALID BLE KEY TYPE"; - break; - } - return key_str; - -} // esp_key_type_to_str -*/ -#endif // CONFIG_BT_ENABLED diff --git a/src/NimBLESecurity.h b/src/NimBLESecurity.h deleted file mode 100644 index 157577d..0000000 --- a/src/NimBLESecurity.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * NimBLESecurity.h - * - * Created: on Feb 22 2020 - * Author H2zero - * - * Originally: - * - * BLESecurity.h - * - * Created on: Dec 17, 2017 - * Author: chegewara - */ - -#ifndef COMPONENTS_NIMBLESECURITY_H_ -#define COMPONENTS_NIMBLESECURITY_H_ - -#include "nimconfig.h" -#if defined(CONFIG_BT_ENABLED) - -#if defined(CONFIG_NIMBLE_CPP_IDF) -#include "host/ble_gap.h" -#else -#include "nimble/nimble/host/include/host/ble_gap.h" -#endif - -/**** FIX COMPILATION ****/ -#undef min -#undef max -/**************************/ - -#include - -#define ESP_LE_AUTH_NO_BOND 0x00 /*!< 0*/ /* relate to BTM_LE_AUTH_NO_BOND in stack/btm_api.h */ -#define ESP_LE_AUTH_BOND 0x01 /*!< 1 << 0 */ /* relate to BTM_LE_AUTH_BOND in stack/btm_api.h */ -#define ESP_LE_AUTH_REQ_MITM (1 << 2) /*!< 1 << 2 */ /* relate to BTM_LE_AUTH_REQ_MITM in stack/btm_api.h */ -#define ESP_LE_AUTH_REQ_BOND_MITM (ESP_LE_AUTH_BOND | ESP_LE_AUTH_REQ_MITM)/*!< 0101*/ -#define ESP_LE_AUTH_REQ_SC_ONLY (1 << 3) /*!< 1 << 3 */ /* relate to BTM_LE_AUTH_REQ_SC_ONLY in stack/btm_api.h */ -#define ESP_LE_AUTH_REQ_SC_BOND (ESP_LE_AUTH_BOND | ESP_LE_AUTH_REQ_SC_ONLY) /*!< 1001 */ /* relate to BTM_LE_AUTH_REQ_SC_BOND in stack/btm_api.h */ -#define ESP_LE_AUTH_REQ_SC_MITM (ESP_LE_AUTH_REQ_MITM | ESP_LE_AUTH_REQ_SC_ONLY) /*!< 1100 */ /* relate to BTM_LE_AUTH_REQ_SC_MITM in stack/btm_api.h */ -#define ESP_LE_AUTH_REQ_SC_MITM_BOND (ESP_LE_AUTH_REQ_MITM | ESP_LE_AUTH_REQ_SC_ONLY | ESP_LE_AUTH_BOND) /*!< 1101 */ /* relate to BTM_LE_AUTH_REQ_SC_MITM_BOND in stack/btm_api.h */ - -#define ESP_IO_CAP_OUT 0 /*!< DisplayOnly */ /* relate to BTM_IO_CAP_OUT in stack/btm_api.h */ -#define ESP_IO_CAP_IO 1 /*!< DisplayYesNo */ /* relate to BTM_IO_CAP_IO in stack/btm_api.h */ -#define ESP_IO_CAP_IN 2 /*!< KeyboardOnly */ /* relate to BTM_IO_CAP_IN in stack/btm_api.h */ -#define ESP_IO_CAP_NONE 3 /*!< NoInputNoOutput */ /* relate to BTM_IO_CAP_NONE in stack/btm_api.h */ -#define ESP_IO_CAP_KBDISP 4 /*!< Keyboard display */ /* relate to BTM_IO_CAP_KBDISP in stack/btm_api.h */ - -/// Used to exchange the encryption key in the init key & response key -#define ESP_BLE_ENC_KEY_MASK (1 << 0) /* relate to BTM_BLE_ENC_KEY_MASK in stack/btm_api.h */ -/// Used to exchange the IRK key in the init key & response key -#define ESP_BLE_ID_KEY_MASK (1 << 1) /* relate to BTM_BLE_ID_KEY_MASK in stack/btm_api.h */ -/// Used to exchange the CSRK key in the init key & response key -#define ESP_BLE_CSR_KEY_MASK (1 << 2) /* relate to BTM_BLE_CSR_KEY_MASK in stack/btm_api.h */ -/// Used to exchange the link key(this key just used in the BLE & BR/EDR coexist mode) in the init key & response key -#define ESP_BLE_LINK_KEY_MASK (1 << 3) /* relate to BTM_BLE_LINK_KEY_MASK in stack/btm_api.h */ - -typedef uint8_t esp_ble_auth_req_t; /*!< combination of the above bit pattern */ -typedef uint8_t esp_ble_io_cap_t; /*!< combination of the io capability */ - - -/** - * @brief A class to handle BLE security operations. - * Deprecated - provided for backward compatibility only. - * @deprecated Use the security methods provided in NimBLEDevice instead. - */ -class NimBLESecurity { -public: - NimBLESecurity(); - virtual ~NimBLESecurity(); - void setAuthenticationMode(esp_ble_auth_req_t auth_req); - void setCapability(esp_ble_io_cap_t iocap); - void setInitEncryptionKey(uint8_t init_key); - void setRespEncryptionKey(uint8_t resp_key); - void setKeySize(uint8_t key_size = 16); - void setStaticPIN(uint32_t pin); - //static char* esp_key_type_to_str(esp_ble_key_type_t key_type); -/* -private: - esp_ble_auth_req_t m_authReq; - esp_ble_io_cap_t m_iocap; - uint8_t m_initKey; - uint8_t m_respKey; - uint8_t m_keySize; -*/ -}; // BLESecurity - - -/** - * @brief Callbacks to handle GAP events related to authorization. - * Deprecated - provided for backward compatibility only. - * @deprecated Use the callbacks provided in NimBLEClientCallbacks and NimBLEServerCallbacks instead. - */ -class NimBLESecurityCallbacks { -public: - virtual ~NimBLESecurityCallbacks() {}; - - /** - * @brief Its request from peer device to input authentication pin code displayed on peer device. - * It requires that our device is capable to input 6-digits code by end user - * @return Return 6-digits integer value from input device - */ - virtual uint32_t onPassKeyRequest() = 0; - - /** - * @brief Provide us 6-digits code to perform authentication. - * It requires that our device is capable to display this code to end user - * @param [in] pass_key The PIN provided by the peer. - */ - virtual void onPassKeyNotify(uint32_t pass_key) = 0; - - /** - * @brief Here we can make decision if we want to let negotiate authorization with peer device or not - * @return Return true if we accept this peer device request - */ - virtual bool onSecurityRequest() = 0 ; - /** - * @brief Provides us information when authentication process is completed - */ - virtual void onAuthenticationComplete(ble_gap_conn_desc*) = 0; - - /** - * @brief Called when using numeric comparison for authentication. - * @param [in] pin The PIN to compare. - * @return True to accept and pair. - */ - virtual bool onConfirmPIN(uint32_t pin) = 0; -}; // BLESecurityCallbacks - -#endif // CONFIG_BT_ENABLED -#endif // COMPONENTS_NIMBLESECURITY_H_ diff --git a/src/NimBLEServer.cpp b/src/NimBLEServer.cpp index 82fbc7a..dff613a 100644 --- a/src/NimBLEServer.cpp +++ b/src/NimBLEServer.cpp @@ -530,14 +530,8 @@ int NimBLEServer::handleGapEvent(struct ble_gap_event *event, void *arg) { if(rc != 0) { return BLE_ATT_ERR_INVALID_HANDLE; } - // Compatibility only - Do not use, should be removed the in future - if(NimBLEDevice::m_securityCallbacks != nullptr) { - NimBLEDevice::m_securityCallbacks->onAuthenticationComplete(&desc); - ///////////////////////////////////////////// - } else { - server->m_pServerCallbacks->onAuthenticationComplete(&desc); - } + server->m_pServerCallbacks->onAuthenticationComplete(&desc); return 0; } // BLE_GAP_EVENT_ENC_CHANGE @@ -559,13 +553,7 @@ int NimBLEServer::handleGapEvent(struct ble_gap_event *event, void *arg) { } else if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) { NIMBLE_LOGD(LOG_TAG, "Passkey on device's display: %" PRIu32, event->passkey.params.numcmp); pkey.action = event->passkey.params.action; - // Compatibility only - Do not use, should be removed the in future - if(NimBLEDevice::m_securityCallbacks != nullptr) { - pkey.numcmp_accept = NimBLEDevice::m_securityCallbacks->onConfirmPIN(event->passkey.params.numcmp); - ///////////////////////////////////////////// - } else { - pkey.numcmp_accept = server->m_pServerCallbacks->onConfirmPIN(event->passkey.params.numcmp); - } + pkey.numcmp_accept = server->m_pServerCallbacks->onConfirmPIN(event->passkey.params.numcmp); rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey); NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_NUMCMP; ble_sm_inject_io result: %d", rc); @@ -583,14 +571,7 @@ int NimBLEServer::handleGapEvent(struct ble_gap_event *event, void *arg) { } else if (event->passkey.params.action == BLE_SM_IOACT_INPUT) { NIMBLE_LOGD(LOG_TAG, "Enter the passkey"); pkey.action = event->passkey.params.action; - - // Compatibility only - Do not use, should be removed the in future - if(NimBLEDevice::m_securityCallbacks != nullptr) { - pkey.passkey = NimBLEDevice::m_securityCallbacks->onPassKeyRequest(); - ///////////////////////////////////////////// - } else { - pkey.passkey = server->m_pServerCallbacks->onPassKeyRequest(); - } + pkey.passkey = server->m_pServerCallbacks->onPassKeyRequest(); rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey); NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_INPUT; ble_sm_inject_io result: %d", rc); diff --git a/src/NimBLEServer.h b/src/NimBLEServer.h index 19fecfd..4cc2ed7 100644 --- a/src/NimBLEServer.h +++ b/src/NimBLEServer.h @@ -31,7 +31,6 @@ #include "NimBLEAdvertising.h" #endif #include "NimBLEService.h" -#include "NimBLESecurity.h" #include "NimBLEConnInfo.h"