1 /******************************************************************************
2 *
3 * Copyright (C) 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains functions for the SMP L2Cap utility functions
22 *
23 ******************************************************************************/
24 #include "bt_target.h"
25
26 #if SMP_INCLUDED == TRUE
27
28 #include "bt_types.h"
29 #include <string.h>
30 #include <ctype.h>
31 #include "hcidefs.h"
32 #include "btm_ble_api.h"
33 #include "l2c_api.h"
34 #include "l2c_int.h"
35 #include "smp_int.h"
36
37
38 #define SMP_PAIRING_REQ_SIZE 7
39 #define SMP_CONFIRM_CMD_SIZE (BT_OCTET16_LEN + 1)
40 #define SMP_INIT_CMD_SIZE (BT_OCTET16_LEN + 1)
41 #define SMP_ENC_INFO_SIZE (BT_OCTET16_LEN + 1)
42 #define SMP_MASTER_ID_SIZE (BT_OCTET8_LEN + 2 + 1)
43 #define SMP_ID_INFO_SIZE (BT_OCTET16_LEN + 1)
44 #define SMP_ID_ADDR_SIZE (BD_ADDR_LEN + 1 + 1)
45 #define SMP_SIGN_INFO_SIZE (BT_OCTET16_LEN + 1)
46 #define SMP_PAIR_FAIL_SIZE 2
47
48
49 /* type for action functions */
50 typedef BT_HDR * (*tSMP_CMD_ACT)(UINT8 cmd_code, tSMP_CB *p_cb);
51
52 static BT_HDR * smp_build_pairing_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
53 static BT_HDR * smp_build_confirm_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
54 static BT_HDR * smp_build_rand_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
55 static BT_HDR * smp_build_pairing_fail(UINT8 cmd_code, tSMP_CB *p_cb);
56 static BT_HDR * smp_build_identity_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
57 static BT_HDR * smp_build_encrypt_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
58 static BT_HDR * smp_build_security_request(UINT8 cmd_code, tSMP_CB *p_cb);
59 static BT_HDR * smp_build_signing_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
60 static BT_HDR * smp_build_master_id_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
61 static BT_HDR * smp_build_id_addr_cmd(UINT8 cmd_code, tSMP_CB *p_cb);
62
63 const tSMP_CMD_ACT smp_cmd_build_act[] =
64 {
65 NULL,
66 smp_build_pairing_cmd, /* 0x01: pairing request */
67 smp_build_pairing_cmd, /* 0x02: pairing response */
68 smp_build_confirm_cmd, /* 0x03: pairing confirm */
69 smp_build_rand_cmd, /* 0x04: pairing initializer request */
70 smp_build_pairing_fail, /* 0x05: pairing failure */
71 smp_build_encrypt_info_cmd, /* 0x06: security information command */
72 smp_build_master_id_cmd, /* 0x07: master identity command */
73 smp_build_identity_info_cmd, /* 0x08: identity information command */
74 smp_build_id_addr_cmd, /* 0x09: signing information */
75 smp_build_signing_info_cmd, /* 0x0A: signing information */
76 smp_build_security_request /* 0x0B: security request */
77 };
78 /*******************************************************************************
79 **
80 ** Function smp_send_msg_to_L2CAP
81 **
82 ** Description Send message to L2CAP.
83 **
84 *******************************************************************************/
smp_send_msg_to_L2CAP(BD_ADDR rem_bda,BT_HDR * p_toL2CAP)85 BOOLEAN smp_send_msg_to_L2CAP(BD_ADDR rem_bda, BT_HDR *p_toL2CAP)
86 {
87 UINT16 l2cap_ret;
88
89 SMP_TRACE_EVENT0("smp_send_msg_to_L2CAP");
90
91 if ((l2cap_ret = L2CA_SendFixedChnlData (L2CAP_SMP_CID, rem_bda, p_toL2CAP)) == L2CAP_DW_FAILED)
92 {
93 SMP_TRACE_ERROR1("SMP failed to pass msg:0x%0x to L2CAP",
94 *((UINT8 *)(p_toL2CAP + 1) + p_toL2CAP->offset));
95 GKI_freebuf(p_toL2CAP);
96 return FALSE;
97 }
98 else
99 {
100 return TRUE;
101 }
102 }
103 /*******************************************************************************
104 **
105 ** Function smp_send_cmd
106 **
107 ** Description send a SMP command on L2CAP channel.
108 **
109 *******************************************************************************/
smp_send_cmd(UINT8 cmd_code,tSMP_CB * p_cb)110 BOOLEAN smp_send_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
111 {
112 BT_HDR *p_buf;
113 BOOLEAN sent = FALSE;
114 UINT8 failure = SMP_PAIR_INTERNAL_ERR;
115 SMP_TRACE_EVENT1("smp_send_cmd on l2cap cmd_code=0x%x", cmd_code);
116 if ( cmd_code < SMP_OPCODE_MAX &&
117 smp_cmd_build_act[cmd_code] != NULL)
118 {
119 p_buf = (*smp_cmd_build_act[cmd_code])(cmd_code, p_cb);
120
121 if (p_buf != NULL &&
122 smp_send_msg_to_L2CAP(p_cb->pairing_bda, p_buf))
123 {
124 sent = TRUE;
125
126 btu_stop_timer (&p_cb->rsp_timer_ent);
127 btu_start_timer (&p_cb->rsp_timer_ent, BTU_TTYPE_SMP_PAIRING_CMD,
128 SMP_WAIT_FOR_RSP_TOUT);
129 }
130 }
131
132 if (!sent)
133 {
134 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
135 }
136 return sent;
137 }
138
139
140
141 /*******************************************************************************
142 **
143 ** Function smp_rsp_timeout
144 **
145 ** Description Called when SMP wait for SMP command response timer expires
146 **
147 ** Returns void
148 **
149 *******************************************************************************/
smp_rsp_timeout(TIMER_LIST_ENT * p_tle)150 void smp_rsp_timeout(TIMER_LIST_ENT *p_tle)
151 {
152 tSMP_CB *p_cb = &smp_cb;
153 UINT8 failure = SMP_RSP_TIMEOUT;
154
155 SMP_TRACE_EVENT1("smp_rsp_timeout state:%d", p_cb->state);
156
157 if (smp_get_state() == SMP_ST_RELEASE_DELAY)
158 {
159 smp_sm_event(p_cb, SMP_RELEASE_DELAY_TOUT_EVT, NULL);
160 }
161 else
162 {
163 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
164 }
165 }
166
167 /*******************************************************************************
168 **
169 ** Function smp_build_pairing_req_cmd
170 **
171 ** Description Build pairing request command.
172 **
173 *******************************************************************************/
smp_build_pairing_cmd(UINT8 cmd_code,tSMP_CB * p_cb)174 BT_HDR * smp_build_pairing_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
175 {
176 BT_HDR *p_buf = NULL ;
177 UINT8 *p;
178 SMP_TRACE_EVENT0("smp_build_pairing_cmd");
179 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_PAIRING_REQ_SIZE + L2CAP_MIN_OFFSET)) != NULL)
180 {
181 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
182
183 UINT8_TO_STREAM (p, cmd_code);
184 UINT8_TO_STREAM (p, p_cb->loc_io_caps);
185 UINT8_TO_STREAM (p, p_cb->loc_oob_flag);
186 UINT8_TO_STREAM (p, p_cb->loc_auth_req);
187 UINT8_TO_STREAM (p, p_cb->loc_enc_size);
188 UINT8_TO_STREAM (p, p_cb->loc_i_key);
189 UINT8_TO_STREAM (p, p_cb->loc_r_key);
190
191 p_buf->offset = L2CAP_MIN_OFFSET;
192 /* 1B ERR_RSP op code + 1B cmd_op_code + 2B handle + 1B status */
193 p_buf->len = SMP_PAIRING_REQ_SIZE;
194 }
195
196 return p_buf;
197 }
198
199 /*******************************************************************************
200 **
201 ** Function smp_build_confirm_cmd
202 **
203 ** Description Build confirm request command.
204 **
205 *******************************************************************************/
smp_build_confirm_cmd(UINT8 cmd_code,tSMP_CB * p_cb)206 static BT_HDR * smp_build_confirm_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
207 {
208 BT_HDR *p_buf = NULL ;
209 UINT8 *p;
210 SMP_TRACE_EVENT0("smp_build_confirm_cmd");
211 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_CONFIRM_CMD_SIZE + L2CAP_MIN_OFFSET)) != NULL)
212 {
213 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
214
215 UINT8_TO_STREAM (p, SMP_OPCODE_CONFIRM);
216 ARRAY_TO_STREAM (p, p_cb->confirm, BT_OCTET16_LEN);
217
218 p_buf->offset = L2CAP_MIN_OFFSET;
219 p_buf->len = SMP_CONFIRM_CMD_SIZE;
220 }
221
222 return p_buf;
223 }
224 /*******************************************************************************
225 **
226 ** Function smp_build_rand_cmd
227 **
228 ** Description Build Initializer command.
229 **
230 *******************************************************************************/
smp_build_rand_cmd(UINT8 cmd_code,tSMP_CB * p_cb)231 static BT_HDR * smp_build_rand_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
232 {
233 BT_HDR *p_buf = NULL ;
234 UINT8 *p;
235 SMP_TRACE_EVENT0("smp_build_rand_cmd");
236 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_INIT_CMD_SIZE + L2CAP_MIN_OFFSET)) != NULL)
237 {
238 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
239
240 UINT8_TO_STREAM (p, SMP_OPCODE_INIT);
241 ARRAY_TO_STREAM (p, p_cb->rand, BT_OCTET16_LEN);
242
243 p_buf->offset = L2CAP_MIN_OFFSET;
244 p_buf->len = SMP_INIT_CMD_SIZE;
245 }
246
247 return p_buf;
248 }
249 /*******************************************************************************
250 **
251 ** Function smp_build_encrypt_info_cmd
252 **
253 ** Description Build security information command.
254 **
255 *******************************************************************************/
smp_build_encrypt_info_cmd(UINT8 cmd_code,tSMP_CB * p_cb)256 static BT_HDR * smp_build_encrypt_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
257 {
258 BT_HDR *p_buf = NULL ;
259 UINT8 *p;
260 SMP_TRACE_EVENT0("smp_build_encrypt_info_cmd");
261 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_ENC_INFO_SIZE + L2CAP_MIN_OFFSET)) != NULL)
262 {
263 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
264
265 UINT8_TO_STREAM (p, SMP_OPCODE_ENCRYPT_INFO);
266 ARRAY_TO_STREAM (p, p_cb->ltk, BT_OCTET16_LEN);
267
268 p_buf->offset = L2CAP_MIN_OFFSET;
269 p_buf->len = SMP_ENC_INFO_SIZE;
270 }
271
272 return p_buf;
273 }
274 /*******************************************************************************
275 **
276 ** Function smp_build_master_id_cmd
277 **
278 ** Description Build security information command.
279 **
280 *******************************************************************************/
smp_build_master_id_cmd(UINT8 cmd_code,tSMP_CB * p_cb)281 static BT_HDR * smp_build_master_id_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
282 {
283 BT_HDR *p_buf = NULL ;
284 UINT8 *p;
285 SMP_TRACE_EVENT0("smp_build_master_id_cmd ");
286 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_MASTER_ID_SIZE + L2CAP_MIN_OFFSET)) != NULL)
287 {
288 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
289
290 UINT8_TO_STREAM (p, SMP_OPCODE_MASTER_ID);
291 UINT16_TO_STREAM (p, p_cb->ediv);
292 ARRAY_TO_STREAM (p, p_cb->enc_rand, BT_OCTET8_LEN);
293
294 p_buf->offset = L2CAP_MIN_OFFSET;
295 p_buf->len = SMP_MASTER_ID_SIZE;
296 }
297
298 return p_buf;
299 }
300 /*******************************************************************************
301 **
302 ** Function smp_build_identity_info_cmd
303 **
304 ** Description Build identity information command.
305 **
306 *******************************************************************************/
smp_build_identity_info_cmd(UINT8 cmd_code,tSMP_CB * p_cb)307 static BT_HDR * smp_build_identity_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
308 {
309 BT_HDR *p_buf = NULL ;
310 UINT8 *p;
311 BT_OCTET16 irk;
312 SMP_TRACE_EVENT0("smp_build_identity_info_cmd");
313 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_ID_INFO_SIZE + L2CAP_MIN_OFFSET)) != NULL)
314 {
315 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
316
317 BTM_GetDeviceIDRoot(irk);
318
319 UINT8_TO_STREAM (p, SMP_OPCODE_IDENTITY_INFO);
320 ARRAY_TO_STREAM (p, irk, BT_OCTET16_LEN);
321
322 p_buf->offset = L2CAP_MIN_OFFSET;
323 p_buf->len = SMP_ID_INFO_SIZE;
324 }
325
326 return p_buf;
327 }
328 /*******************************************************************************
329 **
330 ** Function smp_build_id_addr_cmd
331 **
332 ** Description Build identity address information command.
333 **
334 *******************************************************************************/
smp_build_id_addr_cmd(UINT8 cmd_code,tSMP_CB * p_cb)335 static BT_HDR * smp_build_id_addr_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
336 {
337 BT_HDR *p_buf = NULL ;
338 UINT8 *p;
339 BT_OCTET16 irk;
340 SMP_TRACE_EVENT0("smp_build_id_addr_cmd");
341 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_ID_ADDR_SIZE + L2CAP_MIN_OFFSET)) != NULL)
342 {
343 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
344
345 BTM_GetDeviceIDRoot(irk);
346
347 UINT8_TO_STREAM (p, SMP_OPCODE_ID_ADDR);
348 UINT8_TO_STREAM (p, 0); /* TODO: update with local address type */
349 BTM_ReadConnectionAddr(p_cb->local_bda);
350 BDADDR_TO_STREAM (p, p_cb->local_bda);
351
352 p_buf->offset = L2CAP_MIN_OFFSET;
353 p_buf->len = SMP_ID_ADDR_SIZE;
354 }
355
356 return p_buf;
357 }
358
359 /*******************************************************************************
360 **
361 ** Function smp_build_signing_info_cmd
362 **
363 ** Description Build signing information command.
364 **
365 *******************************************************************************/
smp_build_signing_info_cmd(UINT8 cmd_code,tSMP_CB * p_cb)366 static BT_HDR * smp_build_signing_info_cmd(UINT8 cmd_code, tSMP_CB *p_cb)
367 {
368 BT_HDR *p_buf = NULL ;
369 UINT8 *p;
370 //BT_OCTET16 srk; remove
371 SMP_TRACE_EVENT0("smp_build_signing_info_cmd");
372 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_SIGN_INFO_SIZE + L2CAP_MIN_OFFSET)) != NULL)
373 {
374 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
375
376 UINT8_TO_STREAM (p, SMP_OPCODE_SIGN_INFO);
377 ARRAY_TO_STREAM (p, p_cb->csrk, BT_OCTET16_LEN);
378
379 p_buf->offset = L2CAP_MIN_OFFSET;
380 p_buf->len = SMP_SIGN_INFO_SIZE;
381 }
382
383 return p_buf;
384 }
385 /*******************************************************************************
386 **
387 ** Function smp_build_pairing_fail
388 **
389 ** Description Build Pairing Fail command.
390 **
391 *******************************************************************************/
smp_build_pairing_fail(UINT8 cmd_code,tSMP_CB * p_cb)392 static BT_HDR * smp_build_pairing_fail(UINT8 cmd_code, tSMP_CB *p_cb)
393 {
394 BT_HDR *p_buf = NULL ;
395 UINT8 *p;
396 SMP_TRACE_EVENT0("smp_build_pairing_fail");
397 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + SMP_PAIR_FAIL_SIZE + L2CAP_MIN_OFFSET)) != NULL)
398 {
399 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
400
401 UINT8_TO_STREAM (p, SMP_OPCODE_PAIRING_FAILED);
402 UINT8_TO_STREAM (p, p_cb->failure);
403
404 p_buf->offset = L2CAP_MIN_OFFSET;
405 p_buf->len = SMP_PAIR_FAIL_SIZE;
406 }
407
408 return p_buf;
409 }
410 /*******************************************************************************
411 **
412 ** Function smp_build_security_request
413 **
414 ** Description Build security request command.
415 **
416 *******************************************************************************/
smp_build_security_request(UINT8 cmd_code,tSMP_CB * p_cb)417 static BT_HDR * smp_build_security_request(UINT8 cmd_code, tSMP_CB *p_cb)
418 {
419 BT_HDR *p_buf = NULL ;
420 UINT8 *p;
421 SMP_TRACE_EVENT0("smp_build_security_request");
422
423 if ((p_buf = (BT_HDR *)GKI_getbuf(sizeof(BT_HDR) + 2 + L2CAP_MIN_OFFSET)) != NULL)
424 {
425 p = (UINT8 *)(p_buf + 1) + L2CAP_MIN_OFFSET;
426
427 UINT8_TO_STREAM (p, SMP_OPCODE_SEC_REQ);
428 UINT8_TO_STREAM (p, p_cb->loc_auth_req);
429
430 p_buf->offset = L2CAP_MIN_OFFSET;
431 p_buf->len = 2;
432
433 SMP_TRACE_EVENT2("opcode=%d auth_req=0x%x",SMP_OPCODE_SEC_REQ, p_cb->loc_auth_req );
434 }
435
436 return p_buf;
437
438 }
439
440 /*******************************************************************************
441 **
442 ** Function smp_convert_string_to_tk
443 **
444 ** Description This function is called to convert a 6 to 16 digits numeric
445 ** character string into SMP TK.
446 **
447 **
448 ** Returns void
449 **
450 *******************************************************************************/
smp_convert_string_to_tk(BT_OCTET16 tk,UINT32 passkey)451 void smp_convert_string_to_tk(BT_OCTET16 tk, UINT32 passkey)
452 {
453 UINT8 *p = tk;
454 tSMP_KEY key;
455 SMP_TRACE_EVENT0("smp_convert_string_to_tk");
456 UINT32_TO_STREAM(p, passkey);
457
458 key.key_type = SMP_KEY_TYPE_TK;
459 key.p_data = tk;
460
461 smp_sm_event(&smp_cb, SMP_KEY_READY_EVT, &key);
462 }
463
464 /*******************************************************************************
465 **
466 ** Function smp_mask_enc_key
467 **
468 ** Description This function is called to mask off the encryption key based
469 ** on the maximum encryption key size.
470 **
471 **
472 ** Returns void
473 **
474 *******************************************************************************/
smp_mask_enc_key(UINT8 loc_enc_size,UINT8 * p_data)475 void smp_mask_enc_key(UINT8 loc_enc_size, UINT8 * p_data)
476 {
477 SMP_TRACE_EVENT0("smp_mask_enc_key");
478 if (loc_enc_size < BT_OCTET16_LEN)
479 {
480 for (; loc_enc_size < BT_OCTET16_LEN; loc_enc_size ++)
481 * (p_data + loc_enc_size) = 0;
482 }
483 return;
484 }
485 /*******************************************************************************
486 **
487 ** Function smp_xor_128
488 **
489 ** Description utility function to do an biteise exclusive-OR of two bit
490 ** strings of the length of BT_OCTET16_LEN.
491 **
492 ** Returns void
493 **
494 *******************************************************************************/
smp_xor_128(BT_OCTET16 a,BT_OCTET16 b)495 void smp_xor_128(BT_OCTET16 a, BT_OCTET16 b)
496 {
497 UINT8 i, *aa = a, *bb = b;
498
499 SMP_TRACE_EVENT0("smp_xor_128");
500 for (i = 0; i < BT_OCTET16_LEN; i++)
501 {
502 aa[i] = aa[i] ^ bb[i];
503 }
504 }
505
506
507 /*******************************************************************************
508 **
509 ** Function smp_cb_cleanup
510 **
511 ** Description Clean up SMP control block
512 **
513 ** Returns void
514 **
515 *******************************************************************************/
smp_cb_cleanup(tSMP_CB * p_cb)516 void smp_cb_cleanup(tSMP_CB *p_cb)
517 {
518 tSMP_CALLBACK *p_callback = p_cb->p_callback;
519 UINT8 trace_level = p_cb->trace_level;
520
521 SMP_TRACE_EVENT0("smp_cb_cleanup");
522 memset(p_cb, 0, sizeof(tSMP_CB));
523 p_cb->p_callback = p_callback;
524 p_cb->trace_level = trace_level;
525 }
526 /*******************************************************************************
527 **
528 ** Function smp_reset_control_value
529 **
530 ** Description This function is called to reset the control block value when
531 ** pairing procedure finished.
532 **
533 **
534 ** Returns void
535 **
536 *******************************************************************************/
smp_reset_control_value(tSMP_CB * p_cb)537 void smp_reset_control_value(tSMP_CB *p_cb)
538 {
539 SMP_TRACE_EVENT0("smp_reset_control_value");
540 btu_stop_timer (&p_cb->rsp_timer_ent);
541 #if SMP_CONFORMANCE_TESTING == TRUE
542
543 SMP_TRACE_EVENT1("smp_cb.remove_fixed_channel_disable=%d", smp_cb.remove_fixed_channel_disable);
544 if (!smp_cb.remove_fixed_channel_disable)
545 {
546 L2CA_RemoveFixedChnl (L2CAP_SMP_CID, p_cb->pairing_bda);
547 }
548 else
549 {
550 SMP_TRACE_EVENT0("disable the removal of the fixed channel");
551 }
552
553
554 #else
555 /* We can tell L2CAP to remove the fixed channel (if it has one) */
556 L2CA_RemoveFixedChnl (L2CAP_SMP_CID, p_cb->pairing_bda);
557
558 #endif
559 smp_cb_cleanup(p_cb);
560
561 }
562 /*******************************************************************************
563 **
564 ** Function smp_proc_pairing_cmpl
565 **
566 ** Description This function is called to process pairing complete
567 **
568 **
569 ** Returns void
570 **
571 *******************************************************************************/
smp_proc_pairing_cmpl(tSMP_CB * p_cb)572 void smp_proc_pairing_cmpl(tSMP_CB *p_cb)
573 {
574 tSMP_EVT_DATA evt_data = {0};
575
576 SMP_TRACE_DEBUG0 ("smp_proc_pairing_cmpl ");
577
578 evt_data.cmplt.reason = p_cb->status;
579
580 if (p_cb->status == SMP_SUCCESS)
581 evt_data.cmplt.sec_level = p_cb->sec_level;
582
583 evt_data.cmplt.is_pair_cancel = FALSE;
584
585 if (p_cb->is_pair_cancel)
586 evt_data.cmplt.is_pair_cancel = TRUE;
587
588
589 SMP_TRACE_DEBUG2 ("send SMP_COMPLT_EVT reason=0x%0x sec_level=0x%0x",
590 evt_data.cmplt.reason,
591 evt_data.cmplt.sec_level );
592 if (p_cb->p_callback)
593 (*p_cb->p_callback) (SMP_COMPLT_EVT, p_cb->pairing_bda, &evt_data);
594
595 #if 0 /* TESTING CODE : as a master, reencrypt using LTK */
596 if (evt_data.cmplt.reason == 0 && p_cb->role == HCI_ROLE_MASTER)
597 {
598 btm_ble_start_encrypt(p_cb->pairing_bda, FALSE, NULL);
599 }
600 #endif
601
602 smp_reset_control_value(p_cb);
603 }
604
605 #if SMP_CONFORMANCE_TESTING == TRUE
606 /*******************************************************************************
607 **
608 ** Function smp_set_test_confirm_value
609 **
610 ** Description This function is called to set the test confirm value
611 **
612 ** Returns void
613 **
614 *******************************************************************************/
smp_set_test_confirm_value(BOOLEAN enable,UINT8 * p_c_val)615 void smp_set_test_confirm_value(BOOLEAN enable, UINT8 *p_c_val)
616 {
617 SMP_TRACE_DEBUG1("smp_set_test_confirm_value enable=%d", enable);
618 smp_cb.enable_test_confirm_val = enable;
619 memcpy(smp_cb.test_confirm, p_c_val, BT_OCTET16_LEN);
620 }
621
622
623 /*******************************************************************************
624 **
625 ** Function smp_set_test_confirm_value
626 **
627 ** Description This function is called to set the test rand value
628 **
629 ** Returns void
630 **
631 *******************************************************************************/
smp_set_test_rand_value(BOOLEAN enable,UINT8 * p_c_val)632 void smp_set_test_rand_value(BOOLEAN enable, UINT8 *p_c_val)
633 {
634 SMP_TRACE_DEBUG1("smp_set_test_rand_value enable=%d", enable);
635 smp_cb.enable_test_rand_val = enable;
636 memcpy(smp_cb.test_rand, p_c_val, BT_OCTET16_LEN);
637 }
638
639
640 /*******************************************************************************
641 **
642 ** Function smp_set_test_pair_fail_status
643 **
644 ** Description This function is called to set the test fairing fair status
645 **
646 ** Returns void
647 **
648 *******************************************************************************/
smp_set_test_pair_fail_status(BOOLEAN enable,UINT8 status)649 void smp_set_test_pair_fail_status (BOOLEAN enable, UINT8 status)
650 {
651 SMP_TRACE_DEBUG1("smp_set_test_confirm_value enable=%d", enable);
652 smp_cb.enable_test_pair_fail = enable;
653 smp_cb.pair_fail_status = status;
654 }
655
656 /*******************************************************************************
657 **
658 ** Function smp_set_test_pair_fail_status
659 **
660 ** Description This function is called to disable the removal of fixed channel
661 ** in smp_reset_control_value
662 ** Returns void
663 **
664 *******************************************************************************/
smp_remove_fixed_channel_disable(BOOLEAN disable)665 void smp_remove_fixed_channel_disable (BOOLEAN disable)
666 {
667 SMP_TRACE_DEBUG1("smp_remove_fixed_channel_disable disable =%d", disable);
668 smp_cb.remove_fixed_channel_disable = disable;
669 }
670
671 #endif
672
673
674 #endif
675
676