diff --git a/services/ble/Gap.cpp b/services/ble/Gap.cpp index 9e9501f9d..9ecf60a4f 100644 --- a/services/ble/Gap.cpp +++ b/services/ble/Gap.cpp @@ -54,9 +54,14 @@ namespace services GapPairingObserver::Subject().AllowPairing(allow); } - void GapPairingDecorator::SetSecurityMode(SecurityMode mode, SecurityLevel level) + void GapPairingDecorator::SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) { - GapPairingObserver::Subject().SetSecurityMode(mode, level); + GapPairingObserver::Subject().SetManInTheMiddleMode(mitmMode); + } + + void GapPairingDecorator::SetSecureConnectionMode(SecureConnectionMode connectionMode) + { + GapPairingObserver::Subject().SetSecureConnectionMode(connectionMode); } void GapPairingDecorator::SetIoCapabilities(IoCapabilities caps) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index cd26fc40f..99764052f 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -128,11 +128,27 @@ namespace services level4, }; - virtual void Pair() = 0; + enum class SecureConnectionMode + { + disabled = 0, + supported = 1, + enforced = 2, + }; + + enum class ManInTheMiddleMode + { + disabled = 0, + supported = 1, + enforced = 2, + }; + + virtual void + Pair() = 0; virtual void AllowPairing(bool allow) = 0; - virtual void SetSecurityMode(SecurityMode mode, SecurityLevel level) = 0; + virtual void SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) = 0; + virtual void SetSecureConnectionMode(SecureConnectionMode connectionMode) = 0; virtual void SetIoCapabilities(IoCapabilities caps) = 0; virtual void AuthenticateWithPasskey(uint32_t passkey) = 0; @@ -154,7 +170,9 @@ namespace services // Implementation of GapPairing void Pair() override; void AllowPairing(bool allow) override; - void SetSecurityMode(SecurityMode mode, SecurityLevel level) override; + + void SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) override; + void SetSecureConnectionMode(SecureConnectionMode connectionMode) override; void SetIoCapabilities(IoCapabilities caps) override; void AuthenticateWithPasskey(uint32_t passkey) override; void NumericComparisonConfirm(bool accept) override; diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index e98f3dd1c..b993a7268 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -70,6 +70,28 @@ message AdvertisementType AdvertisementTypeEnum type = 1; } +message SecureConnectionMode { + enum SecureConnectionModeEnum + { + disabled = 0; + supported = 1; + enforced = 2; + } + + SecureConnectionModeEnum secureConnectionMode = 1; +} + +message ManInTheMiddleMode { + enum ManInTheMiddleModeEnum + { + disabled = 0; + supported = 1; + enforced = 2; + } + + ManInTheMiddleModeEnum mitmMode = 1; +} + message SecurityModeAndLevel { enum SecurityLevelEnum @@ -192,13 +214,15 @@ service GapPeripheral rpc SetAdvertisementData(AdvertisementData) returns (Nothing) { option (method_id) = 3; } rpc SetScanResponseData(AdvertisementData) returns (Nothing) { option (method_id) = 4; } rpc SetAllowPairing(BoolValue) returns (Nothing) { option (method_id) = 5; } - rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 6; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 7; } rpc RemoveAllBonds(Nothing) returns (Nothing) { option (method_id) = 8; } // Allowed states: advertising rpc GetResolvableAddress(Nothing) returns (Nothing) { option (method_id) = 9; } rpc GetIdentityAddress(Nothing) returns (Nothing) { option (method_id) = 10; } + + rpc SetSecureConnectionMode(SecureConnectionMode) returns (Nothing) { option (method_id) = 11; } + rpc SetManInTheMiddleMode(ManInTheMiddleMode) returns (Nothing) { option (method_id) = 12; } } service GapCentral @@ -225,7 +249,6 @@ service GapCentral // Allowed states: connected rpc Pair(Nothing) returns (Nothing) { option (method_id) = 6; } - rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 7; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 8; } rpc AuthenticateWithPasskey(UInt32Value) returns (Nothing) { option (method_id) = 9; } rpc NumericComparisonConfirm(BoolValue) returns (Nothing) { option (method_id) = 10; } @@ -233,6 +256,8 @@ service GapCentral rpc SetDeviceDiscoveryFilter(DeviceDiscoveryFilter) returns (Nothing) { option (method_id) = 12; } rpc ResolvePrivateAddress(Address) returns (Nothing) { option (method_id) = 13; } rpc IsDeviceBonded(PeerNodeParameters) returns (Nothing) { option (method_id) = 14; } + rpc SetManInTheMiddleMode(ManInTheMiddleMode) returns (Nothing) { option (method_id) = 15; } + rpc SetSecureConnectionMode(SecureConnectionMode) returns (Nothing) { option (method_id) = 16; } } service GapPeripheralResponse diff --git a/services/ble/test/TestGapPairing.cpp b/services/ble/test/TestGapPairing.cpp index 436b17390..7692ba2b2 100644 --- a/services/ble/test/TestGapPairing.cpp +++ b/services/ble/test/TestGapPairing.cpp @@ -40,8 +40,11 @@ namespace services EXPECT_CALL(gapPairing, AllowPairing(::testing::IsTrue())); decorator.AllowPairing(true); - EXPECT_CALL(gapPairing, SetSecurityMode(::testing::TypedEq(services::GapPairing::SecurityMode::mode1), ::testing::TypedEq(services::GapPairing::SecurityLevel::level1))); - decorator.SetSecurityMode(services::GapPairing::SecurityMode::mode1, services::GapPairing::SecurityLevel::level1); + EXPECT_CALL(gapPairing, SetManInTheMiddleMode(::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); + decorator.SetManInTheMiddleMode(services::GapPairing::ManInTheMiddleMode::disabled); + + EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabled))); + decorator.SetSecureConnectionMode(services::GapPairing::SecureConnectionMode::disabled); EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq(services::GapPairing::IoCapabilities::none))); decorator.SetIoCapabilities(services::GapPairing::IoCapabilities::none); diff --git a/services/ble/test_doubles/GapPairingMock.hpp b/services/ble/test_doubles/GapPairingMock.hpp index efd0f9a9b..5748feaef 100644 --- a/services/ble/test_doubles/GapPairingMock.hpp +++ b/services/ble/test_doubles/GapPairingMock.hpp @@ -12,7 +12,8 @@ namespace services public: MOCK_METHOD(void, Pair, ()); MOCK_METHOD(void, AllowPairing, (bool allow)); - MOCK_METHOD(void, SetSecurityMode, (SecurityMode mode, SecurityLevel level)); + MOCK_METHOD(void, SetManInTheMiddleMode, (ManInTheMiddleMode mitmMode)); + MOCK_METHOD(void, SetSecureConnectionMode, (SecureConnectionMode connectionMode)); MOCK_METHOD(void, SetIoCapabilities, (IoCapabilities caps)); MOCK_METHOD(void, AuthenticateWithPasskey, (uint32_t passkey)); MOCK_METHOD(void, NumericComparisonConfirm, (bool accept));