From a4171921da636fb0862b49abc25f1a411f12e55a Mon Sep 17 00:00:00 2001 From: Xavier Bernhardt Date: Mon, 2 Jun 2025 11:23:41 +0000 Subject: [PATCH 1/8] Work towards improving pairing security requirements --- services/ble/Gap.cpp | 4 ++-- services/ble/Gap.hpp | 20 +++++++++++++++--- services/ble/Gap.proto | 22 ++++++++++++++++++-- services/ble/test/TestGapPairing.cpp | 4 ++-- services/ble/test_doubles/GapPairingMock.hpp | 2 +- 5 files changed, 42 insertions(+), 10 deletions(-) diff --git a/services/ble/Gap.cpp b/services/ble/Gap.cpp index 67187eaa2..6df9df684 100644 --- a/services/ble/Gap.cpp +++ b/services/ble/Gap.cpp @@ -36,9 +36,9 @@ namespace services GapPairingObserver::Subject().AllowPairing(allow); } - void GapPairingDecorator::SetSecurityMode(SecurityMode mode, SecurityLevel level) + void GapPairingDecorator::SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) { - GapPairingObserver::Subject().SetSecurityMode(mode, level); + GapPairingObserver::Subject().SetSecurityRequirements(connectionMode, mitmMode); } void GapPairingDecorator::SetIoCapabilities(IoCapabilities caps) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index 7f876d643..fff571292 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -141,11 +141,25 @@ namespace services level4, }; - virtual void Pair() = 0; + enum class ConnectionMode + { + legacyOnly = 0, + secureIfSupported = 1, // Fallback to legacy if secure is not supported + secureOnly = 2, + }; + + enum class ManInTheMiddleMode + { + disabled = 0, + enabled = 1, // Require user to act as out of band authentication + }; + + virtual void + Pair() = 0; virtual void AllowPairing(bool allow) = 0; - virtual void SetSecurityMode(SecurityMode mode, SecurityLevel level) = 0; + virtual void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) = 0; virtual void SetIoCapabilities(IoCapabilities caps) = 0; virtual void AuthenticateWithPasskey(uint32_t passkey) = 0; @@ -167,7 +181,7 @@ namespace services // Implementation of GapPairing void Pair() override; void AllowPairing(bool allow) override; - void SetSecurityMode(SecurityMode mode, SecurityLevel level) override; + void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) override; void SetIoCapabilities(IoCapabilities caps) override; void AuthenticateWithPasskey(uint32_t passkey) override; void NumericComparisonConfirm(bool accept) override; diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index e98f3dd1c..3bfe0f8ec 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -70,6 +70,24 @@ message AdvertisementType AdvertisementTypeEnum type = 1; } +message SecurityRequirements { + enum SecureConnectionModeEnum + { + legacyOnly = 0; + secureIfSupported = 1; // Fallback to legacy if secure is not supported + secureOnly = 2; + } + + enum ManInTheMiddleModeEnum + { + disabled = 0; + enabled = 1; // Require user to act as out of band authentication + } + + SecureConnectionModeEnum connectionMode = 1; // TODO: check if these values are correct + ManInTheMiddleModeEnum mitmMode = 2; +} + message SecurityModeAndLevel { enum SecurityLevelEnum @@ -192,7 +210,7 @@ service GapPeripheral rpc SetAdvertisementData(AdvertisementData) returns (Nothing) { option (method_id) = 3; } rpc SetScanResponseData(AdvertisementData) returns (Nothing) { option (method_id) = 4; } rpc SetAllowPairing(BoolValue) returns (Nothing) { option (method_id) = 5; } - rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 6; } + rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 6; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 7; } rpc RemoveAllBonds(Nothing) returns (Nothing) { option (method_id) = 8; } @@ -225,7 +243,7 @@ service GapCentral // Allowed states: connected rpc Pair(Nothing) returns (Nothing) { option (method_id) = 6; } - rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 7; } + rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 7; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 8; } rpc AuthenticateWithPasskey(UInt32Value) returns (Nothing) { option (method_id) = 9; } rpc NumericComparisonConfirm(BoolValue) returns (Nothing) { option (method_id) = 10; } diff --git a/services/ble/test/TestGapPairing.cpp b/services/ble/test/TestGapPairing.cpp index 436b17390..99f3b13c1 100644 --- a/services/ble/test/TestGapPairing.cpp +++ b/services/ble/test/TestGapPairing.cpp @@ -40,8 +40,8 @@ namespace services EXPECT_CALL(gapPairing, AllowPairing(::testing::IsTrue())); decorator.AllowPairing(true); - EXPECT_CALL(gapPairing, SetSecurityMode(::testing::TypedEq(services::GapPairing::SecurityMode::mode1), ::testing::TypedEq(services::GapPairing::SecurityLevel::level1))); - decorator.SetSecurityMode(services::GapPairing::SecurityMode::mode1, services::GapPairing::SecurityLevel::level1); + EXPECT_CALL(gapPairing, SetSecurityRequirements(::testing::TypedEq(services::GapPairing::ConnectionMode::legacyOnly), ::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); + decorator.SetSecurityRequirements(services::GapPairing::ConnectionMode::legacyOnly, services::GapPairing::ManInTheMiddleMode::disabled); EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq(services::GapPairing::IoCapabilities::none))); decorator.SetIoCapabilities(services::GapPairing::IoCapabilities::none); diff --git a/services/ble/test_doubles/GapPairingMock.hpp b/services/ble/test_doubles/GapPairingMock.hpp index efd0f9a9b..81bf393b3 100644 --- a/services/ble/test_doubles/GapPairingMock.hpp +++ b/services/ble/test_doubles/GapPairingMock.hpp @@ -12,7 +12,7 @@ namespace services public: MOCK_METHOD(void, Pair, ()); MOCK_METHOD(void, AllowPairing, (bool allow)); - MOCK_METHOD(void, SetSecurityMode, (SecurityMode mode, SecurityLevel level)); + MOCK_METHOD(void, SetSecurityRequirements, (ConnectionMode connectionMode, ManInTheMiddleMode mitmMode)); MOCK_METHOD(void, SetIoCapabilities, (IoCapabilities caps)); MOCK_METHOD(void, AuthenticateWithPasskey, (uint32_t passkey)); MOCK_METHOD(void, NumericComparisonConfirm, (bool accept)); From 645ebe1de9285b5813d72154e07d7be4c94a8790 Mon Sep 17 00:00:00 2001 From: MiquelJayson-Philips Date: Fri, 6 Jun 2025 11:29:14 +0000 Subject: [PATCH 2/8] Better enum naming for ConnectionMode and ManInTheMiddleMode --- services/ble/Gap.hpp | 11 ++++++----- services/ble/Gap.proto | 11 ++++++----- 2 files changed, 12 insertions(+), 10 deletions(-) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index fff571292..b0fb00157 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -143,15 +143,16 @@ namespace services enum class ConnectionMode { - legacyOnly = 0, - secureIfSupported = 1, // Fallback to legacy if secure is not supported - secureOnly = 2, + legacy = 0, + secureIfSupported = 1, + secure = 2, }; enum class ManInTheMiddleMode { - disabled = 0, - enabled = 1, // Require user to act as out of band authentication + mandatory = 0, // Expects authenticated pairing mechanism/method + optional = 1, // Doesn't enfornce authenticated pairing + notRequired = 2, }; virtual void diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index 3bfe0f8ec..a8f7a6bf7 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -73,15 +73,16 @@ message AdvertisementType message SecurityRequirements { enum SecureConnectionModeEnum { - legacyOnly = 0; - secureIfSupported = 1; // Fallback to legacy if secure is not supported - secureOnly = 2; + legacy = 0; + secureIfSupported = 1; + secure = 2; } enum ManInTheMiddleModeEnum { - disabled = 0; - enabled = 1; // Require user to act as out of band authentication + mandatory = 0; + optional = 1; + notRequired = 2; } SecureConnectionModeEnum connectionMode = 1; // TODO: check if these values are correct From f470d631e50ba4deb1c667faff87614fae588d6d Mon Sep 17 00:00:00 2001 From: MiquelJayson-Philips Date: Fri, 6 Jun 2025 12:13:04 +0000 Subject: [PATCH 3/8] Renamed notRequired to Disabled --- services/ble/Gap.hpp | 2 +- services/ble/Gap.proto | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index b0fb00157..695007d62 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -152,7 +152,7 @@ namespace services { mandatory = 0, // Expects authenticated pairing mechanism/method optional = 1, // Doesn't enfornce authenticated pairing - notRequired = 2, + disabled = 2, }; virtual void diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index a8f7a6bf7..479ae1767 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -82,7 +82,7 @@ message SecurityRequirements { { mandatory = 0; optional = 1; - notRequired = 2; + disabled = 2; } SecureConnectionModeEnum connectionMode = 1; // TODO: check if these values are correct From f3e8678dbef6392d786f3483ccdb905b608d2920 Mon Sep 17 00:00:00 2001 From: MiquelJayson-Philips Date: Fri, 13 Jun 2025 13:47:15 +0000 Subject: [PATCH 4/8] Rename values in SecureConnectionMode enum --- services/ble/Gap.cpp | 2 +- services/ble/Gap.hpp | 18 +++++++++--------- services/ble/Gap.proto | 12 ++++++------ services/ble/test_doubles/GapPairingMock.hpp | 2 +- 4 files changed, 17 insertions(+), 17 deletions(-) diff --git a/services/ble/Gap.cpp b/services/ble/Gap.cpp index 6df9df684..73990c3bc 100644 --- a/services/ble/Gap.cpp +++ b/services/ble/Gap.cpp @@ -36,7 +36,7 @@ namespace services GapPairingObserver::Subject().AllowPairing(allow); } - void GapPairingDecorator::SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) + void GapPairingDecorator::SetSecurityRequirements(SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode) { GapPairingObserver::Subject().SetSecurityRequirements(connectionMode, mitmMode); } diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index 695007d62..3dfc2fe33 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -141,18 +141,18 @@ namespace services level4, }; - enum class ConnectionMode + enum class SecureConnectionMode { - legacy = 0, - secureIfSupported = 1, - secure = 2, + disabledSecurity = 0, + optionalSecurity = 1, + mandatorySecurity = 2, }; enum class ManInTheMiddleMode { - mandatory = 0, // Expects authenticated pairing mechanism/method - optional = 1, // Doesn't enfornce authenticated pairing - disabled = 2, + disabled = 0, + optional = 1, + mandatory = 2, }; virtual void @@ -160,7 +160,7 @@ namespace services virtual void AllowPairing(bool allow) = 0; - virtual void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) = 0; + virtual void SetSecurityRequirements(SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode) = 0; virtual void SetIoCapabilities(IoCapabilities caps) = 0; virtual void AuthenticateWithPasskey(uint32_t passkey) = 0; @@ -182,7 +182,7 @@ namespace services // Implementation of GapPairing void Pair() override; void AllowPairing(bool allow) override; - void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) override; + void SetSecurityRequirements(SecureConnectionMode securityMode, ManInTheMiddleMode mitmMode) override; void SetIoCapabilities(IoCapabilities caps) override; void AuthenticateWithPasskey(uint32_t passkey) override; void NumericComparisonConfirm(bool accept) override; diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index 479ae1767..6766015c1 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -73,19 +73,19 @@ message AdvertisementType message SecurityRequirements { enum SecureConnectionModeEnum { - legacy = 0; - secureIfSupported = 1; - secure = 2; + disabledSecurity = 0; + optionalSecurity = 1; + mandatorySecurity = 2; } enum ManInTheMiddleModeEnum { - mandatory = 0; + disabled = 0; optional = 1; - disabled = 2; + mandatory = 2; } - SecureConnectionModeEnum connectionMode = 1; // TODO: check if these values are correct + SecureConnectionModeEnum secureConnectionMode = 1; ManInTheMiddleModeEnum mitmMode = 2; } diff --git a/services/ble/test_doubles/GapPairingMock.hpp b/services/ble/test_doubles/GapPairingMock.hpp index 81bf393b3..efd7a3f22 100644 --- a/services/ble/test_doubles/GapPairingMock.hpp +++ b/services/ble/test_doubles/GapPairingMock.hpp @@ -12,7 +12,7 @@ namespace services public: MOCK_METHOD(void, Pair, ()); MOCK_METHOD(void, AllowPairing, (bool allow)); - MOCK_METHOD(void, SetSecurityRequirements, (ConnectionMode connectionMode, ManInTheMiddleMode mitmMode)); + MOCK_METHOD(void, SetSecurityRequirements, (SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode)); MOCK_METHOD(void, SetIoCapabilities, (IoCapabilities caps)); MOCK_METHOD(void, AuthenticateWithPasskey, (uint32_t passkey)); MOCK_METHOD(void, NumericComparisonConfirm, (bool accept)); From 3adc01976e7b9a739dd1b371a2cc5f2a8d3e434c Mon Sep 17 00:00:00 2001 From: Xavier Bernhardt Date: Mon, 16 Jun 2025 14:38:01 +0000 Subject: [PATCH 5/8] Refactoring SecureConnectionMode and MITMMODE into 2 functions --- services/ble/Gap.cpp | 9 +++++++-- services/ble/Gap.hpp | 7 +++++-- services/ble/Gap.proto | 16 +++++++++++----- services/ble/test/TestGapPairing.cpp | 7 +++++-- services/ble/test_doubles/GapPairingMock.hpp | 3 ++- 5 files changed, 30 insertions(+), 12 deletions(-) diff --git a/services/ble/Gap.cpp b/services/ble/Gap.cpp index 73990c3bc..3e5ed7279 100644 --- a/services/ble/Gap.cpp +++ b/services/ble/Gap.cpp @@ -36,9 +36,14 @@ namespace services GapPairingObserver::Subject().AllowPairing(allow); } - void GapPairingDecorator::SetSecurityRequirements(SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode) + void GapPairingDecorator::SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) { - GapPairingObserver::Subject().SetSecurityRequirements(connectionMode, mitmMode); + GapPairingObserver::Subject().SetManInTheMiddleMode(mitmMode); + } + + void GapPairingDecorator::SetSecureConnectionMode(SecureConnectionMode connectionMode) + { + GapPairingObserver::Subject().SetSecureConnectionMode(connectionMode); } void GapPairingDecorator::SetIoCapabilities(IoCapabilities caps) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index 3dfc2fe33..74f393ca0 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -160,7 +160,8 @@ namespace services virtual void AllowPairing(bool allow) = 0; - virtual void SetSecurityRequirements(SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode) = 0; + virtual void SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) = 0; + virtual void SetSecureConnectionMode(SecureConnectionMode connectionMode) = 0; virtual void SetIoCapabilities(IoCapabilities caps) = 0; virtual void AuthenticateWithPasskey(uint32_t passkey) = 0; @@ -182,7 +183,9 @@ namespace services // Implementation of GapPairing void Pair() override; void AllowPairing(bool allow) override; - void SetSecurityRequirements(SecureConnectionMode securityMode, ManInTheMiddleMode mitmMode) override; + + void SetManInTheMiddleMode(ManInTheMiddleMode mitmMode) override; + void SetSecureConnectionMode(SecureConnectionMode connectionMode) override; void SetIoCapabilities(IoCapabilities caps) override; void AuthenticateWithPasskey(uint32_t passkey) override; void NumericComparisonConfirm(bool accept) override; diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index 6766015c1..5ba6e9fea 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -70,7 +70,7 @@ message AdvertisementType AdvertisementTypeEnum type = 1; } -message SecurityRequirements { +message SecureConnectionMode { enum SecureConnectionModeEnum { disabledSecurity = 0; @@ -78,6 +78,10 @@ message SecurityRequirements { mandatorySecurity = 2; } + SecureConnectionModeEnum secureConnectionMode = 1; +} + +message ManInTheMiddleMode { enum ManInTheMiddleModeEnum { disabled = 0; @@ -85,8 +89,7 @@ message SecurityRequirements { mandatory = 2; } - SecureConnectionModeEnum secureConnectionMode = 1; - ManInTheMiddleModeEnum mitmMode = 2; + ManInTheMiddleModeEnum mitmMode = 1; } message SecurityModeAndLevel @@ -211,13 +214,15 @@ service GapPeripheral rpc SetAdvertisementData(AdvertisementData) returns (Nothing) { option (method_id) = 3; } rpc SetScanResponseData(AdvertisementData) returns (Nothing) { option (method_id) = 4; } rpc SetAllowPairing(BoolValue) returns (Nothing) { option (method_id) = 5; } - rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 6; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 7; } rpc RemoveAllBonds(Nothing) returns (Nothing) { option (method_id) = 8; } // Allowed states: advertising rpc GetResolvableAddress(Nothing) returns (Nothing) { option (method_id) = 9; } rpc GetIdentityAddress(Nothing) returns (Nothing) { option (method_id) = 10; } + + rpc SetSecureConnectionMode(SecureConnectionMode) returns (Nothing) { option (method_id) = 11; } + rpc SetManInTheMiddleMode(ManInTheMiddleMode) returns (Nothing) { option (method_id) = 12; } } service GapCentral @@ -244,7 +249,6 @@ service GapCentral // Allowed states: connected rpc Pair(Nothing) returns (Nothing) { option (method_id) = 6; } - rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 7; } rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 8; } rpc AuthenticateWithPasskey(UInt32Value) returns (Nothing) { option (method_id) = 9; } rpc NumericComparisonConfirm(BoolValue) returns (Nothing) { option (method_id) = 10; } @@ -252,6 +256,8 @@ service GapCentral rpc SetDeviceDiscoveryFilter(DeviceDiscoveryFilter) returns (Nothing) { option (method_id) = 12; } rpc ResolvePrivateAddress(Address) returns (Nothing) { option (method_id) = 13; } rpc IsDeviceBonded(PeerNodeParameters) returns (Nothing) { option (method_id) = 14; } + rpc SetManInTheMiddleMode(ManInTheMiddleMode) returns (Nothing) { option (method_id) = 15; } + rpc SetSecureConnectionMode(SecureConnectionMode) returns (Nothing) { option (method_id) = 16; } } service GapPeripheralResponse diff --git a/services/ble/test/TestGapPairing.cpp b/services/ble/test/TestGapPairing.cpp index 99f3b13c1..15a7ad4ee 100644 --- a/services/ble/test/TestGapPairing.cpp +++ b/services/ble/test/TestGapPairing.cpp @@ -40,8 +40,11 @@ namespace services EXPECT_CALL(gapPairing, AllowPairing(::testing::IsTrue())); decorator.AllowPairing(true); - EXPECT_CALL(gapPairing, SetSecurityRequirements(::testing::TypedEq(services::GapPairing::ConnectionMode::legacyOnly), ::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); - decorator.SetSecurityRequirements(services::GapPairing::ConnectionMode::legacyOnly, services::GapPairing::ManInTheMiddleMode::disabled); + EXPECT_CALL(gapPairing, SetManInTheMiddleMode(::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); + decorator.SetManInTheMiddleMode(services::GapPairing::ManInTheMiddleMode::disabled); + + EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabledSecurity)))); + decorator.SetSecureConnectionMode(services::GapPairing::SecureConnectionMode::disabledSecurity); EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq(services::GapPairing::IoCapabilities::none))); decorator.SetIoCapabilities(services::GapPairing::IoCapabilities::none); diff --git a/services/ble/test_doubles/GapPairingMock.hpp b/services/ble/test_doubles/GapPairingMock.hpp index efd7a3f22..5748feaef 100644 --- a/services/ble/test_doubles/GapPairingMock.hpp +++ b/services/ble/test_doubles/GapPairingMock.hpp @@ -12,7 +12,8 @@ namespace services public: MOCK_METHOD(void, Pair, ()); MOCK_METHOD(void, AllowPairing, (bool allow)); - MOCK_METHOD(void, SetSecurityRequirements, (SecureConnectionMode connectionMode, ManInTheMiddleMode mitmMode)); + MOCK_METHOD(void, SetManInTheMiddleMode, (ManInTheMiddleMode mitmMode)); + MOCK_METHOD(void, SetSecureConnectionMode, (SecureConnectionMode connectionMode)); MOCK_METHOD(void, SetIoCapabilities, (IoCapabilities caps)); MOCK_METHOD(void, AuthenticateWithPasskey, (uint32_t passkey)); MOCK_METHOD(void, NumericComparisonConfirm, (bool accept)); From 5afb95c3e412c7a4710710653c2336835bdf29fc Mon Sep 17 00:00:00 2001 From: Xavier Bernhardt Date: Wed, 18 Jun 2025 09:32:21 +0000 Subject: [PATCH 6/8] refactoring --- services/ble/Gap.hpp | 10 +++++----- services/ble/Gap.proto | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/services/ble/Gap.hpp b/services/ble/Gap.hpp index 74f393ca0..77c0f5f2d 100644 --- a/services/ble/Gap.hpp +++ b/services/ble/Gap.hpp @@ -143,16 +143,16 @@ namespace services enum class SecureConnectionMode { - disabledSecurity = 0, - optionalSecurity = 1, - mandatorySecurity = 2, + disabled = 0, + supported = 1, + enforced = 2, }; enum class ManInTheMiddleMode { disabled = 0, - optional = 1, - mandatory = 2, + supported = 1, + enforced = 2, }; virtual void diff --git a/services/ble/Gap.proto b/services/ble/Gap.proto index 5ba6e9fea..b993a7268 100644 --- a/services/ble/Gap.proto +++ b/services/ble/Gap.proto @@ -73,9 +73,9 @@ message AdvertisementType message SecureConnectionMode { enum SecureConnectionModeEnum { - disabledSecurity = 0; - optionalSecurity = 1; - mandatorySecurity = 2; + disabled = 0; + supported = 1; + enforced = 2; } SecureConnectionModeEnum secureConnectionMode = 1; @@ -85,8 +85,8 @@ message ManInTheMiddleMode { enum ManInTheMiddleModeEnum { disabled = 0; - optional = 1; - mandatory = 2; + supported = 1; + enforced = 2; } ManInTheMiddleModeEnum mitmMode = 1; From 1459c1d987108d815c3982388db3b0162a2eea42 Mon Sep 17 00:00:00 2001 From: Xavier Bernhardt Date: Wed, 18 Jun 2025 12:55:52 +0000 Subject: [PATCH 7/8] fixed compile error --- services/ble/test/TestGapPairing.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/services/ble/test/TestGapPairing.cpp b/services/ble/test/TestGapPairing.cpp index 15a7ad4ee..a350182bd 100644 --- a/services/ble/test/TestGapPairing.cpp +++ b/services/ble/test/TestGapPairing.cpp @@ -43,8 +43,8 @@ namespace services EXPECT_CALL(gapPairing, SetManInTheMiddleMode(::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); decorator.SetManInTheMiddleMode(services::GapPairing::ManInTheMiddleMode::disabled); - EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabledSecurity)))); - decorator.SetSecureConnectionMode(services::GapPairing::SecureConnectionMode::disabledSecurity); + EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabled)))); + decorator.SetSecureConnectionMode(services::GapPairing::SecureConnectionMode::disabled); EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq(services::GapPairing::IoCapabilities::none))); decorator.SetIoCapabilities(services::GapPairing::IoCapabilities::none); From 4199635c689d2c46eb5f7e28a2f3e64a566ad10c Mon Sep 17 00:00:00 2001 From: MiquelJayson-Philips Date: Thu, 19 Jun 2025 13:59:14 +0000 Subject: [PATCH 8/8] Removed bracket --- services/ble/test/TestGapPairing.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/services/ble/test/TestGapPairing.cpp b/services/ble/test/TestGapPairing.cpp index a350182bd..7692ba2b2 100644 --- a/services/ble/test/TestGapPairing.cpp +++ b/services/ble/test/TestGapPairing.cpp @@ -43,7 +43,7 @@ namespace services EXPECT_CALL(gapPairing, SetManInTheMiddleMode(::testing::TypedEq(services::GapPairing::ManInTheMiddleMode::disabled))); decorator.SetManInTheMiddleMode(services::GapPairing::ManInTheMiddleMode::disabled); - EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabled)))); + EXPECT_CALL(gapPairing, SetSecureConnectionMode(::testing::TypedEq(services::GapPairing::SecureConnectionMode::disabled))); decorator.SetSecureConnectionMode(services::GapPairing::SecureConnectionMode::disabled); EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq(services::GapPairing::IoCapabilities::none)));