Disable bonding; Another try to disable secure pairing

author: Michele Bini <michele.bini@gmail.com> 2022-03-24 11:52:51 (GMT)
committer: Michele Bini <michele.bini@gmail.com> 2022-03-24 11:52:51 (GMT)
commit: e78a9401ac707fe75da54fdc6ce6c3aa89032360 (patch)
tree: 7e078b0ca8a4f3222197d0e19a038bf4bc187a17
parent: 3c29183dd22d33928ac62c65a378922d49fa06e9 (diff)
11 files changed, 1 insertions, 199 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index 8e505d6..ea6f2a5 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -417,7 +417,6 @@ list(APPEND SOURCE_FILES
         displayapp/screens/BatteryInfo.cpp
         displayapp/screens/Steps.cpp
         displayapp/screens/Timer.cpp
-        displayapp/screens/PassKey.cpp
         displayapp/screens/Error.cpp
         displayapp/screens/Alarm.cpp
         displayapp/screens/Styles.cpp
diff --git a/src/components/ble/NimbleController.cpp b/src/components/ble/NimbleController.cpp
index f490144..ee9509b 100644
--- a/src/components/ble/NimbleController.cpp
+++ b/src/components/ble/NimbleController.cpp
@@ -127,8 +127,6 @@ void NimbleController::Init() {
   rc = ble_gatts_start();
   ASSERT(rc == 0);
 
-  RestoreBond();
-
   StartAdvertising();
 }
 
@@ -210,10 +208,6 @@ int NimbleController::OnGAPEvent(ble_gap_event* event) {
       NRF_LOG_INFO("Disconnect event : BLE_GAP_EVENT_DISCONNECT");
       NRF_LOG_INFO("disconnect reason=%d", event->disconnect.reason);
 
-      if (event->disconnect.conn.sec_state.bonded) {
-        PersistBond(event->disconnect.conn);
-      }
-
       currentTimeClient.Reset();
       alertNotificationClient.Reset();
       connectionHandle = BLE_HS_CONN_HANDLE_NONE;
@@ -248,9 +242,6 @@ int NimbleController::OnGAPEvent(ble_gap_event* event) {
       if (event->enc_change.status == 0) {
         struct ble_gap_conn_desc desc;
         ble_gap_conn_find(event->enc_change.conn_handle, &desc);
-        if (desc.sec_state.bonded) {
-          PersistBond(desc);
-        }
 
         NRF_LOG_INFO("new state: encrypted=%d authenticated=%d bonded=%d key_size=%d",
                      desc.sec_state.encrypted,
@@ -261,48 +252,7 @@ int NimbleController::OnGAPEvent(ble_gap_event* event) {
       break;
 
     case BLE_GAP_EVENT_PASSKEY_ACTION:
-      /* Authentication has been requested for this connection.
-       *
-       * BLE authentication is determined by the combination of I/O capabilities
-       * on the central and peripheral. When the peripheral is display only and
-       * the central has a keyboard and display then passkey auth is selected.
-       * When both the central and peripheral have displays and support yes/no
-       * buttons then numeric comparison is selected. We currently advertise
-       * display capability only so we only handle the "display" action here.
-       *
-       * Standards insist that the rand() PRNG be deterministic.
-       * Use the tinycrypt prng here since rand() is predictable.
-       */
       NRF_LOG_INFO("Security event : BLE_GAP_EVENT_PASSKEY_ACTION");
-      if (event->passkey.params.action == BLE_SM_IOACT_DISP) {
-        struct ble_sm_io pkey = {0};
-        pkey.action = event->passkey.params.action;
-
-        /*
-         * Passkey is a 6 digits code (1'000'000 possibilities).
-         * It is important every possible value has an equal probability
-         * of getting generated. Simply applying a modulo creates a bias
-         * since 2^32 is not a multiple of 1'000'000.
-         * To prevent that, we can reject values greater than 999'999.
-         *
-         * Rejecting values would happen a lot since 2^32-1 is way greater
-         * than 1'000'000. An optimisation is to use a multiple of 1'000'000.
-         * The greatest multiple of 1'000'000 lesser than 2^32-1 is
-         * 4'294'000'000.
-         *
-         * Great explanation at:
-         * https://research.kudelskisecurity.com/2020/07/28/the-definitive-guide-to-modulo-bias-and-how-to-avoid-it/
-         */
-        uint32_t passkey_rand;
-        do {
-          passkey_rand = ble_ll_rand();
-        } while (passkey_rand > 4293999999);
-        pkey.passkey = passkey_rand % 1000000;
-
-        bleController.SetPairingKey(pkey.passkey);
-        systemTask.PushMessage(Pinetime::System::Messages::OnPairing);
-        ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-      }
       break;
 
     case BLE_GAP_EVENT_SUBSCRIBE:
@@ -413,81 +363,3 @@ void NimbleController::DisableRadio() {
   }
 }
 
-void NimbleController::PersistBond(struct ble_gap_conn_desc& desc) {
-  union ble_store_key key;
-  union ble_store_value our_sec, peer_sec, peer_cccd_set[MYNEWT_VAL(BLE_STORE_MAX_CCCDS)] = {0};
-  int rc;
-
-  memset(&key, 0, sizeof key);
-  memset(&our_sec, 0, sizeof our_sec);
-  key.sec.peer_addr = desc.peer_id_addr;
-  rc = ble_store_read_our_sec(&key.sec, &our_sec.sec);
-
-  if (memcmp(&our_sec.sec, &bondId, sizeof bondId) == 0) {
-    return;
-  }
-
-  memcpy(&bondId, &our_sec.sec, sizeof bondId);
-
-  memset(&key, 0, sizeof key);
-  memset(&peer_sec, 0, sizeof peer_sec);
-  key.sec.peer_addr = desc.peer_id_addr;
-  rc += ble_store_read_peer_sec(&key.sec, &peer_sec.sec);
-
-  if (rc == 0) {
-    memset(&key, 0, sizeof key);
-    key.cccd.peer_addr = desc.peer_id_addr;
-    int peer_count = 0;
-    ble_store_util_count(BLE_STORE_OBJ_TYPE_CCCD, &peer_count);
-    for (int i = 0; i < peer_count; i++) {
-      key.cccd.idx = peer_count;
-      ble_store_read_cccd(&key.cccd, &peer_cccd_set[i].cccd);
-    }
-
-    /* Wakeup Spi and SpiNorFlash before accessing the file system
-     * This should be fixed in the FS driver
-     */
-    systemTask.PushMessage(Pinetime::System::Messages::GoToRunning);
-    systemTask.PushMessage(Pinetime::System::Messages::DisableSleeping);
-    vTaskDelay(10);
-
-    lfs_file_t file_p;
-
-    rc = fs.FileOpen(&file_p, "/bond.dat", LFS_O_WRONLY | LFS_O_CREAT);
-    if (rc == 0) {
-      fs.FileWrite(&file_p, reinterpret_cast<uint8_t*>(&our_sec.sec), sizeof our_sec);
-      fs.FileWrite(&file_p, reinterpret_cast<uint8_t*>(&peer_sec.sec), sizeof peer_sec);
-      fs.FileWrite(&file_p, reinterpret_cast<const uint8_t*>(&peer_count), 1);
-      for (int i = 0; i < peer_count; i++) {
-        fs.FileWrite(&file_p, reinterpret_cast<uint8_t*>(&peer_cccd_set[i].cccd), sizeof(struct ble_store_value_cccd));
-      }
-      fs.FileClose(&file_p);
-    }
-    systemTask.PushMessage(Pinetime::System::Messages::EnableSleeping);
-  }
-}
-
-void NimbleController::RestoreBond() {
-  lfs_file_t file_p;
-  union ble_store_value sec, cccd;
-  uint8_t peer_count = 0;
-
-  if (fs.FileOpen(&file_p, "/bond.dat", LFS_O_RDONLY) == 0) {
-    memset(&sec, 0, sizeof sec);
-    fs.FileRead(&file_p, reinterpret_cast<uint8_t*>(&sec.sec), sizeof sec);
-    ble_store_write_our_sec(&sec.sec);
-
-    memset(&sec, 0, sizeof sec);
-    fs.FileRead(&file_p, reinterpret_cast<uint8_t*>(&sec.sec), sizeof sec);
-    ble_store_write_peer_sec(&sec.sec);
-
-    fs.FileRead(&file_p, &peer_count, 1);
-    for (int i = 0; i < peer_count; i++) {
-      fs.FileRead(&file_p, reinterpret_cast<uint8_t*>(&cccd.cccd), sizeof(struct ble_store_value_cccd));
-      ble_store_write_cccd(&cccd.cccd);
-    }
-
-    fs.FileClose(&file_p);
-    fs.FileDelete("/bond.dat");
-  }
-}
diff --git a/src/components/ble/NimbleController.h b/src/components/ble/NimbleController.h
index fecc665..176848d 100644
--- a/src/components/ble/NimbleController.h
+++ b/src/components/ble/NimbleController.h
@@ -67,9 +67,6 @@ namespace Pinetime {
       void DisableRadio();
 
     private:
-      void PersistBond(struct ble_gap_conn_desc& desc);
-      void RestoreBond();
-
       static constexpr const char* deviceName = "InfiniTime";
       Pinetime::System::SystemTask& systemTask;
       Ble& bleController;
diff --git a/src/displayapp/Apps.h b/src/displayapp/Apps.h
index 5f7906b..a92adb4 100644
--- a/src/displayapp/Apps.h
+++ b/src/displayapp/Apps.h
@@ -20,8 +20,6 @@ namespace Pinetime {
       StopWatch,
       Motion,
       Steps,
-      Weather,
-      PassKey,
       QuickSettings,
       Settings,
       SettingWatchFace,
diff --git a/src/displayapp/DisplayApp.cpp b/src/displayapp/DisplayApp.cpp
index 661fd61..6489bb0 100644
--- a/src/displayapp/DisplayApp.cpp
+++ b/src/displayapp/DisplayApp.cpp
@@ -24,7 +24,6 @@
 #include "displayapp/screens/FlashLight.h"
 #include "displayapp/screens/BatteryInfo.h"
 #include "displayapp/screens/Steps.h"
-#include "displayapp/screens/PassKey.h"
 #include "displayapp/screens/Error.h"
 
 #include "drivers/Cst816s.h"
@@ -215,9 +214,6 @@ void DisplayApp::Refresh() {
           LoadApp(Apps::Alarm, DisplayApp::FullRefreshDirections::None);
         }
         break;
-      case Messages::ShowPairingKey:
-        LoadApp(Apps::PassKey, DisplayApp::FullRefreshDirections::Up);
-        break;
       case Messages::TouchEvent: {
         if (state != States::Running) {
           break;
@@ -360,12 +356,6 @@ void DisplayApp::LoadApp(Apps app, DisplayApp::FullRefreshDirections direction)
       currentScreen = std::make_unique<Screens::FirmwareUpdate>(this, bleController);
       ReturnApp(Apps::Clock, FullRefreshDirections::Down, TouchEvents::None);
       break;
-
-    case Apps::PassKey:
-      currentScreen = std::make_unique<Screens::PassKey>(this, bleController.GetPairingKey());
-      ReturnApp(Apps::Clock, FullRefreshDirections::Down, TouchEvents::SwipeDown);
-      break;
-
     case Apps::Notifications:
       currentScreen = std::make_unique<Screens::Notifications>(
         this, notificationManager, systemTask->nimble().alertService(), motorController, *systemTask, Screens::Notifications::Modes::Normal);
diff --git a/src/displayapp/Messages.h b/src/displayapp/Messages.h
index 58df455..57d02be 100644
--- a/src/displayapp/Messages.h
+++ b/src/displayapp/Messages.h
@@ -19,7 +19,6 @@ namespace Pinetime {
         UpdateTimeOut,
         DimScreen,
         RestoreBrightness,
-        ShowPairingKey,
         AlarmTriggered,
         Clock,
         BleRadioEnableToggle
diff --git a/src/displayapp/screens/PassKey.cpp b/src/displayapp/screens/PassKey.cpp
deleted file mode 100644
index 9e43a54..0000000
--- a/src/displayapp/screens/PassKey.cpp
+++ /dev/null
@@ -1,24 +0,0 @@
-#include "PassKey.h"
-#include "displayapp/DisplayApp.h"
-
-using namespace Pinetime::Applications::Screens;
-
-PassKey::PassKey(Pinetime::Applications::DisplayApp* app, uint32_t key) : Screen(app) {
-  passkeyLabel = lv_label_create(lv_scr_act(), nullptr);
-  lv_obj_set_style_local_text_color(passkeyLabel, LV_LABEL_PART_MAIN, LV_STATE_DEFAULT, lv_color_hex(0xFFFF00));
-  lv_obj_set_style_local_text_font(passkeyLabel, LV_LABEL_PART_MAIN, LV_STATE_DEFAULT, &jetbrains_mono_42);
-  lv_label_set_text_fmt(passkeyLabel, "%06u", key);
-  lv_obj_align(passkeyLabel, nullptr, LV_ALIGN_CENTER, 0, -20);
-
-  backgroundLabel = lv_label_create(lv_scr_act(), nullptr);
-  lv_obj_set_click(backgroundLabel, true);
-  lv_label_set_long_mode(backgroundLabel, LV_LABEL_LONG_CROP);
-  lv_obj_set_size(backgroundLabel, 240, 240);
-  lv_obj_set_pos(backgroundLabel, 0, 0);
-  lv_label_set_text(backgroundLabel, "");
-}
-
-PassKey::~PassKey() {
-  lv_obj_clean(lv_scr_act());
-}
-
diff --git a/src/displayapp/screens/PassKey.h b/src/displayapp/screens/PassKey.h
deleted file mode 100644
index 16e72a3..0000000
--- a/src/displayapp/screens/PassKey.h
+++ /dev/null
@@ -1,21 +0,0 @@
-#pragma once
-
-#include "Screen.h"
-#include <lvgl/lvgl.h>
-
-namespace Pinetime {
-  namespace Applications {
-    namespace Screens {
-
-      class PassKey : public Screen {
-      public:
-        PassKey(DisplayApp* app, uint32_t key);
-        ~PassKey() override;
-
-      private:
-        lv_obj_t* passkeyLabel;
-        lv_obj_t* backgroundLabel;
-      };
-    }
-  }
-}
diff --git a/src/libs/mynewt-nimble/porting/nimble/include/syscfg/syscfg.h b/src/libs/mynewt-nimble/porting/nimble/include/syscfg/syscfg.h
index b3f2341..bfbb407 100644
--- a/src/libs/mynewt-nimble/porting/nimble/include/syscfg/syscfg.h
+++ b/src/libs/mynewt-nimble/porting/nimble/include/syscfg/syscfg.h
@@ -703,7 +703,7 @@
 #endif
 
 #ifndef MYNEWT_VAL_BLE_SM_IO_CAP
-#define MYNEWT_VAL_BLE_SM_IO_CAP (BLE_HS_IO_DISPLAY_ONLY)
+#define MYNEWT_VAL_BLE_SM_IO_CAP (BLE_HS_IO_NO_INPUT_OUTPUT)
 #endif
 
 #ifndef MYNEWT_VAL_BLE_SM_KEYPRESS
diff --git a/src/systemtask/Messages.h b/src/systemtask/Messages.h
index 2e3456a..4fa0bc8 100644
--- a/src/systemtask/Messages.h
+++ b/src/systemtask/Messages.h
@@ -24,7 +24,6 @@ namespace Pinetime {
         OnNewHour,
         OnNewHalfHour,
         OnChargingEvent,
-        OnPairing,
         SetOffAlarm,
         StopRinging,
         MeasureBatteryTimerExpired,
diff --git a/src/systemtask/SystemTask.cpp b/src/systemtask/SystemTask.cpp
index 1e45fac..70b3018 100644
--- a/src/systemtask/SystemTask.cpp
+++ b/src/systemtask/SystemTask.cpp
@@ -433,13 +433,6 @@ void SystemTask::Work() {
         case Messages::BatteryPercentageUpdated:
           nimbleController.NotifyBatteryLevel(batteryController.PercentRemaining());
           break;
-        case Messages::OnPairing:
-          if (isSleeping && !isWakingUp) {
-            GoToRunning();
-          }
-          motorController.RunForDuration(35);
-          displayApp.PushMessage(Pinetime::Applications::Display::Messages::ShowPairingKey);
-          break;
         case Messages::BleRadioEnableToggle:
           if(settingsController.GetBleRadioEnabled()) {
             nimbleController.EnableRadio();
author	Michele Bini <michele.bini@gmail.com>	2022-03-24 11:52:51 (GMT)
committer	Michele Bini <michele.bini@gmail.com>	2022-03-24 11:52:51 (GMT)
commit	e78a9401ac707fe75da54fdc6ce6c3aa89032360 (patch)
tree	7e078b0ca8a4f3222197d0e19a038bf4bc187a17
parent	3c29183dd22d33928ac62c65a378922d49fa06e9 (diff)