feat(nordic): check pairing code when accepting pairing

[no changelog]
2025-04-23 18:49:13 +00:00 · 2025-04-02 15:39:55 +02:00 · 2025-04-02 15:39:55 +02:00 · d597b58274
commit d597b58274
parent 56bad5bd3a
4 changed files with 47 additions and 17 deletions
--- a/nordic/trezor/trezor-ble/src/ble/advertising.c
+++ b/nordic/trezor/trezor-ble/src/ble/advertising.c
@ -92,7 +92,7 @@ void advertising_start(bool wl, uint8_t color, uint32_t device_code,
  advertising_data[1].data_len = name_len;
  advertising_data[1].data = (const uint8_t *)name;

-  char gap_name[21] = {0};
+  char gap_name[BLE_ADV_NAME_LEN + 1] = {0};
  memcpy(gap_name, name, name_len);

  bt_set_name(gap_name);
--- a/nordic/trezor/trezor-ble/src/ble/ble_internal.h
+++ b/nordic/trezor/trezor-ble/src/ble/ble_internal.h
@ -46,6 +46,9 @@
 #define BT_UUID_TRZ_RX BT_UUID_DECLARE_128(BT_UUID_TRZ_RX_VAL)
 #define BT_UUID_TRZ_TX BT_UUID_DECLARE_128(BT_UUID_TRZ_TX_VAL)

+#define BLE_PAIRING_CODE_LEN 6
+#define BLE_ADV_NAME_LEN 20
+
 typedef struct {
  uint8_t msg_id;
  uint8_t connected;
@ -86,6 +89,20 @@ typedef enum {
  INTERNAL_CMD_GET_MAC = 0x09,
 } internal_cmd_t;

+typedef struct {
+  uint8_t cmd_id;
+  uint8_t whitelist;
+  uint8_t color;
+  uint8_t static_addr;
+  uint32_t device_code;
+  uint8_t name[BLE_ADV_NAME_LEN];
+} cmd_advertising_on_t;
+
+typedef struct {
+  uint8_t cmd_id;
+  uint8_t code[BLE_PAIRING_CODE_LEN];
+} cmd_allow_pairing_t;
+
 // BLE management functions
 // Initialization
 void ble_management_init(void);
@ -135,7 +152,7 @@ bool pairing_init(void);
 // Reset pairing process
 void pairing_reset(void);
 // Respond to pairing request
-void pairing_num_comp_reply(bool accept);
+void pairing_num_comp_reply(bool accept, uint8_t *code);

 // Service functions
 // Callback definition for received data
--- a/nordic/trezor/trezor-ble/src/ble/ble_management.c
+++ b/nordic/trezor/trezor-ble/src/ble/ble_management.c
@ -113,15 +113,11 @@ static void process_command(uint8_t *data, uint16_t len) {
      ble_management_send_status_event();
      break;
    case INTERNAL_CMD_ADVERTISING_ON: {
-      uint8_t color = data[2];
-      bool static_addr = data[3];
-      uint32_t device_code =
-          (data[4] << 24) | (data[5] << 16) | (data[6] << 8) | data[7];
-      char *name = &data[8];
+      cmd_advertising_on_t *cmd = (cmd_advertising_on_t *)data;

-      int name_len = strnlen(name, 20);
-      advertising_start(data[1] != 0, color, device_code, static_addr, name,
-                        name_len);
+      int name_len = strnlen(cmd->name, BLE_ADV_NAME_LEN);
+      advertising_start(cmd->whitelist != 0, cmd->color, cmd->device_code,
+                        cmd->static_addr, (char *)cmd->name, name_len);
    } break;
    case INTERNAL_CMD_ADVERTISING_OFF:
      advertising_stop();
@ -135,10 +131,12 @@ static void process_command(uint8_t *data, uint16_t len) {
      // pb_msg_ack();
      break;
    case INTERNAL_CMD_ALLOW_PAIRING:
-      pairing_num_comp_reply(true);
+      cmd_allow_pairing_t *cmd = (cmd_allow_pairing_t *)data;
+
+      pairing_num_comp_reply(true, cmd->code);
      break;
    case INTERNAL_CMD_REJECT_PAIRING:
-      pairing_num_comp_reply(false);
+      pairing_num_comp_reply(false, NULL);
      break;
    case INTERNAL_CMD_UNPAIR:
      success = bonds_erase_current();
--- a/nordic/trezor/trezor-ble/src/ble/pairing.c
+++ b/nordic/trezor/trezor-ble/src/ble/pairing.c
@ -32,6 +32,8 @@
 #define LOG_MODULE_NAME ble_pairing
 LOG_MODULE_REGISTER(LOG_MODULE_NAME);

+static uint8_t g_passkey_str[BLE_PAIRING_CODE_LEN] = {0};
+
 static struct bt_conn *auth_conn;

 void passkey_to_str(uint8_t buf[6], unsigned int passkey) {
@ -52,9 +54,8 @@ void auth_passkey_confirm(struct bt_conn *conn, unsigned int passkey) {

  bt_addr_le_to_str(bt_conn_get_dst(conn), addr, sizeof(addr));

-  uint8_t passkey_str[6];
-  passkey_to_str(passkey_str, passkey);
-  ble_management_send_pairing_request_event(passkey_str, 6);
+  passkey_to_str(g_passkey_str, passkey);
+  ble_management_send_pairing_request_event(g_passkey_str, 6);

  ble_management_send_status_event();
 }
@ -98,9 +99,19 @@ void pairing_failed(struct bt_conn *conn, enum bt_security_err reason) {
 static struct bt_conn_auth_info_cb conn_auth_info_callbacks = {
    .pairing_complete = pairing_complete, .pairing_failed = pairing_failed};

-void pairing_num_comp_reply(bool accept) {
+bool pairing_code_not_empty(void) {
+  for (int i = 0; i < sizeof(g_passkey_str); i++) {
+    if (g_passkey_str[i] != 0) {
+      return true;
+    }
+  }
+  return false;
+}
+
+void pairing_num_comp_reply(bool accept, uint8_t *code) {
  if (auth_conn != NULL) {
-    if (accept) {
+    if (accept && pairing_code_not_empty() && code != NULL &&
+        memcmp(g_passkey_str, code, sizeof(g_passkey_str)) == 0) {
      bt_conn_auth_passkey_confirm(auth_conn);
      LOG_INF("Numeric Match, conn %p", (void *)auth_conn);
    } else {
@ -112,13 +123,17 @@ void pairing_num_comp_reply(bool accept) {
    bt_conn_unref(auth_conn);
    auth_conn = NULL;
  }
+
+  memset(g_passkey_str, 0, sizeof(g_passkey_str));
 }

 void pairing_reset(void) {
  if (auth_conn) {
+    bt_conn_auth_cancel(auth_conn);
    bt_conn_unref(auth_conn);
    auth_conn = NULL;
  }
+  memset(g_passkey_str, 0, sizeof(g_passkey_str));
 }

 bool pairing_init(void) {