DBTManager: Add setL2CAPSecurity(..) and userConfirmReply(..) for MgmtUserConfirmReplyCmd/MgmtUserConfirmNegativeReplyCmd

2 files changed, 44 insertions, 0 deletions

diff --git a/api/direct_bt/DBTManager.hpp b/api/direct_bt/DBTManager.hpp
index 5425cb37..9f0878f6 100644
--- a/api/direct_bt/DBTManager.hpp
+++ b/api/direct_bt/DBTManager.hpp
@@ -439,10 +439,18 @@ namespace direct_bt {
 
             /** Security commands */
 
+            /**
+             * Setting the BlueZ's L2CAP socket BT_SECURITY sec_level, determining the SMP security mode per connection!
+             * @param l2cap_att_socket
+             * @param sec_level BT_SECURITY_LOW, BT_SECURITY_MEDIUM, BT_SECURITY_HIGH or BT_SECURITY_FIPS
+             * @return true if successful, otherwise false
+             */
+            bool setL2CAPSecurity(int l2cap_att_socket, uint8_t sec_level);
             MgmtStatus uploadLinkKey(const uint16_t dev_id, const bool debug_keys, const MgmtLinkKey &key) noexcept;
             MgmtStatus uploadLongTermKey(const uint16_t dev_id, const MgmtLongTermKey &key) noexcept;
             MgmtStatus userPasskeyReply(const uint16_t dev_id, const EUI48 &address, const BDAddressType addressType, const uint32_t passkey) noexcept;
             MgmtStatus userPasskeyNegativeReply(const uint16_t dev_id, const EUI48 &address, const BDAddressType addressType) noexcept;
+            MgmtStatus userConfirmReply(const uint16_t dev_id, const EUI48 &address, const BDAddressType addressType, const bool positive) noexcept;
 
             /** MgmtEventCallback handling  */
 
diff --git a/src/direct_bt/DBTManager.cpp b/src/direct_bt/DBTManager.cpp
index 9fac89ff..ec794bca 100644
--- a/src/direct_bt/DBTManager.cpp
+++ b/src/direct_bt/DBTManager.cpp
@@ -732,6 +732,25 @@ MgmtStatus DBTManager::setDiscoverable(const uint16_t dev_id, const uint8_t stat
     return res;
 }
 
+bool DBTManager::setL2CAPSecurity(int l2cap_att_socket, uint8_t sec_level) {
+#if USE_LINUX_BT_SECURITY
+    struct bt_security bt_sec;
+    int result;
+
+    bzero(&bt_sec, sizeof(bt_sec));
+    bt_sec.level = sec_level;
+    result = setsockopt(l2cap_att_socket, SOL_BLUETOOTH, BT_SECURITY, &bt_sec, sizeof(bt_sec));
+    if (result != 0) {
+        ERR_PRINT("Setting L2CAP security level failed");
+        return false;
+    }
+    return true;
+#else
+    (void) l2cap_att_socket;
+    return false;
+#endif
+}
+
 ScanType DBTManager::startDiscovery(const uint16_t dev_id, const BTMode btMode) noexcept {
     return startDiscovery(dev_id, getScanType(btMode));
 }
@@ -818,6 +837,23 @@ MgmtStatus DBTManager::userPasskeyNegativeReply(const uint16_t dev_id, const EUI
     return MgmtStatus::TIMEOUT;
 }
 
+MgmtStatus DBTManager::userConfirmReply(const uint16_t dev_id, const EUI48 &address, const BDAddressType addressType, const bool positive) noexcept {
+    std::shared_ptr<MgmtEvent> res;
+    if( positive ) {
+        MgmtUserConfirmReplyCmd cmd(dev_id, address, addressType);
+        res = sendWithReply(cmd);
+    } else {
+        MgmtUserConfirmNegativeReplyCmd cmd(dev_id, address, addressType);
+        res = sendWithReply(cmd);
+    }
+    if( nullptr != res && res->getOpcode() == MgmtEvent::Opcode::CMD_COMPLETE ) {
+        const MgmtEvtCmdComplete &res1 = *static_cast<const MgmtEvtCmdComplete *>(res.get());
+        // FIXME: Analyze address + addressType result?
+        return res1.getStatus();
+    }
+    return MgmtStatus::TIMEOUT;
+}
+
 bool DBTManager::isDeviceWhitelisted(const uint16_t dev_id, const EUI48 &address) noexcept {
     for(auto it = whitelist.begin(); it != whitelist.end(); ) {
         std::shared_ptr<WhitelistElem> wle = *it;