static void att_run_for_context(att_server_t * att_server){
switch (att_server->state){
case ATT_SERVER_REQUEST_RECEIVED:
// wait until pairing is complete
if (att_server->pairing_active) break;
#ifdef ENABLE_LE_SIGNED_WRITE
if (att_server->request_buffer[0] == ATT_SIGNED_WRITE_COMMAND){
log_info("ATT Signed Write!");
if (!sm_cmac_ready()) {
log_info("ATT Signed Write, sm_cmac engine not ready. Abort");
att_server->state = ATT_SERVER_IDLE;
return;
}
if (att_server->request_size < (3 + 12)) {
log_info("ATT Signed Write, request to short. Abort.");
att_server->state = ATT_SERVER_IDLE;
return;
}
if (att_server->ir_lookup_active){
return;
}
if (att_server->ir_le_device_db_index < 0){
log_info("ATT Signed Write, CSRK not available");
att_server->state = ATT_SERVER_IDLE;
return;
}
// check counter
uint32_t counter_packet = little_endian_read_32(att_server->request_buffer, att_server->request_size-12);
uint32_t counter_db = le_device_db_remote_counter_get(att_server->ir_le_device_db_index);
log_info("ATT Signed Write, DB counter %"PRIu32", packet counter %"PRIu32, counter_db, counter_packet);
if (counter_packet < counter_db){
log_info("ATT Signed Write, db reports higher counter, abort");
att_server->state = ATT_SERVER_IDLE;
return;
}
// signature is { sequence counter, secure hash }
sm_key_t csrk;
le_device_db_remote_csrk_get(att_server->ir_le_device_db_index, csrk);
att_server->state = ATT_SERVER_W4_SIGNED_WRITE_VALIDATION;
log_info("Orig Signature: ");
log_info_hexdump( &att_server->request_buffer[att_server->request_size-8], 8);
uint16_t attribute_handle = little_endian_read_16(att_server->request_buffer, 1);
sm_cmac_signed_write_start(csrk, att_server->request_buffer[0], attribute_handle, att_server->request_size - 15, &att_server->request_buffer[3], counter_packet, att_signed_write_handle_cmac_result);
return;
}
#endif
// move on
att_server->state = ATT_SERVER_REQUEST_RECEIVED_AND_VALIDATED;
att_dispatch_server_request_can_send_now_event(att_server->connection.con_handle);
break;
default:
break;
}
}
static void att_run(void){
switch (att_server_state){
case ATT_SERVER_IDLE:
case ATT_SERVER_W4_SIGNED_WRITE_VALIDATION:
return;
case ATT_SERVER_REQUEST_RECEIVED:
if (att_request_buffer[0] == ATT_SIGNED_WRITE_COMMAND){
log_info("ATT Signed Write!");
if (!sm_cmac_ready()) {
log_info("ATT Signed Write, sm_cmac engine not ready. Abort");
att_server_state = ATT_SERVER_IDLE;
return;
}
if (att_request_size < (3 + 12)) {
log_info("ATT Signed Write, request to short. Abort.");
att_server_state = ATT_SERVER_IDLE;
return;
}
if (att_ir_lookup_active){
return;
}
if (att_ir_le_device_db_index < 0){
log_info("ATT Signed Write, CSRK not available");
att_server_state = ATT_SERVER_IDLE;
return;
}
// check counter
uint32_t counter_packet = READ_BT_32(att_request_buffer, att_request_size-12);
uint32_t counter_db = le_device_db_remote_counter_get(att_ir_le_device_db_index);
log_info("ATT Signed Write, DB counter %"PRIu32", packet counter %"PRIu32, counter_db, counter_packet);
if (counter_packet < counter_db){
log_info("ATT Signed Write, db reports higher counter, abort");
att_server_state = ATT_SERVER_IDLE;
return;
}
// signature is { sequence counter, secure hash }
sm_key_t csrk;
le_device_db_remote_csrk_get(att_ir_le_device_db_index, csrk);
att_server_state = ATT_SERVER_W4_SIGNED_WRITE_VALIDATION;
log_info("Orig Signature: ");
hexdump( &att_request_buffer[att_request_size-8], 8);
uint16_t attribute_handle = READ_BT_16(att_request_buffer, 1);
sm_cmac_start(csrk, att_request_buffer[0], attribute_handle, att_request_size - 15, &att_request_buffer[3], counter_packet, att_signed_write_handle_cmac_result);
return;
}
// NOTE: fall through for regular commands
case ATT_SERVER_REQUEST_RECEIVED_AND_VALIDATED:
if (!l2cap_can_send_fixed_channel_packet_now(att_connection.con_handle)) return;
l2cap_reserve_packet_buffer();
uint8_t * att_response_buffer = l2cap_get_outgoing_buffer();
uint16_t att_response_size = att_handle_request(&att_connection, att_request_buffer, att_request_size, att_response_buffer);
// intercept "insufficient authorization" for authenticated connections to allow for user authorization
if ((att_response_size >= 4)
&& (att_response_buffer[0] == ATT_ERROR_RESPONSE)
&& (att_response_buffer[4] == ATT_ERROR_INSUFFICIENT_AUTHORIZATION)
&& (att_connection.authenticated)){
switch (sm_authorization_state(att_client_addr_type, att_client_address)){
case AUTHORIZATION_UNKNOWN:
l2cap_release_packet_buffer();
sm_request_pairing(att_client_addr_type, att_client_address);
return;
case AUTHORIZATION_PENDING:
l2cap_release_packet_buffer();
return;
default:
break;
}
}
att_server_state = ATT_SERVER_IDLE;
if (att_response_size == 0) {
l2cap_release_packet_buffer();
return;
}
l2cap_send_prepared_connectionless(att_connection.con_handle, L2CAP_CID_ATTRIBUTE_PROTOCOL, att_response_size);
// notify client about MTU exchange result
if (att_response_buffer[0] == ATT_EXCHANGE_MTU_RESPONSE){
att_emit_mtu_event(att_connection.con_handle, att_connection.mtu);
}
break;
}
}
