1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL BLUEKITCHEN 24 * GMBH OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 #define BTSTACK_FILE__ "gatt_client.c" 39 40 #include <stdint.h> 41 #include <string.h> 42 #include <stddef.h> 43 44 #include "btstack_config.h" 45 46 #include "ble/att_dispatch.h" 47 #include "ble/att_db.h" 48 #include "ble/gatt_client.h" 49 #include "ble/le_device_db.h" 50 #include "ble/sm.h" 51 #include "btstack_debug.h" 52 #include "btstack_event.h" 53 #include "btstack_memory.h" 54 #include "btstack_run_loop.h" 55 #include "btstack_util.h" 56 #include "hci.h" 57 #include "hci_dump.h" 58 #include "l2cap.h" 59 #include "classic/sdp_client.h" 60 #include "bluetooth_gatt.h" 61 #include "bluetooth_sdp.h" 62 #include "classic/sdp_util.h" 63 64 static btstack_linked_list_t gatt_client_connections; 65 static btstack_linked_list_t gatt_client_value_listeners; 66 static btstack_packet_callback_registration_t hci_event_callback_registration; 67 static btstack_packet_callback_registration_t sm_event_callback_registration; 68 69 // GATT Client Configuration 70 static bool gatt_client_mtu_exchange_enabled; 71 static gap_security_level_t gatt_client_required_security_level; 72 73 static void gatt_client_att_packet_handler(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size); 74 static void gatt_client_event_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size); 75 static void gatt_client_report_error_if_pending(gatt_client_t *gatt_client, uint8_t att_error_code); 76 77 #ifdef ENABLE_LE_SIGNED_WRITE 78 static void att_signed_write_handle_cmac_result(uint8_t hash[8]); 79 #endif 80 81 void gatt_client_init(void){ 82 gatt_client_connections = NULL; 83 84 // default configuration 85 gatt_client_mtu_exchange_enabled = true; 86 gatt_client_required_security_level = LEVEL_0; 87 88 // register for HCI Events 89 hci_event_callback_registration.callback = &gatt_client_event_packet_handler; 90 hci_add_event_handler(&hci_event_callback_registration); 91 92 // register for SM Events 93 sm_event_callback_registration.callback = &gatt_client_event_packet_handler; 94 sm_add_event_handler(&sm_event_callback_registration); 95 96 // and ATT Client PDUs 97 att_dispatch_register_client(gatt_client_att_packet_handler); 98 } 99 100 void gatt_client_set_required_security_level(gap_security_level_t level){ 101 gatt_client_required_security_level = level; 102 } 103 104 static gatt_client_t * gatt_client_for_timer(btstack_timer_source_t * ts){ 105 btstack_linked_list_iterator_t it; 106 btstack_linked_list_iterator_init(&it, &gatt_client_connections); 107 while (btstack_linked_list_iterator_has_next(&it)){ 108 gatt_client_t * gatt_client = (gatt_client_t *) btstack_linked_list_iterator_next(&it); 109 if (&gatt_client->gc_timeout == ts) { 110 return gatt_client; 111 } 112 } 113 return NULL; 114 } 115 116 static void gatt_client_timeout_handler(btstack_timer_source_t * timer){ 117 gatt_client_t * gatt_client = gatt_client_for_timer(timer); 118 if (gatt_client == NULL) return; 119 log_info("GATT client timeout handle, handle 0x%02x", gatt_client->con_handle); 120 gatt_client_report_error_if_pending(gatt_client, ATT_ERROR_TIMEOUT); 121 } 122 123 static void gatt_client_timeout_start(gatt_client_t * gatt_client){ 124 log_info("GATT client timeout start, handle 0x%02x", gatt_client->con_handle); 125 btstack_run_loop_remove_timer(&gatt_client->gc_timeout); 126 btstack_run_loop_set_timer_handler(&gatt_client->gc_timeout, gatt_client_timeout_handler); 127 btstack_run_loop_set_timer(&gatt_client->gc_timeout, 30000); // 30 seconds sm timeout 128 btstack_run_loop_add_timer(&gatt_client->gc_timeout); 129 } 130 131 static void gatt_client_timeout_stop(gatt_client_t * gatt_client){ 132 log_info("GATT client timeout stop, handle 0x%02x", gatt_client->con_handle); 133 btstack_run_loop_remove_timer(&gatt_client->gc_timeout); 134 } 135 136 static gap_security_level_t gatt_client_le_security_level_for_connection(hci_con_handle_t con_handle){ 137 uint8_t encryption_key_size = gap_encryption_key_size(con_handle); 138 if (encryption_key_size == 0) return LEVEL_0; 139 140 bool authenticated = gap_authenticated(con_handle); 141 if (!authenticated) return LEVEL_2; 142 143 return encryption_key_size == 16 ? LEVEL_4 : LEVEL_3; 144 } 145 146 static gatt_client_t * gatt_client_get_context_for_handle(uint16_t handle){ 147 btstack_linked_item_t *it; 148 for (it = (btstack_linked_item_t *) gatt_client_connections; it != NULL; it = it->next){ 149 gatt_client_t * gatt_client = (gatt_client_t *) it; 150 if (gatt_client->con_handle == handle){ 151 return gatt_client; 152 } 153 } 154 return NULL; 155 } 156 157 158 // @return gatt_client context 159 // returns existing one, or tries to setup new one 160 static uint8_t gatt_client_provide_context_for_handle(hci_con_handle_t con_handle, gatt_client_t ** out_gatt_client){ 161 gatt_client_t * gatt_client = gatt_client_get_context_for_handle(con_handle); 162 163 if (gatt_client != NULL){ 164 *out_gatt_client = gatt_client; 165 return ERROR_CODE_SUCCESS; 166 } 167 168 // bail if no such hci connection 169 hci_connection_t * hci_connection = hci_connection_for_handle(con_handle); 170 if (hci_connection == NULL){ 171 log_error("No connection for handle 0x%04x", con_handle); 172 *out_gatt_client = NULL; 173 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 174 } 175 176 gatt_client = btstack_memory_gatt_client_get(); 177 if (gatt_client == NULL){ 178 *out_gatt_client = NULL; 179 return ERROR_CODE_MEMORY_CAPACITY_EXCEEDED; 180 } 181 // init state 182 gatt_client->con_handle = con_handle; 183 gatt_client->mtu = ATT_DEFAULT_MTU; 184 gatt_client->security_level = gatt_client_le_security_level_for_connection(con_handle); 185 if (gatt_client_mtu_exchange_enabled){ 186 gatt_client->mtu_state = SEND_MTU_EXCHANGE; 187 } else { 188 gatt_client->mtu_state = MTU_AUTO_EXCHANGE_DISABLED; 189 } 190 gatt_client->gatt_client_state = P_READY; 191 btstack_linked_list_add(&gatt_client_connections, (btstack_linked_item_t*)gatt_client); 192 193 // get unenhanced att bearer state 194 if (hci_connection->att_connection.mtu_exchanged){ 195 gatt_client->mtu = hci_connection->att_connection.mtu; 196 gatt_client->mtu_state = MTU_EXCHANGED; 197 } 198 *out_gatt_client = gatt_client; 199 return ERROR_CODE_SUCCESS; 200 } 201 202 static bool is_ready(gatt_client_t * gatt_client){ 203 return gatt_client->gatt_client_state == P_READY; 204 } 205 206 static uint8_t gatt_client_provide_context_for_request(hci_con_handle_t con_handle, gatt_client_t ** out_gatt_client){ 207 gatt_client_t * gatt_client = NULL; 208 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 209 if (status != ERROR_CODE_SUCCESS){ 210 return status; 211 } 212 213 if (is_ready(gatt_client) == 0){ 214 return GATT_CLIENT_IN_WRONG_STATE; 215 } 216 217 gatt_client_timeout_start(gatt_client); 218 219 *out_gatt_client = gatt_client; 220 221 return status; 222 } 223 224 int gatt_client_is_ready(hci_con_handle_t con_handle){ 225 gatt_client_t * gatt_client; 226 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 227 if (status != ERROR_CODE_SUCCESS){ 228 return 0; 229 } 230 return is_ready(gatt_client) ? 1 : 0; 231 } 232 233 void gatt_client_mtu_enable_auto_negotiation(uint8_t enabled){ 234 gatt_client_mtu_exchange_enabled = enabled != 0; 235 } 236 237 uint8_t gatt_client_get_mtu(hci_con_handle_t con_handle, uint16_t * mtu){ 238 gatt_client_t * gatt_client; 239 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 240 if (status != ERROR_CODE_SUCCESS){ 241 return status; 242 } 243 244 if ((gatt_client->mtu_state == MTU_EXCHANGED) || (gatt_client->mtu_state == MTU_AUTO_EXCHANGE_DISABLED)){ 245 *mtu = gatt_client->mtu; 246 return ERROR_CODE_SUCCESS; 247 } 248 *mtu = ATT_DEFAULT_MTU; 249 return GATT_CLIENT_IN_WRONG_STATE; 250 } 251 252 static uint8_t *gatt_client_reserve_request_buffer(gatt_client_t *gatt_client) { 253 l2cap_reserve_packet_buffer(); 254 return l2cap_get_outgoing_buffer(); 255 } 256 257 // precondition: can_send_packet_now == TRUE 258 static uint8_t gatt_client_send(gatt_client_t * gatt_client, uint16_t len){ 259 #ifdef ENABLE_GATT_OVER_CLASSIC 260 if (gatt_client->l2cap_psm){ 261 return l2cap_send_prepared(gatt_client->l2cap_cid, len); 262 } 263 #endif 264 return l2cap_send_prepared_connectionless(gatt_client->con_handle, L2CAP_CID_ATTRIBUTE_PROTOCOL, len); 265 } 266 267 // precondition: can_send_packet_now == TRUE 268 static uint8_t att_confirmation(gatt_client_t * gatt_client) { 269 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 270 271 request[0] = ATT_HANDLE_VALUE_CONFIRMATION; 272 273 return gatt_client_send(gatt_client, 1); 274 } 275 276 // precondition: can_send_packet_now == TRUE 277 static uint8_t att_find_information_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t start_handle, 278 uint16_t end_handle) { 279 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 280 281 request[0] = request_type; 282 little_endian_store_16(request, 1, start_handle); 283 little_endian_store_16(request, 3, end_handle); 284 285 return gatt_client_send(gatt_client, 5); 286 } 287 288 // precondition: can_send_packet_now == TRUE 289 static uint8_t 290 att_find_by_type_value_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t attribute_group_type, 291 uint16_t start_handle, uint16_t end_handle, uint8_t *value, uint16_t value_size) { 292 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 293 request[0] = request_type; 294 295 little_endian_store_16(request, 1, start_handle); 296 little_endian_store_16(request, 3, end_handle); 297 little_endian_store_16(request, 5, attribute_group_type); 298 (void)memcpy(&request[7], value, value_size); 299 300 return gatt_client_send(gatt_client, 7u + value_size); 301 } 302 303 // precondition: can_send_packet_now == TRUE 304 static uint8_t 305 att_read_by_type_or_group_request_for_uuid16(gatt_client_t *gatt_client, uint8_t request_type, uint16_t uuid16, 306 uint16_t start_handle, uint16_t end_handle) { 307 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 308 309 request[0] = request_type; 310 little_endian_store_16(request, 1, start_handle); 311 little_endian_store_16(request, 3, end_handle); 312 little_endian_store_16(request, 5, uuid16); 313 314 return gatt_client_send(gatt_client, 7); 315 } 316 317 // precondition: can_send_packet_now == TRUE 318 static uint8_t 319 att_read_by_type_or_group_request_for_uuid128(gatt_client_t *gatt_client, uint8_t request_type, const uint8_t *uuid128, 320 uint16_t start_handle, uint16_t end_handle) { 321 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 322 323 request[0] = request_type; 324 little_endian_store_16(request, 1, start_handle); 325 little_endian_store_16(request, 3, end_handle); 326 reverse_128(uuid128, &request[5]); 327 328 return gatt_client_send(gatt_client, 21); 329 } 330 331 // precondition: can_send_packet_now == TRUE 332 static uint8_t att_read_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t attribute_handle) { 333 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 334 335 request[0] = request_type; 336 little_endian_store_16(request, 1, attribute_handle); 337 338 return gatt_client_send(gatt_client, 3); 339 } 340 341 // precondition: can_send_packet_now == TRUE 342 static uint8_t att_read_blob_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t attribute_handle, 343 uint16_t value_offset) { 344 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 345 346 request[0] = request_type; 347 little_endian_store_16(request, 1, attribute_handle); 348 little_endian_store_16(request, 3, value_offset); 349 350 return gatt_client_send(gatt_client, 5); 351 } 352 353 static uint8_t 354 att_read_multiple_request(gatt_client_t *gatt_client, uint16_t num_value_handles, uint16_t *value_handles) { 355 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 356 357 request[0] = ATT_READ_MULTIPLE_REQUEST; 358 uint16_t i; 359 uint16_t offset = 1; 360 for (i=0;i<num_value_handles;i++){ 361 little_endian_store_16(request, offset, value_handles[i]); 362 offset += 2; 363 } 364 365 return gatt_client_send(gatt_client, offset); 366 } 367 368 #ifdef ENABLE_LE_SIGNED_WRITE 369 // precondition: can_send_packet_now == TRUE 370 static uint8_t att_signed_write_request(gatt_client_t *gatt_client, uint16_t request_type, uint16_t attribute_handle, 371 uint16_t value_length, uint8_t *value, uint32_t sign_counter, uint8_t sgn[8]) { 372 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 373 374 request[0] = request_type; 375 little_endian_store_16(request, 1, attribute_handle); 376 (void)memcpy(&request[3], value, value_length); 377 little_endian_store_32(request, 3 + value_length, sign_counter); 378 reverse_64(sgn, &request[3 + value_length + 4]); 379 380 return gatt_client_send(gatt_client, 3 + value_length + 12); 381 } 382 #endif 383 384 // precondition: can_send_packet_now == TRUE 385 static uint8_t 386 att_write_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t attribute_handle, uint16_t value_length, 387 uint8_t *value) { 388 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 389 390 request[0] = request_type; 391 little_endian_store_16(request, 1, attribute_handle); 392 (void)memcpy(&request[3], value, value_length); 393 394 return gatt_client_send(gatt_client, 3u + value_length); 395 } 396 397 // precondition: can_send_packet_now == TRUE 398 static uint8_t att_execute_write_request(gatt_client_t *gatt_client, uint8_t request_type, uint8_t execute_write) { 399 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 400 401 request[0] = request_type; 402 request[1] = execute_write; 403 404 return gatt_client_send(gatt_client, 2); 405 } 406 407 // precondition: can_send_packet_now == TRUE 408 static uint8_t att_prepare_write_request(gatt_client_t *gatt_client, uint8_t request_type, uint16_t attribute_handle, 409 uint16_t value_offset, uint16_t blob_length, uint8_t *value) { 410 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 411 412 request[0] = request_type; 413 little_endian_store_16(request, 1, attribute_handle); 414 little_endian_store_16(request, 3, value_offset); 415 (void)memcpy(&request[5], &value[value_offset], blob_length); 416 417 return gatt_client_send(gatt_client, 5u + blob_length); 418 } 419 420 static uint8_t att_exchange_mtu_request(gatt_client_t *gatt_client) { 421 uint8_t *request = gatt_client_reserve_request_buffer(gatt_client); 422 423 request[0] = ATT_EXCHANGE_MTU_REQUEST; 424 uint16_t mtu = l2cap_max_le_mtu(); 425 little_endian_store_16(request, 1, mtu); 426 427 return gatt_client_send(gatt_client, 3); 428 } 429 430 static uint16_t write_blob_length(gatt_client_t * gatt_client){ 431 uint16_t max_blob_length = gatt_client->mtu - 5u; 432 if (gatt_client->attribute_offset >= gatt_client->attribute_length) { 433 return 0; 434 } 435 uint16_t rest_length = gatt_client->attribute_length - gatt_client->attribute_offset; 436 if (max_blob_length > rest_length){ 437 return rest_length; 438 } 439 return max_blob_length; 440 } 441 442 static void send_gatt_services_request(gatt_client_t *gatt_client){ 443 att_read_by_type_or_group_request_for_uuid16(gatt_client, ATT_READ_BY_GROUP_TYPE_REQUEST, 444 gatt_client->uuid16, gatt_client->start_group_handle, 445 gatt_client->end_group_handle); 446 } 447 448 static void send_gatt_by_uuid_request(gatt_client_t *gatt_client, uint16_t attribute_group_type){ 449 if (gatt_client->uuid16){ 450 uint8_t uuid16[2]; 451 little_endian_store_16(uuid16, 0, gatt_client->uuid16); 452 att_find_by_type_value_request(gatt_client, ATT_FIND_BY_TYPE_VALUE_REQUEST, attribute_group_type, 453 gatt_client->start_group_handle, gatt_client->end_group_handle, uuid16, 2); 454 return; 455 } 456 uint8_t uuid128[16]; 457 reverse_128(gatt_client->uuid128, uuid128); 458 att_find_by_type_value_request(gatt_client, ATT_FIND_BY_TYPE_VALUE_REQUEST, attribute_group_type, 459 gatt_client->start_group_handle, gatt_client->end_group_handle, uuid128, 16); 460 } 461 462 static void send_gatt_services_by_uuid_request(gatt_client_t *gatt_client){ 463 send_gatt_by_uuid_request(gatt_client, GATT_PRIMARY_SERVICE_UUID); 464 } 465 466 static void send_gatt_included_service_uuid_request(gatt_client_t *gatt_client){ 467 att_read_request(gatt_client, ATT_READ_REQUEST, gatt_client->query_start_handle); 468 } 469 470 static void send_gatt_included_service_request(gatt_client_t *gatt_client){ 471 att_read_by_type_or_group_request_for_uuid16(gatt_client, ATT_READ_BY_TYPE_REQUEST, 472 GATT_INCLUDE_SERVICE_UUID, gatt_client->start_group_handle, 473 gatt_client->end_group_handle); 474 } 475 476 static void send_gatt_characteristic_request(gatt_client_t *gatt_client){ 477 att_read_by_type_or_group_request_for_uuid16(gatt_client, ATT_READ_BY_TYPE_REQUEST, 478 GATT_CHARACTERISTICS_UUID, gatt_client->start_group_handle, 479 gatt_client->end_group_handle); 480 } 481 482 static void send_gatt_characteristic_descriptor_request(gatt_client_t *gatt_client){ 483 att_find_information_request(gatt_client, ATT_FIND_INFORMATION_REQUEST, gatt_client->start_group_handle, 484 gatt_client->end_group_handle); 485 } 486 487 static void send_gatt_read_characteristic_value_request(gatt_client_t *gatt_client){ 488 att_read_request(gatt_client, ATT_READ_REQUEST, gatt_client->attribute_handle); 489 } 490 491 static void send_gatt_read_by_type_request(gatt_client_t * gatt_client){ 492 if (gatt_client->uuid16){ 493 att_read_by_type_or_group_request_for_uuid16(gatt_client, ATT_READ_BY_TYPE_REQUEST, 494 gatt_client->uuid16, gatt_client->start_group_handle, 495 gatt_client->end_group_handle); 496 } else { 497 att_read_by_type_or_group_request_for_uuid128(gatt_client, ATT_READ_BY_TYPE_REQUEST, 498 gatt_client->uuid128, gatt_client->start_group_handle, 499 gatt_client->end_group_handle); 500 } 501 } 502 503 static void send_gatt_read_blob_request(gatt_client_t *gatt_client){ 504 if (gatt_client->attribute_offset == 0){ 505 att_read_request(gatt_client, ATT_READ_REQUEST, gatt_client->attribute_handle); 506 } else { 507 att_read_blob_request(gatt_client, ATT_READ_BLOB_REQUEST, gatt_client->attribute_handle, 508 gatt_client->attribute_offset); 509 } 510 } 511 512 static void send_gatt_read_multiple_request(gatt_client_t * gatt_client){ 513 att_read_multiple_request(gatt_client, gatt_client->read_multiple_handle_count, gatt_client->read_multiple_handles); 514 } 515 516 static void send_gatt_write_attribute_value_request(gatt_client_t * gatt_client){ 517 att_write_request(gatt_client, ATT_WRITE_REQUEST, gatt_client->attribute_handle, gatt_client->attribute_length, 518 gatt_client->attribute_value); 519 } 520 521 static void send_gatt_write_client_characteristic_configuration_request(gatt_client_t * gatt_client){ 522 att_write_request(gatt_client, ATT_WRITE_REQUEST, gatt_client->client_characteristic_configuration_handle, 2, 523 gatt_client->client_characteristic_configuration_value); 524 } 525 526 static void send_gatt_prepare_write_request(gatt_client_t * gatt_client){ 527 att_prepare_write_request(gatt_client, ATT_PREPARE_WRITE_REQUEST, gatt_client->attribute_handle, 528 gatt_client->attribute_offset, write_blob_length(gatt_client), 529 gatt_client->attribute_value); 530 } 531 532 static void send_gatt_execute_write_request(gatt_client_t * gatt_client){ 533 att_execute_write_request(gatt_client, ATT_EXECUTE_WRITE_REQUEST, 1); 534 } 535 536 static void send_gatt_cancel_prepared_write_request(gatt_client_t * gatt_client){ 537 att_execute_write_request(gatt_client, ATT_EXECUTE_WRITE_REQUEST, 0); 538 } 539 540 #ifndef ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY 541 static void send_gatt_read_client_characteristic_configuration_request(gatt_client_t * gatt_client){ 542 att_read_by_type_or_group_request_for_uuid16(gatt_client, ATT_READ_BY_TYPE_REQUEST, 543 GATT_CLIENT_CHARACTERISTICS_CONFIGURATION, 544 gatt_client->start_group_handle, gatt_client->end_group_handle); 545 } 546 #endif 547 548 static void send_gatt_read_characteristic_descriptor_request(gatt_client_t * gatt_client){ 549 att_read_request(gatt_client, ATT_READ_REQUEST, gatt_client->attribute_handle); 550 } 551 552 #ifdef ENABLE_LE_SIGNED_WRITE 553 static void send_gatt_signed_write_request(gatt_client_t * gatt_client, uint32_t sign_counter){ 554 att_signed_write_request(gatt_client, ATT_SIGNED_WRITE_COMMAND, gatt_client->attribute_handle, 555 gatt_client->attribute_length, gatt_client->attribute_value, sign_counter, 556 gatt_client->cmac); 557 } 558 #endif 559 560 static uint16_t get_last_result_handle_from_service_list(uint8_t * packet, uint16_t size){ 561 if (size < 2) return 0xffff; 562 uint8_t attr_length = packet[1]; 563 if ((2 + attr_length) > size) return 0xffff; 564 return little_endian_read_16(packet, size - attr_length + 2u); 565 } 566 567 static uint16_t get_last_result_handle_from_characteristics_list(uint8_t * packet, uint16_t size){ 568 if (size < 2) return 0xffff; 569 uint8_t attr_length = packet[1]; 570 if ((2 + attr_length) > size) return 0xffff; 571 return little_endian_read_16(packet, size - attr_length + 3u); 572 } 573 574 static uint16_t get_last_result_handle_from_included_services_list(uint8_t * packet, uint16_t size){ 575 if (size < 2) return 0xffff; 576 uint8_t attr_length = packet[1]; 577 if ((2 + attr_length) > size) return 0xffff; 578 return little_endian_read_16(packet, size - attr_length); 579 } 580 581 static void gatt_client_notify_can_send_query(gatt_client_t * gatt_client){ 582 while (gatt_client->gatt_client_state == P_READY){ 583 btstack_context_callback_registration_t * callback = (btstack_context_callback_registration_t *) btstack_linked_list_pop(&gatt_client->query_requests); 584 if (callback == NULL) { 585 return; 586 } 587 (*callback->callback)(callback->context); 588 } 589 } 590 591 static void gatt_client_handle_transaction_complete(gatt_client_t * gatt_client){ 592 gatt_client->gatt_client_state = P_READY; 593 gatt_client_timeout_stop(gatt_client); 594 gatt_client_notify_can_send_query(gatt_client); 595 } 596 597 static void emit_event_new(btstack_packet_handler_t callback, uint8_t * packet, uint16_t size){ 598 if (!callback) return; 599 hci_dump_packet(HCI_EVENT_PACKET, 1, packet, size); 600 (*callback)(HCI_EVENT_PACKET, 0, packet, size); 601 } 602 603 void gatt_client_listen_for_characteristic_value_updates(gatt_client_notification_t * notification, btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_t * characteristic){ 604 notification->callback = callback; 605 notification->con_handle = con_handle; 606 if (characteristic == NULL){ 607 notification->attribute_handle = GATT_CLIENT_ANY_VALUE_HANDLE; 608 } else { 609 notification->attribute_handle = characteristic->value_handle; 610 } 611 btstack_linked_list_add(&gatt_client_value_listeners, (btstack_linked_item_t*) notification); 612 } 613 614 void gatt_client_stop_listening_for_characteristic_value_updates(gatt_client_notification_t * notification){ 615 btstack_linked_list_remove(&gatt_client_value_listeners, (btstack_linked_item_t*) notification); 616 } 617 618 static void emit_event_to_registered_listeners(hci_con_handle_t con_handle, uint16_t attribute_handle, uint8_t * packet, uint16_t size){ 619 btstack_linked_list_iterator_t it; 620 btstack_linked_list_iterator_init(&it, &gatt_client_value_listeners); 621 while (btstack_linked_list_iterator_has_next(&it)){ 622 gatt_client_notification_t * notification = (gatt_client_notification_t*) btstack_linked_list_iterator_next(&it); 623 if ((notification->con_handle != GATT_CLIENT_ANY_CONNECTION) && (notification->con_handle != con_handle)) continue; 624 if ((notification->attribute_handle != GATT_CLIENT_ANY_VALUE_HANDLE) && (notification->attribute_handle != attribute_handle)) continue; 625 (*notification->callback)(HCI_EVENT_PACKET, 0, packet, size); 626 } 627 } 628 629 static void emit_gatt_complete_event(gatt_client_t * gatt_client, uint8_t att_status){ 630 // @format H1 631 uint8_t packet[5]; 632 packet[0] = GATT_EVENT_QUERY_COMPLETE; 633 packet[1] = 3; 634 little_endian_store_16(packet, 2, gatt_client->con_handle); 635 packet[4] = att_status; 636 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 637 } 638 639 static void emit_gatt_service_query_result_event(gatt_client_t * gatt_client, uint16_t start_group_handle, uint16_t end_group_handle, const uint8_t * uuid128){ 640 // @format HX 641 uint8_t packet[24]; 642 packet[0] = GATT_EVENT_SERVICE_QUERY_RESULT; 643 packet[1] = sizeof(packet) - 2u; 644 little_endian_store_16(packet, 2, gatt_client->con_handle); 645 /// 646 little_endian_store_16(packet, 4, start_group_handle); 647 little_endian_store_16(packet, 6, end_group_handle); 648 reverse_128(uuid128, &packet[8]); 649 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 650 } 651 652 static void emit_gatt_included_service_query_result_event(gatt_client_t * gatt_client, uint16_t include_handle, uint16_t start_group_handle, uint16_t end_group_handle, const uint8_t * uuid128){ 653 // @format HX 654 uint8_t packet[26]; 655 packet[0] = GATT_EVENT_INCLUDED_SERVICE_QUERY_RESULT; 656 packet[1] = sizeof(packet) - 2u; 657 little_endian_store_16(packet, 2, gatt_client->con_handle); 658 /// 659 little_endian_store_16(packet, 4, include_handle); 660 // 661 little_endian_store_16(packet, 6, start_group_handle); 662 little_endian_store_16(packet, 8, end_group_handle); 663 reverse_128(uuid128, &packet[10]); 664 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 665 } 666 667 static void emit_gatt_characteristic_query_result_event(gatt_client_t * gatt_client, uint16_t start_handle, uint16_t value_handle, uint16_t end_handle, 668 uint16_t properties, const uint8_t * uuid128){ 669 // @format HY 670 uint8_t packet[28]; 671 packet[0] = GATT_EVENT_CHARACTERISTIC_QUERY_RESULT; 672 packet[1] = sizeof(packet) - 2u; 673 little_endian_store_16(packet, 2, gatt_client->con_handle); 674 /// 675 little_endian_store_16(packet, 4, start_handle); 676 little_endian_store_16(packet, 6, value_handle); 677 little_endian_store_16(packet, 8, end_handle); 678 little_endian_store_16(packet, 10, properties); 679 reverse_128(uuid128, &packet[12]); 680 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 681 } 682 683 static void emit_gatt_all_characteristic_descriptors_result_event( 684 gatt_client_t * gatt_client, uint16_t descriptor_handle, const uint8_t * uuid128){ 685 // @format HZ 686 uint8_t packet[22]; 687 packet[0] = GATT_EVENT_ALL_CHARACTERISTIC_DESCRIPTORS_QUERY_RESULT; 688 packet[1] = sizeof(packet) - 2u; 689 little_endian_store_16(packet, 2, gatt_client->con_handle); 690 /// 691 little_endian_store_16(packet, 4, descriptor_handle); 692 reverse_128(uuid128, &packet[6]); 693 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 694 } 695 696 static void emit_gatt_mtu_exchanged_result_event(gatt_client_t * gatt_client, uint16_t new_mtu){ 697 // @format H2 698 uint8_t packet[6]; 699 packet[0] = GATT_EVENT_MTU; 700 packet[1] = sizeof(packet) - 2u; 701 little_endian_store_16(packet, 2, gatt_client->con_handle); 702 little_endian_store_16(packet, 4, new_mtu); 703 att_dispatch_client_mtu_exchanged(gatt_client->con_handle, new_mtu); 704 emit_event_new(gatt_client->callback, packet, sizeof(packet)); 705 } 706 /// 707 static void report_gatt_services(gatt_client_t * gatt_client, uint8_t * packet, uint16_t size){ 708 if (size < 2) return; 709 uint8_t attr_length = packet[1]; 710 uint8_t uuid_length = attr_length - 4u; 711 712 int i; 713 for (i = 2; (i+attr_length) <= size; i += attr_length){ 714 uint16_t start_group_handle = little_endian_read_16(packet,i); 715 uint16_t end_group_handle = little_endian_read_16(packet,i+2); 716 uint8_t uuid128[16]; 717 uint16_t uuid16 = 0; 718 719 if (uuid_length == 2u){ 720 uuid16 = little_endian_read_16(packet, i+4); 721 uuid_add_bluetooth_prefix((uint8_t*) &uuid128, uuid16); 722 } else if (uuid_length == 16u) { 723 reverse_128(&packet[i+4], uuid128); 724 } else { 725 return; 726 } 727 emit_gatt_service_query_result_event(gatt_client, start_group_handle, end_group_handle, uuid128); 728 } 729 } 730 731 // helper 732 static void characteristic_start_found(gatt_client_t * gatt_client, uint16_t start_handle, uint8_t properties, uint16_t value_handle, uint8_t * uuid, uint16_t uuid_length){ 733 uint8_t uuid128[16]; 734 uint16_t uuid16 = 0; 735 if (uuid_length == 2u){ 736 uuid16 = little_endian_read_16(uuid, 0); 737 uuid_add_bluetooth_prefix((uint8_t*) uuid128, uuid16); 738 } else if (uuid_length == 16u){ 739 reverse_128(uuid, uuid128); 740 } else { 741 return; 742 } 743 744 if (gatt_client->filter_with_uuid && (memcmp(gatt_client->uuid128, uuid128, 16) != 0)) return; 745 746 gatt_client->characteristic_properties = properties; 747 gatt_client->characteristic_start_handle = start_handle; 748 gatt_client->attribute_handle = value_handle; 749 750 if (gatt_client->filter_with_uuid) return; 751 752 gatt_client->uuid16 = uuid16; 753 (void)memcpy(gatt_client->uuid128, uuid128, 16); 754 } 755 756 static void characteristic_end_found(gatt_client_t * gatt_client, uint16_t end_handle){ 757 // TODO: stop searching if filter and uuid found 758 759 if (!gatt_client->characteristic_start_handle) return; 760 761 emit_gatt_characteristic_query_result_event(gatt_client, gatt_client->characteristic_start_handle, gatt_client->attribute_handle, 762 end_handle, gatt_client->characteristic_properties, gatt_client->uuid128); 763 764 gatt_client->characteristic_start_handle = 0; 765 } 766 767 static void report_gatt_characteristics(gatt_client_t * gatt_client, uint8_t * packet, uint16_t size){ 768 if (size < 2u) return; 769 uint8_t attr_length = packet[1]; 770 if ((attr_length != 7u) && (attr_length != 21u)) return; 771 uint8_t uuid_length = attr_length - 5u; 772 int i; 773 for (i = 2u; (i + attr_length) <= size; i += attr_length){ 774 uint16_t start_handle = little_endian_read_16(packet, i); 775 uint8_t properties = packet[i+2]; 776 uint16_t value_handle = little_endian_read_16(packet, i+3); 777 characteristic_end_found(gatt_client, start_handle - 1u); 778 characteristic_start_found(gatt_client, start_handle, properties, value_handle, &packet[i + 5], uuid_length); 779 } 780 } 781 782 static void report_gatt_included_service_uuid16(gatt_client_t * gatt_client, uint16_t include_handle, uint16_t uuid16){ 783 uint8_t normalized_uuid128[16]; 784 uuid_add_bluetooth_prefix(normalized_uuid128, uuid16); 785 emit_gatt_included_service_query_result_event(gatt_client, include_handle, gatt_client->query_start_handle, 786 gatt_client->query_end_handle, normalized_uuid128); 787 } 788 789 static void report_gatt_included_service_uuid128(gatt_client_t * gatt_client, uint16_t include_handle, const uint8_t * uuid128){ 790 emit_gatt_included_service_query_result_event(gatt_client, include_handle, gatt_client->query_start_handle, 791 gatt_client->query_end_handle, uuid128); 792 } 793 794 // @return packet pointer 795 // @note assume that value is part of an l2cap buffer - overwrite HCI + L2CAP packet headers 796 static const int characteristic_value_event_header_size = 8; 797 static uint8_t * setup_characteristic_value_packet(uint8_t type, hci_con_handle_t con_handle, uint16_t attribute_handle, uint8_t * value, uint16_t length){ 798 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 799 // copy value into test packet for testing 800 static uint8_t packet[1000]; 801 memcpy(&packet[8], value, length); 802 #else 803 // before the value inside the ATT PDU 804 uint8_t * packet = value - characteristic_value_event_header_size; 805 #endif 806 packet[0] = type; 807 packet[1] = characteristic_value_event_header_size - 2 + length; 808 little_endian_store_16(packet, 2, con_handle); 809 little_endian_store_16(packet, 4, attribute_handle); 810 little_endian_store_16(packet, 6, length); 811 return packet; 812 } 813 814 // @return packet pointer 815 // @note assume that value is part of an l2cap buffer - overwrite parts of the HCI/L2CAP/ATT packet (4/4/3) bytes 816 static const int long_characteristic_value_event_header_size = 10; 817 static uint8_t * setup_long_characteristic_value_packet(uint8_t type, hci_con_handle_t con_handle, uint16_t attribute_handle, uint16_t offset, uint8_t * value, uint16_t length){ 818 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 819 // avoid using pre ATT headers. 820 return NULL; 821 #endif 822 #if defined(HCI_INCOMING_PRE_BUFFER_SIZE) && (HCI_INCOMING_PRE_BUFFER_SIZE >= 10 - 8) // L2CAP Header (4) - ACL Header (4) 823 // before the value inside the ATT PDU 824 uint8_t * packet = value - long_characteristic_value_event_header_size; 825 packet[0] = type; 826 packet[1] = long_characteristic_value_event_header_size - 2 + length; 827 little_endian_store_16(packet, 2, con_handle); 828 little_endian_store_16(packet, 4, attribute_handle); 829 little_endian_store_16(packet, 6, offset); 830 little_endian_store_16(packet, 8, length); 831 return packet; 832 #else 833 log_error("HCI_INCOMING_PRE_BUFFER_SIZE >= 2 required for long characteristic reads"); 834 return NULL; 835 #endif 836 } 837 838 // test if notification/indication should be delivered to application (BLESA) 839 static bool gatt_client_accept_server_message(gatt_client_t *gatt_client) { 840 #ifdef ENABLE_LE_PROACTIVE_AUTHENTICATION 841 // ignore messages until re-encryption is complete 842 if (gap_reconnect_security_setup_active(gatt_client->con_handle)) return false; 843 844 // after that ignore if bonded but not encrypted 845 return !gap_bonded(gatt_client->con_handle) || (gap_encryption_key_size(gatt_client->con_handle) > 0); 846 #else 847 UNUSED(gatt_client); 848 return true; 849 #endif 850 } 851 852 853 // @note assume that value is part of an l2cap buffer - overwrite parts of the HCI/L2CAP/ATT packet (4/4/3) bytes 854 static void report_gatt_notification(gatt_client_t *gatt_client, uint16_t value_handle, uint8_t *value, int length) { 855 if (!gatt_client_accept_server_message(gatt_client)) return; 856 uint8_t * packet = setup_characteristic_value_packet(GATT_EVENT_NOTIFICATION, gatt_client->con_handle, value_handle, value, length); 857 emit_event_to_registered_listeners(gatt_client->con_handle, value_handle, packet, characteristic_value_event_header_size + length); 858 } 859 860 // @note assume that value is part of an l2cap buffer - overwrite parts of the HCI/L2CAP/ATT packet (4/4/3) bytes 861 static void report_gatt_indication(gatt_client_t *gatt_client, uint16_t value_handle, uint8_t *value, int length) { 862 if (!gatt_client_accept_server_message(gatt_client)) return; 863 uint8_t * packet = setup_characteristic_value_packet(GATT_EVENT_INDICATION, gatt_client->con_handle, value_handle, value, length); 864 emit_event_to_registered_listeners(gatt_client->con_handle, value_handle, packet, characteristic_value_event_header_size + length); 865 } 866 867 // @note assume that value is part of an l2cap buffer - overwrite parts of the HCI/L2CAP/ATT packet (4/4/3) bytes 868 static void report_gatt_characteristic_value(gatt_client_t * gatt_client, uint16_t attribute_handle, uint8_t * value, uint16_t length){ 869 uint8_t * packet = setup_characteristic_value_packet(GATT_EVENT_CHARACTERISTIC_VALUE_QUERY_RESULT, gatt_client->con_handle, attribute_handle, value, length); 870 emit_event_new(gatt_client->callback, packet, characteristic_value_event_header_size + length); 871 } 872 873 // @note assume that value is part of an l2cap buffer - overwrite parts of the HCI/L2CAP/ATT packet (4/4/3) bytes 874 static void report_gatt_long_characteristic_value_blob(gatt_client_t * gatt_client, uint16_t attribute_handle, uint8_t * blob, uint16_t blob_length, int value_offset){ 875 uint8_t * packet = setup_long_characteristic_value_packet(GATT_EVENT_LONG_CHARACTERISTIC_VALUE_QUERY_RESULT, gatt_client->con_handle, attribute_handle, value_offset, blob, blob_length); 876 if (!packet) return; 877 emit_event_new(gatt_client->callback, packet, blob_length + long_characteristic_value_event_header_size); 878 } 879 880 static void report_gatt_characteristic_descriptor(gatt_client_t * gatt_client, uint16_t descriptor_handle, uint8_t *value, uint16_t value_length, uint16_t value_offset){ 881 UNUSED(value_offset); 882 uint8_t * packet = setup_characteristic_value_packet(GATT_EVENT_CHARACTERISTIC_DESCRIPTOR_QUERY_RESULT, gatt_client->con_handle, descriptor_handle, value, value_length); 883 emit_event_new(gatt_client->callback, packet, value_length + 8u); 884 } 885 886 static void report_gatt_long_characteristic_descriptor(gatt_client_t * gatt_client, uint16_t descriptor_handle, uint8_t *blob, uint16_t blob_length, uint16_t value_offset){ 887 uint8_t * packet = setup_long_characteristic_value_packet(GATT_EVENT_LONG_CHARACTERISTIC_DESCRIPTOR_QUERY_RESULT, gatt_client->con_handle, descriptor_handle, value_offset, blob, blob_length); 888 if (!packet) return; 889 emit_event_new(gatt_client->callback, packet, blob_length + long_characteristic_value_event_header_size); 890 } 891 892 static void report_gatt_all_characteristic_descriptors(gatt_client_t * gatt_client, uint8_t * packet, uint16_t size, uint16_t pair_size){ 893 int i; 894 for (i = 0u; (i + pair_size) <= size; i += pair_size){ 895 uint16_t descriptor_handle = little_endian_read_16(packet,i); 896 uint8_t uuid128[16]; 897 uint16_t uuid16 = 0; 898 if (pair_size == 4u){ 899 uuid16 = little_endian_read_16(packet,i+2); 900 uuid_add_bluetooth_prefix(uuid128, uuid16); 901 } else { 902 reverse_128(&packet[i+2], uuid128); 903 } 904 emit_gatt_all_characteristic_descriptors_result_event(gatt_client, descriptor_handle, uuid128); 905 } 906 907 } 908 909 static int is_query_done(gatt_client_t * gatt_client, uint16_t last_result_handle){ 910 return last_result_handle >= gatt_client->end_group_handle; 911 } 912 913 static void trigger_next_query(gatt_client_t * gatt_client, uint16_t last_result_handle, gatt_client_state_t next_query_state){ 914 if (is_query_done(gatt_client, last_result_handle)){ 915 gatt_client_handle_transaction_complete(gatt_client); 916 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 917 return; 918 } 919 // next 920 gatt_client->start_group_handle = last_result_handle + 1u; 921 gatt_client->gatt_client_state = next_query_state; 922 } 923 924 static void trigger_next_included_service_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 925 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_INCLUDED_SERVICE_QUERY); 926 } 927 928 static void trigger_next_service_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 929 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_SERVICE_QUERY); 930 } 931 932 static void trigger_next_service_by_uuid_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 933 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_SERVICE_WITH_UUID_QUERY); 934 } 935 936 static void trigger_next_characteristic_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 937 if (is_query_done(gatt_client, last_result_handle)){ 938 // report last characteristic 939 characteristic_end_found(gatt_client, gatt_client->end_group_handle); 940 } 941 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_ALL_CHARACTERISTICS_OF_SERVICE_QUERY); 942 } 943 944 static void trigger_next_characteristic_descriptor_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 945 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_ALL_CHARACTERISTIC_DESCRIPTORS_QUERY); 946 } 947 948 static void trigger_next_read_by_type_query(gatt_client_t * gatt_client, uint16_t last_result_handle){ 949 trigger_next_query(gatt_client, last_result_handle, P_W2_SEND_READ_BY_TYPE_REQUEST); 950 } 951 952 static void trigger_next_prepare_write_query(gatt_client_t * gatt_client, gatt_client_state_t next_query_state, gatt_client_state_t done_state){ 953 gatt_client->attribute_offset += write_blob_length(gatt_client); 954 uint16_t next_blob_length = write_blob_length(gatt_client); 955 956 if (next_blob_length == 0u){ 957 gatt_client->gatt_client_state = done_state; 958 return; 959 } 960 gatt_client->gatt_client_state = next_query_state; 961 } 962 963 static void trigger_next_blob_query(gatt_client_t * gatt_client, gatt_client_state_t next_query_state, uint16_t received_blob_length){ 964 965 uint16_t max_blob_length = gatt_client->mtu - 1u; 966 if (received_blob_length < max_blob_length){ 967 gatt_client_handle_transaction_complete(gatt_client); 968 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 969 return; 970 } 971 972 gatt_client->attribute_offset += received_blob_length; 973 gatt_client->gatt_client_state = next_query_state; 974 } 975 976 977 static int is_value_valid(gatt_client_t *gatt_client, uint8_t *packet, uint16_t size){ 978 uint16_t attribute_handle = little_endian_read_16(packet, 1); 979 uint16_t value_offset = little_endian_read_16(packet, 3); 980 981 if (gatt_client->attribute_handle != attribute_handle) return 0; 982 if (gatt_client->attribute_offset != value_offset) return 0; 983 return memcmp(&gatt_client->attribute_value[gatt_client->attribute_offset], &packet[5], size - 5u) == 0u; 984 } 985 986 #ifdef ENABLE_LE_SIGNED_WRITE 987 static void gatt_client_run_for_client_start_signed_write(gatt_client_t *gatt_client) { 988 sm_key_t csrk; 989 le_device_db_local_csrk_get(gatt_client->le_device_index, csrk); 990 uint32_t sign_counter = le_device_db_local_counter_get(gatt_client->le_device_index); 991 gatt_client->gatt_client_state = P_W4_CMAC_RESULT; 992 sm_cmac_signed_write_start(csrk, ATT_SIGNED_WRITE_COMMAND, gatt_client->attribute_handle, gatt_client->attribute_length, gatt_client->attribute_value, sign_counter, att_signed_write_handle_cmac_result); 993 } 994 #endif 995 996 // returns true if packet was sent 997 static bool gatt_client_run_for_gatt_client(gatt_client_t * gatt_client){ 998 999 // wait until re-encryption is complete 1000 if (gap_reconnect_security_setup_active(gatt_client->con_handle)) return false; 1001 1002 // wait until re-encryption is complete 1003 if (gatt_client->reencryption_active) return false; 1004 1005 // wait until pairing complete (either reactive authentication or due to required security level) 1006 if (gatt_client->wait_for_authentication_complete) return false; 1007 1008 bool client_request_pending = gatt_client->gatt_client_state != P_READY; 1009 1010 // verify security level for Mandatory Authentication over LE 1011 bool check_security = true; 1012 #ifdef ENABLE_GATT_OVER_CLASSIC 1013 if (gatt_client->l2cap_psm != 0){ 1014 check_security = false; 1015 } 1016 #endif 1017 if (client_request_pending && (gatt_client_required_security_level > gatt_client->security_level) && check_security){ 1018 log_info("Trigger pairing, current security level %u, required %u\n", gatt_client->security_level, gatt_client_required_security_level); 1019 gatt_client->wait_for_authentication_complete = 1; 1020 // set att error code for pairing failure based on required level 1021 switch (gatt_client_required_security_level){ 1022 case LEVEL_4: 1023 case LEVEL_3: 1024 gatt_client->pending_error_code = ATT_ERROR_INSUFFICIENT_AUTHENTICATION; 1025 break; 1026 default: 1027 gatt_client->pending_error_code = ATT_ERROR_INSUFFICIENT_ENCRYPTION; 1028 break; 1029 } 1030 sm_request_pairing(gatt_client->con_handle); 1031 // sm probably just sent a pdu 1032 return true; 1033 } 1034 1035 switch (gatt_client->mtu_state) { 1036 case SEND_MTU_EXCHANGE: 1037 gatt_client->mtu_state = SENT_MTU_EXCHANGE; 1038 att_exchange_mtu_request(gatt_client); 1039 return true; 1040 case SENT_MTU_EXCHANGE: 1041 return false; 1042 default: 1043 break; 1044 } 1045 1046 if (gatt_client->send_confirmation){ 1047 gatt_client->send_confirmation = 0; 1048 att_confirmation(gatt_client); 1049 return true; 1050 } 1051 1052 // check MTU for writes 1053 switch (gatt_client->gatt_client_state){ 1054 case P_W2_SEND_WRITE_CHARACTERISTIC_VALUE: 1055 case P_W2_SEND_WRITE_CHARACTERISTIC_DESCRIPTOR: 1056 if (gatt_client->attribute_length <= (gatt_client->mtu - 3u)) break; 1057 log_error("gatt_client_run: value len %u > MTU %u - 3\n", gatt_client->attribute_length,gatt_client->mtu); 1058 gatt_client_handle_transaction_complete(gatt_client); 1059 emit_gatt_complete_event(gatt_client, ATT_ERROR_INVALID_ATTRIBUTE_VALUE_LENGTH); 1060 return false; 1061 default: 1062 break; 1063 } 1064 1065 bool packet_sent = true; 1066 bool done = true; 1067 switch (gatt_client->gatt_client_state){ 1068 case P_W2_SEND_SERVICE_QUERY: 1069 gatt_client->gatt_client_state = P_W4_SERVICE_QUERY_RESULT; 1070 send_gatt_services_request(gatt_client); 1071 break; 1072 1073 case P_W2_SEND_SERVICE_WITH_UUID_QUERY: 1074 gatt_client->gatt_client_state = P_W4_SERVICE_WITH_UUID_RESULT; 1075 send_gatt_services_by_uuid_request(gatt_client); 1076 break; 1077 1078 case P_W2_SEND_ALL_CHARACTERISTICS_OF_SERVICE_QUERY: 1079 gatt_client->gatt_client_state = P_W4_ALL_CHARACTERISTICS_OF_SERVICE_QUERY_RESULT; 1080 send_gatt_characteristic_request(gatt_client); 1081 break; 1082 1083 case P_W2_SEND_CHARACTERISTIC_WITH_UUID_QUERY: 1084 gatt_client->gatt_client_state = P_W4_CHARACTERISTIC_WITH_UUID_QUERY_RESULT; 1085 send_gatt_characteristic_request(gatt_client); 1086 break; 1087 1088 case P_W2_SEND_ALL_CHARACTERISTIC_DESCRIPTORS_QUERY: 1089 gatt_client->gatt_client_state = P_W4_CHARACTERISTIC_WITH_UUID_QUERY_RESULT; 1090 send_gatt_characteristic_descriptor_request(gatt_client); 1091 break; 1092 1093 case P_W2_SEND_INCLUDED_SERVICE_QUERY: 1094 gatt_client->gatt_client_state = P_W4_INCLUDED_SERVICE_QUERY_RESULT; 1095 send_gatt_included_service_request(gatt_client); 1096 break; 1097 1098 case P_W2_SEND_INCLUDED_SERVICE_WITH_UUID_QUERY: 1099 gatt_client->gatt_client_state = P_W4_INCLUDED_SERVICE_UUID_WITH_QUERY_RESULT; 1100 send_gatt_included_service_uuid_request(gatt_client); 1101 break; 1102 1103 case P_W2_SEND_READ_CHARACTERISTIC_VALUE_QUERY: 1104 gatt_client->gatt_client_state = P_W4_READ_CHARACTERISTIC_VALUE_RESULT; 1105 send_gatt_read_characteristic_value_request(gatt_client); 1106 break; 1107 1108 case P_W2_SEND_READ_BLOB_QUERY: 1109 gatt_client->gatt_client_state = P_W4_READ_BLOB_RESULT; 1110 send_gatt_read_blob_request(gatt_client); 1111 break; 1112 1113 case P_W2_SEND_READ_BY_TYPE_REQUEST: 1114 gatt_client->gatt_client_state = P_W4_READ_BY_TYPE_RESPONSE; 1115 send_gatt_read_by_type_request(gatt_client); 1116 break; 1117 1118 case P_W2_SEND_READ_MULTIPLE_REQUEST: 1119 gatt_client->gatt_client_state = P_W4_READ_MULTIPLE_RESPONSE; 1120 send_gatt_read_multiple_request(gatt_client); 1121 break; 1122 1123 case P_W2_SEND_WRITE_CHARACTERISTIC_VALUE: 1124 gatt_client->gatt_client_state = P_W4_WRITE_CHARACTERISTIC_VALUE_RESULT; 1125 send_gatt_write_attribute_value_request(gatt_client); 1126 break; 1127 1128 case P_W2_PREPARE_WRITE: 1129 gatt_client->gatt_client_state = P_W4_PREPARE_WRITE_RESULT; 1130 send_gatt_prepare_write_request(gatt_client); 1131 break; 1132 1133 case P_W2_PREPARE_WRITE_SINGLE: 1134 gatt_client->gatt_client_state = P_W4_PREPARE_WRITE_SINGLE_RESULT; 1135 send_gatt_prepare_write_request(gatt_client); 1136 break; 1137 1138 case P_W2_PREPARE_RELIABLE_WRITE: 1139 gatt_client->gatt_client_state = P_W4_PREPARE_RELIABLE_WRITE_RESULT; 1140 send_gatt_prepare_write_request(gatt_client); 1141 break; 1142 1143 case P_W2_EXECUTE_PREPARED_WRITE: 1144 gatt_client->gatt_client_state = P_W4_EXECUTE_PREPARED_WRITE_RESULT; 1145 send_gatt_execute_write_request(gatt_client); 1146 break; 1147 1148 case P_W2_CANCEL_PREPARED_WRITE: 1149 gatt_client->gatt_client_state = P_W4_CANCEL_PREPARED_WRITE_RESULT; 1150 send_gatt_cancel_prepared_write_request(gatt_client); 1151 break; 1152 1153 case P_W2_CANCEL_PREPARED_WRITE_DATA_MISMATCH: 1154 gatt_client->gatt_client_state = P_W4_CANCEL_PREPARED_WRITE_DATA_MISMATCH_RESULT; 1155 send_gatt_cancel_prepared_write_request(gatt_client); 1156 break; 1157 1158 #ifdef ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY 1159 case P_W2_SEND_FIND_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY: 1160 // use Find Information 1161 gatt_client->gatt_client_state = P_W4_FIND_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY_RESULT; 1162 send_gatt_characteristic_descriptor_request(gatt_client); 1163 #else 1164 case P_W2_SEND_READ_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY: 1165 // Use Read By Type 1166 gatt_client->gatt_client_state = P_W4_READ_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY_RESULT; 1167 send_gatt_read_client_characteristic_configuration_request(gatt_client); 1168 #endif 1169 break; 1170 1171 case P_W2_SEND_READ_CHARACTERISTIC_DESCRIPTOR_QUERY: 1172 gatt_client->gatt_client_state = P_W4_READ_CHARACTERISTIC_DESCRIPTOR_RESULT; 1173 send_gatt_read_characteristic_descriptor_request(gatt_client); 1174 break; 1175 1176 case P_W2_SEND_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_QUERY: 1177 gatt_client->gatt_client_state = P_W4_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_RESULT; 1178 send_gatt_read_blob_request(gatt_client); 1179 break; 1180 1181 case P_W2_SEND_WRITE_CHARACTERISTIC_DESCRIPTOR: 1182 gatt_client->gatt_client_state = P_W4_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT; 1183 send_gatt_write_attribute_value_request(gatt_client); 1184 break; 1185 1186 case P_W2_WRITE_CLIENT_CHARACTERISTIC_CONFIGURATION: 1187 gatt_client->gatt_client_state = P_W4_CLIENT_CHARACTERISTIC_CONFIGURATION_RESULT; 1188 send_gatt_write_client_characteristic_configuration_request(gatt_client); 1189 break; 1190 1191 case P_W2_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR: 1192 gatt_client->gatt_client_state = P_W4_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT; 1193 send_gatt_prepare_write_request(gatt_client); 1194 break; 1195 1196 case P_W2_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR: 1197 gatt_client->gatt_client_state = P_W4_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT; 1198 send_gatt_execute_write_request(gatt_client); 1199 break; 1200 1201 #ifdef ENABLE_LE_SIGNED_WRITE 1202 case P_W4_IDENTITY_RESOLVING: 1203 log_info("P_W4_IDENTITY_RESOLVING - state %x", sm_identity_resolving_state(gatt_client->con_handle)); 1204 switch (sm_identity_resolving_state(gatt_client->con_handle)){ 1205 case IRK_LOOKUP_SUCCEEDED: 1206 gatt_client->le_device_index = sm_le_device_index(gatt_client->con_handle); 1207 gatt_client->gatt_client_state = P_W4_CMAC_READY; 1208 if (sm_cmac_ready()){ 1209 gatt_client_run_for_client_start_signed_write(gatt_client); 1210 } 1211 break; 1212 case IRK_LOOKUP_FAILED: 1213 gatt_client_handle_transaction_complete(gatt_client); 1214 emit_gatt_complete_event(gatt_client, ATT_ERROR_BONDING_INFORMATION_MISSING); 1215 break; 1216 default: 1217 break; 1218 } 1219 packet_sent = false; 1220 break; 1221 1222 case P_W4_CMAC_READY: 1223 if (sm_cmac_ready()){ 1224 gatt_client_run_for_client_start_signed_write(gatt_client); 1225 } 1226 packet_sent = false; 1227 break; 1228 1229 case P_W2_SEND_SIGNED_WRITE: { 1230 gatt_client->gatt_client_state = P_W4_SEND_SINGED_WRITE_DONE; 1231 // bump local signing counter 1232 uint32_t sign_counter = le_device_db_local_counter_get(gatt_client->le_device_index); 1233 le_device_db_local_counter_set(gatt_client->le_device_index, sign_counter + 1); 1234 // send signed write command 1235 send_gatt_signed_write_request(gatt_client, sign_counter); 1236 // finally, notifiy client that write is complete 1237 gatt_client_handle_transaction_complete(gatt_client); 1238 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1239 break; 1240 } 1241 #endif 1242 default: 1243 done = false; 1244 break; 1245 } 1246 1247 if (done){ 1248 return packet_sent; 1249 } 1250 1251 // write without response callback 1252 btstack_context_callback_registration_t * callback = 1253 (btstack_context_callback_registration_t *) btstack_linked_list_pop(&gatt_client->write_without_response_requests); 1254 if (callback != NULL){ 1255 (*callback->callback)(callback->context); 1256 return true; 1257 } 1258 1259 // requested can send now old 1260 if (gatt_client->write_without_response_callback){ 1261 btstack_packet_handler_t packet_handler = gatt_client->write_without_response_callback; 1262 gatt_client->write_without_response_callback = NULL; 1263 uint8_t event[4]; 1264 event[0] = GATT_EVENT_CAN_WRITE_WITHOUT_RESPONSE; 1265 event[1] = sizeof(event) - 2u; 1266 little_endian_store_16(event, 2, gatt_client->con_handle); 1267 packet_handler(HCI_EVENT_PACKET, gatt_client->con_handle, event, sizeof(event)); 1268 return true; // to trigger requeueing (even if higher layer didn't sent) 1269 } 1270 1271 return false; 1272 } 1273 1274 static void gatt_client_run(void){ 1275 btstack_linked_item_t *it; 1276 for (it = (btstack_linked_item_t *) gatt_client_connections; it != NULL; it = it->next){ 1277 gatt_client_t * gatt_client = (gatt_client_t *) it; 1278 #ifdef ENABLE_GATT_OVER_CLASSIC 1279 if (gatt_client->con_handle == HCI_CON_HANDLE_INVALID) { 1280 continue; 1281 } 1282 1283 // handle GATT over BR/EDR 1284 if (gatt_client->l2cap_psm != 0){ 1285 if (l2cap_can_send_packet_now(gatt_client->l2cap_cid) == false){ 1286 l2cap_request_can_send_now_event(gatt_client->l2cap_cid); 1287 return; 1288 } 1289 bool packet_sent = gatt_client_run_for_gatt_client(gatt_client); 1290 if (packet_sent){ 1291 // request new permission 1292 att_dispatch_client_request_can_send_now_event(gatt_client->con_handle); 1293 // requeue client for fairness and exit 1294 // note: iterator has become invalid 1295 btstack_linked_list_remove(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 1296 btstack_linked_list_add_tail(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 1297 return; 1298 } 1299 } 1300 #endif 1301 // handle GATT over LE 1302 if (!att_dispatch_client_can_send_now(gatt_client->con_handle)) { 1303 att_dispatch_client_request_can_send_now_event(gatt_client->con_handle); 1304 return; 1305 } 1306 bool packet_sent = gatt_client_run_for_gatt_client(gatt_client); 1307 if (packet_sent){ 1308 // request new permission 1309 att_dispatch_client_request_can_send_now_event(gatt_client->con_handle); 1310 // requeue client for fairness and exit 1311 // note: iterator has become invalid 1312 btstack_linked_list_remove(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 1313 btstack_linked_list_add_tail(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 1314 return; 1315 } 1316 } 1317 } 1318 1319 static void gatt_client_report_error_if_pending(gatt_client_t *gatt_client, uint8_t att_error_code) { 1320 if (is_ready(gatt_client) == 1) return; 1321 gatt_client_handle_transaction_complete(gatt_client); 1322 emit_gatt_complete_event(gatt_client, att_error_code); 1323 } 1324 1325 static void gatt_client_handle_reencryption_complete(const uint8_t * packet){ 1326 hci_con_handle_t con_handle = sm_event_reencryption_complete_get_handle(packet); 1327 gatt_client_t * gatt_client = gatt_client_get_context_for_handle(con_handle); 1328 if (gatt_client == NULL) return; 1329 1330 // update security level 1331 gatt_client->security_level = gatt_client_le_security_level_for_connection(con_handle); 1332 1333 gatt_client->reencryption_result = sm_event_reencryption_complete_get_status(packet); 1334 gatt_client->reencryption_active = false; 1335 gatt_client->wait_for_authentication_complete = 0; 1336 1337 if (gatt_client->gatt_client_state == P_READY) return; 1338 1339 switch (sm_event_reencryption_complete_get_status(packet)){ 1340 case ERROR_CODE_SUCCESS: 1341 log_info("re-encryption success, retry operation"); 1342 break; 1343 case ERROR_CODE_AUTHENTICATION_FAILURE: 1344 case ERROR_CODE_PIN_OR_KEY_MISSING: 1345 #if defined(ENABLE_GATT_CLIENT_PAIRING) && !defined(ENABLE_LE_PROACTIVE_AUTHENTICATION) 1346 if (gatt_client_required_security_level == LEVEL_0) { 1347 // re-encryption failed for reactive authentication with pairing and we have a pending client request 1348 // => try to resolve it by deleting bonding information if we started pairing before 1349 // delete bonding information 1350 int le_device_db_index = sm_le_device_index(gatt_client->con_handle); 1351 btstack_assert(le_device_db_index >= 0); 1352 log_info("reactive auth with pairing: delete bonding and start pairing"); 1353 #ifdef ENABLE_LE_PRIVACY_ADDRESS_RESOLUTION 1354 hci_remove_le_device_db_entry_from_resolving_list((uint16_t) le_device_db_index); 1355 #endif 1356 le_device_db_remove(le_device_db_index); 1357 // trigger pairing again 1358 sm_request_pairing(gatt_client->con_handle); 1359 break; 1360 } 1361 #endif 1362 // report bonding information missing 1363 gatt_client_handle_transaction_complete(gatt_client); 1364 emit_gatt_complete_event(gatt_client, ATT_ERROR_BONDING_INFORMATION_MISSING); 1365 break; 1366 default: 1367 // report bonding information missing 1368 gatt_client_handle_transaction_complete(gatt_client); 1369 emit_gatt_complete_event(gatt_client, gatt_client->pending_error_code); 1370 break; 1371 } 1372 } 1373 1374 static void gatt_client_handle_disconnection_complete(const uint8_t * packet){ 1375 log_info("GATT Client: HCI_EVENT_DISCONNECTION_COMPLETE"); 1376 hci_con_handle_t con_handle = little_endian_read_16(packet,3); 1377 gatt_client_t * gatt_client = gatt_client_get_context_for_handle(con_handle); 1378 if (gatt_client == NULL) return; 1379 1380 gatt_client_report_error_if_pending(gatt_client, ATT_ERROR_HCI_DISCONNECT_RECEIVED); 1381 gatt_client_timeout_stop(gatt_client); 1382 btstack_linked_list_remove(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 1383 btstack_memory_gatt_client_free(gatt_client); 1384 } 1385 1386 static void gatt_client_event_packet_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 1387 UNUSED(channel); // ok: handling own l2cap events 1388 UNUSED(size); // ok: there is no channel 1389 1390 if (packet_type != HCI_EVENT_PACKET) return; 1391 1392 hci_con_handle_t con_handle; 1393 gatt_client_t * gatt_client; 1394 switch (hci_event_packet_get_type(packet)) { 1395 case HCI_EVENT_DISCONNECTION_COMPLETE: 1396 gatt_client_handle_disconnection_complete(packet); 1397 break; 1398 1399 // Pairing complete (with/without bonding=storing of pairing information) 1400 case SM_EVENT_PAIRING_COMPLETE: 1401 con_handle = sm_event_pairing_complete_get_handle(packet); 1402 gatt_client = gatt_client_get_context_for_handle(con_handle); 1403 if (gatt_client == NULL) break; 1404 1405 // update security level 1406 gatt_client->security_level = gatt_client_le_security_level_for_connection(con_handle); 1407 1408 if (gatt_client->wait_for_authentication_complete){ 1409 gatt_client->wait_for_authentication_complete = 0; 1410 if (sm_event_pairing_complete_get_status(packet)){ 1411 log_info("pairing failed, report previous error 0x%x", gatt_client->pending_error_code); 1412 gatt_client_report_error_if_pending(gatt_client, gatt_client->pending_error_code); 1413 } else { 1414 log_info("pairing success, retry operation"); 1415 } 1416 } 1417 break; 1418 1419 #ifdef ENABLE_LE_SIGNED_WRITE 1420 // Identity Resolving completed (no code, gatt_client_run will continue) 1421 case SM_EVENT_IDENTITY_RESOLVING_SUCCEEDED: 1422 case SM_EVENT_IDENTITY_RESOLVING_FAILED: 1423 break; 1424 #endif 1425 1426 // re-encryption started 1427 case SM_EVENT_REENCRYPTION_STARTED: 1428 con_handle = sm_event_reencryption_complete_get_handle(packet); 1429 gatt_client = gatt_client_get_context_for_handle(con_handle); 1430 if (gatt_client == NULL) break; 1431 1432 gatt_client->reencryption_active = true; 1433 gatt_client->reencryption_result = ERROR_CODE_SUCCESS; 1434 break; 1435 1436 // re-encryption complete 1437 case SM_EVENT_REENCRYPTION_COMPLETE: 1438 gatt_client_handle_reencryption_complete(packet); 1439 break; 1440 default: 1441 break; 1442 } 1443 1444 gatt_client_run(); 1445 } 1446 1447 static void gatt_client_handle_att_read_response(gatt_client_t *gatt_client, uint8_t *packet, uint16_t size) { 1448 switch (gatt_client->gatt_client_state) { 1449 case P_W4_INCLUDED_SERVICE_UUID_WITH_QUERY_RESULT: 1450 if (size >= 17) { 1451 uint8_t uuid128[16]; 1452 reverse_128(&packet[1], uuid128); 1453 report_gatt_included_service_uuid128(gatt_client, gatt_client->start_group_handle, uuid128); 1454 } 1455 trigger_next_included_service_query(gatt_client, gatt_client->start_group_handle); 1456 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1457 break; 1458 1459 case P_W4_READ_CHARACTERISTIC_VALUE_RESULT: 1460 gatt_client_handle_transaction_complete(gatt_client); 1461 report_gatt_characteristic_value(gatt_client, gatt_client->attribute_handle, &packet[1], size - 1u); 1462 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1463 break; 1464 1465 case P_W4_READ_CHARACTERISTIC_DESCRIPTOR_RESULT: 1466 gatt_client_handle_transaction_complete(gatt_client); 1467 report_gatt_characteristic_descriptor(gatt_client, gatt_client->attribute_handle, &packet[1], 1468 size - 1u, 0u); 1469 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1470 break; 1471 1472 // Use ATT_READ_REQUEST for first blob of Read Long Characteristic 1473 case P_W4_READ_BLOB_RESULT: 1474 report_gatt_long_characteristic_value_blob(gatt_client, gatt_client->attribute_handle, &packet[1], 1475 size - 1u, gatt_client->attribute_offset); 1476 trigger_next_blob_query(gatt_client, P_W2_SEND_READ_BLOB_QUERY, size - 1u); 1477 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1478 break; 1479 1480 // Use ATT_READ_REQUEST for first blob of Read Long Characteristic Descriptor 1481 case P_W4_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_RESULT: 1482 report_gatt_long_characteristic_descriptor(gatt_client, gatt_client->attribute_handle, &packet[1], 1483 size - 1u, gatt_client->attribute_offset); 1484 trigger_next_blob_query(gatt_client, P_W2_SEND_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_QUERY, 1485 size - 1u); 1486 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1487 break; 1488 1489 default: 1490 break; 1491 } 1492 } 1493 1494 static void gatt_client_handle_att_read_by_type_response(gatt_client_t *gatt_client, uint8_t *packet, uint16_t size) { 1495 switch (gatt_client->gatt_client_state) { 1496 case P_W4_ALL_CHARACTERISTICS_OF_SERVICE_QUERY_RESULT: 1497 report_gatt_characteristics(gatt_client, packet, size); 1498 trigger_next_characteristic_query(gatt_client, 1499 get_last_result_handle_from_characteristics_list(packet, size)); 1500 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done, or by ATT_ERROR 1501 break; 1502 case P_W4_CHARACTERISTIC_WITH_UUID_QUERY_RESULT: 1503 report_gatt_characteristics(gatt_client, packet, size); 1504 trigger_next_characteristic_query(gatt_client, 1505 get_last_result_handle_from_characteristics_list(packet, size)); 1506 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done, or by ATT_ERROR 1507 break; 1508 case P_W4_INCLUDED_SERVICE_QUERY_RESULT: { 1509 if (size < 2u) break; 1510 uint16_t uuid16 = 0; 1511 uint16_t pair_size = packet[1]; 1512 1513 if (pair_size == 6u) { 1514 if (size < 8u) break; 1515 // UUIDs not available, query first included service 1516 gatt_client->start_group_handle = little_endian_read_16(packet, 2); // ready for next query 1517 gatt_client->query_start_handle = little_endian_read_16(packet, 4); 1518 gatt_client->query_end_handle = little_endian_read_16(packet, 6); 1519 gatt_client->gatt_client_state = P_W2_SEND_INCLUDED_SERVICE_WITH_UUID_QUERY; 1520 break; 1521 } 1522 1523 if (pair_size != 8u) break; 1524 1525 // UUIDs included, report all of them 1526 uint16_t offset; 1527 for (offset = 2u; (offset + 8u) <= size; offset += pair_size) { 1528 uint16_t include_handle = little_endian_read_16(packet, offset); 1529 gatt_client->query_start_handle = little_endian_read_16(packet, offset + 2u); 1530 gatt_client->query_end_handle = little_endian_read_16(packet, offset + 4u); 1531 uuid16 = little_endian_read_16(packet, offset + 6u); 1532 report_gatt_included_service_uuid16(gatt_client, include_handle, uuid16); 1533 } 1534 1535 trigger_next_included_service_query(gatt_client, 1536 get_last_result_handle_from_included_services_list(packet, 1537 size)); 1538 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1539 break; 1540 } 1541 #ifndef ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY 1542 case P_W4_READ_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY_RESULT: 1543 gatt_client->client_characteristic_configuration_handle = little_endian_read_16(packet, 2); 1544 gatt_client->gatt_client_state = P_W2_WRITE_CLIENT_CHARACTERISTIC_CONFIGURATION; 1545 break; 1546 #endif 1547 case P_W4_READ_BY_TYPE_RESPONSE: { 1548 uint16_t pair_size = packet[1]; 1549 // set last result handle to last valid handle, only used if pair_size invalid 1550 uint16_t last_result_handle = 0xffff; 1551 if (pair_size > 2) { 1552 uint16_t offset; 1553 for (offset = 2; offset < size; offset += pair_size) { 1554 uint16_t value_handle = little_endian_read_16(packet, offset); 1555 report_gatt_characteristic_value(gatt_client, value_handle, &packet[offset + 2u], 1556 pair_size - 2u); 1557 last_result_handle = value_handle; 1558 } 1559 } 1560 trigger_next_read_by_type_query(gatt_client, last_result_handle); 1561 break; 1562 } 1563 default: 1564 break; 1565 } 1566 } 1567 1568 static void gatt_client_handle_att_write_response(gatt_client_t *gatt_client) { 1569 switch (gatt_client->gatt_client_state) { 1570 case P_W4_WRITE_CHARACTERISTIC_VALUE_RESULT: 1571 gatt_client_handle_transaction_complete(gatt_client); 1572 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1573 break; 1574 case P_W4_CLIENT_CHARACTERISTIC_CONFIGURATION_RESULT: 1575 gatt_client_handle_transaction_complete(gatt_client); 1576 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1577 break; 1578 case P_W4_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: 1579 gatt_client_handle_transaction_complete(gatt_client); 1580 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1581 break; 1582 default: 1583 break; 1584 } 1585 } 1586 1587 static void gatt_client_handle_att_response(gatt_client_t * gatt_client, uint8_t * packet, uint16_t size) { 1588 uint8_t error_code; 1589 switch (packet[0]) { 1590 case ATT_EXCHANGE_MTU_RESPONSE: { 1591 if (size < 3u) break; 1592 bool update_att_mtu = true; 1593 uint16_t remote_rx_mtu = little_endian_read_16(packet, 1); 1594 uint16_t local_rx_mtu = l2cap_max_le_mtu(); 1595 #ifdef ENABLE_GATT_OVER_CLASSIC 1596 if (gatt_client->l2cap_psm != 0){ 1597 local_rx_mtu = gatt_client->mtu; 1598 } else { 1599 update_att_mtu = false; 1600 } 1601 #endif 1602 uint16_t mtu = (remote_rx_mtu < local_rx_mtu) ? remote_rx_mtu : local_rx_mtu; 1603 1604 // set gatt client mtu 1605 gatt_client->mtu = mtu; 1606 gatt_client->mtu_state = MTU_EXCHANGED; 1607 1608 if (update_att_mtu){ 1609 // set per connection mtu state - for fixed channel 1610 hci_connection_t *hci_connection = hci_connection_for_handle(gatt_client->con_handle); 1611 hci_connection->att_connection.mtu = gatt_client->mtu; 1612 hci_connection->att_connection.mtu_exchanged = true; 1613 } 1614 emit_gatt_mtu_exchanged_result_event(gatt_client, gatt_client->mtu); 1615 break; 1616 } 1617 case ATT_READ_BY_GROUP_TYPE_RESPONSE: 1618 switch (gatt_client->gatt_client_state) { 1619 case P_W4_SERVICE_QUERY_RESULT: 1620 report_gatt_services(gatt_client, packet, size); 1621 trigger_next_service_query(gatt_client, get_last_result_handle_from_service_list(packet, size)); 1622 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1623 break; 1624 default: 1625 break; 1626 } 1627 break; 1628 case ATT_HANDLE_VALUE_NOTIFICATION: 1629 if (size < 3u) return; 1630 report_gatt_notification(gatt_client, little_endian_read_16(packet, 1u), &packet[3], size - 3u); 1631 return; 1632 case ATT_HANDLE_VALUE_INDICATION: 1633 if (size < 3u) break; 1634 report_gatt_indication(gatt_client, little_endian_read_16(packet, 1u), &packet[3], size - 3u); 1635 gatt_client->send_confirmation = 1; 1636 break; 1637 case ATT_READ_BY_TYPE_RESPONSE: 1638 gatt_client_handle_att_read_by_type_response(gatt_client, packet, size); 1639 break; 1640 case ATT_READ_RESPONSE: 1641 gatt_client_handle_att_read_response(gatt_client, packet, size); 1642 break; 1643 case ATT_FIND_BY_TYPE_VALUE_RESPONSE: { 1644 uint8_t pair_size = 4; 1645 int i; 1646 uint16_t start_group_handle; 1647 uint16_t end_group_handle = 0xffff; // asserts GATT_EVENT_QUERY_COMPLETE is emitted if no results 1648 for (i = 1u; (i + pair_size) <= size; i += pair_size) { 1649 start_group_handle = little_endian_read_16(packet, i); 1650 end_group_handle = little_endian_read_16(packet, i + 2); 1651 emit_gatt_service_query_result_event(gatt_client, start_group_handle, end_group_handle, 1652 gatt_client->uuid128); 1653 } 1654 trigger_next_service_by_uuid_query(gatt_client, end_group_handle); 1655 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1656 break; 1657 } 1658 case ATT_FIND_INFORMATION_REPLY: { 1659 if (size < 2u) break; 1660 1661 uint8_t pair_size = 4; 1662 if (packet[1u] == 2u) { 1663 pair_size = 18; 1664 } 1665 uint16_t offset = 2; 1666 1667 if (size < (pair_size + offset)) break; 1668 uint16_t last_descriptor_handle = little_endian_read_16(packet, size - pair_size); 1669 1670 #ifdef ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY 1671 log_info("ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY, state %x", gatt_client->gatt_client_state); 1672 if (gatt_client->gatt_client_state == P_W4_FIND_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY_RESULT){ 1673 // iterate over descriptors looking for CCC 1674 if (pair_size == 4){ 1675 while ((offset + 4) <= size){ 1676 uint16_t uuid16 = little_endian_read_16(packet, offset + 2); 1677 if (uuid16 == GATT_CLIENT_CHARACTERISTICS_CONFIGURATION){ 1678 gatt_client->client_characteristic_configuration_handle = little_endian_read_16(packet, offset); 1679 gatt_client->gatt_client_state = P_W2_WRITE_CLIENT_CHARACTERISTIC_CONFIGURATION; 1680 log_info("CCC found %x", gatt_client->client_characteristic_configuration_handle); 1681 break; 1682 } 1683 offset += pair_size; 1684 } 1685 } 1686 if (is_query_done(gatt_client, last_descriptor_handle)){ 1687 1688 } else { 1689 // next 1690 gatt_client->start_group_handle = last_descriptor_handle + 1; 1691 gatt_client->gatt_client_state = P_W2_SEND_FIND_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY; 1692 } 1693 break; 1694 } 1695 #endif 1696 report_gatt_all_characteristic_descriptors(gatt_client, &packet[2], size - 2u, pair_size); 1697 trigger_next_characteristic_descriptor_query(gatt_client, last_descriptor_handle); 1698 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1699 break; 1700 } 1701 1702 case ATT_WRITE_RESPONSE: 1703 gatt_client_handle_att_write_response(gatt_client); 1704 break; 1705 1706 case ATT_READ_BLOB_RESPONSE: { 1707 uint16_t received_blob_length = size - 1u; 1708 switch (gatt_client->gatt_client_state) { 1709 case P_W4_READ_BLOB_RESULT: 1710 report_gatt_long_characteristic_value_blob(gatt_client, gatt_client->attribute_handle, &packet[1], 1711 received_blob_length, gatt_client->attribute_offset); 1712 trigger_next_blob_query(gatt_client, P_W2_SEND_READ_BLOB_QUERY, received_blob_length); 1713 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1714 break; 1715 case P_W4_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_RESULT: 1716 report_gatt_long_characteristic_descriptor(gatt_client, gatt_client->attribute_handle, 1717 &packet[1], received_blob_length, 1718 gatt_client->attribute_offset); 1719 trigger_next_blob_query(gatt_client, P_W2_SEND_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_QUERY, 1720 received_blob_length); 1721 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1722 break; 1723 default: 1724 break; 1725 } 1726 break; 1727 } 1728 case ATT_PREPARE_WRITE_RESPONSE: 1729 switch (gatt_client->gatt_client_state) { 1730 case P_W4_PREPARE_WRITE_SINGLE_RESULT: 1731 gatt_client_handle_transaction_complete(gatt_client); 1732 if (is_value_valid(gatt_client, packet, size)) { 1733 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1734 } else { 1735 emit_gatt_complete_event(gatt_client, ATT_ERROR_DATA_MISMATCH); 1736 } 1737 break; 1738 1739 case P_W4_PREPARE_WRITE_RESULT: { 1740 gatt_client->attribute_offset = little_endian_read_16(packet, 3); 1741 trigger_next_prepare_write_query(gatt_client, P_W2_PREPARE_WRITE, P_W2_EXECUTE_PREPARED_WRITE); 1742 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1743 break; 1744 } 1745 case P_W4_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: { 1746 gatt_client->attribute_offset = little_endian_read_16(packet, 3); 1747 trigger_next_prepare_write_query(gatt_client, P_W2_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR, 1748 P_W2_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR); 1749 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1750 break; 1751 } 1752 case P_W4_PREPARE_RELIABLE_WRITE_RESULT: { 1753 if (is_value_valid(gatt_client, packet, size)) { 1754 gatt_client->attribute_offset = little_endian_read_16(packet, 3); 1755 trigger_next_prepare_write_query(gatt_client, P_W2_PREPARE_RELIABLE_WRITE, 1756 P_W2_EXECUTE_PREPARED_WRITE); 1757 // GATT_EVENT_QUERY_COMPLETE is emitted by trigger_next_xxx when done 1758 break; 1759 } 1760 gatt_client->gatt_client_state = P_W2_CANCEL_PREPARED_WRITE_DATA_MISMATCH; 1761 break; 1762 } 1763 default: 1764 break; 1765 } 1766 break; 1767 1768 case ATT_EXECUTE_WRITE_RESPONSE: 1769 switch (gatt_client->gatt_client_state) { 1770 case P_W4_EXECUTE_PREPARED_WRITE_RESULT: 1771 gatt_client_handle_transaction_complete(gatt_client); 1772 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1773 break; 1774 case P_W4_CANCEL_PREPARED_WRITE_RESULT: 1775 gatt_client_handle_transaction_complete(gatt_client); 1776 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1777 break; 1778 case P_W4_CANCEL_PREPARED_WRITE_DATA_MISMATCH_RESULT: 1779 gatt_client_handle_transaction_complete(gatt_client); 1780 emit_gatt_complete_event(gatt_client, ATT_ERROR_DATA_MISMATCH); 1781 break; 1782 case P_W4_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: 1783 gatt_client_handle_transaction_complete(gatt_client); 1784 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1785 break; 1786 default: 1787 break; 1788 1789 } 1790 break; 1791 1792 case ATT_READ_MULTIPLE_RESPONSE: 1793 switch (gatt_client->gatt_client_state) { 1794 case P_W4_READ_MULTIPLE_RESPONSE: 1795 report_gatt_characteristic_value(gatt_client, 0u, &packet[1], size - 1u); 1796 gatt_client_handle_transaction_complete(gatt_client); 1797 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1798 break; 1799 default: 1800 break; 1801 } 1802 break; 1803 1804 case ATT_ERROR_RESPONSE: 1805 if (size < 5u) return; 1806 error_code = packet[4]; 1807 switch (error_code) { 1808 case ATT_ERROR_ATTRIBUTE_NOT_FOUND: { 1809 switch (gatt_client->gatt_client_state) { 1810 case P_W4_SERVICE_QUERY_RESULT: 1811 case P_W4_SERVICE_WITH_UUID_RESULT: 1812 case P_W4_INCLUDED_SERVICE_QUERY_RESULT: 1813 case P_W4_ALL_CHARACTERISTIC_DESCRIPTORS_QUERY_RESULT: 1814 gatt_client_handle_transaction_complete(gatt_client); 1815 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1816 break; 1817 case P_W4_ALL_CHARACTERISTICS_OF_SERVICE_QUERY_RESULT: 1818 case P_W4_CHARACTERISTIC_WITH_UUID_QUERY_RESULT: 1819 characteristic_end_found(gatt_client, gatt_client->end_group_handle); 1820 gatt_client_handle_transaction_complete(gatt_client); 1821 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1822 break; 1823 case P_W4_READ_BY_TYPE_RESPONSE: 1824 gatt_client_handle_transaction_complete(gatt_client); 1825 if (gatt_client->start_group_handle == gatt_client->query_start_handle) { 1826 emit_gatt_complete_event(gatt_client, ATT_ERROR_ATTRIBUTE_NOT_FOUND); 1827 } else { 1828 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 1829 } 1830 break; 1831 default: 1832 gatt_client_report_error_if_pending(gatt_client, error_code); 1833 break; 1834 } 1835 break; 1836 } 1837 1838 #ifdef ENABLE_GATT_CLIENT_PAIRING 1839 1840 case ATT_ERROR_INSUFFICIENT_AUTHENTICATION: 1841 case ATT_ERROR_INSUFFICIENT_ENCRYPTION_KEY_SIZE: 1842 case ATT_ERROR_INSUFFICIENT_ENCRYPTION: { 1843 1844 // security too low 1845 if (gatt_client->security_counter > 0) { 1846 gatt_client_report_error_if_pending(gatt_client, error_code); 1847 break; 1848 } 1849 // start security 1850 gatt_client->security_counter++; 1851 1852 // setup action 1853 int retry = 1; 1854 switch (gatt_client->gatt_client_state){ 1855 case P_W4_READ_CHARACTERISTIC_VALUE_RESULT: 1856 gatt_client->gatt_client_state = P_W2_SEND_READ_CHARACTERISTIC_VALUE_QUERY ; 1857 break; 1858 case P_W4_READ_BLOB_RESULT: 1859 gatt_client->gatt_client_state = P_W2_SEND_READ_BLOB_QUERY; 1860 break; 1861 case P_W4_READ_BY_TYPE_RESPONSE: 1862 gatt_client->gatt_client_state = P_W2_SEND_READ_BY_TYPE_REQUEST; 1863 break; 1864 case P_W4_READ_MULTIPLE_RESPONSE: 1865 gatt_client->gatt_client_state = P_W2_SEND_READ_MULTIPLE_REQUEST; 1866 break; 1867 case P_W4_WRITE_CHARACTERISTIC_VALUE_RESULT: 1868 gatt_client->gatt_client_state = P_W2_SEND_WRITE_CHARACTERISTIC_VALUE; 1869 break; 1870 case P_W4_PREPARE_WRITE_RESULT: 1871 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE; 1872 break; 1873 case P_W4_PREPARE_WRITE_SINGLE_RESULT: 1874 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE_SINGLE; 1875 break; 1876 case P_W4_PREPARE_RELIABLE_WRITE_RESULT: 1877 gatt_client->gatt_client_state = P_W2_PREPARE_RELIABLE_WRITE; 1878 break; 1879 case P_W4_EXECUTE_PREPARED_WRITE_RESULT: 1880 gatt_client->gatt_client_state = P_W2_EXECUTE_PREPARED_WRITE; 1881 break; 1882 case P_W4_CANCEL_PREPARED_WRITE_RESULT: 1883 gatt_client->gatt_client_state = P_W2_CANCEL_PREPARED_WRITE; 1884 break; 1885 case P_W4_CANCEL_PREPARED_WRITE_DATA_MISMATCH_RESULT: 1886 gatt_client->gatt_client_state = P_W2_CANCEL_PREPARED_WRITE_DATA_MISMATCH; 1887 break; 1888 case P_W4_READ_CHARACTERISTIC_DESCRIPTOR_RESULT: 1889 gatt_client->gatt_client_state = P_W2_SEND_READ_CHARACTERISTIC_DESCRIPTOR_QUERY; 1890 break; 1891 case P_W4_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_RESULT: 1892 gatt_client->gatt_client_state = P_W2_SEND_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_QUERY; 1893 break; 1894 case P_W4_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: 1895 gatt_client->gatt_client_state = P_W2_SEND_WRITE_CHARACTERISTIC_DESCRIPTOR; 1896 break; 1897 case P_W4_CLIENT_CHARACTERISTIC_CONFIGURATION_RESULT: 1898 gatt_client->gatt_client_state = P_W2_WRITE_CLIENT_CHARACTERISTIC_CONFIGURATION; 1899 break; 1900 case P_W4_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: 1901 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR; 1902 break; 1903 case P_W4_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR_RESULT: 1904 gatt_client->gatt_client_state = P_W2_EXECUTE_PREPARED_WRITE_CHARACTERISTIC_DESCRIPTOR; 1905 break; 1906 #ifdef ENABLE_LE_SIGNED_WRITE 1907 case P_W4_SEND_SINGED_WRITE_DONE: 1908 gatt_client->gatt_client_state = P_W2_SEND_SIGNED_WRITE; 1909 break; 1910 #endif 1911 default: 1912 log_info("retry not supported for state %x", gatt_client->gatt_client_state); 1913 retry = 0; 1914 break; 1915 } 1916 1917 if (!retry) { 1918 gatt_client_report_error_if_pending(gatt_client, error_code); 1919 break; 1920 } 1921 1922 log_info("security error, start pairing"); 1923 1924 // start pairing for higher security level 1925 gatt_client->wait_for_authentication_complete = 1; 1926 gatt_client->pending_error_code = error_code; 1927 sm_request_pairing(gatt_client->con_handle); 1928 break; 1929 } 1930 #endif 1931 1932 // nothing we can do about that 1933 case ATT_ERROR_INSUFFICIENT_AUTHORIZATION: 1934 default: 1935 gatt_client_report_error_if_pending(gatt_client, error_code); 1936 break; 1937 } 1938 break; 1939 1940 default: 1941 log_info("ATT Handler, unhandled response type 0x%02x", packet[0]); 1942 break; 1943 } 1944 } 1945 1946 static void gatt_client_att_packet_handler(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size) { 1947 gatt_client_t *gatt_client; 1948 if (size < 1u) return; 1949 1950 if (packet_type == HCI_EVENT_PACKET) { 1951 switch (packet[0]) { 1952 case L2CAP_EVENT_CAN_SEND_NOW: 1953 gatt_client_run(); 1954 break; 1955 // att_server has negotiated the mtu for this connection, cache if context exists 1956 case ATT_EVENT_MTU_EXCHANGE_COMPLETE: 1957 if (size < 6u) break; 1958 gatt_client = gatt_client_get_context_for_handle(handle); 1959 if (gatt_client == NULL) break; 1960 gatt_client->mtu = little_endian_read_16(packet, 4); 1961 break; 1962 default: 1963 break; 1964 } 1965 return; 1966 } 1967 1968 if (packet_type != ATT_DATA_PACKET) return; 1969 1970 // special cases: notifications & indications motivate creating context 1971 switch (packet[0]) { 1972 case ATT_HANDLE_VALUE_NOTIFICATION: 1973 case ATT_HANDLE_VALUE_INDICATION: 1974 gatt_client_provide_context_for_handle(handle, &gatt_client); 1975 break; 1976 default: 1977 gatt_client = gatt_client_get_context_for_handle(handle); 1978 break; 1979 } 1980 1981 if (gatt_client != NULL) { 1982 gatt_client_handle_att_response(gatt_client, packet, size); 1983 gatt_client_run(); 1984 } 1985 } 1986 1987 #ifdef ENABLE_LE_SIGNED_WRITE 1988 static void att_signed_write_handle_cmac_result(uint8_t hash[8]){ 1989 btstack_linked_list_iterator_t it; 1990 btstack_linked_list_iterator_init(&it, &gatt_client_connections); 1991 while (btstack_linked_list_iterator_has_next(&it)){ 1992 gatt_client_t * gatt_client = (gatt_client_t *) btstack_linked_list_iterator_next(&it); 1993 if (gatt_client->gatt_client_state == P_W4_CMAC_RESULT){ 1994 // store result 1995 (void)memcpy(gatt_client->cmac, hash, 8); 1996 // reverse_64(hash, gatt_client->cmac); 1997 gatt_client->gatt_client_state = P_W2_SEND_SIGNED_WRITE; 1998 gatt_client_run(); 1999 return; 2000 } 2001 } 2002 } 2003 2004 uint8_t gatt_client_signed_write_without_response(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t message_len, uint8_t * message){ 2005 gatt_client_t * gatt_client; 2006 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2007 if (status != ERROR_CODE_SUCCESS){ 2008 return status; 2009 } 2010 if (is_ready(gatt_client) == 0){ 2011 return GATT_CLIENT_IN_WRONG_STATE; 2012 } 2013 2014 gatt_client->callback = callback; 2015 gatt_client->attribute_handle = value_handle; 2016 gatt_client->attribute_length = message_len; 2017 gatt_client->attribute_value = message; 2018 gatt_client->gatt_client_state = P_W4_IDENTITY_RESOLVING; 2019 gatt_client_run(); 2020 return ERROR_CODE_SUCCESS; 2021 } 2022 #endif 2023 2024 uint8_t gatt_client_discover_primary_services(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2025 gatt_client_t * gatt_client; 2026 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2027 if (status != ERROR_CODE_SUCCESS){ 2028 return status; 2029 } 2030 2031 gatt_client->callback = callback; 2032 gatt_client->start_group_handle = 0x0001; 2033 gatt_client->end_group_handle = 0xffff; 2034 gatt_client->gatt_client_state = P_W2_SEND_SERVICE_QUERY; 2035 gatt_client->uuid16 = GATT_PRIMARY_SERVICE_UUID; 2036 gatt_client_run(); 2037 return ERROR_CODE_SUCCESS; 2038 } 2039 2040 uint8_t gatt_client_discover_secondary_services(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2041 gatt_client_t * gatt_client; 2042 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2043 if (status != ERROR_CODE_SUCCESS){ 2044 return status; 2045 } 2046 2047 gatt_client->callback = callback; 2048 gatt_client->start_group_handle = 0x0001; 2049 gatt_client->end_group_handle = 0xffff; 2050 gatt_client->gatt_client_state = P_W2_SEND_SERVICE_QUERY; 2051 gatt_client->uuid16 = GATT_SECONDARY_SERVICE_UUID; 2052 gatt_client_run(); 2053 return ERROR_CODE_SUCCESS; 2054 } 2055 2056 uint8_t gatt_client_discover_primary_services_by_uuid16(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t uuid16){ 2057 gatt_client_t * gatt_client; 2058 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2059 if (status != ERROR_CODE_SUCCESS){ 2060 return status; 2061 } 2062 2063 gatt_client->callback = callback; 2064 gatt_client->start_group_handle = 0x0001; 2065 gatt_client->end_group_handle = 0xffff; 2066 gatt_client->gatt_client_state = P_W2_SEND_SERVICE_WITH_UUID_QUERY; 2067 gatt_client->uuid16 = uuid16; 2068 uuid_add_bluetooth_prefix((uint8_t*) &(gatt_client->uuid128), gatt_client->uuid16); 2069 gatt_client_run(); 2070 return ERROR_CODE_SUCCESS; 2071 } 2072 2073 uint8_t gatt_client_discover_primary_services_by_uuid128(btstack_packet_handler_t callback, hci_con_handle_t con_handle, const uint8_t * uuid128){ 2074 gatt_client_t * gatt_client; 2075 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2076 if (status != ERROR_CODE_SUCCESS){ 2077 return status; 2078 } 2079 2080 gatt_client->callback = callback; 2081 gatt_client->start_group_handle = 0x0001; 2082 gatt_client->end_group_handle = 0xffff; 2083 gatt_client->uuid16 = 0; 2084 (void)memcpy(gatt_client->uuid128, uuid128, 16); 2085 gatt_client->gatt_client_state = P_W2_SEND_SERVICE_WITH_UUID_QUERY; 2086 gatt_client_run(); 2087 return ERROR_CODE_SUCCESS; 2088 } 2089 2090 uint8_t gatt_client_discover_characteristics_for_service(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_service_t * service){ 2091 gatt_client_t * gatt_client; 2092 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2093 if (status != ERROR_CODE_SUCCESS){ 2094 return status; 2095 } 2096 2097 gatt_client->callback = callback; 2098 gatt_client->start_group_handle = service->start_group_handle; 2099 gatt_client->end_group_handle = service->end_group_handle; 2100 gatt_client->filter_with_uuid = 0; 2101 gatt_client->characteristic_start_handle = 0; 2102 gatt_client->gatt_client_state = P_W2_SEND_ALL_CHARACTERISTICS_OF_SERVICE_QUERY; 2103 gatt_client_run(); 2104 return ERROR_CODE_SUCCESS; 2105 } 2106 2107 uint8_t gatt_client_find_included_services_for_service(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_service_t * service){ 2108 gatt_client_t * gatt_client; 2109 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2110 if (status != ERROR_CODE_SUCCESS){ 2111 return status; 2112 } 2113 2114 gatt_client->callback = callback; 2115 gatt_client->start_group_handle = service->start_group_handle; 2116 gatt_client->end_group_handle = service->end_group_handle; 2117 gatt_client->gatt_client_state = P_W2_SEND_INCLUDED_SERVICE_QUERY; 2118 2119 gatt_client_run(); 2120 return ERROR_CODE_SUCCESS; 2121 } 2122 2123 uint8_t gatt_client_discover_characteristics_for_handle_range_by_uuid16(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t start_handle, uint16_t end_handle, uint16_t uuid16){ 2124 gatt_client_t * gatt_client; 2125 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2126 if (status != ERROR_CODE_SUCCESS){ 2127 return status; 2128 } 2129 2130 gatt_client->callback = callback; 2131 gatt_client->start_group_handle = start_handle; 2132 gatt_client->end_group_handle = end_handle; 2133 gatt_client->filter_with_uuid = 1; 2134 gatt_client->uuid16 = uuid16; 2135 uuid_add_bluetooth_prefix((uint8_t*) &(gatt_client->uuid128), uuid16); 2136 gatt_client->characteristic_start_handle = 0; 2137 gatt_client->gatt_client_state = P_W2_SEND_CHARACTERISTIC_WITH_UUID_QUERY; 2138 gatt_client_run(); 2139 return ERROR_CODE_SUCCESS; 2140 } 2141 2142 uint8_t gatt_client_discover_characteristics_for_handle_range_by_uuid128(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t start_handle, uint16_t end_handle, const uint8_t * uuid128){ 2143 gatt_client_t * gatt_client; 2144 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2145 if (status != ERROR_CODE_SUCCESS){ 2146 return status; 2147 } 2148 2149 gatt_client->callback = callback; 2150 gatt_client->start_group_handle = start_handle; 2151 gatt_client->end_group_handle = end_handle; 2152 gatt_client->filter_with_uuid = 1; 2153 gatt_client->uuid16 = 0; 2154 (void)memcpy(gatt_client->uuid128, uuid128, 16); 2155 gatt_client->characteristic_start_handle = 0; 2156 gatt_client->gatt_client_state = P_W2_SEND_CHARACTERISTIC_WITH_UUID_QUERY; 2157 gatt_client_run(); 2158 return ERROR_CODE_SUCCESS; 2159 } 2160 2161 2162 uint8_t gatt_client_discover_characteristics_for_service_by_uuid16(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_service_t * service, uint16_t uuid16){ 2163 return gatt_client_discover_characteristics_for_handle_range_by_uuid16(callback, con_handle, service->start_group_handle, service->end_group_handle, uuid16); 2164 } 2165 2166 uint8_t gatt_client_discover_characteristics_for_service_by_uuid128(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_service_t * service, const uint8_t * uuid128){ 2167 return gatt_client_discover_characteristics_for_handle_range_by_uuid128(callback, con_handle, service->start_group_handle, service->end_group_handle, uuid128); 2168 } 2169 2170 uint8_t gatt_client_discover_characteristic_descriptors(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_t * characteristic){ 2171 gatt_client_t * gatt_client; 2172 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2173 if (status != ERROR_CODE_SUCCESS){ 2174 return status; 2175 } 2176 2177 if (characteristic->value_handle == characteristic->end_handle){ 2178 emit_gatt_complete_event(gatt_client, ATT_ERROR_SUCCESS); 2179 return ERROR_CODE_SUCCESS; 2180 } 2181 gatt_client->callback = callback; 2182 gatt_client->start_group_handle = characteristic->value_handle + 1u; 2183 gatt_client->end_group_handle = characteristic->end_handle; 2184 gatt_client->gatt_client_state = P_W2_SEND_ALL_CHARACTERISTIC_DESCRIPTORS_QUERY; 2185 gatt_client_run(); 2186 return ERROR_CODE_SUCCESS; 2187 } 2188 2189 uint8_t gatt_client_read_value_of_characteristic_using_value_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle){ 2190 gatt_client_t * gatt_client; 2191 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2192 if (status != ERROR_CODE_SUCCESS){ 2193 return status; 2194 } 2195 2196 gatt_client->callback = callback; 2197 gatt_client->attribute_handle = value_handle; 2198 gatt_client->attribute_offset = 0; 2199 gatt_client->gatt_client_state = P_W2_SEND_READ_CHARACTERISTIC_VALUE_QUERY; 2200 gatt_client_run(); 2201 return ERROR_CODE_SUCCESS; 2202 } 2203 2204 uint8_t gatt_client_read_value_of_characteristics_by_uuid16(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t start_handle, uint16_t end_handle, uint16_t uuid16){ 2205 gatt_client_t * gatt_client; 2206 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2207 if (status != ERROR_CODE_SUCCESS){ 2208 return status; 2209 } 2210 2211 gatt_client->callback = callback; 2212 gatt_client->start_group_handle = start_handle; 2213 gatt_client->end_group_handle = end_handle; 2214 gatt_client->query_start_handle = start_handle; 2215 gatt_client->query_end_handle = end_handle; 2216 gatt_client->uuid16 = uuid16; 2217 uuid_add_bluetooth_prefix((uint8_t*) &(gatt_client->uuid128), uuid16); 2218 gatt_client->gatt_client_state = P_W2_SEND_READ_BY_TYPE_REQUEST; 2219 gatt_client_run(); 2220 return ERROR_CODE_SUCCESS; 2221 } 2222 2223 uint8_t gatt_client_read_value_of_characteristics_by_uuid128(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t start_handle, uint16_t end_handle, const uint8_t * uuid128){ 2224 gatt_client_t * gatt_client; 2225 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2226 if (status != ERROR_CODE_SUCCESS){ 2227 return status; 2228 } 2229 2230 gatt_client->callback = callback; 2231 gatt_client->start_group_handle = start_handle; 2232 gatt_client->end_group_handle = end_handle; 2233 gatt_client->query_start_handle = start_handle; 2234 gatt_client->query_end_handle = end_handle; 2235 gatt_client->uuid16 = 0; 2236 (void)memcpy(gatt_client->uuid128, uuid128, 16); 2237 gatt_client->gatt_client_state = P_W2_SEND_READ_BY_TYPE_REQUEST; 2238 gatt_client_run(); 2239 return ERROR_CODE_SUCCESS; 2240 } 2241 2242 2243 uint8_t gatt_client_read_value_of_characteristic(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_t * characteristic){ 2244 return gatt_client_read_value_of_characteristic_using_value_handle(callback, con_handle, characteristic->value_handle); 2245 } 2246 2247 uint8_t gatt_client_read_long_value_of_characteristic_using_value_handle_with_offset(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t offset){ 2248 gatt_client_t * gatt_client; 2249 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2250 if (status != ERROR_CODE_SUCCESS){ 2251 return status; 2252 } 2253 2254 gatt_client->callback = callback; 2255 gatt_client->attribute_handle = value_handle; 2256 gatt_client->attribute_offset = offset; 2257 gatt_client->gatt_client_state = P_W2_SEND_READ_BLOB_QUERY; 2258 gatt_client_run(); 2259 return ERROR_CODE_SUCCESS; 2260 } 2261 2262 uint8_t gatt_client_read_long_value_of_characteristic_using_value_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle){ 2263 return gatt_client_read_long_value_of_characteristic_using_value_handle_with_offset(callback, con_handle, value_handle, 0); 2264 } 2265 2266 uint8_t gatt_client_read_long_value_of_characteristic(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_t * characteristic){ 2267 return gatt_client_read_long_value_of_characteristic_using_value_handle(callback, con_handle, characteristic->value_handle); 2268 } 2269 2270 uint8_t gatt_client_read_multiple_characteristic_values(btstack_packet_handler_t callback, hci_con_handle_t con_handle, int num_value_handles, uint16_t * value_handles){ 2271 gatt_client_t * gatt_client; 2272 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2273 if (status != ERROR_CODE_SUCCESS){ 2274 return status; 2275 } 2276 2277 gatt_client->callback = callback; 2278 gatt_client->read_multiple_handle_count = num_value_handles; 2279 gatt_client->read_multiple_handles = value_handles; 2280 gatt_client->gatt_client_state = P_W2_SEND_READ_MULTIPLE_REQUEST; 2281 gatt_client_run(); 2282 return ERROR_CODE_SUCCESS; 2283 } 2284 2285 uint8_t gatt_client_write_value_of_characteristic_without_response(hci_con_handle_t con_handle, uint16_t value_handle, uint16_t value_length, uint8_t * value){ 2286 gatt_client_t * gatt_client; 2287 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2288 if (status != ERROR_CODE_SUCCESS){ 2289 return status; 2290 } 2291 2292 if (value_length > (gatt_client->mtu - 3u)) return GATT_CLIENT_VALUE_TOO_LONG; 2293 if (!att_dispatch_client_can_send_now(gatt_client->con_handle)) return GATT_CLIENT_BUSY; 2294 2295 return att_write_request(gatt_client, ATT_WRITE_COMMAND, value_handle, value_length, value); 2296 } 2297 2298 uint8_t gatt_client_write_value_of_characteristic(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t value_length, uint8_t * value){ 2299 gatt_client_t * gatt_client; 2300 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2301 if (status != ERROR_CODE_SUCCESS){ 2302 return status; 2303 } 2304 2305 gatt_client->callback = callback; 2306 gatt_client->attribute_handle = value_handle; 2307 gatt_client->attribute_length = value_length; 2308 gatt_client->attribute_value = value; 2309 gatt_client->gatt_client_state = P_W2_SEND_WRITE_CHARACTERISTIC_VALUE; 2310 gatt_client_run(); 2311 return ERROR_CODE_SUCCESS; 2312 } 2313 2314 uint8_t gatt_client_write_long_value_of_characteristic_with_offset(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t offset, uint16_t value_length, uint8_t * value){ 2315 gatt_client_t * gatt_client; 2316 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2317 if (status != ERROR_CODE_SUCCESS){ 2318 return status; 2319 } 2320 2321 gatt_client->callback = callback; 2322 gatt_client->attribute_handle = value_handle; 2323 gatt_client->attribute_length = value_length; 2324 gatt_client->attribute_offset = offset; 2325 gatt_client->attribute_value = value; 2326 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE; 2327 gatt_client_run(); 2328 return ERROR_CODE_SUCCESS; 2329 } 2330 2331 uint8_t gatt_client_write_long_value_of_characteristic(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t value_length, uint8_t * value){ 2332 return gatt_client_write_long_value_of_characteristic_with_offset(callback, con_handle, value_handle, 0, value_length, value); 2333 } 2334 2335 uint8_t gatt_client_reliable_write_long_value_of_characteristic(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t value_handle, uint16_t value_length, uint8_t * value){ 2336 gatt_client_t * gatt_client; 2337 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2338 if (status != ERROR_CODE_SUCCESS){ 2339 return status; 2340 } 2341 2342 gatt_client->callback = callback; 2343 gatt_client->attribute_handle = value_handle; 2344 gatt_client->attribute_length = value_length; 2345 gatt_client->attribute_offset = 0; 2346 gatt_client->attribute_value = value; 2347 gatt_client->gatt_client_state = P_W2_PREPARE_RELIABLE_WRITE; 2348 gatt_client_run(); 2349 return ERROR_CODE_SUCCESS; 2350 } 2351 2352 uint8_t gatt_client_write_client_characteristic_configuration(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_t * characteristic, uint16_t configuration){ 2353 gatt_client_t * gatt_client; 2354 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2355 if (status != ERROR_CODE_SUCCESS){ 2356 return status; 2357 } 2358 2359 if ( (configuration & GATT_CLIENT_CHARACTERISTICS_CONFIGURATION_NOTIFICATION) && 2360 ((characteristic->properties & ATT_PROPERTY_NOTIFY) == 0u)) { 2361 log_info("gatt_client_write_client_characteristic_configuration: GATT_CLIENT_CHARACTERISTIC_NOTIFICATION_NOT_SUPPORTED"); 2362 return GATT_CLIENT_CHARACTERISTIC_NOTIFICATION_NOT_SUPPORTED; 2363 } else if ( (configuration & GATT_CLIENT_CHARACTERISTICS_CONFIGURATION_INDICATION) && 2364 ((characteristic->properties & ATT_PROPERTY_INDICATE) == 0u)){ 2365 log_info("gatt_client_write_client_characteristic_configuration: GATT_CLIENT_CHARACTERISTIC_INDICATION_NOT_SUPPORTED"); 2366 return GATT_CLIENT_CHARACTERISTIC_INDICATION_NOT_SUPPORTED; 2367 } 2368 2369 gatt_client->callback = callback; 2370 gatt_client->start_group_handle = characteristic->value_handle; 2371 gatt_client->end_group_handle = characteristic->end_handle; 2372 little_endian_store_16(gatt_client->client_characteristic_configuration_value, 0, configuration); 2373 2374 #ifdef ENABLE_GATT_FIND_INFORMATION_FOR_CCC_DISCOVERY 2375 gatt_client->gatt_client_state = P_W2_SEND_FIND_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY; 2376 #else 2377 gatt_client->gatt_client_state = P_W2_SEND_READ_CLIENT_CHARACTERISTIC_CONFIGURATION_QUERY; 2378 #endif 2379 gatt_client_run(); 2380 return ERROR_CODE_SUCCESS; 2381 } 2382 2383 uint8_t gatt_client_read_characteristic_descriptor_using_descriptor_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle){ 2384 gatt_client_t * gatt_client; 2385 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2386 if (status != ERROR_CODE_SUCCESS){ 2387 return status; 2388 } 2389 2390 gatt_client->callback = callback; 2391 gatt_client->attribute_handle = descriptor_handle; 2392 2393 gatt_client->gatt_client_state = P_W2_SEND_READ_CHARACTERISTIC_DESCRIPTOR_QUERY; 2394 gatt_client_run(); 2395 return ERROR_CODE_SUCCESS; 2396 } 2397 2398 uint8_t gatt_client_read_characteristic_descriptor(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_descriptor_t * descriptor){ 2399 return gatt_client_read_characteristic_descriptor_using_descriptor_handle(callback, con_handle, descriptor->handle); 2400 } 2401 2402 uint8_t gatt_client_read_long_characteristic_descriptor_using_descriptor_handle_with_offset(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle, uint16_t offset){ 2403 gatt_client_t * gatt_client; 2404 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2405 if (status != ERROR_CODE_SUCCESS){ 2406 return status; 2407 } 2408 2409 gatt_client->callback = callback; 2410 gatt_client->attribute_handle = descriptor_handle; 2411 gatt_client->attribute_offset = offset; 2412 gatt_client->gatt_client_state = P_W2_SEND_READ_BLOB_CHARACTERISTIC_DESCRIPTOR_QUERY; 2413 gatt_client_run(); 2414 return ERROR_CODE_SUCCESS; 2415 } 2416 2417 uint8_t gatt_client_read_long_characteristic_descriptor_using_descriptor_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle){ 2418 return gatt_client_read_long_characteristic_descriptor_using_descriptor_handle_with_offset(callback, con_handle, descriptor_handle, 0); 2419 } 2420 2421 uint8_t gatt_client_read_long_characteristic_descriptor(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_descriptor_t * descriptor){ 2422 return gatt_client_read_long_characteristic_descriptor_using_descriptor_handle(callback, con_handle, descriptor->handle); 2423 } 2424 2425 uint8_t gatt_client_write_characteristic_descriptor_using_descriptor_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle, uint16_t value_length, uint8_t * value){ 2426 gatt_client_t * gatt_client; 2427 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2428 if (status != ERROR_CODE_SUCCESS){ 2429 return status; 2430 } 2431 2432 gatt_client->callback = callback; 2433 gatt_client->attribute_handle = descriptor_handle; 2434 gatt_client->attribute_length = value_length; 2435 gatt_client->attribute_offset = 0; 2436 gatt_client->attribute_value = value; 2437 gatt_client->gatt_client_state = P_W2_SEND_WRITE_CHARACTERISTIC_DESCRIPTOR; 2438 gatt_client_run(); 2439 return ERROR_CODE_SUCCESS; 2440 } 2441 2442 uint8_t gatt_client_write_characteristic_descriptor(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_descriptor_t * descriptor, uint16_t value_length, uint8_t * value){ 2443 return gatt_client_write_characteristic_descriptor_using_descriptor_handle(callback, con_handle, descriptor->handle, value_length, value); 2444 } 2445 2446 uint8_t gatt_client_write_long_characteristic_descriptor_using_descriptor_handle_with_offset(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle, uint16_t offset, uint16_t value_length, uint8_t * value){ 2447 gatt_client_t * gatt_client; 2448 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2449 if (status != ERROR_CODE_SUCCESS){ 2450 return status; 2451 } 2452 2453 gatt_client->callback = callback; 2454 gatt_client->attribute_handle = descriptor_handle; 2455 gatt_client->attribute_length = value_length; 2456 gatt_client->attribute_offset = offset; 2457 gatt_client->attribute_value = value; 2458 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE_CHARACTERISTIC_DESCRIPTOR; 2459 gatt_client_run(); 2460 return ERROR_CODE_SUCCESS; 2461 } 2462 2463 uint8_t gatt_client_write_long_characteristic_descriptor_using_descriptor_handle(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t descriptor_handle, uint16_t value_length, uint8_t * value){ 2464 return gatt_client_write_long_characteristic_descriptor_using_descriptor_handle_with_offset(callback, con_handle, descriptor_handle, 0, value_length, value); 2465 } 2466 2467 uint8_t gatt_client_write_long_characteristic_descriptor(btstack_packet_handler_t callback, hci_con_handle_t con_handle, gatt_client_characteristic_descriptor_t * descriptor, uint16_t value_length, uint8_t * value){ 2468 return gatt_client_write_long_characteristic_descriptor_using_descriptor_handle(callback, con_handle, descriptor->handle, value_length, value); 2469 } 2470 2471 /** 2472 * @brief -> gatt complete event 2473 */ 2474 uint8_t gatt_client_prepare_write(btstack_packet_handler_t callback, hci_con_handle_t con_handle, uint16_t attribute_handle, uint16_t offset, uint16_t value_length, uint8_t * value){ 2475 gatt_client_t * gatt_client; 2476 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2477 if (status != ERROR_CODE_SUCCESS){ 2478 return status; 2479 } 2480 2481 gatt_client->callback = callback; 2482 gatt_client->attribute_handle = attribute_handle; 2483 gatt_client->attribute_length = value_length; 2484 gatt_client->attribute_offset = offset; 2485 gatt_client->attribute_value = value; 2486 gatt_client->gatt_client_state = P_W2_PREPARE_WRITE_SINGLE; 2487 gatt_client_run(); 2488 return ERROR_CODE_SUCCESS; 2489 } 2490 2491 /** 2492 * @brief -> gatt complete event 2493 */ 2494 uint8_t gatt_client_execute_write(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2495 gatt_client_t * gatt_client; 2496 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2497 if (status != ERROR_CODE_SUCCESS){ 2498 return status; 2499 } 2500 2501 gatt_client->callback = callback; 2502 gatt_client->gatt_client_state = P_W2_EXECUTE_PREPARED_WRITE; 2503 gatt_client_run(); 2504 return ERROR_CODE_SUCCESS; 2505 } 2506 2507 /** 2508 * @brief -> gatt complete event 2509 */ 2510 uint8_t gatt_client_cancel_write(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2511 gatt_client_t * gatt_client; 2512 uint8_t status = gatt_client_provide_context_for_request(con_handle, &gatt_client); 2513 if (status != ERROR_CODE_SUCCESS){ 2514 return status; 2515 } 2516 2517 gatt_client->callback = callback; 2518 gatt_client->gatt_client_state = P_W2_CANCEL_PREPARED_WRITE; 2519 gatt_client_run(); 2520 return ERROR_CODE_SUCCESS; 2521 } 2522 2523 void gatt_client_deserialize_service(const uint8_t *packet, int offset, gatt_client_service_t * service){ 2524 service->start_group_handle = little_endian_read_16(packet, offset); 2525 service->end_group_handle = little_endian_read_16(packet, offset + 2); 2526 reverse_128(&packet[offset + 4], service->uuid128); 2527 if (uuid_has_bluetooth_prefix(service->uuid128)){ 2528 service->uuid16 = big_endian_read_32(service->uuid128, 0); 2529 } else { 2530 service->uuid16 = 0; 2531 } 2532 } 2533 2534 void gatt_client_deserialize_characteristic(const uint8_t * packet, int offset, gatt_client_characteristic_t * characteristic){ 2535 characteristic->start_handle = little_endian_read_16(packet, offset); 2536 characteristic->value_handle = little_endian_read_16(packet, offset + 2); 2537 characteristic->end_handle = little_endian_read_16(packet, offset + 4); 2538 characteristic->properties = little_endian_read_16(packet, offset + 6); 2539 reverse_128(&packet[offset+8], characteristic->uuid128); 2540 if (uuid_has_bluetooth_prefix(characteristic->uuid128)){ 2541 characteristic->uuid16 = big_endian_read_32(characteristic->uuid128, 0); 2542 } else { 2543 characteristic->uuid16 = 0; 2544 } 2545 } 2546 2547 void gatt_client_deserialize_characteristic_descriptor(const uint8_t * packet, int offset, gatt_client_characteristic_descriptor_t * descriptor){ 2548 descriptor->handle = little_endian_read_16(packet, offset); 2549 reverse_128(&packet[offset+2], descriptor->uuid128); 2550 if (uuid_has_bluetooth_prefix(descriptor->uuid128)){ 2551 descriptor->uuid16 = big_endian_read_32(descriptor->uuid128, 0); 2552 } else { 2553 descriptor->uuid16 = 0; 2554 } 2555 } 2556 2557 void gatt_client_send_mtu_negotiation(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2558 gatt_client_t * gatt_client; 2559 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2560 if (status != ERROR_CODE_SUCCESS){ 2561 return; 2562 } 2563 if (gatt_client->mtu_state == MTU_AUTO_EXCHANGE_DISABLED){ 2564 gatt_client->callback = callback; 2565 gatt_client->mtu_state = SEND_MTU_EXCHANGE; 2566 gatt_client_run(); 2567 } 2568 } 2569 2570 uint8_t gatt_client_request_to_write_without_response(btstack_context_callback_registration_t * callback_registration, hci_con_handle_t con_handle){ 2571 gatt_client_t * gatt_client; 2572 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2573 if (status != ERROR_CODE_SUCCESS){ 2574 return status; 2575 } 2576 bool added = btstack_linked_list_add_tail(&gatt_client->write_without_response_requests, (btstack_linked_item_t*) callback_registration); 2577 att_dispatch_client_request_can_send_now_event(gatt_client->con_handle); 2578 if (added){ 2579 return ERROR_CODE_SUCCESS; 2580 } else { 2581 return ERROR_CODE_COMMAND_DISALLOWED; 2582 } 2583 } 2584 2585 uint8_t gatt_client_request_to_send_gatt_query(btstack_context_callback_registration_t * callback_registration, hci_con_handle_t con_handle){ 2586 gatt_client_t * gatt_client; 2587 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2588 if (status != ERROR_CODE_SUCCESS){ 2589 return status; 2590 } 2591 bool added = btstack_linked_list_add_tail(&gatt_client->query_requests, (btstack_linked_item_t*) callback_registration); 2592 gatt_client_notify_can_send_query(gatt_client); 2593 if (added){ 2594 return ERROR_CODE_SUCCESS; 2595 } else { 2596 return ERROR_CODE_COMMAND_DISALLOWED; 2597 } 2598 } 2599 2600 uint8_t gatt_client_request_can_write_without_response_event(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2601 gatt_client_t * gatt_client; 2602 uint8_t status = gatt_client_provide_context_for_handle(con_handle, &gatt_client); 2603 if (status != ERROR_CODE_SUCCESS){ 2604 return status; 2605 } 2606 if (gatt_client->write_without_response_callback != NULL){ 2607 return GATT_CLIENT_IN_WRONG_STATE; 2608 } 2609 gatt_client->write_without_response_callback = callback; 2610 att_dispatch_client_request_can_send_now_event(gatt_client->con_handle); 2611 return ERROR_CODE_SUCCESS; 2612 } 2613 2614 #ifdef ENABLE_GATT_OVER_CLASSIC 2615 2616 #include "hci_event.h" 2617 2618 // single active SDP query 2619 static gatt_client_t * gatt_client_classic_active_sdp_query; 2620 2621 // macos protocol descriptor list requires 16 bytes 2622 static uint8_t gatt_client_classic_sdp_buffer[32]; 2623 2624 static const hci_event_t gatt_client_connected = { 2625 GATT_EVENT_CONNECTED, 0, "1BH" 2626 }; 2627 2628 static const hci_event_t gatt_client_disconnected = { 2629 GATT_EVENT_DISCONNECTED, 0, "H" 2630 }; 2631 2632 static gatt_client_t * gatt_client_get_context_for_classic_addr(bd_addr_t addr){ 2633 btstack_linked_item_t *it; 2634 for (it = (btstack_linked_item_t *) gatt_client_connections; it != NULL; it = it->next){ 2635 gatt_client_t * gatt_client = (gatt_client_t *) it; 2636 if (memcmp(gatt_client->addr, addr, 6) == 0){ 2637 return gatt_client; 2638 } 2639 } 2640 return NULL; 2641 } 2642 2643 static gatt_client_t * gatt_client_get_context_for_l2cap_cid(uint16_t l2cap_cid){ 2644 btstack_linked_item_t *it; 2645 for (it = (btstack_linked_item_t *) gatt_client_connections; it != NULL; it = it->next){ 2646 gatt_client_t * gatt_client = (gatt_client_t *) it; 2647 if (gatt_client->l2cap_cid == l2cap_cid){ 2648 return gatt_client; 2649 } 2650 } 2651 return NULL; 2652 } 2653 2654 static void gatt_client_classic_handle_connected(gatt_client_t * gatt_client, uint8_t status){ 2655 bd_addr_t addr; 2656 // cppcheck-suppress uninitvar ; addr is reported as uninitialized although it's the destination of the memcpy 2657 memcpy(addr, gatt_client->addr, 6); 2658 hci_con_handle_t con_handle = gatt_client->con_handle; 2659 btstack_packet_handler_t callback = gatt_client->callback; 2660 if (status != ERROR_CODE_SUCCESS){ 2661 btstack_linked_list_remove(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 2662 btstack_memory_gatt_client_free(gatt_client); 2663 } 2664 uint8_t buffer[20]; 2665 uint16_t len = hci_event_create_from_template_and_arguments(buffer, sizeof(buffer), &gatt_client_connected, status, addr, 2666 con_handle); 2667 (*callback)(HCI_EVENT_PACKET, 0, buffer, len); 2668 } 2669 2670 static void gatt_client_classic_handle_disconnected(gatt_client_t * gatt_client){ 2671 2672 gatt_client_report_error_if_pending(gatt_client, ATT_ERROR_HCI_DISCONNECT_RECEIVED); 2673 gatt_client_timeout_stop(gatt_client); 2674 2675 hci_con_handle_t con_handle = gatt_client->con_handle; 2676 btstack_packet_handler_t callback = gatt_client->callback; 2677 btstack_linked_list_remove(&gatt_client_connections, (btstack_linked_item_t *) gatt_client); 2678 btstack_memory_gatt_client_free(gatt_client); 2679 2680 uint8_t buffer[20]; 2681 uint16_t len = hci_event_create_from_template_and_arguments(buffer, sizeof(buffer), &gatt_client_disconnected, con_handle); 2682 (*callback)(HCI_EVENT_PACKET, 0, buffer, len); 2683 } 2684 2685 static void gatt_client_l2cap_handler(uint8_t packet_type, uint16_t channel, uint8_t *packet, uint16_t size){ 2686 gatt_client_t * gatt_client = NULL; 2687 uint8_t status; 2688 switch (packet_type){ 2689 case HCI_EVENT_PACKET: 2690 switch (hci_event_packet_get_type(packet)) { 2691 case L2CAP_EVENT_CHANNEL_OPENED: 2692 status = l2cap_event_channel_opened_get_status(packet); 2693 gatt_client = gatt_client_get_context_for_l2cap_cid(l2cap_event_channel_opened_get_local_cid(packet)); 2694 btstack_assert(gatt_client != NULL); 2695 // if status != 0, gatt_client will be discarded 2696 gatt_client->gatt_client_state = P_READY; 2697 gatt_client->con_handle = l2cap_event_channel_opened_get_handle(packet); 2698 gatt_client->mtu = l2cap_event_channel_opened_get_remote_mtu(packet); 2699 gatt_client_classic_handle_connected(gatt_client, status); 2700 break; 2701 case L2CAP_EVENT_CHANNEL_CLOSED: 2702 gatt_client = gatt_client_get_context_for_l2cap_cid(l2cap_event_channel_closed_get_local_cid(packet)); 2703 gatt_client_classic_handle_disconnected(gatt_client); 2704 break; 2705 default: 2706 break; 2707 } 2708 break; 2709 case L2CAP_DATA_PACKET: 2710 gatt_client = gatt_client_get_context_for_l2cap_cid(channel); 2711 btstack_assert(gatt_client != NULL); 2712 gatt_client_handle_att_response(gatt_client, packet, size); 2713 gatt_client_run(); 2714 break; 2715 default: 2716 break; 2717 } 2718 } 2719 2720 static void gatt_client_handle_sdp_client_query_attribute_value(gatt_client_t * connection, uint8_t *packet){ 2721 des_iterator_t des_list_it; 2722 des_iterator_t prot_it; 2723 2724 if (sdp_event_query_attribute_byte_get_attribute_length(packet) <= sizeof(gatt_client_classic_sdp_buffer)) { 2725 gatt_client_classic_sdp_buffer[sdp_event_query_attribute_byte_get_data_offset(packet)] = sdp_event_query_attribute_byte_get_data(packet); 2726 if ((uint16_t)(sdp_event_query_attribute_byte_get_data_offset(packet)+1) == sdp_event_query_attribute_byte_get_attribute_length(packet)) { 2727 switch(sdp_event_query_attribute_byte_get_attribute_id(packet)) { 2728 case BLUETOOTH_ATTRIBUTE_PROTOCOL_DESCRIPTOR_LIST: 2729 for (des_iterator_init(&des_list_it, gatt_client_classic_sdp_buffer); des_iterator_has_more(&des_list_it); des_iterator_next(&des_list_it)) { 2730 uint8_t *des_element; 2731 uint8_t *element; 2732 uint32_t uuid; 2733 2734 if (des_iterator_get_type(&des_list_it) != DE_DES) continue; 2735 2736 des_element = des_iterator_get_element(&des_list_it); 2737 des_iterator_init(&prot_it, des_element); 2738 element = des_iterator_get_element(&prot_it); 2739 2740 if (de_get_element_type(element) != DE_UUID) continue; 2741 2742 uuid = de_get_uuid32(element); 2743 des_iterator_next(&prot_it); 2744 // we assume that the even if there are both roles supported, remote device uses the same psm and avdtp version for both 2745 switch (uuid){ 2746 case BLUETOOTH_PROTOCOL_L2CAP: 2747 if (!des_iterator_has_more(&prot_it)) continue; 2748 de_element_get_uint16(des_iterator_get_element(&prot_it), &connection->l2cap_psm); 2749 break; 2750 default: 2751 break; 2752 } 2753 } 2754 break; 2755 2756 default: 2757 break; 2758 } 2759 } 2760 } 2761 } 2762 2763 static void gatt_client_classic_sdp_handler(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size){ 2764 gatt_client_t * gatt_client = gatt_client_classic_active_sdp_query; 2765 btstack_assert(gatt_client != NULL); 2766 uint8_t status; 2767 2768 // TODO: handle sdp events, get l2cap psm 2769 switch (hci_event_packet_get_type(packet)){ 2770 case SDP_EVENT_QUERY_ATTRIBUTE_VALUE: 2771 gatt_client_handle_sdp_client_query_attribute_value(gatt_client, packet); 2772 // TODO: 2773 return; 2774 case SDP_EVENT_QUERY_COMPLETE: 2775 status = sdp_event_query_complete_get_status(packet); 2776 gatt_client_classic_active_sdp_query = NULL; 2777 log_info("l2cap psm: %0x, status %02x", gatt_client->l2cap_psm, status); 2778 if (status != ERROR_CODE_SUCCESS) break; 2779 if (gatt_client->l2cap_psm == 0) { 2780 status = SDP_SERVICE_NOT_FOUND; 2781 break; 2782 } 2783 break; 2784 default: 2785 btstack_assert(false); 2786 return; 2787 } 2788 2789 // done 2790 if (status == ERROR_CODE_SUCCESS){ 2791 gatt_client->gatt_client_state = P_W4_L2CAP_CONNECTION; 2792 status = l2cap_create_channel(gatt_client_l2cap_handler, gatt_client->addr, gatt_client->l2cap_psm, 0xffff, 2793 &gatt_client->l2cap_cid); 2794 } 2795 if (status != ERROR_CODE_SUCCESS) { 2796 gatt_client_classic_handle_connected(gatt_client, status); 2797 } 2798 } 2799 2800 static void gatt_client_classic_sdp_start(void * context){ 2801 gatt_client_classic_active_sdp_query = (gatt_client_t *) context; 2802 gatt_client_classic_active_sdp_query->gatt_client_state = P_W4_SDP_QUERY; 2803 sdp_client_query_uuid16(gatt_client_classic_sdp_handler, gatt_client_classic_active_sdp_query->addr, ORG_BLUETOOTH_SERVICE_GENERIC_ATTRIBUTE); 2804 } 2805 2806 uint8_t gatt_client_classic_connect(btstack_packet_handler_t callback, bd_addr_t addr){ 2807 gatt_client_t * gatt_client = gatt_client_get_context_for_classic_addr(addr); 2808 if (gatt_client != NULL){ 2809 return ERROR_CODE_ACL_CONNECTION_ALREADY_EXISTS; 2810 } 2811 gatt_client = btstack_memory_gatt_client_get(); 2812 if (gatt_client == NULL){ 2813 return ERROR_CODE_MEMORY_CAPACITY_EXCEEDED; 2814 } 2815 // init state 2816 gatt_client->con_handle = HCI_CON_HANDLE_INVALID; 2817 memcpy(gatt_client->addr, addr, 6); 2818 gatt_client->mtu = ATT_DEFAULT_MTU; 2819 gatt_client->security_level = LEVEL_0; 2820 gatt_client->mtu_state = MTU_AUTO_EXCHANGE_DISABLED; 2821 gatt_client->gatt_client_state = P_W2_SDP_QUERY; 2822 gatt_client->sdp_query_request.callback = &gatt_client_classic_sdp_start; 2823 gatt_client->sdp_query_request.context = gatt_client; 2824 gatt_client->callback = callback; 2825 btstack_linked_list_add(&gatt_client_connections, (btstack_linked_item_t*)gatt_client); 2826 sdp_client_register_query_callback(&gatt_client->sdp_query_request); 2827 return ERROR_CODE_SUCCESS; 2828 } 2829 2830 uint8_t gatt_client_classic_disconnect(btstack_packet_handler_t callback, hci_con_handle_t con_handle){ 2831 gatt_client_t * gatt_client = gatt_client_get_context_for_handle(con_handle); 2832 if (gatt_client == NULL){ 2833 return ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER; 2834 } 2835 gatt_client->callback = callback; 2836 return l2cap_disconnect(gatt_client->l2cap_cid); 2837 } 2838 #endif 2839 2840 #ifdef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION 2841 void gatt_client_att_packet_handler_fuzz(uint8_t packet_type, uint16_t handle, uint8_t *packet, uint16_t size){ 2842 gatt_client_att_packet_handler(packet_type, handle, packet, size); 2843 } 2844 2845 uint8_t gatt_client_get_client(hci_con_handle_t con_handle, gatt_client_t ** out_gatt_client){ 2846 uint8_t status = gatt_client_provide_context_for_handle(con_handle, out_gatt_client); 2847 return status; 2848 } 2849 #endif 2850