[BREAKING] Asynchronous pin injections for Numeric Comparison and PassKey Input (#165)

* Make NimBLEConnInfo functions const.

* Update callback functions and update client to use new functions.

* Update examples.

* Update migration guide.

---------

Co-authored-by: Casey Smith <csmith@morningstarcorp.com>

Author: h2zero

src/NimBLEClient.cpp

@@ -1171,7 +1171,11 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) {
             {
                 NimBLEConnInfo peerInfo;
                 rc = ble_gap_conn_find(event->enc_change.conn_handle, &peerInfo.m_desc);
-                assert(rc == 0);
+                if (rc != 0) {
+                    NIMBLE_LOGE(LOG_TAG, "Connection info not found");
+                    rc = 0;
+                    break;
+                }
 
                 if (event->enc_change.status == (BLE_HS_ERR_HCI_BASE + BLE_ERR_PINKEY_MISSING)) {
                     // Key is missing, try deleting.
@@ -1203,20 +1207,17 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) {
             if(pClient->m_conn_id != event->passkey.conn_handle)
                 return 0;
 
-            if (event->passkey.params.action == BLE_SM_IOACT_DISP) {
-                pkey.action = event->passkey.params.action;
-                pkey.passkey = NimBLEDevice::m_passkey; // This is the passkey to be entered on peer
-                rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-                NIMBLE_LOGD(LOG_TAG, "ble_sm_inject_io result: %d", rc);
+            NimBLEConnInfo peerInfo;
+            rc = ble_gap_conn_find(event->passkey.conn_handle, &peerInfo.m_desc);
+            if (rc != 0) {
+                NIMBLE_LOGE(LOG_TAG, "Connection info not found");
+                rc = 0;
+                break;
+            }
 
-            } else if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) {
+            if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) {
                 NIMBLE_LOGD(LOG_TAG, "Passkey on device's display: %" PRIu32, event->passkey.params.numcmp);
-                pkey.action = event->passkey.params.action;
-                pkey.numcmp_accept = pClient->m_pClientCallbacks->onConfirmPIN(event->passkey.params.numcmp);
-
-                rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-                NIMBLE_LOGD(LOG_TAG, "ble_sm_inject_io result: %d", rc);
-
+                pClient->m_pClientCallbacks->onConfirmPIN(peerInfo, event->passkey.params.numcmp);
             //TODO: Handle out of band pairing
             } else if (event->passkey.params.action == BLE_SM_IOACT_OOB) {
                 static uint8_t tem_oob[16] = {0};
@@ -1229,12 +1230,7 @@ int NimBLEClient::handleGapEvent(struct ble_gap_event *event, void *arg) {
             ////////
             } else if (event->passkey.params.action == BLE_SM_IOACT_INPUT) {
                 NIMBLE_LOGD(LOG_TAG, "Enter the passkey");
-                pkey.action = event->passkey.params.action;
-                pkey.passkey = pClient->m_pClientCallbacks->onPassKeyRequest();
-
-                rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-                NIMBLE_LOGD(LOG_TAG, "ble_sm_inject_io result: %d", rc);
-
+                pClient->m_pClientCallbacks->onPassKeyEntry(peerInfo);
             } else if (event->passkey.params.action == BLE_SM_IOACT_NONE) {
                 NIMBLE_LOGD(LOG_TAG, "No passkey action required");
             }
@@ -1321,17 +1317,18 @@ bool NimBLEClientCallbacks::onConnParamsUpdateRequest(NimBLEClient* pClient, con
     return true;
 }
 
-uint32_t NimBLEClientCallbacks::onPassKeyRequest(){
-    NIMBLE_LOGD("NimBLEClientCallbacks", "onPassKeyRequest: default: 123456");
-    return 123456;
-}
+void NimBLEClientCallbacks::onPassKeyEntry(const NimBLEConnInfo& connInfo){
+    NIMBLE_LOGD("NimBLEClientCallbacks", "onPassKeyEntry: default: 123456");
+    NimBLEDevice::injectPassKey(connInfo, 123456);
+} //onPassKeyEntry
 
-void NimBLEClientCallbacks::onAuthenticationComplete(NimBLEConnInfo& peerInfo){
+void NimBLEClientCallbacks::onAuthenticationComplete(const NimBLEConnInfo& connInfo){
     NIMBLE_LOGD("NimBLEClientCallbacks", "onAuthenticationComplete: default");
 }
-bool NimBLEClientCallbacks::onConfirmPIN(uint32_t pin){
+
+void NimBLEClientCallbacks::onConfirmPIN(const NimBLEConnInfo& connInfo, uint32_t pin){
     NIMBLE_LOGD("NimBLEClientCallbacks", "onConfirmPIN: default: true");
-    return true;
+    NimBLEDevice::injectConfirmPIN(connInfo, true);
 }
 
 #endif /* CONFIG_BT_ENABLED && CONFIG_BT_NIMBLE_ROLE_CENTRAL */

src/NimBLEClient.h

@@ -147,23 +147,23 @@ class NimBLEClientCallbacks {
 
     /**
      * @brief Called when server requests a passkey for pairing.
-     * @return The passkey to be sent to the server.
+     * @param [in] connInfo A reference to a NimBLEConnInfo instance containing the peer info.
      */
-    virtual uint32_t onPassKeyRequest();
+    virtual void onPassKeyEntry(const NimBLEConnInfo& connInfo);
 
     /**
      * @brief Called when the pairing procedure is complete.
      * @param [in] connInfo A reference to a NimBLEConnInfo instance containing the peer info.\n
      * This can be used to check the status of the connection encryption/pairing.
      */
-    virtual void onAuthenticationComplete(NimBLEConnInfo& connInfo);
+    virtual void onAuthenticationComplete(const NimBLEConnInfo& connInfo);
 
     /**
      * @brief Called when using numeric comparision for pairing.
+     * @param [in] connInfo A reference to a NimBLEConnInfo instance containing the peer info.
      * @param [in] pin The pin to compare with the server.
-     * @return True to accept the pin.
      */
-    virtual bool onConfirmPIN(uint32_t pin);
+    virtual void onConfirmPIN(const NimBLEConnInfo& connInfo, uint32_t pin);
 };
 
 #endif /* CONFIG_BT_ENABLED && CONFIG_BT_NIMBLE_ROLE_CENTRAL */

src/NimBLEConnInfo.h

@@ -13,44 +13,44 @@ friend class NimBLECharacteristic;
 friend class NimBLEDescriptor;
 
     ble_gap_conn_desc m_desc;
-    NimBLEConnInfo()                       { m_desc = {}; }
-    NimBLEConnInfo(ble_gap_conn_desc desc) { m_desc = desc; }
+    NimBLEConnInfo()                         { m_desc = {}; }
+    NimBLEConnInfo(ble_gap_conn_desc desc)   { m_desc = desc; }
 public:
     /** @brief Gets the over-the-air address of the connected peer */
-    NimBLEAddress    getAddress()          { return NimBLEAddress(m_desc.peer_ota_addr); }
+    NimBLEAddress    getAddress() const      { return NimBLEAddress(m_desc.peer_ota_addr); }
 
     /** @brief Gets the ID address of the connected peer */
-    NimBLEAddress    getIdAddress()        { return NimBLEAddress(m_desc.peer_id_addr); }
+    NimBLEAddress    getIdAddress() const    { return NimBLEAddress(m_desc.peer_id_addr); }
 
     /** @brief Gets the connection handle of the connected peer */
-    uint16_t         getConnHandle()       { return m_desc.conn_handle; }
+    uint16_t         getConnHandle() const   { return m_desc.conn_handle; }
 
     /** @brief Gets the connection interval for this connection (in 1.25ms units) */
-    uint16_t         getConnInterval()     { return m_desc.conn_itvl; }
+    uint16_t         getConnInterval() const { return m_desc.conn_itvl; }
 
     /** @brief Gets the supervision timeout for this connection (in 10ms units) */
-    uint16_t         getConnTimeout()      { return m_desc.supervision_timeout; }
+    uint16_t         getConnTimeout() const  { return m_desc.supervision_timeout; }
 
     /** @brief Gets the allowable latency for this connection (unit = number of intervals) */
-    uint16_t         getConnLatency()      { return m_desc.conn_latency; }
+    uint16_t         getConnLatency() const  { return m_desc.conn_latency; }
 
     /** @brief Gets the maximum transmission unit size for this connection (in bytes) */
-    uint16_t         getMTU()              { return ble_att_mtu(m_desc.conn_handle); }
+    uint16_t         getMTU() const          { return ble_att_mtu(m_desc.conn_handle); }
 
     /** @brief Check if we are in the master role in this connection */
-    bool             isMaster()            { return (m_desc.role == BLE_GAP_ROLE_MASTER); }
+    bool             isMaster() const        { return (m_desc.role == BLE_GAP_ROLE_MASTER); }
 
     /** @brief Check if we are in the slave role in this connection */
-    bool             isSlave()             { return (m_desc.role == BLE_GAP_ROLE_SLAVE); }
+    bool             isSlave() const         { return (m_desc.role == BLE_GAP_ROLE_SLAVE); }
 
     /** @brief Check if we are connected to a bonded peer */
-    bool             isBonded()            { return (m_desc.sec_state.bonded == 1); }
+    bool             isBonded() const        { return (m_desc.sec_state.bonded == 1); }
 
     /** @brief Check if the connection in encrypted */
-    bool             isEncrypted()         { return (m_desc.sec_state.encrypted == 1); }
+    bool             isEncrypted() const     { return (m_desc.sec_state.encrypted == 1); }
 
     /** @brief Check if the the connection has been authenticated */
-    bool             isAuthenticated()     { return (m_desc.sec_state.authenticated == 1); }
+    bool             isAuthenticated() const { return (m_desc.sec_state.authenticated == 1); }
 
     /** @brief Gets the key size used to encrypt the connection */
     uint8_t          getSecKeySize()       { return m_desc.sec_state.key_size; }

src/NimBLEDevice.cpp

@@ -23,7 +23,9 @@
 #  include "esp_bt.h"
 #  include "nvs_flash.h"
 #  if defined(CONFIG_NIMBLE_CPP_IDF)
-#    include "esp_nimble_hci.h"
+#    if (ESP_IDF_VERSION < ESP_IDF_VERSION_VAL(5, 0, 0) || CONFIG_BT_NIMBLE_LEGACY_VHCI_ENABLE)
+#       include "esp_nimble_hci.h"
+#    endif
 #    include "nimble/nimble_port.h"
 #    include "nimble/nimble_port_freertos.h"
 #    include "host/ble_hs.h"
@@ -1154,6 +1156,43 @@ int NimBLEDevice::startSecurity(uint16_t conn_id) {
 } // startSecurity
 
 
+/**
+ * @brief Inject the provided passkey into the Security Manager
+ * @param [in] peerInfo Connection information for the peer
+ * @param [in] pin The 6-digit pin to inject
+ * @return true if the passkey was injected successfully.
+ */
+bool NimBLEDevice::injectPassKey(const NimBLEConnInfo& peerInfo, uint32_t pin) {
+    int rc = 0;
+    struct ble_sm_io pkey = {0,0};
+
+    pkey.action = BLE_SM_IOACT_INPUT;
+    pkey.passkey = pin;
+
+    rc = ble_sm_inject_io(peerInfo.getConnHandle(), &pkey);
+    NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_INPUT; ble_sm_inject_io result: %d", rc);
+    return rc == 0;
+}
+
+
+/**
+ * @brief Inject the provided numeric comparison response into the Security Manager
+ * @param [in] peerInfo Connection information for the peer
+ * @param [in] accept Whether the user confirmed or declined the comparison
+ */
+bool NimBLEDevice::injectConfirmPIN(const NimBLEConnInfo& peerInfo, bool accept) {
+    int rc = 0;
+    struct ble_sm_io pkey = {0,0};
+
+    pkey.action = BLE_SM_IOACT_NUMCMP;
+    pkey.numcmp_accept = accept;
+
+    rc = ble_sm_inject_io(peerInfo.getConnHandle(), &pkey);
+    NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_NUMCMP; ble_sm_inject_io result: %d", rc);
+    return rc == 0;
+}
+
+
 /**
  * @brief Check if the device address is on our ignore list.
  * @param [in] address The address to look for.

src/NimBLEDevice.h

@@ -136,6 +136,8 @@ class NimBLEDevice {
     static void             setSecurityPasskey(uint32_t pin);
     static uint32_t         getSecurityPasskey();
     static int              startSecurity(uint16_t conn_id);
+    static bool             injectConfirmPIN(const NimBLEConnInfo& peerInfo, bool accept);
+    static bool             injectPassKey(const NimBLEConnInfo& peerInfo, uint32_t pin);
     static int              setMTU(uint16_t mtu);
     static uint16_t         getMTU();
     static bool             isIgnored(const NimBLEAddress &address);

src/NimBLEServer.cpp

@@ -263,6 +263,7 @@ void NimBLEServer::advertiseOnDisconnect(bool aod) {
 } // advertiseOnDisconnect
 #endif
 
+
 /**
  * @brief Return the number of connected clients.
  * @return The number of connected clients.
@@ -528,19 +529,20 @@ int NimBLEServer::handleGapEvent(struct ble_gap_event *event, void *arg) {
                 // if the (static)passkey is the default, check the callback for custom value
                 // both values default to the same.
                 if(pkey.passkey == 123456) {
-                    pkey.passkey = pServer->m_pServerCallbacks->onPassKeyRequest();
+                    pkey.passkey = pServer->m_pServerCallbacks->onPassKeyDisplay();
                 }
                 rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
                 NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_DISP; ble_sm_inject_io result: %d", rc);
 
             } else if (event->passkey.params.action == BLE_SM_IOACT_NUMCMP) {
                 NIMBLE_LOGD(LOG_TAG, "Passkey on device's display: %" PRIu32, event->passkey.params.numcmp);
-                pkey.action = event->passkey.params.action;
-                pkey.numcmp_accept = pServer->m_pServerCallbacks->onConfirmPIN(event->passkey.params.numcmp);
 
-                rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-                NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_NUMCMP; ble_sm_inject_io result: %d", rc);
+                rc = ble_gap_conn_find(event->passkey.conn_handle, &peerInfo.m_desc);
+                if(rc != 0) {
+                    return BLE_ATT_ERR_INVALID_HANDLE;
+                }
 
+                pServer->m_pServerCallbacks->onConfirmPIN(peerInfo, event->passkey.params.numcmp);
             //TODO: Handle out of band pairing
             } else if (event->passkey.params.action == BLE_SM_IOACT_OOB) {
                 static uint8_t tem_oob[16] = {0};
@@ -551,14 +553,6 @@ int NimBLEServer::handleGapEvent(struct ble_gap_event *event, void *arg) {
                 rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
                 NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_OOB; ble_sm_inject_io result: %d", rc);
             //////////////////////////////////
-            } else if (event->passkey.params.action == BLE_SM_IOACT_INPUT) {
-                NIMBLE_LOGD(LOG_TAG, "Enter the passkey");
-                pkey.action = event->passkey.params.action;
-                pkey.passkey = pServer->m_pServerCallbacks->onPassKeyRequest();
-
-                rc = ble_sm_inject_io(event->passkey.conn_handle, &pkey);
-                NIMBLE_LOGD(LOG_TAG, "BLE_SM_IOACT_INPUT; ble_sm_inject_io result: %d", rc);
-
             } else if (event->passkey.params.action == BLE_SM_IOACT_NONE) {
                 NIMBLE_LOGD(LOG_TAG, "No passkey action required");
             }
@@ -851,18 +845,18 @@ void NimBLEServerCallbacks::onMTUChange(uint16_t MTU, NimBLEConnInfo& connInfo)
     NIMBLE_LOGD("NimBLEServerCallbacks", "onMTUChange(): Default");
 } // onMTUChange
 
-uint32_t NimBLEServerCallbacks::onPassKeyRequest(){
-    NIMBLE_LOGD("NimBLEServerCallbacks", "onPassKeyRequest: default: 123456");
+uint32_t NimBLEServerCallbacks::onPassKeyDisplay(){
+    NIMBLE_LOGD("NimBLEServerCallbacks", "onPassKeyDisplay: default: 123456");
     return 123456;
-} //onPassKeyRequest
+} //onPassKeyDisplay
 
-void NimBLEServerCallbacks::onAuthenticationComplete(NimBLEConnInfo& connInfo){
-    NIMBLE_LOGD("NimBLEServerCallbacks", "onAuthenticationComplete: default");
-} // onAuthenticationComplete
-
-bool NimBLEServerCallbacks::onConfirmPIN(uint32_t pin){
+void NimBLEServerCallbacks::onConfirmPIN(const NimBLEConnInfo& connInfo, uint32_t pin){
     NIMBLE_LOGD("NimBLEServerCallbacks", "onConfirmPIN: default: true");
-    return true;
+    NimBLEDevice::injectConfirmPIN(connInfo, true);
 } // onConfirmPIN
 
+void NimBLEServerCallbacks::onAuthenticationComplete(const NimBLEConnInfo& connInfo){
+    NIMBLE_LOGD("NimBLEServerCallbacks", "onAuthenticationComplete: default");
+} // onAuthenticationComplete
+
 #endif /* CONFIG_BT_ENABLED && CONFIG_BT_NIMBLE_ROLE_PERIPHERAL */

src/NimBLEServer.h

@@ -152,24 +152,25 @@ class NimBLEServerCallbacks {
     virtual void onMTUChange(uint16_t MTU, NimBLEConnInfo& connInfo);
 
     /**
-     * @brief Called when a client requests a passkey for pairing.
+     * @brief Called when a client requests a passkey for pairing (display).
      * @return The passkey to be sent to the client.
      */
-    virtual uint32_t onPassKeyRequest();
+    virtual uint32_t onPassKeyDisplay();
 
     /**
-     * @brief Called when the pairing procedure is complete.
+     * @brief Called when using numeric comparision for pairing.
      * @param [in] connInfo A reference to a NimBLEConnInfo instance with information
-     * about the peer connection parameters.
+     * Should be passed back to NimBLEDevice::injectConfirmPIN
+     * @param [in] pin The pin to compare with the client.
      */
-    virtual void onAuthenticationComplete(NimBLEConnInfo& connInfo);
+    virtual void onConfirmPIN(const NimBLEConnInfo& connInfo, uint32_t pin);
 
     /**
-     * @brief Called when using numeric comparision for pairing.
-     * @param [in] pin The pin to compare with the client.
-     * @return True to accept the pin.
+     * @brief Called when the pairing procedure is complete.
+     * @param [in] connInfo A reference to a NimBLEConnInfo instance with information
+     * about the peer connection parameters.
      */
-    virtual bool onConfirmPIN(uint32_t pin);
+    virtual void onAuthenticationComplete(const NimBLEConnInfo& connInfo);
 }; // NimBLEServerCallbacks
 
 #endif /* CONFIG_BT_ENABLED && CONFIG_BT_NIMBLE_ROLE_PERIPHERAL */