Merge branch 'feature/btdm_support_some_ble_new_features' into 'master'

Feature/btdm support some ble new features

See merge request espressif/esp-idf!11432

components/bt/host/bluedroid/api/esp_gap_ble_api.c

@@ -749,3 +749,14 @@ esp_err_t esp_gap_ble_set_channels(esp_gap_ble_channels channels)
     arg.set_channels.channels[ESP_GAP_BLE_CHANNELS_LEN -1] &= 0x1F;
     return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gap_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
 }
+
+esp_err_t esp_gap_ble_set_authorization(esp_bd_addr_t bd_addr, bool authorize)
+{
+    if (!bd_addr) {
+        return ESP_ERR_INVALID_ARG;
+    }
+    if (BTM_Ble_Authorization(bd_addr, authorize)) {
+        return ESP_OK;
+    }
+    return ESP_FAIL;
+}

components/bt/host/bluedroid/api/esp_gattc_api.c

@@ -350,6 +350,39 @@ esp_err_t esp_ble_gattc_read_char (esp_gatt_if_t gattc_if,
     return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gattc_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
 }
 
+esp_err_t esp_ble_gattc_read_by_type (esp_gatt_if_t gattc_if,
+                                      uint16_t conn_id,
+                                      uint16_t start_handle,
+                                      uint16_t end_handle,
+                                      esp_bt_uuid_t *uuid,
+                                      esp_gatt_auth_req_t auth_req)
+{
+    btc_msg_t msg;
+    btc_ble_gattc_args_t arg;
+
+    ESP_BLUEDROID_STATUS_CHECK(ESP_BLUEDROID_STATUS_ENABLED);
+
+    if (uuid == NULL) {
+        return ESP_GATT_ILLEGAL_PARAMETER;
+    }
+
+    if (L2CA_CheckIsCongest(L2CAP_ATT_CID, conn_id)) {
+        LOG_DEBUG("%s, the l2cap chanel is congest.", __func__);
+        return ESP_FAIL;
+    }
+
+    msg.sig = BTC_SIG_API_CALL;
+    msg.pid = BTC_PID_GATTC;
+    msg.act = BTC_GATTC_ACT_READ_BY_TYPE;
+    arg.read_by_type.conn_id = BTC_GATT_CREATE_CONN_ID(gattc_if, conn_id);
+    arg.read_by_type.s_handle = start_handle;
+    arg.read_by_type.e_handle = end_handle;
+    arg.read_by_type.auth_req = auth_req;
+    memcpy(&(arg.read_by_type.uuid), uuid, sizeof(esp_bt_uuid_t));
+
+    return (btc_transfer_context(&msg, &arg, sizeof(btc_ble_gattc_args_t), NULL) == BT_STATUS_SUCCESS ? ESP_OK : ESP_FAIL);
+}
+
 esp_err_t esp_ble_gattc_read_multiple(esp_gatt_if_t gattc_if,
                                       uint16_t conn_id, esp_gattc_multi_t *read_multi,
                                       esp_gatt_auth_req_t auth_req)

components/bt/host/bluedroid/api/include/api/esp_gap_ble_api.h

@@ -292,6 +292,8 @@ typedef enum {
     ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH,
     /* Enable/Disable OOB support */
     ESP_BLE_SM_OOB_SUPPORT,
+    /* Appl encryption key size */
+    ESP_BLE_APP_ENC_KEY_SIZE,
     ESP_BLE_SM_MAX_PARAM,
 } esp_ble_sm_param_t;
 
@@ -915,7 +917,7 @@ esp_err_t esp_ble_gap_update_conn_params(esp_ble_conn_update_params_t *params);
 esp_err_t esp_ble_gap_set_pkt_data_len(esp_bd_addr_t remote_device, uint16_t tx_data_length);
 
 /**
- * @brief           This function sets the random address for the application
+ * @brief           This function sets the static Random Address and Non-Resolvable Private Address for the application
  *
  * @param[in]       rand_addr: the random address which should be setting
  *
@@ -1303,6 +1305,17 @@ esp_err_t esp_ble_get_current_conn_params(esp_bd_addr_t bd_addr, esp_gap_conn_pa
 */
 esp_err_t esp_gap_ble_set_channels(esp_gap_ble_channels channels);
 
+/**
+* @brief           This function is called to authorized a link after Authentication(MITM protection)
+*
+* @param[in]       bd_addr: BD address of the peer device.
+* @param[out]      authorize: Authorized the link or not.
+*
+* @return          - ESP_OK : success
+*                  - other  : failed
+*
+*/
+esp_err_t esp_gap_ble_set_authorization(esp_bd_addr_t bd_addr, bool authorize);
 #ifdef __cplusplus
 }
 #endif

components/bt/host/bluedroid/api/include/api/esp_gatt_defs.h

@@ -283,6 +283,8 @@ typedef enum {
 #define    ESP_GATT_PERM_WRITE_ENC_MITM        (1 << 6)   /* bit 6 -  0x0040 */    /* relate to BTA_GATT_PERM_WRITE_ENC_MITM in bta/bta_gatt_api.h */
 #define    ESP_GATT_PERM_WRITE_SIGNED          (1 << 7)   /* bit 7 -  0x0080 */    /* relate to BTA_GATT_PERM_WRITE_SIGNED in bta/bta_gatt_api.h */
 #define    ESP_GATT_PERM_WRITE_SIGNED_MITM     (1 << 8)   /* bit 8 -  0x0100 */    /* relate to BTA_GATT_PERM_WRITE_SIGNED_MITM in bta/bta_gatt_api.h */
+#define    ESP_GATT_PERM_READ_AUTHORIZATION    (1 << 9)   /* bit 9 -  0x0200 */
+#define    ESP_GATT_PERM_WRITE_AUTHORIZATION   (1 << 10)  /* bit 10 - 0x0400 */
 typedef uint16_t esp_gatt_perm_t;
 
 /* relate to BTA_GATT_CHAR_PROP_BIT_xxx in bta/bta_gatt_api.h */

components/bt/host/bluedroid/api/include/api/esp_gattc_api.h

@@ -613,6 +613,29 @@ esp_err_t esp_ble_gattc_read_char (esp_gatt_if_t gattc_if,
                                    uint16_t handle,
                                    esp_gatt_auth_req_t auth_req);
 
+/**
+ * @brief           This function is called to read a service's characteristics of
+ *                  the given characteristic UUID
+ *
+ * @param[in]       gattc_if: Gatt client access interface.
+ * @param[in]       conn_id : connection ID.
+ * @param[in]       start_handle : the attribute start handle.
+ * @param[in]       end_handle : the attribute end handle
+ * @param[in]       uuid : The UUID of attribute which will be read.
+ * @param[in]       auth_req : authenticate request type
+ *
+ * @return
+ *                  - ESP_OK: success
+ *                  - other: failed
+ *
+ */
+esp_err_t esp_ble_gattc_read_by_type (esp_gatt_if_t gattc_if,
+                                      uint16_t conn_id,
+                                      uint16_t start_handle,
+                                      uint16_t end_handle,
+                                      esp_bt_uuid_t *uuid,
+                                      esp_gatt_auth_req_t auth_req);
+
 /**
  * @brief           This function is called to read multiple characteristic or
  *                  characteristic descriptors.

components/bt/host/bluedroid/bta/dm/bta_dm_co.c

@@ -51,6 +51,7 @@ tBTE_APPL_CFG bte_appl_cfg = {
     BTM_BLE_MIN_KEY_SIZE,
     BTM_BLE_ONLY_ACCEPT_SPECIFIED_SEC_AUTH_DISABLE,
     BTM_BLE_OOB_DISABLE,
+    BTM_BLE_APPL_ENC_KEY_SIZE,
 };
 #endif
 
@@ -427,6 +428,17 @@ void bta_dm_co_ble_set_min_key_size(UINT8 ble_key_size)
 #endif  ///SMP_INCLUDED == TRUE
 }
 
+void bta_dm_co_ble_set_appl_enc_key_size(UINT8 ble_key_size)
+{
+#if (SMP_INCLUDED == TRUE)
+    if(ble_key_size >= bte_appl_cfg.ble_min_key_size && ble_key_size <= bte_appl_cfg.ble_max_key_size) {
+        bte_appl_cfg.ble_appl_enc_key_size = ble_key_size;
+    } else {
+        APPL_TRACE_ERROR("%s error:Invalid key size value, key_size =%d",__func__, ble_key_size);
+    }
+#endif  ///SMP_INCLUDED == TRUE
+}
+
 void bta_dm_co_ble_set_accept_auth_enable(UINT8 enable)
 {
 #if (SMP_INCLUDED == TRUE)

components/bt/host/bluedroid/bta/gatt/bta_gattc_act.c

@@ -1104,6 +1104,41 @@ void bta_gattc_read(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data)
 }
 /*******************************************************************************
 **
+** Function         bta_gattc_read_by_type
+**
+** Description      Read an attribute
+**
+** Returns          None.
+**
+*******************************************************************************/
+void bta_gattc_read_by_type(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data)
+{
+    if (!bta_gattc_enqueue(p_clcb, p_data)) {
+        return;
+    }
+
+    tGATT_READ_PARAM    read_param;
+    memset (&read_param, 0 ,sizeof(tGATT_READ_PARAM));
+    read_param.service.auth_req = p_data->api_read.auth_req;
+    read_param.service.s_handle = p_data->api_read.s_handle;
+    read_param.service.e_handle = p_data->api_read.e_handle;
+    memcpy(&(read_param.service.uuid), &(p_data->api_read.uuid), sizeof(tBT_UUID));
+
+    tBTA_GATT_STATUS status = GATTC_Read(p_clcb->bta_conn_id, GATT_READ_BY_TYPE, &read_param);
+
+    /* read fail */
+    if (status != BTA_GATT_OK) {
+        /* Dequeue the data, if it was enqueued */
+        if (p_clcb->p_q_cmd == p_data) {
+            p_clcb->p_q_cmd = NULL;
+            bta_gattc_pop_command_to_send(p_clcb);
+        }
+
+        bta_gattc_cmpl_sendmsg(p_clcb->bta_conn_id, GATTC_OPTYPE_READ, status, NULL);
+    }
+}
+/*******************************************************************************
+**
 ** Function         bta_gattc_read_multi
 **
 ** Description      read multiple
@@ -1397,7 +1432,7 @@ void  bta_gattc_op_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data)
             return;
         }
         if (p_clcb->p_q_cmd->hdr.event != bta_gattc_opcode_to_int_evt[op - GATTC_OPTYPE_READ]) {
-            if (p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_MULTI_EVT) {
+            if ((p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_MULTI_EVT)&&(p_clcb->p_q_cmd->hdr.event != BTA_GATTC_API_READ_BY_TYPE_EVT)) {
                 mapped_op = p_clcb->p_q_cmd->hdr.event - BTA_GATTC_API_READ_EVT + GATTC_OPTYPE_READ;
                 if ( mapped_op > GATTC_OPTYPE_INDICATION) {
                     mapped_op = 0;

components/bt/host/bluedroid/bta/gatt/bta_gattc_api.c

@@ -562,6 +562,39 @@ void BTA_GATTC_ReadMultiple(UINT16 conn_id, tBTA_GATTC_MULTI *p_read_multi,
     return;
 }
 
+/*******************************************************************************
+**
+** Function         BTA_GATTC_Read_by_type
+**
+** Description      This function is called to read a attribute value by uuid
+**
+** Parameters       conn_id - connection ID.
+**                  s_handle - start handle.
+**                  e_handle - end hanle
+**                  uuid - The attribute UUID.
+**
+** Returns          None
+**
+*******************************************************************************/
+void BTA_GATTC_Read_by_type(UINT16 conn_id, UINT16 s_handle,UINT16 e_handle, tBT_UUID *uuid, tBTA_GATT_AUTH_REQ auth_req)
+{
+    tBTA_GATTC_API_READ  *p_buf;
+
+    if ((p_buf = (tBTA_GATTC_API_READ *) osi_malloc(sizeof(tBTA_GATTC_API_READ))) != NULL) {
+        memset(p_buf, 0, sizeof(tBTA_GATTC_API_READ));
+
+        p_buf->hdr.event = BTA_GATTC_API_READ_BY_TYPE_EVT;
+        p_buf->hdr.layer_specific = conn_id;
+        p_buf->auth_req = auth_req;
+        p_buf->s_handle = s_handle;
+        p_buf->e_handle = e_handle;
+        memcpy(&(p_buf->uuid), uuid, sizeof(tBT_UUID));
+        p_buf->cmpl_evt = BTA_GATTC_READ_CHAR_EVT;
+
+        bta_sys_sendmsg(p_buf);
+    }
+    return;
+}
 
 /*******************************************************************************
 **

components/bt/host/bluedroid/bta/gatt/bta_gattc_main.c

@@ -65,6 +65,7 @@ enum {
     BTA_GATTC_DISC_CLOSE,
     BTA_GATTC_RESTART_DISCOVER,
     BTA_GATTC_CFG_MTU,
+    BTA_GATTC_READ_BY_TYPE,
 
     BTA_GATTC_IGNORE
 };
@@ -98,7 +99,8 @@ const tBTA_GATTC_ACTION bta_gattc_action[] = {
     bta_gattc_ignore_op_cmpl,
     bta_gattc_disc_close,
     bta_gattc_restart_discover,
-    bta_gattc_cfg_mtu
+    bta_gattc_cfg_mtu,
+    bta_gattc_read_by_type
 };
 
 
@@ -134,6 +136,7 @@ static const UINT8 bta_gattc_st_idle[][BTA_GATTC_NUM_COLS] = {
     /* BTA_GATTC_OP_CMPL_EVT            */   {BTA_GATTC_IGNORE,            BTA_GATTC_IDLE_ST},
     /* BTA_GATTC_INT_DISCONN_EVT       */    {BTA_GATTC_IGNORE,            BTA_GATTC_IDLE_ST},
 
+    /* BTA_GATTC_API_READ_BY_TYPE_EVT   */   {BTA_GATTC_FAIL,              BTA_GATTC_IDLE_ST},
 };
 
 /* state table for wait for open state */
@@ -163,6 +166,7 @@ static const UINT8 bta_gattc_st_w4_conn[][BTA_GATTC_NUM_COLS] = {
     /* BTA_GATTC_OP_CMPL_EVT            */   {BTA_GATTC_IGNORE,             BTA_GATTC_W4_CONN_ST},
     /* BTA_GATTC_INT_DISCONN_EVT      */     {BTA_GATTC_OPEN_FAIL,          BTA_GATTC_IDLE_ST},
 
+    /* BTA_GATTC_API_READ_BY_TYPE_EVT   */   {BTA_GATTC_FAIL,               BTA_GATTC_W4_CONN_ST},
 };
 
 /* state table for open state */
@@ -193,6 +197,7 @@ static const UINT8 bta_gattc_st_connected[][BTA_GATTC_NUM_COLS] = {
 
     /* BTA_GATTC_INT_DISCONN_EVT        */   {BTA_GATTC_CLOSE,              BTA_GATTC_IDLE_ST},
 
+    /* BTA_GATTC_API_READ_BY_TYPE_EVT   */   {BTA_GATTC_READ_BY_TYPE,       BTA_GATTC_CONN_ST},
 };
 
 /* state table for discover state */
@@ -222,6 +227,7 @@ static const UINT8 bta_gattc_st_discover[][BTA_GATTC_NUM_COLS] = {
     /* BTA_GATTC_OP_CMPL_EVT            */   {BTA_GATTC_IGNORE_OP_CMPL,     BTA_GATTC_DISCOVER_ST},
     /* BTA_GATTC_INT_DISCONN_EVT        */   {BTA_GATTC_CLOSE,              BTA_GATTC_IDLE_ST},
 
+    /* BTA_GATTC_API_READ_BY_TYPE_EVT   */   {BTA_GATTC_Q_CMD,              BTA_GATTC_DISCOVER_ST},
 };
 
 /* type for state table */
@@ -479,6 +485,8 @@ static char *gattc_evt_code(tBTA_GATTC_INT_EVT evt_code)
         return "BTA_GATTC_API_DISABLE_EVT";
     case BTA_GATTC_API_CFG_MTU_EVT:
         return "BTA_GATTC_API_CFG_MTU_EVT";
+    case BTA_GATTC_API_READ_BY_TYPE_EVT:
+        return "BTA_GATTC_API_READ_BY_TYPE_EVT";
     default:
         return "unknown GATTC event code";
     }

components/bt/host/bluedroid/bta/gatt/include/bta_gattc_int.h

@@ -60,6 +60,8 @@ enum {
     BTA_GATTC_OP_CMPL_EVT,
     BTA_GATTC_INT_DISCONN_EVT,
 
+    BTA_GATTC_API_READ_BY_TYPE_EVT,
+
     BTA_GATTC_INT_START_IF_EVT,
     BTA_GATTC_API_REG_EVT,
     BTA_GATTC_API_DEREG_EVT,
@@ -137,6 +139,9 @@ typedef struct {
     BT_HDR                  hdr;
     tBTA_GATT_AUTH_REQ      auth_req;
     UINT16                  handle;
+    UINT16                  s_handle;
+    UINT16                  e_handle;
+    tBT_UUID                uuid;
     tBTA_GATTC_EVT          cmpl_evt;
 } tBTA_GATTC_API_READ;
 
@@ -451,6 +456,7 @@ extern void bta_gattc_disc_close(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_dat
 extern void bta_gattc_start_discover(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
 extern void bta_gattc_disc_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
 extern void bta_gattc_read(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
+extern void bta_gattc_read_by_type(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
 extern void bta_gattc_write(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
 extern void bta_gattc_op_cmpl(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);
 extern void bta_gattc_q_cmd(tBTA_GATTC_CLCB *p_clcb, tBTA_GATTC_DATA *p_data);

components/bt/host/bluedroid/bta/include/bta/bta_dm_co.h

@@ -215,4 +215,6 @@ extern UINT8 bta_dm_co_ble_get_accept_auth_enable(void);
 extern UINT8 bta_dm_co_ble_get_auth_req(void);
 
 extern void bta_dm_co_ble_oob_support(UINT8 enable);
+
+extern void bta_dm_co_ble_set_appl_enc_key_size(UINT8 ble_key_size);
 #endif

components/bt/host/bluedroid/bta/include/bta/bta_gatt_api.h

@@ -492,6 +492,8 @@ typedef tGATT_IF tBTA_GATTS_IF;
 #define BTA_GATT_PERM_WRITE_ENC_MITM    GATT_PERM_WRITE_ENC_MITM    /* bit 6 -  0x0040 */
 #define BTA_GATT_PERM_WRITE_SIGNED      GATT_PERM_WRITE_SIGNED      /* bit 7 -  0x0080 */
 #define BTA_GATT_PERM_WRITE_SIGNED_MITM GATT_PERM_WRITE_SIGNED_MITM /* bit 8 -  0x0100 */
+#define BTA_GATT_PERM_READ_AUTHORIZATION GATT_PERM_READ_AUTHORIZATION /* bit 9 - 0x0200 */
+#define BTA_GATT_PERM_WRITE_AUTHORIZATION GATT_PERM_WRITE_AUTHORIZATION /* bit 10 - 0x0400 */
 typedef UINT16 tBTA_GATT_PERM;
 typedef tGATT_ATTR_VAL tBTA_GATT_ATTR_VAL;
 typedef tGATTS_ATTR_CONTROL tBTA_GATTS_ATTR_CONTROL;
@@ -938,6 +940,22 @@ extern void BTA_GATTC_GetGattDb(UINT16 conn_id, UINT16 start_handle, UINT16 end_
 *******************************************************************************/
 void BTA_GATTC_ReadCharacteristic(UINT16 conn_id, UINT16 handle, tBTA_GATT_AUTH_REQ auth_req);
 
+/*******************************************************************************
+**
+** Function         BTA_GATTC_Read_by_type
+**
+** Description      This function is called to read a attribute value by uuid
+**
+** Parameters       conn_id - connection ID.
+**                  s_handle - start handle.
+**                  e_handle - end hanle
+**                  uuid - The attribute UUID.
+**
+** Returns          None
+**
+*******************************************************************************/
+void BTA_GATTC_Read_by_type(UINT16 conn_id, UINT16 s_handle,UINT16 e_handle, tBT_UUID *uuid, tBTA_GATT_AUTH_REQ auth_req);
+
 /*******************************************************************************
 **
 ** Function         BTA_GATTC_ReadCharDescr

components/bt/host/bluedroid/btc/profile/std/gap/btc_gap_ble.c

@@ -884,22 +884,38 @@ static void btc_ble_set_rand_addr (BD_ADDR rand_addr, tBTA_SET_RAND_ADDR_CBACK *
         • The two most significant bits of the address shall be equal to 1
         • All bits of the random part of the address shall not be equal to 1
         • All bits of the random part of the address shall not be equal to 0
+        A non-resolvable private address is a 48-bit randomly generated address and shall meet the following requirements:
+        • The two most significant bits of the address shall be equal to 0
+        • All bits of the random part of the address shall not be equal to 1
+        • All bits of the random part of the address shall not be equal to 0
         */
         BD_ADDR invalid_rand_addr_a, invalid_rand_addr_b;
         memset(invalid_rand_addr_a, 0xff, sizeof(BD_ADDR));
         memset(invalid_rand_addr_b, 0x00, sizeof(BD_ADDR));
-        invalid_rand_addr_b[0] = invalid_rand_addr_b[0] | BT_STATIC_RAND_ADDR_MASK;
-        if((rand_addr[0] & BT_STATIC_RAND_ADDR_MASK) == BT_STATIC_RAND_ADDR_MASK
-            && memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0
-            && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0){
-            BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback);
-        } else {
+
+        if((rand_addr[0] & BT_STATIC_RAND_ADDR_MASK) == BT_STATIC_RAND_ADDR_MASK) {
+            invalid_rand_addr_b[0] = invalid_rand_addr_b[0] | BT_STATIC_RAND_ADDR_MASK;
+            if (memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0 && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0) {
+                BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback);
+            } else {
+                btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR);
+                BTC_TRACE_ERROR("Invalid static random address, the high bit should be 0b11, bits of the random part shall not be all 1 or 0");
+            }
+        } else if ((rand_addr[0] | BT_NON_RPA_MASK) == BT_NON_RPA_MASK) {
+            invalid_rand_addr_a[0] = invalid_rand_addr_a[0] & BT_NON_RPA_MASK;
+            if (memcmp(invalid_rand_addr_a, rand_addr, BD_ADDR_LEN) != 0 && memcmp(invalid_rand_addr_b, rand_addr, BD_ADDR_LEN) != 0) {
+                BTA_DmSetRandAddress(rand_addr, btc_set_rand_addr_callback);
+            } else {
+                btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR);
+                BTC_TRACE_ERROR("Invalid non-resolvable private address, the high bit should be 0b00, bits of the random part shall not be all 1 or 0");
+            }
+        }else {
             btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR);
-            BTC_TRACE_ERROR("Invalid random address, the high bit should be 0b11, bits of the random part shall not be all 1 or 0");
+            BTC_TRACE_ERROR("Invalid random address type");
         }
     } else {
         btc_set_rand_addr_callback(BTM_INVALID_STATIC_RAND_ADDR);
-        BTC_TRACE_ERROR("Invalid random addressm, the address value is NULL");
+        BTC_TRACE_ERROR("Invalid address, the address value is NULL");
     }
 }
 
@@ -1257,6 +1273,12 @@ void btc_gap_ble_call_handler(btc_msg_t *msg)
                 bta_dm_co_ble_oob_support(enable);
                 break;
             }
+            case ESP_BLE_APP_ENC_KEY_SIZE: {
+                uint8_t key_size = 0;
+                STREAM_TO_UINT8(key_size, value);
+                bta_dm_co_ble_set_appl_enc_key_size(key_size);
+                break;
+            }
             default:
                 break;
         }

components/bt/host/bluedroid/btc/profile/std/gatt/btc_gattc.c

@@ -613,6 +613,13 @@ static void btc_gattc_read_char_descr(btc_ble_gattc_args_t *arg)
     BTA_GATTC_ReadCharDescr(arg->read_descr.conn_id, arg->read_descr.handle, arg->read_descr.auth_req);
 }
 
+static void btc_gattc_read_by_type(btc_ble_gattc_args_t *arg)
+{
+    tBT_UUID uuid;
+    btc_to_bta_uuid(&uuid, &(arg->read_by_type.uuid));
+    BTA_GATTC_Read_by_type(arg->read_by_type.conn_id, arg->read_by_type.s_handle, arg->read_by_type.e_handle, &uuid, arg->read_by_type.auth_req);
+}
+
 static void btc_gattc_write_char(btc_ble_gattc_args_t *arg)
 {
     BTA_GATTC_WriteCharValue(arg->write_char.conn_id,
@@ -724,6 +731,9 @@ void btc_gattc_call_handler(btc_msg_t *msg)
     case BTC_GATTC_ACT_READ_CHAR_DESCR:
         btc_gattc_read_char_descr(arg);
         break;
+    case BTC_GATTC_ACT_READ_BY_TYPE:
+        btc_gattc_read_by_type(arg);
+        break;
     case BTC_GATTC_ACT_WRITE_CHAR:
         btc_gattc_write_char(arg);
         break;

components/bt/host/bluedroid/btc/profile/std/include/btc_gattc.h

@@ -30,6 +30,7 @@ typedef enum {
     BTC_GATTC_ACT_READ_CHAR,
     BTC_GATTC_ACT_READ_MULTIPLE_CHAR,
     BTC_GATTC_ACT_READ_CHAR_DESCR,
+    BTC_GATTC_ACT_READ_BY_TYPE,
     BTC_GATTC_ACT_WRITE_CHAR,
     BTC_GATTC_ACT_WRITE_CHAR_DESCR,
     BTC_GATTC_ACT_PREPARE_WRITE,
@@ -113,6 +114,14 @@ typedef union {
         uint16_t handle;
         esp_gatt_auth_req_t auth_req;
     } read_descr;
+    // BTC_GATTC_ACT_READ_BY_TYPE
+    struct read_by_type_arg {
+        uint16_t conn_id;
+        uint16_t s_handle;
+        uint16_t e_handle;
+        esp_bt_uuid_t uuid;
+        esp_gatt_auth_req_t auth_req;
+    } read_by_type;
     //BTC_GATTC_ACT_WRITE_CHAR,
     struct write_char_arg {
         uint16_t conn_id;

components/bt/host/bluedroid/common/include/common/bte_appl.h

@@ -34,6 +34,7 @@ typedef struct {
     UINT8   ble_min_key_size;
     UINT8   ble_accept_auth_enable;
     UINT8   oob_support;
+    UINT8   ble_appl_enc_key_size;
 #endif
 
 } tBTE_APPL_CFG;

components/bt/host/bluedroid/stack/btm/btm_ble_gap.c

@@ -4466,5 +4466,28 @@ BOOLEAN btm_ble_topology_check(tBTM_BLE_STATE_MASK request_state_mask)
     return rt;
 }
 
+/*******************************************************************************
+ **
+ ** Function         BTM_Ble_Authorization
+ **
+ ** Description      This function is used to authorize a specified device
+ **
+ ** Returns          TRUE or FALSE
+ **
+ *******************************************************************************/
+BOOLEAN BTM_Ble_Authorization(BD_ADDR bd_addr, BOOLEAN authorize)
+{
+    if (bd_addr == NULL) {
+        BTM_TRACE_ERROR("bd_addr is NULL");
+        return FALSE;
+    }
+
+    if (btm_sec_dev_authorization(bd_addr, authorize)) {
+        return TRUE;
+    }
+
+    BTM_TRACE_ERROR("Authorization fail");
+    return FALSE;
+}
 
 #endif  /* BLE_INCLUDED */

components/bt/host/bluedroid/stack/btm/btm_sec.c

@@ -4077,7 +4077,7 @@ void btm_sec_encrypt_change (UINT16 handle, UINT8 status, UINT8 encr_enable)
                 p_dev_rec->sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED;
             }
         } else {
-            p_dev_rec->sec_flags |= (BTM_SEC_LE_AUTHENTICATED | BTM_SEC_LE_ENCRYPTED);
+            p_dev_rec->sec_flags |= BTM_SEC_LE_ENCRYPTED;
         }
     }
 
@@ -6277,3 +6277,39 @@ void btm_sec_handle_remote_legacy_auth_cmp(UINT16 handle)
 }
 #endif /// (CLASSIC_BT_INCLUDED == TRUE)
 #endif  ///SMP_INCLUDED == TRUE
+
+/******************************************************************************
+ **
+ ** Function         btm_sec_dev_authorization
+ **
+ ** Description      This function is used to authorize a specified device(BLE)
+ **
+ ******************************************************************************
+ */
+#if (BLE_INCLUDED == TRUE)
+BOOLEAN btm_sec_dev_authorization(BD_ADDR bd_addr, BOOLEAN authorized)
+{
+#if (SMP_INCLUDED == TRUE)
+    UINT8  sec_flag = 0;
+    tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bd_addr);
+    if (p_dev_rec) {
+        sec_flag = (UINT8)(p_dev_rec->sec_flags >> 8);
+        if (!(sec_flag & BTM_SEC_LINK_KEY_AUTHED)) {
+            BTM_TRACE_ERROR("Authorized should after successful Authentication(MITM protection)\n");
+            return FALSE;
+        }
+
+        if (authorized) {
+            p_dev_rec->sec_flags |= BTM_SEC_LE_AUTHORIZATION;
+        } else {
+            p_dev_rec->sec_flags &= ~(BTM_SEC_LE_AUTHORIZATION);
+        }
+    } else {
+        BTM_TRACE_ERROR("%s, can't find device\n", __func__);
+        return FALSE;
+    }
+    return TRUE;
+#endif  ///SMP_INCLUDED == TRUE
+    return FALSE;
+}
+#endif  /// BLE_INCLUDE == TRUE

components/bt/host/bluedroid/stack/btm/include/btm_int.h

@@ -594,6 +594,7 @@ struct tBTM_SEC_DEV_REC{
 #define BTM_SEC_ROLE_SWITCHED   0x40
 #define BTM_SEC_IN_USE          0x80
     /* LE link security flag */
+#define BTM_SEC_LE_AUTHORIZATION   0x0100   /* LE link is authorized */
 #define BTM_SEC_LE_AUTHENTICATED   0x0200   /* LE link is encrypted after pairing with MITM */
 #define BTM_SEC_LE_ENCRYPTED       0x0400   /* LE link is encrypted */
 #define BTM_SEC_LE_NAME_KNOWN      0x0800   /* not used */
@@ -1211,6 +1212,8 @@ void btm_sec_update_legacy_auth_state(tACL_CONN *p_acl_cb, UINT8 legacy_auth_sta
 BOOLEAN btm_sec_legacy_authentication_mutual (tBTM_SEC_DEV_REC *p_dev_rec);
 BOOLEAN btm_find_sec_dev_in_list (void *p_node_data, void *context);
 
+BOOLEAN btm_sec_dev_authorization(BD_ADDR bd_addr, BOOLEAN authorized);
+
 /*
 #ifdef __cplusplus
 }

components/bt/host/bluedroid/stack/gatt/gatt_db.c

@@ -34,6 +34,7 @@
 #include "gatt_int.h"
 #include "stack/l2c_api.h"
 #include "btm_int.h"
+#include "common/bte_appl.h"
 
 /********************************************************************************
 **              L O C A L    F U N C T I O N     P R O T O T Y P E S            *
@@ -124,10 +125,14 @@ static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr,
     tGATT_PERM      perm = p_attr->permission;
 
     UNUSED(offset);
+#if SMP_INCLUDED == TRUE
+    min_key_size = bte_appl_cfg.ble_appl_enc_key_size;
+#else
     min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12));
     if (min_key_size != 0 ) {
         min_key_size += 6;
     }
+#endif
 
     if (!(perm & GATT_READ_ALLOWED)) {
         GATT_TRACE_ERROR( "GATT_READ_NOT_PERMIT\n");
@@ -154,7 +159,11 @@ static tGATT_STATUS gatts_check_attr_readability(tGATT_ATTR16 *p_attr,
         GATT_TRACE_ERROR( "GATT_INSUF_KEY_SIZE\n");
         return GATT_INSUF_KEY_SIZE;
     }
-
+    /* LE Authorization check*/
+    if ((perm & GATT_READ_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))) {
+        GATT_TRACE_ERROR( "GATT_INSUF_AUTHORIZATION\n");
+        return GATT_INSUF_AUTHORIZATION;
+    }
 
     if (read_long) {
         switch (p_attr->uuid) {
@@ -1068,10 +1077,14 @@ tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code,
         while (p_attr != NULL) {
             if (p_attr->handle == handle) {
                 perm = p_attr->permission;
+            #if SMP_INCLUDED == TRUE
+                min_key_size = bte_appl_cfg.ble_appl_enc_key_size;
+            #else
                 min_key_size = (((perm & GATT_ENCRYPT_KEY_SIZE_MASK) >> 12));
                 if (min_key_size != 0 ) {
                     min_key_size += 6;
                 }
+            #endif
                 GATT_TRACE_DEBUG( "gatts_write_attr_perm_check p_attr->permission =0x%04x min_key_size==0x%04x",
                                   p_attr->permission,
                                   min_key_size);
@@ -1118,6 +1131,11 @@ tGATT_STATUS gatts_write_attr_perm_check (tGATT_SVC_DB *p_db, UINT8 op_code,
                     status = GATT_INSUF_KEY_SIZE;
                     GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_KEY_SIZE");
                 }
+                /* LE Authorization check*/
+                else if ((perm & GATT_WRITE_AUTHORIZATION) && (!(sec_flag & GATT_SEC_FLAG_LKEY_AUTHED) || !(sec_flag & GATT_SEC_FLAG_AUTHORIZATION))){
+                    status = GATT_INSUF_AUTHORIZATION;
+                    GATT_TRACE_ERROR( "gatts_write_attr_perm_check - GATT_INSUF_AUTHORIZATION");
+                }
                 /* LE security mode 2 attribute  */
                 else if (perm & GATT_WRITE_SIGNED_PERM && op_code != GATT_SIGN_CMD_WRITE && !(sec_flag & GATT_SEC_FLAG_ENCRYPTED)
                          &&  (perm & GATT_WRITE_ALLOWED) == 0) {

components/bt/host/bluedroid/stack/gatt/gatt_utils.c

@@ -1478,7 +1478,7 @@ void gatt_sr_get_sec_info(BD_ADDR rem_bda, tBT_TRANSPORT transport, UINT8 *p_sec
 
     BTM_GetSecurityFlagsByTransport(rem_bda, &sec_flag, transport);
 
-    sec_flag &= (GATT_SEC_FLAG_LKEY_UNAUTHED | GATT_SEC_FLAG_LKEY_AUTHED | GATT_SEC_FLAG_ENCRYPTED);
+    sec_flag &= (GATT_SEC_FLAG_LKEY_UNAUTHED | GATT_SEC_FLAG_LKEY_AUTHED | GATT_SEC_FLAG_ENCRYPTED | GATT_SEC_FLAG_AUTHORIZATION);
 #if (SMP_INCLUDED == TRUE)
     *p_key_size = btm_ble_read_sec_key_size(rem_bda);
 #endif  ///SMP_INCLUDED == TRUE

components/bt/host/bluedroid/stack/gatt/include/gatt_int.h

@@ -95,6 +95,7 @@ typedef UINT8 tGATT_SEC_ACTION;
 #define GATT_SEC_FLAG_LKEY_UNAUTHED     BTM_SEC_FLAG_LKEY_KNOWN
 #define GATT_SEC_FLAG_LKEY_AUTHED       BTM_SEC_FLAG_LKEY_AUTHED
 #define GATT_SEC_FLAG_ENCRYPTED         BTM_SEC_FLAG_ENCRYPTED
+#define GATT_SEC_FLAG_AUTHORIZATION     BTM_SEC_FLAG_AUTHORIZED
 typedef UINT8 tGATT_SEC_FLAG;
 
 /* Find Information Response Type

components/bt/host/bluedroid/stack/include/stack/bt_types.h

@@ -52,6 +52,7 @@ typedef bool BOOLEAN;
 #define BT_EVT_MASK                 0xFF00
 #define BT_SUB_EVT_MASK             0x00FF
 #define BT_STATIC_RAND_ADDR_MASK    0xC0
+#define BT_NON_RPA_MASK             0x3F
 /* To Bluetooth Upper Layers        */
 /************************************/
 #define BT_EVT_TO_BTU_L2C_EVT       0x0900      /* L2CAP event */

components/bt/host/bluedroid/stack/include/stack/btm_api.h

@@ -1450,6 +1450,7 @@ typedef UINT8 tBTM_IO_CAP;
 #define BTM_BLE_RESPONDER_KEY_SIZE 15
 #define BTM_BLE_MAX_KEY_SIZE       16
 #define BTM_BLE_MIN_KEY_SIZE       7
+#define BTM_BLE_APPL_ENC_KEY_SIZE  7
 
 typedef UINT8 tBTM_AUTH_REQ;
 

components/bt/host/bluedroid/stack/include/stack/btm_ble_api.h

@@ -2137,6 +2137,17 @@ tBTM_STATUS BTM_UpdateBleDuplicateExceptionalList(uint8_t subcode, uint32_t type
 *******************************************************************************/
 
 BOOLEAN BTM_GetCurrentConnParams(BD_ADDR bda, uint16_t *interval, uint16_t *latency, uint16_t *timeout);
+
+/*******************************************************************************
+**
+** Function         BTM_Ble_Authorization
+**
+** Description      This function is used to authorize a specified device
+**
+** Returns          TRUE or FALSE
+**
+*******************************************************************************/
+BOOLEAN BTM_Ble_Authorization(BD_ADDR bd_addr, BOOLEAN authorize);
 /*
 #ifdef __cplusplus
 }

components/bt/host/bluedroid/stack/include/stack/gatt_api.h

@@ -174,18 +174,21 @@ typedef UINT16 tGATT_DISCONN_REASON;
 #define GATT_PERM_WRITE_ENC_MITM            (1 << 6) /* bit 6 */
 #define GATT_PERM_WRITE_SIGNED              (1 << 7) /* bit 7 */
 #define GATT_PERM_WRITE_SIGNED_MITM         (1 << 8) /* bit 8 */
+#define GATT_PERM_READ_AUTHORIZATION        (1 << 9) /* bit 9 */
+#define GATT_PERM_WRITE_AUTHORIZATION       (1 << 10)/* bit 10 */
 typedef UINT16 tGATT_PERM;
 
 #define GATT_ENCRYPT_KEY_SIZE_MASK  (0xF000) /* the MS nibble of tGATT_PERM; key size 7=0; size 16=9 */
 
-#define GATT_READ_ALLOWED                   (GATT_PERM_READ | GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM)
+#define GATT_READ_ALLOWED                   (GATT_PERM_READ | GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM | GATT_PERM_READ_AUTHORIZATION)
 #define GATT_READ_AUTH_REQUIRED             (GATT_PERM_READ_ENCRYPTED)
 #define GATT_READ_MITM_REQUIRED             (GATT_PERM_READ_ENC_MITM)
 #define GATT_READ_ENCRYPTED_REQUIRED        (GATT_PERM_READ_ENCRYPTED | GATT_PERM_READ_ENC_MITM)
+#define GATT_READ_AUTHORIZATION             (GATT_PERM_READ_AUTHORIZATION)
 
 
 #define GATT_WRITE_ALLOWED          (GATT_PERM_WRITE | GATT_PERM_WRITE_ENCRYPTED | GATT_PERM_WRITE_ENC_MITM | \
-                                     GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM)
+                                     GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM | GATT_PERM_WRITE_AUTHORIZATION)
 
 #define GATT_WRITE_AUTH_REQUIRED    (GATT_PERM_WRITE_ENCRYPTED | GATT_PERM_WRITE_SIGNED)
 
@@ -195,6 +198,8 @@ typedef UINT16 tGATT_PERM;
 
 #define GATT_WRITE_SIGNED_PERM      (GATT_PERM_WRITE_SIGNED | GATT_PERM_WRITE_SIGNED_MITM)
 
+#define GATT_WRITE_AUTHORIZATION    (GATT_PERM_WRITE_AUTHORIZATION)
+
 
 /* Characteristic properties
 */