feat: enforce mitm=0 and iocaps=none in GapSt (#604)

XavierBernhardt-Philips · web-flow · commit 1dfa051b0def · 2025-09-02T16:55:54.000+02:00
* Updated GapSt and friends

* Cleanup

* ST can only have MITM=0 now.

* remove unnecessary import

* removed another unnecessary import
diff --git a/hal_st/middlewares/ble_middleware/GapSt.cpp b/hal_st/middlewares/ble_middleware/GapSt.cpp
@@ -4,7 +4,6 @@
 #include "ble_types.h"
 #include "infra/event/EventDispatcherWithWeakPtr.hpp"
 #include "services/ble/Gap.hpp"
-#include <cstdint>
 
 namespace hal
 {
@@ -111,17 +110,25 @@ namespace hal
         return (level == services::GapPairing::SecurityLevel::level4) ? SecureConnection::mandatory : SecureConnection::optional;
     }
 
+    uint8_t GapSt::SecurityLevelToMITM(services::GapPairing::SecurityLevel level) const
+    {
+        return 0;
+    }
+
     void GapSt::SetSecurityMode(services::GapPairing::SecurityMode mode, services::GapPairing::SecurityLevel level)
     {
         assert(mode == services::GapPairing::SecurityMode::mode1);
 
-        auto support = SecurityLevelToSecureConnection(level);
-        auto mitmMode = (level == services::GapPairing::SecurityLevel::level3 || level == services::GapPairing::SecurityLevel::level4) ? MITM_PROTECTION_REQUIRED : MITM_PROTECTION_NOT_REQUIRED;
-        aci_gap_set_authentication_requirement(bondingMode, mitmMode, static_cast<uint8_t>(support), keypressNotificationSupport, 16, 16, 0, 111111, GAP_PUBLIC_ADDR);
+        SecureConnection secureConnectionSupport = SecurityLevelToSecureConnection(level);
+        uint8_t mitmMode = SecurityLevelToMITM(level);
+
+        aci_gap_set_authentication_requirement(bondingMode, mitmMode, static_cast<uint8_t>(secureConnectionSupport), keypressNotificationSupport, 16, 16, 0, 111111, GAP_PUBLIC_ADDR);
     }
 
     void GapSt::SetIoCapabilities(services::GapPairing::IoCapabilities caps)
     {
+        really_assert(caps == IoCapabilities::none);
+
         tBleStatus status = BLE_STATUS_FAILED;
 
         switch (caps)
diff --git a/hal_st/middlewares/ble_middleware/GapSt.hpp b/hal_st/middlewares/ble_middleware/GapSt.hpp
@@ -97,6 +97,7 @@ namespace hal
         virtual void HandleMtuExchangeResponseEvent(const aci_att_exchange_mtu_resp_event_rp0& event);
 
         [[nodiscard]] virtual SecureConnection SecurityLevelToSecureConnection(services::GapPairing::SecurityLevel level) const;
+        [[nodiscard]] virtual uint8_t SecurityLevelToMITM(services::GapPairing::SecurityLevel level) const;
 
         void SetAddress(const MacAddress& address, services::GapDeviceAddressType addressType) const;
 
