aioble/security: Add support for CCCD bonding.

pi-anl · pi-anl · commit 0b30b8d79a79 · 2021-12-01T11:03:59.000+11:00
diff --git a/micropython/bluetooth/aioble/aioble/security.py b/micropython/bluetooth/aioble/aioble/security.py
@@ -105,16 +105,14 @@ def _save_secrets(arg=None):
         _modified = False
 
 
-def _remove_entry(sec_type, key, value=None):
+def _remove_entry(sec_type, key):
     secrets = _secrets[sec_type]
 
     # Delete existing secrets matching the type and key.
     deleted = False
     for to_delete in [
         entry for entry in secrets if entry[0] == key
     ]:
-        if value and to_delete[1] != value:
-            continue
         log_info("Removing existing secret matching key")
         secrets.remove(to_delete)
         deleted = True
@@ -153,8 +151,10 @@ def _security_irq(event, data):
                 connection._pair_event.set()
 
     elif event == _IRQ_SET_SECRET:
-        sec_type, key, value = data
+        sec_type, key, key2, value = data
         key = bytes(key)
+        if key2:
+            key += bytes(key2)
         value = bytes(value) if value else None
 
         is_saving = value is not None
@@ -173,13 +173,8 @@ def _security_irq(event, data):
             _secrets[sec_type] = []
         secrets = _secrets[sec_type]
         
-        # Delete existing secrets matching the type and key as required.
-        # There should only every be one SEC_TYPES_PEER per addr, but 
-        # multiple entries are allowed for SEC_TYPES_CCCD
-        del_by_value = None
-        if not is_deleting and sec_type in SEC_TYPES_CCCD:
-            del_by_value = value
-        removed = _remove_entry(sec_type, key, del_by_value)
+        # Delete existing secrets matching the type and key.
+        removed = _remove_entry(sec_type, key)
 
         if is_deleting and not removed:
             # Delete mode, but no entries were deleted
@@ -204,9 +199,12 @@ def _security_irq(event, data):
         return True
 
     elif event == _IRQ_GET_SECRET:
-        sec_type, index, key = data
-
-        log_info("get secret:", sec_type, index, bytes(key) if key else None)
+        sec_type, index, key, key2 = data
+        key = bytes(key) if key else None
+        if key2:
+            assert key, "can't have key2 without key"
+            key += bytes(key2)
+        log_info("get secret:", sec_type, index, key)
 
         secrets = _secrets.get(sec_type, [])
         if key is None:
@@ -219,10 +217,10 @@ def _security_irq(event, data):
             return None
         else:
             # Return the secret for this key (or None).
-            key = bytes(key)
-
             for k, v in secrets:
-                if k == key:
+                # For CCCD, the requested key might be just handle at start of stored key
+                match = k.startswith(key)
+                if match:
                     if index:
                         index -= 1
                         continue
