Modify BTD files

Author: ll0s0ll

.gitignore

@@ -1,3 +1,4 @@
 *.bak
 *.zip
-*.rar
+*.rar
+.DS_Store

BTD.cpp

@@ -13,7 +13,10 @@
  Kristian Lauszus, TKJ Electronics
  Web      :  http://www.tkjelectronics.com
  e-mail   :  kristianl@tkjelectronics.com
- */
+ 
+ Modified 9 April 2013 by Shun Ito
+ Web      :  http://ll0s0ll.wordpress.com/
+*/
 
 #include "BTD.h"
 #define DEBUG // Uncomment to print data for debugging
@@ -477,15 +480,30 @@ void BTD::HCI_event_task() {
 #endif
                                 hci_link_key_request_negative_reply();
                                 break;
-
+//-- MODIFIED> -----------------------------------------------------------// 
                         case EV_AUTHENTICATION_COMPLETE:
+#ifdef DEBUG
+										  Notify(PSTR("\r\n[HCI_EV] AUTHENTICATION_COMPLETE..."), 0x80);
+										  if (!hcibuf[2])
+											  Notify(PSTR("OK"), 0x80);
+#endif
+										  if (!hcibuf[2]) { //Status
+#ifdef EXTRADEBUG
+											  Notify(PSTR(" Connection_Handle:"), 0x80);
+											  PrintHex<uint8_t>(hcibuf[3], 0x80);
+											  Notify(PSTR(" "), 0x80);
+											  PrintHex<uint8_t>(hcibuf[4], 0x80);
+#endif
+											  hci_Set_Connection_Encryption(hci_handle);
+										  }
                                 if (pairWithWii && !connectToWii) {
 #ifdef DEBUG
                                         Notify(PSTR("\r\nPairing successful"), 0x80);
 #endif
                                         connectToWii = true; // Only send the ACL data to the Wii service
                                 }
                                 break;
+//-- <MODIFIED -----------------------------------------------------------//
                                 /* We will just ignore the following events */
                         case EV_NUM_COMPLETE_PKT:
                         case EV_ROLE_CHANGED:
@@ -496,9 +514,81 @@ void BTD::HCI_event_task() {
                         case EV_MAX_SLOTS_CHANGE:
                         case EV_QOS_SETUP_COMPLETE:
                         case EV_LINK_KEY_NOTIFICATION:
-                        case EV_ENCRYPTION_CHANGE:
+//-- MODIFIED> -----------------------------------------------------------//		 
+//                        case EV_ENCRYPTION_CHANGE:
+//-- <MODIFIED -----------------------------------------------------------//
                         case EV_READ_REMOTE_VERSION_INFORMATION_COMPLETE:
                                 break;
+//-- MODIFIED> -----------------------------------------------------------//
+						 case EV_IO_CAPABILITY_REQUEST:
+#ifdef EXTRADEBUG
+							 Notify(PSTR("\r\n[HCI_EV] IO_CAPABILITY_REQUEST"), 0x80);
+#endif
+							 disc_bdaddr[0] = hcibuf[2];
+							 disc_bdaddr[1] = hcibuf[3];
+							 disc_bdaddr[2] = hcibuf[4];
+							 disc_bdaddr[3] = hcibuf[5];
+							 disc_bdaddr[4] = hcibuf[6];
+							 disc_bdaddr[5] = hcibuf[7];
+							 
+							 hci_IO_Capability_Request_Reply();
+							 break;
+							 
+						 case EV_IO_CAPABILITY_RESPONSE:
+#ifdef EXTRADEBUG
+							 Notify(PSTR("\r\n[HCI_EV] IO_CAPABILITY_RESPONSE - BD_ADDR:"), 0x80);
+							 PrintHex<uint8_t>(hcibuf[2], 0x80);
+							 Notify(PSTR(" "), 0x80);
+							 PrintHex<uint8_t>(hcibuf[3], 0x80);
+							 Notify(PSTR(" "), 0x80);
+							 PrintHex<uint8_t>(hcibuf[4], 0x80);
+							 Notify(PSTR(" "), 0x80);
+							 PrintHex<uint8_t>(hcibuf[5], 0x80);
+							 Notify(PSTR(" "), 0x80);
+							 PrintHex<uint8_t>(hcibuf[6], 0x80);
+							 Notify(PSTR(" "), 0x80);
+							 PrintHex<uint8_t>(hcibuf[7], 0x80);
+							 Notify(PSTR(" IO_Capability:"), 0x80);
+							 PrintHex<uint8_t>(hcibuf[8], 0x80);
+							 Notify(PSTR(" OOB_Data_Present:"), 0x80);
+							 PrintHex<uint8_t>(hcibuf[9], 0x80);
+							 Notify(PSTR(" Authentication_Requirements:"), 0x80);
+							 PrintHex<uint8_t>(hcibuf[10], 0x80);
+#endif
+							 break;
+							 
+						 case EV_USER_CONFIRMATION_REQUEST:
+#ifdef DEBUG
+							 Notify(PSTR("\r\n[HCI_EV] User_Confirmation_Request - Numeric_Value:0x"), 0x80);
+							 PrintHex<uint8_t>(hcibuf[11], 0x80);
+							 PrintHex<uint8_t>(hcibuf[10], 0x80);
+							 PrintHex<uint8_t>(hcibuf[9], 0x80);
+							 PrintHex<uint8_t>(hcibuf[8], 0x80);
+#endif
+							 hci_User_Confirmation_Request_Reply();
+							 break;
+							 
+						 case EV_SIMPLE_PAIRING_COMPLETE:
+#ifdef DEBUG
+							 Notify(PSTR("\r\n[HCI_EV] SIMPLE_PAIRING_COMPLETE... "), 0x80);
+							 if (!hcibuf[2])
+								 Notify(PSTR("OK"), 0x80);
+#endif
+							 break;
+							 
+						 case EV_ENCRYPTION_CHANGE:
+#ifdef DEBUG
+							 Notify(PSTR("\r\n[HCI_EV] ENCRYPTION_CHANGE... "), 0x80);
+#endif
+							 if (!hcibuf[2]) { //Status
+#ifdef DEBUG
+								 Notify(PSTR("OK"), 0x80);
+#endif
+								 m_simple_pairing_completed = true;
+							 }
+							 break;
+							 
+//-- <MODIFIED -----------------------------------------------------------//
 #ifdef EXTRADEBUG
                         default:
                                 if (hcibuf[0] != 0x00) {
@@ -585,17 +675,47 @@ void BTD::HCI_task() {
                                         hci_state = HCI_CHECK_WII_SERVICE;
                         }
                         break;
-
+//-- MODIFIED> -----------------------------------------------------------//
                 case HCI_SET_NAME_STATE:
                         if (hci_cmd_complete) {
 #ifdef DEBUG
                                 Notify(PSTR("\r\nThe name is set to: "), 0x80);
                                 Serial.print(btdName);
 #endif
-                                hci_state = HCI_CHECK_WII_SERVICE;
+										  hci_write_class_of_device();
+										  hci_state = HCI_WRITE_CoD_STATE;
                         }
                         break;
-
+				  
+					  case HCI_WRITE_CoD_STATE:
+						  if (hci_cmd_complete) {
+#ifdef DEBUG
+							  Notify(PSTR("\r\n[HCI_EV] Write_CoD_CMD COMPLETE"), 0x80);
+#endif
+							  hci_Write_Simple_Pairing_Mode();
+							  hci_state = HCI_WRITE_SIMPLE_PAIRING_STATE;
+						  }
+						  break;
+						  
+					  case HCI_WRITE_SIMPLE_PAIRING_STATE:
+						  if (hci_cmd_complete) {
+#ifdef DEBUG
+							  Notify(PSTR("\r\n[HCI_EV] WRITE_SIMPLE_PAIRING COMPLETE"), 0x80);
+#endif
+							  hci_Set_Event_Mask_SPM();
+							  hci_state = HCI_SET_EVENT_MASK_STATE;
+						  }
+						  break;
+						  
+					  case HCI_SET_EVENT_MASK_STATE:
+						  if (hci_cmd_complete) {
+#ifdef DEBUG
+							  Notify(PSTR("\r\n[HCI_EV] SET_EVENT_MASK COMPLETE"), 0x80);
+#endif
+							  hci_state = HCI_CHECK_WII_SERVICE;
+						  }
+						  break;
+//-- <MODIFIED -----------------------------------------------------------//
                 case HCI_CHECK_WII_SERVICE:
                         if (pairWithWii) { // Check if it should try to connect to a wiimote
 #ifdef DEBUG
@@ -1015,17 +1135,89 @@ void BTD::hci_disconnect(uint16_t handle) { // This is called by the different s
 
         HCI_Command(hcibuf, 6);
 }
-
-void BTD::hci_write_class_of_device() { // See http://bluetooth-pentest.narod.ru/software/bluetooth_class_of_device-service_generator.html
-        hcibuf[0] = 0x24; // HCI OCF = 3
-        hcibuf[1] = 0x03 << 2; // HCI OGF = 3
-        hcibuf[2] = 0x03; // parameter length = 3
-        hcibuf[3] = 0x04; // Robot
-        hcibuf[4] = 0x08; // Toy
-        hcibuf[5] = 0x00;
-
-        HCI_Command(hcibuf, 6);
+//-- MODIFIED> -----------------------------------------------------------//
+void BTD::hci_write_class_of_device() {
+	hcibuf[0] = 0x24; // HCI OCF = 24
+	hcibuf[1] = 0x03 << 2; // HCI OGF = 3
+	hcibuf[2] = 0x03;  // Parameter Length = 3
+	hcibuf[3] = 0x40; // Minor Device Class - 0x40=keyboard 0xC0=Combo(keyboard/pointing device)
+	hcibuf[4] = 0x05; // Major Device Class - Peripheral
+	hcibuf[5] = 0x00; //
+	
+	HCI_Command(hcibuf, 6);
+}
+void BTD::hci_Write_Simple_Pairing_Mode() {
+	hcibuf[0] = 0x56; // HCI OCF = 56
+	hcibuf[1] = 0x03 << 2; // HCI OGF = 3
+	hcibuf[2] = 0x01;  // Parameter Length = 3
+	hcibuf[3] = 0x01; // Simple_Pairing_Mode - 0x01=enabled
+	
+	HCI_Command(hcibuf, 4);
+}
+void BTD::hci_Set_Event_Mask_SPM() {
+	hcibuf[0] = 0x01; // HCI OCF = 1
+	hcibuf[1] = 0x03 << 2; // HCI OGF = 3
+	hcibuf[2] = 0x08; // Parameter Length = 8
+	hcibuf[3] = 0xFF; // Event_Mask:0x00 ff 1f ff ff ff ff ff
+	hcibuf[4] = 0xFF; //
+	hcibuf[5] = 0xFF; //
+	hcibuf[6] = 0xFF; //
+	hcibuf[7] = 0xFF; //
+	hcibuf[8] = 0x1F; //
+	hcibuf[9] = 0xFF; //
+	hcibuf[10] = 0x00; //
+	
+	HCI_Command(hcibuf, 11);
+}
+void BTD::hci_Authentication_Requested(uint16_t handle) {
+	hcibuf[0] = 0x11; // HCI OCF = 11
+	hcibuf[1] = 0x01 << 2; // HCI OGF = 1
+	hcibuf[2] = 0x02; // Parameter Length = 8
+	hcibuf[3] = (uint8_t)(handle & 0xFF);//connection handle - low byte
+	hcibuf[4] = (uint8_t)((handle >> 8) & 0x0F);//connection handle - high byte
+	
+	HCI_Command(hcibuf, 5);
+}
+void BTD::hci_IO_Capability_Request_Reply() {
+	hcibuf[0] = 0x2B; // HCI OCF = 2B
+	hcibuf[1] = 0x01 << 2; // HCI OGF = 1
+	hcibuf[2] = 0x09; // Parameter Length = 9
+	hcibuf[3] = disc_bdaddr[0]; // 6 octet bdaddr
+	hcibuf[4] = disc_bdaddr[1];
+	hcibuf[5] = disc_bdaddr[2];
+	hcibuf[6] = disc_bdaddr[3];
+	hcibuf[7] = disc_bdaddr[4];
+	hcibuf[8] = disc_bdaddr[5];
+	hcibuf[9] = 0x03; //IO_Capability - 0x03	NoInputNoOutput
+	hcibuf[10] = 0x00; //OOB_Data_Present - 0x00 not present
+	hcibuf[11] = 0x05; //Authentication_Requirements - 0x00?
+	
+	HCI_Command(hcibuf, 12);
+}
+void BTD::hci_User_Confirmation_Request_Reply() {
+	hcibuf[0] = 0x2C; // HCI OCF = 2C
+	hcibuf[1] = 0x01 << 2; // HCI OGF = 1
+	hcibuf[2] = 0x06; // Parameter Length = 6
+	hcibuf[3] = disc_bdaddr[0]; // 6 octet bdaddr
+	hcibuf[4] = disc_bdaddr[1];
+	hcibuf[5] = disc_bdaddr[2];
+	hcibuf[6] = disc_bdaddr[3];
+	hcibuf[7] = disc_bdaddr[4];
+	hcibuf[8] = disc_bdaddr[5];
+	
+	HCI_Command(hcibuf, 9);
+}
+void BTD::hci_Set_Connection_Encryption(uint16_t handle) {
+	hcibuf[0] = 0x13; // HCI OCF = 13
+	hcibuf[1] = 0x01 << 2; // HCI OGF = 1
+	hcibuf[2] = 0x03; // Parameter Length = 9
+	hcibuf[3] = (uint8_t)(handle & 0xFF); //Connection_Handle - low byte
+	hcibuf[4] = (uint8_t)((handle >> 8) & 0x0F); //Connection_Handle - high byte
+	hcibuf[5] = 0x01; //Encryption_Enable - 0x01=ON
+	
+	HCI_Command(hcibuf, 6);
 }
+//-- <MODIFIED -----------------------------------------------------------//
 /*******************************************************************
  *                                                                 *
  *                        HCI ACL Data Packet                      *

BTD.h

@@ -13,7 +13,11 @@
  Kristian Lauszus, TKJ Electronics
  Web      :  http://www.tkjelectronics.com
  e-mail   :  kristianl@tkjelectronics.com
- */
+ 
+ Modified 9 April 2013 by Shun Ito
+ Web      :  http://ll0s0ll.wordpress.com/
+*/
+
 
 #ifndef _btd_h_
 #define _btd_h_
@@ -27,8 +31,10 @@
 #define PS3NAVIGATION_PID   0x042F  // Navigation controller
 #define PS3MOVE_PID         0x03D5  // Motion controller
 
+//-- MODIFIED> -----------------------------------------------------------//
 /* Bluetooth dongle data taken from descriptors */
-#define BULK_MAXPKTSIZE     64 // max size for ACL data
+#define BULK_MAXPKTSIZE     128 // max size for ACL data 64->128 MODIFIED
+//-- <MODIFIED -----------------------------------------------------------//
 
 // Used in control endpoint header for HCI Commands
 #define bmREQ_HCI_OUT USB_SETUP_HOST_TO_DEVICE|USB_SETUP_TYPE_CLASS|USB_SETUP_RECIPIENT_DEVICE
@@ -56,6 +62,11 @@
 #define HCI_DISABLE_SCAN_STATE  14
 #define HCI_DONE_STATE          15
 #define HCI_DISCONNECT_STATE    16
+//-- MODIFIED> -----------------------------------------------------------//
+#define HCI_WRITE_CoD_STATE             17
+#define HCI_WRITE_SIMPLE_PAIRING_STATE  18
+#define HCI_SET_EVENT_MASK_STATE        19
+//-- <MODIFIED -----------------------------------------------------------//
 
 /* HCI event flags*/
 #define HCI_FLAG_CMD_COMPLETE           0x01
@@ -102,6 +113,13 @@
 #define EV_COMMAND_STATUS                               0x0F
 #define EV_LOOPBACK_COMMAND                             0x19
 #define EV_PAGE_SCAN_REP_MODE                           0x20
+//-- MODIFIED> -----------------------------------------------------------//
+//#define EV_SIMPLE_PAIRING_COMPLETE                      0x2C
+#define EV_IO_CAPABILITY_REQUEST                        0x31
+#define EV_IO_CAPABILITY_RESPONSE                       0x32
+#define EV_USER_CONFIRMATION_REQUEST                    0x33
+#define EV_SIMPLE_PAIRING_COMPLETE                      0x36
+//-- <MODIFIED -----------------------------------------------------------//
 
 /* L2CAP signaling commands */
 #define L2CAP_CMD_COMMAND_REJECT        0x01
@@ -404,6 +422,21 @@ class BTD : public USBDeviceConfig, public UsbConfigXtracter {
         uint8_t readPollInterval() {
                 return pollInterval;
         };
+//-- MODIFIED> -----------------------------------------------------------//
+//		  void hci_write_class_of_device();
+		  void hci_Write_Simple_Pairing_Mode();
+		  void hci_Set_Event_Mask_SPM();
+		  void hci_Authentication_Requested(uint16_t handle);
+		  void hci_IO_Capability_Request_Reply();
+		  void hci_User_Confirmation_Request_Reply();
+		  void hci_Set_Connection_Encryption(uint16_t handle);
+		  bool isSimplePairingCompleted(){return m_simple_pairing_completed;};
+		  void StartSimplePairingOperation(uint16_t handle)
+		  {
+			  m_simple_pairing_completed = false;
+			  hci_Authentication_Requested(handle);
+		  }
+//-- <MODIFIED -----------------------------------------------------------//
 
 protected:
         /** Pointer to USB class instance. */
@@ -460,5 +493,8 @@ class BTD : public USBDeviceConfig, public UsbConfigXtracter {
         /* Used to set the Bluetooth Address internally to the PS3 Controllers */
         void setBdaddr(uint8_t* BDADDR);
         void setMoveBdaddr(uint8_t* BDADDR);
+//-- MODIFIED> -----------------------------------------------------------//
+		  bool m_simple_pairing_completed;
+//-- <MODIFIED -----------------------------------------------------------//
 };
 #endif