philips-software · Xavier Bernhardt (XavierBernhardt-Philips) · Jun 2, 2025 · Jun 6, 2025 · Jun 6, 2025 · Jun 13, 2025
@@ -36,9 +36,9 @@ namespace services
         GapPairingObserver::Subject().AllowPairing(allow);
     }
 
-    void GapPairingDecorator::SetSecurityMode(SecurityMode mode, SecurityLevel level)
+    void GapPairingDecorator::SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode)
     {
-        GapPairingObserver::Subject().SetSecurityMode(mode, level);
+        GapPairingObserver::Subject().SetSecurityRequirements(connectionMode, mitmMode);
     }
 
     void GapPairingDecorator::SetIoCapabilities(IoCapabilities caps)

@@ -141,11 +141,25 @@ namespace services
             level4,
         };
 
-        virtual void Pair() = 0;
+        enum class ConnectionMode
+        {
+            legacyOnly = 0,
+            secureIfSupported = 1, // Fallback to legacy if secure is not supported
+            secureOnly = 2,
+        };
+
+        enum class ManInTheMiddleMode
+        {
+            disabled = 0,
+            enabled = 1, // Require user to act as out of band authentication
+        };
+
+        virtual void
+        Pair() = 0;
-        virtual void
-        Pair() = 0;
+        virtual void Pair() = 0;
-        virtual void
-        Pair() = 0;
+        virtual void Pair() = 0;
 
         virtual void AllowPairing(bool allow) = 0;
 
-        virtual void SetSecurityMode(SecurityMode mode, SecurityLevel level) = 0;
+        virtual void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) = 0;
         virtual void SetIoCapabilities(IoCapabilities caps) = 0;
 
         virtual void AuthenticateWithPasskey(uint32_t passkey) = 0;
@@ -167,7 +181,7 @@ namespace services
         // Implementation of GapPairing
         void Pair() override;
         void AllowPairing(bool allow) override;
-        void SetSecurityMode(SecurityMode mode, SecurityLevel level) override;
+        void SetSecurityRequirements(ConnectionMode connectionMode, ManInTheMiddleMode mitmMode) override;
         void SetIoCapabilities(IoCapabilities caps) override;
         void AuthenticateWithPasskey(uint32_t passkey) override;
         void NumericComparisonConfirm(bool accept) override;

@@ -70,6 +70,24 @@ message AdvertisementType
     AdvertisementTypeEnum type = 1;
 }
 
+message SecurityRequirements { 
+    enum SecureConnectionModeEnum
+    {
+        legacyOnly = 0;
+        secureIfSupported = 1; // Fallback to legacy if secure is not supported
+        secureOnly = 2;
+    }
+
+    enum ManInTheMiddleModeEnum
+    {
+        disabled = 0;
+        enabled = 1;    // Require user to act as out of band authentication
+    }
+
+    SecureConnectionModeEnum connectionMode = 1; // TODO: check if these values are correct   
+    ManInTheMiddleModeEnum mitmMode = 2; 
+}
+
 message SecurityModeAndLevel
 {
     enum SecurityLevelEnum
@@ -192,7 +210,7 @@ service GapPeripheral
     rpc SetAdvertisementData(AdvertisementData) returns (Nothing) { option (method_id) = 3; }
     rpc SetScanResponseData(AdvertisementData) returns (Nothing) { option (method_id) = 4; }
     rpc SetAllowPairing(BoolValue) returns (Nothing) { option (method_id) = 5; }
-    rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 6; }
+    rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 6; }
     rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 7; }
     rpc RemoveAllBonds(Nothing) returns (Nothing) { option (method_id) = 8; }
 
@@ -225,7 +243,7 @@ service GapCentral
     // Allowed states: connected
     rpc Pair(Nothing) returns (Nothing) { option (method_id) = 6; }
 
-    rpc SetSecurityMode(SecurityModeAndLevel) returns (Nothing) { option (method_id) = 7; }
+    rpc SetSecurityRequirements(SecurityRequirements) returns (Nothing) { option (method_id) = 7; }
     rpc SetIoCapabilities(IoCapabilities) returns (Nothing) { option (method_id) = 8; }
     rpc AuthenticateWithPasskey(UInt32Value) returns (Nothing) { option (method_id) = 9; }
     rpc NumericComparisonConfirm(BoolValue) returns (Nothing) { option (method_id) = 10; }

@@ -40,8 +40,8 @@ namespace services
         EXPECT_CALL(gapPairing, AllowPairing(::testing::IsTrue()));
         decorator.AllowPairing(true);
 
-        EXPECT_CALL(gapPairing, SetSecurityMode(::testing::TypedEq<services::GapPairing::SecurityMode>(services::GapPairing::SecurityMode::mode1), ::testing::TypedEq<services::GapPairing::SecurityLevel>(services::GapPairing::SecurityLevel::level1)));
-        decorator.SetSecurityMode(services::GapPairing::SecurityMode::mode1, services::GapPairing::SecurityLevel::level1);
+        EXPECT_CALL(gapPairing, SetSecurityRequirements(::testing::TypedEq<services::GapPairing::ConnectionMode>(services::GapPairing::ConnectionMode::legacyOnly), ::testing::TypedEq<services::GapPairing::ManInTheMiddleMode>(services::GapPairing::ManInTheMiddleMode::disabled)));
+        decorator.SetSecurityRequirements(services::GapPairing::ConnectionMode::legacyOnly, services::GapPairing::ManInTheMiddleMode::disabled);
 
         EXPECT_CALL(gapPairing, SetIoCapabilities(::testing::TypedEq<services::GapPairing::IoCapabilities>(services::GapPairing::IoCapabilities::none)));
         decorator.SetIoCapabilities(services::GapPairing::IoCapabilities::none);

@@ -12,7 +12,7 @@ namespace services
     public:
         MOCK_METHOD(void, Pair, ());
         MOCK_METHOD(void, AllowPairing, (bool allow));
-        MOCK_METHOD(void, SetSecurityMode, (SecurityMode mode, SecurityLevel level));
+        MOCK_METHOD(void, SetSecurityRequirements, (ConnectionMode connectionMode, ManInTheMiddleMode mitmMode));
         MOCK_METHOD(void, SetIoCapabilities, (IoCapabilities caps));
         MOCK_METHOD(void, AuthenticateWithPasskey, (uint32_t passkey));
         MOCK_METHOD(void, NumericComparisonConfirm, (bool accept));