1*503a627eSMilanka Ringwald@startuml 2*503a627eSMilanka Ringwaldtitle Reactive Authentication in Central Role 3*503a627eSMilanka Ringwaldstart 4*503a627eSMilanka Ringwald: App on A connects to B; 5*503a627eSMilanka Ringwald: App on A triggers GATT Client request; 6*503a627eSMilanka Ringwald: GATT Client request sent; 7*503a627eSMilanka Ringwaldif (GATT Server returns an ATT_ERROR_INSUFFICIENT_X error?) then (yes) 8*503a627eSMilanka Ringwald if (ENABLE_GATT_CLIENT_PAIRING defined?) then (yes) 9*503a627eSMilanka Ringwald if (LTK available?) then (yes) 10*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 11*503a627eSMilanka Ringwald : start encryption; 12*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 13*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 14*503a627eSMilanka Ringwald : GATT Client request re-sent; 15*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 16*503a627eSMilanka Ringwald stop 17*503a627eSMilanka Ringwald else (no) 18*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 19*503a627eSMilanka Ringwald : delete bonding information; 20*503a627eSMilanka Ringwald endif 21*503a627eSMilanka Ringwald endif 22*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 23*503a627eSMilanka Ringwald : start pairing; 24*503a627eSMilanka Ringwald if (pairing success?) then (yes) 25*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 26*503a627eSMilanka Ringwald : GATT Client request re-sent; 27*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 28*503a627eSMilanka Ringwald stop 29*503a627eSMilanka Ringwald else (no) 30*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 31*503a627eSMilanka Ringwald #FD5B41 : App receives a GATT Client error; 32*503a627eSMilanka Ringwald stop 33*503a627eSMilanka Ringwald endif 34*503a627eSMilanka Ringwald else (no) 35*503a627eSMilanka Ringwald #FD5B41: ATT_QUERY_COMPLETE(ATT_ERROR_INSUFFICIENT_X); 36*503a627eSMilanka Ringwald stop 37*503a627eSMilanka Ringwald note left 38*503a627eSMilanka Ringwald App can trigger pairing and 39*503a627eSMilanka Ringwald repeat the GATT Client request 40*503a627eSMilanka Ringwald end note 41*503a627eSMilanka Ringwald endif 42*503a627eSMilanka Ringwaldelse (no) 43*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 44*503a627eSMilanka Ringwald stop 45*503a627eSMilanka Ringwaldendif 46*503a627eSMilanka Ringwald@enduml 47*503a627eSMilanka Ringwald 48*503a627eSMilanka Ringwald 49*503a627eSMilanka Ringwald 50*503a627eSMilanka Ringwald@startuml 51*503a627eSMilanka Ringwaldtitle Reactive Authentication in Peripheral Role 52*503a627eSMilanka Ringwaldstart 53*503a627eSMilanka Ringwald: App on B connects to A; 54*503a627eSMilanka Ringwald: App on A triggers GATT Client request; 55*503a627eSMilanka Ringwald: GATT Client request sent; 56*503a627eSMilanka Ringwaldif (GATT Server returns an ATT_ERROR_INSUFFICIENT_X error?) then (yes) 57*503a627eSMilanka Ringwald if (ENABLE_GATT_CLIENT_PAIRING define?) then (yes) 58*503a627eSMilanka Ringwald if (LTK available?) then (yes) 59*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 60*503a627eSMilanka Ringwald : SM on A sends SECURITY REQUEST; 61*503a627eSMilanka Ringwald : SM on B should encrypt connection if LTK available; 62*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 63*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 64*503a627eSMilanka Ringwald : GATT Client request re-sent; 65*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 66*503a627eSMilanka Ringwald stop 67*503a627eSMilanka Ringwald else (no) 68*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 69*503a627eSMilanka Ringwald : delete bonding information; 70*503a627eSMilanka Ringwald endif 71*503a627eSMilanka Ringwald endif 72*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 73*503a627eSMilanka Ringwald : SM on A sends SECURITY REQUEST; 74*503a627eSMilanka Ringwald : SM on B should perform pairing sequence; 75*503a627eSMilanka Ringwald if (pairing success?) then (yes) 76*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 77*503a627eSMilanka Ringwald : GATT Client request re-sent; 78*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 79*503a627eSMilanka Ringwald stop 80*503a627eSMilanka Ringwald else (no) 81*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 82*503a627eSMilanka Ringwald #FD5B41 : App receives a GATT Client error; 83*503a627eSMilanka Ringwald stop 84*503a627eSMilanka Ringwald endif 85*503a627eSMilanka Ringwald else (no) 86*503a627eSMilanka Ringwald #FD5B41: ATT_QUERY_COMPLETE(ATT_ERROR_INSUFFICIENT_X); 87*503a627eSMilanka Ringwald stop 88*503a627eSMilanka Ringwald note left 89*503a627eSMilanka Ringwald App can trigger pairing and 90*503a627eSMilanka Ringwald repeat the GATT Client request 91*503a627eSMilanka Ringwald end note 92*503a627eSMilanka Ringwald endif 93*503a627eSMilanka Ringwaldelse (no) 94*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 95*503a627eSMilanka Ringwald stop 96*503a627eSMilanka Ringwaldendif 97*503a627eSMilanka Ringwald@enduml 98*503a627eSMilanka Ringwald 99*503a627eSMilanka Ringwald 100*503a627eSMilanka Ringwald@startuml 101*503a627eSMilanka Ringwaldtitle Mandatory Authentication in Central Role 102*503a627eSMilanka Ringwaldstart 103*503a627eSMilanka Ringwald: App calls gatt_client_set_required_security_level (level > 0); 104*503a627eSMilanka Ringwald: App on A connects to B; 105*503a627eSMilanka Ringwald: App on A triggers GATT Client request; 106*503a627eSMilanka Ringwald: GATT Client request sent; 107*503a627eSMilanka Ringwaldif (LTK available?) then (yes) 108*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 109*503a627eSMilanka Ringwald : start encryption; 110*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 111*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 112*503a627eSMilanka Ringwald : GATT Client request sent; 113*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 114*503a627eSMilanka Ringwald stop 115*503a627eSMilanka Ringwald else (no) 116*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 117*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 118*503a627eSMilanka Ringwald with ATT_ERROR_BONDING_INFORMATION_MISSING; 119*503a627eSMilanka Ringwald stop 120*503a627eSMilanka Ringwald endif 121*503a627eSMilanka Ringwaldelse (no) 122*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 123*503a627eSMilanka Ringwald : start pairing; 124*503a627eSMilanka Ringwald if (pairing success?) then (yes) 125*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 126*503a627eSMilanka Ringwald : GATT Client request sent; 127*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 128*503a627eSMilanka Ringwald stop 129*503a627eSMilanka Ringwald else (no) 130*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 131*503a627eSMilanka Ringwald if (level >= 3) then (yes) 132*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 133*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_AUTHENTICATION; 134*503a627eSMilanka Ringwald stop 135*503a627eSMilanka Ringwald else (no) 136*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 137*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_ENCRYPTION; 138*503a627eSMilanka Ringwald stop 139*503a627eSMilanka Ringwald endif 140*503a627eSMilanka Ringwald endif 141*503a627eSMilanka Ringwald@enduml 142*503a627eSMilanka Ringwald 143*503a627eSMilanka Ringwald 144*503a627eSMilanka Ringwald 145*503a627eSMilanka Ringwald@startuml 146*503a627eSMilanka Ringwaldtitle Mandatory Authentication in Peripheral Role 147*503a627eSMilanka Ringwaldstart 148*503a627eSMilanka Ringwald: App calls gatt_client_set_required_security_level (level > 0); 149*503a627eSMilanka Ringwald: App on B connects to A; 150*503a627eSMilanka Ringwald: App on A triggers GATT Client request; 151*503a627eSMilanka Ringwald: GATT Client request sent; 152*503a627eSMilanka Ringwaldif (LTK available?) then (yes) 153*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 154*503a627eSMilanka Ringwald : SM on A sends SECURITY REQUEST; 155*503a627eSMilanka Ringwald : SM on B should encrypt connection if LTK available; 156*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 157*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 158*503a627eSMilanka Ringwald : GATT Client request sent; 159*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 160*503a627eSMilanka Ringwald stop 161*503a627eSMilanka Ringwald else (no) 162*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 163*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 164*503a627eSMilanka Ringwald with ATT_ERROR_BONDING_INFORMATION_MISSING; 165*503a627eSMilanka Ringwald stop 166*503a627eSMilanka Ringwald endif 167*503a627eSMilanka Ringwaldelse (no) 168*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 169*503a627eSMilanka Ringwald : SM on A sends SECURITY REQUEST; 170*503a627eSMilanka Ringwald : SM on B should perform pairing sequence; 171*503a627eSMilanka Ringwald if (pairing success?) then (yes) 172*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 173*503a627eSMilanka Ringwald : GATT Client request sent; 174*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 175*503a627eSMilanka Ringwald stop 176*503a627eSMilanka Ringwald else (no) 177*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 178*503a627eSMilanka Ringwald if (level >= 3) then (yes) 179*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 180*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_AUTHENTICATION; 181*503a627eSMilanka Ringwald stop 182*503a627eSMilanka Ringwald else (no) 183*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 184*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_ENCRYPTION; 185*503a627eSMilanka Ringwald stop 186*503a627eSMilanka Ringwald endif 187*503a627eSMilanka Ringwald endif 188*503a627eSMilanka Ringwald@enduml 189*503a627eSMilanka Ringwald 190*503a627eSMilanka Ringwald 191*503a627eSMilanka Ringwald@startuml 192*503a627eSMilanka Ringwaldtitle Proactive Authentication in Central Role 193*503a627eSMilanka Ringwaldstart 194*503a627eSMilanka Ringwald: A connects to B; 195*503a627eSMilanka Ringwald: SM checks if LTK available; 196*503a627eSMilanka Ringwaldnote right 197*503a627eSMilanka Ringwald SM actions triggered by 198*503a627eSMilanka Ringwald connection complete 199*503a627eSMilanka Ringwald (independent from GATT Client) 200*503a627eSMilanka Ringwaldend note 201*503a627eSMilanka Ringwald: App triggers GATT Client request on A; 202*503a627eSMilanka Ringwaldif (LTK available?) then (no) 203*503a627eSMilanka Ringwald : GATT Client request sent; 204*503a627eSMilanka Ringwald if (GATT Server returns an ATT_ERROR_INSUFFICIENT_X error?) then (no) 205*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 206*503a627eSMilanka Ringwald stop 207*503a627eSMilanka Ringwald else (yes) 208*503a627eSMilanka Ringwald if (ENABLE_GATT_CLIENT_PAIRING defined?) then (no) 209*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 210*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_X; 211*503a627eSMilanka Ringwald stop 212*503a627eSMilanka Ringwald else (yes) 213*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 214*503a627eSMilanka Ringwald : start pairing; 215*503a627eSMilanka Ringwald if (pairing success?) then (yes) 216*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 217*503a627eSMilanka Ringwald : GATT Client request re-sent; 218*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 219*503a627eSMilanka Ringwald stop 220*503a627eSMilanka Ringwald else (no) 221*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 222*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 223*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_X; 224*503a627eSMilanka Ringwald stop 225*503a627eSMilanka Ringwald endif 226*503a627eSMilanka Ringwald endif 227*503a627eSMilanka Ringwald endif 228*503a627eSMilanka Ringwaldelse (yes) 229*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 230*503a627eSMilanka Ringwald : start encryption; 231*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 232*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 233*503a627eSMilanka Ringwald : GATT Client request sent; 234*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 235*503a627eSMilanka Ringwald stop 236*503a627eSMilanka Ringwald else (no) 237*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 238*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 239*503a627eSMilanka Ringwald with ATT_ERROR_BONDING_INFORMATION_MISSING; 240*503a627eSMilanka Ringwald stop 241*503a627eSMilanka Ringwald note right 242*503a627eSMilanka Ringwald App can delete bonding 243*503a627eSMilanka Ringwald information and repeat 244*503a627eSMilanka Ringwald the GATT Client request 245*503a627eSMilanka Ringwald end note 246*503a627eSMilanka Ringwald endif 247*503a627eSMilanka Ringwaldendif 248*503a627eSMilanka Ringwald@enduml 249*503a627eSMilanka Ringwald 250*503a627eSMilanka Ringwald@startuml 251*503a627eSMilanka Ringwaldtitle Proactive Authentication in Peripheral Role 252*503a627eSMilanka Ringwaldstart 253*503a627eSMilanka Ringwald: A connects to B; 254*503a627eSMilanka Ringwald: SM checks if LTK available; 255*503a627eSMilanka Ringwaldnote right 256*503a627eSMilanka Ringwald SM actions triggered by 257*503a627eSMilanka Ringwald connection complete 258*503a627eSMilanka Ringwald (independent from GATT Client) 259*503a627eSMilanka Ringwaldend note 260*503a627eSMilanka Ringwald: App triggers GATT Client request on A; 261*503a627eSMilanka Ringwaldif (LTK available?) then (no) 262*503a627eSMilanka Ringwald : GATT Client request sent; 263*503a627eSMilanka Ringwald if (GATT Server returns an ATT_ERROR_INSUFFICIENT_X error?) then (no) 264*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 265*503a627eSMilanka Ringwald stop 266*503a627eSMilanka Ringwald else (yes) 267*503a627eSMilanka Ringwald if (ENABLE_GATT_CLIENT_PAIRING defined?) then (no) 268*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 269*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_X; 270*503a627eSMilanka Ringwald stop 271*503a627eSMilanka Ringwald else (yes) 272*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_STARTED; 273*503a627eSMilanka Ringwald : start pairing; 274*503a627eSMilanka Ringwald if (pairing success?) then (yes) 275*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(ERROR_CODE_SUCCESS); 276*503a627eSMilanka Ringwald : GATT Client request re-sent; 277*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 278*503a627eSMilanka Ringwald stop 279*503a627eSMilanka Ringwald else (no) 280*503a627eSMilanka Ringwald : SM_EVENT_PAIRING_COMPLETE(error); 281*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 282*503a627eSMilanka Ringwald with ATT_ERROR_INSUFFICIENT_X; 283*503a627eSMilanka Ringwald stop 284*503a627eSMilanka Ringwald endif 285*503a627eSMilanka Ringwald endif 286*503a627eSMilanka Ringwald endif 287*503a627eSMilanka Ringwaldelse (yes) 288*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_STARTED; 289*503a627eSMilanka Ringwald : start encryption; 290*503a627eSMilanka Ringwald if (re-encrypted) then (yes) 291*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(ERROR_CODE_SUCCESS); 292*503a627eSMilanka Ringwald : GATT Client request sent; 293*503a627eSMilanka Ringwald #23DB2B : App receives GATT Response; 294*503a627eSMilanka Ringwald stop 295*503a627eSMilanka Ringwald else (no) 296*503a627eSMilanka Ringwald : SM_EVENT_REENCRYPTION_COMPLETE(error); 297*503a627eSMilanka Ringwald #FD5B41: App receives GATT_QUERY_COMPLETE event 298*503a627eSMilanka Ringwald with ATT_ERROR_BONDING_INFORMATION_MISSING; 299*503a627eSMilanka Ringwald stop 300*503a627eSMilanka Ringwald note right 301*503a627eSMilanka Ringwald App can delete bonding 302*503a627eSMilanka Ringwald information and repeat 303*503a627eSMilanka Ringwald the GATT Client request 304*503a627eSMilanka Ringwald end note 305*503a627eSMilanka Ringwald endif 306*503a627eSMilanka Ringwaldendif 307*503a627eSMilanka Ringwald@enduml 308