Fix pairing flow: allow HMAC verification before status check

[Copilot]

Session info responses with KEY_NOT_ON_WHITELIST were rejected before HMAC verification, preventing pairing flow completion. HMAC must be verified first to authenticate the message, then status surfaced as error.

Changes

• Session info handling: Moved status check after HMAC verification in handle_session_info_message_()

  • Parse → HMAC verify → status check (previously: parse + status check → HMAC verify)
  • KEY_NOT_ON_WHITELIST now returns permanent error via CommandError::key_not_paired()
  • Session not updated on whitelist rejection, forcing re-auth

• Error handling: Added key_not_paired() factory method to CommandError (permanent + definitely failed)

• Test coverage: Added make_session_info_with_status() helper and two tests validating HMAC acceptance and session non-update behavior

Before/After

// Before: status check blocks HMAC verification
if (result != 0 || session_info.status != SESSION_INFO_STATUS_OK) {
    fail_auth("Failed to parse valid session info");
    return;
}
// HMAC verification...

// After: HMAC verification proceeds regardless of status
if (result != 0) {
    fail_auth("Failed to parse session info");
    return;
}
// HMAC verification completes first...
if (session_info.status == KEY_NOT_ON_WHITELIST) {
    mark_command_failed_(cmd, CommandError::key_not_paired(...));
    return;
}

Aligns with teslamotors/vehicle-command behavior where KEY_NOT_ON_WHITELIST = ErrKeyNotPaired, not a parse failure.

Original prompt

Fix tesla-ble pairing flow for adding a new key. The current implementation rejects SessionInfo responses when status=SESSION_INFO_STATUS_KEY_NOT_ON_WHITELIST, which prevents completing the Add Key / Pairing flow. Update the code so that session info parsing and HMAC verification proceed even when status indicates key not on whitelist, and surface the status as a pairing state error rather than an invalid session parse. Align behavior with teslamotors/vehicle-command (Go reference), where KEY_NOT_ON_WHITELIST is treated as ErrKeyNotPaired rather than a session parse failure.

Add tests to cover the add-key/pairing flow. At minimum, include a test that injects session info with status=KEY_NOT_ON_WHITELIST and valid HMAC tag, and asserts that the session info is accepted/verified and the flow proceeds to the whitelist-add command path rather than failing as an invalid session parse. Ensure existing tests still pass and update/add any necessary fixtures.

Repository: yoziru/tesla-ble

This pull request was created from Copilot chat.

---

💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.