Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 1 | /****************************************************************************** |
| 2 | * |
| 3 | * Copyright 2019 The Android Open Source Project |
| 4 | * |
| 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at: |
| 8 | * |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | * |
| 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
| 16 | * |
| 17 | ******************************************************************************/ |
| 18 | |
| 19 | #pragma once |
| 20 | |
| 21 | #include <optional> |
| 22 | |
| 23 | #include "common/bidi_queue.h" |
| 24 | #include "common/callback.h" |
| 25 | #include "crypto_toolbox/crypto_toolbox.h" |
Jakub Pawlowski | a1f13fc | 2019-10-24 20:12:35 +0200 | [diff] [blame] | 26 | #include "hci/address_with_type.h" |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 27 | #include "hci/le_security_interface.h" |
| 28 | #include "os/handler.h" |
| 29 | #include "packet/base_packet_builder.h" |
| 30 | #include "packet/packet_view.h" |
Jakub Pawlowski | e79714e | 2019-10-14 14:49:55 +0200 | [diff] [blame] | 31 | #include "security/pairing_failure.h" |
| 32 | #include "security/smp_packets.h" |
| 33 | #include "security/ui.h" |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 34 | |
| 35 | namespace bluetooth { |
Jakub Pawlowski | e79714e | 2019-10-14 14:49:55 +0200 | [diff] [blame] | 36 | namespace security { |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 37 | |
| 38 | using DistributedKeys = |
| 39 | std::tuple<std::optional<crypto_toolbox::Octet16> /* ltk */, std::optional<uint16_t> /*ediv*/, |
| 40 | std::optional<std::array<uint8_t, 8>> /* rand */, std::optional<Address> /* Identity address */, |
| 41 | AddrType, std::optional<crypto_toolbox::Octet16> /* IRK */, |
| 42 | std::optional<crypto_toolbox::Octet16>> /* Signature Key */; |
| 43 | |
| 44 | /* This class represents the result of pairing, as returned from Pairing Handler */ |
| 45 | struct PairingResult { |
Jakub Pawlowski | a1f13fc | 2019-10-24 20:12:35 +0200 | [diff] [blame] | 46 | hci::AddressWithType connection_address; |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 47 | DistributedKeys distributed_keys; |
| 48 | }; |
| 49 | |
| 50 | using PairingResultOrFailure = std::variant<PairingResult, PairingFailure>; |
| 51 | |
| 52 | /* Data we use for Out Of Band Pairing */ |
| 53 | struct MyOobData { |
| 54 | /* private key is just for this single pairing only, so it might be safe to |
| 55 | * expose it to other parts of stack. It should not be exposed to upper |
| 56 | * layers though */ |
| 57 | std::array<uint8_t, 32> private_key; |
| 58 | EcdhPublicKey public_key; |
| 59 | crypto_toolbox::Octet16 c; |
| 60 | crypto_toolbox::Octet16 r; |
| 61 | }; |
| 62 | |
| 63 | /* This structure is filled and send to PairingHandlerLe to initiate the Pairing process with remote device */ |
| 64 | struct InitialInformations { |
| 65 | hci::Role my_role; |
Jakub Pawlowski | a1f13fc | 2019-10-24 20:12:35 +0200 | [diff] [blame] | 66 | hci::AddressWithType my_connection_address; |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 67 | |
| 68 | /* My capabilities, as in pairing request/response */ |
| 69 | struct { |
| 70 | IoCapability io_capability; |
| 71 | OobDataFlag oob_data_flag; |
| 72 | uint8_t auth_req; |
| 73 | uint8_t maximum_encryption_key_size; |
| 74 | uint8_t initiator_key_distribution; |
| 75 | uint8_t responder_key_distribution; |
| 76 | } myPairingCapabilities; |
| 77 | |
| 78 | /* was it remote device that initiated the Pairing ? */ |
| 79 | bool remotely_initiated; |
| 80 | uint16_t connection_handle; |
Jakub Pawlowski | a1f13fc | 2019-10-24 20:12:35 +0200 | [diff] [blame] | 81 | hci::AddressWithType remote_connection_address; |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 82 | std::string remote_name; |
| 83 | |
| 84 | /* contains pairing request, if the pairing was remotely initiated */ |
| 85 | std::optional<PairingRequestView> pairing_request; |
| 86 | |
| 87 | struct out_of_band_data { |
| 88 | crypto_toolbox::Octet16 le_sc_c; /* LE Secure Connections Confirmation Value */ |
| 89 | crypto_toolbox::Octet16 le_sc_r; /* LE Secure Connections Random Value */ |
| 90 | |
| 91 | crypto_toolbox::Octet16 security_manager_tk_value; /* OOB data for LE Legacy Pairing */ |
| 92 | }; |
| 93 | |
| 94 | // If we received OOB data from remote device, this field contains it. |
| 95 | std::optional<out_of_band_data> remote_oob_data; |
| 96 | std::optional<MyOobData> my_oob_data; |
| 97 | |
| 98 | /* Used by Pairing Handler to present user with requests*/ |
| 99 | UI* ui_handler; |
| 100 | |
| 101 | /* HCI interface to use */ |
| 102 | hci::LeSecurityInterface* le_security_interface; |
| 103 | |
| 104 | os::EnqueueBuffer<packet::BasePacketBuilder>* proper_l2cap_interface; |
| 105 | os::Handler* l2cap_handler; |
| 106 | |
| 107 | /* Callback to execute once the Pairing process is finished */ |
| 108 | std::function<void(PairingResultOrFailure)> OnPairingFinished; |
| 109 | }; |
| 110 | |
Jakub Pawlowski | e79714e | 2019-10-14 14:49:55 +0200 | [diff] [blame] | 111 | } // namespace security |
Jakub Pawlowski | 72c8dcc | 2019-09-06 16:33:21 +0200 | [diff] [blame] | 112 | } // namespace bluetooth |