Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / system / bt / 3b7093b65ff6711539bcdc42307457e041845523 / . / gd / security / pairing_handler_le_legacy.cc
blob: 0c3a73b27e05133d1371dd0d283ce2b7ca6d1a3e [file] [log] [blame]
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]1/******************************************************************************
2 *
3 * Copyright 2019 The Android Open Source Project
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
Jakub Pawlowskie79714e2019-10-14 14:49:55 +0200[diff] [blame]19#include "security/pairing_handler_le.h"
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]20
21namespace bluetooth {
Jakub Pawlowskie79714e2019-10-14 14:49:55 +0200[diff] [blame]22namespace security {
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]23
24LegacyStage1ResultOrFailure PairingHandlerLe::DoLegacyStage1(const InitialInformations& i,
25 const PairingRequestView& pairing_request,
26 const PairingResponseView& pairing_response) {
27 if (((pairing_request.GetAuthReq() | pairing_response.GetAuthReq()) & AuthReqMaskMitm) == 0) {
28 // If both devices have not set MITM option, Just Works shall be used
29 return LegacyJustWorks();
30 }
31
32 if (pairing_request.GetOobDataFlag() == OobDataFlag::PRESENT &&
33 pairing_response.GetOobDataFlag() == OobDataFlag::PRESENT) {
34 // OobDataFlag remote_oob_flag = IAmMaster(i) ? pairing_response.GetOobDataFlag() :
35 // pairing_request.GetOobDataFlag(); OobDataFlag my_oob_flag = IAmMaster(i) ? pairing_request.GetOobDataFlag() :
36 // pairing_response.GetOobDataFlag();
37 return LegacyOutOfBand(i);
38 }
39
40 const auto& iom = pairing_request.GetIoCapability();
41 const auto& ios = pairing_response.GetIoCapability();
42
43 if (iom == IoCapability::NO_INPUT_NO_OUTPUT || ios == IoCapability::NO_INPUT_NO_OUTPUT) {
44 return LegacyJustWorks();
45 }
46
47 if ((iom == IoCapability::DISPLAY_ONLY || iom == IoCapability::DISPLAY_YES_NO) &&
48 (ios == IoCapability::DISPLAY_ONLY || ios == IoCapability::DISPLAY_YES_NO)) {
49 return LegacyJustWorks();
50 }
51
52 // This if() should not be needed, these are only combinations left.
53 if (iom == IoCapability::KEYBOARD_DISPLAY || iom == IoCapability::KEYBOARD_ONLY ||
54 ios == IoCapability::KEYBOARD_DISPLAY || ios == IoCapability::KEYBOARD_ONLY) {
55 IoCapability my_iocaps = IAmMaster(i) ? iom : ios;
56 IoCapability remote_iocaps = IAmMaster(i) ? ios : iom;
57 return LegacyPasskeyEntry(i, my_iocaps, remote_iocaps);
58 }
59
60 // We went through all possble combinations.
61 LOG_ALWAYS_FATAL("This should never happen");
62}
63
64LegacyStage1ResultOrFailure PairingHandlerLe::LegacyJustWorks() {
65 LOG_INFO("Legacy Just Works start");
66 return Octet16{0};
67}
68
69LegacyStage1ResultOrFailure PairingHandlerLe::LegacyPasskeyEntry(const InitialInformations& i,
70 const IoCapability& my_iocaps,
71 const IoCapability& remote_iocaps) {
72 bool i_am_displaying = false;
73 if (my_iocaps == IoCapability::DISPLAY_ONLY || my_iocaps == IoCapability::DISPLAY_YES_NO) {
74 i_am_displaying = true;
75 } else if (IAmMaster(i) && remote_iocaps == IoCapability::KEYBOARD_DISPLAY &&
76 my_iocaps == IoCapability::KEYBOARD_DISPLAY) {
77 i_am_displaying = true;
78 } else if (my_iocaps == IoCapability::KEYBOARD_DISPLAY && remote_iocaps == IoCapability::KEYBOARD_ONLY) {
79 i_am_displaying = true;
80 }
81
82 LOG_INFO("Passkey Entry start %s", i_am_displaying ? "displaying" : "accepting");
83
84 uint32_t passkey;
85 if (i_am_displaying) {
86 // generate passkey in a valid range
87 passkey = GenerateRandom();
88 passkey &= 0x0fffff; /* maximum 20 significant bits */
89 constexpr uint32_t PASSKEY_MAX = 999999;
90 if (passkey > PASSKEY_MAX) passkey >>= 1;
91
92 i.ui_handler->DisplayConfirmValue(passkey);
93 } else {
94 i.ui_handler->DisplayEnterPasskeyDialog();
95 std::optional<PairingEvent> response = WaitUiPasskey();
96 if (!response) return PairingFailure("Passkey did not arrive!");
97
98 passkey = response->ui_value;
99 }
100
101 Octet16 tk{0};
102 tk[0] = (uint8_t)(passkey);
103 tk[1] = (uint8_t)(passkey >> 8);
104 tk[2] = (uint8_t)(passkey >> 16);
105 tk[3] = (uint8_t)(passkey >> 24);
106
107 LOG_INFO("Passkey Entry finish");
108 return tk;
109}
110
111LegacyStage1ResultOrFailure PairingHandlerLe::LegacyOutOfBand(const InitialInformations& i) {
112 return i.remote_oob_data->security_manager_tk_value;
113}
114
115StkOrFailure PairingHandlerLe::DoLegacyStage2(const InitialInformations& i, const PairingRequestView& pairing_request,
116 const PairingResponseView& pairing_response, const Octet16& tk) {
117 LOG_INFO("Legacy Step 2 start");
118 std::vector<uint8_t> preq(pairing_request.begin(), pairing_request.end());
119 std::vector<uint8_t> pres(pairing_response.begin(), pairing_response.end());
120
121 Octet16 mrand, srand;
122 if (IAmMaster(i)) {
123 mrand = GenerateRandom<16>();
124
125 // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
126 // LOG(INFO) << +(IAmMaster(i)) << " mrand = " << base::HexEncode(mrand.data(), mrand.size());
127 // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
128 // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
129 // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
130 // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;
131 // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
132 // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
Jakub Pawlowskia1f13fc2019-10-24 20:12:35 +0200[diff] [blame]133 Octet16 mconfirm = crypto_toolbox::c1(
134 tk, mrand, preq.data(), pres.data(), (uint8_t)i.my_connection_address.GetAddressType(),
135 i.my_connection_address.GetAddress().address, (uint8_t)i.remote_connection_address.GetAddressType(),
136 i.remote_connection_address.GetAddress().address);
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]137
138 LOG_INFO("Master sends Mconfirm");
139 SendL2capPacket(i, PairingConfirmBuilder::Create(mconfirm));
140
141 LOG_INFO("Master waits for the Sconfirm");
142 auto sconfirm_pkt = WaitPairingConfirm();
143 if (std::holds_alternative<PairingFailure>(sconfirm_pkt)) {
144 return std::get<PairingFailure>(sconfirm_pkt);
145 }
146 Octet16 sconfirm = std::get<PairingConfirmView>(sconfirm_pkt).GetConfirmValue();
147
148 LOG_INFO("Master sends Mrand");
149 SendL2capPacket(i, PairingRandomBuilder::Create(mrand));
150
151 LOG_INFO("Master waits for Srand");
152 auto random_pkt = WaitPairingRandom();
153 if (std::holds_alternative<PairingFailure>(random_pkt)) {
154 return std::get<PairingFailure>(random_pkt);
155 }
156 srand = std::get<PairingRandomView>(random_pkt).GetRandomValue();
157
158 // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
159 // LOG(INFO) << +(IAmMaster(i)) << " srand = " << base::HexEncode(srand.data(), srand.size());
160 // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
161 // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
162 // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
163 // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
164 // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
165 // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;
Jakub Pawlowskia1f13fc2019-10-24 20:12:35 +0200[diff] [blame]166 Octet16 sconfirm_generated = crypto_toolbox::c1(
167 tk, srand, preq.data(), pres.data(), (uint8_t)i.my_connection_address.GetAddressType(),
168 i.my_connection_address.GetAddress().address, (uint8_t)i.remote_connection_address.GetAddressType(),
169 i.remote_connection_address.GetAddress().address);
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]170
171 if (sconfirm != sconfirm_generated) {
172 LOG_INFO("sconfirm does not match generated value");
173
174 SendL2capPacket(i, PairingFailedBuilder::Create(PairingFailedReason::CONFIRM_VALUE_FAILED));
175 return PairingFailure("sconfirm does not match generated value");
176 }
177 } else {
178 srand = GenerateRandom<16>();
179
180 std::vector<uint8_t> preq(pairing_request.begin(), pairing_request.end());
181 std::vector<uint8_t> pres(pairing_response.begin(), pairing_response.end());
182
Jakub Pawlowskia1f13fc2019-10-24 20:12:35 +0200[diff] [blame]183 Octet16 sconfirm = crypto_toolbox::c1(
184 tk, srand, preq.data(), pres.data(), (uint8_t)i.remote_connection_address.GetAddressType(),
185 i.remote_connection_address.GetAddress().address, (uint8_t)i.my_connection_address.GetAddressType(),
186 i.my_connection_address.GetAddress().address);
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]187
188 LOG_INFO("Slave waits for the Mconfirm");
189 auto mconfirm_pkt = WaitPairingConfirm();
190 if (std::holds_alternative<PairingFailure>(mconfirm_pkt)) {
191 return std::get<PairingFailure>(mconfirm_pkt);
192 }
193 Octet16 mconfirm = std::get<PairingConfirmView>(mconfirm_pkt).GetConfirmValue();
194
195 LOG_INFO("Slave sends Sconfirm");
196 SendL2capPacket(i, PairingConfirmBuilder::Create(sconfirm));
197
198 LOG_INFO("Slave waits for Mrand");
199 auto random_pkt = WaitPairingRandom();
200 if (std::holds_alternative<PairingFailure>(random_pkt)) {
201 return std::get<PairingFailure>(random_pkt);
202 }
203 mrand = std::get<PairingRandomView>(random_pkt).GetRandomValue();
204
205 // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
206 // LOG(INFO) << +(IAmMaster(i)) << " mrand = " << base::HexEncode(mrand.data(), mrand.size());
207 // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
208 // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
209 // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
210 // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
211 // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
212 // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;
213 Octet16 mconfirm_generated = crypto_toolbox::c1(
Jakub Pawlowskia1f13fc2019-10-24 20:12:35 +0200[diff] [blame]214 tk, mrand, preq.data(), pres.data(), (uint8_t)i.remote_connection_address.GetAddressType(),
215 i.remote_connection_address.GetAddress().address, (uint8_t)i.my_connection_address.GetAddressType(),
216 i.my_connection_address.GetAddress().address);
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]217
218 if (mconfirm != mconfirm_generated) {
219 LOG_INFO("mconfirm does not match generated value");
220 SendL2capPacket(i, PairingFailedBuilder::Create(PairingFailedReason::CONFIRM_VALUE_FAILED));
221 return PairingFailure("mconfirm does not match generated value");
222 }
223
224 LOG_INFO("Slave sends Srand");
225 SendL2capPacket(i, PairingRandomBuilder::Create(srand));
226 }
227
228 LOG_INFO("Legacy stage 2 finish");
229
230 /* STK */
231 return crypto_toolbox::s1(tk, srand, mrand);
232}
Jakub Pawlowskie79714e2019-10-14 14:49:55 +0200[diff] [blame]233} // namespace security
Jakub Pawlowski72c8dcc2019-09-06 16:33:21 +0200[diff] [blame]234} // namespace bluetooth