Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 1 | /* |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 2 | * |
| 3 | * Copyright 2019 The Android Open Source Project |
| 4 | * |
| 5 | * Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | * you may not use this file except in compliance with the License. |
| 7 | * You may obtain a copy of the License at: |
| 8 | * |
| 9 | * http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | * |
| 11 | * Unless required by applicable law or agreed to in writing, software |
| 12 | * distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | * See the License for the specific language governing permissions and |
| 15 | * limitations under the License. |
| 16 | * |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 17 | */ |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 18 | #include "security_manager_impl.h" |
| 19 | |
| 20 | #include <iostream> |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 21 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 22 | #include "hci/address_with_type.h" |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 23 | #include "os/log.h" |
Jakub Pawlowski | 5a67e40 | 2019-11-18 16:14:22 +0100 | [diff] [blame] | 24 | #include "security/security_manager.h" |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 25 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 26 | namespace bluetooth { |
| 27 | namespace security { |
| 28 | namespace internal { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 29 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 30 | std::shared_ptr<bluetooth::security::record::SecurityRecord> SecurityManagerImpl::CreateSecurityRecord( |
| 31 | hci::Address address) { |
| 32 | hci::AddressWithType device(address, hci::AddressType::PUBLIC_DEVICE_ADDRESS); |
| 33 | // Security record check |
| 34 | auto entry = security_record_map_.find(device.GetAddress()); |
| 35 | if (entry == security_record_map_.end()) { |
| 36 | LOG_INFO("No security record for device: %s ", device.ToString().c_str()); |
| 37 | // Create one |
| 38 | std::shared_ptr<security::record::SecurityRecord> record = |
| 39 | std::make_shared<security::record::SecurityRecord>(device); |
| 40 | auto new_entry = std::pair<hci::Address, std::shared_ptr<security::record::SecurityRecord>>( |
| 41 | record->GetDevice().GetAddress(), record); |
| 42 | // Keep track of it |
| 43 | security_record_map_.insert(new_entry); |
| 44 | return record; |
| 45 | } |
| 46 | return entry->second; |
| 47 | } |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 48 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 49 | void SecurityManagerImpl::DispatchPairingHandler(std::shared_ptr<security::record::SecurityRecord> record, |
| 50 | bool locally_initiated) { |
| 51 | common::OnceCallback<void(hci::Address)> callback = |
| 52 | common::BindOnce(&SecurityManagerImpl::OnPairingHandlerComplete, common::Unretained(this)); |
| 53 | auto entry = pairing_handler_map_.find(record->GetDevice().GetAddress()); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 54 | if (entry != pairing_handler_map_.end()) { |
| 55 | LOG_WARN("Device already has a pairing handler, and is in the middle of pairing!"); |
| 56 | return; |
| 57 | } |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 58 | std::shared_ptr<pairing::PairingHandler> pairing_handler = nullptr; |
| 59 | switch (record->GetDevice().GetAddressType()) { |
| 60 | case hci::AddressType::PUBLIC_DEVICE_ADDRESS: |
| 61 | pairing_handler = std::make_shared<security::pairing::ClassicPairingHandler>( |
| 62 | l2cap_classic_module_->GetFixedChannelManager(), security_manager_channel_, record, security_handler_, |
| 63 | std::move(callback)); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 64 | break; |
| 65 | default: |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 66 | ASSERT_LOG(false, "Pairing type %hhu not implemented!", record->GetDevice().GetAddressType()); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 67 | } |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 68 | auto new_entry = std::pair<hci::Address, std::shared_ptr<pairing::PairingHandler>>(record->GetDevice().GetAddress(), |
| 69 | pairing_handler); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 70 | pairing_handler_map_.insert(std::move(new_entry)); |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 71 | pairing_handler->Initiate(locally_initiated, pairing::kDefaultIoCapability, pairing::kDefaultOobDataPresent, |
| 72 | pairing::kDefaultAuthenticationRequirements); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 73 | } |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 74 | |
| 75 | void SecurityManagerImpl::Init() { |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 76 | security_manager_channel_->SetChannelListener(this); |
| 77 | security_manager_channel_->SendCommand(hci::WriteSimplePairingModeBuilder::Create(hci::Enable::ENABLED)); |
| 78 | security_manager_channel_->SendCommand(hci::WriteSecureConnectionsHostSupportBuilder::Create(hci::Enable::ENABLED)); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 79 | // TODO(optedoblivion): Populate security record memory map from disk |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 80 | } |
| 81 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 82 | void SecurityManagerImpl::CreateBond(hci::AddressWithType device) { |
| 83 | auto record = CreateSecurityRecord(device.GetAddress()); |
| 84 | if (record->IsBonded()) { |
| 85 | NotifyDeviceBonded(device); |
| 86 | } else { |
| 87 | // Dispatch pairing handler, if we are calling create we are the initiator |
| 88 | DispatchPairingHandler(record, true); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 89 | } |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 90 | } |
| 91 | |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 92 | void SecurityManagerImpl::CancelBond(hci::AddressWithType device) { |
| 93 | auto entry = pairing_handler_map_.find(device.GetAddress()); |
| 94 | if (entry != pairing_handler_map_.end()) { |
| 95 | pairing_handler_map_.erase(entry); |
| 96 | entry->second->Cancel(); |
| 97 | } |
| 98 | } |
| 99 | |
| 100 | void SecurityManagerImpl::RemoveBond(hci::AddressWithType device) { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 101 | CancelBond(device); |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 102 | auto entry = security_record_map_.find(device.GetAddress()); |
| 103 | if (entry != security_record_map_.end()) { |
| 104 | security_record_map_.erase(entry); |
| 105 | } |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 106 | // Signal disconnect |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 107 | // Remove security record |
| 108 | // Signal Remove from database |
| 109 | } |
| 110 | |
Jakub Pawlowski | 24d5f35 | 2019-11-18 18:54:09 +0100 | [diff] [blame] | 111 | void SecurityManagerImpl::RegisterCallbackListener(ISecurityManagerListener* listener, os::Handler* handler) { |
Jakub Pawlowski | f7cd656 | 2019-11-18 19:27:06 +0100 | [diff] [blame] | 112 | for (auto it = listeners_.begin(); it != listeners_.end(); ++it) { |
| 113 | if (it->first == listener) { |
| 114 | LOG_ALWAYS_FATAL("Listener has already been registered!"); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 115 | } |
| 116 | } |
Jakub Pawlowski | f7cd656 | 2019-11-18 19:27:06 +0100 | [diff] [blame] | 117 | |
| 118 | listeners_.push_back({listener, handler}); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 119 | } |
| 120 | |
| 121 | void SecurityManagerImpl::UnregisterCallbackListener(ISecurityManagerListener* listener) { |
Jakub Pawlowski | f7cd656 | 2019-11-18 19:27:06 +0100 | [diff] [blame] | 122 | for (auto it = listeners_.begin(); it != listeners_.end(); ++it) { |
| 123 | if (it->first == listener) { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 124 | listeners_.erase(it); |
Jakub Pawlowski | f7cd656 | 2019-11-18 19:27:06 +0100 | [diff] [blame] | 125 | return; |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 126 | } |
| 127 | } |
Jakub Pawlowski | f7cd656 | 2019-11-18 19:27:06 +0100 | [diff] [blame] | 128 | |
| 129 | LOG_ALWAYS_FATAL("Listener has not been registered!"); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 130 | } |
| 131 | |
Jakub Pawlowski | d2c82f5 | 2019-11-22 15:33:12 +0100 | [diff] [blame] | 132 | void SecurityManagerImpl::NotifyDeviceBonded(hci::AddressWithType device) { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 133 | for (auto& iter : listeners_) { |
Jakub Pawlowski | 24d5f35 | 2019-11-18 18:54:09 +0100 | [diff] [blame] | 134 | iter.second->Post(common::Bind(&ISecurityManagerListener::OnDeviceBonded, common::Unretained(iter.first), device)); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 135 | } |
| 136 | } |
| 137 | |
Jakub Pawlowski | d2c82f5 | 2019-11-22 15:33:12 +0100 | [diff] [blame] | 138 | void SecurityManagerImpl::NotifyDeviceBondFailed(hci::AddressWithType device) { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 139 | for (auto& iter : listeners_) { |
Jakub Pawlowski | 24d5f35 | 2019-11-18 18:54:09 +0100 | [diff] [blame] | 140 | iter.second->Post( |
| 141 | common::Bind(&ISecurityManagerListener::OnDeviceBondFailed, common::Unretained(iter.first), device)); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 142 | } |
| 143 | } |
| 144 | |
Jakub Pawlowski | d2c82f5 | 2019-11-22 15:33:12 +0100 | [diff] [blame] | 145 | void SecurityManagerImpl::NotifyDeviceUnbonded(hci::AddressWithType device) { |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 146 | for (auto& iter : listeners_) { |
Jakub Pawlowski | 24d5f35 | 2019-11-18 18:54:09 +0100 | [diff] [blame] | 147 | iter.second->Post( |
| 148 | common::Bind(&ISecurityManagerListener::OnDeviceUnbonded, common::Unretained(iter.first), device)); |
Martin Brabham | 605d6f1 | 2019-03-29 12:02:30 -0700 | [diff] [blame] | 149 | } |
| 150 | } |
Martin Brabham | 80854c2 | 2019-11-12 14:52:42 -0800 | [diff] [blame^] | 151 | |
| 152 | template <class T> |
| 153 | void SecurityManagerImpl::HandleEvent(T packet) { |
| 154 | ASSERT(packet.IsValid()); |
| 155 | auto entry = pairing_handler_map_.find(packet.GetBdAddr()); |
| 156 | if (entry != pairing_handler_map_.end()) { |
| 157 | entry->second->OnReceive(packet); |
| 158 | } else { |
| 159 | auto event = hci::EventPacketView::Create(std::move(packet)); |
| 160 | ASSERT_LOG(event.IsValid(), "Received invalid packet"); |
| 161 | const hci::EventCode code = event.GetEventCode(); |
| 162 | auto record = CreateSecurityRecord(packet.GetBdAddr()); |
| 163 | switch (code) { |
| 164 | case hci::EventCode::LINK_KEY_REQUEST: |
| 165 | DispatchPairingHandler(record, true); |
| 166 | break; |
| 167 | default: |
| 168 | LOG_ERROR("No classic pairing handler for device '%s' ready for command '%hhx' ", |
| 169 | packet.GetBdAddr().ToString().c_str(), packet.GetEventCode()); |
| 170 | break; |
| 171 | } |
| 172 | } |
| 173 | } |
| 174 | |
| 175 | void SecurityManagerImpl::OnHciEventReceived(hci::EventPacketView packet) { |
| 176 | auto event = hci::EventPacketView::Create(packet); |
| 177 | ASSERT_LOG(event.IsValid(), "Received invalid packet"); |
| 178 | const hci::EventCode code = event.GetEventCode(); |
| 179 | switch (code) { |
| 180 | case hci::EventCode::PIN_CODE_REQUEST: |
| 181 | HandleEvent<hci::PinCodeRequestView>(hci::PinCodeRequestView::Create(event)); |
| 182 | break; |
| 183 | case hci::EventCode::LINK_KEY_REQUEST: |
| 184 | HandleEvent(hci::LinkKeyRequestView::Create(event)); |
| 185 | break; |
| 186 | case hci::EventCode::LINK_KEY_NOTIFICATION: |
| 187 | HandleEvent(hci::LinkKeyNotificationView::Create(event)); |
| 188 | break; |
| 189 | case hci::EventCode::IO_CAPABILITY_REQUEST: |
| 190 | HandleEvent(hci::IoCapabilityRequestView::Create(event)); |
| 191 | break; |
| 192 | case hci::EventCode::IO_CAPABILITY_RESPONSE: |
| 193 | HandleEvent(hci::IoCapabilityResponseView::Create(event)); |
| 194 | break; |
| 195 | case hci::EventCode::SIMPLE_PAIRING_COMPLETE: |
| 196 | HandleEvent(hci::SimplePairingCompleteView::Create(event)); |
| 197 | break; |
| 198 | case hci::EventCode::REMOTE_OOB_DATA_REQUEST: |
| 199 | HandleEvent(hci::RemoteOobDataRequestView::Create(event)); |
| 200 | break; |
| 201 | case hci::EventCode::USER_PASSKEY_NOTIFICATION: |
| 202 | HandleEvent<hci::UserPasskeyNotificationView>(hci::UserPasskeyNotificationView::Create(event)); |
| 203 | break; |
| 204 | case hci::EventCode::KEYPRESS_NOTIFICATION: |
| 205 | HandleEvent(hci::KeypressNotificationView::Create(event)); |
| 206 | break; |
| 207 | case hci::EventCode::USER_CONFIRMATION_REQUEST: |
| 208 | HandleEvent(hci::UserConfirmationRequestView::Create(event)); |
| 209 | break; |
| 210 | case hci::EventCode::USER_PASSKEY_REQUEST: |
| 211 | HandleEvent(hci::UserPasskeyRequestView::Create(event)); |
| 212 | break; |
| 213 | default: |
| 214 | ASSERT_LOG(false, "Cannot handle received packet: %s", hci::EventCodeText(code).c_str()); |
| 215 | break; |
| 216 | } |
| 217 | } |
| 218 | |
| 219 | void SecurityManagerImpl::OnPairingHandlerComplete(hci::Address address) { |
| 220 | auto entry = pairing_handler_map_.find(address); |
| 221 | if (entry != pairing_handler_map_.end()) { |
| 222 | pairing_handler_map_.erase(entry); |
| 223 | } |
| 224 | NotifyDeviceBonded(hci::AddressWithType(address, hci::AddressType::PUBLIC_DEVICE_ADDRESS)); |
| 225 | } |
| 226 | |
| 227 | } // namespace internal |
| 228 | } // namespace security |
| 229 | } // namespace bluetooth |