1 /*
2 * Copyright (C) 2021-2022 Huawei Device Co., Ltd.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at
6 *
7 * http://www.apache.org/licenses/LICENSE-2.0
8 *
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
14 */
15
16 #include "gap.h"
17 #include "gap_internal.h"
18 #include "gap_task_internal.h"
19
20 #include <securec.h>
21
22 #include "allocator.h"
23 #include "log.h"
24 #include "thread.h"
25
26 #include "btm.h"
27 #include "btm/btm_interop.h"
28 #include "btm/btm_thread.h"
29
30 typedef struct {
31 GapSecurityCallback callback;
32 void *context;
33 } SecurityCallback;
34
35 typedef struct {
36 GapAuthenticationCallback callback;
37 void *context;
38 } AuthenticationCallback;
39
40 static SecurityCallback g_securityCallback;
41 static AuthenticationCallback g_authenticationCallback;
42
43 static int GapAuthenticationRequested(uint16_t handle);
44 static int GapSetConnectionEncryption(uint16_t handle, uint8_t encryptionEnable);
45
GapCompareServiceSecurityInfo(const GapServiceSecurityInfo * info1,const GapServiceSecurityInfo * info2)46 static bool GapCompareServiceSecurityInfo(const GapServiceSecurityInfo *info1, const GapServiceSecurityInfo *info2)
47 {
48 return ((info1->direction == info2->direction) && (info1->protocolId == info2->protocolId) &&
49 (GapCompareChannelID(info2->protocolId, info1->channelId, info2->channelId)) &&
50 ((info1->serviceId == info2->serviceId) || (info1->serviceId == UNKNOWN_SERVICE) ||
51 (info2->serviceId == UNKNOWN_SERVICE)));
52 }
53
GapAllocReqSecInfo(const BtAddr * addr,GapSecurityResultCallback callback,void * context,const ProfileSecurityInfo * info)54 static RequestSecInfo *GapAllocReqSecInfo(
55 const BtAddr *addr, GapSecurityResultCallback callback, void *context, const ProfileSecurityInfo *info)
56 {
57 RequestSecInfo *reqInfo = NULL;
58
59 reqInfo = MEM_MALLOC.alloc(sizeof(RequestSecInfo));
60 if (reqInfo == NULL) {
61 LOG_ERROR("%{public}s:malloc error.", __FUNCTION__);
62 } else {
63 (void)memset_s(reqInfo, sizeof(RequestSecInfo), 0x00, sizeof(RequestSecInfo));
64 reqInfo->addr = *addr;
65 reqInfo->callback = callback;
66 reqInfo->info = info->info;
67 reqInfo->context = context;
68 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_ACTION;
69 if (info->info.direction == OUTGOING) {
70 reqInfo->needAuthentication = !!(info->securityMode & GAP_SEC_OUT_AUTHENTICATION);
71 reqInfo->needEncryption = !!(info->securityMode & GAP_SEC_OUT_ENCRYPTION);
72 reqInfo->needAuthorization = false;
73 if (*GapGetSecurityMode() != SEC_MODE_2) {
74 reqInfo->needEncryption = true;
75 }
76 } else if (info->info.direction == INCOMING) {
77 reqInfo->needAuthentication = !!(info->securityMode & GAP_SEC_IN_AUTHENTICATION);
78 reqInfo->needEncryption = !!(info->securityMode & GAP_SEC_IN_ENCRYPTION);
79 reqInfo->needAuthorization = !!(info->securityMode & GAP_SEC_IN_AUTHORIZATION);
80 }
81 reqInfo->needUnauthentication = reqInfo->needEncryption && !reqInfo->needAuthentication;
82 reqInfo->needMITM = !!(info->securityMode & GAP_SEC_MITM);
83 }
84
85 return reqInfo;
86 }
87
GapDoAuthenticationCallback(const void * req)88 NO_SANITIZE("cfi") void GapDoAuthenticationCallback(const void *req)
89 {
90 const RequestSecInfo *reqInfo = req;
91 BtAddr addr = BT_ADDR_NULL;
92 uint8_t result = GAP_STATUS_FAILED;
93 if (reqInfo != NULL && reqInfo->status == GAP_SEC_REQ_STATUS_SUCCESS) {
94 result = GAP_STATUS_SUCCESS;
95 }
96 if (reqInfo != NULL) {
97 addr = reqInfo->addr;
98 }
99
100 if (g_authenticationCallback.callback.authenticationComplete) {
101 g_authenticationCallback.callback.authenticationComplete(&addr, result, g_authenticationCallback.context);
102 }
103 }
104
GapTrySecurityCallback(RequestSecInfo * reqInfo)105 static void GapTrySecurityCallback(RequestSecInfo *reqInfo)
106 {
107 if (!reqInfo->doCallback) {
108 reqInfo->doCallback = true;
109 GapDoSecurityCallback(reqInfo);
110 }
111 }
112
GapDoSecurityCallback(void * req)113 NO_SANITIZE("cfi") void GapDoSecurityCallback(void *req)
114 {
115 RequestSecInfo *reqInfo = (RequestSecInfo *)req;
116 uint16_t result = GAP_STATUS_FAILED;
117
118 if (GapIsBredrEnable() == false) {
119 return;
120 }
121
122 if (reqInfo->status == GAP_SEC_REQ_STATUS_SUCCESS) {
123 result = GAP_STATUS_SUCCESS;
124 } else if (reqInfo->hciStatus != HCI_SUCCESS) {
125 result = reqInfo->hciStatus;
126 }
127
128 LOG_INFO("%{public}s:%{public}s-%02d-%{public}s result:%02x:",
129 __FUNCTION__,
130 reqInfo->info.direction ? "IN" : "OUT",
131 reqInfo->info.serviceId,
132 reqInfo->info.protocolId ? "RFCOMM" : "L2CAP",
133 result);
134
135 if (reqInfo->callback) {
136 reqInfo->callback(result, reqInfo->info, reqInfo->context);
137 }
138
139 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
140 ListRemoveNode(profileSecurityBlock->requestlist, req);
141 }
142
GapDoAuthorizationCallback(const void * req)143 static void GapDoAuthorizationCallback(const void *req)
144 {
145 const RequestSecInfo *reqInfo = req;
146 bool reject = false;
147
148 if (g_securityCallback.callback.authorizeInd) {
149 g_securityCallback.callback.authorizeInd(&reqInfo->addr, reqInfo->info.serviceId, reqInfo->context);
150 } else {
151 reject = true;
152 }
153
154 if (reject) {
155 GAP_AuthorizeRes(&reqInfo->addr, reqInfo->info.serviceId, GAP_NOT_ACCEPT);
156 }
157 }
158
GapDoSecurityAction(RequestSecInfo * reqInfo,DeviceInfo * devInfo)159 static void GapDoSecurityAction(RequestSecInfo *reqInfo, DeviceInfo *devInfo)
160 {
161 int ret;
162
163 if (devInfo->status != GAP_DEV_SEC_STATUS_ACTION) {
164 if (devInfo->status == GAP_DEV_SEC_STATUS_IDLE) {
165 BTM_AclAddRef(devInfo->handle);
166 } else {
167 AlarmCancel(devInfo->alarm);
168 }
169 devInfo->status = GAP_DEV_SEC_STATUS_ACTION;
170 }
171 if (reqInfo->needAuthorization) {
172 GapDoAuthorizationCallback(reqInfo);
173 } else if (reqInfo->needAuthentication || reqInfo->needUnauthentication) {
174 if (devInfo->authenticationStatus == GAP_AUTH_STATUS_IDLE) {
175 devInfo->authenticationStatus = GAP_AUTH_STATUS_ACTION;
176 }
177 if (!devInfo->isEncryption) {
178 ret = GapAuthenticationRequested(devInfo->handle);
179 if (ret != BT_SUCCESS) {
180 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
181 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
182 devInfo->authenticationStatus = GAP_AUTH_STATUS_IDLE;
183 GapDoAuthenticationCallback(reqInfo);
184 GapTrySecurityCallback(reqInfo);
185 }
186 } else {
187 reqInfo->status = GAP_SEC_REQ_STATUS_SUCCESS;
188 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
189 devInfo->authenticationStatus = GAP_AUTH_STATUS_IDLE;
190 GapDoAuthenticationCallback(reqInfo);
191 GapTrySecurityCallback(reqInfo);
192 devInfo->actionReq = NULL;
193 }
194 } else if (reqInfo->needEncryption) {
195 if (devInfo->encryptionStatus == GAP_ENC_STATUS_IDLE) {
196 devInfo->encryptionStatus = GAP_ENC_STATUS_ACTION;
197 }
198 ret = GapSetConnectionEncryption(devInfo->handle, LINK_LEVEL_ENCRYPTION_ON);
199 if (ret != BT_SUCCESS) {
200 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
201 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
202 devInfo->encryptionStatus = GAP_ENC_STATUS_IDLE;
203 GapTrySecurityCallback(reqInfo);
204 }
205 } else {
206 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
207 }
208 }
209
GapDoReleaseACLConnection(const void * dev)210 static void GapDoReleaseACLConnection(const void *dev)
211 {
212 const DeviceInfo *devInfo = dev;
213
214 ListNode *node = ListGetFirstNode(GapGetConnectionInfoBlock()->devicelist);
215 while (node != NULL) {
216 if (dev == ListGetNodeData(node)) {
217 break;
218 }
219 node = ListGetNextNode(node);
220 }
221
222 if (node != NULL) {
223 BTM_AclRelease(devInfo->handle);
224 }
225 }
226
GapDiscACLTimerTimeoutTask(void * ctx)227 static void GapDiscACLTimerTimeoutTask(void *ctx)
228 {
229 const DeviceInfo *dev = ((const GapGeneralPointerInfo *)ctx)->pointer;
230
231 if (GapIsBredrEnable()) {
232 GapDoReleaseACLConnection(dev);
233 }
234 }
235
GapDiscACLTimerTimeout(void * dev)236 static void GapDiscACLTimerTimeout(void *dev)
237 {
238 LOG_INFO("%{public}s: ", __FUNCTION__);
239 GapGeneralPointerInfo *ctx = MEM_MALLOC.alloc(sizeof(GapGeneralPointerInfo));
240 if (ctx == NULL) {
241 LOG_ERROR("%{public}s: Alloc error.", __FUNCTION__);
242 return;
243 }
244
245 ctx->pointer = dev;
246
247 int ret = GapRunTaskUnBlockProcess(GapDiscACLTimerTimeoutTask, ctx, NULL);
248 if (ret != BT_SUCCESS) {
249 LOG_ERROR("%{public}s: Task error:%{public}d.", __FUNCTION__, ret);
250 }
251 }
252
GapCheckConnection(void)253 static void GapCheckConnection(void)
254 {
255 ListNode *node = NULL;
256 ConnectionInfoBlock *connectionInfoBlock = NULL;
257 DeviceInfo *devInfo = NULL;
258 connectionInfoBlock = GapGetConnectionInfoBlock();
259 node = ListGetFirstNode(connectionInfoBlock->devicelist);
260 while (node != 0) {
261 devInfo = ListGetNodeData(node);
262 if (devInfo->status == GAP_DEV_SEC_STATUS_WAIT_DISC) {
263 LOG_DEBUG("%{public}s: " BT_ADDR_FMT " 4s disconnect ACL",
264 __FUNCTION__, BT_ADDR_FMT_OUTPUT(devInfo->addr.addr));
265 AlarmCancel(devInfo->alarm);
266 AlarmSet(devInfo->alarm, GAP_DISC_ACL_WAIT_TIME, GapDiscACLTimerTimeout, devInfo);
267 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
268 }
269 node = ListGetNextNode(node);
270 }
271 }
272
GapRequestSecurityProcess(void)273 void GapRequestSecurityProcess(void)
274 {
275 ListNode *requestNode = ListGetFirstNode(GapGetProfileSecurityBlock()->requestlist);
276 while (requestNode != 0) {
277 RequestSecInfo *reqInfo = ListGetNodeData(requestNode);
278 requestNode = ListGetNextNode(requestNode);
279
280 if (reqInfo->status == GAP_SEC_REQ_STATUS_FAILED) {
281 GapTrySecurityCallback(reqInfo);
282 continue;
283 }
284
285 if (reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_CONNECT || reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_FEATURE ||
286 reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_ENCRYPT) {
287 continue;
288 }
289
290 DeviceInfo *devInfo =
291 ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, &reqInfo->addr);
292 if (devInfo == NULL) {
293 continue;
294 }
295
296 if (reqInfo->info.serviceId == GAP) {
297 devInfo->inDedicatedBonding = true;
298 } else {
299 if (devInfo->isAuthentication) {
300 reqInfo->needAuthentication = false;
301 reqInfo->needUnauthentication = false;
302 }
303 if (devInfo->isEncryption) {
304 reqInfo->needEncryption = false;
305 }
306 }
307
308 if (reqInfo->needAuthorization) {
309 reqInfo->status = GAP_SEC_REQ_STATUS_ACTION;
310 GapDoSecurityAction(reqInfo, devInfo);
311 } else if (reqInfo->needAuthentication || reqInfo->needUnauthentication || reqInfo->needEncryption) {
312 if (devInfo->actionReq != NULL) {
313 continue;
314 } else {
315 reqInfo->status = GAP_SEC_REQ_STATUS_ACTION;
316 devInfo->actionReq = reqInfo;
317 GapDoSecurityAction(reqInfo, devInfo);
318 }
319 } else {
320 reqInfo->status = GAP_SEC_REQ_STATUS_SUCCESS;
321 GapTrySecurityCallback(reqInfo);
322 }
323 }
324
325 GapCheckConnection();
326 }
327
GapDoDiscACLConnection(void * dev)328 static void GapDoDiscACLConnection(void *dev)
329 {
330 DeviceInfo *deviceInfo = dev;
331
332 ListNode *node = ListGetFirstNode(GapGetConnectionInfoBlock()->devicelist);
333 while (node != NULL) {
334 if (deviceInfo == ListGetNodeData(node)) {
335 break;
336 }
337 node = ListGetNextNode(node);
338 }
339
340 if (node != NULL) {
341 BTM_AclDisconnect(deviceInfo->handle, GAP_HCI_DISC_REASON_AUTH_FAIL);
342 }
343 }
344
GapWaitEncryptTimeoutTask(void * ctx)345 static void GapWaitEncryptTimeoutTask(void *ctx)
346 {
347 DeviceInfo *dev = ((GapGeneralPointerInfo *)ctx)->pointer;
348
349 GapDoDiscACLConnection(dev);
350 GapUpdateSecurityRequest(dev, GAP_SEC_EVENT_WAIT_ENC_TIMEOUT, HCI_SUCCESS);
351 GapRequestSecurityProcess();
352 }
353
GapWaitEncryptTimeout(void * dev)354 static void GapWaitEncryptTimeout(void *dev)
355 {
356 LOG_INFO("%{public}s: ", __FUNCTION__);
357 GapGeneralPointerInfo *ctx = MEM_MALLOC.alloc(sizeof(GapGeneralPointerInfo));
358 if (ctx == NULL) {
359 LOG_ERROR("%{public}s: Alloc error.", __FUNCTION__);
360 return;
361 }
362
363 ctx->pointer = dev;
364
365 int ret = GapRunTaskUnBlockProcess(GapWaitEncryptTimeoutTask, ctx, NULL);
366 if (ret != BT_SUCCESS) {
367 LOG_ERROR("%{public}s: Task error:%{public}d.", __FUNCTION__, ret);
368 }
369 }
370
GapRemoteDeviceSupportHostSecureSimplePairingCallback(const BtAddr * addr,bool support)371 void GapRemoteDeviceSupportHostSecureSimplePairingCallback(const BtAddr *addr, bool support)
372 {
373 DeviceInfo *devInfo =
374 ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
375 if (devInfo != NULL) {
376 devInfo->supportSSP = support;
377 GapUpdateSecurityRequest(devInfo, GAP_SEC_EVENT_FEATURE_COMP, HCI_SUCCESS);
378 if (devInfo->waitEncryptAlarm != NULL) {
379 AlarmSet(devInfo->waitEncryptAlarm, GAP_SEC_WAIT_ENCRYPT_TIME, GapWaitEncryptTimeout, devInfo);
380 }
381 GapRequestSecurityProcess();
382 }
383 }
384
GAP_RequestSecurity(const BtAddr * addr,const GapRequestSecurityParam * param)385 int GAP_RequestSecurity(const BtAddr *addr, const GapRequestSecurityParam *param)
386 {
387 int ret = GAP_SUCCESS;
388 ProfileSecurityInfo *regInfo = NULL;
389
390 LOG_INFO("%{public}s:%{public}s-%02d-%{public}s",
391 __FUNCTION__,
392 param->info.direction ? "IN" : "OUT",
393 param->info.serviceId,
394 param->info.protocolId ? "RFCOMM" : "L2CAP");
395
396 do {
397 ListNode *node = ListGetFirstNode(GapGetProfileSecurityBlock()->registerlist);
398 while (node != 0) {
399 regInfo = ListGetNodeData(node);
400 if ((GapIsEmptyAddr(regInfo->addr.addr) || GapAddrCompare(®Info->addr, addr)) &&
401 GapCompareServiceSecurityInfo(®Info->info, ¶m->info)) {
402 break;
403 }
404 node = ListGetNextNode(node);
405 }
406
407 if (node == NULL) {
408 LOG_ERROR("%{public}s:Register(%{public}d, %{public}d)not found.",
409 __FUNCTION__, param->info.serviceId, param->info.direction);
410 ret = GAP_ERR_INVAL_PARAM;
411 break;
412 }
413
414 RequestSecInfo *reqInfo = GapAllocReqSecInfo(addr, param->callback, param->context, regInfo);
415 if (reqInfo == NULL) {
416 LOG_ERROR("%{public}s:reqInfo alloc failed.", __FUNCTION__);
417 ret = GAP_ERR_OUT_OF_RES;
418 break;
419 }
420 ListAddLast(GapGetProfileSecurityBlock()->requestlist, reqInfo);
421
422 DeviceInfo *deviceInfo =
423 ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
424 if (deviceInfo != NULL) {
425 if (*GapGetSecurityMode() != SEC_MODE_2) {
426 GapIsRemoteDeviceSupportHostSecureSimplePairingAsync(addr);
427 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_FEATURE;
428 }
429 GapRequestSecurityProcess();
430 } else {
431 ret = BTM_AclConnect(addr);
432 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_CONNECT;
433 }
434 } while (0);
435
436 if (ret != BT_SUCCESS) {
437 param->callback(GAP_STATUS_FAILED, param->info, param->context);
438 ret = BT_SUCCESS;
439 }
440
441 return ret;
442 }
443
GapWriteSimplePairingMode(uint8_t simplePairingMode)444 static int GapWriteSimplePairingMode(uint8_t simplePairingMode)
445 {
446 int ret;
447
448 if (BTM_IsControllerSupportSecureSimplePairing()) {
449 HciWriteSimplePairingModeParam hciCmdParam = {
450 .simplePairingMode = simplePairingMode,
451 };
452 ret = HCI_WriteSimplePairingMode(&hciCmdParam);
453 } else {
454 ret = GAP_ERR_NOT_SUPPORT;
455 }
456
457 return ret;
458 }
459
GapWriteSecureConnectionsHostSupport(uint8_t support)460 static int GapWriteSecureConnectionsHostSupport(uint8_t support)
461 {
462 int ret;
463 if (BTM_IsControllerSupportSecureConnections()) {
464 HciWriteSecureConnectionsHostSupportParam hciCmdParam = {
465 .secureConnectionsHostSupport = support,
466 };
467
468 ret = HCI_WriteSecureConnectionsHostSupport(&hciCmdParam);
469 } else {
470 ret = GAP_SUCCESS;
471 }
472
473 return ret;
474 }
475
GAP_RegisterSecurityCallback(const GapSecurityCallback * callback,void * context)476 int GAP_RegisterSecurityCallback(const GapSecurityCallback *callback, void *context)
477 {
478 LOG_INFO("%{public}s:%{public}s", __FUNCTION__, callback ? "register" : "NULL");
479 if (callback == NULL) {
480 (void)memset_s(&g_securityCallback.callback,
481 sizeof(g_securityCallback.callback),
482 0x00,
483 sizeof(g_securityCallback.callback));
484 } else {
485 g_securityCallback.callback = *callback;
486 }
487 g_securityCallback.context = context;
488 return GAP_SUCCESS;
489 }
490
GAP_DeregisterSecurityCallback(void)491 int GAP_DeregisterSecurityCallback(void)
492 {
493 (void)memset_s(
494 &g_securityCallback.callback, sizeof(g_securityCallback.callback), 0x00, sizeof(g_securityCallback.callback));
495 g_securityCallback.context = NULL;
496 return GAP_SUCCESS;
497 }
498
GAP_SetSecurityMode(GAP_SecurityMode mode)499 int GAP_SetSecurityMode(GAP_SecurityMode mode)
500 {
501 LOG_INFO("%{public}s:mode[%{public}d]", __FUNCTION__, mode);
502
503 if (mode != SEC_MODE_2 && mode != SEC_MODE_4) {
504 return GAP_ERR_INVAL_PARAM;
505 }
506
507 if (GapIsBredrEnable() == false) {
508 return GAP_ERR_NOT_ENABLE;
509 }
510
511 int ret;
512 if (mode == SEC_MODE_4) {
513 ret = GapWriteSimplePairingMode(SIMPLE_PAIRING_ENABLED);
514 if (ret == BT_SUCCESS) {
515 ret = GapWriteSecureConnectionsHostSupport(SUPPORT_SECURE_CONNECTIONS);
516 }
517 } else {
518 ret = GapWriteSimplePairingMode(SIMPLE_PAIRING_DISABLED);
519 ret |= GapWriteSecureConnectionsHostSupport(UNSUPPORT_SECURE_CONNECTIONS);
520 }
521
522 if (ret == BT_SUCCESS) {
523 GAP_SecurityMode *secMode = GapGetSecurityMode();
524 *secMode = mode;
525 }
526
527 return GAP_SUCCESS;
528 }
529
GAP_AuthorizeRes(const BtAddr * addr,GAP_Service service,uint8_t accept)530 int GAP_AuthorizeRes(const BtAddr *addr, GAP_Service service, uint8_t accept)
531 {
532 int ret = GAP_SUCCESS;
533 ProfileSecurityBlock *profileSecurityBlock = NULL;
534 ConnectionInfoBlock *connectionInfoBlock = NULL;
535 ListNode *node = NULL;
536 RequestSecInfo *reqInfo = NULL;
537 DeviceInfo *devInfo = NULL;
538
539 LOG_INFO("%{public}s:" BT_ADDR_FMT " %{public}d, accept[%hhu]",
540 __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr), service, accept);
541
542 if (GapIsBredrEnable() == false) {
543 return GAP_ERR_NOT_ENABLE;
544 }
545
546 profileSecurityBlock = GapGetProfileSecurityBlock();
547 node = ListGetFirstNode(profileSecurityBlock->requestlist);
548 while (node != 0) {
549 reqInfo = ListGetNodeData(node);
550 if (reqInfo->info.direction == OUTGOING) {
551 node = ListGetNextNode(node);
552 continue;
553 }
554 if (reqInfo->info.serviceId == service && reqInfo->status == GAP_SEC_REQ_STATUS_ACTION) {
555 reqInfo->needAuthorization = false;
556 break;
557 } else {
558 ret = GAP_ERR_INVAL_STATE;
559 }
560 node = ListGetNextNode(node);
561 }
562
563 connectionInfoBlock = GapGetConnectionInfoBlock();
564 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
565 if (devInfo != NULL) {
566 if (devInfo->status == GAP_DEV_SEC_STATUS_ACTION) {
567 devInfo->status = GAP_DEV_SEC_STATUS_WAIT_DISC;
568 }
569 }
570
571 GapRequestSecurityProcess();
572 return ret;
573 }
574
GapDeviceLinkkeyIsAuthenticated(const DeviceInfo * deviceInfo)575 static bool GapDeviceLinkkeyIsAuthenticated(const DeviceInfo *deviceInfo)
576 {
577 if (deviceInfo->linkkeyType == AUTHENTICATED_COMBINATION_KEY_GENERATED_FROM_P192 ||
578 deviceInfo->linkkeyType == AUTHENTICATED_COMBINATION_KEY_GENERATED_FROM_P256 ||
579 deviceInfo->linkkeyType == COMBINATION_KEY) {
580 return true;
581 } else {
582 return false;
583 }
584 }
585
GapUpdateSecurityStatusUnauthenticationSuccess(const DeviceInfo * devInfo)586 static void GapUpdateSecurityStatusUnauthenticationSuccess(const DeviceInfo *devInfo)
587 {
588 if (devInfo->actionReq != NULL) {
589 if (devInfo->actionReq->needAuthentication) {
590 devInfo->actionReq->needAuthentication = false;
591 if (devInfo->actionReq->needMITM) {
592 devInfo->actionReq->status = GAP_SEC_REQ_STATUS_FAILED;
593 } else {
594 devInfo->actionReq->status = GAP_SEC_REQ_STATUS_SUCCESS;
595 }
596 }
597 if (devInfo->actionReq->needUnauthentication) {
598 devInfo->actionReq->needUnauthentication = false;
599 }
600 }
601 }
602
GapUpdateSecurityStatusAuthenticationSuccess(const DeviceInfo * devInfo)603 static void GapUpdateSecurityStatusAuthenticationSuccess(const DeviceInfo *devInfo)
604 {
605 ListNode *node = NULL;
606 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
607 RequestSecInfo *reqInfo = NULL;
608
609 node = ListGetFirstNode(profileSecurityBlock->requestlist);
610 while (node != 0) {
611 reqInfo = ListGetNodeData(node);
612 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->needAuthentication) {
613 reqInfo->needAuthentication = false;
614 }
615 node = ListGetNextNode(node);
616 }
617 }
618
GapUpdateSecurityStatusEncryptionSuccess(const DeviceInfo * devInfo)619 static void GapUpdateSecurityStatusEncryptionSuccess(const DeviceInfo *devInfo)
620 {
621 ListNode *node = NULL;
622 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
623 RequestSecInfo *reqInfo = NULL;
624
625 node = ListGetFirstNode(profileSecurityBlock->requestlist);
626 while (node != 0) {
627 reqInfo = ListGetNodeData(node);
628 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->needEncryption) {
629 reqInfo->needEncryption = false;
630 }
631 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_ENCRYPT) {
632 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_ACTION;
633 }
634 node = ListGetNextNode(node);
635 }
636 }
637
GapUpdateSecurityStatusFailed(const DeviceInfo * devInfo,uint8_t hciStatus)638 static void GapUpdateSecurityStatusFailed(const DeviceInfo *devInfo, uint8_t hciStatus)
639 {
640 ListNode *node = NULL;
641 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
642 RequestSecInfo *reqInfo = NULL;
643
644 node = ListGetFirstNode(profileSecurityBlock->requestlist);
645 while (node != 0) {
646 reqInfo = ListGetNodeData(node);
647 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_ACTION) {
648 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
649 reqInfo->hciStatus = hciStatus;
650 }
651 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_ENCRYPT) {
652 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
653 reqInfo->hciStatus = hciStatus;
654 }
655 node = ListGetNextNode(node);
656 }
657 }
658
GapUpdateSecurityStatusEncryptionTimeout(const DeviceInfo * devInfo)659 static void GapUpdateSecurityStatusEncryptionTimeout(const DeviceInfo *devInfo)
660 {
661 ListNode *node = NULL;
662 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
663 RequestSecInfo *reqInfo = NULL;
664
665 node = ListGetFirstNode(profileSecurityBlock->requestlist);
666 while (node != 0) {
667 reqInfo = ListGetNodeData(node);
668 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_ENCRYPT) {
669 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
670 }
671 node = ListGetNextNode(node);
672 }
673 }
674
GapUpdateSecurityStatusAclDisconnect(const DeviceInfo * devInfo,uint8_t hciStatus)675 static void GapUpdateSecurityStatusAclDisconnect(const DeviceInfo *devInfo, uint8_t hciStatus)
676 {
677 ListNode *node = NULL;
678 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
679 RequestSecInfo *reqInfo = NULL;
680
681 node = ListGetFirstNode(profileSecurityBlock->requestlist);
682 while (node != 0) {
683 reqInfo = ListGetNodeData(node);
684 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr)) {
685 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
686 reqInfo->hciStatus = hciStatus;
687 }
688 node = ListGetNextNode(node);
689 }
690 }
691
GapUpdateSecurityStatusConnectComplete(const DeviceInfo * devInfo)692 static void GapUpdateSecurityStatusConnectComplete(const DeviceInfo *devInfo)
693 {
694 ListNode *node = NULL;
695 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
696 RequestSecInfo *reqInfo = NULL;
697
698 node = ListGetFirstNode(profileSecurityBlock->requestlist);
699 while (node != 0) {
700 reqInfo = ListGetNodeData(node);
701 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_CONNECT) {
702 if (*GapGetSecurityMode() == SEC_MODE_2) {
703 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_ACTION;
704 } else {
705 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_FEATURE;
706 }
707 }
708 node = ListGetNextNode(node);
709 }
710 }
711
GapUpdateSecurityStatusFeatureComplete(DeviceInfo * devInfo)712 static void GapUpdateSecurityStatusFeatureComplete(DeviceInfo *devInfo)
713 {
714 ListNode *node = NULL;
715 ProfileSecurityBlock *profileSecurityBlock = GapGetProfileSecurityBlock();
716 RequestSecInfo *reqInfo = NULL;
717
718 node = ListGetFirstNode(profileSecurityBlock->requestlist);
719 while (node != NULL) {
720 reqInfo = ListGetNodeData(node);
721 node = ListGetNextNode(node);
722 if (GapAddrCompare(&devInfo->addr, &reqInfo->addr) && reqInfo->status == GAP_SEC_REQ_STATUS_WAIT_FEATURE) {
723 if (!devInfo->supportSSP || reqInfo->info.direction == OUTGOING || devInfo->isEncryption) {
724 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_ACTION;
725 continue;
726 }
727 reqInfo->status = GAP_SEC_REQ_STATUS_WAIT_ENCRYPT;
728 if (devInfo->waitEncryptAlarm == NULL) {
729 devInfo->waitEncryptAlarm = AlarmCreate("wait encrypt", false);
730 }
731 }
732 }
733 }
734
GapUpdateSecurityRequest(DeviceInfo * devInfo,enum DeviceSecurityEvent event,uint8_t hciStatus)735 void GapUpdateSecurityRequest(DeviceInfo *devInfo, enum DeviceSecurityEvent event, uint8_t hciStatus)
736 {
737 switch (event) {
738 case GAP_SEC_EVENT_CONNECT_COMP:
739 GapUpdateSecurityStatusConnectComplete(devInfo);
740 break;
741 case GAP_SEC_EVENT_FEATURE_COMP:
742 GapUpdateSecurityStatusFeatureComplete(devInfo);
743 break;
744 case GAP_SEC_EVENT_UNAUTH_SUCCESS:
745 GapUpdateSecurityStatusUnauthenticationSuccess(devInfo);
746 break;
747 case GAP_SEC_EVENT_AUTH_SUCCESS:
748 GapUpdateSecurityStatusAuthenticationSuccess(devInfo);
749 break;
750 case GAP_SEC_EVENT_ENC_SUCCESS:
751 if (devInfo->waitEncryptAlarm != NULL) {
752 AlarmCancel(devInfo->waitEncryptAlarm);
753 AlarmDelete(devInfo->waitEncryptAlarm);
754 devInfo->waitEncryptAlarm = NULL;
755 }
756 GapUpdateSecurityStatusEncryptionSuccess(devInfo);
757 break;
758 case GAP_SEC_EVENT_ENC_FAILED:
759 if (devInfo->waitEncryptAlarm != NULL) {
760 AlarmCancel(devInfo->waitEncryptAlarm);
761 AlarmDelete(devInfo->waitEncryptAlarm);
762 devInfo->waitEncryptAlarm = NULL;
763 }
764 GapUpdateSecurityStatusFailed(devInfo, hciStatus);
765 break;
766 case GAP_SEC_EVENT_AUTH_FAILED:
767 GapUpdateSecurityStatusFailed(devInfo, hciStatus);
768 break;
769 case GAP_SEC_EVENT_WAIT_ENC_TIMEOUT:
770 GapUpdateSecurityStatusEncryptionTimeout(devInfo);
771 break;
772 case GAP_SEC_EVENT_ACL_DISCONNECT:
773 GapUpdateSecurityStatusAclDisconnect(devInfo, hciStatus);
774 break;
775 default:
776 break;
777 }
778 }
779
GapAuthenticationRequested(uint16_t handle)780 static int GapAuthenticationRequested(uint16_t handle)
781 {
782 HciAuthenticationRequestedParam hciCmdParam = {
783 .connectionHandle = handle,
784 };
785
786 return HCI_AuthenticationRequested(&hciCmdParam);
787 }
788
GapAuthenticationWaitRetryTimeoutTask(void * ctx)789 static void GapAuthenticationWaitRetryTimeoutTask(void *ctx)
790 {
791 RequestSecInfo *reqInfo = ListForEachData(
792 GapGetProfileSecurityBlock()->requestlist, GapFindCmpListData, ((GapGeneralPointerInfo *)ctx)->pointer);
793 if (reqInfo != NULL) {
794 DeviceInfo *deviceInfo =
795 ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, &reqInfo->addr);
796 if (deviceInfo != NULL) {
797 deviceInfo->authenticationStatus = GAP_AUTH_STATUS_RETRY;
798 deviceInfo->actionReq = NULL;
799 GapRequestSecurityProcess();
800 } else {
801 BTM_AclConnect(&reqInfo->addr);
802 }
803 }
804 }
805
GapAuthenticationWaitRetryTimeout(void * parameter)806 static void GapAuthenticationWaitRetryTimeout(void *parameter)
807 {
808 LOG_INFO("%{public}s: ", __FUNCTION__);
809 GapGeneralPointerInfo *ctx = MEM_MALLOC.alloc(sizeof(GapGeneralPointerInfo));
810 if (ctx == NULL) {
811 LOG_ERROR("%{public}s: Alloc error.", __FUNCTION__);
812 return;
813 }
814
815 ctx->pointer = parameter;
816
817 int ret = GapRunTaskUnBlockProcess(GapAuthenticationWaitRetryTimeoutTask, ctx, NULL);
818 if (ret != BT_SUCCESS) {
819 LOG_ERROR("%{public}s: Task error:%{public}d.", __FUNCTION__, ret);
820 }
821 }
822
GapAuthenticationClearInfo(RequestSecInfo * reqInfo)823 void GapAuthenticationClearInfo(RequestSecInfo *reqInfo)
824 {
825 if (reqInfo == NULL) {
826 return;
827 }
828 if (reqInfo->waitRetryalarm != NULL) {
829 AlarmCancel(reqInfo->waitRetryalarm);
830 AlarmDelete(reqInfo->waitRetryalarm);
831 reqInfo->waitRetryalarm = NULL;
832 }
833 }
834
GapAuthenticationRetry(DeviceInfo * deviceInfo,RequestSecInfo * reqInfo,uint8_t hciStatus)835 void GapAuthenticationRetry(DeviceInfo *deviceInfo, RequestSecInfo *reqInfo, uint8_t hciStatus)
836 {
837 if (reqInfo == NULL) {
838 return;
839 }
840
841 if (reqInfo->waitRetryalarm == NULL) {
842 reqInfo->waitRetryalarm = AlarmCreate("retry pair", false);
843 }
844
845 if (++reqInfo->retryCount <= GAP_PAIR_RETRY_COUNT) {
846 AlarmCancel(reqInfo->waitRetryalarm);
847 AlarmSet(reqInfo->waitRetryalarm, GAP_PAIR_RETRY_WAIT_TIME, GapAuthenticationWaitRetryTimeout, reqInfo);
848 } else {
849 if (deviceInfo != NULL) {
850 GapUpdateSecurityRequest(deviceInfo, GAP_SEC_EVENT_AUTH_FAILED, hciStatus);
851 } else {
852 reqInfo->status = GAP_SEC_REQ_STATUS_FAILED;
853 reqInfo->hciStatus = hciStatus;
854 if (reqInfo->info.serviceId == GAP) {
855 GapDoAuthenticationCallback(reqInfo);
856 }
857 if (!reqInfo->doCallback) {
858 reqInfo->doCallback = true;
859 GapDoSecurityCallback(reqInfo);
860 }
861 }
862 }
863 }
864
GapOnAuthenticationComplete(const HciAuthenticationCompleteEventParam * eventParam)865 NO_SANITIZE("cfi") void GapOnAuthenticationComplete(const HciAuthenticationCompleteEventParam *eventParam)
866 {
867 LOG_DEBUG("%{public}s:", __FUNCTION__);
868 bool inDedicatedBonding = false;
869 bool isGapRequest = false;
870 bool callback = true;
871 BtAddr addr = {0};
872
873 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
874 DeviceInfo *deviceInfo = ListForEachData(
875 connectionInfoBlock->devicelist, GapFindConnectionDeviceByHandle, (void *)&eventParam->connectionHandle);
876 if (deviceInfo != NULL) {
877 isGapRequest = (deviceInfo->actionReq && deviceInfo->actionReq->info.serviceId == GAP);
878 deviceInfo->authenticationStatus = GAP_AUTH_STATUS_IDLE;
879 if (eventParam->status == HCI_SUCCESS) {
880 if (GapDeviceLinkkeyIsAuthenticated(deviceInfo)) {
881 deviceInfo->isAuthentication = true;
882 GapUpdateSecurityRequest(deviceInfo, GAP_SEC_EVENT_AUTH_SUCCESS, eventParam->status);
883 } else {
884 GapUpdateSecurityRequest(deviceInfo, GAP_SEC_EVENT_UNAUTH_SUCCESS, eventParam->status);
885 }
886 GapReadNewLocalOOBData();
887 GapAuthenticationClearInfo(deviceInfo->actionReq);
888 deviceInfo->actionReq = NULL;
889 } else if ((eventParam->status == HCI_PIN_OR_KEY_MISSING && GapIsKeyMissingRetry()) ||
890 BtmInteropIsMatchedAddr(INTEROP_AUTO_RETRY_PAIRING, &deviceInfo->addr)) {
891 deviceInfo->authenticationStatus = GAP_AUTH_STATUS_WAIT_RETRY;
892 GapAuthenticationRetry(deviceInfo, deviceInfo->actionReq, eventParam->status);
893 callback = false;
894 } else {
895 GapUpdateSecurityRequest(deviceInfo, GAP_SEC_EVENT_AUTH_FAILED, eventParam->status);
896 deviceInfo->actionReq = NULL;
897 }
898 inDedicatedBonding = deviceInfo->inDedicatedBonding;
899 (void)memcpy_s(&addr, sizeof(BtAddr), &deviceInfo->addr, sizeof(BtAddr));
900 if (deviceInfo->status == GAP_DEV_SEC_STATUS_ACTION) {
901 deviceInfo->status = GAP_DEV_SEC_STATUS_WAIT_DISC;
902 }
903 }
904
905 GapRequestSecurityProcess();
906
907 if (g_authenticationCallback.callback.authenticationComplete) {
908 if (inDedicatedBonding == true) {
909 if (isGapRequest || callback) {
910 g_authenticationCallback.callback.authenticationComplete(
911 &addr, eventParam->status, g_authenticationCallback.context);
912 }
913 } else if (inDedicatedBonding == false && callback) {
914 g_authenticationCallback.callback.authenticationComplete(
915 &addr, eventParam->status, g_authenticationCallback.context);
916 }
917 }
918 }
919
GapIOCapabilityRequestReply(const BtAddr * addr,uint8_t ioCapability,uint8_t authReq,uint8_t oobDataPresent)920 static int GapIOCapabilityRequestReply(
921 const BtAddr *addr, uint8_t ioCapability, uint8_t authReq, uint8_t oobDataPresent)
922 {
923 bool isDedicatedBonding = false;
924 uint8_t authenticationRequirements = AUTHENTICATION_UNKNOWN_MITM;
925
926 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
927 DeviceInfo *devInfo = NULL;
928 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
929 if (devInfo != NULL) {
930 devInfo->localIOCap = ioCapability;
931 isDedicatedBonding = devInfo->inDedicatedBonding;
932 authenticationRequirements = devInfo->remoteAuthReq;
933 }
934
935 if (authenticationRequirements == AUTHENTICATION_UNKNOWN_MITM) {
936 if (!GapIsBondMode()) {
937 authenticationRequirements = AUTHENTICATION_NO_MITM_NO_BONDING + authReq;
938 } else if (isDedicatedBonding) {
939 authenticationRequirements = AUTHENTICATION_NO_MITM_DEDICATED_BONDING + authReq;
940 } else {
941 authenticationRequirements = AUTHENTICATION_NO_MITM_GENERAL_BONDING + authReq;
942 }
943 }
944
945 HciIOCapabilityRequestReplyParam hciCmdParam;
946 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
947 hciCmdParam.ioCapability = ioCapability;
948 hciCmdParam.authenticationRequirements = authenticationRequirements;
949 hciCmdParam.oobDataPresent = oobDataPresent;
950
951 return HCI_IOCapabilityRequestReply(&hciCmdParam);
952 }
953
GapIOCapabilityRequestNegativeReply(const BtAddr * addr,uint8_t reason)954 static int GapIOCapabilityRequestNegativeReply(const BtAddr *addr, uint8_t reason)
955 {
956 HciIoCapabilityRequestNegativeReplyParam hciCmdParam;
957
958 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
959 hciCmdParam.reason = reason;
960
961 return HCI_IOCapabilityRequestNegativeReply(&hciCmdParam);
962 }
963
GapOnIOCapabilityRequestEvent(const HciIoCapabilityRequestEventParam * eventParam)964 NO_SANITIZE("cfi") void GapOnIOCapabilityRequestEvent(const HciIoCapabilityRequestEventParam *eventParam)
965 {
966 LOG_DEBUG("%{public}s:" BT_ADDR_FMT "", __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
967 BtAddr addr = BT_ADDR_NULL;
968 bool doReject = false;
969 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
970
971 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
972 DeviceInfo *devInfo = NULL;
973 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)&addr);
974 if (devInfo != NULL) {
975 if (devInfo->authenticationStatus == GAP_AUTH_STATUS_IDLE) {
976 GapStartUseAclConnection(devInfo, GAP_USE_ACL_CONNECTION_TIME);
977 }
978 if ((GapIsBondMode() == false) && (devInfo->remoteAuthReq != AUTHENTICATION_UNKNOWN_MITM) &&
979 (devInfo->remoteAuthReq != AUTHENTICATION_MITM_NO_BONDING) &&
980 (devInfo->remoteAuthReq != AUTHENTICATION_NO_MITM_NO_BONDING)) {
981 doReject = true;
982 }
983 }
984
985 if (doReject) {
986 GapIOCapabilityRequestNegativeReply(&addr, HCI_PAIRING_NOT_ALLOWED);
987 } else {
988 if (g_authenticationCallback.callback.IOCapabilityReq) {
989 g_authenticationCallback.callback.IOCapabilityReq(&addr, g_authenticationCallback.context);
990 } else {
991 LOG_INFO("Not Register");
992 GapIOCapabilityRequestNegativeReply(&addr, HCI_PAIRING_NOT_ALLOWED);
993 }
994 }
995 }
996
GapIOCapabilityRequestReplyComplete(const HciIOCapabilityRequestReplyReturnParam * param)997 void GapIOCapabilityRequestReplyComplete(const HciIOCapabilityRequestReplyReturnParam *param)
998 {
999 if (param->status != HCI_SUCCESS) {
1000 BtAddr addr = BT_ADDR_NULL;
1001 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1002 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed: %02x",
1003 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1004 GapIOCapabilityRequestNegativeReply(&addr, HCI_PAIRING_NOT_ALLOWED);
1005 }
1006 }
1007
GapIOCapabilityRequestNegativeReplyComplete(const HciIoCapabilityRequestNegativeReplyReturnParam * param)1008 void GapIOCapabilityRequestNegativeReplyComplete(const HciIoCapabilityRequestNegativeReplyReturnParam *param)
1009 {
1010 if (param->status != HCI_SUCCESS) {
1011 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed: %02x",
1012 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1013 }
1014 }
1015
GapOnIOCapabilityResponseEvent(const HciIoCapabilityResponseEventParam * eventParam)1016 NO_SANITIZE("cfi") void GapOnIOCapabilityResponseEvent(const HciIoCapabilityResponseEventParam *eventParam)
1017 {
1018 LOG_DEBUG("%{public}s:" BT_ADDR_FMT "", __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1019 BtAddr addr = BT_ADDR_NULL;
1020
1021 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1022
1023 DeviceInfo *devInfo = NULL;
1024 devInfo = ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void *)&addr);
1025 if (devInfo != NULL) {
1026 devInfo->remoteAuthReq = eventParam->authenticationRequirements;
1027 }
1028
1029 if (g_authenticationCallback.callback.IOCapabilityRsp) {
1030 g_authenticationCallback.callback.IOCapabilityRsp(
1031 &addr, eventParam->IOCapability, g_authenticationCallback.context);
1032 }
1033 }
1034
GAP_RegisterAuthenticationCallback(const GapAuthenticationCallback * callback,void * context)1035 int GAP_RegisterAuthenticationCallback(const GapAuthenticationCallback *callback, void *context)
1036 {
1037 LOG_INFO("%{public}s:%{public}s", __FUNCTION__, callback ? "register" : "NULL");
1038 if (callback == NULL) {
1039 (void)memset_s(&g_authenticationCallback.callback,
1040 sizeof(g_authenticationCallback.callback),
1041 0x00,
1042 sizeof(g_authenticationCallback.callback));
1043 } else {
1044 g_authenticationCallback.callback = *callback;
1045 }
1046 g_authenticationCallback.context = context;
1047 return GAP_SUCCESS;
1048 }
1049
GAP_DeregisterAuthenticationCallback(void)1050 int GAP_DeregisterAuthenticationCallback(void)
1051 {
1052 (void)memset_s(&g_authenticationCallback.callback,
1053 sizeof(g_authenticationCallback.callback),
1054 0x00,
1055 sizeof(g_authenticationCallback.callback));
1056 g_authenticationCallback.context = NULL;
1057 return GAP_SUCCESS;
1058 }
1059
GAP_AuthenticationReq(const BtAddr * addr)1060 int GAP_AuthenticationReq(const BtAddr *addr)
1061 {
1062 int ret = GAP_SUCCESS;
1063 ConnectionInfoBlock *connectionInfoBlock = NULL;
1064 ProfileSecurityBlock *profileSecurityBlock = NULL;
1065 DeviceInfo *deviceInfo = NULL;
1066
1067 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1068
1069 if (GapIsBredrEnable() == false) {
1070 return GAP_ERR_NOT_ENABLE;
1071 }
1072
1073 if (!GapIsBondMode()) {
1074 ret = GAP_ERR_INVAL_STATE;
1075 } else {
1076 RequestSecInfo *secInfo = NULL;
1077 ProfileSecurityInfo tempInfo = {0};
1078 tempInfo.info.serviceId = GAP;
1079 tempInfo.info.direction = OUTGOING;
1080 tempInfo.securityMode = GAP_SEC_OUT_AUTHENTICATION;
1081 connectionInfoBlock = GapGetConnectionInfoBlock();
1082 profileSecurityBlock = GapGetProfileSecurityBlock();
1083 secInfo = GapAllocReqSecInfo(addr, NULL, NULL, &tempInfo);
1084 if (secInfo != NULL) {
1085 ListAddFirst(profileSecurityBlock->requestlist, secInfo);
1086 deviceInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
1087 if (deviceInfo != NULL) {
1088 GapRequestSecurityProcess();
1089 } else {
1090 ret = BTM_AclConnect(addr);
1091 }
1092 } else {
1093 ret = GAP_ERR_OUT_OF_RES;
1094 }
1095 }
1096
1097 return ret;
1098 }
1099
GAP_CancelAuthenticationReq(const BtAddr * addr)1100 int GAP_CancelAuthenticationReq(const BtAddr *addr)
1101 {
1102 if (GapIsBredrEnable() == false) {
1103 return GAP_ERR_NOT_ENABLE;
1104 }
1105
1106 DeviceInfo *devInfo = NULL;
1107 devInfo = ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
1108 if (devInfo != NULL) {
1109 if (devInfo->status == GAP_DEV_SEC_STATUS_ACTION) {
1110 devInfo->status = GAP_DEV_SEC_STATUS_IDLE;
1111 BTM_AclRelease(devInfo->handle);
1112 }
1113 }
1114
1115 return GAP_SUCCESS;
1116 }
1117
GAP_IOCapabilityRsp(const BtAddr * addr,uint8_t accept,uint8_t ioCapability,uint8_t oobDataPresent,uint8_t authReq)1118 int GAP_IOCapabilityRsp(
1119 const BtAddr *addr, uint8_t accept, uint8_t ioCapability, uint8_t oobDataPresent, uint8_t authReq)
1120 {
1121 int ret;
1122
1123 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1124
1125 if (GapIsBredrEnable() == false) {
1126 return GAP_ERR_NOT_ENABLE;
1127 }
1128
1129 DeviceInfo *devInfo = NULL;
1130 devInfo = ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
1131 if (devInfo != NULL && devInfo->actionReq != NULL) {
1132 if (!devInfo->actionReq->needAuthentication && devInfo->actionReq->needUnauthentication) {
1133 if (authReq == GAP_MITM_REQUIRED) {
1134 authReq = GAP_MITM_NOT_REQUIRED;
1135 }
1136 }
1137 }
1138
1139 if (accept == GAP_ACCEPT) {
1140 ret = GapIOCapabilityRequestReply(addr, ioCapability, authReq, oobDataPresent);
1141 } else if (accept == GAP_NOT_ACCEPT) {
1142 ret = GapIOCapabilityRequestNegativeReply(addr, HCI_PAIRING_NOT_ALLOWED);
1143 } else {
1144 ret = GAP_ERR_INVAL_PARAM;
1145 }
1146
1147 return ret;
1148 }
1149
GapUserConfirmationRequestReply(const BtAddr * addr)1150 static int GapUserConfirmationRequestReply(const BtAddr *addr)
1151 {
1152 HciUserConfirmationRequestReplyParam hciCmdParam;
1153
1154 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1155
1156 return HCI_UserConfirmationRequestReply(&hciCmdParam);
1157 }
1158
GapUserConfirmationRequestNegativeReply(const BtAddr * addr)1159 static int GapUserConfirmationRequestNegativeReply(const BtAddr *addr)
1160 {
1161 HciUserConfirmationRequestNegativeReplyParam hciCmdParam;
1162
1163 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1164
1165 return HCI_UserConfirmationRequestNegativeReply(&hciCmdParam);
1166 }
1167
GapOnUserConfirmationRequestEvent(const HciUserConfirmationRequestEventParam * eventParam)1168 NO_SANITIZE("cfi") void GapOnUserConfirmationRequestEvent(const HciUserConfirmationRequestEventParam *eventParam)
1169 {
1170 LOG_INFO("%{public}s:" BT_ADDR_FMT "", __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1171 BtAddr addr = BT_ADDR_NULL;
1172 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1173
1174 int localMitmRequired = GAP_MITM_REQUIRED;
1175 int remoteMitmRequired = GAP_MITM_REQUIRED;
1176 DeviceInfo *devInfo =
1177 ListForEachData(GapGetConnectionInfoBlock()->devicelist, GapFindConnectionDeviceByAddr, (void*)&addr);
1178
1179 if (devInfo != NULL) {
1180 remoteMitmRequired = devInfo->remoteAuthReq & GAP_MITM_REQUIRED;
1181 if (devInfo->actionReq != NULL) {
1182 if (!devInfo->actionReq->needAuthentication && devInfo->actionReq->needUnauthentication) {
1183 localMitmRequired = GAP_MITM_NOT_REQUIRED;
1184 }
1185 } else {
1186 localMitmRequired = remoteMitmRequired;
1187 }
1188 }
1189
1190 if (g_authenticationCallback.callback.userConfirmReq) {
1191 g_authenticationCallback.callback.userConfirmReq(
1192 &addr, eventParam->numericValue,localMitmRequired, remoteMitmRequired, g_authenticationCallback.context);
1193 } else {
1194 GapUserConfirmationRequestNegativeReply(&addr);
1195 }
1196 }
1197
GapUserConfirmationRequestReplyComplete(const HciUserConfirmationRequestReplyReturnParam * param)1198 void GapUserConfirmationRequestReplyComplete(const HciUserConfirmationRequestReplyReturnParam *param)
1199 {
1200 if (param->status != HCI_SUCCESS) {
1201 BtAddr addr = BT_ADDR_NULL;
1202 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1203 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1204 GapUserConfirmationRequestNegativeReply(&addr);
1205 }
1206 }
1207
GapUserConfirmationRequestNegativeReplyComplete(const HciUserConfirmationRequestNegativeReplyReturnParam * param)1208 void GapUserConfirmationRequestNegativeReplyComplete(const HciUserConfirmationRequestNegativeReplyReturnParam *param)
1209 {
1210 if (param->status != HCI_SUCCESS) {
1211 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__,
1212 BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1213 }
1214 }
1215
GAP_UserConfirmRsp(const BtAddr * addr,uint8_t accept)1216 int GAP_UserConfirmRsp(const BtAddr *addr, uint8_t accept)
1217 {
1218 int ret;
1219
1220 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1221
1222 if (GapIsBredrEnable() == false) {
1223 return GAP_ERR_NOT_ENABLE;
1224 }
1225
1226 if (accept == GAP_ACCEPT) {
1227 ret = GapUserConfirmationRequestReply(addr);
1228 } else if (accept == GAP_NOT_ACCEPT) {
1229 ret = GapUserConfirmationRequestNegativeReply(addr);
1230 } else {
1231 ret = GAP_ERR_INVAL_PARAM;
1232 }
1233
1234 return ret;
1235 }
1236
GapUserPasskeyRequestReply(const BtAddr * addr,int numericValue)1237 static int GapUserPasskeyRequestReply(const BtAddr *addr, int numericValue)
1238 {
1239 HciUserPasskeyRequestReplyParam hciCmdParam;
1240
1241 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1242 hciCmdParam.numericValue = numericValue;
1243
1244 return HCI_UserPasskeyRequestReply(&hciCmdParam);
1245 }
1246
GapUserPasskeyRequestNegativeReply(const BtAddr * addr)1247 static int GapUserPasskeyRequestNegativeReply(const BtAddr *addr)
1248 {
1249 HciUserPasskeyRequestNegativeReplyParam hciCmdParam;
1250
1251 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1252
1253 return HCI_UserPasskeyRequestNegativeReply(&hciCmdParam);
1254 }
1255
GapOnUserPasskeyNotificationEvent(const HciUserPasskeyNotificationEventParam * eventParam)1256 void GapOnUserPasskeyNotificationEvent(const HciUserPasskeyNotificationEventParam *eventParam)
1257 {
1258 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1259 BtAddr addr = BT_ADDR_NULL;
1260
1261 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1262 if (g_authenticationCallback.callback.userPasskeyNotification) {
1263 g_authenticationCallback.callback.userPasskeyNotification(
1264 &addr, eventParam->passkey, g_authenticationCallback.context);
1265 } else {
1266 LOG_WARN("%{public}s:not register callback", __FUNCTION__);
1267 }
1268 }
1269
GapOnUserPasskeyRequestEvent(const HciUserPasskeyRequestEventParam * eventParam)1270 void GapOnUserPasskeyRequestEvent(const HciUserPasskeyRequestEventParam *eventParam)
1271 {
1272 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1273 BtAddr addr = BT_ADDR_NULL;
1274
1275 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1276
1277 if (g_authenticationCallback.callback.userPasskeyReq) {
1278 g_authenticationCallback.callback.userPasskeyReq(&addr, g_authenticationCallback.context);
1279 } else {
1280 GapUserPasskeyRequestNegativeReply(&addr);
1281 }
1282 }
1283
GapUserPasskeyRequestReplyComplete(const HciUserPasskeyRequestReplyReturnParam * param)1284 void GapUserPasskeyRequestReplyComplete(const HciUserPasskeyRequestReplyReturnParam *param)
1285 {
1286 if (param->status != HCI_SUCCESS) {
1287 BtAddr addr = BT_ADDR_NULL;
1288 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1289 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1290 GapUserPasskeyRequestNegativeReply(&addr);
1291 }
1292 }
1293
GapUserPasskeyRequestNegativeReplyComplete(const HciUserPasskeyRequestNegativeReplyReturnParam * param)1294 void GapUserPasskeyRequestNegativeReplyComplete(const HciUserPasskeyRequestNegativeReplyReturnParam *param)
1295 {
1296 if (param->status != HCI_SUCCESS) {
1297 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x",
1298 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1299 }
1300 }
1301
GAP_UserPasskeyRsp(const BtAddr * addr,uint8_t accept,uint32_t number)1302 int GAP_UserPasskeyRsp(const BtAddr *addr, uint8_t accept, uint32_t number)
1303 {
1304 int ret;
1305
1306 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1307
1308 if (GapIsBredrEnable() == false) {
1309 return GAP_ERR_NOT_ENABLE;
1310 }
1311
1312 if (accept == GAP_ACCEPT) {
1313 ret = GapUserPasskeyRequestReply(addr, number);
1314 } else if (accept == GAP_NOT_ACCEPT) {
1315 ret = GapUserPasskeyRequestNegativeReply(addr);
1316 } else {
1317 ret = GAP_ERR_INVAL_PARAM;
1318 }
1319
1320 return ret;
1321 }
1322
GapRemoteOOBDataRequestReply(const BtAddr * addr,const uint8_t * c,const uint8_t * r)1323 static int GapRemoteOOBDataRequestReply(const BtAddr *addr, const uint8_t *c, const uint8_t *r)
1324 {
1325 HciRemoteOobDataRequestReplyParam hciCmdParam;
1326 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1327 (void)memcpy_s(hciCmdParam.C, GAP_OOB_DATA_CONFIRM_SIZE, c, GAP_OOB_DATA_CONFIRM_SIZE);
1328 (void)memcpy_s(hciCmdParam.r, GAP_OOB_DATA_RANDOM_SIZE, r, GAP_OOB_DATA_RANDOM_SIZE);
1329
1330 return HCI_RemoteOOBDataRequestReply(&hciCmdParam);
1331 }
1332
GapRemoteOOBDataRequestNegativeReply(const BtAddr * addr)1333 static int GapRemoteOOBDataRequestNegativeReply(const BtAddr *addr)
1334 {
1335 HciRemoteOobDataRequestNegativeReplyParam hciCmdParam;
1336
1337 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1338
1339 return HCI_RemoteOOBDataRequestNegativeReply(&hciCmdParam);
1340 }
1341
GapOnRemoteOOBDataRequestEvent(const HciRemoteOobDataRequestEventParam * eventParam)1342 void GapOnRemoteOOBDataRequestEvent(const HciRemoteOobDataRequestEventParam *eventParam)
1343 {
1344 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1345 BtAddr addr;
1346
1347 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1348
1349 if (g_authenticationCallback.callback.remoteOobReq) {
1350 g_authenticationCallback.callback.remoteOobReq(&addr, g_authenticationCallback.context);
1351 } else {
1352 GapRemoteOOBDataRequestNegativeReply(&addr);
1353 }
1354 }
1355
GapRemoteOOBDataRequestReplyComplete(const HciRemoteOobDataRequestReplyReturnParam * param)1356 void GapRemoteOOBDataRequestReplyComplete(const HciRemoteOobDataRequestReplyReturnParam *param)
1357 {
1358 if (param->status != HCI_SUCCESS) {
1359 BtAddr addr;
1360 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1361 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1362 GapRemoteOOBDataRequestNegativeReply(&addr);
1363 }
1364 }
1365
GapRemoteOOBExtendedDataRequestReplyComplete(const HciRemoteOobExtendedDataRequestReplyReturnParam * param)1366 void GapRemoteOOBExtendedDataRequestReplyComplete(const HciRemoteOobExtendedDataRequestReplyReturnParam *param)
1367 {
1368 if (param->status != HCI_SUCCESS) {
1369 BtAddr addr;
1370 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1371 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1372 GapRemoteOOBDataRequestNegativeReply(&addr);
1373 }
1374 }
1375
GapRemoteOOBDataRequestNegativeReplyComplete(const HciRemoteOobDataRequestNegativeReplyReturnParam * param)1376 void GapRemoteOOBDataRequestNegativeReplyComplete(const HciRemoteOobDataRequestNegativeReplyReturnParam *param)
1377 {
1378 if (param->status != HCI_SUCCESS) {
1379 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x",
1380 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1381 }
1382 }
1383
GAP_RemoteOobRsp(const BtAddr * addr,uint8_t accept,const GapOOBData * data)1384 int GAP_RemoteOobRsp(const BtAddr *addr, uint8_t accept, const GapOOBData *data)
1385 {
1386 int ret;
1387
1388 if (GapIsBredrEnable() == false) {
1389 return GAP_ERR_NOT_ENABLE;
1390 }
1391
1392 if (addr == NULL || data == NULL) {
1393 return GAP_ERR_INVAL_PARAM;
1394 }
1395
1396 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1397
1398 if (accept == GAP_ACCEPT) {
1399 ret = GapRemoteOOBDataRequestReply(addr, (uint8_t *)data->C, (uint8_t *)data->R);
1400 } else if (accept == GAP_NOT_ACCEPT) {
1401 ret = GapRemoteOOBDataRequestNegativeReply(addr);
1402 } else {
1403 ret = GAP_ERR_INVAL_PARAM;
1404 }
1405
1406 return ret;
1407 }
1408
GapPINCodeRequestReply(const BtAddr * addr,uint8_t pinCode[GAP_PINCODE_SIZE],uint8_t pinCodeLength)1409 static int GapPINCodeRequestReply(const BtAddr *addr, uint8_t pinCode[GAP_PINCODE_SIZE], uint8_t pinCodeLength)
1410 {
1411 HciPinCodeRequestReplyParam hciCmdParam;
1412
1413 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1414 (void)memcpy_s(hciCmdParam.pinCode, GAP_PINCODE_SIZE, pinCode, GAP_PINCODE_SIZE);
1415 hciCmdParam.pinCodeLength = pinCodeLength;
1416
1417 return HCI_PINCodeRequestReply(&hciCmdParam);
1418 }
1419
GapPINCodeRequestNegativeReply(const BtAddr * addr)1420 static int GapPINCodeRequestNegativeReply(const BtAddr *addr)
1421 {
1422 HciPinCodeRequestNegativeReplyParam hciCmdParam;
1423
1424 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1425
1426 return HCI_PINCodeRequestNegativeReply(&hciCmdParam);
1427 }
1428
GapOnPINCodeRequestEvent(const HciPinCodeRequestEventParam * eventParam)1429 void GapOnPINCodeRequestEvent(const HciPinCodeRequestEventParam *eventParam)
1430 {
1431 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1432 BtAddr addr;
1433 bool isBondableMode = false;
1434
1435 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1436
1437 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1438 DeviceInfo *devInfo = NULL;
1439 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)&addr);
1440 if (devInfo != NULL) {
1441 if (devInfo->authenticationStatus == GAP_AUTH_STATUS_IDLE) {
1442 GapStartUseAclConnection(devInfo, GAP_USE_ACL_CONNECTION_TIME);
1443 }
1444 }
1445
1446 isBondableMode = GapIsBondMode();
1447 if (isBondableMode == false) {
1448 GapPINCodeRequestNegativeReply(&addr);
1449 } else if (g_authenticationCallback.callback.pinCodeReq) {
1450 g_authenticationCallback.callback.pinCodeReq(&addr, g_authenticationCallback.context);
1451 } else {
1452 GapPINCodeRequestNegativeReply(&addr);
1453 }
1454 }
1455
GapPINCodeRequestReplyComplete(const HciPinCodeRequestReplyReturnParam * param)1456 void GapPINCodeRequestReplyComplete(const HciPinCodeRequestReplyReturnParam *param)
1457 {
1458 if (param->status != HCI_SUCCESS) {
1459 BtAddr addr;
1460 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1461 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1462 GapPINCodeRequestNegativeReply(&addr);
1463 }
1464 }
1465
GapPINCodeRequestNegativeReplyComplete(const HciPinCodeRequestNegativeReplyReturnParam * param)1466 void GapPINCodeRequestNegativeReplyComplete(const HciPinCodeRequestNegativeReplyReturnParam *param)
1467 {
1468 if (param->status != HCI_SUCCESS) {
1469 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x",
1470 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1471 }
1472 }
1473
GAP_PinCodeRsp(const BtAddr * addr,uint8_t accept,const uint8_t * pinCode,uint8_t pinCodeLength)1474 int GAP_PinCodeRsp(const BtAddr *addr, uint8_t accept, const uint8_t *pinCode, uint8_t pinCodeLength)
1475 {
1476 int ret;
1477
1478 if (GapIsBredrEnable() == false) {
1479 return GAP_ERR_NOT_ENABLE;
1480 }
1481
1482 if (addr == NULL) {
1483 return GAP_ERR_INVAL_PARAM;
1484 } else if (accept == GAP_ACCEPT && (pinCode == NULL || pinCodeLength > GAP_PINCODE_SIZE)) {
1485 return GAP_ERR_INVAL_PARAM;
1486 }
1487
1488 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1489
1490 if (accept == GAP_ACCEPT) {
1491 uint8_t pin[GAP_PINCODE_SIZE] = {0};
1492 (void)memcpy_s(pin, GAP_PINCODE_SIZE, pinCode, pinCodeLength);
1493 ret = GapPINCodeRequestReply(addr, pin, pinCodeLength);
1494 } else if (accept == GAP_NOT_ACCEPT) {
1495 ret = GapPINCodeRequestNegativeReply(addr);
1496 } else {
1497 ret = GAP_ERR_INVAL_PARAM;
1498 }
1499
1500 return ret;
1501 }
1502
GapLinkKeyRequestReply(const BtAddr * addr,const uint8_t * linkKey)1503 static int GapLinkKeyRequestReply(const BtAddr *addr, const uint8_t *linkKey)
1504 {
1505 HciLinkKeyRequestReplyParam hciCmdParam;
1506 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1507 if (memcpy_s(hciCmdParam.linkKey, GAP_LINKKEY_SIZE, linkKey, GAP_LINKKEY_SIZE) != EOK) {
1508 return GAP_STATUS_FAILED;
1509 }
1510
1511 return HCI_LinkKeyRequestReply(&hciCmdParam);
1512 }
1513
GapLinkKeyRequestNegativeReply(const BtAddr * addr)1514 static int GapLinkKeyRequestNegativeReply(const BtAddr *addr)
1515 {
1516 HciLinkKeyRequestNegativeReplyParam hciCmdParam;
1517
1518 (void)memcpy_s(hciCmdParam.bdAddr.raw, BT_ADDRESS_SIZE, addr->addr, BT_ADDRESS_SIZE);
1519
1520 return HCI_LinkKeyRequestNegativeReply(&hciCmdParam);
1521 }
1522
GAP_PairIsFromLocal(const BtAddr * addr,bool * isLocal)1523 int GAP_PairIsFromLocal(const BtAddr *addr, bool *isLocal)
1524 {
1525 int ret = GAP_SUCCESS;
1526
1527 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr));
1528
1529 if (GapIsBredrEnable() == false) {
1530 return GAP_ERR_NOT_ENABLE;
1531 }
1532
1533 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1534 DeviceInfo *devInfo = NULL;
1535 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
1536 if (devInfo != NULL) {
1537 *isLocal = !!devInfo->authenticationStatus;
1538 } else {
1539 ret = GAP_ERR_INVAL_STATE;
1540 }
1541
1542 return ret;
1543 }
1544
GapOnLinkKeyNotificationEvent(const HciLinkKeyNotificationEventParam * eventParam)1545 NO_SANITIZE("cfi") void GapOnLinkKeyNotificationEvent(const HciLinkKeyNotificationEventParam *eventParam)
1546 {
1547 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1548 BtAddr addr;
1549
1550 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1551
1552 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1553 DeviceInfo *devInfo = NULL;
1554 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)&addr);
1555 if (devInfo != NULL) {
1556 devInfo->linkkeyType = eventParam->keyType;
1557 }
1558
1559 if (g_authenticationCallback.callback.linkKeyNotification) {
1560 g_authenticationCallback.callback.linkKeyNotification(
1561 &addr, (uint8_t *)eventParam->linkKey, eventParam->keyType, g_authenticationCallback.context);
1562 }
1563 }
1564
GapOnLinkKeyRequestEvent(const HciLinkKeyRequestEventParam * eventParam)1565 NO_SANITIZE("cfi") void GapOnLinkKeyRequestEvent(const HciLinkKeyRequestEventParam *eventParam)
1566 {
1567 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1568 BtAddr addr;
1569 bool callback = true;
1570
1571 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1572
1573 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1574 DeviceInfo *devInfo = NULL;
1575 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)&addr);
1576 if (devInfo != NULL && devInfo->authenticationStatus == GAP_AUTH_STATUS_RETRY) {
1577 callback = false;
1578 devInfo->authenticationStatus = GAP_AUTH_STATUS_ACTION;
1579 } else if (devInfo != NULL && devInfo->linkkeyType != GAP_LINK_KEY_TYPE_UNKNOWN &&
1580 !GapDeviceLinkkeyIsAuthenticated(devInfo) && devInfo->actionReq != NULL &&
1581 devInfo->actionReq->needAuthentication && devInfo->actionReq->needMITM) {
1582 callback = false;
1583 }
1584
1585 if (g_authenticationCallback.callback.linkKeyReq) {
1586 if (callback) {
1587 g_authenticationCallback.callback.linkKeyReq(&addr, g_authenticationCallback.context);
1588 } else {
1589 GapLinkKeyRequestNegativeReply(&addr);
1590 }
1591 } else {
1592 GapLinkKeyRequestNegativeReply(&addr);
1593 }
1594 }
1595
GapLinkKeyRequestReplyComplete(const HciLinkKeyRequestReplyReturnParam * param)1596 void GapLinkKeyRequestReplyComplete(const HciLinkKeyRequestReplyReturnParam *param)
1597 {
1598 if (param->status != HCI_SUCCESS) {
1599 BtAddr addr;
1600 GapChangeHCIAddr(&addr, ¶m->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1601 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x", __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr), param->status);
1602 GapLinkKeyRequestNegativeReply(&addr);
1603 }
1604 }
1605
GapLinkKeyRequestNegativeReplyComplete(const HciLinkKeyRequestNegativeReplyReturnParam * param)1606 void GapLinkKeyRequestNegativeReplyComplete(const HciLinkKeyRequestNegativeReplyReturnParam *param)
1607 {
1608 if (param->status != HCI_SUCCESS) {
1609 LOG_WARN("%{public}s:" BT_ADDR_FMT "Failed:%02x",
1610 __FUNCTION__, BT_ADDR_FMT_OUTPUT(param->bdAddr.raw), param->status);
1611 }
1612 }
1613
GAP_LinkKeyRsp(const BtAddr * addr,uint8_t accept,const uint8_t linkKey[GAP_LINKKEY_SIZE],uint8_t keyType)1614 int GAP_LinkKeyRsp(const BtAddr *addr, uint8_t accept, const uint8_t linkKey[GAP_LINKKEY_SIZE], uint8_t keyType)
1615 {
1616 int ret;
1617
1618 if (GapIsBredrEnable() == false) {
1619 return GAP_ERR_NOT_ENABLE;
1620 }
1621
1622 if (addr == NULL || linkKey == NULL) {
1623 return GAP_ERR_INVAL_PARAM;
1624 }
1625
1626 LOG_INFO("%{public}s:" BT_ADDR_FMT " %hhu, keyType[%hhu]",
1627 __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr->addr), accept, keyType);
1628
1629 if (accept == GAP_ACCEPT) {
1630 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1631 DeviceInfo *devInfo = NULL;
1632 devInfo = ListForEachData(connectionInfoBlock->devicelist, GapFindConnectionDeviceByAddr, (void *)addr);
1633 if (devInfo != NULL) {
1634 devInfo->linkkeyType = keyType;
1635 }
1636 ret = GapLinkKeyRequestReply(addr, linkKey);
1637 } else if (accept == GAP_NOT_ACCEPT) {
1638 ret = GapLinkKeyRequestNegativeReply(addr);
1639 } else {
1640 ret = GAP_ERR_INVAL_PARAM;
1641 }
1642
1643 return ret;
1644 }
1645
GapOnSimplePairingComplete(const HciSimplePairingCompleteEventParam * eventParam)1646 NO_SANITIZE("cfi") void GapOnSimplePairingComplete(const HciSimplePairingCompleteEventParam *eventParam)
1647 {
1648 LOG_INFO("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(eventParam->bdAddr.raw));
1649 BtAddr addr;
1650
1651 GapChangeHCIAddr(&addr, &eventParam->bdAddr, BT_PUBLIC_DEVICE_ADDRESS);
1652
1653 if (g_authenticationCallback.callback.simplePairComplete) {
1654 g_authenticationCallback.callback.simplePairComplete(
1655 &addr, eventParam->status, g_authenticationCallback.context);
1656 }
1657 }
1658
GapOnEncryptionChangeEvent(const HciEncryptionChangeEventParam * eventParam)1659 NO_SANITIZE("cfi") void GapOnEncryptionChangeEvent(const HciEncryptionChangeEventParam *eventParam)
1660 {
1661 BtAddr addr = {0};
1662 GapEncryptionChangeCallback callback = NULL;
1663 void *context = NULL;
1664
1665 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1666 DeviceInfo *devInfo = NULL;
1667 devInfo = ListForEachData(
1668 connectionInfoBlock->devicelist, GapFindConnectionDeviceByHandle, (void *)&eventParam->connectionHandle);
1669 if (devInfo != NULL) {
1670 (void)memcpy_s(&addr, sizeof(BtAddr), &devInfo->addr, sizeof(BtAddr));
1671 if (eventParam->status == HCI_SUCCESS) {
1672 if (eventParam->encryptionEnabled) {
1673 devInfo->isEncryption = true;
1674 } else {
1675 devInfo->isEncryption = false;
1676 }
1677 GapUpdateSecurityRequest(devInfo, GAP_SEC_EVENT_ENC_SUCCESS, eventParam->status);
1678 } else {
1679 GapUpdateSecurityRequest(devInfo, GAP_SEC_EVENT_ENC_FAILED, eventParam->status);
1680 }
1681 if (devInfo->status == GAP_DEV_SEC_STATUS_ACTION && devInfo->encryptionStatus == GAP_ENC_STATUS_ACTION) {
1682 devInfo->actionReq = NULL;
1683 devInfo->status = GAP_DEV_SEC_STATUS_WAIT_DISC;
1684 devInfo->encryptionStatus = GAP_ENC_STATUS_IDLE;
1685 }
1686 }
1687
1688 GapRequestSecurityProcess();
1689
1690 EncryptionBlock *encryptionBlock = GapGetEncryptionBlock();
1691 if (encryptionBlock->status == GAP_SET_ENCRYPTION_STATUS_SETTING) {
1692 callback = encryptionBlock->callback;
1693 context = encryptionBlock->context;
1694 }
1695
1696 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr));
1697
1698 if (devInfo != NULL) {
1699 if (g_authenticationCallback.callback.encryptionChangeCallback) {
1700 g_authenticationCallback.callback.encryptionChangeCallback(&addr,
1701 eventParam->encryptionEnabled ? GAP_ENCRYPTION_ON : GAP_ENCRYPTION_OFF,
1702 g_authenticationCallback.context);
1703 }
1704 if (callback) {
1705 callback(&addr, eventParam->encryptionEnabled ? GAP_ENCRYPTION_ON : GAP_ENCRYPTION_OFF, context);
1706 }
1707 }
1708
1709 GapLeEncryptionComplete(eventParam->connectionHandle, eventParam->status);
1710 }
1711
GapOnEncryptionKeyRefreshComplete(const HciEncryptionKeyRefreshCompleteEventParam * eventParam)1712 void GapOnEncryptionKeyRefreshComplete(const HciEncryptionKeyRefreshCompleteEventParam *eventParam)
1713 {
1714 BtAddr addr = {0};
1715
1716 ConnectionInfoBlock *connectionInfoBlock = GapGetConnectionInfoBlock();
1717 DeviceInfo *devInfo = NULL;
1718 devInfo = ListForEachData(
1719 connectionInfoBlock->devicelist, GapFindConnectionDeviceByHandle, (void *)&eventParam->connectionHandle);
1720 if (devInfo != NULL) {
1721 (void)memcpy_s(&addr, sizeof(BtAddr), &devInfo->addr, sizeof(BtAddr));
1722 if (eventParam->status == HCI_SUCCESS) {
1723 GapUpdateSecurityRequest(devInfo, GAP_SEC_EVENT_ENC_SUCCESS, eventParam->status);
1724 } else {
1725 GapUpdateSecurityRequest(devInfo, GAP_SEC_EVENT_ENC_FAILED, eventParam->status);
1726 }
1727 if (devInfo->status == GAP_DEV_SEC_STATUS_ACTION && devInfo->encryptionStatus == GAP_ENC_STATUS_ACTION) {
1728 devInfo->actionReq = NULL;
1729 devInfo->status = GAP_DEV_SEC_STATUS_WAIT_DISC;
1730 devInfo->encryptionStatus = GAP_ENC_STATUS_IDLE;
1731 }
1732 }
1733 GapRequestSecurityProcess();
1734 LOG_DEBUG("%{public}s:" BT_ADDR_FMT, __FUNCTION__, BT_ADDR_FMT_OUTPUT(addr.addr));
1735 }
1736
GapSetConnectionEncryption(uint16_t handle,uint8_t encryptionEnable)1737 static int GapSetConnectionEncryption(uint16_t handle, uint8_t encryptionEnable)
1738 {
1739 HciSetConnectionEncryptionParam hciCmdParam = {
1740 .connectionHandle = handle,
1741 .encryptionEnable = encryptionEnable,
1742 };
1743
1744 return HCI_SetConnectionEncryption(&hciCmdParam);
1745 }
1746