1 /****************************************************************************** 2 * 3 * Copyright 2019 The Android Open Source Project 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 #pragma once 20 21 #include <optional> 22 #include <variant> 23 24 #include "common/bidi_queue.h" 25 #include "common/callback.h" 26 #include "crypto_toolbox/crypto_toolbox.h" 27 #include "hci/address_with_type.h" 28 #include "hci/le_security_interface.h" 29 #include "os/handler.h" 30 #include "packet/base_packet_builder.h" 31 #include "packet/packet_view.h" 32 #include "security/ecdh_keys.h" 33 #include "security/pairing_failure.h" 34 #include "security/smp_packets.h" 35 #include "security/ui.h" 36 37 namespace bluetooth { 38 namespace security { 39 40 using DistributedKeys = 41 std::tuple<std::optional<crypto_toolbox::Octet16> /* ltk */, std::optional<uint16_t> /*ediv*/, 42 std::optional<std::array<uint8_t, 8>> /* rand */, std::optional<Address> /* Identity address */, 43 AddrType, std::optional<crypto_toolbox::Octet16> /* IRK */, 44 std::optional<crypto_toolbox::Octet16>> /* Signature Key */; 45 46 /* This class represents the result of pairing, as returned from Pairing Handler */ 47 struct PairingResult { 48 hci::AddressWithType connection_address; 49 DistributedKeys distributed_keys; 50 }; 51 52 using PairingResultOrFailure = std::variant<PairingResult, PairingFailure>; 53 54 /* Data we use for Out Of Band Pairing */ 55 struct MyOobData { 56 /* private key is just for this single pairing only, so it might be safe to 57 * expose it to other parts of stack. It should not be exposed to upper 58 * layers though */ 59 std::array<uint8_t, 32> private_key; 60 EcdhPublicKey public_key; 61 crypto_toolbox::Octet16 c; 62 crypto_toolbox::Octet16 r; 63 }; 64 65 /* This structure is filled and send to PairingHandlerLe to initiate the Pairing process with remote device */ 66 struct InitialInformations { 67 hci::Role my_role; 68 hci::AddressWithType my_connection_address; 69 70 /* My capabilities, as in pairing request/response */ 71 struct { 72 IoCapability io_capability; 73 OobDataFlag oob_data_flag; 74 uint8_t auth_req; 75 uint8_t maximum_encryption_key_size; 76 uint8_t initiator_key_distribution; 77 uint8_t responder_key_distribution; 78 } myPairingCapabilities; 79 80 /* was it remote device that initiated the Pairing ? */ 81 bool remotely_initiated; 82 uint16_t connection_handle; 83 hci::AddressWithType remote_connection_address; 84 std::string remote_name; 85 86 /* contains pairing request, if the pairing was remotely initiated */ 87 std::optional<PairingRequestView> pairing_request; 88 89 struct out_of_band_data { 90 crypto_toolbox::Octet16 le_sc_c; /* LE Secure Connections Confirmation Value */ 91 crypto_toolbox::Octet16 le_sc_r; /* LE Secure Connections Random Value */ 92 93 crypto_toolbox::Octet16 security_manager_tk_value; /* OOB data for LE Legacy Pairing */ 94 }; 95 96 // If we received OOB data from remote device, this field contains it. 97 std::optional<out_of_band_data> remote_oob_data; 98 std::optional<MyOobData> my_oob_data; 99 100 /* Used by Pairing Handler to present user with requests*/ 101 UI* user_interface; 102 os::Handler* user_interface_handler; 103 104 /* HCI interface to use */ 105 hci::LeSecurityInterface* le_security_interface; 106 107 os::EnqueueBuffer<packet::BasePacketBuilder>* proper_l2cap_interface; 108 os::Handler* l2cap_handler; 109 110 /* Callback to execute once the Pairing process is finished */ 111 std::function<void(PairingResultOrFailure)> OnPairingFinished; 112 }; 113 114 } // namespace security 115 } // namespace bluetooth 116