1 /* 2 * Copyright 2017 The Android Open Source Project 3 * 4 * Licensed under the Apache License, Version 2.0 (the "License"); 5 * you may not use this file except in compliance with the License. 6 * You may obtain a copy of the License at 7 * 8 * http://www.apache.org/licenses/LICENSE-2.0 9 * 10 * Unless required by applicable law or agreed to in writing, software 11 * distributed under the License is distributed on an "AS IS" BASIS, 12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 * See the License for the specific language governing permissions and 14 * limitations under the License. 15 */ 16 17 #pragma once 18 19 #include <array> 20 #include <cstdint> 21 #include <string> 22 #include <unordered_map> 23 #include <vector> 24 25 #include "hci/address.h" 26 27 namespace rootcanal { 28 29 using ::bluetooth::hci::Address; 30 31 enum class PairingType : uint8_t { 32 AUTO_CONFIRMATION, 33 CONFIRM_Y_N, 34 DISPLAY_PIN, 35 DISPLAY_AND_CONFIRM, 36 INPUT_PIN, 37 OUT_OF_BAND, 38 PEER_HAS_OUT_OF_BAND, 39 INVALID = 0xff, 40 }; 41 42 enum class IoCapabilityType : uint8_t { 43 DISPLAY_ONLY = 0, 44 DISPLAY_YES_NO = 1, 45 KEYBOARD_ONLY = 2, 46 NO_INPUT_NO_OUTPUT = 3, 47 INVALID = 0xff, 48 }; 49 50 enum class AuthenticationType : uint8_t { 51 NO_BONDING = 0, 52 NO_BONDING_MITM = 1, 53 DEDICATED_BONDING = 2, 54 DEDICATED_BONDING_MITM = 3, 55 GENERAL_BONDING = 4, 56 GENERAL_BONDING_MITM = 5, 57 INVALID = 0xff, 58 }; 59 60 // Encapsulate the details of storing and retrieving keys. 61 class SecurityManager { 62 public: SecurityManager(uint16_t num_keys)63 SecurityManager(uint16_t num_keys) : max_keys_(num_keys) {} 64 virtual ~SecurityManager() = default; 65 66 uint16_t DeleteAllKeys(); 67 uint16_t DeleteKey(const Address& addr); 68 uint16_t ReadAllKeys() const; 69 uint16_t ReadKey(const Address& addr) const; 70 uint16_t WriteKey(const Address& addr, const std::array<uint8_t, 16>& key); ReadCapacity()71 uint16_t ReadCapacity() const { return max_keys_; }; 72 73 const std::array<uint8_t, 16>& GetKey(const Address& addr) const; 74 75 void AuthenticationRequest(const Address& addr, uint16_t handle, 76 bool initiator); 77 void AuthenticationRequestFinished(); 78 79 bool AuthenticationInProgress(); 80 bool IsInitiator(); 81 uint16_t GetAuthenticationHandle(); 82 Address GetAuthenticationAddress(); 83 84 void SetPinRequested(const Address& addr); 85 bool GetPinRequested(const Address& addr); 86 void SetLocalPin(const Address& peer, const std::vector<uint8_t>& pin); 87 void SetRemotePin(const Address& peer, const std::vector<uint8_t>& pin); 88 bool GetLocalPinResponseReceived(const Address& peer); 89 bool GetRemotePinResponseReceived(const Address& peer); 90 bool PinCompare(); 91 92 void SetPeerIoCapability(const Address& addr, uint8_t io_capability, 93 uint8_t oob_present_flag, 94 uint8_t authentication_requirements); 95 void SetLocalIoCapability(const Address& peer, uint8_t io_capability, 96 uint8_t oob_present_flag, 97 uint8_t authentication_requirements); 98 99 PairingType GetSimplePairingType(); 100 101 void InvalidateIoCapabilities(); 102 103 private: 104 uint16_t max_keys_; 105 std::unordered_map<std::string, std::array<uint8_t, 16>> key_store_; 106 107 bool peer_capabilities_valid_{false}; 108 IoCapabilityType peer_io_capability_{IoCapabilityType::DISPLAY_ONLY}; 109 uint8_t peer_oob_present_flag_{0}; 110 AuthenticationType peer_authentication_requirements_{ 111 AuthenticationType::NO_BONDING}; 112 bool peer_pin_requested_{false}; 113 bool peer_pin_received_{false}; 114 std::vector<uint8_t> peer_pin_; 115 116 bool host_capabilities_valid_{false}; 117 IoCapabilityType host_io_capability_{IoCapabilityType::DISPLAY_ONLY}; 118 uint8_t host_oob_present_flag_{0}; 119 AuthenticationType host_authentication_requirements_{ 120 AuthenticationType::NO_BONDING}; 121 std::vector<uint8_t> host_pin_; 122 bool host_pin_received_{false}; 123 124 bool authenticating_{false}; 125 uint16_t current_handle_{}; 126 Address peer_address_{}; 127 bool initiator_{false}; 128 }; 129 130 } // namespace rootcanal 131