1 /******************************************************************************
2  *
3  *  Copyright 1999-2012 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 #ifndef SMP_API_TYPES_H
20 #define SMP_API_TYPES_H
21 
22 #include <base/strings/stringprintf.h>
23 
24 #include <cstdint>
25 
26 #include "bt_target.h"  // Must be first to define build configuration
27 #include "stack/include/bt_octets.h"
28 #include "stack/include/btm_status.h"
29 #include "types/ble_address_with_type.h"
30 #include "types/raw_address.h"
31 
32 /* SMP command code */
33 typedef enum : uint8_t {
34   SMP_OPCODE_PAIRING_REQ = 0x01,
35   SMP_OPCODE_PAIRING_RSP = 0x02,
36   SMP_OPCODE_CONFIRM = 0x03,
37   SMP_OPCODE_RAND = 0x04,
38   SMP_OPCODE_PAIRING_FAILED = 0x05,
39   SMP_OPCODE_ENCRYPT_INFO = 0x06,
40   SMP_OPCODE_CENTRAL_ID = 0x07,
41   SMP_OPCODE_IDENTITY_INFO = 0x08,
42   SMP_OPCODE_ID_ADDR = 0x09,
43   SMP_OPCODE_SIGN_INFO = 0x0A,
44   SMP_OPCODE_SEC_REQ = 0x0B,
45   SMP_OPCODE_PAIR_PUBLIC_KEY = 0x0C,
46   SMP_OPCODE_PAIR_DHKEY_CHECK = 0x0D,
47   SMP_OPCODE_PAIR_KEYPR_NOTIF = 0x0E,
48   SMP_OPCODE_MAX = SMP_OPCODE_PAIR_KEYPR_NOTIF,
49   SMP_OPCODE_MIN = SMP_OPCODE_PAIRING_REQ,
50   // NOTE: For some reason this is outside the MAX/MIN values
51   SMP_OPCODE_PAIR_COMMITM = 0x0F,
52 } tSMP_OPCODE;
53 
54 #define CASE_RETURN_TEXT(code) \
55   case code:                   \
56     return #code
57 
smp_opcode_text(const tSMP_OPCODE & opcode)58 inline std::string smp_opcode_text(const tSMP_OPCODE& opcode) {
59   switch (opcode) {
60     CASE_RETURN_TEXT(SMP_OPCODE_PAIRING_REQ);
61     CASE_RETURN_TEXT(SMP_OPCODE_PAIRING_RSP);
62     CASE_RETURN_TEXT(SMP_OPCODE_CONFIRM);
63     CASE_RETURN_TEXT(SMP_OPCODE_RAND);
64     CASE_RETURN_TEXT(SMP_OPCODE_PAIRING_FAILED);
65     CASE_RETURN_TEXT(SMP_OPCODE_ENCRYPT_INFO);
66     CASE_RETURN_TEXT(SMP_OPCODE_CENTRAL_ID);
67     CASE_RETURN_TEXT(SMP_OPCODE_IDENTITY_INFO);
68     CASE_RETURN_TEXT(SMP_OPCODE_ID_ADDR);
69     CASE_RETURN_TEXT(SMP_OPCODE_SIGN_INFO);
70     CASE_RETURN_TEXT(SMP_OPCODE_SEC_REQ);
71     CASE_RETURN_TEXT(SMP_OPCODE_PAIR_PUBLIC_KEY);
72     CASE_RETURN_TEXT(SMP_OPCODE_PAIR_DHKEY_CHECK);
73     CASE_RETURN_TEXT(SMP_OPCODE_PAIR_KEYPR_NOTIF);
74     CASE_RETURN_TEXT(SMP_OPCODE_PAIR_COMMITM);
75     default:
76       return base::StringPrintf("UNKNOWN[%hhu]", opcode);
77   }
78 }
79 #undef CASE_RETURN_TEXT
80 
81 /* SMP event type */
82 typedef enum : uint8_t {
83   SMP_EVT_NONE = 0,           /* Default no event */
84   SMP_IO_CAP_REQ_EVT = 1,     /* IO capability request event */
85   SMP_SEC_REQUEST_EVT = 2,    /* SMP pairing request */
86   SMP_PASSKEY_NOTIF_EVT = 3,  /* passkey notification event */
87   SMP_PASSKEY_REQ_EVT = 4,    /* passkey request event */
88   SMP_OOB_REQ_EVT = 5,        /* OOB request event */
89   SMP_NC_REQ_EVT = 6,         /* Numeric Comparison request event */
90   SMP_COMPLT_EVT = 7,         /* SMP complete event */
91   SMP_PEER_KEYPR_NOT_EVT = 8, /* Peer keypress notification */
92 
93   /* SC OOB request event (both local and peer OOB data can be expected in
94    * response) */
95   SMP_SC_OOB_REQ_EVT = 9,
96   /* SC OOB local data set is created (as result of SMP_CrLocScOobData(...)) */
97   SMP_SC_LOC_OOB_DATA_UP_EVT = 10,
98   SMP_UNUSED11 = 11,
99   SMP_BR_KEYS_REQ_EVT = 12, /* SMP over BR keys request event */
100   SMP_UNUSED13 = 13,
101   SMP_CONSENT_REQ_EVT = 14,   /* Consent request event */
102   SMP_LE_ADDR_ASSOC_EVT = 15, /* Identity address association event */
103 } tSMP_EVT;
104 
105 /* pairing failure reason code */
106 typedef enum : uint8_t {
107   SMP_SUCCESS = 0,
108   SMP_PASSKEY_ENTRY_FAIL = 0x01,
109   SMP_OOB_FAIL = 0x02,
110   SMP_PAIR_AUTH_FAIL = 0x03,
111   SMP_CONFIRM_VALUE_ERR = 0x04,
112   SMP_PAIR_NOT_SUPPORT = 0x05,
113   SMP_ENC_KEY_SIZE = 0x06,
114   SMP_INVALID_CMD = 0x07,
115   SMP_PAIR_FAIL_UNKNOWN = 0x08,
116   SMP_REPEATED_ATTEMPTS = 0x09,
117   SMP_INVALID_PARAMETERS = 0x0A,
118   SMP_DHKEY_CHK_FAIL = 0x0B,
119   SMP_NUMERIC_COMPAR_FAIL = 0x0C,
120   SMP_BR_PARING_IN_PROGR = 0x0D,
121   SMP_XTRANS_DERIVE_NOT_ALLOW = 0x0E,
122   SMP_MAX_FAIL_RSN_PER_SPEC = SMP_XTRANS_DERIVE_NOT_ALLOW,
123 
124   /* self defined error code */
125   SMP_PAIR_INTERNAL_ERR = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x01), /* 0x0F */
126 
127   /* Unknown IO capability, unable to decide association model */
128   SMP_UNKNOWN_IO_CAP = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x02), /* 0x10 */
129 
130   SMP_BUSY = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x05),        /* 0x13 */
131   SMP_ENC_FAIL = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x06),    /* 0x14 */
132   SMP_STARTED = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x07),     /* 0x15 */
133   SMP_RSP_TIMEOUT = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x08), /* 0x16 */
134 
135   /* Unspecified failure reason */
136   SMP_FAIL = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x0A), /* 0x18 */
137 
138   SMP_CONN_TOUT = (SMP_MAX_FAIL_RSN_PER_SPEC + 0x0B), /* 0x19 */
139 } tSMP_STATUS;
140 
141 #define CASE_RETURN_TEXT(code) \
142   case code:                   \
143     return #code
144 
smp_status_text(const tSMP_STATUS & status)145 inline std::string smp_status_text(const tSMP_STATUS& status) {
146   switch (status) {
147     CASE_RETURN_TEXT(SMP_SUCCESS);
148     CASE_RETURN_TEXT(SMP_PASSKEY_ENTRY_FAIL);
149     CASE_RETURN_TEXT(SMP_OOB_FAIL);
150     CASE_RETURN_TEXT(SMP_PAIR_AUTH_FAIL);
151     CASE_RETURN_TEXT(SMP_CONFIRM_VALUE_ERR);
152     CASE_RETURN_TEXT(SMP_PAIR_NOT_SUPPORT);
153     CASE_RETURN_TEXT(SMP_ENC_KEY_SIZE);
154     CASE_RETURN_TEXT(SMP_INVALID_CMD);
155     CASE_RETURN_TEXT(SMP_PAIR_FAIL_UNKNOWN);
156     CASE_RETURN_TEXT(SMP_REPEATED_ATTEMPTS);
157     CASE_RETURN_TEXT(SMP_INVALID_PARAMETERS);
158     CASE_RETURN_TEXT(SMP_DHKEY_CHK_FAIL);
159     CASE_RETURN_TEXT(SMP_NUMERIC_COMPAR_FAIL);
160     CASE_RETURN_TEXT(SMP_BR_PARING_IN_PROGR);
161     CASE_RETURN_TEXT(SMP_XTRANS_DERIVE_NOT_ALLOW);
162     CASE_RETURN_TEXT(SMP_PAIR_INTERNAL_ERR);
163     CASE_RETURN_TEXT(SMP_UNKNOWN_IO_CAP);
164     CASE_RETURN_TEXT(SMP_BUSY);
165     CASE_RETURN_TEXT(SMP_ENC_FAIL);
166     CASE_RETURN_TEXT(SMP_STARTED);
167     CASE_RETURN_TEXT(SMP_RSP_TIMEOUT);
168     CASE_RETURN_TEXT(SMP_FAIL);
169     CASE_RETURN_TEXT(SMP_CONN_TOUT);
170     default:
171       return base::StringPrintf("UNKNOWN[%hhu]", status);
172   }
173 }
174 #undef CASE_RETURN_TEXT
175 
176 /* Device IO capability */
177 #define SMP_IO_CAP_IO BTM_IO_CAP_IO         /* DisplayYesNo */
178 #define SMP_IO_CAP_KBDISP BTM_IO_CAP_KBDISP /* Keyboard Display */
179 #define SMP_IO_CAP_MAX BTM_IO_CAP_MAX
180 typedef uint8_t tSMP_IO_CAP;
181 
182 /* OOB data present or not */
183 enum { SMP_OOB_NONE, SMP_OOB_PRESENT, SMP_OOB_UNKNOWN };
184 typedef uint8_t tSMP_OOB_FLAG;
185 
186 /* type of OOB data required from application */
187 enum { SMP_OOB_INVALID_TYPE, SMP_OOB_PEER, SMP_OOB_LOCAL, SMP_OOB_BOTH };
188 typedef uint8_t tSMP_OOB_DATA_TYPE;
189 
190 enum : uint8_t {
191   SMP_AUTH_NO_BOND = 0x00,
192   /* no MITM, No Bonding, encryption only */
193   SMP_AUTH_NB_ENC_ONLY = 0x00,  //(SMP_AUTH_MASK | BTM_AUTH_SP_NO)
194   SMP_AUTH_BOND = (1u << 0),
195   SMP_AUTH_UNUSED = (1u << 1),
196   /* SMP Authentication requirement */
197   SMP_AUTH_YN_BIT = (1u << 2),
198   SMP_SC_SUPPORT_BIT = (1u << 3),
199   SMP_KP_SUPPORT_BIT = (1u << 4),
200   SMP_H7_SUPPORT_BIT = (1u << 5),
201 };
202 
203 #define SMP_AUTH_MASK                                                          \
204   (SMP_AUTH_BOND | SMP_AUTH_YN_BIT | SMP_SC_SUPPORT_BIT | SMP_KP_SUPPORT_BIT | \
205    SMP_H7_SUPPORT_BIT)
206 
207 /* Secure Connections, no MITM, no Bonding */
208 #define SMP_AUTH_SC_ENC_ONLY (SMP_H7_SUPPORT_BIT | SMP_SC_SUPPORT_BIT)
209 
210 /* Secure Connections, MITM, Bonding */
211 #define SMP_AUTH_SC_MITM_GB \
212   (SMP_H7_SUPPORT_BIT | SMP_SC_SUPPORT_BIT | SMP_AUTH_YN_BIT | SMP_AUTH_BOND)
213 
214 typedef uint8_t tSMP_AUTH_REQ;
215 
216 typedef enum : uint8_t {
217   SMP_SEC_NONE = 0,
218   SMP_SEC_UNAUTHENTICATE = 1,
219   SMP_SEC_AUTHENTICATED = 2,
220 } tSMP_SEC_LEVEL;
221 
222 /* Maximum Encryption Key Size range */
223 #define SMP_ENCR_KEY_SIZE_MIN 7
224 #define SMP_ENCR_KEY_SIZE_MAX 16
225 
226 /* SMP key types */
227 enum tSMP_KEYS_BITMASK : uint8_t {
228   SMP_SEC_KEY_TYPE_ENC = (1 << 0),  /* encryption key */
229   SMP_SEC_KEY_TYPE_ID = (1 << 1),   /* identity key */
230   SMP_SEC_KEY_TYPE_CSRK = (1 << 2), /* peripheral CSRK */
231   SMP_SEC_KEY_TYPE_LK = (1 << 3),   /* BR/EDR link key */
232 };
233 typedef uint8_t tSMP_KEYS;
234 
235 constexpr tSMP_KEYS SMP_BR_SEC_DEFAULT_KEY =
236     (SMP_SEC_KEY_TYPE_ENC | SMP_SEC_KEY_TYPE_ID | SMP_SEC_KEY_TYPE_CSRK);
237 
238 /* default security key distribution value */
239 constexpr tSMP_KEYS SMP_SEC_DEFAULT_KEY =
240     (SMP_SEC_KEY_TYPE_ENC | SMP_SEC_KEY_TYPE_ID | SMP_SEC_KEY_TYPE_CSRK |
241      SMP_SEC_KEY_TYPE_LK);
242 
243 #define SMP_SC_KEY_OUT_OF_RANGE 5 /* out of range */
244 typedef uint8_t tSMP_SC_KEY_TYPE;
245 
246 /* data type for BTM_SP_IO_REQ_EVT */
247 typedef struct {
248   tSMP_IO_CAP io_cap;     /* local IO capabilities */
249   tSMP_OOB_FLAG oob_data; /* OOB data present (locally) for the peer device */
250   tSMP_AUTH_REQ auth_req; /* Authentication required (for local device) */
251   uint8_t max_key_size;   /* max encryption key size */
252   tSMP_KEYS init_keys;    /* initiator keys to be distributed */
253   tSMP_KEYS resp_keys;    /* responder keys */
254 } tSMP_IO_REQ;
255 
256 typedef struct {
257   tSMP_STATUS reason;
258   tSMP_SEC_LEVEL sec_level;
259   bool is_pair_cancel;
260   bool smp_over_br;
261 } tSMP_CMPL;
262 
263 typedef struct {
264   BT_OCTET32 x;
265   BT_OCTET32 y;
266 } tSMP_PUBLIC_KEY;
267 
268 /* the data associated with the info sent to the peer via OOB interface */
269 typedef struct {
270   bool present;
271   Octet16 randomizer;
272   Octet16 commitment;
273 
274   tBLE_BD_ADDR addr_sent_to;
275   BT_OCTET32 private_key_used; /* is used to calculate: */
276   /* publ_key_used = P-256(private_key_used, curve_p256.G) - send it to the */
277   /* other side */
278   /* dhkey = P-256(private_key_used, publ key rcvd from the other side) */
279   tSMP_PUBLIC_KEY publ_key_used; /* P-256(private_key_used, curve_p256.G) */
280 } tSMP_LOC_OOB_DATA;
281 
282 /* the data associated with the info received from the peer via OOB interface */
283 typedef struct {
284   bool present;
285   Octet16 randomizer;
286   Octet16 commitment;
287   tBLE_BD_ADDR addr_rcvd_from;
288 } tSMP_PEER_OOB_DATA;
289 
290 typedef struct {
291   tSMP_LOC_OOB_DATA loc_oob_data;
292   tSMP_PEER_OOB_DATA peer_oob_data;
293 } tSMP_SC_OOB_DATA;
294 
295 typedef union {
296   uint32_t passkey;
297   tSMP_IO_REQ io_req; /* IO request */
298   tSMP_CMPL cmplt;
299   tSMP_OOB_DATA_TYPE req_oob_type;
300   tSMP_LOC_OOB_DATA loc_oob_data;
301   RawAddress id_addr;
302 } tSMP_EVT_DATA;
303 
304 /* AES Encryption output */
305 typedef struct {
306   uint8_t status;
307   uint8_t param_len;
308   uint16_t opcode;
309   uint8_t param_buf[OCTET16_LEN];
310 } tSMP_ENC;
311 
312 /* Security Manager events - Called by the stack when Security Manager related
313  * events occur.*/
314 typedef tBTM_STATUS(tSMP_CALLBACK)(tSMP_EVT event, const RawAddress& bd_addr,
315                                    const tSMP_EVT_DATA* p_data);
316 
317 #endif  // SMP_API_TYPES_H
318