1 /******************************************************************************
2  *
3  *  Copyright 2019 The Android Open Source Project
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 #pragma once
20 
21 #include <optional>
22 #include <variant>
23 
24 #include "common/bidi_queue.h"
25 #include "common/callback.h"
26 #include "crypto_toolbox/crypto_toolbox.h"
27 #include "hci/address_with_type.h"
28 #include "hci/le_security_interface.h"
29 #include "os/handler.h"
30 #include "packet/base_packet_builder.h"
31 #include "packet/packet_view.h"
32 #include "security/ecdh_keys.h"
33 #include "security/pairing_failure.h"
34 #include "security/smp_packets.h"
35 #include "security/ui.h"
36 
37 namespace bluetooth {
38 namespace security {
39 
40 struct DistributedKeys {
41   /* LE Keys*/
42   std::optional<crypto_toolbox::Octet16> remote_ltk;
43   std::optional<uint16_t> remote_ediv;
44   std::optional<std::array<uint8_t, 8>> remote_rand;
45   std::optional<hci::AddressWithType> remote_identity_address;
46   std::optional<crypto_toolbox::Octet16> remote_irk;
47   std::optional<crypto_toolbox::Octet16> remote_signature_key;
48   std::optional<crypto_toolbox::Octet16> remote_link_key; /* BR/EDR Keys */
49 
50   std::optional<crypto_toolbox::Octet16> local_ltk;
51   std::optional<uint16_t> local_ediv;
52   std::optional<std::array<uint8_t, 8>> local_rand;
53   std::optional<crypto_toolbox::Octet16> local_signature_key;
54 };
55 
56 /* This class represents the result of pairing, as returned from Pairing Handler */
57 struct PairingResult {
58   hci::AddressWithType connection_address;
59   DistributedKeys distributed_keys;
60   uint8_t key_size;
61   uint8_t security_level;
62 };
63 
64 using PairingResultOrFailure = std::variant<PairingResult, PairingFailure>;
65 
66 /* Data we use for Out Of Band Pairing */
67 struct MyOobData {
68   /*  private key is just for this single pairing only, so it might be safe to
69    * expose it to other parts of stack. It should not be exposed to upper
70    * layers though */
71   std::array<uint8_t, 32> private_key;
72   EcdhPublicKey public_key;
73   crypto_toolbox::Octet16 c;
74   crypto_toolbox::Octet16 r;
75 };
76 
77 /* This structure is filled and send to PairingHandlerLe to initiate the Pairing process with remote device */
78 struct InitialInformations {
79   hci::Role my_role;
80   hci::AddressWithType my_connection_address;
81 
82   hci::AddressWithType my_identity_address;
83   crypto_toolbox::Octet16 my_identity_resolving_key;
84 
85   /* My capabilities, as in pairing request/response */
86   struct {
87     IoCapability io_capability;
88     OobDataFlag oob_data_flag;
89     uint8_t auth_req;
90     uint8_t maximum_encryption_key_size;
91     uint8_t initiator_key_distribution;
92     uint8_t responder_key_distribution;
93   } myPairingCapabilities;
94 
95   /* was it remote device that initiated the Pairing ? */
96   bool remotely_initiated;
97   uint16_t connection_handle;
98   hci::AddressWithType remote_connection_address;
99   std::string remote_name;
100 
101   /* contains pairing request, if the pairing was remotely initiated */
102   std::optional<PairingRequestView> pairing_request;
103 
104   struct out_of_band_data {
105     crypto_toolbox::Octet16 le_sc_c; /* LE Secure Connections Confirmation Value */
106     crypto_toolbox::Octet16 le_sc_r; /* LE Secure Connections Random Value */
107 
108     crypto_toolbox::Octet16 security_manager_tk_value; /* OOB data for LE Legacy Pairing */
109   };
110 
111   // If we received OOB data from remote device, this field contains it.
112   std::optional<out_of_band_data> remote_oob_data;
113   std::optional<MyOobData> my_oob_data;
114 
115   /* Used by Pairing Handler to present user with requests*/
116   UI* user_interface;
117   os::Handler* user_interface_handler;
118 
119   /* HCI interface to use */
120   hci::LeSecurityInterface* le_security_interface;
121 
122   os::EnqueueBuffer<packet::BasePacketBuilder>* proper_l2cap_interface;
123   os::Handler* l2cap_handler;
124 
125   /* Callback to execute once the Pairing process is finished */
126   std::function<void(PairingResultOrFailure)> OnPairingFinished;
127 };
128 
129 }  // namespace security
130 }  // namespace bluetooth
131