1 /******************************************************************************
2 *
3 * Copyright 1999-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 #pragma once
20
21 #include <base/strings/stringprintf.h>
22 #include <bluetooth/log.h>
23
24 #include <cstdint>
25 #include <string>
26
27 #include "internal_include/bt_target.h"
28 #include "macros.h"
29 #include "os/logging/log_adapter.h"
30 #include "stack/include/bt_device_type.h"
31 #include "stack/include/bt_name.h"
32 #include "stack/include/bt_octets.h"
33 #include "stack/include/btm_sec_api_types.h"
34 #include "stack/include/hci_error_code.h"
35 #include "types/ble_address_with_type.h"
36 #include "types/raw_address.h"
37 #include "types/remote_version_type.h"
38
39 typedef struct {
40 uint16_t min_conn_int;
41 uint16_t max_conn_int;
42 uint16_t peripheral_latency;
43 uint16_t supervision_tout;
44 } tBTM_LE_CONN_PRAMS;
45
46 /* The MSB of the clock offset field indicates whether the offset is valid. */
47 #define BTM_CLOCK_OFFSET_VALID 0x8000
48
49 /*
50 * Define structure for Security Service Record.
51 * A record exists for each service registered with the Security Manager
52 */
53 #define BTM_SEC_OUT_FLAGS (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT)
54 #define BTM_SEC_IN_FLAGS (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT)
55
56 #define BTM_SEC_OUT_LEVEL4_FLAGS \
57 (BTM_SEC_OUT_AUTHENTICATE | BTM_SEC_OUT_ENCRYPT | BTM_SEC_OUT_MITM | BTM_SEC_MODE4_LEVEL4)
58
59 #define BTM_SEC_IN_LEVEL4_FLAGS \
60 (BTM_SEC_IN_AUTHENTICATE | BTM_SEC_IN_ENCRYPT | BTM_SEC_IN_MITM | BTM_SEC_MODE4_LEVEL4)
61 typedef struct {
62 uint32_t mx_proto_id; /* Service runs over this multiplexer protocol */
63 uint32_t orig_mx_chan_id; /* Channel on the multiplexer protocol */
64 uint32_t term_mx_chan_id; /* Channel on the multiplexer protocol */
65 uint16_t psm; /* L2CAP PSM value */
66 uint16_t security_flags; /* Bitmap of required security features */
67 uint8_t service_id; /* Passed in authorization callback */
68 uint8_t orig_service_name[BT_MAX_SERVICE_NAME_LEN + 1];
69 uint8_t term_service_name[BT_MAX_SERVICE_NAME_LEN + 1];
70 } tBTM_SEC_SERV_REC;
71
72 /* LE Security information of device in Peripheral Role */
73 typedef struct {
74 Octet16 irk; /* peer diverified identity root */
75 Octet16 pltk; /* peer long term key */
76 Octet16 pcsrk; /* peer SRK peer device used to secured sign local data */
77
78 Octet16 lltk; /* local long term key */
79 Octet16 lcsrk; /* local SRK peer device used to secured sign local data */
80
81 BT_OCTET8 rand; /* random vector for LTK generation */
82 uint16_t ediv; /* LTK diversifier of this peripheral device */
83 uint16_t div; /* local DIV to generate local LTK=d1(ER, DIV, 0) and
84 CSRK=d1(ER, DIV, 1) */
85 uint8_t sec_level; /* local pairing security level */
86 uint8_t key_size; /* key size of the LTK delivered to peer device */
87 uint8_t srk_sec_level; /* security property of peer SRK for this device */
88 uint8_t local_csrk_sec_level; /* security property of local CSRK for this
89 device */
90
91 uint32_t counter; /* peer sign counter for verifying rcv signed cmd */
92 uint32_t local_counter; /* local sign counter for sending signed write cmd*/
93
94 tBTM_LE_KEY_TYPE key_type; /* bit mask of valid key types in record */
95 } tBTM_SEC_BLE_KEYS;
96
97 // TODO: move it to btm_ble_addr.h
98 enum tBLE_RAND_ADDR_TYPE : uint8_t {
99 BTM_BLE_ADDR_PSEUDO = 0,
100 BTM_BLE_ADDR_RRA = 1,
101 BTM_BLE_ADDR_STATIC = 2,
102 };
103
104 class tBTM_BLE_ADDR_INFO {
105 public:
106 RawAddress pseudo_addr; /* LE pseudo address of the device if different from device address */
107 public:
AddressType()108 tBLE_ADDR_TYPE AddressType() const { return ble_addr_type_; }
SetAddressType(tBLE_ADDR_TYPE ble_addr_type)109 void SetAddressType(tBLE_ADDR_TYPE ble_addr_type) {
110 if (is_ble_addr_type_known(ble_addr_type)) {
111 ble_addr_type_ = ble_addr_type;
112 } else {
113 bluetooth::log::error("Unknown address type:0x{:x}", ble_addr_type);
114 }
115 }
116
117 tBLE_BD_ADDR identity_address_with_type;
118
119 #define BTM_RESOLVING_LIST_BIT 0x02
120 uint8_t in_controller_list; /* in controller resolving list or not */
121 uint8_t resolving_list_index;
122 RawAddress cur_rand_addr; /* current random address */
123
124 tBLE_RAND_ADDR_TYPE active_addr_type;
125
126 private:
127 tBLE_ADDR_TYPE ble_addr_type_; /* LE device type: public or random address */
128 };
129
130 enum : uint16_t {
131 BTM_SEC_AUTHENTICATED = 0x0002,
132 BTM_SEC_ENCRYPTED = 0x0004,
133 BTM_SEC_NAME_KNOWN = 0x0008,
134 BTM_SEC_LINK_KEY_KNOWN = 0x0010,
135 BTM_SEC_LINK_KEY_AUTHED = 0x0020,
136 BTM_SEC_ROLE_SWITCHED = 0x0040, // UNUSED - only cleared
137 BTM_SEC_IN_USE = 0x0080, // UNUSED - only set
138 /* LE link security flag */
139 /* LE link is encrypted after pairing with MITM */
140 BTM_SEC_LE_AUTHENTICATED = 0x0200,
141 /* LE link is encrypted */
142 BTM_SEC_LE_ENCRYPTED = 0x0400,
143 /* not used */
144 BTM_SEC_LE_NAME_KNOWN = 0x0800, // UNUSED
145 /* bonded with peer (peer LTK and/or SRK is saved) */
146 BTM_SEC_LE_LINK_KEY_KNOWN = 0x1000,
147 /* pairing is done with MITM */
148 BTM_SEC_LE_LINK_KEY_AUTHED = 0x2000,
149 /* pairing is done with 16 digit pin */
150 BTM_SEC_16_DIGIT_PIN_AUTHED = 0x4000,
151 };
152
153 enum class tSECURITY_STATE : uint8_t {
154 IDLE = 0,
155 AUTHENTICATING = 1,
156 ENCRYPTING = 2,
157 GETTING_NAME = 3,
158 AUTHORIZING = 4,
159 SWITCHING_ROLE = 5,
160 /* disconnecting BR/EDR */
161 DISCONNECTING = 6,
162 /* delay to check for encryption to work around */
163 /* controller problems */
164 DELAY_FOR_ENC = 7,
165 };
166
security_state_text(const tSECURITY_STATE & state)167 static inline std::string security_state_text(const tSECURITY_STATE& state) {
168 switch (state) {
169 CASE_RETURN_STRING(tSECURITY_STATE::IDLE);
170 CASE_RETURN_STRING(tSECURITY_STATE::AUTHENTICATING);
171 CASE_RETURN_STRING(tSECURITY_STATE::ENCRYPTING);
172 CASE_RETURN_STRING(tSECURITY_STATE::GETTING_NAME);
173 CASE_RETURN_STRING(tSECURITY_STATE::AUTHORIZING);
174 CASE_RETURN_STRING(tSECURITY_STATE::SWITCHING_ROLE);
175 CASE_RETURN_STRING(tSECURITY_STATE::DISCONNECTING);
176 CASE_RETURN_STRING(tSECURITY_STATE::DELAY_FOR_ENC);
177 default:
178 RETURN_UNKNOWN_TYPE_STRING(tSECURITY_STATE, state);
179 }
180 }
181
182 typedef enum : uint8_t {
183 BTM_SM4_UNKNOWN = 0x00,
184 BTM_SM4_KNOWN = 0x10,
185 BTM_SM4_TRUE = 0x11,
186 BTM_SM4_REQ_PEND = 0x08, /* set this bit when getting remote features */
187 BTM_SM4_UPGRADE = 0x04, /* set this bit when upgrading link key */
188 BTM_SM4_RETRY = 0x02, /* set this bit to retry on HCI_ERR_KEY_MISSING or \
189 HCI_ERR_LMP_ERR_TRANS_COLLISION */
190 BTM_SM4_DD_ACP = 0x20, /* set this bit to indicate peer initiated dedicated bonding */
191 BTM_SM4_CONN_PEND = 0x40, /* set this bit to indicate accepting acl conn; to
192 be cleared on \ btm_acl_created */
193 } tBTM_SM4_BIT;
194
195 /*
196 * Define structure for Security Device Record.
197 * A record exists for each device authenticated with this device
198 */
199 struct tBTM_SEC_REC {
200 tSECURITY_STATE classic_link; /* Operating state of Classic link */
201 tSECURITY_STATE le_link; /* Operating state of LE link */
202
203 tHCI_STATUS sec_status; /* Status in encryption change event */
204 uint16_t sec_flags; /* Current device security state */
205
206 uint8_t pin_code_length; /* Length of the pin_code used for pairing */
207 uint32_t required_security_flags_for_pairing;
208 uint16_t security_required; /* Security required for connection */
209 // security callback and its argument
210 tBTM_SEC_CALLBACK* p_callback;
211 void* p_ref_data;
212
213 bool link_key_not_sent; /* link key notification has not been sent waiting for
214 name */
215 tBTM_IO_CAP rmt_io_caps; /* IO capability of the peer device */
216 tBTM_AUTH_REQ rmt_auth_req; /* the auth_req flag as in the IO caps rsp evt */
217 bool new_encryption_key_is_p256; /* Set to true when the newly generated LK
218 ** is generated from P-256.
219 ** Link encrypted with such LK can be used
220 ** for SM over BR/EDR. */
221
222 // BREDR Link Key Info
223 LinkKey link_key; /* Device link key */
224 uint8_t link_key_type; /* Type of key used in pairing */
225 uint8_t enc_key_size; /* current link encryption key size */
226
227 // LE Link Key Info
228 tBTM_SEC_BLE_KEYS ble_keys;
229
230 tBTM_BOND_TYPE bond_type; /* bond type */
231
232 public:
is_device_authenticatedtBTM_SEC_REC233 bool is_device_authenticated() const { return sec_flags & BTM_SEC_AUTHENTICATED; }
set_device_authenticatedtBTM_SEC_REC234 void set_device_authenticated() { sec_flags |= BTM_SEC_AUTHENTICATED; }
reset_device_authenticatedtBTM_SEC_REC235 void reset_device_authenticated() { sec_flags &= ~BTM_SEC_AUTHENTICATED; }
236
is_device_encryptedtBTM_SEC_REC237 bool is_device_encrypted() const { return sec_flags & BTM_SEC_ENCRYPTED; }
set_device_encryptedtBTM_SEC_REC238 void set_device_encrypted() { sec_flags |= BTM_SEC_ENCRYPTED; }
reset_device_encryptedtBTM_SEC_REC239 void reset_device_encrypted() { sec_flags &= ~BTM_SEC_ENCRYPTED; }
240
is_name_knowntBTM_SEC_REC241 bool is_name_known() const { return sec_flags & BTM_SEC_NAME_KNOWN; }
set_device_knowntBTM_SEC_REC242 void set_device_known() { sec_flags |= BTM_SEC_NAME_KNOWN; }
reset_device_knowntBTM_SEC_REC243 void reset_device_known() { sec_flags &= ~BTM_SEC_NAME_KNOWN; }
244
is_link_key_knowntBTM_SEC_REC245 bool is_link_key_known() const { return sec_flags & BTM_SEC_LINK_KEY_KNOWN; }
set_link_key_knowntBTM_SEC_REC246 void set_link_key_known() { sec_flags |= BTM_SEC_LINK_KEY_KNOWN; }
reset_link_key_knowntBTM_SEC_REC247 void reset_link_key_known() { sec_flags &= ~BTM_SEC_LINK_KEY_KNOWN; }
248
is_link_key_authenticatedtBTM_SEC_REC249 bool is_link_key_authenticated() const { return sec_flags & BTM_SEC_LINK_KEY_AUTHED; }
set_link_key_authenticatedtBTM_SEC_REC250 void set_link_key_authenticated() { sec_flags |= BTM_SEC_LINK_KEY_AUTHED; }
reset_link_key_authenticatedtBTM_SEC_REC251 void reset_link_key_authenticated() { sec_flags &= ~BTM_SEC_LINK_KEY_AUTHED; }
252
is_le_device_authenticatedtBTM_SEC_REC253 bool is_le_device_authenticated() const { return sec_flags & BTM_SEC_LE_AUTHENTICATED; }
set_le_device_authenticatedtBTM_SEC_REC254 void set_le_device_authenticated() { sec_flags |= BTM_SEC_LE_AUTHENTICATED; }
reset_le_device_authenticatedtBTM_SEC_REC255 void reset_le_device_authenticated() { sec_flags &= ~BTM_SEC_LE_AUTHENTICATED; }
256
is_le_device_encryptedtBTM_SEC_REC257 bool is_le_device_encrypted() const { return sec_flags & BTM_SEC_LE_ENCRYPTED; }
set_le_device_encryptedtBTM_SEC_REC258 void set_le_device_encrypted() { sec_flags |= BTM_SEC_LE_ENCRYPTED; }
reset_le_device_encryptedtBTM_SEC_REC259 void reset_le_device_encrypted() { sec_flags &= ~BTM_SEC_LE_ENCRYPTED; }
260
is_le_link_key_knowntBTM_SEC_REC261 bool is_le_link_key_known() const { return sec_flags & BTM_SEC_LE_LINK_KEY_KNOWN; }
set_le_link_key_knowntBTM_SEC_REC262 void set_le_link_key_known() { sec_flags |= BTM_SEC_LE_LINK_KEY_KNOWN; }
reset_le_link_key_knowntBTM_SEC_REC263 void reset_le_link_key_known() { sec_flags &= ~BTM_SEC_LE_LINK_KEY_KNOWN; }
264
is_le_link_key_authenticatedtBTM_SEC_REC265 bool is_le_link_key_authenticated() const { return sec_flags & BTM_SEC_LE_LINK_KEY_AUTHED; }
set_le_link_key_authenticatedtBTM_SEC_REC266 void set_le_link_key_authenticated() { sec_flags |= BTM_SEC_LE_LINK_KEY_AUTHED; }
reset_le_link_key_authenticatedtBTM_SEC_REC267 void reset_le_link_key_authenticated() { sec_flags &= ~BTM_SEC_LE_LINK_KEY_AUTHED; }
268
is_le_link_16_digit_key_authenticatedtBTM_SEC_REC269 bool is_le_link_16_digit_key_authenticated() const {
270 return sec_flags & BTM_SEC_16_DIGIT_PIN_AUTHED;
271 }
set_le_link_16_digit_key_authenticatedtBTM_SEC_REC272 void set_le_link_16_digit_key_authenticated() { sec_flags |= BTM_SEC_16_DIGIT_PIN_AUTHED; }
reset_le_link_16_digit_key_authenticatedtBTM_SEC_REC273 void reset_le_link_16_digit_key_authenticated() { sec_flags &= ~BTM_SEC_16_DIGIT_PIN_AUTHED; }
274
is_security_state_bredr_encryptingtBTM_SEC_REC275 bool is_security_state_bredr_encrypting() const {
276 return classic_link == tSECURITY_STATE::ENCRYPTING;
277 }
is_security_state_le_encryptingtBTM_SEC_REC278 bool is_security_state_le_encrypting() const { return le_link == tSECURITY_STATE::ENCRYPTING; }
is_security_state_encryptingtBTM_SEC_REC279 bool is_security_state_encrypting() const {
280 return is_security_state_bredr_encrypting() || is_security_state_le_encrypting();
281 }
is_security_state_getting_nametBTM_SEC_REC282 bool is_security_state_getting_name() const {
283 return classic_link == tSECURITY_STATE::GETTING_NAME;
284 }
285
is_bond_type_unknowntBTM_SEC_REC286 bool is_bond_type_unknown() const { return bond_type == BOND_TYPE_UNKNOWN; }
is_bond_type_persistenttBTM_SEC_REC287 bool is_bond_type_persistent() const { return bond_type == BOND_TYPE_PERSISTENT; }
is_bond_type_temporarytBTM_SEC_REC288 bool is_bond_type_temporary() const { return bond_type == BOND_TYPE_TEMPORARY; }
289
get_encryption_key_sizetBTM_SEC_REC290 uint8_t get_encryption_key_size() const { return enc_key_size; }
291
292 void increment_sign_counter(bool local);
293
ToStringtBTM_SEC_REC294 std::string ToString() const {
295 return base::StringPrintf(
296 "bredr_linkkey_known:%c,le_linkkey_known:%c,"
297 "bond_type:%s,"
298 "bredr_linkkey_type:%s,"
299 "ble_enc_key_size:%d,"
300 "bredr_authenticated:%c,le_authenticated:%c,"
301 "16_digit_key_authenticated:%c,"
302 "bredr_encrypted:%c,le_encrypted:%c",
303 is_link_key_known() ? 'T' : 'F', is_le_link_key_known() ? 'T' : 'F',
304 bond_type_text(bond_type).c_str(), linkkey_type_text(link_key_type).c_str(),
305 enc_key_size, is_device_authenticated() ? 'T' : 'F',
306 is_le_device_authenticated() ? 'T' : 'F',
307 is_le_link_16_digit_key_authenticated() ? 'T' : 'F', is_device_encrypted() ? 'T' : 'F',
308 is_le_device_encrypted() ? 'T' : 'F');
309 }
310 };
311
312 class tBTM_SEC_DEV_REC {
313 public:
RemoteAddress()314 RawAddress RemoteAddress() const { return bd_addr; }
315
316 /* Data length extension */
set_suggested_tx_octect(uint16_t octets)317 void set_suggested_tx_octect(uint16_t octets) { suggested_tx_octets = octets; }
318
get_suggested_tx_octets()319 uint16_t get_suggested_tx_octets() const { return suggested_tx_octets; }
IsLocallyInitiated()320 bool IsLocallyInitiated() const { return is_originator; }
321
get_br_edr_hci_handle()322 uint16_t get_br_edr_hci_handle() const { return hci_handle; }
get_ble_hci_handle()323 uint16_t get_ble_hci_handle() const { return ble_hci_handle; }
324
is_device_type_br_edr()325 bool is_device_type_br_edr() const { return device_type == BT_DEVICE_TYPE_BREDR; }
is_device_type_ble()326 bool is_device_type_ble() const { return device_type == BT_DEVICE_TYPE_BLE; }
is_device_type_dual_mode()327 bool is_device_type_dual_mode() const { return device_type == BT_DEVICE_TYPE_DUMO; }
328
is_device_type_has_ble()329 bool is_device_type_has_ble() const { return device_type & BT_DEVICE_TYPE_BLE; }
330
SupportsSecureConnections()331 bool SupportsSecureConnections() const { return remote_supports_secure_connections; }
332
ToString()333 std::string ToString() const {
334 return base::StringPrintf(
335 "%s %6s cod:%s remote_info:%-14s sm4:0x%02x SecureConn:%c name:\"%s\""
336 "sec_prop:%s",
337 ADDRESS_TO_LOGGABLE_CSTR(bd_addr), DeviceTypeText(device_type).c_str(),
338 dev_class_text(dev_class).c_str(), remote_version_info.ToString().c_str(), sm4,
339 (remote_supports_secure_connections) ? 'T' : 'F',
340 PRIVATE_NAME(reinterpret_cast<char const*>(sec_bd_name)), sec_rec.ToString().c_str());
341 }
342
343 public:
344 RawAddress bd_addr; /* BD_ADDR of the device */
345 tBTM_BLE_ADDR_INFO ble;
346 BD_NAME sec_bd_name; /* User friendly name of the device. (may be
347 truncated to save space in dev_rec table) */
348 DEV_CLASS dev_class; /* DEV_CLASS of the device */
349 tBT_DEVICE_TYPE device_type;
350
351 uint32_t timestamp; /* Timestamp of the last connection */
352 uint16_t hci_handle; /* Handle to BR/EDR ACL connection when exists */
353 uint16_t ble_hci_handle; /* use in DUMO connection */
354
355 uint16_t suggested_tx_octets; /* Recently suggested tx octets for data length extension */
356 uint16_t clock_offset; /* Latest known clock offset */
357
358 // whether the peer device can read GAP characteristics only visible in
359 // "discoverable" mode
360 bool can_read_discoverable{true};
361
362 bool remote_features_needed; /* set to true if the local device is in */
363 /* "Secure Connections Only" mode and it receives */
364 /* HCI_IO_CAPABILITY_REQUEST_EVT from the peer before */
365 /* it knows peer's support for Secure Connections */
366 uint8_t sm4; /* BTM_SM4_TRUE, if the peer supports SM4 */
367 bool remote_supports_hci_role_switch = false;
368 bool remote_supports_bredr;
369 bool remote_supports_ble;
370 bool remote_supports_secure_connections;
371 bool remote_feature_received = false;
372
373 tREMOTE_VERSION_INFO remote_version_info;
374
375 bool role_central; /* true if current mode is central (BLE) */
376 bool is_originator; /* true if device is originating ACL connection */
377
378 // BLE connection parameters
379 tBTM_LE_CONN_PRAMS conn_params;
380 // security related properties
381 tBTM_SEC_REC sec_rec;
382 };
383
384 namespace std {
385 template <>
386 struct formatter<tSECURITY_STATE> : string_formatter<tSECURITY_STATE, &security_state_text> {};
387 template <>
388 struct formatter<tBLE_RAND_ADDR_TYPE> : enum_formatter<tBLE_RAND_ADDR_TYPE> {};
389 } // namespace std
390