Merge changes from topic "gd_security_shim" am: bcd0bef4dd am: b8cd9d1102 am:... (41455cf6) · Commits · e / os / android_packages_modules_Bluetooth

system/gd/security/cert/security_test.py

+4 −8

Original line number	Original line	Diff line number	Diff line
	@@ -65,14 +65,10 @@ class SecurityTest(GdBaseTestClass):
	IoCapabilities.NO_INPUT_NO_OUTPUT)		IoCapabilities.NO_INPUT_NO_OUTPUT)

	# Possible Authentication Requirements		# Possible Authentication Requirements
	auth_reqs = (		auth_reqs = (AuthenticationRequirements.NO_BONDING, AuthenticationRequirements.NO_BONDING_MITM_PROTECTION,
	AuthenticationRequirements.NO_BONDING,
	# TODO(optedoblivion): Figure out MITM cases
	AuthenticationRequirements.NO_BONDING_MITM_PROTECTION,
	AuthenticationRequirements.DEDICATED_BONDING,		AuthenticationRequirements.DEDICATED_BONDING,
	AuthenticationRequirements.DEDICATED_BONDING_MITM_PROTECTION,		AuthenticationRequirements.DEDICATED_BONDING_MITM_PROTECTION,
	AuthenticationRequirements.GENERAL_BONDING,		AuthenticationRequirements.GENERAL_BONDING, AuthenticationRequirements.GENERAL_BONDING_MITM_PROTECTION)
	AuthenticationRequirements.GENERAL_BONDING_MITM_PROTECTION)

	# Possible Out-of-Band data options		# Possible Out-of-Band data options
	oob_present = (		oob_present = (

system/gd/security/facade.cc

+14 −5

Original line number	Original line	Diff line number	Diff line
	@@ -339,8 +339,10 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
	ui_events_.OnIncomingEvent(display_yes_no);		ui_events_.OnIncomingEvent(display_yes_no);
	}		}

	virtual void DisplayConfirmValue(const bluetooth::hci::AddressWithType& peer, std::string name,		virtual void DisplayConfirmValue(ConfirmationData data) {
	uint32_t numeric_value) {		const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
			std::string name = data.GetName();
			uint32_t numeric_value = data.GetNumericValue();
	LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), numeric_value);		LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), numeric_value);
	UiMsg display_with_value;		UiMsg display_with_value;
	*display_with_value.mutable_peer() = ToFacadeAddressWithType(peer);		*display_with_value.mutable_peer() = ToFacadeAddressWithType(peer);
	@@ -350,7 +352,9 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
	ui_events_.OnIncomingEvent(display_with_value);		ui_events_.OnIncomingEvent(display_with_value);
	}		}

	void DisplayYesNoDialog(const bluetooth::hci::AddressWithType& peer, std::string name) override {		void DisplayYesNoDialog(ConfirmationData data) override {
			const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
			std::string name = data.GetName();
	LOG_INFO("%s", peer.ToString().c_str());		LOG_INFO("%s", peer.ToString().c_str());
	UiMsg display_yes_no;		UiMsg display_yes_no;
	*display_yes_no.mutable_peer() = ToFacadeAddressWithType(peer);		*display_yes_no.mutable_peer() = ToFacadeAddressWithType(peer);
	@@ -359,7 +363,10 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
	ui_events_.OnIncomingEvent(display_yes_no);		ui_events_.OnIncomingEvent(display_yes_no);
	}		}

	void DisplayPasskey(const bluetooth::hci::AddressWithType& peer, std::string name, uint32_t passkey) override {		void DisplayPasskey(ConfirmationData data) override {
			const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
			std::string name = data.GetName();
			uint32_t passkey = data.GetNumericValue();
	LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), passkey);		LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), passkey);
	UiMsg display_passkey;		UiMsg display_passkey;
	*display_passkey.mutable_peer() = ToFacadeAddressWithType(peer);		*display_passkey.mutable_peer() = ToFacadeAddressWithType(peer);
	@@ -369,7 +376,9 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
	ui_events_.OnIncomingEvent(display_passkey);		ui_events_.OnIncomingEvent(display_passkey);
	}		}

	void DisplayEnterPasskeyDialog(const bluetooth::hci::AddressWithType& peer, std::string name) override {		void DisplayEnterPasskeyDialog(ConfirmationData data) override {
			const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
			std::string name = data.GetName();
	LOG_INFO("%s", peer.ToString().c_str());		LOG_INFO("%s", peer.ToString().c_str());
	UiMsg display_passkey_input;		UiMsg display_passkey_input;
	*display_passkey_input.mutable_peer() = ToFacadeAddressWithType(peer);		*display_passkey_input.mutable_peer() = ToFacadeAddressWithType(peer);

system/gd/security/pairing/classic_pairing_handler.cc

+22 −10

Original line number	Original line	Diff line number	Diff line
	@@ -26,26 +26,38 @@ namespace pairing {

	void ClassicPairingHandler::NotifyUiDisplayYesNo(uint32_t numeric_value) {		void ClassicPairingHandler::NotifyUiDisplayYesNo(uint32_t numeric_value) {
	ASSERT(user_interface_handler_ != nullptr);		ASSERT(user_interface_handler_ != nullptr);
	user_interface_handler_->CallOn(		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_, numeric_value);
	user_interface_, &UI::DisplayConfirmValue, *GetRecord()->GetPseudoAddress(), device_name_, numeric_value);		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
			data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
			data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
			user_interface_handler_->CallOn(user_interface_, &UI::DisplayConfirmValue, data);
	}		}

	void ClassicPairingHandler::NotifyUiDisplayYesNo() {		void ClassicPairingHandler::NotifyUiDisplayYesNo() {
	ASSERT(user_interface_handler_ != nullptr);		ASSERT(user_interface_handler_ != nullptr);
	user_interface_handler_->CallOn(		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_);
	user_interface_, &UI::DisplayYesNoDialog, *GetRecord()->GetPseudoAddress(), device_name_);		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
			data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
			data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
			user_interface_handler_->CallOn(user_interface_, &UI::DisplayYesNoDialog, data);
	}		}

	void ClassicPairingHandler::NotifyUiDisplayPasskey(uint32_t passkey) {		void ClassicPairingHandler::NotifyUiDisplayPasskey(uint32_t passkey) {
	ASSERT(user_interface_handler_ != nullptr);		ASSERT(user_interface_handler_ != nullptr);
	user_interface_handler_->CallOn(		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_, passkey);
	user_interface_, &UI::DisplayPasskey, *GetRecord()->GetPseudoAddress(), device_name_, passkey);		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
			data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
			data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
			user_interface_handler_->CallOn(user_interface_, &UI::DisplayPasskey, data);
	}		}

	void ClassicPairingHandler::NotifyUiDisplayPasskeyInput() {		void ClassicPairingHandler::NotifyUiDisplayPasskeyInput() {
	ASSERT(user_interface_handler_ != nullptr);		ASSERT(user_interface_handler_ != nullptr);
	user_interface_handler_->CallOn(		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_);
	user_interface_, &UI::DisplayEnterPasskeyDialog, *GetRecord()->GetPseudoAddress(), device_name_);		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
			data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
			data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
			user_interface_handler_->CallOn(user_interface_, &UI::DisplayEnterPasskeyDialog, data);
	}		}

	void ClassicPairingHandler::NotifyUiDisplayCancel() {		void ClassicPairingHandler::NotifyUiDisplayCancel() {
	@@ -54,7 +66,8 @@ void ClassicPairingHandler::NotifyUiDisplayCancel() {
	}		}

	void ClassicPairingHandler::OnPairingPromptAccepted(const bluetooth::hci::AddressWithType& address, bool confirmed) {		void ClassicPairingHandler::OnPairingPromptAccepted(const bluetooth::hci::AddressWithType& address, bool confirmed) {
	LOG_WARN("TODO Not Implemented!");		// NOTE: This is not used by Classic, only by LE
			LOG_ALWAYS_FATAL("This is not supported by Classic Pairing Handler, only LE");
	}		}

	void ClassicPairingHandler::OnConfirmYesNo(const bluetooth::hci::AddressWithType& address, bool confirmed) {		void ClassicPairingHandler::OnConfirmYesNo(const bluetooth::hci::AddressWithType& address, bool confirmed) {
	@@ -179,7 +192,6 @@ void ClassicPairingHandler::OnReceive(hci::IoCapabilityResponseView packet) {
	LOG_INFO("Received: %s", hci::EventCodeText(packet.GetEventCode()).c_str());		LOG_INFO("Received: %s", hci::EventCodeText(packet.GetEventCode()).c_str());
	ASSERT_LOG(GetRecord()->GetPseudoAddress()->GetAddress() == packet.GetBdAddr(), "Address mismatch");		ASSERT_LOG(GetRecord()->GetPseudoAddress()->GetAddress() == packet.GetBdAddr(), "Address mismatch");

	// Using local variable until device database pointer is ready
	remote_io_capability_ = packet.GetIoCapability();		remote_io_capability_ = packet.GetIoCapability();
	remote_authentication_requirements_ = packet.GetAuthenticationRequirements();		remote_authentication_requirements_ = packet.GetAuthenticationRequirements();
	remote_oob_present_ = packet.GetOobDataPresent();		remote_oob_present_ = packet.GetOobDataPresent();

system/gd/security/pairing_handler_le_legacy.cc

+7 −6

Original line number	Original line	Diff line number	Diff line
	@@ -93,12 +93,13 @@ LegacyStage1ResultOrFailure PairingHandlerLe::LegacyPasskeyEntry(const InitialIn
	constexpr uint32_t PASSKEY_MAX = 999999;		constexpr uint32_t PASSKEY_MAX = 999999;
	if (passkey > PASSKEY_MAX) passkey >>= 1;		if (passkey > PASSKEY_MAX) passkey >>= 1;

	i.user_interface_handler->Post(common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface),		ConfirmationData data(i.remote_connection_address, i.remote_name, passkey);
	i.remote_connection_address, i.remote_name, passkey));		i.user_interface_handler->Post(
			common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface), data));
	} else {		} else {
	i.user_interface_handler->Post(common::BindOnce(&UI::DisplayEnterPasskeyDialog,		ConfirmationData data(i.remote_connection_address, i.remote_name);
	common::Unretained(i.user_interface), i.remote_connection_address,		i.user_interface_handler->Post(
	i.remote_name));		common::BindOnce(&UI::DisplayEnterPasskeyDialog, common::Unretained(i.user_interface), data));
	std::optional<PairingEvent> response = WaitUiPasskey();		std::optional<PairingEvent> response = WaitUiPasskey();
	if (!response) return PairingFailure("Passkey did not arrive!");		if (!response) return PairingFailure("Passkey did not arrive!");

system/gd/security/pairing_handler_le_secure_connections.cc

+9 −8

Original line number	Original line	Diff line number	Diff line
	@@ -288,13 +288,13 @@ Stage1ResultOrFailure PairingHandlerLe::SecureConnectionsPasskeyEntry(const Init
	constexpr uint32_t PASSKEY_MAX = 999999;		constexpr uint32_t PASSKEY_MAX = 999999;
	while (passkey > PASSKEY_MAX) passkey >>= 1;		while (passkey > PASSKEY_MAX) passkey >>= 1;

	i.user_interface_handler->Post(common::BindOnce(&UI::DisplayPasskey, common::Unretained(i.user_interface),		ConfirmationData data(i.remote_connection_address, i.remote_name, passkey);
	i.remote_connection_address, i.remote_name, passkey));		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayPasskey, common::Unretained(i.user_interface), data));

	} else if (my_iocaps == IoCapability::KEYBOARD_ONLY \|\| remote_iocaps == IoCapability::DISPLAY_ONLY) {		} else if (my_iocaps == IoCapability::KEYBOARD_ONLY \|\| remote_iocaps == IoCapability::DISPLAY_ONLY) {
	i.user_interface_handler->Post(common::BindOnce(&UI::DisplayEnterPasskeyDialog,		ConfirmationData data(i.remote_connection_address, i.remote_name);
	common::Unretained(i.user_interface), i.remote_connection_address,		i.user_interface_handler->Post(
	i.remote_name));		common::BindOnce(&UI::DisplayEnterPasskeyDialog, common::Unretained(i.user_interface), data));
	std::optional<PairingEvent> response = WaitUiPasskey();		std::optional<PairingEvent> response = WaitUiPasskey();
	if (!response) return PairingFailure("Passkey did not arrive!");		if (!response) return PairingFailure("Passkey did not arrive!");

	@@ -409,8 +409,9 @@ Stage1ResultOrFailure PairingHandlerLe::SecureConnectionsNumericComparison(const

	uint32_t number_to_display = crypto_toolbox::g2((uint8_t)PKa.x.data(), (uint8_t)PKb.x.data(), Na, Nb);		uint32_t number_to_display = crypto_toolbox::g2((uint8_t)PKa.x.data(), (uint8_t)PKb.x.data(), Na, Nb);

	i.user_interface_handler->Post(common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface),		ConfirmationData data(i.remote_connection_address, i.remote_name, number_to_display);
	i.remote_connection_address, i.remote_name, number_to_display));		i.user_interface_handler->Post(
			common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface), data));

	std::optional<PairingEvent> confirmyesno = WaitUiConfirmYesNo();		std::optional<PairingEvent> confirmyesno = WaitUiConfirmYesNo();
	if (!confirmyesno \|\| confirmyesno->ui_value == 0) {		if (!confirmyesno \|\| confirmyesno->ui_value == 0) {