Loading system/gd/security/cert/le_security_test.py +9 −2 Original line number Diff line number Diff line Loading @@ -27,6 +27,7 @@ from datetime import timedelta from facade import common_pb2 as common from hci.facade import controller_facade_pb2 as controller_facade from hci.facade import le_advertising_manager_facade_pb2 as le_advertising_facade from hci.facade import le_initiator_address_facade_pb2 as le_initiator_address_facade from google.protobuf import empty_pb2 as empty_proto from neighbor.facade import facade_pb2 as neighbor_facade from security.cert.cert_security import CertSecurity Loading Loading @@ -60,10 +61,16 @@ class LeSecurityTest(GdBaseTestClass): self.dut_address = common.BluetoothAddressWithType( address=common.BluetoothAddress(address=bytes(b'DD:05:04:03:02:01')), type=common.RANDOM_DEVICE_ADDRESS) self.dut.security.SetLeInitiatorAddress(self.dut_address) privacy_policy = le_initiator_address_facade.PrivacyPolicy( address_policy=le_initiator_address_facade.AddressPolicy.USE_STATIC_ADDRESS, address_with_type=self.dut_address) self.dut.security.SetLeInitiatorAddressPolicy(privacy_policy) self.cert_address = common.BluetoothAddressWithType( address=common.BluetoothAddress(address=bytes(b'C5:11:FF:AA:33:22')), type=common.RANDOM_DEVICE_ADDRESS) self.cert.security.SetLeInitiatorAddress(self.cert_address) cert_privacy_policy = le_initiator_address_facade.PrivacyPolicy( address_policy=le_initiator_address_facade.AddressPolicy.USE_STATIC_ADDRESS, address_with_type=self.cert_address) self.cert.security.SetLeInitiatorAddressPolicy(cert_privacy_policy) def teardown_test(self): self.dut_hci.close() Loading system/gd/security/facade.cc +22 −8 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ #include "grpc/grpc_event_queue.h" #include "hci/address_with_type.h" #include "hci/le_address_manager.h" #include "l2cap/classic/security_policy.h" #include "os/handler.h" #include "security/facade.grpc.pb.h" Loading Loading @@ -143,14 +144,27 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public return ::grpc::Status::OK; } ::grpc::Status SetLeInitiatorAddress( ::grpc::ServerContext* context, const facade::BluetoothAddressWithType* request, ::google::protobuf::Empty* response) override { hci::Address peer; ASSERT(hci::Address::FromString(request->address().address(), peer)); hci::AddressType peer_type = static_cast<hci::AddressType>(request->type()); security_module_->GetSecurityManager()->SetLeInitiatorAddress(hci::AddressWithType(peer, peer_type)); ::grpc::Status SetLeInitiatorAddressPolicy( ::grpc::ServerContext* context, const hci::PrivacyPolicy* request, ::google::protobuf::Empty* response) override { Address address = Address::kEmpty; hci::LeAddressManager::AddressPolicy address_policy = static_cast<hci::LeAddressManager::AddressPolicy>(request->address_policy()); if (address_policy == hci::LeAddressManager::AddressPolicy::USE_STATIC_ADDRESS) { ASSERT(Address::FromString(request->address_with_type().address().address(), address)); } hci::AddressWithType address_with_type(address, static_cast<hci::AddressType>(request->address_with_type().type())); crypto_toolbox::Octet16 irk = {}; auto request_irk_length = request->rotation_irk().end() - request->rotation_irk().begin(); if (request_irk_length == crypto_toolbox::OCTET16_LEN) { std::vector<uint8_t> irk_data(request->rotation_irk().begin(), request->rotation_irk().end()); std::copy_n(irk_data.begin(), crypto_toolbox::OCTET16_LEN, irk.begin()); } else { ASSERT(request_irk_length == 0); } auto minimum_rotation_time = std::chrono::milliseconds(request->minimum_rotation_time()); auto maximum_rotation_time = std::chrono::milliseconds(request->maximum_rotation_time()); security_module_->GetSecurityManager()->SetLeInitiatorAddressPolicy( address_policy, address_with_type, irk, minimum_rotation_time, maximum_rotation_time); return ::grpc::Status::OK; } Loading system/gd/security/facade.proto +2 −1 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ package bluetooth.security; import "google/protobuf/empty.proto"; import "facade/common.proto"; import "l2cap/classic/facade.proto"; import "hci/facade/le_initiator_address_facade.proto"; service SecurityModuleFacade { rpc CreateBond(facade.BluetoothAddressWithType) returns (google.protobuf.Empty) {} Loading @@ -16,7 +17,7 @@ service SecurityModuleFacade { rpc SetOobDataPresent(OobDataMessage) returns (google.protobuf.Empty) {} rpc SetLeIoCapability(LeIoCapabilityMessage) returns (google.protobuf.Empty) {} rpc SetLeAuthReq(LeAuthReqMsg) returns (google.protobuf.Empty) {} rpc SetLeInitiatorAddress(facade.BluetoothAddressWithType) returns (google.protobuf.Empty) {} rpc SetLeInitiatorAddressPolicy(hci.PrivacyPolicy) returns (google.protobuf.Empty) {} rpc SendUiCallback(UiCallbackMsg) returns (google.protobuf.Empty) {} rpc FetchUiEvents(google.protobuf.Empty) returns (stream UiMsg) {} rpc FetchBondEvents(google.protobuf.Empty) returns (stream BondMsg) {} Loading system/gd/security/internal/security_manager_impl.cc +7 −6 Original line number Diff line number Diff line Loading @@ -118,13 +118,14 @@ void SecurityManagerImpl::SetUserInterfaceHandler(UI* user_interface, os::Handle user_interface_handler_ = handler; } void SecurityManagerImpl::SetLeInitiatorAddress(hci::AddressWithType address) { void SecurityManagerImpl::SetLeInitiatorAddressPolicy( hci::LeAddressManager::AddressPolicy address_policy, hci::AddressWithType fixed_address, crypto_toolbox::Octet16 rotation_irk, std::chrono::milliseconds minimum_rotation_time, std::chrono::milliseconds maximum_rotation_time) { acl_manager_->SetPrivacyPolicyForInitiatorAddress( hci::LeAddressManager::AddressPolicy::USE_STATIC_ADDRESS, address, crypto_toolbox::Octet16{}, std::chrono::milliseconds{0}, std::chrono::milliseconds{0}); address_policy, fixed_address, rotation_irk, minimum_rotation_time, maximum_rotation_time); } void SecurityManagerImpl::RegisterCallbackListener(ISecurityManagerListener* listener, os::Handler* handler) { Loading system/gd/security/internal/security_manager_impl.h +7 −2 Original line number Diff line number Diff line Loading @@ -115,9 +115,14 @@ class SecurityManagerImpl : public channel::ISecurityManagerChannelListener, pub void SetUserInterfaceHandler(UI* user_interface, os::Handler* handler); /** * Specify the initiator address used for LE transport, used for tests only. * Specify the initiator address policy used for LE transport. Can only be called once. */ void SetLeInitiatorAddress(hci::AddressWithType address); void SetLeInitiatorAddressPolicy( hci::LeAddressManager::AddressPolicy address_policy, hci::AddressWithType fixed_address, crypto_toolbox::Octet16 rotation_irk, std::chrono::milliseconds minimum_rotation_time, std::chrono::milliseconds maximum_rotation_time); /** * Register to listen for callback events from SecurityManager Loading Loading
system/gd/security/cert/le_security_test.py +9 −2 Original line number Diff line number Diff line Loading @@ -27,6 +27,7 @@ from datetime import timedelta from facade import common_pb2 as common from hci.facade import controller_facade_pb2 as controller_facade from hci.facade import le_advertising_manager_facade_pb2 as le_advertising_facade from hci.facade import le_initiator_address_facade_pb2 as le_initiator_address_facade from google.protobuf import empty_pb2 as empty_proto from neighbor.facade import facade_pb2 as neighbor_facade from security.cert.cert_security import CertSecurity Loading Loading @@ -60,10 +61,16 @@ class LeSecurityTest(GdBaseTestClass): self.dut_address = common.BluetoothAddressWithType( address=common.BluetoothAddress(address=bytes(b'DD:05:04:03:02:01')), type=common.RANDOM_DEVICE_ADDRESS) self.dut.security.SetLeInitiatorAddress(self.dut_address) privacy_policy = le_initiator_address_facade.PrivacyPolicy( address_policy=le_initiator_address_facade.AddressPolicy.USE_STATIC_ADDRESS, address_with_type=self.dut_address) self.dut.security.SetLeInitiatorAddressPolicy(privacy_policy) self.cert_address = common.BluetoothAddressWithType( address=common.BluetoothAddress(address=bytes(b'C5:11:FF:AA:33:22')), type=common.RANDOM_DEVICE_ADDRESS) self.cert.security.SetLeInitiatorAddress(self.cert_address) cert_privacy_policy = le_initiator_address_facade.PrivacyPolicy( address_policy=le_initiator_address_facade.AddressPolicy.USE_STATIC_ADDRESS, address_with_type=self.cert_address) self.cert.security.SetLeInitiatorAddressPolicy(cert_privacy_policy) def teardown_test(self): self.dut_hci.close() Loading
system/gd/security/facade.cc +22 −8 Original line number Diff line number Diff line Loading @@ -17,6 +17,7 @@ #include "grpc/grpc_event_queue.h" #include "hci/address_with_type.h" #include "hci/le_address_manager.h" #include "l2cap/classic/security_policy.h" #include "os/handler.h" #include "security/facade.grpc.pb.h" Loading Loading @@ -143,14 +144,27 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public return ::grpc::Status::OK; } ::grpc::Status SetLeInitiatorAddress( ::grpc::ServerContext* context, const facade::BluetoothAddressWithType* request, ::google::protobuf::Empty* response) override { hci::Address peer; ASSERT(hci::Address::FromString(request->address().address(), peer)); hci::AddressType peer_type = static_cast<hci::AddressType>(request->type()); security_module_->GetSecurityManager()->SetLeInitiatorAddress(hci::AddressWithType(peer, peer_type)); ::grpc::Status SetLeInitiatorAddressPolicy( ::grpc::ServerContext* context, const hci::PrivacyPolicy* request, ::google::protobuf::Empty* response) override { Address address = Address::kEmpty; hci::LeAddressManager::AddressPolicy address_policy = static_cast<hci::LeAddressManager::AddressPolicy>(request->address_policy()); if (address_policy == hci::LeAddressManager::AddressPolicy::USE_STATIC_ADDRESS) { ASSERT(Address::FromString(request->address_with_type().address().address(), address)); } hci::AddressWithType address_with_type(address, static_cast<hci::AddressType>(request->address_with_type().type())); crypto_toolbox::Octet16 irk = {}; auto request_irk_length = request->rotation_irk().end() - request->rotation_irk().begin(); if (request_irk_length == crypto_toolbox::OCTET16_LEN) { std::vector<uint8_t> irk_data(request->rotation_irk().begin(), request->rotation_irk().end()); std::copy_n(irk_data.begin(), crypto_toolbox::OCTET16_LEN, irk.begin()); } else { ASSERT(request_irk_length == 0); } auto minimum_rotation_time = std::chrono::milliseconds(request->minimum_rotation_time()); auto maximum_rotation_time = std::chrono::milliseconds(request->maximum_rotation_time()); security_module_->GetSecurityManager()->SetLeInitiatorAddressPolicy( address_policy, address_with_type, irk, minimum_rotation_time, maximum_rotation_time); return ::grpc::Status::OK; } Loading
system/gd/security/facade.proto +2 −1 Original line number Diff line number Diff line Loading @@ -5,6 +5,7 @@ package bluetooth.security; import "google/protobuf/empty.proto"; import "facade/common.proto"; import "l2cap/classic/facade.proto"; import "hci/facade/le_initiator_address_facade.proto"; service SecurityModuleFacade { rpc CreateBond(facade.BluetoothAddressWithType) returns (google.protobuf.Empty) {} Loading @@ -16,7 +17,7 @@ service SecurityModuleFacade { rpc SetOobDataPresent(OobDataMessage) returns (google.protobuf.Empty) {} rpc SetLeIoCapability(LeIoCapabilityMessage) returns (google.protobuf.Empty) {} rpc SetLeAuthReq(LeAuthReqMsg) returns (google.protobuf.Empty) {} rpc SetLeInitiatorAddress(facade.BluetoothAddressWithType) returns (google.protobuf.Empty) {} rpc SetLeInitiatorAddressPolicy(hci.PrivacyPolicy) returns (google.protobuf.Empty) {} rpc SendUiCallback(UiCallbackMsg) returns (google.protobuf.Empty) {} rpc FetchUiEvents(google.protobuf.Empty) returns (stream UiMsg) {} rpc FetchBondEvents(google.protobuf.Empty) returns (stream BondMsg) {} Loading
system/gd/security/internal/security_manager_impl.cc +7 −6 Original line number Diff line number Diff line Loading @@ -118,13 +118,14 @@ void SecurityManagerImpl::SetUserInterfaceHandler(UI* user_interface, os::Handle user_interface_handler_ = handler; } void SecurityManagerImpl::SetLeInitiatorAddress(hci::AddressWithType address) { void SecurityManagerImpl::SetLeInitiatorAddressPolicy( hci::LeAddressManager::AddressPolicy address_policy, hci::AddressWithType fixed_address, crypto_toolbox::Octet16 rotation_irk, std::chrono::milliseconds minimum_rotation_time, std::chrono::milliseconds maximum_rotation_time) { acl_manager_->SetPrivacyPolicyForInitiatorAddress( hci::LeAddressManager::AddressPolicy::USE_STATIC_ADDRESS, address, crypto_toolbox::Octet16{}, std::chrono::milliseconds{0}, std::chrono::milliseconds{0}); address_policy, fixed_address, rotation_irk, minimum_rotation_time, maximum_rotation_time); } void SecurityManagerImpl::RegisterCallbackListener(ISecurityManagerListener* listener, os::Handler* handler) { Loading
system/gd/security/internal/security_manager_impl.h +7 −2 Original line number Diff line number Diff line Loading @@ -115,9 +115,14 @@ class SecurityManagerImpl : public channel::ISecurityManagerChannelListener, pub void SetUserInterfaceHandler(UI* user_interface, os::Handler* handler); /** * Specify the initiator address used for LE transport, used for tests only. * Specify the initiator address policy used for LE transport. Can only be called once. */ void SetLeInitiatorAddress(hci::AddressWithType address); void SetLeInitiatorAddressPolicy( hci::LeAddressManager::AddressPolicy address_policy, hci::AddressWithType fixed_address, crypto_toolbox::Octet16 rotation_irk, std::chrono::milliseconds minimum_rotation_time, std::chrono::milliseconds maximum_rotation_time); /** * Register to listen for callback events from SecurityManager Loading
