Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 65e5d548 authored by Jakub Pawlowski's avatar Jakub Pawlowski Committed by Android (Google) Code Review
Browse files

Merge changes from topic 'ble_oob_sc_mr2' into nyc-mr2-dev

* changes:
  Fix incorrect check for empty out-of-band pairing data
  BLE OOB Pairing - parse address type (1/5)
  Add LE Secure Connection data parsing (3/4)
parents f8a7ac8f 89842950
Loading
Loading
Loading
Loading
+5 −0
Original line number Diff line number Diff line
@@ -4383,6 +4383,11 @@ static UINT8 bta_dm_ble_smp_cback (tBTM_LE_EVT event, BD_ADDR bda, tBTM_LE_EVT_D
            bta_dm_cb.p_sec_cback(BTA_DM_BLE_NC_REQ_EVT, &sec_event);
            break;

        case BTM_LE_SC_OOB_REQ_EVT:
            bdcpy(sec_event.ble_req.bd_addr, bda);
            bta_dm_cb.p_sec_cback(BTA_DM_BLE_SC_OOB_REQ_EVT, &sec_event);
            break;

        case BTM_LE_KEY_EVT:
            bdcpy(sec_event.ble_key.bd_addr, bda);
            sec_event.ble_key.key_type = p_data->key.key_type;
+2 −1
Original line number Diff line number Diff line
@@ -593,7 +593,8 @@ typedef UINT8 tBTA_SIG_STRENGTH_MASK;
#define BTA_DM_HW_ERROR_EVT             26      /* BT Chip H/W error */
#define BTA_DM_LE_FEATURES_READ         27      /* Cotroller specific LE features are read */
#define BTA_DM_ENER_INFO_READ           28      /* Energy info read */
typedef UINT8 tBTA_DM_SEC_EVT;
#define BTA_DM_BLE_SC_OOB_REQ_EVT       29      /* SMP SC OOB request event */
typedef uint8_t tBTA_DM_SEC_EVT;

/* Structure associated with BTA_DM_ENABLE_EVT */
typedef struct
+90 −20
Original line number Diff line number Diff line
@@ -233,6 +233,7 @@ static void btif_dm_ble_auth_cmpl_evt (tBTA_DM_AUTH_CMPL *p_auth_cmpl);
static void btif_dm_ble_passkey_req_evt(tBTA_DM_PIN_REQ *p_pin_req);
static void btif_dm_ble_key_nc_req_evt(tBTA_DM_SP_KEY_NOTIF *p_notif_req) ;
static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB *req_oob_type);
static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB *req_oob_type);
#endif

static void bte_scan_filt_param_cfg_evt(UINT8 action_type,
@@ -716,7 +717,15 @@ static void btif_dm_cb_create_bond(bt_bdaddr_t *bd_addr, tBTA_TRANSPORT transpor
        }
        if (btif_storage_get_remote_addr_type(bd_addr, &addr_type) != BT_STATUS_SUCCESS)
        {
            btif_storage_set_remote_addr_type(bd_addr, BLE_ADDR_PUBLIC);

            // Try to read address type. OOB pairing might have set it earlier, but
            // didn't store it, it defaults to BLE_ADDR_PUBLIC
            uint8_t tmp_dev_type;
            uint8_t tmp_addr_type;
            BTM_ReadDevInfo(bd_addr->address, &tmp_dev_type, &tmp_addr_type);
            addr_type = tmp_addr_type;

            btif_storage_set_remote_addr_type(bd_addr, addr_type);
        }
    }
    if((btif_config_get_int((char const *)&bdstr,"DevType", &device_type) &&
@@ -1679,7 +1688,7 @@ static void btif_dm_upstreams_evt(UINT16 event, char* p_param)
    uint32_t i;
    bt_bdaddr_t bd_addr;

    BTIF_TRACE_EVENT("btif_dm_upstreams_cback  ev: %s", dump_dm_event(event));
    BTIF_TRACE_EVENT("%s: ev: %s", __func__, dump_dm_event(event));

    switch (event)
    {
@@ -1918,6 +1927,10 @@ static void btif_dm_upstreams_evt(UINT16 event, char* p_param)
            BTIF_TRACE_DEBUG("BTA_DM_BLE_OOB_REQ_EVT. ");
            btif_dm_ble_oob_req_evt(&p_data->rmt_oob);
            break;
        case BTA_DM_BLE_SC_OOB_REQ_EVT:
            BTIF_TRACE_DEBUG("BTA_DM_BLE_SC_OOB_REQ_EVT. ");
            btif_dm_ble_sc_oob_req_evt(&p_data->rmt_oob);
            break;
        case BTA_DM_BLE_LOCAL_IR_EVT:
            BTIF_TRACE_DEBUG("BTA_DM_BLE_LOCAL_IR_EVT. ");
            ble_local_key_cb.is_id_keys_rcvd = TRUE;
@@ -2382,6 +2395,19 @@ bt_status_t btif_dm_create_bond_out_of_band(const bt_bdaddr_t *bd_addr, int tran
    bdcpy(oob_cb.bdaddr, bd_addr->address);
    memcpy(&oob_cb.oob_data, oob_data, sizeof(bt_out_of_band_data_t));

    uint8_t empty[] = {0, 0, 0, 0, 0, 0, 0};
    // If LE Bluetooth Device Address is provided, use provided address type
    // value.
    if (memcmp(oob_data->le_bt_dev_addr, empty, 7) != 0) {
        /* byte no 7 is address type in LE Bluetooth Address OOB data */
        uint8_t address_type = oob_data->le_bt_dev_addr[6];
        if (address_type == BLE_ADDR_PUBLIC || address_type == BLE_ADDR_RANDOM) {
            // bd_addr->address is already reversed, so use it instead of
            // oob_data->le_bt_dev_addr
            BTM_SecAddBleDevice(bd_addr->address, NULL, BT_DEVICE_TYPE_BLE, address_type);
        }
    }

    bdstr_t bdstr;
    BTIF_TRACE_EVENT("%s: bd_addr=%s, transport=%d", __FUNCTION__, bdaddr_to_string(bd_addr, bdstr, sizeof(bdstr)), transport);
    return btif_dm_create_bond(bd_addr, transport);
@@ -2813,29 +2839,36 @@ void btif_dm_set_oob_for_le_io_req(BD_ADDR bd_addr, tBTA_OOB_DATA *p_has_oob_da
                                   tBTA_LE_AUTH_REQ *p_auth_req)
{

    /* We currently support only Security Manager TK as OOB data for LE transport.
       If it's not present mark no OOB data.
     */
    if (!is_empty_128bit(oob_cb.oob_data.sm_tk))
    {
    if (!is_empty_128bit(oob_cb.oob_data.le_sc_c) &&
        !is_empty_128bit(oob_cb.oob_data.le_sc_r)) {
        /* We have LE SC OOB data */

        /* make sure OOB data is for this particular device */
        if (memcmp(bd_addr, oob_cb.bdaddr, BD_ADDR_LEN) == 0) {
            *p_auth_req = ((*p_auth_req) | BTM_LE_AUTH_REQ_SC_ONLY);
            *p_has_oob_data = true;
        } else {
            *p_has_oob_data = false;
            BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address",
                               __func__);
        }
    } else if (!is_empty_128bit(oob_cb.oob_data.sm_tk)) {
        /* We have security manager TK */

        /* make sure OOB data is for this particular device */
        if (memcmp(bd_addr, oob_cb.bdaddr, BD_ADDR_LEN) == 0) {
            // When using OOB with TK, SC Secure Connections bit must be disabled.
            tBTA_LE_AUTH_REQ mask = ~BTM_LE_AUTH_REQ_SC_ONLY;
            *p_auth_req = ((*p_auth_req) & mask);

            *p_has_oob_data = TRUE;
        }
        else
        {
            *p_has_oob_data = FALSE;
            *p_has_oob_data = true;
        } else {
            *p_has_oob_data = false;
            BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address",
                               __func__);
        }
    }
    else
    {
        *p_has_oob_data = FALSE;
    } else {
        *p_has_oob_data = false;
    }
    BTIF_TRACE_DEBUG("%s *p_has_oob_data=%d", __func__, *p_has_oob_data);
}
@@ -3333,10 +3366,9 @@ static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB *req_oob_type)

    bt_bdaddr_t bd_addr;
    bdcpy(bd_addr.address, req_oob_type->bd_addr);

    /* We currently support only Security Manager TK as OOB data. We already
     * checked if it's present in btif_dm_set_oob_for_le_io_req, but check here
     * again. If it's not present do nothing, pairing will timeout.
    /* We already checked if OOB data is present in
     * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present
     * do nothing, pairing will timeout.
     */
    if (is_empty_128bit(oob_cb.oob_data.sm_tk)) {
        return;
@@ -3360,6 +3392,44 @@ static void btif_dm_ble_oob_req_evt(tBTA_DM_SP_RMT_OOB *req_oob_type)
    BTM_BleOobDataReply(req_oob_type->bd_addr, 0, 16, oob_cb.oob_data.sm_tk);
}


static void btif_dm_ble_sc_oob_req_evt(tBTA_DM_SP_RMT_OOB *req_oob_type)
{
    BTIF_TRACE_DEBUG("%s", __func__);

    bt_bdaddr_t bd_addr;
    bdcpy(bd_addr.address, req_oob_type->bd_addr);

    /* We already checked if OOB data is present in
     * btif_dm_set_oob_for_le_io_req, but check here again. If it's not present
     * do nothing, pairing will timeout.
     */
    if (is_empty_128bit(oob_cb.oob_data.le_sc_c) &&
        is_empty_128bit(oob_cb.oob_data.le_sc_r)) {
        BTIF_TRACE_WARNING("%s: LE SC OOB data is empty", __func__);
        return;
    }

    /* make sure OOB data is for this particular device */
    if (memcmp(req_oob_type->bd_addr, oob_cb.bdaddr, BD_ADDR_LEN) != 0) {
        BTIF_TRACE_WARNING("%s: remote address didn't match OOB data address", __func__);
        return;
    }

    /* Remote name update */
    btif_update_remote_properties(req_oob_type->bd_addr , req_oob_type->bd_name,
                                          NULL, BT_DEVICE_TYPE_BLE);

    bond_state_changed(BT_STATUS_SUCCESS, &bd_addr, BT_BOND_STATE_BONDING);
    pairing_cb.is_ssp = false;
    pairing_cb.is_le_only = true; //TODO: we can derive classic pairing from this one
    pairing_cb.is_le_nc = false;

    BTM_BleSecureConnectionOobDataReply(req_oob_type->bd_addr,
                                        oob_cb.oob_data.le_sc_c,
                                        oob_cb.oob_data.le_sc_r);
}

void btif_dm_update_ble_remote_properties( BD_ADDR bd_addr, BD_NAME bd_name,
                                           tBT_DEVICE_TYPE dev_type)
{
+2 −2
Original line number Diff line number Diff line
@@ -95,7 +95,7 @@ void btm_acl_init (void)
**                  NULL if not found.
**
*******************************************************************************/
tACL_CONN *btm_bda_to_acl (BD_ADDR bda, tBT_TRANSPORT transport)
tACL_CONN *btm_bda_to_acl (const BD_ADDR bda, tBT_TRANSPORT transport)
{
    tACL_CONN   *p = &btm_cb.acl_db[0];
    UINT16       xx;
@@ -1441,7 +1441,7 @@ UINT16 btm_get_acl_disc_reason_code (void)
** Returns          the handle of the connection, or 0xFFFF if none.
**
*******************************************************************************/
UINT16 BTM_GetHCIConnHandle (BD_ADDR remote_bda, tBT_TRANSPORT transport)
UINT16 BTM_GetHCIConnHandle (const BD_ADDR remote_bda, tBT_TRANSPORT transport)
{
    tACL_CONN   *p;
    BTM_TRACE_DEBUG ("BTM_GetHCIConnHandle");
+45 −5
Original line number Diff line number Diff line
@@ -70,7 +70,7 @@ extern void gatt_notify_enc_cmpl(BD_ADDR bd_addr);
** Returns          TRUE if added OK, else FALSE
**
*******************************************************************************/
BOOLEAN BTM_SecAddBleDevice (BD_ADDR bd_addr, BD_NAME bd_name, tBT_DEVICE_TYPE dev_type,
BOOLEAN BTM_SecAddBleDevice (const BD_ADDR bd_addr, BD_NAME bd_name, tBT_DEVICE_TYPE dev_type,
                             tBLE_ADDR_TYPE addr_type)
{
    BTM_TRACE_DEBUG ("%s: dev_type=0x%x", __func__, dev_type);
@@ -453,11 +453,10 @@ void BTM_BleOobDataReply(BD_ADDR bd_addr, UINT8 res, UINT8 len, UINT8 *p_data)
    tSMP_STATUS res_smp = (res == BTM_SUCCESS) ? SMP_SUCCESS : SMP_OOB_FAIL;
    tBTM_SEC_DEV_REC  *p_dev_rec = btm_find_dev (bd_addr);

    BTM_TRACE_DEBUG ("BTM_BleOobDataReply");
    BTM_TRACE_DEBUG ("%s:", __func__);

    if (p_dev_rec == NULL)
    {
        BTM_TRACE_ERROR("BTM_BleOobDataReply() to Unknown device");
    if (p_dev_rec == NULL) {
        BTM_TRACE_ERROR("%s: Unknown device", __func__);
        return;
    }

@@ -466,6 +465,47 @@ void BTM_BleOobDataReply(BD_ADDR bd_addr, UINT8 res, UINT8 len, UINT8 *p_data)
#endif
}

/*******************************************************************************
**
** Function         BTM_BleSecureConnectionOobDataReply
**
** Description      This function is called to provide the OOB data for
**                  SMP in response to BTM_LE_OOB_REQ_EVT when secure connection
**                  data is available
**
** Parameters:      bd_addr     - Address of the peer device
**                  p_c         - pointer to Confirmation.
**                  p_r         - pointer to Randomizer
**
*******************************************************************************/
void BTM_BleSecureConnectionOobDataReply(BD_ADDR bd_addr,
                                         uint8_t *p_c, uint8_t *p_r)
{
#if SMP_INCLUDED == TRUE
    tBTM_SEC_DEV_REC  *p_dev_rec = btm_find_dev (bd_addr);

    BTM_TRACE_DEBUG ("%s:", __func__);

    if (p_dev_rec == NULL) {
        BTM_TRACE_ERROR("%s: Unknown device", __func__);
        return;
    }

    p_dev_rec->sec_flags |= BTM_SEC_LE_AUTHENTICATED;

    tSMP_SC_OOB_DATA oob;
    memset(&oob, 0, sizeof(tSMP_SC_OOB_DATA));

    oob.peer_oob_data.present = true;
    memcpy(&oob.peer_oob_data.randomizer, p_r, BT_OCTET16_LEN);
    memcpy(&oob.peer_oob_data.commitment, p_c, BT_OCTET16_LEN);
    oob.peer_oob_data.addr_rcvd_from.type = p_dev_rec->ble.ble_addr_type;
    memcpy(&oob.peer_oob_data.addr_rcvd_from.bda, bd_addr, sizeof(BD_ADDR));

    SMP_SecureConnectionOobDataReply((uint8_t*)&oob);
#endif
}

/******************************************************************************
**
** Function         BTM_BleSetConnScanParams
Loading