Merge changes from topic "gd_security_shim" am: bcd0bef4dd am: b8cd9d1102 (bb847d54) · Commits · e / os / android_packages_modules_Bluetooth

system/gd/security/cert/security_test.py

+4 −8

Original line number	Diff line number	Diff line
		@@ -65,14 +65,10 @@ class SecurityTest(GdBaseTestClass):
		IoCapabilities.NO_INPUT_NO_OUTPUT)

		# Possible Authentication Requirements
		auth_reqs = (
		AuthenticationRequirements.NO_BONDING,
		# TODO(optedoblivion): Figure out MITM cases
		AuthenticationRequirements.NO_BONDING_MITM_PROTECTION,
		auth_reqs = (AuthenticationRequirements.NO_BONDING, AuthenticationRequirements.NO_BONDING_MITM_PROTECTION,
		AuthenticationRequirements.DEDICATED_BONDING,
		AuthenticationRequirements.DEDICATED_BONDING_MITM_PROTECTION,
		AuthenticationRequirements.GENERAL_BONDING,
		AuthenticationRequirements.GENERAL_BONDING_MITM_PROTECTION)
		AuthenticationRequirements.GENERAL_BONDING, AuthenticationRequirements.GENERAL_BONDING_MITM_PROTECTION)

		# Possible Out-of-Band data options
		oob_present = (

system/gd/security/facade.cc

+14 −5

Original line number	Diff line number	Diff line
		@@ -339,8 +339,10 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
		ui_events_.OnIncomingEvent(display_yes_no);
		}

		virtual void DisplayConfirmValue(const bluetooth::hci::AddressWithType& peer, std::string name,
		uint32_t numeric_value) {
		virtual void DisplayConfirmValue(ConfirmationData data) {
		const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
		std::string name = data.GetName();
		uint32_t numeric_value = data.GetNumericValue();
		LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), numeric_value);
		UiMsg display_with_value;
		*display_with_value.mutable_peer() = ToFacadeAddressWithType(peer);
		@@ -350,7 +352,9 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
		ui_events_.OnIncomingEvent(display_with_value);
		}

		void DisplayYesNoDialog(const bluetooth::hci::AddressWithType& peer, std::string name) override {
		void DisplayYesNoDialog(ConfirmationData data) override {
		const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
		std::string name = data.GetName();
		LOG_INFO("%s", peer.ToString().c_str());
		UiMsg display_yes_no;
		*display_yes_no.mutable_peer() = ToFacadeAddressWithType(peer);
		@@ -359,7 +363,10 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
		ui_events_.OnIncomingEvent(display_yes_no);
		}

		void DisplayPasskey(const bluetooth::hci::AddressWithType& peer, std::string name, uint32_t passkey) override {
		void DisplayPasskey(ConfirmationData data) override {
		const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
		std::string name = data.GetName();
		uint32_t passkey = data.GetNumericValue();
		LOG_INFO("%s value = 0x%x", peer.ToString().c_str(), passkey);
		UiMsg display_passkey;
		*display_passkey.mutable_peer() = ToFacadeAddressWithType(peer);
		@@ -369,7 +376,9 @@ class SecurityModuleFacadeService : public SecurityModuleFacade::Service, public
		ui_events_.OnIncomingEvent(display_passkey);
		}

		void DisplayEnterPasskeyDialog(const bluetooth::hci::AddressWithType& peer, std::string name) override {
		void DisplayEnterPasskeyDialog(ConfirmationData data) override {
		const bluetooth::hci::AddressWithType& peer = data.GetAddressWithType();
		std::string name = data.GetName();
		LOG_INFO("%s", peer.ToString().c_str());
		UiMsg display_passkey_input;
		*display_passkey_input.mutable_peer() = ToFacadeAddressWithType(peer);

system/gd/security/pairing/classic_pairing_handler.cc

+22 −10

Original line number	Diff line number	Diff line
		@@ -26,26 +26,38 @@ namespace pairing {

		void ClassicPairingHandler::NotifyUiDisplayYesNo(uint32_t numeric_value) {
		ASSERT(user_interface_handler_ != nullptr);
		user_interface_handler_->CallOn(
		user_interface_, &UI::DisplayConfirmValue, *GetRecord()->GetPseudoAddress(), device_name_, numeric_value);
		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_, numeric_value);
		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
		data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
		data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
		user_interface_handler_->CallOn(user_interface_, &UI::DisplayConfirmValue, data);
		}

		void ClassicPairingHandler::NotifyUiDisplayYesNo() {
		ASSERT(user_interface_handler_ != nullptr);
		user_interface_handler_->CallOn(
		user_interface_, &UI::DisplayYesNoDialog, *GetRecord()->GetPseudoAddress(), device_name_);
		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_);
		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
		data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
		data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
		user_interface_handler_->CallOn(user_interface_, &UI::DisplayYesNoDialog, data);
		}

		void ClassicPairingHandler::NotifyUiDisplayPasskey(uint32_t passkey) {
		ASSERT(user_interface_handler_ != nullptr);
		user_interface_handler_->CallOn(
		user_interface_, &UI::DisplayPasskey, *GetRecord()->GetPseudoAddress(), device_name_, passkey);
		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_, passkey);
		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
		data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
		data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
		user_interface_handler_->CallOn(user_interface_, &UI::DisplayPasskey, data);
		}

		void ClassicPairingHandler::NotifyUiDisplayPasskeyInput() {
		ASSERT(user_interface_handler_ != nullptr);
		user_interface_handler_->CallOn(
		user_interface_, &UI::DisplayEnterPasskeyDialog, *GetRecord()->GetPseudoAddress(), device_name_);
		ConfirmationData data(*GetRecord()->GetPseudoAddress(), device_name_);
		data.PutExtraData("remote_io_caps", hci::IoCapabilityText(remote_io_capability_));
		data.PutExtraData("remote_auth_reqs", hci::AuthenticationRequirementsText(remote_authentication_requirements_));
		data.PutExtraData("remote_oob_data_present", hci::OobDataPresentText(remote_oob_present_));
		user_interface_handler_->CallOn(user_interface_, &UI::DisplayEnterPasskeyDialog, data);
		}

		void ClassicPairingHandler::NotifyUiDisplayCancel() {
		@@ -54,7 +66,8 @@ void ClassicPairingHandler::NotifyUiDisplayCancel() {
		}

		void ClassicPairingHandler::OnPairingPromptAccepted(const bluetooth::hci::AddressWithType& address, bool confirmed) {
		LOG_WARN("TODO Not Implemented!");
		// NOTE: This is not used by Classic, only by LE
		LOG_ALWAYS_FATAL("This is not supported by Classic Pairing Handler, only LE");
		}

		void ClassicPairingHandler::OnConfirmYesNo(const bluetooth::hci::AddressWithType& address, bool confirmed) {
		@@ -179,7 +192,6 @@ void ClassicPairingHandler::OnReceive(hci::IoCapabilityResponseView packet) {
		LOG_INFO("Received: %s", hci::EventCodeText(packet.GetEventCode()).c_str());
		ASSERT_LOG(GetRecord()->GetPseudoAddress()->GetAddress() == packet.GetBdAddr(), "Address mismatch");

		// Using local variable until device database pointer is ready
		remote_io_capability_ = packet.GetIoCapability();
		remote_authentication_requirements_ = packet.GetAuthenticationRequirements();
		remote_oob_present_ = packet.GetOobDataPresent();

system/gd/security/pairing_handler_le_legacy.cc

+7 −6

Original line number	Diff line number	Diff line
		@@ -93,12 +93,13 @@ LegacyStage1ResultOrFailure PairingHandlerLe::LegacyPasskeyEntry(const InitialIn
		constexpr uint32_t PASSKEY_MAX = 999999;
		if (passkey > PASSKEY_MAX) passkey >>= 1;

		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface),
		i.remote_connection_address, i.remote_name, passkey));
		ConfirmationData data(i.remote_connection_address, i.remote_name, passkey);
		i.user_interface_handler->Post(
		common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface), data));
		} else {
		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayEnterPasskeyDialog,
		common::Unretained(i.user_interface), i.remote_connection_address,
		i.remote_name));
		ConfirmationData data(i.remote_connection_address, i.remote_name);
		i.user_interface_handler->Post(
		common::BindOnce(&UI::DisplayEnterPasskeyDialog, common::Unretained(i.user_interface), data));
		std::optional<PairingEvent> response = WaitUiPasskey();
		if (!response) return PairingFailure("Passkey did not arrive!");

system/gd/security/pairing_handler_le_secure_connections.cc

+9 −8

Original line number	Diff line number	Diff line
		@@ -288,13 +288,13 @@ Stage1ResultOrFailure PairingHandlerLe::SecureConnectionsPasskeyEntry(const Init
		constexpr uint32_t PASSKEY_MAX = 999999;
		while (passkey > PASSKEY_MAX) passkey >>= 1;

		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayPasskey, common::Unretained(i.user_interface),
		i.remote_connection_address, i.remote_name, passkey));
		ConfirmationData data(i.remote_connection_address, i.remote_name, passkey);
		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayPasskey, common::Unretained(i.user_interface), data));

		} else if (my_iocaps == IoCapability::KEYBOARD_ONLY \|\| remote_iocaps == IoCapability::DISPLAY_ONLY) {
		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayEnterPasskeyDialog,
		common::Unretained(i.user_interface), i.remote_connection_address,
		i.remote_name));
		ConfirmationData data(i.remote_connection_address, i.remote_name);
		i.user_interface_handler->Post(
		common::BindOnce(&UI::DisplayEnterPasskeyDialog, common::Unretained(i.user_interface), data));
		std::optional<PairingEvent> response = WaitUiPasskey();
		if (!response) return PairingFailure("Passkey did not arrive!");

		@@ -409,8 +409,9 @@ Stage1ResultOrFailure PairingHandlerLe::SecureConnectionsNumericComparison(const

		uint32_t number_to_display = crypto_toolbox::g2((uint8_t)PKa.x.data(), (uint8_t)PKb.x.data(), Na, Nb);

		i.user_interface_handler->Post(common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface),
		i.remote_connection_address, i.remote_name, number_to_display));
		ConfirmationData data(i.remote_connection_address, i.remote_name, number_to_display);
		i.user_interface_handler->Post(
		common::BindOnce(&UI::DisplayConfirmValue, common::Unretained(i.user_interface), data));

		std::optional<PairingEvent> confirmyesno = WaitUiConfirmYesNo();
		if (!confirmyesno \|\| confirmyesno->ui_value == 0) {