1 /* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 3. Neither the name of the copyright holders nor the names of 14 * contributors may be used to endorse or promote products derived 15 * from this software without specific prior written permission. 16 * 4. Any redistribution, use, or modification is done solely for 17 * personal benefit and not for any commercial purpose or for 18 * monetary gain. 19 * 20 * THIS SOFTWARE IS PROVIDED BY BLUEKITCHEN GMBH AND CONTRIBUTORS 21 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 22 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 23 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL MATTHIAS 24 * RINGWALD OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, 25 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 26 * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS 27 * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 28 * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 29 * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF 30 * THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 31 * SUCH DAMAGE. 32 * 33 * Please inquire about commercial licensing options at 34 * [email protected] 35 * 36 */ 37 38 #ifndef __SM_H 39 #define __SM_H 40 41 #if defined __cplusplus 42 extern "C" { 43 #endif 44 45 #include <stdint.h> 46 #include "btstack_util.h" 47 #include "btstack_defines.h" 48 #include "hci.h" 49 50 typedef struct { 51 btstack_linked_item_t item; 52 bd_addr_t address; 53 bd_addr_type_t address_type; 54 } sm_lookup_entry_t; 55 56 /* API_START */ 57 58 /** 59 * @brief Initializes the Security Manager, connects to L2CAP 60 */ 61 void sm_init(void); 62 63 /** 64 * @brief Set secret ER key for key generation as described in Core V4.0, Vol 3, Part G, 5.2.2 65 * @param er 66 */ 67 void sm_set_er(sm_key_t er); 68 69 /** 70 * @brief Set secret IR key for key generation as described in Core V4.0, Vol 3, Part G, 5.2.2 71 */ 72 void sm_set_ir(sm_key_t ir); 73 74 /** 75 * 76 * @brief Registers OOB Data Callback. The callback should set the oob_data and return 1 if OOB data is availble 77 * @param get_oob_data_callback 78 */ 79 void sm_register_oob_data_callback( int (*get_oob_data_callback)(uint8_t addres_type, bd_addr_t addr, uint8_t * oob_data)); 80 81 /** 82 * @brief Add event packet handler. 83 */ 84 void sm_add_event_handler(btstack_packet_callback_registration_t * callback_handler); 85 86 /** 87 * @brief Limit the STK generation methods. Bonding is stopped if the resulting one isn't in the list 88 * @param OR combination of SM_STK_GENERATION_METHOD_ 89 */ 90 void sm_set_accepted_stk_generation_methods(uint8_t accepted_stk_generation_methods); 91 92 /** 93 * @brief Set the accepted encryption key size range. Bonding is stopped if the result isn't within the range 94 * @param min_size (default 7) 95 * @param max_size (default 16) 96 */ 97 void sm_set_encryption_key_size_range(uint8_t min_size, uint8_t max_size); 98 99 /** 100 * @brief Sets the requested authentication requirements, bonding yes/no, MITM yes/no, SC yes/no, keypress yes/no 101 * @param OR combination of SM_AUTHREQ_ flags 102 */ 103 void sm_set_authentication_requirements(uint8_t auth_req); 104 105 /** 106 * @brief Sets the available IO Capabilities 107 * @param IO_CAPABILITY_ 108 */ 109 void sm_set_io_capabilities(io_capability_t io_capability); 110 111 /** 112 * @brief Let Peripheral request an encrypted connection right after connecting 113 * @note Not used normally. Bonding is triggered by access to protected attributes in ATT Server 114 */ 115 void sm_set_request_security(int enable); 116 117 /** 118 * @brief Trigger Security Request 119 * @note Not used normally. Bonding is triggered by access to protected attributes in ATT Server 120 */ 121 void sm_send_security_request(hci_con_handle_t con_handle); 122 123 /** 124 * @brief Decline bonding triggered by event before 125 * @param con_handle 126 */ 127 void sm_bonding_decline(hci_con_handle_t con_handle); 128 129 /** 130 * @brief Confirm Just Works bonding 131 * @param con_handle 132 */ 133 void sm_just_works_confirm(hci_con_handle_t con_handle); 134 135 /** 136 * @brief Confirm value from SM_EVENT_NUMERIC_COMPARISON_REQUEST for Numeric Comparison bonding 137 * @param con_handle 138 */ 139 void sm_numeric_comparison_confirm(hci_con_handle_t con_handle); 140 141 /** 142 * @brief Reports passkey input by user 143 * @param con_handle 144 * @param passkey in [0..999999] 145 */ 146 void sm_passkey_input(hci_con_handle_t con_handle, uint32_t passkey); 147 148 /** 149 * @brief Send keypress notification for keyboard only devices 150 * @param con_handle 151 * @param action see SM_KEYPRESS_* in bluetooth.h 152 */ 153 void sm_keypress_notification(hci_con_handle_t con_handle, uint8_t action); 154 155 /** 156 * 157 * @brief Get encryption key size. 158 * @param con_handle 159 * @return 0 if not encrypted, 7-16 otherwise 160 */ 161 int sm_encryption_key_size(hci_con_handle_t con_handle); 162 163 /** 164 * @brief Get authentication property. 165 * @param con_handle 166 * @return 1 if bonded with OOB/Passkey (AND MITM protection) 167 */ 168 int sm_authenticated(hci_con_handle_t con_handle); 169 170 /** 171 * @brief Queries authorization state. 172 * @param con_handle 173 * @return authorization_state for the current session 174 */ 175 authorization_state_t sm_authorization_state(hci_con_handle_t con_handle); 176 177 /** 178 * @brief Used by att_server.c to request user authorization. 179 * @param con_handle 180 */ 181 void sm_request_pairing(hci_con_handle_t con_handle); 182 183 /** 184 * @brief Report user authorization decline. 185 * @param con_handle 186 */ 187 void sm_authorization_decline(hci_con_handle_t con_handle); 188 189 /** 190 * @brief Report user authorization grant. 191 * @param con_handle 192 */ 193 void sm_authorization_grant(hci_con_handle_t con_handle); 194 195 196 /** 197 * @brief Check if CMAC AES engine is ready 198 * @return ready 199 */ 200 int sm_cmac_ready(void); 201 202 /* 203 * @brief Generic CMAC AES 204 * @param key 205 * @param message_len 206 * @param get_byte_callback 207 * @param done_callback 208 * @note hash is 16 bytes in big endian 209 */ 210 void sm_cmac_general_start(const sm_key_t key, uint16_t message_len, uint8_t (*get_byte_callback)(uint16_t offset), void (*done_callback)(uint8_t * hash)); 211 212 /** 213 * @brief Support for signed writes, used by att_server. 214 * @note Message is in little endian to allows passing in ATT PDU without flipping. 215 * @note signing data: [opcode, attribute_handle, message, sign_counter] 216 * @note calculated hash in done_callback is big endian and has 16 byte. 217 * @param key 218 * @param opcde 219 * @param attribute_handle 220 * @param message_len 221 * @param message 222 * @param sign_counter 223 */ 224 void sm_cmac_signed_write_start(const sm_key_t key, uint8_t opcode, uint16_t attribute_handle, uint16_t message_len, const uint8_t * message, uint32_t sign_counter, void (*done_callback)(uint8_t * hash)); 225 226 /* 227 * @brief Match address against bonded devices 228 * @return 0 if successfully added to lookup queue 229 * @note Triggers SM_IDENTITY_RESOLVING_* events 230 */ 231 int sm_address_resolution_lookup(uint8_t addr_type, bd_addr_t addr); 232 233 /** 234 * @brief Identify device in LE Device DB. 235 * @param handle 236 * @return index from le_device_db or -1 if not found/identified 237 */ 238 int sm_le_device_index(hci_con_handle_t con_handle ); 239 240 /** 241 * @brief Set Elliptic Key Public/Private Keypair 242 * @note Using the same key for more than one device is not recommended. 243 * @param qx 32 bytes 244 * @param qy 32 bytes 245 * @param d 32 bytes 246 */ 247 void sm_use_fixed_ec_keypair(uint8_t * qx, uint8_t * qy, uint8_t * d); 248 249 /** 250 * @brief Use fixec passkey for Legacy and SC instead of generating a random number 251 * @note Can be used to improve security over Just Works if no keyboard or displary are present and 252 * individual random passkey can be printed on the device during production 253 * @param passkey 254 */ 255 void sm_use_fixed_passkey_in_display_role(uint32_t passkey); 256 257 /** 258 * @brief Allow connection re-encryption in Peripheral (Responder) role for LE Legacy Pairing 259 * without entry for Central device stored in LE Device DB 260 * @note BTstack in Peripheral Role (Responder) supports LE Legacy Pairing without a persistent LE Device DB as 261 * the LTK is reconstructed from a local secret IRK and EDIV + Random stored on Central (Initiator) device 262 * On the downside, it's not really possible to delete a pairing if this is enabled. 263 * @param allow encryption using reconstructed LTK without stored entry (Default: 1) 264 */ 265 void sm_allow_ltk_reconstruction_without_le_device_db_entry(int allow); 266 267 /* API_END */ 268 269 // PTS testing 270 void sm_test_set_irk(sm_key_t irk); 271 void sm_test_use_fixed_local_csrk(void); 272 void sm_test_use_fixed_ec_keypair(void); 273 274 #if defined __cplusplus 275 } 276 #endif 277 278 #endif // __SM_H 279