Merge "[AWARE] Add Passphrase data-path security"
am: 9e71d7d44f
Change-Id: I4f0e514d2f49156942c6818379347c369c79889b
This commit is contained in:
Etan Cohen
android-build-merger
commit
5a05398da8
3 changed files with 329 additions and 77 deletions
|
|
@ -225,6 +225,44 @@ $(GEN): $(LOCAL_PATH)/types.hal
|
|||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDataPathSecurityConfig)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanDataPathSecurityConfig.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanDataPathSecurityConfig
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDataPathSecurityType)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanDataPathSecurityType.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanDataPathSecurityType
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDebugConfig)
|
||||
#
|
||||
|
|
@ -358,6 +396,25 @@ $(GEN): $(LOCAL_PATH)/types.hal
|
|||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanParamSizeLimits)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanParamSizeLimits.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanParamSizeLimits
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanPublishRequest)
|
||||
#
|
||||
|
|
@ -2047,6 +2104,44 @@ $(GEN): $(LOCAL_PATH)/types.hal
|
|||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDataPathSecurityConfig)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanDataPathSecurityConfig.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanDataPathSecurityConfig
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDataPathSecurityType)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanDataPathSecurityType.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanDataPathSecurityType
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanDebugConfig)
|
||||
#
|
||||
|
|
@ -2180,6 +2275,25 @@ $(GEN): $(LOCAL_PATH)/types.hal
|
|||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanParamSizeLimits)
|
||||
#
|
||||
GEN := $(intermediates)/android/hardware/wifi/V1_0/NanParamSizeLimits.java
|
||||
$(GEN): $(HIDL)
|
||||
$(GEN): PRIVATE_HIDL := $(HIDL)
|
||||
$(GEN): PRIVATE_DEPS := $(LOCAL_PATH)/types.hal
|
||||
$(GEN): PRIVATE_OUTPUT_DIR := $(intermediates)
|
||||
$(GEN): PRIVATE_CUSTOM_TOOL = \
|
||||
$(PRIVATE_HIDL) -o $(PRIVATE_OUTPUT_DIR) \
|
||||
-Ljava \
|
||||
-randroid.hardware:hardware/interfaces \
|
||||
-randroid.hidl:system/libhidl/transport \
|
||||
android.hardware.wifi@1.0::types.NanParamSizeLimits
|
||||
|
||||
$(GEN): $(LOCAL_PATH)/types.hal
|
||||
$(transform-generated-source)
|
||||
LOCAL_GENERATED_SOURCES += $(GEN)
|
||||
|
||||
#
|
||||
# Build types.hal (NanPublishRequest)
|
||||
#
|
||||
|
|
|
|||
|
|
@ -973,17 +973,41 @@ bool convertHidlNanPublishRequestToLegacy(
|
|||
hidl_request.baseConfigs.disableMatchExpirationIndication ? 0x2 : 0x0;
|
||||
legacy_request->recv_indication_cfg |=
|
||||
hidl_request.baseConfigs.disableFollowupReceivedIndication ? 0x4 : 0x0;
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.baseConfigs.cipherType;
|
||||
legacy_request->pmk_len = hidl_request.baseConfigs.pmk.size();
|
||||
if (legacy_request->pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanPublishRequestToLegacy: pmk_len too large";
|
||||
return false;
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.baseConfigs.securityConfig.cipherType;
|
||||
if (hidl_request.baseConfigs.securityConfig.securityType == NanDataPathSecurityType::PMK) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PMK;
|
||||
legacy_request->key_info.body.pmk_info.pmk_len =
|
||||
hidl_request.baseConfigs.securityConfig.pmk.size();
|
||||
if (legacy_request->key_info.body.pmk_info.pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanPublishRequestToLegacy: pmk_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.pmk_info.pmk,
|
||||
hidl_request.baseConfigs.securityConfig.pmk.data(),
|
||||
legacy_request->key_info.body.pmk_info.pmk_len);
|
||||
}
|
||||
memcpy(legacy_request->pmk,
|
||||
hidl_request.baseConfigs.pmk.data(),
|
||||
legacy_request->pmk_len);
|
||||
legacy_request->sdea_params.security_cfg = hidl_request.baseConfigs.securityEnabledInNdp ?
|
||||
legacy_hal::NAN_DP_CONFIG_SECURITY : legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
if (hidl_request.baseConfigs.securityConfig.securityType
|
||||
== NanDataPathSecurityType::PASSPHRASE) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PASSPHRASE;
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len =
|
||||
hidl_request.baseConfigs.securityConfig.passphrase.size();
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
< NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanPublishRequestToLegacy: passphrase_len too small";
|
||||
return false;
|
||||
}
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
> NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanPublishRequestToLegacy: passphrase_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.passphrase_info.passphrase,
|
||||
hidl_request.baseConfigs.securityConfig.passphrase.data(),
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len);
|
||||
}
|
||||
legacy_request->sdea_params.security_cfg = (hidl_request.baseConfigs.securityConfig.securityType
|
||||
!= NanDataPathSecurityType::OPEN) ? legacy_hal::NAN_DP_CONFIG_SECURITY
|
||||
: legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->sdea_params.ranging_state = hidl_request.baseConfigs.rangingRequired ?
|
||||
legacy_hal::NAN_RANGING_ENABLE : legacy_hal::NAN_RANGING_DISABLE;
|
||||
legacy_request->ranging_cfg.ranging_interval_msec = hidl_request.baseConfigs.rangingIntervalMsec;
|
||||
|
|
@ -1066,17 +1090,40 @@ bool convertHidlNanSubscribeRequestToLegacy(
|
|||
hidl_request.baseConfigs.disableMatchExpirationIndication ? 0x2 : 0x0;
|
||||
legacy_request->recv_indication_cfg |=
|
||||
hidl_request.baseConfigs.disableFollowupReceivedIndication ? 0x4 : 0x0;
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.baseConfigs.cipherType;
|
||||
legacy_request->pmk_len = hidl_request.baseConfigs.pmk.size();
|
||||
if (legacy_request->pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanSubscribeRequestToLegacy: pmk_len too large";
|
||||
return false;
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.baseConfigs.securityConfig.cipherType;
|
||||
if (hidl_request.baseConfigs.securityConfig.securityType == NanDataPathSecurityType::PMK) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PMK;
|
||||
legacy_request->key_info.body.pmk_info.pmk_len =
|
||||
hidl_request.baseConfigs.securityConfig.pmk.size();
|
||||
if (legacy_request->key_info.body.pmk_info.pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanSubscribeRequestToLegacy: pmk_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.pmk_info.pmk,
|
||||
hidl_request.baseConfigs.securityConfig.pmk.data(),
|
||||
legacy_request->key_info.body.pmk_info.pmk_len);
|
||||
}
|
||||
memcpy(legacy_request->pmk,
|
||||
hidl_request.baseConfigs.pmk.data(),
|
||||
legacy_request->pmk_len);
|
||||
legacy_request->sdea_params.security_cfg = hidl_request.baseConfigs.securityEnabledInNdp ?
|
||||
legacy_hal::NAN_DP_CONFIG_SECURITY : legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
if (hidl_request.baseConfigs.securityConfig.securityType == NanDataPathSecurityType::PASSPHRASE) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PASSPHRASE;
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len =
|
||||
hidl_request.baseConfigs.securityConfig.passphrase.size();
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
< NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanSubscribeRequestToLegacy: passphrase_len too small";
|
||||
return false;
|
||||
}
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
> NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanSubscribeRequestToLegacy: passphrase_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.passphrase_info.passphrase,
|
||||
hidl_request.baseConfigs.securityConfig.passphrase.data(),
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len);
|
||||
}
|
||||
legacy_request->sdea_params.security_cfg = (hidl_request.baseConfigs.securityConfig.securityType
|
||||
!= NanDataPathSecurityType::OPEN) ? legacy_hal::NAN_DP_CONFIG_SECURITY
|
||||
: legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->sdea_params.ranging_state = hidl_request.baseConfigs.rangingRequired ?
|
||||
legacy_hal::NAN_RANGING_ENABLE : legacy_hal::NAN_RANGING_DISABLE;
|
||||
legacy_request->ranging_cfg.ranging_interval_msec = hidl_request.baseConfigs.rangingIntervalMsec;
|
||||
|
|
@ -1251,8 +1298,9 @@ bool convertHidlNanDataPathInitiatorRequestToLegacy(
|
|||
(legacy_hal::NanDataPathChannelCfg) hidl_request.channelRequestType;
|
||||
legacy_request->channel = hidl_request.channel;
|
||||
strcpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str());
|
||||
legacy_request->ndp_cfg.security_cfg = hidl_request.securityRequired ?
|
||||
legacy_hal::NAN_DP_CONFIG_SECURITY : legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->ndp_cfg.security_cfg = (hidl_request.securityConfig.securityType
|
||||
!= NanDataPathSecurityType::OPEN) ? legacy_hal::NAN_DP_CONFIG_SECURITY
|
||||
: legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->app_info.ndp_app_info_len = hidl_request.appInfo.size();
|
||||
if (legacy_request->app_info.ndp_app_info_len > NAN_DP_MAX_APP_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: ndp_app_info_len too large";
|
||||
|
|
@ -1260,13 +1308,43 @@ bool convertHidlNanDataPathInitiatorRequestToLegacy(
|
|||
}
|
||||
memcpy(legacy_request->app_info.ndp_app_info, hidl_request.appInfo.data(),
|
||||
legacy_request->app_info.ndp_app_info_len);
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.cipherType;
|
||||
legacy_request->pmk_len = hidl_request.pmk.size();
|
||||
if (legacy_request->pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: pmk_len too large";
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.securityConfig.cipherType;
|
||||
if (hidl_request.securityConfig.securityType == NanDataPathSecurityType::PMK) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PMK;
|
||||
legacy_request->key_info.body.pmk_info.pmk_len = hidl_request.securityConfig.pmk.size();
|
||||
if (legacy_request->key_info.body.pmk_info.pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: pmk_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.pmk_info.pmk,
|
||||
hidl_request.securityConfig.pmk.data(),
|
||||
legacy_request->key_info.body.pmk_info.pmk_len);
|
||||
}
|
||||
if (hidl_request.securityConfig.securityType == NanDataPathSecurityType::PASSPHRASE) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PASSPHRASE;
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len =
|
||||
hidl_request.securityConfig.passphrase.size();
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
< NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: passphrase_len too small";
|
||||
return false;
|
||||
}
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
> NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: passphrase_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.passphrase_info.passphrase,
|
||||
hidl_request.securityConfig.passphrase.data(),
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len);
|
||||
}
|
||||
legacy_request->service_name_len = hidl_request.serviceNameOutOfBand.size();
|
||||
if (legacy_request->service_name_len > NAN_MAX_SERVICE_NAME_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathInitiatorRequestToLegacy: service_name_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->pmk, hidl_request.pmk.data(), legacy_request->pmk_len);
|
||||
memcpy(legacy_request->service_name, hidl_request.serviceNameOutOfBand.data(),
|
||||
legacy_request->service_name_len);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
@ -1284,8 +1362,9 @@ bool convertHidlNanDataPathIndicationResponseToLegacy(
|
|||
legacy_hal::NAN_DP_REQUEST_ACCEPT : legacy_hal::NAN_DP_REQUEST_REJECT;
|
||||
legacy_request->ndp_instance_id = hidl_request.ndpInstanceId;
|
||||
strcpy(legacy_request->ndp_iface, hidl_request.ifaceName.c_str());
|
||||
legacy_request->ndp_cfg.security_cfg = hidl_request.securityRequired ?
|
||||
legacy_hal::NAN_DP_CONFIG_SECURITY : legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->ndp_cfg.security_cfg = (hidl_request.securityConfig.securityType
|
||||
!= NanDataPathSecurityType::OPEN) ? legacy_hal::NAN_DP_CONFIG_SECURITY
|
||||
: legacy_hal::NAN_DP_CONFIG_NO_SECURITY;
|
||||
legacy_request->app_info.ndp_app_info_len = hidl_request.appInfo.size();
|
||||
if (legacy_request->app_info.ndp_app_info_len > NAN_DP_MAX_APP_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: ndp_app_info_len too large";
|
||||
|
|
@ -1293,13 +1372,43 @@ bool convertHidlNanDataPathIndicationResponseToLegacy(
|
|||
}
|
||||
memcpy(legacy_request->app_info.ndp_app_info, hidl_request.appInfo.data(),
|
||||
legacy_request->app_info.ndp_app_info_len);
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.cipherType;
|
||||
legacy_request->pmk_len = hidl_request.pmk.size();
|
||||
if (legacy_request->pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: pmk_len too large";
|
||||
legacy_request->cipher_type = (unsigned int) hidl_request.securityConfig.cipherType;
|
||||
if (hidl_request.securityConfig.securityType == NanDataPathSecurityType::PMK) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PMK;
|
||||
legacy_request->key_info.body.pmk_info.pmk_len = hidl_request.securityConfig.pmk.size();
|
||||
if (legacy_request->key_info.body.pmk_info.pmk_len > NAN_PMK_INFO_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: pmk_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.pmk_info.pmk,
|
||||
hidl_request.securityConfig.pmk.data(),
|
||||
legacy_request->key_info.body.pmk_info.pmk_len);
|
||||
}
|
||||
if (hidl_request.securityConfig.securityType == NanDataPathSecurityType::PASSPHRASE) {
|
||||
legacy_request->key_info.key_type = legacy_hal::NAN_SECURITY_KEY_INPUT_PASSPHRASE;
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len =
|
||||
hidl_request.securityConfig.passphrase.size();
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
< NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: passphrase_len too small";
|
||||
return false;
|
||||
}
|
||||
if (legacy_request->key_info.body.passphrase_info.passphrase_len
|
||||
> NAN_SECURITY_MIN_PASSPHRASE_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: passphrase_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->key_info.body.passphrase_info.passphrase,
|
||||
hidl_request.securityConfig.passphrase.data(),
|
||||
legacy_request->key_info.body.passphrase_info.passphrase_len);
|
||||
}
|
||||
legacy_request->service_name_len = hidl_request.serviceNameOutOfBand.size();
|
||||
if (legacy_request->service_name_len > NAN_MAX_SERVICE_NAME_LEN) {
|
||||
LOG(ERROR) << "convertHidlNanDataPathIndicationResponseToLegacy: service_name_len too large";
|
||||
return false;
|
||||
}
|
||||
memcpy(legacy_request->pmk, hidl_request.pmk.data(), legacy_request->pmk_len);
|
||||
memcpy(legacy_request->service_name, hidl_request.serviceNameOutOfBand.data(),
|
||||
legacy_request->service_name_len);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -585,6 +585,17 @@ enum StaRoamingState : uint8_t {
|
|||
* Networking (NAN) Technical Specification".
|
||||
*/
|
||||
|
||||
/**
|
||||
* Size limits for parameters used in the NAN interface.
|
||||
*/
|
||||
enum NanParamSizeLimits : uint32_t {
|
||||
/* Minimum length of Passphrase argument for data-path configuration */
|
||||
MIN_PASSPHRASE_LENGTH = 8,
|
||||
|
||||
/* Maximum length of Passphrase argument for data-path configuration */
|
||||
MAX_PASSPHRASE_LENGTH = 63,
|
||||
};
|
||||
|
||||
/**
|
||||
* A unique short handle provided by the client to identify individual invocations of
|
||||
* certain API's like |IWifiNanIface.*|.
|
||||
|
|
@ -700,6 +711,15 @@ enum NanDataPathChannelCfg : uint32_t {
|
|||
// cannot honor the request then the data-path request is rejected.
|
||||
};
|
||||
|
||||
/**
|
||||
* NAN DP (data-path) security configuration options.
|
||||
*/
|
||||
enum NanDataPathSecurityType : uint32_t {
|
||||
OPEN, // no security
|
||||
PMK, // security: PMK
|
||||
PASSPHRASE, // security: passphrase
|
||||
};
|
||||
|
||||
/**
|
||||
* NAN band-specific configuration.
|
||||
*/
|
||||
|
|
@ -909,6 +929,38 @@ enum NanRangingIndication : uint32_t {
|
|||
EGRESS_MET_MASK = 1 << 2 // trigger event only when egress conditions met
|
||||
};
|
||||
|
||||
/**
|
||||
* Configuration of NAN data-path security.
|
||||
*/
|
||||
struct NanDataPathSecurityConfig {
|
||||
/**
|
||||
* Security configuration of the data-path (NDP). Security is required if not equal to
|
||||
* |NanDataPathSecurityType.OPEN|.
|
||||
* NAN Spec: Service Discovery Extension Attribute (SDEA) / Control / Security Required
|
||||
*/
|
||||
NanDataPathSecurityType securityType;
|
||||
/**
|
||||
* Cipher type for data-paths. If |securityType| is |NanDataPathSecurityType.OPEN| then must
|
||||
* be set to |NanCipherSuiteType.NONE|, otherwise a non-|NanCipherSuiteType.NONE| cipher suite
|
||||
* must be specified.
|
||||
*/
|
||||
NanCipherSuiteType cipherType;
|
||||
/**
|
||||
* Optional Pairwise Master Key (PMK). Must be specified (and is only used) if |securityType| is
|
||||
* set to |NanDataPathSecurityType.PMK|.
|
||||
* Ref: IEEE 802.11i
|
||||
*/
|
||||
uint8_t[32] pmk;
|
||||
/**
|
||||
* Optional Passphrase. Must be specified (and is only used) if |securityType| is set to
|
||||
* |NanDataPathSecurityType.PASSPHRASE|.
|
||||
* Min length: |MIN_PASSPHRASE_LENGTH|
|
||||
* Max length: |MAX_PASSPHRASE_LENGTH|
|
||||
* NAN Spec: Appendix: Mapping pass-phrase to PMK for NCS-SK Cipher Suites
|
||||
*/
|
||||
vec<uint8_t> passphrase;
|
||||
};
|
||||
|
||||
/**
|
||||
* Configurations of NAN discovery sessions: common to publish and subscribe discovery.
|
||||
*/
|
||||
|
|
@ -1009,25 +1061,11 @@ struct NanDiscoveryCommonConfig {
|
|||
*/
|
||||
bool disableFollowupReceivedIndication;
|
||||
/**
|
||||
* Cipher type for data-paths constructed in the context of this discovery session. Must be
|
||||
* specified as |NanCipherSuiteType.NONE| if no |pmk| is provided.
|
||||
* Security configuration of data-paths created in the context of this discovery session. Security
|
||||
* parameters can be overridden during the actual construction of the data-path - allowing
|
||||
* individual data-paths to have unique PMKs or Passphrases.
|
||||
*/
|
||||
NanCipherSuiteType cipherType;
|
||||
/**
|
||||
* Optional Pairwise Master Key (PMK) for data-paths constructed in the context of this discovery
|
||||
* session. A PMK can also be provided during the actual construction of the data-path (which
|
||||
* allows for unique PMKs for each data-path). The |cipherType| must be specified if a PMK is
|
||||
* provided.
|
||||
* Max length: 32
|
||||
* Ref: IEEE 802.11i
|
||||
*/
|
||||
vec<uint8_t> pmk;
|
||||
/**
|
||||
* Specifies whether or not security is enabled in any data-path (NDP) constructed in the context
|
||||
* of this discovery session.
|
||||
* NAN Spec: Service Discovery Extension Attribute (SDEA) / Control / Security Required
|
||||
*/
|
||||
bool securityEnabledInNdp;
|
||||
NanDataPathSecurityConfig securityConfig;
|
||||
/**
|
||||
* Specifies whether or not there is a ranging requirement in this discovery session.
|
||||
* Ranging is only performed if all other match criteria with the peer are met. Ranging must
|
||||
|
|
@ -1213,10 +1251,9 @@ struct NanInitiateDataPathRequest {
|
|||
*/
|
||||
string ifaceName;
|
||||
/**
|
||||
* Specifies whether or not security is required for the data-path being created.
|
||||
* NAN Spec: Data Path Attributes / NDP Attribute / NDP Control / Security Present
|
||||
* Security configuration of the requested data-path.
|
||||
*/
|
||||
bool securityRequired;
|
||||
NanDataPathSecurityConfig securityConfig;
|
||||
/**
|
||||
* Arbitrary information communicated to the peer as part of the data-path setup process - there
|
||||
* is no semantic meaning to these bytes. They are passed-through from sender to receiver as-is
|
||||
|
|
@ -1226,17 +1263,13 @@ struct NanInitiateDataPathRequest {
|
|||
*/
|
||||
vec<uint8_t> appInfo;
|
||||
/**
|
||||
* Cipher type for the data-path being requested. Must be specified as |NanCipherSuiteType.NONE|
|
||||
* if no |pmk| is provided.
|
||||
* A service name to be used with |passphrase| to construct a Pairwise Master Key (PMK) for the
|
||||
* data-path. Only relevant when a data-path is requested which is not associated with a NAN
|
||||
* discovery session - e.g. using out-of-band discovery.
|
||||
* Constraints: same as |NanDiscoveryCommonConfig.serviceName|
|
||||
* NAN Spec: Appendix: Mapping pass-phrase to PMK for NCS-SK Cipher Suites
|
||||
*/
|
||||
NanCipherSuiteType cipherType;
|
||||
/**
|
||||
* Pairwise Master Key (PMK) for the data-path being requested (if |securityRequired| is true).
|
||||
* The |cipherType| must be specified if a PMK is provided.
|
||||
* Max length: 32
|
||||
* Ref: IEEE 802.11i
|
||||
*/
|
||||
vec<uint8_t> pmk;
|
||||
vec<uint8_t> serviceNameOutOfBand;
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
@ -1259,10 +1292,9 @@ struct NanRespondToDataPathIndicationRequest {
|
|||
*/
|
||||
string ifaceName;
|
||||
/**
|
||||
* Specifies whether or not security is required for the data-path being created.
|
||||
* NAN Spec: Data Path Attributes / NDP Attribute / NDP Control / Security Present
|
||||
* Security configuration of the requested data-path.
|
||||
*/
|
||||
bool securityRequired;
|
||||
NanDataPathSecurityConfig securityConfig;
|
||||
/**
|
||||
* Arbitrary information communicated to the peer as part of the data-path setup process - there
|
||||
* is no semantic meaning to these bytes. They are passed-through from sender to receiver as-is
|
||||
|
|
@ -1272,16 +1304,13 @@ struct NanRespondToDataPathIndicationRequest {
|
|||
*/
|
||||
vec<uint8_t> appInfo;
|
||||
/**
|
||||
* Cipher type for the data-path being negotiated. Must be specified as |NanCipherSuiteType.NONE|
|
||||
* if no |pmk| is provided.
|
||||
* A service name to be used with |passphrase| to construct a Pairwise Master Key (PMK) for the
|
||||
* data-path. Only relevant when a data-path is requested which is not associated with a NAN
|
||||
* discovery session - e.g. using out-of-band discovery.
|
||||
* Constraints: same as |NanDiscoveryCommonConfig.serviceName|
|
||||
* NAN Spec: Appendix: Mapping pass-phrase to PMK for NCS-SK Cipher Suites
|
||||
*/
|
||||
NanCipherSuiteType cipherType;
|
||||
/**
|
||||
* Pairwise Master Key (PMK) for the data-path being negotiated (if |securityRequired| is true).
|
||||
* The |cipherType| must be specified if a PMK is provided.
|
||||
* Max length: 32
|
||||
*/
|
||||
vec<uint8_t> pmk;
|
||||
vec<uint8_t> serviceNameOutOfBand;
|
||||
};
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Reference in a new issue