From d061c89e31f5502ff72fc92768e065f25e52c326 Mon Sep 17 00:00:00 2001
From: paul-szczepanek-arm
 <33840200+paul-szczepanek-arm@users.noreply.github.com>
Date: Thu, 8 Feb 2018 18:23:23 +0000
Subject: [PATCH] storing sc oob, checking for its presence

---
 features/FEATURE_BLE/ble/BLETypes.h           |  8 ----
 features/FEATURE_BLE/ble/SecurityManager.h    |  4 +-
 .../ble/generic/GenericSecurityManager.h      | 32 ++++++++++++---
 .../source/generic/GenericSecurityManager.cpp | 39 ++++++++++++++++---
 4 files changed, 62 insertions(+), 21 deletions(-)

diff --git a/features/FEATURE_BLE/ble/BLETypes.h b/features/FEATURE_BLE/ble/BLETypes.h
index 4b1cae039d..a09563f633 100644
--- a/features/FEATURE_BLE/ble/BLETypes.h
+++ b/features/FEATURE_BLE/ble/BLETypes.h
@@ -351,14 +351,6 @@ typedef octet_type_t<32> public_key_t;
 typedef octet_type_t<32> private_key_t;
 typedef octet_type_t<32> dhkey_t;
 
-/* X and Y coordinate pair of the public key */
-struct public_key_pair_t {
-    public_key_pair_t() {};
-    public_key_t x;
-    public_key_t y;
-};
-
-
 /**
  * MAC address data type.
  */
diff --git a/features/FEATURE_BLE/ble/SecurityManager.h b/features/FEATURE_BLE/ble/SecurityManager.h
index e7bf1881d5..0f2ab3f0a0 100644
--- a/features/FEATURE_BLE/ble/SecurityManager.h
+++ b/features/FEATURE_BLE/ble/SecurityManager.h
@@ -253,7 +253,7 @@ public:
          * @param[in] address address that will be used in the pairing
          * @param[in] temporaryKey temporary key to be used in legacy pairing
          */
-        virtual void legacyPairingOobGenerated(address_t address,
+        virtual void legacyPairingOobGenerated(const address_t *address,
                                                const oob_tk_t *temporaryKey) {
             (void)address;
             (void)temporaryKey;
@@ -268,7 +268,7 @@ public:
          * @param[in] confirm confirmation value to be use for authentication
          *                    in secure connections pairing
          */
-        virtual void oobGenerated(address_t address,
+        virtual void oobGenerated(const address_t *address,
                                   const oob_rand_t *random,
                                   const oob_confirm_t *confirm) {
             (void)address;
diff --git a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
index 148e74d84c..b75d82123a 100644
--- a/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
+++ b/features/FEATURE_BLE/ble/generic/GenericSecurityManager.h
@@ -273,11 +273,12 @@ protected:
     GenericSecurityManager(ble::pal::SecurityManager& palImpl, GenericSecurityDb& dbImpl)
         : _pal(palImpl),
           _db(dbImpl),
+          _default_authentication(0),
+          _default_key_distribution(KeyDistribution::KEY_DISTRIBUTION_ALL),
           _pairing_authorisation_required(false),
           _legacy_pairing_allowed(true),
           _master_sends_keys(false),
-          _default_authentication(0),
-          _default_key_distribution(KeyDistribution::KEY_DISTRIBUTION_ALL) {
+          _public_keys_generated(false) {
         _app_event_handler = &defaultEventHandler;
         _pal.set_event_handler(this);
     }
@@ -335,7 +336,7 @@ private:
     /**
      * Returns the CSRK for the connection. Called by the security db.
      *
-     * @param[in] entry security entry returned by the database.
+     * @param[in] connectionHandle Handle to identify the connection.
      * @param[in] entryKeys security entry containing keys.
      */
     void return_csrk_cb(
@@ -343,6 +344,24 @@ private:
         const csrk_t *csrk
     );
 
+    /**
+     * Generate local OOB data to be sent to the application which sends it to the peer.
+     *
+     * @param[in] connectionHandle Handle to identify the connection.
+     */
+    void generate_secure_connections_oob(
+        connection_handle_t connection
+    );
+
+    /**
+     * Updates the entry for the connection with OOB data presence.
+     *
+     * @param[in] connectionHandle Handle to identify the connection.
+     */
+    void update_oob_presence(
+        connection_handle_t connection
+    );
+
 private:
     ble::pal::SecurityManager& _pal;
     GenericSecurityDb& _db;
@@ -350,9 +369,10 @@ private:
     AuthenticationMask _default_authentication;
     KeyDistribution _default_key_distribution;
 
-    address_t _sc_oob_address;
-    oob_rand_t _sc_oob_random;
-    oob_confirm_t _sc_oob_confirm;
+    address_t _sc_oob_peer_address;
+    oob_rand_t _sc_oob_peer_random;
+    oob_confirm_t _sc_oob_peer_confirm;
+    oob_rand_t _sc_oob_local_random;
 
     bool _pairing_authorisation_required;
     bool _legacy_pairing_allowed;
diff --git a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
index c9af329318..2aa0bacaee 100644
--- a/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
+++ b/features/FEATURE_BLE/source/generic/GenericSecurityManager.cpp
@@ -92,6 +92,7 @@ ble_error_t GenericSecurityManager::init(
 
 ble_error_t GenericSecurityManager::reset(void) {
     _db.sync();
+    _public_keys_generated = false;
     SecurityManager::reset();
 
     return BLE_ERROR_NONE;
@@ -140,6 +141,7 @@ ble_error_t GenericSecurityManager::requestPairing(connection_handle_t connectio
     }
 
     set_mitm_performed(connection, false);
+    update_oob_presence(connection);
 
     AuthenticationMask link_authentication(_default_authentication);
     link_authentication.set_mitm(entry->mitm_requested);
@@ -163,6 +165,8 @@ ble_error_t GenericSecurityManager::acceptPairingRequest(connection_handle_t con
         return BLE_ERROR_INVALID_PARAM;
     }
 
+    update_oob_presence(connection);
+
     AuthenticationMask link_authentication(_default_authentication);
     link_authentication.set_mitm(entry->mitm_requested);
 
@@ -484,6 +488,11 @@ ble_error_t GenericSecurityManager::setOOBDataUsage(
 
     entry->oob = useOOB;
     entry->oob_mitm_protection = OOBProvidesMITM;
+
+    if (_public_keys_generated) {
+        generate_secure_connections_oob(connection);
+    }
+
     return BLE_ERROR_NONE;
 }
 
@@ -532,13 +541,14 @@ ble_error_t GenericSecurityManager::oobReceived(
     const oob_confirm_t *confirm
 ) {
     if (address && random && confirm) {
-        SecurityEntry_t *entry = _db.get_entry(*address);
-        if (!entry) {
-            return BLE_ERROR_INVALID_PARAM;
-        }
+        _sc_oob_peer_address = *address;
+        _sc_oob_local_random = *random;
+        _sc_oob_peer_confirm = *confirm;
 
+        return BLE_ERROR_NONE;
     }
-    return BLE_ERROR_NONE;
+
+    return BLE_ERROR_INVALID_PARAM;
 }
 
 ////////////////////////////////////////////////////////////////////////////
@@ -626,6 +636,24 @@ void GenericSecurityManager::return_csrk_cb(
     );
 }
 
+void GenericSecurityManager::generate_secure_connections_oob(
+    connection_handle_t connection
+) {
+    address_t local_address;
+    oob_confirm_t confirm;
+    /*TODO:generate*/
+    _app_event_handler->oobGenerated(&local_address, &_sc_oob_local_random, &confirm);
+}
+
+void GenericSecurityManager::update_oob_presence(connection_handle_t connection) {
+    SecurityEntry_t *entry = _db.get_entry(connection);
+    if (entry) {
+        if (entry->peer_address == _sc_oob_peer_address) {
+            entry->oob = true;
+        }
+    }
+}
+
 /* Implements ble::pal::SecurityManagerEventHandler */
 
 ////////////////////////////////////////////////////////////////////////////
@@ -843,6 +871,7 @@ void GenericSecurityManager::on_public_key_generated(
     const public_key_t &public_key_y
 ) {
     _db.set_public_key(public_key_x, public_key_y);
+    _public_keys_generated = true;
 }
 
 void GenericSecurityManager::on_secure_connections_ltk_generated(