xref: /netbsd-src/usr.sbin/btdevctl/sdp.c (revision 711626f8b9dff33a9c33b0b2bf232f323bfc5e49)
1 /*	$NetBSD: sdp.c,v 1.10 2017/12/10 20:38:14 bouyer Exp $	*/
2 
3 /*-
4  * Copyright (c) 2006 Itronix Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  * 3. The name of Itronix Inc. may not be used to endorse
16  *    or promote products derived from this software without specific
17  *    prior written permission.
18  *
19  * THIS SOFTWARE IS PROVIDED BY ITRONIX INC. ``AS IS'' AND
20  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21  * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22  * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL ITRONIX INC. BE LIABLE FOR ANY
23  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
24  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
25  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
26  * ON ANY THEORY OF LIABILITY, WHETHER IN
27  * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29  * POSSIBILITY OF SUCH DAMAGE.
30  */
31 /*
32  * Copyright (c) 2009 The NetBSD Foundation, Inc.
33  * Copyright (c) 2004 Maksim Yevmenkin <m_evmenkin@yahoo.com>
34  * All rights reserved.
35  *
36  * Redistribution and use in source and binary forms, with or without
37  * modification, are permitted provided that the following conditions
38  * are met:
39  * 1. Redistributions of source code must retain the above copyright
40  *    notice, this list of conditions and the following disclaimer.
41  * 2. Redistributions in binary form must reproduce the above copyright
42  *    notice, this list of conditions and the following disclaimer in the
43  *    documentation and/or other materials provided with the distribution.
44  *
45  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
46  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
47  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
48  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
49  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
50  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
51  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
52  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
53  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
54  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
55  * SUCH DAMAGE.
56  */
57 
58 #include <sys/cdefs.h>
59 __RCSID("$NetBSD: sdp.c,v 1.10 2017/12/10 20:38:14 bouyer Exp $");
60 
61 #include <sys/types.h>
62 
63 #include <dev/bluetooth/btdev.h>
64 #include <dev/bluetooth/bthidev.h>
65 #include <dev/bluetooth/btsco.h>
66 #include <dev/usb/usb.h>
67 #include <dev/usb/usbhid.h>
68 #include <dev/hid/hid.h>
69 
70 #include <prop/proplib.h>
71 
72 #include <bluetooth.h>
73 #include <err.h>
74 #include <errno.h>
75 #include <sdp.h>
76 #include <stdlib.h>
77 #include <strings.h>
78 #include <usbhid.h>
79 
80 #include "btdevctl.h"
81 
82 static bool parse_hid_descriptor(sdp_data_t *);
83 static int32_t parse_boolean(sdp_data_t *);
84 static int32_t parse_pdl_param(sdp_data_t *, uint16_t);
85 static int32_t parse_pdl(sdp_data_t *, uint16_t);
86 static int32_t parse_apdl(sdp_data_t *, uint16_t);
87 
88 static int config_pnp(prop_dictionary_t, sdp_data_t *);
89 static int config_hid(prop_dictionary_t, sdp_data_t *);
90 static int config_hset(prop_dictionary_t, sdp_data_t *);
91 static int config_hf(prop_dictionary_t, sdp_data_t *);
92 
93 uint16_t pnp_services[] = {
94 	SDP_SERVICE_CLASS_PNP_INFORMATION,
95 };
96 
97 uint16_t hid_services[] = {
98 	SDP_SERVICE_CLASS_HUMAN_INTERFACE_DEVICE,
99 };
100 
101 uint16_t hset_services[] = {
102 	SDP_SERVICE_CLASS_HEADSET,
103 };
104 
105 uint16_t hf_services[] = {
106 	SDP_SERVICE_CLASS_HANDSFREE_AUDIO_GATEWAY,
107 };
108 
109 static struct {
110 	const char		*name;
111 	int			(*handler)(prop_dictionary_t, sdp_data_t *);
112 	const char		*description;
113 	uint16_t		*services;
114 	size_t			nservices;
115 } cfgtype[] = {
116     {
117 	"HID",		config_hid,	"Human Interface Device",
118 	hid_services,	__arraycount(hid_services),
119     },
120     {
121 	"HSET",		config_hset,	"Headset",
122 	hset_services,	__arraycount(hset_services),
123     },
124     {
125 	"HF",		config_hf,	"Handsfree",
126 	hf_services,	__arraycount(hf_services),
127     },
128 };
129 
130 #define MAX_SSP		(2 + 1 * 3)	/* largest nservices is 1 */
131 
132 static bool
133 cfg_ssa(sdp_session_t ss, uint16_t *services, size_t nservices, sdp_data_t *rsp)
134 {
135 	uint8_t buf[MAX_SSP];
136 	sdp_data_t ssp;
137 	size_t i;
138 
139 	ssp.next = buf;
140 	ssp.end = buf + sizeof(buf);
141 
142 	for (i = 0; i < nservices; i++)
143 		sdp_put_uuid16(&ssp, services[i]);
144 
145 	ssp.end = ssp.next;
146 	ssp.next = buf;
147 
148 	return sdp_service_search_attribute(ss, &ssp, NULL, rsp);
149 }
150 
151 static bool
152 cfg_search(sdp_session_t ss, int i, prop_dictionary_t dict)
153 {
154 	sdp_data_t rsp, rec;
155 
156 	/* check PnP Information first */
157 	if (!cfg_ssa(ss, pnp_services, __arraycount(pnp_services), &rsp))
158 		return false;
159 
160 	while (sdp_get_seq(&rsp, &rec)) {
161 		if (config_pnp(dict, &rec) == 0)
162 			break;
163 	}
164 
165 	/* then requested service */
166 	if (!cfg_ssa(ss, cfgtype[i].services, cfgtype[i].nservices, &rsp))
167 		return false;
168 
169 	while (sdp_get_seq(&rsp, &rec)) {
170 		errno = (*cfgtype[i].handler)(dict, &rec);
171 		if (errno == 0)
172 			return true;
173 	}
174 
175 	return false;
176 }
177 
178 prop_dictionary_t
179 cfg_query(bdaddr_t *laddr, bdaddr_t *raddr, const char *service)
180 {
181 	prop_dictionary_t dict;
182 	sdp_session_t ss;
183 	size_t i;
184 
185 	dict = prop_dictionary_create();
186 	if (dict == NULL)
187 		err(EXIT_FAILURE, "prop_dictionary_create()");
188 
189 	for (i = 0; i < __arraycount(cfgtype); i++) {
190 		if (strcasecmp(service, cfgtype[i].name) == 0) {
191 			ss = sdp_open(laddr, raddr);
192 			if (ss == NULL)
193 				err(EXIT_FAILURE, "SDP connection failed");
194 
195 			if (!cfg_search(ss, i, dict))
196 				errx(EXIT_FAILURE, "service %s not found", service);
197 
198 			sdp_close(ss);
199 			return dict;
200 		}
201 	}
202 
203 	printf("Known config types:\n");
204 	for (i = 0; i < __arraycount(cfgtype); i++)
205 		printf("\t%s\t%s\n", cfgtype[i].name, cfgtype[i].description);
206 
207 	exit(EXIT_FAILURE);
208 }
209 
210 /*
211  * Configure PnP Information results
212  */
213 static int
214 config_pnp(prop_dictionary_t dict, sdp_data_t *rec)
215 {
216 	sdp_data_t value;
217 	uintmax_t v;
218 	uint16_t attr;
219 	int vendor, product, source;
220 
221 	vendor = -1;
222 	product = -1;
223 	source = -1;
224 
225 	while (sdp_get_attr(rec, &attr, &value)) {
226 		switch (attr) {
227 		case 0x0201:	/* Vendor ID */
228 			if (sdp_get_uint(&value, &v)
229 			    && v <= UINT16_MAX)
230 				vendor = (int)v;
231 
232 			break;
233 
234 		case 0x0202:	/* Product ID */
235 			if (sdp_get_uint(&value, &v)
236 			    && v <= UINT16_MAX)
237 				product = (int)v;
238 
239 			break;
240 
241 		case 0x0205:	/* Vendor ID Source */
242 			if (sdp_get_uint(&value, &v)
243 			    && v <= UINT16_MAX)
244 				source = (int)v;
245 
246 			break;
247 
248 		default:
249 			break;
250 		}
251 	}
252 
253 	if (vendor == -1 || product == -1)
254 		return ENOATTR;
255 
256 	if (source != 0x0002)	/* "USB Implementers Forum" */
257 		return ENOATTR;
258 
259 	if (!prop_dictionary_set_uint16(dict, BTDEVvendor, (uint16_t)vendor))
260 		return errno;
261 
262 	if (!prop_dictionary_set_uint16(dict, BTDEVproduct, (uint16_t)product))
263 		return errno;
264 
265 	return 0;
266 }
267 
268 /*
269  * Configure HID results
270  */
271 static int
272 config_hid(prop_dictionary_t dict, sdp_data_t *rec)
273 {
274 	prop_object_t obj;
275 	int32_t control_psm, interrupt_psm,
276 		reconnect_initiate, hid_length;
277 	uint8_t *hid_descriptor;
278 	sdp_data_t value;
279 	const char *mode;
280 	uint16_t attr;
281 
282 	control_psm = -1;
283 	interrupt_psm = -1;
284 	reconnect_initiate = -1;
285 	hid_descriptor = NULL;
286 	hid_length = -1;
287 
288 	while (sdp_get_attr(rec, &attr, &value)) {
289 		switch (attr) {
290 		case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST:
291 			control_psm = parse_pdl(&value, SDP_UUID_PROTOCOL_L2CAP);
292 			break;
293 
294 		case SDP_ATTR_ADDITIONAL_PROTOCOL_DESCRIPTOR_LISTS:
295 			interrupt_psm = parse_apdl(&value, SDP_UUID_PROTOCOL_L2CAP);
296 			break;
297 
298 		case 0x0205: /* HIDReconnectInitiate */
299 			reconnect_initiate = parse_boolean(&value);
300 			break;
301 
302 		case 0x0206: /* HIDDescriptorList */
303 			if (parse_hid_descriptor(&value)) {
304 				hid_descriptor = value.next;
305 				hid_length = value.end - value.next;
306 			}
307 			break;
308 
309 		default:
310 			break;
311 		}
312 	}
313 
314 	if (control_psm == -1
315 	    || interrupt_psm == -1
316 	    || reconnect_initiate == -1
317 	    || hid_descriptor == NULL
318 	    || hid_length == -1)
319 		return ENOATTR;
320 
321 	obj = prop_string_create_cstring_nocopy("bthidev");
322 	if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj))
323 		return errno;
324 
325 	prop_object_release(obj);
326 
327 	obj = prop_number_create_integer(control_psm);
328 	if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVcontrolpsm, obj))
329 		return errno;
330 
331 	prop_object_release(obj);
332 
333 	obj = prop_number_create_integer(interrupt_psm);
334 	if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVinterruptpsm, obj))
335 		return errno;
336 
337 	prop_object_release(obj);
338 
339 	obj = prop_data_create_data(hid_descriptor, hid_length);
340 	if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVdescriptor, obj))
341 		return errno;
342 
343 	mode = hid_mode(obj);
344 	prop_object_release(obj);
345 
346 	obj = prop_string_create_cstring_nocopy(mode);
347 	if (obj == NULL || !prop_dictionary_set(dict, BTDEVmode, obj))
348 		return errno;
349 
350 	prop_object_release(obj);
351 
352 	if (!reconnect_initiate) {
353 		obj = prop_bool_create(true);
354 		if (obj == NULL || !prop_dictionary_set(dict, BTHIDEVreconnect, obj))
355 			return errno;
356 
357 		prop_object_release(obj);
358 	}
359 
360 	return 0;
361 }
362 
363 /*
364  * Configure HSET results
365  */
366 static int
367 config_hset(prop_dictionary_t dict, sdp_data_t *rec)
368 {
369 	prop_object_t obj;
370 	sdp_data_t value;
371 	int32_t channel;
372 	uint16_t attr;
373 
374 	channel = -1;
375 
376 	while (sdp_get_attr(rec, &attr, &value)) {
377 		switch (attr) {
378 		case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST:
379 			channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM);
380 			break;
381 
382 		default:
383 			break;
384 		}
385 	}
386 
387 	if (channel == -1)
388 		return ENOATTR;
389 
390 	obj = prop_string_create_cstring_nocopy("btsco");
391 	if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj))
392 		return errno;
393 
394 	prop_object_release(obj);
395 
396 	obj = prop_number_create_integer(channel);
397 	if (obj == NULL || !prop_dictionary_set(dict, BTSCOchannel, obj))
398 		return errno;
399 
400 	prop_object_release(obj);
401 
402 	return 0;
403 }
404 
405 /*
406  * Configure HF results
407  */
408 static int
409 config_hf(prop_dictionary_t dict, sdp_data_t *rec)
410 {
411 	prop_object_t obj;
412 	sdp_data_t value;
413 	int32_t channel;
414 	uint16_t attr;
415 
416 	channel = -1;
417 
418 	while (sdp_get_attr(rec, &attr, &value)) {
419 		switch (attr) {
420 		case SDP_ATTR_PROTOCOL_DESCRIPTOR_LIST:
421 			channel = parse_pdl(&value, SDP_UUID_PROTOCOL_RFCOMM);
422 			break;
423 
424 		default:
425 			break;
426 		}
427 	}
428 
429 	if (channel == -1)
430 		return ENOATTR;
431 
432 	obj = prop_string_create_cstring_nocopy("btsco");
433 	if (obj == NULL || !prop_dictionary_set(dict, BTDEVtype, obj))
434 		return errno;
435 
436 	prop_object_release(obj);
437 
438 	obj = prop_bool_create(true);
439 	if (obj == NULL || !prop_dictionary_set(dict, BTSCOlisten, obj))
440 		return errno;
441 
442 	prop_object_release(obj);
443 
444 	obj = prop_number_create_integer(channel);
445 	if (obj == NULL || !prop_dictionary_set(dict, BTSCOchannel, obj))
446 		return errno;
447 
448 	prop_object_release(obj);
449 
450 	return 0;
451 }
452 
453 /*
454  * Parse HIDDescriptorList . This is a sequence of HIDDescriptors, of which
455  * each is a data element sequence containing, minimally, a ClassDescriptorType
456  * and ClassDescriptorData containing a byte array of data. Any extra elements
457  * should be ignored.
458  *
459  * If a ClassDescriptorType "Report" is found, set SDP data value to the
460  * ClassDescriptorData content and return true. Note that we don't need to
461  * extract the actual length as the SDP data is guaranteed valid.
462  */
463 
464 static bool
465 parse_hid_descriptor(sdp_data_t *value)
466 {
467 	sdp_data_t list, desc;
468 	uintmax_t type;
469 	char *str;
470 	size_t len;
471 
472 	if (!sdp_get_seq(value, &list))
473 		return false;
474 
475 	while (sdp_get_seq(&list, &desc)) {
476 		if (sdp_get_uint(&desc, &type)
477 		    && type == UDESC_REPORT
478 		    && sdp_get_str(&desc, &str, &len)) {
479 			value->next = (uint8_t *)str;
480 			value->end = (uint8_t *)(str + len);
481 			return true;
482 		}
483 	}
484 
485 	return false;
486 }
487 
488 static int32_t
489 parse_boolean(sdp_data_t *value)
490 {
491 	bool bv;
492 
493 	if (!sdp_get_bool(value, &bv))
494 		return -1;
495 
496 	return bv;
497 }
498 
499 /*
500  * The ProtocolDescriptorList attribute describes one or
501  * more protocol stacks that may be used to gain access to
502  * the service dscribed by the service record.
503  *
504  * If the ProtocolDescriptorList describes a single stack,
505  * the attribute value takes the form of a data element
506  * sequence in which each element of the sequence is a
507  * protocol descriptor.
508  *
509  *	seq
510  *	  <list>
511  *
512  * If it is possible for more than one kind of protocol
513  * stack to be used to gain access to the service, the
514  * ProtocolDescriptorList takes the form of a data element
515  * alternative where each member is a data element sequence
516  * consisting of a list of sequences describing each protocol
517  *
518  *	alt
519  *	  seq
520  *	    <list>
521  *	  seq
522  *	    <list>
523  *
524  * Each ProtocolDescriptorList is a list containing a sequence for
525  * each protocol, where each sequence contains the protocol UUUID
526  * and any protocol specific parameters.
527  *
528  *	seq
529  *	  uuid		L2CAP
530  *	  uint16	psm
531  *	seq
532  *	  uuid		RFCOMM
533  *	  uint8		channel
534  *
535  * We want to extract the ProtocolSpecificParameter#1 for the
536  * given protocol, which will be an unsigned int.
537  */
538 static int32_t
539 parse_pdl_param(sdp_data_t *pdl, uint16_t proto)
540 {
541 	sdp_data_t seq;
542 	uintmax_t param;
543 
544 	while (sdp_get_seq(pdl, &seq)) {
545 		if (!sdp_match_uuid16(&seq, proto))
546 			continue;
547 
548 		if (sdp_get_uint(&seq, &param))
549 			return param;
550 
551 		break;
552 	}
553 
554 	return -1;
555 }
556 
557 static int32_t
558 parse_pdl(sdp_data_t *value, uint16_t proto)
559 {
560 	sdp_data_t seq;
561 	int32_t param = -1;
562 
563 	sdp_get_alt(value, value);	/* strip any alt header */
564 
565 	while (param == -1 && sdp_get_seq(value, &seq))
566 		param = parse_pdl_param(&seq, proto);
567 
568 	return param;
569 }
570 
571 /*
572  * Parse AdditionalProtocolDescriptorList
573  */
574 static int32_t
575 parse_apdl(sdp_data_t *value, uint16_t proto)
576 {
577 	sdp_data_t seq;
578 	int32_t param = -1;
579 
580 	sdp_get_seq(value, value);	/* strip seq header */
581 
582 	while (param == -1 && sdp_get_seq(value, &seq))
583 		param = parse_pdl_param(&seq, proto);
584 
585 	return param;
586 }
587 
588 /*
589  * return appropriate mode for HID descriptor
590  */
591 const char *
592 hid_mode(prop_data_t desc)
593 {
594 	report_desc_t r;
595 	hid_data_t d;
596 	struct hid_item h;
597 	const char *mode;
598 
599 	hid_init(NULL);
600 
601 	mode = BTDEVauth;	/* default */
602 
603 	r = hid_use_report_desc(prop_data_data_nocopy(desc),
604 				prop_data_size(desc));
605 	if (r == NULL)
606 		err(EXIT_FAILURE, "hid_use_report_desc");
607 
608 	d = hid_start_parse(r, ~0, -1);
609 	while (hid_get_item(d, &h) > 0) {
610 		if (h.kind == hid_collection
611 		    && HID_PAGE(h.usage) == HUP_GENERIC_DESKTOP
612 		    && HID_USAGE(h.usage) == HUG_KEYBOARD)
613 			mode = BTDEVencrypt;
614 	}
615 
616 	hid_end_parse(d);
617 	hid_dispose_report_desc(r);
618 
619 	return mode;
620 }
621