diff --git a/system/bta/ag/bta_ag_rfc.cc b/system/bta/ag/bta_ag_rfc.cc
index f07e07d980af7c1c1a27b0d388ca6b57bac913b3..d56e48cf6a0a2f2695075a3aeba03621235bdec1 100644
--- a/system/bta/ag/bta_ag_rfc.cc
+++ b/system/bta/ag/bta_ag_rfc.cc
@@ -29,6 +29,7 @@
#include <cstring>
#include "bta/ag/bta_ag_int.h"
+#include "bta/include/bta_sec_api.h"
#include "osi/include/osi.h"
#include "stack/include/main_thread.h"
#include "stack/include/port_api.h"
diff --git a/system/bta/av/bta_av_int.h b/system/bta/av/bta_av_int.h
index ecaef26db961f4bdf67ee4080cacffb4d4faae6e..4cf4c6fad236681c22397a9c694d64f47af8086d 100644
--- a/system/bta/av/bta_av_int.h
+++ b/system/bta/av/bta_av_int.h
@@ -28,6 +28,7 @@
#include <string>
#include "bta/include/bta_av_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bta/sys/bta_sys.h"
#include "include/hardware/bt_av.h"
#include "osi/include/list.h"
diff --git a/system/bta/csis/csis_client.cc b/system/bta/csis/csis_client.cc
index ed5547855c075cf0bbc53db87f7af81f1d7d4748..f5572eaf5a1c1fa849af645bc288b29ee2b3adf1 100644
--- a/system/bta/csis/csis_client.cc
+++ b/system/bta/csis/csis_client.cc
@@ -29,6 +29,7 @@
#include "advertise_data_parser.h"
#include "bta_api.h"
+#include "bta_sec_api.h"
#include "bta_csis_api.h"
#include "bta_gatt_api.h"
#include "bta_gatt_queue.h"
diff --git a/system/bta/dm/bta_dm_act.cc b/system/bta/dm/bta_dm_act.cc
index 2d19719240f55e42255058eff9664952aa21ad77..f5cfcb5116f455092c2b34d016b754b03fde5e44 100644
--- a/system/bta/dm/bta_dm_act.cc
+++ b/system/bta/dm/bta_dm_act.cc
@@ -37,6 +37,7 @@
#include "bta/dm/bta_dm_gatt_client.h"
#include "bta/dm/bta_dm_int.h"
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bta/include/bta_sdp_api.h"
#include "bta/dm/bta_dm_sec_int.h"
#include "bta/sys/bta_sys.h"
diff --git a/system/bta/dm/bta_dm_int.h b/system/bta/dm/bta_dm_int.h
index d76164d5987dd33c83e877701dcf982128e8a000..8a203d0a6e3ebead2b6d93e62584fa3eb06eb27b 100644
--- a/system/bta/dm/bta_dm_int.h
+++ b/system/bta/dm/bta_dm_int.h
@@ -31,6 +31,7 @@
#include "bt_target.h" // Must be first to define build configuration
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bta/include/bta_gatt_api.h"
#include "bta/sys/bta_sys.h"
#include "main/shim/dumpsys.h"
diff --git a/system/bta/dm/bta_dm_sec_int.h b/system/bta/dm/bta_dm_sec_int.h
index 53c3ebe5237a410d2c5ef81d3c58ee5324525baf..f52a5542fd5d519c7b74f419d150b9eefba30d88 100644
--- a/system/bta/dm/bta_dm_sec_int.h
+++ b/system/bta/dm/bta_dm_sec_int.h
@@ -19,6 +19,7 @@
#include <memory>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "osi/include/osi.h" // UNUSED_ATTR
typedef struct {
diff --git a/system/bta/hf_client/bta_hf_client_rfc.cc b/system/bta/hf_client/bta_hf_client_rfc.cc
index e9e73e5028e322dcbca05990ac56ff0c1a89ec00..55dcf60d6a23dd29f533c82c5e3b87390e7adde8 100644
--- a/system/bta/hf_client/bta_hf_client_rfc.cc
+++ b/system/bta/hf_client/bta_hf_client_rfc.cc
@@ -26,6 +26,7 @@
#include <cstdint>
+#include "bta/include/bta_sec_api.h"
#include "bta/hf_client/bta_hf_client_int.h"
#include "osi/include/allocator.h"
#include "osi/include/osi.h" // UNUSED_ATTR
diff --git a/system/bta/include/bta_api.h b/system/bta/include/bta_api.h
index 46c88835718fc4ca0af5bfa99c5e8be5f0de74ed..f3671a4bf4d11df48174ffeb2ecb92f9a0db1965 100644
--- a/system/bta/include/bta_api.h
+++ b/system/bta/include/bta_api.h
@@ -43,41 +43,8 @@
#include "types/bluetooth/uuid.h"
#include "types/bt_transport.h"
#include "types/raw_address.h"
+#include "bta_api_data_types.h"
-/*****************************************************************************
- * Constants and data types
- ****************************************************************************/
-
-/* Status Return Value */
-typedef enum : uint8_t {
- BTA_SUCCESS = 0, /* Successful operation. */
- BTA_FAILURE = 1, /* Generic failure. */
- BTA_PENDING = 2, /* API cannot be completed right now */
- BTA_BUSY = 3,
- BTA_NO_RESOURCES = 4,
- BTA_WRONG_MODE = 5,
-} tBTA_STATUS;
-
-#ifndef CASE_RETURN_TEXT
-#define CASE_RETURN_TEXT(code) \
- case code: \
- return #code
-#endif
-
-inline std::string bta_status_text(const tBTA_STATUS& status) {
- switch (status) {
- CASE_RETURN_TEXT(BTA_SUCCESS);
- CASE_RETURN_TEXT(BTA_FAILURE);
- CASE_RETURN_TEXT(BTA_PENDING);
- CASE_RETURN_TEXT(BTA_BUSY);
- CASE_RETURN_TEXT(BTA_NO_RESOURCES);
- CASE_RETURN_TEXT(BTA_WRONG_MODE);
- default:
- return base::StringPrintf("UNKNOWN[%d]", status);
- }
-}
-
-#undef CASE_RETURN_TEXT
/*
* Service ID
@@ -121,15 +88,6 @@ typedef uint8_t tBTA_SERVICE_ID;
typedef uint32_t tBTA_SERVICE_MASK;
-/* Security Setting Mask */
-#define BTA_SEC_AUTHENTICATE \
- (BTM_SEC_IN_AUTHENTICATE | \
- BTM_SEC_OUT_AUTHENTICATE) /* Authentication required. */
-#define BTA_SEC_ENCRYPT \
- (BTM_SEC_IN_ENCRYPT | BTM_SEC_OUT_ENCRYPT) /* Encryption required. */
-
-typedef uint16_t tBTA_SEC;
-
#define BTA_APP_ID_PAN_MULTI 0xFE /* app id for pan multiple connection */
#define BTA_ALL_APP_ID 0xFF
@@ -224,116 +182,6 @@ typedef enum: uint8_t {
BTA_DM_LINK_UP_FAILED_EVT = 34, /* Create connection failed event */
} tBTA_DM_ACL_EVT;
-typedef enum : uint8_t {
- /* Security Callback Events */
- BTA_DM_PIN_REQ_EVT = 2, /* PIN request. */
- BTA_DM_AUTH_CMPL_EVT = 3, /* Authentication complete indication. */
- BTA_DM_AUTHORIZE_EVT = 4, /* Authorization request. */
- BTA_DM_BOND_CANCEL_CMPL_EVT = 9, /* Bond cancel complete indication */
- BTA_DM_SP_CFM_REQ_EVT = 10, /* Simple Pairing User Confirmation request */
- BTA_DM_SP_KEY_NOTIF_EVT = 11, /* Simple Pairing Passkey Notification */
- BTA_DM_BLE_KEY_EVT = 15, /* BLE SMP key event for peer device keys */
- BTA_DM_BLE_SEC_REQ_EVT = 16, /* BLE SMP security request */
- BTA_DM_BLE_PASSKEY_NOTIF_EVT = 17, /* SMP passkey notification event */
- BTA_DM_BLE_PASSKEY_REQ_EVT = 18, /* SMP passkey request event */
- BTA_DM_BLE_OOB_REQ_EVT = 19, /* SMP OOB request event */
- BTA_DM_BLE_LOCAL_IR_EVT = 20, /* BLE local IR event */
- BTA_DM_BLE_LOCAL_ER_EVT = 21, /* BLE local ER event */
- BTA_DM_BLE_NC_REQ_EVT = 22, /* SMP Numeric Comparison request event */
- BTA_DM_SP_RMT_OOB_EXT_EVT =
- 23, /* Simple Pairing Remote OOB Extended Data request. */
- BTA_DM_BLE_AUTH_CMPL_EVT = 24, /* BLE Auth complete */
- BTA_DM_DEV_UNPAIRED_EVT = 25,
- BTA_DM_ENER_INFO_READ = 28, /* Energy info read */
- BTA_DM_BLE_SC_OOB_REQ_EVT = 29, /* SMP SC OOB request event */
- BTA_DM_BLE_CONSENT_REQ_EVT = 30, /* SMP consent request event */
- BTA_DM_BLE_SC_CR_LOC_OOB_EVT = 31, /* SMP SC Create Local OOB request event */
- BTA_DM_REPORT_BONDING_EVT = 32, /*handle for pin or key missing*/
- BTA_DM_LE_ADDR_ASSOC_EVT = 33, /* identity address association event */
- BTA_DM_SIRK_VERIFICATION_REQ_EVT = 35,
-} tBTA_DM_SEC_EVT;
-
-/* Structure associated with BTA_DM_PIN_REQ_EVT */
-typedef struct {
- /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
- * order */
- RawAddress bd_addr; /* BD address peer device. */
- DEV_CLASS dev_class; /* Class of Device */
- BD_NAME bd_name; /* Name of peer device. */
- bool min_16_digit; /* true if the pin returned must be at least 16 digits */
-} tBTA_DM_PIN_REQ;
-
-/* BLE related definition */
-
-#define BTA_DM_AUTH_FAIL_BASE (HCI_ERR_MAX_ERR + 10)
-
-/* Converts SMP error codes defined in smp_api.h to SMP auth fail reasons below.
- */
-#define BTA_DM_AUTH_CONVERT_SMP_CODE(x) (BTA_DM_AUTH_FAIL_BASE + (x))
-
-#define BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL \
- (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_AUTH_FAIL)
-#define BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL \
- (BTA_DM_AUTH_FAIL_BASE + SMP_CONFIRM_VALUE_ERR)
-#define BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT \
- (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_NOT_SUPPORT)
-#define BTA_DM_AUTH_SMP_UNKNOWN_ERR \
- (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_FAIL_UNKNOWN)
-#define BTA_DM_AUTH_SMP_CONN_TOUT (BTA_DM_AUTH_FAIL_BASE + SMP_CONN_TOUT)
-
-typedef uint8_t tBTA_LE_KEY_TYPE; /* can be used as a bit mask */
-
-typedef union {
- tBTM_LE_PENC_KEYS penc_key; /* received peer encryption key */
- tBTM_LE_PCSRK_KEYS psrk_key; /* received peer device SRK */
- tBTM_LE_PID_KEYS pid_key; /* peer device ID key */
- tBTM_LE_LENC_KEYS
- lenc_key; /* local encryption reproduction keys LTK = = d1(ER,DIV,0)*/
- tBTM_LE_LCSRK_KEYS lcsrk_key; /* local device CSRK = d1(ER,DIV,1)*/
- tBTM_LE_PID_KEYS lid_key; /* local device ID key for the particular remote */
-} tBTA_LE_KEY_VALUE;
-
-#define BTA_BLE_LOCAL_KEY_TYPE_ID 1
-#define BTA_BLE_LOCAL_KEY_TYPE_ER 2
-typedef uint8_t tBTA_DM_BLE_LOCAL_KEY_MASK;
-
-typedef struct {
- Octet16 ir;
- Octet16 irk;
- Octet16 dhk;
-} tBTA_BLE_LOCAL_ID_KEYS;
-
-#define BTA_DM_SEC_GRANTED BTA_SUCCESS
-#define BTA_DM_SEC_PAIR_NOT_SPT BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT
-typedef uint8_t tBTA_DM_BLE_SEC_GRANT;
-
-/* Structure associated with BTA_DM_BLE_SEC_REQ_EVT */
-typedef struct {
- RawAddress bd_addr; /* peer address */
- BD_NAME bd_name; /* peer device name */
-} tBTA_DM_BLE_SEC_REQ;
-
-typedef struct {
- RawAddress bd_addr; /* peer address */
- tBTM_LE_KEY_TYPE key_type;
- tBTM_LE_KEY_VALUE* p_key_value;
-} tBTA_DM_BLE_KEY;
-
-/* Structure associated with BTA_DM_AUTH_CMPL_EVT */
-typedef struct {
- RawAddress bd_addr; /* BD address peer device. */
- BD_NAME bd_name; /* Name of peer device. */
- bool key_present; /* Valid link key value in key element */
- LinkKey key; /* Link key associated with peer device. */
- uint8_t key_type; /* The type of Link Key */
- bool success; /* true of authentication succeeded, false if failed. */
- tHCI_REASON
- fail_reason; /* The HCI reason/error code for when success=false */
- tBLE_ADDR_TYPE addr_type; /* Peer device address type */
- tBT_DEVICE_TYPE dev_type;
- bool is_ctkd; /* True if key is derived using CTKD procedure */
-} tBTA_DM_AUTH_CMPL;
-
/* Structure associated with BTA_DM_LINK_UP_EVT */
typedef struct {
RawAddress bd_addr; /* BD address peer device. */
@@ -355,82 +203,6 @@ typedef struct {
tHCI_STATUS status;
} tBTA_DM_LINK_DOWN;
-/* Structure associated with BTA_DM_DEV_UNPAIRED_EVT */
-typedef struct {
- RawAddress bd_addr; /* BD address peer device. */
- tBT_TRANSPORT transport_link_type;
-} tBTA_DM_UNPAIR;
-
-#define BTA_AUTH_SP_YES \
- BTM_AUTH_SP_YES /* 1 MITM Protection Required - Single Profile/non-bonding \
- Use IO Capabilities to determine authentication procedure \
- */
-
-#define BTA_AUTH_DD_BOND \
- BTM_AUTH_DD_BOND /* 2 this bit is set for dedicated bonding */
-#define BTA_AUTH_GEN_BOND \
- BTM_AUTH_SPGB_NO /* 4 this bit is set for general bonding */
-#define BTA_AUTH_BONDS \
- BTM_AUTH_BONDS /* 6 the general/dedicated bonding bits */
-
-#define BTA_LE_AUTH_REQ_SC_MITM_BOND BTM_LE_AUTH_REQ_SC_MITM_BOND /* 1101 */
-
-/* Structure associated with BTA_DM_SP_CFM_REQ_EVT */
-typedef struct {
- /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
- * order */
- RawAddress bd_addr; /* peer address */
- DEV_CLASS dev_class; /* peer CoD */
- BD_NAME bd_name; /* peer device name */
- uint32_t num_val; /* the numeric value for comparison. If just_works, do not
- show this number to UI */
- bool just_works; /* true, if "Just Works" association model */
- tBTM_AUTH_REQ loc_auth_req; /* Authentication required for local device */
- tBTM_AUTH_REQ rmt_auth_req; /* Authentication required for peer device */
- tBTM_IO_CAP loc_io_caps; /* IO Capabilities of local device */
- tBTM_IO_CAP rmt_io_caps; // IO Capabilities of remote device
-} tBTA_DM_SP_CFM_REQ;
-
-/* Structure associated with BTA_DM_SP_KEY_NOTIF_EVT */
-typedef struct {
- /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
- * order */
- RawAddress bd_addr; /* peer address */
- DEV_CLASS dev_class; /* peer CoD */
- BD_NAME bd_name; /* peer device name */
- uint32_t passkey; /* the numeric value for comparison. If just_works, do not
- show this number to UI */
-} tBTA_DM_SP_KEY_NOTIF;
-
-/* Structure associated with BTA_DM_SP_RMT_OOB_EVT */
-typedef struct {
- /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
- * order */
- RawAddress bd_addr; /* peer address */
- DEV_CLASS dev_class; /* peer CoD */
- BD_NAME bd_name; /* peer device name */
-} tBTA_DM_SP_RMT_OOB;
-
-/* Structure associated with BTA_DM_BOND_CANCEL_CMPL_EVT */
-typedef struct {
- tBTA_STATUS result; /* true of bond cancel succeeded, false if failed. */
-} tBTA_DM_BOND_CANCEL_CMPL;
-
-/* Add to remove bond of key missing RC */
-typedef struct {
- RawAddress bd_addr;
-} tBTA_DM_RC_UNPAIR;
-
-typedef struct {
- Octet16 local_oob_c; /* Local OOB Data Confirmation/Commitment */
- Octet16 local_oob_r; /* Local OOB Data Randomizer */
-} tBTA_DM_LOC_OOB_DATA;
-
-typedef struct {
- RawAddress pairing_bda;
- RawAddress id_addr;
-} tBTA_DM_PROC_ID_ADDR;
-
typedef union {
tBTA_DM_LINK_UP link_up; /* ACL connection up event */
tBTA_DM_LINK_UP_FAILED link_up_failed; /* ACL connection up failure event */
@@ -439,28 +211,6 @@ typedef union {
typedef void(tBTA_DM_ACL_CBACK)(tBTA_DM_ACL_EVT event, tBTA_DM_ACL* p_data);
-/* Union of all security callback structures */
-typedef union {
- tBTA_DM_PIN_REQ pin_req; /* PIN request. */
- tBTA_DM_AUTH_CMPL auth_cmpl; /* Authentication complete indication. */
- tBTA_DM_UNPAIR dev_unpair; /* Remove bonding complete indication */
- tBTA_DM_SP_CFM_REQ cfm_req; /* user confirm request */
- tBTA_DM_SP_KEY_NOTIF key_notif; /* passkey notification */
- tBTA_DM_SP_RMT_OOB rmt_oob; /* remote oob */
- tBTA_DM_BOND_CANCEL_CMPL
- bond_cancel_cmpl; /* Bond Cancel Complete indication */
- tBTA_DM_BLE_SEC_REQ ble_req; /* BLE SMP related request */
- tBTA_DM_BLE_KEY ble_key; /* BLE SMP keys used when pairing */
- tBTA_BLE_LOCAL_ID_KEYS ble_id_keys; /* IR event */
- Octet16 ble_er; /* ER event data */
- tBTA_DM_LOC_OOB_DATA local_oob_data; /* Local OOB data generated by us */
- tBTA_DM_RC_UNPAIR delete_key_RC_to_unpair;
- tBTA_DM_PROC_ID_ADDR proc_id_addr; /* Identity address event */
-} tBTA_DM_SEC;
-
-/* Security callback */
-typedef void(tBTA_DM_SEC_CBACK)(tBTA_DM_SEC_EVT event, tBTA_DM_SEC* p_data);
-
#define BTA_DM_BLE_PF_LIST_LOGIC_OR 1
#define BTA_DM_BLE_PF_FILT_LOGIC_OR 0
@@ -852,107 +602,6 @@ void BTA_DmDiscover(const RawAddress& bd_addr, tBTA_DM_SEARCH_CBACK* p_cback,
tBTA_STATUS BTA_DmGetCachedRemoteName(const RawAddress& remote_device,
uint8_t** pp_cached_name);
-/*******************************************************************************
- *
- * Function BTA_DmBond
- *
- * Description This function initiates a bonding procedure with a peer
- * device by designated transport. The bonding procedure
- * enables authentication and optionally encryption on the
- * Bluetooth link.
- *
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmBond(const RawAddress& bd_addr, tBLE_ADDR_TYPE addr_type,
- tBT_TRANSPORT transport, tBT_DEVICE_TYPE device_type);
-
-/*******************************************************************************
- *
- * Function BTA_DmBondCancel
- *
- * Description This function cancels a bonding procedure with a peer
- * device.
- *
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmBondCancel(const RawAddress& bd_addr);
-
-/*******************************************************************************
- *
- * Function BTA_DmPinReply
- *
- * Description This function provides a PIN when one is requested by DM
- * during a bonding procedure. The application should call
- * this function after the security callback is called with
- * a BTA_DM_PIN_REQ_EVT.
- *
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmPinReply(const RawAddress& bd_addr, bool accept, uint8_t pin_len,
- uint8_t* p_pin);
-
-/*******************************************************************************
- *
- * Function BTA_DmLocalOob
- *
- * Description This function retrieves the OOB data from local controller.
- * The result is reported by bta_dm_co_loc_oob().
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmLocalOob(void);
-
-/*******************************************************************************
- *
- * Function BTA_DmConfirm
- *
- * Description This function accepts or rejects the numerical value of the
- * Simple Pairing process on BTA_DM_SP_CFM_REQ_EVT
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmConfirm(const RawAddress& bd_addr, bool accept);
-
-/*******************************************************************************
- *
- * Function BTA_DmAddDevice
- *
- * Description This function adds a device to the security database list
- * of peer devices. This function would typically be called
- * at system startup to initialize the security database with
- * known peer devices. This is a direct execution function
- * that may lock task scheduling on some platforms.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmAddDevice(const RawAddress& bd_addr, DEV_CLASS dev_class,
- const LinkKey& link_key, uint8_t key_type,
- uint8_t pin_length);
-
-/*******************************************************************************
- *
- * Function BTA_DmRemoveDevice
- *
- * Description This function removes a device from the security database.
- * This is a direct execution function that may lock task
- * scheduling on some platforms.
- *
- *
- * Returns BTA_SUCCESS if successful.
- * BTA_FAIL if operation failed.
- *
- ******************************************************************************/
-tBTA_STATUS BTA_DmRemoveDevice(const RawAddress& bd_addr);
-
/*******************************************************************************
*
* Function BTA_GetEirService
@@ -1012,90 +661,6 @@ tBTA_STATUS BTA_DmSetLocalDiRecord(tSDP_DI_RECORD* p_device_info,
void BTA_DmCloseACL(const RawAddress& bd_addr, bool remove_dev,
tBT_TRANSPORT transport);
-/* BLE related API functions */
-/*******************************************************************************
- *
- * Function BTA_DmBleSecurityGrant
- *
- * Description Grant security request access.
- *
- * Parameters: bd_addr - BD address of the peer
- * res - security grant status.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmBleSecurityGrant(const RawAddress& bd_addr,
- tBTA_DM_BLE_SEC_GRANT res);
-
-/*******************************************************************************
- *
- * Function BTA_DmBlePasskeyReply
- *
- * Description Send BLE SMP passkey reply.
- *
- * Parameters: bd_addr - BD address of the peer
- * accept - passkey entry sucessful or declined.
- * passkey - passkey value, must be a 6 digit number,
- * can be lead by 0.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmBlePasskeyReply(const RawAddress& bd_addr, bool accept,
- uint32_t passkey);
-
-/*******************************************************************************
- *
- * Function BTA_DmBleConfirmReply
- *
- * Description Send BLE SMP SC user confirmation reply.
- *
- * Parameters: bd_addr - BD address of the peer
- * accept - numbers to compare are the same or
- * different.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmBleConfirmReply(const RawAddress& bd_addr, bool accept);
-
-/*******************************************************************************
- *
- * Function BTA_DmAddBleDevice
- *
- * Description Add a BLE device. This function will be normally called
- * during host startup to restore all required information
- * for a LE device stored in the NVRAM.
- *
- * Parameters: bd_addr - BD address of the peer
- * dev_type - Remote device's device type.
- * addr_type - LE device address type.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmAddBleDevice(const RawAddress& bd_addr, tBLE_ADDR_TYPE addr_type,
- tBT_DEVICE_TYPE dev_type);
-
-/*******************************************************************************
- *
- * Function BTA_DmAddBleKey
- *
- * Description Add/modify LE device information. This function will be
- * normally called during host startup to restore all required
- * information stored in the NVRAM.
- *
- * Parameters: bd_addr - BD address of the peer
- * p_le_key - LE key values.
- * key_type - LE SMP key type.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmAddBleKey(const RawAddress& bd_addr, tBTA_LE_KEY_VALUE* p_le_key,
- tBTM_LE_KEY_TYPE key_type);
-
/*******************************************************************************
*
* Function BTA_DmSetBlePrefConnParams
@@ -1118,33 +683,6 @@ void BTA_DmSetBlePrefConnParams(const RawAddress& bd_addr,
uint16_t peripheral_latency,
uint16_t supervision_tout);
-/*******************************************************************************
- *
- * Function BTA_DmSetEncryption
- *
- * Description This function is called to ensure that connection is
- * encrypted. Should be called only on an open connection.
- * Typically only needed for connections that first want to
- * bring up unencrypted links, then later encrypt them.
- *
- * Parameters: bd_addr - Address of the peer device
- * transport - transport of the link to be encruypted
- * p_callback - Pointer to callback function to indicat the
- * link encryption status
- * sec_act - This is the security action to indicate
- * what kind of BLE security level is required
- * for the BLE link if BLE is supported
- * Note: This parameter is ignored for
- * BR/EDR or if BLE is not supported.
- *
- * Returns void
- *
- *
- ******************************************************************************/
-void BTA_DmSetEncryption(const RawAddress& bd_addr, tBT_TRANSPORT transport,
- tBTA_DM_ENCRYPT_CBACK* p_callback,
- tBTM_BLE_SEC_ACT sec_act);
-
/*******************************************************************************
*
* Function BTA_DmBleObserve
@@ -1196,35 +734,6 @@ void BTA_DmBleScan(bool start, uint8_t duration, bool low_latency_scan = false);
******************************************************************************/
void BTA_DmBleCsisObserve(bool observe, tBTA_DM_SEARCH_CBACK* p_results_cb);
-/*******************************************************************************
- *
- * Function BTA_DmSirkSecCbRegister
- *
- * Description This procedure registeres in requested a callback for
- * verification by CSIS potential set member.
- *
- * Parameters p_cback - callback to member verificator
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmSirkSecCbRegister(tBTA_DM_SEC_CBACK* p_cback);
-
-/*******************************************************************************
- *
- * Function BTA_DmSirkConfirmDeviceReply
- *
- * Description This procedure confirms requested to validate set device.
- *
- * Parameters bd_addr - BD address of the peer
- * accept - True if device is authorized by CSIS, false
- * otherwise.
- *
- * Returns void
- *
- ******************************************************************************/
-void BTA_DmSirkConfirmDeviceReply(const RawAddress& bd_addr, bool accept);
-
/*******************************************************************************
*
* Function BTA_DmBleConfigLocalPrivacy
diff --git a/system/bta/include/bta_api_data_types.h b/system/bta/include/bta_api_data_types.h
new file mode 100644
index 0000000000000000000000000000000000000000..4a76cc828284fd62d3c64318a349fc04a91f6072
--- /dev/null
+++ b/system/bta/include/bta_api_data_types.h
@@ -0,0 +1,65 @@
+/******************************************************************************
+ *
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ ******************************************************************************/
+
+#pragma once
+
+#include <cstdint>
+#include <string>
+#include <base/strings/stringprintf.h>
+#include "types/raw_address.h"
+
+/*****************************************************************************
+ * Constants and data types
+ ****************************************************************************/
+
+/* Status Return Value */
+typedef enum : uint8_t {
+ BTA_SUCCESS = 0, /* Successful operation. */
+ BTA_FAILURE = 1, /* Generic failure. */
+ BTA_PENDING = 2, /* API cannot be completed right now */
+ BTA_BUSY = 3,
+ BTA_NO_RESOURCES = 4,
+ BTA_WRONG_MODE = 5,
+} tBTA_STATUS;
+
+#ifndef CASE_RETURN_TEXT
+#define CASE_RETURN_TEXT(code) \
+ case code: \
+ return #code
+#endif
+
+inline std::string bta_status_text(const tBTA_STATUS& status) {
+ switch (status) {
+ CASE_RETURN_TEXT(BTA_SUCCESS);
+ CASE_RETURN_TEXT(BTA_FAILURE);
+ CASE_RETURN_TEXT(BTA_PENDING);
+ CASE_RETURN_TEXT(BTA_BUSY);
+ CASE_RETURN_TEXT(BTA_NO_RESOURCES);
+ CASE_RETURN_TEXT(BTA_WRONG_MODE);
+ default:
+ return base::StringPrintf("UNKNOWN[%d]", status);
+ }
+}
+
+#undef CASE_RETURN_TEXT
+
+typedef struct {
+ RawAddress pairing_bda;
+ RawAddress id_addr;
+} tBTA_DM_PROC_ID_ADDR;
+
diff --git a/system/bta/include/bta_jv_api.h b/system/bta/include/bta_jv_api.h
index aa9dcfa8a1b434417566bfdf32e7703b4a84b716..440e24944fac8f7dde1dfc49b3ae9436b4264df1 100644
--- a/system/bta/include/bta_jv_api.h
+++ b/system/bta/include/bta_jv_api.h
@@ -29,6 +29,7 @@
#include "bt_target.h" // Must be first to define build configuration
#include "bta/include/bta_api.h"
+#include "bta_sec_api.h"
#include "stack/include/bt_hdr.h"
#include "stack/include/l2c_api.h"
#include "types/bluetooth/uuid.h"
diff --git a/system/bta/include/bta_sec_api.h b/system/bta/include/bta_sec_api.h
new file mode 100644
index 0000000000000000000000000000000000000000..d06fc43bbe1adf671cd9bd6013359fca87e30579
--- /dev/null
+++ b/system/bta/include/bta_sec_api.h
@@ -0,0 +1,496 @@
+/******************************************************************************
+ *
+ * Copyright 2023 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at:
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ ******************************************************************************/
+
+#pragma once
+
+#include <base/strings/stringprintf.h>
+#include <base/functional/callback.h>
+
+#include <cstdint>
+#include <vector>
+
+#include "bt_target.h" // Must be first to define build configuration
+#include "stack/include/bt_octets.h"
+#include "stack/include/bt_types.h"
+#include "stack/include/btm_api_types.h"
+#include "stack/include/btm_ble_api_types.h"
+#include "stack/include/hci_error_code.h"
+#include "types/ble_address_with_type.h"
+#include "types/bt_transport.h"
+#include "types/raw_address.h"
+
+#include "bta_api_data_types.h"
+
+/* Security Setting Mask */
+#define BTA_SEC_AUTHENTICATE \
+ (BTM_SEC_IN_AUTHENTICATE | \
+ BTM_SEC_OUT_AUTHENTICATE) /* Authentication required. */
+#define BTA_SEC_ENCRYPT \
+ (BTM_SEC_IN_ENCRYPT | BTM_SEC_OUT_ENCRYPT) /* Encryption required. */
+
+typedef uint16_t tBTA_SEC;
+
+typedef enum : uint8_t {
+ /* Security Callback Events */
+ BTA_DM_PIN_REQ_EVT = 2, /* PIN request. */
+ BTA_DM_AUTH_CMPL_EVT = 3, /* Authentication complete indication. */
+ BTA_DM_AUTHORIZE_EVT = 4, /* Authorization request. */
+ BTA_DM_BOND_CANCEL_CMPL_EVT = 9, /* Bond cancel complete indication */
+ BTA_DM_SP_CFM_REQ_EVT = 10, /* Simple Pairing User Confirmation request */
+ BTA_DM_SP_KEY_NOTIF_EVT = 11, /* Simple Pairing Passkey Notification */
+ BTA_DM_BLE_KEY_EVT = 15, /* BLE SMP key event for peer device keys */
+ BTA_DM_BLE_SEC_REQ_EVT = 16, /* BLE SMP security request */
+ BTA_DM_BLE_PASSKEY_NOTIF_EVT = 17, /* SMP passkey notification event */
+ BTA_DM_BLE_PASSKEY_REQ_EVT = 18, /* SMP passkey request event */
+ BTA_DM_BLE_OOB_REQ_EVT = 19, /* SMP OOB request event */
+ BTA_DM_BLE_LOCAL_IR_EVT = 20, /* BLE local IR event */
+ BTA_DM_BLE_LOCAL_ER_EVT = 21, /* BLE local ER event */
+ BTA_DM_BLE_NC_REQ_EVT = 22, /* SMP Numeric Comparison request event */
+ BTA_DM_SP_RMT_OOB_EXT_EVT =
+ 23, /* Simple Pairing Remote OOB Extended Data request. */
+ BTA_DM_BLE_AUTH_CMPL_EVT = 24, /* BLE Auth complete */
+ BTA_DM_DEV_UNPAIRED_EVT = 25,
+ BTA_DM_ENER_INFO_READ = 28, /* Energy info read */
+ BTA_DM_BLE_SC_OOB_REQ_EVT = 29, /* SMP SC OOB request event */
+ BTA_DM_BLE_CONSENT_REQ_EVT = 30, /* SMP consent request event */
+ BTA_DM_BLE_SC_CR_LOC_OOB_EVT = 31, /* SMP SC Create Local OOB request event */
+ BTA_DM_REPORT_BONDING_EVT = 32, /*handle for pin or key missing*/
+ BTA_DM_LE_ADDR_ASSOC_EVT = 33, /* identity address association event */
+ BTA_DM_SIRK_VERIFICATION_REQ_EVT = 35,
+} tBTA_DM_SEC_EVT;
+
+/* Structure associated with BTA_DM_PIN_REQ_EVT */
+typedef struct {
+ /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
+ * order */
+ RawAddress bd_addr; /* BD address peer device. */
+ DEV_CLASS dev_class; /* Class of Device */
+ BD_NAME bd_name; /* Name of peer device. */
+ bool min_16_digit; /* true if the pin returned must be at least 16 digits */
+} tBTA_DM_PIN_REQ;
+
+/* BLE related definition */
+
+#define BTA_DM_AUTH_FAIL_BASE (HCI_ERR_MAX_ERR + 10)
+
+/* Converts SMP error codes defined in smp_api.h to SMP auth fail reasons below.
+ */
+#define BTA_DM_AUTH_CONVERT_SMP_CODE(x) (BTA_DM_AUTH_FAIL_BASE + (x))
+
+#define BTA_DM_AUTH_SMP_PAIR_AUTH_FAIL \
+ (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_AUTH_FAIL)
+#define BTA_DM_AUTH_SMP_CONFIRM_VALUE_FAIL \
+ (BTA_DM_AUTH_FAIL_BASE + SMP_CONFIRM_VALUE_ERR)
+#define BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT \
+ (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_NOT_SUPPORT)
+#define BTA_DM_AUTH_SMP_UNKNOWN_ERR \
+ (BTA_DM_AUTH_FAIL_BASE + SMP_PAIR_FAIL_UNKNOWN)
+#define BTA_DM_AUTH_SMP_CONN_TOUT (BTA_DM_AUTH_FAIL_BASE + SMP_CONN_TOUT)
+
+typedef uint8_t tBTA_LE_KEY_TYPE; /* can be used as a bit mask */
+
+typedef union {
+ tBTM_LE_PENC_KEYS penc_key; /* received peer encryption key */
+ tBTM_LE_PCSRK_KEYS psrk_key; /* received peer device SRK */
+ tBTM_LE_PID_KEYS pid_key; /* peer device ID key */
+ tBTM_LE_LENC_KEYS
+ lenc_key; /* local encryption reproduction keys LTK = = d1(ER,DIV,0)*/
+ tBTM_LE_LCSRK_KEYS lcsrk_key; /* local device CSRK = d1(ER,DIV,1)*/
+ tBTM_LE_PID_KEYS lid_key; /* local device ID key for the particular remote */
+} tBTA_LE_KEY_VALUE;
+
+#define BTA_BLE_LOCAL_KEY_TYPE_ID 1
+#define BTA_BLE_LOCAL_KEY_TYPE_ER 2
+typedef uint8_t tBTA_DM_BLE_LOCAL_KEY_MASK;
+
+typedef struct {
+ Octet16 ir;
+ Octet16 irk;
+ Octet16 dhk;
+} tBTA_BLE_LOCAL_ID_KEYS;
+
+#define BTA_DM_SEC_GRANTED BTA_SUCCESS
+#define BTA_DM_SEC_PAIR_NOT_SPT BTA_DM_AUTH_SMP_PAIR_NOT_SUPPORT
+typedef uint8_t tBTA_DM_BLE_SEC_GRANT;
+
+/* Structure associated with BTA_DM_BLE_SEC_REQ_EVT */
+typedef struct {
+ RawAddress bd_addr; /* peer address */
+ BD_NAME bd_name; /* peer device name */
+} tBTA_DM_BLE_SEC_REQ;
+
+typedef struct {
+ RawAddress bd_addr; /* peer address */
+ tBTM_LE_KEY_TYPE key_type;
+ tBTM_LE_KEY_VALUE* p_key_value;
+} tBTA_DM_BLE_KEY;
+
+/* Structure associated with BTA_DM_AUTH_CMPL_EVT */
+typedef struct {
+ RawAddress bd_addr; /* BD address peer device. */
+ BD_NAME bd_name; /* Name of peer device. */
+ bool key_present; /* Valid link key value in key element */
+ LinkKey key; /* Link key associated with peer device. */
+ uint8_t key_type; /* The type of Link Key */
+ bool success; /* true of authentication succeeded, false if failed. */
+ tHCI_REASON
+ fail_reason; /* The HCI reason/error code for when success=false */
+ tBLE_ADDR_TYPE addr_type; /* Peer device address type */
+ tBT_DEVICE_TYPE dev_type;
+ bool is_ctkd; /* True if key is derived using CTKD procedure */
+} tBTA_DM_AUTH_CMPL;
+
+/* Structure associated with BTA_DM_DEV_UNPAIRED_EVT */
+typedef struct {
+ RawAddress bd_addr; /* BD address peer device. */
+ tBT_TRANSPORT transport_link_type;
+} tBTA_DM_UNPAIR;
+
+#define BTA_AUTH_SP_YES \
+ BTM_AUTH_SP_YES /* 1 MITM Protection Required - Single Profile/non-bonding \
+ Use IO Capabilities to determine authentication procedure \
+ */
+
+#define BTA_AUTH_DD_BOND \
+ BTM_AUTH_DD_BOND /* 2 this bit is set for dedicated bonding */
+#define BTA_AUTH_GEN_BOND \
+ BTM_AUTH_SPGB_NO /* 4 this bit is set for general bonding */
+#define BTA_AUTH_BONDS \
+ BTM_AUTH_BONDS /* 6 the general/dedicated bonding bits */
+
+#define BTA_LE_AUTH_REQ_SC_MITM_BOND BTM_LE_AUTH_REQ_SC_MITM_BOND /* 1101 */
+
+/* Structure associated with BTA_DM_SP_CFM_REQ_EVT */
+typedef struct {
+ /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
+ * order */
+ RawAddress bd_addr; /* peer address */
+ DEV_CLASS dev_class; /* peer CoD */
+ BD_NAME bd_name; /* peer device name */
+ uint32_t num_val; /* the numeric value for comparison. If just_works, do not
+ show this number to UI */
+ bool just_works; /* true, if "Just Works" association model */
+ tBTM_AUTH_REQ loc_auth_req; /* Authentication required for local device */
+ tBTM_AUTH_REQ rmt_auth_req; /* Authentication required for peer device */
+ tBTM_IO_CAP loc_io_caps; /* IO Capabilities of local device */
+ tBTM_IO_CAP rmt_io_caps; // IO Capabilities of remote device
+} tBTA_DM_SP_CFM_REQ;
+
+/* Structure associated with BTA_DM_SP_KEY_NOTIF_EVT */
+typedef struct {
+ /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
+ * order */
+ RawAddress bd_addr; /* peer address */
+ DEV_CLASS dev_class; /* peer CoD */
+ BD_NAME bd_name; /* peer device name */
+ uint32_t passkey; /* the numeric value for comparison. If just_works, do not
+ show this number to UI */
+} tBTA_DM_SP_KEY_NOTIF;
+
+/* Structure associated with BTA_DM_SP_RMT_OOB_EVT */
+typedef struct {
+ /* Note: First 3 data members must be, bd_addr, dev_class, and bd_name in
+ * order */
+ RawAddress bd_addr; /* peer address */
+ DEV_CLASS dev_class; /* peer CoD */
+ BD_NAME bd_name; /* peer device name */
+} tBTA_DM_SP_RMT_OOB;
+
+/* Structure associated with BTA_DM_BOND_CANCEL_CMPL_EVT */
+typedef struct {
+ tBTA_STATUS result; /* true of bond cancel succeeded, false if failed. */
+} tBTA_DM_BOND_CANCEL_CMPL;
+
+/* Add to remove bond of key missing RC */
+typedef struct {
+ RawAddress bd_addr;
+} tBTA_DM_RC_UNPAIR;
+
+typedef struct {
+ Octet16 local_oob_c; /* Local OOB Data Confirmation/Commitment */
+ Octet16 local_oob_r; /* Local OOB Data Randomizer */
+} tBTA_DM_LOC_OOB_DATA;
+
+/* Union of all security callback structures */
+typedef union {
+ tBTA_DM_PIN_REQ pin_req; /* PIN request. */
+ tBTA_DM_AUTH_CMPL auth_cmpl; /* Authentication complete indication. */
+ tBTA_DM_UNPAIR dev_unpair; /* Remove bonding complete indication */
+ tBTA_DM_SP_CFM_REQ cfm_req; /* user confirm request */
+ tBTA_DM_SP_KEY_NOTIF key_notif; /* passkey notification */
+ tBTA_DM_SP_RMT_OOB rmt_oob; /* remote oob */
+ tBTA_DM_BOND_CANCEL_CMPL
+ bond_cancel_cmpl; /* Bond Cancel Complete indication */
+ tBTA_DM_BLE_SEC_REQ ble_req; /* BLE SMP related request */
+ tBTA_DM_BLE_KEY ble_key; /* BLE SMP keys used when pairing */
+ tBTA_BLE_LOCAL_ID_KEYS ble_id_keys; /* IR event */
+ Octet16 ble_er; /* ER event data */
+ tBTA_DM_LOC_OOB_DATA local_oob_data; /* Local OOB data generated by us */
+ tBTA_DM_RC_UNPAIR delete_key_RC_to_unpair;
+ tBTA_DM_PROC_ID_ADDR proc_id_addr; /* Identity address event */
+} tBTA_DM_SEC;
+
+/* Security callback */
+typedef void(tBTA_DM_SEC_CBACK)(tBTA_DM_SEC_EVT event, tBTA_DM_SEC* p_data);
+
+/* Encryption callback*/
+typedef void(tBTA_DM_ENCRYPT_CBACK)(const RawAddress& bd_addr,
+ tBT_TRANSPORT transport,
+ tBTA_STATUS result);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmBond
+ *
+ * Description This function initiates a bonding procedure with a peer
+ * device by designated transport. The bonding procedure
+ * enables authentication and optionally encryption on the
+ * Bluetooth link.
+ *
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmBond(const RawAddress& bd_addr, tBLE_ADDR_TYPE addr_type,
+ tBT_TRANSPORT transport, tBT_DEVICE_TYPE device_type);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmBondCancel
+ *
+ * Description This function cancels a bonding procedure with a peer
+ * device.
+ *
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmBondCancel(const RawAddress& bd_addr);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmPinReply
+ *
+ * Description This function provides a PIN when one is requested by DM
+ * during a bonding procedure. The application should call
+ * this function after the security callback is called with
+ * a BTA_DM_PIN_REQ_EVT.
+ *
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmPinReply(const RawAddress& bd_addr, bool accept, uint8_t pin_len,
+ uint8_t* p_pin);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmLocalOob
+ *
+ * Description This function retrieves the OOB data from local controller.
+ * The result is reported by bta_dm_co_loc_oob().
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmLocalOob(void);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmConfirm
+ *
+ * Description This function accepts or rejects the numerical value of the
+ * Simple Pairing process on BTA_DM_SP_CFM_REQ_EVT
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmConfirm(const RawAddress& bd_addr, bool accept);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmAddDevice
+ *
+ * Description This function adds a device to the security database list
+ * of peer devices. This function would typically be called
+ * at system startup to initialize the security database with
+ * known peer devices. This is a direct execution function
+ * that may lock task scheduling on some platforms.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmAddDevice(const RawAddress& bd_addr, DEV_CLASS dev_class,
+ const LinkKey& link_key, uint8_t key_type,
+ uint8_t pin_length);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmRemoveDevice
+ *
+ * Description This function removes a device from the security database.
+ * This is a direct execution function that may lock task
+ * scheduling on some platforms.
+ *
+ *
+ * Returns BTA_SUCCESS if successful.
+ * BTA_FAIL if operation failed.
+ *
+ ******************************************************************************/
+tBTA_STATUS BTA_DmRemoveDevice(const RawAddress& bd_addr);
+
+
+/* BLE related API functions */
+/*******************************************************************************
+ *
+ * Function BTA_DmBleSecurityGrant
+ *
+ * Description Grant security request access.
+ *
+ * Parameters: bd_addr - BD address of the peer
+ * res - security grant status.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmBleSecurityGrant(const RawAddress& bd_addr,
+ tBTA_DM_BLE_SEC_GRANT res);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmBlePasskeyReply
+ *
+ * Description Send BLE SMP passkey reply.
+ *
+ * Parameters: bd_addr - BD address of the peer
+ * accept - passkey entry successful or declined.
+ * passkey - passkey value, must be a 6 digit number,
+ * can be lead by 0.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmBlePasskeyReply(const RawAddress& bd_addr, bool accept,
+ uint32_t passkey);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmBleConfirmReply
+ *
+ * Description Send BLE SMP SC user confirmation reply.
+ *
+ * Parameters: bd_addr - BD address of the peer
+ * accept - numbers to compare are the same or
+ * different.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmBleConfirmReply(const RawAddress& bd_addr, bool accept);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmAddBleDevice
+ *
+ * Description Add a BLE device. This function will be normally called
+ * during host startup to restore all required information
+ * for a LE device stored in the NVRAM.
+ *
+ * Parameters: bd_addr - BD address of the peer
+ * dev_type - Remote device's device type.
+ * addr_type - LE device address type.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmAddBleDevice(const RawAddress& bd_addr, tBLE_ADDR_TYPE addr_type,
+ tBT_DEVICE_TYPE dev_type);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmAddBleKey
+ *
+ * Description Add/modify LE device information. This function will be
+ * normally called during host startup to restore all required
+ * information stored in the NVRAM.
+ *
+ * Parameters: bd_addr - BD address of the peer
+ * p_le_key - LE key values.
+ * key_type - LE SMP key type.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmAddBleKey(const RawAddress& bd_addr, tBTA_LE_KEY_VALUE* p_le_key,
+ tBTM_LE_KEY_TYPE key_type);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmSetEncryption
+ *
+ * Description This function is called to ensure that connection is
+ * encrypted. Should be called only on an open connection.
+ * Typically only needed for connections that first want to
+ * bring up unencrypted links, then later encrypt them.
+ *
+ * Parameters: bd_addr - Address of the peer device
+ * transport - transport of the link to be encruypted
+ * p_callback - Pointer to callback function to indicat the
+ * link encryption status
+ * sec_act - This is the security action to indicate
+ * what kind of BLE security level is required
+ * for the BLE link if BLE is supported
+ * Note: This parameter is ignored for
+ * BR/EDR or if BLE is not supported.
+ *
+ * Returns void
+ *
+ *
+ ******************************************************************************/
+void BTA_DmSetEncryption(const RawAddress& bd_addr, tBT_TRANSPORT transport,
+ tBTA_DM_ENCRYPT_CBACK* p_callback,
+ tBTM_BLE_SEC_ACT sec_act);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmSirkSecCbRegister
+ *
+ * Description This procedure registeres in requested a callback for
+ * verification by CSIS potential set member.
+ *
+ * Parameters p_cback - callback to member verificator
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmSirkSecCbRegister(tBTA_DM_SEC_CBACK* p_cback);
+
+/*******************************************************************************
+ *
+ * Function BTA_DmSirkConfirmDeviceReply
+ *
+ * Description This procedure confirms requested to validate set device.
+ *
+ * Parameters bd_addr - BD address of the peer
+ * accept - True if device is authorized by CSIS, false
+ * otherwise.
+ *
+ * Returns void
+ *
+ ******************************************************************************/
+void BTA_DmSirkConfirmDeviceReply(const RawAddress& bd_addr, bool accept);
diff --git a/system/bta/jv/bta_jv_int.h b/system/bta/jv/bta_jv_int.h
index 6b2c648d4280d8e2a5f81614dc08b41fa146d8af..0c5900b1101cb6563d71ce3771ade75e52e86160 100644
--- a/system/bta/jv/bta_jv_int.h
+++ b/system/bta/jv/bta_jv_int.h
@@ -28,6 +28,7 @@
#include <unordered_set>
#include "bta/include/bta_jv_api.h"
+#include "bta/include/bta_sec_api.h"
#include "stack/include/bt_hdr.h"
#include "stack/include/rfcdefs.h"
#include "types/bluetooth/uuid.h"
diff --git a/system/bta/pan/bta_pan_int.h b/system/bta/pan/bta_pan_int.h
index cb99f151f176097c3c60decfc64c2fa769cdc4ef..8bd7d057f2d3489089d31065c6f043c332a282ba 100644
--- a/system/bta/pan/bta_pan_int.h
+++ b/system/bta/pan/bta_pan_int.h
@@ -27,6 +27,7 @@
#include <cstdint>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bta/include/bta_pan_api.h"
#include "bta/sys/bta_sys.h"
#include "osi/include/fixed_queue.h"
diff --git a/system/bta/test/common/bta_dm_api_mock.h b/system/bta/test/common/bta_dm_api_mock.h
index 0fd39c226a0af58a840688285bf89f0a8df3db45..005a24ab7c550f941a47d84ebe2dd2cd7c337c8a 100644
--- a/system/bta/test/common/bta_dm_api_mock.h
+++ b/system/bta/test/common/bta_dm_api_mock.h
@@ -20,6 +20,7 @@
#include <gmock/gmock.h>
#include "bta_api.h"
+#include "bta_sec_api.h"
#include "bta_dm_api.h"
namespace dm {
diff --git a/system/btif/co/bta_dm_co.cc b/system/btif/co/bta_dm_co.cc
index 34b2c208b913ef8258e377fce6dcb9625a3c8ee2..dd258c4066b54f4f14a2289460620b41366033f0 100644
--- a/system/btif/co/bta_dm_co.cc
+++ b/system/btif/co/bta_dm_co.cc
@@ -16,6 +16,7 @@
*
******************************************************************************/
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bte_appl.h"
#include "stack/include/btm_api_types.h"
diff --git a/system/btif/include/btif_dm.h b/system/btif/include/btif_dm.h
index fa3691cc4778b12c10ab12072a4de46a63b54c71..5cf51ce43410858e793cae93e45355c5d3520a9f 100644
--- a/system/btif/include/btif_dm.h
+++ b/system/btif/include/btif_dm.h
@@ -20,6 +20,7 @@
#define BTIF_DM_H
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bte_appl.h"
#include "btif_uid.h"
#include "types/raw_address.h"
diff --git a/system/btif/src/btif_hd.cc b/system/btif/src/btif_hd.cc
index 5509d44b5153a2d6ed1073a673567a0d23767718..d6f46cd21d28a2582fe31d0b4f4889d0d8e5676a 100644
--- a/system/btif/src/btif_hd.cc
+++ b/system/btif/src/btif_hd.cc
@@ -33,6 +33,7 @@
#include "bt_target.h" // Must be first to define build configuration
#include "bta/include/bta_hd_api.h"
+#include "bta_sec_api.h"
#include "bta/sys/bta_sys.h"
#include "btif/include/btif_common.h"
#include "btif/include/btif_profile_storage.h"
diff --git a/system/btif/src/btif_hh.cc b/system/btif/src/btif_hh.cc
index 1b06baf738637f0fe364412a5eb6b805002ba5e1..b636c5d255481a793c426089b617e2ff19971000 100644
--- a/system/btif/src/btif_hh.cc
+++ b/system/btif/src/btif_hh.cc
@@ -33,6 +33,7 @@
#include <cstdint>
+#include "bta_sec_api.h"
#include "bta_hh_co.h"
#include "btif/include/btif_common.h"
#include "btif/include/btif_profile_storage.h"
diff --git a/system/btif/src/btif_iot_config.cc b/system/btif/src/btif_iot_config.cc
index d944f32979c401c1967d89b4b3318757764dc6c4..f79654081c1ba5508f2a007a23348a1a9502bf87 100644
--- a/system/btif/src/btif_iot_config.cc
+++ b/system/btif/src/btif_iot_config.cc
@@ -18,6 +18,7 @@
#include "bt_target.h"
#include "bta_api.h"
+#include "bta_sec_api.h"
#include "btif_storage.h"
#include "device/include/device_iot_config.h"
#include "stack/include/btm_ble_api.h"
diff --git a/system/btif/src/btif_sock.cc b/system/btif/src/btif_sock.cc
index 63dfa490c8e587165899117d292a5f5a2a7fbf6a..bf0e2281fc6438becba314b1423ba38da2d8b2bc 100644
--- a/system/btif/src/btif_sock.cc
+++ b/system/btif/src/btif_sock.cc
@@ -29,7 +29,7 @@
#include <atomic>
-#include "bta_api.h"
+#include "bta_sec_api.h"
#include "btif_common.h"
#include "btif_config.h"
#include "btif_metrics_logging.h"
diff --git a/system/stack/avct/avct_api.cc b/system/stack/avct/avct_api.cc
index 1a8d6c6637afdfc157aadeddd2f0caabec90d86c..6129e89420f362459898967b302a7d3b36ee0dec 100644
--- a/system/stack/avct/avct_api.cc
+++ b/system/stack/avct/avct_api.cc
@@ -29,6 +29,7 @@
#include "avct_int.h"
#include "bt_target.h"
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "btm_api.h"
#include "l2c_api.h"
#include "l2cdefs.h"
diff --git a/system/stack/avct/avct_bcb_act.cc b/system/stack/avct/avct_bcb_act.cc
index 178a6605ffc46a2a93f2cf0f491f3ba4d2d818c7..4c306fc60d59f02936a87a0959d2cf90895c4379 100644
--- a/system/stack/avct/avct_bcb_act.cc
+++ b/system/stack/avct/avct_bcb_act.cc
@@ -34,7 +34,7 @@
#include "avct_api.h"
#include "avct_int.h"
#include "bt_target.h"
-#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "btm_api.h"
#include "osi/include/allocator.h"
#include "osi/include/log.h"
diff --git a/system/stack/avct/avct_lcb_act.cc b/system/stack/avct/avct_lcb_act.cc
index 446f69dbfaa295a74a2c25b776fdc4f5a77c8778..78cdef9e317c700ade816dd0557e28a3e17ec919 100644
--- a/system/stack/avct/avct_lcb_act.cc
+++ b/system/stack/avct/avct_lcb_act.cc
@@ -30,6 +30,7 @@
#include "avct_int.h"
#include "bt_target.h"
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "btm_api.h"
#include "device/include/device_iot_config.h"
#include "osi/include/allocator.h"
diff --git a/system/stack/avdt/avdt_api.cc b/system/stack/avdt/avdt_api.cc
index 13f73a648f26f900986ea52412aee2e8151d88f7..0786cf6263c344a88969c70f9ba90ad092255121 100644
--- a/system/stack/avdt/avdt_api.cc
+++ b/system/stack/avdt/avdt_api.cc
@@ -30,7 +30,7 @@
#include "avdt_int.h"
#include "avdtc_api.h"
#include "bt_target.h"
-#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "btm_api.h"
#include "l2c_api.h"
#include "main/shim/dumpsys.h"
diff --git a/system/stack/bnep/bnep_api.cc b/system/stack/bnep/bnep_api.cc
index c3948b9e8413f73011e58727f0ee8ed57677691b..d707a8b6ec65e8f5d790d5e0774527ab41603ebc 100644
--- a/system/stack/bnep/bnep_api.cc
+++ b/system/stack/bnep/bnep_api.cc
@@ -29,6 +29,7 @@
#include "bnep_int.h"
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "osi/include/allocator.h"
#include "stack/include/bt_hdr.h"
#include "stack/include/bt_psm_types.h"
diff --git a/system/stack/bnep/bnep_main.cc b/system/stack/bnep/bnep_main.cc
index b10c1c9bfd3fb813f36f82fc56f44ec2a007913c..e831d4d941318fab8e1de0576022c71ca98bf7dc 100644
--- a/system/stack/bnep/bnep_main.cc
+++ b/system/stack/bnep/bnep_main.cc
@@ -31,6 +31,7 @@
#include "bnep_int.h"
#include "bt_target.h"
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "device/include/controller.h"
#include "l2c_api.h"
#include "l2cdefs.h"
diff --git a/system/stack/hid/hidd_conn.cc b/system/stack/hid/hidd_conn.cc
index 73f0e9a98bb5ec3a0750bd9569e13d8ada71ed3d..83eabc72148109e5c06785439bd727d5babbf986 100644
--- a/system/stack/hid/hidd_conn.cc
+++ b/system/stack/hid/hidd_conn.cc
@@ -30,6 +30,7 @@
#include <cstdint>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "osi/include/allocator.h"
#include "stack/hid/hidd_int.h"
#include "stack/include/bt_hdr.h"
diff --git a/system/stack/hid/hidh_conn.cc b/system/stack/hid/hidh_conn.cc
index d4ecb3698083a8dd669e1c44c7dda8ca5cd8accc..8ec5bc852f430acbbb02ce258f18eba9475b3dcf 100644
--- a/system/stack/hid/hidh_conn.cc
+++ b/system/stack/hid/hidh_conn.cc
@@ -28,7 +28,7 @@
#include <frameworks/proto_logging/stats/enums/bluetooth/enums.pb.h>
#include <string.h>
-#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "hiddefs.h"
#include "hidh_api.h"
#include "hidh_int.h"
diff --git a/system/test/mock/mock_bta_dm_api.h b/system/test/mock/mock_bta_dm_api.h
index d34e7ae95144b16ac8c2f160182f1f4c83294ac9..d9acacdd6e0183f9930cd06c51d5776ef09086c5 100644
--- a/system/test/mock/mock_bta_dm_api.h
+++ b/system/test/mock/mock_bta_dm_api.h
@@ -31,6 +31,7 @@
#include <vector>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "stack/include/bt_device_type.h"
#include "stack/include/bt_octets.h"
#include "types/ble_address_with_type.h"
diff --git a/system/test/mock/mock_btif_co_bta_dm_co.cc b/system/test/mock/mock_btif_co_bta_dm_co.cc
index 633c416ab2b07927f5277faac1b33507d308d5a5..63cbfc13899eb0ae0fa890fc1fc869d055443f0e 100644
--- a/system/test/mock/mock_btif_co_bta_dm_co.cc
+++ b/system/test/mock/mock_btif_co_bta_dm_co.cc
@@ -21,6 +21,7 @@
#include <cstdint>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "bta/sys/bta_sys.h"
#include "internal_include/bte_appl.h"
#include "stack/include/btm_api_types.h"
diff --git a/system/test/mock/mock_btif_dm.cc b/system/test/mock/mock_btif_dm.cc
index c052f57ebb73c98530f9718d2e8700eeebb23245..9038ad0c47710ff309c45c11c0617a64c540865b 100644
--- a/system/test/mock/mock_btif_dm.cc
+++ b/system/test/mock/mock_btif_dm.cc
@@ -22,6 +22,7 @@
#include <cstdint>
#include "bta/include/bta_api.h"
+#include "bta/include/bta_sec_api.h"
#include "include/hardware/bluetooth.h"
#include "internal_include/bte_appl.h"
#include "test/common/mock_functions.h"