[Fast Pair] Add support to encrypt passkey requests.

Change-Id: If9f7e1c76e84dd4a2c79b7761aa7e41099f007ae
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3126014
Commit-Queue: Juliet Levesque <[email protected]>
Reviewed-by: Shane Fitzpatrick <[email protected]>
Cr-Commit-Position: refs/heads/main@{#917243}

ash/quick_pair/pairing/fast_pair/fake_fast_pair_gatt_service_client.cc

@@ -51,6 +51,7 @@ void FakeFastPairGattServiceClient::RunWriteResponseCallback(
 void FakeFastPairGattServiceClient::WritePasskeyAsync(
     uint8_t message_type,
     uint32_t passkey,
+    FastPairDataEncryptor* fast_pair_data_encryptor,
     base::OnceCallback<void(std::vector<uint8_t>, absl::optional<PairFailure>)>
         write_response_callback) {
   passkey_write_response_callback_ = std::move(write_response_callback);

ash/quick_pair/pairing/fast_pair/fake_fast_pair_gatt_service_client.h

@@ -46,6 +46,7 @@ class FakeFastPairGattServiceClient : public FastPairGattServiceClient {
 
   void WritePasskeyAsync(uint8_t message_type,
                          uint32_t passkey,
+                         FastPairDataEncryptor* fast_pair_data_encryptor,
                          base::OnceCallback<void(std::vector<uint8_t>,
                                                  absl::optional<PairFailure>)>
                              write_response_callback) override;

ash/quick_pair/pairing/fast_pair/fast_pair_gatt_service_client.h

@@ -40,6 +40,7 @@ class FastPairGattServiceClient : public device::BluetoothAdapter::Observer {
   virtual void WritePasskeyAsync(
       uint8_t message_type,
       uint32_t passkey,
+      FastPairDataEncryptor* fast_pair_data_encryptor,
       base::OnceCallback<void(std::vector<uint8_t>,
                               absl::optional<PairFailure>)>
           write_response_callback) = 0;

ash/quick_pair/pairing/fast_pair/fast_pair_gatt_service_client_impl.cc

@@ -310,10 +310,8 @@ FastPairGattServiceClientImpl::CreateRequest(
     uint8_t flags,
     const std::string& provider_address,
     const std::string& seekers_address) {
-  // We can't use a std::array to start with because RAND_bytes only takes in
-  // C-style arrays, so we will convert at the end.
-  uint8_t data_to_write[kBlockByteSize];
-  RAND_bytes(data_to_write, kBlockByteSize);
+  std::array<uint8_t, kBlockByteSize> data_to_write;
+  RAND_bytes(data_to_write.data(), kBlockByteSize);
 
   data_to_write[0] = message_type;
   data_to_write[1] = flags;
@@ -326,27 +324,22 @@ FastPairGattServiceClientImpl::CreateRequest(
   std::copy(seekers_address.begin(), seekers_address.end(),
             std::begin(data_to_write) + kSeekerAddressStartIndex);
 
-  std::array<uint8_t, kBlockByteSize> std_data_to_write;
-  std::move(std::begin(data_to_write), std::end(data_to_write),
-            std_data_to_write.begin());
-  return std_data_to_write;
+  return data_to_write;
 }
 
-std::vector<uint8_t> FastPairGattServiceClientImpl::CreatePasskeyBlock(
-    uint8_t message_type,
-    uint32_t passkey) {
-  uint8_t data_to_write[kBlockByteSize];
-  RAND_bytes(data_to_write, kBlockByteSize);
+const std::array<uint8_t, kBlockByteSize>
+FastPairGattServiceClientImpl::CreatePasskeyBlock(uint8_t message_type,
+                                                  uint32_t passkey) {
+  std::array<uint8_t, kBlockByteSize> data_to_write;
+  RAND_bytes(data_to_write.data(), kBlockByteSize);
 
   data_to_write[0] = message_type;
 
   // Need to convert the uint_32 to uint_8 to use in our data vector.
   data_to_write[1] = (passkey & 0x00ff0000) >> 16;
   data_to_write[2] = (passkey & 0x0000ff00) >> 8;
   data_to_write[3] = passkey & 0x000000ff;
-
-  return std::vector<uint8_t>(std::begin(data_to_write),
-                              std::end(data_to_write));
+  return data_to_write;
 }
 
 void FastPairGattServiceClientImpl::WriteRequestAsync(
@@ -401,6 +394,7 @@ void FastPairGattServiceClientImpl::WriteRequestAsync(
 void FastPairGattServiceClientImpl::WritePasskeyAsync(
     uint8_t message_type,
     uint32_t passkey,
+    FastPairDataEncryptor* fast_pair_data_encryptor,
     base::OnceCallback<void(std::vector<uint8_t>, absl::optional<PairFailure>)>
         write_response_callback) {
   DCHECK(message_type == kSeekerPasskey);
@@ -418,8 +412,12 @@ void FastPairGattServiceClientImpl::WritePasskeyAsync(
                      weak_ptr_factory_.GetWeakPtr(),
                      PairFailure::kPasskeyResponseTimeout));
 
+  const std::array<uint8_t, kBlockSizeBytes> data_to_write =
+      fast_pair_data_encryptor->EncryptBytes(
+          CreatePasskeyBlock(message_type, passkey));
+
   passkey_characteristic_->WriteRemoteCharacteristic(
-      CreatePasskeyBlock(message_type, passkey),
+      std::vector<uint8_t>(data_to_write.begin(), data_to_write.end()),
       device::BluetoothRemoteGattCharacteristic::WriteType::kWithResponse,
       base::BindOnce(&FastPairGattServiceClientImpl::OnWritePasskey,
                      weak_ptr_factory_.GetWeakPtr()),

ash/quick_pair/pairing/fast_pair/fast_pair_gatt_service_client_impl.h

@@ -82,6 +82,7 @@ class FastPairGattServiceClientImpl : public FastPairGattServiceClient {
 
   void WritePasskeyAsync(uint8_t message_type,
                          uint32_t passkey,
+                         FastPairDataEncryptor* fast_pair_data_encryptor,
                          base::OnceCallback<void(std::vector<uint8_t>,
                                                  absl::optional<PairFailure>)>
                              write_response_callback) override;
@@ -102,8 +103,9 @@ class FastPairGattServiceClientImpl : public FastPairGattServiceClient {
       uint8_t flags,
       const std::string& provider_address,
       const std::string& seekers_address);
-  std::vector<uint8_t> CreatePasskeyBlock(uint8_t message_type,
-                                          uint32_t passkey);
+  const std::array<uint8_t, kBlockByteSize> CreatePasskeyBlock(
+      uint8_t message_type,
+      uint32_t passkey);
 
   // Callback from the adapter's call to create GATT connection.
   void OnGattConnection(

ash/quick_pair/pairing/fast_pair/fast_pair_gatt_service_client_unittest.cc

@@ -458,7 +458,6 @@ class FastPairGattServiceClientTest : public testing::Test {
   }
 
   void WriteRequestToKeyBased() {
-    fast_pair_data_encryptor_ = std::make_unique<FakeFastPairDataEncryptor>();
     gatt_service_client_->WriteRequestAsync(
         kMessageType, kFlags, kProviderAddress, kSeekersAddress,
         fast_pair_data_encryptor_.get(),
@@ -469,7 +468,7 @@ class FastPairGattServiceClientTest : public testing::Test {
 
   void WriteRequestToPasskey() {
     gatt_service_client_->WritePasskeyAsync(
-        kSeekerPasskey, kPasskey,
+        kSeekerPasskey, kPasskey, fast_pair_data_encryptor_.get(),
         base::BindRepeating(&::ash::quick_pair::FastPairGattServiceClientTest::
                                 WriteTestCallback,
                             weak_ptr_factory_.GetWeakPtr()));
@@ -519,7 +518,8 @@ class FastPairGattServiceClientTest : public testing::Test {
   std::unique_ptr<FakeBluetoothDevice> device_;
   std::unique_ptr<FakeBluetoothGattCharacteristic>
       fake_key_based_characteristic_;
-  std::unique_ptr<FastPairDataEncryptor> fast_pair_data_encryptor_;
+  std::unique_ptr<FastPairDataEncryptor> fast_pair_data_encryptor_ =
+      std::make_unique<FakeFastPairDataEncryptor>();
   std::unique_ptr<FakeBluetoothGattCharacteristic> fake_passkey_characteristic_;
   std::unique_ptr<testing::NiceMock<device::MockBluetoothGattService>>
       gatt_service_;