1 /******************************************************************************
2 *
3 * Copyright 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 #define LOG_TAG "bluetooth"
20
21 #include "bt_target.h"
22
23 #include <string.h>
24 #include "smp_int.h"
25
26 #include "osi/include/log.h"
27
28 const char* const smp_state_name[] = {
29 "SMP_STATE_IDLE",
30 "SMP_STATE_WAIT_APP_RSP",
31 "SMP_STATE_SEC_REQ_PENDING",
32 "SMP_STATE_PAIR_REQ_RSP",
33 "SMP_STATE_WAIT_CONFIRM",
34 "SMP_STATE_CONFIRM",
35 "SMP_STATE_RAND",
36 "SMP_STATE_PUBLIC_KEY_EXCH",
37 "SMP_STATE_SEC_CONN_PHS1_START",
38 "SMP_STATE_WAIT_COMMITMENT",
39 "SMP_STATE_WAIT_NONCE",
40 "SMP_STATE_SEC_CONN_PHS2_START",
41 "SMP_STATE_WAIT_DHK_CHECK",
42 "SMP_STATE_DHK_CHECK",
43 "SMP_STATE_ENCRYPTION_PENDING",
44 "SMP_STATE_BOND_PENDING",
45 "SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA",
46 "SMP_STATE_MAX"};
47
48 const char* const smp_event_name[] = {"PAIRING_REQ_EVT",
49 "PAIRING_RSP_EVT",
50 "CONFIRM_EVT",
51 "RAND_EVT",
52 "PAIRING_FAILED_EVT",
53 "ENC_INFO_EVT",
54 "CENTRAL_ID_EVT",
55 "ID_INFO_EVT",
56 "ID_ADDR_EVT",
57 "SIGN_INFO_EVT",
58 "SECURITY_REQ_EVT",
59 "PAIR_PUBLIC_KEY_EVT",
60 "PAIR_DHKEY_CHECK_EVT",
61 "PAIR_KEYPRESS_NOTIFICATION_EVT",
62 "PAIR_COMMITMENT_EVT",
63 "KEY_READY_EVT",
64 "ENCRYPTED_EVT",
65 "L2CAP_CONN_EVT",
66 "L2CAP_DISCONN_EVT",
67 "API_IO_RSP_EVT",
68 "API_SEC_GRANT_EVT",
69 "TK_REQ_EVT",
70 "AUTH_CMPL_EVT",
71 "ENC_REQ_EVT",
72 "BOND_REQ_EVT",
73 "DISCARD_SEC_REQ_EVT",
74 "PUBLIC_KEY_EXCHANGE_REQ_EVT",
75 "LOCAL_PUBLIC_KEY_CRTD_EVT",
76 "BOTH_PUBLIC_KEYS_RCVD_EVT",
77 "SEC_CONN_DHKEY_COMPLETE_EVT",
78 "HAVE_LOCAL_NONCE_EVT",
79 "SEC_CONN_PHASE1_CMPLT_EVT",
80 "SEC_CONN_CALC_NC_EVT",
81 "SEC_CONN_DISPLAY_NC_EVT",
82 "SEC_CONN_OK_EVT",
83 "SEC_CONN_2_DHCK_CHECKS_PRESENT_EVT",
84 "SEC_CONN_KEY_READY_EVT",
85 "KEYPRESS_NOTIFICATION_EVT",
86 "SEC_CONN_OOB_DATA_EVT",
87 "CREATE_LOCAL_SEC_CONN_OOB_DATA_EVT",
88 "OUT_OF_RANGE_EVT"};
89
90 const char* smp_get_event_name(tSMP_EVENT event);
91 const char* smp_get_state_name(tSMP_STATE state);
92
93 #define SMP_SM_IGNORE 0
94 #define SMP_NUM_ACTIONS 2
95 #define SMP_SME_NEXT_STATE 2
96 #define SMP_SM_NUM_COLS 3
97
98 typedef const uint8_t (*tSMP_SM_TBL)[SMP_SM_NUM_COLS];
99
100 enum {
101 SMP_PROC_SEC_REQ,
102 SMP_SEND_PAIR_REQ,
103 SMP_SEND_PAIR_RSP,
104 SMP_SEND_CONFIRM,
105 SMP_SEND_PAIR_FAIL,
106 SMP_SEND_RAND,
107 SMP_SEND_ENC_INFO,
108 SMP_SEND_ID_INFO,
109 SMP_SEND_LTK_REPLY,
110 SMP_PROC_PAIR_CMD,
111 SMP_PROC_PAIR_FAIL,
112 SMP_PROC_CONFIRM,
113 SMP_PROC_RAND,
114 SMP_PROC_ENC_INFO,
115 SMP_PROC_CENTRAL_ID,
116 SMP_PROC_ID_INFO,
117 SMP_PROC_ID_ADDR,
118 SMP_PROC_SRK_INFO,
119 SMP_PROC_SEC_GRANT,
120 SMP_PROC_SL_KEY,
121 SMP_PROC_COMPARE,
122 SMP_PROC_IO_RSP,
123 SMP_GENERATE_COMPARE,
124 SMP_GENERATE_CONFIRM,
125 SMP_GENERATE_STK,
126 SMP_KEY_DISTRIBUTE,
127 SMP_START_ENC,
128 SMP_PAIRING_CMPL,
129 SMP_DECIDE_ASSO_MODEL,
130 SMP_SEND_APP_CBACK,
131 SMP_CHECK_AUTH_REQ,
132 SMP_PAIR_TERMINATE,
133 SMP_ENC_CMPL,
134 SMP_PROC_DISCARD,
135 SMP_CREATE_PRIVATE_KEY,
136 SMP_USE_OOB_PRIVATE_KEY,
137 SMP_SEND_PAIR_PUBLIC_KEY,
138 SMP_PROCESS_PAIR_PUBLIC_KEY,
139 SMP_HAVE_BOTH_PUBLIC_KEYS,
140 SMP_START_SEC_CONN_PHASE1,
141 SMP_PROCESS_LOCAL_NONCE,
142 SMP_SEND_COMMITMENT,
143 SMP_PROCESS_PAIRING_COMMITMENT,
144 SMP_PROCESS_PEER_NONCE,
145 SMP_CALCULATE_LOCAL_DHKEY_CHECK,
146 SMP_SEND_DHKEY_CHECK,
147 SMP_PROCESS_DHKEY_CHECK,
148 SMP_CALCULATE_PEER_DHKEY_CHECK,
149 SMP_MATCH_DHKEY_CHECKS,
150 SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER,
151 SMP_MOVE_TO_SEC_CONN_PHASE2,
152 SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
153 SMP_WAIT_FOR_BOTH_PUBLIC_KEYS,
154 SMP_START_PASSKEY_VERIFICATION,
155 SMP_SEND_KEYPRESS_NOTIFICATION,
156 SMP_PROCESS_KEYPRESS_NOTIFICATION,
157 SMP_PROCESS_SECURE_CONNECTION_OOB_DATA,
158 SMP_SET_LOCAL_OOB_KEYS,
159 SMP_SET_LOCAL_OOB_RAND_COMMITMENT,
160 SMP_IDLE_TERMINATE,
161 SMP_SM_NO_ACTION
162 };
163
164 static const tSMP_ACT smp_sm_action[] = {
165 smp_proc_sec_req,
166 smp_send_pair_req,
167 smp_send_pair_rsp,
168 smp_send_confirm,
169 smp_send_pair_fail,
170 smp_send_rand,
171 smp_send_enc_info,
172 smp_send_id_info,
173 smp_send_ltk_reply,
174 smp_proc_pair_cmd,
175 smp_proc_pair_fail,
176 smp_proc_confirm,
177 smp_proc_rand,
178 smp_proc_enc_info,
179 smp_proc_central_id,
180 smp_proc_id_info,
181 smp_proc_id_addr,
182 smp_proc_srk_info,
183 smp_proc_sec_grant,
184 smp_proc_sl_key,
185 smp_proc_compare,
186 smp_process_io_response,
187 smp_generate_compare,
188 smp_generate_srand_mrand_confirm,
189 smp_generate_stk,
190 smp_key_distribution,
191 smp_start_enc,
192 smp_pairing_cmpl,
193 smp_decide_association_model,
194 smp_send_app_cback,
195 smp_check_auth_req,
196 smp_pair_terminate,
197 smp_enc_cmpl,
198 smp_proc_discard,
199 smp_create_private_key,
200 smp_use_oob_private_key,
201 smp_send_pair_public_key,
202 smp_process_pairing_public_key,
203 smp_both_have_public_keys,
204 smp_start_secure_connection_phase1,
205 smp_process_local_nonce,
206 smp_send_commitment,
207 smp_process_pairing_commitment,
208 smp_process_peer_nonce,
209 smp_calculate_local_dhkey_check,
210 smp_send_dhkey_check,
211 smp_process_dhkey_check,
212 smp_calculate_peer_dhkey_check,
213 smp_match_dhkey_checks,
214 smp_calculate_numeric_comparison_display_number,
215 smp_move_to_secure_connections_phase2,
216 smp_phase_2_dhkey_checks_are_present,
217 smp_wait_for_both_public_keys,
218 smp_start_passkey_verification,
219 smp_send_keypress_notification,
220 smp_process_keypress_notification,
221 smp_process_secure_connection_oob_data,
222 smp_set_local_oob_keys,
223 smp_set_local_oob_random_commitment,
224 smp_idle_terminate};
225
226 /************ SMP Central FSM State/Event Indirection Table **************/
227 static const uint8_t smp_central_entry_map[][SMP_STATE_MAX] = {
228 /* state name: */
229 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm, Confirm, Rand,
230 PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce, SCPhs2 Strt, Wait
231 DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData */
232 /* PAIR_REQ */
233 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
234 /* PAIR_RSP */
235 {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
236 /* CONFIRM */
237 {0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
238 /* RAND */
239 {0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
240 /* PAIR_FAIL */
241 {0, 0x81, 0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
242 0x81, 0, 0x81, 0},
243 /* ENC_INFO */
244 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0},
245 /* CENTRAL_ID */
246 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
247 /* ID_INFO */
248 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
249 /* ID_ADDR */
250 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
251 /* SIGN_INFO */
252 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
253 /* SEC_REQ */
254 {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
255 /* PAIR_PUBLIC_KEY */
256 {0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
257 /* PAIR_DHKEY_CHCK */
258 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0},
259 /* PAIR_KEYPR_NOTIF */
260 {0, 8, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
261 /* PAIR_COMMITM */
262 {0, 0, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
263 /* KEY_READY */
264 {0, 3, 0, 3, 1, 0, 2, 0, 4, 0, 0, 0, 0, 0, 1, 6, 0},
265 /* ENC_CMPL */
266 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0},
267 /* L2C_CONN */
268 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
269 /* L2C_DISC */
270 {3, 0x83, 0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
271 0x83, 0x83, 0x83, 0},
272 /* IO_RSP */
273 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
274 /* SEC_GRANT */
275 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
276 /* TK_REQ */
277 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
278 /* AUTH_CMPL */
279 {4, 0x82, 0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
280 0x82, 0x82, 0x82, 0},
281 /* ENC_REQ */
282 {0, 4, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0},
283 /* BOND_REQ */
284 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
285 /* DISCARD_SEC_REQ */
286 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
287 /* PUBL_KEY_EXCH_REQ */
288 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
289 /* LOC_PUBL_KEY_CRTD */
290 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
291 /* BOTH_PUBL_KEYS_RCVD */
292 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
293 /* SC_DHKEY_CMPLT */
294 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
295 /* HAVE_LOC_NONCE */
296 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
297 /* SC_PHASE1_CMPLT */
298 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
299 /* SC_CALC_NC */
300 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
301 /* SC_DSPL_NC */
302 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
303 /* SC_NC_OK */
304 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
305 /* SC_2_DHCK_CHKS_PRES */
306 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
307 /* SC_KEY_READY */
308 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
309 /* KEYPR_NOTIF */
310 {0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
311 /* SC_OOB_DATA */
312 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
313 /* CR_LOC_SC_OOB_DATA */
314 {5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
315 };
316
317 static const uint8_t smp_all_table[][SMP_SM_NUM_COLS] = {
318 /* Event Action Next State */
319 /* PAIR_FAIL */
320 {SMP_PROC_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
321 /* AUTH_CMPL */
322 {SMP_SEND_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
323 /* L2C_DISC */
324 {SMP_PAIR_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
325
326 static const uint8_t smp_central_idle_table[][SMP_SM_NUM_COLS] = {
327 /* Event Action Next State */
328 /* L2C_CONN */
329 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
330 /* SEC_REQ */
331 {SMP_PROC_SEC_REQ, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
332 /* L2C_DISC */
333 {SMP_IDLE_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
334 /* AUTH_CMPL */
335 {SMP_PAIRING_CMPL, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
336 /* CR_LOC_SC_OOB_DATA */
337 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
338 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}
339
340 };
341
342 static const uint8_t
343 smp_central_wait_for_app_response_table[][SMP_SM_NUM_COLS] = {
344 /* Event Action Next State */
345 /* SEC_GRANT */
346 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
347 /* IO_RSP */
348 {SMP_SEND_PAIR_REQ, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
349
350 /* TK ready */
351 /* KEY_READY */
352 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM},
353
354 /* start enc mode setup */
355 /* ENC_REQ */
356 {SMP_START_ENC, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
357 /* DISCARD_SEC_REQ */
358 {SMP_PROC_DISCARD, SMP_SM_NO_ACTION, SMP_STATE_IDLE}
359 /* user confirms NC 'OK', i.e. phase 1 is completed */
360 /* SC_NC_OK */,
361 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
362 SMP_STATE_SEC_CONN_PHS2_START},
363 /* user-provided passkey is rcvd */
364 /* SC_KEY_READY */
365 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
366 SMP_STATE_SEC_CONN_PHS1_START},
367 /* PAIR_KEYPR_NOTIF */
368 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
369 SMP_STATE_WAIT_APP_RSP},
370 /* KEYPR_NOTIF */
371 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
372 SMP_STATE_WAIT_APP_RSP},
373 /* SC_OOB_DATA */
374 {SMP_USE_OOB_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
375
376 static const uint8_t
377 smp_central_pair_request_response_table[][SMP_SM_NUM_COLS] = {
378 /* Event Action Next State */
379 /* PAIR_RSP */
380 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
381 /* TK_REQ */
382 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
383
384 /* TK ready */
385 /* KEY_READY */
386 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}
387 /* PUBL_KEY_EXCH_REQ */,
388 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
389
390 static const uint8_t smp_central_wait_for_confirm_table[][SMP_SM_NUM_COLS] = {
391 /* Event Action Next State */
392 /* KEY_READY*/
393 /* CONFIRM ready */
394 {SMP_SEND_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
395
396 static const uint8_t smp_central_confirm_table[][SMP_SM_NUM_COLS] = {
397 /* Event Action Next State */
398 /* CONFIRM */
399 {SMP_PROC_CONFIRM, SMP_SEND_RAND, SMP_STATE_RAND}};
400
401 static const uint8_t smp_central_rand_table[][SMP_SM_NUM_COLS] = {
402 /* Event Action Next State */
403 /* RAND */
404 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
405 /* KEY_READY */
406 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* Compare ready */
407 /* ENC_REQ */
408 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
409
410 static const uint8_t smp_central_public_key_exchange_table[][SMP_SM_NUM_COLS] =
411 {
412 /* Event Action Next State */
413 /* LOC_PUBL_KEY_CRTD */
414 {SMP_SEND_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
415 /* PAIR_PUBLIC_KEY */
416 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION,
417 SMP_STATE_PUBLIC_KEY_EXCH},
418 /* BOTH_PUBL_KEYS_RCVD */
419 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
420 SMP_STATE_SEC_CONN_PHS1_START},
421 };
422
423 static const uint8_t smp_central_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] =
424 {
425 /* Event Action Next State */
426 /* SC_DHKEY_CMPLT */
427 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
428 SMP_STATE_SEC_CONN_PHS1_START},
429 /* HAVE_LOC_NONCE */
430 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
431 /* TK_REQ */
432 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
433 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to
434 display,*/
435 /* It's time to start commitment calculation */
436 /* KEY_READY */
437 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
438 SMP_STATE_SEC_CONN_PHS1_START},
439 /* PAIR_KEYPR_NOTIF */
440 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
441 SMP_STATE_SEC_CONN_PHS1_START},
442 /* PAIR_COMMITM */
443 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
444 SMP_STATE_SEC_CONN_PHS1_START},
445 };
446
447 static const uint8_t smp_central_wait_commitment_table[][SMP_SM_NUM_COLS] = {
448 /* Event Action Next State */
449 /* PAIR_COMMITM */
450 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_RAND, SMP_STATE_WAIT_NONCE},
451 /* PAIR_KEYPR_NOTIF */
452 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
453 SMP_STATE_WAIT_COMMITMENT},
454 };
455
456 static const uint8_t smp_central_wait_nonce_table[][SMP_SM_NUM_COLS] = {
457 /* Event Action Next State */
458 /* peer nonce is received */
459 /* RAND */
460 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
461 /* NC model, time to calculate number for NC */
462 /* SC_CALC_NC */
463 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
464 SMP_STATE_WAIT_NONCE},
465 /* NC model, time to display calculated number for NC to the user */
466 /* SC_DSPL_NC */
467 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
468 };
469
470 static const uint8_t smp_central_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] =
471 {
472 /* Event Action Next State */
473 /* SC_PHASE1_CMPLT */
474 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_SEND_DHKEY_CHECK,
475 SMP_STATE_WAIT_DHK_CHECK},
476 };
477
478 static const uint8_t smp_central_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
479 /* Event Action Next State */
480 /* PAIR_DHKEY_CHCK */
481 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
482 SMP_STATE_DHK_CHECK},
483 };
484
485 static const uint8_t smp_central_dhk_check_table[][SMP_SM_NUM_COLS] = {
486 /* Event Action Next State */
487 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
488 * Check
489 * actually received from peer */
490 /* SC_KEY_READY */
491 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
492 /* locally calculated peer dhkey check is ready -> calculate STK, go to
493 * sending
494 */
495 /* HCI LE Start Encryption command */
496 /* ENC_REQ */
497 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
498 };
499
500 static const uint8_t smp_central_enc_pending_table[][SMP_SM_NUM_COLS] = {
501 /* Event Action Next State */
502 /* STK ready */
503 /* KEY_READY */
504 {SMP_START_ENC, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
505 /* ENCRYPTED */
506 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
507 /* BOND_REQ */
508 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
509 static const uint8_t smp_central_bond_pending_table[][SMP_SM_NUM_COLS] = {
510 /* Event Action Next State */
511 /* ENC_INFO */
512 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
513 /* ID_INFO */
514 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
515 /* SIGN_INFO */
516 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
517 /* CENTRAL_ID */
518 {SMP_PROC_CENTRAL_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
519 /* ID_ADDR */
520 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
521 /* KEY_READY */
522 /* LTK ready */
523 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
524
525 static const uint8_t
526 smp_central_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
527 /* Event Action Next State */
528 /* LOC_PUBL_KEY_CRTD */
529 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
530 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
531 /* HAVE_LOC_NONCE */
532 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
533
534 /************ SMP Peripheral FSM State/Event Indirection Table **************/
535 static const uint8_t smp_peripheral_entry_map[][SMP_STATE_MAX] = {
536 /* state name: */
537 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm, Confirm, Rand,
538 PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce, SCPhs2 Strt, Wait
539 DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData */
540 /* PAIR_REQ */
541 {2, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
542 /* PAIR_RSP */
543 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
544 /* CONFIRM */
545 {0, 4, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
546 /* RAND */
547 {0, 0, 0, 0, 0, 1, 2, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
548 /* PAIR_FAIL */
549 {0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
550 0x81, 0x81, 0, 0},
551 /* ENC_INFO */
552 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
553 /* CENTRAL_ID */
554 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
555 /* ID_INFO */
556 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
557 /* ID_ADDR */
558 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 0},
559 /* SIGN_INFO */
560 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
561 /* SEC_REQ */
562 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
563 /* PAIR_PUBLIC_KEY */
564 {0, 0, 0, 5, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
565 /* PAIR_DHKEY_CHCK */
566 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 1, 2, 0, 0, 0},
567 /* PAIR_KEYPR_NOTIF */
568 {0, 9, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
569 /* PAIR_COMMITM */
570 {0, 8, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
571 /* KEY_READY */
572 {0, 3, 0, 3, 2, 2, 1, 0, 4, 0, 0, 0, 0, 0, 2, 1, 0},
573 /* ENC_CMPL */
574 {0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
575 /* L2C_CONN */
576 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
577 /* L2C_DISC */
578 {0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
579 0x83, 0x83, 0x83, 0},
580 /* IO_RSP */
581 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
582 /* SEC_GRANT */
583 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
584 /* TK_REQ */
585 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
586 /* AUTH_CMPL */
587 {0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
588 0x82, 0x82, 0x82, 0},
589 /* ENC_REQ */
590 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0},
591 /* BOND_REQ */
592 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0},
593 /* DISCARD_SEC_REQ */
594 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
595 /* PUBL_KEY_EXCH_REQ */
596 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
597 /* LOC_PUBL_KEY_CRTD */
598 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
599 /* BOTH_PUBL_KEYS_RCVD */
600 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
601 /* SC_DHKEY_CMPLT */
602 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
603 /* HAVE_LOC_NONCE */
604 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
605 /* SC_PHASE1_CMPLT */
606 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
607 /* SC_CALC_NC */
608 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
609 /* SC_DSPL_NC */
610 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
611 /* SC_NC_OK */
612 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
613 /* SC_2_DHCK_CHKS_PRES */
614 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0},
615 /* SC_KEY_READY */
616 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
617 /* KEYPR_NOTIF */
618 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
619 /* SC_OOB_DATA */
620 {0, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
621 /* CR_LOC_SC_OOB_DATA */
622 {3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
623 };
624
625 static const uint8_t smp_peripheral_idle_table[][SMP_SM_NUM_COLS] = {
626 /* Event Action Next State */
627 /* L2C_CONN */
628 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
629 /* PAIR_REQ */
630 {SMP_PROC_PAIR_CMD, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
631 /* CR_LOC_SC_OOB_DATA */
632 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
633 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}};
634
635 static const uint8_t
636 smp_peripheral_wait_for_app_response_table[][SMP_SM_NUM_COLS] = {
637 /* Event Action Next State */
638 /* IO_RSP */
639 {SMP_PROC_IO_RSP, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
640 /* SEC_GRANT */
641 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
642
643 /* TK ready */
644 /* KEY_READY */
645 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
646 /* CONFIRM */
647 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
648 /* DHKey Check from central is received before phase 1 is completed -
649 race */
650 /* PAIR_DHKEY_CHCK */
651 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
652 /* user confirms NC 'OK', i.e. phase 1 is completed */
653 /* SC_NC_OK */
654 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
655 SMP_STATE_SEC_CONN_PHS2_START},
656 /* user-provided passkey is rcvd */
657 /* SC_KEY_READY */
658 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
659 SMP_STATE_SEC_CONN_PHS1_START},
660 /* PAIR_COMMITM */
661 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
662 SMP_STATE_WAIT_APP_RSP},
663 /* PAIR_KEYPR_NOTIF */
664 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
665 SMP_STATE_WAIT_APP_RSP},
666 /* KEYPR_NOTIF */
667 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
668 SMP_STATE_WAIT_APP_RSP},
669 /* SC_OOB_DATA */
670 {SMP_SEND_PAIR_RSP, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
671 };
672
673 static const uint8_t smp_peripheral_sec_request_table[][SMP_SM_NUM_COLS] = {
674 /* Event Action Next State */
675 /* PAIR_REQ */
676 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
677 /* ENCRYPTED*/
678 {SMP_ENC_CMPL, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
679 };
680
681 static const uint8_t
682 smp_peripheral_pair_request_response_table[][SMP_SM_NUM_COLS] = {
683 /* Event Action Next State */
684 /* CONFIRM */
685 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
686 /* TK_REQ */
687 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
688
689 /* TK/Confirm ready */
690 /* KEY_READY */
691 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
692 /* PUBL_KEY_EXCH_REQ */
693 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
694 /* PAIR_PUBLIC_KEY */
695 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
696 };
697
698 static const uint8_t smp_peripheral_wait_confirm_table[][SMP_SM_NUM_COLS] = {
699 /* Event Action Next State */
700 /* CONFIRM */
701 {SMP_PROC_CONFIRM, SMP_SEND_CONFIRM, SMP_STATE_CONFIRM},
702 /* KEY_READY*/
703 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}};
704
705 static const uint8_t smp_peripheral_confirm_table[][SMP_SM_NUM_COLS] = {
706 /* Event Action Next State */
707 /* RAND */
708 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
709
710 /* TK/Confirm ready */
711 /* KEY_READY*/
712 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
713
714 static const uint8_t smp_peripheral_rand_table[][SMP_SM_NUM_COLS] = {
715 /* Event Action Next State */
716 /* KEY_READY */
717 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* compare match */
718 /* RAND */
719 {SMP_SEND_RAND, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
720
721 static const uint8_t smp_peripheral_public_key_exch_table[][SMP_SM_NUM_COLS] = {
722 /* Event Action Next State */
723 /* LOC_PUBL_KEY_CRTD */
724 {SMP_WAIT_FOR_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
725 SMP_STATE_PUBLIC_KEY_EXCH},
726 /* PAIR_PUBLIC_KEY */
727 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
728 /* BOTH_PUBL_KEYS_RCVD */
729 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
730 SMP_STATE_SEC_CONN_PHS1_START},
731 };
732
733 static const uint8_t
734 smp_peripheral_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] = {
735 /* Event Action Next State */
736 /* SC_DHKEY_CMPLT */
737 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
738 SMP_STATE_SEC_CONN_PHS1_START},
739 /* HAVE_LOC_NONCE */
740 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
741 /* TK_REQ */
742 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
743 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to display,
744 * it's
745 * time to start */
746 /* commitment calculation */
747 /* KEY_READY */
748 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
749 SMP_STATE_SEC_CONN_PHS1_START},
750 /* PAIR_KEYPR_NOTIF */
751 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
752 SMP_STATE_SEC_CONN_PHS1_START},
753 /*COMMIT*/
754 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
755 SMP_STATE_SEC_CONN_PHS1_START},
756 };
757
758 static const uint8_t smp_peripheral_wait_commitment_table[][SMP_SM_NUM_COLS] = {
759 /* Event Action Next State */
760 /* PAIR_COMMITM */
761 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_COMMITMENT, SMP_STATE_WAIT_NONCE},
762 /* PAIR_KEYPR_NOTIF */
763 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
764 SMP_STATE_WAIT_COMMITMENT},
765 };
766
767 static const uint8_t smp_peripheral_wait_nonce_table[][SMP_SM_NUM_COLS] = {
768 /* Event Action Next State */
769 /* peer nonce is received */
770 /* RAND */
771 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
772 /* NC model, time to calculate number for NC */
773 /* SC_CALC_NC */
774 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
775 SMP_STATE_WAIT_NONCE},
776 /* NC model, time to display calculated number for NC to the user */
777 /* SC_DSPL_NC */
778 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
779 };
780
781 static const uint8_t
782 smp_peripheral_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] = {
783 /* Event Action Next State */
784 /* SC_PHASE1_CMPLT */
785 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
786 SMP_STATE_WAIT_DHK_CHECK},
787 /* DHKey Check from central is received before peripheral DHKey
788 * calculation is completed - race */
789 /* PAIR_DHKEY_CHCK */
790 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION,
791 SMP_STATE_SEC_CONN_PHS2_START},
792 };
793
794 static const uint8_t smp_peripheral_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
795 /* Event Action Next State */
796 /* PAIR_DHKEY_CHCK */
797 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
798 SMP_STATE_DHK_CHECK},
799 /* DHKey Check from central was received before peripheral came to this
800 state */
801 /* SC_2_DHCK_CHKS_PRES */
802 {SMP_CALCULATE_PEER_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
803 };
804
805 static const uint8_t smp_peripheral_dhk_check_table[][SMP_SM_NUM_COLS] = {
806 /* Event Action Next State */
807
808 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
809 * Check
810 */
811 /* actually received from peer */
812 /* SC_KEY_READY */
813 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
814
815 /* dhkey checks match -> send local dhkey check to central, go to wait for
816 * HCI LE
817 */
818 /* Long Term Key Request Event */
819 /* PAIR_DHKEY_CHCK */
820 {SMP_SEND_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
821 };
822
823 static const uint8_t smp_peripheral_enc_pending_table[][SMP_SM_NUM_COLS] = {
824 /* Event Action Next State */
825 /* ENC_REQ */
826 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
827
828 /* STK ready */
829 /* KEY_READY */
830 {SMP_SEND_LTK_REPLY, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
831 /* ENCRYPTED */
832 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
833 /* BOND_REQ */
834 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
835 static const uint8_t smp_peripheral_bond_pending_table[][SMP_SM_NUM_COLS] = {
836 /* Event Action Next State */
837
838 /* LTK ready */
839 /* KEY_READY */
840 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
841
842 /* rev SRK */
843 /* SIGN_INFO */
844 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
845 /* ENC_INFO */
846 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
847 /* ID_INFO */
848 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
849 /* CENTRAL_ID*/
850 {SMP_PROC_CENTRAL_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
851 /* ID_ADDR */
852 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}
853
854 };
855
856 static const uint8_t
857 smp_peripheral_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
858 /* Event Action Next State */
859 /* LOC_PUBL_KEY_CRTD */
860 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
861 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
862 /* HAVE_LOC_NONCE */
863 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
864
865 static const tSMP_SM_TBL smp_state_table[][2] = {
866 /* SMP_STATE_IDLE */
867 {smp_central_idle_table, smp_peripheral_idle_table},
868
869 /* SMP_STATE_WAIT_APP_RSP */
870 {smp_central_wait_for_app_response_table,
871 smp_peripheral_wait_for_app_response_table},
872
873 /* SMP_STATE_SEC_REQ_PENDING */
874 {NULL, smp_peripheral_sec_request_table},
875
876 /* SMP_STATE_PAIR_REQ_RSP */
877 {smp_central_pair_request_response_table,
878 smp_peripheral_pair_request_response_table},
879
880 /* SMP_STATE_WAIT_CONFIRM */
881 {smp_central_wait_for_confirm_table, smp_peripheral_wait_confirm_table},
882
883 /* SMP_STATE_CONFIRM */
884 {smp_central_confirm_table, smp_peripheral_confirm_table},
885
886 /* SMP_STATE_RAND */
887 {smp_central_rand_table, smp_peripheral_rand_table},
888
889 /* SMP_STATE_PUBLIC_KEY_EXCH */
890 {smp_central_public_key_exchange_table,
891 smp_peripheral_public_key_exch_table},
892
893 /* SMP_STATE_SEC_CONN_PHS1_START */
894 {smp_central_sec_conn_phs1_start_table,
895 smp_peripheral_sec_conn_phs1_start_table},
896
897 /* SMP_STATE_WAIT_COMMITMENT */
898 {smp_central_wait_commitment_table, smp_peripheral_wait_commitment_table},
899
900 /* SMP_STATE_WAIT_NONCE */
901 {smp_central_wait_nonce_table, smp_peripheral_wait_nonce_table},
902
903 /* SMP_STATE_SEC_CONN_PHS2_START */
904 {smp_central_sec_conn_phs2_start_table,
905 smp_peripheral_sec_conn_phs2_start_table},
906
907 /* SMP_STATE_WAIT_DHK_CHECK */
908 {smp_central_wait_dhk_check_table, smp_peripheral_wait_dhk_check_table},
909
910 /* SMP_STATE_DHK_CHECK */
911 {smp_central_dhk_check_table, smp_peripheral_dhk_check_table},
912
913 /* SMP_STATE_ENCRYPTION_PENDING */
914 {smp_central_enc_pending_table, smp_peripheral_enc_pending_table},
915
916 /* SMP_STATE_BOND_PENDING */
917 {smp_central_bond_pending_table, smp_peripheral_bond_pending_table},
918
919 /* SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA */
920 {smp_central_create_local_sec_conn_oob_data,
921 smp_peripheral_create_local_sec_conn_oob_data}};
922
923 typedef const uint8_t (*tSMP_ENTRY_TBL)[SMP_STATE_MAX];
924 static const tSMP_ENTRY_TBL smp_entry_table[] = {smp_central_entry_map,
925 smp_peripheral_entry_map};
926
927 tSMP_CB smp_cb;
928
929 #define SMP_ALL_TBL_MASK 0x80
930
931 /*******************************************************************************
932 * Function smp_set_state
933 * Returns None
934 ******************************************************************************/
smp_set_state(tSMP_STATE state)935 void smp_set_state(tSMP_STATE state) {
936 if (state < SMP_STATE_MAX) {
937 SMP_TRACE_DEBUG("State change: %s(%d) ==> %s(%d)",
938 smp_get_state_name(smp_cb.state), smp_cb.state,
939 smp_get_state_name(state), state);
940 smp_cb.state = state;
941 } else {
942 SMP_TRACE_DEBUG("smp_set_state invalid state =%d", state);
943 }
944 }
945
946 /*******************************************************************************
947 * Function smp_get_state
948 * Returns The smp state
949 ******************************************************************************/
smp_get_state(void)950 tSMP_STATE smp_get_state(void) { return smp_cb.state; }
951
952 /*******************************************************************************
953 *
954 * Function smp_sm_event
955 *
956 * Description Handle events to the state machine. It looks up the entry
957 * in the smp_entry_table array.
958 * If it is a valid entry, it gets the state table. Set the next
959 * state, if not NULL state. Execute the action function according
960 * to the state table. If the state returned by action function is
961 * not NULL state, adjust the new state to the returned state. If
962 * (api_evt != MAX), call callback function.
963 *
964 * Returns void.
965 *
966 ******************************************************************************/
smp_sm_event(tSMP_CB * p_cb,tSMP_EVENT event,tSMP_INT_DATA * p_data)967 void smp_sm_event(tSMP_CB* p_cb, tSMP_EVENT event, tSMP_INT_DATA* p_data) {
968 uint8_t curr_state = p_cb->state;
969 tSMP_SM_TBL state_table;
970 uint8_t action, entry, i;
971
972 if (p_cb->role >= 2) {
973 SMP_TRACE_DEBUG("Invalid role: %d", p_cb->role);
974 android_errorWriteLog(0x534e4554, "74121126");
975 return;
976 }
977
978 tSMP_ENTRY_TBL entry_table = smp_entry_table[p_cb->role];
979
980 SMP_TRACE_EVENT("main smp_sm_event");
981 if (curr_state >= SMP_STATE_MAX) {
982 SMP_TRACE_DEBUG("Invalid state: %d", curr_state);
983 return;
984 }
985
986 SMP_TRACE_DEBUG("SMP Role: %s State: [%s (%d)], Event: [%s (%d)]",
987 (p_cb->role == 0x01) ? "Peripheral" : "Central",
988 smp_get_state_name(p_cb->state), p_cb->state,
989 smp_get_event_name(event), event);
990
991 /* look up the state table for the current state */
992 /* lookup entry /w event & curr_state */
993 /* If entry is ignore, return.
994 * Otherwise, get state table (according to curr_state or all_state) */
995 if ((event <= SMP_MAX_EVT) &&
996 ((entry = entry_table[event - 1][curr_state]) != SMP_SM_IGNORE)) {
997 if (entry & SMP_ALL_TBL_MASK) {
998 entry &= ~SMP_ALL_TBL_MASK;
999 state_table = smp_all_table;
1000 } else
1001 state_table = smp_state_table[curr_state][p_cb->role];
1002 } else {
1003 SMP_TRACE_DEBUG("Ignore event [%s (%d)] in state [%s (%d)]",
1004 smp_get_event_name(event), event,
1005 smp_get_state_name(curr_state), curr_state);
1006 return;
1007 }
1008
1009 /* Get possible next state from state table. */
1010
1011 smp_set_state(state_table[entry - 1][SMP_SME_NEXT_STATE]);
1012
1013 /* If action is not ignore, clear param, exec action and get next state.
1014 * The action function may set the Param for cback.
1015 * Depending on param, call cback or free buffer. */
1016 /* execute action */
1017 /* execute action functions */
1018 for (i = 0; i < SMP_NUM_ACTIONS; i++) {
1019 action = state_table[entry - 1][i];
1020 if (action != SMP_SM_NO_ACTION) {
1021 (*smp_sm_action[action])(p_cb, p_data);
1022 } else {
1023 break;
1024 }
1025 }
1026 SMP_TRACE_DEBUG("result state = %s", smp_get_state_name(p_cb->state));
1027 }
1028
1029 /*******************************************************************************
1030 * Function smp_get_state_name
1031 * Returns The smp state name.
1032 ******************************************************************************/
smp_get_state_name(tSMP_STATE state)1033 const char* smp_get_state_name(tSMP_STATE state) {
1034 const char* p_str = smp_state_name[SMP_STATE_MAX];
1035
1036 if (state < SMP_STATE_MAX) {
1037 p_str = smp_state_name[state];
1038 }
1039 return p_str;
1040 }
1041
1042 /*******************************************************************************
1043 * Function smp_get_event_name
1044 * Returns The smp event name.
1045 ******************************************************************************/
smp_get_event_name(tSMP_EVENT event)1046 const char* smp_get_event_name(tSMP_EVENT event) {
1047 const char* p_str = smp_event_name[SMP_MAX_EVT];
1048
1049 if (event <= SMP_MAX_EVT) {
1050 p_str = smp_event_name[event - 1];
1051 }
1052 return p_str;
1053 }
1054