1 /******************************************************************************
2 *
3 * Copyright (C) 2008-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the implementation of the SMP utility functions used
22 * by SMP.
23 *
24 ******************************************************************************/
25
26 #include "bt_target.h"
27
28 #if SMP_INCLUDED == TRUE
29 #if SMP_DEBUG == TRUE
30 #include <stdio.h>
31 #endif
32 #include <string.h>
33
34 #include "btm_ble_api.h"
35 #include "smp_int.h"
36 #include "btm_int.h"
37 #include "btm_ble_int.h"
38 #include "hcimsgs.h"
39 #include "aes.h"
40 #ifndef SMP_MAX_ENC_REPEAT
41 #define SMP_MAX_ENC_REPEAT 3
42 #endif
43
44 static void smp_rand_back(tBTM_RAND_ENC *p);
45 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
46 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
47 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p);
48 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p);
49 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p);
50 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p);
51 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p);
52 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p);
53 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p);
54
55 static const tSMP_ACT smp_encrypt_action[] =
56 {
57 smp_generate_compare, /* SMP_GEN_COMPARE */
58 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/
59 smp_generate_stk, /* SMP_GEN_STK*/
60 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */
61 smp_generate_ltk, /* SMP_GEN_DIV_LTK */
62 smp_generate_rand_vector, /* SMP_GEN_RAND_V */
63 smp_generate_y, /* SMP_GEN_EDIV */
64 smp_generate_passkey, /* SMP_GEN_TK */
65 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */
66 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */
67 };
68
69
70 #define SMP_PASSKEY_MASK 0xfff00000
71
72 #if SMP_DEBUG == TRUE
smp_debug_print_nbyte_little_endian(UINT8 * p,const UINT8 * key_name,UINT8 len)73 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len)
74 {
75 int i, x = 0;
76 UINT8 p_buf[100];
77 memset(p_buf, 0, 100);
78
79 for (i = 0; i < len; i ++)
80 {
81 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]);
82 }
83 SMP_TRACE_WARNING2("%s(LSB ~ MSB) = %s", key_name, p_buf);
84 }
85 #else
86 #define smp_debug_print_nbyte_little_endian(p, key_name, len)
87 #endif
88
89 /*******************************************************************************
90 **
91 ** Function smp_encrypt_data
92 **
93 ** Description This function is called to generate passkey.
94 **
95 ** Returns void
96 **
97 *******************************************************************************/
smp_encrypt_data(UINT8 * key,UINT8 key_len,UINT8 * plain_text,UINT8 pt_len,tSMP_ENC * p_out)98 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len,
99 UINT8 *plain_text, UINT8 pt_len,
100 tSMP_ENC *p_out)
101 {
102 aes_context ctx;
103 UINT8 *p_start = NULL;
104 UINT8 *p = NULL;
105 UINT8 *p_rev_data = NULL; /* input data in big endilan format */
106 UINT8 *p_rev_key = NULL; /* input key in big endilan format */
107 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */
108
109 SMP_TRACE_DEBUG0 ("smp_encrypt_data");
110 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) )
111 {
112 BTM_TRACE_ERROR0 ("smp_encrypt_data Failed");
113 return(FALSE);
114 }
115
116 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL)
117 {
118 BTM_TRACE_ERROR0 ("smp_encrypt_data Failed unable to allocate buffer");
119 return(FALSE);
120 }
121
122 if (pt_len > SMP_ENCRYT_DATA_SIZE)
123 pt_len = SMP_ENCRYT_DATA_SIZE;
124
125 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4);
126 p = p_start;
127 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */
128 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */
129 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */
130 p_rev_key = p; /* start at byte 32 */
131 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */
132
133 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE);
134 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE);
135 p_rev_output = p;
136 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx);
137 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */
138
139 p = p_out->param_buf;
140 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE);
141 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE);
142
143 p_out->param_len = SMP_ENCRYT_KEY_SIZE;
144 p_out->status = HCI_SUCCESS;
145 p_out->opcode = HCI_BLE_ENCRYPT;
146
147 GKI_freebuf(p_start);
148
149 return(TRUE);
150 }
151
152
153 /*******************************************************************************
154 **
155 ** Function smp_generate_passkey
156 **
157 ** Description This function is called to generate passkey.
158 **
159 ** Returns void
160 **
161 *******************************************************************************/
smp_generate_passkey(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)162 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
163 {
164 SMP_TRACE_DEBUG0 ("smp_generate_passkey");
165 p_cb->rand_enc_proc = SMP_GEN_TK;
166
167 /* generate MRand or SRand */
168 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
169 smp_rand_back(NULL);
170 }
171 /*******************************************************************************
172 **
173 ** Function smp_proc_passkey
174 **
175 ** Description This function is called to process a passkey.
176 **
177 ** Returns void
178 **
179 *******************************************************************************/
smp_proc_passkey(tSMP_CB * p_cb,tBTM_RAND_ENC * p)180 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p)
181 {
182 UINT8 *tt = p_cb->tk;
183 tSMP_KEY key;
184 UINT32 passkey; /* 19655 test number; */
185 UINT8 *pp = p->param_buf;
186
187 SMP_TRACE_DEBUG0 ("smp_proc_passkey ");
188 STREAM_TO_UINT32(passkey, pp);
189 passkey &= ~SMP_PASSKEY_MASK;
190
191 /* truncate by maximum value */
192 while (passkey > BTM_MAX_PASSKEY_VAL)
193 passkey >>= 1;
194 SMP_TRACE_ERROR1("Passkey generated = %d", passkey);
195
196 /* save the TK */
197 memset(p_cb->tk, 0, BT_OCTET16_LEN);
198 UINT32_TO_STREAM(tt, passkey);
199
200 key.key_type = SMP_KEY_TYPE_TK;
201 key.p_data = p_cb->tk;
202
203 if (p_cb->p_callback)
204 {
205 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey);
206 }
207
208 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key);
209 }
210
211
212 /*******************************************************************************
213 **
214 ** Function smp_generate_stk
215 **
216 ** Description This function is called to generate STK calculated by running
217 ** AES with the TK value as key and a concatenation of the random
218 ** values.
219 **
220 ** Returns void
221 **
222 *******************************************************************************/
smp_generate_stk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)223 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
224 {
225 BT_OCTET16 ptext;
226 UINT8 *p = ptext;
227 tSMP_ENC output;
228 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
229
230 SMP_TRACE_DEBUG0 ("smp_generate_stk ");
231
232 memset(p, 0, BT_OCTET16_LEN);
233 if (p_cb->role == HCI_ROLE_MASTER)
234 {
235 memcpy(p, p_cb->rand, BT_OCTET8_LEN);
236 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN);
237 }
238 else
239 {
240 memcpy(p, p_cb->rrand, BT_OCTET8_LEN);
241 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN);
242 }
243
244 /* generate STK = Etk(rand|rrand)*/
245 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output))
246 {
247 SMP_TRACE_ERROR0("smp_generate_stk failed");
248 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
249 }
250 else
251 {
252 smp_process_stk(p_cb, &output);
253 }
254
255 }
256 /*******************************************************************************
257 **
258 ** Function smp_generate_confirm
259 **
260 ** Description This function is called to start the second pairing phase by
261 ** start generating initializer random number.
262 **
263 **
264 ** Returns void
265 **
266 *******************************************************************************/
smp_generate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)267 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
268 {
269 SMP_TRACE_DEBUG0 ("smp_generate_confirm");
270 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND;
271 /* generate MRand or SRand */
272 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
273 smp_rand_back(NULL);
274 }
275 /*******************************************************************************
276 **
277 ** Function smp_genenrate_rand_cont
278 **
279 ** Description This function is called to generate another 64 bits random for
280 ** MRand or Srand.
281 **
282 ** Returns void
283 **
284 *******************************************************************************/
smp_genenrate_rand_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)285 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
286 {
287 SMP_TRACE_DEBUG0 ("smp_genenrate_rand_cont ");
288 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT;
289 /* generate 64 MSB of MRand or SRand */
290
291 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
292 smp_rand_back(NULL);
293 }
294 /*******************************************************************************
295 **
296 ** Function smp_generate_ltk
297 **
298 ** Description This function is called to calculate LTK, starting with DIV
299 ** generation.
300 **
301 **
302 ** Returns void
303 **
304 *******************************************************************************/
smp_generate_ltk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)305 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
306 {
307 BOOLEAN div_status;
308
309 SMP_TRACE_DEBUG0 ("smp_generate_ltk ");
310
311 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
312
313 if (div_status)
314 {
315 smp_genenrate_ltk_cont(p_cb, NULL);
316 }
317 else
318 {
319 SMP_TRACE_DEBUG0 ("Generate DIV for LTK");
320 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK;
321 /* generate MRand or SRand */
322 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
323 smp_rand_back(NULL);
324 }
325 }
326
327
328 /*******************************************************************************
329 **
330 ** Function smp_compute_csrk
331 **
332 ** Description This function is called to calculate CSRK
333 **
334 **
335 ** Returns void
336 **
337 *******************************************************************************/
smp_compute_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)338 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
339 {
340 BT_OCTET16 er;
341 UINT8 buffer[4]; /* for (r || DIV) r=1*/
342 UINT16 r=1;
343 UINT8 *p=buffer;
344 tSMP_ENC output;
345 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
346
347 SMP_TRACE_DEBUG1 ("smp_compute_csrk div=%x", p_cb->div);
348 BTM_GetDeviceEncRoot(er);
349 /* CSRK = d1(ER, DIV, 1) */
350 UINT16_TO_STREAM(p, p_cb->div);
351 UINT16_TO_STREAM(p, r);
352
353 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output))
354 {
355 SMP_TRACE_ERROR0("smp_generate_csrk failed");
356 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
357 }
358 else
359 {
360 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
361 smp_send_csrk_info(p_cb, NULL);
362 }
363 }
364
365 /*******************************************************************************
366 **
367 ** Function smp_generate_csrk
368 **
369 ** Description This function is called to calculate LTK, starting with DIV
370 ** generation.
371 **
372 **
373 ** Returns void
374 **
375 *******************************************************************************/
smp_generate_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)376 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
377 {
378 BOOLEAN div_status;
379
380 SMP_TRACE_DEBUG0 ("smp_generate_csrk");
381
382 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
383 if (div_status)
384 {
385 smp_compute_csrk(p_cb, NULL);
386 }
387 else
388 {
389 SMP_TRACE_DEBUG0 ("Generate DIV for CSRK");
390 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK;
391 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
392 smp_rand_back(NULL);
393 }
394 }
395
396
397 /*******************************************************************************
398 ** Function smp_concatenate_peer
399 ** add pairing command sent from local device into p1.
400 *******************************************************************************/
smp_concatenate_local(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)401 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
402 {
403 UINT8 *p = *p_data;
404
405 SMP_TRACE_DEBUG0 ("smp_concatenate_local ");
406 UINT8_TO_STREAM(p, op_code);
407 UINT8_TO_STREAM(p, p_cb->loc_io_caps);
408 UINT8_TO_STREAM(p, p_cb->loc_oob_flag);
409 UINT8_TO_STREAM(p, p_cb->loc_auth_req);
410 UINT8_TO_STREAM(p, p_cb->loc_enc_size);
411 UINT8_TO_STREAM(p, p_cb->loc_i_key);
412 UINT8_TO_STREAM(p, p_cb->loc_r_key);
413
414 *p_data = p;
415 }
416 /*******************************************************************************
417 ** Function smp_concatenate_peer
418 ** add pairing command received from peer device into p1.
419 *******************************************************************************/
smp_concatenate_peer(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)420 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
421 {
422 UINT8 *p = *p_data;
423
424 SMP_TRACE_DEBUG0 ("smp_concatenate_peer ");
425 UINT8_TO_STREAM(p, op_code);
426 UINT8_TO_STREAM(p, p_cb->peer_io_caps);
427 UINT8_TO_STREAM(p, p_cb->peer_oob_flag);
428 UINT8_TO_STREAM(p, p_cb->peer_auth_req);
429 UINT8_TO_STREAM(p, p_cb->peer_enc_size);
430 UINT8_TO_STREAM(p, p_cb->peer_i_key);
431 UINT8_TO_STREAM(p, p_cb->peer_r_key);
432
433 *p_data = p;
434 }
435 /*******************************************************************************
436 **
437 ** Function smp_gen_p1_4_confirm
438 **
439 ** Description Generate Confirm/Compare Step1:
440 ** p1 = pres || preq || rat' || iat'
441 **
442 ** Returns void
443 **
444 *******************************************************************************/
smp_gen_p1_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p1)445 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1)
446 {
447 UINT8 *p = (UINT8 *)p1;
448 tBLE_ADDR_TYPE addr_type = 0;
449 BD_ADDR remote_bda;
450
451 SMP_TRACE_DEBUG0 ("smp_gen_p1_4_confirm");
452
453 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
454 {
455 SMP_TRACE_ERROR0("can not generate confirm for unknown device");
456 return;
457 }
458
459 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type);
460
461 if (p_cb->role == HCI_ROLE_MASTER)
462 {
463 /* LSB : rat': initiator's(local) address type */
464 UINT8_TO_STREAM(p, p_cb->addr_type);
465 /* LSB : iat': responder's address type */
466 UINT8_TO_STREAM(p, addr_type);
467 /* concatinate preq */
468 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
469 /* concatinate pres */
470 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
471 }
472 else
473 {
474 /* LSB : iat': initiator's address type */
475 UINT8_TO_STREAM(p, addr_type);
476 /* LSB : rat': responder's(local) address type */
477 UINT8_TO_STREAM(p, p_cb->addr_type);
478 /* concatinate preq */
479 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
480 /* concatinate pres */
481 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
482 }
483 #if SMP_DEBUG == TRUE
484 SMP_TRACE_DEBUG0("p1 = pres || preq || rat' || iat'");
485 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16);
486 #endif
487 }
488 /*******************************************************************************
489 **
490 ** Function smp_gen_p2_4_confirm
491 **
492 ** Description Generate Confirm/Compare Step2:
493 ** p2 = padding || ia || ra
494 **
495 ** Returns void
496 **
497 *******************************************************************************/
smp_gen_p2_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p2)498 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2)
499 {
500 UINT8 *p = (UINT8 *)p2;
501 BD_ADDR remote_bda;
502 tBLE_ADDR_TYPE addr_type = 0;
503
504 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
505 {
506 SMP_TRACE_ERROR0("can not generate confirm p2 for unknown device");
507 return;
508 }
509
510 SMP_TRACE_DEBUG0 ("smp_gen_p2_4_confirm");
511
512 memset(p, 0, sizeof(BT_OCTET16));
513
514 if (p_cb->role == HCI_ROLE_MASTER)
515 {
516 /* LSB ra */
517 BDADDR_TO_STREAM(p, remote_bda);
518 /* ia */
519 BDADDR_TO_STREAM(p, p_cb->local_bda);
520 }
521 else
522 {
523 /* LSB ra */
524 BDADDR_TO_STREAM(p, p_cb->local_bda);
525 /* ia */
526 BDADDR_TO_STREAM(p, remote_bda);
527 }
528 #if SMP_DEBUG == TRUE
529 SMP_TRACE_DEBUG0("p2 = padding || ia || ra");
530 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16);
531 #endif
532 }
533 /*******************************************************************************
534 **
535 ** Function smp_calculate_comfirm
536 **
537 ** Description This function is called to calculate Confirm value.
538 **
539 ** Returns void
540 **
541 *******************************************************************************/
smp_calculate_comfirm(tSMP_CB * p_cb,BT_OCTET16 rand,BD_ADDR bda)542 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda)
543 {
544 BT_OCTET16 p1;
545 tSMP_ENC output;
546 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
547
548 SMP_TRACE_DEBUG0 ("smp_calculate_comfirm ");
549 /* generate p1 = pres || preq || rat' || iat' */
550 smp_gen_p1_4_confirm(p_cb, p1);
551
552 /* p1 = rand XOR p1 */
553 smp_xor_128(p1, rand);
554
555 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16);
556
557 /* calculate e(k, r XOR p1), where k = TK */
558 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output))
559 {
560 SMP_TRACE_ERROR0("smp_generate_csrk failed");
561 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
562 }
563 else
564 {
565 smp_calculate_comfirm_cont(p_cb, &output);
566 }
567 }
568 /*******************************************************************************
569 **
570 ** Function smp_calculate_comfirm_cont
571 **
572 ** Description This function is called when SConfirm/MConfirm is generated
573 ** proceed to send the Confirm request/response to peer device.
574 **
575 ** Returns void
576 **
577 *******************************************************************************/
smp_calculate_comfirm_cont(tSMP_CB * p_cb,tSMP_ENC * p)578 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p)
579 {
580 BT_OCTET16 p2;
581 tSMP_ENC output;
582 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
583
584 SMP_TRACE_DEBUG0 ("smp_calculate_comfirm_cont ");
585 #if SMP_DEBUG == TRUE
586 SMP_TRACE_DEBUG0("Confirm step 1 p1' = e(k, r XOR p1) Generated");
587 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16);
588 #endif
589
590 smp_gen_p2_4_confirm(p_cb, p2);
591
592 /* calculate p2 = (p1' XOR p2) */
593 smp_xor_128(p2, p->param_buf);
594 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16);
595
596 /* calculate: Confirm = E(k, p1' XOR p2) */
597 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output))
598 {
599 SMP_TRACE_ERROR0("smp_calculate_comfirm_cont failed");
600 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
601 }
602 else
603 {
604 switch (p_cb->rand_enc_proc)
605 {
606 case SMP_GEN_CONFIRM:
607 smp_process_confirm(p_cb, &output);
608 break;
609
610 case SMP_GEN_COMPARE:
611 smp_process_compare(p_cb, &output);
612 break;
613 }
614 }
615 }
616 /*******************************************************************************
617 **
618 ** Function smp_genenrate_confirm
619 **
620 ** Description This function is called when a 48 bits random number is generated
621 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm.
622 **
623 ** Returns void
624 **
625 *******************************************************************************/
smp_genenrate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)626 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
627 {
628 SMP_TRACE_DEBUG0 ("smp_genenrate_confirm ");
629 p_cb->rand_enc_proc = SMP_GEN_CONFIRM;
630
631 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16);
632
633 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda);
634 }
635 /*******************************************************************************
636 **
637 ** Function smp_generate_compare
638 **
639 ** Description This function is called to generate SConfirm for Slave device,
640 ** or MSlave for Master device. This function can be also used for
641 ** generating Compare number for confirm value check.
642 **
643 ** Returns void
644 **
645 *******************************************************************************/
smp_generate_compare(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)646 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
647 {
648 SMP_TRACE_DEBUG0 ("smp_generate_compare ");
649 p_cb->rand_enc_proc = SMP_GEN_COMPARE;
650
651 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16);
652
653 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda);
654 }
655 /*******************************************************************************
656 **
657 ** Function smp_process_confirm
658 **
659 ** Description This function is called when SConfirm/MConfirm is generated
660 ** proceed to send the Confirm request/response to peer device.
661 **
662 ** Returns void
663 **
664 *******************************************************************************/
smp_process_confirm(tSMP_CB * p_cb,tSMP_ENC * p)665 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p)
666 {
667 tSMP_KEY key;
668
669 SMP_TRACE_DEBUG0 ("smp_process_confirm ");
670 #if SMP_CONFORMANCE_TESTING == TRUE
671 if (p_cb->enable_test_confirm_val)
672 {
673 BTM_TRACE_DEBUG0 ("Use confirm value from script");
674 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN);
675 }
676 else
677 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
678 #else
679 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
680 #endif
681
682
683 #if (SMP_DEBUG == TRUE)
684 SMP_TRACE_DEBUG0("Confirm Generated");
685 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16);
686 #endif
687
688 key.key_type = SMP_KEY_TYPE_CFM;
689 key.p_data = p->param_buf;
690
691 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
692 }
693 /*******************************************************************************
694 **
695 ** Function smp_process_compare
696 **
697 ** Description This function is called when Compare is generated using the
698 ** RRand and local BDA, TK information.
699 **
700 ** Returns void
701 **
702 *******************************************************************************/
smp_process_compare(tSMP_CB * p_cb,tSMP_ENC * p)703 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p)
704 {
705 tSMP_KEY key;
706
707 SMP_TRACE_DEBUG0 ("smp_process_compare ");
708 #if (SMP_DEBUG == TRUE)
709 SMP_TRACE_DEBUG0("Compare Generated");
710 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16);
711 #endif
712 key.key_type = SMP_KEY_TYPE_CMP;
713 key.p_data = p->param_buf;
714
715 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
716 }
717
718 /*******************************************************************************
719 **
720 ** Function smp_process_stk
721 **
722 ** Description This function is called when STK is generated
723 ** proceed to send the encrypt the link using STK.
724 **
725 ** Returns void
726 **
727 *******************************************************************************/
smp_process_stk(tSMP_CB * p_cb,tSMP_ENC * p)728 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p)
729 {
730 tSMP_KEY key;
731
732 SMP_TRACE_DEBUG0 ("smp_process_stk ");
733 #if (SMP_DEBUG == TRUE)
734 SMP_TRACE_ERROR0("STK Generated");
735 #endif
736 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf);
737
738 key.key_type = SMP_KEY_TYPE_STK;
739 key.p_data = p->param_buf;
740
741 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
742 }
743
744 /*******************************************************************************
745 **
746 ** Function smp_genenrate_ltk_cont
747 **
748 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV)
749 **
750 ** Returns void
751 **
752 *******************************************************************************/
smp_genenrate_ltk_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)753 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
754 {
755 BT_OCTET16 er;
756 tSMP_ENC output;
757 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
758
759 SMP_TRACE_DEBUG0 ("smp_genenrate_ltk_cont ");
760 BTM_GetDeviceEncRoot(er);
761
762 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
763 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div,
764 sizeof(UINT16), &output))
765 {
766 SMP_TRACE_ERROR0("smp_genenrate_ltk_cont failed");
767 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
768 }
769 else
770 {
771 /* mask the LTK */
772 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
773 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
774 smp_generate_rand_vector(p_cb, NULL);
775 }
776
777 }
778
779 /*******************************************************************************
780 **
781 ** Function smp_generate_y
782 **
783 ** Description This function is to proceed generate Y = E(DHK, Rand)
784 **
785 ** Returns void
786 **
787 *******************************************************************************/
smp_generate_y(tSMP_CB * p_cb,tSMP_INT_DATA * p)788 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p)
789 {
790 BT_OCTET16 dhk;
791 tSMP_ENC output;
792 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
793
794
795 SMP_TRACE_DEBUG0 ("smp_generate_y ");
796 BTM_GetDeviceDHK(dhk);
797
798 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand,
799 BT_OCTET8_LEN, &output))
800 {
801 SMP_TRACE_ERROR0("smp_generate_y failed");
802 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
803 }
804 else
805 {
806 smp_process_ediv(p_cb, &output);
807 }
808 }
809 /*******************************************************************************
810 **
811 ** Function smp_generate_rand_vector
812 **
813 ** Description This function is called when LTK is generated, send state machine
814 ** event to SMP.
815 **
816 ** Returns void
817 **
818 *******************************************************************************/
smp_generate_rand_vector(tSMP_CB * p_cb,tSMP_INT_DATA * p)819 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p)
820 {
821 /* generate EDIV and rand now */
822 /* generate random vector */
823 SMP_TRACE_DEBUG0 ("smp_generate_rand_vector ");
824 p_cb->rand_enc_proc = SMP_GEN_RAND_V;
825 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
826 smp_rand_back(NULL);
827
828 }
829 /*******************************************************************************
830 **
831 ** Function smp_genenrate_smp_process_edivltk_cont
832 **
833 ** Description This function is to calculate EDIV = Y xor DIV
834 **
835 ** Returns void
836 **
837 *******************************************************************************/
smp_process_ediv(tSMP_CB * p_cb,tSMP_ENC * p)838 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p)
839 {
840 tSMP_KEY key;
841 UINT8 *pp= p->param_buf;
842 UINT16 y;
843
844 SMP_TRACE_DEBUG0 ("smp_process_ediv ");
845 STREAM_TO_UINT16(y, pp);
846
847 /* EDIV = Y xor DIV */
848 p_cb->ediv = p_cb->div ^ y;
849 /* send LTK ready */
850 SMP_TRACE_ERROR0("LTK ready");
851 key.key_type = SMP_KEY_TYPE_LTK;
852 key.p_data = p->param_buf;
853
854 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
855 }
856
857 /*******************************************************************************
858 **
859 ** Function smp_rand_back
860 **
861 ** Description This function is to process the rand command finished,
862 ** process the random/encrypted number for further action.
863 **
864 ** Returns void
865 **
866 *******************************************************************************/
smp_rand_back(tBTM_RAND_ENC * p)867 static void smp_rand_back(tBTM_RAND_ENC *p)
868 {
869 tSMP_CB *p_cb = &smp_cb;
870 UINT8 *pp = p->param_buf;
871 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN;
872 UINT8 state = p_cb->rand_enc_proc & ~0x80;
873
874 SMP_TRACE_DEBUG1 ("smp_rand_back state=0x%x", state);
875 if (p && p->status == HCI_SUCCESS)
876 {
877 switch (state)
878 {
879
880 case SMP_GEN_SRAND_MRAND:
881 memcpy((void *)p_cb->rand, p->param_buf, p->param_len);
882 smp_genenrate_rand_cont(p_cb, NULL);
883 break;
884
885 case SMP_GEN_SRAND_MRAND_CONT:
886 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len);
887 smp_genenrate_confirm(p_cb, NULL);
888 break;
889
890 case SMP_GEN_DIV_LTK:
891 STREAM_TO_UINT16(p_cb->div, pp);
892 smp_genenrate_ltk_cont(p_cb, NULL);
893 break;
894
895 case SMP_GEN_DIV_CSRK:
896 STREAM_TO_UINT16(p_cb->div, pp);
897 smp_compute_csrk(p_cb, NULL);
898 break;
899
900 case SMP_GEN_TK:
901 smp_proc_passkey(p_cb, p);
902 break;
903
904 case SMP_GEN_RAND_V:
905 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN);
906 smp_generate_y(p_cb, NULL);
907 break;
908
909 }
910
911 return;
912 }
913
914 SMP_TRACE_ERROR1("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc);
915
916 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
917
918 }
919 #endif
920
921