• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /******************************************************************************
2  *
3  *  Copyright (C) 2008-2012 Broadcom Corporation
4  *
5  *  Licensed under the Apache License, Version 2.0 (the "License");
6  *  you may not use this file except in compliance with the License.
7  *  You may obtain a copy of the License at:
8  *
9  *  http://www.apache.org/licenses/LICENSE-2.0
10  *
11  *  Unless required by applicable law or agreed to in writing, software
12  *  distributed under the License is distributed on an "AS IS" BASIS,
13  *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  *  See the License for the specific language governing permissions and
15  *  limitations under the License.
16  *
17  ******************************************************************************/
18 
19 /******************************************************************************
20  *
21  *  This file contains the implementation of the SMP utility functions used
22  *  by SMP.
23  *
24  ******************************************************************************/
25 
26 #include "bt_target.h"
27 
28 #if SMP_INCLUDED == TRUE
29     #if SMP_DEBUG == TRUE
30         #include <stdio.h>
31     #endif
32     #include <string.h>
33 
34     #include "btm_ble_api.h"
35     #include "smp_int.h"
36     #include "btm_int.h"
37     #include "btm_ble_int.h"
38     #include "hcimsgs.h"
39     #include "aes.h"
40     #ifndef SMP_MAX_ENC_REPEAT
41         #define SMP_MAX_ENC_REPEAT      3
42     #endif
43 
44 static void smp_rand_back(tBTM_RAND_ENC *p);
45 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
46 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
47 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p);
48 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p);
49 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p);
50 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p);
51 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p);
52 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p);
53 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p);
54 
55 static const tSMP_ACT smp_encrypt_action[] =
56 {
57     smp_generate_compare,           /* SMP_GEN_COMPARE */
58     smp_genenrate_confirm,          /* SMP_GEN_CONFIRM*/
59     smp_generate_stk,               /* SMP_GEN_STK*/
60     smp_genenrate_ltk_cont,          /* SMP_GEN_LTK */
61     smp_generate_ltk,               /* SMP_GEN_DIV_LTK */
62     smp_generate_rand_vector,        /* SMP_GEN_RAND_V */
63     smp_generate_y,                  /* SMP_GEN_EDIV */
64     smp_generate_passkey,           /* SMP_GEN_TK */
65     smp_generate_confirm,           /* SMP_GEN_SRAND_MRAND */
66     smp_genenrate_rand_cont         /* SMP_GEN_SRAND_MRAND_CONT */
67 };
68 
69 
70     #define SMP_PASSKEY_MASK    0xfff00000
71 
72     #if SMP_DEBUG == TRUE
smp_debug_print_nbyte_little_endian(UINT8 * p,const UINT8 * key_name,UINT8 len)73 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len)
74 {
75     int     i, x = 0;
76     UINT8   p_buf[100];
77     memset(p_buf, 0, 100);
78 
79     for (i = 0; i < len; i ++)
80     {
81         x += sprintf ((char *)&p_buf[x], "%02x ", p[i]);
82     }
83     SMP_TRACE_WARNING2("%s(LSB ~ MSB) = %s", key_name, p_buf);
84 }
85     #else
86         #define smp_debug_print_nbyte_little_endian(p, key_name, len)
87     #endif
88 
89 /*******************************************************************************
90 **
91 ** Function         smp_encrypt_data
92 **
93 ** Description      This function is called to generate passkey.
94 **
95 ** Returns          void
96 **
97 *******************************************************************************/
smp_encrypt_data(UINT8 * key,UINT8 key_len,UINT8 * plain_text,UINT8 pt_len,tSMP_ENC * p_out)98 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len,
99                           UINT8 *plain_text, UINT8 pt_len,
100                           tSMP_ENC *p_out)
101 {
102     aes_context     ctx;
103     UINT8           *p_start = NULL;
104     UINT8           *p = NULL;
105     UINT8           *p_rev_data = NULL;    /* input data in big endilan format */
106     UINT8           *p_rev_key = NULL;     /* input key in big endilan format */
107     UINT8           *p_rev_output = NULL;  /* encrypted output in big endilan format */
108 
109     SMP_TRACE_DEBUG0 ("smp_encrypt_data");
110     if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) )
111     {
112         BTM_TRACE_ERROR0 ("smp_encrypt_data Failed");
113         return(FALSE);
114     }
115 
116     if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL)
117     {
118         BTM_TRACE_ERROR0 ("smp_encrypt_data Failed unable to allocate buffer");
119         return(FALSE);
120     }
121 
122     if (pt_len > SMP_ENCRYT_DATA_SIZE)
123         pt_len = SMP_ENCRYT_DATA_SIZE;
124 
125     memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4);
126     p = p_start;
127     ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */
128     p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */
129     REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE);  /* byte 16 to byte 31 */
130     p_rev_key = p; /* start at byte 32 */
131     REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */
132 
133     smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE);
134     smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE);
135     p_rev_output = p;
136     aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx);
137     aes_encrypt(p_rev_data, p, &ctx);  /* outputs in byte 48 to byte 63 */
138 
139     p = p_out->param_buf;
140     REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE);
141     smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE);
142 
143     p_out->param_len = SMP_ENCRYT_KEY_SIZE;
144     p_out->status = HCI_SUCCESS;
145     p_out->opcode =  HCI_BLE_ENCRYPT;
146 
147     GKI_freebuf(p_start);
148 
149     return(TRUE);
150 }
151 
152 
153 /*******************************************************************************
154 **
155 ** Function         smp_generate_passkey
156 **
157 ** Description      This function is called to generate passkey.
158 **
159 ** Returns          void
160 **
161 *******************************************************************************/
smp_generate_passkey(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)162 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
163 {
164     SMP_TRACE_DEBUG0 ("smp_generate_passkey");
165     p_cb->rand_enc_proc = SMP_GEN_TK;
166 
167     /* generate MRand or SRand */
168     if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
169         smp_rand_back(NULL);
170 }
171 /*******************************************************************************
172 **
173 ** Function         smp_proc_passkey
174 **
175 ** Description      This function is called to process a passkey.
176 **
177 ** Returns          void
178 **
179 *******************************************************************************/
smp_proc_passkey(tSMP_CB * p_cb,tBTM_RAND_ENC * p)180 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p)
181 {
182     UINT8   *tt = p_cb->tk;
183     tSMP_KEY    key;
184     UINT32  passkey; /* 19655 test number; */
185     UINT8 *pp = p->param_buf;
186 
187     SMP_TRACE_DEBUG0 ("smp_proc_passkey ");
188     STREAM_TO_UINT32(passkey, pp);
189     passkey &= ~SMP_PASSKEY_MASK;
190 
191     /* truncate by maximum value */
192     while (passkey > BTM_MAX_PASSKEY_VAL)
193         passkey >>= 1;
194     SMP_TRACE_ERROR1("Passkey generated = %d", passkey);
195 
196     /* save the TK */
197     memset(p_cb->tk, 0, BT_OCTET16_LEN);
198     UINT32_TO_STREAM(tt, passkey);
199 
200     key.key_type = SMP_KEY_TYPE_TK;
201     key.p_data  = p_cb->tk;
202 
203     if (p_cb->p_callback)
204     {
205         (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey);
206     }
207 
208     smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key);
209 }
210 
211 
212 /*******************************************************************************
213 **
214 ** Function         smp_generate_stk
215 **
216 ** Description      This function is called to generate STK calculated by running
217 **                  AES with the TK value as key and a concatenation of the random
218 **                  values.
219 **
220 ** Returns          void
221 **
222 *******************************************************************************/
smp_generate_stk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)223 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
224 {
225     BT_OCTET16      ptext;
226     UINT8           *p = ptext;
227     tSMP_ENC        output;
228     tSMP_STATUS     status = SMP_PAIR_FAIL_UNKNOWN;
229 
230     SMP_TRACE_DEBUG0 ("smp_generate_stk ");
231 
232     memset(p, 0, BT_OCTET16_LEN);
233     if (p_cb->role == HCI_ROLE_MASTER)
234     {
235         memcpy(p, p_cb->rand, BT_OCTET8_LEN);
236         memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN);
237     }
238     else
239     {
240         memcpy(p, p_cb->rrand, BT_OCTET8_LEN);
241         memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN);
242     }
243 
244     /* generate STK = Etk(rand|rrand)*/
245     if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output))
246     {
247         SMP_TRACE_ERROR0("smp_generate_stk failed");
248         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
249     }
250     else
251     {
252         smp_process_stk(p_cb, &output);
253     }
254 
255 }
256 /*******************************************************************************
257 **
258 ** Function         smp_generate_confirm
259 **
260 ** Description      This function is called to start the second pairing phase by
261 **                  start generating initializer random number.
262 **
263 **
264 ** Returns          void
265 **
266 *******************************************************************************/
smp_generate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)267 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
268 {
269     SMP_TRACE_DEBUG0 ("smp_generate_confirm");
270     p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND;
271     /* generate MRand or SRand */
272     if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
273         smp_rand_back(NULL);
274 }
275 /*******************************************************************************
276 **
277 ** Function         smp_genenrate_rand_cont
278 **
279 ** Description      This function is called to generate another 64 bits random for
280 **                  MRand or Srand.
281 **
282 ** Returns          void
283 **
284 *******************************************************************************/
smp_genenrate_rand_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)285 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
286 {
287     SMP_TRACE_DEBUG0 ("smp_genenrate_rand_cont ");
288     p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT;
289     /* generate 64 MSB of MRand or SRand */
290 
291     if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
292         smp_rand_back(NULL);
293 }
294 /*******************************************************************************
295 **
296 ** Function         smp_generate_ltk
297 **
298 ** Description      This function is called to calculate LTK, starting with DIV
299 **                  generation.
300 **
301 **
302 ** Returns          void
303 **
304 *******************************************************************************/
smp_generate_ltk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)305 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
306 {
307     BOOLEAN     div_status;
308 
309     SMP_TRACE_DEBUG0 ("smp_generate_ltk ");
310 
311     div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
312 
313     if (div_status)
314     {
315         smp_genenrate_ltk_cont(p_cb, NULL);
316     }
317     else
318     {
319         SMP_TRACE_DEBUG0 ("Generate DIV for LTK");
320         p_cb->rand_enc_proc = SMP_GEN_DIV_LTK;
321         /* generate MRand or SRand */
322         if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
323             smp_rand_back(NULL);
324     }
325 }
326 
327 
328 /*******************************************************************************
329 **
330 ** Function         smp_compute_csrk
331 **
332 ** Description      This function is called to calculate CSRK
333 **
334 **
335 ** Returns          void
336 **
337 *******************************************************************************/
smp_compute_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)338 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
339 {
340     BT_OCTET16  er;
341     UINT8       buffer[4]; /* for (r || DIV)  r=1*/
342     UINT16      r=1;
343     UINT8       *p=buffer;
344     tSMP_ENC    output;
345     tSMP_STATUS   status = SMP_PAIR_FAIL_UNKNOWN;
346 
347     SMP_TRACE_DEBUG1 ("smp_compute_csrk div=%x", p_cb->div);
348     BTM_GetDeviceEncRoot(er);
349     /* CSRK = d1(ER, DIV, 1) */
350     UINT16_TO_STREAM(p, p_cb->div);
351     UINT16_TO_STREAM(p, r);
352 
353     if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output))
354     {
355         SMP_TRACE_ERROR0("smp_generate_csrk failed");
356         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
357     }
358     else
359     {
360         memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
361         smp_send_csrk_info(p_cb, NULL);
362     }
363 }
364 
365 /*******************************************************************************
366 **
367 ** Function         smp_generate_csrk
368 **
369 ** Description      This function is called to calculate LTK, starting with DIV
370 **                  generation.
371 **
372 **
373 ** Returns          void
374 **
375 *******************************************************************************/
smp_generate_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)376 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
377 {
378     BOOLEAN     div_status;
379 
380     SMP_TRACE_DEBUG0 ("smp_generate_csrk");
381 
382     div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
383     if (div_status)
384     {
385         smp_compute_csrk(p_cb, NULL);
386     }
387     else
388     {
389         SMP_TRACE_DEBUG0 ("Generate DIV for CSRK");
390         p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK;
391         if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
392             smp_rand_back(NULL);
393     }
394 }
395 
396 
397 /*******************************************************************************
398 ** Function         smp_concatenate_peer
399 **                  add pairing command sent from local device into p1.
400 *******************************************************************************/
smp_concatenate_local(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)401 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
402 {
403     UINT8   *p = *p_data;
404 
405     SMP_TRACE_DEBUG0 ("smp_concatenate_local ");
406     UINT8_TO_STREAM(p, op_code);
407     UINT8_TO_STREAM(p, p_cb->loc_io_caps);
408     UINT8_TO_STREAM(p, p_cb->loc_oob_flag);
409     UINT8_TO_STREAM(p, p_cb->loc_auth_req);
410     UINT8_TO_STREAM(p, p_cb->loc_enc_size);
411     UINT8_TO_STREAM(p, p_cb->loc_i_key);
412     UINT8_TO_STREAM(p, p_cb->loc_r_key);
413 
414     *p_data = p;
415 }
416 /*******************************************************************************
417 ** Function         smp_concatenate_peer
418 **                  add pairing command received from peer device into p1.
419 *******************************************************************************/
smp_concatenate_peer(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)420 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
421 {
422     UINT8   *p = *p_data;
423 
424     SMP_TRACE_DEBUG0 ("smp_concatenate_peer ");
425     UINT8_TO_STREAM(p, op_code);
426     UINT8_TO_STREAM(p, p_cb->peer_io_caps);
427     UINT8_TO_STREAM(p, p_cb->peer_oob_flag);
428     UINT8_TO_STREAM(p, p_cb->peer_auth_req);
429     UINT8_TO_STREAM(p, p_cb->peer_enc_size);
430     UINT8_TO_STREAM(p, p_cb->peer_i_key);
431     UINT8_TO_STREAM(p, p_cb->peer_r_key);
432 
433     *p_data = p;
434 }
435 /*******************************************************************************
436 **
437 ** Function         smp_gen_p1_4_confirm
438 **
439 ** Description      Generate Confirm/Compare Step1:
440 **                  p1 = pres || preq || rat' || iat'
441 **
442 ** Returns          void
443 **
444 *******************************************************************************/
smp_gen_p1_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p1)445 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1)
446 {
447     UINT8 *p = (UINT8 *)p1;
448     tBLE_ADDR_TYPE    addr_type = 0;
449     BD_ADDR           remote_bda;
450 
451     SMP_TRACE_DEBUG0 ("smp_gen_p1_4_confirm");
452 
453     if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
454     {
455         SMP_TRACE_ERROR0("can not generate confirm for unknown device");
456         return;
457     }
458 
459     BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type);
460 
461     if (p_cb->role == HCI_ROLE_MASTER)
462     {
463         /* LSB : rat': initiator's(local) address type */
464         UINT8_TO_STREAM(p, p_cb->addr_type);
465         /* LSB : iat': responder's address type */
466         UINT8_TO_STREAM(p, addr_type);
467         /* concatinate preq */
468         smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
469         /* concatinate pres */
470         smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
471     }
472     else
473     {
474         /* LSB : iat': initiator's address type */
475         UINT8_TO_STREAM(p, addr_type);
476         /* LSB : rat': responder's(local) address type */
477         UINT8_TO_STREAM(p, p_cb->addr_type);
478         /* concatinate preq */
479         smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
480         /* concatinate pres */
481         smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
482     }
483 #if SMP_DEBUG == TRUE
484     SMP_TRACE_DEBUG0("p1 = pres || preq || rat' || iat'");
485     smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16);
486 #endif
487 }
488 /*******************************************************************************
489 **
490 ** Function         smp_gen_p2_4_confirm
491 **
492 ** Description      Generate Confirm/Compare Step2:
493 **                  p2 = padding || ia || ra
494 **
495 ** Returns          void
496 **
497 *******************************************************************************/
smp_gen_p2_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p2)498 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2)
499 {
500     UINT8       *p = (UINT8 *)p2;
501     BD_ADDR     remote_bda;
502     tBLE_ADDR_TYPE  addr_type = 0;
503 
504     if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
505     {
506         SMP_TRACE_ERROR0("can not generate confirm p2 for unknown device");
507         return;
508     }
509 
510     SMP_TRACE_DEBUG0 ("smp_gen_p2_4_confirm");
511 
512     memset(p, 0, sizeof(BT_OCTET16));
513 
514     if (p_cb->role == HCI_ROLE_MASTER)
515     {
516         /* LSB ra */
517         BDADDR_TO_STREAM(p, remote_bda);
518         /* ia */
519         BDADDR_TO_STREAM(p, p_cb->local_bda);
520     }
521     else
522     {
523         /* LSB ra */
524         BDADDR_TO_STREAM(p, p_cb->local_bda);
525         /* ia */
526         BDADDR_TO_STREAM(p, remote_bda);
527     }
528 #if SMP_DEBUG == TRUE
529     SMP_TRACE_DEBUG0("p2 = padding || ia || ra");
530     smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16);
531 #endif
532 }
533 /*******************************************************************************
534 **
535 ** Function         smp_calculate_comfirm
536 **
537 ** Description      This function is called to calculate Confirm value.
538 **
539 ** Returns          void
540 **
541 *******************************************************************************/
smp_calculate_comfirm(tSMP_CB * p_cb,BT_OCTET16 rand,BD_ADDR bda)542 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda)
543 {
544     BT_OCTET16      p1;
545     tSMP_ENC       output;
546     tSMP_STATUS     status = SMP_PAIR_FAIL_UNKNOWN;
547 
548     SMP_TRACE_DEBUG0 ("smp_calculate_comfirm ");
549     /* generate p1 = pres || preq || rat' || iat' */
550     smp_gen_p1_4_confirm(p_cb, p1);
551 
552     /* p1 = rand XOR p1 */
553     smp_xor_128(p1, rand);
554 
555     smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16);
556 
557     /* calculate e(k, r XOR p1), where k = TK */
558     if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output))
559     {
560         SMP_TRACE_ERROR0("smp_generate_csrk failed");
561         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
562     }
563     else
564     {
565         smp_calculate_comfirm_cont(p_cb, &output);
566     }
567 }
568 /*******************************************************************************
569 **
570 ** Function         smp_calculate_comfirm_cont
571 **
572 ** Description      This function is called when SConfirm/MConfirm is generated
573 **                  proceed to send the Confirm request/response to peer device.
574 **
575 ** Returns          void
576 **
577 *******************************************************************************/
smp_calculate_comfirm_cont(tSMP_CB * p_cb,tSMP_ENC * p)578 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p)
579 {
580     BT_OCTET16    p2;
581     tSMP_ENC      output;
582     tSMP_STATUS     status = SMP_PAIR_FAIL_UNKNOWN;
583 
584     SMP_TRACE_DEBUG0 ("smp_calculate_comfirm_cont ");
585 #if SMP_DEBUG == TRUE
586     SMP_TRACE_DEBUG0("Confirm step 1 p1' = e(k, r XOR p1)  Generated");
587     smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16);
588 #endif
589 
590     smp_gen_p2_4_confirm(p_cb, p2);
591 
592     /* calculate p2 = (p1' XOR p2) */
593     smp_xor_128(p2, p->param_buf);
594     smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16);
595 
596     /* calculate: Confirm = E(k, p1' XOR p2) */
597     if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output))
598     {
599         SMP_TRACE_ERROR0("smp_calculate_comfirm_cont failed");
600         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
601     }
602     else
603     {
604         switch (p_cb->rand_enc_proc)
605         {
606             case SMP_GEN_CONFIRM:
607                 smp_process_confirm(p_cb, &output);
608                 break;
609 
610             case SMP_GEN_COMPARE:
611                 smp_process_compare(p_cb, &output);
612                 break;
613         }
614     }
615 }
616 /*******************************************************************************
617 **
618 ** Function         smp_genenrate_confirm
619 **
620 ** Description      This function is called when a 48 bits random number is generated
621 **                  as SRand or MRand, continue to calculate Sconfirm or MConfirm.
622 **
623 ** Returns          void
624 **
625 *******************************************************************************/
smp_genenrate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)626 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
627 {
628     SMP_TRACE_DEBUG0 ("smp_genenrate_confirm ");
629     p_cb->rand_enc_proc = SMP_GEN_CONFIRM;
630 
631     smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand,  (const UINT8 *)"local rand", 16);
632 
633     smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda);
634 }
635 /*******************************************************************************
636 **
637 ** Function         smp_generate_compare
638 **
639 ** Description      This function is called to generate SConfirm for Slave device,
640 **                  or MSlave for Master device. This function can be also used for
641 **                  generating Compare number for confirm value check.
642 **
643 ** Returns          void
644 **
645 *******************************************************************************/
smp_generate_compare(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)646 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
647 {
648     SMP_TRACE_DEBUG0 ("smp_generate_compare ");
649     p_cb->rand_enc_proc = SMP_GEN_COMPARE;
650 
651     smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand,  (const UINT8 *)"peer rand", 16);
652 
653     smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda);
654 }
655 /*******************************************************************************
656 **
657 ** Function         smp_process_confirm
658 **
659 ** Description      This function is called when SConfirm/MConfirm is generated
660 **                  proceed to send the Confirm request/response to peer device.
661 **
662 ** Returns          void
663 **
664 *******************************************************************************/
smp_process_confirm(tSMP_CB * p_cb,tSMP_ENC * p)665 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p)
666 {
667     tSMP_KEY    key;
668 
669     SMP_TRACE_DEBUG0 ("smp_process_confirm ");
670 #if SMP_CONFORMANCE_TESTING == TRUE
671     if (p_cb->enable_test_confirm_val)
672     {
673         BTM_TRACE_DEBUG0 ("Use confirm value from script");
674         memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN);
675     }
676     else
677         memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
678 #else
679     memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
680 #endif
681 
682 
683 #if (SMP_DEBUG == TRUE)
684     SMP_TRACE_DEBUG0("Confirm  Generated");
685     smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm,  (const UINT8 *)"Confirm", 16);
686 #endif
687 
688     key.key_type = SMP_KEY_TYPE_CFM;
689     key.p_data = p->param_buf;
690 
691     smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
692 }
693 /*******************************************************************************
694 **
695 ** Function         smp_process_compare
696 **
697 ** Description      This function is called when Compare is generated using the
698 **                  RRand and local BDA, TK information.
699 **
700 ** Returns          void
701 **
702 *******************************************************************************/
smp_process_compare(tSMP_CB * p_cb,tSMP_ENC * p)703 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p)
704 {
705     tSMP_KEY    key;
706 
707     SMP_TRACE_DEBUG0 ("smp_process_compare ");
708 #if (SMP_DEBUG == TRUE)
709     SMP_TRACE_DEBUG0("Compare Generated");
710     smp_debug_print_nbyte_little_endian (p->param_buf,  (const UINT8 *)"Compare", 16);
711 #endif
712     key.key_type = SMP_KEY_TYPE_CMP;
713     key.p_data   = p->param_buf;
714 
715     smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
716 }
717 
718 /*******************************************************************************
719 **
720 ** Function         smp_process_stk
721 **
722 ** Description      This function is called when STK is generated
723 **                  proceed to send the encrypt the link using STK.
724 **
725 ** Returns          void
726 **
727 *******************************************************************************/
smp_process_stk(tSMP_CB * p_cb,tSMP_ENC * p)728 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p)
729 {
730     tSMP_KEY    key;
731 
732     SMP_TRACE_DEBUG0 ("smp_process_stk ");
733 #if (SMP_DEBUG == TRUE)
734     SMP_TRACE_ERROR0("STK Generated");
735 #endif
736     smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf);
737 
738     key.key_type = SMP_KEY_TYPE_STK;
739     key.p_data   = p->param_buf;
740 
741     smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
742 }
743 
744 /*******************************************************************************
745 **
746 ** Function         smp_genenrate_ltk_cont
747 **
748 ** Description      This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV)
749 **
750 ** Returns          void
751 **
752 *******************************************************************************/
smp_genenrate_ltk_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)753 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
754 {
755     BT_OCTET16  er;
756     tSMP_ENC    output;
757     tSMP_STATUS     status = SMP_PAIR_FAIL_UNKNOWN;
758 
759     SMP_TRACE_DEBUG0 ("smp_genenrate_ltk_cont ");
760     BTM_GetDeviceEncRoot(er);
761 
762     /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
763     if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div,
764                      sizeof(UINT16), &output))
765     {
766         SMP_TRACE_ERROR0("smp_genenrate_ltk_cont failed");
767         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
768     }
769     else
770     {
771         /* mask the LTK */
772         smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
773         memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
774         smp_generate_rand_vector(p_cb, NULL);
775     }
776 
777 }
778 
779 /*******************************************************************************
780 **
781 ** Function         smp_generate_y
782 **
783 ** Description      This function is to proceed generate Y = E(DHK, Rand)
784 **
785 ** Returns          void
786 **
787 *******************************************************************************/
smp_generate_y(tSMP_CB * p_cb,tSMP_INT_DATA * p)788 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p)
789 {
790     BT_OCTET16  dhk;
791     tSMP_ENC   output;
792     tSMP_STATUS     status = SMP_PAIR_FAIL_UNKNOWN;
793 
794 
795     SMP_TRACE_DEBUG0 ("smp_generate_y ");
796     BTM_GetDeviceDHK(dhk);
797 
798     if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand,
799                      BT_OCTET8_LEN, &output))
800     {
801         SMP_TRACE_ERROR0("smp_generate_y failed");
802         smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
803     }
804     else
805     {
806         smp_process_ediv(p_cb, &output);
807     }
808 }
809 /*******************************************************************************
810 **
811 ** Function         smp_generate_rand_vector
812 **
813 ** Description      This function is called when LTK is generated, send state machine
814 **                  event to SMP.
815 **
816 ** Returns          void
817 **
818 *******************************************************************************/
smp_generate_rand_vector(tSMP_CB * p_cb,tSMP_INT_DATA * p)819 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p)
820 {
821     /* generate EDIV and rand now */
822     /* generate random vector */
823     SMP_TRACE_DEBUG0 ("smp_generate_rand_vector ");
824     p_cb->rand_enc_proc = SMP_GEN_RAND_V;
825     if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
826         smp_rand_back(NULL);
827 
828 }
829 /*******************************************************************************
830 **
831 ** Function         smp_genenrate_smp_process_edivltk_cont
832 **
833 ** Description      This function is to calculate EDIV = Y xor DIV
834 **
835 ** Returns          void
836 **
837 *******************************************************************************/
smp_process_ediv(tSMP_CB * p_cb,tSMP_ENC * p)838 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p)
839 {
840     tSMP_KEY    key;
841     UINT8 *pp= p->param_buf;
842     UINT16  y;
843 
844     SMP_TRACE_DEBUG0 ("smp_process_ediv ");
845     STREAM_TO_UINT16(y, pp);
846 
847     /* EDIV = Y xor DIV */
848     p_cb->ediv = p_cb->div ^ y;
849     /* send LTK ready */
850     SMP_TRACE_ERROR0("LTK ready");
851     key.key_type = SMP_KEY_TYPE_LTK;
852     key.p_data   = p->param_buf;
853 
854     smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
855 }
856 
857 /*******************************************************************************
858 **
859 ** Function         smp_rand_back
860 **
861 ** Description      This function is to process the rand command finished,
862 **                  process the random/encrypted number for further action.
863 **
864 ** Returns          void
865 **
866 *******************************************************************************/
smp_rand_back(tBTM_RAND_ENC * p)867 static void smp_rand_back(tBTM_RAND_ENC *p)
868 {
869     tSMP_CB *p_cb = &smp_cb;
870     UINT8   *pp = p->param_buf;
871     UINT8   failure = SMP_PAIR_FAIL_UNKNOWN;
872     UINT8   state = p_cb->rand_enc_proc & ~0x80;
873 
874     SMP_TRACE_DEBUG1 ("smp_rand_back state=0x%x", state);
875     if (p && p->status == HCI_SUCCESS)
876     {
877         switch (state)
878         {
879 
880             case SMP_GEN_SRAND_MRAND:
881                 memcpy((void *)p_cb->rand, p->param_buf, p->param_len);
882                 smp_genenrate_rand_cont(p_cb, NULL);
883                 break;
884 
885             case SMP_GEN_SRAND_MRAND_CONT:
886                 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len);
887                 smp_genenrate_confirm(p_cb, NULL);
888                 break;
889 
890             case SMP_GEN_DIV_LTK:
891                 STREAM_TO_UINT16(p_cb->div, pp);
892                 smp_genenrate_ltk_cont(p_cb, NULL);
893                 break;
894 
895             case SMP_GEN_DIV_CSRK:
896                 STREAM_TO_UINT16(p_cb->div, pp);
897                 smp_compute_csrk(p_cb, NULL);
898                 break;
899 
900             case SMP_GEN_TK:
901                 smp_proc_passkey(p_cb, p);
902                 break;
903 
904             case SMP_GEN_RAND_V:
905                 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN);
906                 smp_generate_y(p_cb, NULL);
907                 break;
908 
909         }
910 
911         return;
912     }
913 
914     SMP_TRACE_ERROR1("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc);
915 
916     smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
917 
918 }
919 #endif
920 
921