1 /******************************************************************************
2 *
3 * Copyright (C) 2008-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the implementation of the SMP utility functions used
22 * by SMP.
23 *
24 ******************************************************************************/
25
26 #include "bt_target.h"
27 #include "bt_utils.h"
28
29 #if SMP_INCLUDED == TRUE
30 #if SMP_DEBUG == TRUE
31 #include <stdio.h>
32 #endif
33 #include <string.h>
34
35 #include "btm_ble_api.h"
36 #include "smp_int.h"
37 #include "btm_int.h"
38 #include "btm_ble_int.h"
39 #include "hcimsgs.h"
40 #include "aes.h"
41 #ifndef SMP_MAX_ENC_REPEAT
42 #define SMP_MAX_ENC_REPEAT 3
43 #endif
44
45 static void smp_rand_back(tBTM_RAND_ENC *p);
46 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
47 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
48 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p);
49 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p);
50 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p);
51 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p);
52 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p);
53 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p);
54 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p);
55
56 static const tSMP_ACT smp_encrypt_action[] =
57 {
58 smp_generate_compare, /* SMP_GEN_COMPARE */
59 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/
60 smp_generate_stk, /* SMP_GEN_STK*/
61 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */
62 smp_generate_ltk, /* SMP_GEN_DIV_LTK */
63 smp_generate_rand_vector, /* SMP_GEN_RAND_V */
64 smp_generate_y, /* SMP_GEN_EDIV */
65 smp_generate_passkey, /* SMP_GEN_TK */
66 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */
67 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */
68 };
69
70
71 #define SMP_PASSKEY_MASK 0xfff00000
72
73 #if SMP_DEBUG == TRUE
smp_debug_print_nbyte_little_endian(UINT8 * p,const UINT8 * key_name,UINT8 len)74 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len)
75 {
76 int i, x = 0;
77 UINT8 p_buf[100];
78 memset(p_buf, 0, 100);
79
80 for (i = 0; i < len; i ++)
81 {
82 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]);
83 }
84 SMP_TRACE_WARNING("%s(LSB ~ MSB) = %s", key_name, p_buf);
85 }
86 #else
87 #define smp_debug_print_nbyte_little_endian(p, key_name, len)
88 #endif
89
90 /*******************************************************************************
91 **
92 ** Function smp_encrypt_data
93 **
94 ** Description This function is called to generate passkey.
95 **
96 ** Returns void
97 **
98 *******************************************************************************/
smp_encrypt_data(UINT8 * key,UINT8 key_len,UINT8 * plain_text,UINT8 pt_len,tSMP_ENC * p_out)99 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len,
100 UINT8 *plain_text, UINT8 pt_len,
101 tSMP_ENC *p_out)
102 {
103 aes_context ctx;
104 UINT8 *p_start = NULL;
105 UINT8 *p = NULL;
106 UINT8 *p_rev_data = NULL; /* input data in big endilan format */
107 UINT8 *p_rev_key = NULL; /* input key in big endilan format */
108 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */
109
110 SMP_TRACE_DEBUG ("smp_encrypt_data");
111 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) )
112 {
113 BTM_TRACE_ERROR ("smp_encrypt_data Failed");
114 return(FALSE);
115 }
116
117 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL)
118 {
119 BTM_TRACE_ERROR ("smp_encrypt_data Failed unable to allocate buffer");
120 return(FALSE);
121 }
122
123 if (pt_len > SMP_ENCRYT_DATA_SIZE)
124 pt_len = SMP_ENCRYT_DATA_SIZE;
125
126 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4);
127 p = p_start;
128 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */
129 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */
130 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */
131 p_rev_key = p; /* start at byte 32 */
132 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */
133
134 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE);
135 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE);
136 p_rev_output = p;
137 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx);
138 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */
139
140 p = p_out->param_buf;
141 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE);
142 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE);
143
144 p_out->param_len = SMP_ENCRYT_KEY_SIZE;
145 p_out->status = HCI_SUCCESS;
146 p_out->opcode = HCI_BLE_ENCRYPT;
147
148 GKI_freebuf(p_start);
149
150 return(TRUE);
151 }
152
153
154 /*******************************************************************************
155 **
156 ** Function smp_generate_passkey
157 **
158 ** Description This function is called to generate passkey.
159 **
160 ** Returns void
161 **
162 *******************************************************************************/
smp_generate_passkey(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)163 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
164 {
165 UNUSED(p_data);
166
167 SMP_TRACE_DEBUG ("smp_generate_passkey");
168 p_cb->rand_enc_proc = SMP_GEN_TK;
169
170 /* generate MRand or SRand */
171 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
172 smp_rand_back(NULL);
173 }
174 /*******************************************************************************
175 **
176 ** Function smp_proc_passkey
177 **
178 ** Description This function is called to process a passkey.
179 **
180 ** Returns void
181 **
182 *******************************************************************************/
smp_proc_passkey(tSMP_CB * p_cb,tBTM_RAND_ENC * p)183 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p)
184 {
185 UINT8 *tt = p_cb->tk;
186 tSMP_KEY key;
187 UINT32 passkey; /* 19655 test number; */
188 UINT8 *pp = p->param_buf;
189
190 SMP_TRACE_DEBUG ("smp_proc_passkey ");
191 STREAM_TO_UINT32(passkey, pp);
192 passkey &= ~SMP_PASSKEY_MASK;
193
194 /* truncate by maximum value */
195 while (passkey > BTM_MAX_PASSKEY_VAL)
196 passkey >>= 1;
197 SMP_TRACE_ERROR("Passkey generated = %d", passkey);
198
199 /* save the TK */
200 memset(p_cb->tk, 0, BT_OCTET16_LEN);
201 UINT32_TO_STREAM(tt, passkey);
202
203 key.key_type = SMP_KEY_TYPE_TK;
204 key.p_data = p_cb->tk;
205
206 if (p_cb->p_callback)
207 {
208 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey);
209 }
210
211 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key);
212 }
213
214
215 /*******************************************************************************
216 **
217 ** Function smp_generate_stk
218 **
219 ** Description This function is called to generate STK calculated by running
220 ** AES with the TK value as key and a concatenation of the random
221 ** values.
222 **
223 ** Returns void
224 **
225 *******************************************************************************/
smp_generate_stk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)226 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
227 {
228 BT_OCTET16 ptext;
229 UINT8 *p = ptext;
230 tSMP_ENC output;
231 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
232 UNUSED(p_data);
233
234 SMP_TRACE_DEBUG ("smp_generate_stk ");
235
236 memset(p, 0, BT_OCTET16_LEN);
237 if (p_cb->role == HCI_ROLE_MASTER)
238 {
239 memcpy(p, p_cb->rand, BT_OCTET8_LEN);
240 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN);
241 }
242 else
243 {
244 memcpy(p, p_cb->rrand, BT_OCTET8_LEN);
245 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN);
246 }
247
248 /* generate STK = Etk(rand|rrand)*/
249 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output))
250 {
251 SMP_TRACE_ERROR("smp_generate_stk failed");
252 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
253 }
254 else
255 {
256 smp_process_stk(p_cb, &output);
257 }
258
259 }
260 /*******************************************************************************
261 **
262 ** Function smp_generate_confirm
263 **
264 ** Description This function is called to start the second pairing phase by
265 ** start generating initializer random number.
266 **
267 **
268 ** Returns void
269 **
270 *******************************************************************************/
smp_generate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)271 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
272 {
273 UNUSED(p_data);
274
275 SMP_TRACE_DEBUG ("smp_generate_confirm");
276 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND;
277 /* generate MRand or SRand */
278 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
279 smp_rand_back(NULL);
280 }
281 /*******************************************************************************
282 **
283 ** Function smp_genenrate_rand_cont
284 **
285 ** Description This function is called to generate another 64 bits random for
286 ** MRand or Srand.
287 **
288 ** Returns void
289 **
290 *******************************************************************************/
smp_genenrate_rand_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)291 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
292 {
293 UNUSED(p_data);
294
295 SMP_TRACE_DEBUG ("smp_genenrate_rand_cont ");
296 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT;
297 /* generate 64 MSB of MRand or SRand */
298
299 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
300 smp_rand_back(NULL);
301 }
302 /*******************************************************************************
303 **
304 ** Function smp_generate_ltk
305 **
306 ** Description This function is called to calculate LTK, starting with DIV
307 ** generation.
308 **
309 **
310 ** Returns void
311 **
312 *******************************************************************************/
smp_generate_ltk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)313 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
314 {
315 BOOLEAN div_status;
316 UNUSED(p_data);
317
318 SMP_TRACE_DEBUG ("smp_generate_ltk ");
319
320 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
321
322 if (div_status)
323 {
324 smp_genenrate_ltk_cont(p_cb, NULL);
325 }
326 else
327 {
328 SMP_TRACE_DEBUG ("Generate DIV for LTK");
329 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK;
330 /* generate MRand or SRand */
331 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
332 smp_rand_back(NULL);
333 }
334 }
335
336
337 /*******************************************************************************
338 **
339 ** Function smp_compute_csrk
340 **
341 ** Description This function is called to calculate CSRK
342 **
343 **
344 ** Returns void
345 **
346 *******************************************************************************/
smp_compute_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)347 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
348 {
349 BT_OCTET16 er;
350 UINT8 buffer[4]; /* for (r || DIV) r=1*/
351 UINT16 r=1;
352 UINT8 *p=buffer;
353 tSMP_ENC output;
354 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
355 UNUSED(p_data);
356
357 SMP_TRACE_DEBUG ("smp_compute_csrk div=%x", p_cb->div);
358 BTM_GetDeviceEncRoot(er);
359 /* CSRK = d1(ER, DIV, 1) */
360 UINT16_TO_STREAM(p, p_cb->div);
361 UINT16_TO_STREAM(p, r);
362
363 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output))
364 {
365 SMP_TRACE_ERROR("smp_generate_csrk failed");
366 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
367 }
368 else
369 {
370 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
371 smp_send_csrk_info(p_cb, NULL);
372 }
373 }
374
375 /*******************************************************************************
376 **
377 ** Function smp_generate_csrk
378 **
379 ** Description This function is called to calculate LTK, starting with DIV
380 ** generation.
381 **
382 **
383 ** Returns void
384 **
385 *******************************************************************************/
smp_generate_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)386 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
387 {
388 BOOLEAN div_status;
389 UNUSED(p_data);
390
391 SMP_TRACE_DEBUG ("smp_generate_csrk");
392
393 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
394 if (div_status)
395 {
396 smp_compute_csrk(p_cb, NULL);
397 }
398 else
399 {
400 SMP_TRACE_DEBUG ("Generate DIV for CSRK");
401 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK;
402 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
403 smp_rand_back(NULL);
404 }
405 }
406
407
408 /*******************************************************************************
409 ** Function smp_concatenate_peer
410 ** add pairing command sent from local device into p1.
411 *******************************************************************************/
smp_concatenate_local(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)412 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
413 {
414 UINT8 *p = *p_data;
415
416 SMP_TRACE_DEBUG ("smp_concatenate_local ");
417 UINT8_TO_STREAM(p, op_code);
418 UINT8_TO_STREAM(p, p_cb->loc_io_caps);
419 UINT8_TO_STREAM(p, p_cb->loc_oob_flag);
420 UINT8_TO_STREAM(p, p_cb->loc_auth_req);
421 UINT8_TO_STREAM(p, p_cb->loc_enc_size);
422 UINT8_TO_STREAM(p, p_cb->loc_i_key);
423 UINT8_TO_STREAM(p, p_cb->loc_r_key);
424
425 *p_data = p;
426 }
427 /*******************************************************************************
428 ** Function smp_concatenate_peer
429 ** add pairing command received from peer device into p1.
430 *******************************************************************************/
smp_concatenate_peer(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)431 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
432 {
433 UINT8 *p = *p_data;
434
435 SMP_TRACE_DEBUG ("smp_concatenate_peer ");
436 UINT8_TO_STREAM(p, op_code);
437 UINT8_TO_STREAM(p, p_cb->peer_io_caps);
438 UINT8_TO_STREAM(p, p_cb->peer_oob_flag);
439 UINT8_TO_STREAM(p, p_cb->peer_auth_req);
440 UINT8_TO_STREAM(p, p_cb->peer_enc_size);
441 UINT8_TO_STREAM(p, p_cb->peer_i_key);
442 UINT8_TO_STREAM(p, p_cb->peer_r_key);
443
444 *p_data = p;
445 }
446 /*******************************************************************************
447 **
448 ** Function smp_gen_p1_4_confirm
449 **
450 ** Description Generate Confirm/Compare Step1:
451 ** p1 = pres || preq || rat' || iat'
452 **
453 ** Returns void
454 **
455 *******************************************************************************/
smp_gen_p1_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p1)456 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1)
457 {
458 UINT8 *p = (UINT8 *)p1;
459 tBLE_ADDR_TYPE addr_type = 0;
460 BD_ADDR remote_bda;
461
462 SMP_TRACE_DEBUG ("smp_gen_p1_4_confirm");
463
464 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
465 {
466 SMP_TRACE_ERROR("can not generate confirm for unknown device");
467 return;
468 }
469
470 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type);
471
472 if (p_cb->role == HCI_ROLE_MASTER)
473 {
474 /* LSB : rat': initiator's(local) address type */
475 UINT8_TO_STREAM(p, p_cb->addr_type);
476 /* LSB : iat': responder's address type */
477 UINT8_TO_STREAM(p, addr_type);
478 /* concatinate preq */
479 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
480 /* concatinate pres */
481 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
482 }
483 else
484 {
485 /* LSB : iat': initiator's address type */
486 UINT8_TO_STREAM(p, addr_type);
487 /* LSB : rat': responder's(local) address type */
488 UINT8_TO_STREAM(p, p_cb->addr_type);
489 /* concatinate preq */
490 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
491 /* concatinate pres */
492 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
493 }
494 #if SMP_DEBUG == TRUE
495 SMP_TRACE_DEBUG("p1 = pres || preq || rat' || iat'");
496 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16);
497 #endif
498 }
499 /*******************************************************************************
500 **
501 ** Function smp_gen_p2_4_confirm
502 **
503 ** Description Generate Confirm/Compare Step2:
504 ** p2 = padding || ia || ra
505 **
506 ** Returns void
507 **
508 *******************************************************************************/
smp_gen_p2_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p2)509 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2)
510 {
511 UINT8 *p = (UINT8 *)p2;
512 BD_ADDR remote_bda;
513 tBLE_ADDR_TYPE addr_type = 0;
514
515 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
516 {
517 SMP_TRACE_ERROR("can not generate confirm p2 for unknown device");
518 return;
519 }
520
521 SMP_TRACE_DEBUG ("smp_gen_p2_4_confirm");
522
523 memset(p, 0, sizeof(BT_OCTET16));
524
525 if (p_cb->role == HCI_ROLE_MASTER)
526 {
527 /* LSB ra */
528 BDADDR_TO_STREAM(p, remote_bda);
529 /* ia */
530 BDADDR_TO_STREAM(p, p_cb->local_bda);
531 }
532 else
533 {
534 /* LSB ra */
535 BDADDR_TO_STREAM(p, p_cb->local_bda);
536 /* ia */
537 BDADDR_TO_STREAM(p, remote_bda);
538 }
539 #if SMP_DEBUG == TRUE
540 SMP_TRACE_DEBUG("p2 = padding || ia || ra");
541 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16);
542 #endif
543 }
544 /*******************************************************************************
545 **
546 ** Function smp_calculate_comfirm
547 **
548 ** Description This function is called to calculate Confirm value.
549 **
550 ** Returns void
551 **
552 *******************************************************************************/
smp_calculate_comfirm(tSMP_CB * p_cb,BT_OCTET16 rand,BD_ADDR bda)553 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda)
554 {
555 BT_OCTET16 p1;
556 tSMP_ENC output;
557 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
558 UNUSED(bda);
559
560 SMP_TRACE_DEBUG ("smp_calculate_comfirm ");
561 /* generate p1 = pres || preq || rat' || iat' */
562 smp_gen_p1_4_confirm(p_cb, p1);
563
564 /* p1 = rand XOR p1 */
565 smp_xor_128(p1, rand);
566
567 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16);
568
569 /* calculate e(k, r XOR p1), where k = TK */
570 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output))
571 {
572 SMP_TRACE_ERROR("smp_generate_csrk failed");
573 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
574 }
575 else
576 {
577 smp_calculate_comfirm_cont(p_cb, &output);
578 }
579 }
580 /*******************************************************************************
581 **
582 ** Function smp_calculate_comfirm_cont
583 **
584 ** Description This function is called when SConfirm/MConfirm is generated
585 ** proceed to send the Confirm request/response to peer device.
586 **
587 ** Returns void
588 **
589 *******************************************************************************/
smp_calculate_comfirm_cont(tSMP_CB * p_cb,tSMP_ENC * p)590 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p)
591 {
592 BT_OCTET16 p2;
593 tSMP_ENC output;
594 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
595
596 SMP_TRACE_DEBUG ("smp_calculate_comfirm_cont ");
597 #if SMP_DEBUG == TRUE
598 SMP_TRACE_DEBUG("Confirm step 1 p1' = e(k, r XOR p1) Generated");
599 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16);
600 #endif
601
602 smp_gen_p2_4_confirm(p_cb, p2);
603
604 /* calculate p2 = (p1' XOR p2) */
605 smp_xor_128(p2, p->param_buf);
606 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16);
607
608 /* calculate: Confirm = E(k, p1' XOR p2) */
609 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output))
610 {
611 SMP_TRACE_ERROR("smp_calculate_comfirm_cont failed");
612 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
613 }
614 else
615 {
616 switch (p_cb->rand_enc_proc)
617 {
618 case SMP_GEN_CONFIRM:
619 smp_process_confirm(p_cb, &output);
620 break;
621
622 case SMP_GEN_COMPARE:
623 smp_process_compare(p_cb, &output);
624 break;
625 }
626 }
627 }
628 /*******************************************************************************
629 **
630 ** Function smp_genenrate_confirm
631 **
632 ** Description This function is called when a 48 bits random number is generated
633 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm.
634 **
635 ** Returns void
636 **
637 *******************************************************************************/
smp_genenrate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)638 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
639 {
640 UNUSED(p_data);
641
642 SMP_TRACE_DEBUG ("smp_genenrate_confirm ");
643 p_cb->rand_enc_proc = SMP_GEN_CONFIRM;
644
645 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16);
646
647 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda);
648 }
649 /*******************************************************************************
650 **
651 ** Function smp_generate_compare
652 **
653 ** Description This function is called to generate SConfirm for Slave device,
654 ** or MSlave for Master device. This function can be also used for
655 ** generating Compare number for confirm value check.
656 **
657 ** Returns void
658 **
659 *******************************************************************************/
smp_generate_compare(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)660 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
661 {
662 UNUSED(p_data);
663
664 SMP_TRACE_DEBUG ("smp_generate_compare ");
665 p_cb->rand_enc_proc = SMP_GEN_COMPARE;
666
667 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16);
668
669 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda);
670 }
671 /*******************************************************************************
672 **
673 ** Function smp_process_confirm
674 **
675 ** Description This function is called when SConfirm/MConfirm is generated
676 ** proceed to send the Confirm request/response to peer device.
677 **
678 ** Returns void
679 **
680 *******************************************************************************/
smp_process_confirm(tSMP_CB * p_cb,tSMP_ENC * p)681 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p)
682 {
683 tSMP_KEY key;
684
685 SMP_TRACE_DEBUG ("smp_process_confirm ");
686 #if SMP_CONFORMANCE_TESTING == TRUE
687 if (p_cb->enable_test_confirm_val)
688 {
689 BTM_TRACE_DEBUG ("Use confirm value from script");
690 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN);
691 }
692 else
693 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
694 #else
695 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
696 #endif
697
698
699 #if (SMP_DEBUG == TRUE)
700 SMP_TRACE_DEBUG("Confirm Generated");
701 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16);
702 #endif
703
704 key.key_type = SMP_KEY_TYPE_CFM;
705 key.p_data = p->param_buf;
706
707 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
708 }
709 /*******************************************************************************
710 **
711 ** Function smp_process_compare
712 **
713 ** Description This function is called when Compare is generated using the
714 ** RRand and local BDA, TK information.
715 **
716 ** Returns void
717 **
718 *******************************************************************************/
smp_process_compare(tSMP_CB * p_cb,tSMP_ENC * p)719 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p)
720 {
721 tSMP_KEY key;
722
723 SMP_TRACE_DEBUG ("smp_process_compare ");
724 #if (SMP_DEBUG == TRUE)
725 SMP_TRACE_DEBUG("Compare Generated");
726 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16);
727 #endif
728 key.key_type = SMP_KEY_TYPE_CMP;
729 key.p_data = p->param_buf;
730
731 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
732 }
733
734 /*******************************************************************************
735 **
736 ** Function smp_process_stk
737 **
738 ** Description This function is called when STK is generated
739 ** proceed to send the encrypt the link using STK.
740 **
741 ** Returns void
742 **
743 *******************************************************************************/
smp_process_stk(tSMP_CB * p_cb,tSMP_ENC * p)744 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p)
745 {
746 tSMP_KEY key;
747
748 SMP_TRACE_DEBUG ("smp_process_stk ");
749 #if (SMP_DEBUG == TRUE)
750 SMP_TRACE_ERROR("STK Generated");
751 #endif
752 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf);
753
754 key.key_type = SMP_KEY_TYPE_STK;
755 key.p_data = p->param_buf;
756
757 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
758 }
759
760 /*******************************************************************************
761 **
762 ** Function smp_genenrate_ltk_cont
763 **
764 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV)
765 **
766 ** Returns void
767 **
768 *******************************************************************************/
smp_genenrate_ltk_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)769 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
770 {
771 BT_OCTET16 er;
772 tSMP_ENC output;
773 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
774 UNUSED(p_data);
775
776 SMP_TRACE_DEBUG ("smp_genenrate_ltk_cont ");
777 BTM_GetDeviceEncRoot(er);
778
779 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
780 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div,
781 sizeof(UINT16), &output))
782 {
783 SMP_TRACE_ERROR("smp_genenrate_ltk_cont failed");
784 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
785 }
786 else
787 {
788 /* mask the LTK */
789 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
790 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
791 smp_generate_rand_vector(p_cb, NULL);
792 }
793
794 }
795
796 /*******************************************************************************
797 **
798 ** Function smp_generate_y
799 **
800 ** Description This function is to proceed generate Y = E(DHK, Rand)
801 **
802 ** Returns void
803 **
804 *******************************************************************************/
smp_generate_y(tSMP_CB * p_cb,tSMP_INT_DATA * p)805 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p)
806 {
807 BT_OCTET16 dhk;
808 tSMP_ENC output;
809 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
810 UNUSED(p);
811
812 SMP_TRACE_DEBUG ("smp_generate_y ");
813 BTM_GetDeviceDHK(dhk);
814
815 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand,
816 BT_OCTET8_LEN, &output))
817 {
818 SMP_TRACE_ERROR("smp_generate_y failed");
819 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
820 }
821 else
822 {
823 smp_process_ediv(p_cb, &output);
824 }
825 }
826 /*******************************************************************************
827 **
828 ** Function smp_generate_rand_vector
829 **
830 ** Description This function is called when LTK is generated, send state machine
831 ** event to SMP.
832 **
833 ** Returns void
834 **
835 *******************************************************************************/
smp_generate_rand_vector(tSMP_CB * p_cb,tSMP_INT_DATA * p)836 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p)
837 {
838 UNUSED(p);
839
840 /* generate EDIV and rand now */
841 /* generate random vector */
842 SMP_TRACE_DEBUG ("smp_generate_rand_vector ");
843 p_cb->rand_enc_proc = SMP_GEN_RAND_V;
844 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
845 smp_rand_back(NULL);
846
847 }
848 /*******************************************************************************
849 **
850 ** Function smp_genenrate_smp_process_edivltk_cont
851 **
852 ** Description This function is to calculate EDIV = Y xor DIV
853 **
854 ** Returns void
855 **
856 *******************************************************************************/
smp_process_ediv(tSMP_CB * p_cb,tSMP_ENC * p)857 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p)
858 {
859 tSMP_KEY key;
860 UINT8 *pp= p->param_buf;
861 UINT16 y;
862
863 SMP_TRACE_DEBUG ("smp_process_ediv ");
864 STREAM_TO_UINT16(y, pp);
865
866 /* EDIV = Y xor DIV */
867 p_cb->ediv = p_cb->div ^ y;
868 /* send LTK ready */
869 SMP_TRACE_ERROR("LTK ready");
870 key.key_type = SMP_KEY_TYPE_LTK;
871 key.p_data = p->param_buf;
872
873 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
874 }
875
876 /*******************************************************************************
877 **
878 ** Function smp_rand_back
879 **
880 ** Description This function is to process the rand command finished,
881 ** process the random/encrypted number for further action.
882 **
883 ** Returns void
884 **
885 *******************************************************************************/
smp_rand_back(tBTM_RAND_ENC * p)886 static void smp_rand_back(tBTM_RAND_ENC *p)
887 {
888 tSMP_CB *p_cb = &smp_cb;
889 UINT8 *pp = p->param_buf;
890 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN;
891 UINT8 state = p_cb->rand_enc_proc & ~0x80;
892
893 SMP_TRACE_DEBUG ("smp_rand_back state=0x%x", state);
894 if (p && p->status == HCI_SUCCESS)
895 {
896 switch (state)
897 {
898
899 case SMP_GEN_SRAND_MRAND:
900 memcpy((void *)p_cb->rand, p->param_buf, p->param_len);
901 smp_genenrate_rand_cont(p_cb, NULL);
902 break;
903
904 case SMP_GEN_SRAND_MRAND_CONT:
905 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len);
906 smp_genenrate_confirm(p_cb, NULL);
907 break;
908
909 case SMP_GEN_DIV_LTK:
910 STREAM_TO_UINT16(p_cb->div, pp);
911 smp_genenrate_ltk_cont(p_cb, NULL);
912 break;
913
914 case SMP_GEN_DIV_CSRK:
915 STREAM_TO_UINT16(p_cb->div, pp);
916 smp_compute_csrk(p_cb, NULL);
917 break;
918
919 case SMP_GEN_TK:
920 smp_proc_passkey(p_cb, p);
921 break;
922
923 case SMP_GEN_RAND_V:
924 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN);
925 smp_generate_y(p_cb, NULL);
926 break;
927
928 }
929
930 return;
931 }
932
933 SMP_TRACE_ERROR("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc);
934
935 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
936
937 }
938 #endif
939
940