1 /******************************************************************************
2 *
3 * Copyright (C) 2008-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 /******************************************************************************
20 *
21 * This file contains the implementation of the SMP utility functions used
22 * by SMP.
23 *
24 ******************************************************************************/
25
26 #include "bt_target.h"
27 #include "bt_utils.h"
28
29 #if SMP_INCLUDED == TRUE
30 #if SMP_DEBUG == TRUE
31 #include <stdio.h>
32 #endif
33 #include <string.h>
34
35 #include "btm_ble_api.h"
36 #include "smp_int.h"
37 #include "btm_int.h"
38 #include "btm_ble_int.h"
39 #include "hcimsgs.h"
40 #include "aes.h"
41 #ifndef SMP_MAX_ENC_REPEAT
42 #define SMP_MAX_ENC_REPEAT 3
43 #endif
44
45 static void smp_rand_back(tBTM_RAND_ENC *p);
46 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
47 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data);
48 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p);
49 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p);
50 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p);
51 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p);
52 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p);
53 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p);
54 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p);
55
56 static const tSMP_ACT smp_encrypt_action[] =
57 {
58 smp_generate_compare, /* SMP_GEN_COMPARE */
59 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/
60 smp_generate_stk, /* SMP_GEN_STK*/
61 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */
62 smp_generate_ltk, /* SMP_GEN_DIV_LTK */
63 smp_generate_rand_vector, /* SMP_GEN_RAND_V */
64 smp_generate_y, /* SMP_GEN_EDIV */
65 smp_generate_passkey, /* SMP_GEN_TK */
66 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */
67 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */
68 };
69
70
71 #define SMP_PASSKEY_MASK 0xfff00000
72
73 #if SMP_DEBUG == TRUE
smp_debug_print_nbyte_little_endian(UINT8 * p,const UINT8 * key_name,UINT8 len)74 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len)
75 {
76 int i, x = 0;
77 UINT8 p_buf[100];
78 memset(p_buf, 0, 100);
79
80 for (i = 0; i < len; i ++)
81 {
82 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]);
83 }
84 SMP_TRACE_DEBUG("%s(LSB ~ MSB) = %s", key_name, p_buf);
85 }
86 #else
87 #define smp_debug_print_nbyte_little_endian(p, key_name, len)
88 #endif
89
90 /*******************************************************************************
91 **
92 ** Function smp_encrypt_data
93 **
94 ** Description This function is called to generate passkey.
95 **
96 ** Returns void
97 **
98 *******************************************************************************/
smp_encrypt_data(UINT8 * key,UINT8 key_len,UINT8 * plain_text,UINT8 pt_len,tSMP_ENC * p_out)99 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len,
100 UINT8 *plain_text, UINT8 pt_len,
101 tSMP_ENC *p_out)
102 {
103 aes_context ctx;
104 UINT8 *p_start = NULL;
105 UINT8 *p = NULL;
106 UINT8 *p_rev_data = NULL; /* input data in big endilan format */
107 UINT8 *p_rev_key = NULL; /* input key in big endilan format */
108 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */
109
110 SMP_TRACE_DEBUG ("smp_encrypt_data");
111 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) )
112 {
113 BTM_TRACE_ERROR ("smp_encrypt_data Failed");
114 return(FALSE);
115 }
116
117 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL)
118 {
119 BTM_TRACE_ERROR ("smp_encrypt_data Failed unable to allocate buffer");
120 return(FALSE);
121 }
122
123 if (pt_len > SMP_ENCRYT_DATA_SIZE)
124 pt_len = SMP_ENCRYT_DATA_SIZE;
125
126 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4);
127 p = p_start;
128 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */
129 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */
130 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */
131 p_rev_key = p; /* start at byte 32 */
132 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */
133
134 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE);
135 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE);
136 p_rev_output = p;
137 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx);
138 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */
139
140 p = p_out->param_buf;
141 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE);
142 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE);
143
144 p_out->param_len = SMP_ENCRYT_KEY_SIZE;
145 p_out->status = HCI_SUCCESS;
146 p_out->opcode = HCI_BLE_ENCRYPT;
147
148 GKI_freebuf(p_start);
149
150 return(TRUE);
151 }
152
153
154 /*******************************************************************************
155 **
156 ** Function smp_generate_passkey
157 **
158 ** Description This function is called to generate passkey.
159 **
160 ** Returns void
161 **
162 *******************************************************************************/
smp_generate_passkey(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)163 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
164 {
165 UNUSED(p_data);
166
167 SMP_TRACE_DEBUG ("smp_generate_passkey");
168 p_cb->rand_enc_proc = SMP_GEN_TK;
169
170 /* generate MRand or SRand */
171 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
172 smp_rand_back(NULL);
173 }
174 /*******************************************************************************
175 **
176 ** Function smp_proc_passkey
177 **
178 ** Description This function is called to process a passkey.
179 **
180 ** Returns void
181 **
182 *******************************************************************************/
smp_proc_passkey(tSMP_CB * p_cb,tBTM_RAND_ENC * p)183 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p)
184 {
185 UINT8 *tt = p_cb->tk;
186 tSMP_KEY key;
187 UINT32 passkey; /* 19655 test number; */
188 UINT8 *pp = p->param_buf;
189
190 SMP_TRACE_DEBUG ("smp_proc_passkey ");
191 STREAM_TO_UINT32(passkey, pp);
192 passkey &= ~SMP_PASSKEY_MASK;
193
194 /* truncate by maximum value */
195 while (passkey > BTM_MAX_PASSKEY_VAL)
196 passkey >>= 1;
197
198 /* save the TK */
199 memset(p_cb->tk, 0, BT_OCTET16_LEN);
200 UINT32_TO_STREAM(tt, passkey);
201
202 key.key_type = SMP_KEY_TYPE_TK;
203 key.p_data = p_cb->tk;
204
205 if (p_cb->p_callback)
206 {
207 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey);
208 }
209
210 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key);
211 }
212
213
214 /*******************************************************************************
215 **
216 ** Function smp_generate_stk
217 **
218 ** Description This function is called to generate STK calculated by running
219 ** AES with the TK value as key and a concatenation of the random
220 ** values.
221 **
222 ** Returns void
223 **
224 *******************************************************************************/
smp_generate_stk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)225 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
226 {
227 BT_OCTET16 ptext;
228 UINT8 *p = ptext;
229 tSMP_ENC output;
230 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
231 UNUSED(p_data);
232
233 SMP_TRACE_DEBUG ("smp_generate_stk ");
234
235 memset(p, 0, BT_OCTET16_LEN);
236 if (p_cb->role == HCI_ROLE_MASTER)
237 {
238 memcpy(p, p_cb->rand, BT_OCTET8_LEN);
239 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN);
240 }
241 else
242 {
243 memcpy(p, p_cb->rrand, BT_OCTET8_LEN);
244 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN);
245 }
246
247 /* generate STK = Etk(rand|rrand)*/
248 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output))
249 {
250 SMP_TRACE_ERROR("smp_generate_stk failed");
251 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
252 }
253 else
254 {
255 smp_process_stk(p_cb, &output);
256 }
257
258 }
259 /*******************************************************************************
260 **
261 ** Function smp_generate_confirm
262 **
263 ** Description This function is called to start the second pairing phase by
264 ** start generating initializer random number.
265 **
266 **
267 ** Returns void
268 **
269 *******************************************************************************/
smp_generate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)270 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
271 {
272 UNUSED(p_data);
273
274 SMP_TRACE_DEBUG ("smp_generate_confirm");
275 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND;
276 /* generate MRand or SRand */
277 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
278 smp_rand_back(NULL);
279 }
280 /*******************************************************************************
281 **
282 ** Function smp_genenrate_rand_cont
283 **
284 ** Description This function is called to generate another 64 bits random for
285 ** MRand or Srand.
286 **
287 ** Returns void
288 **
289 *******************************************************************************/
smp_genenrate_rand_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)290 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
291 {
292 UNUSED(p_data);
293
294 SMP_TRACE_DEBUG ("smp_genenrate_rand_cont ");
295 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT;
296 /* generate 64 MSB of MRand or SRand */
297
298 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
299 smp_rand_back(NULL);
300 }
301 /*******************************************************************************
302 **
303 ** Function smp_generate_ltk
304 **
305 ** Description This function is called to calculate LTK, starting with DIV
306 ** generation.
307 **
308 **
309 ** Returns void
310 **
311 *******************************************************************************/
smp_generate_ltk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)312 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
313 {
314 BOOLEAN div_status;
315 UNUSED(p_data);
316
317 SMP_TRACE_DEBUG ("smp_generate_ltk ");
318
319 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
320
321 if (div_status)
322 {
323 smp_genenrate_ltk_cont(p_cb, NULL);
324 }
325 else
326 {
327 SMP_TRACE_DEBUG ("Generate DIV for LTK");
328 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK;
329 /* generate MRand or SRand */
330 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
331 smp_rand_back(NULL);
332 }
333 }
334
335
336 /*******************************************************************************
337 **
338 ** Function smp_compute_csrk
339 **
340 ** Description This function is called to calculate CSRK
341 **
342 **
343 ** Returns void
344 **
345 *******************************************************************************/
smp_compute_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)346 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
347 {
348 BT_OCTET16 er;
349 UINT8 buffer[4]; /* for (r || DIV) r=1*/
350 UINT16 r=1;
351 UINT8 *p=buffer;
352 tSMP_ENC output;
353 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
354 UNUSED(p_data);
355
356 SMP_TRACE_DEBUG ("smp_compute_csrk div=%x", p_cb->div);
357 BTM_GetDeviceEncRoot(er);
358 /* CSRK = d1(ER, DIV, 1) */
359 UINT16_TO_STREAM(p, p_cb->div);
360 UINT16_TO_STREAM(p, r);
361
362 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output))
363 {
364 SMP_TRACE_ERROR("smp_generate_csrk failed");
365 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
366 }
367 else
368 {
369 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
370 smp_send_csrk_info(p_cb, NULL);
371 }
372 }
373
374 /*******************************************************************************
375 **
376 ** Function smp_generate_csrk
377 **
378 ** Description This function is called to calculate LTK, starting with DIV
379 ** generation.
380 **
381 **
382 ** Returns void
383 **
384 *******************************************************************************/
smp_generate_csrk(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)385 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
386 {
387 BOOLEAN div_status;
388 UNUSED(p_data);
389
390 SMP_TRACE_DEBUG ("smp_generate_csrk");
391
392 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div);
393 if (div_status)
394 {
395 smp_compute_csrk(p_cb, NULL);
396 }
397 else
398 {
399 SMP_TRACE_DEBUG ("Generate DIV for CSRK");
400 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK;
401 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
402 smp_rand_back(NULL);
403 }
404 }
405
406
407 /*******************************************************************************
408 ** Function smp_concatenate_peer
409 ** add pairing command sent from local device into p1.
410 *******************************************************************************/
smp_concatenate_local(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)411 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
412 {
413 UINT8 *p = *p_data;
414
415 SMP_TRACE_DEBUG ("smp_concatenate_local ");
416 UINT8_TO_STREAM(p, op_code);
417 UINT8_TO_STREAM(p, p_cb->loc_io_caps);
418 UINT8_TO_STREAM(p, p_cb->loc_oob_flag);
419 UINT8_TO_STREAM(p, p_cb->loc_auth_req);
420 UINT8_TO_STREAM(p, p_cb->loc_enc_size);
421 UINT8_TO_STREAM(p, p_cb->loc_i_key);
422 UINT8_TO_STREAM(p, p_cb->loc_r_key);
423
424 *p_data = p;
425 }
426 /*******************************************************************************
427 ** Function smp_concatenate_peer
428 ** add pairing command received from peer device into p1.
429 *******************************************************************************/
smp_concatenate_peer(tSMP_CB * p_cb,UINT8 ** p_data,UINT8 op_code)430 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code)
431 {
432 UINT8 *p = *p_data;
433
434 SMP_TRACE_DEBUG ("smp_concatenate_peer ");
435 UINT8_TO_STREAM(p, op_code);
436 UINT8_TO_STREAM(p, p_cb->peer_io_caps);
437 UINT8_TO_STREAM(p, p_cb->peer_oob_flag);
438 UINT8_TO_STREAM(p, p_cb->peer_auth_req);
439 UINT8_TO_STREAM(p, p_cb->peer_enc_size);
440 UINT8_TO_STREAM(p, p_cb->peer_i_key);
441 UINT8_TO_STREAM(p, p_cb->peer_r_key);
442
443 *p_data = p;
444 }
445 /*******************************************************************************
446 **
447 ** Function smp_gen_p1_4_confirm
448 **
449 ** Description Generate Confirm/Compare Step1:
450 ** p1 = pres || preq || rat' || iat'
451 **
452 ** Returns void
453 **
454 *******************************************************************************/
smp_gen_p1_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p1)455 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1)
456 {
457 UINT8 *p = (UINT8 *)p1;
458 tBLE_ADDR_TYPE addr_type = 0;
459 BD_ADDR remote_bda;
460
461 SMP_TRACE_DEBUG ("smp_gen_p1_4_confirm");
462
463 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
464 {
465 SMP_TRACE_ERROR("can not generate confirm for unknown device");
466 return;
467 }
468
469 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type);
470
471 if (p_cb->role == HCI_ROLE_MASTER)
472 {
473 /* LSB : rat': initiator's(local) address type */
474 UINT8_TO_STREAM(p, p_cb->addr_type);
475 /* LSB : iat': responder's address type */
476 UINT8_TO_STREAM(p, addr_type);
477 /* concatinate preq */
478 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
479 /* concatinate pres */
480 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
481 }
482 else
483 {
484 /* LSB : iat': initiator's address type */
485 UINT8_TO_STREAM(p, addr_type);
486 /* LSB : rat': responder's(local) address type */
487 UINT8_TO_STREAM(p, p_cb->addr_type);
488 /* concatinate preq */
489 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
490 /* concatinate pres */
491 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
492 }
493 #if SMP_DEBUG == TRUE
494 SMP_TRACE_DEBUG("p1 = pres || preq || rat' || iat'");
495 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16);
496 #endif
497 }
498 /*******************************************************************************
499 **
500 ** Function smp_gen_p2_4_confirm
501 **
502 ** Description Generate Confirm/Compare Step2:
503 ** p2 = padding || ia || ra
504 **
505 ** Returns void
506 **
507 *******************************************************************************/
smp_gen_p2_4_confirm(tSMP_CB * p_cb,BT_OCTET16 p2)508 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2)
509 {
510 UINT8 *p = (UINT8 *)p2;
511 BD_ADDR remote_bda;
512 tBLE_ADDR_TYPE addr_type = 0;
513
514 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
515 {
516 SMP_TRACE_ERROR("can not generate confirm p2 for unknown device");
517 return;
518 }
519
520 SMP_TRACE_DEBUG ("smp_gen_p2_4_confirm");
521
522 memset(p, 0, sizeof(BT_OCTET16));
523
524 if (p_cb->role == HCI_ROLE_MASTER)
525 {
526 /* LSB ra */
527 BDADDR_TO_STREAM(p, remote_bda);
528 /* ia */
529 BDADDR_TO_STREAM(p, p_cb->local_bda);
530 }
531 else
532 {
533 /* LSB ra */
534 BDADDR_TO_STREAM(p, p_cb->local_bda);
535 /* ia */
536 BDADDR_TO_STREAM(p, remote_bda);
537 }
538 #if SMP_DEBUG == TRUE
539 SMP_TRACE_DEBUG("p2 = padding || ia || ra");
540 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16);
541 #endif
542 }
543 /*******************************************************************************
544 **
545 ** Function smp_calculate_comfirm
546 **
547 ** Description This function is called to calculate Confirm value.
548 **
549 ** Returns void
550 **
551 *******************************************************************************/
smp_calculate_comfirm(tSMP_CB * p_cb,BT_OCTET16 rand,BD_ADDR bda)552 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda)
553 {
554 BT_OCTET16 p1;
555 tSMP_ENC output;
556 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
557 UNUSED(bda);
558
559 SMP_TRACE_DEBUG ("smp_calculate_comfirm ");
560 /* generate p1 = pres || preq || rat' || iat' */
561 smp_gen_p1_4_confirm(p_cb, p1);
562
563 /* p1 = rand XOR p1 */
564 smp_xor_128(p1, rand);
565
566 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16);
567
568 /* calculate e(k, r XOR p1), where k = TK */
569 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output))
570 {
571 SMP_TRACE_ERROR("smp_generate_csrk failed");
572 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
573 }
574 else
575 {
576 smp_calculate_comfirm_cont(p_cb, &output);
577 }
578 }
579 /*******************************************************************************
580 **
581 ** Function smp_calculate_comfirm_cont
582 **
583 ** Description This function is called when SConfirm/MConfirm is generated
584 ** proceed to send the Confirm request/response to peer device.
585 **
586 ** Returns void
587 **
588 *******************************************************************************/
smp_calculate_comfirm_cont(tSMP_CB * p_cb,tSMP_ENC * p)589 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p)
590 {
591 BT_OCTET16 p2;
592 tSMP_ENC output;
593 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
594
595 SMP_TRACE_DEBUG ("smp_calculate_comfirm_cont ");
596 #if SMP_DEBUG == TRUE
597 SMP_TRACE_DEBUG("Confirm step 1 p1' = e(k, r XOR p1) Generated");
598 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16);
599 #endif
600
601 smp_gen_p2_4_confirm(p_cb, p2);
602
603 /* calculate p2 = (p1' XOR p2) */
604 smp_xor_128(p2, p->param_buf);
605 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16);
606
607 /* calculate: Confirm = E(k, p1' XOR p2) */
608 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output))
609 {
610 SMP_TRACE_ERROR("smp_calculate_comfirm_cont failed");
611 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
612 }
613 else
614 {
615 switch (p_cb->rand_enc_proc)
616 {
617 case SMP_GEN_CONFIRM:
618 smp_process_confirm(p_cb, &output);
619 break;
620
621 case SMP_GEN_COMPARE:
622 smp_process_compare(p_cb, &output);
623 break;
624 }
625 }
626 }
627 /*******************************************************************************
628 **
629 ** Function smp_genenrate_confirm
630 **
631 ** Description This function is called when a 48 bits random number is generated
632 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm.
633 **
634 ** Returns void
635 **
636 *******************************************************************************/
smp_genenrate_confirm(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)637 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
638 {
639 UNUSED(p_data);
640
641 SMP_TRACE_DEBUG ("smp_genenrate_confirm ");
642 p_cb->rand_enc_proc = SMP_GEN_CONFIRM;
643
644 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16);
645
646 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda);
647 }
648 /*******************************************************************************
649 **
650 ** Function smp_generate_compare
651 **
652 ** Description This function is called to generate SConfirm for Slave device,
653 ** or MSlave for Master device. This function can be also used for
654 ** generating Compare number for confirm value check.
655 **
656 ** Returns void
657 **
658 *******************************************************************************/
smp_generate_compare(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)659 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
660 {
661 UNUSED(p_data);
662
663 SMP_TRACE_DEBUG ("smp_generate_compare ");
664 p_cb->rand_enc_proc = SMP_GEN_COMPARE;
665
666 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16);
667
668 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda);
669 }
670 /*******************************************************************************
671 **
672 ** Function smp_process_confirm
673 **
674 ** Description This function is called when SConfirm/MConfirm is generated
675 ** proceed to send the Confirm request/response to peer device.
676 **
677 ** Returns void
678 **
679 *******************************************************************************/
smp_process_confirm(tSMP_CB * p_cb,tSMP_ENC * p)680 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p)
681 {
682 tSMP_KEY key;
683
684 SMP_TRACE_DEBUG ("smp_process_confirm ");
685 #if SMP_CONFORMANCE_TESTING == TRUE
686 if (p_cb->enable_test_confirm_val)
687 {
688 BTM_TRACE_DEBUG ("Use confirm value from script");
689 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN);
690 }
691 else
692 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
693 #else
694 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN);
695 #endif
696
697
698 #if (SMP_DEBUG == TRUE)
699 SMP_TRACE_DEBUG("Confirm Generated");
700 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16);
701 #endif
702
703 key.key_type = SMP_KEY_TYPE_CFM;
704 key.p_data = p->param_buf;
705
706 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
707 }
708 /*******************************************************************************
709 **
710 ** Function smp_process_compare
711 **
712 ** Description This function is called when Compare is generated using the
713 ** RRand and local BDA, TK information.
714 **
715 ** Returns void
716 **
717 *******************************************************************************/
smp_process_compare(tSMP_CB * p_cb,tSMP_ENC * p)718 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p)
719 {
720 tSMP_KEY key;
721
722 SMP_TRACE_DEBUG ("smp_process_compare ");
723 #if (SMP_DEBUG == TRUE)
724 SMP_TRACE_DEBUG("Compare Generated");
725 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16);
726 #endif
727 key.key_type = SMP_KEY_TYPE_CMP;
728 key.p_data = p->param_buf;
729
730 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
731 }
732
733 /*******************************************************************************
734 **
735 ** Function smp_process_stk
736 **
737 ** Description This function is called when STK is generated
738 ** proceed to send the encrypt the link using STK.
739 **
740 ** Returns void
741 **
742 *******************************************************************************/
smp_process_stk(tSMP_CB * p_cb,tSMP_ENC * p)743 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p)
744 {
745 tSMP_KEY key;
746
747 SMP_TRACE_DEBUG ("smp_process_stk ");
748 #if (SMP_DEBUG == TRUE)
749 SMP_TRACE_ERROR("STK Generated");
750 #endif
751 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf);
752
753 key.key_type = SMP_KEY_TYPE_STK;
754 key.p_data = p->param_buf;
755
756 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
757 }
758
759 /*******************************************************************************
760 **
761 ** Function smp_genenrate_ltk_cont
762 **
763 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV)
764 **
765 ** Returns void
766 **
767 *******************************************************************************/
smp_genenrate_ltk_cont(tSMP_CB * p_cb,tSMP_INT_DATA * p_data)768 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
769 {
770 BT_OCTET16 er;
771 tSMP_ENC output;
772 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
773 UNUSED(p_data);
774
775 SMP_TRACE_DEBUG ("smp_genenrate_ltk_cont ");
776 BTM_GetDeviceEncRoot(er);
777
778 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
779 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div,
780 sizeof(UINT16), &output))
781 {
782 SMP_TRACE_ERROR("smp_genenrate_ltk_cont failed");
783 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
784 }
785 else
786 {
787 /* mask the LTK */
788 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
789 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
790 smp_generate_rand_vector(p_cb, NULL);
791 }
792
793 }
794
795 /*******************************************************************************
796 **
797 ** Function smp_generate_y
798 **
799 ** Description This function is to proceed generate Y = E(DHK, Rand)
800 **
801 ** Returns void
802 **
803 *******************************************************************************/
smp_generate_y(tSMP_CB * p_cb,tSMP_INT_DATA * p)804 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p)
805 {
806 BT_OCTET16 dhk;
807 tSMP_ENC output;
808 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
809 UNUSED(p);
810
811 SMP_TRACE_DEBUG ("smp_generate_y ");
812 BTM_GetDeviceDHK(dhk);
813
814 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand,
815 BT_OCTET8_LEN, &output))
816 {
817 SMP_TRACE_ERROR("smp_generate_y failed");
818 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
819 }
820 else
821 {
822 smp_process_ediv(p_cb, &output);
823 }
824 }
825 /*******************************************************************************
826 **
827 ** Function smp_generate_rand_vector
828 **
829 ** Description This function is called when LTK is generated, send state machine
830 ** event to SMP.
831 **
832 ** Returns void
833 **
834 *******************************************************************************/
smp_generate_rand_vector(tSMP_CB * p_cb,tSMP_INT_DATA * p)835 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p)
836 {
837 UNUSED(p);
838
839 /* generate EDIV and rand now */
840 /* generate random vector */
841 SMP_TRACE_DEBUG ("smp_generate_rand_vector ");
842 p_cb->rand_enc_proc = SMP_GEN_RAND_V;
843 if (!btsnd_hcic_ble_rand((void *)smp_rand_back))
844 smp_rand_back(NULL);
845
846 }
847 /*******************************************************************************
848 **
849 ** Function smp_genenrate_smp_process_edivltk_cont
850 **
851 ** Description This function is to calculate EDIV = Y xor DIV
852 **
853 ** Returns void
854 **
855 *******************************************************************************/
smp_process_ediv(tSMP_CB * p_cb,tSMP_ENC * p)856 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p)
857 {
858 tSMP_KEY key;
859 UINT8 *pp= p->param_buf;
860 UINT16 y;
861
862 SMP_TRACE_DEBUG ("smp_process_ediv ");
863 STREAM_TO_UINT16(y, pp);
864
865 /* EDIV = Y xor DIV */
866 p_cb->ediv = p_cb->div ^ y;
867 /* send LTK ready */
868 SMP_TRACE_ERROR("LTK ready");
869 key.key_type = SMP_KEY_TYPE_LTK;
870 key.p_data = p->param_buf;
871
872 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
873 }
874
875 /*******************************************************************************
876 **
877 ** Function smp_rand_back
878 **
879 ** Description This function is to process the rand command finished,
880 ** process the random/encrypted number for further action.
881 **
882 ** Returns void
883 **
884 *******************************************************************************/
smp_rand_back(tBTM_RAND_ENC * p)885 static void smp_rand_back(tBTM_RAND_ENC *p)
886 {
887 tSMP_CB *p_cb = &smp_cb;
888 UINT8 *pp = p->param_buf;
889 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN;
890 UINT8 state = p_cb->rand_enc_proc & ~0x80;
891
892 SMP_TRACE_DEBUG ("smp_rand_back state=0x%x", state);
893 if (p && p->status == HCI_SUCCESS)
894 {
895 switch (state)
896 {
897
898 case SMP_GEN_SRAND_MRAND:
899 memcpy((void *)p_cb->rand, p->param_buf, p->param_len);
900 smp_genenrate_rand_cont(p_cb, NULL);
901 break;
902
903 case SMP_GEN_SRAND_MRAND_CONT:
904 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len);
905 smp_genenrate_confirm(p_cb, NULL);
906 break;
907
908 case SMP_GEN_DIV_LTK:
909 STREAM_TO_UINT16(p_cb->div, pp);
910 smp_genenrate_ltk_cont(p_cb, NULL);
911 break;
912
913 case SMP_GEN_DIV_CSRK:
914 STREAM_TO_UINT16(p_cb->div, pp);
915 smp_compute_csrk(p_cb, NULL);
916 break;
917
918 case SMP_GEN_TK:
919 smp_proc_passkey(p_cb, p);
920 break;
921
922 case SMP_GEN_RAND_V:
923 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN);
924 smp_generate_y(p_cb, NULL);
925 break;
926
927 }
928
929 return;
930 }
931
932 SMP_TRACE_ERROR("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc);
933
934 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
935
936 }
937 #endif
938
939