1 /******************************************************************************
2 *
3 * Copyright (C) 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 #include "bt_target.h"
20
21 #include <cutils/log.h>
22 #include <string.h>
23 #include "smp_int.h"
24
25 const char* const smp_state_name[] = {
26 "SMP_STATE_IDLE",
27 "SMP_STATE_WAIT_APP_RSP",
28 "SMP_STATE_SEC_REQ_PENDING",
29 "SMP_STATE_PAIR_REQ_RSP",
30 "SMP_STATE_WAIT_CONFIRM",
31 "SMP_STATE_CONFIRM",
32 "SMP_STATE_RAND",
33 "SMP_STATE_PUBLIC_KEY_EXCH",
34 "SMP_STATE_SEC_CONN_PHS1_START",
35 "SMP_STATE_WAIT_COMMITMENT",
36 "SMP_STATE_WAIT_NONCE",
37 "SMP_STATE_SEC_CONN_PHS2_START",
38 "SMP_STATE_WAIT_DHK_CHECK",
39 "SMP_STATE_DHK_CHECK",
40 "SMP_STATE_ENCRYPTION_PENDING",
41 "SMP_STATE_BOND_PENDING",
42 "SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA",
43 "SMP_STATE_MAX"};
44
45 const char* const smp_event_name[] = {"PAIRING_REQ_EVT",
46 "PAIRING_RSP_EVT",
47 "CONFIRM_EVT",
48 "RAND_EVT",
49 "PAIRING_FAILED_EVT",
50 "ENC_INFO_EVT",
51 "MASTER_ID_EVT",
52 "ID_INFO_EVT",
53 "ID_ADDR_EVT",
54 "SIGN_INFO_EVT",
55 "SECURITY_REQ_EVT",
56 "PAIR_PUBLIC_KEY_EVT",
57 "PAIR_DHKEY_CHECK_EVT",
58 "PAIR_KEYPRESS_NOTIFICATION_EVT",
59 "PAIR_COMMITMENT_EVT",
60 "KEY_READY_EVT",
61 "ENCRYPTED_EVT",
62 "L2CAP_CONN_EVT",
63 "L2CAP_DISCONN_EVT",
64 "API_IO_RSP_EVT",
65 "API_SEC_GRANT_EVT",
66 "TK_REQ_EVT",
67 "AUTH_CMPL_EVT",
68 "ENC_REQ_EVT",
69 "BOND_REQ_EVT",
70 "DISCARD_SEC_REQ_EVT",
71 "PUBLIC_KEY_EXCHANGE_REQ_EVT",
72 "LOCAL_PUBLIC_KEY_CRTD_EVT",
73 "BOTH_PUBLIC_KEYS_RCVD_EVT",
74 "SEC_CONN_DHKEY_COMPLETE_EVT",
75 "HAVE_LOCAL_NONCE_EVT",
76 "SEC_CONN_PHASE1_CMPLT_EVT",
77 "SEC_CONN_CALC_NC_EVT",
78 "SEC_CONN_DISPLAY_NC_EVT",
79 "SEC_CONN_OK_EVT",
80 "SEC_CONN_2_DHCK_CHECKS_PRESENT_EVT",
81 "SEC_CONN_KEY_READY_EVT",
82 "KEYPRESS_NOTIFICATION_EVT",
83 "SEC_CONN_OOB_DATA_EVT",
84 "CREATE_LOCAL_SEC_CONN_OOB_DATA_EVT",
85 "OUT_OF_RANGE_EVT"};
86
87 const char* smp_get_event_name(tSMP_EVENT event);
88 const char* smp_get_state_name(tSMP_STATE state);
89
90 #define SMP_SM_IGNORE 0
91 #define SMP_NUM_ACTIONS 2
92 #define SMP_SME_NEXT_STATE 2
93 #define SMP_SM_NUM_COLS 3
94
95 typedef const uint8_t (*tSMP_SM_TBL)[SMP_SM_NUM_COLS];
96
97 enum {
98 SMP_PROC_SEC_REQ,
99 SMP_SEND_PAIR_REQ,
100 SMP_SEND_PAIR_RSP,
101 SMP_SEND_CONFIRM,
102 SMP_SEND_PAIR_FAIL,
103 SMP_SEND_RAND,
104 SMP_SEND_ENC_INFO,
105 SMP_SEND_ID_INFO,
106 SMP_SEND_LTK_REPLY,
107 SMP_PROC_PAIR_CMD,
108 SMP_PROC_PAIR_FAIL,
109 SMP_PROC_CONFIRM,
110 SMP_PROC_RAND,
111 SMP_PROC_ENC_INFO,
112 SMP_PROC_MASTER_ID,
113 SMP_PROC_ID_INFO,
114 SMP_PROC_ID_ADDR,
115 SMP_PROC_SRK_INFO,
116 SMP_PROC_SEC_GRANT,
117 SMP_PROC_SL_KEY,
118 SMP_PROC_COMPARE,
119 SMP_PROC_IO_RSP,
120 SMP_GENERATE_COMPARE,
121 SMP_GENERATE_CONFIRM,
122 SMP_GENERATE_STK,
123 SMP_KEY_DISTRIBUTE,
124 SMP_START_ENC,
125 SMP_PAIRING_CMPL,
126 SMP_DECIDE_ASSO_MODEL,
127 SMP_SEND_APP_CBACK,
128 SMP_CHECK_AUTH_REQ,
129 SMP_PAIR_TERMINATE,
130 SMP_ENC_CMPL,
131 SMP_PROC_DISCARD,
132 SMP_CREATE_PRIVATE_KEY,
133 SMP_USE_OOB_PRIVATE_KEY,
134 SMP_SEND_PAIR_PUBLIC_KEY,
135 SMP_PROCESS_PAIR_PUBLIC_KEY,
136 SMP_HAVE_BOTH_PUBLIC_KEYS,
137 SMP_START_SEC_CONN_PHASE1,
138 SMP_PROCESS_LOCAL_NONCE,
139 SMP_SEND_COMMITMENT,
140 SMP_PROCESS_PAIRING_COMMITMENT,
141 SMP_PROCESS_PEER_NONCE,
142 SMP_CALCULATE_LOCAL_DHKEY_CHECK,
143 SMP_SEND_DHKEY_CHECK,
144 SMP_PROCESS_DHKEY_CHECK,
145 SMP_CALCULATE_PEER_DHKEY_CHECK,
146 SMP_MATCH_DHKEY_CHECKS,
147 SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER,
148 SMP_MOVE_TO_SEC_CONN_PHASE2,
149 SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
150 SMP_WAIT_FOR_BOTH_PUBLIC_KEYS,
151 SMP_START_PASSKEY_VERIFICATION,
152 SMP_SEND_KEYPRESS_NOTIFICATION,
153 SMP_PROCESS_KEYPRESS_NOTIFICATION,
154 SMP_PROCESS_SECURE_CONNECTION_OOB_DATA,
155 SMP_SET_LOCAL_OOB_KEYS,
156 SMP_SET_LOCAL_OOB_RAND_COMMITMENT,
157 SMP_IDLE_TERMINATE,
158 SMP_FAST_CONN_PARAM,
159 SMP_SM_NO_ACTION
160 };
161
162 static const tSMP_ACT smp_sm_action[] = {
163 smp_proc_sec_req,
164 smp_send_pair_req,
165 smp_send_pair_rsp,
166 smp_send_confirm,
167 smp_send_pair_fail,
168 smp_send_rand,
169 smp_send_enc_info,
170 smp_send_id_info,
171 smp_send_ltk_reply,
172 smp_proc_pair_cmd,
173 smp_proc_pair_fail,
174 smp_proc_confirm,
175 smp_proc_rand,
176 smp_proc_enc_info,
177 smp_proc_master_id,
178 smp_proc_id_info,
179 smp_proc_id_addr,
180 smp_proc_srk_info,
181 smp_proc_sec_grant,
182 smp_proc_sl_key,
183 smp_proc_compare,
184 smp_process_io_response,
185 smp_generate_compare,
186 smp_generate_srand_mrand_confirm,
187 smp_generate_stk,
188 smp_key_distribution,
189 smp_start_enc,
190 smp_pairing_cmpl,
191 smp_decide_association_model,
192 smp_send_app_cback,
193 smp_check_auth_req,
194 smp_pair_terminate,
195 smp_enc_cmpl,
196 smp_proc_discard,
197 smp_create_private_key,
198 smp_use_oob_private_key,
199 smp_send_pair_public_key,
200 smp_process_pairing_public_key,
201 smp_both_have_public_keys,
202 smp_start_secure_connection_phase1,
203 smp_process_local_nonce,
204 smp_send_commitment,
205 smp_process_pairing_commitment,
206 smp_process_peer_nonce,
207 smp_calculate_local_dhkey_check,
208 smp_send_dhkey_check,
209 smp_process_dhkey_check,
210 smp_calculate_peer_dhkey_check,
211 smp_match_dhkey_checks,
212 smp_calculate_numeric_comparison_display_number,
213 smp_move_to_secure_connections_phase2,
214 smp_phase_2_dhkey_checks_are_present,
215 smp_wait_for_both_public_keys,
216 smp_start_passkey_verification,
217 smp_send_keypress_notification,
218 smp_process_keypress_notification,
219 smp_process_secure_connection_oob_data,
220 smp_set_local_oob_keys,
221 smp_set_local_oob_random_commitment,
222 smp_idle_terminate,
223 smp_fast_conn_param};
224
225 /************ SMP Master FSM State/Event Indirection Table **************/
226 static const uint8_t smp_master_entry_map[][SMP_STATE_MAX] = {
227 /* state name: */
228 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm, Confirm, Rand,
229 PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce, SCPhs2 Strt, Wait
230 DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData */
231 /* PAIR_REQ */
232 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
233 /* PAIR_RSP */
234 {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
235 /* CONFIRM */
236 {0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
237 /* RAND */
238 {0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
239 /* PAIR_FAIL */
240 {0, 0x81, 0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
241 0x81, 0, 0x81, 0},
242 /* ENC_INFO */
243 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0},
244 /* MASTER_ID */
245 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
246 /* ID_INFO */
247 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
248 /* ID_ADDR */
249 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
250 /* SIGN_INFO */
251 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
252 /* SEC_REQ */
253 {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
254 /* PAIR_PUBLIC_KEY */
255 {0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
256 /* PAIR_DHKEY_CHCK */
257 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0},
258 /* PAIR_KEYPR_NOTIF */
259 {0, 8, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
260 /* PAIR_COMMITM */
261 {0, 0, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
262 /* KEY_READY */
263 {0, 3, 0, 3, 1, 0, 2, 0, 4, 0, 0, 0, 0, 0, 1, 6, 0},
264 /* ENC_CMPL */
265 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0},
266 /* L2C_CONN */
267 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
268 /* L2C_DISC */
269 {3, 0x83, 0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
270 0x83, 0x83, 0x83, 0},
271 /* IO_RSP */
272 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
273 /* SEC_GRANT */
274 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
275 /* TK_REQ */
276 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
277 /* AUTH_CMPL */
278 {4, 0x82, 0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
279 0x82, 0x82, 0x82, 0},
280 /* ENC_REQ */
281 {0, 4, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0},
282 /* BOND_REQ */
283 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
284 /* DISCARD_SEC_REQ */
285 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
286 /* PUBL_KEY_EXCH_REQ */
287 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
288 /* LOC_PUBL_KEY_CRTD */
289 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
290 /* BOTH_PUBL_KEYS_RCVD */
291 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
292 /* SC_DHKEY_CMPLT */
293 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
294 /* HAVE_LOC_NONCE */
295 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
296 /* SC_PHASE1_CMPLT */
297 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
298 /* SC_CALC_NC */
299 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
300 /* SC_DSPL_NC */
301 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
302 /* SC_NC_OK */
303 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
304 /* SC_2_DHCK_CHKS_PRES */
305 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
306 /* SC_KEY_READY */
307 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
308 /* KEYPR_NOTIF */
309 {0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
310 /* SC_OOB_DATA */
311 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
312 /* CR_LOC_SC_OOB_DATA */
313 {5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
314 };
315
316 static const uint8_t smp_all_table[][SMP_SM_NUM_COLS] = {
317 /* Event Action Next State */
318 /* PAIR_FAIL */
319 {SMP_PROC_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
320 /* AUTH_CMPL */
321 {SMP_SEND_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
322 /* L2C_DISC */
323 {SMP_PAIR_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
324
325 static const uint8_t smp_master_idle_table[][SMP_SM_NUM_COLS] = {
326 /* Event Action Next State */
327 /* L2C_CONN */
328 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
329 /* SEC_REQ */
330 {SMP_PROC_SEC_REQ, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
331 /* L2C_DISC */
332 {SMP_IDLE_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
333 /* AUTH_CMPL */
334 {SMP_PAIRING_CMPL, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
335 /* CR_LOC_SC_OOB_DATA */
336 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
337 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}
338
339 };
340
341 static const uint8_t smp_master_wait_for_app_response_table[][SMP_SM_NUM_COLS] =
342 {
343 /* Event Action Next State */
344 /* SEC_GRANT */
345 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
346 /* IO_RSP */
347 {SMP_SEND_PAIR_REQ, SMP_FAST_CONN_PARAM, SMP_STATE_PAIR_REQ_RSP},
348
349 /* TK ready */
350 /* KEY_READY */
351 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM},
352
353 /* start enc mode setup */
354 /* ENC_REQ */
355 {SMP_START_ENC, SMP_FAST_CONN_PARAM, SMP_STATE_ENCRYPTION_PENDING},
356 /* DISCARD_SEC_REQ */
357 {SMP_PROC_DISCARD, SMP_SM_NO_ACTION, SMP_STATE_IDLE}
358 /* user confirms NC 'OK', i.e. phase 1 is completed */
359 /* SC_NC_OK */,
360 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
361 SMP_STATE_SEC_CONN_PHS2_START},
362 /* user-provided passkey is rcvd */
363 /* SC_KEY_READY */
364 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
365 SMP_STATE_SEC_CONN_PHS1_START},
366 /* PAIR_KEYPR_NOTIF */
367 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
368 SMP_STATE_WAIT_APP_RSP},
369 /* KEYPR_NOTIF */
370 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
371 SMP_STATE_WAIT_APP_RSP},
372 /* SC_OOB_DATA */
373 {SMP_USE_OOB_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
374
375 static const uint8_t smp_master_pair_request_response_table[][SMP_SM_NUM_COLS] =
376 {
377 /* Event Action Next State */
378 /* PAIR_RSP */
379 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
380 /* TK_REQ */
381 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
382
383 /* TK ready */
384 /* KEY_READY */
385 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}
386 /* PUBL_KEY_EXCH_REQ */,
387 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
388
389 static const uint8_t smp_master_wait_for_confirm_table[][SMP_SM_NUM_COLS] = {
390 /* Event Action Next State */
391 /* KEY_READY*/
392 /* CONFIRM ready */
393 {SMP_SEND_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
394
395 static const uint8_t smp_master_confirm_table[][SMP_SM_NUM_COLS] = {
396 /* Event Action Next State */
397 /* CONFIRM */
398 {SMP_PROC_CONFIRM, SMP_SEND_RAND, SMP_STATE_RAND}};
399
400 static const uint8_t smp_master_rand_table[][SMP_SM_NUM_COLS] = {
401 /* Event Action Next State */
402 /* RAND */
403 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
404 /* KEY_READY */
405 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* Compare ready */
406 /* ENC_REQ */
407 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
408
409 static const uint8_t smp_master_public_key_exchange_table[][SMP_SM_NUM_COLS] = {
410 /* Event Action Next State */
411 /* LOC_PUBL_KEY_CRTD */
412 {SMP_SEND_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
413 /* PAIR_PUBLIC_KEY */
414 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
415 /* BOTH_PUBL_KEYS_RCVD */
416 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
417 SMP_STATE_SEC_CONN_PHS1_START},
418 };
419
420 static const uint8_t smp_master_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] = {
421 /* Event Action Next State */
422 /* SC_DHKEY_CMPLT */
423 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
424 SMP_STATE_SEC_CONN_PHS1_START},
425 /* HAVE_LOC_NONCE */
426 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
427 /* TK_REQ */
428 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
429 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to display,*/
430 /* It's time to start commitment calculation */
431 /* KEY_READY */
432 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
433 SMP_STATE_SEC_CONN_PHS1_START},
434 /* PAIR_KEYPR_NOTIF */
435 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
436 SMP_STATE_SEC_CONN_PHS1_START},
437 /* PAIR_COMMITM */
438 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
439 SMP_STATE_SEC_CONN_PHS1_START},
440 };
441
442 static const uint8_t smp_master_wait_commitment_table[][SMP_SM_NUM_COLS] = {
443 /* Event Action Next State */
444 /* PAIR_COMMITM */
445 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_RAND, SMP_STATE_WAIT_NONCE},
446 /* PAIR_KEYPR_NOTIF */
447 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
448 SMP_STATE_WAIT_COMMITMENT},
449 };
450
451 static const uint8_t smp_master_wait_nonce_table[][SMP_SM_NUM_COLS] = {
452 /* Event Action Next State */
453 /* peer nonce is received */
454 /* RAND */
455 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
456 /* NC model, time to calculate number for NC */
457 /* SC_CALC_NC */
458 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
459 SMP_STATE_WAIT_NONCE},
460 /* NC model, time to display calculated number for NC to the user */
461 /* SC_DSPL_NC */
462 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
463 };
464
465 static const uint8_t smp_master_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] = {
466 /* Event Action Next State */
467 /* SC_PHASE1_CMPLT */
468 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_SEND_DHKEY_CHECK,
469 SMP_STATE_WAIT_DHK_CHECK},
470 };
471
472 static const uint8_t smp_master_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
473 /* Event Action Next State */
474 /* PAIR_DHKEY_CHCK */
475 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
476 SMP_STATE_DHK_CHECK},
477 };
478
479 static const uint8_t smp_master_dhk_check_table[][SMP_SM_NUM_COLS] = {
480 /* Event Action Next State */
481 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
482 * Check
483 * actually received from peer */
484 /* SC_KEY_READY */
485 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
486 /* locally calculated peer dhkey check is ready -> calculate STK, go to
487 * sending
488 */
489 /* HCI LE Start Encryption command */
490 /* ENC_REQ */
491 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
492 };
493
494 static const uint8_t smp_master_enc_pending_table[][SMP_SM_NUM_COLS] = {
495 /* Event Action Next State */
496 /* STK ready */
497 /* KEY_READY */
498 {SMP_START_ENC, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
499 /* ENCRYPTED */
500 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
501 /* BOND_REQ */
502 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
503 static const uint8_t smp_master_bond_pending_table[][SMP_SM_NUM_COLS] = {
504 /* Event Action Next State */
505 /* ENC_INFO */
506 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
507 /* ID_INFO */
508 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
509 /* SIGN_INFO */
510 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
511 /* MASTER_ID */
512 {SMP_PROC_MASTER_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
513 /* ID_ADDR */
514 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
515 /* KEY_READY */
516 /* LTK ready */
517 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
518
519 static const uint8_t
520 smp_master_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
521 /* Event Action Next State */
522 /* LOC_PUBL_KEY_CRTD */
523 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
524 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
525 /* HAVE_LOC_NONCE */
526 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
527
528 /************ SMP Slave FSM State/Event Indirection Table **************/
529 static const uint8_t smp_slave_entry_map[][SMP_STATE_MAX] = {
530 /* state name: */
531 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm, Confirm, Rand,
532 PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce, SCPhs2 Strt, Wait
533 DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData */
534 /* PAIR_REQ */
535 {2, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
536 /* PAIR_RSP */
537 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
538 /* CONFIRM */
539 {0, 4, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
540 /* RAND */
541 {0, 0, 0, 0, 0, 1, 2, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
542 /* PAIR_FAIL */
543 {0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
544 0x81, 0x81, 0, 0},
545 /* ENC_INFO */
546 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
547 /* MASTER_ID */
548 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
549 /* ID_INFO */
550 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
551 /* ID_ADDR */
552 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 0},
553 /* SIGN_INFO */
554 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
555 /* SEC_REQ */
556 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
557 /* PAIR_PUBLIC_KEY */
558 {0, 0, 0, 5, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
559 /* PAIR_DHKEY_CHCK */
560 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 1, 2, 0, 0, 0},
561 /* PAIR_KEYPR_NOTIF */
562 {0, 9, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
563 /* PAIR_COMMITM */
564 {0, 8, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
565 /* KEY_READY */
566 {0, 3, 0, 3, 2, 2, 1, 0, 4, 0, 0, 0, 0, 0, 2, 1, 0},
567 /* ENC_CMPL */
568 {0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
569 /* L2C_CONN */
570 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
571 /* L2C_DISC */
572 {0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
573 0x83, 0x83, 0x83, 0},
574 /* IO_RSP */
575 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
576 /* SEC_GRANT */
577 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
578 /* TK_REQ */
579 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
580 /* AUTH_CMPL */
581 {0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
582 0x82, 0x82, 0x82, 0},
583 /* ENC_REQ */
584 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0},
585 /* BOND_REQ */
586 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 0},
587 /* DISCARD_SEC_REQ */
588 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
589 /* PUBL_KEY_EXCH_REQ */
590 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
591 /* LOC_PUBL_KEY_CRTD */
592 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
593 /* BOTH_PUBL_KEYS_RCVD */
594 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
595 /* SC_DHKEY_CMPLT */
596 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
597 /* HAVE_LOC_NONCE */
598 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
599 /* SC_PHASE1_CMPLT */
600 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
601 /* SC_CALC_NC */
602 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
603 /* SC_DSPL_NC */
604 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
605 /* SC_NC_OK */
606 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
607 /* SC_2_DHCK_CHKS_PRES */
608 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0},
609 /* SC_KEY_READY */
610 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
611 /* KEYPR_NOTIF */
612 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
613 /* SC_OOB_DATA */
614 {0, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
615 /* CR_LOC_SC_OOB_DATA */
616 {3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
617 };
618
619 static const uint8_t smp_slave_idle_table[][SMP_SM_NUM_COLS] = {
620 /* Event Action Next State */
621 /* L2C_CONN */
622 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
623 /* PAIR_REQ */
624 {SMP_PROC_PAIR_CMD, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
625 /* CR_LOC_SC_OOB_DATA */
626 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
627 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}};
628
629 static const uint8_t smp_slave_wait_for_app_response_table[][SMP_SM_NUM_COLS] =
630 {
631 /* Event Action Next State */
632 /* IO_RSP */
633 {SMP_PROC_IO_RSP, SMP_FAST_CONN_PARAM, SMP_STATE_PAIR_REQ_RSP},
634 /* SEC_GRANT */
635 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
636
637 /* TK ready */
638 /* KEY_READY */
639 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
640 /* CONFIRM */
641 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
642 /* DHKey Check from master is received before phase 1 is completed -
643 race */
644 /* PAIR_DHKEY_CHCK */
645 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
646 /* user confirms NC 'OK', i.e. phase 1 is completed */
647 /* SC_NC_OK */
648 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
649 SMP_STATE_SEC_CONN_PHS2_START},
650 /* user-provided passkey is rcvd */
651 /* SC_KEY_READY */
652 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
653 SMP_STATE_SEC_CONN_PHS1_START},
654 /* PAIR_COMMITM */
655 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
656 SMP_STATE_WAIT_APP_RSP},
657 /* PAIR_KEYPR_NOTIF */
658 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
659 SMP_STATE_WAIT_APP_RSP},
660 /* KEYPR_NOTIF */
661 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
662 SMP_STATE_WAIT_APP_RSP},
663 /* SC_OOB_DATA */
664 {SMP_SEND_PAIR_RSP, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
665 };
666
667 static const uint8_t smp_slave_sec_request_table[][SMP_SM_NUM_COLS] = {
668 /* Event Action Next State */
669 /* PAIR_REQ */
670 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
671 /* ENCRYPTED*/
672 {SMP_ENC_CMPL, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
673 };
674
675 static const uint8_t smp_slave_pair_request_response_table[][SMP_SM_NUM_COLS] =
676 {
677 /* Event Action Next State */
678 /* CONFIRM */
679 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
680 /* TK_REQ */
681 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
682
683 /* TK/Confirm ready */
684 /* KEY_READY */
685 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
686 /* PUBL_KEY_EXCH_REQ */
687 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
688 /* PAIR_PUBLIC_KEY */
689 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
690 };
691
692 static const uint8_t smp_slave_wait_confirm_table[][SMP_SM_NUM_COLS] = {
693 /* Event Action Next State */
694 /* CONFIRM */
695 {SMP_PROC_CONFIRM, SMP_SEND_CONFIRM, SMP_STATE_CONFIRM},
696 /* KEY_READY*/
697 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}};
698
699 static const uint8_t smp_slave_confirm_table[][SMP_SM_NUM_COLS] = {
700 /* Event Action Next State */
701 /* RAND */
702 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
703
704 /* TK/Confirm ready */
705 /* KEY_READY*/
706 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
707
708 static const uint8_t smp_slave_rand_table[][SMP_SM_NUM_COLS] = {
709 /* Event Action Next State */
710 /* KEY_READY */
711 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* compare match */
712 /* RAND */
713 {SMP_SEND_RAND, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
714
715 static const uint8_t smp_slave_public_key_exch_table[][SMP_SM_NUM_COLS] = {
716 /* Event Action Next State */
717 /* LOC_PUBL_KEY_CRTD */
718 {SMP_WAIT_FOR_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
719 SMP_STATE_PUBLIC_KEY_EXCH},
720 /* PAIR_PUBLIC_KEY */
721 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
722 /* BOTH_PUBL_KEYS_RCVD */
723 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
724 SMP_STATE_SEC_CONN_PHS1_START},
725 };
726
727 static const uint8_t smp_slave_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] = {
728 /* Event Action Next State */
729 /* SC_DHKEY_CMPLT */
730 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
731 SMP_STATE_SEC_CONN_PHS1_START},
732 /* HAVE_LOC_NONCE */
733 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
734 /* TK_REQ */
735 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
736 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to display,
737 * it's
738 * time to start */
739 /* commitment calculation */
740 /* KEY_READY */
741 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
742 SMP_STATE_SEC_CONN_PHS1_START},
743 /* PAIR_KEYPR_NOTIF */
744 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
745 SMP_STATE_SEC_CONN_PHS1_START},
746 /*COMMIT*/
747 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
748 SMP_STATE_SEC_CONN_PHS1_START},
749 };
750
751 static const uint8_t smp_slave_wait_commitment_table[][SMP_SM_NUM_COLS] = {
752 /* Event Action Next State */
753 /* PAIR_COMMITM */
754 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_COMMITMENT, SMP_STATE_WAIT_NONCE},
755 /* PAIR_KEYPR_NOTIF */
756 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
757 SMP_STATE_WAIT_COMMITMENT},
758 };
759
760 static const uint8_t smp_slave_wait_nonce_table[][SMP_SM_NUM_COLS] = {
761 /* Event Action Next State */
762 /* peer nonce is received */
763 /* RAND */
764 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
765 /* NC model, time to calculate number for NC */
766 /* SC_CALC_NC */
767 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
768 SMP_STATE_WAIT_NONCE},
769 /* NC model, time to display calculated number for NC to the user */
770 /* SC_DSPL_NC */
771 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
772 };
773
774 static const uint8_t smp_slave_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] = {
775 /* Event Action Next State */
776 /* SC_PHASE1_CMPLT */
777 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
778 SMP_STATE_WAIT_DHK_CHECK},
779 /* DHKey Check from master is received before slave DHKey calculation is
780 * completed - race */
781 /* PAIR_DHKEY_CHCK */
782 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_SEC_CONN_PHS2_START},
783 };
784
785 static const uint8_t smp_slave_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
786 /* Event Action Next State */
787 /* PAIR_DHKEY_CHCK */
788 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
789 SMP_STATE_DHK_CHECK},
790 /* DHKey Check from master was received before slave came to this state */
791 /* SC_2_DHCK_CHKS_PRES */
792 {SMP_CALCULATE_PEER_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
793 };
794
795 static const uint8_t smp_slave_dhk_check_table[][SMP_SM_NUM_COLS] = {
796 /* Event Action Next State */
797
798 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
799 * Check
800 */
801 /* actually received from peer */
802 /* SC_KEY_READY */
803 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
804
805 /* dhkey checks match -> send local dhkey check to master, go to wait for
806 * HCI LE
807 */
808 /* Long Term Key Request Event */
809 /* PAIR_DHKEY_CHCK */
810 {SMP_SEND_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
811 };
812
813 static const uint8_t smp_slave_enc_pending_table[][SMP_SM_NUM_COLS] = {
814 /* Event Action Next State */
815 /* ENC_REQ */
816 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
817
818 /* STK ready */
819 /* KEY_READY */
820 {SMP_SEND_LTK_REPLY, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
821 /* ENCRYPTED */
822 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
823 /* BOND_REQ */
824 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
825 static const uint8_t smp_slave_bond_pending_table[][SMP_SM_NUM_COLS] = {
826 /* Event Action Next State */
827
828 /* LTK ready */
829 /* KEY_READY */
830 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
831
832 /* rev SRK */
833 /* SIGN_INFO */
834 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
835 /* ENC_INFO */
836 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
837 /* ID_INFO */
838 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
839 /* MASTER_ID*/
840 {SMP_PROC_MASTER_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
841 /* ID_ADDR */
842 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}
843
844 };
845
846 static const uint8_t
847 smp_slave_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
848 /* Event Action Next State */
849 /* LOC_PUBL_KEY_CRTD */
850 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
851 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
852 /* HAVE_LOC_NONCE */
853 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
854
855 static const tSMP_SM_TBL smp_state_table[][2] = {
856 /* SMP_STATE_IDLE */
857 {smp_master_idle_table, smp_slave_idle_table},
858
859 /* SMP_STATE_WAIT_APP_RSP */
860 {smp_master_wait_for_app_response_table,
861 smp_slave_wait_for_app_response_table},
862
863 /* SMP_STATE_SEC_REQ_PENDING */
864 {NULL, smp_slave_sec_request_table},
865
866 /* SMP_STATE_PAIR_REQ_RSP */
867 {smp_master_pair_request_response_table,
868 smp_slave_pair_request_response_table},
869
870 /* SMP_STATE_WAIT_CONFIRM */
871 {smp_master_wait_for_confirm_table, smp_slave_wait_confirm_table},
872
873 /* SMP_STATE_CONFIRM */
874 {smp_master_confirm_table, smp_slave_confirm_table},
875
876 /* SMP_STATE_RAND */
877 {smp_master_rand_table, smp_slave_rand_table},
878
879 /* SMP_STATE_PUBLIC_KEY_EXCH */
880 {smp_master_public_key_exchange_table, smp_slave_public_key_exch_table},
881
882 /* SMP_STATE_SEC_CONN_PHS1_START */
883 {smp_master_sec_conn_phs1_start_table, smp_slave_sec_conn_phs1_start_table},
884
885 /* SMP_STATE_WAIT_COMMITMENT */
886 {smp_master_wait_commitment_table, smp_slave_wait_commitment_table},
887
888 /* SMP_STATE_WAIT_NONCE */
889 {smp_master_wait_nonce_table, smp_slave_wait_nonce_table},
890
891 /* SMP_STATE_SEC_CONN_PHS2_START */
892 {smp_master_sec_conn_phs2_start_table, smp_slave_sec_conn_phs2_start_table},
893
894 /* SMP_STATE_WAIT_DHK_CHECK */
895 {smp_master_wait_dhk_check_table, smp_slave_wait_dhk_check_table},
896
897 /* SMP_STATE_DHK_CHECK */
898 {smp_master_dhk_check_table, smp_slave_dhk_check_table},
899
900 /* SMP_STATE_ENCRYPTION_PENDING */
901 {smp_master_enc_pending_table, smp_slave_enc_pending_table},
902
903 /* SMP_STATE_BOND_PENDING */
904 {smp_master_bond_pending_table, smp_slave_bond_pending_table},
905
906 /* SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA */
907 {smp_master_create_local_sec_conn_oob_data,
908 smp_slave_create_local_sec_conn_oob_data}};
909
910 typedef const uint8_t (*tSMP_ENTRY_TBL)[SMP_STATE_MAX];
911 static const tSMP_ENTRY_TBL smp_entry_table[] = {smp_master_entry_map,
912 smp_slave_entry_map};
913
914 tSMP_CB smp_cb;
915
916 #define SMP_ALL_TBL_MASK 0x80
917
918 /*******************************************************************************
919 * Function smp_set_state
920 * Returns None
921 ******************************************************************************/
smp_set_state(tSMP_STATE state)922 void smp_set_state(tSMP_STATE state) {
923 if (state < SMP_STATE_MAX) {
924 SMP_TRACE_DEBUG("State change: %s(%d) ==> %s(%d)",
925 smp_get_state_name(smp_cb.state), smp_cb.state,
926 smp_get_state_name(state), state);
927 smp_cb.state = state;
928 } else {
929 SMP_TRACE_DEBUG("smp_set_state invalid state =%d", state);
930 }
931 }
932
933 /*******************************************************************************
934 * Function smp_get_state
935 * Returns The smp state
936 ******************************************************************************/
smp_get_state(void)937 tSMP_STATE smp_get_state(void) { return smp_cb.state; }
938
939 /*******************************************************************************
940 *
941 * Function smp_sm_event
942 *
943 * Description Handle events to the state machine. It looks up the entry
944 * in the smp_entry_table array.
945 * If it is a valid entry, it gets the state table. Set the next
946 * state, if not NULL state. Execute the action function according
947 * to the state table. If the state returned by action function is
948 * not NULL state, adjust the new state to the returned state. If
949 * (api_evt != MAX), call callback function.
950 *
951 * Returns void.
952 *
953 ******************************************************************************/
smp_sm_event(tSMP_CB * p_cb,tSMP_EVENT event,void * p_data)954 void smp_sm_event(tSMP_CB* p_cb, tSMP_EVENT event, void* p_data) {
955 uint8_t curr_state = p_cb->state;
956 tSMP_SM_TBL state_table;
957 uint8_t action, entry, i;
958
959 if (p_cb->role >= 2) {
960 SMP_TRACE_DEBUG("Invalid role: %d", p_cb->role);
961 android_errorWriteLog(0x534e4554, "74121126");
962 return;
963 }
964
965 tSMP_ENTRY_TBL entry_table = smp_entry_table[p_cb->role];
966
967 SMP_TRACE_EVENT("main smp_sm_event");
968 if (curr_state >= SMP_STATE_MAX) {
969 SMP_TRACE_DEBUG("Invalid state: %d", curr_state);
970 return;
971 }
972
973 SMP_TRACE_DEBUG("SMP Role: %s State: [%s (%d)], Event: [%s (%d)]",
974 (p_cb->role == 0x01) ? "Slave" : "Master",
975 smp_get_state_name(p_cb->state), p_cb->state,
976 smp_get_event_name(event), event);
977
978 /* look up the state table for the current state */
979 /* lookup entry /w event & curr_state */
980 /* If entry is ignore, return.
981 * Otherwise, get state table (according to curr_state or all_state) */
982 if ((event <= SMP_MAX_EVT) &&
983 ((entry = entry_table[event - 1][curr_state]) != SMP_SM_IGNORE)) {
984 if (entry & SMP_ALL_TBL_MASK) {
985 entry &= ~SMP_ALL_TBL_MASK;
986 state_table = smp_all_table;
987 } else
988 state_table = smp_state_table[curr_state][p_cb->role];
989 } else {
990 SMP_TRACE_DEBUG("Ignore event [%s (%d)] in state [%s (%d)]",
991 smp_get_event_name(event), event,
992 smp_get_state_name(curr_state), curr_state);
993 return;
994 }
995
996 /* Get possible next state from state table. */
997
998 smp_set_state(state_table[entry - 1][SMP_SME_NEXT_STATE]);
999
1000 /* If action is not ignore, clear param, exec action and get next state.
1001 * The action function may set the Param for cback.
1002 * Depending on param, call cback or free buffer. */
1003 /* execute action */
1004 /* execute action functions */
1005 for (i = 0; i < SMP_NUM_ACTIONS; i++) {
1006 action = state_table[entry - 1][i];
1007 if (action != SMP_SM_NO_ACTION) {
1008 (*smp_sm_action[action])(p_cb, (tSMP_INT_DATA*)p_data);
1009 } else {
1010 break;
1011 }
1012 }
1013 SMP_TRACE_DEBUG("result state = %s", smp_get_state_name(p_cb->state));
1014 }
1015
1016 /*******************************************************************************
1017 * Function smp_get_state_name
1018 * Returns The smp state name.
1019 ******************************************************************************/
smp_get_state_name(tSMP_STATE state)1020 const char* smp_get_state_name(tSMP_STATE state) {
1021 const char* p_str = smp_state_name[SMP_STATE_MAX];
1022
1023 if (state < SMP_STATE_MAX) {
1024 p_str = smp_state_name[state];
1025 }
1026 return p_str;
1027 }
1028
1029 /*******************************************************************************
1030 * Function smp_get_event_name
1031 * Returns The smp event name.
1032 ******************************************************************************/
smp_get_event_name(tSMP_EVENT event)1033 const char* smp_get_event_name(tSMP_EVENT event) {
1034 const char* p_str = smp_event_name[SMP_MAX_EVT];
1035
1036 if (event <= SMP_MAX_EVT) {
1037 p_str = smp_event_name[event - 1];
1038 }
1039 return p_str;
1040 }
1041