1 /* Bluetooth Mesh */
2
3 /*
4 * Copyright (c) 2017 Intel Corporation
5 *
6 * SPDX-License-Identifier: Apache-2.0
7 */
8 #ifndef __CRYPTO_H__
9 #define __CRYPTO_H__
10
11 #include "mesh/mesh.h"
12
13 struct bt_mesh_sg {
14 const void *data;
15 size_t len;
16 };
17
18 int bt_mesh_aes_cmac(const u8_t key[16], struct bt_mesh_sg *sg,
19 size_t sg_len, u8_t mac[16]);
20
bt_mesh_aes_cmac_one(const u8_t key[16],const void * m,size_t len,u8_t mac[16])21 static inline int bt_mesh_aes_cmac_one(const u8_t key[16], const void *m,
22 size_t len, u8_t mac[16])
23 {
24 struct bt_mesh_sg sg = { m, len };
25 return bt_mesh_aes_cmac(key, &sg, 1, mac);
26 }
27
bt_mesh_s1(const char * m,u8_t salt[16])28 static inline bool bt_mesh_s1(const char *m, u8_t salt[16])
29 {
30 const u8_t zero[16] = { 0 };
31 return bt_mesh_aes_cmac_one(zero, m, strlen(m), salt);
32 }
33
34 int bt_mesh_k1(const u8_t *ikm, size_t ikm_len, const u8_t salt[16],
35 const char *info, u8_t okm[16]);
36
37 #define bt_mesh_k1_str(ikm, ikm_len, salt_str, info, okm) \
38 ( { \
39 const u8_t salt[16] = salt_str; \
40 bt_mesh_k1(ikm, ikm_len, salt, info, okm); \
41 })
42
43 int bt_mesh_k2(const u8_t n[16], const u8_t *p, size_t p_len,
44 u8_t net_id[1], u8_t enc_key[16], u8_t priv_key[16]);
45
46 int bt_mesh_k3(const u8_t n[16], u8_t out[8]);
47
48 int bt_mesh_k4(const u8_t n[16], u8_t out[1]);
49
50 int bt_mesh_id128(const u8_t n[16], const char *s, u8_t out[16]);
51
bt_mesh_id_resolving_key(const u8_t net_key[16],u8_t resolving_key[16])52 static inline int bt_mesh_id_resolving_key(const u8_t net_key[16],
53 u8_t resolving_key[16])
54 {
55 return bt_mesh_k1_str(net_key, 16, "smbt", "smbi", resolving_key);
56 }
57
bt_mesh_identity_key(const u8_t net_key[16],u8_t identity_key[16])58 static inline int bt_mesh_identity_key(const u8_t net_key[16],
59 u8_t identity_key[16])
60 {
61 return bt_mesh_id128(net_key, "nkik", identity_key);
62 }
63
bt_mesh_beacon_key(const u8_t net_key[16],u8_t beacon_key[16])64 static inline int bt_mesh_beacon_key(const u8_t net_key[16],
65 u8_t beacon_key[16])
66 {
67 return bt_mesh_id128(net_key, "nkbk", beacon_key);
68 }
69
70 int bt_mesh_beacon_auth(const u8_t beacon_key[16], u8_t flags,
71 const u8_t net_id[16], u32_t iv_index,
72 u8_t auth[8]);
73
bt_mesh_app_id(const u8_t app_key[16],u8_t app_id[1])74 static inline int bt_mesh_app_id(const u8_t app_key[16], u8_t app_id[1])
75 {
76 return bt_mesh_k4(app_key, app_id);
77 }
78
bt_mesh_session_key(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t session_key[16])79 static inline int bt_mesh_session_key(const u8_t dhkey[32],
80 const u8_t prov_salt[16],
81 u8_t session_key[16])
82 {
83 return bt_mesh_k1(dhkey, 32, prov_salt, "prsk", session_key);
84 }
85
bt_mesh_prov_nonce(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t nonce[13])86 static inline int bt_mesh_prov_nonce(const u8_t dhkey[32],
87 const u8_t prov_salt[16],
88 u8_t nonce[13])
89 {
90 u8_t tmp[16];
91 int err;
92 err = bt_mesh_k1(dhkey, 32, prov_salt, "prsn", tmp); // 32:value of ikm_len
93 if (!err) {
94 memcpy_s(nonce, sizeof(nonce), tmp + 3, 13); // 3:byte alignment, 13:size
95 }
96
97 return err;
98 }
99
bt_mesh_dev_key(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t dev_key[16])100 static inline int bt_mesh_dev_key(const u8_t dhkey[32],
101 const u8_t prov_salt[16],
102 u8_t dev_key[16])
103 {
104 return bt_mesh_k1(dhkey, 32, prov_salt, "prdk", dev_key);
105 }
106
bt_mesh_prov_salt(const u8_t conf_salt[16],const u8_t prov_rand[16],const u8_t dev_rand[16],u8_t prov_salt[16])107 static inline int bt_mesh_prov_salt(const u8_t conf_salt[16],
108 const u8_t prov_rand[16],
109 const u8_t dev_rand[16],
110 u8_t prov_salt[16])
111 {
112 const u8_t prov_salt_key[16] = { 0 };
113 struct bt_mesh_sg sg[] = {
114 { conf_salt, 16 },
115 { prov_rand, 16 },
116 { dev_rand, 16 },
117 };
118 return bt_mesh_aes_cmac(prov_salt_key, sg, ARRAY_SIZE(sg), prov_salt);
119 }
120
121 int bt_mesh_net_obfuscate(u8_t *pdu, u32_t iv_index,
122 const u8_t privacy_key[16]);
123
124 int bt_mesh_net_encrypt(const u8_t key[16], struct os_mbuf *buf,
125 u32_t iv_index, bool proxy);
126
127 int bt_mesh_net_decrypt(const u8_t key[16], struct os_mbuf *buf,
128 u32_t iv_index, bool proxy);
129
130 int bt_mesh_app_encrypt_in_place(const u8_t key[16], bool dev_key, u8_t aszmic,
131 struct os_mbuf *buf, const u8_t *ad, u16_t src,
132 u16_t dst, u32_t seq_num, u32_t iv_index);
133
134 int bt_mesh_app_encrypt(const u8_t key[16], bool dev_key, u8_t aszmic,
135 struct os_mbuf *buf, const u8_t *ad,
136 u16_t src, u16_t dst, u32_t seq_num, u32_t iv_index);
137
138 int bt_mesh_app_decrypt_in_place(const u8_t key[16], bool dev_key, u8_t aszmic,
139 struct os_mbuf *buf, const u8_t *ad, u16_t src,
140 u16_t dst, u32_t seq_num, u32_t iv_index);
141
142 int bt_mesh_app_decrypt(const u8_t key[16], bool dev_key, u8_t aszmic,
143 struct os_mbuf *buf, struct os_mbuf *out,
144 const u8_t *ad, u16_t src, u16_t dst, u32_t seq_num,
145 u32_t iv_index);
146
147 u8_t bt_mesh_fcs_calc(const u8_t *data, u8_t data_len);
148
149 bool bt_mesh_fcs_check(struct os_mbuf *buf, u8_t received_fcs);
150
151 int bt_mesh_virtual_addr(const u8_t virtual_label[16], u16_t *addr);
152
153 int bt_mesh_prov_conf_salt(const u8_t conf_inputs[145], u8_t salt[16]);
154
155 int bt_mesh_prov_conf_key(const u8_t dhkey[32], const u8_t conf_salt[16],
156 u8_t conf_key[16]);
157
158 int bt_mesh_prov_conf(const u8_t conf_key[16], const u8_t rand[16],
159 const u8_t auth[16], u8_t conf[16]);
160
161 int bt_mesh_prov_decrypt(const u8_t key[16], u8_t nonce[13],
162 const u8_t data[25 + 8], u8_t out[25]);
163
164 int bt_mesh_prov_encrypt(const u8_t key[16], u8_t nonce[13],
165 const u8_t data[25], u8_t out[25 + 8]);
166 #endif
167