1 /****************************************************************************** 2 * 3 * Copyright (C) 2008-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains the implementation of the SMP utility functions used 22 * by SMP. 23 * 24 ******************************************************************************/ 25 26 #include "bt_target.h" 27 28 #if SMP_INCLUDED == TRUE 29 #if SMP_DEBUG == TRUE 30 #include <stdio.h> 31 #endif 32 #include <string.h> 33 34 #include "btm_ble_api.h" 35 #include "smp_int.h" 36 #include "btm_int.h" 37 #include "btm_ble_int.h" 38 #include "hcimsgs.h" 39 #include "aes.h" 40 #ifndef SMP_MAX_ENC_REPEAT 41 #define SMP_MAX_ENC_REPEAT 3 42 #endif 43 44 static void smp_rand_back(tBTM_RAND_ENC *p); 45 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 46 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 47 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p); 48 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p); 49 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p); 50 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p); 51 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p); 52 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p); 53 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p); 54 55 static const tSMP_ACT smp_encrypt_action[] = 56 { 57 smp_generate_compare, /* SMP_GEN_COMPARE */ 58 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/ 59 smp_generate_stk, /* SMP_GEN_STK*/ 60 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */ 61 smp_generate_ltk, /* SMP_GEN_DIV_LTK */ 62 smp_generate_rand_vector, /* SMP_GEN_RAND_V */ 63 smp_generate_y, /* SMP_GEN_EDIV */ 64 smp_generate_passkey, /* SMP_GEN_TK */ 65 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */ 66 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */ 67 }; 68 69 70 #define SMP_PASSKEY_MASK 0xfff00000 71 72 #if SMP_DEBUG == TRUE 73 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len) 74 { 75 int i, x = 0; 76 UINT8 p_buf[100]; 77 memset(p_buf, 0, 100); 78 79 for (i = 0; i < len; i ++) 80 { 81 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]); 82 } 83 SMP_TRACE_WARNING2("%s(LSB ~ MSB) = %s", key_name, p_buf); 84 } 85 #else 86 #define smp_debug_print_nbyte_little_endian(p, key_name, len) 87 #endif 88 89 /******************************************************************************* 90 ** 91 ** Function smp_encrypt_data 92 ** 93 ** Description This function is called to generate passkey. 94 ** 95 ** Returns void 96 ** 97 *******************************************************************************/ 98 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len, 99 UINT8 *plain_text, UINT8 pt_len, 100 tSMP_ENC *p_out) 101 { 102 aes_context ctx; 103 UINT8 *p_start = NULL; 104 UINT8 *p = NULL; 105 UINT8 *p_rev_data = NULL; /* input data in big endilan format */ 106 UINT8 *p_rev_key = NULL; /* input key in big endilan format */ 107 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */ 108 109 SMP_TRACE_DEBUG0 ("smp_encrypt_data"); 110 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) ) 111 { 112 BTM_TRACE_ERROR0 ("smp_encrypt_data Failed"); 113 return(FALSE); 114 } 115 116 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL) 117 { 118 BTM_TRACE_ERROR0 ("smp_encrypt_data Failed unable to allocate buffer"); 119 return(FALSE); 120 } 121 122 if (pt_len > SMP_ENCRYT_DATA_SIZE) 123 pt_len = SMP_ENCRYT_DATA_SIZE; 124 125 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4); 126 p = p_start; 127 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */ 128 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */ 129 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */ 130 p_rev_key = p; /* start at byte 32 */ 131 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */ 132 133 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE); 134 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE); 135 p_rev_output = p; 136 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx); 137 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */ 138 139 p = p_out->param_buf; 140 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE); 141 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE); 142 143 p_out->param_len = SMP_ENCRYT_KEY_SIZE; 144 p_out->status = HCI_SUCCESS; 145 p_out->opcode = HCI_BLE_ENCRYPT; 146 147 GKI_freebuf(p_start); 148 149 return(TRUE); 150 } 151 152 153 /******************************************************************************* 154 ** 155 ** Function smp_generate_passkey 156 ** 157 ** Description This function is called to generate passkey. 158 ** 159 ** Returns void 160 ** 161 *******************************************************************************/ 162 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 163 { 164 SMP_TRACE_DEBUG0 ("smp_generate_passkey"); 165 p_cb->rand_enc_proc = SMP_GEN_TK; 166 167 /* generate MRand or SRand */ 168 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 169 smp_rand_back(NULL); 170 } 171 /******************************************************************************* 172 ** 173 ** Function smp_proc_passkey 174 ** 175 ** Description This function is called to process a passkey. 176 ** 177 ** Returns void 178 ** 179 *******************************************************************************/ 180 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p) 181 { 182 UINT8 *tt = p_cb->tk; 183 tSMP_KEY key; 184 UINT32 passkey; /* 19655 test number; */ 185 UINT8 *pp = p->param_buf; 186 187 SMP_TRACE_DEBUG0 ("smp_proc_passkey "); 188 STREAM_TO_UINT32(passkey, pp); 189 passkey &= ~SMP_PASSKEY_MASK; 190 191 /* truncate by maximum value */ 192 while (passkey > BTM_MAX_PASSKEY_VAL) 193 passkey >>= 1; 194 SMP_TRACE_ERROR1("Passkey generated = %d", passkey); 195 196 /* save the TK */ 197 memset(p_cb->tk, 0, BT_OCTET16_LEN); 198 UINT32_TO_STREAM(tt, passkey); 199 200 key.key_type = SMP_KEY_TYPE_TK; 201 key.p_data = p_cb->tk; 202 203 if (p_cb->p_callback) 204 { 205 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey); 206 } 207 208 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key); 209 } 210 211 212 /******************************************************************************* 213 ** 214 ** Function smp_generate_stk 215 ** 216 ** Description This function is called to generate STK calculated by running 217 ** AES with the TK value as key and a concatenation of the random 218 ** values. 219 ** 220 ** Returns void 221 ** 222 *******************************************************************************/ 223 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 224 { 225 BT_OCTET16 ptext; 226 UINT8 *p = ptext; 227 tSMP_ENC output; 228 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 229 230 SMP_TRACE_DEBUG0 ("smp_generate_stk "); 231 232 memset(p, 0, BT_OCTET16_LEN); 233 if (p_cb->role == HCI_ROLE_MASTER) 234 { 235 memcpy(p, p_cb->rand, BT_OCTET8_LEN); 236 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN); 237 } 238 else 239 { 240 memcpy(p, p_cb->rrand, BT_OCTET8_LEN); 241 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN); 242 } 243 244 /* generate STK = Etk(rand|rrand)*/ 245 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output)) 246 { 247 SMP_TRACE_ERROR0("smp_generate_stk failed"); 248 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 249 } 250 else 251 { 252 smp_process_stk(p_cb, &output); 253 } 254 255 } 256 /******************************************************************************* 257 ** 258 ** Function smp_generate_confirm 259 ** 260 ** Description This function is called to start the second pairing phase by 261 ** start generating initializer random number. 262 ** 263 ** 264 ** Returns void 265 ** 266 *******************************************************************************/ 267 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 268 { 269 SMP_TRACE_DEBUG0 ("smp_generate_confirm"); 270 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND; 271 /* generate MRand or SRand */ 272 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 273 smp_rand_back(NULL); 274 } 275 /******************************************************************************* 276 ** 277 ** Function smp_genenrate_rand_cont 278 ** 279 ** Description This function is called to generate another 64 bits random for 280 ** MRand or Srand. 281 ** 282 ** Returns void 283 ** 284 *******************************************************************************/ 285 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 286 { 287 SMP_TRACE_DEBUG0 ("smp_genenrate_rand_cont "); 288 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT; 289 /* generate 64 MSB of MRand or SRand */ 290 291 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 292 smp_rand_back(NULL); 293 } 294 /******************************************************************************* 295 ** 296 ** Function smp_generate_ltk 297 ** 298 ** Description This function is called to calculate LTK, starting with DIV 299 ** generation. 300 ** 301 ** 302 ** Returns void 303 ** 304 *******************************************************************************/ 305 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 306 { 307 BOOLEAN div_status; 308 309 SMP_TRACE_DEBUG0 ("smp_generate_ltk "); 310 311 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 312 313 if (div_status) 314 { 315 smp_genenrate_ltk_cont(p_cb, NULL); 316 } 317 else 318 { 319 SMP_TRACE_DEBUG0 ("Generate DIV for LTK"); 320 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK; 321 /* generate MRand or SRand */ 322 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 323 smp_rand_back(NULL); 324 } 325 } 326 327 328 /******************************************************************************* 329 ** 330 ** Function smp_compute_csrk 331 ** 332 ** Description This function is called to calculate CSRK 333 ** 334 ** 335 ** Returns void 336 ** 337 *******************************************************************************/ 338 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 339 { 340 BT_OCTET16 er; 341 UINT8 buffer[4]; /* for (r || DIV) r=1*/ 342 UINT16 r=1; 343 UINT8 *p=buffer; 344 tSMP_ENC output; 345 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 346 347 SMP_TRACE_DEBUG1 ("smp_compute_csrk div=%x", p_cb->div); 348 BTM_GetDeviceEncRoot(er); 349 /* CSRK = d1(ER, DIV, 1) */ 350 UINT16_TO_STREAM(p, p_cb->div); 351 UINT16_TO_STREAM(p, r); 352 353 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output)) 354 { 355 SMP_TRACE_ERROR0("smp_generate_csrk failed"); 356 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 357 } 358 else 359 { 360 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN); 361 smp_send_csrk_info(p_cb, NULL); 362 } 363 } 364 365 /******************************************************************************* 366 ** 367 ** Function smp_generate_csrk 368 ** 369 ** Description This function is called to calculate LTK, starting with DIV 370 ** generation. 371 ** 372 ** 373 ** Returns void 374 ** 375 *******************************************************************************/ 376 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 377 { 378 BOOLEAN div_status; 379 380 SMP_TRACE_DEBUG0 ("smp_generate_csrk"); 381 382 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 383 if (div_status) 384 { 385 smp_compute_csrk(p_cb, NULL); 386 } 387 else 388 { 389 SMP_TRACE_DEBUG0 ("Generate DIV for CSRK"); 390 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK; 391 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 392 smp_rand_back(NULL); 393 } 394 } 395 396 397 /******************************************************************************* 398 ** Function smp_concatenate_peer 399 ** add pairing command sent from local device into p1. 400 *******************************************************************************/ 401 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 402 { 403 UINT8 *p = *p_data; 404 405 SMP_TRACE_DEBUG0 ("smp_concatenate_local "); 406 UINT8_TO_STREAM(p, op_code); 407 UINT8_TO_STREAM(p, p_cb->loc_io_caps); 408 UINT8_TO_STREAM(p, p_cb->loc_oob_flag); 409 UINT8_TO_STREAM(p, p_cb->loc_auth_req); 410 UINT8_TO_STREAM(p, p_cb->loc_enc_size); 411 UINT8_TO_STREAM(p, p_cb->loc_i_key); 412 UINT8_TO_STREAM(p, p_cb->loc_r_key); 413 414 *p_data = p; 415 } 416 /******************************************************************************* 417 ** Function smp_concatenate_peer 418 ** add pairing command received from peer device into p1. 419 *******************************************************************************/ 420 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 421 { 422 UINT8 *p = *p_data; 423 424 SMP_TRACE_DEBUG0 ("smp_concatenate_peer "); 425 UINT8_TO_STREAM(p, op_code); 426 UINT8_TO_STREAM(p, p_cb->peer_io_caps); 427 UINT8_TO_STREAM(p, p_cb->peer_oob_flag); 428 UINT8_TO_STREAM(p, p_cb->peer_auth_req); 429 UINT8_TO_STREAM(p, p_cb->peer_enc_size); 430 UINT8_TO_STREAM(p, p_cb->peer_i_key); 431 UINT8_TO_STREAM(p, p_cb->peer_r_key); 432 433 *p_data = p; 434 } 435 /******************************************************************************* 436 ** 437 ** Function smp_gen_p1_4_confirm 438 ** 439 ** Description Generate Confirm/Compare Step1: 440 ** p1 = pres || preq || rat' || iat' 441 ** 442 ** Returns void 443 ** 444 *******************************************************************************/ 445 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1) 446 { 447 UINT8 *p = (UINT8 *)p1; 448 tBLE_ADDR_TYPE addr_type = 0; 449 BD_ADDR remote_bda; 450 451 SMP_TRACE_DEBUG0 ("smp_gen_p1_4_confirm"); 452 453 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 454 { 455 SMP_TRACE_ERROR0("can not generate confirm for unknown device"); 456 return; 457 } 458 459 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type); 460 461 if (p_cb->role == HCI_ROLE_MASTER) 462 { 463 /* LSB : rat': initiator's(local) address type */ 464 UINT8_TO_STREAM(p, p_cb->addr_type); 465 /* LSB : iat': responder's address type */ 466 UINT8_TO_STREAM(p, addr_type); 467 /* concatinate preq */ 468 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 469 /* concatinate pres */ 470 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 471 } 472 else 473 { 474 /* LSB : iat': initiator's address type */ 475 UINT8_TO_STREAM(p, addr_type); 476 /* LSB : rat': responder's(local) address type */ 477 UINT8_TO_STREAM(p, p_cb->addr_type); 478 /* concatinate preq */ 479 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 480 /* concatinate pres */ 481 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 482 } 483 #if SMP_DEBUG == TRUE 484 SMP_TRACE_DEBUG0("p1 = pres || preq || rat' || iat'"); 485 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16); 486 #endif 487 } 488 /******************************************************************************* 489 ** 490 ** Function smp_gen_p2_4_confirm 491 ** 492 ** Description Generate Confirm/Compare Step2: 493 ** p2 = padding || ia || ra 494 ** 495 ** Returns void 496 ** 497 *******************************************************************************/ 498 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2) 499 { 500 UINT8 *p = (UINT8 *)p2; 501 BD_ADDR remote_bda; 502 tBLE_ADDR_TYPE addr_type = 0; 503 504 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 505 { 506 SMP_TRACE_ERROR0("can not generate confirm p2 for unknown device"); 507 return; 508 } 509 510 SMP_TRACE_DEBUG0 ("smp_gen_p2_4_confirm"); 511 512 memset(p, 0, sizeof(BT_OCTET16)); 513 514 if (p_cb->role == HCI_ROLE_MASTER) 515 { 516 /* LSB ra */ 517 BDADDR_TO_STREAM(p, remote_bda); 518 /* ia */ 519 BDADDR_TO_STREAM(p, p_cb->local_bda); 520 } 521 else 522 { 523 /* LSB ra */ 524 BDADDR_TO_STREAM(p, p_cb->local_bda); 525 /* ia */ 526 BDADDR_TO_STREAM(p, remote_bda); 527 } 528 #if SMP_DEBUG == TRUE 529 SMP_TRACE_DEBUG0("p2 = padding || ia || ra"); 530 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16); 531 #endif 532 } 533 /******************************************************************************* 534 ** 535 ** Function smp_calculate_comfirm 536 ** 537 ** Description This function is called to calculate Confirm value. 538 ** 539 ** Returns void 540 ** 541 *******************************************************************************/ 542 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda) 543 { 544 BT_OCTET16 p1; 545 tSMP_ENC output; 546 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 547 548 SMP_TRACE_DEBUG0 ("smp_calculate_comfirm "); 549 /* generate p1 = pres || preq || rat' || iat' */ 550 smp_gen_p1_4_confirm(p_cb, p1); 551 552 /* p1 = rand XOR p1 */ 553 smp_xor_128(p1, rand); 554 555 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16); 556 557 /* calculate e(k, r XOR p1), where k = TK */ 558 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output)) 559 { 560 SMP_TRACE_ERROR0("smp_generate_csrk failed"); 561 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 562 } 563 else 564 { 565 smp_calculate_comfirm_cont(p_cb, &output); 566 } 567 } 568 /******************************************************************************* 569 ** 570 ** Function smp_calculate_comfirm_cont 571 ** 572 ** Description This function is called when SConfirm/MConfirm is generated 573 ** proceed to send the Confirm request/response to peer device. 574 ** 575 ** Returns void 576 ** 577 *******************************************************************************/ 578 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p) 579 { 580 BT_OCTET16 p2; 581 tSMP_ENC output; 582 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 583 584 SMP_TRACE_DEBUG0 ("smp_calculate_comfirm_cont "); 585 #if SMP_DEBUG == TRUE 586 SMP_TRACE_DEBUG0("Confirm step 1 p1' = e(k, r XOR p1) Generated"); 587 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16); 588 #endif 589 590 smp_gen_p2_4_confirm(p_cb, p2); 591 592 /* calculate p2 = (p1' XOR p2) */ 593 smp_xor_128(p2, p->param_buf); 594 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16); 595 596 /* calculate: Confirm = E(k, p1' XOR p2) */ 597 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output)) 598 { 599 SMP_TRACE_ERROR0("smp_calculate_comfirm_cont failed"); 600 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 601 } 602 else 603 { 604 switch (p_cb->rand_enc_proc) 605 { 606 case SMP_GEN_CONFIRM: 607 smp_process_confirm(p_cb, &output); 608 break; 609 610 case SMP_GEN_COMPARE: 611 smp_process_compare(p_cb, &output); 612 break; 613 } 614 } 615 } 616 /******************************************************************************* 617 ** 618 ** Function smp_genenrate_confirm 619 ** 620 ** Description This function is called when a 48 bits random number is generated 621 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm. 622 ** 623 ** Returns void 624 ** 625 *******************************************************************************/ 626 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 627 { 628 SMP_TRACE_DEBUG0 ("smp_genenrate_confirm "); 629 p_cb->rand_enc_proc = SMP_GEN_CONFIRM; 630 631 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16); 632 633 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda); 634 } 635 /******************************************************************************* 636 ** 637 ** Function smp_generate_compare 638 ** 639 ** Description This function is called to generate SConfirm for Slave device, 640 ** or MSlave for Master device. This function can be also used for 641 ** generating Compare number for confirm value check. 642 ** 643 ** Returns void 644 ** 645 *******************************************************************************/ 646 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 647 { 648 SMP_TRACE_DEBUG0 ("smp_generate_compare "); 649 p_cb->rand_enc_proc = SMP_GEN_COMPARE; 650 651 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16); 652 653 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda); 654 } 655 /******************************************************************************* 656 ** 657 ** Function smp_process_confirm 658 ** 659 ** Description This function is called when SConfirm/MConfirm is generated 660 ** proceed to send the Confirm request/response to peer device. 661 ** 662 ** Returns void 663 ** 664 *******************************************************************************/ 665 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p) 666 { 667 tSMP_KEY key; 668 669 SMP_TRACE_DEBUG0 ("smp_process_confirm "); 670 #if SMP_CONFORMANCE_TESTING == TRUE 671 if (p_cb->enable_test_confirm_val) 672 { 673 BTM_TRACE_DEBUG0 ("Use confirm value from script"); 674 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN); 675 } 676 else 677 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 678 #else 679 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 680 #endif 681 682 683 #if (SMP_DEBUG == TRUE) 684 SMP_TRACE_DEBUG0("Confirm Generated"); 685 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16); 686 #endif 687 688 key.key_type = SMP_KEY_TYPE_CFM; 689 key.p_data = p->param_buf; 690 691 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 692 } 693 /******************************************************************************* 694 ** 695 ** Function smp_process_compare 696 ** 697 ** Description This function is called when Compare is generated using the 698 ** RRand and local BDA, TK information. 699 ** 700 ** Returns void 701 ** 702 *******************************************************************************/ 703 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p) 704 { 705 tSMP_KEY key; 706 707 SMP_TRACE_DEBUG0 ("smp_process_compare "); 708 #if (SMP_DEBUG == TRUE) 709 SMP_TRACE_DEBUG0("Compare Generated"); 710 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16); 711 #endif 712 key.key_type = SMP_KEY_TYPE_CMP; 713 key.p_data = p->param_buf; 714 715 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 716 } 717 718 /******************************************************************************* 719 ** 720 ** Function smp_process_stk 721 ** 722 ** Description This function is called when STK is generated 723 ** proceed to send the encrypt the link using STK. 724 ** 725 ** Returns void 726 ** 727 *******************************************************************************/ 728 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p) 729 { 730 tSMP_KEY key; 731 732 SMP_TRACE_DEBUG0 ("smp_process_stk "); 733 #if (SMP_DEBUG == TRUE) 734 SMP_TRACE_ERROR0("STK Generated"); 735 #endif 736 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf); 737 738 key.key_type = SMP_KEY_TYPE_STK; 739 key.p_data = p->param_buf; 740 741 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 742 } 743 744 /******************************************************************************* 745 ** 746 ** Function smp_genenrate_ltk_cont 747 ** 748 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV) 749 ** 750 ** Returns void 751 ** 752 *******************************************************************************/ 753 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 754 { 755 BT_OCTET16 er; 756 tSMP_ENC output; 757 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 758 759 SMP_TRACE_DEBUG0 ("smp_genenrate_ltk_cont "); 760 BTM_GetDeviceEncRoot(er); 761 762 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/ 763 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div, 764 sizeof(UINT16), &output)) 765 { 766 SMP_TRACE_ERROR0("smp_genenrate_ltk_cont failed"); 767 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 768 } 769 else 770 { 771 /* mask the LTK */ 772 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf); 773 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN); 774 smp_generate_rand_vector(p_cb, NULL); 775 } 776 777 } 778 779 /******************************************************************************* 780 ** 781 ** Function smp_generate_y 782 ** 783 ** Description This function is to proceed generate Y = E(DHK, Rand) 784 ** 785 ** Returns void 786 ** 787 *******************************************************************************/ 788 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p) 789 { 790 BT_OCTET16 dhk; 791 tSMP_ENC output; 792 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 793 794 795 SMP_TRACE_DEBUG0 ("smp_generate_y "); 796 BTM_GetDeviceDHK(dhk); 797 798 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand, 799 BT_OCTET8_LEN, &output)) 800 { 801 SMP_TRACE_ERROR0("smp_generate_y failed"); 802 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 803 } 804 else 805 { 806 smp_process_ediv(p_cb, &output); 807 } 808 } 809 /******************************************************************************* 810 ** 811 ** Function smp_generate_rand_vector 812 ** 813 ** Description This function is called when LTK is generated, send state machine 814 ** event to SMP. 815 ** 816 ** Returns void 817 ** 818 *******************************************************************************/ 819 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p) 820 { 821 /* generate EDIV and rand now */ 822 /* generate random vector */ 823 SMP_TRACE_DEBUG0 ("smp_generate_rand_vector "); 824 p_cb->rand_enc_proc = SMP_GEN_RAND_V; 825 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 826 smp_rand_back(NULL); 827 828 } 829 /******************************************************************************* 830 ** 831 ** Function smp_genenrate_smp_process_edivltk_cont 832 ** 833 ** Description This function is to calculate EDIV = Y xor DIV 834 ** 835 ** Returns void 836 ** 837 *******************************************************************************/ 838 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p) 839 { 840 tSMP_KEY key; 841 UINT8 *pp= p->param_buf; 842 UINT16 y; 843 844 SMP_TRACE_DEBUG0 ("smp_process_ediv "); 845 STREAM_TO_UINT16(y, pp); 846 847 /* EDIV = Y xor DIV */ 848 p_cb->ediv = p_cb->div ^ y; 849 /* send LTK ready */ 850 SMP_TRACE_ERROR0("LTK ready"); 851 key.key_type = SMP_KEY_TYPE_LTK; 852 key.p_data = p->param_buf; 853 854 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 855 } 856 857 /******************************************************************************* 858 ** 859 ** Function smp_rand_back 860 ** 861 ** Description This function is to process the rand command finished, 862 ** process the random/encrypted number for further action. 863 ** 864 ** Returns void 865 ** 866 *******************************************************************************/ 867 static void smp_rand_back(tBTM_RAND_ENC *p) 868 { 869 tSMP_CB *p_cb = &smp_cb; 870 UINT8 *pp = p->param_buf; 871 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN; 872 UINT8 state = p_cb->rand_enc_proc & ~0x80; 873 874 SMP_TRACE_DEBUG1 ("smp_rand_back state=0x%x", state); 875 if (p && p->status == HCI_SUCCESS) 876 { 877 switch (state) 878 { 879 880 case SMP_GEN_SRAND_MRAND: 881 memcpy((void *)p_cb->rand, p->param_buf, p->param_len); 882 smp_genenrate_rand_cont(p_cb, NULL); 883 break; 884 885 case SMP_GEN_SRAND_MRAND_CONT: 886 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len); 887 smp_genenrate_confirm(p_cb, NULL); 888 break; 889 890 case SMP_GEN_DIV_LTK: 891 STREAM_TO_UINT16(p_cb->div, pp); 892 smp_genenrate_ltk_cont(p_cb, NULL); 893 break; 894 895 case SMP_GEN_DIV_CSRK: 896 STREAM_TO_UINT16(p_cb->div, pp); 897 smp_compute_csrk(p_cb, NULL); 898 break; 899 900 case SMP_GEN_TK: 901 smp_proc_passkey(p_cb, p); 902 break; 903 904 case SMP_GEN_RAND_V: 905 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN); 906 smp_generate_y(p_cb, NULL); 907 break; 908 909 } 910 911 return; 912 } 913 914 SMP_TRACE_ERROR1("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc); 915 916 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure); 917 918 } 919 #endif 920 921
