1 /****************************************************************************** 2 * 3 * Copyright (C) 2008-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains the implementation of the SMP utility functions used 22 * by SMP. 23 * 24 ******************************************************************************/ 25 26 #include "bt_target.h" 27 #include "bt_utils.h" 28 29 #if SMP_INCLUDED == TRUE 30 #if SMP_DEBUG == TRUE 31 #include <stdio.h> 32 #endif 33 #include <string.h> 34 35 #include "btm_ble_api.h" 36 #include "smp_int.h" 37 #include "btm_int.h" 38 #include "btm_ble_int.h" 39 #include "hcimsgs.h" 40 #include "aes.h" 41 #ifndef SMP_MAX_ENC_REPEAT 42 #define SMP_MAX_ENC_REPEAT 3 43 #endif 44 45 static void smp_rand_back(tBTM_RAND_ENC *p); 46 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 47 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 48 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p); 49 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p); 50 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p); 51 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p); 52 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p); 53 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p); 54 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p); 55 56 static const tSMP_ACT smp_encrypt_action[] = 57 { 58 smp_generate_compare, /* SMP_GEN_COMPARE */ 59 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/ 60 smp_generate_stk, /* SMP_GEN_STK*/ 61 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */ 62 smp_generate_ltk, /* SMP_GEN_DIV_LTK */ 63 smp_generate_rand_vector, /* SMP_GEN_RAND_V */ 64 smp_generate_y, /* SMP_GEN_EDIV */ 65 smp_generate_passkey, /* SMP_GEN_TK */ 66 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */ 67 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */ 68 }; 69 70 71 #define SMP_PASSKEY_MASK 0xfff00000 72 73 #if SMP_DEBUG == TRUE 74 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len) 75 { 76 int i, x = 0; 77 UINT8 p_buf[100]; 78 memset(p_buf, 0, 100); 79 80 for (i = 0; i < len; i ++) 81 { 82 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]); 83 } 84 SMP_TRACE_WARNING("%s(LSB ~ MSB) = %s", key_name, p_buf); 85 } 86 #else 87 #define smp_debug_print_nbyte_little_endian(p, key_name, len) 88 #endif 89 90 /******************************************************************************* 91 ** 92 ** Function smp_encrypt_data 93 ** 94 ** Description This function is called to generate passkey. 95 ** 96 ** Returns void 97 ** 98 *******************************************************************************/ 99 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len, 100 UINT8 *plain_text, UINT8 pt_len, 101 tSMP_ENC *p_out) 102 { 103 aes_context ctx; 104 UINT8 *p_start = NULL; 105 UINT8 *p = NULL; 106 UINT8 *p_rev_data = NULL; /* input data in big endilan format */ 107 UINT8 *p_rev_key = NULL; /* input key in big endilan format */ 108 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */ 109 110 SMP_TRACE_DEBUG ("smp_encrypt_data"); 111 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) ) 112 { 113 BTM_TRACE_ERROR ("smp_encrypt_data Failed"); 114 return(FALSE); 115 } 116 117 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL) 118 { 119 BTM_TRACE_ERROR ("smp_encrypt_data Failed unable to allocate buffer"); 120 return(FALSE); 121 } 122 123 if (pt_len > SMP_ENCRYT_DATA_SIZE) 124 pt_len = SMP_ENCRYT_DATA_SIZE; 125 126 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4); 127 p = p_start; 128 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */ 129 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */ 130 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */ 131 p_rev_key = p; /* start at byte 32 */ 132 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */ 133 134 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE); 135 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE); 136 p_rev_output = p; 137 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx); 138 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */ 139 140 p = p_out->param_buf; 141 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE); 142 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE); 143 144 p_out->param_len = SMP_ENCRYT_KEY_SIZE; 145 p_out->status = HCI_SUCCESS; 146 p_out->opcode = HCI_BLE_ENCRYPT; 147 148 GKI_freebuf(p_start); 149 150 return(TRUE); 151 } 152 153 154 /******************************************************************************* 155 ** 156 ** Function smp_generate_passkey 157 ** 158 ** Description This function is called to generate passkey. 159 ** 160 ** Returns void 161 ** 162 *******************************************************************************/ 163 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 164 { 165 UNUSED(p_data); 166 167 SMP_TRACE_DEBUG ("smp_generate_passkey"); 168 p_cb->rand_enc_proc = SMP_GEN_TK; 169 170 /* generate MRand or SRand */ 171 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 172 smp_rand_back(NULL); 173 } 174 /******************************************************************************* 175 ** 176 ** Function smp_proc_passkey 177 ** 178 ** Description This function is called to process a passkey. 179 ** 180 ** Returns void 181 ** 182 *******************************************************************************/ 183 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p) 184 { 185 UINT8 *tt = p_cb->tk; 186 tSMP_KEY key; 187 UINT32 passkey; /* 19655 test number; */ 188 UINT8 *pp = p->param_buf; 189 190 SMP_TRACE_DEBUG ("smp_proc_passkey "); 191 STREAM_TO_UINT32(passkey, pp); 192 passkey &= ~SMP_PASSKEY_MASK; 193 194 /* truncate by maximum value */ 195 while (passkey > BTM_MAX_PASSKEY_VAL) 196 passkey >>= 1; 197 SMP_TRACE_ERROR("Passkey generated = %d", passkey); 198 199 /* save the TK */ 200 memset(p_cb->tk, 0, BT_OCTET16_LEN); 201 UINT32_TO_STREAM(tt, passkey); 202 203 key.key_type = SMP_KEY_TYPE_TK; 204 key.p_data = p_cb->tk; 205 206 if (p_cb->p_callback) 207 { 208 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey); 209 } 210 211 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key); 212 } 213 214 215 /******************************************************************************* 216 ** 217 ** Function smp_generate_stk 218 ** 219 ** Description This function is called to generate STK calculated by running 220 ** AES with the TK value as key and a concatenation of the random 221 ** values. 222 ** 223 ** Returns void 224 ** 225 *******************************************************************************/ 226 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 227 { 228 BT_OCTET16 ptext; 229 UINT8 *p = ptext; 230 tSMP_ENC output; 231 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 232 UNUSED(p_data); 233 234 SMP_TRACE_DEBUG ("smp_generate_stk "); 235 236 memset(p, 0, BT_OCTET16_LEN); 237 if (p_cb->role == HCI_ROLE_MASTER) 238 { 239 memcpy(p, p_cb->rand, BT_OCTET8_LEN); 240 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN); 241 } 242 else 243 { 244 memcpy(p, p_cb->rrand, BT_OCTET8_LEN); 245 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN); 246 } 247 248 /* generate STK = Etk(rand|rrand)*/ 249 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output)) 250 { 251 SMP_TRACE_ERROR("smp_generate_stk failed"); 252 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 253 } 254 else 255 { 256 smp_process_stk(p_cb, &output); 257 } 258 259 } 260 /******************************************************************************* 261 ** 262 ** Function smp_generate_confirm 263 ** 264 ** Description This function is called to start the second pairing phase by 265 ** start generating initializer random number. 266 ** 267 ** 268 ** Returns void 269 ** 270 *******************************************************************************/ 271 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 272 { 273 UNUSED(p_data); 274 275 SMP_TRACE_DEBUG ("smp_generate_confirm"); 276 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND; 277 /* generate MRand or SRand */ 278 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 279 smp_rand_back(NULL); 280 } 281 /******************************************************************************* 282 ** 283 ** Function smp_genenrate_rand_cont 284 ** 285 ** Description This function is called to generate another 64 bits random for 286 ** MRand or Srand. 287 ** 288 ** Returns void 289 ** 290 *******************************************************************************/ 291 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 292 { 293 UNUSED(p_data); 294 295 SMP_TRACE_DEBUG ("smp_genenrate_rand_cont "); 296 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT; 297 /* generate 64 MSB of MRand or SRand */ 298 299 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 300 smp_rand_back(NULL); 301 } 302 /******************************************************************************* 303 ** 304 ** Function smp_generate_ltk 305 ** 306 ** Description This function is called to calculate LTK, starting with DIV 307 ** generation. 308 ** 309 ** 310 ** Returns void 311 ** 312 *******************************************************************************/ 313 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 314 { 315 BOOLEAN div_status; 316 UNUSED(p_data); 317 318 SMP_TRACE_DEBUG ("smp_generate_ltk "); 319 320 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 321 322 if (div_status) 323 { 324 smp_genenrate_ltk_cont(p_cb, NULL); 325 } 326 else 327 { 328 SMP_TRACE_DEBUG ("Generate DIV for LTK"); 329 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK; 330 /* generate MRand or SRand */ 331 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 332 smp_rand_back(NULL); 333 } 334 } 335 336 337 /******************************************************************************* 338 ** 339 ** Function smp_compute_csrk 340 ** 341 ** Description This function is called to calculate CSRK 342 ** 343 ** 344 ** Returns void 345 ** 346 *******************************************************************************/ 347 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 348 { 349 BT_OCTET16 er; 350 UINT8 buffer[4]; /* for (r || DIV) r=1*/ 351 UINT16 r=1; 352 UINT8 *p=buffer; 353 tSMP_ENC output; 354 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 355 UNUSED(p_data); 356 357 SMP_TRACE_DEBUG ("smp_compute_csrk div=%x", p_cb->div); 358 BTM_GetDeviceEncRoot(er); 359 /* CSRK = d1(ER, DIV, 1) */ 360 UINT16_TO_STREAM(p, p_cb->div); 361 UINT16_TO_STREAM(p, r); 362 363 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output)) 364 { 365 SMP_TRACE_ERROR("smp_generate_csrk failed"); 366 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 367 } 368 else 369 { 370 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN); 371 smp_send_csrk_info(p_cb, NULL); 372 } 373 } 374 375 /******************************************************************************* 376 ** 377 ** Function smp_generate_csrk 378 ** 379 ** Description This function is called to calculate LTK, starting with DIV 380 ** generation. 381 ** 382 ** 383 ** Returns void 384 ** 385 *******************************************************************************/ 386 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 387 { 388 BOOLEAN div_status; 389 UNUSED(p_data); 390 391 SMP_TRACE_DEBUG ("smp_generate_csrk"); 392 393 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 394 if (div_status) 395 { 396 smp_compute_csrk(p_cb, NULL); 397 } 398 else 399 { 400 SMP_TRACE_DEBUG ("Generate DIV for CSRK"); 401 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK; 402 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 403 smp_rand_back(NULL); 404 } 405 } 406 407 408 /******************************************************************************* 409 ** Function smp_concatenate_peer 410 ** add pairing command sent from local device into p1. 411 *******************************************************************************/ 412 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 413 { 414 UINT8 *p = *p_data; 415 416 SMP_TRACE_DEBUG ("smp_concatenate_local "); 417 UINT8_TO_STREAM(p, op_code); 418 UINT8_TO_STREAM(p, p_cb->loc_io_caps); 419 UINT8_TO_STREAM(p, p_cb->loc_oob_flag); 420 UINT8_TO_STREAM(p, p_cb->loc_auth_req); 421 UINT8_TO_STREAM(p, p_cb->loc_enc_size); 422 UINT8_TO_STREAM(p, p_cb->loc_i_key); 423 UINT8_TO_STREAM(p, p_cb->loc_r_key); 424 425 *p_data = p; 426 } 427 /******************************************************************************* 428 ** Function smp_concatenate_peer 429 ** add pairing command received from peer device into p1. 430 *******************************************************************************/ 431 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 432 { 433 UINT8 *p = *p_data; 434 435 SMP_TRACE_DEBUG ("smp_concatenate_peer "); 436 UINT8_TO_STREAM(p, op_code); 437 UINT8_TO_STREAM(p, p_cb->peer_io_caps); 438 UINT8_TO_STREAM(p, p_cb->peer_oob_flag); 439 UINT8_TO_STREAM(p, p_cb->peer_auth_req); 440 UINT8_TO_STREAM(p, p_cb->peer_enc_size); 441 UINT8_TO_STREAM(p, p_cb->peer_i_key); 442 UINT8_TO_STREAM(p, p_cb->peer_r_key); 443 444 *p_data = p; 445 } 446 /******************************************************************************* 447 ** 448 ** Function smp_gen_p1_4_confirm 449 ** 450 ** Description Generate Confirm/Compare Step1: 451 ** p1 = pres || preq || rat' || iat' 452 ** 453 ** Returns void 454 ** 455 *******************************************************************************/ 456 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1) 457 { 458 UINT8 *p = (UINT8 *)p1; 459 tBLE_ADDR_TYPE addr_type = 0; 460 BD_ADDR remote_bda; 461 462 SMP_TRACE_DEBUG ("smp_gen_p1_4_confirm"); 463 464 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 465 { 466 SMP_TRACE_ERROR("can not generate confirm for unknown device"); 467 return; 468 } 469 470 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type); 471 472 if (p_cb->role == HCI_ROLE_MASTER) 473 { 474 /* LSB : rat': initiator's(local) address type */ 475 UINT8_TO_STREAM(p, p_cb->addr_type); 476 /* LSB : iat': responder's address type */ 477 UINT8_TO_STREAM(p, addr_type); 478 /* concatinate preq */ 479 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 480 /* concatinate pres */ 481 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 482 } 483 else 484 { 485 /* LSB : iat': initiator's address type */ 486 UINT8_TO_STREAM(p, addr_type); 487 /* LSB : rat': responder's(local) address type */ 488 UINT8_TO_STREAM(p, p_cb->addr_type); 489 /* concatinate preq */ 490 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 491 /* concatinate pres */ 492 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 493 } 494 #if SMP_DEBUG == TRUE 495 SMP_TRACE_DEBUG("p1 = pres || preq || rat' || iat'"); 496 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16); 497 #endif 498 } 499 /******************************************************************************* 500 ** 501 ** Function smp_gen_p2_4_confirm 502 ** 503 ** Description Generate Confirm/Compare Step2: 504 ** p2 = padding || ia || ra 505 ** 506 ** Returns void 507 ** 508 *******************************************************************************/ 509 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2) 510 { 511 UINT8 *p = (UINT8 *)p2; 512 BD_ADDR remote_bda; 513 tBLE_ADDR_TYPE addr_type = 0; 514 515 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 516 { 517 SMP_TRACE_ERROR("can not generate confirm p2 for unknown device"); 518 return; 519 } 520 521 SMP_TRACE_DEBUG ("smp_gen_p2_4_confirm"); 522 523 memset(p, 0, sizeof(BT_OCTET16)); 524 525 if (p_cb->role == HCI_ROLE_MASTER) 526 { 527 /* LSB ra */ 528 BDADDR_TO_STREAM(p, remote_bda); 529 /* ia */ 530 BDADDR_TO_STREAM(p, p_cb->local_bda); 531 } 532 else 533 { 534 /* LSB ra */ 535 BDADDR_TO_STREAM(p, p_cb->local_bda); 536 /* ia */ 537 BDADDR_TO_STREAM(p, remote_bda); 538 } 539 #if SMP_DEBUG == TRUE 540 SMP_TRACE_DEBUG("p2 = padding || ia || ra"); 541 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16); 542 #endif 543 } 544 /******************************************************************************* 545 ** 546 ** Function smp_calculate_comfirm 547 ** 548 ** Description This function is called to calculate Confirm value. 549 ** 550 ** Returns void 551 ** 552 *******************************************************************************/ 553 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda) 554 { 555 BT_OCTET16 p1; 556 tSMP_ENC output; 557 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 558 UNUSED(bda); 559 560 SMP_TRACE_DEBUG ("smp_calculate_comfirm "); 561 /* generate p1 = pres || preq || rat' || iat' */ 562 smp_gen_p1_4_confirm(p_cb, p1); 563 564 /* p1 = rand XOR p1 */ 565 smp_xor_128(p1, rand); 566 567 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16); 568 569 /* calculate e(k, r XOR p1), where k = TK */ 570 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output)) 571 { 572 SMP_TRACE_ERROR("smp_generate_csrk failed"); 573 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 574 } 575 else 576 { 577 smp_calculate_comfirm_cont(p_cb, &output); 578 } 579 } 580 /******************************************************************************* 581 ** 582 ** Function smp_calculate_comfirm_cont 583 ** 584 ** Description This function is called when SConfirm/MConfirm is generated 585 ** proceed to send the Confirm request/response to peer device. 586 ** 587 ** Returns void 588 ** 589 *******************************************************************************/ 590 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p) 591 { 592 BT_OCTET16 p2; 593 tSMP_ENC output; 594 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 595 596 SMP_TRACE_DEBUG ("smp_calculate_comfirm_cont "); 597 #if SMP_DEBUG == TRUE 598 SMP_TRACE_DEBUG("Confirm step 1 p1' = e(k, r XOR p1) Generated"); 599 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16); 600 #endif 601 602 smp_gen_p2_4_confirm(p_cb, p2); 603 604 /* calculate p2 = (p1' XOR p2) */ 605 smp_xor_128(p2, p->param_buf); 606 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16); 607 608 /* calculate: Confirm = E(k, p1' XOR p2) */ 609 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output)) 610 { 611 SMP_TRACE_ERROR("smp_calculate_comfirm_cont failed"); 612 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 613 } 614 else 615 { 616 switch (p_cb->rand_enc_proc) 617 { 618 case SMP_GEN_CONFIRM: 619 smp_process_confirm(p_cb, &output); 620 break; 621 622 case SMP_GEN_COMPARE: 623 smp_process_compare(p_cb, &output); 624 break; 625 } 626 } 627 } 628 /******************************************************************************* 629 ** 630 ** Function smp_genenrate_confirm 631 ** 632 ** Description This function is called when a 48 bits random number is generated 633 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm. 634 ** 635 ** Returns void 636 ** 637 *******************************************************************************/ 638 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 639 { 640 UNUSED(p_data); 641 642 SMP_TRACE_DEBUG ("smp_genenrate_confirm "); 643 p_cb->rand_enc_proc = SMP_GEN_CONFIRM; 644 645 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16); 646 647 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda); 648 } 649 /******************************************************************************* 650 ** 651 ** Function smp_generate_compare 652 ** 653 ** Description This function is called to generate SConfirm for Slave device, 654 ** or MSlave for Master device. This function can be also used for 655 ** generating Compare number for confirm value check. 656 ** 657 ** Returns void 658 ** 659 *******************************************************************************/ 660 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 661 { 662 UNUSED(p_data); 663 664 SMP_TRACE_DEBUG ("smp_generate_compare "); 665 p_cb->rand_enc_proc = SMP_GEN_COMPARE; 666 667 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16); 668 669 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda); 670 } 671 /******************************************************************************* 672 ** 673 ** Function smp_process_confirm 674 ** 675 ** Description This function is called when SConfirm/MConfirm is generated 676 ** proceed to send the Confirm request/response to peer device. 677 ** 678 ** Returns void 679 ** 680 *******************************************************************************/ 681 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p) 682 { 683 tSMP_KEY key; 684 685 SMP_TRACE_DEBUG ("smp_process_confirm "); 686 #if SMP_CONFORMANCE_TESTING == TRUE 687 if (p_cb->enable_test_confirm_val) 688 { 689 BTM_TRACE_DEBUG ("Use confirm value from script"); 690 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN); 691 } 692 else 693 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 694 #else 695 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 696 #endif 697 698 699 #if (SMP_DEBUG == TRUE) 700 SMP_TRACE_DEBUG("Confirm Generated"); 701 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16); 702 #endif 703 704 key.key_type = SMP_KEY_TYPE_CFM; 705 key.p_data = p->param_buf; 706 707 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 708 } 709 /******************************************************************************* 710 ** 711 ** Function smp_process_compare 712 ** 713 ** Description This function is called when Compare is generated using the 714 ** RRand and local BDA, TK information. 715 ** 716 ** Returns void 717 ** 718 *******************************************************************************/ 719 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p) 720 { 721 tSMP_KEY key; 722 723 SMP_TRACE_DEBUG ("smp_process_compare "); 724 #if (SMP_DEBUG == TRUE) 725 SMP_TRACE_DEBUG("Compare Generated"); 726 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16); 727 #endif 728 key.key_type = SMP_KEY_TYPE_CMP; 729 key.p_data = p->param_buf; 730 731 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 732 } 733 734 /******************************************************************************* 735 ** 736 ** Function smp_process_stk 737 ** 738 ** Description This function is called when STK is generated 739 ** proceed to send the encrypt the link using STK. 740 ** 741 ** Returns void 742 ** 743 *******************************************************************************/ 744 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p) 745 { 746 tSMP_KEY key; 747 748 SMP_TRACE_DEBUG ("smp_process_stk "); 749 #if (SMP_DEBUG == TRUE) 750 SMP_TRACE_ERROR("STK Generated"); 751 #endif 752 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf); 753 754 key.key_type = SMP_KEY_TYPE_STK; 755 key.p_data = p->param_buf; 756 757 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 758 } 759 760 /******************************************************************************* 761 ** 762 ** Function smp_genenrate_ltk_cont 763 ** 764 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV) 765 ** 766 ** Returns void 767 ** 768 *******************************************************************************/ 769 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 770 { 771 BT_OCTET16 er; 772 tSMP_ENC output; 773 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 774 UNUSED(p_data); 775 776 SMP_TRACE_DEBUG ("smp_genenrate_ltk_cont "); 777 BTM_GetDeviceEncRoot(er); 778 779 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/ 780 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div, 781 sizeof(UINT16), &output)) 782 { 783 SMP_TRACE_ERROR("smp_genenrate_ltk_cont failed"); 784 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 785 } 786 else 787 { 788 /* mask the LTK */ 789 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf); 790 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN); 791 smp_generate_rand_vector(p_cb, NULL); 792 } 793 794 } 795 796 /******************************************************************************* 797 ** 798 ** Function smp_generate_y 799 ** 800 ** Description This function is to proceed generate Y = E(DHK, Rand) 801 ** 802 ** Returns void 803 ** 804 *******************************************************************************/ 805 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p) 806 { 807 BT_OCTET16 dhk; 808 tSMP_ENC output; 809 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 810 UNUSED(p); 811 812 SMP_TRACE_DEBUG ("smp_generate_y "); 813 BTM_GetDeviceDHK(dhk); 814 815 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand, 816 BT_OCTET8_LEN, &output)) 817 { 818 SMP_TRACE_ERROR("smp_generate_y failed"); 819 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 820 } 821 else 822 { 823 smp_process_ediv(p_cb, &output); 824 } 825 } 826 /******************************************************************************* 827 ** 828 ** Function smp_generate_rand_vector 829 ** 830 ** Description This function is called when LTK is generated, send state machine 831 ** event to SMP. 832 ** 833 ** Returns void 834 ** 835 *******************************************************************************/ 836 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p) 837 { 838 UNUSED(p); 839 840 /* generate EDIV and rand now */ 841 /* generate random vector */ 842 SMP_TRACE_DEBUG ("smp_generate_rand_vector "); 843 p_cb->rand_enc_proc = SMP_GEN_RAND_V; 844 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 845 smp_rand_back(NULL); 846 847 } 848 /******************************************************************************* 849 ** 850 ** Function smp_genenrate_smp_process_edivltk_cont 851 ** 852 ** Description This function is to calculate EDIV = Y xor DIV 853 ** 854 ** Returns void 855 ** 856 *******************************************************************************/ 857 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p) 858 { 859 tSMP_KEY key; 860 UINT8 *pp= p->param_buf; 861 UINT16 y; 862 863 SMP_TRACE_DEBUG ("smp_process_ediv "); 864 STREAM_TO_UINT16(y, pp); 865 866 /* EDIV = Y xor DIV */ 867 p_cb->ediv = p_cb->div ^ y; 868 /* send LTK ready */ 869 SMP_TRACE_ERROR("LTK ready"); 870 key.key_type = SMP_KEY_TYPE_LTK; 871 key.p_data = p->param_buf; 872 873 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 874 } 875 876 /******************************************************************************* 877 ** 878 ** Function smp_rand_back 879 ** 880 ** Description This function is to process the rand command finished, 881 ** process the random/encrypted number for further action. 882 ** 883 ** Returns void 884 ** 885 *******************************************************************************/ 886 static void smp_rand_back(tBTM_RAND_ENC *p) 887 { 888 tSMP_CB *p_cb = &smp_cb; 889 UINT8 *pp = p->param_buf; 890 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN; 891 UINT8 state = p_cb->rand_enc_proc & ~0x80; 892 893 SMP_TRACE_DEBUG ("smp_rand_back state=0x%x", state); 894 if (p && p->status == HCI_SUCCESS) 895 { 896 switch (state) 897 { 898 899 case SMP_GEN_SRAND_MRAND: 900 memcpy((void *)p_cb->rand, p->param_buf, p->param_len); 901 smp_genenrate_rand_cont(p_cb, NULL); 902 break; 903 904 case SMP_GEN_SRAND_MRAND_CONT: 905 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len); 906 smp_genenrate_confirm(p_cb, NULL); 907 break; 908 909 case SMP_GEN_DIV_LTK: 910 STREAM_TO_UINT16(p_cb->div, pp); 911 smp_genenrate_ltk_cont(p_cb, NULL); 912 break; 913 914 case SMP_GEN_DIV_CSRK: 915 STREAM_TO_UINT16(p_cb->div, pp); 916 smp_compute_csrk(p_cb, NULL); 917 break; 918 919 case SMP_GEN_TK: 920 smp_proc_passkey(p_cb, p); 921 break; 922 923 case SMP_GEN_RAND_V: 924 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN); 925 smp_generate_y(p_cb, NULL); 926 break; 927 928 } 929 930 return; 931 } 932 933 SMP_TRACE_ERROR("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc); 934 935 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure); 936 937 } 938 #endif 939 940