1 /****************************************************************************** 2 * 3 * Copyright (C) 2008-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 /****************************************************************************** 20 * 21 * This file contains the implementation of the SMP utility functions used 22 * by SMP. 23 * 24 ******************************************************************************/ 25 26 #include "bt_target.h" 27 #include "bt_utils.h" 28 29 #if SMP_INCLUDED == TRUE 30 #if SMP_DEBUG == TRUE 31 #include <stdio.h> 32 #endif 33 #include <string.h> 34 35 #include "btm_ble_api.h" 36 #include "smp_int.h" 37 #include "btm_int.h" 38 #include "btm_ble_int.h" 39 #include "hcimsgs.h" 40 #include "aes.h" 41 #ifndef SMP_MAX_ENC_REPEAT 42 #define SMP_MAX_ENC_REPEAT 3 43 #endif 44 45 static void smp_rand_back(tBTM_RAND_ENC *p); 46 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 47 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data); 48 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p); 49 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p); 50 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p); 51 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p); 52 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p); 53 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p); 54 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p); 55 56 static const tSMP_ACT smp_encrypt_action[] = 57 { 58 smp_generate_compare, /* SMP_GEN_COMPARE */ 59 smp_genenrate_confirm, /* SMP_GEN_CONFIRM*/ 60 smp_generate_stk, /* SMP_GEN_STK*/ 61 smp_genenrate_ltk_cont, /* SMP_GEN_LTK */ 62 smp_generate_ltk, /* SMP_GEN_DIV_LTK */ 63 smp_generate_rand_vector, /* SMP_GEN_RAND_V */ 64 smp_generate_y, /* SMP_GEN_EDIV */ 65 smp_generate_passkey, /* SMP_GEN_TK */ 66 smp_generate_confirm, /* SMP_GEN_SRAND_MRAND */ 67 smp_genenrate_rand_cont /* SMP_GEN_SRAND_MRAND_CONT */ 68 }; 69 70 71 #define SMP_PASSKEY_MASK 0xfff00000 72 73 #if SMP_DEBUG == TRUE 74 static void smp_debug_print_nbyte_little_endian (UINT8 *p, const UINT8 *key_name, UINT8 len) 75 { 76 int i, x = 0; 77 UINT8 p_buf[100]; 78 memset(p_buf, 0, 100); 79 80 for (i = 0; i < len; i ++) 81 { 82 x += sprintf ((char *)&p_buf[x], "%02x ", p[i]); 83 } 84 SMP_TRACE_DEBUG("%s(LSB ~ MSB) = %s", key_name, p_buf); 85 } 86 #else 87 #define smp_debug_print_nbyte_little_endian(p, key_name, len) 88 #endif 89 90 /******************************************************************************* 91 ** 92 ** Function smp_encrypt_data 93 ** 94 ** Description This function is called to generate passkey. 95 ** 96 ** Returns void 97 ** 98 *******************************************************************************/ 99 BOOLEAN smp_encrypt_data (UINT8 *key, UINT8 key_len, 100 UINT8 *plain_text, UINT8 pt_len, 101 tSMP_ENC *p_out) 102 { 103 aes_context ctx; 104 UINT8 *p_start = NULL; 105 UINT8 *p = NULL; 106 UINT8 *p_rev_data = NULL; /* input data in big endilan format */ 107 UINT8 *p_rev_key = NULL; /* input key in big endilan format */ 108 UINT8 *p_rev_output = NULL; /* encrypted output in big endilan format */ 109 110 SMP_TRACE_DEBUG ("smp_encrypt_data"); 111 if ( (p_out == NULL ) || (key_len != SMP_ENCRYT_KEY_SIZE) ) 112 { 113 BTM_TRACE_ERROR ("smp_encrypt_data Failed"); 114 return(FALSE); 115 } 116 117 if ((p_start = (UINT8 *)GKI_getbuf((SMP_ENCRYT_DATA_SIZE*4))) == NULL) 118 { 119 BTM_TRACE_ERROR ("smp_encrypt_data Failed unable to allocate buffer"); 120 return(FALSE); 121 } 122 123 if (pt_len > SMP_ENCRYT_DATA_SIZE) 124 pt_len = SMP_ENCRYT_DATA_SIZE; 125 126 memset(p_start, 0, SMP_ENCRYT_DATA_SIZE * 4); 127 p = p_start; 128 ARRAY_TO_STREAM (p, plain_text, pt_len); /* byte 0 to byte 15 */ 129 p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */ 130 REVERSE_ARRAY_TO_STREAM (p, p_start, SMP_ENCRYT_DATA_SIZE); /* byte 16 to byte 31 */ 131 p_rev_key = p; /* start at byte 32 */ 132 REVERSE_ARRAY_TO_STREAM (p, key, SMP_ENCRYT_KEY_SIZE); /* byte 32 to byte 47 */ 133 134 smp_debug_print_nbyte_little_endian(key, (const UINT8 *)"Key", SMP_ENCRYT_KEY_SIZE); 135 smp_debug_print_nbyte_little_endian(p_start, (const UINT8 *)"Plain text", SMP_ENCRYT_DATA_SIZE); 136 p_rev_output = p; 137 aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx); 138 aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */ 139 140 p = p_out->param_buf; 141 REVERSE_ARRAY_TO_STREAM (p, p_rev_output, SMP_ENCRYT_DATA_SIZE); 142 smp_debug_print_nbyte_little_endian(p_out->param_buf, (const UINT8 *)"Encrypted text", SMP_ENCRYT_KEY_SIZE); 143 144 p_out->param_len = SMP_ENCRYT_KEY_SIZE; 145 p_out->status = HCI_SUCCESS; 146 p_out->opcode = HCI_BLE_ENCRYPT; 147 148 GKI_freebuf(p_start); 149 150 return(TRUE); 151 } 152 153 154 /******************************************************************************* 155 ** 156 ** Function smp_generate_passkey 157 ** 158 ** Description This function is called to generate passkey. 159 ** 160 ** Returns void 161 ** 162 *******************************************************************************/ 163 void smp_generate_passkey(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 164 { 165 UNUSED(p_data); 166 167 SMP_TRACE_DEBUG ("smp_generate_passkey"); 168 p_cb->rand_enc_proc = SMP_GEN_TK; 169 170 /* generate MRand or SRand */ 171 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 172 smp_rand_back(NULL); 173 } 174 /******************************************************************************* 175 ** 176 ** Function smp_proc_passkey 177 ** 178 ** Description This function is called to process a passkey. 179 ** 180 ** Returns void 181 ** 182 *******************************************************************************/ 183 void smp_proc_passkey(tSMP_CB *p_cb , tBTM_RAND_ENC *p) 184 { 185 UINT8 *tt = p_cb->tk; 186 tSMP_KEY key; 187 UINT32 passkey; /* 19655 test number; */ 188 UINT8 *pp = p->param_buf; 189 190 SMP_TRACE_DEBUG ("smp_proc_passkey "); 191 STREAM_TO_UINT32(passkey, pp); 192 passkey &= ~SMP_PASSKEY_MASK; 193 194 /* truncate by maximum value */ 195 while (passkey > BTM_MAX_PASSKEY_VAL) 196 passkey >>= 1; 197 198 /* save the TK */ 199 memset(p_cb->tk, 0, BT_OCTET16_LEN); 200 UINT32_TO_STREAM(tt, passkey); 201 202 key.key_type = SMP_KEY_TYPE_TK; 203 key.p_data = p_cb->tk; 204 205 if (p_cb->p_callback) 206 { 207 (*p_cb->p_callback)(SMP_PASSKEY_NOTIF_EVT, p_cb->pairing_bda, (tSMP_EVT_DATA *)&passkey); 208 } 209 210 smp_sm_event(p_cb, SMP_KEY_READY_EVT, (tSMP_INT_DATA *)&key); 211 } 212 213 214 /******************************************************************************* 215 ** 216 ** Function smp_generate_stk 217 ** 218 ** Description This function is called to generate STK calculated by running 219 ** AES with the TK value as key and a concatenation of the random 220 ** values. 221 ** 222 ** Returns void 223 ** 224 *******************************************************************************/ 225 void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 226 { 227 BT_OCTET16 ptext; 228 UINT8 *p = ptext; 229 tSMP_ENC output; 230 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 231 UNUSED(p_data); 232 233 SMP_TRACE_DEBUG ("smp_generate_stk "); 234 235 memset(p, 0, BT_OCTET16_LEN); 236 if (p_cb->role == HCI_ROLE_MASTER) 237 { 238 memcpy(p, p_cb->rand, BT_OCTET8_LEN); 239 memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN); 240 } 241 else 242 { 243 memcpy(p, p_cb->rrand, BT_OCTET8_LEN); 244 memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN); 245 } 246 247 /* generate STK = Etk(rand|rrand)*/ 248 if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output)) 249 { 250 SMP_TRACE_ERROR("smp_generate_stk failed"); 251 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 252 } 253 else 254 { 255 smp_process_stk(p_cb, &output); 256 } 257 258 } 259 /******************************************************************************* 260 ** 261 ** Function smp_generate_confirm 262 ** 263 ** Description This function is called to start the second pairing phase by 264 ** start generating initializer random number. 265 ** 266 ** 267 ** Returns void 268 ** 269 *******************************************************************************/ 270 void smp_generate_confirm (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 271 { 272 UNUSED(p_data); 273 274 SMP_TRACE_DEBUG ("smp_generate_confirm"); 275 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND; 276 /* generate MRand or SRand */ 277 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 278 smp_rand_back(NULL); 279 } 280 /******************************************************************************* 281 ** 282 ** Function smp_genenrate_rand_cont 283 ** 284 ** Description This function is called to generate another 64 bits random for 285 ** MRand or Srand. 286 ** 287 ** Returns void 288 ** 289 *******************************************************************************/ 290 void smp_genenrate_rand_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 291 { 292 UNUSED(p_data); 293 294 SMP_TRACE_DEBUG ("smp_genenrate_rand_cont "); 295 p_cb->rand_enc_proc = SMP_GEN_SRAND_MRAND_CONT; 296 /* generate 64 MSB of MRand or SRand */ 297 298 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 299 smp_rand_back(NULL); 300 } 301 /******************************************************************************* 302 ** 303 ** Function smp_generate_ltk 304 ** 305 ** Description This function is called to calculate LTK, starting with DIV 306 ** generation. 307 ** 308 ** 309 ** Returns void 310 ** 311 *******************************************************************************/ 312 void smp_generate_ltk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 313 { 314 BOOLEAN div_status; 315 UNUSED(p_data); 316 317 SMP_TRACE_DEBUG ("smp_generate_ltk "); 318 319 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 320 321 if (div_status) 322 { 323 smp_genenrate_ltk_cont(p_cb, NULL); 324 } 325 else 326 { 327 SMP_TRACE_DEBUG ("Generate DIV for LTK"); 328 p_cb->rand_enc_proc = SMP_GEN_DIV_LTK; 329 /* generate MRand or SRand */ 330 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 331 smp_rand_back(NULL); 332 } 333 } 334 335 336 /******************************************************************************* 337 ** 338 ** Function smp_compute_csrk 339 ** 340 ** Description This function is called to calculate CSRK 341 ** 342 ** 343 ** Returns void 344 ** 345 *******************************************************************************/ 346 void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 347 { 348 BT_OCTET16 er; 349 UINT8 buffer[4]; /* for (r || DIV) r=1*/ 350 UINT16 r=1; 351 UINT8 *p=buffer; 352 tSMP_ENC output; 353 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 354 UNUSED(p_data); 355 356 SMP_TRACE_DEBUG ("smp_compute_csrk div=%x", p_cb->div); 357 BTM_GetDeviceEncRoot(er); 358 /* CSRK = d1(ER, DIV, 1) */ 359 UINT16_TO_STREAM(p, p_cb->div); 360 UINT16_TO_STREAM(p, r); 361 362 if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output)) 363 { 364 SMP_TRACE_ERROR("smp_generate_csrk failed"); 365 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 366 } 367 else 368 { 369 memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN); 370 smp_send_csrk_info(p_cb, NULL); 371 } 372 } 373 374 /******************************************************************************* 375 ** 376 ** Function smp_generate_csrk 377 ** 378 ** Description This function is called to calculate LTK, starting with DIV 379 ** generation. 380 ** 381 ** 382 ** Returns void 383 ** 384 *******************************************************************************/ 385 void smp_generate_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 386 { 387 BOOLEAN div_status; 388 UNUSED(p_data); 389 390 SMP_TRACE_DEBUG ("smp_generate_csrk"); 391 392 div_status = btm_get_local_div(p_cb->pairing_bda, &p_cb->div); 393 if (div_status) 394 { 395 smp_compute_csrk(p_cb, NULL); 396 } 397 else 398 { 399 SMP_TRACE_DEBUG ("Generate DIV for CSRK"); 400 p_cb->rand_enc_proc = SMP_GEN_DIV_CSRK; 401 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 402 smp_rand_back(NULL); 403 } 404 } 405 406 407 /******************************************************************************* 408 ** Function smp_concatenate_peer 409 ** add pairing command sent from local device into p1. 410 *******************************************************************************/ 411 void smp_concatenate_local( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 412 { 413 UINT8 *p = *p_data; 414 415 SMP_TRACE_DEBUG ("smp_concatenate_local "); 416 UINT8_TO_STREAM(p, op_code); 417 UINT8_TO_STREAM(p, p_cb->loc_io_caps); 418 UINT8_TO_STREAM(p, p_cb->loc_oob_flag); 419 UINT8_TO_STREAM(p, p_cb->loc_auth_req); 420 UINT8_TO_STREAM(p, p_cb->loc_enc_size); 421 UINT8_TO_STREAM(p, p_cb->loc_i_key); 422 UINT8_TO_STREAM(p, p_cb->loc_r_key); 423 424 *p_data = p; 425 } 426 /******************************************************************************* 427 ** Function smp_concatenate_peer 428 ** add pairing command received from peer device into p1. 429 *******************************************************************************/ 430 void smp_concatenate_peer( tSMP_CB *p_cb, UINT8 **p_data, UINT8 op_code) 431 { 432 UINT8 *p = *p_data; 433 434 SMP_TRACE_DEBUG ("smp_concatenate_peer "); 435 UINT8_TO_STREAM(p, op_code); 436 UINT8_TO_STREAM(p, p_cb->peer_io_caps); 437 UINT8_TO_STREAM(p, p_cb->peer_oob_flag); 438 UINT8_TO_STREAM(p, p_cb->peer_auth_req); 439 UINT8_TO_STREAM(p, p_cb->peer_enc_size); 440 UINT8_TO_STREAM(p, p_cb->peer_i_key); 441 UINT8_TO_STREAM(p, p_cb->peer_r_key); 442 443 *p_data = p; 444 } 445 /******************************************************************************* 446 ** 447 ** Function smp_gen_p1_4_confirm 448 ** 449 ** Description Generate Confirm/Compare Step1: 450 ** p1 = pres || preq || rat' || iat' 451 ** 452 ** Returns void 453 ** 454 *******************************************************************************/ 455 void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1) 456 { 457 UINT8 *p = (UINT8 *)p1; 458 tBLE_ADDR_TYPE addr_type = 0; 459 BD_ADDR remote_bda; 460 461 SMP_TRACE_DEBUG ("smp_gen_p1_4_confirm"); 462 463 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 464 { 465 SMP_TRACE_ERROR("can not generate confirm for unknown device"); 466 return; 467 } 468 469 BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type); 470 471 if (p_cb->role == HCI_ROLE_MASTER) 472 { 473 /* LSB : rat': initiator's(local) address type */ 474 UINT8_TO_STREAM(p, p_cb->addr_type); 475 /* LSB : iat': responder's address type */ 476 UINT8_TO_STREAM(p, addr_type); 477 /* concatinate preq */ 478 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 479 /* concatinate pres */ 480 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 481 } 482 else 483 { 484 /* LSB : iat': initiator's address type */ 485 UINT8_TO_STREAM(p, addr_type); 486 /* LSB : rat': responder's(local) address type */ 487 UINT8_TO_STREAM(p, p_cb->addr_type); 488 /* concatinate preq */ 489 smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ); 490 /* concatinate pres */ 491 smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP); 492 } 493 #if SMP_DEBUG == TRUE 494 SMP_TRACE_DEBUG("p1 = pres || preq || rat' || iat'"); 495 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16); 496 #endif 497 } 498 /******************************************************************************* 499 ** 500 ** Function smp_gen_p2_4_confirm 501 ** 502 ** Description Generate Confirm/Compare Step2: 503 ** p2 = padding || ia || ra 504 ** 505 ** Returns void 506 ** 507 *******************************************************************************/ 508 void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2) 509 { 510 UINT8 *p = (UINT8 *)p2; 511 BD_ADDR remote_bda; 512 tBLE_ADDR_TYPE addr_type = 0; 513 514 if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type)) 515 { 516 SMP_TRACE_ERROR("can not generate confirm p2 for unknown device"); 517 return; 518 } 519 520 SMP_TRACE_DEBUG ("smp_gen_p2_4_confirm"); 521 522 memset(p, 0, sizeof(BT_OCTET16)); 523 524 if (p_cb->role == HCI_ROLE_MASTER) 525 { 526 /* LSB ra */ 527 BDADDR_TO_STREAM(p, remote_bda); 528 /* ia */ 529 BDADDR_TO_STREAM(p, p_cb->local_bda); 530 } 531 else 532 { 533 /* LSB ra */ 534 BDADDR_TO_STREAM(p, p_cb->local_bda); 535 /* ia */ 536 BDADDR_TO_STREAM(p, remote_bda); 537 } 538 #if SMP_DEBUG == TRUE 539 SMP_TRACE_DEBUG("p2 = padding || ia || ra"); 540 smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16); 541 #endif 542 } 543 /******************************************************************************* 544 ** 545 ** Function smp_calculate_comfirm 546 ** 547 ** Description This function is called to calculate Confirm value. 548 ** 549 ** Returns void 550 ** 551 *******************************************************************************/ 552 void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda) 553 { 554 BT_OCTET16 p1; 555 tSMP_ENC output; 556 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 557 UNUSED(bda); 558 559 SMP_TRACE_DEBUG ("smp_calculate_comfirm "); 560 /* generate p1 = pres || preq || rat' || iat' */ 561 smp_gen_p1_4_confirm(p_cb, p1); 562 563 /* p1 = rand XOR p1 */ 564 smp_xor_128(p1, rand); 565 566 smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16); 567 568 /* calculate e(k, r XOR p1), where k = TK */ 569 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output)) 570 { 571 SMP_TRACE_ERROR("smp_generate_csrk failed"); 572 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 573 } 574 else 575 { 576 smp_calculate_comfirm_cont(p_cb, &output); 577 } 578 } 579 /******************************************************************************* 580 ** 581 ** Function smp_calculate_comfirm_cont 582 ** 583 ** Description This function is called when SConfirm/MConfirm is generated 584 ** proceed to send the Confirm request/response to peer device. 585 ** 586 ** Returns void 587 ** 588 *******************************************************************************/ 589 static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p) 590 { 591 BT_OCTET16 p2; 592 tSMP_ENC output; 593 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 594 595 SMP_TRACE_DEBUG ("smp_calculate_comfirm_cont "); 596 #if SMP_DEBUG == TRUE 597 SMP_TRACE_DEBUG("Confirm step 1 p1' = e(k, r XOR p1) Generated"); 598 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16); 599 #endif 600 601 smp_gen_p2_4_confirm(p_cb, p2); 602 603 /* calculate p2 = (p1' XOR p2) */ 604 smp_xor_128(p2, p->param_buf); 605 smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16); 606 607 /* calculate: Confirm = E(k, p1' XOR p2) */ 608 if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output)) 609 { 610 SMP_TRACE_ERROR("smp_calculate_comfirm_cont failed"); 611 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 612 } 613 else 614 { 615 switch (p_cb->rand_enc_proc) 616 { 617 case SMP_GEN_CONFIRM: 618 smp_process_confirm(p_cb, &output); 619 break; 620 621 case SMP_GEN_COMPARE: 622 smp_process_compare(p_cb, &output); 623 break; 624 } 625 } 626 } 627 /******************************************************************************* 628 ** 629 ** Function smp_genenrate_confirm 630 ** 631 ** Description This function is called when a 48 bits random number is generated 632 ** as SRand or MRand, continue to calculate Sconfirm or MConfirm. 633 ** 634 ** Returns void 635 ** 636 *******************************************************************************/ 637 static void smp_genenrate_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 638 { 639 UNUSED(p_data); 640 641 SMP_TRACE_DEBUG ("smp_genenrate_confirm "); 642 p_cb->rand_enc_proc = SMP_GEN_CONFIRM; 643 644 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rand, (const UINT8 *)"local rand", 16); 645 646 smp_calculate_comfirm(p_cb, p_cb->rand, p_cb->pairing_bda); 647 } 648 /******************************************************************************* 649 ** 650 ** Function smp_generate_compare 651 ** 652 ** Description This function is called to generate SConfirm for Slave device, 653 ** or MSlave for Master device. This function can be also used for 654 ** generating Compare number for confirm value check. 655 ** 656 ** Returns void 657 ** 658 *******************************************************************************/ 659 void smp_generate_compare (tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 660 { 661 UNUSED(p_data); 662 663 SMP_TRACE_DEBUG ("smp_generate_compare "); 664 p_cb->rand_enc_proc = SMP_GEN_COMPARE; 665 666 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->rrand, (const UINT8 *)"peer rand", 16); 667 668 smp_calculate_comfirm(p_cb, p_cb->rrand, p_cb->local_bda); 669 } 670 /******************************************************************************* 671 ** 672 ** Function smp_process_confirm 673 ** 674 ** Description This function is called when SConfirm/MConfirm is generated 675 ** proceed to send the Confirm request/response to peer device. 676 ** 677 ** Returns void 678 ** 679 *******************************************************************************/ 680 static void smp_process_confirm(tSMP_CB *p_cb, tSMP_ENC *p) 681 { 682 tSMP_KEY key; 683 684 SMP_TRACE_DEBUG ("smp_process_confirm "); 685 #if SMP_CONFORMANCE_TESTING == TRUE 686 if (p_cb->enable_test_confirm_val) 687 { 688 BTM_TRACE_DEBUG ("Use confirm value from script"); 689 memcpy(p_cb->confirm, p_cb->test_confirm, BT_OCTET16_LEN); 690 } 691 else 692 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 693 #else 694 memcpy(p_cb->confirm, p->param_buf, BT_OCTET16_LEN); 695 #endif 696 697 698 #if (SMP_DEBUG == TRUE) 699 SMP_TRACE_DEBUG("Confirm Generated"); 700 smp_debug_print_nbyte_little_endian ((UINT8 *)p_cb->confirm, (const UINT8 *)"Confirm", 16); 701 #endif 702 703 key.key_type = SMP_KEY_TYPE_CFM; 704 key.p_data = p->param_buf; 705 706 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 707 } 708 /******************************************************************************* 709 ** 710 ** Function smp_process_compare 711 ** 712 ** Description This function is called when Compare is generated using the 713 ** RRand and local BDA, TK information. 714 ** 715 ** Returns void 716 ** 717 *******************************************************************************/ 718 static void smp_process_compare(tSMP_CB *p_cb, tSMP_ENC *p) 719 { 720 tSMP_KEY key; 721 722 SMP_TRACE_DEBUG ("smp_process_compare "); 723 #if (SMP_DEBUG == TRUE) 724 SMP_TRACE_DEBUG("Compare Generated"); 725 smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"Compare", 16); 726 #endif 727 key.key_type = SMP_KEY_TYPE_CMP; 728 key.p_data = p->param_buf; 729 730 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 731 } 732 733 /******************************************************************************* 734 ** 735 ** Function smp_process_stk 736 ** 737 ** Description This function is called when STK is generated 738 ** proceed to send the encrypt the link using STK. 739 ** 740 ** Returns void 741 ** 742 *******************************************************************************/ 743 static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p) 744 { 745 tSMP_KEY key; 746 747 SMP_TRACE_DEBUG ("smp_process_stk "); 748 #if (SMP_DEBUG == TRUE) 749 SMP_TRACE_ERROR("STK Generated"); 750 #endif 751 smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf); 752 753 key.key_type = SMP_KEY_TYPE_STK; 754 key.p_data = p->param_buf; 755 756 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 757 } 758 759 /******************************************************************************* 760 ** 761 ** Function smp_genenrate_ltk_cont 762 ** 763 ** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV) 764 ** 765 ** Returns void 766 ** 767 *******************************************************************************/ 768 static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 769 { 770 BT_OCTET16 er; 771 tSMP_ENC output; 772 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 773 UNUSED(p_data); 774 775 SMP_TRACE_DEBUG ("smp_genenrate_ltk_cont "); 776 BTM_GetDeviceEncRoot(er); 777 778 /* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/ 779 if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div, 780 sizeof(UINT16), &output)) 781 { 782 SMP_TRACE_ERROR("smp_genenrate_ltk_cont failed"); 783 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 784 } 785 else 786 { 787 /* mask the LTK */ 788 smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf); 789 memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN); 790 smp_generate_rand_vector(p_cb, NULL); 791 } 792 793 } 794 795 /******************************************************************************* 796 ** 797 ** Function smp_generate_y 798 ** 799 ** Description This function is to proceed generate Y = E(DHK, Rand) 800 ** 801 ** Returns void 802 ** 803 *******************************************************************************/ 804 static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p) 805 { 806 BT_OCTET16 dhk; 807 tSMP_ENC output; 808 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 809 UNUSED(p); 810 811 SMP_TRACE_DEBUG ("smp_generate_y "); 812 BTM_GetDeviceDHK(dhk); 813 814 if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand, 815 BT_OCTET8_LEN, &output)) 816 { 817 SMP_TRACE_ERROR("smp_generate_y failed"); 818 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 819 } 820 else 821 { 822 smp_process_ediv(p_cb, &output); 823 } 824 } 825 /******************************************************************************* 826 ** 827 ** Function smp_generate_rand_vector 828 ** 829 ** Description This function is called when LTK is generated, send state machine 830 ** event to SMP. 831 ** 832 ** Returns void 833 ** 834 *******************************************************************************/ 835 static void smp_generate_rand_vector (tSMP_CB *p_cb, tSMP_INT_DATA *p) 836 { 837 UNUSED(p); 838 839 /* generate EDIV and rand now */ 840 /* generate random vector */ 841 SMP_TRACE_DEBUG ("smp_generate_rand_vector "); 842 p_cb->rand_enc_proc = SMP_GEN_RAND_V; 843 if (!btsnd_hcic_ble_rand((void *)smp_rand_back)) 844 smp_rand_back(NULL); 845 846 } 847 /******************************************************************************* 848 ** 849 ** Function smp_genenrate_smp_process_edivltk_cont 850 ** 851 ** Description This function is to calculate EDIV = Y xor DIV 852 ** 853 ** Returns void 854 ** 855 *******************************************************************************/ 856 static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p) 857 { 858 tSMP_KEY key; 859 UINT8 *pp= p->param_buf; 860 UINT16 y; 861 862 SMP_TRACE_DEBUG ("smp_process_ediv "); 863 STREAM_TO_UINT16(y, pp); 864 865 /* EDIV = Y xor DIV */ 866 p_cb->ediv = p_cb->div ^ y; 867 /* send LTK ready */ 868 SMP_TRACE_ERROR("LTK ready"); 869 key.key_type = SMP_KEY_TYPE_LTK; 870 key.p_data = p->param_buf; 871 872 smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key); 873 } 874 875 /******************************************************************************* 876 ** 877 ** Function smp_rand_back 878 ** 879 ** Description This function is to process the rand command finished, 880 ** process the random/encrypted number for further action. 881 ** 882 ** Returns void 883 ** 884 *******************************************************************************/ 885 static void smp_rand_back(tBTM_RAND_ENC *p) 886 { 887 tSMP_CB *p_cb = &smp_cb; 888 UINT8 *pp = p->param_buf; 889 UINT8 failure = SMP_PAIR_FAIL_UNKNOWN; 890 UINT8 state = p_cb->rand_enc_proc & ~0x80; 891 892 SMP_TRACE_DEBUG ("smp_rand_back state=0x%x", state); 893 if (p && p->status == HCI_SUCCESS) 894 { 895 switch (state) 896 { 897 898 case SMP_GEN_SRAND_MRAND: 899 memcpy((void *)p_cb->rand, p->param_buf, p->param_len); 900 smp_genenrate_rand_cont(p_cb, NULL); 901 break; 902 903 case SMP_GEN_SRAND_MRAND_CONT: 904 memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len); 905 smp_genenrate_confirm(p_cb, NULL); 906 break; 907 908 case SMP_GEN_DIV_LTK: 909 STREAM_TO_UINT16(p_cb->div, pp); 910 smp_genenrate_ltk_cont(p_cb, NULL); 911 break; 912 913 case SMP_GEN_DIV_CSRK: 914 STREAM_TO_UINT16(p_cb->div, pp); 915 smp_compute_csrk(p_cb, NULL); 916 break; 917 918 case SMP_GEN_TK: 919 smp_proc_passkey(p_cb, p); 920 break; 921 922 case SMP_GEN_RAND_V: 923 memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN); 924 smp_generate_y(p_cb, NULL); 925 break; 926 927 } 928 929 return; 930 } 931 932 SMP_TRACE_ERROR("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc); 933 934 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure); 935 936 } 937 #endif 938 939
