1 /****************************************************************************** 2 * 3 * Copyright (C) 2003-2012 Broadcom Corporation 4 * 5 * Licensed under the Apache License, Version 2.0 (the "License"); 6 * you may not use this file except in compliance with the License. 7 * You may obtain a copy of the License at: 8 * 9 * http://www.apache.org/licenses/LICENSE-2.0 10 * 11 * Unless required by applicable law or agreed to in writing, software 12 * distributed under the License is distributed on an "AS IS" BASIS, 13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 14 * See the License for the specific language governing permissions and 15 * limitations under the License. 16 * 17 ******************************************************************************/ 18 19 #include <string.h> 20 #include "device/include/interop.h" 21 #include "include/bt_target.h" 22 #include "stack/btm/btm_int.h" 23 #include "stack/include/l2c_api.h" 24 #include "stack/smp/smp_int.h" 25 #include "utils/include/bt_utils.h" 26 27 #if SMP_INCLUDED == TRUE 28 const UINT8 smp_association_table[2][SMP_IO_CAP_MAX][SMP_IO_CAP_MAX] = 29 { 30 /* initiator */ 31 {{SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY}, /* Display Only */ 32 {SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY}, /* SMP_CAP_IO = 1 */ 33 {SMP_MODEL_KEY_NOTIF, SMP_MODEL_KEY_NOTIF, SMP_MODEL_PASSKEY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF}, /* keyboard only */ 34 {SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY},/* No Input No Output */ 35 {SMP_MODEL_KEY_NOTIF, SMP_MODEL_KEY_NOTIF, SMP_MODEL_PASSKEY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF}}, /* keyboard display */ 36 /* responder */ 37 {{SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF}, /* Display Only */ 38 {SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_KEY_NOTIF}, /* SMP_CAP_IO = 1 */ 39 {SMP_MODEL_PASSKEY, SMP_MODEL_PASSKEY, SMP_MODEL_PASSKEY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY}, /* keyboard only */ 40 {SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_ENCRYPTION_ONLY},/* No Input No Output */ 41 {SMP_MODEL_PASSKEY, SMP_MODEL_PASSKEY, SMP_MODEL_KEY_NOTIF, SMP_MODEL_ENCRYPTION_ONLY, SMP_MODEL_PASSKEY}} /* keyboard display */ 42 /* display only */ /*SMP_CAP_IO = 1 */ /* keyboard only */ /* No InputOutput */ /* keyboard display */ 43 }; 44 45 #define SMP_KEY_DIST_TYPE_MAX 4 46 const tSMP_ACT smp_distribute_act [] = 47 { 48 smp_generate_ltk, 49 smp_send_id_info, 50 smp_generate_csrk, 51 smp_set_derive_link_key 52 }; 53 54 static bool lmp_version_below(BD_ADDR bda, uint8_t version) 55 { 56 tACL_CONN *acl = btm_bda_to_acl(bda, BT_TRANSPORT_LE); 57 if (acl == NULL || acl->lmp_version == 0) 58 { 59 SMP_TRACE_WARNING("%s cannot retrieve LMP version...", __func__); 60 return false; 61 } 62 SMP_TRACE_WARNING("%s LMP version %d < %d", __func__, acl->lmp_version, version); 63 return acl->lmp_version < version; 64 } 65 66 static bool pts_test_send_authentication_complete_failure(tSMP_CB *p_cb) 67 { 68 uint8_t reason = 0; 69 70 if (p_cb->cert_failure < 2 || p_cb->cert_failure > 6) 71 return false; 72 73 SMP_TRACE_ERROR("%s failure case = %d", __func__, p_cb->cert_failure); 74 75 switch (p_cb->cert_failure) 76 { 77 case 2: 78 reason = SMP_PAIR_AUTH_FAIL; 79 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 80 break; 81 case 3: 82 reason = SMP_PAIR_FAIL_UNKNOWN; 83 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 84 break; 85 case 4: 86 reason = SMP_PAIR_NOT_SUPPORT; 87 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 88 break; 89 case 5: 90 reason = SMP_PASSKEY_ENTRY_FAIL; 91 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 92 break; 93 case 6: 94 reason = SMP_REPEATED_ATTEMPTS; 95 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 96 break; 97 } 98 99 return true;; 100 } 101 102 /******************************************************************************* 103 ** Function smp_update_key_mask 104 ** Description This function updates the key mask for sending or receiving. 105 *******************************************************************************/ 106 static void smp_update_key_mask (tSMP_CB *p_cb, UINT8 key_type, BOOLEAN recv) 107 { 108 SMP_TRACE_DEBUG("%s before update role=%d recv=%d local_i_key = %02x, local_r_key = %02x", 109 __func__, p_cb->role, recv, p_cb->local_i_key, p_cb->local_r_key); 110 111 if (((p_cb->le_secure_connections_mode_is_used) || 112 (p_cb->smp_over_br)) && 113 ((key_type == SMP_SEC_KEY_TYPE_ENC) || (key_type == SMP_SEC_KEY_TYPE_LK))) 114 { 115 /* in LE SC mode LTK, CSRK and BR/EDR LK are derived locally instead of 116 ** being exchanged with the peer */ 117 p_cb->local_i_key &= ~key_type; 118 p_cb->local_r_key &= ~key_type; 119 } 120 else 121 if (p_cb->role == HCI_ROLE_SLAVE) 122 { 123 if (recv) 124 p_cb->local_i_key &= ~key_type; 125 else 126 p_cb->local_r_key &= ~key_type; 127 } 128 else 129 { 130 if (recv) 131 p_cb->local_r_key &= ~key_type; 132 else 133 p_cb->local_i_key &= ~key_type; 134 } 135 136 SMP_TRACE_DEBUG("updated local_i_key = %02x, local_r_key = %02x", p_cb->local_i_key, 137 p_cb->local_r_key); 138 } 139 140 /******************************************************************************* 141 ** Function smp_send_app_cback 142 ** Description notifies application about the events the application is interested in 143 *******************************************************************************/ 144 void smp_send_app_cback(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 145 { 146 tSMP_EVT_DATA cb_data; 147 tSMP_STATUS callback_rc; 148 SMP_TRACE_DEBUG("%s p_cb->cb_evt=%d", __func__, p_cb->cb_evt); 149 if (p_cb->p_callback && p_cb->cb_evt != 0) 150 { 151 switch (p_cb->cb_evt) 152 { 153 case SMP_IO_CAP_REQ_EVT: 154 cb_data.io_req.auth_req = p_cb->peer_auth_req; 155 cb_data.io_req.oob_data = SMP_OOB_NONE; 156 cb_data.io_req.io_cap = SMP_DEFAULT_IO_CAPS; 157 cb_data.io_req.max_key_size = SMP_MAX_ENC_KEY_SIZE; 158 cb_data.io_req.init_keys = p_cb->local_i_key ; 159 cb_data.io_req.resp_keys = p_cb->local_r_key ; 160 SMP_TRACE_WARNING ( "io_cap = %d",cb_data.io_req.io_cap); 161 break; 162 163 case SMP_NC_REQ_EVT: 164 cb_data.passkey = p_data->passkey; 165 break; 166 case SMP_SC_OOB_REQ_EVT: 167 cb_data.req_oob_type = p_data->req_oob_type; 168 break; 169 case SMP_SC_LOC_OOB_DATA_UP_EVT: 170 cb_data.loc_oob_data = p_cb->sc_oob_data.loc_oob_data; 171 break; 172 173 case SMP_BR_KEYS_REQ_EVT: 174 cb_data.io_req.auth_req = 0; 175 cb_data.io_req.oob_data = SMP_OOB_NONE; 176 cb_data.io_req.io_cap = 0; 177 cb_data.io_req.max_key_size = SMP_MAX_ENC_KEY_SIZE; 178 cb_data.io_req.init_keys = SMP_BR_SEC_DEFAULT_KEY; 179 cb_data.io_req.resp_keys = SMP_BR_SEC_DEFAULT_KEY; 180 break; 181 182 default: 183 break; 184 } 185 186 callback_rc = (*p_cb->p_callback)(p_cb->cb_evt, p_cb->pairing_bda, &cb_data); 187 188 SMP_TRACE_DEBUG("callback_rc=%d p_cb->cb_evt=%d",callback_rc, p_cb->cb_evt ); 189 190 if (callback_rc == SMP_SUCCESS) 191 { 192 switch (p_cb->cb_evt) 193 { 194 case SMP_IO_CAP_REQ_EVT: 195 p_cb->loc_auth_req = cb_data.io_req.auth_req; 196 p_cb->local_io_capability = cb_data.io_req.io_cap; 197 p_cb->loc_oob_flag = cb_data.io_req.oob_data; 198 p_cb->loc_enc_size = cb_data.io_req.max_key_size; 199 p_cb->local_i_key = cb_data.io_req.init_keys; 200 p_cb->local_r_key = cb_data.io_req.resp_keys; 201 202 if (!(p_cb->loc_auth_req & SMP_AUTH_BOND)) 203 { 204 SMP_TRACE_WARNING ("Non bonding: No keys will be exchanged"); 205 p_cb->local_i_key = 0; 206 p_cb->local_r_key = 0; 207 } 208 209 SMP_TRACE_WARNING ( "rcvd auth_req: 0x%02x, io_cap: %d \ 210 loc_oob_flag: %d loc_enc_size: %d," 211 "local_i_key: 0x%02x, local_r_key: 0x%02x", 212 p_cb->loc_auth_req, p_cb->local_io_capability, p_cb->loc_oob_flag, 213 p_cb->loc_enc_size, p_cb->local_i_key, p_cb->local_r_key); 214 215 p_cb->secure_connections_only_mode_required = 216 (btm_cb.security_mode == BTM_SEC_MODE_SC) ? TRUE : FALSE; 217 218 if (p_cb->secure_connections_only_mode_required) 219 { 220 p_cb->loc_auth_req |= SMP_SC_SUPPORT_BIT; 221 } 222 223 if (!(p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) 224 || lmp_version_below(p_cb->pairing_bda, HCI_PROTO_VERSION_4_2) 225 || interop_match_addr(INTEROP_DISABLE_LE_SECURE_CONNECTIONS, 226 (const bt_bdaddr_t *)&p_cb->pairing_bda)) 227 { 228 p_cb->loc_auth_req &= ~SMP_KP_SUPPORT_BIT; 229 p_cb->local_i_key &= ~SMP_SEC_KEY_TYPE_LK; 230 p_cb->local_r_key &= ~SMP_SEC_KEY_TYPE_LK; 231 } 232 233 SMP_TRACE_WARNING("set auth_req: 0x%02x, local_i_key: 0x%02x, local_r_key: 0x%02x", 234 p_cb->loc_auth_req, p_cb->local_i_key, p_cb->local_r_key); 235 236 smp_sm_event(p_cb, SMP_IO_RSP_EVT, NULL); 237 break; 238 239 case SMP_BR_KEYS_REQ_EVT: 240 p_cb->loc_enc_size = cb_data.io_req.max_key_size; 241 p_cb->local_i_key = cb_data.io_req.init_keys; 242 p_cb->local_r_key = cb_data.io_req.resp_keys; 243 244 p_cb->local_i_key &= ~SMP_SEC_KEY_TYPE_LK; 245 p_cb->local_r_key &= ~SMP_SEC_KEY_TYPE_LK; 246 247 SMP_TRACE_WARNING ( "for SMP over BR max_key_size: 0x%02x,\ 248 local_i_key: 0x%02x, local_r_key: 0x%02x", 249 p_cb->loc_enc_size, p_cb->local_i_key, p_cb->local_r_key); 250 251 smp_br_state_machine_event(p_cb, SMP_BR_KEYS_RSP_EVT, NULL); 252 break; 253 } 254 } 255 } 256 257 if (!p_cb->cb_evt && p_cb->discard_sec_req) 258 { 259 p_cb->discard_sec_req = FALSE; 260 smp_sm_event(p_cb, SMP_DISCARD_SEC_REQ_EVT, NULL); 261 } 262 263 SMP_TRACE_DEBUG("%s return", __func__); 264 } 265 266 /******************************************************************************* 267 ** Function smp_send_pair_fail 268 ** Description pairing failure to peer device if needed. 269 *******************************************************************************/ 270 void smp_send_pair_fail(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 271 { 272 p_cb->status = *(UINT8 *)p_data; 273 p_cb->failure = *(UINT8 *)p_data; 274 275 SMP_TRACE_DEBUG("%s status=%d failure=%d ", __func__, p_cb->status, p_cb->failure); 276 277 if (p_cb->status <= SMP_MAX_FAIL_RSN_PER_SPEC && p_cb->status != SMP_SUCCESS) 278 { 279 smp_send_cmd(SMP_OPCODE_PAIRING_FAILED, p_cb); 280 p_cb->wait_for_authorization_complete = TRUE; 281 } 282 } 283 284 /******************************************************************************* 285 ** Function smp_send_pair_req 286 ** Description actions related to sending pairing request 287 *******************************************************************************/ 288 void smp_send_pair_req(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 289 { 290 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (p_cb->pairing_bda); 291 SMP_TRACE_DEBUG("%s", __func__); 292 293 /* erase all keys when master sends pairing req*/ 294 if (p_dev_rec) 295 btm_sec_clear_ble_keys(p_dev_rec); 296 /* do not manipulate the key, let app decide, 297 leave out to BTM to mandate key distribution for bonding case */ 298 smp_send_cmd(SMP_OPCODE_PAIRING_REQ, p_cb); 299 } 300 301 /******************************************************************************* 302 ** Function smp_send_pair_rsp 303 ** Description actions related to sending pairing response 304 *******************************************************************************/ 305 void smp_send_pair_rsp(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 306 { 307 SMP_TRACE_DEBUG("%s", __func__); 308 309 p_cb->local_i_key &= p_cb->peer_i_key; 310 p_cb->local_r_key &= p_cb->peer_r_key; 311 312 if (smp_send_cmd (SMP_OPCODE_PAIRING_RSP, p_cb)) 313 { 314 if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) 315 smp_use_oob_private_key(p_cb, NULL); 316 else 317 smp_decide_association_model(p_cb, NULL); 318 } 319 } 320 321 /******************************************************************************* 322 ** Function smp_send_confirm 323 ** Description send confirmation to the peer 324 *******************************************************************************/ 325 void smp_send_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 326 { 327 SMP_TRACE_DEBUG("%s", __func__); 328 smp_send_cmd(SMP_OPCODE_CONFIRM, p_cb); 329 } 330 331 /******************************************************************************* 332 ** Function smp_send_init 333 ** Description process pairing initializer to slave device 334 *******************************************************************************/ 335 void smp_send_init(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 336 { 337 SMP_TRACE_DEBUG("%s", __func__); 338 smp_send_cmd(SMP_OPCODE_INIT, p_cb); 339 } 340 341 /******************************************************************************* 342 ** Function smp_send_rand 343 ** Description send pairing random to the peer 344 *******************************************************************************/ 345 void smp_send_rand(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 346 { 347 SMP_TRACE_DEBUG("%s", __func__); 348 smp_send_cmd(SMP_OPCODE_RAND, p_cb); 349 } 350 351 /******************************************************************************* 352 ** Function smp_send_pair_public_key 353 ** Description send pairing public key command to the peer 354 *******************************************************************************/ 355 void smp_send_pair_public_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 356 { 357 SMP_TRACE_DEBUG("%s", __func__); 358 smp_send_cmd(SMP_OPCODE_PAIR_PUBLIC_KEY, p_cb); 359 } 360 361 /******************************************************************************* 362 ** Function SMP_SEND_COMMITMENT 363 ** Description send commitment command to the peer 364 *******************************************************************************/ 365 void smp_send_commitment(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 366 { 367 SMP_TRACE_DEBUG("%s", __func__); 368 smp_send_cmd(SMP_OPCODE_PAIR_COMMITM, p_cb); 369 } 370 371 /******************************************************************************* 372 ** Function smp_send_dhkey_check 373 ** Description send DHKey Check command to the peer 374 *******************************************************************************/ 375 void smp_send_dhkey_check(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 376 { 377 SMP_TRACE_DEBUG("%s", __func__); 378 smp_send_cmd(SMP_OPCODE_PAIR_DHKEY_CHECK, p_cb); 379 } 380 381 /******************************************************************************* 382 ** Function smp_send_keypress_notification 383 ** Description send Keypress Notification command to the peer 384 *******************************************************************************/ 385 void smp_send_keypress_notification(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 386 { 387 p_cb->local_keypress_notification = *(UINT8 *) p_data; 388 smp_send_cmd(SMP_OPCODE_PAIR_KEYPR_NOTIF, p_cb); 389 } 390 391 /******************************************************************************* 392 ** Function smp_send_enc_info 393 ** Description send encryption information command. 394 *******************************************************************************/ 395 void smp_send_enc_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 396 { 397 tBTM_LE_LENC_KEYS le_key; 398 399 SMP_TRACE_DEBUG("%s p_cb->loc_enc_size = %d", __func__, p_cb->loc_enc_size); 400 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ENC, FALSE); 401 402 smp_send_cmd(SMP_OPCODE_ENCRYPT_INFO, p_cb); 403 smp_send_cmd(SMP_OPCODE_MASTER_ID, p_cb); 404 405 /* save the DIV and key size information when acting as slave device */ 406 memcpy(le_key.ltk, p_cb->ltk, BT_OCTET16_LEN); 407 le_key.div = p_cb->div; 408 le_key.key_size = p_cb->loc_enc_size; 409 le_key.sec_level = p_cb->sec_level; 410 411 if ((p_cb->peer_auth_req & SMP_AUTH_BOND) && (p_cb->loc_auth_req & SMP_AUTH_BOND)) 412 btm_sec_save_le_key(p_cb->pairing_bda, BTM_LE_KEY_LENC, 413 (tBTM_LE_KEY_VALUE *)&le_key, TRUE); 414 415 SMP_TRACE_WARNING ("%s", __func__); 416 417 smp_key_distribution(p_cb, NULL); 418 } 419 420 /******************************************************************************* 421 ** Function smp_send_id_info 422 ** Description send ID information command. 423 *******************************************************************************/ 424 void smp_send_id_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 425 { 426 tBTM_LE_KEY_VALUE le_key; 427 SMP_TRACE_DEBUG("%s", __func__); 428 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ID, FALSE); 429 430 smp_send_cmd(SMP_OPCODE_IDENTITY_INFO, p_cb); 431 smp_send_cmd(SMP_OPCODE_ID_ADDR, p_cb); 432 433 if ((p_cb->peer_auth_req & SMP_AUTH_BOND) && (p_cb->loc_auth_req & SMP_AUTH_BOND)) 434 btm_sec_save_le_key(p_cb->pairing_bda, BTM_LE_KEY_LID, 435 &le_key, TRUE); 436 437 SMP_TRACE_WARNING ("%s", __func__); 438 smp_key_distribution_by_transport(p_cb, NULL); 439 } 440 441 /******************************************************************************* 442 ** Function smp_send_csrk_info 443 ** Description send CSRK command. 444 *******************************************************************************/ 445 void smp_send_csrk_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 446 { 447 tBTM_LE_LCSRK_KEYS key; 448 SMP_TRACE_DEBUG("%s", __func__); 449 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_CSRK, FALSE); 450 451 if (smp_send_cmd(SMP_OPCODE_SIGN_INFO, p_cb)) 452 { 453 key.div = p_cb->div; 454 key.sec_level = p_cb->sec_level; 455 key.counter = 0; /* initialize the local counter */ 456 memcpy (key.csrk, p_cb->csrk, BT_OCTET16_LEN); 457 btm_sec_save_le_key(p_cb->pairing_bda, BTM_LE_KEY_LCSRK, (tBTM_LE_KEY_VALUE *)&key, TRUE); 458 } 459 460 smp_key_distribution_by_transport(p_cb, NULL); 461 } 462 463 /******************************************************************************* 464 ** Function smp_send_ltk_reply 465 ** Description send LTK reply 466 *******************************************************************************/ 467 void smp_send_ltk_reply(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 468 { 469 SMP_TRACE_DEBUG("%s", __func__); 470 /* send stk as LTK response */ 471 btm_ble_ltk_request_reply(p_cb->pairing_bda, TRUE, p_data->key.p_data); 472 } 473 474 /******************************************************************************* 475 ** Function smp_proc_sec_req 476 ** Description process security request. 477 *******************************************************************************/ 478 void smp_proc_sec_req(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 479 { 480 tBTM_LE_AUTH_REQ auth_req = *(tBTM_LE_AUTH_REQ *)p_data; 481 tBTM_BLE_SEC_REQ_ACT sec_req_act; 482 UINT8 reason; 483 484 SMP_TRACE_DEBUG("%s auth_req=0x%x", __func__, auth_req); 485 486 p_cb->cb_evt = 0; 487 488 btm_ble_link_sec_check(p_cb->pairing_bda, auth_req, &sec_req_act); 489 490 SMP_TRACE_DEBUG("%s sec_req_act=0x%x", __func__, sec_req_act); 491 492 switch (sec_req_act) 493 { 494 case BTM_BLE_SEC_REQ_ACT_ENCRYPT: 495 SMP_TRACE_DEBUG("%s BTM_BLE_SEC_REQ_ACT_ENCRYPT", __func__); 496 smp_sm_event(p_cb, SMP_ENC_REQ_EVT, NULL); 497 break; 498 499 case BTM_BLE_SEC_REQ_ACT_PAIR: 500 p_cb->secure_connections_only_mode_required = 501 (btm_cb.security_mode == BTM_SEC_MODE_SC) ? TRUE : FALSE; 502 503 /* respond to non SC pairing request as failure in SC only mode */ 504 if (p_cb->secure_connections_only_mode_required && 505 (auth_req & SMP_SC_SUPPORT_BIT) == 0) 506 { 507 reason = SMP_PAIR_AUTH_FAIL; 508 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 509 } 510 else 511 { 512 /* initialize local i/r key to be default keys */ 513 p_cb->peer_auth_req = auth_req; 514 p_cb->local_r_key = p_cb->local_i_key = SMP_SEC_DEFAULT_KEY ; 515 p_cb->cb_evt = SMP_SEC_REQUEST_EVT; 516 } 517 break; 518 519 case BTM_BLE_SEC_REQ_ACT_DISCARD: 520 p_cb->discard_sec_req = TRUE; 521 break; 522 523 default: 524 /* do nothing */ 525 break; 526 } 527 } 528 529 /******************************************************************************* 530 ** Function smp_proc_sec_grant 531 ** Description process security grant. 532 *******************************************************************************/ 533 void smp_proc_sec_grant(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 534 { 535 UINT8 res= *(UINT8 *)p_data; 536 SMP_TRACE_DEBUG("%s", __func__); 537 if (res != SMP_SUCCESS) 538 { 539 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, p_data); 540 } 541 else /*otherwise, start pairing */ 542 { 543 /* send IO request callback */ 544 p_cb->cb_evt = SMP_IO_CAP_REQ_EVT; 545 } 546 } 547 548 /******************************************************************************* 549 ** Function smp_proc_pair_fail 550 ** Description process pairing failure from peer device 551 *******************************************************************************/ 552 void smp_proc_pair_fail(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 553 { 554 SMP_TRACE_DEBUG("%s", __func__); 555 p_cb->status = *(UINT8 *)p_data; 556 } 557 558 /******************************************************************************* 559 ** Function smp_proc_pair_cmd 560 ** Description Process the SMP pairing request/response from peer device 561 *******************************************************************************/ 562 void smp_proc_pair_cmd(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 563 { 564 UINT8 *p = (UINT8 *)p_data; 565 UINT8 reason = SMP_ENC_KEY_SIZE; 566 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (p_cb->pairing_bda); 567 568 SMP_TRACE_DEBUG("%s", __func__); 569 /* erase all keys if it is slave proc pairing req*/ 570 if (p_dev_rec && (p_cb->role == HCI_ROLE_SLAVE)) 571 btm_sec_clear_ble_keys(p_dev_rec); 572 573 p_cb->flags |= SMP_PAIR_FLAG_ENC_AFTER_PAIR; 574 575 STREAM_TO_UINT8(p_cb->peer_io_caps, p); 576 STREAM_TO_UINT8(p_cb->peer_oob_flag, p); 577 STREAM_TO_UINT8(p_cb->peer_auth_req, p); 578 STREAM_TO_UINT8(p_cb->peer_enc_size, p); 579 STREAM_TO_UINT8(p_cb->peer_i_key, p); 580 STREAM_TO_UINT8(p_cb->peer_r_key, p); 581 582 if (smp_command_has_invalid_parameters(p_cb)) 583 { 584 reason = SMP_INVALID_PARAMETERS; 585 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 586 return; 587 } 588 589 // PTS Testing failure modes 590 if (pts_test_send_authentication_complete_failure(p_cb)) 591 return; 592 593 if (p_cb->role == HCI_ROLE_SLAVE) 594 { 595 if (!(p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD)) 596 { 597 /* peer (master) started pairing sending Pairing Request */ 598 p_cb->local_i_key = p_cb->peer_i_key; 599 p_cb->local_r_key = p_cb->peer_r_key; 600 601 p_cb->cb_evt = SMP_SEC_REQUEST_EVT; 602 } 603 else /* update local i/r key according to pairing request */ 604 { 605 /* pairing started with this side (slave) sending Security Request */ 606 p_cb->local_i_key &= p_cb->peer_i_key; 607 p_cb->local_r_key &= p_cb->peer_r_key; 608 p_cb->selected_association_model = smp_select_association_model(p_cb); 609 610 if (p_cb->secure_connections_only_mode_required && 611 (!(p_cb->le_secure_connections_mode_is_used) || 612 (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) 613 { 614 SMP_TRACE_ERROR("%s pairing failed - slave requires secure connection only mode", 615 __func__); 616 reason = SMP_PAIR_AUTH_FAIL; 617 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 618 return; 619 } 620 621 if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) 622 { 623 if (smp_request_oob_data(p_cb)) return; 624 } 625 else 626 { 627 smp_send_pair_rsp(p_cb, NULL); 628 } 629 } 630 } 631 else /* Master receives pairing response */ 632 { 633 p_cb->selected_association_model = smp_select_association_model(p_cb); 634 635 if (p_cb->secure_connections_only_mode_required && 636 (!(p_cb->le_secure_connections_mode_is_used) || 637 (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) 638 { 639 SMP_TRACE_ERROR ("Master requires secure connection only mode \ 640 but it can't be provided -> Master fails pairing"); 641 reason = SMP_PAIR_AUTH_FAIL; 642 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 643 return; 644 } 645 646 if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) 647 { 648 if (smp_request_oob_data(p_cb)) return; 649 } 650 else 651 { 652 smp_decide_association_model(p_cb, NULL); 653 } 654 } 655 } 656 657 /******************************************************************************* 658 ** Function smp_proc_confirm 659 ** Description process pairing confirm from peer device 660 *******************************************************************************/ 661 void smp_proc_confirm(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 662 { 663 UINT8 *p = (UINT8 *)p_data; 664 UINT8 reason = SMP_INVALID_PARAMETERS; 665 666 SMP_TRACE_DEBUG("%s", __func__); 667 668 if (smp_command_has_invalid_parameters(p_cb)) 669 { 670 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 671 return; 672 } 673 674 if (p != NULL) 675 { 676 /* save the SConfirm for comparison later */ 677 STREAM_TO_ARRAY(p_cb->rconfirm, p, BT_OCTET16_LEN); 678 } 679 680 p_cb->flags |= SMP_PAIR_FLAGS_CMD_CONFIRM; 681 } 682 683 /******************************************************************************* 684 ** Function smp_proc_init 685 ** Description process pairing initializer from peer device 686 *******************************************************************************/ 687 void smp_proc_init(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 688 { 689 UINT8 *p = (UINT8 *)p_data; 690 UINT8 reason = SMP_INVALID_PARAMETERS; 691 692 SMP_TRACE_DEBUG("%s", __func__); 693 694 if (smp_command_has_invalid_parameters(p_cb)) 695 { 696 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 697 return; 698 } 699 700 /* save the SRand for comparison */ 701 STREAM_TO_ARRAY(p_cb->rrand, p, BT_OCTET16_LEN); 702 } 703 704 /******************************************************************************* 705 ** Function smp_proc_rand 706 ** Description process pairing random (nonce) from peer device 707 *******************************************************************************/ 708 void smp_proc_rand(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 709 { 710 UINT8 *p = (UINT8 *)p_data; 711 UINT8 reason = SMP_INVALID_PARAMETERS; 712 713 SMP_TRACE_DEBUG("%s", __func__); 714 715 if (smp_command_has_invalid_parameters(p_cb)) 716 { 717 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 718 return; 719 } 720 721 /* save the SRand for comparison */ 722 STREAM_TO_ARRAY(p_cb->rrand, p, BT_OCTET16_LEN); 723 } 724 725 /******************************************************************************* 726 ** Function smp_process_pairing_public_key 727 ** Description process pairing public key command from the peer device 728 ** - saves the peer public key; 729 ** - sets the flag indicating that the peer public key is received; 730 ** - calls smp_wait_for_both_public_keys(...). 731 ** 732 *******************************************************************************/ 733 void smp_process_pairing_public_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 734 { 735 UINT8 *p = (UINT8 *)p_data; 736 UINT8 reason = SMP_INVALID_PARAMETERS; 737 738 SMP_TRACE_DEBUG("%s", __func__); 739 740 if (smp_command_has_invalid_parameters(p_cb)) 741 { 742 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 743 return; 744 } 745 746 STREAM_TO_ARRAY(p_cb->peer_publ_key.x, p, BT_OCTET32_LEN); 747 STREAM_TO_ARRAY(p_cb->peer_publ_key.y, p, BT_OCTET32_LEN); 748 p_cb->flags |= SMP_PAIR_FLAG_HAVE_PEER_PUBL_KEY; 749 750 smp_wait_for_both_public_keys(p_cb, NULL); 751 } 752 753 /******************************************************************************* 754 ** Function smp_process_pairing_commitment 755 ** Description process pairing commitment from peer device 756 *******************************************************************************/ 757 void smp_process_pairing_commitment(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 758 { 759 UINT8 *p = (UINT8 *)p_data; 760 UINT8 reason = SMP_INVALID_PARAMETERS; 761 762 SMP_TRACE_DEBUG("%s", __func__); 763 764 if (smp_command_has_invalid_parameters(p_cb)) 765 { 766 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 767 return; 768 } 769 770 p_cb->flags |= SMP_PAIR_FLAG_HAVE_PEER_COMM; 771 772 if (p != NULL) 773 { 774 STREAM_TO_ARRAY(p_cb->remote_commitment, p, BT_OCTET16_LEN); 775 } 776 } 777 778 /******************************************************************************* 779 ** Function smp_process_dhkey_check 780 ** Description process DHKey Check from peer device 781 *******************************************************************************/ 782 void smp_process_dhkey_check(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 783 { 784 UINT8 *p = (UINT8 *)p_data; 785 UINT8 reason = SMP_INVALID_PARAMETERS; 786 787 SMP_TRACE_DEBUG("%s", __func__); 788 789 if (smp_command_has_invalid_parameters(p_cb)) 790 { 791 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 792 return; 793 } 794 795 if (p != NULL) 796 { 797 STREAM_TO_ARRAY(p_cb->remote_dhkey_check, p, BT_OCTET16_LEN); 798 } 799 800 p_cb->flags |= SMP_PAIR_FLAG_HAVE_PEER_DHK_CHK; 801 } 802 803 /******************************************************************************* 804 ** Function smp_process_keypress_notification 805 ** Description process pairing keypress notification from peer device 806 *******************************************************************************/ 807 void smp_process_keypress_notification(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 808 { 809 UINT8 *p = (UINT8 *)p_data; 810 UINT8 reason = SMP_INVALID_PARAMETERS; 811 812 SMP_TRACE_DEBUG("%s", __func__); 813 p_cb->status = *(UINT8 *)p_data; 814 815 if (smp_command_has_invalid_parameters(p_cb)) 816 { 817 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 818 return; 819 } 820 821 if (p != NULL) 822 { 823 STREAM_TO_UINT8(p_cb->peer_keypress_notification, p); 824 } 825 else 826 { 827 p_cb->peer_keypress_notification = BTM_SP_KEY_OUT_OF_RANGE; 828 } 829 p_cb->cb_evt = SMP_PEER_KEYPR_NOT_EVT; 830 } 831 832 /******************************************************************************* 833 ** Function smp_br_process_pairing_command 834 ** Description Process the SMP pairing request/response from peer device via 835 ** BR/EDR transport. 836 *******************************************************************************/ 837 void smp_br_process_pairing_command(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 838 { 839 UINT8 *p = (UINT8 *)p_data; 840 UINT8 reason = SMP_ENC_KEY_SIZE; 841 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev (p_cb->pairing_bda); 842 843 SMP_TRACE_DEBUG("%s", __func__); 844 /* rejecting BR pairing request over non-SC BR link */ 845 if (!p_dev_rec->new_encryption_key_is_p256 && p_cb->role == HCI_ROLE_SLAVE) 846 { 847 reason = SMP_XTRANS_DERIVE_NOT_ALLOW; 848 smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &reason); 849 return; 850 } 851 852 /* erase all keys if it is slave proc pairing req*/ 853 if (p_dev_rec && (p_cb->role == HCI_ROLE_SLAVE)) 854 btm_sec_clear_ble_keys(p_dev_rec); 855 856 p_cb->flags |= SMP_PAIR_FLAG_ENC_AFTER_PAIR; 857 858 STREAM_TO_UINT8(p_cb->peer_io_caps, p); 859 STREAM_TO_UINT8(p_cb->peer_oob_flag, p); 860 STREAM_TO_UINT8(p_cb->peer_auth_req, p); 861 STREAM_TO_UINT8(p_cb->peer_enc_size, p); 862 STREAM_TO_UINT8(p_cb->peer_i_key, p); 863 STREAM_TO_UINT8(p_cb->peer_r_key, p); 864 865 if (smp_command_has_invalid_parameters(p_cb)) 866 { 867 reason = SMP_INVALID_PARAMETERS; 868 smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &reason); 869 return; 870 } 871 872 /* peer (master) started pairing sending Pairing Request */ 873 /* or being master device always use received i/r key as keys to distribute */ 874 p_cb->local_i_key = p_cb->peer_i_key; 875 p_cb->local_r_key = p_cb->peer_r_key; 876 877 if (p_cb->role == HCI_ROLE_SLAVE) 878 { 879 p_dev_rec->new_encryption_key_is_p256 = FALSE; 880 /* shortcut to skip Security Grant step */ 881 p_cb->cb_evt = SMP_BR_KEYS_REQ_EVT; 882 } 883 else /* Master receives pairing response */ 884 { 885 SMP_TRACE_DEBUG("%s master rcvs valid PAIRING RESPONSE." 886 " Supposed to move to key distribution phase. ", __func__); 887 } 888 889 /* auth_req received via BR/EDR SM channel is set to 0, 890 but everything derived/exchanged has to be saved */ 891 p_cb->peer_auth_req |= SMP_AUTH_BOND; 892 p_cb->loc_auth_req |= SMP_AUTH_BOND; 893 } 894 895 /******************************************************************************* 896 ** Function smp_br_process_security_grant 897 ** Description process security grant in case of pairing over BR/EDR transport. 898 *******************************************************************************/ 899 void smp_br_process_security_grant(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 900 { 901 UINT8 res= *(UINT8 *)p_data; 902 SMP_TRACE_DEBUG("%s", __func__); 903 if (res != SMP_SUCCESS) 904 { 905 smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, p_data); 906 } 907 else /*otherwise, start pairing */ 908 { 909 /* send IO request callback */ 910 p_cb->cb_evt = SMP_BR_KEYS_REQ_EVT; 911 } 912 } 913 914 /******************************************************************************* 915 ** Function smp_br_check_authorization_request 916 ** Description sets the SMP kes to be derived/distribute over BR/EDR transport 917 ** before starting the distribution/derivation 918 *******************************************************************************/ 919 void smp_br_check_authorization_request(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 920 { 921 UINT8 reason = SMP_SUCCESS; 922 923 SMP_TRACE_DEBUG("%s rcvs i_keys=0x%x r_keys=0x%x " 924 "(i-initiator r-responder)", __FUNCTION__, p_cb->local_i_key, 925 p_cb->local_r_key); 926 927 /* In LE SC mode LK field is ignored when BR/EDR transport is used */ 928 p_cb->local_i_key &= ~SMP_SEC_KEY_TYPE_LK; 929 p_cb->local_r_key &= ~SMP_SEC_KEY_TYPE_LK; 930 931 /* In LE SC mode only IRK, IAI, CSRK are exchanged with the peer. 932 ** Set local_r_key on master to expect only these keys. */ 933 if (p_cb->role == HCI_ROLE_MASTER) 934 { 935 p_cb->local_r_key &= (SMP_SEC_KEY_TYPE_ID | SMP_SEC_KEY_TYPE_CSRK); 936 } 937 938 SMP_TRACE_DEBUG("%s rcvs upgrades: i_keys=0x%x r_keys=0x%x " 939 "(i-initiator r-responder)", __FUNCTION__, p_cb->local_i_key, 940 p_cb->local_r_key); 941 942 if (/*((p_cb->peer_auth_req & SMP_AUTH_BOND) || 943 (p_cb->loc_auth_req & SMP_AUTH_BOND)) &&*/ 944 (p_cb->local_i_key || p_cb->local_r_key)) 945 { 946 smp_br_state_machine_event(p_cb, SMP_BR_BOND_REQ_EVT, NULL); 947 948 /* if no peer key is expected, start master key distribution */ 949 if (p_cb->role == HCI_ROLE_MASTER && p_cb->local_r_key == 0) 950 smp_key_distribution_by_transport(p_cb, NULL); 951 } 952 else 953 { 954 smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &reason); 955 } 956 } 957 958 /******************************************************************************* 959 ** Function smp_br_select_next_key 960 ** Description selects the next key to derive/send when BR/EDR transport is 961 ** used. 962 *******************************************************************************/ 963 void smp_br_select_next_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 964 { 965 UINT8 reason = SMP_SUCCESS; 966 SMP_TRACE_DEBUG("%s role=%d (0-master) r_keys=0x%x i_keys=0x%x", 967 __func__, p_cb->role, p_cb->local_r_key, p_cb->local_i_key); 968 969 if (p_cb->role == HCI_ROLE_SLAVE|| 970 (!p_cb->local_r_key && p_cb->role == HCI_ROLE_MASTER)) 971 { 972 smp_key_pick_key(p_cb, p_data); 973 } 974 975 if (!p_cb->local_i_key && !p_cb->local_r_key) 976 { 977 /* state check to prevent re-entrance */ 978 if (smp_get_br_state() == SMP_BR_STATE_BOND_PENDING) 979 { 980 if (p_cb->total_tx_unacked == 0) 981 smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &reason); 982 else 983 p_cb->wait_for_authorization_complete = TRUE; 984 } 985 } 986 } 987 988 /******************************************************************************* 989 ** Function smp_proc_enc_info 990 ** Description process encryption information from peer device 991 *******************************************************************************/ 992 void smp_proc_enc_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 993 { 994 UINT8 *p = (UINT8 *)p_data; 995 996 SMP_TRACE_DEBUG("%s", __func__); 997 STREAM_TO_ARRAY(p_cb->ltk, p, BT_OCTET16_LEN); 998 999 smp_key_distribution(p_cb, NULL); 1000 } 1001 /******************************************************************************* 1002 ** Function smp_proc_master_id 1003 ** Description process master ID from slave device 1004 *******************************************************************************/ 1005 void smp_proc_master_id(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1006 { 1007 UINT8 *p = (UINT8 *)p_data; 1008 tBTM_LE_PENC_KEYS le_key; 1009 1010 SMP_TRACE_DEBUG("%s", __func__); 1011 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ENC, TRUE); 1012 1013 STREAM_TO_UINT16(le_key.ediv, p); 1014 STREAM_TO_ARRAY(le_key.rand, p, BT_OCTET8_LEN ); 1015 1016 /* store the encryption keys from peer device */ 1017 memcpy(le_key.ltk, p_cb->ltk, BT_OCTET16_LEN); 1018 le_key.sec_level = p_cb->sec_level; 1019 le_key.key_size = p_cb->loc_enc_size; 1020 1021 if ((p_cb->peer_auth_req & SMP_AUTH_BOND) && (p_cb->loc_auth_req & SMP_AUTH_BOND)) 1022 btm_sec_save_le_key(p_cb->pairing_bda, 1023 BTM_LE_KEY_PENC, 1024 (tBTM_LE_KEY_VALUE *)&le_key, TRUE); 1025 1026 smp_key_distribution(p_cb, NULL); 1027 } 1028 1029 /******************************************************************************* 1030 ** Function smp_proc_enc_info 1031 ** Description process identity information from peer device 1032 *******************************************************************************/ 1033 void smp_proc_id_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1034 { 1035 UINT8 *p = (UINT8 *)p_data; 1036 1037 SMP_TRACE_DEBUG("%s", __func__); 1038 STREAM_TO_ARRAY (p_cb->tk, p, BT_OCTET16_LEN); /* reuse TK for IRK */ 1039 smp_key_distribution_by_transport(p_cb, NULL); 1040 } 1041 1042 /******************************************************************************* 1043 ** Function smp_proc_id_addr 1044 ** Description process identity address from peer device 1045 *******************************************************************************/ 1046 void smp_proc_id_addr(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1047 { 1048 UINT8 *p = (UINT8 *)p_data; 1049 tBTM_LE_PID_KEYS pid_key; 1050 1051 SMP_TRACE_DEBUG("%s", __func__); 1052 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ID, TRUE); 1053 1054 STREAM_TO_UINT8(pid_key.addr_type, p); 1055 STREAM_TO_BDADDR(pid_key.static_addr, p); 1056 memcpy(pid_key.irk, p_cb->tk, BT_OCTET16_LEN); 1057 1058 /* to use as BD_ADDR for lk derived from ltk */ 1059 p_cb->id_addr_rcvd = TRUE; 1060 p_cb->id_addr_type = pid_key.addr_type; 1061 memcpy(p_cb->id_addr, pid_key.static_addr, BD_ADDR_LEN); 1062 1063 /* store the ID key from peer device */ 1064 if ((p_cb->peer_auth_req & SMP_AUTH_BOND) && (p_cb->loc_auth_req & SMP_AUTH_BOND)) 1065 btm_sec_save_le_key(p_cb->pairing_bda, BTM_LE_KEY_PID, 1066 (tBTM_LE_KEY_VALUE *)&pid_key, TRUE); 1067 smp_key_distribution_by_transport(p_cb, NULL); 1068 } 1069 1070 /******************************************************************************* 1071 ** Function smp_proc_srk_info 1072 ** Description process security information from peer device 1073 *******************************************************************************/ 1074 void smp_proc_srk_info(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1075 { 1076 tBTM_LE_PCSRK_KEYS le_key; 1077 1078 SMP_TRACE_DEBUG("%s", __func__); 1079 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_CSRK, TRUE); 1080 1081 /* save CSRK to security record */ 1082 le_key.sec_level = p_cb->sec_level; 1083 memcpy (le_key.csrk, p_data, BT_OCTET16_LEN); /* get peer CSRK */ 1084 le_key.counter = 0; /* initialize the peer counter */ 1085 1086 if ((p_cb->peer_auth_req & SMP_AUTH_BOND) && (p_cb->loc_auth_req & SMP_AUTH_BOND)) 1087 btm_sec_save_le_key(p_cb->pairing_bda, 1088 BTM_LE_KEY_PCSRK, 1089 (tBTM_LE_KEY_VALUE *)&le_key, TRUE); 1090 smp_key_distribution_by_transport(p_cb, NULL); 1091 } 1092 1093 /******************************************************************************* 1094 ** Function smp_proc_compare 1095 ** Description process compare value 1096 *******************************************************************************/ 1097 void smp_proc_compare(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1098 { 1099 UINT8 reason; 1100 1101 SMP_TRACE_DEBUG("%s", __func__); 1102 if (!memcmp(p_cb->rconfirm, p_data->key.p_data, BT_OCTET16_LEN)) 1103 { 1104 /* compare the max encryption key size, and save the smaller one for the link */ 1105 if ( p_cb->peer_enc_size < p_cb->loc_enc_size) 1106 p_cb->loc_enc_size = p_cb->peer_enc_size; 1107 1108 if (p_cb->role == HCI_ROLE_SLAVE) 1109 smp_sm_event(p_cb, SMP_RAND_EVT, NULL); 1110 else 1111 { 1112 /* master device always use received i/r key as keys to distribute */ 1113 p_cb->local_i_key = p_cb->peer_i_key; 1114 p_cb->local_r_key = p_cb->peer_r_key; 1115 1116 smp_sm_event(p_cb, SMP_ENC_REQ_EVT, NULL); 1117 } 1118 1119 } 1120 else 1121 { 1122 reason = p_cb->failure = SMP_CONFIRM_VALUE_ERR; 1123 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1124 } 1125 } 1126 1127 /******************************************************************************* 1128 ** Function smp_proc_sl_key 1129 ** Description process key ready events. 1130 *******************************************************************************/ 1131 void smp_proc_sl_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1132 { 1133 UINT8 key_type = p_data->key.key_type; 1134 1135 SMP_TRACE_DEBUG("%s", __func__); 1136 if (key_type == SMP_KEY_TYPE_TK) 1137 { 1138 smp_generate_srand_mrand_confirm(p_cb, NULL); 1139 } 1140 else if (key_type == SMP_KEY_TYPE_CFM) 1141 { 1142 smp_set_state(SMP_STATE_WAIT_CONFIRM); 1143 1144 if (p_cb->flags & SMP_PAIR_FLAGS_CMD_CONFIRM) 1145 smp_sm_event(p_cb, SMP_CONFIRM_EVT, NULL); 1146 } 1147 } 1148 1149 /******************************************************************************* 1150 ** Function smp_start_enc 1151 ** Description start encryption 1152 *******************************************************************************/ 1153 void smp_start_enc(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1154 { 1155 tBTM_STATUS cmd; 1156 UINT8 reason = SMP_ENC_FAIL; 1157 1158 SMP_TRACE_DEBUG("%s", __func__); 1159 if (p_data != NULL) 1160 cmd = btm_ble_start_encrypt(p_cb->pairing_bda, TRUE, p_data->key.p_data); 1161 else 1162 cmd = btm_ble_start_encrypt(p_cb->pairing_bda, FALSE, NULL); 1163 1164 if (cmd != BTM_CMD_STARTED && cmd != BTM_BUSY) 1165 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1166 } 1167 1168 /******************************************************************************* 1169 ** Function smp_proc_discard 1170 ** Description processing for discard security request 1171 *******************************************************************************/ 1172 void smp_proc_discard(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1173 { 1174 SMP_TRACE_DEBUG("%s", __func__); 1175 if (!(p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD)) 1176 smp_reset_control_value(p_cb); 1177 } 1178 1179 /******************************************************************************* 1180 ** Function smp_enc_cmpl 1181 ** Description encryption success 1182 *******************************************************************************/ 1183 void smp_enc_cmpl(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1184 { 1185 UINT8 enc_enable = *(UINT8 *)p_data; 1186 UINT8 reason = enc_enable ? SMP_SUCCESS : SMP_ENC_FAIL; 1187 1188 SMP_TRACE_DEBUG("%s", __func__); 1189 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1190 } 1191 1192 /******************************************************************************* 1193 ** Function smp_check_auth_req 1194 ** Description check authentication request 1195 *******************************************************************************/ 1196 void smp_check_auth_req(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1197 { 1198 UINT8 enc_enable = *(UINT8 *)p_data; 1199 UINT8 reason = enc_enable ? SMP_SUCCESS : SMP_ENC_FAIL; 1200 1201 SMP_TRACE_DEBUG("%s rcvs enc_enable=%d i_keys=0x%x r_keys=0x%x " 1202 "(i-initiator r-responder)", 1203 __func__, enc_enable, p_cb->local_i_key, p_cb->local_r_key); 1204 if (enc_enable == 1) 1205 { 1206 if (p_cb->le_secure_connections_mode_is_used) 1207 { 1208 /* In LE SC mode LTK is used instead of STK and has to be always saved */ 1209 p_cb->local_i_key |= SMP_SEC_KEY_TYPE_ENC; 1210 p_cb->local_r_key |= SMP_SEC_KEY_TYPE_ENC; 1211 1212 /* In LE SC mode LK is derived from LTK only if both sides request it */ 1213 if (!(p_cb->local_i_key & SMP_SEC_KEY_TYPE_LK) || 1214 !(p_cb->local_r_key & SMP_SEC_KEY_TYPE_LK)) 1215 { 1216 p_cb->local_i_key &= ~SMP_SEC_KEY_TYPE_LK; 1217 p_cb->local_r_key &= ~SMP_SEC_KEY_TYPE_LK; 1218 } 1219 1220 /* In LE SC mode only IRK, IAI, CSRK are exchanged with the peer. 1221 ** Set local_r_key on master to expect only these keys. 1222 */ 1223 if (p_cb->role == HCI_ROLE_MASTER) 1224 { 1225 p_cb->local_r_key &= (SMP_SEC_KEY_TYPE_ID | SMP_SEC_KEY_TYPE_CSRK); 1226 } 1227 } 1228 else 1229 { 1230 /* in legacy mode derivation of BR/EDR LK is not supported */ 1231 p_cb->local_i_key &= ~SMP_SEC_KEY_TYPE_LK; 1232 p_cb->local_r_key &= ~SMP_SEC_KEY_TYPE_LK; 1233 } 1234 SMP_TRACE_DEBUG("%s rcvs upgrades: i_keys=0x%x r_keys=0x%x " 1235 "(i-initiator r-responder)", 1236 __func__, p_cb->local_i_key, p_cb->local_r_key); 1237 1238 if (/*((p_cb->peer_auth_req & SMP_AUTH_BOND) || 1239 (p_cb->loc_auth_req & SMP_AUTH_BOND)) &&*/ 1240 (p_cb->local_i_key || p_cb->local_r_key)) 1241 { 1242 smp_sm_event(p_cb, SMP_BOND_REQ_EVT, NULL); 1243 } 1244 else 1245 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1246 } 1247 else if (enc_enable == 0) 1248 { 1249 /* if failed for encryption after pairing, send callback */ 1250 if (p_cb->flags & SMP_PAIR_FLAG_ENC_AFTER_PAIR) 1251 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1252 /* if enc failed for old security information */ 1253 /* if master device, clean up and abck to idle; slave device do nothing */ 1254 else if (p_cb->role == HCI_ROLE_MASTER) 1255 { 1256 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1257 } 1258 } 1259 } 1260 1261 /******************************************************************************* 1262 ** Function smp_key_pick_key 1263 ** Description Pick a key distribution function based on the key mask. 1264 *******************************************************************************/ 1265 void smp_key_pick_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1266 { 1267 UINT8 key_to_dist = (p_cb->role == HCI_ROLE_SLAVE) ? p_cb->local_r_key : p_cb->local_i_key; 1268 UINT8 i = 0; 1269 1270 SMP_TRACE_DEBUG("%s key_to_dist=0x%x", __func__, key_to_dist); 1271 while (i < SMP_KEY_DIST_TYPE_MAX) 1272 { 1273 SMP_TRACE_DEBUG("key to send = %02x, i = %d", key_to_dist, i); 1274 1275 if (key_to_dist & (1 << i)) 1276 { 1277 SMP_TRACE_DEBUG("smp_distribute_act[%d]", i); 1278 (* smp_distribute_act[i])(p_cb, p_data); 1279 break; 1280 } 1281 i ++; 1282 } 1283 } 1284 /******************************************************************************* 1285 ** Function smp_key_distribution 1286 ** Description start key distribution if required. 1287 *******************************************************************************/ 1288 void smp_key_distribution(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1289 { 1290 UINT8 reason = SMP_SUCCESS; 1291 SMP_TRACE_DEBUG("%s role=%d (0-master) r_keys=0x%x i_keys=0x%x", 1292 __func__, p_cb->role, p_cb->local_r_key, p_cb->local_i_key); 1293 1294 if (p_cb->role == HCI_ROLE_SLAVE || 1295 (!p_cb->local_r_key && p_cb->role == HCI_ROLE_MASTER)) 1296 { 1297 smp_key_pick_key(p_cb, p_data); 1298 } 1299 1300 if (!p_cb->local_i_key && !p_cb->local_r_key) 1301 { 1302 /* state check to prevent re-entrant */ 1303 if (smp_get_state() == SMP_STATE_BOND_PENDING) 1304 { 1305 if (p_cb->derive_lk) 1306 { 1307 smp_derive_link_key_from_long_term_key(p_cb, NULL); 1308 p_cb->derive_lk = FALSE; 1309 } 1310 1311 if (p_cb->total_tx_unacked == 0) 1312 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1313 else 1314 p_cb->wait_for_authorization_complete = TRUE; 1315 } 1316 } 1317 } 1318 1319 /******************************************************************************* 1320 ** Function smp_decide_association_model 1321 ** Description This function is called to select assoc model to be used for 1322 ** STK generation and to start STK generation process. 1323 ** 1324 *******************************************************************************/ 1325 void smp_decide_association_model(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1326 { 1327 UINT8 failure = SMP_UNKNOWN_IO_CAP; 1328 UINT8 int_evt = 0; 1329 tSMP_KEY key; 1330 tSMP_INT_DATA *p = NULL; 1331 1332 SMP_TRACE_DEBUG("%s Association Model = %d", __func__, p_cb->selected_association_model); 1333 1334 switch (p_cb->selected_association_model) 1335 { 1336 case SMP_MODEL_ENCRYPTION_ONLY: /* TK = 0, go calculate Confirm */ 1337 if (p_cb->role == HCI_ROLE_MASTER && 1338 ((p_cb->peer_auth_req & SMP_AUTH_YN_BIT) != 0) && 1339 ((p_cb->loc_auth_req & SMP_AUTH_YN_BIT) == 0)) 1340 { 1341 SMP_TRACE_ERROR ("IO capability does not meet authentication requirement"); 1342 failure = SMP_PAIR_AUTH_FAIL; 1343 p = (tSMP_INT_DATA *)&failure; 1344 int_evt = SMP_AUTH_CMPL_EVT; 1345 } 1346 else 1347 { 1348 p_cb->sec_level = SMP_SEC_UNAUTHENTICATE; 1349 SMP_TRACE_EVENT ("p_cb->sec_level =%d (SMP_SEC_UNAUTHENTICATE) ", p_cb->sec_level ); 1350 1351 key.key_type = SMP_KEY_TYPE_TK; 1352 key.p_data = p_cb->tk; 1353 p = (tSMP_INT_DATA *)&key; 1354 1355 memset(p_cb->tk, 0, BT_OCTET16_LEN); 1356 /* TK, ready */ 1357 int_evt = SMP_KEY_READY_EVT; 1358 } 1359 break; 1360 1361 case SMP_MODEL_PASSKEY: 1362 p_cb->sec_level = SMP_SEC_AUTHENTICATED; 1363 SMP_TRACE_EVENT ("p_cb->sec_level =%d (SMP_SEC_AUTHENTICATED) ", p_cb->sec_level ); 1364 1365 p_cb->cb_evt = SMP_PASSKEY_REQ_EVT; 1366 int_evt = SMP_TK_REQ_EVT; 1367 break; 1368 1369 case SMP_MODEL_OOB: 1370 SMP_TRACE_ERROR ("Association Model = SMP_MODEL_OOB"); 1371 p_cb->sec_level = SMP_SEC_AUTHENTICATED; 1372 SMP_TRACE_EVENT ("p_cb->sec_level =%d (SMP_SEC_AUTHENTICATED) ", p_cb->sec_level ); 1373 1374 p_cb->cb_evt = SMP_OOB_REQ_EVT; 1375 int_evt = SMP_TK_REQ_EVT; 1376 break; 1377 1378 case SMP_MODEL_KEY_NOTIF: 1379 p_cb->sec_level = SMP_SEC_AUTHENTICATED; 1380 SMP_TRACE_DEBUG("Need to generate Passkey"); 1381 1382 /* generate passkey and notify application */ 1383 smp_generate_passkey(p_cb, NULL); 1384 break; 1385 1386 case SMP_MODEL_SEC_CONN_JUSTWORKS: 1387 case SMP_MODEL_SEC_CONN_NUM_COMP: 1388 case SMP_MODEL_SEC_CONN_PASSKEY_ENT: 1389 case SMP_MODEL_SEC_CONN_PASSKEY_DISP: 1390 case SMP_MODEL_SEC_CONN_OOB: 1391 int_evt = SMP_PUBL_KEY_EXCH_REQ_EVT; 1392 break; 1393 1394 case SMP_MODEL_OUT_OF_RANGE: 1395 SMP_TRACE_ERROR("Association Model = SMP_MODEL_OUT_OF_RANGE (failed)"); 1396 p = (tSMP_INT_DATA *)&failure; 1397 int_evt = SMP_AUTH_CMPL_EVT; 1398 break; 1399 1400 default: 1401 SMP_TRACE_ERROR("Association Model = %d (SOMETHING IS WRONG WITH THE CODE)", 1402 p_cb->selected_association_model); 1403 p = (tSMP_INT_DATA *)&failure; 1404 int_evt = SMP_AUTH_CMPL_EVT; 1405 } 1406 1407 SMP_TRACE_EVENT ("sec_level=%d ", p_cb->sec_level ); 1408 if (int_evt) 1409 smp_sm_event(p_cb, int_evt, p); 1410 } 1411 1412 /******************************************************************************* 1413 ** Function smp_process_io_response 1414 ** Description process IO response for a slave device. 1415 *******************************************************************************/ 1416 void smp_process_io_response(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1417 { 1418 uint8_t reason = SMP_PAIR_AUTH_FAIL; 1419 1420 SMP_TRACE_DEBUG("%s", __func__); 1421 if (p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD) 1422 { 1423 /* pairing started by local (slave) Security Request */ 1424 smp_set_state(SMP_STATE_SEC_REQ_PENDING); 1425 smp_send_cmd(SMP_OPCODE_SEC_REQ, p_cb); 1426 } 1427 else /* plan to send pairing respond */ 1428 { 1429 /* pairing started by peer (master) Pairing Request */ 1430 p_cb->selected_association_model = smp_select_association_model(p_cb); 1431 1432 if (p_cb->secure_connections_only_mode_required && 1433 (!(p_cb->le_secure_connections_mode_is_used) || 1434 (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) 1435 { 1436 SMP_TRACE_ERROR ("Slave requires secure connection only mode \ 1437 but it can't be provided -> Slave fails pairing"); 1438 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1439 return; 1440 } 1441 1442 if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_OOB) 1443 { 1444 if (smp_request_oob_data(p_cb)) return; 1445 } 1446 1447 // PTS Testing failure modes 1448 if (pts_test_send_authentication_complete_failure(p_cb)) 1449 return; 1450 1451 smp_send_pair_rsp(p_cb, NULL); 1452 } 1453 } 1454 1455 /******************************************************************************* 1456 ** Function smp_br_process_slave_keys_response 1457 ** Description process application keys response for a slave device 1458 ** (BR/EDR transport). 1459 *******************************************************************************/ 1460 void smp_br_process_slave_keys_response(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1461 { 1462 smp_br_send_pair_response(p_cb, NULL); 1463 } 1464 1465 /******************************************************************************* 1466 ** Function smp_br_send_pair_response 1467 ** Description actions related to sending pairing response over BR/EDR transport. 1468 *******************************************************************************/ 1469 void smp_br_send_pair_response(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1470 { 1471 SMP_TRACE_DEBUG("%s", __func__); 1472 1473 p_cb->local_i_key &= p_cb->peer_i_key; 1474 p_cb->local_r_key &= p_cb->peer_r_key; 1475 1476 smp_send_cmd (SMP_OPCODE_PAIRING_RSP, p_cb); 1477 } 1478 1479 /******************************************************************************* 1480 ** Function smp_pairing_cmpl 1481 ** Description This function is called to send the pairing complete callback 1482 ** and remove the connection if needed. 1483 *******************************************************************************/ 1484 void smp_pairing_cmpl(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1485 { 1486 if (p_cb->total_tx_unacked == 0) 1487 { 1488 /* update connection parameter to remote preferred */ 1489 L2CA_EnableUpdateBleConnParams(p_cb->pairing_bda, TRUE); 1490 /* process the pairing complete */ 1491 smp_proc_pairing_cmpl(p_cb); 1492 } 1493 } 1494 1495 /******************************************************************************* 1496 ** Function smp_pair_terminate 1497 ** Description This function is called to send the pairing complete callback 1498 ** and remove the connection if needed. 1499 *******************************************************************************/ 1500 void smp_pair_terminate(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1501 { 1502 SMP_TRACE_DEBUG("%s", __func__); 1503 p_cb->status = SMP_CONN_TOUT; 1504 smp_proc_pairing_cmpl(p_cb); 1505 } 1506 1507 /******************************************************************************* 1508 ** Function smp_idle_terminate 1509 ** Description This function calledin idle state to determine to send authentication 1510 ** complete or not. 1511 *******************************************************************************/ 1512 void smp_idle_terminate(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1513 { 1514 if (p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD) 1515 { 1516 SMP_TRACE_DEBUG("Pairing terminated at IDLE state."); 1517 p_cb->status = SMP_FAIL; 1518 smp_proc_pairing_cmpl(p_cb); 1519 } 1520 } 1521 1522 /******************************************************************************* 1523 ** Function smp_fast_conn_param 1524 ** Description apply default connection parameter for pairing process 1525 *******************************************************************************/ 1526 void smp_fast_conn_param(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1527 { 1528 /* disable connection parameter update */ 1529 L2CA_EnableUpdateBleConnParams(p_cb->pairing_bda, FALSE); 1530 } 1531 1532 /******************************************************************************* 1533 ** Function smp_both_have_public_keys 1534 ** Description The function is called when both local and peer public keys are 1535 ** saved. 1536 ** Actions: 1537 ** - invokes DHKey computation; 1538 ** - on slave side invokes sending local public key to the peer. 1539 ** - invokes SC phase 1 process. 1540 *******************************************************************************/ 1541 void smp_both_have_public_keys(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1542 { 1543 SMP_TRACE_DEBUG("%s",__func__); 1544 1545 /* invokes DHKey computation */ 1546 smp_compute_dhkey(p_cb); 1547 1548 /* on slave side invokes sending local public key to the peer */ 1549 if (p_cb->role == HCI_ROLE_SLAVE) 1550 smp_send_pair_public_key(p_cb, NULL); 1551 1552 smp_sm_event(p_cb, SMP_SC_DHKEY_CMPLT_EVT, NULL); 1553 } 1554 1555 /******************************************************************************* 1556 ** Function smp_start_secure_connection_phase1 1557 ** Description The function starts Secure Connection phase1 i.e. invokes initialization of Secure Connection 1558 ** phase 1 parameters and starts building/sending to the peer 1559 ** messages appropriate for the role and association model. 1560 *******************************************************************************/ 1561 void smp_start_secure_connection_phase1(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1562 { 1563 SMP_TRACE_DEBUG("%s", __func__); 1564 1565 if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS) 1566 { 1567 p_cb->sec_level = SMP_SEC_UNAUTHENTICATE; 1568 SMP_TRACE_EVENT ("p_cb->sec_level =%d (SMP_SEC_UNAUTHENTICATE) ", p_cb->sec_level ); 1569 } 1570 else 1571 { 1572 p_cb->sec_level = SMP_SEC_AUTHENTICATED; 1573 SMP_TRACE_EVENT ("p_cb->sec_level =%d (SMP_SEC_AUTHENTICATED) ", p_cb->sec_level ); 1574 } 1575 1576 switch(p_cb->selected_association_model) 1577 { 1578 case SMP_MODEL_SEC_CONN_JUSTWORKS: 1579 case SMP_MODEL_SEC_CONN_NUM_COMP: 1580 memset(p_cb->local_random, 0, BT_OCTET16_LEN); 1581 smp_start_nonce_generation(p_cb); 1582 break; 1583 case SMP_MODEL_SEC_CONN_PASSKEY_ENT: 1584 /* user has to provide passkey */ 1585 p_cb->cb_evt = SMP_PASSKEY_REQ_EVT; 1586 smp_sm_event(p_cb, SMP_TK_REQ_EVT, NULL); 1587 break; 1588 case SMP_MODEL_SEC_CONN_PASSKEY_DISP: 1589 /* passkey has to be provided to user */ 1590 SMP_TRACE_DEBUG("Need to generate SC Passkey"); 1591 smp_generate_passkey(p_cb, NULL); 1592 break; 1593 case SMP_MODEL_SEC_CONN_OOB: 1594 /* use the available OOB information */ 1595 smp_process_secure_connection_oob_data(p_cb, NULL); 1596 break; 1597 default: 1598 SMP_TRACE_ERROR ("Association Model = %d is not used in LE SC", 1599 p_cb->selected_association_model); 1600 break; 1601 } 1602 } 1603 1604 /******************************************************************************* 1605 ** Function smp_process_local_nonce 1606 ** Description The function processes new local nonce. 1607 ** 1608 ** Note It is supposed to be called in SC phase1. 1609 *******************************************************************************/ 1610 void smp_process_local_nonce(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1611 { 1612 SMP_TRACE_DEBUG("%s", __func__); 1613 1614 switch(p_cb->selected_association_model) 1615 { 1616 case SMP_MODEL_SEC_CONN_JUSTWORKS: 1617 case SMP_MODEL_SEC_CONN_NUM_COMP: 1618 if (p_cb->role == HCI_ROLE_SLAVE) 1619 { 1620 /* slave calculates and sends local commitment */ 1621 smp_calculate_local_commitment(p_cb); 1622 smp_send_commitment(p_cb, NULL); 1623 /* slave has to wait for peer nonce */ 1624 smp_set_state(SMP_STATE_WAIT_NONCE); 1625 } 1626 else /* i.e. master */ 1627 { 1628 if (p_cb->flags & SMP_PAIR_FLAG_HAVE_PEER_COMM) 1629 { 1630 /* slave commitment is already received, send local nonce, wait for remote nonce*/ 1631 SMP_TRACE_DEBUG("master in assoc mode = %d \ 1632 already rcvd slave commitment - race condition", 1633 p_cb->selected_association_model); 1634 p_cb->flags &= ~SMP_PAIR_FLAG_HAVE_PEER_COMM; 1635 smp_send_rand(p_cb, NULL); 1636 smp_set_state(SMP_STATE_WAIT_NONCE); 1637 } 1638 } 1639 break; 1640 case SMP_MODEL_SEC_CONN_PASSKEY_ENT: 1641 case SMP_MODEL_SEC_CONN_PASSKEY_DISP: 1642 smp_calculate_local_commitment(p_cb); 1643 1644 if (p_cb->role == HCI_ROLE_MASTER) 1645 { 1646 smp_send_commitment(p_cb, NULL); 1647 } 1648 else /* slave */ 1649 { 1650 if (p_cb->flags & SMP_PAIR_FLAG_HAVE_PEER_COMM) 1651 { 1652 /* master commitment is already received */ 1653 smp_send_commitment(p_cb, NULL); 1654 smp_set_state(SMP_STATE_WAIT_NONCE); 1655 } 1656 } 1657 break; 1658 case SMP_MODEL_SEC_CONN_OOB: 1659 if (p_cb->role == HCI_ROLE_MASTER) 1660 { 1661 smp_send_rand(p_cb, NULL); 1662 } 1663 1664 smp_set_state(SMP_STATE_WAIT_NONCE); 1665 break; 1666 default: 1667 SMP_TRACE_ERROR ("Association Model = %d is not used in LE SC", 1668 p_cb->selected_association_model); 1669 break; 1670 } 1671 } 1672 1673 /******************************************************************************* 1674 ** Function smp_process_peer_nonce 1675 ** Description The function processes newly received and saved in CB peer nonce. 1676 ** The actions depend on the selected association model and the role. 1677 ** 1678 ** Note It is supposed to be called in SC phase1. 1679 *******************************************************************************/ 1680 void smp_process_peer_nonce(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1681 { 1682 UINT8 reason; 1683 1684 SMP_TRACE_DEBUG("%s start ", __func__); 1685 1686 // PTS Testing failure modes 1687 if (p_cb->cert_failure == 1) { 1688 SMP_TRACE_ERROR("%s failure case = %d", __func__, p_cb->cert_failure); 1689 reason = p_cb->failure = SMP_CONFIRM_VALUE_ERR; 1690 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1691 return; 1692 } 1693 1694 switch(p_cb->selected_association_model) 1695 { 1696 case SMP_MODEL_SEC_CONN_JUSTWORKS: 1697 case SMP_MODEL_SEC_CONN_NUM_COMP: 1698 /* in these models only master receives commitment */ 1699 if (p_cb->role == HCI_ROLE_MASTER) 1700 { 1701 if (!smp_check_commitment(p_cb)) 1702 { 1703 reason = p_cb->failure = SMP_CONFIRM_VALUE_ERR; 1704 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1705 break; 1706 } 1707 } 1708 else 1709 { 1710 /* slave sends local nonce */ 1711 smp_send_rand(p_cb, NULL); 1712 } 1713 1714 if(p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS) 1715 { 1716 /* go directly to phase 2 */ 1717 smp_sm_event(p_cb, SMP_SC_PHASE1_CMPLT_EVT, NULL); 1718 } 1719 else /* numeric comparison */ 1720 { 1721 smp_set_state(SMP_STATE_WAIT_NONCE); 1722 smp_sm_event(p_cb, SMP_SC_CALC_NC_EVT, NULL); 1723 } 1724 break; 1725 case SMP_MODEL_SEC_CONN_PASSKEY_ENT: 1726 case SMP_MODEL_SEC_CONN_PASSKEY_DISP: 1727 if (!smp_check_commitment(p_cb) && p_cb->cert_failure != 9) 1728 { 1729 reason = p_cb->failure = SMP_CONFIRM_VALUE_ERR; 1730 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1731 break; 1732 } 1733 1734 if (p_cb->role == HCI_ROLE_SLAVE) 1735 { 1736 smp_send_rand(p_cb, NULL); 1737 } 1738 1739 if (++p_cb->round < 20) 1740 { 1741 smp_set_state(SMP_STATE_SEC_CONN_PHS1_START); 1742 p_cb->flags &= ~SMP_PAIR_FLAG_HAVE_PEER_COMM; 1743 smp_start_nonce_generation(p_cb); 1744 break; 1745 } 1746 1747 smp_sm_event(p_cb, SMP_SC_PHASE1_CMPLT_EVT, NULL); 1748 break; 1749 case SMP_MODEL_SEC_CONN_OOB: 1750 if (p_cb->role == HCI_ROLE_SLAVE) 1751 { 1752 smp_send_rand(p_cb, NULL); 1753 } 1754 1755 smp_sm_event(p_cb, SMP_SC_PHASE1_CMPLT_EVT, NULL); 1756 break; 1757 default: 1758 SMP_TRACE_ERROR ("Association Model = %d is not used in LE SC", 1759 p_cb->selected_association_model); 1760 break; 1761 } 1762 1763 SMP_TRACE_DEBUG("%s end ",__FUNCTION__); 1764 } 1765 1766 /******************************************************************************* 1767 ** Function smp_match_dhkey_checks 1768 ** Description checks if the calculated peer DHKey Check value is the same as 1769 ** received from the peer DHKey check value. 1770 *******************************************************************************/ 1771 void smp_match_dhkey_checks(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1772 { 1773 UINT8 reason = SMP_DHKEY_CHK_FAIL; 1774 1775 SMP_TRACE_DEBUG("%s", __func__); 1776 1777 if (memcmp(p_data->key.p_data, p_cb->remote_dhkey_check, BT_OCTET16_LEN)) 1778 { 1779 SMP_TRACE_WARNING ("dhkey chcks do no match"); 1780 p_cb->failure = reason; 1781 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1782 return; 1783 } 1784 1785 SMP_TRACE_EVENT ("dhkey chcks match"); 1786 1787 /* compare the max encryption key size, and save the smaller one for the link */ 1788 if (p_cb->peer_enc_size < p_cb->loc_enc_size) 1789 p_cb->loc_enc_size = p_cb->peer_enc_size; 1790 1791 if (p_cb->role == HCI_ROLE_SLAVE) 1792 { 1793 smp_sm_event(p_cb, SMP_PAIR_DHKEY_CHCK_EVT, NULL); 1794 } 1795 else 1796 { 1797 /* master device always use received i/r key as keys to distribute */ 1798 p_cb->local_i_key = p_cb->peer_i_key; 1799 p_cb->local_r_key = p_cb->peer_r_key; 1800 smp_sm_event(p_cb, SMP_ENC_REQ_EVT, NULL); 1801 } 1802 } 1803 1804 /******************************************************************************* 1805 ** Function smp_move_to_secure_connections_phase2 1806 ** Description Signal State Machine to start SC phase 2 initialization (to 1807 ** compute local DHKey Check value). 1808 ** 1809 ** Note SM is supposed to be in the state SMP_STATE_SEC_CONN_PHS2_START. 1810 *******************************************************************************/ 1811 void smp_move_to_secure_connections_phase2(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1812 { 1813 SMP_TRACE_DEBUG("%s",__func__); 1814 smp_sm_event(p_cb, SMP_SC_PHASE1_CMPLT_EVT, NULL); 1815 } 1816 1817 /******************************************************************************* 1818 ** Function smp_phase_2_dhkey_checks_are_present 1819 ** Description generates event if dhkey check from the peer is already received. 1820 ** 1821 ** Note It is supposed to be used on slave to prevent race condition. 1822 ** It is supposed to be called after slave dhkey check is calculated. 1823 *******************************************************************************/ 1824 void smp_phase_2_dhkey_checks_are_present(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1825 { 1826 SMP_TRACE_DEBUG("%s",__func__); 1827 1828 if (p_cb->flags & SMP_PAIR_FLAG_HAVE_PEER_DHK_CHK) 1829 smp_sm_event(p_cb, SMP_SC_2_DHCK_CHKS_PRES_EVT, NULL); 1830 } 1831 1832 /******************************************************************************* 1833 ** Function smp_wait_for_both_public_keys 1834 ** Description generates SMP_BOTH_PUBL_KEYS_RCVD_EVT event when both local and master 1835 ** public keys are available. 1836 ** 1837 ** Note on the slave it is used to prevent race condition. 1838 ** 1839 *******************************************************************************/ 1840 void smp_wait_for_both_public_keys(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1841 { 1842 SMP_TRACE_DEBUG("%s",__func__); 1843 1844 if ((p_cb->flags & SMP_PAIR_FLAG_HAVE_PEER_PUBL_KEY) && 1845 (p_cb->flags & SMP_PAIR_FLAG_HAVE_LOCAL_PUBL_KEY)) 1846 { 1847 if ((p_cb->role == HCI_ROLE_SLAVE) && 1848 ((p_cb->req_oob_type == SMP_OOB_LOCAL) || (p_cb->req_oob_type == SMP_OOB_BOTH))) 1849 { 1850 smp_set_state(SMP_STATE_PUBLIC_KEY_EXCH); 1851 } 1852 smp_sm_event(p_cb, SMP_BOTH_PUBL_KEYS_RCVD_EVT, NULL); 1853 } 1854 } 1855 1856 /******************************************************************************* 1857 ** Function smp_start_passkey_verification 1858 ** Description Starts SC passkey entry verification. 1859 *******************************************************************************/ 1860 void smp_start_passkey_verification(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1861 { 1862 UINT8 *p = NULL; 1863 1864 SMP_TRACE_DEBUG("%s", __func__); 1865 p = p_cb->local_random; 1866 UINT32_TO_STREAM(p, p_data->passkey); 1867 1868 p = p_cb->peer_random; 1869 UINT32_TO_STREAM(p, p_data->passkey); 1870 1871 p_cb->round = 0; 1872 smp_start_nonce_generation(p_cb); 1873 } 1874 1875 /******************************************************************************* 1876 ** Function smp_process_secure_connection_oob_data 1877 ** Description Processes local/peer SC OOB data received from somewhere. 1878 *******************************************************************************/ 1879 void smp_process_secure_connection_oob_data(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1880 { 1881 SMP_TRACE_DEBUG("%s", __func__); 1882 1883 tSMP_SC_OOB_DATA *p_sc_oob_data = &p_cb->sc_oob_data; 1884 if (p_sc_oob_data->loc_oob_data.present) 1885 { 1886 memcpy(p_cb->local_random, p_sc_oob_data->loc_oob_data.randomizer, 1887 sizeof(p_cb->local_random)); 1888 } 1889 else 1890 { 1891 SMP_TRACE_EVENT ("local OOB randomizer is absent"); 1892 memset(p_cb->local_random, 0, sizeof (p_cb->local_random)); 1893 } 1894 1895 if (!p_sc_oob_data->peer_oob_data.present) 1896 { 1897 SMP_TRACE_EVENT ("peer OOB data is absent"); 1898 memset(p_cb->peer_random, 0, sizeof (p_cb->peer_random)); 1899 } 1900 else 1901 { 1902 memcpy(p_cb->peer_random, p_sc_oob_data->peer_oob_data.randomizer, 1903 sizeof(p_cb->peer_random)); 1904 memcpy(p_cb->remote_commitment, p_sc_oob_data->peer_oob_data.commitment, 1905 sizeof(p_cb->remote_commitment)); 1906 1907 UINT8 reason = SMP_CONFIRM_VALUE_ERR; 1908 /* check commitment */ 1909 if (!smp_check_commitment(p_cb)) 1910 { 1911 p_cb->failure = reason; 1912 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason); 1913 return; 1914 } 1915 1916 if (p_cb->peer_oob_flag != SMP_OOB_PRESENT) 1917 { 1918 /* the peer doesn't have local randomiser */ 1919 SMP_TRACE_EVENT ("peer didn't receive local OOB data, set local randomizer to 0"); 1920 memset(p_cb->local_random, 0, sizeof (p_cb->local_random)); 1921 } 1922 } 1923 1924 print128(p_cb->local_random, (const UINT8 *)"local OOB randomizer"); 1925 print128(p_cb->peer_random, (const UINT8 *)"peer OOB randomizer"); 1926 smp_start_nonce_generation(p_cb); 1927 } 1928 1929 /******************************************************************************* 1930 ** Function smp_set_local_oob_keys 1931 ** Description Saves calculated private/public keys in sc_oob_data.loc_oob_data, 1932 ** starts nonce generation 1933 ** (to be saved in sc_oob_data.loc_oob_data.randomizer). 1934 *******************************************************************************/ 1935 void smp_set_local_oob_keys(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1936 { 1937 SMP_TRACE_DEBUG("%s", __func__); 1938 1939 memcpy(p_cb->sc_oob_data.loc_oob_data.private_key_used, p_cb->private_key, 1940 BT_OCTET32_LEN); 1941 p_cb->sc_oob_data.loc_oob_data.publ_key_used = p_cb->loc_publ_key; 1942 smp_start_nonce_generation(p_cb); 1943 } 1944 1945 /******************************************************************************* 1946 ** Function smp_set_local_oob_random_commitment 1947 ** Description Saves calculated randomizer and commitment in sc_oob_data.loc_oob_data, 1948 ** passes sc_oob_data.loc_oob_data up for safekeeping. 1949 *******************************************************************************/ 1950 void smp_set_local_oob_random_commitment(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 1951 { 1952 SMP_TRACE_DEBUG("%s", __func__); 1953 memcpy(p_cb->sc_oob_data.loc_oob_data.randomizer, p_cb->rand, 1954 BT_OCTET16_LEN); 1955 1956 smp_calculate_f4(p_cb->sc_oob_data.loc_oob_data.publ_key_used.x, 1957 p_cb->sc_oob_data.loc_oob_data.publ_key_used.x, 1958 p_cb->sc_oob_data.loc_oob_data.randomizer, 0, 1959 p_cb->sc_oob_data.loc_oob_data.commitment); 1960 1961 #if SMP_DEBUG == TRUE 1962 UINT8 *p_print = NULL; 1963 SMP_TRACE_DEBUG("local SC OOB data set:"); 1964 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.addr_sent_to; 1965 smp_debug_print_nbyte_little_endian (p_print, (const UINT8 *)"addr_sent_to", 1966 sizeof(tBLE_BD_ADDR)); 1967 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.private_key_used; 1968 smp_debug_print_nbyte_little_endian (p_print, (const UINT8 *)"private_key_used", 1969 BT_OCTET32_LEN); 1970 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.publ_key_used.x; 1971 smp_debug_print_nbyte_little_endian (p_print, (const UINT8 *)"publ_key_used.x", 1972 BT_OCTET32_LEN); 1973 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.publ_key_used.y; 1974 smp_debug_print_nbyte_little_endian (p_print, (const UINT8 *)"publ_key_used.y", 1975 BT_OCTET32_LEN); 1976 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.randomizer; 1977 smp_debug_print_nbyte_little_endian (p_print, (const UINT8 *)"randomizer", 1978 BT_OCTET16_LEN); 1979 p_print = (UINT8*) &p_cb->sc_oob_data.loc_oob_data.commitment; 1980 smp_debug_print_nbyte_little_endian (p_print,(const UINT8 *) "commitment", 1981 BT_OCTET16_LEN); 1982 SMP_TRACE_DEBUG(""); 1983 #endif 1984 1985 /* pass created OOB data up */ 1986 p_cb->cb_evt = SMP_SC_LOC_OOB_DATA_UP_EVT; 1987 smp_send_app_cback(p_cb, NULL); 1988 1989 smp_cb_cleanup(p_cb); 1990 } 1991 1992 /******************************************************************************* 1993 ** 1994 ** Function smp_link_encrypted 1995 ** 1996 ** Description This function is called when link is encrypted and notified to 1997 ** slave device. Proceed to to send LTK, DIV and ER to master if 1998 ** bonding the devices. 1999 ** 2000 ** 2001 ** Returns void 2002 ** 2003 *******************************************************************************/ 2004 void smp_link_encrypted(BD_ADDR bda, UINT8 encr_enable) 2005 { 2006 tSMP_CB *p_cb = &smp_cb; 2007 2008 SMP_TRACE_DEBUG("%s encr_enable=%d", __func__, encr_enable); 2009 2010 if (memcmp(&smp_cb.pairing_bda[0], bda, BD_ADDR_LEN) == 0) 2011 { 2012 /* encryption completed with STK, remmeber the key size now, could be overwite 2013 * when key exchange happens */ 2014 if (p_cb->loc_enc_size != 0 && encr_enable) 2015 { 2016 /* update the link encryption key size if a SMP pairing just performed */ 2017 btm_ble_update_sec_key_size(bda, p_cb->loc_enc_size); 2018 } 2019 2020 smp_sm_event(&smp_cb, SMP_ENCRYPTED_EVT, &encr_enable); 2021 } 2022 } 2023 2024 /******************************************************************************* 2025 ** 2026 ** Function smp_proc_ltk_request 2027 ** 2028 ** Description This function is called when LTK request is received from 2029 ** controller. 2030 ** 2031 ** Returns void 2032 ** 2033 *******************************************************************************/ 2034 BOOLEAN smp_proc_ltk_request(BD_ADDR bda) 2035 { 2036 SMP_TRACE_DEBUG("%s state = %d", __func__, smp_cb.state); 2037 BOOLEAN match = FALSE; 2038 2039 if (!memcmp(bda, smp_cb.pairing_bda, BD_ADDR_LEN)) 2040 { 2041 match = TRUE; 2042 } else { 2043 BD_ADDR dummy_bda = {0}; 2044 tBTM_SEC_DEV_REC *p_dev_rec = btm_find_dev(bda); 2045 if (p_dev_rec != NULL && 2046 0 == memcmp(p_dev_rec->ble.pseudo_addr, smp_cb.pairing_bda, BD_ADDR_LEN) && 2047 0 != memcmp(p_dev_rec->ble.pseudo_addr, dummy_bda, BD_ADDR_LEN)) 2048 { 2049 match = TRUE; 2050 } 2051 } 2052 2053 if (match && smp_cb.state == SMP_STATE_ENCRYPTION_PENDING) 2054 { 2055 smp_sm_event(&smp_cb, SMP_ENC_REQ_EVT, NULL); 2056 return TRUE; 2057 } 2058 2059 return FALSE; 2060 } 2061 2062 /******************************************************************************* 2063 ** 2064 ** Function smp_process_secure_connection_long_term_key 2065 ** 2066 ** Description This function is called to process SC LTK. 2067 ** SC LTK is calculated and used instead of STK. 2068 ** Here SC LTK is saved in BLE DB. 2069 ** 2070 ** Returns void 2071 ** 2072 *******************************************************************************/ 2073 void smp_process_secure_connection_long_term_key(void) 2074 { 2075 tSMP_CB *p_cb = &smp_cb; 2076 2077 SMP_TRACE_DEBUG("%s", __func__); 2078 smp_save_secure_connections_long_term_key(p_cb); 2079 2080 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ENC, FALSE); 2081 smp_key_distribution(p_cb, NULL); 2082 } 2083 2084 /******************************************************************************* 2085 ** 2086 ** Function smp_set_derive_link_key 2087 ** 2088 ** Description This function is called to set flag that indicates that 2089 ** BR/EDR LK has to be derived from LTK after all keys are 2090 ** distributed. 2091 ** 2092 ** Returns void 2093 ** 2094 *******************************************************************************/ 2095 void smp_set_derive_link_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 2096 { 2097 SMP_TRACE_DEBUG ("%s", __func__); 2098 p_cb->derive_lk = TRUE; 2099 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_LK, FALSE); 2100 smp_key_distribution(p_cb, NULL); 2101 } 2102 2103 /******************************************************************************* 2104 ** 2105 ** Function smp_derive_link_key_from_long_term_key 2106 ** 2107 ** Description This function is called to derive BR/EDR LK from LTK. 2108 ** 2109 ** Returns void 2110 ** 2111 *******************************************************************************/ 2112 void smp_derive_link_key_from_long_term_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 2113 { 2114 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 2115 2116 SMP_TRACE_DEBUG("%s", __func__); 2117 if (!smp_calculate_link_key_from_long_term_key(p_cb)) 2118 { 2119 SMP_TRACE_ERROR("%s failed", __FUNCTION__); 2120 smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status); 2121 return; 2122 } 2123 } 2124 2125 /******************************************************************************* 2126 ** 2127 ** Function smp_br_process_link_key 2128 ** 2129 ** Description This function is called to process BR/EDR LK: 2130 ** - to derive SMP LTK from BR/EDR LK; 2131 *8 - to save SMP LTK. 2132 ** 2133 ** Returns void 2134 ** 2135 *******************************************************************************/ 2136 void smp_br_process_link_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 2137 { 2138 tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN; 2139 2140 SMP_TRACE_DEBUG("%s", __func__); 2141 if (!smp_calculate_long_term_key_from_link_key(p_cb)) 2142 { 2143 SMP_TRACE_ERROR ("%s failed",__FUNCTION__); 2144 smp_sm_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &status); 2145 return; 2146 } 2147 2148 SMP_TRACE_DEBUG("%s: LTK derivation from LK successfully completed", __FUNCTION__); 2149 smp_save_secure_connections_long_term_key(p_cb); 2150 smp_update_key_mask (p_cb, SMP_SEC_KEY_TYPE_ENC, FALSE); 2151 smp_br_select_next_key(p_cb, NULL); 2152 } 2153 2154 /******************************************************************************* 2155 ** Function smp_key_distribution_by_transport 2156 ** Description depending on the transport used at the moment calls either 2157 ** smp_key_distribution(...) or smp_br_key_distribution(...). 2158 *******************************************************************************/ 2159 void smp_key_distribution_by_transport(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 2160 { 2161 SMP_TRACE_DEBUG("%s", __func__); 2162 if (p_cb->smp_over_br) 2163 { 2164 smp_br_select_next_key(p_cb, NULL); 2165 } 2166 else 2167 { 2168 smp_key_distribution(p_cb, NULL); 2169 } 2170 } 2171 2172 /******************************************************************************* 2173 ** Function smp_br_pairing_complete 2174 ** Description This function is called to send the pairing complete callback 2175 ** and remove the connection if needed. 2176 *******************************************************************************/ 2177 void smp_br_pairing_complete(tSMP_CB *p_cb, tSMP_INT_DATA *p_data) 2178 { 2179 SMP_TRACE_DEBUG("%s", __func__); 2180 2181 if (p_cb->total_tx_unacked == 0) 2182 { 2183 /* process the pairing complete */ 2184 smp_proc_pairing_cmpl(p_cb); 2185 } 2186 } 2187 2188 #endif 2189