| sm.c (65a9a04ea0178179c9796293c307d280bae03ed6) | sm.c (c59d0c922ec07b51eaa2e772aaa1603bba92fa2e) |
|---|---|
| 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 173 unchanged lines hidden (view full) --- 182} ec_key_generation_state_t; 183 184typedef enum { 185 SM_STATE_VAR_DHKEY_NEEDED = 1 << 0, 186 SM_STATE_VAR_DHKEY_CALCULATED = 1 << 1, 187 SM_STATE_VAR_DHKEY_COMMAND_RECEIVED = 1 << 2, 188} sm_state_var_t; 189 | 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 173 unchanged lines hidden (view full) --- 182} ec_key_generation_state_t; 183 184typedef enum { 185 SM_STATE_VAR_DHKEY_NEEDED = 1 << 0, 186 SM_STATE_VAR_DHKEY_CALCULATED = 1 << 1, 187 SM_STATE_VAR_DHKEY_COMMAND_RECEIVED = 1 << 2, 188} sm_state_var_t; 189 |
| 190typedef enum { 191 SM_SC_OOB_IDLE, 192 SM_SC_OOB_W2_GET_RANDOM_1, 193 SM_SC_OOB_W4_RANDOM_1, 194 SM_SC_OOB_W2_GET_RANDOM_2, 195 SM_SC_OOB_W4_RANDOM_2, 196 SM_SC_OOB_W2_CALC_CONFIRM, 197 SM_SC_OOB_W4_CONFIRM, 198} sm_sc_oob_state_t; 199 |
|
| 190typedef uint8_t sm_key24_t[3]; 191typedef uint8_t sm_key56_t[7]; 192typedef uint8_t sm_key256_t[32]; 193 194// 195// GLOBAL DATA 196// 197 --- 11 unchanged lines hidden (view full) --- 209static uint8_t sm_io_capabilities = IO_CAPABILITY_NO_INPUT_NO_OUTPUT; 210static uint8_t sm_slave_request_security; 211static uint32_t sm_fixed_passkey_in_display_role; 212static uint8_t sm_reconstruct_ltk_without_le_device_db_entry; 213#ifdef ENABLE_LE_SECURE_CONNECTIONS 214static uint8_t sm_have_ec_keypair; 215#endif 216 | 200typedef uint8_t sm_key24_t[3]; 201typedef uint8_t sm_key56_t[7]; 202typedef uint8_t sm_key256_t[32]; 203 204// 205// GLOBAL DATA 206// 207 --- 11 unchanged lines hidden (view full) --- 219static uint8_t sm_io_capabilities = IO_CAPABILITY_NO_INPUT_NO_OUTPUT; 220static uint8_t sm_slave_request_security; 221static uint32_t sm_fixed_passkey_in_display_role; 222static uint8_t sm_reconstruct_ltk_without_le_device_db_entry; 223#ifdef ENABLE_LE_SECURE_CONNECTIONS 224static uint8_t sm_have_ec_keypair; 225#endif 226 |
| 227#ifdef ENABLE_LE_SECURE_CONNECTIONS 228static uint8_t sm_sc_oob_random[16]; 229static void (*sm_sc_oob_callback)(const uint8_t * confirm_value, const uint8_t * random_value); 230static sm_sc_oob_state_t sm_sc_oob_state; 231#endif 232 |
|
| 217// Security Manager Master Keys, please use sm_set_er(er) and sm_set_ir(ir) with your own 128 bit random values 218static sm_key_t sm_persistent_er; 219static sm_key_t sm_persistent_ir; 220 221// derived from sm_persistent_ir 222static sm_key_t sm_persistent_dhk; 223static sm_key_t sm_persistent_irk; 224static uint8_t sm_persistent_irk_ready = 0; // used for testing --- 1254 unchanged lines hidden (view full) --- 1479static uint8_t sm_sc_cmac_get_byte(uint16_t offset){ 1480 return sm_cmac_sc_buffer[offset]; 1481} 1482 1483static void sm_sc_cmac_done(uint8_t * hash){ 1484 log_info("sm_sc_cmac_done: "); 1485 log_info_hexdump(hash, 16); 1486 | 233// Security Manager Master Keys, please use sm_set_er(er) and sm_set_ir(ir) with your own 128 bit random values 234static sm_key_t sm_persistent_er; 235static sm_key_t sm_persistent_ir; 236 237// derived from sm_persistent_ir 238static sm_key_t sm_persistent_dhk; 239static sm_key_t sm_persistent_irk; 240static uint8_t sm_persistent_irk_ready = 0; // used for testing --- 1254 unchanged lines hidden (view full) --- 1495static uint8_t sm_sc_cmac_get_byte(uint16_t offset){ 1496 return sm_cmac_sc_buffer[offset]; 1497} 1498 1499static void sm_sc_cmac_done(uint8_t * hash){ 1500 log_info("sm_sc_cmac_done: "); 1501 log_info_hexdump(hash, 16); 1502 |
| 1503 if (sm_sc_oob_state == SM_SC_OOB_W4_CONFIRM){ 1504 sm_sc_oob_state = SM_SC_OOB_IDLE; 1505 (*sm_sc_oob_callback)(sm_sc_oob_random, hash); 1506 return; 1507 } 1508 |
|
| 1487 sm_connection_t * sm_conn = sm_cmac_connection; 1488 sm_cmac_connection = NULL; 1489#ifdef ENABLE_CLASSIC 1490 link_key_type_t link_key_type; 1491#endif 1492 1493 switch (sm_conn->sm_engine_state){ 1494 case SM_SC_W4_CMAC_FOR_CONFIRMATION: --- 564 unchanged lines hidden (view full) --- 2059 } 2060 2061 if (sm_address_resolution_test >= le_device_db_max_count()){ 2062 log_info("LE Device Lookup: not found"); 2063 sm_address_resolution_handle_event(ADDRESS_RESOLUTION_FAILED); 2064 } 2065 } 2066 | 1509 sm_connection_t * sm_conn = sm_cmac_connection; 1510 sm_cmac_connection = NULL; 1511#ifdef ENABLE_CLASSIC 1512 link_key_type_t link_key_type; 1513#endif 1514 1515 switch (sm_conn->sm_engine_state){ 1516 case SM_SC_W4_CMAC_FOR_CONFIRMATION: --- 564 unchanged lines hidden (view full) --- 2081 } 2082 2083 if (sm_address_resolution_test >= le_device_db_max_count()){ 2084 log_info("LE Device Lookup: not found"); 2085 sm_address_resolution_handle_event(ADDRESS_RESOLUTION_FAILED); 2086 } 2087 } 2088 |
| 2089#ifdef ENABLE_LE_SECURE_CONNECTIONS 2090 // TODO: we need to verify that nobody's already waiting for random data 2091 switch (sm_sc_oob_state){ 2092 case SM_SC_OOB_W2_GET_RANDOM_1: 2093 sm_sc_oob_state = SM_SC_OOB_W4_RANDOM_1; 2094 sm_random_start(NULL); 2095 return; 2096 case SM_SC_OOB_W2_GET_RANDOM_2: 2097 sm_sc_oob_state = SM_SC_OOB_W4_RANDOM_2; 2098 sm_random_start(NULL); 2099 return; 2100 case SM_SC_OOB_W2_CALC_CONFIRM: 2101 if (!sm_cmac_ready()) break; 2102 if (ec_key_generation_state != EC_KEY_GENERATION_DONE) break; 2103 sm_sc_oob_state = SM_SC_OOB_W4_CONFIRM; 2104 f4_engine(NULL, ec_q, ec_q, sm_sc_oob_random, 0); 2105 break; 2106 default: 2107 break; 2108 } 2109#endif 2110 |
|
| 2067 // handle basic actions that don't requires the full context 2068 hci_connections_get_iterator(&it); 2069 while((sm_active_connection_handle == HCI_CON_HANDLE_INVALID) && btstack_linked_list_iterator_has_next(&it)){ 2070 hci_connection_t * hci_connection = (hci_connection_t *) btstack_linked_list_iterator_next(&it); 2071 sm_connection_t * sm_connection = &hci_connection->sm_connection; 2072 switch(sm_connection->sm_engine_state){ 2073 // responder side 2074 case SM_RESPONDER_PH0_SEND_LTK_REQUESTED_NEGATIVE_REPLY: --- 967 unchanged lines hidden (view full) --- 3042 rau_state = RAU_SET_ADDRESS; 3043 break; 3044 } 3045 return; 3046 default: 3047 break; 3048 } 3049 | 2111 // handle basic actions that don't requires the full context 2112 hci_connections_get_iterator(&it); 2113 while((sm_active_connection_handle == HCI_CON_HANDLE_INVALID) && btstack_linked_list_iterator_has_next(&it)){ 2114 hci_connection_t * hci_connection = (hci_connection_t *) btstack_linked_list_iterator_next(&it); 2115 sm_connection_t * sm_connection = &hci_connection->sm_connection; 2116 switch(sm_connection->sm_engine_state){ 2117 // responder side 2118 case SM_RESPONDER_PH0_SEND_LTK_REQUESTED_NEGATIVE_REPLY: --- 967 unchanged lines hidden (view full) --- 3086 rau_state = RAU_SET_ADDRESS; 3087 break; 3088 } 3089 return; 3090 default: 3091 break; 3092 } 3093 |
| 3094#ifdef ENABLE_LE_SECURE_CONNECTIONS 3095 switch (sm_sc_oob_state){ 3096 case SM_SC_OOB_W4_RANDOM_1: 3097 memcpy(&sm_sc_oob_random[0], data, 8); 3098 sm_sc_oob_state = SM_SC_OOB_W2_GET_RANDOM_2; 3099 return; 3100 case SM_SC_OOB_W4_RANDOM_2: 3101 memcpy(&sm_sc_oob_random[8], data, 8); 3102 sm_sc_oob_state = SM_SC_OOB_W2_CALC_CONFIRM; 3103 return; 3104 default: 3105 break; 3106 } 3107#endif 3108 |
|
| 3050 // retrieve sm_connection provided to sm_random_start 3051 sm_connection_t * connection = (sm_connection_t *) sm_random_context; 3052 if (!connection) return; 3053 switch (connection->sm_engine_state){ 3054#ifdef ENABLE_LE_SECURE_CONNECTIONS 3055 case SM_SC_W4_GET_RANDOM_A: 3056 memcpy(&setup->sm_local_nonce[0], data, 8); 3057 connection->sm_engine_state = SM_SC_W2_GET_RANDOM_B; --- 1260 unchanged lines hidden (view full) --- 4318 break; 4319 default: 4320 break; 4321 } 4322 setup->sm_keypress_notification = (num_actions << 5) | flags; 4323 sm_run(); 4324} 4325 | 3109 // retrieve sm_connection provided to sm_random_start 3110 sm_connection_t * connection = (sm_connection_t *) sm_random_context; 3111 if (!connection) return; 3112 switch (connection->sm_engine_state){ 3113#ifdef ENABLE_LE_SECURE_CONNECTIONS 3114 case SM_SC_W4_GET_RANDOM_A: 3115 memcpy(&setup->sm_local_nonce[0], data, 8); 3116 connection->sm_engine_state = SM_SC_W2_GET_RANDOM_B; --- 1260 unchanged lines hidden (view full) --- 4377 break; 4378 default: 4379 break; 4380 } 4381 setup->sm_keypress_notification = (num_actions << 5) | flags; 4382 sm_run(); 4383} 4384 |
| 4385#ifdef ENABLE_LE_SECURE_CONNECTIONS 4386uint8_t sm_generate_sc_oob_data(void (*callback)(const uint8_t * confirm_value, const uint8_t * random_value)){ 4387 if (sm_sc_oob_state != SM_SC_OOB_IDLE) return ERROR_CODE_COMMAND_DISALLOWED; 4388 sm_sc_oob_callback = callback; 4389 sm_sc_oob_state = SM_SC_OOB_W2_GET_RANDOM_1; 4390 sm_run(); 4391 return 0; 4392} 4393#endif 4394 |
|
| 4326/** 4327 * @brief Identify device in LE Device DB 4328 * @param handle 4329 * @returns index from le_device_db or -1 if not found/identified 4330 */ 4331int sm_le_device_index(hci_con_handle_t con_handle ){ 4332 sm_connection_t * sm_conn = sm_get_connection_for_handle(con_handle); 4333 if (!sm_conn) return -1; --- 66 unchanged lines hidden --- | 4395/** 4396 * @brief Identify device in LE Device DB 4397 * @param handle 4398 * @returns index from le_device_db or -1 if not found/identified 4399 */ 4400int sm_le_device_index(hci_con_handle_t con_handle ){ 4401 sm_connection_t * sm_conn = sm_get_connection_for_handle(con_handle); 4402 if (!sm_conn) return -1; --- 66 unchanged lines hidden --- |