143ef8082SDominic Spill /* -*- c -*- */ 243ef8082SDominic Spill /* 343ef8082SDominic Spill * Copyright 2007 - 2013 Dominic Spill, Michael Ossmann, Will Code 443ef8082SDominic Spill * 543ef8082SDominic Spill * This file is part of libbtbb 643ef8082SDominic Spill * 743ef8082SDominic Spill * This program is free software; you can redistribute it and/or modify 843ef8082SDominic Spill * it under the terms of the GNU General Public License as published by 943ef8082SDominic Spill * the Free Software Foundation; either version 2, or (at your option) 1043ef8082SDominic Spill * any later version. 1143ef8082SDominic Spill * 1243ef8082SDominic Spill * This program is distributed in the hope that it will be useful, 1343ef8082SDominic Spill * but WITHOUT ANY WARRANTY; without even the implied warranty of 1443ef8082SDominic Spill * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 1543ef8082SDominic Spill * GNU General Public License for more details. 1643ef8082SDominic Spill * 1743ef8082SDominic Spill * You should have received a copy of the GNU General Public License 1843ef8082SDominic Spill * along with libbtbb; see the file COPYING. If not, write to 1943ef8082SDominic Spill * the Free Software Foundation, Inc., 51 Franklin Street, 2043ef8082SDominic Spill * Boston, MA 02110-1301, USA. 2143ef8082SDominic Spill */ 2243ef8082SDominic Spill #ifndef INCLUDED_BTBB_H 2343ef8082SDominic Spill #define INCLUDED_BTBB_H 2443ef8082SDominic Spill 2543ef8082SDominic Spill #include <stdint.h> 2643ef8082SDominic Spill 2743ef8082SDominic Spill #define BTBB_WHITENED 0 2843ef8082SDominic Spill #define BTBB_NAP_VALID 1 2943ef8082SDominic Spill #define BTBB_UAP_VALID 2 3043ef8082SDominic Spill #define BTBB_LAP_VALID 3 3143ef8082SDominic Spill #define BTBB_CLK6_VALID 4 3243ef8082SDominic Spill #define BTBB_CLK27_VALID 5 3343ef8082SDominic Spill #define BTBB_CRC_CORRECT 6 3443ef8082SDominic Spill #define BTBB_HAS_PAYLOAD 7 3543ef8082SDominic Spill #define BTBB_IS_EDR 8 3643ef8082SDominic Spill 3743ef8082SDominic Spill #define BTBB_HOP_REVERSAL_INIT 9 3843ef8082SDominic Spill #define BTBB_GOT_FIRST_PACKET 10 3943ef8082SDominic Spill #define BTBB_IS_AFH 11 4043ef8082SDominic Spill #define BTBB_LOOKS_LIKE_AFH 12 4143ef8082SDominic Spill #define BTBB_IS_ALIASED 13 4243ef8082SDominic Spill #define BTBB_FOLLOWING 14 4343ef8082SDominic Spill 4443ef8082SDominic Spill /* Payload modulation */ 4541a7e12dSSean Rivera #define BTBB_MOD_GFSK 0x00 4641a7e12dSSean Rivera #define BTBB_MOD_PI_OVER_2_DQPSK 0x01 4741a7e12dSSean Rivera #define BTBB_MOD_8DPSK 0x02 4843ef8082SDominic Spill 4943ef8082SDominic Spill /* Transport types */ 5043ef8082SDominic Spill #define BTBB_TRANSPORT_ANY 0x00 5143ef8082SDominic Spill #define BTBB_TRANSPORT_SCO 0x01 5243ef8082SDominic Spill #define BTBB_TRANSPORT_ESCO 0x02 5343ef8082SDominic Spill #define BTBB_TRANSPORT_ACL 0x03 5443ef8082SDominic Spill #define BTBB_TRANSPORT_CSB 0x04 5543ef8082SDominic Spill 5643ef8082SDominic Spill #ifdef __cplusplus 5743ef8082SDominic Spill extern "C" 5843ef8082SDominic Spill { 5943ef8082SDominic Spill #endif 6043ef8082SDominic Spill 6143ef8082SDominic Spill /* BT BR/EDR support */ 6243ef8082SDominic Spill 6343ef8082SDominic Spill typedef struct btbb_packet btbb_packet; 6443ef8082SDominic Spill 6543ef8082SDominic Spill /* Initialize the library. Compute the syndrome. Return 0 on success, 6643ef8082SDominic Spill * negative on error. 6743ef8082SDominic Spill * 6843ef8082SDominic Spill * The library limits max_ac_errors to 5. Using a larger value will 6943ef8082SDominic Spill * take up a lot of memory (several GB), without decoding many useful 7043ef8082SDominic Spill * packets. Even a limit of 5 results in a syndrome table of several 7143ef8082SDominic Spill * hundred MB and lots of noise. For embedded targets, a value of 2 is 7243ef8082SDominic Spill * reasonable. */ 7343ef8082SDominic Spill int btbb_init(int max_ac_errors); 7443ef8082SDominic Spill 75*088a90e8SDominic Spill const char* btbb_get_release(void); 76*088a90e8SDominic Spill const char* btbb_get_version(void); 7743ef8082SDominic Spill 7843ef8082SDominic Spill btbb_packet *btbb_packet_new(void); 7943ef8082SDominic Spill void btbb_packet_ref(btbb_packet *pkt); 8043ef8082SDominic Spill void btbb_packet_unref(btbb_packet *pkt); 8143ef8082SDominic Spill 8243ef8082SDominic Spill /* Search for a packet with specified LAP (or LAP_ANY). The stream 8343ef8082SDominic Spill * must be at least of length serch_length + 72. Limit to 8443ef8082SDominic Spill * 'max_ac_errors' bit errors. 8543ef8082SDominic Spill * 8643ef8082SDominic Spill * Returns offset into 'stream' at which packet was found. If no 8743ef8082SDominic Spill * packet was found, returns a negative number. If LAP_ANY was 8843ef8082SDominic Spill * specified, fills lap. 'ac_errors' must be set as an input, replaced 8943ef8082SDominic Spill * by actual number of errors on output. */ 9043ef8082SDominic Spill int btbb_find_ac(char *stream, 9143ef8082SDominic Spill int search_length, 9243ef8082SDominic Spill uint32_t lap, 9343ef8082SDominic Spill int max_ac_errors, 9443ef8082SDominic Spill btbb_packet **pkt); 9543ef8082SDominic Spill #define LAP_ANY 0xffffffffUL 9643ef8082SDominic Spill #define UAP_ANY 0xff 9743ef8082SDominic Spill 9843ef8082SDominic Spill void btbb_packet_set_flag(btbb_packet *pkt, int flag, int val); 9943ef8082SDominic Spill int btbb_packet_get_flag(const btbb_packet *pkt, int flag); 10043ef8082SDominic Spill 10143ef8082SDominic Spill uint32_t btbb_packet_get_lap(const btbb_packet *pkt); 10243ef8082SDominic Spill void btbb_packet_set_uap(btbb_packet *pkt, uint8_t uap); 10343ef8082SDominic Spill uint8_t btbb_packet_get_uap(const btbb_packet *pkt); 10443ef8082SDominic Spill uint16_t btbb_packet_get_nap(const btbb_packet *pkt); 10543ef8082SDominic Spill 10643ef8082SDominic Spill void btbb_packet_set_modulation(btbb_packet *pkt, uint8_t modulation); 10743ef8082SDominic Spill void btbb_packet_set_transport(btbb_packet *pkt, uint8_t transport); 10843ef8082SDominic Spill uint8_t btbb_packet_get_modulation(const btbb_packet *pkt); 10943ef8082SDominic Spill uint8_t btbb_packet_get_transport(const btbb_packet *pkt); 11043ef8082SDominic Spill 11143ef8082SDominic Spill uint8_t btbb_packet_get_channel(const btbb_packet *pkt); 11243ef8082SDominic Spill uint8_t btbb_packet_get_ac_errors(const btbb_packet *pkt); 11343ef8082SDominic Spill uint32_t btbb_packet_get_clkn(const btbb_packet *pkt); 11443ef8082SDominic Spill uint32_t btbb_packet_get_header_packed(const btbb_packet* pkt); 11543ef8082SDominic Spill 11643ef8082SDominic Spill void btbb_packet_set_data(btbb_packet *pkt, 11743ef8082SDominic Spill char *syms, // Symbol data 11843ef8082SDominic Spill int length, // Number of symbols 11943ef8082SDominic Spill uint8_t channel, // Bluetooth channel 0-79 12043ef8082SDominic Spill uint32_t clkn); // 312.5us clock (CLK27-0) 12143ef8082SDominic Spill 12243ef8082SDominic Spill /* Get a pointer to packet symbols. */ 12343ef8082SDominic Spill const char *btbb_get_symbols(const btbb_packet* pkt); 12443ef8082SDominic Spill 12543ef8082SDominic Spill int btbb_packet_get_payload_length(const btbb_packet* pkt); 12643ef8082SDominic Spill 12743ef8082SDominic Spill /* Get a pointer to payload. */ 12843ef8082SDominic Spill const char *btbb_get_payload(const btbb_packet* pkt); 12943ef8082SDominic Spill 13043ef8082SDominic Spill /* Pack the payload in to bytes */ 13143ef8082SDominic Spill int btbb_get_payload_packed(const btbb_packet* pkt, char *dst); 13243ef8082SDominic Spill 13343ef8082SDominic Spill uint8_t btbb_packet_get_type(const btbb_packet* pkt); 13443ef8082SDominic Spill uint8_t btbb_packet_get_lt_addr(const btbb_packet* pkt); 13543ef8082SDominic Spill uint8_t btbb_packet_get_header_flags(const btbb_packet* pkt); 13643ef8082SDominic Spill uint8_t btbb_packet_get_hec(const btbb_packet *pkt); 13743ef8082SDominic Spill 13843ef8082SDominic Spill /* Generate Sync Word from an LAP */ 13943ef8082SDominic Spill uint64_t btbb_gen_syncword(const int LAP); 14043ef8082SDominic Spill 14143ef8082SDominic Spill /* decode the packet header */ 14243ef8082SDominic Spill int btbb_decode_header(btbb_packet* pkt); 14343ef8082SDominic Spill 14443ef8082SDominic Spill /* decode the packet header */ 14543ef8082SDominic Spill int btbb_decode_payload(btbb_packet* pkt); 14643ef8082SDominic Spill 14743ef8082SDominic Spill /* print packet information */ 14843ef8082SDominic Spill void btbb_print_packet(const btbb_packet* pkt); 14943ef8082SDominic Spill 15043ef8082SDominic Spill /* check to see if the packet has a header */ 15143ef8082SDominic Spill int btbb_header_present(const btbb_packet* pkt); 15243ef8082SDominic Spill 15343ef8082SDominic Spill /* Packet queue (linked list) */ 15443ef8082SDominic Spill typedef struct pkt_queue { 15543ef8082SDominic Spill btbb_packet *pkt; 15643ef8082SDominic Spill 15743ef8082SDominic Spill struct pkt_queue *next; 15843ef8082SDominic Spill 15943ef8082SDominic Spill } pkt_queue; 16043ef8082SDominic Spill 16143ef8082SDominic Spill typedef struct btbb_piconet btbb_piconet; 16243ef8082SDominic Spill 16343ef8082SDominic Spill btbb_piconet *btbb_piconet_new(void); 16443ef8082SDominic Spill void btbb_piconet_ref(btbb_piconet *pn); 16543ef8082SDominic Spill void btbb_piconet_unref(btbb_piconet *pn); 16643ef8082SDominic Spill 16743ef8082SDominic Spill /* initialize the piconet struct */ 16843ef8082SDominic Spill void btbb_init_piconet(btbb_piconet *pn, uint32_t lap); 16943ef8082SDominic Spill 17043ef8082SDominic Spill void btbb_piconet_set_uap(btbb_piconet *pn, uint8_t uap); 17143ef8082SDominic Spill uint8_t btbb_piconet_get_uap(const btbb_piconet *pn); 17243ef8082SDominic Spill uint32_t btbb_piconet_get_lap(const btbb_piconet *pn); 17343ef8082SDominic Spill uint16_t btbb_piconet_get_nap(const btbb_piconet *pn); 17443ef8082SDominic Spill uint64_t btbb_piconet_get_bdaddr(const btbb_piconet *pn); 17543ef8082SDominic Spill 17643ef8082SDominic Spill int btbb_piconet_get_clk_offset(const btbb_piconet *pn); 17743ef8082SDominic Spill void btbb_piconet_set_clk_offset(btbb_piconet *pn, int clk_offset); 17843ef8082SDominic Spill 17943ef8082SDominic Spill void btbb_piconet_set_flag(btbb_piconet *pn, int flag, int val); 18043ef8082SDominic Spill int btbb_piconet_get_flag(const btbb_piconet *pn, int flag); 18143ef8082SDominic Spill 18275358bb0SHannes Ellinger uint8_t btbb_piconet_set_channel_seen(btbb_piconet *pn, uint8_t channel); 18375358bb0SHannes Ellinger uint8_t btbb_piconet_clear_channel_seen(btbb_piconet *pn, uint8_t channel); 18475358bb0SHannes Ellinger uint8_t btbb_piconet_get_channel_seen(btbb_piconet *pn, uint8_t channel); 18543ef8082SDominic Spill void btbb_piconet_set_afh_map(btbb_piconet *pn, uint8_t *afh_map); 18643ef8082SDominic Spill uint8_t *btbb_piconet_get_afh_map(btbb_piconet *pn); 18743ef8082SDominic Spill 18843ef8082SDominic Spill /* Extract as much information (LAP/UAP/CLK) as possible from received packet */ 18943ef8082SDominic Spill int btbb_process_packet(btbb_packet *pkt, btbb_piconet *pn); 19043ef8082SDominic Spill 19143ef8082SDominic Spill /* use packet headers to determine UAP */ 19243ef8082SDominic Spill int btbb_uap_from_header(btbb_packet *pkt, btbb_piconet *pn); 19343ef8082SDominic Spill 19443ef8082SDominic Spill /* Print hexadecimal representation of the derived AFH map */ 19543ef8082SDominic Spill void btbb_print_afh_map(btbb_piconet *pn); 19643ef8082SDominic Spill 19743ef8082SDominic Spill /* decode a whole packet from the given piconet */ 1980c071729SHannes Ellinger int btbb_decode(btbb_packet* pkt); 19943ef8082SDominic Spill 20043ef8082SDominic Spill 20143ef8082SDominic Spill /* initialize the hop reversal process */ 20243ef8082SDominic Spill /* returns number of initial candidates for CLK1-27 */ 20343ef8082SDominic Spill int btbb_init_hop_reversal(int aliased, btbb_piconet *pn); 20443ef8082SDominic Spill 20543ef8082SDominic Spill /* narrow a list of candidate clock values based on all observed hops */ 20643ef8082SDominic Spill int btbb_winnow(btbb_piconet *pn); 20743ef8082SDominic Spill 20843ef8082SDominic Spill int btbb_init_survey(void); 20943ef8082SDominic Spill /* Destructively iterate over survey results - optionally remove elements */ 21043ef8082SDominic Spill btbb_piconet *btbb_next_survey_result(void); 21143ef8082SDominic Spill 21243ef8082SDominic Spill typedef struct btbb_pcapng_handle btbb_pcapng_handle; 21343ef8082SDominic Spill /* create a PCAPNG file for BREDR captures */ 21443ef8082SDominic Spill int btbb_pcapng_create_file(const char *filename, const char *interface_desc, btbb_pcapng_handle ** ph); 21543ef8082SDominic Spill /* save a BREDR packet to PCAPNG capture file */ 21643ef8082SDominic Spill int btbb_pcapng_append_packet(btbb_pcapng_handle * h, const uint64_t ns, 21743ef8082SDominic Spill const int8_t sigdbm, const int8_t noisedbm, 21843ef8082SDominic Spill const uint32_t reflap, const uint8_t refuap, 21943ef8082SDominic Spill const btbb_packet *pkt); 22043ef8082SDominic Spill /* record a BDADDR to PCAPNG capture file */ 22143ef8082SDominic Spill int btbb_pcapng_record_bdaddr(btbb_pcapng_handle * h, const uint64_t bdaddr, 22243ef8082SDominic Spill const uint8_t uapmask, const uint8_t napvalid); 22343ef8082SDominic Spill /* record BT CLOCK to PCAPNG capture file */ 22443ef8082SDominic Spill int btbb_pcapng_record_btclock(btbb_pcapng_handle * h, const uint64_t bdaddr, 22543ef8082SDominic Spill const uint64_t ns, const uint32_t clk, const uint32_t clkmask); 22643ef8082SDominic Spill int btbb_pcapng_close(btbb_pcapng_handle * h); 22743ef8082SDominic Spill 22843ef8082SDominic Spill 22943ef8082SDominic Spill /* BLE support */ 23043ef8082SDominic Spill typedef struct lell_packet lell_packet; 23143ef8082SDominic Spill /* decode and allocate LE packet */ 23243ef8082SDominic Spill void lell_allocate_and_decode(const uint8_t *stream, uint16_t phys_channel, uint32_t clk100ns, lell_packet **pkt); 23343ef8082SDominic Spill lell_packet *lell_packet_new(void); 23443ef8082SDominic Spill void lell_packet_ref(lell_packet *pkt); 23543ef8082SDominic Spill void lell_packet_unref(lell_packet *pkt); 23643ef8082SDominic Spill uint32_t lell_get_access_address(const lell_packet *pkt); 23743ef8082SDominic Spill unsigned lell_get_access_address_offenses(const lell_packet *pkt); 23843ef8082SDominic Spill unsigned lell_packet_is_data(const lell_packet *pkt); 23943ef8082SDominic Spill unsigned lell_get_channel_index(const lell_packet *pkt); 24043ef8082SDominic Spill unsigned lell_get_channel_k(const lell_packet *pkt); 24143ef8082SDominic Spill const char * lell_get_adv_type_str(const lell_packet *pkt); 24243ef8082SDominic Spill void lell_print(const lell_packet *pkt); 24343ef8082SDominic Spill 24443ef8082SDominic Spill typedef struct lell_pcapng_handle lell_pcapng_handle; 24543ef8082SDominic Spill /* create a PCAPNG file for LE captures */ 24643ef8082SDominic Spill int lell_pcapng_create_file(const char *filename, const char *interface_desc, lell_pcapng_handle ** ph); 24743ef8082SDominic Spill /* save an LE packet to PCAPNG capture file */ 24843ef8082SDominic Spill int lell_pcapng_append_packet(lell_pcapng_handle * h, const uint64_t ns, 24943ef8082SDominic Spill const int8_t sigdbm, const int8_t noisedbm, 25043ef8082SDominic Spill const uint32_t refAA, const lell_packet *pkt); 25143ef8082SDominic Spill /* record LE CONNECT_REQ parameters to PCAPNG capture file */ 25243ef8082SDominic Spill int lell_pcapng_record_connect_req(lell_pcapng_handle * h, const uint64_t ns, const uint8_t * pdu); 25343ef8082SDominic Spill int lell_pcapng_close(lell_pcapng_handle *h); 25443ef8082SDominic Spill 25543ef8082SDominic Spill 25643ef8082SDominic Spill /* PCAP Support */ 25743ef8082SDominic Spill typedef struct btbb_pcap_handle btbb_pcap_handle; 25843ef8082SDominic Spill /* create a PCAP file for BREDR captures with LINKTYPE_BLUETOOTH_BREDR_BB */ 25943ef8082SDominic Spill int btbb_pcap_create_file(const char *filename, btbb_pcap_handle ** ph); 26043ef8082SDominic Spill /* write a BREDR packet to PCAP file */ 26143ef8082SDominic Spill int btbb_pcap_append_packet(btbb_pcap_handle * h, const uint64_t ns, 26243ef8082SDominic Spill const int8_t sigdbm, const int8_t noisedbm, 26343ef8082SDominic Spill const uint32_t reflap, const uint8_t refuap, 26443ef8082SDominic Spill const btbb_packet *pkt); 26543ef8082SDominic Spill int btbb_pcap_close(btbb_pcap_handle * h); 26643ef8082SDominic Spill 26743ef8082SDominic Spill typedef struct lell_pcap_handle lell_pcap_handle; 26843ef8082SDominic Spill /* create a PCAP file for LE captures using LINKTYPE_BLUETOOTH_LE_LL_WITH_PHDR */ 26943ef8082SDominic Spill int lell_pcap_create_file(const char *filename, lell_pcap_handle ** ph); 27043ef8082SDominic Spill /* create a PCAP file for LE captures using LINKTYPE_PPI */ 27143ef8082SDominic Spill int lell_pcap_ppi_create_file(const char *filename, int btle_ppi_version, lell_pcap_handle ** ph); 27243ef8082SDominic Spill /* save an LE packet to PCAP capture file */ 27343ef8082SDominic Spill int lell_pcap_append_packet(lell_pcap_handle * h, const uint64_t ns, 27443ef8082SDominic Spill const int8_t sigdbm, const int8_t noisedbm, 27543ef8082SDominic Spill const uint32_t refAA, const lell_packet *pkt); 27643ef8082SDominic Spill int lell_pcap_append_ppi_packet(lell_pcap_handle * h, const uint64_t ns, 27743ef8082SDominic Spill const uint8_t clkn_high, 27843ef8082SDominic Spill const int8_t rssi_min, const int8_t rssi_max, 27943ef8082SDominic Spill const int8_t rssi_avg, const uint8_t rssi_count, 28043ef8082SDominic Spill const lell_packet *pkt); 28143ef8082SDominic Spill int lell_pcap_close(lell_pcap_handle *h); 28243ef8082SDominic Spill 28343ef8082SDominic Spill #ifdef __cplusplus 28443ef8082SDominic Spill } // __cplusplus defined. 28543ef8082SDominic Spill #endif 28643ef8082SDominic Spill 28743ef8082SDominic Spill #endif /* INCLUDED_BTBB_H */ 288