1*042d53a7SEvalZero /* Bluetooth Mesh */
2*042d53a7SEvalZero
3*042d53a7SEvalZero /*
4*042d53a7SEvalZero * Copyright (c) 2017 Intel Corporation
5*042d53a7SEvalZero *
6*042d53a7SEvalZero * SPDX-License-Identifier: Apache-2.0
7*042d53a7SEvalZero */
8*042d53a7SEvalZero #ifndef __CRYPTO_H__
9*042d53a7SEvalZero #define __CRYPTO_H__
10*042d53a7SEvalZero
11*042d53a7SEvalZero #include "mesh/mesh.h"
12*042d53a7SEvalZero
13*042d53a7SEvalZero struct bt_mesh_sg {
14*042d53a7SEvalZero const void *data;
15*042d53a7SEvalZero size_t len;
16*042d53a7SEvalZero };
17*042d53a7SEvalZero
18*042d53a7SEvalZero int bt_mesh_aes_cmac(const u8_t key[16], struct bt_mesh_sg *sg,
19*042d53a7SEvalZero size_t sg_len, u8_t mac[16]);
20*042d53a7SEvalZero
bt_mesh_aes_cmac_one(const u8_t key[16],const void * m,size_t len,u8_t mac[16])21*042d53a7SEvalZero static inline int bt_mesh_aes_cmac_one(const u8_t key[16], const void *m,
22*042d53a7SEvalZero size_t len, u8_t mac[16])
23*042d53a7SEvalZero {
24*042d53a7SEvalZero struct bt_mesh_sg sg = { m, len };
25*042d53a7SEvalZero
26*042d53a7SEvalZero return bt_mesh_aes_cmac(key, &sg, 1, mac);
27*042d53a7SEvalZero }
28*042d53a7SEvalZero
bt_mesh_s1(const char * m,u8_t salt[16])29*042d53a7SEvalZero static inline bool bt_mesh_s1(const char *m, u8_t salt[16])
30*042d53a7SEvalZero {
31*042d53a7SEvalZero const u8_t zero[16] = { 0 };
32*042d53a7SEvalZero
33*042d53a7SEvalZero return bt_mesh_aes_cmac_one(zero, m, strlen(m), salt);
34*042d53a7SEvalZero }
35*042d53a7SEvalZero
36*042d53a7SEvalZero int bt_mesh_k1(const u8_t *ikm, size_t ikm_len, const u8_t salt[16],
37*042d53a7SEvalZero const char *info, u8_t okm[16]);
38*042d53a7SEvalZero
39*042d53a7SEvalZero #define bt_mesh_k1_str(ikm, ikm_len, salt_str, info, okm) \
40*042d53a7SEvalZero ({ \
41*042d53a7SEvalZero const u8_t salt[16] = salt_str; \
42*042d53a7SEvalZero bt_mesh_k1(ikm, ikm_len, salt, info, okm); \
43*042d53a7SEvalZero })
44*042d53a7SEvalZero
45*042d53a7SEvalZero int bt_mesh_k2(const u8_t n[16], const u8_t *p, size_t p_len,
46*042d53a7SEvalZero u8_t net_id[1], u8_t enc_key[16], u8_t priv_key[16]);
47*042d53a7SEvalZero
48*042d53a7SEvalZero int bt_mesh_k3(const u8_t n[16], u8_t out[8]);
49*042d53a7SEvalZero
50*042d53a7SEvalZero int bt_mesh_k4(const u8_t n[16], u8_t out[1]);
51*042d53a7SEvalZero
52*042d53a7SEvalZero int bt_mesh_id128(const u8_t n[16], const char *s, u8_t out[16]);
53*042d53a7SEvalZero
bt_mesh_id_resolving_key(const u8_t net_key[16],u8_t resolving_key[16])54*042d53a7SEvalZero static inline int bt_mesh_id_resolving_key(const u8_t net_key[16],
55*042d53a7SEvalZero u8_t resolving_key[16])
56*042d53a7SEvalZero {
57*042d53a7SEvalZero return bt_mesh_k1_str(net_key, 16, "smbt", "smbi", resolving_key);
58*042d53a7SEvalZero }
59*042d53a7SEvalZero
bt_mesh_identity_key(const u8_t net_key[16],u8_t identity_key[16])60*042d53a7SEvalZero static inline int bt_mesh_identity_key(const u8_t net_key[16],
61*042d53a7SEvalZero u8_t identity_key[16])
62*042d53a7SEvalZero {
63*042d53a7SEvalZero return bt_mesh_id128(net_key, "nkik", identity_key);
64*042d53a7SEvalZero }
65*042d53a7SEvalZero
bt_mesh_beacon_key(const u8_t net_key[16],u8_t beacon_key[16])66*042d53a7SEvalZero static inline int bt_mesh_beacon_key(const u8_t net_key[16],
67*042d53a7SEvalZero u8_t beacon_key[16])
68*042d53a7SEvalZero {
69*042d53a7SEvalZero return bt_mesh_id128(net_key, "nkbk", beacon_key);
70*042d53a7SEvalZero }
71*042d53a7SEvalZero
72*042d53a7SEvalZero int bt_mesh_beacon_auth(const u8_t beacon_key[16], u8_t flags,
73*042d53a7SEvalZero const u8_t net_id[16], u32_t iv_index,
74*042d53a7SEvalZero u8_t auth[8]);
75*042d53a7SEvalZero
bt_mesh_app_id(const u8_t app_key[16],u8_t app_id[1])76*042d53a7SEvalZero static inline int bt_mesh_app_id(const u8_t app_key[16], u8_t app_id[1])
77*042d53a7SEvalZero {
78*042d53a7SEvalZero return bt_mesh_k4(app_key, app_id);
79*042d53a7SEvalZero }
80*042d53a7SEvalZero
bt_mesh_session_key(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t session_key[16])81*042d53a7SEvalZero static inline int bt_mesh_session_key(const u8_t dhkey[32],
82*042d53a7SEvalZero const u8_t prov_salt[16],
83*042d53a7SEvalZero u8_t session_key[16])
84*042d53a7SEvalZero {
85*042d53a7SEvalZero return bt_mesh_k1(dhkey, 32, prov_salt, "prsk", session_key);
86*042d53a7SEvalZero }
87*042d53a7SEvalZero
bt_mesh_prov_nonce(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t nonce[13])88*042d53a7SEvalZero static inline int bt_mesh_prov_nonce(const u8_t dhkey[32],
89*042d53a7SEvalZero const u8_t prov_salt[16],
90*042d53a7SEvalZero u8_t nonce[13])
91*042d53a7SEvalZero {
92*042d53a7SEvalZero u8_t tmp[16];
93*042d53a7SEvalZero int err;
94*042d53a7SEvalZero
95*042d53a7SEvalZero err = bt_mesh_k1(dhkey, 32, prov_salt, "prsn", tmp);
96*042d53a7SEvalZero if (!err) {
97*042d53a7SEvalZero memcpy(nonce, tmp + 3, 13);
98*042d53a7SEvalZero }
99*042d53a7SEvalZero
100*042d53a7SEvalZero return err;
101*042d53a7SEvalZero }
102*042d53a7SEvalZero
bt_mesh_dev_key(const u8_t dhkey[32],const u8_t prov_salt[16],u8_t dev_key[16])103*042d53a7SEvalZero static inline int bt_mesh_dev_key(const u8_t dhkey[32],
104*042d53a7SEvalZero const u8_t prov_salt[16],
105*042d53a7SEvalZero u8_t dev_key[16])
106*042d53a7SEvalZero {
107*042d53a7SEvalZero return bt_mesh_k1(dhkey, 32, prov_salt, "prdk", dev_key);
108*042d53a7SEvalZero }
109*042d53a7SEvalZero
bt_mesh_prov_salt(const u8_t conf_salt[16],const u8_t prov_rand[16],const u8_t dev_rand[16],u8_t prov_salt[16])110*042d53a7SEvalZero static inline int bt_mesh_prov_salt(const u8_t conf_salt[16],
111*042d53a7SEvalZero const u8_t prov_rand[16],
112*042d53a7SEvalZero const u8_t dev_rand[16],
113*042d53a7SEvalZero u8_t prov_salt[16])
114*042d53a7SEvalZero {
115*042d53a7SEvalZero const u8_t prov_salt_key[16] = { 0 };
116*042d53a7SEvalZero struct bt_mesh_sg sg[] = {
117*042d53a7SEvalZero { conf_salt, 16 },
118*042d53a7SEvalZero { prov_rand, 16 },
119*042d53a7SEvalZero { dev_rand, 16 },
120*042d53a7SEvalZero };
121*042d53a7SEvalZero
122*042d53a7SEvalZero return bt_mesh_aes_cmac(prov_salt_key, sg, ARRAY_SIZE(sg), prov_salt);
123*042d53a7SEvalZero }
124*042d53a7SEvalZero
125*042d53a7SEvalZero int bt_mesh_net_obfuscate(u8_t *pdu, u32_t iv_index,
126*042d53a7SEvalZero const u8_t privacy_key[16]);
127*042d53a7SEvalZero
128*042d53a7SEvalZero int bt_mesh_net_encrypt(const u8_t key[16], struct os_mbuf *buf,
129*042d53a7SEvalZero u32_t iv_index, bool proxy);
130*042d53a7SEvalZero
131*042d53a7SEvalZero int bt_mesh_net_decrypt(const u8_t key[16], struct os_mbuf *buf,
132*042d53a7SEvalZero u32_t iv_index, bool proxy);
133*042d53a7SEvalZero
134*042d53a7SEvalZero int bt_mesh_app_encrypt(const u8_t key[16], bool dev_key, u8_t aszmic,
135*042d53a7SEvalZero struct os_mbuf*buf, const u8_t *ad,
136*042d53a7SEvalZero u16_t src, u16_t dst, u32_t seq_num, u32_t iv_index);
137*042d53a7SEvalZero
138*042d53a7SEvalZero int bt_mesh_app_decrypt(const u8_t key[16], bool dev_key, u8_t aszmic,
139*042d53a7SEvalZero struct os_mbuf*buf, struct os_mbuf*out,
140*042d53a7SEvalZero const u8_t *ad, u16_t src, u16_t dst, u32_t seq_num,
141*042d53a7SEvalZero u32_t iv_index);
142*042d53a7SEvalZero
143*042d53a7SEvalZero u8_t bt_mesh_fcs_calc(const u8_t *data, u8_t data_len);
144*042d53a7SEvalZero
145*042d53a7SEvalZero bool bt_mesh_fcs_check(struct os_mbuf *buf, u8_t received_fcs);
146*042d53a7SEvalZero
147*042d53a7SEvalZero int bt_mesh_virtual_addr(const u8_t virtual_label[16], u16_t *addr);
148*042d53a7SEvalZero
149*042d53a7SEvalZero int bt_mesh_prov_conf_salt(const u8_t conf_inputs[145], u8_t salt[16]);
150*042d53a7SEvalZero
151*042d53a7SEvalZero int bt_mesh_prov_conf_key(const u8_t dhkey[32], const u8_t conf_salt[16],
152*042d53a7SEvalZero u8_t conf_key[16]);
153*042d53a7SEvalZero
154*042d53a7SEvalZero int bt_mesh_prov_conf(const u8_t conf_key[16], const u8_t rand[16],
155*042d53a7SEvalZero const u8_t auth[16], u8_t conf[16]);
156*042d53a7SEvalZero
157*042d53a7SEvalZero int bt_mesh_prov_decrypt(const u8_t key[16], u8_t nonce[13],
158*042d53a7SEvalZero const u8_t data[25 + 8], u8_t out[25]);
159*042d53a7SEvalZero
160*042d53a7SEvalZero #endif
161