#include "osi/include/osi.h"
#include "smp_api.h"
-extern bool aes_cipher_msg_auth_code(BT_OCTET16 key, uint8_t* input,
- uint16_t length, uint16_t tlen,
- uint8_t* p_signature);
extern void gatt_notify_phy_updated(uint8_t status, uint16_t handle,
uint8_t tx_phy, uint8_t rx_phy);
extern void btm_ble_advertiser_notify_terminated_legacy(
tBTM_SEC_DEV_REC* p_rec = btm_find_dev(bd_addr);
BTM_TRACE_DEBUG("%s", __func__);
- bool ret = false;
if (p_rec == NULL) {
BTM_TRACE_ERROR("%s-data signing can not be done from unknown device",
__func__);
- } else {
- uint8_t* p_mac = (uint8_t*)signature;
- uint8_t* pp;
- uint8_t* p_buf = (uint8_t*)osi_malloc(len + 4);
-
- BTM_TRACE_DEBUG("%s-Start to generate Local CSRK", __func__);
- pp = p_buf;
- /* prepare plain text */
- if (p_text) {
- memcpy(p_buf, p_text, len);
- pp = (p_buf + len);
- }
+ return false;
+ }
- UINT32_TO_STREAM(pp, p_rec->ble.keys.local_counter);
- UINT32_TO_STREAM(p_mac, p_rec->ble.keys.local_counter);
+ uint8_t* p_mac = (uint8_t*)signature;
+ uint8_t* pp;
+ uint8_t* p_buf = (uint8_t*)osi_malloc(len + 4);
- ret = aes_cipher_msg_auth_code(p_rec->ble.keys.lcsrk, p_buf,
- (uint16_t)(len + 4), BTM_CMAC_TLEN_SIZE,
- p_mac);
- if (ret) {
- btm_ble_increment_sign_ctr(bd_addr, true);
- }
-
- BTM_TRACE_DEBUG("%s p_mac = %d", __func__, p_mac);
- BTM_TRACE_DEBUG(
- "p_mac[0] = 0x%02x p_mac[1] = 0x%02x p_mac[2] = 0x%02x p_mac[3] = "
- "0x%02x",
- *p_mac, *(p_mac + 1), *(p_mac + 2), *(p_mac + 3));
- BTM_TRACE_DEBUG(
- "p_mac[4] = 0x%02x p_mac[5] = 0x%02x p_mac[6] = 0x%02x p_mac[7] = "
- "0x%02x",
- *(p_mac + 4), *(p_mac + 5), *(p_mac + 6), *(p_mac + 7));
- osi_free(p_buf);
+ BTM_TRACE_DEBUG("%s-Start to generate Local CSRK", __func__);
+ pp = p_buf;
+ /* prepare plain text */
+ if (p_text) {
+ memcpy(p_buf, p_text, len);
+ pp = (p_buf + len);
}
- return ret;
+
+ UINT32_TO_STREAM(pp, p_rec->ble.keys.local_counter);
+ UINT32_TO_STREAM(p_mac, p_rec->ble.keys.local_counter);
+
+ aes_cipher_msg_auth_code(p_rec->ble.keys.lcsrk, p_buf, (uint16_t)(len + 4),
+ BTM_CMAC_TLEN_SIZE, p_mac);
+ btm_ble_increment_sign_ctr(bd_addr, true);
+
+ BTM_TRACE_DEBUG("%s p_mac = %d", __func__, p_mac);
+ BTM_TRACE_DEBUG(
+ "p_mac[0] = 0x%02x p_mac[1] = 0x%02x p_mac[2] = 0x%02x p_mac[3] = "
+ "0x%02x",
+ *p_mac, *(p_mac + 1), *(p_mac + 2), *(p_mac + 3));
+ BTM_TRACE_DEBUG(
+ "p_mac[4] = 0x%02x p_mac[5] = 0x%02x p_mac[6] = 0x%02x p_mac[7] = "
+ "0x%02x",
+ *(p_mac + 4), *(p_mac + 5), *(p_mac + 6), *(p_mac + 7));
+ osi_free(p_buf);
+ return true;
}
/*******************************************************************************
BTM_TRACE_DEBUG("%s rcv_cnt=%d >= expected_cnt=%d", __func__, counter,
p_rec->ble.keys.counter);
- if (aes_cipher_msg_auth_code(p_rec->ble.keys.pcsrk, p_orig, len,
- BTM_CMAC_TLEN_SIZE, p_mac)) {
- if (memcmp(p_mac, p_comp, BTM_CMAC_TLEN_SIZE) == 0) {
- btm_ble_increment_sign_ctr(bd_addr, false);
- verified = true;
- }
+ aes_cipher_msg_auth_code(p_rec->ble.keys.pcsrk, p_orig, len,
+ BTM_CMAC_TLEN_SIZE, p_mac);
+ if (memcmp(p_mac, p_comp, BTM_CMAC_TLEN_SIZE) == 0) {
+ btm_ble_increment_sign_ctr(bd_addr, false);
+ verified = true;
}
}
return verified;
******************************************************************************/
static void btm_ble_process_dhk(tSMP_ENC* p) {
uint8_t btm_ble_irk_pt = 0x01;
- tSMP_ENC output;
BTM_TRACE_DEBUG("btm_ble_process_dhk");
memcpy(btm_cb.devcb.id_keys.dhk, p->param_buf, BT_OCTET16_LEN);
BTM_TRACE_DEBUG("BLE DHK generated.");
+ tSMP_ENC output;
/* IRK = D1(IR, 1) */
- if (!SMP_Encrypt(btm_cb.devcb.id_keys.ir, BT_OCTET16_LEN, &btm_ble_irk_pt,
- 1, &output)) {
- /* reset all identity root related key */
- memset(&btm_cb.devcb.id_keys, 0, sizeof(tBTM_BLE_LOCAL_ID_KEYS));
- } else {
- btm_ble_process_irk(&output);
- }
+ SMP_Encrypt(btm_cb.devcb.id_keys.ir, &btm_ble_irk_pt, 1, &output);
+ btm_ble_process_irk(&output);
} else {
/* reset all identity root related key */
memset(&btm_cb.devcb.id_keys, 0, sizeof(tBTM_BLE_LOCAL_ID_KEYS));
memcpy(&btm_cb.devcb.id_keys.ir[8], rand, BT_OCTET8_LEN);
/* generate DHK= Eir({0x03, 0x00, 0x00 ...}) */
- SMP_Encrypt(btm_cb.devcb.id_keys.ir, BT_OCTET16_LEN, &btm_ble_dhk_pt, 1,
- &output);
+ SMP_Encrypt(btm_cb.devcb.id_keys.ir, &btm_ble_dhk_pt, 1, &output);
btm_ble_process_dhk(&output);
BTM_TRACE_DEBUG("BLE IR generated.");
#endif
static void smp_process_stk(tSMP_CB* p_cb, tSMP_ENC* p);
-static bool smp_calculate_legacy_short_term_key(tSMP_CB* p_cb,
+static void smp_calculate_legacy_short_term_key(tSMP_CB* p_cb,
tSMP_ENC* output);
static void smp_process_private_key(tSMP_CB* p_cb);
#endif
}
-/*******************************************************************************
- *
- * Function smp_encrypt_data
- *
- * Description This function is called to encrypt data.
- * It uses AES-128 encryption algorithm.
- * Plain_text is encrypted using key, the result is at p_out.
- *
- * Returns void
- *
- ******************************************************************************/
-bool smp_encrypt_data(uint8_t* key, uint8_t key_len, uint8_t* plain_text,
- uint8_t pt_len, tSMP_ENC* p_out) {
- aes_context ctx;
- uint8_t* p_start = NULL;
+/* This function is called to encrypt data. It uses AES-128 encryption
+ * algorithm. |plain_text| is encrypted using |key|, the result is at p_out.
+ */
+void smp_encrypt_data(uint8_t* key, uint8_t* plain_text, uint8_t pt_len,
+ tSMP_ENC* p_out) {
+ CHECK(p_out);
+
uint8_t* p = NULL;
uint8_t* p_rev_data = NULL; /* input data in big endilan format */
uint8_t* p_rev_key = NULL; /* input key in big endilan format */
uint8_t* p_rev_output = NULL; /* encrypted output in big endilan format */
SMP_TRACE_DEBUG("%s", __func__);
- if ((p_out == NULL) || (key_len != SMP_ENCRYT_KEY_SIZE)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- return false;
- }
-
- p_start = (uint8_t*)osi_calloc(SMP_ENCRYT_DATA_SIZE * 4);
if (pt_len > SMP_ENCRYT_DATA_SIZE) pt_len = SMP_ENCRYT_DATA_SIZE;
+ uint8_t p_start[SMP_ENCRYT_DATA_SIZE * 4];
p = p_start;
ARRAY_TO_STREAM(p, plain_text, pt_len); /* byte 0 to byte 15 */
p_rev_data = p = p_start + SMP_ENCRYT_DATA_SIZE; /* start at byte 16 */
SMP_ENCRYT_DATA_SIZE);
#endif
p_rev_output = p;
+
+ aes_context ctx;
aes_set_key(p_rev_key, SMP_ENCRYT_KEY_SIZE, &ctx);
aes_encrypt(p_rev_data, p, &ctx); /* outputs in byte 48 to byte 63 */
p_out->param_len = SMP_ENCRYT_KEY_SIZE;
p_out->status = HCI_SUCCESS;
p_out->opcode = HCI_BLE_ENCRYPT;
-
- osi_free(p_start);
-
- return true;
}
/*******************************************************************************
output.status = HCI_SUCCESS;
output.opcode = HCI_BLE_ENCRYPT;
memcpy(output.param_buf, p_cb->ltk, SMP_ENCRYT_DATA_SIZE);
- } else if (!smp_calculate_legacy_short_term_key(p_cb, &output)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- tSMP_INT_DATA smp_int_data;
- smp_int_data.status = SMP_PAIR_FAIL_UNKNOWN;
- smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
- return;
+ } else {
+ smp_calculate_legacy_short_term_key(p_cb, &output);
}
smp_process_stk(p_cb, &output);
UINT16_TO_STREAM(p, p_cb->div);
UINT16_TO_STREAM(p, r);
- if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output)) {
- SMP_TRACE_ERROR("smp_generate_csrk failed");
- tSMP_INT_DATA smp_int_data;
- smp_int_data.status = SMP_PAIR_FAIL_UNKNOWN;
- if (p_cb->smp_over_br) {
- smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &smp_int_data);
- } else {
- smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
- }
- } else {
- memcpy((void*)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
- smp_send_csrk_info(p_cb, NULL);
- }
+ SMP_Encrypt(er, buffer, 4, &output);
+ memcpy((void*)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
+ smp_send_csrk_info(p_cb, NULL);
}
/**
/* calculate e1 = e(k, p1'), where k = TK */
smp_debug_print_nbyte_little_endian(p_cb->tk, "TK", 16);
memset(output, 0, sizeof(tSMP_ENC));
- if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, output)) {
- SMP_TRACE_ERROR("%s: failed encryption at e1 = e(k, p1')");
- return SMP_PAIR_FAIL_UNKNOWN;
- }
+ SMP_Encrypt(p_cb->tk, p1, BT_OCTET16_LEN, output);
smp_debug_print_nbyte_little_endian(output->param_buf, "e1 = e(k, p1')", 16);
/* generate p2 = padding || ia || ra */
BT_OCTET16 p2;
smp_debug_print_nbyte_little_endian((uint8_t*)p2, "p2' = p2 XOR e1", 16);
/* calculate: c1 = e(k, p2') */
memset(output, 0, sizeof(tSMP_ENC));
- if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, output)) {
- SMP_TRACE_ERROR("%s: failed encryption at e1 = e(k, p2')");
- return SMP_PAIR_FAIL_UNKNOWN;
- }
+ SMP_Encrypt(p_cb->tk, p2, BT_OCTET16_LEN, output);
return SMP_SUCCESS;
}
memcpy(p_cb->enc_rand, rand, BT_OCTET8_LEN);
tSMP_ENC output;
- if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, rand, BT_OCTET8_LEN, &output)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- tSMP_INT_DATA smp_int_data;
- smp_int_data.status = SMP_PAIR_FAIL_UNKNOWN;
- smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
- } else {
- smp_process_ediv(p_cb, &output);
- }
+ SMP_Encrypt(dhk, rand, BT_OCTET8_LEN, &output);
+ smp_process_ediv(p_cb, &output);
}
/**
tSMP_ENC output;
/* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
- if (!SMP_Encrypt(er, BT_OCTET16_LEN, (uint8_t*)&p_cb->div, sizeof(uint16_t),
- &output)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- tSMP_INT_DATA smp_int_data;
- smp_int_data.status = SMP_PAIR_FAIL_UNKNOWN;
- smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
- } else {
- /* mask the LTK */
- smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
- memcpy((void*)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
+ SMP_Encrypt(er, (uint8_t*)&p_cb->div, sizeof(uint16_t), &output);
+ /* mask the LTK */
+ smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
+ memcpy((void*)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
- /* generate EDIV and rand now */
- btsnd_hcic_ble_rand(Bind(&smp_generate_y, p_cb));
- }
+ /* generate EDIV and rand now */
+ btsnd_hcic_ble_rand(Bind(&smp_generate_y, p_cb));
}
/*******************************************************************************
}
}
-/*******************************************************************************
- *
- * Function smp_calculate_legacy_short_term_key
- *
- * Description The function calculates legacy STK.
- *
- * Returns false if out of resources, true in other cases.
- *
- ******************************************************************************/
-bool smp_calculate_legacy_short_term_key(tSMP_CB* p_cb, tSMP_ENC* output) {
+/* The function calculates legacy STK */
+void smp_calculate_legacy_short_term_key(tSMP_CB* p_cb, tSMP_ENC* output) {
SMP_TRACE_DEBUG("%s", __func__);
BT_OCTET16 ptext;
}
/* generate STK = Etk(rand|rrand)*/
- bool encrypted =
- SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, output);
- if (!encrypted) {
- SMP_TRACE_ERROR("%s failed", __func__);
- }
- return encrypted;
+ SMP_Encrypt(p_cb->tk, ptext, BT_OCTET16_LEN, output);
}
/*******************************************************************************
smp_debug_print_nbyte_little_endian(p_prnt, "K", BT_OCTET16_LEN);
#endif
- if (!aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- return (BTM_MAX_PASSKEY_VAL + 1);
- }
+ aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac);
#if (SMP_DEBUG == TRUE)
p_prnt = cmac;
* MacKey is 128 bits;
* LTK is 128 bits
*
- * Returns false if out of resources, true in other cases.
- *
* Note The LSB is the first octet, the MSB is the last octet of
* the AES-CMAC input/output stream.
*
******************************************************************************/
-bool smp_calculate_f5(uint8_t* w, uint8_t* n1, uint8_t* n2, uint8_t* a1,
+void smp_calculate_f5(uint8_t* w, uint8_t* n1, uint8_t* n2, uint8_t* a1,
uint8_t* a2, uint8_t* mac_key, uint8_t* ltk) {
BT_OCTET16 t; /* AES-CMAC output in smp_calculate_f5_key(...), key in */
/* smp_calculate_f5_mackey_or_long_term_key(...) */
smp_debug_print_nbyte_little_endian(p_prnt, "A2", 7);
#endif
- if (!smp_calculate_f5_key(w, t)) {
- SMP_TRACE_ERROR("%s failed to calc T", __func__);
- return false;
- }
+ smp_calculate_f5_key(w, t);
#if (SMP_DEBUG == TRUE)
p_prnt = t;
smp_debug_print_nbyte_little_endian(p_prnt, "T", BT_OCTET16_LEN);
#endif
- if (!smp_calculate_f5_mackey_or_long_term_key(t, counter_mac_key, key_id, n1,
- n2, a1, a2, length, mac_key)) {
- SMP_TRACE_ERROR("%s failed to calc MacKey", __func__);
- return false;
- }
+ smp_calculate_f5_mackey_or_long_term_key(t, counter_mac_key, key_id, n1, n2,
+ a1, a2, length, mac_key);
#if (SMP_DEBUG == TRUE)
p_prnt = mac_key;
smp_debug_print_nbyte_little_endian(p_prnt, "MacKey", BT_OCTET16_LEN);
#endif
- if (!smp_calculate_f5_mackey_or_long_term_key(t, counter_ltk, key_id, n1, n2,
- a1, a2, length, ltk)) {
- SMP_TRACE_ERROR("%s failed to calc LTK", __func__);
- return false;
- }
+ smp_calculate_f5_mackey_or_long_term_key(t, counter_ltk, key_id, n1, n2, a1,
+ a2, length, ltk);
#if (SMP_DEBUG == TRUE)
p_prnt = ltk;
smp_debug_print_nbyte_little_endian(p_prnt, "LTK", BT_OCTET16_LEN);
#endif
- return true;
}
/*******************************************************************************
* Length is 16 bits, its value is 0x0100
* output: LTK is 128 bit.
*
- * Returns false if out of resources, true in other cases.
- *
* Note The LSB is the first octet, the MSB is the last octet of
* the AES-CMAC input/output stream.
*
******************************************************************************/
-bool smp_calculate_f5_mackey_or_long_term_key(uint8_t* t, uint8_t* counter,
+void smp_calculate_f5_mackey_or_long_term_key(uint8_t* t, uint8_t* counter,
uint8_t* key_id, uint8_t* n1,
uint8_t* n2, uint8_t* a1,
uint8_t* a2, uint8_t* length,
BT_OCTET16_LEN /* N2 size */ + 7 /* A1 size*/ +
7 /* A2 size*/ + 2 /* Length size */;
uint8_t msg[1 + 4 + BT_OCTET16_LEN + BT_OCTET16_LEN + 7 + 7 + 2];
- bool ret = true;
#if (SMP_DEBUG == TRUE)
uint8_t* p_prnt = NULL;
#endif
smp_debug_print_nbyte_little_endian(p_prnt, "M", msg_len);
#endif
- if (!aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- ret = false;
- }
+ aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac);
#if (SMP_DEBUG == TRUE)
p_prnt = cmac;
p = mac;
ARRAY_TO_STREAM(p, cmac, BT_OCTET16_LEN);
- return ret;
}
/*******************************************************************************
* the AES-CMAC input/output stream.
*
******************************************************************************/
-bool smp_calculate_f5_key(uint8_t* w, uint8_t* t) {
+void smp_calculate_f5_key(uint8_t* w, uint8_t* t) {
uint8_t* p = NULL;
/* Please see 2.2.7 LE Secure Connections Key Generation Function f5 */
/*
#endif
BT_OCTET16 cmac;
- bool ret = true;
- if (!aes_cipher_msg_auth_code(key, msg, BT_OCTET32_LEN, BT_OCTET16_LEN,
- cmac)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- ret = false;
- }
+ aes_cipher_msg_auth_code(key, msg, BT_OCTET32_LEN, BT_OCTET16_LEN, cmac);
#if (SMP_DEBUG == TRUE)
p_prnt = cmac;
p = t;
ARRAY_TO_STREAM(p, cmac, BT_OCTET16_LEN);
- return ret;
}
/*******************************************************************************
void smp_calculate_peer_dhkey_check(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) {
uint8_t iocap[3], a[7], b[7];
BT_OCTET16 param_buf;
- bool ret;
tSMP_KEY key;
SMP_TRACE_DEBUG("%s", __func__);
smp_collect_local_ble_address(a, p_cb);
smp_collect_peer_ble_address(b, p_cb);
- ret = smp_calculate_f6(p_cb->mac_key, p_cb->rrand, p_cb->rand,
- p_cb->local_random, iocap, b, a, param_buf);
+ smp_calculate_f6(p_cb->mac_key, p_cb->rrand, p_cb->rand, p_cb->local_random,
+ iocap, b, a, param_buf);
- if (ret) {
- SMP_TRACE_EVENT("peer DHKey check calculation is completed");
+ SMP_TRACE_EVENT("peer DHKey check calculation is completed");
#if (SMP_DEBUG == TRUE)
- smp_debug_print_nbyte_little_endian(param_buf, "peer DHKey check",
- BT_OCTET16_LEN);
+ smp_debug_print_nbyte_little_endian(param_buf, "peer DHKey check",
+ BT_OCTET16_LEN);
#endif
- key.key_type = SMP_KEY_TYPE_PEER_DHK_CHCK;
- key.p_data = param_buf;
- tSMP_INT_DATA smp_int_data;
- smp_int_data.key = key;
- smp_sm_event(p_cb, SMP_SC_KEY_READY_EVT, &smp_int_data);
- } else {
- SMP_TRACE_EVENT("peer DHKey check calculation failed");
- tSMP_INT_DATA smp_int_data;
- smp_int_data.status = SMP_PAIR_FAIL_UNKNOWN;
- smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &smp_int_data);
- }
+ key.key_type = SMP_KEY_TYPE_PEER_DHK_CHCK;
+ key.p_data = param_buf;
+ tSMP_INT_DATA smp_int_data;
+ smp_int_data.key = key;
+ smp_sm_event(p_cb, SMP_SC_KEY_READY_EVT, &smp_int_data);
}
/*******************************************************************************
* A2 is 56 bit,
* output: C is 128 bit.
*
- * Returns false if out of resources, true in other cases.
- *
* Note The LSB is the first octet, the MSB is the last octet of
* the AES-CMAC input/output stream.
*
******************************************************************************/
-bool smp_calculate_f6(uint8_t* w, uint8_t* n1, uint8_t* n2, uint8_t* r,
+void smp_calculate_f6(uint8_t* w, uint8_t* n1, uint8_t* n2, uint8_t* r,
uint8_t* iocap, uint8_t* a1, uint8_t* a2, uint8_t* c) {
uint8_t* p = NULL;
uint8_t msg_len = BT_OCTET16_LEN /* N1 size */ +
smp_debug_print_nbyte_little_endian(p_print, "M", msg_len);
#endif
- bool ret = true;
- if (!aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- ret = false;
- }
+ aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac);
#if (SMP_DEBUG == TRUE)
p_print = cmac;
p = c;
ARRAY_TO_STREAM(p, cmac, BT_OCTET16_LEN);
- return ret;
}
/*******************************************************************************
}
BT_OCTET16 intermediate_link_key;
- bool ret = true;
if (p_cb->key_derivation_h7_used)
- ret = smp_calculate_h7((uint8_t*)salt, p_cb->ltk, intermediate_link_key);
+ smp_calculate_h7((uint8_t*)salt, p_cb->ltk, intermediate_link_key);
else
- ret = smp_calculate_h6(p_cb->ltk, (uint8_t*)"1pmt" /* reversed "tmp1" */,
- intermediate_link_key);
- if (!ret) {
- SMP_TRACE_ERROR("%s failed to derive intermediate_link_key", __func__);
- return ret;
- }
+ smp_calculate_h6(p_cb->ltk, (uint8_t*)"1pmt" /* reversed "tmp1" */,
+ intermediate_link_key);
BT_OCTET16 link_key;
- ret = smp_calculate_h6(intermediate_link_key,
- (uint8_t*)"rbel" /* reversed "lebr" */, link_key);
- if (!ret) {
- SMP_TRACE_ERROR("%s failed", __func__);
- } else {
- uint8_t link_key_type;
- if (btm_cb.security_mode == BTM_SEC_MODE_SC) {
- /* Secure Connections Only Mode */
+ smp_calculate_h6(intermediate_link_key,
+ (uint8_t*)"rbel" /* reversed "lebr" */, link_key);
+ uint8_t link_key_type;
+ if (btm_cb.security_mode == BTM_SEC_MODE_SC) {
+ /* Secure Connections Only Mode */
+ link_key_type = BTM_LKEY_TYPE_AUTH_COMB_P_256;
+ } else if (controller_get_interface()->supports_secure_connections()) {
+ /* both transports are SC capable */
+ if (p_cb->sec_level == SMP_SEC_AUTHENTICATED)
link_key_type = BTM_LKEY_TYPE_AUTH_COMB_P_256;
- } else if (controller_get_interface()->supports_secure_connections()) {
- /* both transports are SC capable */
- if (p_cb->sec_level == SMP_SEC_AUTHENTICATED)
- link_key_type = BTM_LKEY_TYPE_AUTH_COMB_P_256;
- else
- link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB_P_256;
- } else if (btm_cb.security_mode == BTM_SEC_MODE_SP) {
- /* BR/EDR transport is SSP capable */
- if (p_cb->sec_level == SMP_SEC_AUTHENTICATED)
- link_key_type = BTM_LKEY_TYPE_AUTH_COMB;
- else
- link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB;
- } else {
- SMP_TRACE_ERROR(
- "%s failed to update link_key. Sec Mode = %d, sm4 = 0x%02x", __func__,
- btm_cb.security_mode, p_dev_rec->sm4);
- return false;
- }
+ else
+ link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB_P_256;
+ } else if (btm_cb.security_mode == BTM_SEC_MODE_SP) {
+ /* BR/EDR transport is SSP capable */
+ if (p_cb->sec_level == SMP_SEC_AUTHENTICATED)
+ link_key_type = BTM_LKEY_TYPE_AUTH_COMB;
+ else
+ link_key_type = BTM_LKEY_TYPE_UNAUTH_COMB;
+ } else {
+ SMP_TRACE_ERROR("%s failed to update link_key. Sec Mode = %d, sm4 = 0x%02x",
+ __func__, btm_cb.security_mode, p_dev_rec->sm4);
+ return false;
+ }
- link_key_type += BTM_LTK_DERIVED_LKEY_OFFSET;
+ link_key_type += BTM_LTK_DERIVED_LKEY_OFFSET;
- uint8_t* p;
- BT_OCTET16 notif_link_key;
- p = notif_link_key;
- ARRAY16_TO_STREAM(p, link_key);
+ uint8_t* p;
+ BT_OCTET16 notif_link_key;
+ p = notif_link_key;
+ ARRAY16_TO_STREAM(p, link_key);
- btm_sec_link_key_notification(bda_for_lk, notif_link_key, link_key_type);
+ btm_sec_link_key_notification(bda_for_lk, notif_link_key, link_key_type);
- SMP_TRACE_EVENT("%s is completed", __func__);
- }
+ SMP_TRACE_EVENT("%s is completed", __func__);
- return ret;
+ return true;
}
-/*******************************************************************************
- *
- * Function smp_calculate_long_term_key_from_link_key
- *
- * Description The function calculates and saves SC LTK derived from BR/EDR
- * link key.
- *
- * Returns false if out of resources, true in other cases.
- *
- ******************************************************************************/
+/** The function calculates and saves SC LTK derived from BR/EDR link key. */
bool smp_calculate_long_term_key_from_link_key(tSMP_CB* p_cb) {
- bool ret = true;
tBTM_SEC_DEV_REC* p_dev_rec;
uint8_t rev_link_key[16];
BT_OCTET16 salt = {0x32, 0x70, 0x6D, 0x74, 0x00, 0x00, 0x00, 0x00,
BT_OCTET16 intermediate_long_term_key;
if (p_cb->key_derivation_h7_used) {
- ret = smp_calculate_h7((uint8_t*)salt, rev_link_key,
- intermediate_long_term_key);
+ smp_calculate_h7((uint8_t*)salt, rev_link_key, intermediate_long_term_key);
} else {
/* "tmp2" obtained from the spec */
- ret = smp_calculate_h6(rev_link_key, (uint8_t*)"2pmt" /* reversed "tmp2" */,
- intermediate_long_term_key);
- }
-
- if (!ret) {
- SMP_TRACE_ERROR("%s failed to derive intermediate_long_term_key", __func__);
- return ret;
+ smp_calculate_h6(rev_link_key, (uint8_t*)"2pmt" /* reversed "tmp2" */,
+ intermediate_long_term_key);
}
/* "brle" obtained from the spec */
- ret = smp_calculate_h6(intermediate_long_term_key,
- (uint8_t*)"elrb" /* reversed "brle" */, p_cb->ltk);
+ smp_calculate_h6(intermediate_long_term_key,
+ (uint8_t*)"elrb" /* reversed "brle" */, p_cb->ltk);
- if (!ret) {
- SMP_TRACE_ERROR("%s failed", __func__);
- } else {
- p_cb->sec_level = (br_link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256)
- ? SMP_SEC_AUTHENTICATED
- : SMP_SEC_UNAUTHENTICATE;
- SMP_TRACE_EVENT("%s is completed", __func__);
- }
-
- return ret;
+ p_cb->sec_level = (br_link_key_type == BTM_LKEY_TYPE_AUTH_COMB_P_256)
+ ? SMP_SEC_AUTHENTICATED
+ : SMP_SEC_UNAUTHENTICATE;
+ SMP_TRACE_EVENT("%s is completed", __func__);
+ return true;
}
/*******************************************************************************
* KeyId is 32 bit,
* output: C is 128 bit.
*
- * Returns false if out of resources, true in other cases.
- *
* Note The LSB is the first octet, the MSB is the last octet of
* the AES-CMAC input/output stream.
*
******************************************************************************/
-bool smp_calculate_h6(uint8_t* w, uint8_t* keyid, uint8_t* c) {
+void smp_calculate_h6(uint8_t* w, uint8_t* keyid, uint8_t* c) {
#if (SMP_DEBUG == TRUE)
uint8_t* p_print = NULL;
#endif
smp_debug_print_nbyte_little_endian(p_print, "M", msg_len);
#endif
- bool ret = true;
uint8_t cmac[BT_OCTET16_LEN];
- if (!aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac)) {
- SMP_TRACE_ERROR("%s failed", __func__);
- ret = false;
- }
+ aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac);
#if (SMP_DEBUG == TRUE)
p_print = cmac;
p = c;
ARRAY_TO_STREAM(p, cmac, BT_OCTET16_LEN);
- return ret;
}
/*******************************************************************************
** SALT is 128 bit,
** output: C is 128 bit.
**
-** Returns FALSE if out of resources, TRUE in other cases.
-**
** Note The LSB is the first octet, the MSB is the last octet of
** the AES-CMAC input/output stream.
**
*******************************************************************************/
-bool smp_calculate_h7(uint8_t* salt, uint8_t* w, uint8_t* c) {
+void smp_calculate_h7(uint8_t* salt, uint8_t* w, uint8_t* c) {
SMP_TRACE_DEBUG("%s", __FUNCTION__);
uint8_t key[BT_OCTET16_LEN];
p = msg;
ARRAY_TO_STREAM(p, w, BT_OCTET16_LEN);
- bool ret = true;
uint8_t cmac[BT_OCTET16_LEN];
- if (!aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac)) {
- SMP_TRACE_ERROR("%s failed", __FUNCTION__);
- ret = false;
- }
+ aes_cipher_msg_auth_code(key, msg, msg_len, BT_OCTET16_LEN, cmac);
p = c;
ARRAY_TO_STREAM(p, cmac, BT_OCTET16_LEN);
- return ret;
}
/**