/*******************************************************************************
**
** Function SMP_ConfirmReply
**
** Description This function is called after Security Manager submitted
** numeric comparison request to the application.
**
** Parameters: bd_addr - Address of the device with which numeric
** comparison was requested
** res - comparison result SMP_SUCCESS if success
**
*******************************************************************************/
void SMP_ConfirmReply (BD_ADDR bd_addr, UINT8 res)
{
tSMP_CB *p_cb = & smp_cb;
UINT8 failure = SMP_NUMERIC_COMPAR_FAIL;
SMP_TRACE_EVENT ("%s: Result:%d", __FUNCTION__, res);
/* If timeout already expired or has been canceled, ignore the reply */
if (p_cb->cb_evt != SMP_NC_REQ_EVT) {
SMP_TRACE_WARNING ("%s() - Wrong State: %d", __FUNCTION__, p_cb->state);
return;
}
if (memcmp (bd_addr, p_cb->pairing_bda, BD_ADDR_LEN) != 0) {
SMP_TRACE_ERROR ("%s() - Wrong BD Addr", __FUNCTION__);
return;
}
if (btm_find_dev (bd_addr) == NULL) {
SMP_TRACE_ERROR ("%s() - no dev CB", __FUNCTION__);
return;
}
if (res != SMP_SUCCESS) {
SMP_TRACE_WARNING ("%s() - Numeric Comparison fails", __FUNCTION__);
/* send pairing failure */
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
} else {
smp_sm_event(p_cb, SMP_SC_NC_OK_EVT, NULL);
}
}
/*******************************************************************************
**
** Function SMP_KeypressNotification
**
** Description This function is called to notify Security Manager about Keypress Notification.
**
** Parameters: bd_addr Address of the device to send keypress notification to
** value Keypress notification parameter value
**
*******************************************************************************/
void SMP_KeypressNotification (BD_ADDR bd_addr, UINT8 value)
{
tSMP_CB *p_cb = &smp_cb;
SMP_TRACE_EVENT ("%s: Value: %d", __FUNCTION__, value);
if (memcmp (bd_addr, p_cb->pairing_bda, BD_ADDR_LEN) != 0) {
SMP_TRACE_ERROR ("%s() - Wrong BD Addr", __FUNCTION__);
return;
}
if (btm_find_dev (bd_addr) == NULL) {
SMP_TRACE_ERROR ("%s() - no dev CB", __FUNCTION__);
return;
}
/* Keypress Notification is used by a device with KeyboardOnly IO capabilities */
/* during the passkey entry protocol */
if (p_cb->local_io_capability != SMP_IO_CAP_IN) {
SMP_TRACE_ERROR ("%s() - wrong local IO capabilities %d",
__FUNCTION__, p_cb->local_io_capability);
return;
}
if (p_cb->selected_association_model != SMP_MODEL_SEC_CONN_PASSKEY_ENT) {
SMP_TRACE_ERROR ("%s() - wrong protocol %d", __FUNCTION__,
p_cb->selected_association_model);
return;
}
smp_sm_event(p_cb, SMP_KEYPRESS_NOTIFICATION_EVENT, &value);
}
/*******************************************************************************
**
** Function smp_calculate_comfirm
**
** Description This function is called to calculate Confirm value.
**
** Returns void
**
*******************************************************************************/
void smp_calculate_comfirm (tSMP_CB *p_cb, BT_OCTET16 rand, BD_ADDR bda)
{
BT_OCTET16 p1;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
UNUSED(bda);
SMP_TRACE_DEBUG ("smp_calculate_comfirm ");
/* generate p1 = pres || preq || rat' || iat' */
smp_gen_p1_4_confirm(p_cb, p1);
/* p1 = rand XOR p1 */
smp_xor_128(p1, rand);
smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1' = r XOR p1", 16);
/* calculate e(k, r XOR p1), where k = TK */
if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output))
{
SMP_TRACE_ERROR("smp_generate_csrk failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
smp_calculate_comfirm_cont(p_cb, &output);
}
}
/*******************************************************************************
**
** Function smp_gen_p2_4_confirm
**
** Description Generate Confirm/Compare Step2:
** p2 = padding || ia || ra
**
** Returns void
**
*******************************************************************************/
void smp_gen_p2_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p2)
{
UINT8 *p = (UINT8 *)p2;
BD_ADDR remote_bda;
tBLE_ADDR_TYPE addr_type = 0;
if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
{
SMP_TRACE_ERROR("can not generate confirm p2 for unknown device");
return;
}
SMP_TRACE_DEBUG ("smp_gen_p2_4_confirm");
memset(p, 0, sizeof(BT_OCTET16));
if (p_cb->role == HCI_ROLE_MASTER)
{
/* LSB ra */
BDADDR_TO_STREAM(p, remote_bda);
/* ia */
BDADDR_TO_STREAM(p, p_cb->local_bda);
}
else
{
/* LSB ra */
BDADDR_TO_STREAM(p, p_cb->local_bda);
/* ia */
BDADDR_TO_STREAM(p, remote_bda);
}
#if SMP_DEBUG == TRUE
SMP_TRACE_DEBUG("p2 = padding || ia || ra");
smp_debug_print_nbyte_little_endian(p2, (const UINT8 *)"p2", 16);
#endif
}
/*******************************************************************************
**
** Function SMP_CreateLocalSecureConnectionsOobData
**
** Description This function is called to start creation of local SC OOB
** data set (tSMP_LOC_OOB_DATA).
**
** Parameters: bd_addr - Address of the device to send OOB data block to
**
** Returns Boolean - TRUE: creation of local SC OOB data set started.
*******************************************************************************/
BOOLEAN SMP_CreateLocalSecureConnectionsOobData (tBLE_BD_ADDR *addr_to_send_to)
{
tSMP_CB *p_cb = &smp_cb;
#if (!CONFIG_BT_STACK_NO_LOG)
UINT8 *bd_addr;
#endif
if (addr_to_send_to == NULL) {
SMP_TRACE_ERROR ("%s addr_to_send_to is not provided", __FUNCTION__);
return FALSE;
}
#if (!CONFIG_BT_STACK_NO_LOG)
bd_addr = addr_to_send_to->bda;
#endif
SMP_TRACE_EVENT ("%s addr type: %u, BDA: %08x%04x, state: %u, br_state: %u",
__FUNCTION__, addr_to_send_to->type,
(bd_addr[0] << 24) + (bd_addr[1] << 16) + (bd_addr[2] << 8) + bd_addr[3],
(bd_addr[4] << 8) + bd_addr[5],
p_cb->state,
p_cb->br_state);
if ((p_cb->state != SMP_STATE_IDLE) || (p_cb->smp_over_br)) {
SMP_TRACE_WARNING ("%s creation of local OOB data set "\
"starts only in IDLE state", __FUNCTION__);
return FALSE;
}
p_cb->sc_oob_data.loc_oob_data.addr_sent_to = *addr_to_send_to;
smp_sm_event(p_cb, SMP_CR_LOC_SC_OOB_DATA_EVT, NULL);
return TRUE;
}
/*******************************************************************************
**
** Function smp_generate_stk
**
** Description This function is called to generate STK calculated by running
** AES with the TK value as key and a concatenation of the random
** values.
**
** Returns void
**
*******************************************************************************/
void smp_generate_stk (tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
{
BT_OCTET16 ptext;
UINT8 *p = ptext;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
UNUSED(p_data);
SMP_TRACE_DEBUG ("smp_generate_stk ");
memset(p, 0, BT_OCTET16_LEN);
if (p_cb->role == HCI_ROLE_MASTER)
{
memcpy(p, p_cb->rand, BT_OCTET8_LEN);
memcpy(&p[BT_OCTET8_LEN], p_cb->rrand, BT_OCTET8_LEN);
}
else
{
memcpy(p, p_cb->rrand, BT_OCTET8_LEN);
memcpy(&p[BT_OCTET8_LEN], p_cb->rand, BT_OCTET8_LEN);
}
/* generate STK = Etk(rand|rrand)*/
if (!SMP_Encrypt( p_cb->tk, BT_OCTET16_LEN, ptext, BT_OCTET16_LEN, &output))
{
SMP_TRACE_ERROR("smp_generate_stk failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
smp_process_stk(p_cb, &output);
}
}
/*******************************************************************************
**
** Function SMP_BR_PairWith
**
** Description This function is called to start a SMP pairing over BR/EDR.
** Device support one SMP pairing at one time.
**
** Parameters bd_addr - peer device bd address.
**
** Returns SMP_STARTED if pairing started, otherwise reason for failure.
**
*******************************************************************************/
tSMP_STATUS SMP_BR_PairWith (BD_ADDR bd_addr)
{
tSMP_CB *p_cb = &smp_cb;
UINT8 status = SMP_PAIR_INTERNAL_ERR;
SMP_TRACE_EVENT ("%s state=%d br_state=%d flag=0x%x ",
__func__, p_cb->state, p_cb->br_state, p_cb->flags);
if (p_cb->state != SMP_STATE_IDLE ||
p_cb->smp_over_br ||
p_cb->flags & SMP_PAIR_FLAGS_WE_STARTED_DD) {
/* pending security on going, reject this one */
return SMP_BUSY;
}
p_cb->role = HCI_ROLE_MASTER;
p_cb->flags = SMP_PAIR_FLAGS_WE_STARTED_DD;
p_cb->smp_over_br = TRUE;
memcpy (p_cb->pairing_bda, bd_addr, BD_ADDR_LEN);
if (!L2CA_ConnectFixedChnl (L2CAP_SMP_BR_CID, bd_addr, BLE_ADDR_UNKNOWN_TYPE)) {
SMP_TRACE_ERROR("%s: L2C connect fixed channel failed.", __FUNCTION__);
smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &status);
return status;
}
return SMP_STARTED;
}
/*******************************************************************************
**
** Function smp_compute_csrk
**
** Description This function is called to calculate CSRK
**
**
** Returns void
**
*******************************************************************************/
void smp_compute_csrk(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
{
BT_OCTET16 er;
UINT8 buffer[4]; /* for (r || DIV) r=1*/
UINT16 r=1;
UINT8 *p=buffer;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
UNUSED(p_data);
SMP_TRACE_DEBUG ("smp_compute_csrk div=%x", p_cb->div);
BTM_GetDeviceEncRoot(er);
/* CSRK = d1(ER, DIV, 1) */
UINT16_TO_STREAM(p, p_cb->div);
UINT16_TO_STREAM(p, r);
if (!SMP_Encrypt(er, BT_OCTET16_LEN, buffer, 4, &output))
{
SMP_TRACE_ERROR("smp_generate_csrk failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
memcpy((void *)p_cb->csrk, output.param_buf, BT_OCTET16_LEN);
smp_send_csrk_info(p_cb, NULL);
}
}
/*******************************************************************************
**
** Function smp_genenrate_ltk_cont
**
** Description This function is to calculate LTK = d1(ER, DIV, 0)= e(ER, DIV)
**
** Returns void
**
*******************************************************************************/
static void smp_genenrate_ltk_cont(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
{
BT_OCTET16 er;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
UNUSED(p_data);
SMP_TRACE_DEBUG ("smp_genenrate_ltk_cont ");
BTM_GetDeviceEncRoot(er);
/* LTK = d1(ER, DIV, 0)= e(ER, DIV)*/
if (!SMP_Encrypt(er, BT_OCTET16_LEN, (UINT8 *)&p_cb->div,
sizeof(UINT16), &output))
{
SMP_TRACE_ERROR("smp_genenrate_ltk_cont failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
/* mask the LTK */
smp_mask_enc_key(p_cb->loc_enc_size, output.param_buf);
memcpy((void *)p_cb->ltk, output.param_buf, BT_OCTET16_LEN);
smp_generate_rand_vector(p_cb, NULL);
}
}
/*******************************************************************************
**
** Function SMP_SecureConnectionOobDataReply
**
** Description This function is called to provide the SC OOB data for
** SMP in response to SMP_SC_OOB_REQ_EVT
**
** Parameters: p_data - pointer to the data
**
*******************************************************************************/
void SMP_SecureConnectionOobDataReply(UINT8 *p_data)
{
tSMP_CB *p_cb = &smp_cb;
UINT8 failure = SMP_OOB_FAIL;
tSMP_SC_OOB_DATA *p_oob = (tSMP_SC_OOB_DATA *) p_data;
if (!p_oob) {
SMP_TRACE_ERROR("%s received no data", __FUNCTION__);
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
return;
}
SMP_TRACE_EVENT ("%s req_oob_type: %d, loc_oob_data.present: %d, "
"peer_oob_data.present: %d",
__FUNCTION__, p_cb->req_oob_type, p_oob->loc_oob_data.present,
p_oob->peer_oob_data.present);
if (p_cb->state != SMP_STATE_WAIT_APP_RSP || p_cb->cb_evt != SMP_SC_OOB_REQ_EVT) {
return;
}
BOOLEAN data_missing = FALSE;
switch (p_cb->req_oob_type) {
case SMP_OOB_PEER:
if (!p_oob->peer_oob_data.present) {
data_missing = TRUE;
}
break;
case SMP_OOB_LOCAL:
if (!p_oob->loc_oob_data.present) {
data_missing = TRUE;
}
break;
case SMP_OOB_BOTH:
if (!p_oob->loc_oob_data.present || !p_oob->peer_oob_data.present) {
data_missing = TRUE;
}
break;
default:
SMP_TRACE_EVENT ("Unexpected OOB data type requested. Fail OOB");
data_missing = TRUE;
break;
}
if (data_missing) {
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
return;
}
p_cb->sc_oob_data = *p_oob;
smp_sm_event(&smp_cb, SMP_SC_OOB_DATA_EVT, p_data);
}
/*******************************************************************************
**
** Function SMP_Register
**
** Description This function register for the SMP services callback.
**
** Returns void
**
*******************************************************************************/
BOOLEAN SMP_Register (tSMP_CALLBACK *p_cback)
{
SMP_TRACE_EVENT ("SMP_Register state=%d", smp_cb.state);
if (smp_cb.p_callback != NULL) {
SMP_TRACE_ERROR ("SMP_Register: duplicate registration, overwrite it");
}
smp_cb.p_callback = p_cback;
return (TRUE);
}
/*******************************************************************************
**
** Function smp_rand_back
**
** Description This function is to process the rand command finished,
** process the random/encrypted number for further action.
**
** Returns void
**
*******************************************************************************/
static void smp_rand_back(tBTM_RAND_ENC *p)
{
tSMP_CB *p_cb = &smp_cb;
UINT8 *pp = p->param_buf;
UINT8 failure = SMP_PAIR_FAIL_UNKNOWN;
UINT8 state = p_cb->rand_enc_proc & ~0x80;
SMP_TRACE_DEBUG ("smp_rand_back state=0x%x", state);
if (p && p->status == HCI_SUCCESS)
{
switch (state)
{
case SMP_GEN_SRAND_MRAND:
memcpy((void *)p_cb->rand, p->param_buf, p->param_len);
smp_genenrate_rand_cont(p_cb, NULL);
break;
case SMP_GEN_SRAND_MRAND_CONT:
memcpy((void *)&p_cb->rand[8], p->param_buf, p->param_len);
smp_genenrate_confirm(p_cb, NULL);
break;
case SMP_GEN_DIV_LTK:
STREAM_TO_UINT16(p_cb->div, pp);
smp_genenrate_ltk_cont(p_cb, NULL);
break;
case SMP_GEN_DIV_CSRK:
STREAM_TO_UINT16(p_cb->div, pp);
smp_compute_csrk(p_cb, NULL);
break;
case SMP_GEN_TK:
smp_proc_passkey(p_cb, p);
break;
case SMP_GEN_RAND_V:
memcpy(p_cb->enc_rand, p->param_buf, BT_OCTET8_LEN);
smp_generate_y(p_cb, NULL);
break;
}
return;
}
SMP_TRACE_ERROR("smp_rand_back Key generation failed: (%d)", p_cb->rand_enc_proc);
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
}
/*******************************************************************************
**
** Function SMP_PasskeyReply
**
** Description This function is called after Security Manager submitted
** passkey request to the application.
**
** Parameters: bd_addr - Address of the device for which passkey was requested
** res - result of the operation SMP_SUCCESS if success
** passkey - numeric value in the range of
** BTM_MIN_PASSKEY_VAL(0) - BTM_MAX_PASSKEY_VAL(999999(0xF423F)).
**
*******************************************************************************/
void SMP_PasskeyReply (BD_ADDR bd_addr, UINT8 res, UINT32 passkey)
{
tSMP_CB *p_cb = & smp_cb;
UINT8 failure = SMP_PASSKEY_ENTRY_FAIL;
SMP_TRACE_EVENT ("SMP_PasskeyReply: Key: %d Result:%d",
passkey, res);
/* If timeout already expired or has been canceled, ignore the reply */
if (p_cb->cb_evt != SMP_PASSKEY_REQ_EVT) {
SMP_TRACE_WARNING ("SMP_PasskeyReply() - Wrong State: %d", p_cb->state);
return;
}
if (memcmp (bd_addr, p_cb->pairing_bda, BD_ADDR_LEN) != 0) {
SMP_TRACE_ERROR ("SMP_PasskeyReply() - Wrong BD Addr");
return;
}
if (btm_find_dev (bd_addr) == NULL) {
SMP_TRACE_ERROR ("SMP_PasskeyReply() - no dev CB");
return;
}
if (passkey > BTM_MAX_PASSKEY_VAL || res != SMP_SUCCESS) {
SMP_TRACE_WARNING ("SMP_PasskeyReply() - Wrong key len: %d or passkey entry fail", passkey);
/* send pairing failure */
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &failure);
} else if (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_PASSKEY_ENT) {
smp_sm_event(&smp_cb, SMP_SC_KEY_READY_EVT, &passkey);
} else {
smp_convert_string_to_tk(p_cb->tk, passkey);
}
return;
}
/*******************************************************************************
**
** Function smp_process_stk
**
** Description This function is called when STK is generated
** proceed to send the encrypt the link using STK.
**
** Returns void
**
*******************************************************************************/
static void smp_process_stk(tSMP_CB *p_cb, tSMP_ENC *p)
{
tSMP_KEY key;
SMP_TRACE_DEBUG ("smp_process_stk ");
#if (SMP_DEBUG == TRUE)
SMP_TRACE_ERROR("STK Generated");
#endif
smp_mask_enc_key(p_cb->loc_enc_size, p->param_buf);
key.key_type = SMP_KEY_TYPE_STK;
key.p_data = p->param_buf;
smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
}
/*******************************************************************************
**
** Function AES_CMAC
**
** Description This is the AES-CMAC Generation Function with tlen implemented.
**
** Parameters key - CMAC key in little endian order, expect SRK when used by SMP.
** input - text to be signed in little endian byte order.
** length - length of the input in byte.
** tlen - lenth of mac desired
** p_signature - data pointer to where signed data to be stored, tlen long.
**
** Returns void
**
*******************************************************************************/
BOOLEAN AES_CMAC ( BT_OCTET16 key, UINT8 *input, UINT16 length,
UINT16 tlen, UINT8 *p_signature)
{
UINT16 len, diff;
UINT16 n = (length + BT_OCTET16_LEN - 1) / BT_OCTET16_LEN; /* n is number of rounds */
BOOLEAN ret = FALSE;
SMP_TRACE_EVENT ("AES_CMAC ");
if (n == 0) n = 1;
len = n * BT_OCTET16_LEN;
SMP_TRACE_WARNING("AES128_CMAC started, allocate buffer size = %d", len);
/* allocate a memory space of multiple of 16 bytes to hold text */
if ((cmac_cb.text = (UINT8 *)GKI_getbuf(len)) != NULL)
{
cmac_cb.round = n;
memset(cmac_cb.text, 0, len);
diff = len - length;
if (input != NULL && length > 0)
{
memcpy(&cmac_cb.text[diff] , input, (int)length);
cmac_cb.len = length;
}
else
cmac_cb.len = 0;
/* prepare calculation for subkey s and last block of data */
if (cmac_generate_subkey(key))
{
/* start calculation */
ret = cmac_aes_k_calculate(key, p_signature, tlen);
}
/* clean up */
cmac_aes_cleanup();
}
else
{
ret = FALSE;
SMP_TRACE_ERROR("No resources");
}
return ret;
}
/*******************************************************************************
**
** Function smp_tx_complete_callback
**
** Description SMP channel tx complete callback
**
*******************************************************************************/
static void smp_tx_complete_callback (UINT16 cid, UINT16 num_pkt)
{
tSMP_CB *p_cb = &smp_cb;
if (p_cb->total_tx_unacked >= num_pkt)
p_cb->total_tx_unacked -= num_pkt;
else
SMP_TRACE_ERROR("Unexpected %s: num_pkt = %d", __func__,num_pkt);
UINT8 reason = SMP_SUCCESS;
if (p_cb->total_tx_unacked == 0 && p_cb->wait_for_authorization_complete)
{
if (cid == L2CAP_SMP_CID)
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason);
else
smp_br_state_machine_event(p_cb, SMP_BR_AUTH_CMPL_EVT, &reason);
}
}
/*******************************************************************************
**
** Function smp_genenrate_smp_process_edivltk_cont
**
** Description This function is to calculate EDIV = Y xor DIV
**
** Returns void
**
*******************************************************************************/
static void smp_process_ediv(tSMP_CB *p_cb, tSMP_ENC *p)
{
tSMP_KEY key;
UINT8 *pp= p->param_buf;
UINT16 y;
SMP_TRACE_DEBUG ("smp_process_ediv ");
STREAM_TO_UINT16(y, pp);
/* EDIV = Y xor DIV */
p_cb->ediv = p_cb->div ^ y;
/* send LTK ready */
SMP_TRACE_ERROR("LTK ready");
key.key_type = SMP_KEY_TYPE_LTK;
key.p_data = p->param_buf;
smp_sm_event(p_cb, SMP_KEY_READY_EVT, &key);
}
/*******************************************************************************
**
** Function smp_gen_p1_4_confirm
**
** Description Generate Confirm/Compare Step1:
** p1 = pres || preq || rat' || iat'
**
** Returns void
**
*******************************************************************************/
void smp_gen_p1_4_confirm( tSMP_CB *p_cb, BT_OCTET16 p1)
{
UINT8 *p = (UINT8 *)p1;
tBLE_ADDR_TYPE addr_type = 0;
BD_ADDR remote_bda;
SMP_TRACE_DEBUG ("smp_gen_p1_4_confirm");
if (!BTM_ReadRemoteConnectionAddr(p_cb->pairing_bda, remote_bda, &addr_type))
{
SMP_TRACE_ERROR("can not generate confirm for unknown device");
return;
}
BTM_ReadConnectionAddr( p_cb->pairing_bda, p_cb->local_bda, &p_cb->addr_type);
if (p_cb->role == HCI_ROLE_MASTER)
{
/* LSB : rat': initiator's(local) address type */
UINT8_TO_STREAM(p, p_cb->addr_type);
/* LSB : iat': responder's address type */
UINT8_TO_STREAM(p, addr_type);
/* concatinate preq */
smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
/* concatinate pres */
smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
}
else
{
/* LSB : iat': initiator's address type */
UINT8_TO_STREAM(p, addr_type);
/* LSB : rat': responder's(local) address type */
UINT8_TO_STREAM(p, p_cb->addr_type);
/* concatinate preq */
smp_concatenate_peer(p_cb, &p, SMP_OPCODE_PAIRING_REQ);
/* concatinate pres */
smp_concatenate_local(p_cb, &p, SMP_OPCODE_PAIRING_RSP);
}
#if SMP_DEBUG == TRUE
SMP_TRACE_DEBUG("p1 = pres || preq || rat' || iat'");
smp_debug_print_nbyte_little_endian ((UINT8 *)p1, (const UINT8 *)"P1", 16);
#endif
}
/*******************************************************************************
**
** Function smp_generate_y
**
** Description This function is to proceed generate Y = E(DHK, Rand)
**
** Returns void
**
*******************************************************************************/
static void smp_generate_y(tSMP_CB *p_cb, tSMP_INT_DATA *p)
{
BT_OCTET16 dhk;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
UNUSED(p);
SMP_TRACE_DEBUG ("smp_generate_y ");
BTM_GetDeviceDHK(dhk);
if (!SMP_Encrypt(dhk, BT_OCTET16_LEN, p_cb->enc_rand,
BT_OCTET8_LEN, &output))
{
SMP_TRACE_ERROR("smp_generate_y failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
smp_process_ediv(p_cb, &output);
}
}
/*******************************************************************************
**
** Function smp_calculate_comfirm_cont
**
** Description This function is called when SConfirm/MConfirm is generated
** proceed to send the Confirm request/response to peer device.
**
** Returns void
**
*******************************************************************************/
static void smp_calculate_comfirm_cont(tSMP_CB *p_cb, tSMP_ENC *p)
{
BT_OCTET16 p2;
tSMP_ENC output;
tSMP_STATUS status = SMP_PAIR_FAIL_UNKNOWN;
SMP_TRACE_DEBUG ("smp_calculate_comfirm_cont ");
#if SMP_DEBUG == TRUE
SMP_TRACE_DEBUG("Confirm step 1 p1' = e(k, r XOR p1) Generated");
smp_debug_print_nbyte_little_endian (p->param_buf, (const UINT8 *)"C1", 16);
#endif
smp_gen_p2_4_confirm(p_cb, p2);
/* calculate p2 = (p1' XOR p2) */
smp_xor_128(p2, p->param_buf);
smp_debug_print_nbyte_little_endian ((UINT8 *)p2, (const UINT8 *)"p2' = C1 xor p2", 16);
/* calculate: Confirm = E(k, p1' XOR p2) */
if (!SMP_Encrypt(p_cb->tk, BT_OCTET16_LEN, p2, BT_OCTET16_LEN, &output))
{
SMP_TRACE_ERROR("smp_calculate_comfirm_cont failed");
smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &status);
}
else
{
switch (p_cb->rand_enc_proc)
{
case SMP_GEN_CONFIRM:
smp_process_confirm(p_cb, &output);
break;
case SMP_GEN_COMPARE:
smp_process_compare(p_cb, &output);
break;
}
}
}
/* clean up */
cmac_aes_cleanup();
}
else
{
ret = FALSE;
SMP_TRACE_ERROR("No resources");
}
return ret;
}
#if 0 /* testing code, sample data from spec */
void test_cmac_cback(UINT8 *p_mac, UINT16 tlen)
{
SMP_TRACE_EVENT ("test_cmac_cback ");
SMP_TRACE_ERROR("test_cmac_cback");
}
