1 /**
2  ****************************************************************************************
3  *
4  * @file smpc.h
5  *
6  * @brief Header file - SMPC.
7  *
8  * Copyright (C) RivieraWaves 2009-2016
9  *
10  *
11  ****************************************************************************************
12  */
13 
14 #ifndef SMPC_H_
15 #define SMPC_H_
16 
17 /**
18  ****************************************************************************************
19  * @addtogroup SMP Security Manager Protocol
20  * @ingroup HOST
21  * @brief Security Manager Protocol.
22  *
23  * The SMP is responsible for the over-all security policies of BLE.
24  * It defines methods for pairing and key distribution, handles encryption,
25  * data signing and privacy features such as random addressing generation and resolution.
26  *
27  * Pairing is performed to exchange pairing features and generate a short term
28  * key for link encryption.
29  * A transport specific key distribution is performed to
30  * share the keys that can be used to encrypt the link in the future
31  * reconnection process, signed data verification and random address
32  * resolution.
33  *
34  * There exist 3 phases in the complete security procedure:
35  * 1. Feature exchange (IO capabilities, OOB flags, Authentication Requirements, Key distributions)
36  * 2. Short Term Key generation
37  *    Generation method depends on exchanged features:
38  *     - Just Works - use Temporary key = 0
39  *     - PassKey Entry - use Temporary Key = 6-digit provided by user
40  *     - Out of Band (OOB) - use Temporary Key = 16-octet key, available form OOB source
41  * 3. Transport Specific Key Distribution (TKDP)(LTK+EDIV+RAND_NB, IRK+ADDR, CSRK)
42  *---------------------------------------------------------------------
43  * @addtogroup SMPC Security Manager Protocol Controller
44  * @ingroup SMP
45  * @brief Security Manager Protocol Controller.
46  *
47  * This block handles control of SM procedures for several possible existing connections,
48  * for which the security procedure may be conducted simultaneously.
49  *
50  * It allows flow control for HCI access to encryption and random number generation, used
51  * at different moments in the procedure.
52  *
53  * It handles PDU creation and sending through L2CAP, also their reception from L2CAP
54  * and interpretation.
55  *
56  * Other small utilities such as maximum key size determination and TKDP organization are
57  * implemented in SMPC.
58  * @{
59  *
60  ****************************************************************************************
61  */
62 
63 
64 /*
65  * INCLUDE FILES
66  ****************************************************************************************
67  */
68 #include "rwip_config.h"
69 
70 #if (BLE_SMPC)
71 #include "co_bt.h"
72 #include "gap.h"
73 #include "gapc_task.h"
74 #include "ke_task.h"
75 
76 /*
77  * DEFINES
78  ****************************************************************************************
79  */
80 
81 /// MAC length
82 #define SMPC_SIGN_MAC_LEN                       (8)
83 /// SignCounter length
84 #define SMPC_SIGN_COUNTER_LEN                   (4)
85 /// Signature length
86 #define SMPC_SIGN_LEN                           (SMPC_SIGN_MAC_LEN + SMPC_SIGN_COUNTER_LEN)
87 
88 /**
89  * Repeated Attempts Timer Configuration
90  */
91 /// Repeated Attempts Timer default value (x10ms)
92 #define SMPC_REP_ATTEMPTS_TIMER_DEF_VAL         (200)      //2s
93 /// Repeated Attempts Timer max value (x10ms)
94 #define SMPC_REP_ATTEMPTS_TIMER_MAX_VAL         (3000)     //30s
95 /// Repeated Attempts Timer multiplier
96 #define SMPC_REP_ATTEMPTS_TIMER_MULT            (2)
97 
98 /**
99  * Timeout Timer Configuration
100  */
101 #define SMPC_TIMEOUT_TIMER_DURATION             (1000)     //30s
102 
103 #define SMPC_PUBLIC_KEY_256_COORD_LEN            0x20
104 /*
105  * ENUMERATIONS
106  ****************************************************************************************
107  */
108 
109 
110 /// Information source.
111 enum smpc_addr_src
112 {
113     /// Local info.
114     SMPC_INFO_LOCAL,
115     /// Peer info.
116     SMPC_INFO_PEER,
117     /// Maximum info source.
118     SMPC_INFO_MAX
119 };
120 
121 /*
122  * STRUCTURES DEFINITION
123  ****************************************************************************************
124  */
125 
126 /// Master ID Information Structure
127 struct smpc_mst_id_info
128 {
129     // Encryption Diversifier
130     uint16_t ediv;
131 
132     // Random Number
133     uint8_t randnb[GAP_RAND_NB_LEN];
134 };
135 
136 #if (SECURE_CONNECTIONS)
137 struct smp_aes_cmac
138 {
139     uint8_t* M; // pointer to memory allocated by calling function
140     uint8_t  M_len;
141     uint8_t  M_last[16];
142     uint8_t  X[16];
143     uint8_t  Y[16];
144     uint8_t*  K; //[16];
145     uint8_t  K1[16];
146     uint8_t  K2[16];
147     uint8_t  next_block;
148     uint8_t  num_blocks;
149     uint8_t  state;  // Only 3 States - Idle, SubKey Generation, Block AES
150 };
151 
152 struct smp_f4
153 {
154     uint8_t M[65];
155     uint8_t X[16]; // The Key
156 };
157 
158 struct smp_f5
159 {
160     uint8_t M[53];
161     uint8_t* W;
162     uint8_t T[16];
163     uint8_t SALT[16];
164 };
165 
166 
167 struct smp_f6
168 {
169     uint8_t W[16];
170     uint8_t M[65];
171 };
172 
173 struct smp_g2
174 {
175     uint8_t X[16];
176     uint8_t M[80];
177 };
178 
179 struct gapc_public_key
180 {
181     uint8_t x[GAP_P256_KEY_LEN];
182     uint8_t y[GAP_P256_KEY_LEN];
183 };
184 
185 #endif // (SECURE_CONNECTIONS)
186 /// Pairing Information
187 struct smpc_pair_info
188 {
189     /// TK during Phase 2, LTK or IRK during Phase 3
190     struct gap_sec_key key;
191     /// Pairing request command
192     struct gapc_pairing pair_req_feat;
193     /// Pairing response feature
194     struct gapc_pairing pair_rsp_feat;
195     /// Random number value
196     uint8_t rand[RAND_VAL_LEN];
197     /// Remote random number value
198     uint8_t rem_rand[RAND_VAL_LEN];
199     /// Confirm value to check
200     uint8_t conf_value[GAP_KEY_LEN];
201     /// Pairing Method
202     uint8_t pair_method;
203     /// Authentication level
204     uint8_t auth;
205     /// check that LTK exchanged during pairing
206     bool ltk_exchanged;
207     /// Key to be exchanged (transmitted or to be received)
208     uint8_t keys_dist;
209 
210 
211     #if (SECURE_CONNECTIONS)
212     // AES_CMAC Info
213     struct smp_aes_cmac* aes_cmac;
214     // Structure for Secure Connections Crypto functions
215     struct smp_f4*  f4_info;
216     struct smp_f5*  f5_info;
217     struct smp_f6*  f6_info;
218     struct smp_g2*  g2_info;
219 
220     bool dh_key_calculation_complete;
221 
222     uint8_t MacKey[GAP_KEY_LEN];
223     uint8_t dh_key_check_peer[DHKEY_CHECK_LEN];
224     uint8_t dh_key_local[DH_KEY_LEN];
225 
226     uint8_t dh_key_check_local[DHKEY_CHECK_LEN];
227     bool dh_key_check_received_from_peer;
228 
229     public_key_t peer_public_key;
230 
231     uint8_t passkey_bit_count;
232     uint32_t passkey;
233 
234     // Required for OOB
235     uint8_t peer_r[GAP_KEY_LEN];
236     uint8_t local_r[GAP_KEY_LEN];
237     bool peer_rand_received;
238     bool peer_confirm_received;
239     #endif // (SECURE_CONNECTIONS)
240 };
241 
242 /// Signing Information
243 struct smpc_sign_info
244 {
245     /// Operation requester task id
246     ke_task_id_t requester;
247 
248     /// Message offset
249     uint16_t msg_offset;
250     /// Number of block
251     uint8_t block_nb;
252     /// Cn-1 value -> Need to kept this value to retrieve it after L generation
253     uint8_t cn1[GAP_KEY_LEN];
254 };
255 
256 /// SMPC environment structure
257 struct smpc_env
258 {
259     /// SMPC temporary information
260     union smpc_info
261     {
262         /**
263          * Pairing Information - This structure is allocated at the beginning of a pairing
264          * or procedure. It is freed when a disconnection occurs or at the end of
265          * the pairing procedure. If not enough memory can be found, the procedure will fail
266          *  with an "Unspecified Reason" error
267          */
268         struct smpc_pair_info *pair;
269 
270         /**
271          * Signature Procedure Information - This structure is allocated at the beginning of a
272          * signing procedure. It is freed when a disconnection occurs or at the end of
273          * the signing procedure. If not enough memory can be found, the procedure will fail
274          *  with an "Unspecified Reason" error.
275          */
276         struct smpc_sign_info *sign;
277     } info;
278 
279     /// CSRK values (Local and remote)
280     struct gap_sec_key csrk[SMPC_INFO_MAX];
281 
282     /// signature counter values (Local and remote)
283     uint32_t sign_counter[SMPC_INFO_MAX];
284 
285     /// Repeated Attempt Timer value
286     uint16_t rep_att_timer_val;
287 
288     /// Encryption key size
289     uint8_t key_size;
290 
291     /**
292      * Contains the current state of the two timers needed in the SMPC task
293      *      Bit 0 - Is Timeout Timer running
294      *      Bit 1 - Is Repeated Attempt Timer running
295      *      Bit 2 - Has task reached a SMP Timeout
296      */
297     uint8_t timer_state;
298 
299     /// State of the current procedure
300     uint8_t state;
301 
302     #if (SECURE_CONNECTIONS)
303     bool secure_connections_enabled;
304     #endif // (SECURE_CONNECTIONS)
305 };
306 
307 /*
308  * GLOBAL VARIABLES DEFINITION
309  ****************************************************************************************
310  */
311 
312 
313 /*
314  * MACROS
315  ****************************************************************************************
316  */
317 
318 /*
319  * FUNCTION DECLARATIONS
320  ****************************************************************************************
321  */
322 
323 
324 #endif //(BLE_SMPC)
325 #endif //SMPC_H_
326 
327 /// @} SMPC
328