1 /* Bluetooth Mesh */
2
3 /*
4 * SPDX-FileCopyrightText: 2017 Intel Corporation
5 * SPDX-FileContributor: 2018-2021 Espressif Systems (Shanghai) CO LTD
6 *
7 * SPDX-License-Identifier: Apache-2.0
8 */
9
10 #ifndef _CRYPTO_H_
11 #define _CRYPTO_H_
12
13 #include <string.h>
14 #include "mesh_buf.h"
15
16 #ifdef __cplusplus
17 extern "C" {
18 #endif
19
20 struct bt_mesh_sg {
21 const void *data;
22 size_t len;
23 };
24
25 int bt_mesh_aes_cmac(const uint8_t key[16], struct bt_mesh_sg *sg,
26 size_t sg_len, uint8_t mac[16]);
27
bt_mesh_aes_cmac_one(const uint8_t key[16],const void * m,size_t len,uint8_t mac[16])28 static inline int bt_mesh_aes_cmac_one(const uint8_t key[16], const void *m,
29 size_t len, uint8_t mac[16])
30 {
31 struct bt_mesh_sg sg = { m, len };
32
33 return bt_mesh_aes_cmac(key, &sg, 1, mac);
34 }
35
bt_mesh_s1(const char * m,uint8_t salt[16])36 static inline bool bt_mesh_s1(const char *m, uint8_t salt[16])
37 {
38 const uint8_t zero[16] = { 0 };
39
40 return bt_mesh_aes_cmac_one(zero, m, strlen(m), salt);
41 }
42
43 int bt_mesh_k1(const uint8_t *ikm, size_t ikm_len, const uint8_t salt[16],
44 const char *info, uint8_t okm[16]);
45
46 #define bt_mesh_k1_str(ikm, ikm_len, salt_str, info, okm) \
47 ({ \
48 const uint8_t salt[16] = salt_str; \
49 bt_mesh_k1(ikm, ikm_len, salt, info, okm); \
50 })
51
52 int bt_mesh_k2(const uint8_t n[16], const uint8_t *p, size_t p_len,
53 uint8_t net_id[1], uint8_t enc_key[16], uint8_t priv_key[16]);
54
55 int bt_mesh_k3(const uint8_t n[16], uint8_t out[8]);
56
57 int bt_mesh_k4(const uint8_t n[16], uint8_t out[1]);
58
59 int bt_mesh_id128(const uint8_t n[16], const char *s, uint8_t out[16]);
60
bt_mesh_id_resolving_key(const uint8_t net_key[16],uint8_t resolving_key[16])61 static inline int bt_mesh_id_resolving_key(const uint8_t net_key[16],
62 uint8_t resolving_key[16])
63 {
64 return bt_mesh_k1_str(net_key, 16, "smbt", "smbi", resolving_key);
65 }
66
bt_mesh_identity_key(const uint8_t net_key[16],uint8_t identity_key[16])67 static inline int bt_mesh_identity_key(const uint8_t net_key[16],
68 uint8_t identity_key[16])
69 {
70 return bt_mesh_id128(net_key, "nkik", identity_key);
71 }
72
bt_mesh_beacon_key(const uint8_t net_key[16],uint8_t beacon_key[16])73 static inline int bt_mesh_beacon_key(const uint8_t net_key[16],
74 uint8_t beacon_key[16])
75 {
76 return bt_mesh_id128(net_key, "nkbk", beacon_key);
77 }
78
79 int bt_mesh_beacon_auth(const uint8_t beacon_key[16], uint8_t flags,
80 const uint8_t net_id[16], uint32_t iv_index,
81 uint8_t auth[8]);
82
bt_mesh_app_id(const uint8_t app_key[16],uint8_t app_id[1])83 static inline int bt_mesh_app_id(const uint8_t app_key[16], uint8_t app_id[1])
84 {
85 return bt_mesh_k4(app_key, app_id);
86 }
87
bt_mesh_session_key(const uint8_t dhkey[32],const uint8_t prov_salt[16],uint8_t session_key[16])88 static inline int bt_mesh_session_key(const uint8_t dhkey[32],
89 const uint8_t prov_salt[16],
90 uint8_t session_key[16])
91 {
92 return bt_mesh_k1(dhkey, 32, prov_salt, "prsk", session_key);
93 }
94
bt_mesh_prov_nonce(const uint8_t dhkey[32],const uint8_t prov_salt[16],uint8_t nonce[13])95 static inline int bt_mesh_prov_nonce(const uint8_t dhkey[32],
96 const uint8_t prov_salt[16],
97 uint8_t nonce[13])
98 {
99 uint8_t tmp[16];
100 int err;
101
102 err = bt_mesh_k1(dhkey, 32, prov_salt, "prsn", tmp);
103 if (!err) {
104 memcpy(nonce, tmp + 3, 13);
105 }
106
107 return err;
108 }
109
bt_mesh_dev_key(const uint8_t dhkey[32],const uint8_t prov_salt[16],uint8_t dev_key[16])110 static inline int bt_mesh_dev_key(const uint8_t dhkey[32],
111 const uint8_t prov_salt[16],
112 uint8_t dev_key[16])
113 {
114 return bt_mesh_k1(dhkey, 32, prov_salt, "prdk", dev_key);
115 }
116
bt_mesh_prov_salt(const uint8_t conf_salt[16],const uint8_t prov_rand[16],const uint8_t dev_rand[16],uint8_t prov_salt[16])117 static inline int bt_mesh_prov_salt(const uint8_t conf_salt[16],
118 const uint8_t prov_rand[16],
119 const uint8_t dev_rand[16],
120 uint8_t prov_salt[16])
121 {
122 const uint8_t prov_salt_key[16] = { 0 };
123 struct bt_mesh_sg sg[] = {
124 { conf_salt, 16 },
125 { prov_rand, 16 },
126 { dev_rand, 16 },
127 };
128
129 return bt_mesh_aes_cmac(prov_salt_key, sg, ARRAY_SIZE(sg), prov_salt);
130 }
131
132 int bt_mesh_net_obfuscate(uint8_t *pdu, uint32_t iv_index,
133 const uint8_t privacy_key[16]);
134
135 int bt_mesh_net_encrypt(const uint8_t key[16], struct net_buf_simple *buf,
136 uint32_t iv_index, bool proxy);
137
138 int bt_mesh_net_decrypt(const uint8_t key[16], struct net_buf_simple *buf,
139 uint32_t iv_index, bool proxy);
140
141 int bt_mesh_app_encrypt(const uint8_t key[16], bool dev_key, uint8_t aszmic,
142 struct net_buf_simple *buf, const uint8_t *ad,
143 uint16_t src, uint16_t dst, uint32_t seq_num, uint32_t iv_index);
144
145 int bt_mesh_app_decrypt(const uint8_t key[16], bool dev_key, uint8_t aszmic,
146 struct net_buf_simple *buf, struct net_buf_simple *out,
147 const uint8_t *ad, uint16_t src, uint16_t dst, uint32_t seq_num,
148 uint32_t iv_index);
149
150 uint8_t bt_mesh_fcs_calc(const uint8_t *data, uint8_t data_len);
151
152 bool bt_mesh_fcs_check(struct net_buf_simple *buf, uint8_t received_fcs);
153
154 int bt_mesh_virtual_addr(const uint8_t virtual_label[16], uint16_t *addr);
155
156 int bt_mesh_prov_conf_salt(const uint8_t conf_inputs[145], uint8_t salt[16]);
157
158 int bt_mesh_prov_conf_key(const uint8_t dhkey[32], const uint8_t conf_salt[16],
159 uint8_t conf_key[16]);
160
161 int bt_mesh_prov_conf(const uint8_t conf_key[16], const uint8_t rand[16],
162 const uint8_t auth[16], uint8_t conf[16]);
163
164 int bt_mesh_prov_decrypt(const uint8_t key[16], uint8_t nonce[13],
165 const uint8_t data[25 + 8], uint8_t out[25]);
166
167 int bt_mesh_prov_encrypt(const uint8_t key[16], uint8_t nonce[13],
168 const uint8_t data[25], uint8_t out[33]);
169
170 #ifdef __cplusplus
171 }
172 #endif
173
174 #endif /* _CRYPTO_H_ */
175
