1 /*
2 * Copyright (c) 2017 Intel Corporation
3 * Copyright (c) 2020 Lingao Meng
4 *
5 * SPDX-License-Identifier: Apache-2.0
6 */
7
8 #include <zephyr/kernel.h>
9 #include <errno.h>
10 #include <zephyr/sys/atomic.h>
11 #include <zephyr/sys/util.h>
12 #include <zephyr/sys/byteorder.h>
13
14 #include <zephyr/net_buf.h>
15 #include <zephyr/bluetooth/bluetooth.h>
16 #include <zephyr/bluetooth/conn.h>
17 #include <zephyr/bluetooth/mesh.h>
18 #include <zephyr/bluetooth/uuid.h>
19
20 #include "common/bt_str.h"
21
22 #include "crypto.h"
23 #include "mesh.h"
24 #include "net.h"
25 #include "rpl.h"
26 #include "beacon.h"
27 #include "access.h"
28 #include "foundation.h"
29 #include "proxy.h"
30 #include "pb_gatt_srv.h"
31 #include "prov.h"
32 #include "settings.h"
33 #include "rpr.h"
34
35 #define LOG_LEVEL CONFIG_BT_MESH_PROVISIONEE_LOG_LEVEL
36 #include <zephyr/logging/log.h>
37 LOG_MODULE_REGISTER(bt_mesh_provisionee);
38
39 static void reprovision_fail(void);
40
prov_send_fail_msg(uint8_t err)41 static void prov_send_fail_msg(uint8_t err)
42 {
43 PROV_BUF(buf, PDU_LEN_FAILED);
44
45 LOG_DBG("%u", err);
46
47 bt_mesh_prov_link.expect = PROV_NO_PDU;
48
49 bt_mesh_prov_buf_init(&buf, PROV_FAILED);
50 net_buf_simple_add_u8(&buf, err);
51
52 if (bt_mesh_prov_send(&buf, NULL)) {
53 LOG_ERR("Failed to send Provisioning Failed message");
54 }
55 }
56
prov_fail(uint8_t reason)57 static void prov_fail(uint8_t reason)
58 {
59 /* According to MshPRTv1.1: 5.4.4, the provisioner just closes the link when something
60 * fails, while the provisionee sends the fail message, and waits for the provisioner to
61 * close the link.
62 */
63 prov_send_fail_msg(reason);
64
65 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) &&
66 atomic_test_bit(bt_mesh_prov_link.flags, REPROVISION)) {
67 reprovision_fail();
68 }
69 }
70
prov_invite(const uint8_t * data)71 static void prov_invite(const uint8_t *data)
72 {
73 PROV_BUF(buf, PDU_LEN_CAPABILITIES);
74
75 LOG_DBG("Attention Duration: %u seconds", data[0]);
76
77 if (data[0]) {
78 bt_mesh_attention(NULL, data[0]);
79 }
80
81 memcpy(bt_mesh_prov_link.conf_inputs.invite, data, PDU_LEN_INVITE);
82
83 bt_mesh_prov_buf_init(&buf, PROV_CAPABILITIES);
84
85 /* Number of Elements supported */
86 net_buf_simple_add_u8(&buf, bt_mesh_elem_count());
87
88 uint16_t algorithm_bm = 0;
89 uint8_t oob_type = bt_mesh_prov->static_val ?
90 BT_MESH_STATIC_OOB_AVAILABLE : 0;
91 bool oob_availability = bt_mesh_prov->output_size > 0 ||
92 bt_mesh_prov->input_size > 0 || bt_mesh_prov->static_val;
93
94 if (IS_ENABLED(CONFIG_BT_MESH_ECDH_P256_HMAC_SHA256_AES_CCM)) {
95 WRITE_BIT(algorithm_bm, BT_MESH_PROV_AUTH_HMAC_SHA256_AES_CCM, 1);
96 }
97
98 if (IS_ENABLED(CONFIG_BT_MESH_ECDH_P256_CMAC_AES128_AES_CCM)) {
99 WRITE_BIT(algorithm_bm, BT_MESH_PROV_AUTH_CMAC_AES128_AES_CCM, 1);
100 }
101
102 if (oob_availability && IS_ENABLED(CONFIG_BT_MESH_OOB_AUTH_REQUIRED)) {
103 oob_type |= BT_MESH_OOB_AUTH_REQUIRED;
104 WRITE_BIT(algorithm_bm, BT_MESH_PROV_AUTH_CMAC_AES128_AES_CCM, 0);
105 }
106
107 /* Supported algorithms */
108 net_buf_simple_add_be16(&buf, algorithm_bm);
109
110 /* Public Key Type */
111 net_buf_simple_add_u8(&buf,
112 bt_mesh_prov->public_key_be == NULL ? PUB_KEY_NO_OOB : PUB_KEY_OOB);
113
114 /* Static OOB Type */
115 net_buf_simple_add_u8(&buf, oob_type);
116
117 /* Output OOB Size */
118 net_buf_simple_add_u8(&buf, bt_mesh_prov->output_size);
119
120 /* Output OOB Action */
121 net_buf_simple_add_be16(&buf, bt_mesh_prov->output_actions);
122
123 /* Input OOB Size */
124 net_buf_simple_add_u8(&buf, bt_mesh_prov->input_size);
125
126 /* Input OOB Action */
127 net_buf_simple_add_be16(&buf, bt_mesh_prov->input_actions);
128
129 memcpy(bt_mesh_prov_link.conf_inputs.capabilities, &buf.data[1], PDU_LEN_CAPABILITIES);
130
131 if (bt_mesh_prov_send(&buf, NULL)) {
132 LOG_ERR("Failed to send capabilities");
133 return;
134 }
135
136 bt_mesh_prov_link.expect = PROV_START;
137 }
138
prov_start(const uint8_t * data)139 static void prov_start(const uint8_t *data)
140 {
141 LOG_DBG("Algorithm: 0x%02x", data[0]);
142 LOG_DBG("Public Key: 0x%02x", data[1]);
143 LOG_DBG("Auth Method: 0x%02x", data[2]);
144 LOG_DBG("Auth Action: 0x%02x", data[3]);
145 LOG_DBG("Auth Size: 0x%02x", data[4]);
146
147 if (IS_ENABLED(CONFIG_BT_MESH_ECDH_P256_HMAC_SHA256_AES_CCM) &&
148 data[0] == BT_MESH_PROV_AUTH_HMAC_SHA256_AES_CCM) {
149 bt_mesh_prov_link.algorithm = data[0];
150 } else if (IS_ENABLED(CONFIG_BT_MESH_ECDH_P256_CMAC_AES128_AES_CCM) &&
151 data[0] == BT_MESH_PROV_AUTH_CMAC_AES128_AES_CCM) {
152 bt_mesh_prov_link.algorithm = data[0];
153 } else {
154 LOG_ERR("Unknown algorithm 0x%02x", data[0]);
155 prov_fail(PROV_ERR_NVAL_FMT);
156 return;
157 }
158
159 uint8_t auth_size = bt_mesh_prov_auth_size_get();
160
161 if (data[1] > PUB_KEY_OOB ||
162 (data[1] == PUB_KEY_OOB &&
163 (!IS_ENABLED(CONFIG_BT_MESH_PROV_OOB_PUBLIC_KEY) || !bt_mesh_prov->public_key_be))) {
164 LOG_ERR("Invalid public key type: 0x%02x", data[1]);
165 prov_fail(PROV_ERR_NVAL_FMT);
166 return;
167 }
168
169 atomic_set_bit_to(bt_mesh_prov_link.flags, OOB_PUB_KEY, data[1] == PUB_KEY_OOB);
170
171 memcpy(bt_mesh_prov_link.conf_inputs.start, data, PDU_LEN_START);
172
173 bt_mesh_prov_link.expect = PROV_PUB_KEY;
174 bt_mesh_prov_link.oob_method = data[2];
175 bt_mesh_prov_link.oob_action = data[3];
176 bt_mesh_prov_link.oob_size = data[4];
177
178 if (IS_ENABLED(CONFIG_BT_MESH_OOB_AUTH_REQUIRED) &&
179 (bt_mesh_prov_link.oob_method == AUTH_METHOD_NO_OOB ||
180 bt_mesh_prov_link.algorithm == BT_MESH_PROV_AUTH_CMAC_AES128_AES_CCM)) {
181 prov_fail(PROV_ERR_NVAL_FMT);
182 return;
183 }
184
185 if (bt_mesh_prov_auth(false, data[2], data[3], data[4]) < 0) {
186 LOG_ERR("Invalid authentication method: 0x%02x; "
187 "action: 0x%02x; size: 0x%02x", data[2], data[3], data[4]);
188 prov_fail(PROV_ERR_NVAL_FMT);
189 return;
190 }
191
192 if (atomic_test_bit(bt_mesh_prov_link.flags, OOB_STATIC_KEY)) {
193 /* Trim the Auth if it is longer than required length */
194 memcpy(bt_mesh_prov_link.auth, bt_mesh_prov->static_val,
195 bt_mesh_prov->static_val_len > auth_size ? auth_size
196 : bt_mesh_prov->static_val_len);
197
198 /* Pad with zeros if the Auth is shorter the required length */
199 if (bt_mesh_prov->static_val_len < auth_size) {
200 memset(bt_mesh_prov_link.auth + bt_mesh_prov->static_val_len, 0,
201 auth_size - bt_mesh_prov->static_val_len);
202 }
203 }
204 }
205
send_confirm(void)206 static void send_confirm(void)
207 {
208 PROV_BUF(cfm, PDU_LEN_CONFIRM);
209 uint8_t auth_size = bt_mesh_prov_auth_size_get();
210 uint8_t *inputs = (uint8_t *)&bt_mesh_prov_link.conf_inputs;
211 uint8_t conf_key_input[64];
212
213 LOG_DBG("ConfInputs[0] %s", bt_hex(inputs, 32));
214 LOG_DBG("ConfInputs[32] %s", bt_hex(&inputs[32], 32));
215 LOG_DBG("ConfInputs[64] %s", bt_hex(&inputs[64], 32));
216 LOG_DBG("ConfInputs[96] %s", bt_hex(&inputs[96], 32));
217 LOG_DBG("ConfInputs[128] %s", bt_hex(&inputs[128], 17));
218
219 if (bt_mesh_prov_conf_salt(bt_mesh_prov_link.algorithm, inputs,
220 bt_mesh_prov_link.conf_salt)) {
221 LOG_ERR("Unable to generate confirmation salt");
222 prov_fail(PROV_ERR_UNEXP_ERR);
223 return;
224 }
225
226 LOG_DBG("ConfirmationSalt: %s", bt_hex(bt_mesh_prov_link.conf_salt, auth_size));
227
228 memcpy(conf_key_input, bt_mesh_prov_link.dhkey, 32);
229
230 if (IS_ENABLED(CONFIG_BT_MESH_ECDH_P256_HMAC_SHA256_AES_CCM) &&
231 bt_mesh_prov_link.algorithm == BT_MESH_PROV_AUTH_HMAC_SHA256_AES_CCM) {
232 memcpy(&conf_key_input[32], bt_mesh_prov_link.auth, 32);
233 LOG_DBG("AuthValue %s", bt_hex(bt_mesh_prov_link.auth, 32));
234 }
235
236 if (bt_mesh_prov_conf_key(bt_mesh_prov_link.algorithm, conf_key_input,
237 bt_mesh_prov_link.conf_salt, bt_mesh_prov_link.conf_key)) {
238 LOG_ERR("Unable to generate confirmation key");
239 prov_fail(PROV_ERR_UNEXP_ERR);
240 return;
241 }
242
243 LOG_DBG("ConfirmationKey: %s", bt_hex(bt_mesh_prov_link.conf_key, auth_size));
244
245 if (bt_rand(bt_mesh_prov_link.rand, auth_size)) {
246 LOG_ERR("Unable to generate random number");
247 prov_fail(PROV_ERR_UNEXP_ERR);
248 return;
249 }
250
251 LOG_DBG("LocalRandom: %s", bt_hex(bt_mesh_prov_link.rand, auth_size));
252
253 bt_mesh_prov_buf_init(&cfm, PROV_CONFIRM);
254
255 if (bt_mesh_prov_conf(bt_mesh_prov_link.algorithm, bt_mesh_prov_link.conf_key,
256 bt_mesh_prov_link.rand, bt_mesh_prov_link.auth,
257 net_buf_simple_add(&cfm, auth_size))) {
258 LOG_ERR("Unable to generate confirmation value");
259 prov_fail(PROV_ERR_UNEXP_ERR);
260 return;
261 }
262
263 if (bt_mesh_prov_send(&cfm, NULL)) {
264 LOG_ERR("Failed to send Provisioning Confirm");
265 return;
266 }
267
268 bt_mesh_prov_link.expect = PROV_RANDOM;
269
270 }
271
send_input_complete(void)272 static void send_input_complete(void)
273 {
274 PROV_BUF(buf, PDU_LEN_INPUT_COMPLETE);
275
276 bt_mesh_prov_buf_init(&buf, PROV_INPUT_COMPLETE);
277 if (bt_mesh_prov_send(&buf, NULL)) {
278 LOG_ERR("Failed to send Provisioning Input Complete");
279 }
280 bt_mesh_prov_link.expect = PROV_CONFIRM;
281 }
282
public_key_sent(int err,void * cb_data)283 static void public_key_sent(int err, void *cb_data)
284 {
285 atomic_set_bit(bt_mesh_prov_link.flags, PUB_KEY_SENT);
286
287 if (atomic_test_bit(bt_mesh_prov_link.flags, INPUT_COMPLETE)) {
288 send_input_complete();
289 return;
290 }
291 }
292
start_auth(void)293 static void start_auth(void)
294 {
295 if (atomic_test_bit(bt_mesh_prov_link.flags, WAIT_NUMBER) ||
296 atomic_test_bit(bt_mesh_prov_link.flags, WAIT_STRING)) {
297 bt_mesh_prov_link.expect = PROV_NO_PDU; /* Wait for input */
298 } else {
299 bt_mesh_prov_link.expect = PROV_CONFIRM;
300 }
301 }
302
send_pub_key(void)303 static void send_pub_key(void)
304 {
305 PROV_BUF(buf, PDU_LEN_PUB_KEY);
306 const uint8_t *key;
307
308 key = bt_mesh_pub_key_get();
309 if (!key) {
310 LOG_ERR("No public key available");
311 prov_fail(PROV_ERR_UNEXP_ERR);
312 return;
313 }
314
315 bt_mesh_prov_buf_init(&buf, PROV_PUB_KEY);
316 net_buf_simple_add_mem(&buf, key, PUB_KEY_SIZE);
317 LOG_DBG("Local Public Key: %s", bt_hex(buf.data + 1, PUB_KEY_SIZE));
318
319 /* PublicKeyDevice */
320 memcpy(bt_mesh_prov_link.conf_inputs.pub_key_device, &buf.data[1], PDU_LEN_PUB_KEY);
321
322 if (bt_mesh_prov_send(&buf, public_key_sent)) {
323 LOG_ERR("Failed to send Public Key");
324 return;
325 }
326
327 start_auth();
328 }
329
prov_dh_key_gen(void)330 static void prov_dh_key_gen(void)
331 {
332 const uint8_t *remote_pub_key;
333 const uint8_t *remote_priv_key;
334
335 remote_pub_key = bt_mesh_prov_link.conf_inputs.pub_key_provisioner;
336
337 if (IS_ENABLED(CONFIG_BT_MESH_PROV_OOB_PUBLIC_KEY) &&
338 atomic_test_bit(bt_mesh_prov_link.flags, OOB_PUB_KEY)) {
339 remote_priv_key = bt_mesh_prov->private_key_be;
340 } else {
341 remote_priv_key = NULL;
342 }
343
344 if (bt_mesh_dhkey_gen(remote_pub_key, remote_priv_key, bt_mesh_prov_link.dhkey)) {
345 LOG_ERR("Failed to generate DHKey");
346 prov_fail(PROV_ERR_UNEXP_ERR);
347 return;
348 }
349
350 LOG_DBG("DHkey: %s", bt_hex(bt_mesh_prov_link.dhkey, DH_KEY_SIZE));
351
352 if (atomic_test_bit(bt_mesh_prov_link.flags, OOB_PUB_KEY)) {
353 start_auth();
354 } else {
355 send_pub_key();
356 }
357 }
358
prov_dh_key_gen_handler(struct k_work * work)359 static void prov_dh_key_gen_handler(struct k_work *work)
360 {
361 prov_dh_key_gen();
362 }
363
364 static K_WORK_DEFINE(dh_gen_work, prov_dh_key_gen_handler);
365
prov_pub_key(const uint8_t * data)366 static void prov_pub_key(const uint8_t *data)
367 {
368 LOG_DBG("Remote Public Key: %s", bt_hex(data, PUB_KEY_SIZE));
369
370 /* PublicKeyProvisioner */
371 memcpy(bt_mesh_prov_link.conf_inputs.pub_key_provisioner, data, PDU_LEN_PUB_KEY);
372
373 if (IS_ENABLED(CONFIG_BT_MESH_PROV_OOB_PUBLIC_KEY) &&
374 atomic_test_bit(bt_mesh_prov_link.flags, OOB_PUB_KEY)) {
375 if (!bt_mesh_prov->public_key_be || !bt_mesh_prov->private_key_be) {
376 LOG_ERR("Public or private key is not ready");
377 prov_fail(PROV_ERR_UNEXP_ERR);
378 return;
379 }
380
381 if (!memcmp(bt_mesh_prov->public_key_be,
382 bt_mesh_prov_link.conf_inputs.pub_key_provisioner, PDU_LEN_PUB_KEY)) {
383 LOG_ERR("Public keys are identical");
384 prov_fail(PROV_ERR_NVAL_FMT);
385 return;
386 }
387
388 /* No swap needed since user provides public key in big-endian */
389 memcpy(bt_mesh_prov_link.conf_inputs.pub_key_device, bt_mesh_prov->public_key_be,
390 PDU_LEN_PUB_KEY);
391 }
392
393 k_work_submit(&dh_gen_work);
394 }
395
notify_input_complete(void)396 static void notify_input_complete(void)
397 {
398 if (atomic_test_and_clear_bit(bt_mesh_prov_link.flags,
399 NOTIFY_INPUT_COMPLETE) &&
400 bt_mesh_prov->input_complete) {
401 bt_mesh_prov->input_complete();
402 }
403 }
404
send_random(void)405 static void send_random(void)
406 {
407 PROV_BUF(rnd, PDU_LEN_RANDOM);
408
409 bt_mesh_prov_buf_init(&rnd, PROV_RANDOM);
410 net_buf_simple_add_mem(&rnd, bt_mesh_prov_link.rand, bt_mesh_prov_auth_size_get());
411
412 if (bt_mesh_prov_send(&rnd, NULL)) {
413 LOG_ERR("Failed to send Provisioning Random");
414 return;
415 }
416
417 bt_mesh_prov_link.expect = PROV_DATA;
418 }
419
prov_random(const uint8_t * data)420 static void prov_random(const uint8_t *data)
421 {
422 uint8_t rand_size = bt_mesh_prov_auth_size_get();
423 uint8_t conf_verify[PROV_AUTH_MAX_LEN];
424
425 LOG_DBG("Remote Random: %s", bt_hex(data, rand_size));
426 if (!memcmp(data, bt_mesh_prov_link.rand, rand_size)) {
427 LOG_ERR("Random value is identical to ours, rejecting.");
428 prov_fail(PROV_ERR_CFM_FAILED);
429 return;
430 }
431
432 if (bt_mesh_prov_conf(bt_mesh_prov_link.algorithm, bt_mesh_prov_link.conf_key,
433 data, bt_mesh_prov_link.auth, conf_verify)) {
434 LOG_ERR("Unable to calculate confirmation verification");
435 prov_fail(PROV_ERR_UNEXP_ERR);
436 return;
437 }
438
439 if (memcmp(conf_verify, bt_mesh_prov_link.conf, rand_size)) {
440 LOG_ERR("Invalid confirmation value");
441 LOG_DBG("Received: %s", bt_hex(bt_mesh_prov_link.conf, rand_size));
442 LOG_DBG("Calculated: %s", bt_hex(conf_verify, rand_size));
443 prov_fail(PROV_ERR_CFM_FAILED);
444 return;
445 }
446
447 if (bt_mesh_prov_salt(bt_mesh_prov_link.algorithm, bt_mesh_prov_link.conf_salt,
448 data, bt_mesh_prov_link.rand, bt_mesh_prov_link.prov_salt)) {
449 LOG_ERR("Failed to generate provisioning salt");
450 prov_fail(PROV_ERR_UNEXP_ERR);
451 return;
452 }
453
454 LOG_DBG("ProvisioningSalt: %s", bt_hex(bt_mesh_prov_link.prov_salt, 16));
455
456 send_random();
457 }
458
prov_confirm(const uint8_t * data)459 static void prov_confirm(const uint8_t *data)
460 {
461 uint8_t conf_size = bt_mesh_prov_auth_size_get();
462
463 LOG_DBG("Remote Confirm: %s", bt_hex(data, conf_size));
464
465 memcpy(bt_mesh_prov_link.conf, data, conf_size);
466 notify_input_complete();
467
468 send_confirm();
469 }
470
is_pb_gatt(void)471 static inline bool is_pb_gatt(void)
472 {
473 return bt_mesh_prov_link.bearer &&
474 bt_mesh_prov_link.bearer->type == BT_MESH_PROV_GATT;
475 }
476
refresh_is_valid(const uint8_t * netkey,uint16_t net_idx,uint32_t iv_index)477 static bool refresh_is_valid(const uint8_t *netkey, uint16_t net_idx,
478 uint32_t iv_index)
479 {
480 enum bt_mesh_rpr_node_refresh proc = bt_mesh_node_refresh_get();
481 struct bt_mesh_subnet *sub = bt_mesh_subnet_get(net_idx);
482 uint16_t old_addr = bt_mesh_primary_addr();
483 bool valid_addr;
484
485 if (iv_index != bt_mesh.iv_index) {
486 LOG_ERR("Invalid IV index");
487 return false;
488 }
489
490 if (!sub || bt_mesh_key_compare(netkey, &sub->keys[SUBNET_KEY_TX_IDX(sub)].net)) {
491 LOG_ERR("Invalid netkey");
492 return false;
493 }
494
495 if (proc == BT_MESH_RPR_NODE_REFRESH_ADDR) {
496 valid_addr = bt_mesh_prov_link.addr < old_addr ||
497 bt_mesh_prov_link.addr >= old_addr + bt_mesh_comp_get()->elem_count;
498 } else {
499 valid_addr = bt_mesh_prov_link.addr == bt_mesh_primary_addr();
500 }
501
502 if (!valid_addr) {
503 LOG_ERR("Invalid address");
504 }
505
506 return valid_addr;
507 }
508
prov_data(const uint8_t * data)509 static void prov_data(const uint8_t *data)
510 {
511 PROV_BUF(msg, PDU_LEN_COMPLETE);
512 struct bt_mesh_key session_key;
513 uint8_t nonce[13];
514 uint8_t dev_key[16];
515 uint8_t pdu[25];
516 uint8_t flags;
517 uint32_t iv_index;
518 uint16_t net_idx;
519 int err;
520 bool identity_enable;
521
522 LOG_DBG("");
523
524 err = bt_mesh_session_key(bt_mesh_prov_link.dhkey,
525 bt_mesh_prov_link.prov_salt, &session_key);
526 if (err) {
527 LOG_ERR("Unable to generate session key");
528 prov_fail(PROV_ERR_UNEXP_ERR);
529 return;
530 }
531
532 err = bt_mesh_prov_nonce(bt_mesh_prov_link.dhkey,
533 bt_mesh_prov_link.prov_salt, nonce);
534 if (err) {
535 LOG_ERR("Unable to generate session nonce");
536 prov_fail(PROV_ERR_UNEXP_ERR);
537 goto session_key_destructor;
538 }
539
540 LOG_DBG("Nonce: %s", bt_hex(nonce, 13));
541
542 err = bt_mesh_prov_decrypt(&session_key, nonce, data, pdu);
543 if (err) {
544 LOG_ERR("Unable to decrypt provisioning data");
545 prov_fail(PROV_ERR_DECRYPT);
546 goto session_key_destructor;
547 }
548
549 err = bt_mesh_dev_key(bt_mesh_prov_link.dhkey,
550 bt_mesh_prov_link.prov_salt, dev_key);
551 if (err) {
552 LOG_ERR("Unable to generate device key");
553 prov_fail(PROV_ERR_UNEXP_ERR);
554 goto session_key_destructor;
555 }
556
557 net_idx = sys_get_be16(&pdu[16]);
558 flags = pdu[18];
559 iv_index = sys_get_be32(&pdu[19]);
560 bt_mesh_prov_link.addr = sys_get_be16(&pdu[23]);
561
562 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) &&
563 atomic_test_bit(bt_mesh_prov_link.flags, REPROVISION) &&
564 !refresh_is_valid(pdu, net_idx, iv_index)) {
565 prov_send_fail_msg(PROV_ERR_INVALID_DATA);
566 goto session_key_destructor;
567 }
568
569 LOG_DBG("net_idx %u iv_index 0x%08x, addr 0x%04x",
570 net_idx, iv_index, bt_mesh_prov_link.addr);
571
572 bt_mesh_prov_buf_init(&msg, PROV_COMPLETE);
573 if (bt_mesh_prov_send(&msg, NULL)) {
574 LOG_ERR("Failed to send Provisioning Complete");
575 goto session_key_destructor;
576 }
577
578 /* Ignore any further PDUs on this link */
579 bt_mesh_prov_link.expect = PROV_NO_PDU;
580 atomic_set_bit(bt_mesh_prov_link.flags, COMPLETE);
581
582 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) &&
583 atomic_test_bit(bt_mesh_prov_link.flags, REPROVISION)) {
584 bt_mesh_dev_key_cand(dev_key);
585 goto session_key_destructor;
586 }
587
588 /* Store info, since bt_mesh_provision() will end up clearing it */
589 if (IS_ENABLED(CONFIG_BT_MESH_GATT_PROXY)) {
590 identity_enable = is_pb_gatt();
591 } else {
592 identity_enable = false;
593 }
594
595 err = bt_mesh_provision(pdu, net_idx, flags, iv_index, bt_mesh_prov_link.addr, dev_key);
596 if (err) {
597 LOG_ERR("Failed to provision (err %d)", err);
598 goto session_key_destructor;
599 }
600
601 /* After PB-GATT provisioning we should start advertising
602 * using Node Identity.
603 */
604 if (IS_ENABLED(CONFIG_BT_MESH_GATT_PROXY) && identity_enable) {
605 bt_mesh_proxy_identity_enable();
606 }
607
608 session_key_destructor:
609 bt_mesh_key_destroy(&session_key);
610 }
611
reprovision_complete(void)612 static void reprovision_complete(void)
613 {
614 bt_mesh_reprovision(bt_mesh_prov_link.addr);
615
616 /* When performing the refresh composition procedure,
617 * the device key will be activated after the first
618 * successful decryption with the new key.
619 */
620 if (bt_mesh_node_refresh_get() == BT_MESH_RPR_NODE_REFRESH_ADDR) {
621 bt_mesh_dev_key_cand_activate();
622 }
623
624 if (bt_mesh_prov->reprovisioned) {
625 bt_mesh_prov->reprovisioned(bt_mesh_primary_addr());
626 }
627 }
628
reprovision_fail(void)629 static void reprovision_fail(void)
630 {
631 bt_mesh_dev_key_cand_remove();
632 }
633
local_input_complete(void)634 static void local_input_complete(void)
635 {
636 if (atomic_test_bit(bt_mesh_prov_link.flags, PUB_KEY_SENT) ||
637 atomic_test_bit(bt_mesh_prov_link.flags, OOB_PUB_KEY)) {
638 send_input_complete();
639 } else {
640 atomic_set_bit(bt_mesh_prov_link.flags, INPUT_COMPLETE);
641 }
642 }
643
prov_link_closed(enum prov_bearer_link_status status)644 static void prov_link_closed(enum prov_bearer_link_status status)
645 {
646 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) &&
647 atomic_test_bit(bt_mesh_prov_link.flags, REPROVISION)) {
648 if (atomic_test_bit(bt_mesh_prov_link.flags, COMPLETE) &&
649 status == PROV_BEARER_LINK_STATUS_SUCCESS) {
650 reprovision_complete();
651 } else {
652 reprovision_fail();
653 }
654 } else if (bt_mesh_prov_link.conf_inputs.invite[0]) {
655 /* Disable Attention Timer if it was set */
656 bt_mesh_attention(NULL, 0);
657 }
658
659 bt_mesh_prov_reset_state();
660 }
661
prov_link_opened(void)662 static void prov_link_opened(void)
663 {
664 bt_mesh_prov_link.expect = PROV_INVITE;
665 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) && bt_mesh_is_provisioned()) {
666 atomic_set_bit(bt_mesh_prov_link.flags, REPROVISION);
667 }
668 }
669
670 static const struct bt_mesh_prov_role role_device = {
671 .input_complete = local_input_complete,
672 .link_opened = prov_link_opened,
673 .link_closed = prov_link_closed,
674 .error = prov_fail,
675 .op = {
676 [PROV_INVITE] = prov_invite,
677 [PROV_START] = prov_start,
678 [PROV_PUB_KEY] = prov_pub_key,
679 [PROV_CONFIRM] = prov_confirm,
680 [PROV_RANDOM] = prov_random,
681 [PROV_DATA] = prov_data,
682 },
683 };
684
bt_mesh_prov_enable(bt_mesh_prov_bearer_t bearers)685 int bt_mesh_prov_enable(bt_mesh_prov_bearer_t bearers)
686 {
687 if (IS_ENABLED(CONFIG_BT_MESH_RPR_SRV) &&
688 (bearers & BT_MESH_PROV_REMOTE)) {
689 pb_remote_srv.link_accept(bt_mesh_prov_bearer_cb_get(), NULL);
690
691 /* Only PB-Remote supports reprovisioning */
692 if (bt_mesh_is_provisioned()) {
693 goto role_init;
694 }
695 } else if (bt_mesh_is_provisioned()) {
696 return -EALREADY;
697 }
698
699 #if defined(CONFIG_BT_MESH_PROVISIONEE_LOG_LEVEL)
700 if (CONFIG_BT_MESH_PROVISIONEE_LOG_LEVEL > 2) {
701 struct bt_uuid_128 uuid = { .uuid = { BT_UUID_TYPE_128 } };
702
703 sys_memcpy_swap(uuid.val, bt_mesh_prov->uuid, 16);
704 LOG_INF("Device UUID: %s", bt_uuid_str(&uuid.uuid));
705 }
706 #endif
707
708 if (IS_ENABLED(CONFIG_BT_MESH_PB_ADV) &&
709 (bearers & BT_MESH_PROV_ADV)) {
710 bt_mesh_pb_adv.link_accept(bt_mesh_prov_bearer_cb_get(), NULL);
711 }
712
713 if (IS_ENABLED(CONFIG_BT_MESH_PB_GATT) &&
714 (bearers & BT_MESH_PROV_GATT)) {
715 bt_mesh_pb_gatt.link_accept(bt_mesh_prov_bearer_cb_get(), NULL);
716 }
717
718 role_init:
719 bt_mesh_prov_link.role = &role_device;
720
721 return 0;
722 }
723
bt_mesh_prov_disable(bt_mesh_prov_bearer_t bearers)724 int bt_mesh_prov_disable(bt_mesh_prov_bearer_t bearers)
725 {
726 if (bt_mesh_is_provisioned()) {
727 return -EALREADY;
728 }
729
730 if (bt_mesh_prov_active()) {
731 return -EBUSY;
732 }
733
734 if (IS_ENABLED(CONFIG_BT_MESH_PB_ADV) &&
735 (bearers & BT_MESH_PROV_ADV)) {
736 bt_mesh_beacon_disable();
737 bt_mesh_scan_disable();
738 }
739
740 if (IS_ENABLED(CONFIG_BT_MESH_PB_GATT) &&
741 (bearers & BT_MESH_PROV_GATT)) {
742 (void)bt_mesh_pb_gatt_srv_disable();
743 }
744
745 return 0;
746 }
747
