1 /******************************************************************************
2  * Copyright (c) 2022 Telink Semiconductor (Shanghai) Co., Ltd. ("TELINK")
3  * All rights reserved.
4  *
5  * Licensed under the Apache License, Version 2.0 (the "License");
6  * you may not use this file except in compliance with the License.
7  * You may obtain a copy of the License at
8  *
9  *   http://www.apache.org/licenses/LICENSE-2.0
10  *
11  * Unless required by applicable law or agreed to in writing, software
12  * distributed under the License is distributed on an "AS IS" BASIS,
13  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14  * See the License for the specific language governing permissions and
15  * limitations under the License.
16  *
17  *****************************************************************************/
18 #ifndef CRYPTO_ALG_H_
19 #define CRYPTO_ALG_H_
20 
21 
22 
23 
24 /*
25  * @brief 	This function is used to generate the prand
26  * @param[out]	prand - The out are stored in little endian format
27  * @return      none
28  * */
29 void			blt_crypto_alg_prand(unsigned char prand[3]);
30 
31 /*
32  * @brief 	Resolvable Private Address Generation and Resolution
33  * @param[in]	irk - The IRKs are stored in little endian format
34  * @param[in]	r   - The r are stored in little endian format
35  * @param[out]	out - The out are stored in little endian format
36  * @return      none
37  * */
38 void			blt_crypto_alg_ah(const unsigned char irk[16], unsigned char r[3], unsigned char out[3]);
39 
40 /**
41  * @brief   	This function is used to generate the confirm values
42  * @param[out]  c1: the confirm value, 	little--endian.
43  * @param[in]   key: aes key, 			little--endian.
44  * @param[in]   r: the plaintext, 		little--endian.
45  * @param[in]   pres: packet buffer2, 	little--endian.
46  * @param[in]   preq: packet buffer2, 	little--endian.
47  * @param[in]   iat: initiate address type
48  * @param[in]   ia: initiate address, 	little--endian.
49  * @param[in]   rat: response address type
50  * @param[in]   ra: response address, 	little--endian.
51  * @return  	none.
52  * @Note		Input data requires strict Word alignment
53  */
54 void 			blt_crypto_alg_c1(unsigned char *c1, unsigned char key[16], unsigned char r[16], unsigned char pres[7], unsigned char preq[7], unsigned char iat, unsigned char ia[6], unsigned char rat, unsigned char ra[6]);
55 
56 /**
57  * @brief   	This function is used to generate the STK during the LE legacy pairing process.
58  * @param[out]  *STK - the result of encrypt, little--endian.
59  * @param[in]   *key - aes key, little--endian.
60  * @param[in]   *r1 - the plaintext1, little--endian.
61  * @param[in]   *r2 - the plaintext2, little--endian.
62  * @return  	none.
63  * @Note		Input data requires strict Word alignment
64  */
65 void			blt_crypto_alg_s1(unsigned char *stk, unsigned char key[16], unsigned char r1[16], unsigned char r2[16]);
66 
67 /**
68  * @brief		This function is used to compute confirm value by function f4
69  * 				---  Ca: f4(U, V, X, Z) = AES-CMACX (U || V || Z)  ---
70  * @param[out]  r: the output of the confirm:128-bits, big--endian.
71  * @param[in]   u: 	is the 256-bits, 	big--endian.
72  * @param[in]   v: 	is the 256-bits,	big--endian.
73  * @param[in]   x:  is the 128-bits, 	big--endian.
74  * @param[in]   z:  is the 8-bits
75  * @return	none.
76  */
77 void			blt_crypto_alg_f4 (unsigned char *r, unsigned char u[32], unsigned char v[32], unsigned char x[16], unsigned char z);
78 
79 /**
80  * @brief	This function is used to generate the numeric comparison values during authentication
81  * 			stage 1 of the LE Secure Connections pairing process by function g2
82  * @param[in]   u: 	is the 256-bits, 	big--endian.
83  * @param[in]   v: 	is the 256-bits, 	big--endian.
84  * @param[in]   x:  is the 128-bits, 	big--endian.
85  * @param[in]   y:  is the 128-bits, 	big--endian.
86  * @return	pincode value: 32-bits.
87  */
88 unsigned int	blt_crypto_alg_g2 (unsigned char u[32], unsigned char v[32], unsigned char x[16], unsigned char y[16]);
89 
90 /**
91  * @brief	This function is used to generate derived keying material in order to create the LTK
92  * 			and keys for the commitment function f6 by function f5
93  * @param[out]  mac: the output of the MAC value:128-bits, big--endian.
94  * @param[out]  ltk: the output of the LTK value:128-bits, big--endian.
95  * @param[in]   w: 	is the 256-bits, 	big--endian.
96  * @param[in]   n1:	is the 128-bits, 	big--endian.
97  * @param[in]   n2:	is the 128-bits, 	big--endian.
98  * @param[in]   a1:	is the 56-bits, 	big--endian.
99  * @param[in]   a2:	is the 56-bits, 	big--endian.
100  * @return	none.
101  */
102 void 			blt_crypto_alg_f5 (unsigned char *mac, unsigned char *ltk, unsigned char w[32], unsigned char n1[16], unsigned char n2[16],
103 								unsigned char a1[7], unsigned char a2[7]);
104 
105 /**
106  * @brief	This function is used to generate check values during authentication stage 2 of the
107  * 			LE Secure Connections pairing process by function f6
108  * @param[out]  *e: the output of Ea or Eb:128-bits, big--endian.
109  * @param[in]   w: 	is the 256-bits, 	big--endian.
110  * @param[in]   n1:	is the 128-bits, 	big--endian.
111  * @param[in]   n2:	is the 128-bits, 	big--endian.
112  * @param[in]   a1:	is the 56-bits, 	big--endian.
113  * @param[in]   a2:	is the 56-bits, 	big--endian.
114  * @return	none.
115  */
116 void 			blt_crypto_alg_f6 (unsigned char *e, unsigned char w[16], unsigned char n1[16], unsigned char n2[16],
117 								unsigned char r[16], unsigned char iocap[3], unsigned char a1[7], unsigned char a2[7]);
118 
119 /**
120  * @brief	This function is used to convert keys of a given size from one key type to another
121  * 			key type with equivalent strength
122  * @param[out]  r: the output of h6:128-bits, 	big--endian.
123  * @param[in]   w: 	is the 128-bits, 			big--endian.
124  * @param[in]   keyid:	is the 32-bits, 		big--endian.
125  * @return	none.
126  */
127 void 			blt_crypto_alg_h6 (unsigned char *r, unsigned char w[16], unsigned char keyid[4]);
128 
129 
130 /**
131  * @brief	This function is used to convert keys of a given size from one key type to another
132  * 			key type with equivalent strength
133  * 			--- h7(SALT, W) = AES-CMACsalt(W) ---
134  * @param[out]  r: the output of h7:128-bits, 	big--endian.
135  * @param[in]   salt: is the 128-bits, 			big--endian.
136  * @param[in]   w:	is the 128-bits, 			big--endian.
137  * @return	none.
138  */
139 void 			blt_crypto_alg_h7 (unsigned char *r, unsigned char salt[16], unsigned char w[16]);
140 
141 
142 /**
143  * @brief	This function is used to generate the Group Session Key (GSK) for encrypting or
144  * 			decrypting payloads of an encrypted BIS.
145  * 			--- h8(K, S, keyID) = AES-CMACik(keyID) ---
146  * @param[out]  r: the output of h8:128-bits, 	big--endian.
147  * @param[in]   k: is the 128-bits, 			big--endian.
148  * @param[in]   s: is the 128-bits, 			big--endian.
149  * @param[in]   keyid: is the 32-bits, 			big--endian.
150  * @return	none.
151  */
152 void 			blt_crypto_alg_h8 (unsigned char *r, unsigned char k[16], unsigned char s[16], unsigned char keyId[4]);
153 
154 
155 
156 
157 #endif /* CRYPTO_ALG_H_ */
158 
159 
160 
161 
162