1 /******************************************************************************
2 *
3 * Copyright 2003-2012 Broadcom Corporation
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18
19 #define LOG_TAG "smp"
20
21 #include <bluetooth/log.h>
22
23 #include "os/log.h"
24 #include "smp_int.h"
25 #include "stack/include/btm_log_history.h"
26
27 using namespace bluetooth;
28
29 namespace {
30
31 constexpr char kBtmLogTag[] = "SMP";
32
33 }
34
35 const char* const smp_state_name[] = {
36 "SMP_STATE_IDLE",
37 "SMP_STATE_WAIT_APP_RSP",
38 "SMP_STATE_SEC_REQ_PENDING",
39 "SMP_STATE_PAIR_REQ_RSP",
40 "SMP_STATE_WAIT_CONFIRM",
41 "SMP_STATE_CONFIRM",
42 "SMP_STATE_RAND",
43 "SMP_STATE_PUBLIC_KEY_EXCH",
44 "SMP_STATE_SEC_CONN_PHS1_START",
45 "SMP_STATE_WAIT_COMMITMENT",
46 "SMP_STATE_WAIT_NONCE",
47 "SMP_STATE_SEC_CONN_PHS2_START",
48 "SMP_STATE_WAIT_DHK_CHECK",
49 "SMP_STATE_DHK_CHECK",
50 "SMP_STATE_ENCRYPTION_PENDING",
51 "SMP_STATE_BOND_PENDING",
52 "SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA",
53 "SMP_STATE_MAX"};
54
55 const char* const smp_event_name[] = {"PAIRING_REQ_EVT",
56 "PAIRING_RSP_EVT",
57 "CONFIRM_EVT",
58 "RAND_EVT",
59 "PAIRING_FAILED_EVT",
60 "ENC_INFO_EVT",
61 "CENTRAL_ID_EVT",
62 "ID_INFO_EVT",
63 "ID_ADDR_EVT",
64 "SIGN_INFO_EVT",
65 "SECURITY_REQ_EVT",
66 "PAIR_PUBLIC_KEY_EVT",
67 "PAIR_DHKEY_CHECK_EVT",
68 "PAIR_KEYPRESS_NOTIFICATION_EVT",
69 "PAIR_COMMITMENT_EVT",
70 "KEY_READY_EVT",
71 "ENCRYPTED_EVT",
72 "L2CAP_CONN_EVT",
73 "L2CAP_DISCONN_EVT",
74 "API_IO_RSP_EVT",
75 "API_SEC_GRANT_EVT",
76 "TK_REQ_EVT",
77 "AUTH_CMPL_EVT",
78 "ENC_REQ_EVT",
79 "BOND_REQ_EVT",
80 "DISCARD_SEC_REQ_EVT",
81 "PUBLIC_KEY_EXCHANGE_REQ_EVT",
82 "LOCAL_PUBLIC_KEY_CRTD_EVT",
83 "BOTH_PUBLIC_KEYS_RCVD_EVT",
84 "SEC_CONN_DHKEY_COMPLETE_EVT",
85 "HAVE_LOCAL_NONCE_EVT",
86 "SEC_CONN_PHASE1_CMPLT_EVT",
87 "SEC_CONN_CALC_NC_EVT",
88 "SEC_CONN_DISPLAY_NC_EVT",
89 "SEC_CONN_OK_EVT",
90 "SEC_CONN_2_DHCK_CHECKS_PRESENT_EVT",
91 "SEC_CONN_KEY_READY_EVT",
92 "KEYPRESS_NOTIFICATION_EVT",
93 "SEC_CONN_OOB_DATA_EVT",
94 "CREATE_LOCAL_SEC_CONN_OOB_DATA_EVT",
95 "SIRK_DEVICE_VALID_EVT",
96 "OUT_OF_RANGE_EVT"};
97
98 const char* smp_get_event_name(tSMP_EVENT event);
99 const char* smp_get_state_name(tSMP_STATE state);
100
101 #define SMP_SM_IGNORE 0
102 #define SMP_NUM_ACTIONS 2
103 #define SMP_SME_NEXT_STATE 2
104 #define SMP_SM_NUM_COLS 3
105
106 typedef const uint8_t (*tSMP_SM_TBL)[SMP_SM_NUM_COLS];
107
108 enum {
109 SMP_PROC_SEC_REQ,
110 SMP_SEND_PAIR_REQ,
111 SMP_SEND_PAIR_RSP,
112 SMP_SEND_CONFIRM,
113 SMP_SEND_PAIR_FAIL,
114 SMP_SEND_RAND,
115 SMP_SEND_ENC_INFO,
116 SMP_SEND_ID_INFO,
117 SMP_SEND_LTK_REPLY,
118 SMP_PROC_PAIR_CMD,
119 SMP_PROC_PAIR_FAIL,
120 SMP_PROC_CONFIRM,
121 SMP_PROC_RAND,
122 SMP_PROC_ENC_INFO,
123 SMP_PROC_CENTRAL_ID,
124 SMP_PROC_ID_INFO,
125 SMP_PROC_ID_ADDR,
126 SMP_PROC_SRK_INFO,
127 SMP_PROC_SEC_GRANT,
128 SMP_PROC_SL_KEY,
129 SMP_PROC_COMPARE,
130 SMP_PROC_IO_RSP,
131 SMP_GENERATE_COMPARE,
132 SMP_GENERATE_CONFIRM,
133 SMP_GENERATE_STK,
134 SMP_KEY_DISTRIBUTE,
135 SMP_START_ENC,
136 SMP_PAIRING_CMPL,
137 SMP_DECIDE_ASSO_MODEL,
138 SMP_SEND_APP_CBACK,
139 SMP_CHECK_AUTH_REQ,
140 SMP_PAIR_TERMINATE,
141 SMP_ENC_CMPL,
142 SMP_SIRK_VERIFY,
143 SMP_PROC_DISCARD,
144 SMP_CREATE_PRIVATE_KEY,
145 SMP_USE_OOB_PRIVATE_KEY,
146 SMP_SEND_PAIR_PUBLIC_KEY,
147 SMP_PROCESS_PAIR_PUBLIC_KEY,
148 SMP_HAVE_BOTH_PUBLIC_KEYS,
149 SMP_START_SEC_CONN_PHASE1,
150 SMP_PROCESS_LOCAL_NONCE,
151 SMP_SEND_COMMITMENT,
152 SMP_PROCESS_PAIRING_COMMITMENT,
153 SMP_PROCESS_PEER_NONCE,
154 SMP_CALCULATE_LOCAL_DHKEY_CHECK,
155 SMP_SEND_DHKEY_CHECK,
156 SMP_PROCESS_DHKEY_CHECK,
157 SMP_CALCULATE_PEER_DHKEY_CHECK,
158 SMP_MATCH_DHKEY_CHECKS,
159 SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER,
160 SMP_MOVE_TO_SEC_CONN_PHASE2,
161 SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
162 SMP_WAIT_FOR_BOTH_PUBLIC_KEYS,
163 SMP_START_PASSKEY_VERIFICATION,
164 SMP_SEND_KEYPRESS_NOTIFICATION,
165 SMP_PROCESS_KEYPRESS_NOTIFICATION,
166 SMP_PROCESS_SECURE_CONNECTION_OOB_DATA,
167 SMP_SET_LOCAL_OOB_KEYS,
168 SMP_SET_LOCAL_OOB_RAND_COMMITMENT,
169 SMP_IDLE_TERMINATE,
170 SMP_SM_NO_ACTION
171 };
172
173 static const tSMP_ACT smp_sm_action[] = {
174 smp_proc_sec_req,
175 smp_send_pair_req,
176 smp_send_pair_rsp,
177 smp_send_confirm,
178 smp_send_pair_fail,
179 smp_send_rand,
180 smp_send_enc_info,
181 smp_send_id_info,
182 smp_send_ltk_reply,
183 smp_proc_pair_cmd,
184 smp_proc_pair_fail,
185 smp_proc_confirm,
186 smp_proc_rand,
187 smp_proc_enc_info,
188 smp_proc_central_id,
189 smp_proc_id_info,
190 smp_proc_id_addr,
191 smp_proc_srk_info,
192 smp_proc_sec_grant,
193 smp_proc_sl_key,
194 smp_proc_compare,
195 smp_process_io_response,
196 smp_generate_compare,
197 smp_generate_srand_mrand_confirm,
198 smp_generate_stk,
199 smp_key_distribution,
200 smp_start_enc,
201 smp_pairing_cmpl,
202 smp_decide_association_model,
203 smp_send_app_cback,
204 smp_check_auth_req,
205 smp_pair_terminate,
206 smp_enc_cmpl,
207 smp_sirk_verify,
208 smp_proc_discard,
209 smp_create_private_key,
210 smp_use_oob_private_key,
211 smp_send_pair_public_key,
212 smp_process_pairing_public_key,
213 smp_both_have_public_keys,
214 smp_start_secure_connection_phase1,
215 smp_process_local_nonce,
216 smp_send_commitment,
217 smp_process_pairing_commitment,
218 smp_process_peer_nonce,
219 smp_calculate_local_dhkey_check,
220 smp_send_dhkey_check,
221 smp_process_dhkey_check,
222 smp_calculate_peer_dhkey_check,
223 smp_match_dhkey_checks,
224 smp_calculate_numeric_comparison_display_number,
225 smp_move_to_secure_connections_phase2,
226 smp_phase_2_dhkey_checks_are_present,
227 smp_wait_for_both_public_keys,
228 smp_start_passkey_verification,
229 smp_send_keypress_notification,
230 smp_process_keypress_notification,
231 smp_process_secure_connection_oob_data,
232 smp_set_local_oob_keys,
233 smp_set_local_oob_random_commitment,
234 smp_idle_terminate};
235
236 /************ SMP Central FSM State/Event Indirection Table **************/
237 static const uint8_t smp_central_entry_map[][SMP_STATE_MAX] = {
238 /* state name: */
239 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm,
240 Confirm, Rand, PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce,
241 SCPhs2 Strt, Wait DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData
242 */
243 /* PAIR_REQ */
244 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
245 /* PAIR_RSP */
246 {0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
247 /* CONFIRM */
248 {0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
249 /* RAND */
250 {0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
251 /* PAIR_FAIL */
252 {0, 0x81, 0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
253 0x81, 0, 0x81, 0},
254 /* ENC_INFO */
255 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0},
256 /* CENTRAL_ID */
257 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
258 /* ID_INFO */
259 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
260 /* ID_ADDR */
261 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
262 /* SIGN_INFO */
263 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
264 /* SEC_REQ */
265 {2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
266 /* PAIR_PUBLIC_KEY */
267 {0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
268 /* PAIR_DHKEY_CHCK */
269 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0},
270 /* PAIR_KEYPR_NOTIF */
271 {0, 8, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
272 /* PAIR_COMMITM */
273 {0, 0, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
274 /* KEY_READY */
275 {0, 3, 0, 3, 1, 0, 2, 0, 4, 0, 0, 0, 0, 0, 1, 6, 0},
276 /* ENC_CMPL */
277 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0},
278 /* L2C_CONN */
279 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
280 /* L2C_DISC */
281 {3, 0x83, 0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
282 0x83, 0x83, 0x83, 0},
283 /* IO_RSP */
284 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
285 /* SEC_GRANT */
286 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
287 /* TK_REQ */
288 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
289 /* AUTH_CMPL */
290 {4, 0x82, 0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
291 0x82, 0x82, 7, 0},
292 /* ENC_REQ */
293 {0, 4, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0},
294 /* BOND_REQ */
295 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
296 /* DISCARD_SEC_REQ */
297 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
298 /* PUBL_KEY_EXCH_REQ */
299 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
300 /* LOC_PUBL_KEY_CRTD */
301 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
302 /* BOTH_PUBL_KEYS_RCVD */
303 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
304 /* SC_DHKEY_CMPLT */
305 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
306 /* HAVE_LOC_NONCE */
307 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
308 /* SC_PHASE1_CMPLT */
309 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
310 /* SC_CALC_NC */
311 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
312 /* SC_DSPL_NC */
313 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
314 /* SC_NC_OK */
315 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
316 /* SC_2_DHCK_CHKS_PRES */
317 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
318 /* SC_KEY_READY */
319 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
320 /* KEYPR_NOTIF */
321 {0, 9, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
322 /* SC_OOB_DATA */
323 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
324 /* CR_LOC_SC_OOB_DATA */
325 {5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
326 /* SIRK_VERIFY */
327 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0x82, 0},
328 };
329
330 static const uint8_t smp_all_table[][SMP_SM_NUM_COLS] = {
331 /* Event Action Next State */
332 /* PAIR_FAIL */
333 {SMP_PROC_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
334 /* AUTH_CMPL */
335 {SMP_SEND_PAIR_FAIL, SMP_PAIRING_CMPL, SMP_STATE_IDLE},
336 /* L2C_DISC */
337 {SMP_PAIR_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
338
339 static const uint8_t smp_central_idle_table[][SMP_SM_NUM_COLS] = {
340 /* Event Action Next State */
341 /* L2C_CONN */
342 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
343 /* SEC_REQ */
344 {SMP_PROC_SEC_REQ, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
345 /* L2C_DISC */
346 {SMP_IDLE_TERMINATE, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
347 /* AUTH_CMPL */
348 {SMP_PAIRING_CMPL, SMP_SM_NO_ACTION, SMP_STATE_IDLE},
349 /* CR_LOC_SC_OOB_DATA */
350 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
351 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}
352
353 };
354
355 static const uint8_t
356 smp_central_wait_for_app_response_table[][SMP_SM_NUM_COLS] = {
357 /* Event Action Next State */
358 /* SEC_GRANT */
359 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
360 /* IO_RSP */
361 {SMP_SEND_PAIR_REQ, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
362
363 /* TK ready */
364 /* KEY_READY */
365 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM},
366
367 /* start enc mode setup */
368 /* ENC_REQ */
369 {SMP_START_ENC, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
370 /* DISCARD_SEC_REQ */
371 {SMP_PROC_DISCARD, SMP_SM_NO_ACTION, SMP_STATE_IDLE}
372 /* user confirms NC 'OK', i.e. phase 1 is completed */
373 /* SC_NC_OK */,
374 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
375 SMP_STATE_SEC_CONN_PHS2_START},
376 /* user-provided passkey is rcvd */
377 /* SC_KEY_READY */
378 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
379 SMP_STATE_SEC_CONN_PHS1_START},
380 /* PAIR_KEYPR_NOTIF */
381 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
382 SMP_STATE_WAIT_APP_RSP},
383 /* KEYPR_NOTIF */
384 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
385 SMP_STATE_WAIT_APP_RSP},
386 /* SC_OOB_DATA */
387 {SMP_USE_OOB_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
388
389 static const uint8_t
390 smp_central_pair_request_response_table[][SMP_SM_NUM_COLS] = {
391 /* Event Action Next State */
392 /* PAIR_RSP */
393 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
394 /* TK_REQ */
395 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
396
397 /* TK ready */
398 /* KEY_READY */
399 {SMP_GENERATE_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}
400 /* PUBL_KEY_EXCH_REQ */,
401 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH}};
402
403 static const uint8_t smp_central_wait_for_confirm_table[][SMP_SM_NUM_COLS] = {
404 /* Event Action Next State */
405 /* KEY_READY*/
406 /* CONFIRM ready */
407 {SMP_SEND_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
408
409 static const uint8_t smp_central_confirm_table[][SMP_SM_NUM_COLS] = {
410 /* Event Action Next State */
411 /* CONFIRM */
412 {SMP_PROC_CONFIRM, SMP_SEND_RAND, SMP_STATE_RAND}};
413
414 static const uint8_t smp_central_rand_table[][SMP_SM_NUM_COLS] = {
415 /* Event Action Next State */
416 /* RAND */
417 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
418 /* KEY_READY */
419 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* Compare ready */
420 /* ENC_REQ */
421 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
422
423 static const uint8_t smp_central_public_key_exchange_table[][SMP_SM_NUM_COLS] =
424 {
425 /* Event Action Next State */
426 /* LOC_PUBL_KEY_CRTD */
427 {SMP_SEND_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
428 /* PAIR_PUBLIC_KEY */
429 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION,
430 SMP_STATE_PUBLIC_KEY_EXCH},
431 /* BOTH_PUBL_KEYS_RCVD */
432 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
433 SMP_STATE_SEC_CONN_PHS1_START},
434 };
435
436 static const uint8_t smp_central_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] =
437 {
438 /* Event Action Next State */
439 /* SC_DHKEY_CMPLT */
440 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
441 SMP_STATE_SEC_CONN_PHS1_START},
442 /* HAVE_LOC_NONCE */
443 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
444 /* TK_REQ */
445 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
446 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to
447 display,*/
448 /* It's time to start commitment calculation */
449 /* KEY_READY */
450 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
451 SMP_STATE_SEC_CONN_PHS1_START},
452 /* PAIR_KEYPR_NOTIF */
453 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
454 SMP_STATE_SEC_CONN_PHS1_START},
455 /* PAIR_COMMITM */
456 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
457 SMP_STATE_SEC_CONN_PHS1_START},
458 };
459
460 static const uint8_t smp_central_wait_commitment_table[][SMP_SM_NUM_COLS] = {
461 /* Event Action Next State */
462 /* PAIR_COMMITM */
463 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_RAND, SMP_STATE_WAIT_NONCE},
464 /* PAIR_KEYPR_NOTIF */
465 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
466 SMP_STATE_WAIT_COMMITMENT},
467 };
468
469 static const uint8_t smp_central_wait_nonce_table[][SMP_SM_NUM_COLS] = {
470 /* Event Action Next State */
471 /* peer nonce is received */
472 /* RAND */
473 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
474 /* NC model, time to calculate number for NC */
475 /* SC_CALC_NC */
476 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
477 SMP_STATE_WAIT_NONCE},
478 /* NC model, time to display calculated number for NC to the user */
479 /* SC_DSPL_NC */
480 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
481 };
482
483 static const uint8_t smp_central_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] =
484 {
485 /* Event Action Next State */
486 /* SC_PHASE1_CMPLT */
487 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_SEND_DHKEY_CHECK,
488 SMP_STATE_WAIT_DHK_CHECK},
489 };
490
491 static const uint8_t smp_central_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
492 /* Event Action Next State */
493 /* PAIR_DHKEY_CHCK */
494 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
495 SMP_STATE_DHK_CHECK},
496 };
497
498 static const uint8_t smp_central_dhk_check_table[][SMP_SM_NUM_COLS] = {
499 /* Event Action Next State */
500 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
501 * Check
502 * actually received from peer */
503 /* SC_KEY_READY */
504 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
505 /* locally calculated peer dhkey check is ready -> calculate STK, go to
506 * sending
507 */
508 /* HCI LE Start Encryption command */
509 /* ENC_REQ */
510 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
511 };
512
513 static const uint8_t smp_central_enc_pending_table[][SMP_SM_NUM_COLS] = {
514 /* Event Action Next State */
515 /* STK ready */
516 /* KEY_READY */
517 {SMP_START_ENC, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
518 /* ENCRYPTED */
519 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
520 /* BOND_REQ */
521 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
522
523 static const uint8_t smp_central_bond_pending_table[][SMP_SM_NUM_COLS] = {
524 /* Event Action Next State */
525 /* ENC_INFO */
526 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
527 /* ID_INFO */
528 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
529 /* SIGN_INFO */
530 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
531 /* CENTRAL_ID */
532 {SMP_PROC_CENTRAL_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
533 /* ID_ADDR */
534 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
535 /* KEY_READY */
536 /* LTK ready */
537 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
538 /* AUTH_CMPL */
539 {SMP_SIRK_VERIFY, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
540 };
541
542 static const uint8_t
543 smp_central_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
544 /* Event Action Next State */
545 /* LOC_PUBL_KEY_CRTD */
546 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
547 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
548 /* HAVE_LOC_NONCE */
549 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
550
551 /************ SMP Peripheral FSM State/Event Indirection Table **************/
552 static const uint8_t smp_peripheral_entry_map[][SMP_STATE_MAX] = {
553 /* state name: */
554 /* Idle, WaitApp Rsp, SecReq Pend, Pair ReqRsp, Wait Cfm, Confirm, Rand,
555 PublKey Exch, SCPhs1 Strt, Wait Cmtm, Wait Nonce, SCPhs2 Strt, Wait
556 DHKChk, DHKChk, Enc Pend, Bond Pend, CrLocSc OobData */
557 /* PAIR_REQ */
558 {2, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
559 /* PAIR_RSP */
560 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
561 /* CONFIRM */
562 {0, 4, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
563 /* RAND */
564 {0, 0, 0, 0, 0, 1, 2, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0},
565 /* PAIR_FAIL */
566 {0, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81, 0x81,
567 0x81, 0x81, 0, 0},
568 /* ENC_INFO */
569 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0},
570 /* CENTRAL_ID */
571 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 5, 0},
572 /* ID_INFO */
573 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0},
574 /* ID_ADDR */
575 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 6, 0},
576 /* SIGN_INFO */
577 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0},
578 /* SEC_REQ */
579 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
580 /* PAIR_PUBLIC_KEY */
581 {0, 0, 0, 5, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0},
582 /* PAIR_DHKEY_CHCK */
583 {0, 5, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 1, 2, 0, 0, 0},
584 /* PAIR_KEYPR_NOTIF */
585 {0, 9, 0, 0, 0, 0, 0, 0, 5, 2, 0, 0, 0, 0, 0, 0, 0},
586 /* PAIR_COMMITM */
587 {0, 8, 0, 0, 0, 0, 0, 0, 6, 1, 0, 0, 0, 0, 0, 0, 0},
588 /* KEY_READY */
589 {0, 3, 0, 3, 2, 2, 1, 0, 4, 0, 0, 0, 0, 0, 2, 1, 0},
590 /* ENC_CMPL */
591 {0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0},
592 /* L2C_CONN */
593 {1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
594 /* L2C_DISC */
595 {0, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83, 0x83,
596 0x83, 0x83, 0x83, 0},
597 /* IO_RSP */
598 {0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
599 /* SEC_GRANT */
600 {0, 2, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
601 /* TK_REQ */
602 {0, 0, 0, 2, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0},
603 /* AUTH_CMPL */
604 {0, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82, 0x82,
605 0x82, 0x82, 0x82, 0},
606 /* ENC_REQ */
607 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0},
608 /* BOND_REQ */
609 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 4, 0, 1},
610 /* DISCARD_SEC_REQ */
611 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
612 /* PUBL_KEY_EXCH_REQ */
613 {0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
614 /* LOC_PUBL_KEY_CRTD */
615 {0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1},
616 /* BOTH_PUBL_KEYS_RCVD */
617 {0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0, 0, 0, 0},
618 /* SC_DHKEY_CMPLT */
619 {0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0},
620 /* HAVE_LOC_NONCE */
621 {0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0, 0, 2},
622 /* SC_PHASE1_CMPLT */
623 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0},
624 /* SC_CALC_NC */
625 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 0},
626 /* SC_DSPL_NC */
627 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, 0, 0, 0},
628 /* SC_NC_OK */
629 {0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
630 /* SC_2_DHCK_CHKS_PRES */
631 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2, 0, 0, 0, 0},
632 /* SC_KEY_READY */
633 {0, 7, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0},
634 /* KEYPR_NOTIF */
635 {0, 10, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
636 /* SC_OOB_DATA */
637 {0, 11, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
638 /* CR_LOC_SC_OOB_DATA */
639 {3, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
640 /* SIRK_VERIFY */
641 {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0},
642 };
643
644 static const uint8_t smp_peripheral_idle_table[][SMP_SM_NUM_COLS] = {
645 /* Event Action Next State */
646 /* L2C_CONN */
647 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
648 /* PAIR_REQ */
649 {SMP_PROC_PAIR_CMD, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
650 /* CR_LOC_SC_OOB_DATA */
651 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION,
652 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA}};
653
654 static const uint8_t
655 smp_peripheral_wait_for_app_response_table[][SMP_SM_NUM_COLS] = {
656 /* Event Action Next State */
657 /* IO_RSP */
658 {SMP_PROC_IO_RSP, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
659 /* SEC_GRANT */
660 {SMP_PROC_SEC_GRANT, SMP_SEND_APP_CBACK, SMP_STATE_WAIT_APP_RSP},
661
662 /* TK ready */
663 /* KEY_READY */
664 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
665 /* CONFIRM */
666 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
667 /* DHKey Check from central is received before phase 1 is completed -
668 race */
669 /* PAIR_DHKEY_CHCK */
670 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
671 /* user confirms NC 'OK', i.e. phase 1 is completed */
672 /* SC_NC_OK */
673 {SMP_MOVE_TO_SEC_CONN_PHASE2, SMP_SM_NO_ACTION,
674 SMP_STATE_SEC_CONN_PHS2_START},
675 /* user-provided passkey is rcvd */
676 /* SC_KEY_READY */
677 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
678 SMP_STATE_SEC_CONN_PHS1_START},
679 /* PAIR_COMMITM */
680 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
681 SMP_STATE_WAIT_APP_RSP},
682 /* PAIR_KEYPR_NOTIF */
683 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
684 SMP_STATE_WAIT_APP_RSP},
685 /* KEYPR_NOTIF */
686 {SMP_SEND_KEYPRESS_NOTIFICATION, SMP_SM_NO_ACTION,
687 SMP_STATE_WAIT_APP_RSP},
688 /* SC_OOB_DATA */
689 {SMP_SEND_PAIR_RSP, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
690 };
691
692 static const uint8_t smp_peripheral_sec_request_table[][SMP_SM_NUM_COLS] = {
693 /* Event Action Next State */
694 /* PAIR_REQ */
695 {SMP_PROC_PAIR_CMD, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
696 /* ENCRYPTED*/
697 {SMP_ENC_CMPL, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
698 };
699
700 static const uint8_t
701 smp_peripheral_pair_request_response_table[][SMP_SM_NUM_COLS] = {
702 /* Event Action Next State */
703 /* CONFIRM */
704 {SMP_PROC_CONFIRM, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM},
705 /* TK_REQ */
706 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
707
708 /* TK/Confirm ready */
709 /* KEY_READY */
710 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
711 /* PUBL_KEY_EXCH_REQ */
712 {SMP_CREATE_PRIVATE_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
713 /* PAIR_PUBLIC_KEY */
714 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PAIR_REQ_RSP},
715 };
716
717 static const uint8_t smp_peripheral_wait_confirm_table[][SMP_SM_NUM_COLS] = {
718 /* Event Action Next State */
719 /* CONFIRM */
720 {SMP_PROC_CONFIRM, SMP_SEND_CONFIRM, SMP_STATE_CONFIRM},
721 /* KEY_READY*/
722 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_WAIT_CONFIRM}};
723
724 static const uint8_t smp_peripheral_confirm_table[][SMP_SM_NUM_COLS] = {
725 /* Event Action Next State */
726 /* RAND */
727 {SMP_PROC_RAND, SMP_GENERATE_COMPARE, SMP_STATE_RAND},
728
729 /* TK/Confirm ready */
730 /* KEY_READY*/
731 {SMP_PROC_SL_KEY, SMP_SM_NO_ACTION, SMP_STATE_CONFIRM}};
732
733 static const uint8_t smp_peripheral_rand_table[][SMP_SM_NUM_COLS] = {
734 /* Event Action Next State */
735 /* KEY_READY */
736 {SMP_PROC_COMPARE, SMP_SM_NO_ACTION, SMP_STATE_RAND}, /* compare match */
737 /* RAND */
738 {SMP_SEND_RAND, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING}};
739
740 static const uint8_t smp_peripheral_public_key_exch_table[][SMP_SM_NUM_COLS] = {
741 /* Event Action Next State */
742 /* LOC_PUBL_KEY_CRTD */
743 {SMP_WAIT_FOR_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
744 SMP_STATE_PUBLIC_KEY_EXCH},
745 /* PAIR_PUBLIC_KEY */
746 {SMP_PROCESS_PAIR_PUBLIC_KEY, SMP_SM_NO_ACTION, SMP_STATE_PUBLIC_KEY_EXCH},
747 /* BOTH_PUBL_KEYS_RCVD */
748 {SMP_HAVE_BOTH_PUBLIC_KEYS, SMP_SM_NO_ACTION,
749 SMP_STATE_SEC_CONN_PHS1_START},
750 };
751
752 static const uint8_t
753 smp_peripheral_sec_conn_phs1_start_table[][SMP_SM_NUM_COLS] = {
754 /* Event Action Next State */
755 /* SC_DHKEY_CMPLT */
756 {SMP_START_SEC_CONN_PHASE1, SMP_SM_NO_ACTION,
757 SMP_STATE_SEC_CONN_PHS1_START},
758 /* HAVE_LOC_NONCE */
759 {SMP_PROCESS_LOCAL_NONCE, SMP_SM_NO_ACTION, SMP_STATE_WAIT_COMMITMENT},
760 /* TK_REQ */
761 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
762 /* SMP_MODEL_SEC_CONN_PASSKEY_DISP model, passkey is sent up to display,
763 * it's
764 * time to start */
765 /* commitment calculation */
766 /* KEY_READY */
767 {SMP_START_PASSKEY_VERIFICATION, SMP_SM_NO_ACTION,
768 SMP_STATE_SEC_CONN_PHS1_START},
769 /* PAIR_KEYPR_NOTIF */
770 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
771 SMP_STATE_SEC_CONN_PHS1_START},
772 /*COMMIT*/
773 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SM_NO_ACTION,
774 SMP_STATE_SEC_CONN_PHS1_START},
775 };
776
777 static const uint8_t smp_peripheral_wait_commitment_table[][SMP_SM_NUM_COLS] = {
778 /* Event Action Next State */
779 /* PAIR_COMMITM */
780 {SMP_PROCESS_PAIRING_COMMITMENT, SMP_SEND_COMMITMENT, SMP_STATE_WAIT_NONCE},
781 /* PAIR_KEYPR_NOTIF */
782 {SMP_PROCESS_KEYPRESS_NOTIFICATION, SMP_SEND_APP_CBACK,
783 SMP_STATE_WAIT_COMMITMENT},
784 };
785
786 static const uint8_t smp_peripheral_wait_nonce_table[][SMP_SM_NUM_COLS] = {
787 /* Event Action Next State */
788 /* peer nonce is received */
789 /* RAND */
790 {SMP_PROC_RAND, SMP_PROCESS_PEER_NONCE, SMP_STATE_SEC_CONN_PHS2_START},
791 /* NC model, time to calculate number for NC */
792 /* SC_CALC_NC */
793 {SMP_CALCULATE_NUMERIC_COMPARISON_DISPLAY_NUMBER, SMP_SM_NO_ACTION,
794 SMP_STATE_WAIT_NONCE},
795 /* NC model, time to display calculated number for NC to the user */
796 /* SC_DSPL_NC */
797 {SMP_SEND_APP_CBACK, SMP_SM_NO_ACTION, SMP_STATE_WAIT_APP_RSP},
798 };
799
800 static const uint8_t
801 smp_peripheral_sec_conn_phs2_start_table[][SMP_SM_NUM_COLS] = {
802 /* Event Action Next State */
803 /* SC_PHASE1_CMPLT */
804 {SMP_CALCULATE_LOCAL_DHKEY_CHECK, SMP_PH2_DHKEY_CHECKS_ARE_PRESENT,
805 SMP_STATE_WAIT_DHK_CHECK},
806 /* DHKey Check from central is received before peripheral DHKey
807 * calculation is completed - race */
808 /* PAIR_DHKEY_CHCK */
809 {SMP_PROCESS_DHKEY_CHECK, SMP_SM_NO_ACTION,
810 SMP_STATE_SEC_CONN_PHS2_START},
811 };
812
813 static const uint8_t smp_peripheral_wait_dhk_check_table[][SMP_SM_NUM_COLS] = {
814 /* Event Action Next State */
815 /* PAIR_DHKEY_CHCK */
816 {SMP_PROCESS_DHKEY_CHECK, SMP_CALCULATE_PEER_DHKEY_CHECK,
817 SMP_STATE_DHK_CHECK},
818 /* DHKey Check from central was received before peripheral came to this
819 state */
820 /* SC_2_DHCK_CHKS_PRES */
821 {SMP_CALCULATE_PEER_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
822 };
823
824 static const uint8_t smp_peripheral_dhk_check_table[][SMP_SM_NUM_COLS] = {
825 /* Event Action Next State */
826
827 /* locally calculated peer dhkey check is ready -> compare it withs DHKey
828 * Check
829 */
830 /* actually received from peer */
831 /* SC_KEY_READY */
832 {SMP_MATCH_DHKEY_CHECKS, SMP_SM_NO_ACTION, SMP_STATE_DHK_CHECK},
833
834 /* dhkey checks match -> send local dhkey check to central, go to wait for
835 * HCI LE
836 */
837 /* Long Term Key Request Event */
838 /* PAIR_DHKEY_CHCK */
839 {SMP_SEND_DHKEY_CHECK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
840 };
841
842 static const uint8_t smp_peripheral_enc_pending_table[][SMP_SM_NUM_COLS] = {
843 /* Event Action Next State */
844 /* ENC_REQ */
845 {SMP_GENERATE_STK, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
846
847 /* STK ready */
848 /* KEY_READY */
849 {SMP_SEND_LTK_REPLY, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
850 /* ENCRYPTED */
851 {SMP_CHECK_AUTH_REQ, SMP_SM_NO_ACTION, SMP_STATE_ENCRYPTION_PENDING},
852 /* BOND_REQ */
853 {SMP_KEY_DISTRIBUTE, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING}};
854
855 static const uint8_t smp_peripheral_bond_pending_table[][SMP_SM_NUM_COLS] = {
856 /* Event Action Next State */
857
858 /* LTK ready */
859 /* KEY_READY */
860 {SMP_SEND_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
861
862 /* rev SRK */
863 /* SIGN_INFO */
864 {SMP_PROC_SRK_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
865 /* ENC_INFO */
866 {SMP_PROC_ENC_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
867 /* ID_INFO */
868 {SMP_PROC_ID_INFO, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
869 /* CENTRAL_ID*/
870 {SMP_PROC_CENTRAL_ID, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
871 /* ID_ADDR */
872 {SMP_PROC_ID_ADDR, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
873 /* AUTH_CMPL */
874 {SMP_SIRK_VERIFY, SMP_SM_NO_ACTION, SMP_STATE_BOND_PENDING},
875 };
876
877 static const uint8_t
878 smp_peripheral_create_local_sec_conn_oob_data[][SMP_SM_NUM_COLS] = {
879 /* Event Action Next State */
880 /* LOC_PUBL_KEY_CRTD */
881 {SMP_SET_LOCAL_OOB_KEYS, SMP_SM_NO_ACTION,
882 SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA},
883 /* HAVE_LOC_NONCE */
884 {SMP_SET_LOCAL_OOB_RAND_COMMITMENT, SMP_SM_NO_ACTION, SMP_STATE_IDLE}};
885
886 static const tSMP_SM_TBL smp_state_table[][2] = {
887 /* SMP_STATE_IDLE */
888 {smp_central_idle_table, smp_peripheral_idle_table},
889
890 /* SMP_STATE_WAIT_APP_RSP */
891 {smp_central_wait_for_app_response_table,
892 smp_peripheral_wait_for_app_response_table},
893
894 /* SMP_STATE_SEC_REQ_PENDING */
895 {NULL, smp_peripheral_sec_request_table},
896
897 /* SMP_STATE_PAIR_REQ_RSP */
898 {smp_central_pair_request_response_table,
899 smp_peripheral_pair_request_response_table},
900
901 /* SMP_STATE_WAIT_CONFIRM */
902 {smp_central_wait_for_confirm_table, smp_peripheral_wait_confirm_table},
903
904 /* SMP_STATE_CONFIRM */
905 {smp_central_confirm_table, smp_peripheral_confirm_table},
906
907 /* SMP_STATE_RAND */
908 {smp_central_rand_table, smp_peripheral_rand_table},
909
910 /* SMP_STATE_PUBLIC_KEY_EXCH */
911 {smp_central_public_key_exchange_table,
912 smp_peripheral_public_key_exch_table},
913
914 /* SMP_STATE_SEC_CONN_PHS1_START */
915 {smp_central_sec_conn_phs1_start_table,
916 smp_peripheral_sec_conn_phs1_start_table},
917
918 /* SMP_STATE_WAIT_COMMITMENT */
919 {smp_central_wait_commitment_table, smp_peripheral_wait_commitment_table},
920
921 /* SMP_STATE_WAIT_NONCE */
922 {smp_central_wait_nonce_table, smp_peripheral_wait_nonce_table},
923
924 /* SMP_STATE_SEC_CONN_PHS2_START */
925 {smp_central_sec_conn_phs2_start_table,
926 smp_peripheral_sec_conn_phs2_start_table},
927
928 /* SMP_STATE_WAIT_DHK_CHECK */
929 {smp_central_wait_dhk_check_table, smp_peripheral_wait_dhk_check_table},
930
931 /* SMP_STATE_DHK_CHECK */
932 {smp_central_dhk_check_table, smp_peripheral_dhk_check_table},
933
934 /* SMP_STATE_ENCRYPTION_PENDING */
935 {smp_central_enc_pending_table, smp_peripheral_enc_pending_table},
936
937 /* SMP_STATE_BOND_PENDING */
938 {smp_central_bond_pending_table, smp_peripheral_bond_pending_table},
939
940 /* SMP_STATE_CREATE_LOCAL_SEC_CONN_OOB_DATA */
941 {smp_central_create_local_sec_conn_oob_data,
942 smp_peripheral_create_local_sec_conn_oob_data},
943 };
944
945 typedef const uint8_t (*tSMP_ENTRY_TBL)[SMP_STATE_MAX];
946 static const tSMP_ENTRY_TBL smp_entry_table[] = {smp_central_entry_map,
947 smp_peripheral_entry_map};
948
949 tSMP_CB smp_cb;
950
951 #define SMP_ALL_TBL_MASK 0x80
952
953 /*******************************************************************************
954 * Function smp_set_state
955 * Returns None
956 ******************************************************************************/
smp_set_state(tSMP_STATE state)957 void smp_set_state(tSMP_STATE state) {
958 if (state < SMP_STATE_MAX) {
959 log::debug("State change: {}({})==>{}({})",
960 smp_get_state_name(smp_cb.state), smp_cb.state,
961 smp_get_state_name(state), state);
962 if (smp_cb.state != state) {
963 BTM_LogHistory(
964 kBtmLogTag, smp_cb.pairing_ble_bd_addr, "Security state changed",
965 base::StringPrintf("%s => %s", smp_get_state_name(smp_cb.state),
966 smp_get_state_name(state)));
967 }
968 smp_cb.state = state;
969 } else {
970 log::error("invalid state={}", state);
971 }
972 }
973
974 /*******************************************************************************
975 * Function smp_get_state
976 * Returns The smp state
977 ******************************************************************************/
smp_get_state(void)978 tSMP_STATE smp_get_state(void) { return smp_cb.state; }
979
980 /*******************************************************************************
981 *
982 * Function smp_sm_event
983 *
984 * Description Handle events to the state machine. It looks up the entry
985 * in the smp_entry_table array.
986 * If it is a valid entry, it gets the state table. Set the next
987 * state, if not NULL state. Execute the action function according
988 * to the state table. If the state returned by action function is
989 * not NULL state, adjust the new state to the returned state. If
990 * (api_evt != MAX), call callback function.
991 *
992 * Returns true if the event is executed and a state transition can be
993 * expected, false if the event is ignored, state is invalid, or
994 * the role is invalid for the control block.
995 *
996 ******************************************************************************/
smp_sm_event(tSMP_CB * p_cb,tSMP_EVENT event,tSMP_INT_DATA * p_data)997 bool smp_sm_event(tSMP_CB* p_cb, tSMP_EVENT event, tSMP_INT_DATA* p_data) {
998 uint8_t curr_state = p_cb->state;
999 tSMP_SM_TBL state_table;
1000 uint8_t action, entry, i;
1001
1002 log::debug("addr:{}", p_cb->pairing_bda);
1003 if (p_cb->role >= 2) {
1004 log::error("Invalid role:{}", p_cb->role);
1005 return false;
1006 }
1007
1008 tSMP_ENTRY_TBL entry_table = smp_entry_table[p_cb->role];
1009
1010 if (curr_state >= SMP_STATE_MAX) {
1011 log::error("Invalid state:{}", curr_state);
1012 return false;
1013 }
1014
1015 log::debug("Role:{}, State:[{}({})], Event:[{}({})]",
1016 hci_role_text(p_cb->role), smp_get_state_name(p_cb->state),
1017 p_cb->state, smp_get_event_name(event), event);
1018
1019 /* look up the state table for the current state */
1020 /* lookup entry /w event & curr_state */
1021 /* If entry is ignore, return.
1022 * Otherwise, get state table (according to curr_state or all_state) */
1023 if ((event <= SMP_MAX_EVT) &&
1024 ((entry = entry_table[event - 1][curr_state]) != SMP_SM_IGNORE)) {
1025 if (entry & SMP_ALL_TBL_MASK) {
1026 entry &= ~SMP_ALL_TBL_MASK;
1027 state_table = smp_all_table;
1028 } else {
1029 state_table = smp_state_table[curr_state][p_cb->role];
1030 }
1031 } else {
1032 log::warn("Ignore event[{}({})] in state[{}({})]",
1033 smp_get_event_name(event), event, smp_get_state_name(curr_state),
1034 curr_state);
1035 return false;
1036 }
1037
1038 /* Get possible next state from state table. */
1039 smp_set_state(state_table[entry - 1][SMP_SME_NEXT_STATE]);
1040
1041 /* If action is not ignore, clear param, exec action and get next state.
1042 * The action function may set the Param for cback.
1043 * Depending on param, call cback or free buffer. */
1044 /* execute action */
1045 /* execute action functions */
1046 for (i = 0; i < SMP_NUM_ACTIONS; i++) {
1047 action = state_table[entry - 1][i];
1048 if (action != SMP_SM_NO_ACTION) {
1049 (*smp_sm_action[action])(p_cb, p_data);
1050 } else {
1051 break;
1052 }
1053 }
1054 log::debug("result state={}", smp_get_state_name(p_cb->state));
1055 return true;
1056 }
1057
1058 /*******************************************************************************
1059 * Function smp_get_state_name
1060 * Returns The smp state name.
1061 ******************************************************************************/
smp_get_state_name(tSMP_STATE state)1062 const char* smp_get_state_name(tSMP_STATE state) {
1063 const char* p_str = smp_state_name[SMP_STATE_MAX];
1064
1065 if (state < SMP_STATE_MAX) {
1066 p_str = smp_state_name[state];
1067 }
1068 return p_str;
1069 }
1070
1071 /*******************************************************************************
1072 * Function smp_get_event_name
1073 * Returns The smp event name.
1074 ******************************************************************************/
smp_get_event_name(tSMP_EVENT event)1075 const char* smp_get_event_name(tSMP_EVENT event) {
1076 const char* p_str = smp_event_name[SMP_MAX_EVT];
1077
1078 if (event <= SMP_MAX_EVT) {
1079 p_str = smp_event_name[event - 1];
1080 }
1081 return p_str;
1082 }
1083