OVMS3-idf/examples/bluetooth/blufi/main/blufi_security.c

/*
   This example code is in the Public Domain (or CC0 licensed, at your option.)

   Unless required by applicable law or agreed to in writing, this
   software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR
   CONDITIONS OF ANY KIND, either express or implied.
*/

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/event_groups.h"
#include "esp_system.h"
#include "esp_wifi.h"
#include "esp_event_loop.h"
#include "esp_log.h"
#include "nvs_flash.h"
#include "esp_bt.h"

#include "esp_blufi_api.h"
#include "esp_bt_defs.h"
#include "esp_gap_ble_api.h"
#include "esp_bt_main.h"
#include "blufi_example.h"

#include "mbedtls/aes.h"
#include "mbedtls/dhm.h"
#include "mbedtls/md5.h"
#include "rom/crc.h"

/*
   The SEC_TYPE_xxx is for self-defined packet data type in the procedure of "BLUFI negotiate key"
   If user use other negotiation procedure to exchange(or generate) key, should redefine the type by yourself.
 */
#define SEC_TYPE_DH_PARAM_LEN   0x00
#define SEC_TYPE_DH_PARAM_DATA  0x01
#define SEC_TYPE_DH_P           0x02
#define SEC_TYPE_DH_G           0x03
#define SEC_TYPE_DH_PUBLIC      0x04


struct blufi_security {
#define DH_SELF_PUB_KEY_LEN     128
#define DH_SELF_PUB_KEY_BIT_LEN (DH_SELF_PUB_KEY_LEN * 8)
    uint8_t  self_public_key[DH_SELF_PUB_KEY_LEN];
#define SHARE_KEY_LEN           128
#define SHARE_KEY_BIT_LEN       (SHARE_KEY_LEN * 8)
    uint8_t  share_key[SHARE_KEY_LEN];
    size_t   share_len;
#define PSK_LEN                 16
    uint8_t  psk[PSK_LEN];
    uint8_t  *dh_param;
    int      dh_param_len;
    uint8_t  iv[16];
    mbedtls_dhm_context dhm;
    mbedtls_aes_context aes;
};
static struct blufi_security *blufi_sec;

static int myrand( void *rng_state, unsigned char *output, size_t len )
{
    esp_fill_random(output, len);
    return( 0 );
}

extern void btc_blufi_report_error(esp_blufi_error_state_t state);

void blufi_dh_negotiate_data_handler(uint8_t *data, int len, uint8_t **output_data, int *output_len, bool *need_free)
{
    int ret;
    uint8_t type = data[0];

    if (blufi_sec == NULL) {
        BLUFI_ERROR("BLUFI Security is not initialized");
        btc_blufi_report_error(ESP_BLUFI_INIT_SECURITY_ERROR);
        return;
    }

    switch (type) {
    case SEC_TYPE_DH_PARAM_LEN:
        blufi_sec->dh_param_len = ((data[1]<<8)|data[2]);
        if (blufi_sec->dh_param) {
            free(blufi_sec->dh_param);
            blufi_sec->dh_param = NULL;
        }
        blufi_sec->dh_param = (uint8_t *)malloc(blufi_sec->dh_param_len);
        if (blufi_sec->dh_param == NULL) {
            btc_blufi_report_error(ESP_BLUFI_DH_MALLOC_ERROR);
            BLUFI_ERROR("%s, malloc failed\n", __func__);
            return;
        }
        break;
    case SEC_TYPE_DH_PARAM_DATA:{
        if (blufi_sec->dh_param == NULL) {
            BLUFI_ERROR("%s, blufi_sec->dh_param == NULL\n", __func__);
            btc_blufi_report_error(ESP_BLUFI_DH_PARAM_ERROR);
            return;
        }
        uint8_t *param = blufi_sec->dh_param;
        memcpy(blufi_sec->dh_param, &data[1], blufi_sec->dh_param_len);
        ret = mbedtls_dhm_read_params(&blufi_sec->dhm, &param, &param[blufi_sec->dh_param_len]);
        if (ret) {
            BLUFI_ERROR("%s read param failed %d\n", __func__, ret);
            btc_blufi_report_error(ESP_BLUFI_READ_PARAM_ERROR);
            return;
        }
        free(blufi_sec->dh_param);
        blufi_sec->dh_param = NULL;
        ret = mbedtls_dhm_make_public(&blufi_sec->dhm, (int) mbedtls_mpi_size( &blufi_sec->dhm.P ), blufi_sec->self_public_key, blufi_sec->dhm.len, myrand, NULL);
        if (ret) {
            BLUFI_ERROR("%s make public failed %d\n", __func__, ret);
            btc_blufi_report_error(ESP_BLUFI_MAKE_PUBLIC_ERROR);
            return;
        }

        mbedtls_dhm_calc_secret( &blufi_sec->dhm,
                blufi_sec->share_key,
                SHARE_KEY_BIT_LEN,
                &blufi_sec->share_len,
                NULL, NULL);

        mbedtls_md5(blufi_sec->share_key, blufi_sec->share_len, blufi_sec->psk);

        mbedtls_aes_setkey_enc(&blufi_sec->aes, blufi_sec->psk, 128);
        
        /* alloc output data */
        *output_data = &blufi_sec->self_public_key[0];
        *output_len = blufi_sec->dhm.len;
        *need_free = false;

    }
        break;
    case SEC_TYPE_DH_P:
        break;
    case SEC_TYPE_DH_G:
        break;
    case SEC_TYPE_DH_PUBLIC:
        break;
    }
}

int blufi_aes_encrypt(uint8_t iv8, uint8_t *crypt_data, int crypt_len)
{
    int ret;
    size_t iv_offset = 0;
    uint8_t iv0[16];

    memcpy(iv0, blufi_sec->iv, sizeof(blufi_sec->iv));
    iv0[0] = iv8;   /* set iv8 as the iv0[0] */

    ret = mbedtls_aes_crypt_cfb128(&blufi_sec->aes, MBEDTLS_AES_ENCRYPT, crypt_len, &iv_offset, iv0, crypt_data, crypt_data);
    if (ret) {
        return -1;
    }

    return crypt_len;
}

int blufi_aes_decrypt(uint8_t iv8, uint8_t *crypt_data, int crypt_len)
{
    int ret;
    size_t iv_offset = 0;
    uint8_t iv0[16];

    memcpy(iv0, blufi_sec->iv, sizeof(blufi_sec->iv));
    iv0[0] = iv8;   /* set iv8 as the iv0[0] */

    ret = mbedtls_aes_crypt_cfb128(&blufi_sec->aes, MBEDTLS_AES_DECRYPT, crypt_len, &iv_offset, iv0, crypt_data, crypt_data);
    if (ret) {
        return -1;
    }

    return crypt_len;
}

uint16_t blufi_crc_checksum(uint8_t iv8, uint8_t *data, int len)
{
    /* This iv8 ignore, not used */
    return crc16_be(0, data, len);
}

esp_err_t blufi_security_init(void)
{
    blufi_sec = (struct blufi_security *)malloc(sizeof(struct blufi_security));
    if (blufi_sec == NULL) {
        return ESP_FAIL;
    }

    memset(blufi_sec, 0x0, sizeof(struct blufi_security));

    mbedtls_dhm_init(&blufi_sec->dhm);
    mbedtls_aes_init(&blufi_sec->aes);

    memset(blufi_sec->iv, 0x0, 16);
    return 0;
}

void blufi_security_deinit(void)
{
    if (blufi_sec == NULL) {
        return;
    }
    if (blufi_sec->dh_param){
        free(blufi_sec->dh_param);
        blufi_sec->dh_param = NULL;
    }
    mbedtls_dhm_free(&blufi_sec->dhm);
    mbedtls_aes_free(&blufi_sec->aes);

    memset(blufi_sec, 0x0, sizeof(struct blufi_security));

    free(blufi_sec);
    blufi_sec =  NULL;
}
Component/bt: modify license 2018-01-15 11:47:23 +00:00			`/*`
			`This example code is in the Public Domain (or CC0 licensed, at your option.)`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
Component/bt: modify license 2018-01-15 11:47:23 +00:00			`Unless required by applicable law or agreed to in writing, this`
			`software is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR`
			`CONDITIONS OF ANY KIND, either express or implied.`
			`*/`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
			`#include <stdio.h>`
			`#include <stdlib.h>`
			`#include <string.h>`
			`#include "freertos/FreeRTOS.h"`
			`#include "freertos/task.h"`
			`#include "freertos/event_groups.h"`
			`#include "esp_system.h"`
			`#include "esp_wifi.h"`
			`#include "esp_event_loop.h"`
			`#include "esp_log.h"`
			`#include "nvs_flash.h"`
component/btdm : change bt.h name to esp_bt.h to form the name prefix 2017-12-07 13:48:27 +00:00			`#include "esp_bt.h"`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
			`#include "esp_blufi_api.h"`
			`#include "esp_bt_defs.h"`
			`#include "esp_gap_ble_api.h"`
			`#include "esp_bt_main.h"`
examples: Standardise naming of files, symbols, etc. in examples * Use "example" in all example function & variable names, ie use i2c_example_xxx instead of i2c_xxx for example functions. Closes #198 https://github.com/espressif/esp-idf/issues/198 * Mark example functions, etc. static * Replace uses of "test" & "demo" with "example" * Split the UART example into two * Rename "main" example files to end with "_main.c" for disambiguation 2017-03-22 04:36:11 +00:00			`#include "blufi_example.h"`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
			`#include "mbedtls/aes.h"`
			`#include "mbedtls/dhm.h"`
			`#include "mbedtls/md5.h"`
			`#include "rom/crc.h"`

			`/*`
			`The SEC_TYPE_xxx is for self-defined packet data type in the procedure of "BLUFI negotiate key"`
			`If user use other negotiation procedure to exchange(or generate) key, should redefine the type by yourself.`
			`*/`
			`#define SEC_TYPE_DH_PARAM_LEN 0x00`
			`#define SEC_TYPE_DH_PARAM_DATA 0x01`
			`#define SEC_TYPE_DH_P 0x02`
			`#define SEC_TYPE_DH_G 0x03`
			`#define SEC_TYPE_DH_PUBLIC 0x04`


			`struct blufi_security {`
			`#define DH_SELF_PUB_KEY_LEN 128`
			`#define DH_SELF_PUB_KEY_BIT_LEN (DH_SELF_PUB_KEY_LEN * 8)`
			`uint8_t self_public_key[DH_SELF_PUB_KEY_LEN];`
			`#define SHARE_KEY_LEN 128`
			`#define SHARE_KEY_BIT_LEN (SHARE_KEY_LEN * 8)`
			`uint8_t share_key[SHARE_KEY_LEN];`
			`size_t share_len;`
			`#define PSK_LEN 16`
			`uint8_t psk[PSK_LEN];`
			`uint8_t *dh_param;`
			`int dh_param_len;`
			`uint8_t iv[16];`
			`mbedtls_dhm_context dhm;`
			`mbedtls_aes_context aes;`
			`};`
			`static struct blufi_security *blufi_sec;`

			`static int myrand( void rng_state, unsigned char output, size_t len )`
			`{`
esp32: Add esp_fill_random() function Convenience function to fill a buffer with random bytes. Add some unit tests (only sanity checks, really.) 2018-08-15 08:20:16 +00:00			`esp_fill_random(output, len);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`return( 0 );`
			`}`

Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`extern void btc_blufi_report_error(esp_blufi_error_state_t state);`

component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`void blufi_dh_negotiate_data_handler(uint8_t data, int len, uint8_t output_data, int output_len, bool *need_free)`
			`{`
			`int ret;`
			`uint8_t type = data[0];`

			`if (blufi_sec == NULL) {`
			`BLUFI_ERROR("BLUFI Security is not initialized");`
Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`btc_blufi_report_error(ESP_BLUFI_INIT_SECURITY_ERROR);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`return;`
			`}`

			`switch (type) {`
			`case SEC_TYPE_DH_PARAM_LEN:`
			`blufi_sec->dh_param_len = ((data[1]<<8)\|data[2]);`
			`if (blufi_sec->dh_param) {`
			`free(blufi_sec->dh_param);`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`blufi_sec->dh_param = NULL;`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`}`
			`blufi_sec->dh_param = (uint8_t *)malloc(blufi_sec->dh_param_len);`
			`if (blufi_sec->dh_param == NULL) {`
Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`btc_blufi_report_error(ESP_BLUFI_DH_MALLOC_ERROR);`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`BLUFI_ERROR("%s, malloc failed\n", __func__);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`return;`
			`}`
			`break;`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`case SEC_TYPE_DH_PARAM_DATA:{`
			`if (blufi_sec->dh_param == NULL) {`
			`BLUFI_ERROR("%s, blufi_sec->dh_param == NULL\n", __func__);`
Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`btc_blufi_report_error(ESP_BLUFI_DH_PARAM_ERROR);`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`return;`
			`}`
			`uint8_t *param = blufi_sec->dh_param;`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`memcpy(blufi_sec->dh_param, &data[1], blufi_sec->dh_param_len);`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`ret = mbedtls_dhm_read_params(&blufi_sec->dhm, &param, &param[blufi_sec->dh_param_len]);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`if (ret) {`
			`BLUFI_ERROR("%s read param failed %d\n", __func__, ret);`
Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`btc_blufi_report_error(ESP_BLUFI_READ_PARAM_ERROR);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`return;`
			`}`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`free(blufi_sec->dh_param);`
			`blufi_sec->dh_param = NULL;`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`ret = mbedtls_dhm_make_public(&blufi_sec->dhm, (int) mbedtls_mpi_size( &blufi_sec->dhm.P ), blufi_sec->self_public_key, blufi_sec->dhm.len, myrand, NULL);`
			`if (ret) {`
			`BLUFI_ERROR("%s make public failed %d\n", __func__, ret);`
Component/bt: add get error event for blufi 2017-12-22 07:02:33 +00:00			`btc_blufi_report_error(ESP_BLUFI_MAKE_PUBLIC_ERROR);`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`return;`
			`}`

			`mbedtls_dhm_calc_secret( &blufi_sec->dhm,`
			`blufi_sec->share_key,`
			`SHARE_KEY_BIT_LEN,`
			`&blufi_sec->share_len,`
			`NULL, NULL);`

			`mbedtls_md5(blufi_sec->share_key, blufi_sec->share_len, blufi_sec->psk);`

			`mbedtls_aes_setkey_enc(&blufi_sec->aes, blufi_sec->psk, 128);`

			`/* alloc output data */`
			`*output_data = &blufi_sec->self_public_key[0];`
			`*output_len = blufi_sec->dhm.len;`
			`*need_free = false;`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00
			`}`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`break;`
			`case SEC_TYPE_DH_P:`
			`break;`
			`case SEC_TYPE_DH_G:`
			`break;`
			`case SEC_TYPE_DH_PUBLIC:`
			`break;`
			`}`
			`}`

			`int blufi_aes_encrypt(uint8_t iv8, uint8_t *crypt_data, int crypt_len)`
			`{`
			`int ret;`
			`size_t iv_offset = 0;`
			`uint8_t iv0[16];`

			`memcpy(iv0, blufi_sec->iv, sizeof(blufi_sec->iv));`
			`iv0[0] = iv8; /* set iv8 as the iv0[0] */`

			`ret = mbedtls_aes_crypt_cfb128(&blufi_sec->aes, MBEDTLS_AES_ENCRYPT, crypt_len, &iv_offset, iv0, crypt_data, crypt_data);`
			`if (ret) {`
			`return -1;`
			`}`

			`return crypt_len;`
			`}`

			`int blufi_aes_decrypt(uint8_t iv8, uint8_t *crypt_data, int crypt_len)`
			`{`
			`int ret;`
			`size_t iv_offset = 0;`
			`uint8_t iv0[16];`

			`memcpy(iv0, blufi_sec->iv, sizeof(blufi_sec->iv));`
			`iv0[0] = iv8; /* set iv8 as the iv0[0] */`

			`ret = mbedtls_aes_crypt_cfb128(&blufi_sec->aes, MBEDTLS_AES_DECRYPT, crypt_len, &iv_offset, iv0, crypt_data, crypt_data);`
			`if (ret) {`
			`return -1;`
			`}`

			`return crypt_len;`
			`}`

			`uint16_t blufi_crc_checksum(uint8_t iv8, uint8_t *data, int len)`
			`{`
			`/* This iv8 ignore, not used */`
			`return crc16_be(0, data, len);`
			`}`

			`esp_err_t blufi_security_init(void)`
			`{`
			`blufi_sec = (struct blufi_security *)malloc(sizeof(struct blufi_security));`
			`if (blufi_sec == NULL) {`
			`return ESP_FAIL;`
			`}`

component/bt : blufi fix security init bug 2017-01-06 04:24:37 +00:00			`memset(blufi_sec, 0x0, sizeof(struct blufi_security));`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
			`mbedtls_dhm_init(&blufi_sec->dhm);`
			`mbedtls_aes_init(&blufi_sec->aes);`

			`memset(blufi_sec->iv, 0x0, 16);`
			`return 0;`
			`}`

			`void blufi_security_deinit(void)`
			`{`
Component/bt: fix memory leak in bluefi demo 2017-10-21 07:03:54 +00:00			`if (blufi_sec == NULL) {`
			`return;`
			`}`
			`if (blufi_sec->dh_param){`
			`free(blufi_sec->dh_param);`
			`blufi_sec->dh_param = NULL;`
			`}`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00			`mbedtls_dhm_free(&blufi_sec->dhm);`
			`mbedtls_aes_free(&blufi_sec->aes);`

component/bt : blufi fix security init bug 2017-01-06 04:24:37 +00:00			`memset(blufi_sec, 0x0, sizeof(struct blufi_security));`
component/bt : new blufi 1. new blufi protocol 2. new blufi demo 3. support security 4. support sta/ap/sta_ap 5. support wpa-enterprise 2016-12-28 04:02:43 +00:00
			`free(blufi_sec);`
			`blufi_sec = NULL;`
			`}`