| /* |
| * |
| * BlueZ - Bluetooth protocol stack for Linux |
| * |
| * Copyright (C) 2017-2018 Intel Corporation. All rights reserved. |
| * |
| * |
| * This library is free software; you can redistribute it and/or |
| * modify it under the terms of the GNU Lesser General Public |
| * License as published by the Free Software Foundation; either |
| * version 2.1 of the License, or (at your option) any later version. |
| * |
| * This library is distributed in the hope that it will be useful, |
| * but WITHOUT ANY WARRANTY; without even the implied warranty of |
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
| * Lesser General Public License for more details. |
| * |
| * |
| */ |
| |
| #ifdef HAVE_CONFIG_H |
| #include <config.h> |
| #endif |
| |
| #include <ell/ell.h> |
| |
| #include "mesh/mesh-defs.h" |
| |
| #include "mesh/mesh.h" |
| #include "mesh/node.h" |
| #include "mesh/net.h" |
| #include "mesh/crypto.h" |
| #include "mesh/display.h" |
| #include "mesh/model.h" |
| #include "mesh/storage.h" |
| #include "mesh/appkey.h" |
| |
| struct mesh_app_key { |
| struct l_queue *replay_cache; |
| uint16_t net_idx; |
| uint16_t app_idx; |
| uint8_t key[16]; |
| uint8_t key_id; |
| uint8_t new_key[16]; |
| uint8_t new_key_id; |
| }; |
| |
| struct mesh_msg { |
| uint32_t iv_index; |
| uint32_t seq; |
| uint16_t src; |
| }; |
| |
| struct mod_decrypt { |
| const uint8_t *data; |
| uint8_t *out; |
| struct mesh_app_key *key; |
| uint8_t *virt; |
| uint32_t seq; |
| uint32_t iv_idx; |
| uint16_t src; |
| uint16_t dst; |
| uint16_t idx; |
| uint16_t size; |
| uint16_t virt_size; |
| uint8_t key_id; |
| bool szmict; |
| bool decrypted; |
| }; |
| |
| static bool match_key_index(const void *a, const void *b) |
| { |
| const struct mesh_app_key *key = a; |
| uint16_t idx = L_PTR_TO_UINT(b); |
| |
| return key->app_idx == idx; |
| } |
| |
| static bool match_replay_cache(const void *a, const void *b) |
| { |
| const struct mesh_msg *msg = a; |
| uint16_t src = L_PTR_TO_UINT(b); |
| |
| return src == msg->src; |
| } |
| |
| static bool clean_old_iv_index(void *a, void *b) |
| { |
| struct mesh_msg *msg = a; |
| uint32_t iv_index = L_PTR_TO_UINT(b); |
| |
| if (iv_index < 2) |
| return false; |
| |
| if (msg->iv_index < iv_index - 1) { |
| l_free(msg); |
| return true; |
| } |
| |
| return false; |
| } |
| |
| static void packet_decrypt(void *a, void *b) |
| { |
| struct mesh_app_key *key = a; |
| struct mod_decrypt *dec = b; |
| |
| l_debug("model.c - app_packet_decrypt"); |
| if (dec->decrypted) |
| return; |
| |
| if (key->key_id != dec->key_id && |
| key->new_key_id != dec->key_id) |
| return; |
| |
| dec->key = key; |
| |
| if (key->key_id == dec->key_id) { |
| dec->decrypted = mesh_crypto_payload_decrypt(dec->virt, |
| dec->virt_size, dec->data, dec->size, |
| dec->szmict, dec->src, dec->dst, dec->key_id, |
| dec->seq, dec->iv_idx, dec->out, key->key); |
| if (dec->decrypted) |
| print_packet("Used App Key", dec->key->key, 16); |
| else |
| print_packet("Failed with App Key", dec->key->key, 16); |
| } |
| |
| if (!dec->decrypted && key->new_key_id == dec->key_id) { |
| dec->decrypted = mesh_crypto_payload_decrypt(dec->virt, |
| dec->virt_size, dec->data, dec->size, |
| dec->szmict, dec->src, dec->dst, dec->key_id, |
| dec->seq, dec->iv_idx, dec->out, key->new_key); |
| if (dec->decrypted) |
| print_packet("Used App Key", dec->key->new_key, 16); |
| else |
| print_packet("Failed with App Key", |
| dec->key->new_key, 16); |
| } |
| |
| if (dec->decrypted) |
| dec->idx = key->app_idx; |
| } |
| |
| int appkey_packet_decrypt(struct mesh_net *net, bool szmict, uint32_t seq, |
| uint32_t iv_index, uint16_t src, |
| uint16_t dst, uint8_t *virt, uint16_t virt_size, |
| uint8_t key_id, const uint8_t *data, |
| uint16_t data_size, uint8_t *out) |
| { |
| struct l_queue *app_keys; |
| |
| struct mod_decrypt decrypt = { |
| .src = src, |
| .dst = dst, |
| .seq = seq, |
| .data = data, |
| .out = out, |
| .size = data_size, |
| .key_id = key_id, |
| .iv_idx = iv_index, |
| .virt = virt, |
| .virt_size = virt_size, |
| .szmict = szmict, |
| .decrypted = false, |
| }; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return -1; |
| |
| l_queue_foreach(app_keys, packet_decrypt, &decrypt); |
| |
| return decrypt.decrypted ? decrypt.idx : -1; |
| } |
| |
| bool appkey_msg_in_replay_cache(struct mesh_net *net, uint16_t idx, |
| uint16_t src, uint16_t crpl, uint32_t seq, |
| uint32_t iv_index) |
| { |
| struct mesh_app_key *key; |
| struct mesh_msg *msg; |
| struct l_queue *app_keys; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return false; |
| |
| l_debug("Test Replay src: %4.4x seq: %6.6x iv: %8.8x", |
| src, seq, iv_index); |
| |
| key = l_queue_find(app_keys, match_key_index, L_UINT_TO_PTR(idx)); |
| |
| if (!key) |
| return false; |
| |
| msg = l_queue_find(key->replay_cache, match_replay_cache, |
| L_UINT_TO_PTR(src)); |
| |
| if (msg) { |
| if (iv_index > msg->iv_index) { |
| msg->seq = seq; |
| msg->iv_index = iv_index; |
| return false; |
| } |
| |
| if (seq < msg->seq) { |
| l_info("Ignoring packet with lower sequence number"); |
| return true; |
| } |
| |
| if (seq == msg->seq) { |
| l_info("Message already processed (duplicate)"); |
| return true; |
| } |
| |
| msg->seq = seq; |
| |
| return false; |
| } |
| |
| l_debug("New Entry for %4.4x", src); |
| if (key->replay_cache == NULL) |
| key->replay_cache = l_queue_new(); |
| |
| /* Replay Cache is fixed sized */ |
| if (l_queue_length(key->replay_cache) >= crpl) { |
| int ret = l_queue_foreach_remove(key->replay_cache, |
| clean_old_iv_index, L_UINT_TO_PTR(iv_index)); |
| |
| if (!ret) |
| return true; |
| } |
| |
| msg = l_new(struct mesh_msg, 1); |
| msg->src = src; |
| msg->seq = seq; |
| msg->iv_index = iv_index; |
| l_queue_push_head(key->replay_cache, msg); |
| |
| return false; |
| } |
| |
| static struct mesh_app_key *app_key_new(void) |
| { |
| struct mesh_app_key *key = l_new(struct mesh_app_key, 1); |
| |
| key->new_key_id = 0xFF; |
| key->replay_cache = l_queue_new(); |
| return key; |
| } |
| |
| static bool set_key(struct mesh_app_key *key, uint16_t app_idx, |
| const uint8_t *key_value, bool is_new) |
| { |
| uint8_t key_id; |
| |
| if (!mesh_crypto_k4(key_value, &key_id)) |
| return false; |
| |
| key_id = KEY_ID_AKF | (key_id << KEY_AID_SHIFT); |
| if (!is_new) |
| key->key_id = key_id; |
| else |
| key->new_key_id = key_id; |
| |
| memcpy(is_new ? key->new_key : key->key, key_value, 16); |
| |
| return true; |
| } |
| |
| void appkey_key_free(void *data) |
| { |
| struct mesh_app_key *key = data; |
| |
| if (!key) |
| return; |
| |
| l_queue_destroy(key->replay_cache, l_free); |
| l_free(key); |
| } |
| |
| bool appkey_key_init(struct mesh_net *net, uint16_t net_idx, uint16_t app_idx, |
| uint8_t *key_value, uint8_t *new_key_value) |
| { |
| struct mesh_app_key *key; |
| struct l_queue *app_keys; |
| |
| if (net_idx > MAX_KEY_IDX || app_idx > MAX_KEY_IDX) |
| return false; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return NULL; |
| |
| key = app_key_new(); |
| if (!key) |
| return false; |
| |
| if (!mesh_net_have_key(net, net_idx)) |
| return false; |
| |
| key->net_idx = net_idx; |
| |
| if (key_value && !set_key(key, app_idx, key_value, false)) |
| return false; |
| |
| if (new_key_value && !set_key(key, app_idx, new_key_value, true)) |
| return false; |
| |
| l_queue_push_tail(app_keys, key); |
| |
| return true; |
| } |
| |
| const uint8_t *appkey_get_key(struct mesh_net *net, uint16_t app_idx, |
| uint8_t *key_id) |
| { |
| struct mesh_app_key *app_key; |
| uint8_t phase; |
| struct l_queue *app_keys; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return NULL; |
| |
| app_key = l_queue_find(app_keys, match_key_index, |
| L_UINT_TO_PTR(app_idx)); |
| if (!app_key) |
| return NULL; |
| |
| if (mesh_net_key_refresh_phase_get(net, app_key->net_idx, &phase) != |
| MESH_STATUS_SUCCESS) |
| return NULL; |
| |
| if (phase != KEY_REFRESH_PHASE_TWO) { |
| *key_id = app_key->key_id; |
| return app_key->key; |
| } |
| |
| if (app_key->new_key_id == NET_NID_INVALID) |
| return NULL; |
| |
| *key_id = app_key->new_key_id; |
| return app_key->new_key; |
| } |
| |
| bool appkey_have_key(struct mesh_net *net, uint16_t app_idx) |
| { |
| struct mesh_app_key *key; |
| struct l_queue *app_keys; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return false; |
| |
| key = l_queue_find(app_keys, match_key_index, L_UINT_TO_PTR(app_idx)); |
| |
| if (!key) |
| return false; |
| else |
| return true; |
| } |
| |
| int appkey_key_add(struct mesh_net *net, uint16_t net_idx, uint16_t app_idx, |
| const uint8_t *new_key, bool update) |
| { |
| struct mesh_app_key *key; |
| struct l_queue *app_keys; |
| uint8_t phase = KEY_REFRESH_PHASE_NONE; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return MESH_STATUS_INSUFF_RESOURCES; |
| |
| key = l_queue_find(app_keys, match_key_index, L_UINT_TO_PTR(app_idx)); |
| |
| if (!mesh_net_have_key(net, net_idx) || |
| (update && key->net_idx != net_idx)) |
| return MESH_STATUS_INVALID_NETKEY; |
| |
| if (update && !key) |
| return MESH_STATUS_INVALID_APPKEY; |
| |
| mesh_net_key_refresh_phase_get(net, net_idx, &phase); |
| if (update && phase != KEY_REFRESH_PHASE_ONE) |
| return MESH_STATUS_CANNOT_UPDATE; |
| |
| if (key) { |
| if (memcmp(new_key, key->key, 16) == 0) |
| return MESH_STATUS_SUCCESS; |
| |
| if (!update) { |
| l_info("Failed to add key: index already stored %x", |
| (net_idx << 16) | app_idx); |
| return MESH_STATUS_IDX_ALREADY_STORED; |
| } |
| } |
| |
| if (!key) { |
| if (l_queue_length(app_keys) <= MAX_APP_KEYS) |
| return MESH_STATUS_INSUFF_RESOURCES; |
| |
| key = app_key_new(); |
| if (!key) |
| return MESH_STATUS_INSUFF_RESOURCES; |
| |
| if (!set_key(key, app_idx, new_key, false)) { |
| appkey_key_free(key); |
| return MESH_STATUS_INSUFF_RESOURCES; |
| } |
| |
| if (!storage_local_app_key_add(net, net_idx, app_idx, new_key, |
| false)) { |
| appkey_key_free(key); |
| return MESH_STATUS_STORAGE_FAIL; |
| } |
| |
| key->net_idx = net_idx; |
| key->app_idx = app_idx; |
| l_queue_push_tail(app_keys, key); |
| } else { |
| if (!set_key(key, app_idx, new_key, true)) |
| return MESH_STATUS_INSUFF_RESOURCES; |
| |
| if (!storage_local_app_key_add(net, net_idx, app_idx, new_key, |
| true)) |
| return MESH_STATUS_STORAGE_FAIL; |
| } |
| |
| l_queue_clear(key->replay_cache, l_free); |
| |
| return MESH_STATUS_SUCCESS; |
| } |
| |
| int appkey_key_delete(struct mesh_net *net, uint16_t net_idx, |
| uint16_t app_idx) |
| { |
| struct mesh_app_key *key; |
| struct l_queue *app_keys; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return MESH_STATUS_INVALID_APPKEY; |
| |
| key = l_queue_find(app_keys, match_key_index, L_UINT_TO_PTR(app_idx)); |
| |
| if (!key) |
| return MESH_STATUS_INVALID_APPKEY; |
| |
| if (key->net_idx != net_idx) |
| return MESH_STATUS_INVALID_NETKEY; |
| |
| node_app_key_delete(net, mesh_net_get_address(net), net_idx, app_idx); |
| |
| l_queue_remove(app_keys, key); |
| appkey_key_free(key); |
| |
| if (!storage_local_app_key_del(net, net_idx, app_idx)) |
| return MESH_STATUS_STORAGE_FAIL; |
| |
| return MESH_STATUS_SUCCESS; |
| } |
| |
| void appkey_delete_bound_keys(struct mesh_net *net, uint16_t net_idx) |
| { |
| const struct l_queue_entry *entry; |
| struct l_queue *app_keys; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys) |
| return; |
| |
| entry = l_queue_get_entries(app_keys); |
| |
| for (; entry; entry = entry->next) { |
| struct mesh_app_key *key = entry->data; |
| |
| appkey_key_delete(net, net_idx, key->app_idx); |
| } |
| } |
| |
| uint8_t appkey_list(struct mesh_net *net, uint16_t net_idx, uint8_t *buf, |
| uint16_t buf_size, uint16_t *size) |
| { |
| const struct l_queue_entry *entry; |
| uint32_t idx_pair; |
| int i; |
| uint16_t datalen; |
| struct l_queue *app_keys; |
| |
| *size = 0; |
| |
| app_keys = mesh_net_get_app_keys(net); |
| if (!app_keys || l_queue_isempty(app_keys)) |
| return MESH_STATUS_SUCCESS; |
| |
| idx_pair = 0; |
| i = 0; |
| datalen = 0; |
| entry = l_queue_get_entries(app_keys); |
| |
| for (; entry; entry = entry->next) { |
| struct mesh_app_key *key = entry->data; |
| |
| if (net_idx != key->net_idx) |
| continue; |
| |
| if (!(i & 0x1)) { |
| idx_pair = key->app_idx; |
| } else { |
| idx_pair <<= 12; |
| idx_pair += key->app_idx; |
| /* Unlikely, but check for overflow*/ |
| if ((datalen + 3) > buf_size) { |
| l_warn("Appkey list too large"); |
| goto done; |
| } |
| l_put_le32(idx_pair, buf); |
| buf += 3; |
| datalen += 3; |
| } |
| i++; |
| } |
| |
| /* Process the last app key if present */ |
| if (i & 0x1 && ((datalen + 2) <= buf_size)) { |
| l_put_le16(idx_pair, buf); |
| datalen += 2; |
| } |
| |
| done: |
| *size = datalen; |
| |
| return MESH_STATUS_SUCCESS; |
| } |
