mirror of
https://codeberg.org/Freeyourgadget/Gadgetbridge.git
synced 2025-01-10 17:11:56 +01:00
Compare commits
9 Commits
8aaa766dcd
...
fc857b8adb
| Author | SHA1 | Date | |
|---|---|---|---|
|
fc857b8adb | ||
|
|
ef06fd4d5e | ||
|
|
21b97a9276 | ||
|
|
510b8096ed | ||
|
|
d5cecc4a84 | ||
|
|
bb5fe00643 | ||
|
|
05c11cbd14 | ||
|
|
270212a771 | ||
|
|
2880297c51 |
@ -17,7 +17,9 @@
|
||||
package nodomain.freeyourgadget.gadgetbridge.devices.huawei;
|
||||
|
||||
import nodomain.freeyourgadget.gadgetbridge.util.CryptoUtils;
|
||||
import nodomain.freeyourgadget.gadgetbridge.util.GB;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
@ -79,16 +81,16 @@ public class HuaweiCrypto {
|
||||
public static final long ENCRYPTION_COUNTER_MAX = 0xFFFFFFFF;
|
||||
|
||||
protected int authVersion;
|
||||
protected int authMode;
|
||||
protected int deviceSupportType;
|
||||
protected byte authAlgo;
|
||||
|
||||
public HuaweiCrypto(int authVersion) {
|
||||
this.authVersion = authVersion;
|
||||
}
|
||||
|
||||
public HuaweiCrypto(int authVersion, byte authAlgo, int authMode) {
|
||||
public HuaweiCrypto(int authVersion, byte authAlgo, int deviceSupportType) {
|
||||
this(authVersion);
|
||||
this.authMode = authMode;
|
||||
this.deviceSupportType = deviceSupportType;
|
||||
this.authAlgo = authAlgo;
|
||||
}
|
||||
|
||||
@ -100,13 +102,15 @@ public class HuaweiCrypto {
|
||||
}
|
||||
|
||||
private byte[] getDigestSecret() {
|
||||
byte[] digest;
|
||||
if (authVersion == 1) {
|
||||
return DIGEST_SECRET_v1;
|
||||
digest = DIGEST_SECRET_v1.clone();
|
||||
} else if (authVersion == 2) {
|
||||
return DIGEST_SECRET_v2;
|
||||
digest = DIGEST_SECRET_v2.clone();
|
||||
} else {
|
||||
return DIGEST_SECRET_v3;
|
||||
digest = DIGEST_SECRET_v3.clone();
|
||||
}
|
||||
return digest;
|
||||
}
|
||||
public byte[] computeDigest(byte[] message, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException {
|
||||
byte[] digestSecret = getDigestSecret();
|
||||
@ -115,12 +119,16 @@ public class HuaweiCrypto {
|
||||
.put(message)
|
||||
.array();
|
||||
byte[] digestStep1 = CryptoUtils.calcHmacSha256(msgToDigest, nonce);
|
||||
return CryptoUtils.calcHmacSha256(digestStep1, nonce);
|
||||
byte[] challenge = ByteBuffer.allocate(0x40)
|
||||
.put(CryptoUtils.calcHmacSha256(digestStep1, nonce))
|
||||
.put(digestStep1)
|
||||
.array();
|
||||
return challenge;
|
||||
}
|
||||
|
||||
public byte[] computeDigestHiChainLite(byte[] message, byte[] key, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
|
||||
public byte[] computeDigestHiChainLite(byte[] message, byte[] key, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, UnsupportedEncodingException {
|
||||
byte[] digestStep1;
|
||||
byte[] hashKey = CryptoUtils.digest(key);
|
||||
byte[] hashKey = CryptoUtils.digest(GB.hexdump(key).getBytes("UTF-8"));
|
||||
byte[] digestSecret = getDigestSecret();
|
||||
for (int i = 0; i < digestSecret.length; i++) {
|
||||
digestSecret[i] = (byte) (((0xFF & hashKey[i]) ^ (digestSecret[i] & 0xFF)) & 0xFF);
|
||||
@ -130,15 +138,19 @@ public class HuaweiCrypto {
|
||||
.put(message)
|
||||
.array();
|
||||
if (authAlgo == 0x01) {
|
||||
digestStep1 = CryptoUtils.pbkdf2Sha256(msgToDigest, nonce, 0x3e8, 0x100);
|
||||
digestStep1 = CryptoUtils.pbkdf2Sha256(GB.hexdump(msgToDigest), GB.hexdump(nonce), 0x3e8, 0x100);
|
||||
} else {
|
||||
digestStep1 = CryptoUtils.calcHmacSha256(msgToDigest, nonce);
|
||||
}
|
||||
return CryptoUtils.calcHmacSha256(digestStep1, nonce);
|
||||
byte[] challenge = ByteBuffer.allocate(0x40)
|
||||
.put(CryptoUtils.calcHmacSha256(digestStep1, nonce))
|
||||
.put(digestStep1)
|
||||
.array();
|
||||
return challenge;
|
||||
}
|
||||
|
||||
public byte[] digestChallenge(byte[] secretKey, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
|
||||
if (authMode == 0x02) {
|
||||
public byte[] digestChallenge(byte[] secretKey, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, UnsupportedEncodingException {
|
||||
if (deviceSupportType == 0x02) {
|
||||
if (secretKey == null)
|
||||
return null;
|
||||
if (authVersion == 0x02) {
|
||||
@ -146,15 +158,19 @@ public class HuaweiCrypto {
|
||||
.put(secretKey)
|
||||
.put(MESSAGE_CHALLENGE)
|
||||
.array();
|
||||
return CryptoUtils.calcHmacSha256(key, nonce);
|
||||
byte[] challenge = ByteBuffer.allocate(0x40)
|
||||
.put(CryptoUtils.calcHmacSha256(key, nonce))
|
||||
.put(key)
|
||||
.array();
|
||||
return challenge;
|
||||
}
|
||||
return computeDigestHiChainLite(MESSAGE_CHALLENGE, secretKey, nonce);
|
||||
}
|
||||
return computeDigest(MESSAGE_CHALLENGE, nonce);
|
||||
}
|
||||
|
||||
public byte[] digestResponse(byte[] secretKey, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException {
|
||||
if (authMode == 0x02) {
|
||||
public byte[] digestResponse(byte[] secretKey, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, UnsupportedEncodingException {
|
||||
if (deviceSupportType == 0x02) {
|
||||
if (secretKey == null)
|
||||
return null;
|
||||
if (authVersion == 0x02) {
|
||||
@ -162,7 +178,11 @@ public class HuaweiCrypto {
|
||||
.put(secretKey)
|
||||
.put(MESSAGE_RESPONSE)
|
||||
.array();
|
||||
return CryptoUtils.calcHmacSha256(key, nonce);
|
||||
byte[] challenge = ByteBuffer.allocate(0x40)
|
||||
.put(CryptoUtils.calcHmacSha256(key, nonce))
|
||||
.put(key)
|
||||
.array();
|
||||
return challenge;
|
||||
}
|
||||
return computeDigestHiChainLite(MESSAGE_RESPONSE, secretKey, nonce);
|
||||
}
|
||||
@ -206,8 +226,9 @@ public class HuaweiCrypto {
|
||||
return Arrays.copyOfRange(finalMixedKeyHash, 0, 16);
|
||||
}
|
||||
|
||||
public byte[] encryptBondingKey(byte[] data, String mac, byte[] iv) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, IllegalArgumentException {
|
||||
byte[] encryptionKey = createSecretKey(mac);
|
||||
public byte[] encryptBondingKey(byte encryptMethod, byte[] data, byte[] encryptionKey, byte[] iv) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchPaddingException, IllegalBlockSizeException, BadPaddingException, InvalidKeyException, IllegalArgumentException {
|
||||
if (encryptMethod == 0x01)
|
||||
return CryptoUtils.encryptAES_GCM_NoPad(data, encryptionKey, iv, null);
|
||||
return CryptoUtils.encryptAES_CBC_Pad(data, encryptionKey, iv);
|
||||
}
|
||||
|
||||
@ -216,34 +237,32 @@ public class HuaweiCrypto {
|
||||
return CryptoUtils.decryptAES_CBC_Pad(data, encryptionKey, iv);
|
||||
}
|
||||
|
||||
public byte[] decryptPinCode(byte[] message, byte[] iv) throws CryptoException {
|
||||
public byte[] decryptPinCode(byte encryptMethod, byte[] message, byte[] iv) throws CryptoException {
|
||||
byte[] secretKey = getDigestSecret();
|
||||
try {
|
||||
if (encryptMethod == 0x1)
|
||||
return CryptoUtils.decryptAES_GCM_NoPad(message, secretKey, iv, null);
|
||||
return CryptoUtils.decryptAES_CBC_Pad(message, secretKey, iv);
|
||||
} catch (Exception e) {
|
||||
throw new CryptoException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public static byte[] encrypt(byte authMode, byte[] message, byte[] key, byte[] iv) throws CryptoException {
|
||||
public static byte[] encrypt(byte encryptMethod, byte[] message, byte[] key, byte[] iv) throws CryptoException {
|
||||
try {
|
||||
if (authMode == 0x04) {
|
||||
if (encryptMethod == 0x01)
|
||||
return CryptoUtils.encryptAES_GCM_NoPad(message, key, iv, null);
|
||||
} else {
|
||||
return CryptoUtils.encryptAES_CBC_Pad(message, key, iv);
|
||||
}
|
||||
return CryptoUtils.encryptAES_CBC_Pad(message, key, iv);
|
||||
} catch (InvalidAlgorithmParameterException | NoSuchPaddingException | IllegalBlockSizeException | NoSuchAlgorithmException | BadPaddingException | InvalidKeyException | IllegalArgumentException e) {
|
||||
throw new CryptoException(e);
|
||||
}
|
||||
}
|
||||
|
||||
public static byte[] decrypt(byte authMode, byte[] message, byte[] key, byte[] iv) throws CryptoException {
|
||||
public static byte[] decrypt(byte encryptMethod, byte[] message, byte[] key, byte[] iv) throws CryptoException {
|
||||
try {
|
||||
if (authMode == 0x04) {
|
||||
if (encryptMethod == 0x01)
|
||||
return CryptoUtils.decryptAES_GCM_NoPad(message, key, iv, null);
|
||||
} else {
|
||||
return CryptoUtils.decryptAES_CBC_Pad(message, key, iv);
|
||||
}
|
||||
return CryptoUtils.decryptAES_CBC_Pad(message, key, iv);
|
||||
} catch (InvalidAlgorithmParameterException | NoSuchPaddingException | IllegalBlockSizeException | NoSuchAlgorithmException | BadPaddingException | InvalidKeyException | IllegalArgumentException e) {
|
||||
throw new CryptoException(e);
|
||||
}
|
||||
|
||||
@ -46,7 +46,7 @@ public class HuaweiPacket {
|
||||
public static class ParamsProvider {
|
||||
|
||||
protected byte authVersion;
|
||||
protected byte authMode;
|
||||
protected byte deviceSupportType;
|
||||
protected byte[] secretKey;
|
||||
protected int slicesize = 0xf4;
|
||||
protected boolean transactionsCrypted = true;
|
||||
@ -57,6 +57,8 @@ public class HuaweiPacket {
|
||||
|
||||
protected byte interval;
|
||||
protected byte authAlgo;
|
||||
protected byte encryptMethod;
|
||||
protected byte[] firstKey;
|
||||
|
||||
public void setAuthVersion(byte authVersion) {
|
||||
this.authVersion = authVersion;
|
||||
@ -66,12 +68,12 @@ public class HuaweiPacket {
|
||||
return this.authVersion;
|
||||
}
|
||||
|
||||
public void setAuthMode(byte authMode) {
|
||||
this.authMode = authMode;
|
||||
public void setDeviceSupportType(byte deviceSupportType) {
|
||||
this.deviceSupportType = deviceSupportType;
|
||||
}
|
||||
|
||||
public byte getAuthMode(){
|
||||
return this.authMode;
|
||||
public byte getDeviceSupportType(){
|
||||
return this.deviceSupportType;
|
||||
}
|
||||
|
||||
public void setSecretKey(byte[] secretKey) {
|
||||
@ -123,7 +125,7 @@ public class HuaweiPacket {
|
||||
|
||||
public byte[] getIv() {
|
||||
byte[] iv = null;
|
||||
if (this.authMode == 0x04) {
|
||||
if (this.deviceSupportType == 0x04) {
|
||||
iv = HuaweiCrypto.generateNonce();
|
||||
} else {
|
||||
ByteBuffer ivCounter = HuaweiCrypto.initializationVector(this.encryptionCounter);
|
||||
@ -144,6 +146,22 @@ public class HuaweiPacket {
|
||||
public byte getAuthAlgo () {
|
||||
return this.authAlgo;
|
||||
}
|
||||
|
||||
public void setEncryptMethod(byte encryptMethod) {
|
||||
this.encryptMethod = encryptMethod;
|
||||
}
|
||||
|
||||
public byte getEncryptMethod () {
|
||||
return this.encryptMethod;
|
||||
}
|
||||
|
||||
public void setFirstKey(byte[] firstKey) {
|
||||
this.firstKey = firstKey;
|
||||
}
|
||||
|
||||
public byte[] getFirstKey() {
|
||||
return firstKey;
|
||||
}
|
||||
}
|
||||
|
||||
public static abstract class ParseException extends Exception {
|
||||
|
||||
@ -291,7 +291,7 @@ public class HuaweiTLV {
|
||||
byte[] serializedTLV = serialize();
|
||||
byte[] key = paramsProvider.getSecretKey();
|
||||
byte[] nonce = paramsProvider.getIv();
|
||||
byte[] encryptedTLV = HuaweiCrypto.encrypt(paramsProvider.getAuthMode(), serializedTLV, key, nonce);
|
||||
byte[] encryptedTLV = HuaweiCrypto.encrypt(paramsProvider.getEncryptMethod(), serializedTLV, key, nonce);
|
||||
return new HuaweiTLV()
|
||||
.put(CryptoTags.encryption, (byte) 0x01)
|
||||
.put(CryptoTags.initVector, nonce)
|
||||
@ -300,7 +300,7 @@ public class HuaweiTLV {
|
||||
|
||||
public void decrypt(ParamsProvider paramsProvider) throws CryptoException, HuaweiPacket.MissingTagException {
|
||||
byte[] key = paramsProvider.getSecretKey();
|
||||
byte[] decryptedTLV = HuaweiCrypto.decrypt(paramsProvider.getAuthMode(), getBytes(CryptoTags.cipherText), key, getBytes(CryptoTags.initVector));
|
||||
byte[] decryptedTLV = HuaweiCrypto.decrypt(paramsProvider.getEncryptMethod(), getBytes(CryptoTags.cipherText), key, getBytes(CryptoTags.initVector));
|
||||
this.valueMap = new ArrayList<>();
|
||||
parse(decryptedTLV);
|
||||
}
|
||||
|
||||
@ -37,7 +37,6 @@ public class HuaweiWatchGT2Coordinator extends HuaweiBRCoordinator {
|
||||
|
||||
public HuaweiWatchGT2Coordinator() {
|
||||
super();
|
||||
getHuaweiCoordinator().setTransactionCrypted(false);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@ -74,10 +74,11 @@ public class DeviceConfig {
|
||||
public short sliceSize = 0x00f4;
|
||||
public byte authVersion = 0x00;
|
||||
public byte[] serverNonce = new byte[16];
|
||||
public byte authMode = 0x00;
|
||||
public byte deviceSupportType = 0x00;
|
||||
public byte authAlgo = 0x00;
|
||||
public byte bondState = 0x00;
|
||||
public short interval = 0x0;
|
||||
public byte encryptMethod = 0x00;
|
||||
|
||||
public Response(ParamsProvider paramsProvider) {
|
||||
super(paramsProvider);
|
||||
@ -104,13 +105,16 @@ public class DeviceConfig {
|
||||
this.authVersion = (byte)this.tlv.getBytes(0x05)[1];
|
||||
|
||||
if (this.tlv.contains(0x07))
|
||||
this.authMode = this.tlv.getByte(0x07);
|
||||
this.deviceSupportType = this.tlv.getByte(0x07);
|
||||
|
||||
if (this.tlv.contains(0x08))
|
||||
this.authAlgo = this.tlv.getByte(0x08);
|
||||
|
||||
if (this.tlv.contains(0x09))
|
||||
this.bondState = this.tlv.getByte(0x09);
|
||||
|
||||
if (this.tlv.contains(0x0C))
|
||||
this.encryptMethod = this.tlv.getByte(0x0C);
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -465,26 +469,21 @@ public class DeviceConfig {
|
||||
public Request(
|
||||
ParamsProvider paramsProvider,
|
||||
byte[] clientSerial,
|
||||
String mac,
|
||||
HuaweiCrypto huaweiCrypto
|
||||
) throws CryptoException {
|
||||
byte[] key,
|
||||
byte[] iv
|
||||
) {
|
||||
super(paramsProvider);
|
||||
this.serviceId = DeviceConfig.id;
|
||||
this.commandId = id;
|
||||
byte[] iv = paramsProvider.getIv();
|
||||
|
||||
try {
|
||||
this.tlv = new HuaweiTLV()
|
||||
.put(0x01)
|
||||
.put(0x03, (byte) 0x00)
|
||||
.put(0x05, clientSerial)
|
||||
.put(0x06, huaweiCrypto.encryptBondingKey(paramsProvider.getSecretKey(), mac, iv))
|
||||
.put(0x07, iv);
|
||||
this.isEncrypted = false;
|
||||
this.complete = true;
|
||||
} catch (InvalidAlgorithmParameterException | NoSuchPaddingException | IllegalBlockSizeException | NoSuchAlgorithmException | BadPaddingException | InvalidKeyException e) {
|
||||
throw new CryptoException("Bonding key creation exception", e);
|
||||
}
|
||||
this.tlv = new HuaweiTLV()
|
||||
.put(0x01)
|
||||
.put(0x03, (byte) 0x00)
|
||||
.put(0x05, clientSerial)
|
||||
.put(0x06, key)
|
||||
.put(0x07, iv);
|
||||
this.isEncrypted = false;
|
||||
this.complete = true;
|
||||
}
|
||||
}
|
||||
|
||||
@ -603,7 +602,7 @@ public class DeviceConfig {
|
||||
this.tlv = new HuaweiTLV()
|
||||
.put(0x01, challenge)
|
||||
.put(0x02, nonce);
|
||||
if (paramsProvider.getAuthMode() == 0x02)
|
||||
if (paramsProvider.getDeviceSupportType() == 0x02)
|
||||
this.tlv.put(0x03, paramsProvider.getAuthAlgo());
|
||||
this.isEncrypted = false;
|
||||
this.complete = true;
|
||||
@ -1400,7 +1399,7 @@ public class DeviceConfig {
|
||||
|
||||
HuaweiCrypto huaweiCrypto = new HuaweiCrypto(paramsProvider.getAuthVersion());
|
||||
try {
|
||||
pinCode = huaweiCrypto.decryptPinCode(message, iv);
|
||||
pinCode = huaweiCrypto.decryptPinCode(paramsProvider.getEncryptMethod(), message, iv);
|
||||
} catch (HuaweiCrypto.CryptoException e) {
|
||||
throw new CryptoException("Could not decrypt pinCode", e);
|
||||
}
|
||||
@ -1487,7 +1486,7 @@ public class DeviceConfig {
|
||||
this.tlv = new HuaweiTLV()
|
||||
.put(0x01, authMode);
|
||||
if (authMode == 0x02 || authMode == 0x04)
|
||||
this.tlv.put(0x02, (byte)0x01);
|
||||
this.tlv.put(0x02, (byte)0x01); //force to not reconnected else 0x02
|
||||
this.tlv.put(0x05, deviceUUID)
|
||||
.put(0x03, (byte)0x01)
|
||||
.put(0x04, (byte)0x00);
|
||||
|
||||
@ -306,12 +306,12 @@ public class HuaweiSupportProvider {
|
||||
// 1 or 3 : HiChain
|
||||
// 2 or 8 : HiChainLite -> normal mode
|
||||
// 4 : HiChain3
|
||||
byte authMode = paramsProvider.getAuthMode();
|
||||
byte authMode = paramsProvider.getDeviceSupportType();
|
||||
return authMode == 0x01 || authMode == 0x03 || authMode == 0x04 || isHiChainLite();
|
||||
}
|
||||
|
||||
protected boolean isHiChainLite() {
|
||||
byte authMode = paramsProvider.getAuthMode();
|
||||
byte authMode = paramsProvider.getDeviceSupportType();
|
||||
return authMode == 0x02;
|
||||
}
|
||||
|
||||
@ -331,6 +331,7 @@ public class HuaweiSupportProvider {
|
||||
initializeDeviceHiChainMode(linkParamsReq);
|
||||
} else if (securityNegoReq.authType == 0x01 || securityNegoReq.authType == 0x02) {
|
||||
LOG.debug("HiChain Lite mode");
|
||||
// Keep track the gadget is connected
|
||||
initializeDeviceHiChainLiteMode(linkParamsReq);
|
||||
}
|
||||
}
|
||||
|
||||
@ -19,6 +19,7 @@ package nodomain.freeyourgadget.gadgetbridge.service.devices.huawei.requests;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
@ -30,6 +31,7 @@ import nodomain.freeyourgadget.gadgetbridge.devices.huawei.HuaweiCrypto;
|
||||
import nodomain.freeyourgadget.gadgetbridge.devices.huawei.HuaweiPacket;
|
||||
import nodomain.freeyourgadget.gadgetbridge.devices.huawei.packets.DeviceConfig;
|
||||
import nodomain.freeyourgadget.gadgetbridge.service.devices.huawei.HuaweiSupportProvider;
|
||||
import nodomain.freeyourgadget.gadgetbridge.util.GB;
|
||||
import nodomain.freeyourgadget.gadgetbridge.util.StringUtils;
|
||||
|
||||
public class GetAuthRequest extends Request {
|
||||
@ -40,7 +42,7 @@ public class GetAuthRequest extends Request {
|
||||
protected byte authAlgo;
|
||||
protected byte[] doubleNonce;
|
||||
protected byte[] key = null;
|
||||
protected byte authMode;
|
||||
protected byte deviceSupportType;
|
||||
|
||||
public GetAuthRequest(HuaweiSupportProvider support,
|
||||
Request linkParamsReq) {
|
||||
@ -54,16 +56,16 @@ public class GetAuthRequest extends Request {
|
||||
.array();
|
||||
this.authVersion = paramsProvider.getAuthVersion();
|
||||
this.authAlgo = paramsProvider.getAuthAlgo();
|
||||
this.authMode = paramsProvider.getAuthMode();
|
||||
this.deviceSupportType = paramsProvider.getDeviceSupportType();
|
||||
this.huaweiCrypto = new HuaweiCrypto(authVersion, authAlgo, deviceSupportType);
|
||||
}
|
||||
|
||||
@Override
|
||||
protected List<byte[]> createRequest() throws RequestCreationException {
|
||||
huaweiCrypto = new HuaweiCrypto(authVersion, authAlgo, authMode);
|
||||
byte[] nonce;
|
||||
|
||||
try {
|
||||
if (authMode == 0x02) {
|
||||
if (deviceSupportType == 0x02) {
|
||||
key = paramsProvider.getPinCode();
|
||||
if (authVersion == 0x02)
|
||||
key = paramsProvider.getSecretKey();
|
||||
@ -72,13 +74,19 @@ public class GetAuthRequest extends Request {
|
||||
.putShort(authVersion)
|
||||
.put(clientNonce)
|
||||
.array();
|
||||
byte[] challenge = huaweiCrypto.digestChallenge(key, doubleNonce);
|
||||
ByteBuffer digestedChallenge = ByteBuffer.wrap(huaweiCrypto.digestChallenge(key, doubleNonce));
|
||||
byte[] challenge = new byte[0x20];
|
||||
digestedChallenge.get(challenge, 0x00, 0x20);
|
||||
LOG.debug("challenge: " + GB.hexdump(challenge));
|
||||
byte[] firstKey = new byte[0x10];
|
||||
digestedChallenge.get(firstKey, 0x00, 0x10);
|
||||
paramsProvider.setFirstKey(firstKey);
|
||||
if (challenge == null)
|
||||
throw new RequestCreationException("Challenge null");
|
||||
return new DeviceConfig.Auth.Request(paramsProvider, challenge, nonce).serialize();
|
||||
} catch (HuaweiPacket.CryptoException e) {
|
||||
throw new RequestCreationException(e);
|
||||
} catch (NoSuchAlgorithmException | InvalidKeyException | InvalidKeySpecException e) {
|
||||
} catch (NoSuchAlgorithmException | InvalidKeyException | InvalidKeySpecException | UnsupportedEncodingException e) {
|
||||
throw new RequestCreationException("Digest exception", e);
|
||||
}
|
||||
}
|
||||
@ -91,7 +99,10 @@ public class GetAuthRequest extends Request {
|
||||
throw new ResponseTypeMismatchException(receivedPacket, DeviceConfig.Auth.Response.class);
|
||||
|
||||
try {
|
||||
byte[] expectedAnswer = huaweiCrypto.digestResponse(key, doubleNonce);
|
||||
ByteBuffer digestedChallenge = ByteBuffer.wrap(huaweiCrypto.digestResponse(key, doubleNonce));
|
||||
byte[] expectedAnswer = new byte[0x20];
|
||||
digestedChallenge.get(expectedAnswer, 0x00, 0x20);
|
||||
LOG.debug("challenge: " + GB.hexdump(expectedAnswer));
|
||||
if (expectedAnswer == null)
|
||||
throw new ResponseParseException("Challenge null");
|
||||
byte[] actualAnswer = ((DeviceConfig.Auth.Response) receivedPacket).challengeResponse;
|
||||
@ -102,7 +113,7 @@ public class GetAuthRequest extends Request {
|
||||
+ StringUtils.bytesToHex(expectedAnswer)
|
||||
);
|
||||
}
|
||||
} catch (NoSuchAlgorithmException | InvalidKeyException | InvalidKeySpecException e) {
|
||||
} catch (NoSuchAlgorithmException | InvalidKeyException | InvalidKeySpecException | UnsupportedEncodingException e) {
|
||||
throw new ResponseParseException("Challenge response digest exception");
|
||||
}
|
||||
}
|
||||
|
||||
@ -55,9 +55,10 @@ public class GetBondParamsRequest extends Request {
|
||||
throw new ResponseTypeMismatchException(receivedPacket, DeviceConfig.BondParams.Response.class);
|
||||
|
||||
paramsProvider.setEncryptionCounter(((DeviceConfig.BondParams.Response) receivedPacket).encryptionCounter);
|
||||
int status = ((DeviceConfig.BondParams.Response) receivedPacket).status;
|
||||
if (status == 1) {
|
||||
stopChain(this);
|
||||
if (paramsProvider.getDeviceSupportType() != 0x02) {
|
||||
if (((DeviceConfig.BondParams.Response) receivedPacket).status == 1) {
|
||||
stopChain(this);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -19,11 +19,20 @@ package nodomain.freeyourgadget.gadgetbridge.service.devices.huawei.requests;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
import java.security.InvalidKeyException;
|
||||
import java.security.NoSuchAlgorithmException;
|
||||
import java.util.List;
|
||||
|
||||
import javax.crypto.BadPaddingException;
|
||||
import javax.crypto.IllegalBlockSizeException;
|
||||
import javax.crypto.NoSuchPaddingException;
|
||||
|
||||
import nodomain.freeyourgadget.gadgetbridge.devices.huawei.HuaweiCrypto;
|
||||
import nodomain.freeyourgadget.gadgetbridge.devices.huawei.HuaweiPacket;
|
||||
import nodomain.freeyourgadget.gadgetbridge.devices.huawei.packets.DeviceConfig;
|
||||
import nodomain.freeyourgadget.gadgetbridge.service.devices.huawei.HuaweiSupportProvider;
|
||||
import nodomain.freeyourgadget.gadgetbridge.util.GB;
|
||||
|
||||
public class GetBondRequest extends Request {
|
||||
private static final Logger LOG = LoggerFactory.getLogger(GetBondRequest.class);
|
||||
@ -39,14 +48,25 @@ public class GetBondRequest extends Request {
|
||||
@Override
|
||||
protected List<byte[]> createRequest() throws RequestCreationException {
|
||||
try {
|
||||
byte[] iv = paramsProvider.getIv();
|
||||
huaweiCrypto = new HuaweiCrypto(paramsProvider.getAuthVersion());
|
||||
byte[] encryptionKey;
|
||||
if (paramsProvider.getDeviceSupportType() == 0x02) { //HiChainLite
|
||||
encryptionKey = paramsProvider.getFirstKey();
|
||||
} else {
|
||||
encryptionKey = huaweiCrypto.createSecretKey(supportProvider.getDeviceMac());
|
||||
}
|
||||
byte[] key = huaweiCrypto.encryptBondingKey(paramsProvider.getEncryptMethod(), paramsProvider.getSecretKey(), encryptionKey, iv);
|
||||
LOG.debug("key: " + GB.hexdump(key));
|
||||
return new DeviceConfig.Bond.Request(
|
||||
paramsProvider,
|
||||
supportProvider.getSerial(),
|
||||
supportProvider.getDeviceMac(),
|
||||
huaweiCrypto
|
||||
key,
|
||||
iv
|
||||
).serialize();
|
||||
} catch (HuaweiPacket.CryptoException e) {
|
||||
throw new RequestCreationException(e);
|
||||
} catch (HuaweiPacket.CryptoException | NoSuchAlgorithmException | NoSuchPaddingException | InvalidAlgorithmParameterException | InvalidKeyException | IllegalBlockSizeException |
|
||||
BadPaddingException e) {
|
||||
throw new RequestCreationException(e.toString());
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -73,7 +73,7 @@ public class GetLinkParamsRequest extends Request {
|
||||
throw new ResponseTypeMismatchException(receivedPacket, LinkParams.Response.class);
|
||||
|
||||
supportProvider.setProtocolVersion(((LinkParams.Response) receivedPacket).protocolVersion);
|
||||
paramsProvider.setAuthMode(((LinkParams.Response) receivedPacket).authMode);
|
||||
paramsProvider.setDeviceSupportType(((LinkParams.Response) receivedPacket).deviceSupportType);
|
||||
|
||||
paramsProvider.setSliceSize(((LinkParams.Response) receivedPacket).sliceSize);
|
||||
paramsProvider.setMtu(((LinkParams.Response) receivedPacket).mtu);
|
||||
@ -84,5 +84,6 @@ public class GetLinkParamsRequest extends Request {
|
||||
this.bondState = ((LinkParams.Response) receivedPacket).bondState;
|
||||
|
||||
paramsProvider.setAuthAlgo(((LinkParams.Response) receivedPacket).authAlgo);
|
||||
paramsProvider.setEncryptMethod(((LinkParams.Response) receivedPacket).encryptMethod);
|
||||
}
|
||||
}
|
||||
|
||||
@ -42,7 +42,7 @@ public class GetSecurityNegotiationRequest extends Request {
|
||||
try {
|
||||
return new DeviceConfig.SecurityNegotiation.Request(
|
||||
paramsProvider,
|
||||
paramsProvider.getAuthMode(),
|
||||
paramsProvider.getDeviceSupportType(),
|
||||
supportProvider.getAndroidId(),
|
||||
Build.MODEL
|
||||
).serialize();
|
||||
|
||||
@ -102,7 +102,7 @@ public class Request {
|
||||
protected RequestCallback finalizeReq = null;
|
||||
// Stop chaining requests and clean support.inProgressRequests from these requests
|
||||
protected boolean stopChain = false;
|
||||
protected static HuaweiCrypto huaweiCrypto = null;
|
||||
protected HuaweiCrypto huaweiCrypto = null;
|
||||
protected boolean addToResponse = true;
|
||||
|
||||
public static class RequestCallback {
|
||||
|
||||
@ -18,6 +18,7 @@ package nodomain.freeyourgadget.gadgetbridge.util;
|
||||
|
||||
import android.annotation.SuppressLint;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.nio.ByteBuffer;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import java.security.InvalidAlgorithmParameterException;
|
||||
@ -133,10 +134,9 @@ public class CryptoUtils {
|
||||
return result;
|
||||
}
|
||||
|
||||
public static byte[] pbkdf2Sha256(byte[] key, byte[] iv, int count, int length) throws InvalidKeySpecException, NoSuchAlgorithmException {
|
||||
public static byte[] pbkdf2Sha256(String key, String iv, int count, int length) throws InvalidKeySpecException, NoSuchAlgorithmException, UnsupportedEncodingException {
|
||||
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||
String keyStr = new String(key, StandardCharsets.UTF_8);
|
||||
PBEKeySpec keySpec = new PBEKeySpec(keyStr.toCharArray(), iv, count, length);
|
||||
PBEKeySpec keySpec = new PBEKeySpec(key.toCharArray(), iv.getBytes("utf-8"), count, length);
|
||||
return secretKeyFactory.generateSecret(keySpec).getEncoded();
|
||||
}
|
||||
}
|
||||
|
||||
@ -29,7 +29,7 @@ public class TestHuaweiPacket {
|
||||
HuaweiPacket.ParamsProvider paramsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -62,7 +62,7 @@ public class TestHuaweiPacket {
|
||||
HuaweiPacket.ParamsProvider paramsProviderEncrypt = new HuaweiPacket.ParamsProvider() {
|
||||
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -95,7 +95,7 @@ public class TestHuaweiPacket {
|
||||
HuaweiPacket.ParamsProvider paramsProviderSmallSlice = new HuaweiPacket.ParamsProvider() {
|
||||
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -26,7 +26,7 @@ public class TestHuaweiTLV {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -29,7 +29,7 @@ public class TestAlarms {
|
||||
|
||||
HuaweiPacket.ParamsProvider paramsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -42,7 +42,7 @@ public class TestDeviceConfig {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -413,21 +413,23 @@ public class TestDeviceConfig {
|
||||
HuaweiCrypto huaweiCrypto = new HuaweiCrypto(0x01);
|
||||
Field tlvField = HuaweiPacket.class.getDeclaredField("tlv");
|
||||
tlvField.setAccessible(true);
|
||||
|
||||
try {
|
||||
byte[] encryptionKey = huaweiCrypto.createSecretKey(mac);
|
||||
byte[] iv = secretsProvider.getIv();
|
||||
byte[] key = huaweiCrypto.encryptBondingKey(secretsProvider.getEncryptMethod(), secretsProvider.getSecretKey(), encryptionKey, iv);
|
||||
HuaweiTLV expectedTlv = new HuaweiTLV()
|
||||
.put(0x01)
|
||||
.put(0x03, (byte) 0x00)
|
||||
.put(0x05, clientSerial)
|
||||
.put(0x06, huaweiCrypto.encryptBondingKey(secretsProvider.getSecretKey(), mac, secretsProvider.getIv()))
|
||||
.put(0x07, secretsProvider.getIv());
|
||||
.put(0x06, key)
|
||||
.put(0x07, iv);
|
||||
|
||||
byte[] serialized = new byte[]{(byte) 0x5A, (byte) 0x00, (byte) 0x44, (byte) 0x00, (byte) 0x01, (byte) 0x0E, (byte) 0x01, (byte) 0x00, (byte) 0x03, (byte) 0x01, (byte) 0x00, (byte) 0x05, (byte) 0x06, (byte) 0x54, (byte) 0x56, (byte) 0x64, (byte) 0x54, (byte) 0x4D, (byte) 0x44, (byte) 0x06, (byte) 0x20, (byte) 0x88, (byte) 0x45, (byte) 0xAA, (byte) 0xB5, (byte) 0x9C, (byte) 0x84, (byte) 0x39, (byte) 0xAE, (byte) 0xD8, (byte) 0xE9, (byte) 0x71, (byte) 0x01, (byte) 0x5D, (byte) 0xC8, (byte) 0x34, (byte) 0x05, (byte) 0xC5, (byte) 0x9A, (byte) 0x6B, (byte) 0xDB, (byte) 0x62, (byte) 0x7D, (byte) 0xC8, (byte) 0xC3, (byte) 0xF4, (byte) 0xCC, (byte) 0x30, (byte) 0x74, (byte) 0x21, (byte) 0xD4, (byte) 0x45, (byte) 0x0E, (byte) 0x07, (byte) 0x10, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x00, (byte) 0x72, (byte) 0xFC};
|
||||
DeviceConfig.Bond.Request request = new DeviceConfig.Bond.Request(
|
||||
secretsProvider,
|
||||
clientSerial,
|
||||
mac,
|
||||
huaweiCrypto
|
||||
key,
|
||||
iv
|
||||
);
|
||||
|
||||
Assert.assertEquals(0x01, request.serviceId);
|
||||
@ -489,8 +491,7 @@ public class TestDeviceConfig {
|
||||
DeviceConfig.Auth.Request request = new DeviceConfig.Auth.Request(
|
||||
secretsProvider,
|
||||
challenge,
|
||||
nonce,
|
||||
false
|
||||
nonce
|
||||
);
|
||||
|
||||
Assert.assertEquals(0x01, request.serviceId);
|
||||
|
||||
@ -29,7 +29,7 @@ public class TestDisconnectNotification {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -28,7 +28,7 @@ public class TestFindPhone {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ public class TestFitnessData {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -29,7 +29,7 @@ public class TestLocaleConfig {
|
||||
|
||||
HuaweiPacket.ParamsProvider paramsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@ public class TestMusicControl {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ public class TestNotifications {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -29,7 +29,7 @@ public class TestWorkMode {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -30,7 +30,7 @@ public class TestWorkout {
|
||||
|
||||
HuaweiPacket.ParamsProvider secretsProvider = new HuaweiPacket.ParamsProvider() {
|
||||
@Override
|
||||
public byte getAuthMode() {
|
||||
public byte getDeviceSupportType() {
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user