Crypto: Always call aes_128 with Octet16

   * Resolving Key |sirk| */

   * Resolving Key |sirk| */

  static bool is_rsi_match_sirk(const RawAddress& rsi, const Octet16& sirk) {

  static bool is_rsi_match_sirk(const RawAddress& rsi, const Octet16& sirk) {

    /* use the 3 MSB of bd address as prand */

    /* use the 3 MSB of bd address as prand */

    uint8_t rand[3];

    Octet16 rand{};

    rand[0] = rsi.address[2];

    rand[0] = rsi.address[2];

    rand[1] = rsi.address[1];

    rand[1] = rsi.address[1];

    rand[2] = rsi.address[0];

    rand[2] = rsi.address[0];

    DLOG(INFO) << "Prand " << base::HexEncode(rand, 3);

    DLOG(INFO) << "Prand " << base::HexEncode(rand.data(), 3);

    DLOG(INFO) << "SIRK " << base::HexEncode(sirk.data(), 16);

    DLOG(INFO) << "SIRK " << base::HexEncode(sirk.data(), 16);

    /* generate X = E irk(R0, R1, R2) and R is random address 3 LSO */

    /* generate X = E irk(R0, R1, R2) and R is random address 3 LSO */

    Octet16 x = crypto_toolbox::aes_128(sirk, &rand[0], 3);

    Octet16 x = crypto_toolbox::aes_128(sirk, rand);

    DLOG(INFO) << "X" << base::HexEncode(x.data(), 16);

    DLOG(INFO) << "X" << base::HexEncode(x.data(), 16);

    rand[1] = rsi.address[4];

    rand[1] = rsi.address[4];

    rand[2] = rsi.address[3];

    rand[2] = rsi.address[3];

    DLOG(INFO) << "Hash " << base::HexEncode(rand, 3);

    DLOG(INFO) << "Hash " << base::HexEncode(rand.data(), 3);

    if (memcmp(x.data(), &rand[0], 3) == 0) {

    if (memcmp(x.data(), &rand[0], 3) == 0) {

      // match

      // match

static void btm_ble_reset_id_impl(const Octet16& rand1, const Octet16& rand2) {

static void btm_ble_reset_id_impl(const Octet16& rand1, const Octet16& rand2) {

  /* Regenerate Identity Root */

  /* Regenerate Identity Root */

  btm_sec_cb.devcb.id_keys.ir = rand1;

  btm_sec_cb.devcb.id_keys.ir = rand1;

  uint8_t btm_ble_dhk_pt = 0x03;

  Octet16 btm_ble_dhk_pt{};

  btm_ble_dhk_pt[0] = 0x03;

  /* generate DHK= Eir({0x03, 0x00, 0x00 ...}) */

  /* generate DHK= Eir({0x03, 0x00, 0x00 ...}) */

  btm_sec_cb.devcb.id_keys.dhk =

  btm_sec_cb.devcb.id_keys.dhk =

      crypto_toolbox::aes_128(btm_sec_cb.devcb.id_keys.ir, &btm_ble_dhk_pt, 1);

      crypto_toolbox::aes_128(btm_sec_cb.devcb.id_keys.ir, btm_ble_dhk_pt);

  uint8_t btm_ble_irk_pt = 0x01;

  Octet16 btm_ble_irk_pt{};

  btm_ble_irk_pt[0] = 0x01;

  /* IRK = D1(IR, 1) */

  /* IRK = D1(IR, 1) */

  btm_sec_cb.devcb.id_keys.irk =

  btm_sec_cb.devcb.id_keys.irk =

      crypto_toolbox::aes_128(btm_sec_cb.devcb.id_keys.ir, &btm_ble_irk_pt, 1);

      crypto_toolbox::aes_128(btm_sec_cb.devcb.id_keys.ir, btm_ble_irk_pt);

  btm_notify_new_key(BTM_BLE_KEY_TYPE_ID);

  btm_notify_new_key(BTM_BLE_KEY_TYPE_ID);

  address.address[0] = random[2];

  address.address[0] = random[2];

  /* encrypt with IRK */

  /* encrypt with IRK */

  Octet16 p = crypto_toolbox::aes_128(irk, random, 3);

  Octet16 r{};

  r[0] = random[0];

  r[1] = random[1];

  r[2] = random[2];

  Octet16 p = crypto_toolbox::aes_128(irk, r);

  /* set hash to be LSB of rpAddress */

  /* set hash to be LSB of rpAddress */

  address.address[5] = p[0];

  address.address[5] = p[0];

 * Resolving Key |irk| */

 * Resolving Key |irk| */

static bool rpa_matches_irk(const RawAddress& rpa, const Octet16& irk) {

static bool rpa_matches_irk(const RawAddress& rpa, const Octet16& irk) {

  /* use the 3 MSB of bd address as prand */

  /* use the 3 MSB of bd address as prand */

  uint8_t rand[3];

  Octet16 rand{};

  rand[0] = rpa.address[2];

  rand[0] = rpa.address[2];

  rand[1] = rpa.address[1];

  rand[1] = rpa.address[1];

  rand[2] = rpa.address[0];

  rand[2] = rpa.address[0];

  /* generate X = E irk(R0, R1, R2) and R is random address 3 LSO */

  /* generate X = E irk(R0, R1, R2) and R is random address 3 LSO */

  Octet16 x = crypto_toolbox::aes_128(irk, &rand[0], 3);

  Octet16 x = crypto_toolbox::aes_128(irk, rand);

  rand[0] = rpa.address[5];

  rand[0] = rpa.address[5];

  rand[1] = rpa.address[4];

  rand[1] = rpa.address[4];

  rand[2] = rpa.address[3];

  rand[2] = rpa.address[3];

  if (memcmp(x.data(), &rand[0], 3) == 0) {

  if (memcmp(x.data(), rand.data(), 3) == 0) {

    // match

    // match

    return true;

    return true;

  }

  }

    /* Mi' := Mi (+) X  */

    /* Mi' := Mi (+) X  */

    xor_128((Octet16*)&cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN], x);

    xor_128((Octet16*)&cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN], x);

    output = aes_128(key, &cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN],

    output = aes_128(

                     OCTET16_LEN);

        key, *(Octet16*)&cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN]);

    x = output;

    x = output;

    i++;

    i++;

  }

  }

 */

 */

static void cmac_generate_subkey(const Octet16& key) {

static void cmac_generate_subkey(const Octet16& key) {

  Octet16 zero{};

  Octet16 zero{};

  Octet16 p = aes_128(key, zero.data(), OCTET16_LEN);

  Octet16 p = aes_128(key, zero);

  Octet16 k1, k2;

  Octet16 k1, k2;

  uint8_t* pp = p.data();

  uint8_t* pp = p.data();

Octet16 ltk_to_link_key(const Octet16& ltk, bool use_h7);

Octet16 ltk_to_link_key(const Octet16& ltk, bool use_h7);

Octet16 link_key_to_ltk(const Octet16& link_key, bool use_h7);

Octet16 link_key_to_ltk(const Octet16& link_key, bool use_h7);

/* This function computes AES_128(key, message). |key| must be 128bit.

 * |message| can be at most 16 bytes long, it's length in bytes is given in

 * |length| */

inline Octet16 aes_128(const Octet16& key, const uint8_t* message,

                       const uint8_t length) {

  CHECK(length <= OCTET16_LEN) << "you tried aes_128 more than 16 bytes!";

  Octet16 msg{0};

  std::copy(message, message + length, msg.begin());

  return aes_128(key, msg);

}

// |tlen| - lenth of mac desired

// |tlen| - lenth of mac desired

// |p_signature| - data pointer to where signed data to be stored, tlen long.

// |p_signature| - data pointer to where signed data to be stored, tlen long.

inline void aes_cmac(const Octet16& key, const uint8_t* message,

inline void aes_cmac(const Octet16& key, const uint8_t* message,