Remove crypto_toolbox::Octet16

#include "crypto_toolbox/aes.h"

#include "crypto_toolbox/crypto_toolbox.h"

#include "hci/octets.h"

namespace bluetooth {

namespace crypto_toolbox {

using hci::kOctet16Length;

using hci::Octet16;

namespace {

Octet16 const_Rb{0x87, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};

/** utility function to do an biteise exclusive-OR of two bit strings of the

 * length of OCTET16_LEN. Result is stored in first argument.

 * length of kOctet16Length. Result is stored in first argument.

 */

static void xor_128(Octet16* a, const Octet16& b) {

  // CHECK(a);

  uint8_t i, *aa = a->data();

  const uint8_t* bb = b.data();

  for (i = 0; i < OCTET16_LEN; i++) {

  for (i = 0; i < kOctet16Length; i++) {

    aa[i] = aa[i] ^ bb[i];

  }

}

/** utility function to padding the given text to be a 128 bits data. The

 * parameter dest is input and output parameter, it must point to a

 * OCTET16_LEN memory space; where include length bytes valid data. */

 * kOctet16Length memory space; where include length bytes valid data. */

static void padding(Octet16* dest, uint8_t length) {

  uint8_t i, *p = dest->data();

  /* original last block */

  for (i = length; i < OCTET16_LEN; i++) p[OCTET16_LEN - i - 1] = (i == length) ? 0x80 : 0;

  for (i = length; i < kOctet16Length; i++) p[kOctet16Length - i - 1] = (i == length) ? 0x80 : 0;

}

/** utility function to left shift one bit for a 128 bits value. */

static void leftshift_onebit(uint8_t* input, uint8_t* output) {

  uint8_t i, overflow = 0, next_overflow = 0;

  /* input[0] is LSB */

  for (i = 0; i < OCTET16_LEN; i++) {

  for (i = 0; i < kOctet16Length; i++) {

    next_overflow = (input[i] & 0x80) ? 1 : 0;

    output[i] = (input[i] << 1) | overflow;

    overflow = next_overflow;

  uint16_t i = 1;

  while (i <= cmac_cb.round) {

    /* Mi' := Mi (+) X  */

    xor_128((Octet16*)&cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN], x);

    xor_128((Octet16*)&cmac_cb.text[(cmac_cb.round - i) * kOctet16Length], x);

    output = aes_128(key, &cmac_cb.text[(cmac_cb.round - i) * OCTET16_LEN], OCTET16_LEN);

    output = aes_128(key, &cmac_cb.text[(cmac_cb.round - i) * kOctet16Length], kOctet16Length);

    x = output;

    i++;

  }

  bool flag;

  /* last block is a complete block set flag to 1 */

  flag = ((cmac_cb.len % OCTET16_LEN) == 0 && cmac_cb.len != 0) ? true : false;

  flag = ((cmac_cb.len % kOctet16Length) == 0 && cmac_cb.len != 0) ? true : false;

  if (flag) { /* last block is complete block */

    xor_128((Octet16*)&cmac_cb.text[0], k1);

 */

static void cmac_generate_subkey(const Octet16& key) {

  Octet16 zero{};

  Octet16 p = aes_128(key, zero.data(), OCTET16_LEN);

  Octet16 p = aes_128(key, zero.data(), kOctet16Length);

  Octet16 k1, k2;

  uint8_t* pp = p.data();

  /* If MSB(L) = 0, then K1 = L << 1 */

  if ((pp[OCTET16_LEN - 1] & 0x80) != 0) {

  if ((pp[kOctet16Length - 1] & 0x80) != 0) {

    /* Else K1 = ( L << 1 ) (+) Rb */

    leftshift_onebit(pp, k1.data());

    xor_128(&k1, const_Rb);

    leftshift_onebit(pp, k1.data());

  }

  if ((k1[OCTET16_LEN - 1] & 0x80) != 0) {

  if ((k1[kOctet16Length - 1] & 0x80) != 0) {

    /* K2 =  (K1 << 1) (+) Rb */

    leftshift_onebit(k1.data(), k2.data());

    xor_128(&k2, const_Rb);

  uint32_t len;

  uint16_t diff;

  /* n is number of rounds */

  uint16_t n = (length + OCTET16_LEN - 1) / OCTET16_LEN;

  uint16_t n = (length + kOctet16Length - 1) / kOctet16Length;

  if (n == 0) n = 1;

  len = n * OCTET16_LEN;

  len = n * kOctet16Length;

  /* allocate a memory space of multiple of 16 bytes to hold text  */

  cmac_cb.text = (uint8_t*)alloca(len);

#include <algorithm>

#include "crypto_toolbox/aes.h"

#include "hci/octets.h"

namespace bluetooth {

namespace crypto_toolbox {

constexpr int OCTET32_LEN = 32;

using hci::kOctet16Length;

using hci::kOctet32Length;

using hci::Octet16;

using hci::Octet32;

Octet16 h6(const Octet16& w, std::array<uint8_t, 4> keyid) {

  return aes_cmac(w, keyid.data(), keyid.size());

}

Octet16 f4(uint8_t* u, uint8_t* v, const Octet16& x, uint8_t z) {

  constexpr size_t msg_len = OCTET32_LEN /* U size */ + OCTET32_LEN /* V size */ + 1 /* Z size */;

  constexpr size_t msg_len =

      kOctet32Length /* U size */ + kOctet32Length /* V size */ + 1 /* Z size */;

  // VLOG(1) << "U=" << HexEncode(u, OCTET32_LEN) << ", V=" << HexEncode(v, OCTET32_LEN)

  // VLOG(1) << "U=" << HexEncode(u, kOctet32Length) << ", V=" << HexEncode(v, kOctet32Length)

  //          << ", X=" << HexEncode(x.data(), x.size()) << ", Z=" << std::hex << +z;

  std::array<uint8_t, msg_len> msg;

  auto it = msg.begin();

  it = std::copy(&z, &z + 1, it);

  it = std::copy(v, v + OCTET32_LEN, it);

  it = std::copy(u, u + OCTET32_LEN, it);

  it = std::copy(v, v + kOctet32Length, it);

  it = std::copy(u, u + kOctet32Length, it);

  return aes_cmac(x, msg.data(), msg.size());

}

    uint8_t* a1,

    uint8_t* a2,

    uint8_t* length) {

  constexpr size_t msg_len = 1 /* Counter size */ + 4 /* keyID size */ + OCTET16_LEN /* N1 size */ +

                             OCTET16_LEN /* N2 size */ + 7 /* A1 size*/ + 7 /* A2 size*/ + 2 /* Length size */;

  constexpr size_t msg_len = 1 /* Counter size */ + 4 /* keyID size */ +

                             kOctet16Length /* N1 size */ + kOctet16Length /* N2 size */ +

                             7 /* A1 size*/ + 7 /* A2 size*/ + 2 /* Length size */;

  std::array<uint8_t, msg_len> msg;

  auto it = msg.begin();

}

void f5(uint8_t* w, const Octet16& n1, const Octet16& n2, uint8_t* a1, uint8_t* a2, Octet16* mac_key, Octet16* ltk) {

  // VLOG(1) << __func__ << "W=" << HexEncode(w, OCTET32_LEN) << ", N1=" <<

  // VLOG(1) << __func__ << "W=" << HexEncode(w, kOctet32Length) << ", N1=" <<

  // HexEncode(n1.data(), n1.size())

  //          << ", N2=" << HexEncode(n2.data(), n2.size()) << ", A1=" << HexEncode(a1, 7) << ",

  //          A2=" << HexEncode(a2, 7);

  const Octet16 salt{0xBE, 0x83, 0x60, 0x5A, 0xDB, 0x0B, 0x37, 0x60, 0x38, 0xA5, 0xF5, 0xAA, 0x91, 0x83, 0x88, 0x6C};

  Octet16 t = aes_cmac(salt, w, OCTET32_LEN);

  Octet16 t = aes_cmac(salt, w, kOctet32Length);

  // VLOG(1) << "T=" << HexEncode(t.data(), t.size());

Octet16

f6(const Octet16& w, const Octet16& n1, const Octet16& n2, const Octet16& r, uint8_t* iocap, uint8_t* a1, uint8_t* a2) {

  const uint8_t msg_len = OCTET16_LEN /* N1 size */ + OCTET16_LEN /* N2 size */ + OCTET16_LEN /* R size */ +

                          3 /* IOcap size */ + 7 /* A1 size*/ + 7 /* A2 size*/;

  const uint8_t msg_len = kOctet16Length /* N1 size */ + kOctet16Length /* N2 size */ +

                          kOctet16Length /* R size */ + 3 /* IOcap size */ + 7 /* A1 size*/ +

                          7 /* A2 size*/;

  // VLOG(1) << __func__ << "W=" << HexEncode(w.data(), w.size()) << ", N1=" <<

  // HexEncode(n1.data(), n1.size())

}

uint32_t g2(uint8_t* u, uint8_t* v, const Octet16& x, const Octet16& y) {

  constexpr size_t msg_len = OCTET32_LEN /* U size */ + OCTET32_LEN /* V size */

                             + OCTET16_LEN /* Y size */;

  constexpr size_t msg_len = kOctet32Length /* U size */ + kOctet32Length /* V size */

                             + kOctet16Length /* Y size */;

  // VLOG(1) << __func__ << "U=" << HexEncode(u, OCTET32_LEN) << ", V=" << HexEncode(v,

  // OCTET32_LEN)

  // VLOG(1) << __func__ << "U=" << HexEncode(u, kOctet32Length) << ", V=" << HexEncode(v,

  // kOctet32Length)

  //          << ", X=" << HexEncode(x.data(), x.size()) << ", Y=" << HexEncode(y.data(), y.size());

  std::array<uint8_t, msg_len> msg;

  auto it = msg.begin();

  it = std::copy(y.begin(), y.end(), it);

  it = std::copy(v, v + OCTET32_LEN, it);

  it = std::copy(u, u + OCTET32_LEN, it);

  it = std::copy(v, v + kOctet32Length, it);

  it = std::copy(u, u + kOctet32Length, it);

  Octet16 cmac = aes_cmac(x, msg.data(), msg.size());

  it = std::copy(preq, preq + 7, it);

  it = std::copy(pres, pres + 7, it);

  for (uint8_t i = 0; i < OCTET16_LEN; i++) {

  for (uint8_t i = 0; i < kOctet16Length; i++) {

    p1[i] = r[i] ^ p1[i];

  }

  it = std::copy(ia, ia + 6, it);

  it = std::copy(padding.begin(), padding.end(), it);

  for (uint8_t i = 0; i < OCTET16_LEN; i++) {

  for (uint8_t i = 0; i < kOctet16Length; i++) {

    p2[i] = p1bis[i] ^ p2[i];

  }

namespace bluetooth {

namespace crypto_toolbox {

constexpr int OCTET16_LEN = hci::kOctet16Length;

using Octet16 = hci::Octet16;

Octet16 c1(

    const Octet16& k,

    const Octet16& r,

hci::Octet16 c1(

    const hci::Octet16& k,

    const hci::Octet16& r,

    const uint8_t* pres,

    const uint8_t* preq,

    const uint8_t iat,

    const uint8_t* ia,

    const uint8_t rat,

    const uint8_t* ra);

Octet16 s1(const Octet16& k, const Octet16& r1, const Octet16& r2);

hci::Octet16 s1(const hci::Octet16& k, const hci::Octet16& r1, const hci::Octet16& r2);

Octet16 aes_128(const Octet16& key, const Octet16& message);

Octet16 aes_cmac(const Octet16& key, const uint8_t* message, uint16_t length);

Octet16 f4(uint8_t* u, uint8_t* v, const Octet16& x, uint8_t z);

hci::Octet16 aes_128(const hci::Octet16& key, const hci::Octet16& message);

hci::Octet16 aes_cmac(const hci::Octet16& key, const uint8_t* message, uint16_t length);

hci::Octet16 f4(uint8_t* u, uint8_t* v, const hci::Octet16& x, uint8_t z);

void f5(

    uint8_t* w,

    const Octet16& n1,

    const Octet16& n2,

    const hci::Octet16& n1,

    const hci::Octet16& n2,

    uint8_t* a1,

    uint8_t* a2,

    Octet16* mac_key,

    Octet16* ltk);

Octet16 f6(

    const Octet16& w,

    const Octet16& n1,

    const Octet16& n2,

    const Octet16& r,

    hci::Octet16* mac_key,

    hci::Octet16* ltk);

hci::Octet16 f6(

    const hci::Octet16& w,

    const hci::Octet16& n1,

    const hci::Octet16& n2,

    const hci::Octet16& r,

    uint8_t* iocap,

    uint8_t* a1,

    uint8_t* a2);

Octet16 h6(const Octet16& w, std::array<uint8_t, 4> keyid);

Octet16 h7(const Octet16& salt, const Octet16& w);

uint32_t g2(uint8_t* u, uint8_t* v, const Octet16& x, const Octet16& y);

Octet16 ltk_to_link_key(const Octet16& ltk, bool use_h7);

Octet16 link_key_to_ltk(const Octet16& link_key, bool use_h7);

hci::Octet16 h6(const hci::Octet16& w, std::array<uint8_t, 4> keyid);

hci::Octet16 h7(const hci::Octet16& salt, const hci::Octet16& w);

uint32_t g2(uint8_t* u, uint8_t* v, const hci::Octet16& x, const hci::Octet16& y);

hci::Octet16 ltk_to_link_key(const hci::Octet16& ltk, bool use_h7);

hci::Octet16 link_key_to_ltk(const hci::Octet16& link_key, bool use_h7);

/* This function computes AES_128(key, message). |key| must be 128bit.

 * |message| can be at most 16 bytes long, it's length in bytes is given in

 * |length| */

inline Octet16 aes_128(const Octet16& key, const uint8_t* message, const uint8_t length) {

inline hci::Octet16 aes_128(const hci::Octet16& key, const uint8_t* message, const uint8_t length) {

  // CHECK(length <= OCTET16_LEN) << "you tried aes_128 more than 16 bytes!";

  Octet16 msg{0};

  hci::Octet16 msg{0};

  std::copy(message, message + length, msg.begin());

  return aes_128(key, msg);

}

// |tlen| - lenth of mac desired

// |p_signature| - data pointer to where signed data to be stored, tlen long.

inline void aes_cmac(const Octet16& key, const uint8_t* message, uint16_t length, uint16_t tlen, uint8_t* p_signature) {

  Octet16 signature = aes_cmac(key, message, length);

inline void aes_cmac(

    const hci::Octet16& key,

    const uint8_t* message,

    uint16_t length,

    uint16_t tlen,

    uint8_t* p_signature) {

  hci::Octet16 signature = aes_cmac(key, message, length);

  uint8_t* p_mac = signature.data() + (OCTET16_LEN - tlen);

  uint8_t* p_mac = signature.data() + (hci::kOctet16Length - tlen);

  memcpy(p_signature, p_mac, tlen);

}

inline Octet16 aes_cmac(const Octet16& key, const Octet16& message) {

inline hci::Octet16 aes_cmac(const hci::Octet16& key, const hci::Octet16& message) {

  return aes_cmac(key, message.data(), message.size());

}

#include <vector>

#include "crypto_toolbox/aes.h"

#include "hci/octets.h"

namespace bluetooth {

namespace crypto_toolbox {

using hci::kOctet16Length;

using hci::Octet16;

// BT Spec 5.0 | Vol 3, Part H D.1

TEST(CryptoToolboxTest, bt_spec_test_d_1_test) {

  aes_set_key(k, sizeof(k), &ctx);

  aes_encrypt(m, output, &ctx); /* outputs in byte 48 to byte 63 */

  EXPECT_TRUE(memcmp(output, aes_cmac_k_m, OCTET16_LEN) == 0);

  EXPECT_TRUE(memcmp(output, aes_cmac_k_m, kOctet16Length) == 0);

  // useful for debugging

  // LOG(INFO) << "k " << base::HexEncode(k, OCTET16_LEN);

#include <atomic>

#include <future>

#include <mutex>

#include <set>

#include "common/bidi_queue.h"

#include "hci/acl_manager/acl_scheduler.h"

#include "hci/acl_manager/classic_impl.h"

#include "hci/acl_manager/connection_management_callbacks.h"

#include "hci/acl_manager/le_acceptlist_callbacks.h"

#include "hci/acl_manager/le_acl_connection.h"

#include "hci/acl_manager/le_impl.h"

    AddressWithType fixed_address,

    std::chrono::milliseconds minimum_rotation_time,

    std::chrono::milliseconds maximum_rotation_time) {

  crypto_toolbox::Octet16 rotation_irk{};

  Octet16 rotation_irk{};

  auto irk_prop =

      GetDependency<storage::StorageModule>()->GetProperty("Adapter", "LE_LOCAL_KEY_IRK");

  if (irk_prop.has_value()) {

void AclManager::SetPrivacyPolicyForInitiatorAddressForTest(

    LeAddressManager::AddressPolicy address_policy,

    AddressWithType fixed_address,

    crypto_toolbox::Octet16 rotation_irk,

    Octet16 rotation_irk,

    std::chrono::milliseconds minimum_rotation_time,

    std::chrono::milliseconds maximum_rotation_time) {

  CallOn(