[Huawei] Add HiChainLite firstKey handling

2024-06-20 12:00:51 +02:00 · 2024-02-05 19:09:55 +01:00 · 2024-02-05 19:09:55 +01:00 · 05c11cbd14
commit 05c11cbd14
parent 270212a771
3 changed files with 39 additions and 6 deletions
--- a/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/devices/huawei/HuaweiCrypto.java
+++ b/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/devices/huawei/HuaweiCrypto.java
@ -119,7 +119,11 @@ public class HuaweiCrypto {
                                                .put(message)
                                                .array();
        byte[] digestStep1 = CryptoUtils.calcHmacSha256(msgToDigest, nonce);
-        return CryptoUtils.calcHmacSha256(digestStep1, nonce);
+        byte[] challenge = ByteBuffer.allocate(0x40)
+                .put(CryptoUtils.calcHmacSha256(digestStep1, nonce))
+                .put(digestStep1)
+                .array();
+        return challenge;
    }

    public byte[] computeDigestHiChainLite(byte[] message, byte[] key, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, UnsupportedEncodingException {
@ -138,7 +142,11 @@ public class HuaweiCrypto {
        } else {
            digestStep1 = CryptoUtils.calcHmacSha256(msgToDigest, nonce);
        }
-        return CryptoUtils.calcHmacSha256(digestStep1, nonce);
+        byte[] challenge = ByteBuffer.allocate(0x40)
+                .put(CryptoUtils.calcHmacSha256(digestStep1, nonce))
+                .put(digestStep1)
+                .array();
+        return challenge;
    }

    public byte[] digestChallenge(byte[] secretKey, byte[] nonce) throws NoSuchAlgorithmException, InvalidKeyException, InvalidKeySpecException, UnsupportedEncodingException {
@ -150,7 +158,11 @@ public class HuaweiCrypto {
                        .put(secretKey)
                        .put(MESSAGE_CHALLENGE)
                        .array();
-                return CryptoUtils.calcHmacSha256(key, nonce);
+                byte[] challenge = ByteBuffer.allocate(0x40)
+                        .put(CryptoUtils.calcHmacSha256(key, nonce))
+                        .put(key)
+                        .array();
+                return challenge;
            }
            return computeDigestHiChainLite(MESSAGE_CHALLENGE, secretKey, nonce);
        }
@ -166,7 +178,11 @@ public class HuaweiCrypto {
                        .put(secretKey)
                        .put(MESSAGE_RESPONSE)
                        .array();
-                return CryptoUtils.calcHmacSha256(key, nonce);
+                byte[] challenge = ByteBuffer.allocate(0x40)
+                        .put(CryptoUtils.calcHmacSha256(key, nonce))
+                        .put(key)
+                        .array();
+                return challenge;
            }
            return computeDigestHiChainLite(MESSAGE_RESPONSE, secretKey, nonce);
        }
--- a/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/devices/huawei/HuaweiPacket.java
+++ b/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/devices/huawei/HuaweiPacket.java
@ -58,6 +58,7 @@ public class HuaweiPacket {
        protected byte interval;
        protected byte authAlgo;
        protected byte encryptMethod;
+        protected byte[] firstKey;

        public void setAuthVersion(byte authVersion) {
            this.authVersion = authVersion;
@ -153,6 +154,14 @@ public class HuaweiPacket {
        public byte getEncryptMethod () {
            return this.encryptMethod;
        }
+
+        public void setFirstKey(byte[] firstKey) {
+            this.firstKey = firstKey;
+        }
+
+        public byte[] getFirstKey() {
+            return firstKey;
+        }
    }

    public static abstract class ParseException extends Exception {
--- a/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/service/devices/huawei/requests/GetAuthRequest.java
+++ b/app/src/main/java/nodomain/freeyourgadget/gadgetbridge/service/devices/huawei/requests/GetAuthRequest.java
@ -74,8 +74,13 @@ public class GetAuthRequest extends Request {
                    .putShort(authVersion)
                    .put(clientNonce)
                    .array();
-            byte[] challenge = huaweiCrypto.digestChallenge(key, doubleNonce);
+            ByteBuffer digestedChallenge = ByteBuffer.wrap(huaweiCrypto.digestChallenge(key, doubleNonce));
+            byte[] challenge = new byte[0x20];
+            digestedChallenge.get(challenge, 0x00, 0x20);
            LOG.debug("challenge: " + GB.hexdump(challenge));
+            byte[] firstKey = new byte[0x10];
+            digestedChallenge.get(firstKey, 0x00, 0x10);
+            paramsProvider.setFirstKey(firstKey);
            if (challenge == null)
                throw new RequestCreationException("Challenge null");
            return new DeviceConfig.Auth.Request(paramsProvider, challenge, nonce).serialize();
@ -94,7 +99,10 @@ public class GetAuthRequest extends Request {
            throw new ResponseTypeMismatchException(receivedPacket, DeviceConfig.Auth.Response.class);

        try {
-            byte[] expectedAnswer = huaweiCrypto.digestResponse(key, doubleNonce);
+            ByteBuffer digestedChallenge = ByteBuffer.wrap(huaweiCrypto.digestResponse(key, doubleNonce));
+            byte[] expectedAnswer = new byte[0x20];
+            digestedChallenge.get(expectedAnswer, 0x00, 0x20);
+            LOG.debug("challenge: " + GB.hexdump(expectedAnswer));
            if (expectedAnswer == null)
                throw new ResponseParseException("Challenge null");
            byte[] actualAnswer = ((DeviceConfig.Auth.Response) receivedPacket).challengeResponse;