PTLS client verification

Due to the limitation of Bluetooth package size on an external device, client verification is sent in at least two parts. The connected device will send each part without waiting for a response from Tedee Lock, only after the last part, the device will receive a response from the lock.

1. Client ask for verification

  1. Get permission certificate via Tedee API

  2. Decode certificate from Base64.

  3. Attach certificate length on 2 bytes.

  4. Attach certificate to the message.

  5. Update hash by following frame:

Certificate_len

Certificate_data

2 bytes

Certificate_len

  1. Generate signature from above hash using Device Private Key.

  2. Attach signature to the message.

  3. Attach hash from the last step of 3. Client server verification to the message.

  4. Calculate HMAC from a shared secret, ptlsc hs traffic and last hash from hello handshake.

  5. Update hash by rest of message and save it:

Signature_len

Signature

Server verify hash

2 bytes

signature_len

32 bytes

  1. Encrypt the message using the AEAD algorithm (AES GCM 128bit).

  2. Send message in two parts:

    1. With header PTLS_CLIENT_VERIFY_I with up to MTU_SIZE bytes.

    2. Last part with header PTLS_CLIENT_VERIFY_II.

Message format before encryption:

Certificate_len

Certificate_data

Signature_len

Signature

Server verify hash

2 bytes

Certificate_len

2 bytes

signature_len

32 bytes

2. Server verifies the client

Response after successful verification.

PTLS_INITIALIZED (0x08)

Session ID

2 bytes

4 bytes

3. Client handle the final response

  1. Receive PTLS_INITIALIZED frame and save received client session ID (4bytes).

  2. Initialize session object and variables:

    1. Calculate HMAC from a shared secret, ‘ptlsc ap traffic’ and hash after the whole PTLS process (step 10 of 1. Client ask for verification).

    2. Use the first 16 bytes from the above HMAC as encryption key and the next 12 bytes as iv for the encryption process. Save two last bytes of iv for further communication.

    3. Calculate HMAC from a shared secret, ‘ptlss ap traffic’ and hash after the whole PTLS process (step 10 of 1. Client ask for verification).

    4. Use the first 16 bytes from the above HMAC as a decryption key and the next 12 bytes as iv for the decryption process. Save two last bytes of iv for further communication.

    5. Init send and received message counters (2bytes each) to 0.