PTLS hello messages

The client side is an external device that is connected to the lock and wants to establish a PTLS session. The server side is a Tedee lock.

1. Client hello

1. Set PTLS_VERSION to 0x02 value,

2. Get BLE connection MTU size,

3. Generate random data (32 bytes),

4. Acquire client ECDH public key (65 bytes),

5. Concatenate above to form Hello message frame:

PTLS_VERSION	MTU_SIZE	RESERVED	RANDOM_DATA (1.)	PUBLIC_ECDH_Key (2.)	PTLS_CACHE_DATA
(0x02) 1 byte	1 byte	1 byte	32 bytes	65 bytes	52 bytes

6. Calculate hash from above frame,

7. Send it to Tedee Lock with PTLS_HELLO header.

where:

• PTLS_CACHE_DATA - is used during the establishment of PTLS session from cached data after previous successful PTLS session. For the new session, it should be 52bytes of zeros.

2. Server hello response

Unencrypted response:

PTLS_HELLO	PTLS_VERSION	MTU_SIZE	RESERVED	RANDOM_DATA (1.)	PUBLIC_ECDH_KEY (2.)
(0x03) 1 byte	(0x02) 1 byte	1 byte	1 byte	32 bytes	65 bytes

3. Client hello final

1. Receive hello response from server.

2. Calculate hash after discarding PTLS_HELLO header.

3. Calculate shared secret using PUBLIC_ECDH_KEY and ECDH algorithm.