ESPHome 2026.5.0-dev
Loading...
Searching...
No Matches
bthome_ble.cpp
Go to the documentation of this file.
1#include "bthome_ble.h"
2
3#include "esphome/core/helpers.h"
4#include "esphome/core/log.h"
5
6#include <algorithm>
7#include <array>
8#include <cstring>
9#include <span>
10
11#ifdef USE_ESP32
12
13#include <esp_idf_version.h>
14#if ESP_IDF_VERSION >= ESP_IDF_VERSION_VAL(6, 0, 0)
15#include <psa/crypto.h>
16#else
17#include "mbedtls/ccm.h"
18#endif
19
20namespace esphome {
21namespace bthome_mithermometer {
22
23static const char *const TAG = "bthome_mithermometer";
24static constexpr size_t BTHOME_BINDKEY_SIZE = 16;
25static constexpr size_t BTHOME_NONCE_SIZE = 13;
26static constexpr size_t BTHOME_MIC_SIZE = 4;
27static constexpr size_t BTHOME_COUNTER_SIZE = 4;
28
29static const char *format_mac_address(std::span<char, MAC_ADDRESS_PRETTY_BUFFER_SIZE> buffer, uint64_t address) {
30 std::array<uint8_t, MAC_ADDRESS_SIZE> mac{};
31 for (size_t i = 0; i < MAC_ADDRESS_SIZE; i++) {
32 mac[i] = (address >> ((MAC_ADDRESS_SIZE - 1 - i) * 8)) & 0xFF;
33 }
34
35 format_mac_addr_upper(mac.data(), buffer.data());
36 return buffer.data();
37}
38
39static bool get_bthome_value_length(uint8_t obj_type, size_t &value_length) {
40 switch (obj_type) {
41 case 0x00: // packet id
42 case 0x01: // battery
43 case 0x09: // count (uint8)
44 case 0x0F: // generic boolean
45 case 0x10: // power (bool)
46 case 0x11: // opening
47 case 0x15: // battery low
48 case 0x16: // battery charging
49 case 0x17: // carbon monoxide
50 case 0x18: // cold
51 case 0x19: // connectivity
52 case 0x1A: // door
53 case 0x1B: // garage door
54 case 0x1C: // gas
55 case 0x1D: // heat
56 case 0x1E: // light
57 case 0x1F: // lock
58 case 0x20: // moisture
59 case 0x21: // motion
60 case 0x22: // moving
61 case 0x23: // occupancy
62 case 0x24: // plug
63 case 0x25: // presence
64 case 0x26: // problem
65 case 0x27: // running
66 case 0x28: // safety
67 case 0x29: // smoke
68 case 0x2A: // sound
69 case 0x2B: // tamper
70 case 0x2C: // vibration
71 case 0x2D: // water leak
72 case 0x2E: // humidity (uint8)
73 case 0x2F: // moisture (uint8)
74 case 0x46: // UV index
75 case 0x57: // temperature (sint8)
76 case 0x58: // temperature (0.35C step)
77 case 0x59: // count (sint8)
78 case 0x60: // channel
79 value_length = 1;
80 return true;
81 case 0x02: // temperature (0.01C)
82 case 0x03: // humidity
83 case 0x06: // mass (kg)
84 case 0x07: // mass (lb)
85 case 0x08: // dewpoint
86 case 0x0C: // voltage (mV)
87 case 0x0D: // pm2.5
88 case 0x0E: // pm10
89 case 0x12: // CO2
90 case 0x13: // TVOC
91 case 0x14: // moisture
92 case 0x3D: // count (uint16)
93 case 0x3F: // rotation
94 case 0x40: // distance (mm)
95 case 0x41: // distance (m)
96 case 0x43: // current (A)
97 case 0x44: // speed
98 case 0x45: // temperature (0.1C)
99 case 0x47: // volume (L)
100 case 0x48: // volume (mL)
101 case 0x49: // volume flow rate
102 case 0x4A: // voltage (0.1V)
103 case 0x51: // acceleration
104 case 0x52: // gyroscope
105 case 0x56: // conductivity
106 case 0x5A: // count (sint16)
107 case 0x5D: // current (sint16)
108 case 0x5E: // direction
109 case 0x5F: // precipitation
110 case 0x61: // rotational speed
111 case 0xF0: // button event
112 value_length = 2;
113 return true;
114 case 0x04: // pressure
115 case 0x05: // illuminance
116 case 0x0A: // energy
117 case 0x0B: // power
118 case 0x42: // duration
119 case 0x4B: // gas (uint24)
120 case 0xF2: // firmware version (uint24)
121 value_length = 3;
122 return true;
123 case 0x3E: // count (uint32)
124 case 0x4C: // gas (uint32)
125 case 0x4D: // energy (uint32)
126 case 0x4E: // volume (uint32)
127 case 0x4F: // water (uint32)
128 case 0x50: // timestamp
129 case 0x55: // volume storage
130 case 0x5B: // count (sint32)
131 case 0x5C: // power (sint32)
132 case 0x62: // speed (sint32)
133 case 0x63: // acceleration (sint32)
134 case 0xF1: // firmware version (uint32)
135 value_length = 4;
136 return true;
137 default:
138 return false;
139 }
140}
141
142void BTHomeMiThermometer::dump_config() {
143 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
144 ESP_LOGCONFIG(TAG, "BTHome MiThermometer");
145 ESP_LOGCONFIG(TAG, " MAC Address: %s", format_mac_address(addr_buf, this->address_));
146 if (this->has_bindkey_) {
147 char bindkey_hex[format_hex_pretty_size(BTHOME_BINDKEY_SIZE)];
148 ESP_LOGCONFIG(TAG, " Bindkey: %s", format_hex_pretty_to(bindkey_hex, this->bindkey_, BTHOME_BINDKEY_SIZE, '.'));
149 }
150 LOG_SENSOR(" ", "Temperature", this->temperature_);
151 LOG_SENSOR(" ", "Humidity", this->humidity_);
152 LOG_SENSOR(" ", "Battery Level", this->battery_level_);
153 LOG_SENSOR(" ", "Battery Voltage", this->battery_voltage_);
154 LOG_SENSOR(" ", "Signal Strength", this->signal_strength_);
155}
156
157bool BTHomeMiThermometer::parse_device(const esp32_ble_tracker::ESPBTDevice &device) {
158 bool matched = false;
159 for (auto &service_data : device.get_service_datas()) {
160 if (this->handle_service_data_(service_data, device)) {
161 matched = true;
162 }
163 }
164 if (matched && this->signal_strength_ != nullptr) {
165 this->signal_strength_->publish_state(device.get_rssi());
166 }
167 return matched;
168}
169
170void BTHomeMiThermometer::set_bindkey(std::initializer_list<uint8_t> bindkey) {
171 if (bindkey.size() != sizeof(this->bindkey_)) {
172 ESP_LOGW(TAG, "BTHome bindkey size mismatch: %zu", bindkey.size());
173 return;
174 }
175 std::copy(bindkey.begin(), bindkey.end(), this->bindkey_);
176 this->has_bindkey_ = true;
177}
178
179bool BTHomeMiThermometer::decrypt_bthome_payload_(const std::vector<uint8_t> &data, uint64_t source_address,
180 std::vector<uint8_t> &payload) const {
181 if (data.size() <= 1 + BTHOME_COUNTER_SIZE + BTHOME_MIC_SIZE) {
182 ESP_LOGVV(TAG, "Encrypted BTHome payload too short: %zu", data.size());
183 return false;
184 }
185
186 const size_t ciphertext_size = data.size() - 1 - BTHOME_COUNTER_SIZE - BTHOME_MIC_SIZE;
187 payload.resize(ciphertext_size);
188
189 std::array<uint8_t, MAC_ADDRESS_SIZE> mac{};
190 for (size_t i = 0; i < MAC_ADDRESS_SIZE; i++) {
191 mac[i] = (source_address >> ((MAC_ADDRESS_SIZE - 1 - i) * 8)) & 0xFF;
192 }
193
194 std::array<uint8_t, BTHOME_NONCE_SIZE> nonce{};
195 memcpy(nonce.data(), mac.data(), mac.size());
196 nonce[6] = 0xD2;
197 nonce[7] = 0xFC;
198 nonce[8] = data[0];
199 memcpy(nonce.data() + 9, &data[data.size() - BTHOME_COUNTER_SIZE - BTHOME_MIC_SIZE], BTHOME_COUNTER_SIZE);
200
201 const uint8_t *ciphertext = data.data() + 1;
202 const uint8_t *mic = data.data() + data.size() - BTHOME_MIC_SIZE;
203
204#if ESP_IDF_VERSION >= ESP_IDF_VERSION_VAL(6, 0, 0)
205 // PSA AEAD expects ciphertext + tag concatenated
206 // BLE advertisement max payload is 31 bytes, so this is always sufficient
207 static constexpr size_t MAX_CT_WITH_TAG = 32;
208 uint8_t ct_with_tag[MAX_CT_WITH_TAG];
209 size_t ct_with_tag_size = ciphertext_size + BTHOME_MIC_SIZE;
210 memcpy(ct_with_tag, ciphertext, ciphertext_size);
211 memcpy(ct_with_tag + ciphertext_size, mic, BTHOME_MIC_SIZE);
212
213 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
214 psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
215 psa_set_key_bits(&attributes, BTHOME_BINDKEY_SIZE * 8);
216 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
217 psa_set_key_algorithm(&attributes, PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, BTHOME_MIC_SIZE));
218
219 mbedtls_svc_key_id_t key_id;
220 if (psa_import_key(&attributes, this->bindkey_, BTHOME_BINDKEY_SIZE, &key_id) != PSA_SUCCESS) {
221 ESP_LOGVV(TAG, "psa_import_key() failed.");
222 return false;
223 }
224
225 size_t plaintext_length;
226 psa_status_t status = psa_aead_decrypt(key_id, PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, BTHOME_MIC_SIZE),
227 nonce.data(), nonce.size(), nullptr, 0, ct_with_tag, ct_with_tag_size,
228 payload.data(), ciphertext_size, &plaintext_length);
229 psa_destroy_key(key_id);
230 if (status != PSA_SUCCESS || plaintext_length != ciphertext_size) {
231 ESP_LOGVV(TAG, "BTHome decryption failed.");
232 return false;
233 }
234#else
235 mbedtls_ccm_context ctx;
236 mbedtls_ccm_init(&ctx);
237
238 int ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, this->bindkey_, BTHOME_BINDKEY_SIZE * 8);
239 if (ret) {
240 ESP_LOGVV(TAG, "mbedtls_ccm_setkey() failed.");
241 mbedtls_ccm_free(&ctx);
242 return false;
243 }
244
245 ret = mbedtls_ccm_auth_decrypt(&ctx, ciphertext_size, nonce.data(), nonce.size(), nullptr, 0, ciphertext,
246 payload.data(), mic, BTHOME_MIC_SIZE);
247 mbedtls_ccm_free(&ctx);
248 if (ret) {
249 ESP_LOGVV(TAG, "BTHome decryption failed (ret=%d).", ret);
250 return false;
251 }
252#endif
253 return true;
254}
255
256bool BTHomeMiThermometer::handle_service_data_(const esp32_ble_tracker::ServiceData &service_data,
257 const esp32_ble_tracker::ESPBTDevice &device) {
258 if (!service_data.uuid.contains(0xD2, 0xFC)) {
259 return false;
260 }
261
262 const auto &data = service_data.data;
263 if (data.size() < 2) {
264 ESP_LOGVV(TAG, "BTHome data too short: %zu", data.size());
265 return false;
266 }
267
268 const uint8_t adv_info = data[0];
269 const bool is_encrypted = adv_info & 0x01;
270 const bool mac_included = adv_info & 0x02;
271 const bool is_trigger_based = adv_info & 0x04;
272 const uint8_t version = (adv_info >> 5) & 0x07;
273
274 if (version != 0x02) {
275 ESP_LOGVV(TAG, "Unsupported BTHome version %u", version);
276 return false;
277 }
278
279 uint64_t source_address = device.address_uint64();
280 bool address_matches = source_address == this->address_;
281 if (!is_encrypted && mac_included && data.size() >= 7) {
282 uint64_t advertised_address = 0;
283 for (int i = 5; i >= 0; i--) {
284 advertised_address = (advertised_address << 8) | data[1 + i];
285 }
286 address_matches = address_matches || advertised_address == this->address_;
287 }
288
289 if (is_encrypted && !this->has_bindkey_) {
290 if (address_matches) {
291 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
292 ESP_LOGE(TAG, "Encrypted BTHome frame received but no bindkey configured for %s",
293 device.address_str_to(addr_buf));
294 }
295 return false;
296 }
297
298 if (!is_encrypted && this->has_bindkey_) {
299 if (address_matches) {
300 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
301 ESP_LOGE(TAG, "Unencrypted BTHome frame received with bindkey configured for %s",
302 device.address_str_to(addr_buf));
303 }
304 return false;
305 }
306 std::vector<uint8_t> decrypted_payload;
307 const uint8_t *payload = nullptr;
308 size_t payload_size = 0;
309
310 if (is_encrypted) {
311 if (!this->decrypt_bthome_payload_(data, source_address, decrypted_payload)) {
312 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
313 ESP_LOGVV(TAG, "Failed to decrypt BTHome frame from %s", device.address_str_to(addr_buf));
314 return false;
315 }
316 payload = decrypted_payload.data();
317 payload_size = decrypted_payload.size();
318 } else {
319 payload = data.data() + 1;
320 payload_size = data.size() - 1;
321 }
322
323 if (mac_included) {
324 if (payload_size < 6) {
325 ESP_LOGVV(TAG, "BTHome payload missing MAC address");
326 return false;
327 }
328 source_address = 0;
329 for (int i = 5; i >= 0; i--) {
330 source_address = (source_address << 8) | payload[i];
331 }
332 payload += 6;
333 payload_size -= 6;
334 }
335
336 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
337 if (source_address != this->address_) {
338 ESP_LOGVV(TAG, "BTHome frame from unexpected device %s", format_mac_address(addr_buf, source_address));
339 return false;
340 }
341
342 if (payload_size == 0) {
343 ESP_LOGVV(TAG, "BTHome payload empty after header");
344 return false;
345 }
346
347 bool reported = false;
348 size_t offset = 0;
349 uint8_t last_type = 0;
350
351 while (offset < payload_size) {
352 const uint8_t obj_type = payload[offset++];
353 size_t value_length = 0;
354 bool has_length_byte = obj_type == 0x53; // text objects include explicit length
355
356 if (has_length_byte) {
357 if (offset >= payload_size) {
358 break;
359 }
360 value_length = payload[offset++];
361 } else {
362 if (!get_bthome_value_length(obj_type, value_length)) {
363 ESP_LOGVV(TAG, "Unknown BTHome object 0x%02X", obj_type);
364 break;
365 }
366 }
367
368 if (value_length == 0) {
369 break;
370 }
371
372 if (offset + value_length > payload_size) {
373 ESP_LOGVV(TAG, "BTHome object length exceeds payload");
374 break;
375 }
376
377 const uint8_t *value = &payload[offset];
378 offset += value_length;
379
380 if (obj_type < last_type) {
381 ESP_LOGVV(TAG, "BTHome objects not in ascending order");
382 }
383 last_type = obj_type;
384
385 switch (obj_type) {
386 case 0x00: { // packet id
387 const uint8_t packet_id = value[0];
388 if (this->last_packet_id_.has_value() && *this->last_packet_id_ == packet_id) {
389 return reported;
390 }
391 this->last_packet_id_ = packet_id;
392 break;
393 }
394 case 0x01: { // battery percentage
395 if (this->battery_level_ != nullptr) {
396 this->battery_level_->publish_state(value[0]);
397 reported = true;
398 }
399 break;
400 }
401 case 0x0C: { // battery voltage (mV)
402 if (this->battery_voltage_ != nullptr) {
403 const uint16_t raw = encode_uint16(value[1], value[0]);
404 this->battery_voltage_->publish_state(raw * 0.001f);
405 reported = true;
406 }
407 break;
408 }
409 case 0x02: { // temperature
410 if (this->temperature_ != nullptr) {
411 const int16_t raw = encode_uint16(value[1], value[0]);
412 this->temperature_->publish_state(raw * 0.01f);
413 reported = true;
414 }
415 break;
416 }
417 case 0x03: { // humidity
418 if (this->humidity_ != nullptr) {
419 const uint16_t raw = encode_uint16(value[1], value[0]);
420 this->humidity_->publish_state(raw * 0.01f);
421 reported = true;
422 }
423 break;
424 }
425 default:
426 break;
427 }
428 }
429
430 if (reported) {
431 ESP_LOGD(TAG, "BTHome data%sfrom %s", is_trigger_based ? " (triggered) " : " ", device.address_str_to(addr_buf));
432 }
433
434 return reported;
435}
436
437} // namespace bthome_mithermometer
438} // namespace esphome
439
440#endif
address
uint8_t address
Definition bl0906.h:4
raw
uint8_t raw[35]
Definition bl0939.h:0
status
uint8_t status
Definition bl0942.h:8
bthome_ble.h
esphome::bthome_mithermometer::BTHomeMiThermometer::handle_service_data_
bool handle_service_data_(const esp32_ble_tracker::ServiceData &service_data, const esp32_ble_tracker::ESPBTDevice &device)
Definition bthome_ble.cpp:256
esphome::bthome_mithermometer::BTHomeMiThermometer::temperature_
sensor::Sensor * temperature_
Definition bthome_ble.h:41
esphome::bthome_mithermometer::BTHomeMiThermometer::battery_level_
sensor::Sensor * battery_level_
Definition bthome_ble.h:43
esphome::bthome_mithermometer::BTHomeMiThermometer::last_packet_id_
optional< uint8_t > last_packet_id_
Definition bthome_ble.h:37
esphome::bthome_mithermometer::BTHomeMiThermometer::signal_strength_
sensor::Sensor * signal_strength_
Definition bthome_ble.h:45
esphome::bthome_mithermometer::BTHomeMiThermometer::bindkey_
uint8_t bindkey_[16]
Definition bthome_ble.h:39
esphome::bthome_mithermometer::BTHomeMiThermometer::set_bindkey
void set_bindkey(std::initializer_list< uint8_t > bindkey)
Definition bthome_ble.cpp:170
esphome::bthome_mithermometer::BTHomeMiThermometer::battery_voltage_
sensor::Sensor * battery_voltage_
Definition bthome_ble.h:44
esphome::bthome_mithermometer::BTHomeMiThermometer::humidity_
sensor::Sensor * humidity_
Definition bthome_ble.h:42
esphome::bthome_mithermometer::BTHomeMiThermometer::has_bindkey_
bool has_bindkey_
Definition bthome_ble.h:38
esphome::bthome_mithermometer::BTHomeMiThermometer::dump_config
void dump_config() override
Definition bthome_ble.cpp:142
esphome::bthome_mithermometer::BTHomeMiThermometer::decrypt_bthome_payload_
bool decrypt_bthome_payload_(const std::vector< uint8_t > &data, uint64_t source_address, std::vector< uint8_t > &payload) const
Definition bthome_ble.cpp:179
esphome::bthome_mithermometer::BTHomeMiThermometer::parse_device
bool parse_device(const esp32_ble_tracker::ESPBTDevice &device) override
Definition bthome_ble.cpp:157
esphome::bthome_mithermometer::BTHomeMiThermometer::address_
uint64_t address_
Definition bthome_ble.h:36
esphome::esp32_ble::ESPBTUUID::contains
bool contains(uint8_t data1, uint8_t data2) const
Definition ble_uuid.cpp:112
esphome::esp32_ble_tracker::ESPBTDevice
Definition esp32_ble_tracker.h:78
esphome::esp32_ble_tracker::ESPBTDevice::address_uint64
uint64_t address_uint64() const
Definition esp32_ble_tracker.cpp:689
esphome::esp32_ble_tracker::ESPBTDevice::address_str_to
const char * address_str_to(std::span< char, MAC_ADDRESS_PRETTY_BUFFER_SIZE > buf) const
Format MAC address into provided buffer, returns pointer to buffer for convenience.
Definition esp32_ble_tracker.h:85
esphome::esp32_ble_tracker::ESPBTDevice::get_service_datas
const std::vector< ServiceData > & get_service_datas() const
Definition esp32_ble_tracker.h:106
esphome::esp32_ble_tracker::ESPBTDevice::get_rssi
int get_rssi() const
Definition esp32_ble_tracker.h:95
esphome::sensor::Sensor::publish_state
void publish_state(float state)
Publish a new state to the front-end.
Definition sensor.cpp:68
esphome
Providing packet encoding functions for exchanging data with a remote host.
Definition a01nyub.cpp:7
esphome::format_hex_pretty_to
char * format_hex_pretty_to(char *buffer, size_t buffer_size, const uint8_t *data, size_t length, char separator)
Format byte array as uppercase hex to buffer (base implementation).
Definition helpers.cpp:409
esphome::format_hex_pretty_size
constexpr size_t format_hex_pretty_size(size_t byte_count)
Calculate buffer size needed for format_hex_pretty_to with separator: "XX:XX:...:XX\0".
Definition helpers.h:1368
esphome::encode_uint16
constexpr uint16_t encode_uint16(uint8_t msb, uint8_t lsb)
Encode a 16-bit value given the most and least significant byte.
Definition helpers.h:881
esphome::format_mac_addr_upper
char * format_mac_addr_upper(const uint8_t *mac, char *output)
Format MAC address as XX:XX:XX:XX:XX:XX (uppercase, colon separators)
Definition helpers.h:1435
esphome::esp32_ble_tracker::ServiceData
Definition esp32_ble_tracker.h:49
esphome::esp32_ble_tracker::ServiceData::uuid
ESPBTUUID uuid
Definition esp32_ble_tracker.h:50
esphome::esp32_ble_tracker::ServiceData::data
adv_data_t data
Definition esp32_ble_tracker.h:51
payload_size
uint32_t payload_size()
Definition tormatic_protocol.h:30
Generated by doxygen 1.12.0