ESPHome 2026.5.0b1
Loading...
Searching...
No Matches
bthome_ble.cpp
Go to the documentation of this file.
1#include "bthome_ble.h"
2
3#include "esphome/core/helpers.h"
4#include "esphome/core/log.h"
5
6#include <algorithm>
7#include <array>
8#include <cstring>
9#include <span>
10
11#ifdef USE_ESP32
12
13#include <esp_idf_version.h>
14#if ESP_IDF_VERSION >= ESP_IDF_VERSION_VAL(6, 0, 0)
15#include <psa/crypto.h>
16#else
17#include "mbedtls/ccm.h"
18#endif
19
20namespace esphome::bthome_mithermometer {
21
22static const char *const TAG = "bthome_mithermometer";
23static constexpr size_t BTHOME_BINDKEY_SIZE = 16;
24static constexpr size_t BTHOME_NONCE_SIZE = 13;
25static constexpr size_t BTHOME_MIC_SIZE = 4;
26static constexpr size_t BTHOME_COUNTER_SIZE = 4;
27
28static const char *format_mac_address(std::span<char, MAC_ADDRESS_PRETTY_BUFFER_SIZE> buffer, uint64_t address) {
29 std::array<uint8_t, MAC_ADDRESS_SIZE> mac{};
30 for (size_t i = 0; i < MAC_ADDRESS_SIZE; i++) {
31 mac[i] = (address >> ((MAC_ADDRESS_SIZE - 1 - i) * 8)) & 0xFF;
32 }
33
34 format_mac_addr_upper(mac.data(), buffer.data());
35 return buffer.data();
36}
37
38static bool get_bthome_value_length(uint8_t obj_type, size_t &value_length) {
39 switch (obj_type) {
40 case 0x00: // packet id
41 case 0x01: // battery
42 case 0x09: // count (uint8)
43 case 0x0F: // generic boolean
44 case 0x10: // power (bool)
45 case 0x11: // opening
46 case 0x15: // battery low
47 case 0x16: // battery charging
48 case 0x17: // carbon monoxide
49 case 0x18: // cold
50 case 0x19: // connectivity
51 case 0x1A: // door
52 case 0x1B: // garage door
53 case 0x1C: // gas
54 case 0x1D: // heat
55 case 0x1E: // light
56 case 0x1F: // lock
57 case 0x20: // moisture
58 case 0x21: // motion
59 case 0x22: // moving
60 case 0x23: // occupancy
61 case 0x24: // plug
62 case 0x25: // presence
63 case 0x26: // problem
64 case 0x27: // running
65 case 0x28: // safety
66 case 0x29: // smoke
67 case 0x2A: // sound
68 case 0x2B: // tamper
69 case 0x2C: // vibration
70 case 0x2D: // water leak
71 case 0x2E: // humidity (uint8)
72 case 0x2F: // moisture (uint8)
73 case 0x46: // UV index
74 case 0x57: // temperature (sint8)
75 case 0x58: // temperature (0.35C step)
76 case 0x59: // count (sint8)
77 case 0x60: // channel
78 value_length = 1;
79 return true;
80 case 0x02: // temperature (0.01C)
81 case 0x03: // humidity
82 case 0x06: // mass (kg)
83 case 0x07: // mass (lb)
84 case 0x08: // dewpoint
85 case 0x0C: // voltage (mV)
86 case 0x0D: // pm2.5
87 case 0x0E: // pm10
88 case 0x12: // CO2
89 case 0x13: // TVOC
90 case 0x14: // moisture
91 case 0x3D: // count (uint16)
92 case 0x3F: // rotation
93 case 0x40: // distance (mm)
94 case 0x41: // distance (m)
95 case 0x43: // current (A)
96 case 0x44: // speed
97 case 0x45: // temperature (0.1C)
98 case 0x47: // volume (L)
99 case 0x48: // volume (mL)
100 case 0x49: // volume flow rate
101 case 0x4A: // voltage (0.1V)
102 case 0x51: // acceleration
103 case 0x52: // gyroscope
104 case 0x56: // conductivity
105 case 0x5A: // count (sint16)
106 case 0x5D: // current (sint16)
107 case 0x5E: // direction
108 case 0x5F: // precipitation
109 case 0x61: // rotational speed
110 case 0xF0: // button event
111 value_length = 2;
112 return true;
113 case 0x04: // pressure
114 case 0x05: // illuminance
115 case 0x0A: // energy
116 case 0x0B: // power
117 case 0x42: // duration
118 case 0x4B: // gas (uint24)
119 case 0xF2: // firmware version (uint24)
120 value_length = 3;
121 return true;
122 case 0x3E: // count (uint32)
123 case 0x4C: // gas (uint32)
124 case 0x4D: // energy (uint32)
125 case 0x4E: // volume (uint32)
126 case 0x4F: // water (uint32)
127 case 0x50: // timestamp
128 case 0x55: // volume storage
129 case 0x5B: // count (sint32)
130 case 0x5C: // power (sint32)
131 case 0x62: // speed (sint32)
132 case 0x63: // acceleration (sint32)
133 case 0xF1: // firmware version (uint32)
134 value_length = 4;
135 return true;
136 default:
137 return false;
138 }
139}
140
141void BTHomeMiThermometer::dump_config() {
142 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
143 ESP_LOGCONFIG(TAG, "BTHome MiThermometer");
144 ESP_LOGCONFIG(TAG, " MAC Address: %s", format_mac_address(addr_buf, this->address_));
145 if (this->has_bindkey_) {
146 char bindkey_hex[format_hex_pretty_size(BTHOME_BINDKEY_SIZE)];
147 ESP_LOGCONFIG(TAG, " Bindkey: %s", format_hex_pretty_to(bindkey_hex, this->bindkey_, BTHOME_BINDKEY_SIZE, '.'));
148 }
149 LOG_SENSOR(" ", "Temperature", this->temperature_);
150 LOG_SENSOR(" ", "Humidity", this->humidity_);
151 LOG_SENSOR(" ", "Battery Level", this->battery_level_);
152 LOG_SENSOR(" ", "Battery Voltage", this->battery_voltage_);
153 LOG_SENSOR(" ", "Signal Strength", this->signal_strength_);
154}
155
156bool BTHomeMiThermometer::parse_device(const esp32_ble_tracker::ESPBTDevice &device) {
157 bool matched = false;
158 for (auto &service_data : device.get_service_datas()) {
159 if (this->handle_service_data_(service_data, device)) {
160 matched = true;
161 }
162 }
163 if (matched && this->signal_strength_ != nullptr) {
164 this->signal_strength_->publish_state(device.get_rssi());
165 }
166 return matched;
167}
168
169void BTHomeMiThermometer::set_bindkey(std::initializer_list<uint8_t> bindkey) {
170 if (bindkey.size() != sizeof(this->bindkey_)) {
171 ESP_LOGW(TAG, "BTHome bindkey size mismatch: %zu", bindkey.size());
172 return;
173 }
174 std::copy(bindkey.begin(), bindkey.end(), this->bindkey_);
175 this->has_bindkey_ = true;
176}
177
178bool BTHomeMiThermometer::decrypt_bthome_payload_(const std::vector<uint8_t> &data, uint64_t source_address,
179 std::vector<uint8_t> &payload) const {
180 if (data.size() <= 1 + BTHOME_COUNTER_SIZE + BTHOME_MIC_SIZE) {
181 ESP_LOGVV(TAG, "Encrypted BTHome payload too short: %zu", data.size());
182 return false;
183 }
184
185 const size_t ciphertext_size = data.size() - 1 - BTHOME_COUNTER_SIZE - BTHOME_MIC_SIZE;
186 payload.resize(ciphertext_size);
187
188 std::array<uint8_t, MAC_ADDRESS_SIZE> mac{};
189 for (size_t i = 0; i < MAC_ADDRESS_SIZE; i++) {
190 mac[i] = (source_address >> ((MAC_ADDRESS_SIZE - 1 - i) * 8)) & 0xFF;
191 }
192
193 std::array<uint8_t, BTHOME_NONCE_SIZE> nonce{};
194 memcpy(nonce.data(), mac.data(), mac.size());
195 nonce[6] = 0xD2;
196 nonce[7] = 0xFC;
197 nonce[8] = data[0];
198 memcpy(nonce.data() + 9, &data[data.size() - BTHOME_COUNTER_SIZE - BTHOME_MIC_SIZE], BTHOME_COUNTER_SIZE);
199
200 const uint8_t *ciphertext = data.data() + 1;
201 const uint8_t *mic = data.data() + data.size() - BTHOME_MIC_SIZE;
202
203#if ESP_IDF_VERSION >= ESP_IDF_VERSION_VAL(6, 0, 0)
204 // PSA AEAD expects ciphertext + tag concatenated
205 // BLE advertisement max payload is 31 bytes, so this is always sufficient
206 static constexpr size_t MAX_CT_WITH_TAG = 32;
207 uint8_t ct_with_tag[MAX_CT_WITH_TAG];
208 size_t ct_with_tag_size = ciphertext_size + BTHOME_MIC_SIZE;
209 memcpy(ct_with_tag, ciphertext, ciphertext_size);
210 memcpy(ct_with_tag + ciphertext_size, mic, BTHOME_MIC_SIZE);
211
212 psa_key_attributes_t attributes = PSA_KEY_ATTRIBUTES_INIT;
213 psa_set_key_type(&attributes, PSA_KEY_TYPE_AES);
214 psa_set_key_bits(&attributes, BTHOME_BINDKEY_SIZE * 8);
215 psa_set_key_usage_flags(&attributes, PSA_KEY_USAGE_DECRYPT);
216 psa_set_key_algorithm(&attributes, PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, BTHOME_MIC_SIZE));
217
218 mbedtls_svc_key_id_t key_id;
219 if (psa_import_key(&attributes, this->bindkey_, BTHOME_BINDKEY_SIZE, &key_id) != PSA_SUCCESS) {
220 ESP_LOGVV(TAG, "psa_import_key() failed.");
221 return false;
222 }
223
224 size_t plaintext_length;
225 psa_status_t status = psa_aead_decrypt(key_id, PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, BTHOME_MIC_SIZE),
226 nonce.data(), nonce.size(), nullptr, 0, ct_with_tag, ct_with_tag_size,
227 payload.data(), ciphertext_size, &plaintext_length);
228 psa_destroy_key(key_id);
229 if (status != PSA_SUCCESS || plaintext_length != ciphertext_size) {
230 ESP_LOGVV(TAG, "BTHome decryption failed.");
231 return false;
232 }
233#else
234 mbedtls_ccm_context ctx;
235 mbedtls_ccm_init(&ctx);
236
237 int ret = mbedtls_ccm_setkey(&ctx, MBEDTLS_CIPHER_ID_AES, this->bindkey_, BTHOME_BINDKEY_SIZE * 8);
238 if (ret) {
239 ESP_LOGVV(TAG, "mbedtls_ccm_setkey() failed.");
240 mbedtls_ccm_free(&ctx);
241 return false;
242 }
243
244 ret = mbedtls_ccm_auth_decrypt(&ctx, ciphertext_size, nonce.data(), nonce.size(), nullptr, 0, ciphertext,
245 payload.data(), mic, BTHOME_MIC_SIZE);
246 mbedtls_ccm_free(&ctx);
247 if (ret) {
248 ESP_LOGVV(TAG, "BTHome decryption failed (ret=%d).", ret);
249 return false;
250 }
251#endif
252 return true;
253}
254
255bool BTHomeMiThermometer::handle_service_data_(const esp32_ble_tracker::ServiceData &service_data,
256 const esp32_ble_tracker::ESPBTDevice &device) {
257 if (!service_data.uuid.contains(0xD2, 0xFC)) {
258 return false;
259 }
260
261 const auto &data = service_data.data;
262 if (data.size() < 2) {
263 ESP_LOGVV(TAG, "BTHome data too short: %zu", data.size());
264 return false;
265 }
266
267 const uint8_t adv_info = data[0];
268 const bool is_encrypted = adv_info & 0x01;
269 const bool mac_included = adv_info & 0x02;
270 const bool is_trigger_based = adv_info & 0x04;
271 const uint8_t version = (adv_info >> 5) & 0x07;
272
273 if (version != 0x02) {
274 ESP_LOGVV(TAG, "Unsupported BTHome version %u", version);
275 return false;
276 }
277
278 uint64_t source_address = device.address_uint64();
279 bool address_matches = source_address == this->address_;
280 if (!is_encrypted && mac_included && data.size() >= 7) {
281 uint64_t advertised_address = 0;
282 for (int i = 5; i >= 0; i--) {
283 advertised_address = (advertised_address << 8) | data[1 + i];
284 }
285 address_matches = address_matches || advertised_address == this->address_;
286 }
287
288 if (is_encrypted && !this->has_bindkey_) {
289 if (address_matches) {
290 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
291 ESP_LOGE(TAG, "Encrypted BTHome frame received but no bindkey configured for %s",
292 device.address_str_to(addr_buf));
293 }
294 return false;
295 }
296
297 if (!is_encrypted && this->has_bindkey_) {
298 if (address_matches) {
299 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
300 ESP_LOGE(TAG, "Unencrypted BTHome frame received with bindkey configured for %s",
301 device.address_str_to(addr_buf));
302 }
303 return false;
304 }
305 std::vector<uint8_t> decrypted_payload;
306 const uint8_t *payload = nullptr;
307 size_t payload_size = 0;
308
309 if (is_encrypted) {
310 if (!this->decrypt_bthome_payload_(data, source_address, decrypted_payload)) {
311 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
312 ESP_LOGVV(TAG, "Failed to decrypt BTHome frame from %s", device.address_str_to(addr_buf));
313 return false;
314 }
315 payload = decrypted_payload.data();
316 payload_size = decrypted_payload.size();
317 } else {
318 payload = data.data() + 1;
319 payload_size = data.size() - 1;
320 }
321
322 if (mac_included) {
323 if (payload_size < 6) {
324 ESP_LOGVV(TAG, "BTHome payload missing MAC address");
325 return false;
326 }
327 source_address = 0;
328 for (int i = 5; i >= 0; i--) {
329 source_address = (source_address << 8) | payload[i];
330 }
331 payload += 6;
332 payload_size -= 6;
333 }
334
335 char addr_buf[MAC_ADDRESS_PRETTY_BUFFER_SIZE];
336 if (source_address != this->address_) {
337 ESP_LOGVV(TAG, "BTHome frame from unexpected device %s", format_mac_address(addr_buf, source_address));
338 return false;
339 }
340
341 if (payload_size == 0) {
342 ESP_LOGVV(TAG, "BTHome payload empty after header");
343 return false;
344 }
345
346 bool reported = false;
347 size_t offset = 0;
348 uint8_t last_type = 0;
349
350 while (offset < payload_size) {
351 const uint8_t obj_type = payload[offset++];
352 size_t value_length = 0;
353 bool has_length_byte = obj_type == 0x53; // text objects include explicit length
354
355 if (has_length_byte) {
356 if (offset >= payload_size) {
357 break;
358 }
359 value_length = payload[offset++];
360 } else {
361 if (!get_bthome_value_length(obj_type, value_length)) {
362 ESP_LOGVV(TAG, "Unknown BTHome object 0x%02X", obj_type);
363 break;
364 }
365 }
366
367 if (value_length == 0) {
368 break;
369 }
370
371 if (offset + value_length > payload_size) {
372 ESP_LOGVV(TAG, "BTHome object length exceeds payload");
373 break;
374 }
375
376 const uint8_t *value = &payload[offset];
377 offset += value_length;
378
379 if (obj_type < last_type) {
380 ESP_LOGVV(TAG, "BTHome objects not in ascending order");
381 }
382 last_type = obj_type;
383
384 switch (obj_type) {
385 case 0x00: { // packet id
386 const uint8_t packet_id = value[0];
387 if (this->last_packet_id_.has_value() && *this->last_packet_id_ == packet_id) {
388 return reported;
389 }
390 this->last_packet_id_ = packet_id;
391 break;
392 }
393 case 0x01: { // battery percentage
394 if (this->battery_level_ != nullptr) {
395 this->battery_level_->publish_state(value[0]);
396 reported = true;
397 }
398 break;
399 }
400 case 0x0C: { // battery voltage (mV)
401 if (this->battery_voltage_ != nullptr) {
402 const uint16_t raw = encode_uint16(value[1], value[0]);
403 this->battery_voltage_->publish_state(raw * 0.001f);
404 reported = true;
405 }
406 break;
407 }
408 case 0x02: { // temperature
409 if (this->temperature_ != nullptr) {
410 const int16_t raw = encode_uint16(value[1], value[0]);
411 this->temperature_->publish_state(raw * 0.01f);
412 reported = true;
413 }
414 break;
415 }
416 case 0x03: { // humidity
417 if (this->humidity_ != nullptr) {
418 const uint16_t raw = encode_uint16(value[1], value[0]);
419 this->humidity_->publish_state(raw * 0.01f);
420 reported = true;
421 }
422 break;
423 }
424 default:
425 break;
426 }
427 }
428
429 if (reported) {
430 ESP_LOGD(TAG, "BTHome data%sfrom %s", is_trigger_based ? " (triggered) " : " ", device.address_str_to(addr_buf));
431 }
432
433 return reported;
434}
435
436} // namespace esphome::bthome_mithermometer
437
438#endif
address
uint8_t address
Definition bl0906.h:4
raw
uint8_t raw[35]
Definition bl0939.h:0
status
uint8_t status
Definition bl0942.h:8
bthome_ble.h
esphome::bthome_mithermometer::BTHomeMiThermometer::handle_service_data_
bool handle_service_data_(const esp32_ble_tracker::ServiceData &service_data, const esp32_ble_tracker::ESPBTDevice &device)
Definition bthome_ble.cpp:255
esphome::bthome_mithermometer::BTHomeMiThermometer::temperature_
sensor::Sensor * temperature_
Definition bthome_ble.h:40
esphome::bthome_mithermometer::BTHomeMiThermometer::battery_level_
sensor::Sensor * battery_level_
Definition bthome_ble.h:42
esphome::bthome_mithermometer::BTHomeMiThermometer::last_packet_id_
optional< uint8_t > last_packet_id_
Definition bthome_ble.h:36
esphome::bthome_mithermometer::BTHomeMiThermometer::signal_strength_
sensor::Sensor * signal_strength_
Definition bthome_ble.h:44
esphome::bthome_mithermometer::BTHomeMiThermometer::bindkey_
uint8_t bindkey_[16]
Definition bthome_ble.h:38
esphome::bthome_mithermometer::BTHomeMiThermometer::set_bindkey
void set_bindkey(std::initializer_list< uint8_t > bindkey)
Definition bthome_ble.cpp:169
esphome::bthome_mithermometer::BTHomeMiThermometer::battery_voltage_
sensor::Sensor * battery_voltage_
Definition bthome_ble.h:43
esphome::bthome_mithermometer::BTHomeMiThermometer::humidity_
sensor::Sensor * humidity_
Definition bthome_ble.h:41
esphome::bthome_mithermometer::BTHomeMiThermometer::has_bindkey_
bool has_bindkey_
Definition bthome_ble.h:37
esphome::bthome_mithermometer::BTHomeMiThermometer::dump_config
void dump_config() override
Definition bthome_ble.cpp:141
esphome::bthome_mithermometer::BTHomeMiThermometer::decrypt_bthome_payload_
bool decrypt_bthome_payload_(const std::vector< uint8_t > &data, uint64_t source_address, std::vector< uint8_t > &payload) const
Definition bthome_ble.cpp:178
esphome::bthome_mithermometer::BTHomeMiThermometer::parse_device
bool parse_device(const esp32_ble_tracker::ESPBTDevice &device) override
Definition bthome_ble.cpp:156
esphome::bthome_mithermometer::BTHomeMiThermometer::address_
uint64_t address_
Definition bthome_ble.h:35
esphome::esp32_ble::ESPBTUUID::contains
bool contains(uint8_t data1, uint8_t data2) const
Definition ble_uuid.cpp:112
esphome::esp32_ble_tracker::ESPBTDevice
Definition esp32_ble_tracker.h:78
esphome::esp32_ble_tracker::ESPBTDevice::address_uint64
uint64_t address_uint64() const
Definition esp32_ble_tracker.cpp:698
esphome::esp32_ble_tracker::ESPBTDevice::address_str_to
const char * address_str_to(std::span< char, MAC_ADDRESS_PRETTY_BUFFER_SIZE > buf) const
Format MAC address into provided buffer, returns pointer to buffer for convenience.
Definition esp32_ble_tracker.h:85
esphome::esp32_ble_tracker::ESPBTDevice::get_service_datas
const std::vector< ServiceData > & get_service_datas() const
Definition esp32_ble_tracker.h:106
esphome::esp32_ble_tracker::ESPBTDevice::get_rssi
int get_rssi() const
Definition esp32_ble_tracker.h:95
esphome::sensor::Sensor::publish_state
void publish_state(float state)
Publish a new state to the front-end.
Definition sensor.cpp:68
esphome::bthome_mithermometer
Definition bthome_ble.cpp:20
esphome::format_hex_pretty_to
char * format_hex_pretty_to(char *buffer, size_t buffer_size, const uint8_t *data, size_t length, char separator)
Format byte array as uppercase hex to buffer (base implementation).
Definition helpers.cpp:341
esphome::format_hex_pretty_size
constexpr size_t format_hex_pretty_size(size_t byte_count)
Calculate buffer size needed for format_hex_pretty_to with separator: "XX:XX:...:XX\0".
Definition helpers.h:1386
esphome::encode_uint16
constexpr uint16_t encode_uint16(uint8_t msb, uint8_t lsb)
Encode a 16-bit value given the most and least significant byte.
Definition helpers.h:859
esphome::format_mac_addr_upper
char * format_mac_addr_upper(const uint8_t *mac, char *output)
Format MAC address as XX:XX:XX:XX:XX:XX (uppercase, colon separators)
Definition helpers.h:1453
esphome::esp32_ble_tracker::ServiceData
Definition esp32_ble_tracker.h:49
esphome::esp32_ble_tracker::ServiceData::uuid
ESPBTUUID uuid
Definition esp32_ble_tracker.h:50
esphome::esp32_ble_tracker::ServiceData::data
adv_data_t data
Definition esp32_ble_tracker.h:51
payload_size
uint32_t payload_size()
Definition tormatic_protocol.h:30
Generated by doxygen 1.12.0