Nuki error message : how to decrypt error code

SebBrunelle · February 14, 2019, 10:33pm

Hello,

Whats the meaning of this Error Code / Message ? 120011050073DA ?
Obtained while trying to develop Authorize App (like described in Nuki Bluetooth API 201811).
Step : Sending Authorization Authenticator command (0500xxxx).

Thanks

henry-spanka · February 15, 2019, 10:42am

Hi,
the first 2 bytes are the command (0x0012) ErrorReport.
The 3rd byte is the error code. You can find the correct error message in the Smart Lock API pdf. 0x11 means that the Authenticator is bad <=> Your hash function is incorrect.

SebBrunelle · February 15, 2019, 7:21pm

Thank you for your answer. Is there any other informations for the end of the code ?
0x0500 : command in Error ? (logical here in the send authenticator step).
& what about 73DA here ?

henry-spanka · February 15, 2019, 7:32pm

It’s the CRC checksum.

Basically you have:
2 Bytes Command (0x0012 = Error Report)
1 Byte Error Code (0x11 = Bad Authenticator)
2 Bytes Command during which the error occurred (0x0050 = Send Authenticator)
2 Bytes CRC (= Checksum to check that the message was transferred via Bluetooth correctly).

SebBrunelle · February 15, 2019, 8:46pm

Well, I understand now. But it’s quite strange because I always receive the same checksum while I send each time a différent authenticator…
The second strange thing is that I tested my hash function with the datas of your nuki Bluetooth API doc & I found the write value for Authenticator… (see MyPubK, NukiPubK, & Challenge setup has constants in my code give the good result…).
Also checked CRC16 each time… I probably miss something… Any help ?

SebBrunelle · February 16, 2019, 5:35pm

Sorry, I did not understand but I got it now : this 2bytes CRC are of course relative to the error message. I first thought that it was the check sum of my 0500 message as received by Nuki SL.
But the “second strange thing” : hash function tested with the example datas of your doc but don’t work here in live… I need some help, I tried a lot of things…

henry-spanka · February 16, 2019, 8:53pm

The CRC is calculated from the message sent. As the same error message is sent each time, the CRC is also the same. If you have the right result it should work. Maybe you made a mistake while sending the authenticator to the smart lock? Can you post the data you exchanged in each step please? Which programming language do you use? Can you post your code?

SebBrunelle · February 16, 2019, 10:22pm

yes sure, it’s an error in my authenticator.
i’m on Arduino IDE, coding in cpp, using TweetNaCl, SHA256 library
I think I miss something in derivating DH, long term secret and so on…

here is an exemple of data exchange
Nuki : 03009D2C7458156B01B91C05ADDD28F13023A28767F111AF50152CE9D56A8E8218000FD10
MyApp : 0300DAD3C136C1D9A67E975979FC79629D4115D05D8B87A731F8AE62A571FE13322D4876
Nuki Challenge 1 : 040065A167E575AC086562760D0B7797A0BFBFB2A3E9C6972A65EA810D98007FA2750189
r value (myPubK / nukiPubK / challenge)
DAD3C136C1D9A67E975979FC79629D4115D05D8B87A731F8AE62A571FE13322D
9D2C7458156B01B91C05ADDD28F13023A28767F111AF50152CE9D56A8E821800
65A167E575AC086562760D0B7797A0BFBFB2A3E9C6972A65EA810D98007FA275

MyApp : 05000BBF5CD90EBE53074FB42E72F850B1AC8CDBF32D0FA3DC906DBB678AEF15DD31A2A0

Nuki : 120011050073DA

The part of my code I’m not confident about :

 i= crypto_box_keypair(myPubK, myPrivateK); // int crypto_box_keypair(u8 *y,u8 *x)
        // Create Diffie-Hellman key from our secret key and nuki public key : var k = sodium.api.crypto_scalarmult(slSk, this.keys.clPk);
        i= crypto_scalarmult(sharedKey, myPrivateK, nukiPubK);// int crypto_scalarmult(u8 *q,const u8 *n,const u8 *p)
          
        // derive a longterm shared secret key s from k using function kdf1 :     hsalsa20.crypto_core(this.keys.sharedSecret, inv, k, c);
        memset(inv,'0',16);
        // mySigma valeur : expand 32-byte k
        crypto_core_hsalsa20(sharedKey,inv, myPrivateK, mySigma);  

  oHash.resetHMAC(sharedKey, 32);          
  oHash.update(r, 96);     
  oHash.finalizeHMAC(sharedKey, 32, authHMAC, 32);

this authHMAC is the one I set in 0x0500 command

Thanks for your help.

henry-spanka · February 16, 2019, 10:57pm

Hi,
can you also include your private key?

memset(inv,‘0’,16);

Make sure to not memset the ASCII code for ‘0’. Try memset(inv, 0, 16) instead.

SebBrunelle · February 17, 2019, 8:50pm

You’re right for the memset… I changed it but always the same error.
Here is a new set of keys / datas exchange :

Nuki : 0300D5DB175077D36A253257E469AAFD88255B23F53C12BD46D257F1D698A2C6EC103D99
Me : 030044502C999B321A3E65FD09F7BDA74A802187FA6B6AA5F8F312646953B3668825AE55
My Private Key : 681AD1B77729B049EF51A7D3D0289CF14249E49C0EAAC80697652E85228E9EDC
Shared key : 3F0F8AD5EF3B9A9A48E038D234CDE876DE2077E76203BFD3E939E236CF91BD36
Nuki challenge 1 : 04004753F4BF3DADA4C4B08A164BFD321C9A5BAE578F2A6CFF0FD359ADDAD75964FE4F84
r value : 44502C999B321A3E65FD09F7BDA74A802187FA6B6AA5F8F312646953B3668825D5DB175077D36A253257E469AAFD88255B23F53C12BD46D257F1D698A2C6EC104753F4BF3DADA4C4B08A164BFD321C9A5BAE578F2A6CFF0FD359ADDAD75964FE
Me : 05003D68A0890ACE4BB05D9ADB14713E0268F7F8791DD788F9D8E480EAD301D93997F8F1
Nuki : 120011050073DA

Thank you again for your relevant help

SebBrunelle · February 18, 2019, 12:03am

I've just find my error : 
BAD : 

i= crypto_scalarmult(sharedKey, myPrivateK, nukiPubK);
...
crypto_core_hsalsa20(sharedKey,inv, **myPrivateK**, mySigma);

-----> GOOD
i= crypto_scalarmult(DHK, myPrivateK, nukiPubK);
...
crypto_core_hsalsa20(sharedKey,inv, DHK, mySigma);

I’m a beginner in crypto

henry-spanka · February 18, 2019, 12:34pm

Good to hear