[deliverable/linux.git] / net / bluetooth / smp.c

/*
   BlueZ - Bluetooth protocol stack for Linux
   Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).

   This program is free software; you can redistribute it and/or modify
   it under the terms of the GNU General Public License version 2 as
   published by the Free Software Foundation;

   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
   SOFTWARE IS DISCLAIMED.
*/

#include <net/bluetooth/bluetooth.h>
#include <net/bluetooth/hci_core.h>
#include <net/bluetooth/l2cap.h>
#include <net/bluetooth/smp.h>
#include <linux/crypto.h>
#include <crypto/b128ops.h>

static inline void swap128(u8 src[16], u8 dst[16])
{
	int i;
	for (i = 0; i < 16; i++)
		dst[15 - i] = src[i];
}

static inline void swap56(u8 src[7], u8 dst[7])
{
	int i;
	for (i = 0; i < 7; i++)
		dst[6 - i] = src[i];
}

static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
{
	struct blkcipher_desc desc;
	struct scatterlist sg;
	int err, iv_len;
	unsigned char iv[128];

	if (tfm == NULL) {
		BT_ERR("tfm %p", tfm);
		return -EINVAL;
	}

	desc.tfm = tfm;
	desc.flags = 0;

	err = crypto_blkcipher_setkey(tfm, k, 16);
	if (err) {
		BT_ERR("cipher setkey failed: %d", err);
		return err;
	}

	sg_init_one(&sg, r, 16);

	iv_len = crypto_blkcipher_ivsize(tfm);
	if (iv_len) {
		memset(&iv, 0xff, iv_len);
		crypto_blkcipher_set_iv(tfm, iv, iv_len);
	}

	err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
	if (err)
		BT_ERR("Encrypt data error %d", err);

	return err;
}

static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
		u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
		u8 _rat, bdaddr_t *ra, u8 res[16])
{
	u8 p1[16], p2[16];
	int err;

	memset(p1, 0, 16);

	/* p1 = pres || preq || _rat || _iat */
	swap56(pres, p1);
	swap56(preq, p1 + 7);
	p1[14] = _rat;
	p1[15] = _iat;

	memset(p2, 0, 16);

	/* p2 = padding || ia || ra */
	baswap((bdaddr_t *) (p2 + 4), ia);
	baswap((bdaddr_t *) (p2 + 10), ra);

	/* res = r XOR p1 */
	u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);

	/* res = e(k, res) */
	err = smp_e(tfm, k, res);
	if (err) {
		BT_ERR("Encrypt data error");
		return err;
	}

	/* res = res XOR p2 */
	u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);

	/* res = e(k, res) */
	err = smp_e(tfm, k, res);
	if (err)
		BT_ERR("Encrypt data error");

	return err;
}

static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
			u8 r1[16], u8 r2[16], u8 _r[16])
{
	int err;

	/* Just least significant octets from r1 and r2 are considered */
	memcpy(_r, r1 + 8, 8);
	memcpy(_r + 8, r2 + 8, 8);

	err = smp_e(tfm, k, _r);
	if (err)
		BT_ERR("Encrypt data error");

	return err;
}

static int smp_rand(u8 *buf)
{
	get_random_bytes(buf, 16);

	return 0;
}

static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
						u16 dlen, void *data)
{
	struct sk_buff *skb;
	struct l2cap_hdr *lh;
	int len;

	len = L2CAP_HDR_SIZE + sizeof(code) + dlen;

	if (len > conn->mtu)
		return NULL;

	skb = bt_skb_alloc(len, GFP_ATOMIC);
	if (!skb)
		return NULL;

	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
	lh->len = cpu_to_le16(sizeof(code) + dlen);
	lh->cid = cpu_to_le16(L2CAP_CID_SMP);

	memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));

	memcpy(skb_put(skb, dlen), data, dlen);

	return skb;
}

static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
{
	struct sk_buff *skb = smp_build_cmd(conn, code, len, data);

	BT_DBG("code 0x%2.2x", code);

	if (!skb)
		return;

	hci_send_acl(conn->hcon, skb, 0);
}

static __u8 seclevel_to_authreq(__u8 level)
{
	switch (level) {
	case BT_SECURITY_HIGH:
		/* Right now we don't support bonding */
		return SMP_AUTH_MITM;

	default:
		return SMP_AUTH_NONE;
	}
}

static void build_pairing_cmd(struct l2cap_conn *conn,
				struct smp_cmd_pairing *cmd, __u8 authreq)
{
	cmd->io_capability = conn->hcon->io_capability;
	cmd->oob_flag = SMP_OOB_NOT_PRESENT;
	cmd->max_key_size = 16;
	cmd->init_key_dist = 0x00;
	cmd->resp_key_dist = 0x00;
	cmd->auth_req = authreq;
}

static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
{
	struct smp_cmd_pairing *rp = (void *) skb->data;

	BT_DBG("conn %p", conn);

	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	memcpy(&conn->preq[1], rp, sizeof(*rp));
	skb_pull(skb, sizeof(*rp));

	if (rp->oob_flag)
		return SMP_OOB_NOT_AVAIL;

	/* We didn't start the pairing, so no requirements */
	build_pairing_cmd(conn, rp, SMP_AUTH_NONE);

	/* Just works */
	memset(conn->tk, 0, sizeof(conn->tk));

	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
	memcpy(&conn->prsp[1], rp, sizeof(*rp));

	smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(*rp), rp);

	return 0;
}

static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
{
	struct smp_cmd_pairing *rp = (void *) skb->data;
	struct smp_cmd_pairing_confirm cp;
	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
	int ret;
	u8 res[16];

	BT_DBG("conn %p", conn);

	skb_pull(skb, sizeof(*rp));

	if (rp->oob_flag)
		return SMP_OOB_NOT_AVAIL;

	/* Just works */
	memset(conn->tk, 0, sizeof(conn->tk));

	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
	memcpy(&conn->prsp[1], rp, sizeof(*rp));

	ret = smp_rand(conn->prnd);
	if (ret)
		return SMP_UNSPECIFIED;

	ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
			conn->src, conn->hcon->dst_type, conn->dst, res);
	if (ret)
		return SMP_UNSPECIFIED;

	swap128(res, cp.confirm_val);

	smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);

	return 0;
}

static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
{
	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;

	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");

	memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
	skb_pull(skb, sizeof(conn->pcnf));

	if (conn->hcon->out) {
		u8 random[16];

		swap128(conn->prnd, random);
		smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
								random);
	} else {
		struct smp_cmd_pairing_confirm cp;
		int ret;
		u8 res[16];

		ret = smp_rand(conn->prnd);
		if (ret)
			return SMP_UNSPECIFIED;

		ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
						conn->hcon->dst_type, conn->dst,
						0, conn->src, res);
		if (ret)
			return SMP_CONFIRM_FAILED;

		swap128(res, cp.confirm_val);

		smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
	}

	return 0;
}

static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
{
	struct hci_conn *hcon = conn->hcon;
	struct crypto_blkcipher *tfm = hcon->hdev->tfm;
	int ret;
	u8 key[16], res[16], random[16], confirm[16];

	swap128(skb->data, random);
	skb_pull(skb, sizeof(random));

	memset(hcon->ltk, 0, sizeof(hcon->ltk));

	if (conn->hcon->out)
		ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
				conn->src, conn->hcon->dst_type, conn->dst,
				res);
	else
		ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
				conn->hcon->dst_type, conn->dst, 0, conn->src,
				res);
	if (ret)
		return SMP_UNSPECIFIED;

	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");

	swap128(res, confirm);

	if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
		BT_ERR("Pairing failed (confirmation values mismatch)");
		return SMP_CONFIRM_FAILED;
	}

	if (conn->hcon->out) {
		__le16 ediv;
		u8 rand[8];

		smp_s1(tfm, conn->tk, random, conn->prnd, key);
		swap128(key, hcon->ltk);

		memset(rand, 0, sizeof(rand));
		ediv = 0;
		hci_le_start_enc(hcon, ediv, rand, hcon->ltk);
	} else {
		u8 r[16];

		swap128(conn->prnd, r);
		smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);

		smp_s1(tfm, conn->tk, conn->prnd, random, key);
		swap128(key, hcon->ltk);
	}

	return 0;
}

static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
{
	struct smp_cmd_security_req *rp = (void *) skb->data;
	struct smp_cmd_pairing cp;
	struct hci_conn *hcon = conn->hcon;

	BT_DBG("conn %p", conn);

	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
		return 0;

	skb_pull(skb, sizeof(*rp));

	memset(&cp, 0, sizeof(cp));
	build_pairing_cmd(conn, &cp, rp->auth_req);

	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	memcpy(&conn->preq[1], &cp, sizeof(cp));

	smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);

	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);

	return 0;
}

int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
{
	struct hci_conn *hcon = conn->hcon;
	__u8 authreq;

	BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);

	if (IS_ERR(hcon->hdev->tfm))
		return 1;

	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
		return 0;

	if (sec_level == BT_SECURITY_LOW)
		return 1;

	if (hcon->sec_level >= sec_level)
		return 1;

	authreq = seclevel_to_authreq(sec_level);

	if (hcon->link_mode & HCI_LM_MASTER) {
		struct smp_cmd_pairing cp;

		build_pairing_cmd(conn, &cp, authreq);
		conn->preq[0] = SMP_CMD_PAIRING_REQ;
		memcpy(&conn->preq[1], &cp, sizeof(cp));

		smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
	} else {
		struct smp_cmd_security_req cp;
		cp.auth_req = authreq;
		smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
	}

	hcon->pending_sec_level = sec_level;
	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);

	return 0;
}

int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
{
	__u8 code = skb->data[0];
	__u8 reason;
	int err = 0;

	if (IS_ERR(conn->hcon->hdev->tfm)) {
		err = PTR_ERR(conn->hcon->hdev->tfm);
		reason = SMP_PAIRING_NOTSUPP;
		goto done;
	}

	skb_pull(skb, sizeof(code));

	switch (code) {
	case SMP_CMD_PAIRING_REQ:
		reason = smp_cmd_pairing_req(conn, skb);
		break;

	case SMP_CMD_PAIRING_FAIL:
		reason = 0;
		err = -EPERM;
		break;

	case SMP_CMD_PAIRING_RSP:
		reason = smp_cmd_pairing_rsp(conn, skb);
		break;

	case SMP_CMD_SECURITY_REQ:
		reason = smp_cmd_security_req(conn, skb);
		break;

	case SMP_CMD_PAIRING_CONFIRM:
		reason = smp_cmd_pairing_confirm(conn, skb);
		break;

	case SMP_CMD_PAIRING_RANDOM:
		reason = smp_cmd_pairing_random(conn, skb);
		break;

	case SMP_CMD_ENCRYPT_INFO:
	case SMP_CMD_MASTER_IDENT:
	case SMP_CMD_IDENT_INFO:
	case SMP_CMD_IDENT_ADDR_INFO:
	case SMP_CMD_SIGN_INFO:
	default:
		BT_DBG("Unknown command code 0x%2.2x", code);

		reason = SMP_CMD_NOTSUPP;
		err = -EOPNOTSUPP;
		goto done;
	}

done:
	if (reason)
		smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
								&reason);

	kfree_skb(skb);
	return err;
}
Commit	Line	Data
eb492e01 AB	1	/*
	2	BlueZ - Bluetooth protocol stack for Linux
	3	Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
	4
	5	This program is free software; you can redistribute it and/or modify
	6	it under the terms of the GNU General Public License version 2 as
	7	published by the Free Software Foundation;
	8
	9	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
	10	OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	11	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
	12	IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
	13	CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
	14	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	15	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	16	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	17
	18	ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
	19	COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
	20	SOFTWARE IS DISCLAIMED.
	21	*/
	22
	23	#include <net/bluetooth/bluetooth.h>
	24	#include <net/bluetooth/hci_core.h>
	25	#include <net/bluetooth/l2cap.h>
	26	#include <net/bluetooth/smp.h>
d22ef0bc AB	27	#include <linux/crypto.h>
	28	#include <crypto/b128ops.h>
	29
	30	static inline void swap128(u8 src[16], u8 dst[16])
	31	{
	32	int i;
	33	for (i = 0; i < 16; i++)
	34	dst[15 - i] = src[i];
	35	}
	36
	37	static inline void swap56(u8 src[7], u8 dst[7])
	38	{
	39	int i;
	40	for (i = 0; i < 7; i++)
	41	dst[6 - i] = src[i];
	42	}
	43
	44	static int smp_e(struct crypto_blkcipher tfm, const u8 k, u8 *r)
	45	{
	46	struct blkcipher_desc desc;
	47	struct scatterlist sg;
	48	int err, iv_len;
	49	unsigned char iv[128];
	50
	51	if (tfm == NULL) {
	52	BT_ERR("tfm %p", tfm);
	53	return -EINVAL;
	54	}
	55
	56	desc.tfm = tfm;
	57	desc.flags = 0;
	58
	59	err = crypto_blkcipher_setkey(tfm, k, 16);
	60	if (err) {
	61	BT_ERR("cipher setkey failed: %d", err);
	62	return err;
	63	}
	64
	65	sg_init_one(&sg, r, 16);
	66
	67	iv_len = crypto_blkcipher_ivsize(tfm);
	68	if (iv_len) {
	69	memset(&iv, 0xff, iv_len);
	70	crypto_blkcipher_set_iv(tfm, iv, iv_len);
	71	}
	72
	73	err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
	74	if (err)
	75	BT_ERR("Encrypt data error %d", err);
	76
	77	return err;
	78	}
	79
	80	static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
	81	u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
	82	u8 _rat, bdaddr_t *ra, u8 res[16])
	83	{
	84	u8 p1[16], p2[16];
	85	int err;
	86
	87	memset(p1, 0, 16);
	88
	89	/* p1 = pres \|\| preq \|\| _rat \|\| _iat */
	90	swap56(pres, p1);
91	swap56(preq, p1 + 7);
92	p1[14] = _rat;
93	p1[15] = _iat;
94
95	memset(p2, 0, 16);
96
97	/* p2 = padding \|\| ia \|\| ra */
98	baswap((bdaddr_t *) (p2 + 4), ia);
99	baswap((bdaddr_t *) (p2 + 10), ra);
100
101	/* res = r XOR p1 */
102	u128_xor((u128 ) res, (u128 ) r, (u128 *) p1);
103
104	/* res = e(k, res) */
105	err = smp_e(tfm, k, res);
106	if (err) {
107	BT_ERR("Encrypt data error");
108	return err;
109	}
110
111	/* res = res XOR p2 */
112	u128_xor((u128 ) res, (u128 ) res, (u128 *) p2);
113
114	/* res = e(k, res) */
115	err = smp_e(tfm, k, res);
116	if (err)
117	BT_ERR("Encrypt data error");
118
119	return err;
120	}
121
122	static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
123	u8 r1[16], u8 r2[16], u8 _r[16])
124	{
125	int err;
126
127	/* Just least significant octets from r1 and r2 are considered */
128	memcpy(_r, r1 + 8, 8);
129	memcpy(_r + 8, r2 + 8, 8);
130
131	err = smp_e(tfm, k, _r);
132	if (err)
133	BT_ERR("Encrypt data error");
134
135	return err;
136	}
137
138	static int smp_rand(u8 *buf)
139	{
140	get_random_bytes(buf, 16);
141
142	return 0;
143	}
eb492e01 AB	144
	145	static struct sk_buff smp_build_cmd(struct l2cap_conn conn, u8 code,
	146	u16 dlen, void *data)
	147	{
	148	struct sk_buff *skb;
	149	struct l2cap_hdr *lh;
	150	int len;
	151
	152	len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
	153
	154	if (len > conn->mtu)
	155	return NULL;
	156
	157	skb = bt_skb_alloc(len, GFP_ATOMIC);
	158	if (!skb)
	159	return NULL;
	160
	161	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
	162	lh->len = cpu_to_le16(sizeof(code) + dlen);
	163	lh->cid = cpu_to_le16(L2CAP_CID_SMP);
	164
	165	memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
	166
	167	memcpy(skb_put(skb, dlen), data, dlen);
	168
	169	return skb;
	170	}
	171
	172	static void smp_send_cmd(struct l2cap_conn conn, u8 code, u16 len, void data)
	173	{
	174	struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
	175
	176	BT_DBG("code 0x%2.2x", code);
	177
	178	if (!skb)
	179	return;
	180
	181	hci_send_acl(conn->hcon, skb, 0);
	182	}
	183
da85e5e5 VCG	184	static __u8 seclevel_to_authreq(__u8 level)
	185	{
	186	switch (level) {
	187	case BT_SECURITY_HIGH:
	188	/* Right now we don't support bonding */
	189	return SMP_AUTH_MITM;
	190
	191	default:
	192	return SMP_AUTH_NONE;
	193	}
	194	}
	195
b8e66eac VCG	196	static void build_pairing_cmd(struct l2cap_conn *conn,
	197	struct smp_cmd_pairing *cmd, __u8 authreq)
	198	{
	199	cmd->io_capability = conn->hcon->io_capability;
	200	cmd->oob_flag = SMP_OOB_NOT_PRESENT;
	201	cmd->max_key_size = 16;
	202	cmd->init_key_dist = 0x00;
	203	cmd->resp_key_dist = 0x00;
	204	cmd->auth_req = authreq;
	205	}
	206
da85e5e5	207	static u8 smp_cmd_pairing_req(struct l2cap_conn conn, struct sk_buff skb)
88ba43b6 AB	208	{
	209	struct smp_cmd_pairing rp = (void ) skb->data;
	210
	211	BT_DBG("conn %p", conn);
	212
f01ead31 AB	213	conn->preq[0] = SMP_CMD_PAIRING_REQ;
f01ead31 AB	214	memcpy(&conn->preq[1], rp, sizeof(*rp));
88ba43b6 AB	215	skb_pull(skb, sizeof(*rp));
88ba43b6 AB	216
da85e5e5 VCG	217	if (rp->oob_flag)
	218	return SMP_OOB_NOT_AVAIL;
	219
	220	/* We didn't start the pairing, so no requirements */
	221	build_pairing_cmd(conn, rp, SMP_AUTH_NONE);
88ba43b6	222
7d24ddcc AB	223	/* Just works */
	224	memset(conn->tk, 0, sizeof(conn->tk));
	225
f01ead31 AB	226	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
	227	memcpy(&conn->prsp[1], rp, sizeof(*rp));
	228
88ba43b6	229	smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(*rp), rp);
da85e5e5 VCG	230
da85e5e5 VCG	231	return 0;
88ba43b6 AB	232	}
88ba43b6 AB	233
da85e5e5	234	static u8 smp_cmd_pairing_rsp(struct l2cap_conn conn, struct sk_buff skb)
88ba43b6	235	{
f01ead31	236	struct smp_cmd_pairing rp = (void ) skb->data;
88ba43b6	237	struct smp_cmd_pairing_confirm cp;
7d24ddcc AB	238	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
	239	int ret;
	240	u8 res[16];
88ba43b6 AB	241
	242	BT_DBG("conn %p", conn);
	243
da85e5e5 VCG	244	skb_pull(skb, sizeof(*rp));
	245
	246	if (rp->oob_flag)
	247	return SMP_OOB_NOT_AVAIL;
	248
7d24ddcc AB	249	/* Just works */
7d24ddcc AB	250	memset(conn->tk, 0, sizeof(conn->tk));
88ba43b6	251
f01ead31 AB	252	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
f01ead31 AB	253	memcpy(&conn->prsp[1], rp, sizeof(*rp));
f01ead31	254
7d24ddcc AB	255	ret = smp_rand(conn->prnd);
7d24ddcc AB	256	if (ret)
da85e5e5	257	return SMP_UNSPECIFIED;
7d24ddcc AB	258
	259	ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
	260	conn->src, conn->hcon->dst_type, conn->dst, res);
	261	if (ret)
da85e5e5	262	return SMP_UNSPECIFIED;
7d24ddcc AB	263
	264	swap128(res, cp.confirm_val);
	265
88ba43b6	266	smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
da85e5e5 VCG	267
da85e5e5 VCG	268	return 0;
88ba43b6 AB	269	}
88ba43b6 AB	270
da85e5e5	271	static u8 smp_cmd_pairing_confirm(struct l2cap_conn conn, struct sk_buff skb)
88ba43b6	272	{
7d24ddcc AB	273	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
7d24ddcc AB	274
88ba43b6 AB	275	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
88ba43b6 AB	276
7d24ddcc AB	277	memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
7d24ddcc AB	278	skb_pull(skb, sizeof(conn->pcnf));
88ba43b6	279
7d24ddcc AB	280	if (conn->hcon->out) {
7d24ddcc AB	281	u8 random[16];
88ba43b6	282
7d24ddcc	283	swap128(conn->prnd, random);
88ba43b6	284	smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
7d24ddcc	285	random);
88ba43b6	286	} else {
7d24ddcc AB	287	struct smp_cmd_pairing_confirm cp;
	288	int ret;
	289	u8 res[16];
88ba43b6	290
7d24ddcc AB	291	ret = smp_rand(conn->prnd);
7d24ddcc AB	292	if (ret)
da85e5e5	293	return SMP_UNSPECIFIED;
88ba43b6	294
7d24ddcc AB	295	ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
	296	conn->hcon->dst_type, conn->dst,
	297	0, conn->src, res);
	298	if (ret)
da85e5e5	299	return SMP_CONFIRM_FAILED;
7d24ddcc AB	300
	301	swap128(res, cp.confirm_val);
	302
	303	smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
88ba43b6	304	}
da85e5e5 VCG	305
da85e5e5 VCG	306	return 0;
88ba43b6 AB	307	}
88ba43b6 AB	308
da85e5e5	309	static u8 smp_cmd_pairing_random(struct l2cap_conn conn, struct sk_buff skb)
88ba43b6	310	{
a7a595f6 VCG	311	struct hci_conn *hcon = conn->hcon;
a7a595f6 VCG	312	struct crypto_blkcipher *tfm = hcon->hdev->tfm;
7d24ddcc	313	int ret;
9b3d6740	314	u8 key[16], res[16], random[16], confirm[16];
7d24ddcc AB	315
	316	swap128(skb->data, random);
	317	skb_pull(skb, sizeof(random));
	318
a7a595f6 VCG	319	memset(hcon->ltk, 0, sizeof(hcon->ltk));
a7a595f6 VCG	320
7d24ddcc AB	321	if (conn->hcon->out)
	322	ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
	323	conn->src, conn->hcon->dst_type, conn->dst,
	324	res);
	325	else
	326	ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
	327	conn->hcon->dst_type, conn->dst, 0, conn->src,
	328	res);
	329	if (ret)
da85e5e5	330	return SMP_UNSPECIFIED;
88ba43b6 AB	331
	332	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
	333
7d24ddcc AB	334	swap128(res, confirm);
	335
	336	if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
7d24ddcc	337	BT_ERR("Pairing failed (confirmation values mismatch)");
da85e5e5	338	return SMP_CONFIRM_FAILED;
7d24ddcc	339	}
88ba43b6 AB	340
88ba43b6 AB	341	if (conn->hcon->out) {
a7a595f6 VCG	342	__le16 ediv;
	343	u8 rand[8];
	344
7d24ddcc	345	smp_s1(tfm, conn->tk, random, conn->prnd, key);
a7a595f6	346	swap128(key, hcon->ltk);
7d24ddcc	347
a7a595f6 VCG	348	memset(rand, 0, sizeof(rand));
	349	ediv = 0;
	350	hci_le_start_enc(hcon, ediv, rand, hcon->ltk);
88ba43b6	351	} else {
7d24ddcc AB	352	u8 r[16];
	353
	354	swap128(conn->prnd, r);
	355	smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
	356
	357	smp_s1(tfm, conn->tk, conn->prnd, random, key);
a7a595f6	358	swap128(key, hcon->ltk);
88ba43b6	359	}
da85e5e5 VCG	360
da85e5e5 VCG	361	return 0;
88ba43b6 AB	362	}
88ba43b6 AB	363
da85e5e5	364	static u8 smp_cmd_security_req(struct l2cap_conn conn, struct sk_buff skb)
88ba43b6 AB	365	{
	366	struct smp_cmd_security_req rp = (void ) skb->data;
	367	struct smp_cmd_pairing cp;
f1cb9af5	368	struct hci_conn *hcon = conn->hcon;
88ba43b6 AB	369
	370	BT_DBG("conn %p", conn);
	371
f1cb9af5	372	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
da85e5e5	373	return 0;
f1cb9af5	374
88ba43b6	375	skb_pull(skb, sizeof(*rp));
88ba43b6	376
da85e5e5 VCG	377	memset(&cp, 0, sizeof(cp));
da85e5e5 VCG	378	build_pairing_cmd(conn, &cp, rp->auth_req);
88ba43b6	379
f01ead31 AB	380	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	381	memcpy(&conn->preq[1], &cp, sizeof(cp));
	382
88ba43b6	383	smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
f1cb9af5 VCG	384
f1cb9af5 VCG	385	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
f1cb9af5	386
da85e5e5	387	return 0;
88ba43b6 AB	388	}
88ba43b6 AB	389
eb492e01 AB	390	int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
eb492e01 AB	391	{
3a0259bb	392	struct hci_conn *hcon = conn->hcon;
eb492e01 AB	393	__u8 authreq;
eb492e01 AB	394
3a0259bb VCG	395	BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
	396
	397	if (IS_ERR(hcon->hdev->tfm))
	398	return 1;
eb492e01	399
f1cb9af5 VCG	400	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
f1cb9af5 VCG	401	return 0;
eb492e01	402
f1cb9af5 VCG	403	if (sec_level == BT_SECURITY_LOW)
f1cb9af5 VCG	404	return 1;
eb492e01	405
f1cb9af5	406	if (hcon->sec_level >= sec_level)
eb492e01	407	return 1;
f1cb9af5 VCG	408
f1cb9af5 VCG	409	authreq = seclevel_to_authreq(sec_level);
eb492e01	410
3a0259bb	411	if (hcon->link_mode & HCI_LM_MASTER) {
eb492e01	412	struct smp_cmd_pairing cp;
f01ead31	413
da85e5e5	414	build_pairing_cmd(conn, &cp, authreq);
f01ead31 AB	415	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	416	memcpy(&conn->preq[1], &cp, sizeof(cp));
	417
eb492e01 AB	418	smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
	419	} else {
	420	struct smp_cmd_security_req cp;
	421	cp.auth_req = authreq;
	422	smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
	423	}
	424
f1cb9af5 VCG	425	hcon->pending_sec_level = sec_level;
	426	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
	427
eb492e01 AB	428	return 0;
	429	}
	430
	431	int smp_sig_channel(struct l2cap_conn conn, struct sk_buff skb)
	432	{
	433	__u8 code = skb->data[0];
	434	__u8 reason;
	435	int err = 0;
	436
3a0259bb VCG	437	if (IS_ERR(conn->hcon->hdev->tfm)) {
	438	err = PTR_ERR(conn->hcon->hdev->tfm);
	439	reason = SMP_PAIRING_NOTSUPP;
	440	goto done;
	441	}
	442
eb492e01 AB	443	skb_pull(skb, sizeof(code));
	444
	445	switch (code) {
	446	case SMP_CMD_PAIRING_REQ:
da85e5e5	447	reason = smp_cmd_pairing_req(conn, skb);
eb492e01 AB	448	break;
	449
	450	case SMP_CMD_PAIRING_FAIL:
da85e5e5 VCG	451	reason = 0;
da85e5e5 VCG	452	err = -EPERM;
eb492e01 AB	453	break;
	454
	455	case SMP_CMD_PAIRING_RSP:
da85e5e5	456	reason = smp_cmd_pairing_rsp(conn, skb);
88ba43b6 AB	457	break;
	458
	459	case SMP_CMD_SECURITY_REQ:
da85e5e5	460	reason = smp_cmd_security_req(conn, skb);
88ba43b6 AB	461	break;
88ba43b6 AB	462
eb492e01	463	case SMP_CMD_PAIRING_CONFIRM:
da85e5e5	464	reason = smp_cmd_pairing_confirm(conn, skb);
88ba43b6 AB	465	break;
88ba43b6 AB	466
eb492e01	467	case SMP_CMD_PAIRING_RANDOM:
da85e5e5	468	reason = smp_cmd_pairing_random(conn, skb);
88ba43b6 AB	469	break;
88ba43b6 AB	470
eb492e01 AB	471	case SMP_CMD_ENCRYPT_INFO:
	472	case SMP_CMD_MASTER_IDENT:
	473	case SMP_CMD_IDENT_INFO:
	474	case SMP_CMD_IDENT_ADDR_INFO:
	475	case SMP_CMD_SIGN_INFO:
eb492e01 AB	476	default:
	477	BT_DBG("Unknown command code 0x%2.2x", code);
	478
	479	reason = SMP_CMD_NOTSUPP;
eb492e01	480	err = -EOPNOTSUPP;
3a0259bb	481	goto done;
eb492e01 AB	482	}
eb492e01 AB	483
3a0259bb VCG	484	done:
	485	if (reason)
	486	smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
	487	&reason);
	488
eb492e01 AB	489	kfree_skb(skb);
	490	return err;
	491	}