projects / deliverable / linux.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
Bluetooth: Fix advertising parameter update when toggling connectable
[deliverable/linux.git] / net / bluetooth / smp.c
... / ...
CommitLineData
1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
27#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
30#include <net/bluetooth/mgmt.h>
31
32#include "smp.h"
33
34#define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36#define AUTH_REQ_MASK 0x07
37
38enum {
39 SMP_FLAG_TK_VALID,
40 SMP_FLAG_CFM_PENDING,
41 SMP_FLAG_MITM_AUTH,
42 SMP_FLAG_COMPLETE,
43 SMP_FLAG_INITIATOR,
44};
45
46struct smp_chan {
47 struct l2cap_conn *conn;
48 u8 preq[7]; /* SMP Pairing Request */
49 u8 prsp[7]; /* SMP Pairing Response */
50 u8 prnd[16]; /* SMP Pairing Random (local) */
51 u8 rrnd[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf[16]; /* SMP Pairing Confirm */
53 u8 tk[16]; /* SMP Temporary Key */
54 u8 enc_key_size;
55 u8 remote_key_dist;
56 bdaddr_t id_addr;
57 u8 id_addr_type;
58 u8 irk[16];
59 struct smp_csrk *csrk;
60 struct smp_csrk *slave_csrk;
61 struct smp_ltk *ltk;
62 struct smp_ltk *slave_ltk;
63 struct smp_irk *remote_irk;
64 unsigned long flags;
65
66 struct crypto_blkcipher *tfm_aes;
67};
68
69static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
70{
71 size_t i;
72
73 for (i = 0; i < len; i++)
74 dst[len - 1 - i] = src[i];
75}
76
77static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
78{
79 struct blkcipher_desc desc;
80 struct scatterlist sg;
81 uint8_t tmp[16], data[16];
82 int err;
83
84 if (tfm == NULL) {
85 BT_ERR("tfm %p", tfm);
86 return -EINVAL;
87 }
88
89 desc.tfm = tfm;
90 desc.flags = 0;
91
92 /* The most significant octet of key corresponds to k[0] */
93 swap_buf(k, tmp, 16);
94
95 err = crypto_blkcipher_setkey(tfm, tmp, 16);
96 if (err) {
97 BT_ERR("cipher setkey failed: %d", err);
98 return err;
99 }
100
101 /* Most significant octet of plaintextData corresponds to data[0] */
102 swap_buf(r, data, 16);
103
104 sg_init_one(&sg, data, 16);
105
106 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
107 if (err)
108 BT_ERR("Encrypt data error %d", err);
109
110 /* Most significant octet of encryptedData corresponds to data[0] */
111 swap_buf(data, r, 16);
112
113 return err;
114}
115
116static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
117{
118 u8 _res[16];
119 int err;
120
121 /* r' = padding || r */
122 memcpy(_res, r, 3);
123 memset(_res + 3, 0, 13);
124
125 err = smp_e(tfm, irk, _res);
126 if (err) {
127 BT_ERR("Encrypt error");
128 return err;
129 }
130
131 /* The output of the random address function ah is:
132 * ah(h, r) = e(k, r') mod 2^24
133 * The output of the security function e is then truncated to 24 bits
134 * by taking the least significant 24 bits of the output of e as the
135 * result of ah.
136 */
137 memcpy(res, _res, 3);
138
139 return 0;
140}
141
142bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
143 bdaddr_t *bdaddr)
144{
145 u8 hash[3];
146 int err;
147
148 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
149
150 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
151 if (err)
152 return false;
153
154 return !memcmp(bdaddr->b, hash, 3);
155}
156
157int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
158{
159 int err;
160
161 get_random_bytes(&rpa->b[3], 3);
162
163 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
164 rpa->b[5] |= 0x40; /* Set second most significant bit */
165
166 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
167 if (err < 0)
168 return err;
169
170 BT_DBG("RPA %pMR", rpa);
171
172 return 0;
173}
174
175static int smp_c1(struct smp_chan *smp, u8 k[16], u8 r[16], u8 preq[7],
176 u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat, bdaddr_t *ra,
177 u8 res[16])
178{
179 struct hci_dev *hdev = smp->conn->hcon->hdev;
180 u8 p1[16], p2[16];
181 int err;
182
183 BT_DBG("%s", hdev->name);
184
185 memset(p1, 0, 16);
186
187 /* p1 = pres || preq || _rat || _iat */
188 p1[0] = _iat;
189 p1[1] = _rat;
190 memcpy(p1 + 2, preq, 7);
191 memcpy(p1 + 9, pres, 7);
192
193 /* p2 = padding || ia || ra */
194 memcpy(p2, ra, 6);
195 memcpy(p2 + 6, ia, 6);
196 memset(p2 + 12, 0, 4);
197
198 /* res = r XOR p1 */
199 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
200
201 /* res = e(k, res) */
202 err = smp_e(smp->tfm_aes, k, res);
203 if (err) {
204 BT_ERR("Encrypt data error");
205 return err;
206 }
207
208 /* res = res XOR p2 */
209 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
210
211 /* res = e(k, res) */
212 err = smp_e(smp->tfm_aes, k, res);
213 if (err)
214 BT_ERR("Encrypt data error");
215
216 return err;
217}
218
219static int smp_s1(struct smp_chan *smp, u8 k[16], u8 r1[16], u8 r2[16],
220 u8 _r[16])
221{
222 struct hci_dev *hdev = smp->conn->hcon->hdev;
223 int err;
224
225 BT_DBG("%s", hdev->name);
226
227 /* Just least significant octets from r1 and r2 are considered */
228 memcpy(_r, r2, 8);
229 memcpy(_r + 8, r1, 8);
230
231 err = smp_e(smp->tfm_aes, k, _r);
232 if (err)
233 BT_ERR("Encrypt data error");
234
235 return err;
236}
237
238static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
239 u16 dlen, void *data)
240{
241 struct sk_buff *skb;
242 struct l2cap_hdr *lh;
243 int len;
244
245 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
246
247 if (len > conn->mtu)
248 return NULL;
249
250 skb = bt_skb_alloc(len, GFP_ATOMIC);
251 if (!skb)
252 return NULL;
253
254 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
255 lh->len = cpu_to_le16(sizeof(code) + dlen);
256 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
257
258 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
259
260 memcpy(skb_put(skb, dlen), data, dlen);
261
262 return skb;
263}
264
265static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
266{
267 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
268
269 BT_DBG("code 0x%2.2x", code);
270
271 if (!skb)
272 return;
273
274 skb->priority = HCI_PRIO_MAX;
275 hci_send_acl(conn->hchan, skb, 0);
276
277 cancel_delayed_work_sync(&conn->security_timer);
278 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
279}
280
281static __u8 authreq_to_seclevel(__u8 authreq)
282{
283 if (authreq & SMP_AUTH_MITM)
284 return BT_SECURITY_HIGH;
285 else
286 return BT_SECURITY_MEDIUM;
287}
288
289static __u8 seclevel_to_authreq(__u8 sec_level)
290{
291 switch (sec_level) {
292 case BT_SECURITY_HIGH:
293 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
294 case BT_SECURITY_MEDIUM:
295 return SMP_AUTH_BONDING;
296 default:
297 return SMP_AUTH_NONE;
298 }
299}
300
301static void build_pairing_cmd(struct l2cap_conn *conn,
302 struct smp_cmd_pairing *req,
303 struct smp_cmd_pairing *rsp, __u8 authreq)
304{
305 struct smp_chan *smp = conn->smp_chan;
306 struct hci_conn *hcon = conn->hcon;
307 struct hci_dev *hdev = hcon->hdev;
308 u8 local_dist = 0, remote_dist = 0;
309
310 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
311 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
312 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
313 authreq |= SMP_AUTH_BONDING;
314 } else {
315 authreq &= ~SMP_AUTH_BONDING;
316 }
317
318 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
319 remote_dist |= SMP_DIST_ID_KEY;
320
321 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
322 local_dist |= SMP_DIST_ID_KEY;
323
324 if (rsp == NULL) {
325 req->io_capability = conn->hcon->io_capability;
326 req->oob_flag = SMP_OOB_NOT_PRESENT;
327 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
328 req->init_key_dist = local_dist;
329 req->resp_key_dist = remote_dist;
330 req->auth_req = (authreq & AUTH_REQ_MASK);
331
332 smp->remote_key_dist = remote_dist;
333 return;
334 }
335
336 rsp->io_capability = conn->hcon->io_capability;
337 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
338 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
339 rsp->init_key_dist = req->init_key_dist & remote_dist;
340 rsp->resp_key_dist = req->resp_key_dist & local_dist;
341 rsp->auth_req = (authreq & AUTH_REQ_MASK);
342
343 smp->remote_key_dist = rsp->init_key_dist;
344}
345
346static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
347{
348 struct smp_chan *smp = conn->smp_chan;
349
350 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
351 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
352 return SMP_ENC_KEY_SIZE;
353
354 smp->enc_key_size = max_key_size;
355
356 return 0;
357}
358
359static void smp_failure(struct l2cap_conn *conn, u8 reason)
360{
361 struct hci_conn *hcon = conn->hcon;
362
363 if (reason)
364 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
365 &reason);
366
367 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
368 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
369 HCI_ERROR_AUTH_FAILURE);
370
371 cancel_delayed_work_sync(&conn->security_timer);
372
373 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
374 smp_chan_destroy(conn);
375}
376
377#define JUST_WORKS 0x00
378#define JUST_CFM 0x01
379#define REQ_PASSKEY 0x02
380#define CFM_PASSKEY 0x03
381#define REQ_OOB 0x04
382#define OVERLAP 0xFF
383
384static const u8 gen_method[5][5] = {
385 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
386 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
387 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
388 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
389 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
390};
391
392static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
393{
394 /* If either side has unknown io_caps, use JUST_CFM (which gets
395 * converted later to JUST_WORKS if we're initiators.
396 */
397 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
398 remote_io > SMP_IO_KEYBOARD_DISPLAY)
399 return JUST_CFM;
400
401 return gen_method[remote_io][local_io];
402}
403
404static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
405 u8 local_io, u8 remote_io)
406{
407 struct hci_conn *hcon = conn->hcon;
408 struct smp_chan *smp = conn->smp_chan;
409 u8 method;
410 u32 passkey = 0;
411 int ret = 0;
412
413 /* Initialize key for JUST WORKS */
414 memset(smp->tk, 0, sizeof(smp->tk));
415 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
416
417 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
418
419 /* If neither side wants MITM, either "just" confirm an incoming
420 * request or use just-works for outgoing ones. The JUST_CFM
421 * will be converted to JUST_WORKS if necessary later in this
422 * function. If either side has MITM look up the method from the
423 * table.
424 */
425 if (!(auth & SMP_AUTH_MITM))
426 method = JUST_CFM;
427 else
428 method = get_auth_method(smp, local_io, remote_io);
429
430 /* Don't confirm locally initiated pairing attempts */
431 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
432 method = JUST_WORKS;
433
434 /* If Just Works, Continue with Zero TK */
435 if (method == JUST_WORKS) {
436 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
437 return 0;
438 }
439
440 /* Not Just Works/Confirm results in MITM Authentication */
441 if (method != JUST_CFM)
442 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
443
444 /* If both devices have Keyoard-Display I/O, the master
445 * Confirms and the slave Enters the passkey.
446 */
447 if (method == OVERLAP) {
448 if (test_bit(HCI_CONN_MASTER, &hcon->flags))
449 method = CFM_PASSKEY;
450 else
451 method = REQ_PASSKEY;
452 }
453
454 /* Generate random passkey. */
455 if (method == CFM_PASSKEY) {
456 memset(smp->tk, 0, sizeof(smp->tk));
457 get_random_bytes(&passkey, sizeof(passkey));
458 passkey %= 1000000;
459 put_unaligned_le32(passkey, smp->tk);
460 BT_DBG("PassKey: %d", passkey);
461 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
462 }
463
464 hci_dev_lock(hcon->hdev);
465
466 if (method == REQ_PASSKEY)
467 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
468 hcon->type, hcon->dst_type);
469 else if (method == JUST_CFM)
470 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
471 hcon->type, hcon->dst_type,
472 passkey, 1);
473 else
474 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
475 hcon->type, hcon->dst_type,
476 passkey, 0);
477
478 hci_dev_unlock(hcon->hdev);
479
480 return ret;
481}
482
483static u8 smp_confirm(struct smp_chan *smp)
484{
485 struct l2cap_conn *conn = smp->conn;
486 struct smp_cmd_pairing_confirm cp;
487 int ret;
488
489 BT_DBG("conn %p", conn);
490
491 ret = smp_c1(smp, smp->tk, smp->prnd, smp->preq, smp->prsp,
492 conn->hcon->init_addr_type, &conn->hcon->init_addr,
493 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
494 cp.confirm_val);
495 if (ret)
496 return SMP_UNSPECIFIED;
497
498 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
499
500 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
501
502 return 0;
503}
504
505static u8 smp_random(struct smp_chan *smp)
506{
507 struct l2cap_conn *conn = smp->conn;
508 struct hci_conn *hcon = conn->hcon;
509 u8 confirm[16];
510 int ret;
511
512 if (IS_ERR_OR_NULL(smp->tfm_aes))
513 return SMP_UNSPECIFIED;
514
515 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
516
517 ret = smp_c1(smp, smp->tk, smp->rrnd, smp->preq, smp->prsp,
518 hcon->init_addr_type, &hcon->init_addr,
519 hcon->resp_addr_type, &hcon->resp_addr, confirm);
520 if (ret)
521 return SMP_UNSPECIFIED;
522
523 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
524 BT_ERR("Pairing failed (confirmation values mismatch)");
525 return SMP_CONFIRM_FAILED;
526 }
527
528 if (hcon->out) {
529 u8 stk[16];
530 __le64 rand = 0;
531 __le16 ediv = 0;
532
533 smp_s1(smp, smp->tk, smp->rrnd, smp->prnd, stk);
534
535 memset(stk + smp->enc_key_size, 0,
536 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
537
538 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
539 return SMP_UNSPECIFIED;
540
541 hci_le_start_enc(hcon, ediv, rand, stk);
542 hcon->enc_key_size = smp->enc_key_size;
543 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
544 } else {
545 u8 stk[16], auth;
546 __le64 rand = 0;
547 __le16 ediv = 0;
548
549 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
550 smp->prnd);
551
552 smp_s1(smp, smp->tk, smp->prnd, smp->rrnd, stk);
553
554 memset(stk + smp->enc_key_size, 0,
555 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
556
557 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
558 auth = 1;
559 else
560 auth = 0;
561
562 /* Even though there's no _SLAVE suffix this is the
563 * slave STK we're adding for later lookup (the master
564 * STK never needs to be stored).
565 */
566 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
567 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
568 }
569
570 return 0;
571}
572
573static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
574{
575 struct smp_chan *smp;
576
577 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
578 if (!smp)
579 return NULL;
580
581 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
582 if (IS_ERR(smp->tfm_aes)) {
583 BT_ERR("Unable to create ECB crypto context");
584 kfree(smp);
585 return NULL;
586 }
587
588 smp->conn = conn;
589 conn->smp_chan = smp;
590
591 hci_conn_hold(conn->hcon);
592
593 return smp;
594}
595
596void smp_chan_destroy(struct l2cap_conn *conn)
597{
598 struct smp_chan *smp = conn->smp_chan;
599 bool complete;
600
601 BUG_ON(!smp);
602
603 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
604 mgmt_smp_complete(conn->hcon, complete);
605
606 kfree(smp->csrk);
607 kfree(smp->slave_csrk);
608
609 crypto_free_blkcipher(smp->tfm_aes);
610
611 /* If pairing failed clean up any keys we might have */
612 if (!complete) {
613 if (smp->ltk) {
614 list_del(&smp->ltk->list);
615 kfree(smp->ltk);
616 }
617
618 if (smp->slave_ltk) {
619 list_del(&smp->slave_ltk->list);
620 kfree(smp->slave_ltk);
621 }
622
623 if (smp->remote_irk) {
624 list_del(&smp->remote_irk->list);
625 kfree(smp->remote_irk);
626 }
627 }
628
629 kfree(smp);
630 conn->smp_chan = NULL;
631 hci_conn_drop(conn->hcon);
632}
633
634int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
635{
636 struct l2cap_conn *conn = hcon->l2cap_data;
637 struct smp_chan *smp;
638 u32 value;
639
640 BT_DBG("");
641
642 if (!conn || !test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
643 return -ENOTCONN;
644
645 smp = conn->smp_chan;
646
647 switch (mgmt_op) {
648 case MGMT_OP_USER_PASSKEY_REPLY:
649 value = le32_to_cpu(passkey);
650 memset(smp->tk, 0, sizeof(smp->tk));
651 BT_DBG("PassKey: %d", value);
652 put_unaligned_le32(value, smp->tk);
653 /* Fall Through */
654 case MGMT_OP_USER_CONFIRM_REPLY:
655 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
656 break;
657 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
658 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
659 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
660 return 0;
661 default:
662 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
663 return -EOPNOTSUPP;
664 }
665
666 /* If it is our turn to send Pairing Confirm, do so now */
667 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
668 u8 rsp = smp_confirm(smp);
669 if (rsp)
670 smp_failure(conn, rsp);
671 }
672
673 return 0;
674}
675
676static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
677{
678 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
679 struct smp_chan *smp;
680 u8 key_size, auth, sec_level;
681 int ret;
682
683 BT_DBG("conn %p", conn);
684
685 if (skb->len < sizeof(*req))
686 return SMP_INVALID_PARAMS;
687
688 if (test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
689 return SMP_CMD_NOTSUPP;
690
691 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
692 smp = smp_chan_create(conn);
693 else
694 smp = conn->smp_chan;
695
696 if (!smp)
697 return SMP_UNSPECIFIED;
698
699 smp->preq[0] = SMP_CMD_PAIRING_REQ;
700 memcpy(&smp->preq[1], req, sizeof(*req));
701 skb_pull(skb, sizeof(*req));
702
703 /* We didn't start the pairing, so match remote */
704 auth = req->auth_req;
705
706 sec_level = authreq_to_seclevel(auth);
707 if (sec_level > conn->hcon->pending_sec_level)
708 conn->hcon->pending_sec_level = sec_level;
709
710 /* If we need MITM check that it can be acheived */
711 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
712 u8 method;
713
714 method = get_auth_method(smp, conn->hcon->io_capability,
715 req->io_capability);
716 if (method == JUST_WORKS || method == JUST_CFM)
717 return SMP_AUTH_REQUIREMENTS;
718 }
719
720 build_pairing_cmd(conn, req, &rsp, auth);
721
722 key_size = min(req->max_key_size, rsp.max_key_size);
723 if (check_enc_key_size(conn, key_size))
724 return SMP_ENC_KEY_SIZE;
725
726 get_random_bytes(smp->prnd, sizeof(smp->prnd));
727
728 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
729 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
730
731 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
732
733 /* Request setup of TK */
734 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
735 if (ret)
736 return SMP_UNSPECIFIED;
737
738 return 0;
739}
740
741static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
742{
743 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
744 struct smp_chan *smp = conn->smp_chan;
745 u8 key_size, auth = SMP_AUTH_NONE;
746 int ret;
747
748 BT_DBG("conn %p", conn);
749
750 if (skb->len < sizeof(*rsp))
751 return SMP_INVALID_PARAMS;
752
753 if (!test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
754 return SMP_CMD_NOTSUPP;
755
756 skb_pull(skb, sizeof(*rsp));
757
758 req = (void *) &smp->preq[1];
759
760 key_size = min(req->max_key_size, rsp->max_key_size);
761 if (check_enc_key_size(conn, key_size))
762 return SMP_ENC_KEY_SIZE;
763
764 /* If we need MITM check that it can be acheived */
765 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
766 u8 method;
767
768 method = get_auth_method(smp, req->io_capability,
769 rsp->io_capability);
770 if (method == JUST_WORKS || method == JUST_CFM)
771 return SMP_AUTH_REQUIREMENTS;
772 }
773
774 get_random_bytes(smp->prnd, sizeof(smp->prnd));
775
776 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
777 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
778
779 /* Update remote key distribution in case the remote cleared
780 * some bits that we had enabled in our request.
781 */
782 smp->remote_key_dist &= rsp->resp_key_dist;
783
784 if ((req->auth_req & SMP_AUTH_BONDING) &&
785 (rsp->auth_req & SMP_AUTH_BONDING))
786 auth = SMP_AUTH_BONDING;
787
788 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
789
790 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
791 if (ret)
792 return SMP_UNSPECIFIED;
793
794 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
795
796 /* Can't compose response until we have been confirmed */
797 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
798 return smp_confirm(smp);
799
800 return 0;
801}
802
803static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
804{
805 struct smp_chan *smp = conn->smp_chan;
806
807 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
808
809 if (skb->len < sizeof(smp->pcnf))
810 return SMP_INVALID_PARAMS;
811
812 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
813 skb_pull(skb, sizeof(smp->pcnf));
814
815 if (conn->hcon->out)
816 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
817 smp->prnd);
818 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
819 return smp_confirm(smp);
820 else
821 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
822
823 return 0;
824}
825
826static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
827{
828 struct smp_chan *smp = conn->smp_chan;
829
830 BT_DBG("conn %p", conn);
831
832 if (skb->len < sizeof(smp->rrnd))
833 return SMP_INVALID_PARAMS;
834
835 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
836 skb_pull(skb, sizeof(smp->rrnd));
837
838 return smp_random(smp);
839}
840
841static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
842{
843 struct smp_ltk *key;
844 struct hci_conn *hcon = conn->hcon;
845
846 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
847 hcon->out);
848 if (!key)
849 return false;
850
851 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
852 return false;
853
854 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
855 return true;
856
857 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
858 hcon->enc_key_size = key->enc_size;
859
860 /* We never store STKs for master role, so clear this flag */
861 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
862
863 return true;
864}
865
866bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
867{
868 if (sec_level == BT_SECURITY_LOW)
869 return true;
870
871 /* If we're encrypted with an STK always claim insufficient
872 * security. This way we allow the connection to be re-encrypted
873 * with an LTK, even if the LTK provides the same level of
874 * security.
875 */
876 if (test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags))
877 return false;
878
879 if (hcon->sec_level >= sec_level)
880 return true;
881
882 return false;
883}
884
885static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
886{
887 struct smp_cmd_security_req *rp = (void *) skb->data;
888 struct smp_cmd_pairing cp;
889 struct hci_conn *hcon = conn->hcon;
890 struct smp_chan *smp;
891 u8 sec_level;
892
893 BT_DBG("conn %p", conn);
894
895 if (skb->len < sizeof(*rp))
896 return SMP_INVALID_PARAMS;
897
898 if (!test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
899 return SMP_CMD_NOTSUPP;
900
901 sec_level = authreq_to_seclevel(rp->auth_req);
902 if (smp_sufficient_security(hcon, sec_level))
903 return 0;
904
905 if (sec_level > hcon->pending_sec_level)
906 hcon->pending_sec_level = sec_level;
907
908 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
909 return 0;
910
911 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
912 return 0;
913
914 smp = smp_chan_create(conn);
915 if (!smp)
916 return SMP_UNSPECIFIED;
917
918 skb_pull(skb, sizeof(*rp));
919
920 memset(&cp, 0, sizeof(cp));
921 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
922
923 smp->preq[0] = SMP_CMD_PAIRING_REQ;
924 memcpy(&smp->preq[1], &cp, sizeof(cp));
925
926 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
927
928 return 0;
929}
930
931int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
932{
933 struct l2cap_conn *conn = hcon->l2cap_data;
934 struct smp_chan *smp;
935 __u8 authreq;
936
937 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
938
939 /* This may be NULL if there's an unexpected disconnection */
940 if (!conn)
941 return 1;
942
943 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
944 return 1;
945
946 if (smp_sufficient_security(hcon, sec_level))
947 return 1;
948
949 if (sec_level > hcon->pending_sec_level)
950 hcon->pending_sec_level = sec_level;
951
952 if (test_bit(HCI_CONN_MASTER, &hcon->flags))
953 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
954 return 0;
955
956 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
957 return 0;
958
959 smp = smp_chan_create(conn);
960 if (!smp)
961 return 1;
962
963 authreq = seclevel_to_authreq(sec_level);
964
965 /* Require MITM if IO Capability allows or the security level
966 * requires it.
967 */
968 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
969 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
970 authreq |= SMP_AUTH_MITM;
971
972 if (test_bit(HCI_CONN_MASTER, &hcon->flags)) {
973 struct smp_cmd_pairing cp;
974
975 build_pairing_cmd(conn, &cp, NULL, authreq);
976 smp->preq[0] = SMP_CMD_PAIRING_REQ;
977 memcpy(&smp->preq[1], &cp, sizeof(cp));
978
979 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
980 } else {
981 struct smp_cmd_security_req cp;
982 cp.auth_req = authreq;
983 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
984 }
985
986 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
987
988 return 0;
989}
990
991static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
992{
993 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
994 struct smp_chan *smp = conn->smp_chan;
995
996 BT_DBG("conn %p", conn);
997
998 if (skb->len < sizeof(*rp))
999 return SMP_INVALID_PARAMS;
1000
1001 /* Ignore this PDU if it wasn't requested */
1002 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1003 return 0;
1004
1005 skb_pull(skb, sizeof(*rp));
1006
1007 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
1008
1009 return 0;
1010}
1011
1012static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1013{
1014 struct smp_cmd_master_ident *rp = (void *) skb->data;
1015 struct smp_chan *smp = conn->smp_chan;
1016 struct hci_dev *hdev = conn->hcon->hdev;
1017 struct hci_conn *hcon = conn->hcon;
1018 struct smp_ltk *ltk;
1019 u8 authenticated;
1020
1021 BT_DBG("conn %p", conn);
1022
1023 if (skb->len < sizeof(*rp))
1024 return SMP_INVALID_PARAMS;
1025
1026 /* Ignore this PDU if it wasn't requested */
1027 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1028 return 0;
1029
1030 /* Mark the information as received */
1031 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1032
1033 skb_pull(skb, sizeof(*rp));
1034
1035 hci_dev_lock(hdev);
1036 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1037 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
1038 authenticated, smp->tk, smp->enc_key_size,
1039 rp->ediv, rp->rand);
1040 smp->ltk = ltk;
1041 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1042 smp_distribute_keys(conn);
1043 hci_dev_unlock(hdev);
1044
1045 return 0;
1046}
1047
1048static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1049{
1050 struct smp_cmd_ident_info *info = (void *) skb->data;
1051 struct smp_chan *smp = conn->smp_chan;
1052
1053 BT_DBG("");
1054
1055 if (skb->len < sizeof(*info))
1056 return SMP_INVALID_PARAMS;
1057
1058 /* Ignore this PDU if it wasn't requested */
1059 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1060 return 0;
1061
1062 skb_pull(skb, sizeof(*info));
1063
1064 memcpy(smp->irk, info->irk, 16);
1065
1066 return 0;
1067}
1068
1069static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1070 struct sk_buff *skb)
1071{
1072 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1073 struct smp_chan *smp = conn->smp_chan;
1074 struct hci_conn *hcon = conn->hcon;
1075 bdaddr_t rpa;
1076
1077 BT_DBG("");
1078
1079 if (skb->len < sizeof(*info))
1080 return SMP_INVALID_PARAMS;
1081
1082 /* Ignore this PDU if it wasn't requested */
1083 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1084 return 0;
1085
1086 /* Mark the information as received */
1087 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1088
1089 skb_pull(skb, sizeof(*info));
1090
1091 hci_dev_lock(hcon->hdev);
1092
1093 /* Strictly speaking the Core Specification (4.1) allows sending
1094 * an empty address which would force us to rely on just the IRK
1095 * as "identity information". However, since such
1096 * implementations are not known of and in order to not over
1097 * complicate our implementation, simply pretend that we never
1098 * received an IRK for such a device.
1099 */
1100 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1101 BT_ERR("Ignoring IRK with no identity address");
1102 goto distribute;
1103 }
1104
1105 bacpy(&smp->id_addr, &info->bdaddr);
1106 smp->id_addr_type = info->addr_type;
1107
1108 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1109 bacpy(&rpa, &hcon->dst);
1110 else
1111 bacpy(&rpa, BDADDR_ANY);
1112
1113 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1114 smp->id_addr_type, smp->irk, &rpa);
1115
1116distribute:
1117 smp_distribute_keys(conn);
1118
1119 hci_dev_unlock(hcon->hdev);
1120
1121 return 0;
1122}
1123
1124static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1125{
1126 struct smp_cmd_sign_info *rp = (void *) skb->data;
1127 struct smp_chan *smp = conn->smp_chan;
1128 struct hci_dev *hdev = conn->hcon->hdev;
1129 struct smp_csrk *csrk;
1130
1131 BT_DBG("conn %p", conn);
1132
1133 if (skb->len < sizeof(*rp))
1134 return SMP_INVALID_PARAMS;
1135
1136 /* Ignore this PDU if it wasn't requested */
1137 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1138 return 0;
1139
1140 /* Mark the information as received */
1141 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1142
1143 skb_pull(skb, sizeof(*rp));
1144
1145 hci_dev_lock(hdev);
1146 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1147 if (csrk) {
1148 csrk->master = 0x01;
1149 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1150 }
1151 smp->csrk = csrk;
1152 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1153 smp_distribute_keys(conn);
1154 hci_dev_unlock(hdev);
1155
1156 return 0;
1157}
1158
1159int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1160{
1161 struct hci_conn *hcon = conn->hcon;
1162 __u8 code, reason;
1163 int err = 0;
1164
1165 if (hcon->type != LE_LINK) {
1166 kfree_skb(skb);
1167 return 0;
1168 }
1169
1170 if (skb->len < 1) {
1171 kfree_skb(skb);
1172 return -EILSEQ;
1173 }
1174
1175 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1176 err = -ENOTSUPP;
1177 reason = SMP_PAIRING_NOTSUPP;
1178 goto done;
1179 }
1180
1181 code = skb->data[0];
1182 skb_pull(skb, sizeof(code));
1183
1184 /*
1185 * The SMP context must be initialized for all other PDUs except
1186 * pairing and security requests. If we get any other PDU when
1187 * not initialized simply disconnect (done if this function
1188 * returns an error).
1189 */
1190 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1191 !conn->smp_chan) {
1192 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1193 kfree_skb(skb);
1194 return -ENOTSUPP;
1195 }
1196
1197 switch (code) {
1198 case SMP_CMD_PAIRING_REQ:
1199 reason = smp_cmd_pairing_req(conn, skb);
1200 break;
1201
1202 case SMP_CMD_PAIRING_FAIL:
1203 smp_failure(conn, 0);
1204 reason = 0;
1205 err = -EPERM;
1206 break;
1207
1208 case SMP_CMD_PAIRING_RSP:
1209 reason = smp_cmd_pairing_rsp(conn, skb);
1210 break;
1211
1212 case SMP_CMD_SECURITY_REQ:
1213 reason = smp_cmd_security_req(conn, skb);
1214 break;
1215
1216 case SMP_CMD_PAIRING_CONFIRM:
1217 reason = smp_cmd_pairing_confirm(conn, skb);
1218 break;
1219
1220 case SMP_CMD_PAIRING_RANDOM:
1221 reason = smp_cmd_pairing_random(conn, skb);
1222 break;
1223
1224 case SMP_CMD_ENCRYPT_INFO:
1225 reason = smp_cmd_encrypt_info(conn, skb);
1226 break;
1227
1228 case SMP_CMD_MASTER_IDENT:
1229 reason = smp_cmd_master_ident(conn, skb);
1230 break;
1231
1232 case SMP_CMD_IDENT_INFO:
1233 reason = smp_cmd_ident_info(conn, skb);
1234 break;
1235
1236 case SMP_CMD_IDENT_ADDR_INFO:
1237 reason = smp_cmd_ident_addr_info(conn, skb);
1238 break;
1239
1240 case SMP_CMD_SIGN_INFO:
1241 reason = smp_cmd_sign_info(conn, skb);
1242 break;
1243
1244 default:
1245 BT_DBG("Unknown command code 0x%2.2x", code);
1246
1247 reason = SMP_CMD_NOTSUPP;
1248 err = -EOPNOTSUPP;
1249 goto done;
1250 }
1251
1252done:
1253 if (reason)
1254 smp_failure(conn, reason);
1255
1256 kfree_skb(skb);
1257 return err;
1258}
1259
1260static void smp_notify_keys(struct l2cap_conn *conn)
1261{
1262 struct smp_chan *smp = conn->smp_chan;
1263 struct hci_conn *hcon = conn->hcon;
1264 struct hci_dev *hdev = hcon->hdev;
1265 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1266 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1267 bool persistent;
1268
1269 if (smp->remote_irk) {
1270 mgmt_new_irk(hdev, smp->remote_irk);
1271 /* Now that user space can be considered to know the
1272 * identity address track the connection based on it
1273 * from now on.
1274 */
1275 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1276 hcon->dst_type = smp->remote_irk->addr_type;
1277 l2cap_conn_update_id_addr(hcon);
1278 }
1279
1280 /* The LTKs and CSRKs should be persistent only if both sides
1281 * had the bonding bit set in their authentication requests.
1282 */
1283 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1284
1285 if (smp->csrk) {
1286 smp->csrk->bdaddr_type = hcon->dst_type;
1287 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1288 mgmt_new_csrk(hdev, smp->csrk, persistent);
1289 }
1290
1291 if (smp->slave_csrk) {
1292 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1293 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1294 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1295 }
1296
1297 if (smp->ltk) {
1298 smp->ltk->bdaddr_type = hcon->dst_type;
1299 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1300 mgmt_new_ltk(hdev, smp->ltk, persistent);
1301 }
1302
1303 if (smp->slave_ltk) {
1304 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1305 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1306 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1307 }
1308}
1309
1310int smp_distribute_keys(struct l2cap_conn *conn)
1311{
1312 struct smp_cmd_pairing *req, *rsp;
1313 struct smp_chan *smp = conn->smp_chan;
1314 struct hci_conn *hcon = conn->hcon;
1315 struct hci_dev *hdev = hcon->hdev;
1316 __u8 *keydist;
1317
1318 BT_DBG("conn %p", conn);
1319
1320 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1321 return 0;
1322
1323 rsp = (void *) &smp->prsp[1];
1324
1325 /* The responder sends its keys first */
1326 if (hcon->out && (smp->remote_key_dist & 0x07))
1327 return 0;
1328
1329 req = (void *) &smp->preq[1];
1330
1331 if (hcon->out) {
1332 keydist = &rsp->init_key_dist;
1333 *keydist &= req->init_key_dist;
1334 } else {
1335 keydist = &rsp->resp_key_dist;
1336 *keydist &= req->resp_key_dist;
1337 }
1338
1339 BT_DBG("keydist 0x%x", *keydist);
1340
1341 if (*keydist & SMP_DIST_ENC_KEY) {
1342 struct smp_cmd_encrypt_info enc;
1343 struct smp_cmd_master_ident ident;
1344 struct smp_ltk *ltk;
1345 u8 authenticated;
1346 __le16 ediv;
1347 __le64 rand;
1348
1349 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1350 get_random_bytes(&ediv, sizeof(ediv));
1351 get_random_bytes(&rand, sizeof(rand));
1352
1353 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1354
1355 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1356 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1357 SMP_LTK_SLAVE, authenticated, enc.ltk,
1358 smp->enc_key_size, ediv, rand);
1359 smp->slave_ltk = ltk;
1360
1361 ident.ediv = ediv;
1362 ident.rand = rand;
1363
1364 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1365
1366 *keydist &= ~SMP_DIST_ENC_KEY;
1367 }
1368
1369 if (*keydist & SMP_DIST_ID_KEY) {
1370 struct smp_cmd_ident_addr_info addrinfo;
1371 struct smp_cmd_ident_info idinfo;
1372
1373 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1374
1375 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1376
1377 /* The hci_conn contains the local identity address
1378 * after the connection has been established.
1379 *
1380 * This is true even when the connection has been
1381 * established using a resolvable random address.
1382 */
1383 bacpy(&addrinfo.bdaddr, &hcon->src);
1384 addrinfo.addr_type = hcon->src_type;
1385
1386 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1387 &addrinfo);
1388
1389 *keydist &= ~SMP_DIST_ID_KEY;
1390 }
1391
1392 if (*keydist & SMP_DIST_SIGN) {
1393 struct smp_cmd_sign_info sign;
1394 struct smp_csrk *csrk;
1395
1396 /* Generate a new random key */
1397 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1398
1399 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1400 if (csrk) {
1401 csrk->master = 0x00;
1402 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1403 }
1404 smp->slave_csrk = csrk;
1405
1406 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1407
1408 *keydist &= ~SMP_DIST_SIGN;
1409 }
1410
1411 /* If there are still keys to be received wait for them */
1412 if ((smp->remote_key_dist & 0x07))
1413 return 0;
1414
1415 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1416 cancel_delayed_work_sync(&conn->security_timer);
1417 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1418 smp_notify_keys(conn);
1419
1420 smp_chan_destroy(conn);
1421
1422 return 0;
1423}
Linux kernel - Deliverables
This page took 0.029028 seconds and 5 git commands to generate.