projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Implement mgmt_load_irks command
[deliverable/linux.git] / net / bluetooth / smp.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
26
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31
32 #include "smp.h"
33
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36 #define AUTH_REQ_MASK 0x07
37
38 static inline void swap128(u8 src[16], u8 dst[16])
39 {
40 int i;
41 for (i = 0; i < 16; i++)
42 dst[15 - i] = src[i];
43 }
44
45 static inline void swap56(u8 src[7], u8 dst[7])
46 {
47 int i;
48 for (i = 0; i < 7; i++)
49 dst[6 - i] = src[i];
50 }
51
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
53 {
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
56 int err;
57
58 if (tfm == NULL) {
59 BT_ERR("tfm %p", tfm);
60 return -EINVAL;
61 }
62
63 desc.tfm = tfm;
64 desc.flags = 0;
65
66 err = crypto_blkcipher_setkey(tfm, k, 16);
67 if (err) {
68 BT_ERR("cipher setkey failed: %d", err);
69 return err;
70 }
71
72 sg_init_one(&sg, r, 16);
73
74 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
75 if (err)
76 BT_ERR("Encrypt data error %d", err);
77
78 return err;
79 }
80
81 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
82 {
83 u8 _res[16], k[16];
84 int err;
85
86 /* r' = padding || r */
87 memset(_res, 0, 13);
88 _res[13] = r[2];
89 _res[14] = r[1];
90 _res[15] = r[0];
91
92 swap128(irk, k);
93 err = smp_e(tfm, k, _res);
94 if (err) {
95 BT_ERR("Encrypt error");
96 return err;
97 }
98
99 /* The output of the random address function ah is:
100 * ah(h, r) = e(k, r') mod 2^24
101 * The output of the security function e is then truncated to 24 bits
102 * by taking the least significant 24 bits of the output of e as the
103 * result of ah.
104 */
105 res[0] = _res[15];
106 res[1] = _res[14];
107 res[2] = _res[13];
108
109 return 0;
110 }
111
112 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
113 bdaddr_t *bdaddr)
114 {
115 u8 hash[3];
116 int err;
117
118 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
119
120 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
121 if (err)
122 return false;
123
124 return !memcmp(bdaddr->b, hash, 3);
125 }
126
127 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
128 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
129 u8 _rat, bdaddr_t *ra, u8 res[16])
130 {
131 u8 p1[16], p2[16];
132 int err;
133
134 memset(p1, 0, 16);
135
136 /* p1 = pres || preq || _rat || _iat */
137 swap56(pres, p1);
138 swap56(preq, p1 + 7);
139 p1[14] = _rat;
140 p1[15] = _iat;
141
142 memset(p2, 0, 16);
143
144 /* p2 = padding || ia || ra */
145 baswap((bdaddr_t *) (p2 + 4), ia);
146 baswap((bdaddr_t *) (p2 + 10), ra);
147
148 /* res = r XOR p1 */
149 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
150
151 /* res = e(k, res) */
152 err = smp_e(tfm, k, res);
153 if (err) {
154 BT_ERR("Encrypt data error");
155 return err;
156 }
157
158 /* res = res XOR p2 */
159 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
160
161 /* res = e(k, res) */
162 err = smp_e(tfm, k, res);
163 if (err)
164 BT_ERR("Encrypt data error");
165
166 return err;
167 }
168
169 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
170 u8 r2[16], u8 _r[16])
171 {
172 int err;
173
174 /* Just least significant octets from r1 and r2 are considered */
175 memcpy(_r, r1 + 8, 8);
176 memcpy(_r + 8, r2 + 8, 8);
177
178 err = smp_e(tfm, k, _r);
179 if (err)
180 BT_ERR("Encrypt data error");
181
182 return err;
183 }
184
185 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
186 u16 dlen, void *data)
187 {
188 struct sk_buff *skb;
189 struct l2cap_hdr *lh;
190 int len;
191
192 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
193
194 if (len > conn->mtu)
195 return NULL;
196
197 skb = bt_skb_alloc(len, GFP_ATOMIC);
198 if (!skb)
199 return NULL;
200
201 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
202 lh->len = cpu_to_le16(sizeof(code) + dlen);
203 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
204
205 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
206
207 memcpy(skb_put(skb, dlen), data, dlen);
208
209 return skb;
210 }
211
212 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
213 {
214 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
215
216 BT_DBG("code 0x%2.2x", code);
217
218 if (!skb)
219 return;
220
221 skb->priority = HCI_PRIO_MAX;
222 hci_send_acl(conn->hchan, skb, 0);
223
224 cancel_delayed_work_sync(&conn->security_timer);
225 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
226 }
227
228 static __u8 authreq_to_seclevel(__u8 authreq)
229 {
230 if (authreq & SMP_AUTH_MITM)
231 return BT_SECURITY_HIGH;
232 else
233 return BT_SECURITY_MEDIUM;
234 }
235
236 static __u8 seclevel_to_authreq(__u8 sec_level)
237 {
238 switch (sec_level) {
239 case BT_SECURITY_HIGH:
240 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
241 case BT_SECURITY_MEDIUM:
242 return SMP_AUTH_BONDING;
243 default:
244 return SMP_AUTH_NONE;
245 }
246 }
247
248 static void build_pairing_cmd(struct l2cap_conn *conn,
249 struct smp_cmd_pairing *req,
250 struct smp_cmd_pairing *rsp, __u8 authreq)
251 {
252 u8 dist_keys = 0;
253
254 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
255 dist_keys = SMP_DIST_ENC_KEY;
256 authreq |= SMP_AUTH_BONDING;
257 } else {
258 authreq &= ~SMP_AUTH_BONDING;
259 }
260
261 if (rsp == NULL) {
262 req->io_capability = conn->hcon->io_capability;
263 req->oob_flag = SMP_OOB_NOT_PRESENT;
264 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
265 req->init_key_dist = dist_keys;
266 req->resp_key_dist = dist_keys;
267 req->auth_req = (authreq & AUTH_REQ_MASK);
268 return;
269 }
270
271 rsp->io_capability = conn->hcon->io_capability;
272 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
273 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
274 rsp->init_key_dist = req->init_key_dist & dist_keys;
275 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
276 rsp->auth_req = (authreq & AUTH_REQ_MASK);
277 }
278
279 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
280 {
281 struct smp_chan *smp = conn->smp_chan;
282
283 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
284 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
285 return SMP_ENC_KEY_SIZE;
286
287 smp->enc_key_size = max_key_size;
288
289 return 0;
290 }
291
292 static void smp_failure(struct l2cap_conn *conn, u8 reason)
293 {
294 struct hci_conn *hcon = conn->hcon;
295
296 if (reason)
297 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
298 &reason);
299
300 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
301 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
302 HCI_ERROR_AUTH_FAILURE);
303
304 cancel_delayed_work_sync(&conn->security_timer);
305
306 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
307 smp_chan_destroy(conn);
308 }
309
310 #define JUST_WORKS 0x00
311 #define JUST_CFM 0x01
312 #define REQ_PASSKEY 0x02
313 #define CFM_PASSKEY 0x03
314 #define REQ_OOB 0x04
315 #define OVERLAP 0xFF
316
317 static const u8 gen_method[5][5] = {
318 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
319 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
320 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
321 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
322 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
323 };
324
325 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
326 u8 local_io, u8 remote_io)
327 {
328 struct hci_conn *hcon = conn->hcon;
329 struct smp_chan *smp = conn->smp_chan;
330 u8 method;
331 u32 passkey = 0;
332 int ret = 0;
333
334 /* Initialize key for JUST WORKS */
335 memset(smp->tk, 0, sizeof(smp->tk));
336 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
337
338 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
339
340 /* If neither side wants MITM, use JUST WORKS */
341 /* If either side has unknown io_caps, use JUST WORKS */
342 /* Otherwise, look up method from the table */
343 if (!(auth & SMP_AUTH_MITM) ||
344 local_io > SMP_IO_KEYBOARD_DISPLAY ||
345 remote_io > SMP_IO_KEYBOARD_DISPLAY)
346 method = JUST_WORKS;
347 else
348 method = gen_method[remote_io][local_io];
349
350 /* If not bonding, don't ask user to confirm a Zero TK */
351 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
352 method = JUST_WORKS;
353
354 /* If Just Works, Continue with Zero TK */
355 if (method == JUST_WORKS) {
356 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
357 return 0;
358 }
359
360 /* Not Just Works/Confirm results in MITM Authentication */
361 if (method != JUST_CFM)
362 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
363
364 /* If both devices have Keyoard-Display I/O, the master
365 * Confirms and the slave Enters the passkey.
366 */
367 if (method == OVERLAP) {
368 if (hcon->link_mode & HCI_LM_MASTER)
369 method = CFM_PASSKEY;
370 else
371 method = REQ_PASSKEY;
372 }
373
374 /* Generate random passkey. Not valid until confirmed. */
375 if (method == CFM_PASSKEY) {
376 u8 key[16];
377
378 memset(key, 0, sizeof(key));
379 get_random_bytes(&passkey, sizeof(passkey));
380 passkey %= 1000000;
381 put_unaligned_le32(passkey, key);
382 swap128(key, smp->tk);
383 BT_DBG("PassKey: %d", passkey);
384 }
385
386 hci_dev_lock(hcon->hdev);
387
388 if (method == REQ_PASSKEY)
389 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
390 hcon->type, hcon->dst_type);
391 else
392 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
393 hcon->type, hcon->dst_type,
394 cpu_to_le32(passkey), 0);
395
396 hci_dev_unlock(hcon->hdev);
397
398 return ret;
399 }
400
401 static void confirm_work(struct work_struct *work)
402 {
403 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
404 struct l2cap_conn *conn = smp->conn;
405 struct crypto_blkcipher *tfm;
406 struct smp_cmd_pairing_confirm cp;
407 int ret;
408 u8 res[16], reason;
409
410 BT_DBG("conn %p", conn);
411
412 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
413 if (IS_ERR(tfm)) {
414 reason = SMP_UNSPECIFIED;
415 goto error;
416 }
417
418 smp->tfm = tfm;
419
420 if (conn->hcon->out)
421 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
422 conn->hcon->src_type, &conn->hcon->src,
423 conn->hcon->dst_type, &conn->hcon->dst, res);
424 else
425 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
426 conn->hcon->dst_type, &conn->hcon->dst,
427 conn->hcon->src_type, &conn->hcon->src, res);
428 if (ret) {
429 reason = SMP_UNSPECIFIED;
430 goto error;
431 }
432
433 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
434
435 swap128(res, cp.confirm_val);
436 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
437
438 return;
439
440 error:
441 smp_failure(conn, reason);
442 }
443
444 static void random_work(struct work_struct *work)
445 {
446 struct smp_chan *smp = container_of(work, struct smp_chan, random);
447 struct l2cap_conn *conn = smp->conn;
448 struct hci_conn *hcon = conn->hcon;
449 struct crypto_blkcipher *tfm = smp->tfm;
450 u8 reason, confirm[16], res[16], key[16];
451 int ret;
452
453 if (IS_ERR_OR_NULL(tfm)) {
454 reason = SMP_UNSPECIFIED;
455 goto error;
456 }
457
458 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
459
460 if (hcon->out)
461 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
462 hcon->src_type, &hcon->src,
463 hcon->dst_type, &hcon->dst, res);
464 else
465 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
466 hcon->dst_type, &hcon->dst,
467 hcon->src_type, &hcon->src, res);
468 if (ret) {
469 reason = SMP_UNSPECIFIED;
470 goto error;
471 }
472
473 swap128(res, confirm);
474
475 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
476 BT_ERR("Pairing failed (confirmation values mismatch)");
477 reason = SMP_CONFIRM_FAILED;
478 goto error;
479 }
480
481 if (hcon->out) {
482 u8 stk[16], rand[8];
483 __le16 ediv;
484
485 memset(rand, 0, sizeof(rand));
486 ediv = 0;
487
488 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
489 swap128(key, stk);
490
491 memset(stk + smp->enc_key_size, 0,
492 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
493
494 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
495 reason = SMP_UNSPECIFIED;
496 goto error;
497 }
498
499 hci_le_start_enc(hcon, ediv, rand, stk);
500 hcon->enc_key_size = smp->enc_key_size;
501 } else {
502 u8 stk[16], r[16], rand[8];
503 __le16 ediv;
504
505 memset(rand, 0, sizeof(rand));
506 ediv = 0;
507
508 swap128(smp->prnd, r);
509 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
510
511 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
512 swap128(key, stk);
513
514 memset(stk + smp->enc_key_size, 0,
515 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
516
517 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
518 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
519 ediv, rand);
520 }
521
522 return;
523
524 error:
525 smp_failure(conn, reason);
526 }
527
528 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
529 {
530 struct smp_chan *smp;
531
532 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
533 if (!smp)
534 return NULL;
535
536 INIT_WORK(&smp->confirm, confirm_work);
537 INIT_WORK(&smp->random, random_work);
538
539 smp->conn = conn;
540 conn->smp_chan = smp;
541 conn->hcon->smp_conn = conn;
542
543 hci_conn_hold(conn->hcon);
544
545 return smp;
546 }
547
548 void smp_chan_destroy(struct l2cap_conn *conn)
549 {
550 struct smp_chan *smp = conn->smp_chan;
551
552 BUG_ON(!smp);
553
554 if (smp->tfm)
555 crypto_free_blkcipher(smp->tfm);
556
557 kfree(smp);
558 conn->smp_chan = NULL;
559 conn->hcon->smp_conn = NULL;
560 hci_conn_drop(conn->hcon);
561 }
562
563 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
564 {
565 struct l2cap_conn *conn = hcon->smp_conn;
566 struct smp_chan *smp;
567 u32 value;
568 u8 key[16];
569
570 BT_DBG("");
571
572 if (!conn)
573 return -ENOTCONN;
574
575 smp = conn->smp_chan;
576
577 switch (mgmt_op) {
578 case MGMT_OP_USER_PASSKEY_REPLY:
579 value = le32_to_cpu(passkey);
580 memset(key, 0, sizeof(key));
581 BT_DBG("PassKey: %d", value);
582 put_unaligned_le32(value, key);
583 swap128(key, smp->tk);
584 /* Fall Through */
585 case MGMT_OP_USER_CONFIRM_REPLY:
586 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
587 break;
588 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
589 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
590 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
591 return 0;
592 default:
593 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
594 return -EOPNOTSUPP;
595 }
596
597 /* If it is our turn to send Pairing Confirm, do so now */
598 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
599 queue_work(hcon->hdev->workqueue, &smp->confirm);
600
601 return 0;
602 }
603
604 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
605 {
606 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
607 struct smp_chan *smp;
608 u8 key_size;
609 u8 auth = SMP_AUTH_NONE;
610 int ret;
611
612 BT_DBG("conn %p", conn);
613
614 if (skb->len < sizeof(*req))
615 return SMP_UNSPECIFIED;
616
617 if (conn->hcon->link_mode & HCI_LM_MASTER)
618 return SMP_CMD_NOTSUPP;
619
620 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
621 smp = smp_chan_create(conn);
622 else
623 smp = conn->smp_chan;
624
625 if (!smp)
626 return SMP_UNSPECIFIED;
627
628 smp->preq[0] = SMP_CMD_PAIRING_REQ;
629 memcpy(&smp->preq[1], req, sizeof(*req));
630 skb_pull(skb, sizeof(*req));
631
632 /* We didn't start the pairing, so match remote */
633 if (req->auth_req & SMP_AUTH_BONDING)
634 auth = req->auth_req;
635
636 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
637
638 build_pairing_cmd(conn, req, &rsp, auth);
639
640 key_size = min(req->max_key_size, rsp.max_key_size);
641 if (check_enc_key_size(conn, key_size))
642 return SMP_ENC_KEY_SIZE;
643
644 get_random_bytes(smp->prnd, sizeof(smp->prnd));
645
646 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
647 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
648
649 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
650
651 /* Request setup of TK */
652 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
653 if (ret)
654 return SMP_UNSPECIFIED;
655
656 return 0;
657 }
658
659 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
660 {
661 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
662 struct smp_chan *smp = conn->smp_chan;
663 struct hci_dev *hdev = conn->hcon->hdev;
664 u8 key_size, auth = SMP_AUTH_NONE;
665 int ret;
666
667 BT_DBG("conn %p", conn);
668
669 if (skb->len < sizeof(*rsp))
670 return SMP_UNSPECIFIED;
671
672 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
673 return SMP_CMD_NOTSUPP;
674
675 skb_pull(skb, sizeof(*rsp));
676
677 req = (void *) &smp->preq[1];
678
679 key_size = min(req->max_key_size, rsp->max_key_size);
680 if (check_enc_key_size(conn, key_size))
681 return SMP_ENC_KEY_SIZE;
682
683 get_random_bytes(smp->prnd, sizeof(smp->prnd));
684
685 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
686 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
687
688 if ((req->auth_req & SMP_AUTH_BONDING) &&
689 (rsp->auth_req & SMP_AUTH_BONDING))
690 auth = SMP_AUTH_BONDING;
691
692 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
693
694 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
695 if (ret)
696 return SMP_UNSPECIFIED;
697
698 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
699
700 /* Can't compose response until we have been confirmed */
701 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
702 return 0;
703
704 queue_work(hdev->workqueue, &smp->confirm);
705
706 return 0;
707 }
708
709 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
710 {
711 struct smp_chan *smp = conn->smp_chan;
712 struct hci_dev *hdev = conn->hcon->hdev;
713
714 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
715
716 if (skb->len < sizeof(smp->pcnf))
717 return SMP_UNSPECIFIED;
718
719 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
720 skb_pull(skb, sizeof(smp->pcnf));
721
722 if (conn->hcon->out) {
723 u8 random[16];
724
725 swap128(smp->prnd, random);
726 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
727 random);
728 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
729 queue_work(hdev->workqueue, &smp->confirm);
730 } else {
731 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
732 }
733
734 return 0;
735 }
736
737 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
738 {
739 struct smp_chan *smp = conn->smp_chan;
740 struct hci_dev *hdev = conn->hcon->hdev;
741
742 BT_DBG("conn %p", conn);
743
744 if (skb->len < sizeof(smp->rrnd))
745 return SMP_UNSPECIFIED;
746
747 swap128(skb->data, smp->rrnd);
748 skb_pull(skb, sizeof(smp->rrnd));
749
750 queue_work(hdev->workqueue, &smp->random);
751
752 return 0;
753 }
754
755 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
756 {
757 struct smp_ltk *key;
758 struct hci_conn *hcon = conn->hcon;
759
760 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
761 hcon->out);
762 if (!key)
763 return 0;
764
765 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
766 return 0;
767
768 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
769 return 1;
770
771 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
772 hcon->enc_key_size = key->enc_size;
773
774 return 1;
775 }
776
777 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
778 {
779 struct smp_cmd_security_req *rp = (void *) skb->data;
780 struct smp_cmd_pairing cp;
781 struct hci_conn *hcon = conn->hcon;
782 struct smp_chan *smp;
783
784 BT_DBG("conn %p", conn);
785
786 if (skb->len < sizeof(*rp))
787 return SMP_UNSPECIFIED;
788
789 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
790 return SMP_CMD_NOTSUPP;
791
792 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
793
794 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
795 return 0;
796
797 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
798 return 0;
799
800 smp = smp_chan_create(conn);
801
802 skb_pull(skb, sizeof(*rp));
803
804 memset(&cp, 0, sizeof(cp));
805 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
806
807 smp->preq[0] = SMP_CMD_PAIRING_REQ;
808 memcpy(&smp->preq[1], &cp, sizeof(cp));
809
810 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
811
812 return 0;
813 }
814
815 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
816 {
817 if (sec_level == BT_SECURITY_LOW)
818 return true;
819
820 if (hcon->sec_level >= sec_level)
821 return true;
822
823 return false;
824 }
825
826 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
827 {
828 struct l2cap_conn *conn = hcon->l2cap_data;
829 struct smp_chan *smp = conn->smp_chan;
830 __u8 authreq;
831
832 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
833
834 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
835 return 1;
836
837 if (smp_sufficient_security(hcon, sec_level))
838 return 1;
839
840 if (hcon->link_mode & HCI_LM_MASTER)
841 if (smp_ltk_encrypt(conn, sec_level))
842 goto done;
843
844 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
845 return 0;
846
847 smp = smp_chan_create(conn);
848 if (!smp)
849 return 1;
850
851 authreq = seclevel_to_authreq(sec_level);
852
853 if (hcon->link_mode & HCI_LM_MASTER) {
854 struct smp_cmd_pairing cp;
855
856 build_pairing_cmd(conn, &cp, NULL, authreq);
857 smp->preq[0] = SMP_CMD_PAIRING_REQ;
858 memcpy(&smp->preq[1], &cp, sizeof(cp));
859
860 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
861 } else {
862 struct smp_cmd_security_req cp;
863 cp.auth_req = authreq;
864 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
865 }
866
867 done:
868 hcon->pending_sec_level = sec_level;
869
870 return 0;
871 }
872
873 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
874 {
875 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
876 struct smp_chan *smp = conn->smp_chan;
877
878 BT_DBG("conn %p", conn);
879
880 if (skb->len < sizeof(*rp))
881 return SMP_UNSPECIFIED;
882
883 skb_pull(skb, sizeof(*rp));
884
885 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
886
887 return 0;
888 }
889
890 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
891 {
892 struct smp_cmd_master_ident *rp = (void *) skb->data;
893 struct smp_chan *smp = conn->smp_chan;
894 struct hci_dev *hdev = conn->hcon->hdev;
895 struct hci_conn *hcon = conn->hcon;
896 u8 authenticated;
897
898 BT_DBG("conn %p", conn);
899
900 if (skb->len < sizeof(*rp))
901 return SMP_UNSPECIFIED;
902
903 skb_pull(skb, sizeof(*rp));
904
905 hci_dev_lock(hdev);
906 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
907 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
908 authenticated, smp->tk, smp->enc_key_size,
909 rp->ediv, rp->rand);
910 smp_distribute_keys(conn, 1);
911 hci_dev_unlock(hdev);
912
913 return 0;
914 }
915
916 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
917 {
918 struct hci_conn *hcon = conn->hcon;
919 __u8 code, reason;
920 int err = 0;
921
922 if (hcon->type != LE_LINK) {
923 kfree_skb(skb);
924 return 0;
925 }
926
927 if (skb->len < 1) {
928 kfree_skb(skb);
929 return -EILSEQ;
930 }
931
932 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
933 err = -ENOTSUPP;
934 reason = SMP_PAIRING_NOTSUPP;
935 goto done;
936 }
937
938 code = skb->data[0];
939 skb_pull(skb, sizeof(code));
940
941 /*
942 * The SMP context must be initialized for all other PDUs except
943 * pairing and security requests. If we get any other PDU when
944 * not initialized simply disconnect (done if this function
945 * returns an error).
946 */
947 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
948 !conn->smp_chan) {
949 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
950 kfree_skb(skb);
951 return -ENOTSUPP;
952 }
953
954 switch (code) {
955 case SMP_CMD_PAIRING_REQ:
956 reason = smp_cmd_pairing_req(conn, skb);
957 break;
958
959 case SMP_CMD_PAIRING_FAIL:
960 smp_failure(conn, 0);
961 reason = 0;
962 err = -EPERM;
963 break;
964
965 case SMP_CMD_PAIRING_RSP:
966 reason = smp_cmd_pairing_rsp(conn, skb);
967 break;
968
969 case SMP_CMD_SECURITY_REQ:
970 reason = smp_cmd_security_req(conn, skb);
971 break;
972
973 case SMP_CMD_PAIRING_CONFIRM:
974 reason = smp_cmd_pairing_confirm(conn, skb);
975 break;
976
977 case SMP_CMD_PAIRING_RANDOM:
978 reason = smp_cmd_pairing_random(conn, skb);
979 break;
980
981 case SMP_CMD_ENCRYPT_INFO:
982 reason = smp_cmd_encrypt_info(conn, skb);
983 break;
984
985 case SMP_CMD_MASTER_IDENT:
986 reason = smp_cmd_master_ident(conn, skb);
987 break;
988
989 case SMP_CMD_IDENT_INFO:
990 case SMP_CMD_IDENT_ADDR_INFO:
991 case SMP_CMD_SIGN_INFO:
992 /* Just ignored */
993 reason = 0;
994 break;
995
996 default:
997 BT_DBG("Unknown command code 0x%2.2x", code);
998
999 reason = SMP_CMD_NOTSUPP;
1000 err = -EOPNOTSUPP;
1001 goto done;
1002 }
1003
1004 done:
1005 if (reason)
1006 smp_failure(conn, reason);
1007
1008 kfree_skb(skb);
1009 return err;
1010 }
1011
1012 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
1013 {
1014 struct smp_cmd_pairing *req, *rsp;
1015 struct smp_chan *smp = conn->smp_chan;
1016 __u8 *keydist;
1017
1018 BT_DBG("conn %p force %d", conn, force);
1019
1020 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
1021 return 0;
1022
1023 rsp = (void *) &smp->prsp[1];
1024
1025 /* The responder sends its keys first */
1026 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
1027 return 0;
1028
1029 req = (void *) &smp->preq[1];
1030
1031 if (conn->hcon->out) {
1032 keydist = &rsp->init_key_dist;
1033 *keydist &= req->init_key_dist;
1034 } else {
1035 keydist = &rsp->resp_key_dist;
1036 *keydist &= req->resp_key_dist;
1037 }
1038
1039 BT_DBG("keydist 0x%x", *keydist);
1040
1041 if (*keydist & SMP_DIST_ENC_KEY) {
1042 struct smp_cmd_encrypt_info enc;
1043 struct smp_cmd_master_ident ident;
1044 struct hci_conn *hcon = conn->hcon;
1045 u8 authenticated;
1046 __le16 ediv;
1047
1048 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1049 get_random_bytes(&ediv, sizeof(ediv));
1050 get_random_bytes(ident.rand, sizeof(ident.rand));
1051
1052 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1053
1054 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1055 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1056 HCI_SMP_LTK_SLAVE, 1, authenticated,
1057 enc.ltk, smp->enc_key_size, ediv, ident.rand);
1058
1059 ident.ediv = ediv;
1060
1061 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1062
1063 *keydist &= ~SMP_DIST_ENC_KEY;
1064 }
1065
1066 if (*keydist & SMP_DIST_ID_KEY) {
1067 struct smp_cmd_ident_addr_info addrinfo;
1068 struct smp_cmd_ident_info idinfo;
1069
1070 /* Send a dummy key */
1071 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1072
1073 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1074
1075 /* Just public address */
1076 memset(&addrinfo, 0, sizeof(addrinfo));
1077 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1078
1079 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1080 &addrinfo);
1081
1082 *keydist &= ~SMP_DIST_ID_KEY;
1083 }
1084
1085 if (*keydist & SMP_DIST_SIGN) {
1086 struct smp_cmd_sign_info sign;
1087
1088 /* Send a dummy key */
1089 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1090
1091 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1092
1093 *keydist &= ~SMP_DIST_SIGN;
1094 }
1095
1096 if (conn->hcon->out || force) {
1097 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1098 cancel_delayed_work_sync(&conn->security_timer);
1099 smp_chan_destroy(conn);
1100 }
1101
1102 return 0;
1103 }
Linux kernel - Deliverables
This page took 0.068998 seconds and 6 git commands to generate.