2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src
[16], u8 dst
[16])
41 for (i
= 0; i
< 16; i
++)
45 static inline void swap56(u8 src
[7], u8 dst
[7])
48 for (i
= 0; i
< 7; i
++)
52 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
54 struct blkcipher_desc desc
;
55 struct scatterlist sg
;
59 BT_ERR("tfm %p", tfm
);
66 err
= crypto_blkcipher_setkey(tfm
, k
, 16);
68 BT_ERR("cipher setkey failed: %d", err
);
72 sg_init_one(&sg
, r
, 16);
74 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
76 BT_ERR("Encrypt data error %d", err
);
81 static int smp_c1(struct crypto_blkcipher
*tfm
, u8 k
[16], u8 r
[16],
82 u8 preq
[7], u8 pres
[7], u8 _iat
, bdaddr_t
*ia
,
83 u8 _rat
, bdaddr_t
*ra
, u8 res
[16])
90 /* p1 = pres || preq || _rat || _iat */
98 /* p2 = padding || ia || ra */
99 baswap((bdaddr_t
*) (p2
+ 4), ia
);
100 baswap((bdaddr_t
*) (p2
+ 10), ra
);
103 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
105 /* res = e(k, res) */
106 err
= smp_e(tfm
, k
, res
);
108 BT_ERR("Encrypt data error");
112 /* res = res XOR p2 */
113 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
115 /* res = e(k, res) */
116 err
= smp_e(tfm
, k
, res
);
118 BT_ERR("Encrypt data error");
123 static int smp_s1(struct crypto_blkcipher
*tfm
, u8 k
[16], u8 r1
[16],
124 u8 r2
[16], u8 _r
[16])
128 /* Just least significant octets from r1 and r2 are considered */
129 memcpy(_r
, r1
+ 8, 8);
130 memcpy(_r
+ 8, r2
+ 8, 8);
132 err
= smp_e(tfm
, k
, _r
);
134 BT_ERR("Encrypt data error");
139 static struct sk_buff
*smp_build_cmd(struct l2cap_conn
*conn
, u8 code
,
140 u16 dlen
, void *data
)
143 struct l2cap_hdr
*lh
;
146 len
= L2CAP_HDR_SIZE
+ sizeof(code
) + dlen
;
151 skb
= bt_skb_alloc(len
, GFP_ATOMIC
);
155 lh
= (struct l2cap_hdr
*) skb_put(skb
, L2CAP_HDR_SIZE
);
156 lh
->len
= cpu_to_le16(sizeof(code
) + dlen
);
157 lh
->cid
= __constant_cpu_to_le16(L2CAP_CID_SMP
);
159 memcpy(skb_put(skb
, sizeof(code
)), &code
, sizeof(code
));
161 memcpy(skb_put(skb
, dlen
), data
, dlen
);
166 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
168 struct sk_buff
*skb
= smp_build_cmd(conn
, code
, len
, data
);
170 BT_DBG("code 0x%2.2x", code
);
175 skb
->priority
= HCI_PRIO_MAX
;
176 hci_send_acl(conn
->hchan
, skb
, 0);
178 cancel_delayed_work_sync(&conn
->security_timer
);
179 schedule_delayed_work(&conn
->security_timer
, SMP_TIMEOUT
);
182 static __u8
authreq_to_seclevel(__u8 authreq
)
184 if (authreq
& SMP_AUTH_MITM
)
185 return BT_SECURITY_HIGH
;
187 return BT_SECURITY_MEDIUM
;
190 static __u8
seclevel_to_authreq(__u8 sec_level
)
193 case BT_SECURITY_HIGH
:
194 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
195 case BT_SECURITY_MEDIUM
:
196 return SMP_AUTH_BONDING
;
198 return SMP_AUTH_NONE
;
202 static void build_pairing_cmd(struct l2cap_conn
*conn
,
203 struct smp_cmd_pairing
*req
,
204 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
208 if (test_bit(HCI_PAIRABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
209 dist_keys
= SMP_DIST_ENC_KEY
;
210 authreq
|= SMP_AUTH_BONDING
;
212 authreq
&= ~SMP_AUTH_BONDING
;
216 req
->io_capability
= conn
->hcon
->io_capability
;
217 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
218 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
219 req
->init_key_dist
= dist_keys
;
220 req
->resp_key_dist
= dist_keys
;
221 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
225 rsp
->io_capability
= conn
->hcon
->io_capability
;
226 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
227 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
228 rsp
->init_key_dist
= req
->init_key_dist
& dist_keys
;
229 rsp
->resp_key_dist
= req
->resp_key_dist
& dist_keys
;
230 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
233 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
235 struct smp_chan
*smp
= conn
->smp_chan
;
237 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
238 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
239 return SMP_ENC_KEY_SIZE
;
241 smp
->enc_key_size
= max_key_size
;
246 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
248 struct hci_conn
*hcon
= conn
->hcon
;
251 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
254 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
255 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
256 HCI_ERROR_AUTH_FAILURE
);
258 cancel_delayed_work_sync(&conn
->security_timer
);
260 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
261 smp_chan_destroy(conn
);
264 #define JUST_WORKS 0x00
265 #define JUST_CFM 0x01
266 #define REQ_PASSKEY 0x02
267 #define CFM_PASSKEY 0x03
271 static const u8 gen_method
[5][5] = {
272 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
273 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
274 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
275 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
276 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
279 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
280 u8 local_io
, u8 remote_io
)
282 struct hci_conn
*hcon
= conn
->hcon
;
283 struct smp_chan
*smp
= conn
->smp_chan
;
288 /* Initialize key for JUST WORKS */
289 memset(smp
->tk
, 0, sizeof(smp
->tk
));
290 clear_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
292 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
294 /* If neither side wants MITM, use JUST WORKS */
295 /* If either side has unknown io_caps, use JUST WORKS */
296 /* Otherwise, look up method from the table */
297 if (!(auth
& SMP_AUTH_MITM
) ||
298 local_io
> SMP_IO_KEYBOARD_DISPLAY
||
299 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
302 method
= gen_method
[remote_io
][local_io
];
304 /* If not bonding, don't ask user to confirm a Zero TK */
305 if (!(auth
& SMP_AUTH_BONDING
) && method
== JUST_CFM
)
308 /* If Just Works, Continue with Zero TK */
309 if (method
== JUST_WORKS
) {
310 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
314 /* Not Just Works/Confirm results in MITM Authentication */
315 if (method
!= JUST_CFM
)
316 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->smp_flags
);
318 /* If both devices have Keyoard-Display I/O, the master
319 * Confirms and the slave Enters the passkey.
321 if (method
== OVERLAP
) {
322 if (hcon
->link_mode
& HCI_LM_MASTER
)
323 method
= CFM_PASSKEY
;
325 method
= REQ_PASSKEY
;
328 /* Generate random passkey. Not valid until confirmed. */
329 if (method
== CFM_PASSKEY
) {
332 memset(key
, 0, sizeof(key
));
333 get_random_bytes(&passkey
, sizeof(passkey
));
335 put_unaligned_le32(passkey
, key
);
336 swap128(key
, smp
->tk
);
337 BT_DBG("PassKey: %d", passkey
);
340 hci_dev_lock(hcon
->hdev
);
342 if (method
== REQ_PASSKEY
)
343 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
344 hcon
->type
, hcon
->dst_type
);
346 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
347 hcon
->type
, hcon
->dst_type
,
348 cpu_to_le32(passkey
), 0);
350 hci_dev_unlock(hcon
->hdev
);
355 static void confirm_work(struct work_struct
*work
)
357 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, confirm
);
358 struct l2cap_conn
*conn
= smp
->conn
;
359 struct crypto_blkcipher
*tfm
;
360 struct smp_cmd_pairing_confirm cp
;
364 BT_DBG("conn %p", conn
);
366 tfm
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
368 reason
= SMP_UNSPECIFIED
;
375 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
376 conn
->hcon
->src_type
, &conn
->hcon
->src
,
377 conn
->hcon
->dst_type
, &conn
->hcon
->dst
, res
);
379 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
380 conn
->hcon
->dst_type
, &conn
->hcon
->dst
,
381 conn
->hcon
->src_type
, &conn
->hcon
->src
, res
);
383 reason
= SMP_UNSPECIFIED
;
387 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
389 swap128(res
, cp
.confirm_val
);
390 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
395 smp_failure(conn
, reason
);
398 static void random_work(struct work_struct
*work
)
400 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, random
);
401 struct l2cap_conn
*conn
= smp
->conn
;
402 struct hci_conn
*hcon
= conn
->hcon
;
403 struct crypto_blkcipher
*tfm
= smp
->tfm
;
404 u8 reason
, confirm
[16], res
[16], key
[16];
407 if (IS_ERR_OR_NULL(tfm
)) {
408 reason
= SMP_UNSPECIFIED
;
412 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
415 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
416 hcon
->src_type
, &hcon
->src
,
417 hcon
->dst_type
, &hcon
->dst
, res
);
419 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
420 hcon
->dst_type
, &hcon
->dst
,
421 hcon
->src_type
, &hcon
->src
, res
);
423 reason
= SMP_UNSPECIFIED
;
427 swap128(res
, confirm
);
429 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
430 BT_ERR("Pairing failed (confirmation values mismatch)");
431 reason
= SMP_CONFIRM_FAILED
;
439 memset(rand
, 0, sizeof(rand
));
442 smp_s1(tfm
, smp
->tk
, smp
->rrnd
, smp
->prnd
, key
);
445 memset(stk
+ smp
->enc_key_size
, 0,
446 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
448 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
)) {
449 reason
= SMP_UNSPECIFIED
;
453 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
454 hcon
->enc_key_size
= smp
->enc_key_size
;
456 u8 stk
[16], r
[16], rand
[8];
459 memset(rand
, 0, sizeof(rand
));
462 swap128(smp
->prnd
, r
);
463 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(r
), r
);
465 smp_s1(tfm
, smp
->tk
, smp
->prnd
, smp
->rrnd
, key
);
468 memset(stk
+ smp
->enc_key_size
, 0,
469 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
471 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
472 HCI_SMP_STK_SLAVE
, 0, 0, stk
, smp
->enc_key_size
,
479 smp_failure(conn
, reason
);
482 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
484 struct smp_chan
*smp
;
486 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
490 INIT_WORK(&smp
->confirm
, confirm_work
);
491 INIT_WORK(&smp
->random
, random_work
);
494 conn
->smp_chan
= smp
;
495 conn
->hcon
->smp_conn
= conn
;
497 hci_conn_hold(conn
->hcon
);
502 void smp_chan_destroy(struct l2cap_conn
*conn
)
504 struct smp_chan
*smp
= conn
->smp_chan
;
509 crypto_free_blkcipher(smp
->tfm
);
512 conn
->smp_chan
= NULL
;
513 conn
->hcon
->smp_conn
= NULL
;
514 hci_conn_drop(conn
->hcon
);
517 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
519 struct l2cap_conn
*conn
= hcon
->smp_conn
;
520 struct smp_chan
*smp
;
529 smp
= conn
->smp_chan
;
532 case MGMT_OP_USER_PASSKEY_REPLY
:
533 value
= le32_to_cpu(passkey
);
534 memset(key
, 0, sizeof(key
));
535 BT_DBG("PassKey: %d", value
);
536 put_unaligned_le32(value
, key
);
537 swap128(key
, smp
->tk
);
539 case MGMT_OP_USER_CONFIRM_REPLY
:
540 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
542 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
543 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
544 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
547 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
551 /* If it is our turn to send Pairing Confirm, do so now */
552 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
))
553 queue_work(hcon
->hdev
->workqueue
, &smp
->confirm
);
558 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
560 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
561 struct smp_chan
*smp
;
563 u8 auth
= SMP_AUTH_NONE
;
566 BT_DBG("conn %p", conn
);
568 if (skb
->len
< sizeof(*req
))
569 return SMP_UNSPECIFIED
;
571 if (conn
->hcon
->link_mode
& HCI_LM_MASTER
)
572 return SMP_CMD_NOTSUPP
;
574 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
575 smp
= smp_chan_create(conn
);
577 smp
= conn
->smp_chan
;
580 return SMP_UNSPECIFIED
;
582 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
583 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
584 skb_pull(skb
, sizeof(*req
));
586 /* We didn't start the pairing, so match remote */
587 if (req
->auth_req
& SMP_AUTH_BONDING
)
588 auth
= req
->auth_req
;
590 conn
->hcon
->pending_sec_level
= authreq_to_seclevel(auth
);
592 build_pairing_cmd(conn
, req
, &rsp
, auth
);
594 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
595 if (check_enc_key_size(conn
, key_size
))
596 return SMP_ENC_KEY_SIZE
;
598 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
600 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
601 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
603 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
605 /* Request setup of TK */
606 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
608 return SMP_UNSPECIFIED
;
613 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
615 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
616 struct smp_chan
*smp
= conn
->smp_chan
;
617 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
618 u8 key_size
, auth
= SMP_AUTH_NONE
;
621 BT_DBG("conn %p", conn
);
623 if (skb
->len
< sizeof(*rsp
))
624 return SMP_UNSPECIFIED
;
626 if (!(conn
->hcon
->link_mode
& HCI_LM_MASTER
))
627 return SMP_CMD_NOTSUPP
;
629 skb_pull(skb
, sizeof(*rsp
));
631 req
= (void *) &smp
->preq
[1];
633 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
634 if (check_enc_key_size(conn
, key_size
))
635 return SMP_ENC_KEY_SIZE
;
637 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
639 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
640 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
642 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
643 (rsp
->auth_req
& SMP_AUTH_BONDING
))
644 auth
= SMP_AUTH_BONDING
;
646 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
648 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
650 return SMP_UNSPECIFIED
;
652 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
654 /* Can't compose response until we have been confirmed */
655 if (!test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
))
658 queue_work(hdev
->workqueue
, &smp
->confirm
);
663 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
665 struct smp_chan
*smp
= conn
->smp_chan
;
666 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
668 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
670 if (skb
->len
< sizeof(smp
->pcnf
))
671 return SMP_UNSPECIFIED
;
673 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
674 skb_pull(skb
, sizeof(smp
->pcnf
));
676 if (conn
->hcon
->out
) {
679 swap128(smp
->prnd
, random
);
680 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(random
),
682 } else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
)) {
683 queue_work(hdev
->workqueue
, &smp
->confirm
);
685 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
691 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
693 struct smp_chan
*smp
= conn
->smp_chan
;
694 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
696 BT_DBG("conn %p", conn
);
698 if (skb
->len
< sizeof(smp
->rrnd
))
699 return SMP_UNSPECIFIED
;
701 swap128(skb
->data
, smp
->rrnd
);
702 skb_pull(skb
, sizeof(smp
->rrnd
));
704 queue_work(hdev
->workqueue
, &smp
->random
);
709 static u8
smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
712 struct hci_conn
*hcon
= conn
->hcon
;
714 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
719 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
722 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
725 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
726 hcon
->enc_key_size
= key
->enc_size
;
731 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
733 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
734 struct smp_cmd_pairing cp
;
735 struct hci_conn
*hcon
= conn
->hcon
;
736 struct smp_chan
*smp
;
738 BT_DBG("conn %p", conn
);
740 if (skb
->len
< sizeof(*rp
))
741 return SMP_UNSPECIFIED
;
743 if (!(conn
->hcon
->link_mode
& HCI_LM_MASTER
))
744 return SMP_CMD_NOTSUPP
;
746 hcon
->pending_sec_level
= authreq_to_seclevel(rp
->auth_req
);
748 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
751 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
754 smp
= smp_chan_create(conn
);
756 skb_pull(skb
, sizeof(*rp
));
758 memset(&cp
, 0, sizeof(cp
));
759 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
761 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
762 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
764 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
769 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
771 if (sec_level
== BT_SECURITY_LOW
)
774 if (hcon
->sec_level
>= sec_level
)
780 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
782 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
783 struct smp_chan
*smp
= conn
->smp_chan
;
786 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
788 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
791 if (smp_sufficient_security(hcon
, sec_level
))
794 if (hcon
->link_mode
& HCI_LM_MASTER
)
795 if (smp_ltk_encrypt(conn
, sec_level
))
798 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
801 smp
= smp_chan_create(conn
);
805 authreq
= seclevel_to_authreq(sec_level
);
807 if (hcon
->link_mode
& HCI_LM_MASTER
) {
808 struct smp_cmd_pairing cp
;
810 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
811 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
812 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
814 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
816 struct smp_cmd_security_req cp
;
817 cp
.auth_req
= authreq
;
818 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
822 hcon
->pending_sec_level
= sec_level
;
827 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
829 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
830 struct smp_chan
*smp
= conn
->smp_chan
;
832 BT_DBG("conn %p", conn
);
834 if (skb
->len
< sizeof(*rp
))
835 return SMP_UNSPECIFIED
;
837 skb_pull(skb
, sizeof(*rp
));
839 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
844 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
846 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
847 struct smp_chan
*smp
= conn
->smp_chan
;
848 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
849 struct hci_conn
*hcon
= conn
->hcon
;
852 BT_DBG("conn %p", conn
);
854 if (skb
->len
< sizeof(*rp
))
855 return SMP_UNSPECIFIED
;
857 skb_pull(skb
, sizeof(*rp
));
860 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
861 hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, HCI_SMP_LTK
, 1,
862 authenticated
, smp
->tk
, smp
->enc_key_size
,
864 smp_distribute_keys(conn
, 1);
865 hci_dev_unlock(hdev
);
870 int smp_sig_channel(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
872 struct hci_conn
*hcon
= conn
->hcon
;
876 if (hcon
->type
!= LE_LINK
) {
886 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
888 reason
= SMP_PAIRING_NOTSUPP
;
893 skb_pull(skb
, sizeof(code
));
896 * The SMP context must be initialized for all other PDUs except
897 * pairing and security requests. If we get any other PDU when
898 * not initialized simply disconnect (done if this function
901 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
903 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
909 case SMP_CMD_PAIRING_REQ
:
910 reason
= smp_cmd_pairing_req(conn
, skb
);
913 case SMP_CMD_PAIRING_FAIL
:
914 smp_failure(conn
, 0);
919 case SMP_CMD_PAIRING_RSP
:
920 reason
= smp_cmd_pairing_rsp(conn
, skb
);
923 case SMP_CMD_SECURITY_REQ
:
924 reason
= smp_cmd_security_req(conn
, skb
);
927 case SMP_CMD_PAIRING_CONFIRM
:
928 reason
= smp_cmd_pairing_confirm(conn
, skb
);
931 case SMP_CMD_PAIRING_RANDOM
:
932 reason
= smp_cmd_pairing_random(conn
, skb
);
935 case SMP_CMD_ENCRYPT_INFO
:
936 reason
= smp_cmd_encrypt_info(conn
, skb
);
939 case SMP_CMD_MASTER_IDENT
:
940 reason
= smp_cmd_master_ident(conn
, skb
);
943 case SMP_CMD_IDENT_INFO
:
944 case SMP_CMD_IDENT_ADDR_INFO
:
945 case SMP_CMD_SIGN_INFO
:
951 BT_DBG("Unknown command code 0x%2.2x", code
);
953 reason
= SMP_CMD_NOTSUPP
;
960 smp_failure(conn
, reason
);
966 int smp_distribute_keys(struct l2cap_conn
*conn
, __u8 force
)
968 struct smp_cmd_pairing
*req
, *rsp
;
969 struct smp_chan
*smp
= conn
->smp_chan
;
972 BT_DBG("conn %p force %d", conn
, force
);
974 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
977 rsp
= (void *) &smp
->prsp
[1];
979 /* The responder sends its keys first */
980 if (!force
&& conn
->hcon
->out
&& (rsp
->resp_key_dist
& 0x07))
983 req
= (void *) &smp
->preq
[1];
985 if (conn
->hcon
->out
) {
986 keydist
= &rsp
->init_key_dist
;
987 *keydist
&= req
->init_key_dist
;
989 keydist
= &rsp
->resp_key_dist
;
990 *keydist
&= req
->resp_key_dist
;
993 BT_DBG("keydist 0x%x", *keydist
);
995 if (*keydist
& SMP_DIST_ENC_KEY
) {
996 struct smp_cmd_encrypt_info enc
;
997 struct smp_cmd_master_ident ident
;
998 struct hci_conn
*hcon
= conn
->hcon
;
1002 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
1003 get_random_bytes(&ediv
, sizeof(ediv
));
1004 get_random_bytes(ident
.rand
, sizeof(ident
.rand
));
1006 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
1008 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
1009 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
1010 HCI_SMP_LTK_SLAVE
, 1, authenticated
,
1011 enc
.ltk
, smp
->enc_key_size
, ediv
, ident
.rand
);
1015 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
1017 *keydist
&= ~SMP_DIST_ENC_KEY
;
1020 if (*keydist
& SMP_DIST_ID_KEY
) {
1021 struct smp_cmd_ident_addr_info addrinfo
;
1022 struct smp_cmd_ident_info idinfo
;
1024 /* Send a dummy key */
1025 get_random_bytes(idinfo
.irk
, sizeof(idinfo
.irk
));
1027 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
1029 /* Just public address */
1030 memset(&addrinfo
, 0, sizeof(addrinfo
));
1031 bacpy(&addrinfo
.bdaddr
, &conn
->hcon
->src
);
1033 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
1036 *keydist
&= ~SMP_DIST_ID_KEY
;
1039 if (*keydist
& SMP_DIST_SIGN
) {
1040 struct smp_cmd_sign_info sign
;
1042 /* Send a dummy key */
1043 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
1045 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
1047 *keydist
&= ~SMP_DIST_SIGN
;
1050 if (conn
->hcon
->out
|| force
) {
1051 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
1052 cancel_delayed_work_sync(&conn
->security_timer
);
1053 smp_chan_destroy(conn
);