projects / deliverable / linux.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Add support for building pairing commands
[deliverable/linux.git] / net / bluetooth / smp.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <net/bluetooth/bluetooth.h>
24 #include <net/bluetooth/hci_core.h>
25 #include <net/bluetooth/l2cap.h>
26 #include <net/bluetooth/smp.h>
27 #include <linux/crypto.h>
28 #include <crypto/b128ops.h>
29
30 static inline void swap128(u8 src[16], u8 dst[16])
31 {
32 int i;
33 for (i = 0; i < 16; i++)
34 dst[15 - i] = src[i];
35 }
36
37 static inline void swap56(u8 src[7], u8 dst[7])
38 {
39 int i;
40 for (i = 0; i < 7; i++)
41 dst[6 - i] = src[i];
42 }
43
44 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
45 {
46 struct blkcipher_desc desc;
47 struct scatterlist sg;
48 int err, iv_len;
49 unsigned char iv[128];
50
51 if (tfm == NULL) {
52 BT_ERR("tfm %p", tfm);
53 return -EINVAL;
54 }
55
56 desc.tfm = tfm;
57 desc.flags = 0;
58
59 err = crypto_blkcipher_setkey(tfm, k, 16);
60 if (err) {
61 BT_ERR("cipher setkey failed: %d", err);
62 return err;
63 }
64
65 sg_init_one(&sg, r, 16);
66
67 iv_len = crypto_blkcipher_ivsize(tfm);
68 if (iv_len) {
69 memset(&iv, 0xff, iv_len);
70 crypto_blkcipher_set_iv(tfm, iv, iv_len);
71 }
72
73 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
74 if (err)
75 BT_ERR("Encrypt data error %d", err);
76
77 return err;
78 }
79
80 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
81 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
82 u8 _rat, bdaddr_t *ra, u8 res[16])
83 {
84 u8 p1[16], p2[16];
85 int err;
86
87 memset(p1, 0, 16);
88
89 /* p1 = pres || preq || _rat || _iat */
90 swap56(pres, p1);
91 swap56(preq, p1 + 7);
92 p1[14] = _rat;
93 p1[15] = _iat;
94
95 memset(p2, 0, 16);
96
97 /* p2 = padding || ia || ra */
98 baswap((bdaddr_t *) (p2 + 4), ia);
99 baswap((bdaddr_t *) (p2 + 10), ra);
100
101 /* res = r XOR p1 */
102 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
103
104 /* res = e(k, res) */
105 err = smp_e(tfm, k, res);
106 if (err) {
107 BT_ERR("Encrypt data error");
108 return err;
109 }
110
111 /* res = res XOR p2 */
112 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
113
114 /* res = e(k, res) */
115 err = smp_e(tfm, k, res);
116 if (err)
117 BT_ERR("Encrypt data error");
118
119 return err;
120 }
121
122 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
123 u8 r1[16], u8 r2[16], u8 _r[16])
124 {
125 int err;
126
127 /* Just least significant octets from r1 and r2 are considered */
128 memcpy(_r, r1 + 8, 8);
129 memcpy(_r + 8, r2 + 8, 8);
130
131 err = smp_e(tfm, k, _r);
132 if (err)
133 BT_ERR("Encrypt data error");
134
135 return err;
136 }
137
138 static int smp_rand(u8 *buf)
139 {
140 get_random_bytes(buf, 16);
141
142 return 0;
143 }
144
145 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
146 u16 dlen, void *data)
147 {
148 struct sk_buff *skb;
149 struct l2cap_hdr *lh;
150 int len;
151
152 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
153
154 if (len > conn->mtu)
155 return NULL;
156
157 skb = bt_skb_alloc(len, GFP_ATOMIC);
158 if (!skb)
159 return NULL;
160
161 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
162 lh->len = cpu_to_le16(sizeof(code) + dlen);
163 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
164
165 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
166
167 memcpy(skb_put(skb, dlen), data, dlen);
168
169 return skb;
170 }
171
172 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
173 {
174 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
175
176 BT_DBG("code 0x%2.2x", code);
177
178 if (!skb)
179 return;
180
181 hci_send_acl(conn->hcon, skb, 0);
182 }
183
184 static void build_pairing_cmd(struct l2cap_conn *conn,
185 struct smp_cmd_pairing *cmd, __u8 authreq)
186 {
187 cmd->io_capability = conn->hcon->io_capability;
188 cmd->oob_flag = SMP_OOB_NOT_PRESENT;
189 cmd->max_key_size = 16;
190 cmd->init_key_dist = 0x00;
191 cmd->resp_key_dist = 0x00;
192 cmd->auth_req = authreq;
193 }
194
195 static void smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
196 {
197 struct smp_cmd_pairing *rp = (void *) skb->data;
198
199 BT_DBG("conn %p", conn);
200
201 conn->preq[0] = SMP_CMD_PAIRING_REQ;
202 memcpy(&conn->preq[1], rp, sizeof(*rp));
203 skb_pull(skb, sizeof(*rp));
204
205 rp->io_capability = 0x00;
206 rp->oob_flag = 0x00;
207 rp->max_key_size = 16;
208 rp->init_key_dist = 0x00;
209 rp->resp_key_dist = 0x00;
210 rp->auth_req &= (SMP_AUTH_BONDING | SMP_AUTH_MITM);
211
212 /* Just works */
213 memset(conn->tk, 0, sizeof(conn->tk));
214
215 conn->prsp[0] = SMP_CMD_PAIRING_RSP;
216 memcpy(&conn->prsp[1], rp, sizeof(*rp));
217
218 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(*rp), rp);
219 }
220
221 static void smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
222 {
223 struct smp_cmd_pairing *rp = (void *) skb->data;
224 struct smp_cmd_pairing_confirm cp;
225 struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
226 int ret;
227 u8 res[16];
228
229 BT_DBG("conn %p", conn);
230
231 /* Just works */
232 memset(conn->tk, 0, sizeof(conn->tk));
233
234 conn->prsp[0] = SMP_CMD_PAIRING_RSP;
235 memcpy(&conn->prsp[1], rp, sizeof(*rp));
236 skb_pull(skb, sizeof(*rp));
237
238 ret = smp_rand(conn->prnd);
239 if (ret)
240 return;
241
242 ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
243 conn->src, conn->hcon->dst_type, conn->dst, res);
244 if (ret)
245 return;
246
247 swap128(res, cp.confirm_val);
248
249 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
250 }
251
252 static void smp_cmd_pairing_confirm(struct l2cap_conn *conn,
253 struct sk_buff *skb)
254 {
255 struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
256
257 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
258
259 memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
260 skb_pull(skb, sizeof(conn->pcnf));
261
262 if (conn->hcon->out) {
263 u8 random[16];
264
265 swap128(conn->prnd, random);
266 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
267 random);
268 } else {
269 struct smp_cmd_pairing_confirm cp;
270 int ret;
271 u8 res[16];
272
273 ret = smp_rand(conn->prnd);
274 if (ret)
275 return;
276
277 ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
278 conn->hcon->dst_type, conn->dst,
279 0, conn->src, res);
280 if (ret)
281 return;
282
283 swap128(res, cp.confirm_val);
284
285 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
286 }
287 }
288
289 static void smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
290 {
291 struct hci_conn *hcon = conn->hcon;
292 struct crypto_blkcipher *tfm = hcon->hdev->tfm;
293 int ret;
294 u8 key[16], res[16], random[16], confirm[16];
295
296 swap128(skb->data, random);
297 skb_pull(skb, sizeof(random));
298
299 memset(hcon->ltk, 0, sizeof(hcon->ltk));
300
301 if (conn->hcon->out)
302 ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
303 conn->src, conn->hcon->dst_type, conn->dst,
304 res);
305 else
306 ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
307 conn->hcon->dst_type, conn->dst, 0, conn->src,
308 res);
309 if (ret)
310 return;
311
312 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
313
314 swap128(res, confirm);
315
316 if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
317 struct smp_cmd_pairing_fail cp;
318
319 BT_ERR("Pairing failed (confirmation values mismatch)");
320 cp.reason = SMP_CONFIRM_FAILED;
321 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(cp), &cp);
322 return;
323 }
324
325 if (conn->hcon->out) {
326 __le16 ediv;
327 u8 rand[8];
328
329 smp_s1(tfm, conn->tk, random, conn->prnd, key);
330 swap128(key, hcon->ltk);
331
332 memset(rand, 0, sizeof(rand));
333 ediv = 0;
334 hci_le_start_enc(hcon, ediv, rand, hcon->ltk);
335 } else {
336 u8 r[16];
337
338 swap128(conn->prnd, r);
339 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
340
341 smp_s1(tfm, conn->tk, conn->prnd, random, key);
342 swap128(key, hcon->ltk);
343 }
344 }
345
346 static void smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
347 {
348 struct smp_cmd_security_req *rp = (void *) skb->data;
349 struct smp_cmd_pairing cp;
350 struct hci_conn *hcon = conn->hcon;
351
352 BT_DBG("conn %p", conn);
353
354 if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
355 return;
356
357 skb_pull(skb, sizeof(*rp));
358 memset(&cp, 0, sizeof(cp));
359
360 cp.io_capability = 0x00;
361 cp.oob_flag = 0x00;
362 cp.max_key_size = 16;
363 cp.init_key_dist = 0x00;
364 cp.resp_key_dist = 0x00;
365 cp.auth_req = rp->auth_req & (SMP_AUTH_BONDING | SMP_AUTH_MITM);
366
367 conn->preq[0] = SMP_CMD_PAIRING_REQ;
368 memcpy(&conn->preq[1], &cp, sizeof(cp));
369
370 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
371
372 set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
373 }
374
375 static __u8 seclevel_to_authreq(__u8 level)
376 {
377 switch (level) {
378 case BT_SECURITY_HIGH:
379 /* For now we don't support bonding */
380 return SMP_AUTH_MITM;
381
382 default:
383 return SMP_AUTH_NONE;
384 }
385 }
386
387 int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
388 {
389 struct hci_conn *hcon = conn->hcon;
390 __u8 authreq;
391
392 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
393
394 if (IS_ERR(hcon->hdev->tfm))
395 return 1;
396
397 if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
398 return 0;
399
400 if (sec_level == BT_SECURITY_LOW)
401 return 1;
402
403 if (hcon->sec_level >= sec_level)
404 return 1;
405
406 authreq = seclevel_to_authreq(sec_level);
407
408 if (hcon->link_mode & HCI_LM_MASTER) {
409 struct smp_cmd_pairing cp;
410 cp.io_capability = 0x00;
411 cp.oob_flag = 0x00;
412 cp.max_key_size = 16;
413 cp.init_key_dist = 0x00;
414 cp.resp_key_dist = 0x00;
415 cp.auth_req = authreq;
416
417 conn->preq[0] = SMP_CMD_PAIRING_REQ;
418 memcpy(&conn->preq[1], &cp, sizeof(cp));
419
420 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
421 } else {
422 struct smp_cmd_security_req cp;
423 cp.auth_req = authreq;
424 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
425 }
426
427 hcon->pending_sec_level = sec_level;
428 set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
429
430 return 0;
431 }
432
433 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
434 {
435 __u8 code = skb->data[0];
436 __u8 reason;
437 int err = 0;
438
439 if (IS_ERR(conn->hcon->hdev->tfm)) {
440 err = PTR_ERR(conn->hcon->hdev->tfm);
441 reason = SMP_PAIRING_NOTSUPP;
442 goto done;
443 }
444
445 skb_pull(skb, sizeof(code));
446
447 switch (code) {
448 case SMP_CMD_PAIRING_REQ:
449 smp_cmd_pairing_req(conn, skb);
450 break;
451
452 case SMP_CMD_PAIRING_FAIL:
453 break;
454
455 case SMP_CMD_PAIRING_RSP:
456 smp_cmd_pairing_rsp(conn, skb);
457 break;
458
459 case SMP_CMD_SECURITY_REQ:
460 smp_cmd_security_req(conn, skb);
461 break;
462
463 case SMP_CMD_PAIRING_CONFIRM:
464 smp_cmd_pairing_confirm(conn, skb);
465 break;
466
467 case SMP_CMD_PAIRING_RANDOM:
468 smp_cmd_pairing_random(conn, skb);
469 break;
470
471 case SMP_CMD_ENCRYPT_INFO:
472 case SMP_CMD_MASTER_IDENT:
473 case SMP_CMD_IDENT_INFO:
474 case SMP_CMD_IDENT_ADDR_INFO:
475 case SMP_CMD_SIGN_INFO:
476 default:
477 BT_DBG("Unknown command code 0x%2.2x", code);
478
479 reason = SMP_CMD_NOTSUPP;
480 err = -EOPNOTSUPP;
481 goto done;
482 }
483
484 done:
485 if (reason)
486 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
487 &reason);
488
489 kfree_skb(skb);
490 return err;
491 }
Linux kernel - Deliverables
This page took 0.055605 seconds and 6 git commands to generate.