2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
47 struct l2cap_conn
*conn
;
48 u8 preq
[7]; /* SMP Pairing Request */
49 u8 prsp
[7]; /* SMP Pairing Response */
50 u8 prnd
[16]; /* SMP Pairing Random (local) */
51 u8 rrnd
[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf
[16]; /* SMP Pairing Confirm */
53 u8 tk
[16]; /* SMP Temporary Key */
59 struct smp_csrk
*csrk
;
60 struct smp_csrk
*slave_csrk
;
62 struct smp_ltk
*slave_ltk
;
63 struct smp_irk
*remote_irk
;
66 struct crypto_blkcipher
*tfm_aes
;
69 static inline void swap_buf(const u8
*src
, u8
*dst
, size_t len
)
73 for (i
= 0; i
< len
; i
++)
74 dst
[len
- 1 - i
] = src
[i
];
77 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
79 struct blkcipher_desc desc
;
80 struct scatterlist sg
;
81 uint8_t tmp
[16], data
[16];
85 BT_ERR("tfm %p", tfm
);
92 /* The most significant octet of key corresponds to k[0] */
95 err
= crypto_blkcipher_setkey(tfm
, tmp
, 16);
97 BT_ERR("cipher setkey failed: %d", err
);
101 /* Most significant octet of plaintextData corresponds to data[0] */
102 swap_buf(r
, data
, 16);
104 sg_init_one(&sg
, data
, 16);
106 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
108 BT_ERR("Encrypt data error %d", err
);
110 /* Most significant octet of encryptedData corresponds to data[0] */
111 swap_buf(data
, r
, 16);
116 static int smp_ah(struct crypto_blkcipher
*tfm
, u8 irk
[16], u8 r
[3], u8 res
[3])
121 /* r' = padding || r */
123 memset(_res
+ 3, 0, 13);
125 err
= smp_e(tfm
, irk
, _res
);
127 BT_ERR("Encrypt error");
131 /* The output of the random address function ah is:
132 * ah(h, r) = e(k, r') mod 2^24
133 * The output of the security function e is then truncated to 24 bits
134 * by taking the least significant 24 bits of the output of e as the
137 memcpy(res
, _res
, 3);
142 bool smp_irk_matches(struct crypto_blkcipher
*tfm
, u8 irk
[16],
148 BT_DBG("RPA %pMR IRK %*phN", bdaddr
, 16, irk
);
150 err
= smp_ah(tfm
, irk
, &bdaddr
->b
[3], hash
);
154 return !memcmp(bdaddr
->b
, hash
, 3);
157 int smp_generate_rpa(struct crypto_blkcipher
*tfm
, u8 irk
[16], bdaddr_t
*rpa
)
161 get_random_bytes(&rpa
->b
[3], 3);
163 rpa
->b
[5] &= 0x3f; /* Clear two most significant bits */
164 rpa
->b
[5] |= 0x40; /* Set second most significant bit */
166 err
= smp_ah(tfm
, irk
, &rpa
->b
[3], rpa
->b
);
170 BT_DBG("RPA %pMR", rpa
);
175 static int smp_c1(struct smp_chan
*smp
, u8 k
[16], u8 r
[16], u8 preq
[7],
176 u8 pres
[7], u8 _iat
, bdaddr_t
*ia
, u8 _rat
, bdaddr_t
*ra
,
179 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
183 BT_DBG("%s", hdev
->name
);
187 /* p1 = pres || preq || _rat || _iat */
190 memcpy(p1
+ 2, preq
, 7);
191 memcpy(p1
+ 9, pres
, 7);
193 /* p2 = padding || ia || ra */
195 memcpy(p2
+ 6, ia
, 6);
196 memset(p2
+ 12, 0, 4);
199 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
201 /* res = e(k, res) */
202 err
= smp_e(smp
->tfm_aes
, k
, res
);
204 BT_ERR("Encrypt data error");
208 /* res = res XOR p2 */
209 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
211 /* res = e(k, res) */
212 err
= smp_e(smp
->tfm_aes
, k
, res
);
214 BT_ERR("Encrypt data error");
219 static int smp_s1(struct smp_chan
*smp
, u8 k
[16], u8 r1
[16], u8 r2
[16],
222 struct hci_dev
*hdev
= smp
->conn
->hcon
->hdev
;
225 BT_DBG("%s", hdev
->name
);
227 /* Just least significant octets from r1 and r2 are considered */
229 memcpy(_r
+ 8, r1
, 8);
231 err
= smp_e(smp
->tfm_aes
, k
, _r
);
233 BT_ERR("Encrypt data error");
238 static struct sk_buff
*smp_build_cmd(struct l2cap_conn
*conn
, u8 code
,
239 u16 dlen
, void *data
)
242 struct l2cap_hdr
*lh
;
245 len
= L2CAP_HDR_SIZE
+ sizeof(code
) + dlen
;
250 skb
= bt_skb_alloc(len
, GFP_ATOMIC
);
254 lh
= (struct l2cap_hdr
*) skb_put(skb
, L2CAP_HDR_SIZE
);
255 lh
->len
= cpu_to_le16(sizeof(code
) + dlen
);
256 lh
->cid
= cpu_to_le16(L2CAP_CID_SMP
);
258 memcpy(skb_put(skb
, sizeof(code
)), &code
, sizeof(code
));
260 memcpy(skb_put(skb
, dlen
), data
, dlen
);
265 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
267 struct sk_buff
*skb
= smp_build_cmd(conn
, code
, len
, data
);
269 BT_DBG("code 0x%2.2x", code
);
274 skb
->priority
= HCI_PRIO_MAX
;
275 hci_send_acl(conn
->hchan
, skb
, 0);
277 cancel_delayed_work_sync(&conn
->security_timer
);
278 schedule_delayed_work(&conn
->security_timer
, SMP_TIMEOUT
);
281 static __u8
authreq_to_seclevel(__u8 authreq
)
283 if (authreq
& SMP_AUTH_MITM
)
284 return BT_SECURITY_HIGH
;
286 return BT_SECURITY_MEDIUM
;
289 static __u8
seclevel_to_authreq(__u8 sec_level
)
292 case BT_SECURITY_HIGH
:
293 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
294 case BT_SECURITY_MEDIUM
:
295 return SMP_AUTH_BONDING
;
297 return SMP_AUTH_NONE
;
301 static void build_pairing_cmd(struct l2cap_conn
*conn
,
302 struct smp_cmd_pairing
*req
,
303 struct smp_cmd_pairing
*rsp
, __u8 authreq
)
305 struct smp_chan
*smp
= conn
->smp_chan
;
306 struct hci_conn
*hcon
= conn
->hcon
;
307 struct hci_dev
*hdev
= hcon
->hdev
;
308 u8 local_dist
= 0, remote_dist
= 0;
310 if (test_bit(HCI_PAIRABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
311 local_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
312 remote_dist
= SMP_DIST_ENC_KEY
| SMP_DIST_SIGN
;
313 authreq
|= SMP_AUTH_BONDING
;
315 authreq
&= ~SMP_AUTH_BONDING
;
318 if (test_bit(HCI_RPA_RESOLVING
, &hdev
->dev_flags
))
319 remote_dist
|= SMP_DIST_ID_KEY
;
321 if (test_bit(HCI_PRIVACY
, &hdev
->dev_flags
))
322 local_dist
|= SMP_DIST_ID_KEY
;
325 req
->io_capability
= conn
->hcon
->io_capability
;
326 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
327 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
328 req
->init_key_dist
= local_dist
;
329 req
->resp_key_dist
= remote_dist
;
330 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
332 smp
->remote_key_dist
= remote_dist
;
336 rsp
->io_capability
= conn
->hcon
->io_capability
;
337 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
338 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
339 rsp
->init_key_dist
= req
->init_key_dist
& remote_dist
;
340 rsp
->resp_key_dist
= req
->resp_key_dist
& local_dist
;
341 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
343 smp
->remote_key_dist
= rsp
->init_key_dist
;
346 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
348 struct smp_chan
*smp
= conn
->smp_chan
;
350 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
351 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
352 return SMP_ENC_KEY_SIZE
;
354 smp
->enc_key_size
= max_key_size
;
359 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
)
361 struct hci_conn
*hcon
= conn
->hcon
;
364 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
367 clear_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
);
368 mgmt_auth_failed(hcon
->hdev
, &hcon
->dst
, hcon
->type
, hcon
->dst_type
,
369 HCI_ERROR_AUTH_FAILURE
);
371 cancel_delayed_work_sync(&conn
->security_timer
);
373 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
374 smp_chan_destroy(conn
);
377 #define JUST_WORKS 0x00
378 #define JUST_CFM 0x01
379 #define REQ_PASSKEY 0x02
380 #define CFM_PASSKEY 0x03
384 static const u8 gen_method
[5][5] = {
385 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
386 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
387 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
388 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
389 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
392 static u8
get_auth_method(struct smp_chan
*smp
, u8 local_io
, u8 remote_io
)
394 /* If either side has unknown io_caps, use JUST_CFM (which gets
395 * converted later to JUST_WORKS if we're initiators.
397 if (local_io
> SMP_IO_KEYBOARD_DISPLAY
||
398 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
401 return gen_method
[remote_io
][local_io
];
404 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
405 u8 local_io
, u8 remote_io
)
407 struct hci_conn
*hcon
= conn
->hcon
;
408 struct smp_chan
*smp
= conn
->smp_chan
;
413 /* Initialize key for JUST WORKS */
414 memset(smp
->tk
, 0, sizeof(smp
->tk
));
415 clear_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
417 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
419 /* If neither side wants MITM, either "just" confirm an incoming
420 * request or use just-works for outgoing ones. The JUST_CFM
421 * will be converted to JUST_WORKS if necessary later in this
422 * function. If either side has MITM look up the method from the
425 if (!(auth
& SMP_AUTH_MITM
))
428 method
= get_auth_method(smp
, local_io
, remote_io
);
430 /* Don't confirm locally initiated pairing attempts */
431 if (method
== JUST_CFM
&& test_bit(SMP_FLAG_INITIATOR
, &smp
->flags
))
434 /* If Just Works, Continue with Zero TK */
435 if (method
== JUST_WORKS
) {
436 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
440 /* Not Just Works/Confirm results in MITM Authentication */
441 if (method
!= JUST_CFM
)
442 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->flags
);
444 /* If both devices have Keyoard-Display I/O, the master
445 * Confirms and the slave Enters the passkey.
447 if (method
== OVERLAP
) {
448 if (test_bit(HCI_CONN_MASTER
, &hcon
->flags
))
449 method
= CFM_PASSKEY
;
451 method
= REQ_PASSKEY
;
454 /* Generate random passkey. */
455 if (method
== CFM_PASSKEY
) {
456 memset(smp
->tk
, 0, sizeof(smp
->tk
));
457 get_random_bytes(&passkey
, sizeof(passkey
));
459 put_unaligned_le32(passkey
, smp
->tk
);
460 BT_DBG("PassKey: %d", passkey
);
461 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
464 hci_dev_lock(hcon
->hdev
);
466 if (method
== REQ_PASSKEY
)
467 ret
= mgmt_user_passkey_request(hcon
->hdev
, &hcon
->dst
,
468 hcon
->type
, hcon
->dst_type
);
469 else if (method
== JUST_CFM
)
470 ret
= mgmt_user_confirm_request(hcon
->hdev
, &hcon
->dst
,
471 hcon
->type
, hcon
->dst_type
,
474 ret
= mgmt_user_passkey_notify(hcon
->hdev
, &hcon
->dst
,
475 hcon
->type
, hcon
->dst_type
,
478 hci_dev_unlock(hcon
->hdev
);
483 static u8
smp_confirm(struct smp_chan
*smp
)
485 struct l2cap_conn
*conn
= smp
->conn
;
486 struct smp_cmd_pairing_confirm cp
;
489 BT_DBG("conn %p", conn
);
491 ret
= smp_c1(smp
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
492 conn
->hcon
->init_addr_type
, &conn
->hcon
->init_addr
,
493 conn
->hcon
->resp_addr_type
, &conn
->hcon
->resp_addr
,
496 return SMP_UNSPECIFIED
;
498 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
500 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
505 static u8
smp_random(struct smp_chan
*smp
)
507 struct l2cap_conn
*conn
= smp
->conn
;
508 struct hci_conn
*hcon
= conn
->hcon
;
512 if (IS_ERR_OR_NULL(smp
->tfm_aes
))
513 return SMP_UNSPECIFIED
;
515 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
517 ret
= smp_c1(smp
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
518 hcon
->init_addr_type
, &hcon
->init_addr
,
519 hcon
->resp_addr_type
, &hcon
->resp_addr
, confirm
);
521 return SMP_UNSPECIFIED
;
523 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
524 BT_ERR("Pairing failed (confirmation values mismatch)");
525 return SMP_CONFIRM_FAILED
;
533 smp_s1(smp
, smp
->tk
, smp
->rrnd
, smp
->prnd
, stk
);
535 memset(stk
+ smp
->enc_key_size
, 0,
536 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
538 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
539 return SMP_UNSPECIFIED
;
541 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
542 hcon
->enc_key_size
= smp
->enc_key_size
;
543 set_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
549 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
552 smp_s1(smp
, smp
->tk
, smp
->prnd
, smp
->rrnd
, stk
);
554 memset(stk
+ smp
->enc_key_size
, 0,
555 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
557 if (hcon
->pending_sec_level
== BT_SECURITY_HIGH
)
562 /* Even though there's no _SLAVE suffix this is the
563 * slave STK we're adding for later lookup (the master
564 * STK never needs to be stored).
566 hci_add_ltk(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
567 SMP_STK
, auth
, stk
, smp
->enc_key_size
, ediv
, rand
);
573 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
575 struct smp_chan
*smp
;
577 smp
= kzalloc(sizeof(*smp
), GFP_ATOMIC
);
581 smp
->tfm_aes
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
582 if (IS_ERR(smp
->tfm_aes
)) {
583 BT_ERR("Unable to create ECB crypto context");
589 conn
->smp_chan
= smp
;
591 hci_conn_hold(conn
->hcon
);
596 void smp_chan_destroy(struct l2cap_conn
*conn
)
598 struct smp_chan
*smp
= conn
->smp_chan
;
603 complete
= test_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
604 mgmt_smp_complete(conn
->hcon
, complete
);
607 kfree(smp
->slave_csrk
);
609 crypto_free_blkcipher(smp
->tfm_aes
);
611 /* If pairing failed clean up any keys we might have */
614 list_del(&smp
->ltk
->list
);
618 if (smp
->slave_ltk
) {
619 list_del(&smp
->slave_ltk
->list
);
620 kfree(smp
->slave_ltk
);
623 if (smp
->remote_irk
) {
624 list_del(&smp
->remote_irk
->list
);
625 kfree(smp
->remote_irk
);
630 conn
->smp_chan
= NULL
;
631 hci_conn_drop(conn
->hcon
);
634 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
636 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
637 struct smp_chan
*smp
;
642 if (!conn
|| !test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
645 smp
= conn
->smp_chan
;
648 case MGMT_OP_USER_PASSKEY_REPLY
:
649 value
= le32_to_cpu(passkey
);
650 memset(smp
->tk
, 0, sizeof(smp
->tk
));
651 BT_DBG("PassKey: %d", value
);
652 put_unaligned_le32(value
, smp
->tk
);
654 case MGMT_OP_USER_CONFIRM_REPLY
:
655 set_bit(SMP_FLAG_TK_VALID
, &smp
->flags
);
657 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
658 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
659 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
662 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
);
666 /* If it is our turn to send Pairing Confirm, do so now */
667 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
)) {
668 u8 rsp
= smp_confirm(smp
);
670 smp_failure(conn
, rsp
);
676 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
678 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
679 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
680 struct smp_chan
*smp
;
681 u8 key_size
, auth
, sec_level
;
684 BT_DBG("conn %p", conn
);
686 if (skb
->len
< sizeof(*req
))
687 return SMP_INVALID_PARAMS
;
689 if (test_bit(HCI_CONN_MASTER
, &conn
->hcon
->flags
))
690 return SMP_CMD_NOTSUPP
;
692 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
693 smp
= smp_chan_create(conn
);
695 smp
= conn
->smp_chan
;
698 return SMP_UNSPECIFIED
;
700 if (!test_bit(HCI_PAIRABLE
, &hdev
->dev_flags
) &&
701 (req
->auth_req
& SMP_AUTH_BONDING
))
702 return SMP_PAIRING_NOTSUPP
;
704 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
705 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
706 skb_pull(skb
, sizeof(*req
));
708 /* We didn't start the pairing, so match remote */
709 auth
= req
->auth_req
;
711 sec_level
= authreq_to_seclevel(auth
);
712 if (sec_level
> conn
->hcon
->pending_sec_level
)
713 conn
->hcon
->pending_sec_level
= sec_level
;
715 /* If we need MITM check that it can be acheived */
716 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
719 method
= get_auth_method(smp
, conn
->hcon
->io_capability
,
721 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
722 return SMP_AUTH_REQUIREMENTS
;
725 build_pairing_cmd(conn
, req
, &rsp
, auth
);
727 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
728 if (check_enc_key_size(conn
, key_size
))
729 return SMP_ENC_KEY_SIZE
;
731 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
733 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
734 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
736 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
738 /* Request setup of TK */
739 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
741 return SMP_UNSPECIFIED
;
746 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
748 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
749 struct smp_chan
*smp
= conn
->smp_chan
;
750 u8 key_size
, auth
= SMP_AUTH_NONE
;
753 BT_DBG("conn %p", conn
);
755 if (skb
->len
< sizeof(*rsp
))
756 return SMP_INVALID_PARAMS
;
758 if (!test_bit(HCI_CONN_MASTER
, &conn
->hcon
->flags
))
759 return SMP_CMD_NOTSUPP
;
761 skb_pull(skb
, sizeof(*rsp
));
763 req
= (void *) &smp
->preq
[1];
765 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
766 if (check_enc_key_size(conn
, key_size
))
767 return SMP_ENC_KEY_SIZE
;
769 /* If we need MITM check that it can be acheived */
770 if (conn
->hcon
->pending_sec_level
>= BT_SECURITY_HIGH
) {
773 method
= get_auth_method(smp
, req
->io_capability
,
775 if (method
== JUST_WORKS
|| method
== JUST_CFM
)
776 return SMP_AUTH_REQUIREMENTS
;
779 get_random_bytes(smp
->prnd
, sizeof(smp
->prnd
));
781 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
782 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
784 /* Update remote key distribution in case the remote cleared
785 * some bits that we had enabled in our request.
787 smp
->remote_key_dist
&= rsp
->resp_key_dist
;
789 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
790 (rsp
->auth_req
& SMP_AUTH_BONDING
))
791 auth
= SMP_AUTH_BONDING
;
793 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
795 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
797 return SMP_UNSPECIFIED
;
799 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
801 /* Can't compose response until we have been confirmed */
802 if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
803 return smp_confirm(smp
);
808 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
810 struct smp_chan
*smp
= conn
->smp_chan
;
812 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
814 if (skb
->len
< sizeof(smp
->pcnf
))
815 return SMP_INVALID_PARAMS
;
817 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
818 skb_pull(skb
, sizeof(smp
->pcnf
));
821 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(smp
->prnd
),
823 else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->flags
))
824 return smp_confirm(smp
);
826 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->flags
);
831 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
833 struct smp_chan
*smp
= conn
->smp_chan
;
835 BT_DBG("conn %p", conn
);
837 if (skb
->len
< sizeof(smp
->rrnd
))
838 return SMP_INVALID_PARAMS
;
840 memcpy(smp
->rrnd
, skb
->data
, sizeof(smp
->rrnd
));
841 skb_pull(skb
, sizeof(smp
->rrnd
));
843 return smp_random(smp
);
846 static bool smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
849 struct hci_conn
*hcon
= conn
->hcon
;
851 key
= hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
856 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
859 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
862 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
863 hcon
->enc_key_size
= key
->enc_size
;
865 /* We never store STKs for master role, so clear this flag */
866 clear_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
);
871 bool smp_sufficient_security(struct hci_conn
*hcon
, u8 sec_level
)
873 if (sec_level
== BT_SECURITY_LOW
)
876 /* If we're encrypted with an STK always claim insufficient
877 * security. This way we allow the connection to be re-encrypted
878 * with an LTK, even if the LTK provides the same level of
879 * security. Only exception is if we don't have an LTK (e.g.
880 * because of key distribution bits).
882 if (test_bit(HCI_CONN_STK_ENCRYPT
, &hcon
->flags
) &&
883 hci_find_ltk_by_addr(hcon
->hdev
, &hcon
->dst
, hcon
->dst_type
,
887 if (hcon
->sec_level
>= sec_level
)
893 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
895 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
896 struct smp_cmd_pairing cp
;
897 struct hci_conn
*hcon
= conn
->hcon
;
898 struct smp_chan
*smp
;
901 BT_DBG("conn %p", conn
);
903 if (skb
->len
< sizeof(*rp
))
904 return SMP_INVALID_PARAMS
;
906 if (!test_bit(HCI_CONN_MASTER
, &conn
->hcon
->flags
))
907 return SMP_CMD_NOTSUPP
;
909 sec_level
= authreq_to_seclevel(rp
->auth_req
);
910 if (smp_sufficient_security(hcon
, sec_level
))
913 if (sec_level
> hcon
->pending_sec_level
)
914 hcon
->pending_sec_level
= sec_level
;
916 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
919 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
922 if (!test_bit(HCI_PAIRABLE
, &hcon
->hdev
->dev_flags
) &&
923 (rp
->auth_req
& SMP_AUTH_BONDING
))
924 return SMP_PAIRING_NOTSUPP
;
926 smp
= smp_chan_create(conn
);
928 return SMP_UNSPECIFIED
;
930 skb_pull(skb
, sizeof(*rp
));
932 memset(&cp
, 0, sizeof(cp
));
933 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
935 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
936 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
938 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
943 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
945 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
946 struct smp_chan
*smp
;
949 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
951 /* This may be NULL if there's an unexpected disconnection */
955 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
958 if (smp_sufficient_security(hcon
, sec_level
))
961 if (sec_level
> hcon
->pending_sec_level
)
962 hcon
->pending_sec_level
= sec_level
;
964 if (test_bit(HCI_CONN_MASTER
, &hcon
->flags
))
965 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
968 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
971 smp
= smp_chan_create(conn
);
975 authreq
= seclevel_to_authreq(sec_level
);
977 /* Require MITM if IO Capability allows or the security level
980 if (hcon
->io_capability
!= HCI_IO_NO_INPUT_OUTPUT
||
981 hcon
->pending_sec_level
> BT_SECURITY_MEDIUM
)
982 authreq
|= SMP_AUTH_MITM
;
984 if (test_bit(HCI_CONN_MASTER
, &hcon
->flags
)) {
985 struct smp_cmd_pairing cp
;
987 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
988 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
989 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
991 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
993 struct smp_cmd_security_req cp
;
994 cp
.auth_req
= authreq
;
995 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
998 set_bit(SMP_FLAG_INITIATOR
, &smp
->flags
);
1003 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1005 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
1006 struct smp_chan
*smp
= conn
->smp_chan
;
1008 BT_DBG("conn %p", conn
);
1010 if (skb
->len
< sizeof(*rp
))
1011 return SMP_INVALID_PARAMS
;
1013 /* Ignore this PDU if it wasn't requested */
1014 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1017 skb_pull(skb
, sizeof(*rp
));
1019 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
1024 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1026 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
1027 struct smp_chan
*smp
= conn
->smp_chan
;
1028 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1029 struct hci_conn
*hcon
= conn
->hcon
;
1030 struct smp_ltk
*ltk
;
1033 BT_DBG("conn %p", conn
);
1035 if (skb
->len
< sizeof(*rp
))
1036 return SMP_INVALID_PARAMS
;
1038 /* Ignore this PDU if it wasn't requested */
1039 if (!(smp
->remote_key_dist
& SMP_DIST_ENC_KEY
))
1042 /* Mark the information as received */
1043 smp
->remote_key_dist
&= ~SMP_DIST_ENC_KEY
;
1045 skb_pull(skb
, sizeof(*rp
));
1048 authenticated
= (hcon
->sec_level
== BT_SECURITY_HIGH
);
1049 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
, SMP_LTK
,
1050 authenticated
, smp
->tk
, smp
->enc_key_size
,
1051 rp
->ediv
, rp
->rand
);
1053 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1054 smp_distribute_keys(conn
);
1055 hci_dev_unlock(hdev
);
1060 static int smp_cmd_ident_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1062 struct smp_cmd_ident_info
*info
= (void *) skb
->data
;
1063 struct smp_chan
*smp
= conn
->smp_chan
;
1067 if (skb
->len
< sizeof(*info
))
1068 return SMP_INVALID_PARAMS
;
1070 /* Ignore this PDU if it wasn't requested */
1071 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1074 skb_pull(skb
, sizeof(*info
));
1076 memcpy(smp
->irk
, info
->irk
, 16);
1081 static int smp_cmd_ident_addr_info(struct l2cap_conn
*conn
,
1082 struct sk_buff
*skb
)
1084 struct smp_cmd_ident_addr_info
*info
= (void *) skb
->data
;
1085 struct smp_chan
*smp
= conn
->smp_chan
;
1086 struct hci_conn
*hcon
= conn
->hcon
;
1091 if (skb
->len
< sizeof(*info
))
1092 return SMP_INVALID_PARAMS
;
1094 /* Ignore this PDU if it wasn't requested */
1095 if (!(smp
->remote_key_dist
& SMP_DIST_ID_KEY
))
1098 /* Mark the information as received */
1099 smp
->remote_key_dist
&= ~SMP_DIST_ID_KEY
;
1101 skb_pull(skb
, sizeof(*info
));
1103 hci_dev_lock(hcon
->hdev
);
1105 /* Strictly speaking the Core Specification (4.1) allows sending
1106 * an empty address which would force us to rely on just the IRK
1107 * as "identity information". However, since such
1108 * implementations are not known of and in order to not over
1109 * complicate our implementation, simply pretend that we never
1110 * received an IRK for such a device.
1112 if (!bacmp(&info
->bdaddr
, BDADDR_ANY
)) {
1113 BT_ERR("Ignoring IRK with no identity address");
1117 bacpy(&smp
->id_addr
, &info
->bdaddr
);
1118 smp
->id_addr_type
= info
->addr_type
;
1120 if (hci_bdaddr_is_rpa(&hcon
->dst
, hcon
->dst_type
))
1121 bacpy(&rpa
, &hcon
->dst
);
1123 bacpy(&rpa
, BDADDR_ANY
);
1125 smp
->remote_irk
= hci_add_irk(conn
->hcon
->hdev
, &smp
->id_addr
,
1126 smp
->id_addr_type
, smp
->irk
, &rpa
);
1129 smp_distribute_keys(conn
);
1131 hci_dev_unlock(hcon
->hdev
);
1136 static int smp_cmd_sign_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1138 struct smp_cmd_sign_info
*rp
= (void *) skb
->data
;
1139 struct smp_chan
*smp
= conn
->smp_chan
;
1140 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
1141 struct smp_csrk
*csrk
;
1143 BT_DBG("conn %p", conn
);
1145 if (skb
->len
< sizeof(*rp
))
1146 return SMP_INVALID_PARAMS
;
1148 /* Ignore this PDU if it wasn't requested */
1149 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1152 /* Mark the information as received */
1153 smp
->remote_key_dist
&= ~SMP_DIST_SIGN
;
1155 skb_pull(skb
, sizeof(*rp
));
1158 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1160 csrk
->master
= 0x01;
1161 memcpy(csrk
->val
, rp
->csrk
, sizeof(csrk
->val
));
1164 if (!(smp
->remote_key_dist
& SMP_DIST_SIGN
))
1165 smp_distribute_keys(conn
);
1166 hci_dev_unlock(hdev
);
1171 int smp_sig_channel(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
1173 struct hci_conn
*hcon
= conn
->hcon
;
1177 if (hcon
->type
!= LE_LINK
) {
1187 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
)) {
1189 reason
= SMP_PAIRING_NOTSUPP
;
1193 code
= skb
->data
[0];
1194 skb_pull(skb
, sizeof(code
));
1197 * The SMP context must be initialized for all other PDUs except
1198 * pairing and security requests. If we get any other PDU when
1199 * not initialized simply disconnect (done if this function
1200 * returns an error).
1202 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
1204 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
1210 case SMP_CMD_PAIRING_REQ
:
1211 reason
= smp_cmd_pairing_req(conn
, skb
);
1214 case SMP_CMD_PAIRING_FAIL
:
1215 smp_failure(conn
, 0);
1220 case SMP_CMD_PAIRING_RSP
:
1221 reason
= smp_cmd_pairing_rsp(conn
, skb
);
1224 case SMP_CMD_SECURITY_REQ
:
1225 reason
= smp_cmd_security_req(conn
, skb
);
1228 case SMP_CMD_PAIRING_CONFIRM
:
1229 reason
= smp_cmd_pairing_confirm(conn
, skb
);
1232 case SMP_CMD_PAIRING_RANDOM
:
1233 reason
= smp_cmd_pairing_random(conn
, skb
);
1236 case SMP_CMD_ENCRYPT_INFO
:
1237 reason
= smp_cmd_encrypt_info(conn
, skb
);
1240 case SMP_CMD_MASTER_IDENT
:
1241 reason
= smp_cmd_master_ident(conn
, skb
);
1244 case SMP_CMD_IDENT_INFO
:
1245 reason
= smp_cmd_ident_info(conn
, skb
);
1248 case SMP_CMD_IDENT_ADDR_INFO
:
1249 reason
= smp_cmd_ident_addr_info(conn
, skb
);
1252 case SMP_CMD_SIGN_INFO
:
1253 reason
= smp_cmd_sign_info(conn
, skb
);
1257 BT_DBG("Unknown command code 0x%2.2x", code
);
1259 reason
= SMP_CMD_NOTSUPP
;
1266 smp_failure(conn
, reason
);
1272 static void smp_notify_keys(struct l2cap_conn
*conn
)
1274 struct smp_chan
*smp
= conn
->smp_chan
;
1275 struct hci_conn
*hcon
= conn
->hcon
;
1276 struct hci_dev
*hdev
= hcon
->hdev
;
1277 struct smp_cmd_pairing
*req
= (void *) &smp
->preq
[1];
1278 struct smp_cmd_pairing
*rsp
= (void *) &smp
->prsp
[1];
1281 if (smp
->remote_irk
) {
1282 mgmt_new_irk(hdev
, smp
->remote_irk
);
1283 /* Now that user space can be considered to know the
1284 * identity address track the connection based on it
1287 bacpy(&hcon
->dst
, &smp
->remote_irk
->bdaddr
);
1288 hcon
->dst_type
= smp
->remote_irk
->addr_type
;
1289 l2cap_conn_update_id_addr(hcon
);
1292 /* The LTKs and CSRKs should be persistent only if both sides
1293 * had the bonding bit set in their authentication requests.
1295 persistent
= !!((req
->auth_req
& rsp
->auth_req
) & SMP_AUTH_BONDING
);
1298 smp
->csrk
->bdaddr_type
= hcon
->dst_type
;
1299 bacpy(&smp
->csrk
->bdaddr
, &hcon
->dst
);
1300 mgmt_new_csrk(hdev
, smp
->csrk
, persistent
);
1303 if (smp
->slave_csrk
) {
1304 smp
->slave_csrk
->bdaddr_type
= hcon
->dst_type
;
1305 bacpy(&smp
->slave_csrk
->bdaddr
, &hcon
->dst
);
1306 mgmt_new_csrk(hdev
, smp
->slave_csrk
, persistent
);
1310 smp
->ltk
->bdaddr_type
= hcon
->dst_type
;
1311 bacpy(&smp
->ltk
->bdaddr
, &hcon
->dst
);
1312 mgmt_new_ltk(hdev
, smp
->ltk
, persistent
);
1315 if (smp
->slave_ltk
) {
1316 smp
->slave_ltk
->bdaddr_type
= hcon
->dst_type
;
1317 bacpy(&smp
->slave_ltk
->bdaddr
, &hcon
->dst
);
1318 mgmt_new_ltk(hdev
, smp
->slave_ltk
, persistent
);
1322 int smp_distribute_keys(struct l2cap_conn
*conn
)
1324 struct smp_cmd_pairing
*req
, *rsp
;
1325 struct smp_chan
*smp
= conn
->smp_chan
;
1326 struct hci_conn
*hcon
= conn
->hcon
;
1327 struct hci_dev
*hdev
= hcon
->hdev
;
1330 BT_DBG("conn %p", conn
);
1332 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
1335 rsp
= (void *) &smp
->prsp
[1];
1337 /* The responder sends its keys first */
1338 if (hcon
->out
&& (smp
->remote_key_dist
& 0x07))
1341 req
= (void *) &smp
->preq
[1];
1344 keydist
= &rsp
->init_key_dist
;
1345 *keydist
&= req
->init_key_dist
;
1347 keydist
= &rsp
->resp_key_dist
;
1348 *keydist
&= req
->resp_key_dist
;
1351 BT_DBG("keydist 0x%x", *keydist
);
1353 if (*keydist
& SMP_DIST_ENC_KEY
) {
1354 struct smp_cmd_encrypt_info enc
;
1355 struct smp_cmd_master_ident ident
;
1356 struct smp_ltk
*ltk
;
1361 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
1362 get_random_bytes(&ediv
, sizeof(ediv
));
1363 get_random_bytes(&rand
, sizeof(rand
));
1365 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
1367 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
1368 ltk
= hci_add_ltk(hdev
, &hcon
->dst
, hcon
->dst_type
,
1369 SMP_LTK_SLAVE
, authenticated
, enc
.ltk
,
1370 smp
->enc_key_size
, ediv
, rand
);
1371 smp
->slave_ltk
= ltk
;
1376 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
1378 *keydist
&= ~SMP_DIST_ENC_KEY
;
1381 if (*keydist
& SMP_DIST_ID_KEY
) {
1382 struct smp_cmd_ident_addr_info addrinfo
;
1383 struct smp_cmd_ident_info idinfo
;
1385 memcpy(idinfo
.irk
, hdev
->irk
, sizeof(idinfo
.irk
));
1387 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
1389 /* The hci_conn contains the local identity address
1390 * after the connection has been established.
1392 * This is true even when the connection has been
1393 * established using a resolvable random address.
1395 bacpy(&addrinfo
.bdaddr
, &hcon
->src
);
1396 addrinfo
.addr_type
= hcon
->src_type
;
1398 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
1401 *keydist
&= ~SMP_DIST_ID_KEY
;
1404 if (*keydist
& SMP_DIST_SIGN
) {
1405 struct smp_cmd_sign_info sign
;
1406 struct smp_csrk
*csrk
;
1408 /* Generate a new random key */
1409 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
1411 csrk
= kzalloc(sizeof(*csrk
), GFP_KERNEL
);
1413 csrk
->master
= 0x00;
1414 memcpy(csrk
->val
, sign
.csrk
, sizeof(csrk
->val
));
1416 smp
->slave_csrk
= csrk
;
1418 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
1420 *keydist
&= ~SMP_DIST_SIGN
;
1423 /* If there are still keys to be received wait for them */
1424 if ((smp
->remote_key_dist
& 0x07))
1427 clear_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
);
1428 cancel_delayed_work_sync(&conn
->security_timer
);
1429 set_bit(SMP_FLAG_COMPLETE
, &smp
->flags
);
1430 smp_notify_keys(conn
);
1432 smp_chan_destroy(conn
);