2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src
[16], u8 dst
[16])
41 for (i
= 0; i
< 16; i
++)
45 static inline void swap56(u8 src
[7], u8 dst
[7])
48 for (i
= 0; i
< 7; i
++)
52 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
54 struct blkcipher_desc desc
;
55 struct scatterlist sg
;
57 unsigned char iv
[128];
60 BT_ERR("tfm %p", tfm
);
67 err
= crypto_blkcipher_setkey(tfm
, k
, 16);
69 BT_ERR("cipher setkey failed: %d", err
);
73 sg_init_one(&sg
, r
, 16);
75 iv_len
= crypto_blkcipher_ivsize(tfm
);
77 memset(&iv
, 0xff, iv_len
);
78 crypto_blkcipher_set_iv(tfm
, iv
, iv_len
);
81 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
83 BT_ERR("Encrypt data error %d", err
);
88 static int smp_c1(struct crypto_blkcipher
*tfm
, u8 k
[16], u8 r
[16],
89 u8 preq
[7], u8 pres
[7], u8 _iat
, bdaddr_t
*ia
,
90 u8 _rat
, bdaddr_t
*ra
, u8 res
[16])
97 /* p1 = pres || preq || _rat || _iat */
105 /* p2 = padding || ia || ra */
106 baswap((bdaddr_t
*) (p2
+ 4), ia
);
107 baswap((bdaddr_t
*) (p2
+ 10), ra
);
110 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
112 /* res = e(k, res) */
113 err
= smp_e(tfm
, k
, res
);
115 BT_ERR("Encrypt data error");
119 /* res = res XOR p2 */
120 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
122 /* res = e(k, res) */
123 err
= smp_e(tfm
, k
, res
);
125 BT_ERR("Encrypt data error");
130 static int smp_s1(struct crypto_blkcipher
*tfm
, u8 k
[16],
131 u8 r1
[16], u8 r2
[16], u8 _r
[16])
135 /* Just least significant octets from r1 and r2 are considered */
136 memcpy(_r
, r1
+ 8, 8);
137 memcpy(_r
+ 8, r2
+ 8, 8);
139 err
= smp_e(tfm
, k
, _r
);
141 BT_ERR("Encrypt data error");
146 static int smp_rand(u8
*buf
)
148 get_random_bytes(buf
, 16);
153 static struct sk_buff
*smp_build_cmd(struct l2cap_conn
*conn
, u8 code
,
154 u16 dlen
, void *data
)
157 struct l2cap_hdr
*lh
;
160 len
= L2CAP_HDR_SIZE
+ sizeof(code
) + dlen
;
165 skb
= bt_skb_alloc(len
, GFP_ATOMIC
);
169 lh
= (struct l2cap_hdr
*) skb_put(skb
, L2CAP_HDR_SIZE
);
170 lh
->len
= cpu_to_le16(sizeof(code
) + dlen
);
171 lh
->cid
= __constant_cpu_to_le16(L2CAP_CID_SMP
);
173 memcpy(skb_put(skb
, sizeof(code
)), &code
, sizeof(code
));
175 memcpy(skb_put(skb
, dlen
), data
, dlen
);
180 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
182 struct sk_buff
*skb
= smp_build_cmd(conn
, code
, len
, data
);
184 BT_DBG("code 0x%2.2x", code
);
189 skb
->priority
= HCI_PRIO_MAX
;
190 hci_send_acl(conn
->hchan
, skb
, 0);
192 cancel_delayed_work_sync(&conn
->security_timer
);
193 schedule_delayed_work(&conn
->security_timer
, SMP_TIMEOUT
);
196 static __u8
authreq_to_seclevel(__u8 authreq
)
198 if (authreq
& SMP_AUTH_MITM
)
199 return BT_SECURITY_HIGH
;
201 return BT_SECURITY_MEDIUM
;
204 static __u8
seclevel_to_authreq(__u8 sec_level
)
207 case BT_SECURITY_HIGH
:
208 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
209 case BT_SECURITY_MEDIUM
:
210 return SMP_AUTH_BONDING
;
212 return SMP_AUTH_NONE
;
216 static void build_pairing_cmd(struct l2cap_conn
*conn
,
217 struct smp_cmd_pairing
*req
,
218 struct smp_cmd_pairing
*rsp
,
223 if (test_bit(HCI_PAIRABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
224 dist_keys
= SMP_DIST_ENC_KEY
;
225 authreq
|= SMP_AUTH_BONDING
;
227 authreq
&= ~SMP_AUTH_BONDING
;
231 req
->io_capability
= conn
->hcon
->io_capability
;
232 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
233 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
234 req
->init_key_dist
= 0;
235 req
->resp_key_dist
= dist_keys
;
236 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
240 rsp
->io_capability
= conn
->hcon
->io_capability
;
241 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
242 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
243 rsp
->init_key_dist
= 0;
244 rsp
->resp_key_dist
= req
->resp_key_dist
& dist_keys
;
245 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
248 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
250 struct smp_chan
*smp
= conn
->smp_chan
;
252 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
253 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
254 return SMP_ENC_KEY_SIZE
;
256 smp
->enc_key_size
= max_key_size
;
261 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
, u8 send
)
263 struct hci_conn
*hcon
= conn
->hcon
;
266 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
269 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->hcon
->flags
);
270 mgmt_auth_failed(conn
->hcon
->hdev
, conn
->dst
, hcon
->type
,
271 hcon
->dst_type
, HCI_ERROR_AUTH_FAILURE
);
273 cancel_delayed_work_sync(&conn
->security_timer
);
275 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
276 smp_chan_destroy(conn
);
279 #define JUST_WORKS 0x00
280 #define JUST_CFM 0x01
281 #define REQ_PASSKEY 0x02
282 #define CFM_PASSKEY 0x03
286 static const u8 gen_method
[5][5] = {
287 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
288 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
289 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
290 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
291 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
294 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
295 u8 local_io
, u8 remote_io
)
297 struct hci_conn
*hcon
= conn
->hcon
;
298 struct smp_chan
*smp
= conn
->smp_chan
;
303 /* Initialize key for JUST WORKS */
304 memset(smp
->tk
, 0, sizeof(smp
->tk
));
305 clear_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
307 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
309 /* If neither side wants MITM, use JUST WORKS */
310 /* If either side has unknown io_caps, use JUST WORKS */
311 /* Otherwise, look up method from the table */
312 if (!(auth
& SMP_AUTH_MITM
) ||
313 local_io
> SMP_IO_KEYBOARD_DISPLAY
||
314 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
317 method
= gen_method
[remote_io
][local_io
];
319 /* If not bonding, don't ask user to confirm a Zero TK */
320 if (!(auth
& SMP_AUTH_BONDING
) && method
== JUST_CFM
)
323 /* If Just Works, Continue with Zero TK */
324 if (method
== JUST_WORKS
) {
325 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
329 /* Not Just Works/Confirm results in MITM Authentication */
330 if (method
!= JUST_CFM
)
331 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->smp_flags
);
333 /* If both devices have Keyoard-Display I/O, the master
334 * Confirms and the slave Enters the passkey.
336 if (method
== OVERLAP
) {
337 if (hcon
->link_mode
& HCI_LM_MASTER
)
338 method
= CFM_PASSKEY
;
340 method
= REQ_PASSKEY
;
343 /* Generate random passkey. Not valid until confirmed. */
344 if (method
== CFM_PASSKEY
) {
347 memset(key
, 0, sizeof(key
));
348 get_random_bytes(&passkey
, sizeof(passkey
));
350 put_unaligned_le32(passkey
, key
);
351 swap128(key
, smp
->tk
);
352 BT_DBG("PassKey: %d", passkey
);
355 hci_dev_lock(hcon
->hdev
);
357 if (method
== REQ_PASSKEY
)
358 ret
= mgmt_user_passkey_request(hcon
->hdev
, conn
->dst
,
359 hcon
->type
, hcon
->dst_type
);
361 ret
= mgmt_user_confirm_request(hcon
->hdev
, conn
->dst
,
362 hcon
->type
, hcon
->dst_type
,
363 cpu_to_le32(passkey
), 0);
365 hci_dev_unlock(hcon
->hdev
);
370 static void confirm_work(struct work_struct
*work
)
372 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, confirm
);
373 struct l2cap_conn
*conn
= smp
->conn
;
374 struct crypto_blkcipher
*tfm
;
375 struct smp_cmd_pairing_confirm cp
;
379 BT_DBG("conn %p", conn
);
381 tfm
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
383 reason
= SMP_UNSPECIFIED
;
390 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
, 0,
391 conn
->src
, conn
->hcon
->dst_type
, conn
->dst
, res
);
393 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
394 conn
->hcon
->dst_type
, conn
->dst
, 0, conn
->src
,
397 reason
= SMP_UNSPECIFIED
;
401 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
403 swap128(res
, cp
.confirm_val
);
404 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
409 smp_failure(conn
, reason
, 1);
412 static void random_work(struct work_struct
*work
)
414 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, random
);
415 struct l2cap_conn
*conn
= smp
->conn
;
416 struct hci_conn
*hcon
= conn
->hcon
;
417 struct crypto_blkcipher
*tfm
= smp
->tfm
;
418 u8 reason
, confirm
[16], res
[16], key
[16];
421 if (IS_ERR_OR_NULL(tfm
)) {
422 reason
= SMP_UNSPECIFIED
;
426 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
429 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
, 0,
430 conn
->src
, hcon
->dst_type
, conn
->dst
, res
);
432 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
433 hcon
->dst_type
, conn
->dst
, 0, conn
->src
, res
);
435 reason
= SMP_UNSPECIFIED
;
439 swap128(res
, confirm
);
441 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
442 BT_ERR("Pairing failed (confirmation values mismatch)");
443 reason
= SMP_CONFIRM_FAILED
;
451 memset(rand
, 0, sizeof(rand
));
454 smp_s1(tfm
, smp
->tk
, smp
->rrnd
, smp
->prnd
, key
);
457 memset(stk
+ smp
->enc_key_size
, 0,
458 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
460 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
)) {
461 reason
= SMP_UNSPECIFIED
;
465 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
466 hcon
->enc_key_size
= smp
->enc_key_size
;
468 u8 stk
[16], r
[16], rand
[8];
471 memset(rand
, 0, sizeof(rand
));
474 swap128(smp
->prnd
, r
);
475 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(r
), r
);
477 smp_s1(tfm
, smp
->tk
, smp
->prnd
, smp
->rrnd
, key
);
480 memset(stk
+ smp
->enc_key_size
, 0,
481 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
483 hci_add_ltk(hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
484 HCI_SMP_STK_SLAVE
, 0, 0, stk
, smp
->enc_key_size
,
491 smp_failure(conn
, reason
, 1);
494 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
496 struct smp_chan
*smp
;
498 smp
= kzalloc(sizeof(struct smp_chan
), GFP_ATOMIC
);
502 INIT_WORK(&smp
->confirm
, confirm_work
);
503 INIT_WORK(&smp
->random
, random_work
);
506 conn
->smp_chan
= smp
;
507 conn
->hcon
->smp_conn
= conn
;
509 hci_conn_hold(conn
->hcon
);
514 void smp_chan_destroy(struct l2cap_conn
*conn
)
516 struct smp_chan
*smp
= conn
->smp_chan
;
521 crypto_free_blkcipher(smp
->tfm
);
524 conn
->smp_chan
= NULL
;
525 conn
->hcon
->smp_conn
= NULL
;
526 hci_conn_drop(conn
->hcon
);
529 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
531 struct l2cap_conn
*conn
= hcon
->smp_conn
;
532 struct smp_chan
*smp
;
541 smp
= conn
->smp_chan
;
544 case MGMT_OP_USER_PASSKEY_REPLY
:
545 value
= le32_to_cpu(passkey
);
546 memset(key
, 0, sizeof(key
));
547 BT_DBG("PassKey: %d", value
);
548 put_unaligned_le32(value
, key
);
549 swap128(key
, smp
->tk
);
551 case MGMT_OP_USER_CONFIRM_REPLY
:
552 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
554 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
555 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
556 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
, 1);
559 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
, 1);
563 /* If it is our turn to send Pairing Confirm, do so now */
564 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
))
565 queue_work(hcon
->hdev
->workqueue
, &smp
->confirm
);
570 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
572 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
573 struct smp_chan
*smp
;
575 u8 auth
= SMP_AUTH_NONE
;
578 BT_DBG("conn %p", conn
);
580 if (conn
->hcon
->link_mode
& HCI_LM_MASTER
)
581 return SMP_CMD_NOTSUPP
;
583 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
584 smp
= smp_chan_create(conn
);
586 smp
= conn
->smp_chan
;
589 return SMP_UNSPECIFIED
;
591 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
592 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
593 skb_pull(skb
, sizeof(*req
));
595 /* We didn't start the pairing, so match remote */
596 if (req
->auth_req
& SMP_AUTH_BONDING
)
597 auth
= req
->auth_req
;
599 conn
->hcon
->pending_sec_level
= authreq_to_seclevel(auth
);
601 build_pairing_cmd(conn
, req
, &rsp
, auth
);
603 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
604 if (check_enc_key_size(conn
, key_size
))
605 return SMP_ENC_KEY_SIZE
;
607 ret
= smp_rand(smp
->prnd
);
609 return SMP_UNSPECIFIED
;
611 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
612 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
614 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
616 /* Request setup of TK */
617 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
619 return SMP_UNSPECIFIED
;
624 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
626 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
627 struct smp_chan
*smp
= conn
->smp_chan
;
628 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
629 u8 key_size
, auth
= SMP_AUTH_NONE
;
632 BT_DBG("conn %p", conn
);
634 if (!(conn
->hcon
->link_mode
& HCI_LM_MASTER
))
635 return SMP_CMD_NOTSUPP
;
637 skb_pull(skb
, sizeof(*rsp
));
639 req
= (void *) &smp
->preq
[1];
641 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
642 if (check_enc_key_size(conn
, key_size
))
643 return SMP_ENC_KEY_SIZE
;
645 ret
= smp_rand(smp
->prnd
);
647 return SMP_UNSPECIFIED
;
649 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
650 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
652 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
653 (rsp
->auth_req
& SMP_AUTH_BONDING
))
654 auth
= SMP_AUTH_BONDING
;
656 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
658 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
660 return SMP_UNSPECIFIED
;
662 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
664 /* Can't compose response until we have been confirmed */
665 if (!test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
))
668 queue_work(hdev
->workqueue
, &smp
->confirm
);
673 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
675 struct smp_chan
*smp
= conn
->smp_chan
;
676 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
678 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
680 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
681 skb_pull(skb
, sizeof(smp
->pcnf
));
683 if (conn
->hcon
->out
) {
686 swap128(smp
->prnd
, random
);
687 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(random
),
689 } else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
)) {
690 queue_work(hdev
->workqueue
, &smp
->confirm
);
692 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
698 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
700 struct smp_chan
*smp
= conn
->smp_chan
;
701 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
703 BT_DBG("conn %p", conn
);
705 swap128(skb
->data
, smp
->rrnd
);
706 skb_pull(skb
, sizeof(smp
->rrnd
));
708 queue_work(hdev
->workqueue
, &smp
->random
);
713 static u8
smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
716 struct hci_conn
*hcon
= conn
->hcon
;
718 key
= hci_find_ltk_by_addr(hcon
->hdev
, conn
->dst
, hcon
->dst_type
);
722 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
725 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
728 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
729 hcon
->enc_key_size
= key
->enc_size
;
734 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
736 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
737 struct smp_cmd_pairing cp
;
738 struct hci_conn
*hcon
= conn
->hcon
;
739 struct smp_chan
*smp
;
741 BT_DBG("conn %p", conn
);
743 hcon
->pending_sec_level
= authreq_to_seclevel(rp
->auth_req
);
745 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
748 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
751 smp
= smp_chan_create(conn
);
753 skb_pull(skb
, sizeof(*rp
));
755 memset(&cp
, 0, sizeof(cp
));
756 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
758 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
759 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
761 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
766 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
768 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
769 struct smp_chan
*smp
= conn
->smp_chan
;
772 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
774 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
777 if (sec_level
== BT_SECURITY_LOW
)
780 if (hcon
->sec_level
>= sec_level
)
783 if (hcon
->link_mode
& HCI_LM_MASTER
)
784 if (smp_ltk_encrypt(conn
, sec_level
))
787 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
790 smp
= smp_chan_create(conn
);
794 authreq
= seclevel_to_authreq(sec_level
);
796 if (hcon
->link_mode
& HCI_LM_MASTER
) {
797 struct smp_cmd_pairing cp
;
799 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
800 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
801 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
803 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
805 struct smp_cmd_security_req cp
;
806 cp
.auth_req
= authreq
;
807 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
811 hcon
->pending_sec_level
= sec_level
;
816 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
818 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
819 struct smp_chan
*smp
= conn
->smp_chan
;
821 skb_pull(skb
, sizeof(*rp
));
823 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
828 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
830 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
831 struct smp_chan
*smp
= conn
->smp_chan
;
832 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
833 struct hci_conn
*hcon
= conn
->hcon
;
836 skb_pull(skb
, sizeof(*rp
));
839 authenticated
= (conn
->hcon
->sec_level
== BT_SECURITY_HIGH
);
840 hci_add_ltk(conn
->hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
841 HCI_SMP_LTK
, 1, authenticated
, smp
->tk
, smp
->enc_key_size
,
843 smp_distribute_keys(conn
, 1);
844 hci_dev_unlock(hdev
);
849 int smp_sig_channel(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
851 struct hci_conn
*hcon
= conn
->hcon
;
855 if (hcon
->type
!= LE_LINK
) {
865 if (!test_bit(HCI_LE_ENABLED
, &conn
->hcon
->hdev
->dev_flags
)) {
867 reason
= SMP_PAIRING_NOTSUPP
;
872 skb_pull(skb
, sizeof(code
));
875 * The SMP context must be initialized for all other PDUs except
876 * pairing and security requests. If we get any other PDU when
877 * not initialized simply disconnect (done if this function
880 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
882 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
888 case SMP_CMD_PAIRING_REQ
:
889 reason
= smp_cmd_pairing_req(conn
, skb
);
892 case SMP_CMD_PAIRING_FAIL
:
893 smp_failure(conn
, skb
->data
[0], 0);
898 case SMP_CMD_PAIRING_RSP
:
899 reason
= smp_cmd_pairing_rsp(conn
, skb
);
902 case SMP_CMD_SECURITY_REQ
:
903 reason
= smp_cmd_security_req(conn
, skb
);
906 case SMP_CMD_PAIRING_CONFIRM
:
907 reason
= smp_cmd_pairing_confirm(conn
, skb
);
910 case SMP_CMD_PAIRING_RANDOM
:
911 reason
= smp_cmd_pairing_random(conn
, skb
);
914 case SMP_CMD_ENCRYPT_INFO
:
915 reason
= smp_cmd_encrypt_info(conn
, skb
);
918 case SMP_CMD_MASTER_IDENT
:
919 reason
= smp_cmd_master_ident(conn
, skb
);
922 case SMP_CMD_IDENT_INFO
:
923 case SMP_CMD_IDENT_ADDR_INFO
:
924 case SMP_CMD_SIGN_INFO
:
930 BT_DBG("Unknown command code 0x%2.2x", code
);
932 reason
= SMP_CMD_NOTSUPP
;
939 smp_failure(conn
, reason
, 1);
945 int smp_distribute_keys(struct l2cap_conn
*conn
, __u8 force
)
947 struct smp_cmd_pairing
*req
, *rsp
;
948 struct smp_chan
*smp
= conn
->smp_chan
;
951 BT_DBG("conn %p force %d", conn
, force
);
953 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
956 rsp
= (void *) &smp
->prsp
[1];
958 /* The responder sends its keys first */
959 if (!force
&& conn
->hcon
->out
&& (rsp
->resp_key_dist
& 0x07))
962 req
= (void *) &smp
->preq
[1];
964 if (conn
->hcon
->out
) {
965 keydist
= &rsp
->init_key_dist
;
966 *keydist
&= req
->init_key_dist
;
968 keydist
= &rsp
->resp_key_dist
;
969 *keydist
&= req
->resp_key_dist
;
973 BT_DBG("keydist 0x%x", *keydist
);
975 if (*keydist
& SMP_DIST_ENC_KEY
) {
976 struct smp_cmd_encrypt_info enc
;
977 struct smp_cmd_master_ident ident
;
978 struct hci_conn
*hcon
= conn
->hcon
;
982 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
983 get_random_bytes(&ediv
, sizeof(ediv
));
984 get_random_bytes(ident
.rand
, sizeof(ident
.rand
));
986 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
988 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
989 hci_add_ltk(conn
->hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
990 HCI_SMP_LTK_SLAVE
, 1, authenticated
,
991 enc
.ltk
, smp
->enc_key_size
, ediv
, ident
.rand
);
995 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
997 *keydist
&= ~SMP_DIST_ENC_KEY
;
1000 if (*keydist
& SMP_DIST_ID_KEY
) {
1001 struct smp_cmd_ident_addr_info addrinfo
;
1002 struct smp_cmd_ident_info idinfo
;
1004 /* Send a dummy key */
1005 get_random_bytes(idinfo
.irk
, sizeof(idinfo
.irk
));
1007 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
1009 /* Just public address */
1010 memset(&addrinfo
, 0, sizeof(addrinfo
));
1011 bacpy(&addrinfo
.bdaddr
, conn
->src
);
1013 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
1016 *keydist
&= ~SMP_DIST_ID_KEY
;
1019 if (*keydist
& SMP_DIST_SIGN
) {
1020 struct smp_cmd_sign_info sign
;
1022 /* Send a dummy key */
1023 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
1025 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
1027 *keydist
&= ~SMP_DIST_SIGN
;
1030 if (conn
->hcon
->out
|| force
) {
1031 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
1032 cancel_delayed_work_sync(&conn
->security_timer
);
1033 smp_chan_destroy(conn
);