2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31 #include <net/bluetooth/smp.h>
33 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35 #define AUTH_REQ_MASK 0x07
37 static inline void swap128(u8 src
[16], u8 dst
[16])
40 for (i
= 0; i
< 16; i
++)
44 static inline void swap56(u8 src
[7], u8 dst
[7])
47 for (i
= 0; i
< 7; i
++)
51 static int smp_e(struct crypto_blkcipher
*tfm
, const u8
*k
, u8
*r
)
53 struct blkcipher_desc desc
;
54 struct scatterlist sg
;
56 unsigned char iv
[128];
59 BT_ERR("tfm %p", tfm
);
66 err
= crypto_blkcipher_setkey(tfm
, k
, 16);
68 BT_ERR("cipher setkey failed: %d", err
);
72 sg_init_one(&sg
, r
, 16);
74 iv_len
= crypto_blkcipher_ivsize(tfm
);
76 memset(&iv
, 0xff, iv_len
);
77 crypto_blkcipher_set_iv(tfm
, iv
, iv_len
);
80 err
= crypto_blkcipher_encrypt(&desc
, &sg
, &sg
, 16);
82 BT_ERR("Encrypt data error %d", err
);
87 static int smp_c1(struct crypto_blkcipher
*tfm
, u8 k
[16], u8 r
[16],
88 u8 preq
[7], u8 pres
[7], u8 _iat
, bdaddr_t
*ia
,
89 u8 _rat
, bdaddr_t
*ra
, u8 res
[16])
96 /* p1 = pres || preq || _rat || _iat */
104 /* p2 = padding || ia || ra */
105 baswap((bdaddr_t
*) (p2
+ 4), ia
);
106 baswap((bdaddr_t
*) (p2
+ 10), ra
);
109 u128_xor((u128
*) res
, (u128
*) r
, (u128
*) p1
);
111 /* res = e(k, res) */
112 err
= smp_e(tfm
, k
, res
);
114 BT_ERR("Encrypt data error");
118 /* res = res XOR p2 */
119 u128_xor((u128
*) res
, (u128
*) res
, (u128
*) p2
);
121 /* res = e(k, res) */
122 err
= smp_e(tfm
, k
, res
);
124 BT_ERR("Encrypt data error");
129 static int smp_s1(struct crypto_blkcipher
*tfm
, u8 k
[16],
130 u8 r1
[16], u8 r2
[16], u8 _r
[16])
134 /* Just least significant octets from r1 and r2 are considered */
135 memcpy(_r
, r1
+ 8, 8);
136 memcpy(_r
+ 8, r2
+ 8, 8);
138 err
= smp_e(tfm
, k
, _r
);
140 BT_ERR("Encrypt data error");
145 static int smp_rand(u8
*buf
)
147 get_random_bytes(buf
, 16);
152 static struct sk_buff
*smp_build_cmd(struct l2cap_conn
*conn
, u8 code
,
153 u16 dlen
, void *data
)
156 struct l2cap_hdr
*lh
;
159 len
= L2CAP_HDR_SIZE
+ sizeof(code
) + dlen
;
164 skb
= bt_skb_alloc(len
, GFP_ATOMIC
);
168 lh
= (struct l2cap_hdr
*) skb_put(skb
, L2CAP_HDR_SIZE
);
169 lh
->len
= cpu_to_le16(sizeof(code
) + dlen
);
170 lh
->cid
= __constant_cpu_to_le16(L2CAP_CID_SMP
);
172 memcpy(skb_put(skb
, sizeof(code
)), &code
, sizeof(code
));
174 memcpy(skb_put(skb
, dlen
), data
, dlen
);
179 static void smp_send_cmd(struct l2cap_conn
*conn
, u8 code
, u16 len
, void *data
)
181 struct sk_buff
*skb
= smp_build_cmd(conn
, code
, len
, data
);
183 BT_DBG("code 0x%2.2x", code
);
188 skb
->priority
= HCI_PRIO_MAX
;
189 hci_send_acl(conn
->hchan
, skb
, 0);
191 cancel_delayed_work_sync(&conn
->security_timer
);
192 schedule_delayed_work(&conn
->security_timer
, SMP_TIMEOUT
);
195 static __u8
authreq_to_seclevel(__u8 authreq
)
197 if (authreq
& SMP_AUTH_MITM
)
198 return BT_SECURITY_HIGH
;
200 return BT_SECURITY_MEDIUM
;
203 static __u8
seclevel_to_authreq(__u8 sec_level
)
206 case BT_SECURITY_HIGH
:
207 return SMP_AUTH_MITM
| SMP_AUTH_BONDING
;
208 case BT_SECURITY_MEDIUM
:
209 return SMP_AUTH_BONDING
;
211 return SMP_AUTH_NONE
;
215 static void build_pairing_cmd(struct l2cap_conn
*conn
,
216 struct smp_cmd_pairing
*req
,
217 struct smp_cmd_pairing
*rsp
,
222 if (test_bit(HCI_PAIRABLE
, &conn
->hcon
->hdev
->dev_flags
)) {
223 dist_keys
= SMP_DIST_ENC_KEY
;
224 authreq
|= SMP_AUTH_BONDING
;
226 authreq
&= ~SMP_AUTH_BONDING
;
230 req
->io_capability
= conn
->hcon
->io_capability
;
231 req
->oob_flag
= SMP_OOB_NOT_PRESENT
;
232 req
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
233 req
->init_key_dist
= 0;
234 req
->resp_key_dist
= dist_keys
;
235 req
->auth_req
= (authreq
& AUTH_REQ_MASK
);
239 rsp
->io_capability
= conn
->hcon
->io_capability
;
240 rsp
->oob_flag
= SMP_OOB_NOT_PRESENT
;
241 rsp
->max_key_size
= SMP_MAX_ENC_KEY_SIZE
;
242 rsp
->init_key_dist
= 0;
243 rsp
->resp_key_dist
= req
->resp_key_dist
& dist_keys
;
244 rsp
->auth_req
= (authreq
& AUTH_REQ_MASK
);
247 static u8
check_enc_key_size(struct l2cap_conn
*conn
, __u8 max_key_size
)
249 struct smp_chan
*smp
= conn
->smp_chan
;
251 if ((max_key_size
> SMP_MAX_ENC_KEY_SIZE
) ||
252 (max_key_size
< SMP_MIN_ENC_KEY_SIZE
))
253 return SMP_ENC_KEY_SIZE
;
255 smp
->enc_key_size
= max_key_size
;
260 static void smp_failure(struct l2cap_conn
*conn
, u8 reason
, u8 send
)
262 struct hci_conn
*hcon
= conn
->hcon
;
265 smp_send_cmd(conn
, SMP_CMD_PAIRING_FAIL
, sizeof(reason
),
268 clear_bit(HCI_CONN_ENCRYPT_PEND
, &conn
->hcon
->flags
);
269 mgmt_auth_failed(conn
->hcon
->hdev
, conn
->dst
, hcon
->type
,
270 hcon
->dst_type
, HCI_ERROR_AUTH_FAILURE
);
272 cancel_delayed_work_sync(&conn
->security_timer
);
274 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
275 smp_chan_destroy(conn
);
278 #define JUST_WORKS 0x00
279 #define JUST_CFM 0x01
280 #define REQ_PASSKEY 0x02
281 #define CFM_PASSKEY 0x03
285 static const u8 gen_method
[5][5] = {
286 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
287 { JUST_WORKS
, JUST_CFM
, REQ_PASSKEY
, JUST_WORKS
, REQ_PASSKEY
},
288 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, CFM_PASSKEY
},
289 { JUST_WORKS
, JUST_CFM
, JUST_WORKS
, JUST_WORKS
, JUST_CFM
},
290 { CFM_PASSKEY
, CFM_PASSKEY
, REQ_PASSKEY
, JUST_WORKS
, OVERLAP
},
293 static int tk_request(struct l2cap_conn
*conn
, u8 remote_oob
, u8 auth
,
294 u8 local_io
, u8 remote_io
)
296 struct hci_conn
*hcon
= conn
->hcon
;
297 struct smp_chan
*smp
= conn
->smp_chan
;
302 /* Initialize key for JUST WORKS */
303 memset(smp
->tk
, 0, sizeof(smp
->tk
));
304 clear_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
306 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth
, local_io
, remote_io
);
308 /* If neither side wants MITM, use JUST WORKS */
309 /* If either side has unknown io_caps, use JUST WORKS */
310 /* Otherwise, look up method from the table */
311 if (!(auth
& SMP_AUTH_MITM
) ||
312 local_io
> SMP_IO_KEYBOARD_DISPLAY
||
313 remote_io
> SMP_IO_KEYBOARD_DISPLAY
)
316 method
= gen_method
[remote_io
][local_io
];
318 /* If not bonding, don't ask user to confirm a Zero TK */
319 if (!(auth
& SMP_AUTH_BONDING
) && method
== JUST_CFM
)
322 /* If Just Works, Continue with Zero TK */
323 if (method
== JUST_WORKS
) {
324 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
328 /* Not Just Works/Confirm results in MITM Authentication */
329 if (method
!= JUST_CFM
)
330 set_bit(SMP_FLAG_MITM_AUTH
, &smp
->smp_flags
);
332 /* If both devices have Keyoard-Display I/O, the master
333 * Confirms and the slave Enters the passkey.
335 if (method
== OVERLAP
) {
336 if (hcon
->link_mode
& HCI_LM_MASTER
)
337 method
= CFM_PASSKEY
;
339 method
= REQ_PASSKEY
;
342 /* Generate random passkey. Not valid until confirmed. */
343 if (method
== CFM_PASSKEY
) {
346 memset(key
, 0, sizeof(key
));
347 get_random_bytes(&passkey
, sizeof(passkey
));
349 put_unaligned_le32(passkey
, key
);
350 swap128(key
, smp
->tk
);
351 BT_DBG("PassKey: %d", passkey
);
354 hci_dev_lock(hcon
->hdev
);
356 if (method
== REQ_PASSKEY
)
357 ret
= mgmt_user_passkey_request(hcon
->hdev
, conn
->dst
,
358 hcon
->type
, hcon
->dst_type
);
360 ret
= mgmt_user_confirm_request(hcon
->hdev
, conn
->dst
,
361 hcon
->type
, hcon
->dst_type
,
362 cpu_to_le32(passkey
), 0);
364 hci_dev_unlock(hcon
->hdev
);
369 static void confirm_work(struct work_struct
*work
)
371 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, confirm
);
372 struct l2cap_conn
*conn
= smp
->conn
;
373 struct crypto_blkcipher
*tfm
;
374 struct smp_cmd_pairing_confirm cp
;
378 BT_DBG("conn %p", conn
);
380 tfm
= crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC
);
382 reason
= SMP_UNSPECIFIED
;
389 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
, 0,
390 conn
->src
, conn
->hcon
->dst_type
, conn
->dst
, res
);
392 ret
= smp_c1(tfm
, smp
->tk
, smp
->prnd
, smp
->preq
, smp
->prsp
,
393 conn
->hcon
->dst_type
, conn
->dst
, 0, conn
->src
,
396 reason
= SMP_UNSPECIFIED
;
400 clear_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
402 swap128(res
, cp
.confirm_val
);
403 smp_send_cmd(smp
->conn
, SMP_CMD_PAIRING_CONFIRM
, sizeof(cp
), &cp
);
408 smp_failure(conn
, reason
, 1);
411 static void random_work(struct work_struct
*work
)
413 struct smp_chan
*smp
= container_of(work
, struct smp_chan
, random
);
414 struct l2cap_conn
*conn
= smp
->conn
;
415 struct hci_conn
*hcon
= conn
->hcon
;
416 struct crypto_blkcipher
*tfm
= smp
->tfm
;
417 u8 reason
, confirm
[16], res
[16], key
[16];
420 if (IS_ERR_OR_NULL(tfm
)) {
421 reason
= SMP_UNSPECIFIED
;
425 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
428 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
, 0,
429 conn
->src
, hcon
->dst_type
, conn
->dst
, res
);
431 ret
= smp_c1(tfm
, smp
->tk
, smp
->rrnd
, smp
->preq
, smp
->prsp
,
432 hcon
->dst_type
, conn
->dst
, 0, conn
->src
, res
);
434 reason
= SMP_UNSPECIFIED
;
438 swap128(res
, confirm
);
440 if (memcmp(smp
->pcnf
, confirm
, sizeof(smp
->pcnf
)) != 0) {
441 BT_ERR("Pairing failed (confirmation values mismatch)");
442 reason
= SMP_CONFIRM_FAILED
;
450 memset(rand
, 0, sizeof(rand
));
453 smp_s1(tfm
, smp
->tk
, smp
->rrnd
, smp
->prnd
, key
);
456 memset(stk
+ smp
->enc_key_size
, 0,
457 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
459 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
)) {
460 reason
= SMP_UNSPECIFIED
;
464 hci_le_start_enc(hcon
, ediv
, rand
, stk
);
465 hcon
->enc_key_size
= smp
->enc_key_size
;
467 u8 stk
[16], r
[16], rand
[8];
470 memset(rand
, 0, sizeof(rand
));
473 swap128(smp
->prnd
, r
);
474 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(r
), r
);
476 smp_s1(tfm
, smp
->tk
, smp
->prnd
, smp
->rrnd
, key
);
479 memset(stk
+ smp
->enc_key_size
, 0,
480 SMP_MAX_ENC_KEY_SIZE
- smp
->enc_key_size
);
482 hci_add_ltk(hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
483 HCI_SMP_STK_SLAVE
, 0, 0, stk
, smp
->enc_key_size
,
490 smp_failure(conn
, reason
, 1);
493 static struct smp_chan
*smp_chan_create(struct l2cap_conn
*conn
)
495 struct smp_chan
*smp
;
497 smp
= kzalloc(sizeof(struct smp_chan
), GFP_ATOMIC
);
501 INIT_WORK(&smp
->confirm
, confirm_work
);
502 INIT_WORK(&smp
->random
, random_work
);
505 conn
->smp_chan
= smp
;
506 conn
->hcon
->smp_conn
= conn
;
508 hci_conn_hold(conn
->hcon
);
513 void smp_chan_destroy(struct l2cap_conn
*conn
)
515 struct smp_chan
*smp
= conn
->smp_chan
;
520 crypto_free_blkcipher(smp
->tfm
);
523 conn
->smp_chan
= NULL
;
524 conn
->hcon
->smp_conn
= NULL
;
525 hci_conn_drop(conn
->hcon
);
528 int smp_user_confirm_reply(struct hci_conn
*hcon
, u16 mgmt_op
, __le32 passkey
)
530 struct l2cap_conn
*conn
= hcon
->smp_conn
;
531 struct smp_chan
*smp
;
540 smp
= conn
->smp_chan
;
543 case MGMT_OP_USER_PASSKEY_REPLY
:
544 value
= le32_to_cpu(passkey
);
545 memset(key
, 0, sizeof(key
));
546 BT_DBG("PassKey: %d", value
);
547 put_unaligned_le32(value
, key
);
548 swap128(key
, smp
->tk
);
550 case MGMT_OP_USER_CONFIRM_REPLY
:
551 set_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
);
553 case MGMT_OP_USER_PASSKEY_NEG_REPLY
:
554 case MGMT_OP_USER_CONFIRM_NEG_REPLY
:
555 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
, 1);
558 smp_failure(conn
, SMP_PASSKEY_ENTRY_FAILED
, 1);
562 /* If it is our turn to send Pairing Confirm, do so now */
563 if (test_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
))
564 queue_work(hcon
->hdev
->workqueue
, &smp
->confirm
);
569 static u8
smp_cmd_pairing_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
571 struct smp_cmd_pairing rsp
, *req
= (void *) skb
->data
;
572 struct smp_chan
*smp
;
574 u8 auth
= SMP_AUTH_NONE
;
577 BT_DBG("conn %p", conn
);
579 if (conn
->hcon
->link_mode
& HCI_LM_MASTER
)
580 return SMP_CMD_NOTSUPP
;
582 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
583 smp
= smp_chan_create(conn
);
585 smp
= conn
->smp_chan
;
588 return SMP_UNSPECIFIED
;
590 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
591 memcpy(&smp
->preq
[1], req
, sizeof(*req
));
592 skb_pull(skb
, sizeof(*req
));
594 /* We didn't start the pairing, so match remote */
595 if (req
->auth_req
& SMP_AUTH_BONDING
)
596 auth
= req
->auth_req
;
598 conn
->hcon
->pending_sec_level
= authreq_to_seclevel(auth
);
600 build_pairing_cmd(conn
, req
, &rsp
, auth
);
602 key_size
= min(req
->max_key_size
, rsp
.max_key_size
);
603 if (check_enc_key_size(conn
, key_size
))
604 return SMP_ENC_KEY_SIZE
;
606 ret
= smp_rand(smp
->prnd
);
608 return SMP_UNSPECIFIED
;
610 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
611 memcpy(&smp
->prsp
[1], &rsp
, sizeof(rsp
));
613 smp_send_cmd(conn
, SMP_CMD_PAIRING_RSP
, sizeof(rsp
), &rsp
);
615 /* Request setup of TK */
616 ret
= tk_request(conn
, 0, auth
, rsp
.io_capability
, req
->io_capability
);
618 return SMP_UNSPECIFIED
;
623 static u8
smp_cmd_pairing_rsp(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
625 struct smp_cmd_pairing
*req
, *rsp
= (void *) skb
->data
;
626 struct smp_chan
*smp
= conn
->smp_chan
;
627 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
628 u8 key_size
, auth
= SMP_AUTH_NONE
;
631 BT_DBG("conn %p", conn
);
633 if (!(conn
->hcon
->link_mode
& HCI_LM_MASTER
))
634 return SMP_CMD_NOTSUPP
;
636 skb_pull(skb
, sizeof(*rsp
));
638 req
= (void *) &smp
->preq
[1];
640 key_size
= min(req
->max_key_size
, rsp
->max_key_size
);
641 if (check_enc_key_size(conn
, key_size
))
642 return SMP_ENC_KEY_SIZE
;
644 ret
= smp_rand(smp
->prnd
);
646 return SMP_UNSPECIFIED
;
648 smp
->prsp
[0] = SMP_CMD_PAIRING_RSP
;
649 memcpy(&smp
->prsp
[1], rsp
, sizeof(*rsp
));
651 if ((req
->auth_req
& SMP_AUTH_BONDING
) &&
652 (rsp
->auth_req
& SMP_AUTH_BONDING
))
653 auth
= SMP_AUTH_BONDING
;
655 auth
|= (req
->auth_req
| rsp
->auth_req
) & SMP_AUTH_MITM
;
657 ret
= tk_request(conn
, 0, auth
, req
->io_capability
, rsp
->io_capability
);
659 return SMP_UNSPECIFIED
;
661 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
663 /* Can't compose response until we have been confirmed */
664 if (!test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
))
667 queue_work(hdev
->workqueue
, &smp
->confirm
);
672 static u8
smp_cmd_pairing_confirm(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
674 struct smp_chan
*smp
= conn
->smp_chan
;
675 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
677 BT_DBG("conn %p %s", conn
, conn
->hcon
->out
? "master" : "slave");
679 memcpy(smp
->pcnf
, skb
->data
, sizeof(smp
->pcnf
));
680 skb_pull(skb
, sizeof(smp
->pcnf
));
682 if (conn
->hcon
->out
) {
685 swap128(smp
->prnd
, random
);
686 smp_send_cmd(conn
, SMP_CMD_PAIRING_RANDOM
, sizeof(random
),
688 } else if (test_bit(SMP_FLAG_TK_VALID
, &smp
->smp_flags
)) {
689 queue_work(hdev
->workqueue
, &smp
->confirm
);
691 set_bit(SMP_FLAG_CFM_PENDING
, &smp
->smp_flags
);
697 static u8
smp_cmd_pairing_random(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
699 struct smp_chan
*smp
= conn
->smp_chan
;
700 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
702 BT_DBG("conn %p", conn
);
704 swap128(skb
->data
, smp
->rrnd
);
705 skb_pull(skb
, sizeof(smp
->rrnd
));
707 queue_work(hdev
->workqueue
, &smp
->random
);
712 static u8
smp_ltk_encrypt(struct l2cap_conn
*conn
, u8 sec_level
)
715 struct hci_conn
*hcon
= conn
->hcon
;
717 key
= hci_find_ltk_by_addr(hcon
->hdev
, conn
->dst
, hcon
->dst_type
);
721 if (sec_level
> BT_SECURITY_MEDIUM
&& !key
->authenticated
)
724 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND
, &hcon
->flags
))
727 hci_le_start_enc(hcon
, key
->ediv
, key
->rand
, key
->val
);
728 hcon
->enc_key_size
= key
->enc_size
;
733 static u8
smp_cmd_security_req(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
735 struct smp_cmd_security_req
*rp
= (void *) skb
->data
;
736 struct smp_cmd_pairing cp
;
737 struct hci_conn
*hcon
= conn
->hcon
;
738 struct smp_chan
*smp
;
740 BT_DBG("conn %p", conn
);
742 hcon
->pending_sec_level
= authreq_to_seclevel(rp
->auth_req
);
744 if (smp_ltk_encrypt(conn
, hcon
->pending_sec_level
))
747 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
750 smp
= smp_chan_create(conn
);
752 skb_pull(skb
, sizeof(*rp
));
754 memset(&cp
, 0, sizeof(cp
));
755 build_pairing_cmd(conn
, &cp
, NULL
, rp
->auth_req
);
757 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
758 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
760 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
765 int smp_conn_security(struct hci_conn
*hcon
, __u8 sec_level
)
767 struct l2cap_conn
*conn
= hcon
->l2cap_data
;
768 struct smp_chan
*smp
= conn
->smp_chan
;
771 BT_DBG("conn %p hcon %p level 0x%2.2x", conn
, hcon
, sec_level
);
773 if (!test_bit(HCI_LE_ENABLED
, &hcon
->hdev
->dev_flags
))
776 if (sec_level
== BT_SECURITY_LOW
)
779 if (hcon
->sec_level
>= sec_level
)
782 if (hcon
->link_mode
& HCI_LM_MASTER
)
783 if (smp_ltk_encrypt(conn
, sec_level
))
786 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND
, &hcon
->flags
))
789 smp
= smp_chan_create(conn
);
793 authreq
= seclevel_to_authreq(sec_level
);
795 if (hcon
->link_mode
& HCI_LM_MASTER
) {
796 struct smp_cmd_pairing cp
;
798 build_pairing_cmd(conn
, &cp
, NULL
, authreq
);
799 smp
->preq
[0] = SMP_CMD_PAIRING_REQ
;
800 memcpy(&smp
->preq
[1], &cp
, sizeof(cp
));
802 smp_send_cmd(conn
, SMP_CMD_PAIRING_REQ
, sizeof(cp
), &cp
);
804 struct smp_cmd_security_req cp
;
805 cp
.auth_req
= authreq
;
806 smp_send_cmd(conn
, SMP_CMD_SECURITY_REQ
, sizeof(cp
), &cp
);
810 hcon
->pending_sec_level
= sec_level
;
815 static int smp_cmd_encrypt_info(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
817 struct smp_cmd_encrypt_info
*rp
= (void *) skb
->data
;
818 struct smp_chan
*smp
= conn
->smp_chan
;
820 skb_pull(skb
, sizeof(*rp
));
822 memcpy(smp
->tk
, rp
->ltk
, sizeof(smp
->tk
));
827 static int smp_cmd_master_ident(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
829 struct smp_cmd_master_ident
*rp
= (void *) skb
->data
;
830 struct smp_chan
*smp
= conn
->smp_chan
;
831 struct hci_dev
*hdev
= conn
->hcon
->hdev
;
832 struct hci_conn
*hcon
= conn
->hcon
;
835 skb_pull(skb
, sizeof(*rp
));
838 authenticated
= (conn
->hcon
->sec_level
== BT_SECURITY_HIGH
);
839 hci_add_ltk(conn
->hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
840 HCI_SMP_LTK
, 1, authenticated
, smp
->tk
, smp
->enc_key_size
,
842 smp_distribute_keys(conn
, 1);
843 hci_dev_unlock(hdev
);
848 int smp_sig_channel(struct l2cap_conn
*conn
, struct sk_buff
*skb
)
850 __u8 code
= skb
->data
[0];
854 if (!test_bit(HCI_LE_ENABLED
, &conn
->hcon
->hdev
->dev_flags
)) {
856 reason
= SMP_PAIRING_NOTSUPP
;
860 skb_pull(skb
, sizeof(code
));
863 * The SMP context must be initialized for all other PDUs except
864 * pairing and security requests. If we get any other PDU when
865 * not initialized simply disconnect (done if this function
868 if (code
!= SMP_CMD_PAIRING_REQ
&& code
!= SMP_CMD_SECURITY_REQ
&&
870 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code
);
876 case SMP_CMD_PAIRING_REQ
:
877 reason
= smp_cmd_pairing_req(conn
, skb
);
880 case SMP_CMD_PAIRING_FAIL
:
881 smp_failure(conn
, skb
->data
[0], 0);
886 case SMP_CMD_PAIRING_RSP
:
887 reason
= smp_cmd_pairing_rsp(conn
, skb
);
890 case SMP_CMD_SECURITY_REQ
:
891 reason
= smp_cmd_security_req(conn
, skb
);
894 case SMP_CMD_PAIRING_CONFIRM
:
895 reason
= smp_cmd_pairing_confirm(conn
, skb
);
898 case SMP_CMD_PAIRING_RANDOM
:
899 reason
= smp_cmd_pairing_random(conn
, skb
);
902 case SMP_CMD_ENCRYPT_INFO
:
903 reason
= smp_cmd_encrypt_info(conn
, skb
);
906 case SMP_CMD_MASTER_IDENT
:
907 reason
= smp_cmd_master_ident(conn
, skb
);
910 case SMP_CMD_IDENT_INFO
:
911 case SMP_CMD_IDENT_ADDR_INFO
:
912 case SMP_CMD_SIGN_INFO
:
918 BT_DBG("Unknown command code 0x%2.2x", code
);
920 reason
= SMP_CMD_NOTSUPP
;
927 smp_failure(conn
, reason
, 1);
933 int smp_distribute_keys(struct l2cap_conn
*conn
, __u8 force
)
935 struct smp_cmd_pairing
*req
, *rsp
;
936 struct smp_chan
*smp
= conn
->smp_chan
;
939 BT_DBG("conn %p force %d", conn
, force
);
941 if (!test_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
))
944 rsp
= (void *) &smp
->prsp
[1];
946 /* The responder sends its keys first */
947 if (!force
&& conn
->hcon
->out
&& (rsp
->resp_key_dist
& 0x07))
950 req
= (void *) &smp
->preq
[1];
952 if (conn
->hcon
->out
) {
953 keydist
= &rsp
->init_key_dist
;
954 *keydist
&= req
->init_key_dist
;
956 keydist
= &rsp
->resp_key_dist
;
957 *keydist
&= req
->resp_key_dist
;
961 BT_DBG("keydist 0x%x", *keydist
);
963 if (*keydist
& SMP_DIST_ENC_KEY
) {
964 struct smp_cmd_encrypt_info enc
;
965 struct smp_cmd_master_ident ident
;
966 struct hci_conn
*hcon
= conn
->hcon
;
970 get_random_bytes(enc
.ltk
, sizeof(enc
.ltk
));
971 get_random_bytes(&ediv
, sizeof(ediv
));
972 get_random_bytes(ident
.rand
, sizeof(ident
.rand
));
974 smp_send_cmd(conn
, SMP_CMD_ENCRYPT_INFO
, sizeof(enc
), &enc
);
976 authenticated
= hcon
->sec_level
== BT_SECURITY_HIGH
;
977 hci_add_ltk(conn
->hcon
->hdev
, conn
->dst
, hcon
->dst_type
,
978 HCI_SMP_LTK_SLAVE
, 1, authenticated
,
979 enc
.ltk
, smp
->enc_key_size
, ediv
, ident
.rand
);
983 smp_send_cmd(conn
, SMP_CMD_MASTER_IDENT
, sizeof(ident
), &ident
);
985 *keydist
&= ~SMP_DIST_ENC_KEY
;
988 if (*keydist
& SMP_DIST_ID_KEY
) {
989 struct smp_cmd_ident_addr_info addrinfo
;
990 struct smp_cmd_ident_info idinfo
;
992 /* Send a dummy key */
993 get_random_bytes(idinfo
.irk
, sizeof(idinfo
.irk
));
995 smp_send_cmd(conn
, SMP_CMD_IDENT_INFO
, sizeof(idinfo
), &idinfo
);
997 /* Just public address */
998 memset(&addrinfo
, 0, sizeof(addrinfo
));
999 bacpy(&addrinfo
.bdaddr
, conn
->src
);
1001 smp_send_cmd(conn
, SMP_CMD_IDENT_ADDR_INFO
, sizeof(addrinfo
),
1004 *keydist
&= ~SMP_DIST_ID_KEY
;
1007 if (*keydist
& SMP_DIST_SIGN
) {
1008 struct smp_cmd_sign_info sign
;
1010 /* Send a dummy key */
1011 get_random_bytes(sign
.csrk
, sizeof(sign
.csrk
));
1013 smp_send_cmd(conn
, SMP_CMD_SIGN_INFO
, sizeof(sign
), &sign
);
1015 *keydist
&= ~SMP_DIST_SIGN
;
1018 if (conn
->hcon
->out
|| force
) {
1019 clear_bit(HCI_CONN_LE_SMP_PEND
, &conn
->hcon
->flags
);
1020 cancel_delayed_work_sync(&conn
->security_timer
);
1021 smp_chan_destroy(conn
);