linux/net/bluetooth/smp.c
<<
>>
Prefs
   1/*
   2   BlueZ - Bluetooth protocol stack for Linux
   3   Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
   4
   5   This program is free software; you can redistribute it and/or modify
   6   it under the terms of the GNU General Public License version 2 as
   7   published by the Free Software Foundation;
   8
   9   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
  10   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  11   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
  12   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
  13   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
  14   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  15   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  16   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  17
  18   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
  19   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
  20   SOFTWARE IS DISCLAIMED.
  21*/
  22
  23#include <linux/crypto.h>
  24#include <linux/scatterlist.h>
  25#include <crypto/b128ops.h>
  26
  27#include <net/bluetooth/bluetooth.h>
  28#include <net/bluetooth/hci_core.h>
  29#include <net/bluetooth/l2cap.h>
  30#include <net/bluetooth/mgmt.h>
  31#include <net/bluetooth/smp.h>
  32
  33#define SMP_TIMEOUT     msecs_to_jiffies(30000)
  34
  35#define AUTH_REQ_MASK   0x07
  36
  37static inline void swap128(u8 src[16], u8 dst[16])
  38{
  39        int i;
  40        for (i = 0; i < 16; i++)
  41                dst[15 - i] = src[i];
  42}
  43
  44static inline void swap56(u8 src[7], u8 dst[7])
  45{
  46        int i;
  47        for (i = 0; i < 7; i++)
  48                dst[6 - i] = src[i];
  49}
  50
  51static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
  52{
  53        struct blkcipher_desc desc;
  54        struct scatterlist sg;
  55        int err, iv_len;
  56        unsigned char iv[128];
  57
  58        if (tfm == NULL) {
  59                BT_ERR("tfm %p", tfm);
  60                return -EINVAL;
  61        }
  62
  63        desc.tfm = tfm;
  64        desc.flags = 0;
  65
  66        err = crypto_blkcipher_setkey(tfm, k, 16);
  67        if (err) {
  68                BT_ERR("cipher setkey failed: %d", err);
  69                return err;
  70        }
  71
  72        sg_init_one(&sg, r, 16);
  73
  74        iv_len = crypto_blkcipher_ivsize(tfm);
  75        if (iv_len) {
  76                memset(&iv, 0xff, iv_len);
  77                crypto_blkcipher_set_iv(tfm, iv, iv_len);
  78        }
  79
  80        err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
  81        if (err)
  82                BT_ERR("Encrypt data error %d", err);
  83
  84        return err;
  85}
  86
  87static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
  88                u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
  89                u8 _rat, bdaddr_t *ra, u8 res[16])
  90{
  91        u8 p1[16], p2[16];
  92        int err;
  93
  94        memset(p1, 0, 16);
  95
  96        /* p1 = pres || preq || _rat || _iat */
  97        swap56(pres, p1);
  98        swap56(preq, p1 + 7);
  99        p1[14] = _rat;
 100        p1[15] = _iat;
 101
 102        memset(p2, 0, 16);
 103
 104        /* p2 = padding || ia || ra */
 105        baswap((bdaddr_t *) (p2 + 4), ia);
 106        baswap((bdaddr_t *) (p2 + 10), ra);
 107
 108        /* res = r XOR p1 */
 109        u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
 110
 111        /* res = e(k, res) */
 112        err = smp_e(tfm, k, res);
 113        if (err) {
 114                BT_ERR("Encrypt data error");
 115                return err;
 116        }
 117
 118        /* res = res XOR p2 */
 119        u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
 120
 121        /* res = e(k, res) */
 122        err = smp_e(tfm, k, res);
 123        if (err)
 124                BT_ERR("Encrypt data error");
 125
 126        return err;
 127}
 128
 129static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
 130                        u8 r1[16], u8 r2[16], u8 _r[16])
 131{
 132        int err;
 133
 134        /* Just least significant octets from r1 and r2 are considered */
 135        memcpy(_r, r1 + 8, 8);
 136        memcpy(_r + 8, r2 + 8, 8);
 137
 138        err = smp_e(tfm, k, _r);
 139        if (err)
 140                BT_ERR("Encrypt data error");
 141
 142        return err;
 143}
 144
 145static int smp_rand(u8 *buf)
 146{
 147        get_random_bytes(buf, 16);
 148
 149        return 0;
 150}
 151
 152static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
 153                                                u16 dlen, void *data)
 154{
 155        struct sk_buff *skb;
 156        struct l2cap_hdr *lh;
 157        int len;
 158
 159        len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
 160
 161        if (len > conn->mtu)
 162                return NULL;
 163
 164        skb = bt_skb_alloc(len, GFP_ATOMIC);
 165        if (!skb)
 166                return NULL;
 167
 168        lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
 169        lh->len = cpu_to_le16(sizeof(code) + dlen);
 170        lh->cid = cpu_to_le16(L2CAP_CID_SMP);
 171
 172        memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
 173
 174        memcpy(skb_put(skb, dlen), data, dlen);
 175
 176        return skb;
 177}
 178
 179static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
 180{
 181        struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
 182
 183        BT_DBG("code 0x%2.2x", code);
 184
 185        if (!skb)
 186                return;
 187
 188        skb->priority = HCI_PRIO_MAX;
 189        hci_send_acl(conn->hchan, skb, 0);
 190
 191        cancel_delayed_work_sync(&conn->security_timer);
 192        schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
 193}
 194
 195static __u8 authreq_to_seclevel(__u8 authreq)
 196{
 197        if (authreq & SMP_AUTH_MITM)
 198                return BT_SECURITY_HIGH;
 199        else
 200                return BT_SECURITY_MEDIUM;
 201}
 202
 203static __u8 seclevel_to_authreq(__u8 sec_level)
 204{
 205        switch (sec_level) {
 206        case BT_SECURITY_HIGH:
 207                return SMP_AUTH_MITM | SMP_AUTH_BONDING;
 208        case BT_SECURITY_MEDIUM:
 209                return SMP_AUTH_BONDING;
 210        default:
 211                return SMP_AUTH_NONE;
 212        }
 213}
 214
 215static void build_pairing_cmd(struct l2cap_conn *conn,
 216                                struct smp_cmd_pairing *req,
 217                                struct smp_cmd_pairing *rsp,
 218                                __u8 authreq)
 219{
 220        u8 dist_keys = 0;
 221
 222        if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
 223                dist_keys = SMP_DIST_ENC_KEY;
 224                authreq |= SMP_AUTH_BONDING;
 225        } else {
 226                authreq &= ~SMP_AUTH_BONDING;
 227        }
 228
 229        if (rsp == NULL) {
 230                req->io_capability = conn->hcon->io_capability;
 231                req->oob_flag = SMP_OOB_NOT_PRESENT;
 232                req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
 233                req->init_key_dist = 0;
 234                req->resp_key_dist = dist_keys;
 235                req->auth_req = (authreq & AUTH_REQ_MASK);
 236                return;
 237        }
 238
 239        rsp->io_capability = conn->hcon->io_capability;
 240        rsp->oob_flag = SMP_OOB_NOT_PRESENT;
 241        rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
 242        rsp->init_key_dist = 0;
 243        rsp->resp_key_dist = req->resp_key_dist & dist_keys;
 244        rsp->auth_req = (authreq & AUTH_REQ_MASK);
 245}
 246
 247static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
 248{
 249        struct smp_chan *smp = conn->smp_chan;
 250
 251        if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
 252                        (max_key_size < SMP_MIN_ENC_KEY_SIZE))
 253                return SMP_ENC_KEY_SIZE;
 254
 255        smp->enc_key_size = max_key_size;
 256
 257        return 0;
 258}
 259
 260static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
 261{
 262        struct hci_conn *hcon = conn->hcon;
 263
 264        if (send)
 265                smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
 266                                                                &reason);
 267
 268        clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->hcon->flags);
 269        mgmt_auth_failed(conn->hcon->hdev, conn->dst, hcon->type,
 270                         hcon->dst_type, HCI_ERROR_AUTH_FAILURE);
 271
 272        cancel_delayed_work_sync(&conn->security_timer);
 273
 274        if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
 275                smp_chan_destroy(conn);
 276}
 277
 278#define JUST_WORKS      0x00
 279#define JUST_CFM        0x01
 280#define REQ_PASSKEY     0x02
 281#define CFM_PASSKEY     0x03
 282#define REQ_OOB         0x04
 283#define OVERLAP         0xFF
 284
 285static const u8 gen_method[5][5] = {
 286        { JUST_WORKS,  JUST_CFM,    REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
 287        { JUST_WORKS,  JUST_CFM,    REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
 288        { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
 289        { JUST_WORKS,  JUST_CFM,    JUST_WORKS,  JUST_WORKS, JUST_CFM    },
 290        { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP     },
 291};
 292
 293static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
 294                                                u8 local_io, u8 remote_io)
 295{
 296        struct hci_conn *hcon = conn->hcon;
 297        struct smp_chan *smp = conn->smp_chan;
 298        u8 method;
 299        u32 passkey = 0;
 300        int ret = 0;
 301
 302        /* Initialize key for JUST WORKS */
 303        memset(smp->tk, 0, sizeof(smp->tk));
 304        clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
 305
 306        BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
 307
 308        /* If neither side wants MITM, use JUST WORKS */
 309        /* If either side has unknown io_caps, use JUST WORKS */
 310        /* Otherwise, look up method from the table */
 311        if (!(auth & SMP_AUTH_MITM) ||
 312                        local_io > SMP_IO_KEYBOARD_DISPLAY ||
 313                        remote_io > SMP_IO_KEYBOARD_DISPLAY)
 314                method = JUST_WORKS;
 315        else
 316                method = gen_method[remote_io][local_io];
 317
 318        /* If not bonding, don't ask user to confirm a Zero TK */
 319        if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
 320                method = JUST_WORKS;
 321
 322        /* If Just Works, Continue with Zero TK */
 323        if (method == JUST_WORKS) {
 324                set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
 325                return 0;
 326        }
 327
 328        /* Not Just Works/Confirm results in MITM Authentication */
 329        if (method != JUST_CFM)
 330                set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
 331
 332        /* If both devices have Keyoard-Display I/O, the master
 333         * Confirms and the slave Enters the passkey.
 334         */
 335        if (method == OVERLAP) {
 336                if (hcon->link_mode & HCI_LM_MASTER)
 337                        method = CFM_PASSKEY;
 338                else
 339                        method = REQ_PASSKEY;
 340        }
 341
 342        /* Generate random passkey. Not valid until confirmed. */
 343        if (method == CFM_PASSKEY) {
 344                u8 key[16];
 345
 346                memset(key, 0, sizeof(key));
 347                get_random_bytes(&passkey, sizeof(passkey));
 348                passkey %= 1000000;
 349                put_unaligned_le32(passkey, key);
 350                swap128(key, smp->tk);
 351                BT_DBG("PassKey: %d", passkey);
 352        }
 353
 354        hci_dev_lock(hcon->hdev);
 355
 356        if (method == REQ_PASSKEY)
 357                ret = mgmt_user_passkey_request(hcon->hdev, conn->dst,
 358                                                hcon->type, hcon->dst_type);
 359        else
 360                ret = mgmt_user_confirm_request(hcon->hdev, conn->dst,
 361                                                hcon->type, hcon->dst_type,
 362                                                cpu_to_le32(passkey), 0);
 363
 364        hci_dev_unlock(hcon->hdev);
 365
 366        return ret;
 367}
 368
 369static void confirm_work(struct work_struct *work)
 370{
 371        struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
 372        struct l2cap_conn *conn = smp->conn;
 373        struct crypto_blkcipher *tfm;
 374        struct smp_cmd_pairing_confirm cp;
 375        int ret;
 376        u8 res[16], reason;
 377
 378        BT_DBG("conn %p", conn);
 379
 380        tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
 381        if (IS_ERR(tfm)) {
 382                reason = SMP_UNSPECIFIED;
 383                goto error;
 384        }
 385
 386        smp->tfm = tfm;
 387
 388        if (conn->hcon->out)
 389                ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 0,
 390                             conn->src, conn->hcon->dst_type, conn->dst, res);
 391        else
 392                ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
 393                             conn->hcon->dst_type, conn->dst, 0, conn->src,
 394                             res);
 395        if (ret) {
 396                reason = SMP_UNSPECIFIED;
 397                goto error;
 398        }
 399
 400        clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
 401
 402        swap128(res, cp.confirm_val);
 403        smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
 404
 405        return;
 406
 407error:
 408        smp_failure(conn, reason, 1);
 409}
 410
 411static void random_work(struct work_struct *work)
 412{
 413        struct smp_chan *smp = container_of(work, struct smp_chan, random);
 414        struct l2cap_conn *conn = smp->conn;
 415        struct hci_conn *hcon = conn->hcon;
 416        struct crypto_blkcipher *tfm = smp->tfm;
 417        u8 reason, confirm[16], res[16], key[16];
 418        int ret;
 419
 420        if (IS_ERR_OR_NULL(tfm)) {
 421                reason = SMP_UNSPECIFIED;
 422                goto error;
 423        }
 424
 425        BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
 426
 427        if (hcon->out)
 428                ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 0,
 429                             conn->src, hcon->dst_type, conn->dst, res);
 430        else
 431                ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
 432                             hcon->dst_type, conn->dst, 0, conn->src, res);
 433        if (ret) {
 434                reason = SMP_UNSPECIFIED;
 435                goto error;
 436        }
 437
 438        swap128(res, confirm);
 439
 440        if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
 441                BT_ERR("Pairing failed (confirmation values mismatch)");
 442                reason = SMP_CONFIRM_FAILED;
 443                goto error;
 444        }
 445
 446        if (hcon->out) {
 447                u8 stk[16], rand[8];
 448                __le16 ediv;
 449
 450                memset(rand, 0, sizeof(rand));
 451                ediv = 0;
 452
 453                smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
 454                swap128(key, stk);
 455
 456                memset(stk + smp->enc_key_size, 0,
 457                       SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
 458
 459                if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
 460                        reason = SMP_UNSPECIFIED;
 461                        goto error;
 462                }
 463
 464                hci_le_start_enc(hcon, ediv, rand, stk);
 465                hcon->enc_key_size = smp->enc_key_size;
 466        } else {
 467                u8 stk[16], r[16], rand[8];
 468                __le16 ediv;
 469
 470                memset(rand, 0, sizeof(rand));
 471                ediv = 0;
 472
 473                swap128(smp->prnd, r);
 474                smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
 475
 476                smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
 477                swap128(key, stk);
 478
 479                memset(stk + smp->enc_key_size, 0,
 480                                SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
 481
 482                hci_add_ltk(hcon->hdev, conn->dst, hcon->dst_type,
 483                            HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
 484                            ediv, rand);
 485        }
 486
 487        return;
 488
 489error:
 490        smp_failure(conn, reason, 1);
 491}
 492
 493static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
 494{
 495        struct smp_chan *smp;
 496
 497        smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
 498        if (!smp)
 499                return NULL;
 500
 501        INIT_WORK(&smp->confirm, confirm_work);
 502        INIT_WORK(&smp->random, random_work);
 503
 504        smp->conn = conn;
 505        conn->smp_chan = smp;
 506        conn->hcon->smp_conn = conn;
 507
 508        hci_conn_hold(conn->hcon);
 509
 510        return smp;
 511}
 512
 513void smp_chan_destroy(struct l2cap_conn *conn)
 514{
 515        struct smp_chan *smp = conn->smp_chan;
 516
 517        BUG_ON(!smp);
 518
 519        if (smp->tfm)
 520                crypto_free_blkcipher(smp->tfm);
 521
 522        kfree(smp);
 523        conn->smp_chan = NULL;
 524        conn->hcon->smp_conn = NULL;
 525        hci_conn_put(conn->hcon);
 526}
 527
 528int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
 529{
 530        struct l2cap_conn *conn = hcon->smp_conn;
 531        struct smp_chan *smp;
 532        u32 value;
 533        u8 key[16];
 534
 535        BT_DBG("");
 536
 537        if (!conn)
 538                return -ENOTCONN;
 539
 540        smp = conn->smp_chan;
 541
 542        switch (mgmt_op) {
 543        case MGMT_OP_USER_PASSKEY_REPLY:
 544                value = le32_to_cpu(passkey);
 545                memset(key, 0, sizeof(key));
 546                BT_DBG("PassKey: %d", value);
 547                put_unaligned_le32(value, key);
 548                swap128(key, smp->tk);
 549                /* Fall Through */
 550        case MGMT_OP_USER_CONFIRM_REPLY:
 551                set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
 552                break;
 553        case MGMT_OP_USER_PASSKEY_NEG_REPLY:
 554        case MGMT_OP_USER_CONFIRM_NEG_REPLY:
 555                smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
 556                return 0;
 557        default:
 558                smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
 559                return -EOPNOTSUPP;
 560        }
 561
 562        /* If it is our turn to send Pairing Confirm, do so now */
 563        if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
 564                queue_work(hcon->hdev->workqueue, &smp->confirm);
 565
 566        return 0;
 567}
 568
 569static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
 570{
 571        struct smp_cmd_pairing rsp, *req = (void *) skb->data;
 572        struct smp_chan *smp;
 573        u8 key_size;
 574        u8 auth = SMP_AUTH_NONE;
 575        int ret;
 576
 577        BT_DBG("conn %p", conn);
 578
 579        if (conn->hcon->link_mode & HCI_LM_MASTER)
 580                return SMP_CMD_NOTSUPP;
 581
 582        if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
 583                smp = smp_chan_create(conn);
 584        else
 585                smp = conn->smp_chan;
 586
 587        if (!smp)
 588                return SMP_UNSPECIFIED;
 589
 590        smp->preq[0] = SMP_CMD_PAIRING_REQ;
 591        memcpy(&smp->preq[1], req, sizeof(*req));
 592        skb_pull(skb, sizeof(*req));
 593
 594        /* We didn't start the pairing, so match remote */
 595        if (req->auth_req & SMP_AUTH_BONDING)
 596                auth = req->auth_req;
 597
 598        conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
 599
 600        build_pairing_cmd(conn, req, &rsp, auth);
 601
 602        key_size = min(req->max_key_size, rsp.max_key_size);
 603        if (check_enc_key_size(conn, key_size))
 604                return SMP_ENC_KEY_SIZE;
 605
 606        ret = smp_rand(smp->prnd);
 607        if (ret)
 608                return SMP_UNSPECIFIED;
 609
 610        smp->prsp[0] = SMP_CMD_PAIRING_RSP;
 611        memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
 612
 613        smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
 614
 615        /* Request setup of TK */
 616        ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
 617        if (ret)
 618                return SMP_UNSPECIFIED;
 619
 620        return 0;
 621}
 622
 623static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
 624{
 625        struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
 626        struct smp_chan *smp = conn->smp_chan;
 627        struct hci_dev *hdev = conn->hcon->hdev;
 628        u8 key_size, auth = SMP_AUTH_NONE;
 629        int ret;
 630
 631        BT_DBG("conn %p", conn);
 632
 633        if (!(conn->hcon->link_mode & HCI_LM_MASTER))
 634                return SMP_CMD_NOTSUPP;
 635
 636        skb_pull(skb, sizeof(*rsp));
 637
 638        req = (void *) &smp->preq[1];
 639
 640        key_size = min(req->max_key_size, rsp->max_key_size);
 641        if (check_enc_key_size(conn, key_size))
 642                return SMP_ENC_KEY_SIZE;
 643
 644        ret = smp_rand(smp->prnd);
 645        if (ret)
 646                return SMP_UNSPECIFIED;
 647
 648        smp->prsp[0] = SMP_CMD_PAIRING_RSP;
 649        memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
 650
 651        if ((req->auth_req & SMP_AUTH_BONDING) &&
 652                        (rsp->auth_req & SMP_AUTH_BONDING))
 653                auth = SMP_AUTH_BONDING;
 654
 655        auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
 656
 657        ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
 658        if (ret)
 659                return SMP_UNSPECIFIED;
 660
 661        set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
 662
 663        /* Can't compose response until we have been confirmed */
 664        if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
 665                return 0;
 666
 667        queue_work(hdev->workqueue, &smp->confirm);
 668
 669        return 0;
 670}
 671
 672static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
 673{
 674        struct smp_chan *smp = conn->smp_chan;
 675        struct hci_dev *hdev = conn->hcon->hdev;
 676
 677        BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
 678
 679        memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
 680        skb_pull(skb, sizeof(smp->pcnf));
 681
 682        if (conn->hcon->out) {
 683                u8 random[16];
 684
 685                swap128(smp->prnd, random);
 686                smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
 687                                                                random);
 688        } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
 689                queue_work(hdev->workqueue, &smp->confirm);
 690        } else {
 691                set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
 692        }
 693
 694        return 0;
 695}
 696
 697static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
 698{
 699        struct smp_chan *smp = conn->smp_chan;
 700        struct hci_dev *hdev = conn->hcon->hdev;
 701
 702        BT_DBG("conn %p", conn);
 703
 704        swap128(skb->data, smp->rrnd);
 705        skb_pull(skb, sizeof(smp->rrnd));
 706
 707        queue_work(hdev->workqueue, &smp->random);
 708
 709        return 0;
 710}
 711
 712static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
 713{
 714        struct smp_ltk *key;
 715        struct hci_conn *hcon = conn->hcon;
 716
 717        key = hci_find_ltk_by_addr(hcon->hdev, conn->dst, hcon->dst_type);
 718        if (!key)
 719                return 0;
 720
 721        if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
 722                return 0;
 723
 724        if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
 725                return 1;
 726
 727        hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
 728        hcon->enc_key_size = key->enc_size;
 729
 730        return 1;
 731
 732}
 733static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
 734{
 735        struct smp_cmd_security_req *rp = (void *) skb->data;
 736        struct smp_cmd_pairing cp;
 737        struct hci_conn *hcon = conn->hcon;
 738        struct smp_chan *smp;
 739
 740        BT_DBG("conn %p", conn);
 741
 742        hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
 743
 744        if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
 745                return 0;
 746
 747        if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
 748                return 0;
 749
 750        smp = smp_chan_create(conn);
 751
 752        skb_pull(skb, sizeof(*rp));
 753
 754        memset(&cp, 0, sizeof(cp));
 755        build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
 756
 757        smp->preq[0] = SMP_CMD_PAIRING_REQ;
 758        memcpy(&smp->preq[1], &cp, sizeof(cp));
 759
 760        smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
 761
 762        return 0;
 763}
 764
 765int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
 766{
 767        struct l2cap_conn *conn = hcon->l2cap_data;
 768        struct smp_chan *smp = conn->smp_chan;
 769        __u8 authreq;
 770
 771        BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
 772
 773        if (!lmp_host_le_capable(hcon->hdev))
 774                return 1;
 775
 776        if (sec_level == BT_SECURITY_LOW)
 777                return 1;
 778
 779        if (hcon->sec_level >= sec_level)
 780                return 1;
 781
 782        if (hcon->link_mode & HCI_LM_MASTER)
 783                if (smp_ltk_encrypt(conn, sec_level))
 784                        goto done;
 785
 786        if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
 787                return 0;
 788
 789        smp = smp_chan_create(conn);
 790        if (!smp)
 791                return 1;
 792
 793        authreq = seclevel_to_authreq(sec_level);
 794
 795        if (hcon->link_mode & HCI_LM_MASTER) {
 796                struct smp_cmd_pairing cp;
 797
 798                build_pairing_cmd(conn, &cp, NULL, authreq);
 799                smp->preq[0] = SMP_CMD_PAIRING_REQ;
 800                memcpy(&smp->preq[1], &cp, sizeof(cp));
 801
 802                smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
 803        } else {
 804                struct smp_cmd_security_req cp;
 805                cp.auth_req = authreq;
 806                smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
 807        }
 808
 809done:
 810        hcon->pending_sec_level = sec_level;
 811
 812        return 0;
 813}
 814
 815static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
 816{
 817        struct smp_cmd_encrypt_info *rp = (void *) skb->data;
 818        struct smp_chan *smp = conn->smp_chan;
 819
 820        skb_pull(skb, sizeof(*rp));
 821
 822        memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
 823
 824        return 0;
 825}
 826
 827static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
 828{
 829        struct smp_cmd_master_ident *rp = (void *) skb->data;
 830        struct smp_chan *smp = conn->smp_chan;
 831        struct hci_dev *hdev = conn->hcon->hdev;
 832        struct hci_conn *hcon = conn->hcon;
 833        u8 authenticated;
 834
 835        skb_pull(skb, sizeof(*rp));
 836
 837        hci_dev_lock(hdev);
 838        authenticated = (conn->hcon->sec_level == BT_SECURITY_HIGH);
 839        hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
 840                    HCI_SMP_LTK, 1, authenticated, smp->tk, smp->enc_key_size,
 841                    rp->ediv, rp->rand);
 842        smp_distribute_keys(conn, 1);
 843        hci_dev_unlock(hdev);
 844
 845        return 0;
 846}
 847
 848int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
 849{
 850        __u8 code = skb->data[0];
 851        __u8 reason;
 852        int err = 0;
 853
 854        if (!lmp_host_le_capable(conn->hcon->hdev)) {
 855                err = -ENOTSUPP;
 856                reason = SMP_PAIRING_NOTSUPP;
 857                goto done;
 858        }
 859
 860        skb_pull(skb, sizeof(code));
 861
 862        switch (code) {
 863        case SMP_CMD_PAIRING_REQ:
 864                reason = smp_cmd_pairing_req(conn, skb);
 865                break;
 866
 867        case SMP_CMD_PAIRING_FAIL:
 868                smp_failure(conn, skb->data[0], 0);
 869                reason = 0;
 870                err = -EPERM;
 871                break;
 872
 873        case SMP_CMD_PAIRING_RSP:
 874                reason = smp_cmd_pairing_rsp(conn, skb);
 875                break;
 876
 877        case SMP_CMD_SECURITY_REQ:
 878                reason = smp_cmd_security_req(conn, skb);
 879                break;
 880
 881        case SMP_CMD_PAIRING_CONFIRM:
 882                reason = smp_cmd_pairing_confirm(conn, skb);
 883                break;
 884
 885        case SMP_CMD_PAIRING_RANDOM:
 886                reason = smp_cmd_pairing_random(conn, skb);
 887                break;
 888
 889        case SMP_CMD_ENCRYPT_INFO:
 890                reason = smp_cmd_encrypt_info(conn, skb);
 891                break;
 892
 893        case SMP_CMD_MASTER_IDENT:
 894                reason = smp_cmd_master_ident(conn, skb);
 895                break;
 896
 897        case SMP_CMD_IDENT_INFO:
 898        case SMP_CMD_IDENT_ADDR_INFO:
 899        case SMP_CMD_SIGN_INFO:
 900                /* Just ignored */
 901                reason = 0;
 902                break;
 903
 904        default:
 905                BT_DBG("Unknown command code 0x%2.2x", code);
 906
 907                reason = SMP_CMD_NOTSUPP;
 908                err = -EOPNOTSUPP;
 909                goto done;
 910        }
 911
 912done:
 913        if (reason)
 914                smp_failure(conn, reason, 1);
 915
 916        kfree_skb(skb);
 917        return err;
 918}
 919
 920int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
 921{
 922        struct smp_cmd_pairing *req, *rsp;
 923        struct smp_chan *smp = conn->smp_chan;
 924        __u8 *keydist;
 925
 926        BT_DBG("conn %p force %d", conn, force);
 927
 928        if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
 929                return 0;
 930
 931        rsp = (void *) &smp->prsp[1];
 932
 933        /* The responder sends its keys first */
 934        if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
 935                return 0;
 936
 937        req = (void *) &smp->preq[1];
 938
 939        if (conn->hcon->out) {
 940                keydist = &rsp->init_key_dist;
 941                *keydist &= req->init_key_dist;
 942        } else {
 943                keydist = &rsp->resp_key_dist;
 944                *keydist &= req->resp_key_dist;
 945        }
 946
 947
 948        BT_DBG("keydist 0x%x", *keydist);
 949
 950        if (*keydist & SMP_DIST_ENC_KEY) {
 951                struct smp_cmd_encrypt_info enc;
 952                struct smp_cmd_master_ident ident;
 953                struct hci_conn *hcon = conn->hcon;
 954                u8 authenticated;
 955                __le16 ediv;
 956
 957                get_random_bytes(enc.ltk, sizeof(enc.ltk));
 958                get_random_bytes(&ediv, sizeof(ediv));
 959                get_random_bytes(ident.rand, sizeof(ident.rand));
 960
 961                smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
 962
 963                authenticated = hcon->sec_level == BT_SECURITY_HIGH;
 964                hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
 965                            HCI_SMP_LTK_SLAVE, 1, authenticated,
 966                            enc.ltk, smp->enc_key_size, ediv, ident.rand);
 967
 968                ident.ediv = ediv;
 969
 970                smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
 971
 972                *keydist &= ~SMP_DIST_ENC_KEY;
 973        }
 974
 975        if (*keydist & SMP_DIST_ID_KEY) {
 976                struct smp_cmd_ident_addr_info addrinfo;
 977                struct smp_cmd_ident_info idinfo;
 978
 979                /* Send a dummy key */
 980                get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
 981
 982                smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
 983
 984                /* Just public address */
 985                memset(&addrinfo, 0, sizeof(addrinfo));
 986                bacpy(&addrinfo.bdaddr, conn->src);
 987
 988                smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
 989                                                                &addrinfo);
 990
 991                *keydist &= ~SMP_DIST_ID_KEY;
 992        }
 993
 994        if (*keydist & SMP_DIST_SIGN) {
 995                struct smp_cmd_sign_info sign;
 996
 997                /* Send a dummy key */
 998                get_random_bytes(sign.csrk, sizeof(sign.csrk));
 999
1000                smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1001
1002                *keydist &= ~SMP_DIST_SIGN;
1003        }
1004
1005        if (conn->hcon->out || force) {
1006                clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1007                cancel_delayed_work_sync(&conn->security_timer);
1008                smp_chan_destroy(conn);
1009        }
1010
1011        return 0;
1012}
1013
lxr.linux.no kindly hosted by Redpill Linpro AS, provider of Linux consulting and operations services since 1995.