2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src[16], u8 dst[16])
41 for (i = 0; i < 16; i++)
45 static inline void swap56(u8 src[7], u8 dst[7])
48 for (i = 0; i < 7; i++)
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
59 BT_ERR("tfm %p", tfm);
66 err = crypto_blkcipher_setkey(tfm, k, 16);
68 BT_ERR("cipher setkey failed: %d", err);
72 sg_init_one(&sg, r, 16);
74 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
76 BT_ERR("Encrypt data error %d", err);
81 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
86 /* r' = padding || r */
93 err = smp_e(tfm, k, _res);
95 BT_ERR("Encrypt error");
99 /* The output of the random address function ah is:
100 * ah(h, r) = e(k, r') mod 2^24
101 * The output of the security function e is then truncated to 24 bits
102 * by taking the least significant 24 bits of the output of e as the
112 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
118 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
120 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
124 return !memcmp(bdaddr->b, hash, 3);
127 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
128 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
129 u8 _rat, bdaddr_t *ra, u8 res[16])
136 /* p1 = pres || preq || _rat || _iat */
138 swap56(preq, p1 + 7);
144 /* p2 = padding || ia || ra */
145 baswap((bdaddr_t *) (p2 + 4), ia);
146 baswap((bdaddr_t *) (p2 + 10), ra);
149 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
151 /* res = e(k, res) */
152 err = smp_e(tfm, k, res);
154 BT_ERR("Encrypt data error");
158 /* res = res XOR p2 */
159 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
161 /* res = e(k, res) */
162 err = smp_e(tfm, k, res);
164 BT_ERR("Encrypt data error");
169 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
170 u8 r2[16], u8 _r[16])
174 /* Just least significant octets from r1 and r2 are considered */
175 memcpy(_r, r1 + 8, 8);
176 memcpy(_r + 8, r2 + 8, 8);
178 err = smp_e(tfm, k, _r);
180 BT_ERR("Encrypt data error");
185 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
186 u16 dlen, void *data)
189 struct l2cap_hdr *lh;
192 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
197 skb = bt_skb_alloc(len, GFP_ATOMIC);
201 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
202 lh->len = cpu_to_le16(sizeof(code) + dlen);
203 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
205 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
207 memcpy(skb_put(skb, dlen), data, dlen);
212 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
214 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
216 BT_DBG("code 0x%2.2x", code);
221 skb->priority = HCI_PRIO_MAX;
222 hci_send_acl(conn->hchan, skb, 0);
224 cancel_delayed_work_sync(&conn->security_timer);
225 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
228 static __u8 authreq_to_seclevel(__u8 authreq)
230 if (authreq & SMP_AUTH_MITM)
231 return BT_SECURITY_HIGH;
233 return BT_SECURITY_MEDIUM;
236 static __u8 seclevel_to_authreq(__u8 sec_level)
239 case BT_SECURITY_HIGH:
240 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
241 case BT_SECURITY_MEDIUM:
242 return SMP_AUTH_BONDING;
244 return SMP_AUTH_NONE;
248 static void build_pairing_cmd(struct l2cap_conn *conn,
249 struct smp_cmd_pairing *req,
250 struct smp_cmd_pairing *rsp, __u8 authreq)
252 struct smp_chan *smp = conn->smp_chan;
253 struct hci_conn *hcon = conn->hcon;
254 struct hci_dev *hdev = hcon->hdev;
255 u8 local_dist = 0, remote_dist = 0;
257 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
258 local_dist = SMP_DIST_ENC_KEY;
259 remote_dist = SMP_DIST_ENC_KEY;
260 authreq |= SMP_AUTH_BONDING;
262 authreq &= ~SMP_AUTH_BONDING;
265 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
266 remote_dist |= SMP_DIST_ID_KEY;
269 req->io_capability = conn->hcon->io_capability;
270 req->oob_flag = SMP_OOB_NOT_PRESENT;
271 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
272 req->init_key_dist = local_dist;
273 req->resp_key_dist = remote_dist;
274 req->auth_req = (authreq & AUTH_REQ_MASK);
276 smp->remote_key_dist = remote_dist;
280 rsp->io_capability = conn->hcon->io_capability;
281 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
282 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
283 rsp->init_key_dist = req->init_key_dist & remote_dist;
284 rsp->resp_key_dist = req->resp_key_dist & local_dist;
285 rsp->auth_req = (authreq & AUTH_REQ_MASK);
287 smp->remote_key_dist = rsp->init_key_dist;
290 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
292 struct smp_chan *smp = conn->smp_chan;
294 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
295 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
296 return SMP_ENC_KEY_SIZE;
298 smp->enc_key_size = max_key_size;
303 static void smp_failure(struct l2cap_conn *conn, u8 reason)
305 struct hci_conn *hcon = conn->hcon;
308 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
311 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
312 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
313 HCI_ERROR_AUTH_FAILURE);
315 cancel_delayed_work_sync(&conn->security_timer);
317 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
318 smp_chan_destroy(conn);
321 #define JUST_WORKS 0x00
322 #define JUST_CFM 0x01
323 #define REQ_PASSKEY 0x02
324 #define CFM_PASSKEY 0x03
328 static const u8 gen_method[5][5] = {
329 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
330 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
331 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
332 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
333 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
336 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
337 u8 local_io, u8 remote_io)
339 struct hci_conn *hcon = conn->hcon;
340 struct smp_chan *smp = conn->smp_chan;
345 /* Initialize key for JUST WORKS */
346 memset(smp->tk, 0, sizeof(smp->tk));
347 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
349 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
351 /* If neither side wants MITM, use JUST WORKS */
352 /* If either side has unknown io_caps, use JUST WORKS */
353 /* Otherwise, look up method from the table */
354 if (!(auth & SMP_AUTH_MITM) ||
355 local_io > SMP_IO_KEYBOARD_DISPLAY ||
356 remote_io > SMP_IO_KEYBOARD_DISPLAY)
359 method = gen_method[remote_io][local_io];
361 /* If not bonding, don't ask user to confirm a Zero TK */
362 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
365 /* If Just Works, Continue with Zero TK */
366 if (method == JUST_WORKS) {
367 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
371 /* Not Just Works/Confirm results in MITM Authentication */
372 if (method != JUST_CFM)
373 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
375 /* If both devices have Keyoard-Display I/O, the master
376 * Confirms and the slave Enters the passkey.
378 if (method == OVERLAP) {
379 if (hcon->link_mode & HCI_LM_MASTER)
380 method = CFM_PASSKEY;
382 method = REQ_PASSKEY;
385 /* Generate random passkey. Not valid until confirmed. */
386 if (method == CFM_PASSKEY) {
389 memset(key, 0, sizeof(key));
390 get_random_bytes(&passkey, sizeof(passkey));
392 put_unaligned_le32(passkey, key);
393 swap128(key, smp->tk);
394 BT_DBG("PassKey: %d", passkey);
397 hci_dev_lock(hcon->hdev);
399 if (method == REQ_PASSKEY)
400 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
401 hcon->type, hcon->dst_type);
403 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
404 hcon->type, hcon->dst_type,
405 cpu_to_le32(passkey), 0);
407 hci_dev_unlock(hcon->hdev);
412 static void confirm_work(struct work_struct *work)
414 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
415 struct l2cap_conn *conn = smp->conn;
416 struct crypto_blkcipher *tfm;
417 struct smp_cmd_pairing_confirm cp;
421 BT_DBG("conn %p", conn);
423 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
425 reason = SMP_UNSPECIFIED;
432 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
433 conn->hcon->src_type, &conn->hcon->src,
434 conn->hcon->dst_type, &conn->hcon->dst, res);
436 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
437 conn->hcon->dst_type, &conn->hcon->dst,
438 conn->hcon->src_type, &conn->hcon->src, res);
440 reason = SMP_UNSPECIFIED;
444 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
446 swap128(res, cp.confirm_val);
447 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
452 smp_failure(conn, reason);
455 static void random_work(struct work_struct *work)
457 struct smp_chan *smp = container_of(work, struct smp_chan, random);
458 struct l2cap_conn *conn = smp->conn;
459 struct hci_conn *hcon = conn->hcon;
460 struct crypto_blkcipher *tfm = smp->tfm;
461 u8 reason, confirm[16], res[16], key[16];
464 if (IS_ERR_OR_NULL(tfm)) {
465 reason = SMP_UNSPECIFIED;
469 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
472 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
473 hcon->src_type, &hcon->src,
474 hcon->dst_type, &hcon->dst, res);
476 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
477 hcon->dst_type, &hcon->dst,
478 hcon->src_type, &hcon->src, res);
480 reason = SMP_UNSPECIFIED;
484 swap128(res, confirm);
486 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
487 BT_ERR("Pairing failed (confirmation values mismatch)");
488 reason = SMP_CONFIRM_FAILED;
496 memset(rand, 0, sizeof(rand));
499 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
502 memset(stk + smp->enc_key_size, 0,
503 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
505 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
506 reason = SMP_UNSPECIFIED;
510 hci_le_start_enc(hcon, ediv, rand, stk);
511 hcon->enc_key_size = smp->enc_key_size;
513 u8 stk[16], r[16], rand[8];
516 memset(rand, 0, sizeof(rand));
519 swap128(smp->prnd, r);
520 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
522 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
525 memset(stk + smp->enc_key_size, 0,
526 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
528 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
529 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
536 smp_failure(conn, reason);
539 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
541 struct smp_chan *smp;
543 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
547 INIT_WORK(&smp->confirm, confirm_work);
548 INIT_WORK(&smp->random, random_work);
551 conn->smp_chan = smp;
552 conn->hcon->smp_conn = conn;
554 hci_conn_hold(conn->hcon);
559 void smp_chan_destroy(struct l2cap_conn *conn)
561 struct smp_chan *smp = conn->smp_chan;
566 crypto_free_blkcipher(smp->tfm);
569 conn->smp_chan = NULL;
570 conn->hcon->smp_conn = NULL;
571 hci_conn_drop(conn->hcon);
574 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
576 struct l2cap_conn *conn = hcon->smp_conn;
577 struct smp_chan *smp;
586 smp = conn->smp_chan;
589 case MGMT_OP_USER_PASSKEY_REPLY:
590 value = le32_to_cpu(passkey);
591 memset(key, 0, sizeof(key));
592 BT_DBG("PassKey: %d", value);
593 put_unaligned_le32(value, key);
594 swap128(key, smp->tk);
596 case MGMT_OP_USER_CONFIRM_REPLY:
597 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
599 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
600 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
601 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
604 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
608 /* If it is our turn to send Pairing Confirm, do so now */
609 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
610 queue_work(hcon->hdev->workqueue, &smp->confirm);
615 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
617 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
618 struct smp_chan *smp;
620 u8 auth = SMP_AUTH_NONE;
623 BT_DBG("conn %p", conn);
625 if (skb->len < sizeof(*req))
626 return SMP_UNSPECIFIED;
628 if (conn->hcon->link_mode & HCI_LM_MASTER)
629 return SMP_CMD_NOTSUPP;
631 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
632 smp = smp_chan_create(conn);
634 smp = conn->smp_chan;
637 return SMP_UNSPECIFIED;
639 smp->preq[0] = SMP_CMD_PAIRING_REQ;
640 memcpy(&smp->preq[1], req, sizeof(*req));
641 skb_pull(skb, sizeof(*req));
643 /* We didn't start the pairing, so match remote */
644 if (req->auth_req & SMP_AUTH_BONDING)
645 auth = req->auth_req;
647 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
649 build_pairing_cmd(conn, req, &rsp, auth);
651 key_size = min(req->max_key_size, rsp.max_key_size);
652 if (check_enc_key_size(conn, key_size))
653 return SMP_ENC_KEY_SIZE;
655 get_random_bytes(smp->prnd, sizeof(smp->prnd));
657 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
658 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
660 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
662 /* Request setup of TK */
663 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
665 return SMP_UNSPECIFIED;
670 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
672 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
673 struct smp_chan *smp = conn->smp_chan;
674 struct hci_dev *hdev = conn->hcon->hdev;
675 u8 key_size, auth = SMP_AUTH_NONE;
678 BT_DBG("conn %p", conn);
680 if (skb->len < sizeof(*rsp))
681 return SMP_UNSPECIFIED;
683 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
684 return SMP_CMD_NOTSUPP;
686 skb_pull(skb, sizeof(*rsp));
688 req = (void *) &smp->preq[1];
690 key_size = min(req->max_key_size, rsp->max_key_size);
691 if (check_enc_key_size(conn, key_size))
692 return SMP_ENC_KEY_SIZE;
694 get_random_bytes(smp->prnd, sizeof(smp->prnd));
696 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
697 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
699 if ((req->auth_req & SMP_AUTH_BONDING) &&
700 (rsp->auth_req & SMP_AUTH_BONDING))
701 auth = SMP_AUTH_BONDING;
703 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
705 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
707 return SMP_UNSPECIFIED;
709 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
711 /* Can't compose response until we have been confirmed */
712 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
715 queue_work(hdev->workqueue, &smp->confirm);
720 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
722 struct smp_chan *smp = conn->smp_chan;
723 struct hci_dev *hdev = conn->hcon->hdev;
725 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
727 if (skb->len < sizeof(smp->pcnf))
728 return SMP_UNSPECIFIED;
730 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
731 skb_pull(skb, sizeof(smp->pcnf));
733 if (conn->hcon->out) {
736 swap128(smp->prnd, random);
737 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
739 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
740 queue_work(hdev->workqueue, &smp->confirm);
742 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
748 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
750 struct smp_chan *smp = conn->smp_chan;
751 struct hci_dev *hdev = conn->hcon->hdev;
753 BT_DBG("conn %p", conn);
755 if (skb->len < sizeof(smp->rrnd))
756 return SMP_UNSPECIFIED;
758 swap128(skb->data, smp->rrnd);
759 skb_pull(skb, sizeof(smp->rrnd));
761 queue_work(hdev->workqueue, &smp->random);
766 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
769 struct hci_conn *hcon = conn->hcon;
771 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
776 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
779 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
782 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
783 hcon->enc_key_size = key->enc_size;
788 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
790 struct smp_cmd_security_req *rp = (void *) skb->data;
791 struct smp_cmd_pairing cp;
792 struct hci_conn *hcon = conn->hcon;
793 struct smp_chan *smp;
795 BT_DBG("conn %p", conn);
797 if (skb->len < sizeof(*rp))
798 return SMP_UNSPECIFIED;
800 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
801 return SMP_CMD_NOTSUPP;
803 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
805 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
808 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
811 smp = smp_chan_create(conn);
813 skb_pull(skb, sizeof(*rp));
815 memset(&cp, 0, sizeof(cp));
816 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
818 smp->preq[0] = SMP_CMD_PAIRING_REQ;
819 memcpy(&smp->preq[1], &cp, sizeof(cp));
821 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
826 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
828 if (sec_level == BT_SECURITY_LOW)
831 if (hcon->sec_level >= sec_level)
837 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
839 struct l2cap_conn *conn = hcon->l2cap_data;
840 struct smp_chan *smp = conn->smp_chan;
843 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
845 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
848 if (smp_sufficient_security(hcon, sec_level))
851 if (hcon->link_mode & HCI_LM_MASTER)
852 if (smp_ltk_encrypt(conn, sec_level))
855 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
858 smp = smp_chan_create(conn);
862 authreq = seclevel_to_authreq(sec_level);
864 if (hcon->link_mode & HCI_LM_MASTER) {
865 struct smp_cmd_pairing cp;
867 build_pairing_cmd(conn, &cp, NULL, authreq);
868 smp->preq[0] = SMP_CMD_PAIRING_REQ;
869 memcpy(&smp->preq[1], &cp, sizeof(cp));
871 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
873 struct smp_cmd_security_req cp;
874 cp.auth_req = authreq;
875 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
879 hcon->pending_sec_level = sec_level;
884 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
886 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
887 struct smp_chan *smp = conn->smp_chan;
889 BT_DBG("conn %p", conn);
891 if (skb->len < sizeof(*rp))
892 return SMP_UNSPECIFIED;
894 /* Ignore this PDU if it wasn't requested */
895 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
898 skb_pull(skb, sizeof(*rp));
900 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
905 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
907 struct smp_cmd_master_ident *rp = (void *) skb->data;
908 struct smp_chan *smp = conn->smp_chan;
909 struct hci_dev *hdev = conn->hcon->hdev;
910 struct hci_conn *hcon = conn->hcon;
913 BT_DBG("conn %p", conn);
915 if (skb->len < sizeof(*rp))
916 return SMP_UNSPECIFIED;
918 /* Ignore this PDU if it wasn't requested */
919 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
922 skb_pull(skb, sizeof(*rp));
925 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
926 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
927 authenticated, smp->tk, smp->enc_key_size,
929 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
930 smp_distribute_keys(conn, 1);
931 hci_dev_unlock(hdev);
936 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
938 struct smp_cmd_ident_info *info = (void *) skb->data;
939 struct smp_chan *smp = conn->smp_chan;
943 if (skb->len < sizeof(*info))
944 return SMP_UNSPECIFIED;
946 /* Ignore this PDU if it wasn't requested */
947 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
950 skb_pull(skb, sizeof(*info));
952 memcpy(smp->irk, info->irk, 16);
957 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
960 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
961 struct smp_chan *smp = conn->smp_chan;
962 struct hci_conn *hcon = conn->hcon;
967 if (skb->len < sizeof(*info))
968 return SMP_UNSPECIFIED;
970 /* Ignore this PDU if it wasn't requested */
971 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
974 skb_pull(skb, sizeof(*info));
976 bacpy(&smp->id_addr, &info->bdaddr);
977 smp->id_addr_type = info->addr_type;
979 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
980 bacpy(&rpa, &hcon->dst);
982 bacpy(&rpa, BDADDR_ANY);
984 hci_add_irk(conn->hcon->hdev, &smp->id_addr, smp->id_addr_type,
987 smp_distribute_keys(conn, 1);
992 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
994 struct hci_conn *hcon = conn->hcon;
998 if (hcon->type != LE_LINK) {
1008 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1010 reason = SMP_PAIRING_NOTSUPP;
1014 code = skb->data[0];
1015 skb_pull(skb, sizeof(code));
1018 * The SMP context must be initialized for all other PDUs except
1019 * pairing and security requests. If we get any other PDU when
1020 * not initialized simply disconnect (done if this function
1021 * returns an error).
1023 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1025 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1031 case SMP_CMD_PAIRING_REQ:
1032 reason = smp_cmd_pairing_req(conn, skb);
1035 case SMP_CMD_PAIRING_FAIL:
1036 smp_failure(conn, 0);
1041 case SMP_CMD_PAIRING_RSP:
1042 reason = smp_cmd_pairing_rsp(conn, skb);
1045 case SMP_CMD_SECURITY_REQ:
1046 reason = smp_cmd_security_req(conn, skb);
1049 case SMP_CMD_PAIRING_CONFIRM:
1050 reason = smp_cmd_pairing_confirm(conn, skb);
1053 case SMP_CMD_PAIRING_RANDOM:
1054 reason = smp_cmd_pairing_random(conn, skb);
1057 case SMP_CMD_ENCRYPT_INFO:
1058 reason = smp_cmd_encrypt_info(conn, skb);
1061 case SMP_CMD_MASTER_IDENT:
1062 reason = smp_cmd_master_ident(conn, skb);
1065 case SMP_CMD_IDENT_INFO:
1066 reason = smp_cmd_ident_info(conn, skb);
1069 case SMP_CMD_IDENT_ADDR_INFO:
1070 reason = smp_cmd_ident_addr_info(conn, skb);
1073 case SMP_CMD_SIGN_INFO:
1079 BT_DBG("Unknown command code 0x%2.2x", code);
1081 reason = SMP_CMD_NOTSUPP;
1088 smp_failure(conn, reason);
1094 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
1096 struct smp_cmd_pairing *req, *rsp;
1097 struct smp_chan *smp = conn->smp_chan;
1100 BT_DBG("conn %p force %d", conn, force);
1102 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
1105 rsp = (void *) &smp->prsp[1];
1107 /* The responder sends its keys first */
1108 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
1111 req = (void *) &smp->preq[1];
1113 if (conn->hcon->out) {
1114 keydist = &rsp->init_key_dist;
1115 *keydist &= req->init_key_dist;
1117 keydist = &rsp->resp_key_dist;
1118 *keydist &= req->resp_key_dist;
1121 BT_DBG("keydist 0x%x", *keydist);
1123 if (*keydist & SMP_DIST_ENC_KEY) {
1124 struct smp_cmd_encrypt_info enc;
1125 struct smp_cmd_master_ident ident;
1126 struct hci_conn *hcon = conn->hcon;
1130 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1131 get_random_bytes(&ediv, sizeof(ediv));
1132 get_random_bytes(ident.rand, sizeof(ident.rand));
1134 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1136 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1137 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1138 HCI_SMP_LTK_SLAVE, 1, authenticated,
1139 enc.ltk, smp->enc_key_size, ediv, ident.rand);
1143 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1145 *keydist &= ~SMP_DIST_ENC_KEY;
1148 if (*keydist & SMP_DIST_ID_KEY) {
1149 struct smp_cmd_ident_addr_info addrinfo;
1150 struct smp_cmd_ident_info idinfo;
1152 /* Send a dummy key */
1153 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1155 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1157 /* Just public address */
1158 memset(&addrinfo, 0, sizeof(addrinfo));
1159 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1161 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1164 *keydist &= ~SMP_DIST_ID_KEY;
1167 if (*keydist & SMP_DIST_SIGN) {
1168 struct smp_cmd_sign_info sign;
1170 /* Send a dummy key */
1171 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1173 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1175 *keydist &= ~SMP_DIST_SIGN;
1178 if (conn->hcon->out || force) {
1179 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1180 cancel_delayed_work_sync(&conn->security_timer);
1181 smp_chan_destroy(conn);