Gitiles
Code Review Sign In
192.168.1.100 / T106_DC / 8cc82cdbbcd655d55050b7b6541e135b6e1303f3 / . / ap / os / linux / linux-3.4.x / net / bluetooth / smp.c
blob: 61e2494dc18821cf9e0e000121aa7f1fb8dc9122 [file] [log] [blame]
lh9ed821d2023-04-07 01:36:19 -0700[diff] [blame]1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
23#include <net/bluetooth/bluetooth.h>
24#include <net/bluetooth/hci_core.h>
25#include <net/bluetooth/l2cap.h>
26#include <net/bluetooth/mgmt.h>
27#include <net/bluetooth/smp.h>
28#include <linux/crypto.h>
29#include <linux/scatterlist.h>
30#include <crypto/b128ops.h>
31
32#define SMP_TIMEOUT msecs_to_jiffies(30000)
33
34#define AUTH_REQ_MASK 0x07
35
36static inline void swap128(u8 src[16], u8 dst[16])
37{
38 int i;
39 for (i = 0; i < 16; i++)
40 dst[15 - i] = src[i];
41}
42
43static inline void swap56(u8 src[7], u8 dst[7])
44{
45 int i;
46 for (i = 0; i < 7; i++)
47 dst[6 - i] = src[i];
48}
49
50static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
51{
52 struct blkcipher_desc desc;
53 struct scatterlist sg;
54 int err, iv_len;
55 unsigned char iv[128];
56
57 if (tfm == NULL) {
58 BT_ERR("tfm %p", tfm);
59 return -EINVAL;
60 }
61
62 desc.tfm = tfm;
63 desc.flags = 0;
64
65 err = crypto_blkcipher_setkey(tfm, k, 16);
66 if (err) {
67 BT_ERR("cipher setkey failed: %d", err);
68 return err;
69 }
70
71 sg_init_one(&sg, r, 16);
72
73 iv_len = crypto_blkcipher_ivsize(tfm);
74 if (iv_len) {
75 memset(&iv, 0xff, iv_len);
76 crypto_blkcipher_set_iv(tfm, iv, iv_len);
77 }
78
79 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
80 if (err)
81 BT_ERR("Encrypt data error %d", err);
82
83 return err;
84}
85
86static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
87 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
88 u8 _rat, bdaddr_t *ra, u8 res[16])
89{
90 u8 p1[16], p2[16];
91 int err;
92
93 memset(p1, 0, 16);
94
95 /* p1 = pres || preq || _rat || _iat */
96 swap56(pres, p1);
97 swap56(preq, p1 + 7);
98 p1[14] = _rat;
99 p1[15] = _iat;
100
101 memset(p2, 0, 16);
102
103 /* p2 = padding || ia || ra */
104 baswap((bdaddr_t *) (p2 + 4), ia);
105 baswap((bdaddr_t *) (p2 + 10), ra);
106
107 /* res = r XOR p1 */
108 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
109
110 /* res = e(k, res) */
111 err = smp_e(tfm, k, res);
112 if (err) {
113 BT_ERR("Encrypt data error");
114 return err;
115 }
116
117 /* res = res XOR p2 */
118 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
119
120 /* res = e(k, res) */
121 err = smp_e(tfm, k, res);
122 if (err)
123 BT_ERR("Encrypt data error");
124
125 return err;
126}
127
128static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
129 u8 r1[16], u8 r2[16], u8 _r[16])
130{
131 int err;
132
133 /* Just least significant octets from r1 and r2 are considered */
134 memcpy(_r, r1 + 8, 8);
135 memcpy(_r + 8, r2 + 8, 8);
136
137 err = smp_e(tfm, k, _r);
138 if (err)
139 BT_ERR("Encrypt data error");
140
141 return err;
142}
143
144static int smp_rand(u8 *buf)
145{
146 get_random_bytes(buf, 16);
147
148 return 0;
149}
150
151static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
152 u16 dlen, void *data)
153{
154 struct sk_buff *skb;
155 struct l2cap_hdr *lh;
156 int len;
157
158 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
159
160 if (len > conn->mtu)
161 return NULL;
162
163 skb = bt_skb_alloc(len, GFP_ATOMIC);
164 if (!skb)
165 return NULL;
166
167 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
168 lh->len = cpu_to_le16(sizeof(code) + dlen);
169 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
170
171 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
172
173 memcpy(skb_put(skb, dlen), data, dlen);
174
175 return skb;
176}
177
178static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
179{
180 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
181
182 BT_DBG("code 0x%2.2x", code);
183
184 if (!skb)
185 return;
186
187 skb->priority = HCI_PRIO_MAX;
188 hci_send_acl(conn->hchan, skb, 0);
189
190 cancel_delayed_work_sync(&conn->security_timer);
191 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
192}
193
194static __u8 authreq_to_seclevel(__u8 authreq)
195{
196 if (authreq & SMP_AUTH_MITM)
197 return BT_SECURITY_HIGH;
198 else
199 return BT_SECURITY_MEDIUM;
200}
201
202static __u8 seclevel_to_authreq(__u8 sec_level)
203{
204 switch (sec_level) {
205 case BT_SECURITY_HIGH:
206 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
207 case BT_SECURITY_MEDIUM:
208 return SMP_AUTH_BONDING;
209 default:
210 return SMP_AUTH_NONE;
211 }
212}
213
214static void build_pairing_cmd(struct l2cap_conn *conn,
215 struct smp_cmd_pairing *req,
216 struct smp_cmd_pairing *rsp,
217 __u8 authreq)
218{
219 u8 dist_keys = 0;
220
221 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
222 dist_keys = SMP_DIST_ENC_KEY;
223 authreq |= SMP_AUTH_BONDING;
224 } else {
225 authreq &= ~SMP_AUTH_BONDING;
226 }
227
228 if (rsp == NULL) {
229 req->io_capability = conn->hcon->io_capability;
230 req->oob_flag = SMP_OOB_NOT_PRESENT;
231 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
232 req->init_key_dist = 0;
233 req->resp_key_dist = dist_keys;
234 req->auth_req = (authreq & AUTH_REQ_MASK);
235 return;
236 }
237
238 rsp->io_capability = conn->hcon->io_capability;
239 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
240 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
241 rsp->init_key_dist = 0;
242 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
243 rsp->auth_req = (authreq & AUTH_REQ_MASK);
244}
245
246static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
247{
248 struct smp_chan *smp = conn->smp_chan;
249
250 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
251 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
252 return SMP_ENC_KEY_SIZE;
253
254 smp->enc_key_size = max_key_size;
255
256 return 0;
257}
258
259static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
260{
261 struct hci_conn *hcon = conn->hcon;
262
263 if (send)
264 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
265 &reason);
266
267 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->hcon->flags);
268 mgmt_auth_failed(conn->hcon->hdev, conn->dst, hcon->type,
269 hcon->dst_type, reason);
270
271 cancel_delayed_work_sync(&conn->security_timer);
272
273 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
274 smp_chan_destroy(conn);
275}
276
277#define JUST_WORKS 0x00
278#define JUST_CFM 0x01
279#define REQ_PASSKEY 0x02
280#define CFM_PASSKEY 0x03
281#define REQ_OOB 0x04
282#define OVERLAP 0xFF
283
284static const u8 gen_method[5][5] = {
285 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
286 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
287 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
288 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
289 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
290};
291
292static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
293 u8 local_io, u8 remote_io)
294{
295 struct hci_conn *hcon = conn->hcon;
296 struct smp_chan *smp = conn->smp_chan;
297 u8 method;
298 u32 passkey = 0;
299 int ret = 0;
300
301 /* Initialize key for JUST WORKS */
302 memset(smp->tk, 0, sizeof(smp->tk));
303 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
304
305 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
306
307 /* If neither side wants MITM, use JUST WORKS */
308 /* If either side has unknown io_caps, use JUST WORKS */
309 /* Otherwise, look up method from the table */
310 if (!(auth & SMP_AUTH_MITM) ||
311 local_io > SMP_IO_KEYBOARD_DISPLAY ||
312 remote_io > SMP_IO_KEYBOARD_DISPLAY)
313 method = JUST_WORKS;
314 else
315 method = gen_method[remote_io][local_io];
316
317 /* If not bonding, don't ask user to confirm a Zero TK */
318 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
319 method = JUST_WORKS;
320
321 /* If Just Works, Continue with Zero TK */
322 if (method == JUST_WORKS) {
323 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
324 return 0;
325 }
326
327 /* Not Just Works/Confirm results in MITM Authentication */
328 if (method != JUST_CFM) {
329 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
330 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
331 hcon->pending_sec_level = BT_SECURITY_HIGH;
332 }
333
334 /* If both devices have Keyoard-Display I/O, the master
335 * Confirms and the slave Enters the passkey.
336 */
337 if (method == OVERLAP) {
338 if (hcon->link_mode & HCI_LM_MASTER)
339 method = CFM_PASSKEY;
340 else
341 method = REQ_PASSKEY;
342 }
343
344 /* Generate random passkey. Not valid until confirmed. */
345 if (method == CFM_PASSKEY) {
346 u8 key[16];
347
348 memset(key, 0, sizeof(key));
349 get_random_bytes(&passkey, sizeof(passkey));
350 passkey %= 1000000;
351 put_unaligned_le32(passkey, key);
352 swap128(key, smp->tk);
353 BT_DBG("PassKey: %d", passkey);
354 }
355
356 hci_dev_lock(hcon->hdev);
357
358 if (method == REQ_PASSKEY)
359 ret = mgmt_user_passkey_request(hcon->hdev, conn->dst,
360 hcon->type, hcon->dst_type);
361 else
362 ret = mgmt_user_confirm_request(hcon->hdev, conn->dst,
363 hcon->type, hcon->dst_type,
364 cpu_to_le32(passkey), 0);
365
366 hci_dev_unlock(hcon->hdev);
367
368 return ret;
369}
370
371static void confirm_work(struct work_struct *work)
372{
373 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
374 struct l2cap_conn *conn = smp->conn;
375 struct crypto_blkcipher *tfm;
376 struct smp_cmd_pairing_confirm cp;
377 int ret;
378 u8 res[16], reason;
379
380 BT_DBG("conn %p", conn);
381
382 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
383 if (IS_ERR(tfm)) {
384 reason = SMP_UNSPECIFIED;
385 goto error;
386 }
387
388 smp->tfm = tfm;
389
390 if (conn->hcon->out)
391 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 0,
392 conn->src, conn->hcon->dst_type, conn->dst, res);
393 else
394 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
395 conn->hcon->dst_type, conn->dst, 0, conn->src,
396 res);
397 if (ret) {
398 reason = SMP_UNSPECIFIED;
399 goto error;
400 }
401
402 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
403
404 swap128(res, cp.confirm_val);
405 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
406
407 return;
408
409error:
410 smp_failure(conn, reason, 1);
411}
412
413static void random_work(struct work_struct *work)
414{
415 struct smp_chan *smp = container_of(work, struct smp_chan, random);
416 struct l2cap_conn *conn = smp->conn;
417 struct hci_conn *hcon = conn->hcon;
418 struct crypto_blkcipher *tfm = smp->tfm;
419 u8 reason, confirm[16], res[16], key[16];
420 int ret;
421
422 if (IS_ERR_OR_NULL(tfm)) {
423 reason = SMP_UNSPECIFIED;
424 goto error;
425 }
426
427 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
428
429 if (hcon->out)
430 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 0,
431 conn->src, hcon->dst_type, conn->dst, res);
432 else
433 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
434 hcon->dst_type, conn->dst, 0, conn->src, res);
435 if (ret) {
436 reason = SMP_UNSPECIFIED;
437 goto error;
438 }
439
440 swap128(res, confirm);
441
442 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
443 BT_ERR("Pairing failed (confirmation values mismatch)");
444 reason = SMP_CONFIRM_FAILED;
445 goto error;
446 }
447
448 if (hcon->out) {
449 u8 stk[16], rand[8];
450 __le16 ediv;
451
452 memset(rand, 0, sizeof(rand));
453 ediv = 0;
454
455 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
456 swap128(key, stk);
457
458 memset(stk + smp->enc_key_size, 0,
459 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
460
461 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
462 reason = SMP_UNSPECIFIED;
463 goto error;
464 }
465
466 hci_le_start_enc(hcon, ediv, rand, stk);
467 hcon->enc_key_size = smp->enc_key_size;
468 } else {
469 u8 stk[16], r[16], rand[8];
470 __le16 ediv;
471
472 memset(rand, 0, sizeof(rand));
473 ediv = 0;
474
475 swap128(smp->prnd, r);
476 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
477
478 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
479 swap128(key, stk);
480
481 memset(stk + smp->enc_key_size, 0,
482 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
483
484 hci_add_ltk(hcon->hdev, conn->dst, hcon->dst_type,
485 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
486 ediv, rand);
487 }
488
489 return;
490
491error:
492 smp_failure(conn, reason, 1);
493}
494
495static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
496{
497 struct smp_chan *smp;
498
499 smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
500 if (!smp)
501 return NULL;
502
503 INIT_WORK(&smp->confirm, confirm_work);
504 INIT_WORK(&smp->random, random_work);
505
506 smp->conn = conn;
507 conn->smp_chan = smp;
508 conn->hcon->smp_conn = conn;
509
510 hci_conn_hold(conn->hcon);
511
512 return smp;
513}
514
515void smp_chan_destroy(struct l2cap_conn *conn)
516{
517 struct smp_chan *smp = conn->smp_chan;
518
519 BUG_ON(!smp);
520
521 if (smp->tfm)
522 crypto_free_blkcipher(smp->tfm);
523
524 kfree(smp);
525 conn->smp_chan = NULL;
526 conn->hcon->smp_conn = NULL;
527 hci_conn_put(conn->hcon);
528}
529
530int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
531{
532 struct l2cap_conn *conn = hcon->smp_conn;
533 struct smp_chan *smp;
534 u32 value;
535 u8 key[16];
536
537 BT_DBG("");
538
539 if (!conn)
540 return -ENOTCONN;
541
542 smp = conn->smp_chan;
543
544 switch (mgmt_op) {
545 case MGMT_OP_USER_PASSKEY_REPLY:
546 value = le32_to_cpu(passkey);
547 memset(key, 0, sizeof(key));
548 BT_DBG("PassKey: %d", value);
549 put_unaligned_le32(value, key);
550 swap128(key, smp->tk);
551 /* Fall Through */
552 case MGMT_OP_USER_CONFIRM_REPLY:
553 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
554 break;
555 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
556 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
557 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
558 return 0;
559 default:
560 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
561 return -EOPNOTSUPP;
562 }
563
564 /* If it is our turn to send Pairing Confirm, do so now */
565 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
566 queue_work(hcon->hdev->workqueue, &smp->confirm);
567
568 return 0;
569}
570
571static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
572{
573 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
574 struct smp_chan *smp;
575 u8 key_size;
576 u8 auth = SMP_AUTH_NONE;
577 int ret;
578
579 BT_DBG("conn %p", conn);
580
581 if (conn->hcon->link_mode & HCI_LM_MASTER)
582 return SMP_CMD_NOTSUPP;
583
584 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
585 smp = smp_chan_create(conn);
586
587 smp = conn->smp_chan;
588
589 smp->preq[0] = SMP_CMD_PAIRING_REQ;
590 memcpy(&smp->preq[1], req, sizeof(*req));
591 skb_pull(skb, sizeof(*req));
592
593 /* We didn't start the pairing, so match remote */
594 if (req->auth_req & SMP_AUTH_BONDING)
595 auth = req->auth_req;
596
597 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
598
599 build_pairing_cmd(conn, req, &rsp, auth);
600
601 key_size = min(req->max_key_size, rsp.max_key_size);
602 if (check_enc_key_size(conn, key_size))
603 return SMP_ENC_KEY_SIZE;
604
605 ret = smp_rand(smp->prnd);
606 if (ret)
607 return SMP_UNSPECIFIED;
608
609 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
610 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
611
612 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
613
614 /* Request setup of TK */
615 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
616 if (ret)
617 return SMP_UNSPECIFIED;
618
619 return 0;
620}
621
622static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
623{
624 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
625 struct smp_chan *smp = conn->smp_chan;
626 struct hci_dev *hdev = conn->hcon->hdev;
627 u8 key_size, auth = SMP_AUTH_NONE;
628 int ret;
629
630 BT_DBG("conn %p", conn);
631
632 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
633 return SMP_CMD_NOTSUPP;
634
635 skb_pull(skb, sizeof(*rsp));
636
637 req = (void *) &smp->preq[1];
638
639 key_size = min(req->max_key_size, rsp->max_key_size);
640 if (check_enc_key_size(conn, key_size))
641 return SMP_ENC_KEY_SIZE;
642
643 ret = smp_rand(smp->prnd);
644 if (ret)
645 return SMP_UNSPECIFIED;
646
647 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
648 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
649
650 if ((req->auth_req & SMP_AUTH_BONDING) &&
651 (rsp->auth_req & SMP_AUTH_BONDING))
652 auth = SMP_AUTH_BONDING;
653
654 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
655
656 ret = tk_request(conn, 0, auth, rsp->io_capability, req->io_capability);
657 if (ret)
658 return SMP_UNSPECIFIED;
659
660 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
661
662 /* Can't compose response until we have been confirmed */
663 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
664 return 0;
665
666 queue_work(hdev->workqueue, &smp->confirm);
667
668 return 0;
669}
670
671static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
672{
673 struct smp_chan *smp = conn->smp_chan;
674 struct hci_dev *hdev = conn->hcon->hdev;
675
676 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
677
678 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
679 skb_pull(skb, sizeof(smp->pcnf));
680
681 if (conn->hcon->out) {
682 u8 random[16];
683
684 swap128(smp->prnd, random);
685 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
686 random);
687 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
688 queue_work(hdev->workqueue, &smp->confirm);
689 } else {
690 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
691 }
692
693 return 0;
694}
695
696static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
697{
698 struct smp_chan *smp = conn->smp_chan;
699 struct hci_dev *hdev = conn->hcon->hdev;
700
701 BT_DBG("conn %p", conn);
702
703 swap128(skb->data, smp->rrnd);
704 skb_pull(skb, sizeof(smp->rrnd));
705
706 queue_work(hdev->workqueue, &smp->random);
707
708 return 0;
709}
710
711static u8 smp_ltk_encrypt(struct l2cap_conn *conn)
712{
713 struct smp_ltk *key;
714 struct hci_conn *hcon = conn->hcon;
715
716 key = hci_find_ltk_by_addr(hcon->hdev, conn->dst, hcon->dst_type);
717 if (!key)
718 return 0;
719
720 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
721 return 1;
722
723 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
724 hcon->enc_key_size = key->enc_size;
725
726 return 1;
727
728}
729static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
730{
731 struct smp_cmd_security_req *rp = (void *) skb->data;
732 struct smp_cmd_pairing cp;
733 struct hci_conn *hcon = conn->hcon;
734 struct smp_chan *smp;
735
736 BT_DBG("conn %p", conn);
737
738 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
739
740 if (smp_ltk_encrypt(conn))
741 return 0;
742
743 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
744 return 0;
745
746 smp = smp_chan_create(conn);
747
748 skb_pull(skb, sizeof(*rp));
749
750 memset(&cp, 0, sizeof(cp));
751 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
752
753 smp->preq[0] = SMP_CMD_PAIRING_REQ;
754 memcpy(&smp->preq[1], &cp, sizeof(cp));
755
756 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
757
758 return 0;
759}
760
761int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
762{
763 struct l2cap_conn *conn = hcon->l2cap_data;
764 struct smp_chan *smp = conn->smp_chan;
765 __u8 authreq;
766
767 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
768
769 if (!lmp_host_le_capable(hcon->hdev))
770 return 1;
771
772 if (sec_level == BT_SECURITY_LOW)
773 return 1;
774
775 if (hcon->sec_level >= sec_level)
776 return 1;
777
778 if (hcon->link_mode & HCI_LM_MASTER)
779 if (smp_ltk_encrypt(conn))
780 goto done;
781
782 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
783 return 0;
784
785 smp = smp_chan_create(conn);
786 if (!smp)
787 return 1;
788
789 authreq = seclevel_to_authreq(sec_level);
790
791 if (hcon->link_mode & HCI_LM_MASTER) {
792 struct smp_cmd_pairing cp;
793
794 build_pairing_cmd(conn, &cp, NULL, authreq);
795 smp->preq[0] = SMP_CMD_PAIRING_REQ;
796 memcpy(&smp->preq[1], &cp, sizeof(cp));
797
798 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
799 } else {
800 struct smp_cmd_security_req cp;
801 cp.auth_req = authreq;
802 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
803 }
804
805done:
806 hcon->pending_sec_level = sec_level;
807
808 return 0;
809}
810
811static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
812{
813 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
814 struct smp_chan *smp = conn->smp_chan;
815
816 skb_pull(skb, sizeof(*rp));
817
818 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
819
820 return 0;
821}
822
823static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
824{
825 struct smp_cmd_master_ident *rp = (void *) skb->data;
826 struct smp_chan *smp = conn->smp_chan;
827 struct hci_dev *hdev = conn->hcon->hdev;
828 struct hci_conn *hcon = conn->hcon;
829 u8 authenticated;
830
831 skb_pull(skb, sizeof(*rp));
832
833 hci_dev_lock(hdev);
834 authenticated = (conn->hcon->sec_level == BT_SECURITY_HIGH);
835 hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
836 HCI_SMP_LTK, 1, authenticated, smp->tk, smp->enc_key_size,
837 rp->ediv, rp->rand);
838 smp_distribute_keys(conn, 1);
839 hci_dev_unlock(hdev);
840
841 return 0;
842}
843
844int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
845{
846 __u8 code = skb->data[0];
847 __u8 reason;
848 int err = 0;
849
850 if (!lmp_host_le_capable(conn->hcon->hdev)) {
851 err = -ENOTSUPP;
852 reason = SMP_PAIRING_NOTSUPP;
853 goto done;
854 }
855
856 skb_pull(skb, sizeof(code));
857
858 /*
859 * The SMP context must be initialized for all other PDUs except
860 * pairing and security requests. If we get any other PDU when
861 * not initialized simply disconnect (done if this function
862 * returns an error).
863 */
864 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
865 !conn->smp_chan) {
866 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
867 kfree_skb(skb);
868 return -ENOTSUPP;
869 }
870
871 switch (code) {
872 case SMP_CMD_PAIRING_REQ:
873 reason = smp_cmd_pairing_req(conn, skb);
874 break;
875
876 case SMP_CMD_PAIRING_FAIL:
877 smp_failure(conn, skb->data[0], 0);
878 reason = 0;
879 err = -EPERM;
880 break;
881
882 case SMP_CMD_PAIRING_RSP:
883 reason = smp_cmd_pairing_rsp(conn, skb);
884 break;
885
886 case SMP_CMD_SECURITY_REQ:
887 reason = smp_cmd_security_req(conn, skb);
888 break;
889
890 case SMP_CMD_PAIRING_CONFIRM:
891 reason = smp_cmd_pairing_confirm(conn, skb);
892 break;
893
894 case SMP_CMD_PAIRING_RANDOM:
895 reason = smp_cmd_pairing_random(conn, skb);
896 break;
897
898 case SMP_CMD_ENCRYPT_INFO:
899 reason = smp_cmd_encrypt_info(conn, skb);
900 break;
901
902 case SMP_CMD_MASTER_IDENT:
903 reason = smp_cmd_master_ident(conn, skb);
904 break;
905
906 case SMP_CMD_IDENT_INFO:
907 case SMP_CMD_IDENT_ADDR_INFO:
908 case SMP_CMD_SIGN_INFO:
909 /* Just ignored */
910 reason = 0;
911 break;
912
913 default:
914 BT_DBG("Unknown command code 0x%2.2x", code);
915
916 reason = SMP_CMD_NOTSUPP;
917 err = -EOPNOTSUPP;
918 goto done;
919 }
920
921done:
922 if (reason)
923 smp_failure(conn, reason, 1);
924
925 kfree_skb(skb);
926 return err;
927}
928
929int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
930{
931 struct smp_cmd_pairing *req, *rsp;
932 struct smp_chan *smp = conn->smp_chan;
933 __u8 *keydist;
934
935 BT_DBG("conn %p force %d", conn, force);
936
937 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
938 return 0;
939
940 rsp = (void *) &smp->prsp[1];
941
942 /* The responder sends its keys first */
943 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
944 return 0;
945
946 req = (void *) &smp->preq[1];
947
948 if (conn->hcon->out) {
949 keydist = &rsp->init_key_dist;
950 *keydist &= req->init_key_dist;
951 } else {
952 keydist = &rsp->resp_key_dist;
953 *keydist &= req->resp_key_dist;
954 }
955
956
957 BT_DBG("keydist 0x%x", *keydist);
958
959 if (*keydist & SMP_DIST_ENC_KEY) {
960 struct smp_cmd_encrypt_info enc;
961 struct smp_cmd_master_ident ident;
962 struct hci_conn *hcon = conn->hcon;
963 u8 authenticated;
964 __le16 ediv;
965
966 get_random_bytes(enc.ltk, sizeof(enc.ltk));
967 get_random_bytes(&ediv, sizeof(ediv));
968 get_random_bytes(ident.rand, sizeof(ident.rand));
969
970 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
971
972 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
973 hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
974 HCI_SMP_LTK_SLAVE, 1, authenticated,
975 enc.ltk, smp->enc_key_size, ediv, ident.rand);
976
977 ident.ediv = cpu_to_le16(ediv);
978
979 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
980
981 *keydist &= ~SMP_DIST_ENC_KEY;
982 }
983
984 if (*keydist & SMP_DIST_ID_KEY) {
985 struct smp_cmd_ident_addr_info addrinfo;
986 struct smp_cmd_ident_info idinfo;
987
988 /* Send a dummy key */
989 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
990
991 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
992
993 /* Just public address */
994 memset(&addrinfo, 0, sizeof(addrinfo));
995 bacpy(&addrinfo.bdaddr, conn->src);
996
997 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
998 &addrinfo);
999
1000 *keydist &= ~SMP_DIST_ID_KEY;
1001 }
1002
1003 if (*keydist & SMP_DIST_SIGN) {
1004 struct smp_cmd_sign_info sign;
1005
1006 /* Send a dummy key */
1007 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1008
1009 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1010
1011 *keydist &= ~SMP_DIST_SIGN;
1012 }
1013
1014 if (conn->hcon->out || force) {
1015 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1016 cancel_delayed_work_sync(&conn->security_timer);
1017 smp_chan_destroy(conn);
1018 }
1019
1020 return 0;
1021}