Gitiles
Code Review Sign In
review.shift-gmbh.com / SHIFTPHONES / kernel / shift / mainline / d3e54a876e35120b3355e22d78861e73a6acab6f / . / net / bluetooth / smp.c
blob: 9a4ce458147564a3dd7d7342d3b77fda8b3d213a [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -0300[diff] [blame]23#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]27#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]30#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -0700[diff] [blame]31
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]32#include "ecc.h"
Marcel Holtmannac4b7232013-10-10 14:54:16 -0700[diff] [blame]33#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]34
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]35#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]36
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]37/* Keys which are not distributed with Secure Connections */
38#define SMP_SC_NO_DIST (SMP_DIST_ENC_KEY | SMP_DIST_LINK_KEY);
39
Marcel Holtmann17b02e62012-03-01 14:32:37 -0800[diff] [blame]40#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -0300[diff] [blame]41
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]42#define AUTH_REQ_MASK(dev) (test_bit(HCI_SC_ENABLED, &(dev)->dev_flags) ? \
43 0x1f : 0x07)
44#define KEY_DIST_MASK 0x07
Johan Hedberg065a13e2012-10-11 16:26:06 +0200[diff] [blame]45
Johan Hedbergcbbbe3e2014-06-06 11:30:08 +0300[diff] [blame]46/* Maximum message length that can be passed to aes_cmac */
47#define CMAC_MSG_MAX 80
48
Johan Hedberg533e35d2014-06-16 19:25:18 +0300[diff] [blame]49enum {
50 SMP_FLAG_TK_VALID,
51 SMP_FLAG_CFM_PENDING,
52 SMP_FLAG_MITM_AUTH,
53 SMP_FLAG_COMPLETE,
54 SMP_FLAG_INITIATOR,
Johan Hedberg65668772014-05-16 11:03:34 +0300[diff] [blame]55 SMP_FLAG_SC,
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]56 SMP_FLAG_REMOTE_PK,
Johan Hedbergaeb7d462014-05-31 18:52:28 +0300[diff] [blame]57 SMP_FLAG_DEBUG_KEY,
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]58 SMP_FLAG_WAIT_USER,
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]59 SMP_FLAG_DHKEY_PENDING,
Johan Hedberg533e35d2014-06-16 19:25:18 +0300[diff] [blame]60};
Johan Hedberg4bc58f52014-05-20 09:45:47 +0300[diff] [blame]61
62struct smp_chan {
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]63 struct l2cap_conn *conn;
64 struct delayed_work security_timer;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]65 unsigned long allow_cmd; /* Bitmask of allowed commands */
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]66
Johan Hedberg4bc58f52014-05-20 09:45:47 +0300[diff] [blame]67 u8 preq[7]; /* SMP Pairing Request */
68 u8 prsp[7]; /* SMP Pairing Response */
69 u8 prnd[16]; /* SMP Pairing Random (local) */
70 u8 rrnd[16]; /* SMP Pairing Random (remote) */
71 u8 pcnf[16]; /* SMP Pairing Confirm */
72 u8 tk[16]; /* SMP Temporary Key */
73 u8 enc_key_size;
74 u8 remote_key_dist;
75 bdaddr_t id_addr;
76 u8 id_addr_type;
77 u8 irk[16];
78 struct smp_csrk *csrk;
79 struct smp_csrk *slave_csrk;
80 struct smp_ltk *ltk;
81 struct smp_ltk *slave_ltk;
82 struct smp_irk *remote_irk;
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]83 u8 *link_key;
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]84 unsigned long flags;
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]85 u8 method;
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]86 u8 passkey_round;
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300[diff] [blame]87
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]88 /* Secure Connections variables */
89 u8 local_pk[64];
90 u8 local_sk[32];
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]91 u8 remote_pk[64];
92 u8 dhkey[32];
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]93 u8 mackey[16];
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]94
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300[diff] [blame]95 struct crypto_blkcipher *tfm_aes;
Johan Hedberg407cecf2014-05-02 14:19:47 +0300[diff] [blame]96 struct crypto_hash *tfm_cmac;
Johan Hedberg4bc58f52014-05-20 09:45:47 +0300[diff] [blame]97};
98
Johan Hedbergaeb7d462014-05-31 18:52:28 +0300[diff] [blame]99/* These debug key values are defined in the SMP section of the core
100 * specification. debug_pk is the public debug key and debug_sk the
101 * private debug key.
102 */
103static const u8 debug_pk[64] = {
104 0xe6, 0x9d, 0x35, 0x0e, 0x48, 0x01, 0x03, 0xcc,
105 0xdb, 0xfd, 0xf4, 0xac, 0x11, 0x91, 0xf4, 0xef,
106 0xb9, 0xa5, 0xf9, 0xe9, 0xa7, 0x83, 0x2c, 0x5e,
107 0x2c, 0xbe, 0x97, 0xf2, 0xd2, 0x03, 0xb0, 0x20,
108
109 0x8b, 0xd2, 0x89, 0x15, 0xd0, 0x8e, 0x1c, 0x74,
110 0x24, 0x30, 0xed, 0x8f, 0xc2, 0x45, 0x63, 0x76,
111 0x5c, 0x15, 0x52, 0x5a, 0xbf, 0x9a, 0x32, 0x63,
112 0x6d, 0xeb, 0x2a, 0x65, 0x49, 0x9c, 0x80, 0xdc,
113};
114
115static const u8 debug_sk[32] = {
116 0xbd, 0x1a, 0x3c, 0xcd, 0xa6, 0xb8, 0x99, 0x58,
117 0x99, 0xb7, 0x40, 0xeb, 0x7b, 0x60, 0xff, 0x4a,
118 0x50, 0x3f, 0x10, 0xd2, 0xe3, 0xb3, 0xc9, 0x74,
119 0x38, 0x5f, 0xc5, 0xa3, 0xd4, 0xf6, 0x49, 0x3f,
120};
121
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]122static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]123{
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]124 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]125
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]126 for (i = 0; i < len; i++)
127 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]128}
129
Johan Hedbergcbbbe3e2014-06-06 11:30:08 +0300[diff] [blame]130static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m,
131 size_t len, u8 mac[16])
132{
133 uint8_t tmp[16], mac_msb[16], msg_msb[CMAC_MSG_MAX];
134 struct hash_desc desc;
135 struct scatterlist sg;
136 int err;
137
138 if (len > CMAC_MSG_MAX)
139 return -EFBIG;
140
141 if (!tfm) {
142 BT_ERR("tfm %p", tfm);
143 return -EINVAL;
144 }
145
146 desc.tfm = tfm;
147 desc.flags = 0;
148
149 crypto_hash_init(&desc);
150
151 /* Swap key and message from LSB to MSB */
152 swap_buf(k, tmp, 16);
153 swap_buf(m, msg_msb, len);
154
155 BT_DBG("msg (len %zu) %*phN", len, (int) len, m);
156 BT_DBG("key %16phN", k);
157
158 err = crypto_hash_setkey(tfm, tmp, 16);
159 if (err) {
160 BT_ERR("cipher setkey failed: %d", err);
161 return err;
162 }
163
164 sg_init_one(&sg, msg_msb, len);
165
166 err = crypto_hash_update(&desc, &sg, len);
167 if (err) {
168 BT_ERR("Hash update error %d", err);
169 return err;
170 }
171
172 err = crypto_hash_final(&desc, mac_msb);
173 if (err) {
174 BT_ERR("Hash final error %d", err);
175 return err;
176 }
177
178 swap_buf(mac_msb, mac, 16);
179
180 BT_DBG("mac %16phN", mac);
181
182 return 0;
183}
184
185static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
186 const u8 x[16], u8 z, u8 res[16])
187{
188 u8 m[65];
189 int err;
190
191 BT_DBG("u %32phN", u);
192 BT_DBG("v %32phN", v);
193 BT_DBG("x %16phN z %02x", x, z);
194
195 m[0] = z;
196 memcpy(m + 1, v, 32);
197 memcpy(m + 33, u, 32);
198
199 err = aes_cmac(tfm_cmac, x, m, sizeof(m), res);
200 if (err)
201 return err;
202
203 BT_DBG("res %16phN", res);
204
205 return err;
206}
207
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]208static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16],
209 u8 a1[7], u8 a2[7], u8 mackey[16], u8 ltk[16])
210{
211 /* The btle, salt and length "magic" values are as defined in
212 * the SMP section of the Bluetooth core specification. In ASCII
213 * the btle value ends up being 'btle'. The salt is just a
214 * random number whereas length is the value 256 in little
215 * endian format.
216 */
217 const u8 btle[4] = { 0x65, 0x6c, 0x74, 0x62 };
218 const u8 salt[16] = { 0xbe, 0x83, 0x60, 0x5a, 0xdb, 0x0b, 0x37, 0x60,
219 0x38, 0xa5, 0xf5, 0xaa, 0x91, 0x83, 0x88, 0x6c };
220 const u8 length[2] = { 0x00, 0x01 };
221 u8 m[53], t[16];
222 int err;
223
224 BT_DBG("w %32phN", w);
225 BT_DBG("n1 %16phN n2 %16phN", n1, n2);
226 BT_DBG("a1 %7phN a2 %7phN", a1, a2);
227
228 err = aes_cmac(tfm_cmac, salt, w, 32, t);
229 if (err)
230 return err;
231
232 BT_DBG("t %16phN", t);
233
234 memcpy(m, length, 2);
235 memcpy(m + 2, a2, 7);
236 memcpy(m + 9, a1, 7);
237 memcpy(m + 16, n2, 16);
238 memcpy(m + 32, n1, 16);
239 memcpy(m + 48, btle, 4);
240
241 m[52] = 0; /* Counter */
242
243 err = aes_cmac(tfm_cmac, t, m, sizeof(m), mackey);
244 if (err)
245 return err;
246
247 BT_DBG("mackey %16phN", mackey);
248
249 m[52] = 1; /* Counter */
250
251 err = aes_cmac(tfm_cmac, t, m, sizeof(m), ltk);
252 if (err)
253 return err;
254
255 BT_DBG("ltk %16phN", ltk);
256
257 return 0;
258}
259
260static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16],
261 const u8 n1[16], u8 n2[16], const u8 r[16],
262 const u8 io_cap[3], const u8 a1[7], const u8 a2[7],
263 u8 res[16])
264{
265 u8 m[65];
266 int err;
267
268 BT_DBG("w %16phN", w);
269 BT_DBG("n1 %16phN n2 %16phN", n1, n2);
270 BT_DBG("r %16phN io_cap %3phN a1 %7phN a2 %7phN", r, io_cap, a1, a2);
271
272 memcpy(m, a2, 7);
273 memcpy(m + 7, a1, 7);
274 memcpy(m + 14, io_cap, 3);
275 memcpy(m + 17, r, 16);
276 memcpy(m + 33, n2, 16);
277 memcpy(m + 49, n1, 16);
278
279 err = aes_cmac(tfm_cmac, w, m, sizeof(m), res);
280 if (err)
281 return err;
282
283 BT_DBG("res %16phN", res);
284
285 return err;
286}
287
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]288static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
289 const u8 x[16], const u8 y[16], u32 *val)
290{
291 u8 m[80], tmp[16];
292 int err;
293
294 BT_DBG("u %32phN", u);
295 BT_DBG("v %32phN", v);
296 BT_DBG("x %16phN y %16phN", x, y);
297
298 memcpy(m, y, 16);
299 memcpy(m + 16, v, 32);
300 memcpy(m + 48, u, 32);
301
302 err = aes_cmac(tfm_cmac, x, m, sizeof(m), tmp);
303 if (err)
304 return err;
305
306 *val = get_unaligned_le32(tmp);
307 *val %= 1000000;
308
309 BT_DBG("val %06u", *val);
310
311 return 0;
312}
313
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]314static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
315{
316 struct blkcipher_desc desc;
317 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]318 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +0200[diff] [blame]319 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]320
321 if (tfm == NULL) {
322 BT_ERR("tfm %p", tfm);
323 return -EINVAL;
324 }
325
326 desc.tfm = tfm;
327 desc.flags = 0;
328
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]329 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]330 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]331
332 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]333 if (err) {
334 BT_ERR("cipher setkey failed: %d", err);
335 return err;
336 }
337
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]338 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]339 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]340
341 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]342
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]343 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
344 if (err)
345 BT_ERR("Encrypt data error %d", err);
346
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]347 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300[diff] [blame]348 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]349
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]350 return err;
351}
352
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]353static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16],
354 const u8 key_id[4], u8 res[16])
355{
356 int err;
357
358 BT_DBG("w %16phN key_id %4phN", w, key_id);
359
360 err = aes_cmac(tfm_cmac, w, key_id, 4, res);
361 if (err)
362 return err;
363
364 BT_DBG("res %16phN", res);
365
366 return err;
367}
368
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]369static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
370{
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]371 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]372 int err;
373
374 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]375 memcpy(_res, r, 3);
376 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]377
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]378 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]379 if (err) {
380 BT_ERR("Encrypt error");
381 return err;
382 }
383
384 /* The output of the random address function ah is:
385 * ah(h, r) = e(k, r') mod 2^24
386 * The output of the security function e is then truncated to 24 bits
387 * by taking the least significant 24 bits of the output of e as the
388 * result of ah.
389 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]390 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]391
392 return 0;
393}
394
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]395bool smp_irk_matches(struct hci_dev *hdev, u8 irk[16], bdaddr_t *bdaddr)
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]396{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]397 struct l2cap_chan *chan = hdev->smp_data;
398 struct crypto_blkcipher *tfm;
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]399 u8 hash[3];
400 int err;
401
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]402 if (!chan || !chan->data)
403 return false;
404
405 tfm = chan->data;
406
Johan Hedberg60478052014-02-18 10:19:31 +0200[diff] [blame]407 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
408
409 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
410 if (err)
411 return false;
412
413 return !memcmp(bdaddr->b, hash, 3);
414}
415
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]416int smp_generate_rpa(struct hci_dev *hdev, u8 irk[16], bdaddr_t *rpa)
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200[diff] [blame]417{
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]418 struct l2cap_chan *chan = hdev->smp_data;
419 struct crypto_blkcipher *tfm;
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200[diff] [blame]420 int err;
421
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]422 if (!chan || !chan->data)
423 return -EOPNOTSUPP;
424
425 tfm = chan->data;
426
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200[diff] [blame]427 get_random_bytes(&rpa->b[3], 3);
428
429 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
430 rpa->b[5] |= 0x40; /* Set second most significant bit */
431
432 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
433 if (err < 0)
434 return err;
435
436 BT_DBG("RPA %pMR", rpa);
437
438 return 0;
439}
440
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]441static int smp_c1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r[16],
442 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, u8 _rat,
443 bdaddr_t *ra, u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]444{
445 u8 p1[16], p2[16];
446 int err;
447
448 memset(p1, 0, 16);
449
450 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]451 p1[0] = _iat;
452 p1[1] = _rat;
453 memcpy(p1 + 2, preq, 7);
454 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]455
456 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]457 memcpy(p2, ra, 6);
458 memcpy(p2 + 6, ia, 6);
459 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]460
461 /* res = r XOR p1 */
462 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
463
464 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]465 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]466 if (err) {
467 BT_ERR("Encrypt data error");
468 return err;
469 }
470
471 /* res = res XOR p2 */
472 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
473
474 /* res = e(k, res) */
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]475 err = smp_e(tfm_aes, k, res);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]476 if (err)
477 BT_ERR("Encrypt data error");
478
479 return err;
480}
481
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]482static int smp_s1(struct crypto_blkcipher *tfm_aes, u8 k[16], u8 r1[16],
483 u8 r2[16], u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]484{
485 int err;
486
487 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]488 memcpy(_r, r2, 8);
489 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]490
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]491 err = smp_e(tfm_aes, k, _r);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300[diff] [blame]492 if (err)
493 BT_ERR("Encrypt data error");
494
495 return err;
496}
497
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]498static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
499{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]500 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]501 struct smp_chan *smp;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]502 struct kvec iv[2];
503 struct msghdr msg;
504
505 if (!chan)
506 return;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]507
508 BT_DBG("code 0x%2.2x", code);
509
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]510 iv[0].iov_base = &code;
511 iv[0].iov_len = 1;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]512
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]513 iv[1].iov_base = data;
514 iv[1].iov_len = len;
515
516 memset(&msg, 0, sizeof(msg));
517
518 msg.msg_iov = (struct iovec *) &iv;
519 msg.msg_iovlen = 2;
520
521 l2cap_chan_send(chan, &msg, 1 + len);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300[diff] [blame]522
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]523 if (!chan->data)
524 return;
525
526 smp = chan->data;
527
528 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg1b0921d2014-09-05 22:19:48 +0300[diff] [blame]529 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]530}
531
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]532static u8 authreq_to_seclevel(u8 authreq)
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]533{
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]534 if (authreq & SMP_AUTH_MITM) {
535 if (authreq & SMP_AUTH_SC)
536 return BT_SECURITY_FIPS;
537 else
538 return BT_SECURITY_HIGH;
539 } else {
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]540 return BT_SECURITY_MEDIUM;
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]541 }
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]542}
543
544static __u8 seclevel_to_authreq(__u8 sec_level)
545{
546 switch (sec_level) {
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]547 case BT_SECURITY_FIPS:
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]548 case BT_SECURITY_HIGH:
549 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
550 case BT_SECURITY_MEDIUM:
551 return SMP_AUTH_BONDING;
552 default:
553 return SMP_AUTH_NONE;
554 }
555}
556
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300[diff] [blame]557static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]558 struct smp_cmd_pairing *req,
559 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300[diff] [blame]560{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]561 struct l2cap_chan *chan = conn->smp;
562 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]563 struct hci_conn *hcon = conn->hcon;
564 struct hci_dev *hdev = hcon->hdev;
565 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300[diff] [blame]566
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300[diff] [blame]567 if (test_bit(HCI_BONDABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]568 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
569 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300[diff] [blame]570 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]571 } else {
572 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300[diff] [blame]573 }
574
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]575 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
576 remote_dist |= SMP_DIST_ID_KEY;
577
Johan Hedberg863efaf2014-02-22 19:06:32 +0200[diff] [blame]578 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
579 local_dist |= SMP_DIST_ID_KEY;
580
Johan Hedbergdf8e1a42014-06-06 10:39:56 +0300[diff] [blame]581 if (test_bit(HCI_SC_ENABLED, &hdev->dev_flags)) {
582 if ((authreq & SMP_AUTH_SC) &&
583 test_bit(HCI_SSP_ENABLED, &hdev->dev_flags)) {
584 local_dist |= SMP_DIST_LINK_KEY;
585 remote_dist |= SMP_DIST_LINK_KEY;
586 }
587 } else {
588 authreq &= ~SMP_AUTH_SC;
589 }
590
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300[diff] [blame]591 if (rsp == NULL) {
592 req->io_capability = conn->hcon->io_capability;
593 req->oob_flag = SMP_OOB_NOT_PRESENT;
594 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]595 req->init_key_dist = local_dist;
596 req->resp_key_dist = remote_dist;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]597 req->auth_req = (authreq & AUTH_REQ_MASK(hdev));
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]598
599 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300[diff] [blame]600 return;
601 }
602
603 rsp->io_capability = conn->hcon->io_capability;
604 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
605 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]606 rsp->init_key_dist = req->init_key_dist & remote_dist;
607 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]608 rsp->auth_req = (authreq & AUTH_REQ_MASK(hdev));
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]609
610 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300[diff] [blame]611}
612
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]613static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
614{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]615 struct l2cap_chan *chan = conn->smp;
616 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]617
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]618 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]619 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]620 return SMP_ENC_KEY_SIZE;
621
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300[diff] [blame]622 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]623
624 return 0;
625}
626
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]627static void smp_chan_destroy(struct l2cap_conn *conn)
628{
629 struct l2cap_chan *chan = conn->smp;
630 struct smp_chan *smp = chan->data;
631 bool complete;
632
633 BUG_ON(!smp);
634
635 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]636
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]637 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
638 mgmt_smp_complete(conn->hcon, complete);
639
640 kfree(smp->csrk);
641 kfree(smp->slave_csrk);
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]642 kfree(smp->link_key);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]643
644 crypto_free_blkcipher(smp->tfm_aes);
Johan Hedberg407cecf2014-05-02 14:19:47 +0300[diff] [blame]645 crypto_free_hash(smp->tfm_cmac);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]646
647 /* If pairing failed clean up any keys we might have */
648 if (!complete) {
649 if (smp->ltk) {
Johan Hedberg970d0f12014-11-13 14:37:47 +0200[diff] [blame]650 list_del_rcu(&smp->ltk->list);
651 kfree_rcu(smp->ltk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]652 }
653
654 if (smp->slave_ltk) {
Johan Hedberg970d0f12014-11-13 14:37:47 +0200[diff] [blame]655 list_del_rcu(&smp->slave_ltk->list);
656 kfree_rcu(smp->slave_ltk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]657 }
658
659 if (smp->remote_irk) {
Johan Hedbergadae20c2014-11-13 14:37:48 +0200[diff] [blame]660 list_del_rcu(&smp->remote_irk->list);
661 kfree_rcu(smp->remote_irk, rcu);
Johan Hedberg6f48e262014-08-11 22:06:44 +0300[diff] [blame]662 }
663 }
664
665 chan->data = NULL;
666 kfree(smp);
667 hci_conn_drop(conn->hcon);
668}
669
Johan Hedberg84794e12013-11-06 11:24:57 +0200[diff] [blame]670static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800[diff] [blame]671{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200[diff] [blame]672 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]673 struct l2cap_chan *chan = conn->smp;
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200[diff] [blame]674
Johan Hedberg84794e12013-11-06 11:24:57 +0200[diff] [blame]675 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800[diff] [blame]676 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]677 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800[diff] [blame]678
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700[diff] [blame]679 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
Johan Hedberge1e930f2014-09-08 17:09:49 -0700[diff] [blame]680 mgmt_auth_failed(hcon, HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300[diff] [blame]681
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]682 if (chan->data)
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300[diff] [blame]683 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800[diff] [blame]684}
685
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]686#define JUST_WORKS 0x00
687#define JUST_CFM 0x01
688#define REQ_PASSKEY 0x02
689#define CFM_PASSKEY 0x03
690#define REQ_OOB 0x04
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]691#define DSP_PASSKEY 0x05
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]692#define OVERLAP 0xFF
693
694static const u8 gen_method[5][5] = {
695 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
696 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
697 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
698 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
699 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
700};
701
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]702static const u8 sc_method[5][5] = {
703 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
704 { JUST_WORKS, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
705 { DSP_PASSKEY, DSP_PASSKEY, REQ_PASSKEY, JUST_WORKS, DSP_PASSKEY },
706 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
707 { DSP_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
708};
709
Johan Hedberg581370c2014-06-17 13:07:38 +0300[diff] [blame]710static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
711{
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300[diff] [blame]712 /* If either side has unknown io_caps, use JUST_CFM (which gets
713 * converted later to JUST_WORKS if we're initiators.
714 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300[diff] [blame]715 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
716 remote_io > SMP_IO_KEYBOARD_DISPLAY)
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300[diff] [blame]717 return JUST_CFM;
Johan Hedberg581370c2014-06-17 13:07:38 +0300[diff] [blame]718
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]719 if (test_bit(SMP_FLAG_SC, &smp->flags))
720 return sc_method[remote_io][local_io];
721
Johan Hedberg581370c2014-06-17 13:07:38 +0300[diff] [blame]722 return gen_method[remote_io][local_io];
723}
724
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]725static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
726 u8 local_io, u8 remote_io)
727{
728 struct hci_conn *hcon = conn->hcon;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]729 struct l2cap_chan *chan = conn->smp;
730 struct smp_chan *smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]731 u32 passkey = 0;
732 int ret = 0;
733
734 /* Initialize key for JUST WORKS */
735 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]736 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]737
738 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
739
Johan Hedberg2bcd4002014-07-09 19:18:09 +0300[diff] [blame]740 /* If neither side wants MITM, either "just" confirm an incoming
741 * request or use just-works for outgoing ones. The JUST_CFM
742 * will be converted to JUST_WORKS if necessary later in this
743 * function. If either side has MITM look up the method from the
744 * table.
745 */
Johan Hedberg581370c2014-06-17 13:07:38 +0300[diff] [blame]746 if (!(auth & SMP_AUTH_MITM))
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]747 smp->method = JUST_CFM;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]748 else
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]749 smp->method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]750
Johan Hedberga82505c2014-03-24 14:39:07 +0200[diff] [blame]751 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]752 if (smp->method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR,
753 &smp->flags))
754 smp->method = JUST_WORKS;
Johan Hedberga82505c2014-03-24 14:39:07 +0200[diff] [blame]755
Johan Hedberg02f3e252014-07-16 15:09:13 +0300[diff] [blame]756 /* Don't bother user space with no IO capabilities */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]757 if (smp->method == JUST_CFM &&
758 hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
759 smp->method = JUST_WORKS;
Johan Hedberg02f3e252014-07-16 15:09:13 +0300[diff] [blame]760
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]761 /* If Just Works, Continue with Zero TK */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]762 if (smp->method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]763 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]764 return 0;
765 }
766
767 /* Not Just Works/Confirm results in MITM Authentication */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]768 if (smp->method != JUST_CFM) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]769 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Johan Hedberg5eb596f2014-09-18 11:26:32 +0300[diff] [blame]770 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
771 hcon->pending_sec_level = BT_SECURITY_HIGH;
772 }
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]773
774 /* If both devices have Keyoard-Display I/O, the master
775 * Confirms and the slave Enters the passkey.
776 */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]777 if (smp->method == OVERLAP) {
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]778 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]779 smp->method = CFM_PASSKEY;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]780 else
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]781 smp->method = REQ_PASSKEY;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]782 }
783
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200[diff] [blame]784 /* Generate random passkey. */
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]785 if (smp->method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]786 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]787 get_random_bytes(&passkey, sizeof(passkey));
788 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]789 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]790 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]791 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]792 }
793
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]794 if (smp->method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700[diff] [blame]795 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200[diff] [blame]796 hcon->type, hcon->dst_type);
Johan Hedberg783e0572014-05-31 18:48:26 +0300[diff] [blame]797 else if (smp->method == JUST_CFM)
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200[diff] [blame]798 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
799 hcon->type, hcon->dst_type,
800 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]801 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200[diff] [blame]802 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200[diff] [blame]803 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200[diff] [blame]804 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]805
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]806 return ret;
807}
808
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]809static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]810{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]811 struct l2cap_conn *conn = smp->conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]812 struct smp_cmd_pairing_confirm cp;
813 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]814
815 BT_DBG("conn %p", conn);
816
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]817 ret = smp_c1(smp->tfm_aes, smp->tk, smp->prnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200[diff] [blame]818 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]819 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
820 cp.confirm_val);
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]821 if (ret)
822 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]823
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]824 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]825
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]826 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
827
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]828 if (conn->hcon->out)
829 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
830 else
831 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
832
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]833 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]834}
835
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]836static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]837{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]838 struct l2cap_conn *conn = smp->conn;
839 struct hci_conn *hcon = conn->hcon;
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]840 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]841 int ret;
842
Johan Hedbergec70f362014-06-27 14:23:04 +0300[diff] [blame]843 if (IS_ERR_OR_NULL(smp->tfm_aes))
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]844 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]845
846 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
847
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]848 ret = smp_c1(smp->tfm_aes, smp->tk, smp->rrnd, smp->preq, smp->prsp,
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200[diff] [blame]849 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]850 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]851 if (ret)
852 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]853
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]854 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
855 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]856 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]857 }
858
859 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800[diff] [blame]860 u8 stk[16];
861 __le64 rand = 0;
862 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]863
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]864 smp_s1(smp->tfm_aes, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]865
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300[diff] [blame]866 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300[diff] [blame]867 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]868
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]869 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
870 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]871
872 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300[diff] [blame]873 hcon->enc_key_size = smp->enc_key_size;
Johan Hedbergfe59a052014-07-01 19:14:12 +0300[diff] [blame]874 set_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]875 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300[diff] [blame]876 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800[diff] [blame]877 __le64 rand = 0;
878 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]879
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]880 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
881 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]882
Johan Hedberge491eaf2014-10-25 21:15:37 +0200[diff] [blame]883 smp_s1(smp->tfm_aes, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]884
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300[diff] [blame]885 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]886 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]887
Johan Hedbergfff34902014-06-10 15:19:50 +0300[diff] [blame]888 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
889 auth = 1;
890 else
891 auth = 0;
892
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300[diff] [blame]893 /* Even though there's no _SLAVE suffix this is the
894 * slave STK we're adding for later lookup (the master
895 * STK never needs to be stored).
896 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700[diff] [blame]897 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300[diff] [blame]898 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]899 }
900
Johan Hedberg861580a2014-05-20 09:45:51 +0300[diff] [blame]901 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]902}
903
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]904static void smp_notify_keys(struct l2cap_conn *conn)
905{
906 struct l2cap_chan *chan = conn->smp;
907 struct smp_chan *smp = chan->data;
908 struct hci_conn *hcon = conn->hcon;
909 struct hci_dev *hdev = hcon->hdev;
910 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
911 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
912 bool persistent;
913
914 if (smp->remote_irk) {
915 mgmt_new_irk(hdev, smp->remote_irk);
916 /* Now that user space can be considered to know the
917 * identity address track the connection based on it
918 * from now on.
919 */
920 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
921 hcon->dst_type = smp->remote_irk->addr_type;
Johan Hedbergf3d82d02014-09-05 22:19:50 +0300[diff] [blame]922 queue_work(hdev->workqueue, &conn->id_addr_update_work);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]923
924 /* When receiving an indentity resolving key for
925 * a remote device that does not use a resolvable
926 * private address, just remove the key so that
927 * it is possible to use the controller white
928 * list for scanning.
929 *
930 * Userspace will have been told to not store
931 * this key at this point. So it is safe to
932 * just remove it.
933 */
934 if (!bacmp(&smp->remote_irk->rpa, BDADDR_ANY)) {
Johan Hedbergadae20c2014-11-13 14:37:48 +0200[diff] [blame]935 list_del_rcu(&smp->remote_irk->list);
936 kfree_rcu(smp->remote_irk, rcu);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]937 smp->remote_irk = NULL;
938 }
939 }
940
941 /* The LTKs and CSRKs should be persistent only if both sides
942 * had the bonding bit set in their authentication requests.
943 */
944 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
945
946 if (smp->csrk) {
947 smp->csrk->bdaddr_type = hcon->dst_type;
948 bacpy(&smp->csrk->bdaddr, &hcon->dst);
949 mgmt_new_csrk(hdev, smp->csrk, persistent);
950 }
951
952 if (smp->slave_csrk) {
953 smp->slave_csrk->bdaddr_type = hcon->dst_type;
954 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
955 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
956 }
957
958 if (smp->ltk) {
959 smp->ltk->bdaddr_type = hcon->dst_type;
960 bacpy(&smp->ltk->bdaddr, &hcon->dst);
961 mgmt_new_ltk(hdev, smp->ltk, persistent);
962 }
963
964 if (smp->slave_ltk) {
965 smp->slave_ltk->bdaddr_type = hcon->dst_type;
966 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
967 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
968 }
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]969
970 if (smp->link_key) {
Johan Hedberge3befab2014-06-01 16:33:39 +0300[diff] [blame]971 struct link_key *key;
972 u8 type;
973
974 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
975 type = HCI_LK_DEBUG_COMBINATION;
976 else if (hcon->sec_level == BT_SECURITY_FIPS)
977 type = HCI_LK_AUTH_COMBINATION_P256;
978 else
979 type = HCI_LK_UNAUTH_COMBINATION_P256;
980
981 key = hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
982 smp->link_key, type, 0, &persistent);
983 if (key) {
984 mgmt_new_link_key(hdev, key, persistent);
985
986 /* Don't keep debug keys around if the relevant
987 * flag is not set.
988 */
989 if (!test_bit(HCI_KEEP_DEBUG_KEYS, &hdev->dev_flags) &&
990 key->type == HCI_LK_DEBUG_COMBINATION) {
991 list_del_rcu(&key->list);
992 kfree_rcu(key, rcu);
993 }
994 }
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]995 }
996}
997
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]998static void sc_add_ltk(struct smp_chan *smp)
999{
1000 struct hci_conn *hcon = smp->conn->hcon;
1001 u8 key_type, auth;
1002
1003 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
1004 key_type = SMP_LTK_P256_DEBUG;
1005 else
1006 key_type = SMP_LTK_P256;
1007
1008 if (hcon->pending_sec_level == BT_SECURITY_FIPS)
1009 auth = 1;
1010 else
1011 auth = 0;
1012
1013 memset(smp->tk + smp->enc_key_size, 0,
1014 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
1015
1016 smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1017 key_type, auth, smp->tk, smp->enc_key_size,
1018 0, 0);
1019}
1020
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]1021static void sc_generate_link_key(struct smp_chan *smp)
1022{
1023 /* These constants are as specified in the core specification.
1024 * In ASCII they spell out to 'tmp1' and 'lebr'.
1025 */
1026 const u8 tmp1[4] = { 0x31, 0x70, 0x6d, 0x74 };
1027 const u8 lebr[4] = { 0x72, 0x62, 0x65, 0x6c };
1028
1029 smp->link_key = kzalloc(16, GFP_KERNEL);
1030 if (!smp->link_key)
1031 return;
1032
1033 if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
1034 kfree(smp->link_key);
1035 smp->link_key = NULL;
1036 return;
1037 }
1038
1039 if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
1040 kfree(smp->link_key);
1041 smp->link_key = NULL;
1042 return;
1043 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1044}
1045
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1046static void smp_allow_key_dist(struct smp_chan *smp)
1047{
1048 /* Allow the first expected phase 3 PDU. The rest of the PDUs
1049 * will be allowed in each PDU handler to ensure we receive
1050 * them in the correct order.
1051 */
1052 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
1053 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
1054 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1055 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1056 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1057 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1058}
1059
Johan Hedbergd6268e82014-09-05 22:19:51 +0300[diff] [blame]1060static void smp_distribute_keys(struct smp_chan *smp)
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1061{
1062 struct smp_cmd_pairing *req, *rsp;
Johan Hedberg86d14072014-08-11 22:06:43 +0300[diff] [blame]1063 struct l2cap_conn *conn = smp->conn;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1064 struct hci_conn *hcon = conn->hcon;
1065 struct hci_dev *hdev = hcon->hdev;
1066 __u8 *keydist;
1067
1068 BT_DBG("conn %p", conn);
1069
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1070 rsp = (void *) &smp->prsp[1];
1071
1072 /* The responder sends its keys first */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1073 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
1074 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300[diff] [blame]1075 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1076 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1077
1078 req = (void *) &smp->preq[1];
1079
1080 if (hcon->out) {
1081 keydist = &rsp->init_key_dist;
1082 *keydist &= req->init_key_dist;
1083 } else {
1084 keydist = &rsp->resp_key_dist;
1085 *keydist &= req->resp_key_dist;
1086 }
1087
Johan Hedberg6a770832014-06-06 11:54:04 +0300[diff] [blame]1088 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1089 if (*keydist & SMP_DIST_LINK_KEY)
1090 sc_generate_link_key(smp);
1091
1092 /* Clear the keys which are generated but not distributed */
1093 *keydist &= ~SMP_SC_NO_DIST;
1094 }
1095
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1096 BT_DBG("keydist 0x%x", *keydist);
1097
1098 if (*keydist & SMP_DIST_ENC_KEY) {
1099 struct smp_cmd_encrypt_info enc;
1100 struct smp_cmd_master_ident ident;
1101 struct smp_ltk *ltk;
1102 u8 authenticated;
1103 __le16 ediv;
1104 __le64 rand;
1105
1106 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1107 get_random_bytes(&ediv, sizeof(ediv));
1108 get_random_bytes(&rand, sizeof(rand));
1109
1110 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1111
1112 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1113 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1114 SMP_LTK_SLAVE, authenticated, enc.ltk,
1115 smp->enc_key_size, ediv, rand);
1116 smp->slave_ltk = ltk;
1117
1118 ident.ediv = ediv;
1119 ident.rand = rand;
1120
1121 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1122
1123 *keydist &= ~SMP_DIST_ENC_KEY;
1124 }
1125
1126 if (*keydist & SMP_DIST_ID_KEY) {
1127 struct smp_cmd_ident_addr_info addrinfo;
1128 struct smp_cmd_ident_info idinfo;
1129
1130 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1131
1132 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1133
1134 /* The hci_conn contains the local identity address
1135 * after the connection has been established.
1136 *
1137 * This is true even when the connection has been
1138 * established using a resolvable random address.
1139 */
1140 bacpy(&addrinfo.bdaddr, &hcon->src);
1141 addrinfo.addr_type = hcon->src_type;
1142
1143 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1144 &addrinfo);
1145
1146 *keydist &= ~SMP_DIST_ID_KEY;
1147 }
1148
1149 if (*keydist & SMP_DIST_SIGN) {
1150 struct smp_cmd_sign_info sign;
1151 struct smp_csrk *csrk;
1152
1153 /* Generate a new random key */
1154 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1155
1156 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1157 if (csrk) {
1158 csrk->master = 0x00;
1159 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1160 }
1161 smp->slave_csrk = csrk;
1162
1163 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1164
1165 *keydist &= ~SMP_DIST_SIGN;
1166 }
1167
1168 /* If there are still keys to be received wait for them */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1169 if (smp->remote_key_dist & KEY_DIST_MASK) {
1170 smp_allow_key_dist(smp);
Johan Hedberg86d14072014-08-11 22:06:43 +0300[diff] [blame]1171 return;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1172 }
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1173
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1174 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1175 smp_notify_keys(conn);
1176
1177 smp_chan_destroy(conn);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]1178}
1179
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]1180static void smp_timeout(struct work_struct *work)
1181{
1182 struct smp_chan *smp = container_of(work, struct smp_chan,
1183 security_timer.work);
1184 struct l2cap_conn *conn = smp->conn;
1185
1186 BT_DBG("conn %p", conn);
1187
Johan Hedberg1e91c292014-08-18 20:33:29 +0300[diff] [blame]1188 hci_disconnect(conn->hcon, HCI_ERROR_REMOTE_USER_TERM);
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]1189}
1190
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1191static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
1192{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1193 struct l2cap_chan *chan = conn->smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1194 struct smp_chan *smp;
1195
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]1196 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1197 if (!smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1198 return NULL;
1199
Johan Hedberg6a7bd102014-06-27 14:23:03 +0300[diff] [blame]1200 smp->tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
1201 if (IS_ERR(smp->tfm_aes)) {
1202 BT_ERR("Unable to create ECB crypto context");
1203 kfree(smp);
1204 return NULL;
1205 }
1206
Johan Hedberg407cecf2014-05-02 14:19:47 +0300[diff] [blame]1207 smp->tfm_cmac = crypto_alloc_hash("cmac(aes)", 0, CRYPTO_ALG_ASYNC);
1208 if (IS_ERR(smp->tfm_cmac)) {
1209 BT_ERR("Unable to create CMAC crypto context");
1210 crypto_free_blkcipher(smp->tfm_aes);
1211 kfree(smp);
1212 return NULL;
1213 }
1214
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1215 smp->conn = conn;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1216 chan->data = smp;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1217
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1218 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
1219
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]1220 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
1221
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1222 hci_conn_hold(conn->hcon);
1223
1224 return smp;
1225}
1226
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1227static int sc_mackey_and_ltk(struct smp_chan *smp, u8 mackey[16], u8 ltk[16])
1228{
1229 struct hci_conn *hcon = smp->conn->hcon;
1230 u8 *na, *nb, a[7], b[7];
1231
1232 if (hcon->out) {
1233 na = smp->prnd;
1234 nb = smp->rrnd;
1235 } else {
1236 na = smp->rrnd;
1237 nb = smp->prnd;
1238 }
1239
1240 memcpy(a, &hcon->init_addr, 6);
1241 memcpy(b, &hcon->resp_addr, 6);
1242 a[6] = hcon->init_addr_type;
1243 b[6] = hcon->resp_addr_type;
1244
1245 return smp_f5(smp->tfm_cmac, smp->dhkey, na, nb, a, b, mackey, ltk);
1246}
1247
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1248static void sc_dhkey_check(struct smp_chan *smp)
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1249{
1250 struct hci_conn *hcon = smp->conn->hcon;
1251 struct smp_cmd_dhkey_check check;
1252 u8 a[7], b[7], *local_addr, *remote_addr;
1253 u8 io_cap[3], r[16];
1254
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1255 memcpy(a, &hcon->init_addr, 6);
1256 memcpy(b, &hcon->resp_addr, 6);
1257 a[6] = hcon->init_addr_type;
1258 b[6] = hcon->resp_addr_type;
1259
1260 if (hcon->out) {
1261 local_addr = a;
1262 remote_addr = b;
1263 memcpy(io_cap, &smp->preq[1], 3);
1264 } else {
1265 local_addr = b;
1266 remote_addr = a;
1267 memcpy(io_cap, &smp->prsp[1], 3);
1268 }
1269
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1270 memset(r, 0, sizeof(r));
1271
1272 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1273 put_unaligned_le32(hcon->passkey_notify, r);
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1274
1275 smp_f6(smp->tfm_cmac, smp->mackey, smp->prnd, smp->rrnd, r, io_cap,
1276 local_addr, remote_addr, check.e);
1277
1278 smp_send_cmd(smp->conn, SMP_CMD_DHKEY_CHECK, sizeof(check), &check);
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1279}
1280
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1281static u8 sc_passkey_send_confirm(struct smp_chan *smp)
1282{
1283 struct l2cap_conn *conn = smp->conn;
1284 struct hci_conn *hcon = conn->hcon;
1285 struct smp_cmd_pairing_confirm cfm;
1286 u8 r;
1287
1288 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1289 r |= 0x80;
1290
1291 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1292
1293 if (smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd, r,
1294 cfm.confirm_val))
1295 return SMP_UNSPECIFIED;
1296
1297 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);
1298
1299 return 0;
1300}
1301
1302static u8 sc_passkey_round(struct smp_chan *smp, u8 smp_op)
1303{
1304 struct l2cap_conn *conn = smp->conn;
1305 struct hci_conn *hcon = conn->hcon;
1306 struct hci_dev *hdev = hcon->hdev;
1307 u8 cfm[16], r;
1308
1309 /* Ignore the PDU if we've already done 20 rounds (0 - 19) */
1310 if (smp->passkey_round >= 20)
1311 return 0;
1312
1313 switch (smp_op) {
1314 case SMP_CMD_PAIRING_RANDOM:
1315 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1316 r |= 0x80;
1317
1318 if (smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
1319 smp->rrnd, r, cfm))
1320 return SMP_UNSPECIFIED;
1321
1322 if (memcmp(smp->pcnf, cfm, 16))
1323 return SMP_CONFIRM_FAILED;
1324
1325 smp->passkey_round++;
1326
1327 if (smp->passkey_round == 20) {
1328 /* Generate MacKey and LTK */
1329 if (sc_mackey_and_ltk(smp, smp->mackey, smp->tk))
1330 return SMP_UNSPECIFIED;
1331 }
1332
1333 /* The round is only complete when the initiator
1334 * receives pairing random.
1335 */
1336 if (!hcon->out) {
1337 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
1338 sizeof(smp->prnd), smp->prnd);
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]1339 if (smp->passkey_round == 20)
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1340 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]1341 else
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1342 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1343 return 0;
1344 }
1345
1346 /* Start the next round */
1347 if (smp->passkey_round != 20)
1348 return sc_passkey_round(smp, 0);
1349
1350 /* Passkey rounds are complete - start DHKey Check */
1351 sc_dhkey_check(smp);
1352 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1353
1354 break;
1355
1356 case SMP_CMD_PAIRING_CONFIRM:
1357 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
1358 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1359 return 0;
1360 }
1361
1362 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1363
1364 if (hcon->out) {
1365 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
1366 sizeof(smp->prnd), smp->prnd);
1367 return 0;
1368 }
1369
1370 return sc_passkey_send_confirm(smp);
1371
1372 case SMP_CMD_PUBLIC_KEY:
1373 default:
1374 /* Initiating device starts the round */
1375 if (!hcon->out)
1376 return 0;
1377
1378 BT_DBG("%s Starting passkey round %u", hdev->name,
1379 smp->passkey_round + 1);
1380
1381 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1382
1383 return sc_passkey_send_confirm(smp);
1384 }
1385
1386 return 0;
1387}
1388
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1389static int sc_user_reply(struct smp_chan *smp, u16 mgmt_op, __le32 passkey)
1390{
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1391 struct l2cap_conn *conn = smp->conn;
1392 struct hci_conn *hcon = conn->hcon;
1393 u8 smp_op;
1394
1395 clear_bit(SMP_FLAG_WAIT_USER, &smp->flags);
1396
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1397 switch (mgmt_op) {
1398 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
1399 smp_failure(smp->conn, SMP_PASSKEY_ENTRY_FAILED);
1400 return 0;
1401 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
1402 smp_failure(smp->conn, SMP_NUMERIC_COMP_FAILED);
1403 return 0;
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1404 case MGMT_OP_USER_PASSKEY_REPLY:
1405 hcon->passkey_notify = le32_to_cpu(passkey);
1406 smp->passkey_round = 0;
1407
1408 if (test_and_clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags))
1409 smp_op = SMP_CMD_PAIRING_CONFIRM;
1410 else
1411 smp_op = 0;
1412
1413 if (sc_passkey_round(smp, smp_op))
1414 return -EIO;
1415
1416 return 0;
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1417 }
1418
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]1419 /* Initiator sends DHKey check first */
1420 if (hcon->out) {
1421 sc_dhkey_check(smp);
1422 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1423 } else if (test_and_clear_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags)) {
1424 sc_dhkey_check(smp);
1425 sc_add_ltk(smp);
1426 }
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1427
1428 return 0;
1429}
1430
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1431int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
1432{
Johan Hedbergb10e8012014-06-27 14:23:07 +0300[diff] [blame]1433 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1434 struct l2cap_chan *chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1435 struct smp_chan *smp;
1436 u32 value;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1437 int err;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1438
1439 BT_DBG("");
1440
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1441 if (!conn)
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1442 return -ENOTCONN;
1443
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1444 chan = conn->smp;
1445 if (!chan)
1446 return -ENOTCONN;
1447
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1448 l2cap_chan_lock(chan);
1449 if (!chan->data) {
1450 err = -ENOTCONN;
1451 goto unlock;
1452 }
1453
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1454 smp = chan->data;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1455
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1456 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1457 err = sc_user_reply(smp, mgmt_op, passkey);
1458 goto unlock;
1459 }
1460
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1461 switch (mgmt_op) {
1462 case MGMT_OP_USER_PASSKEY_REPLY:
1463 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]1464 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1465 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]1466 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1467 /* Fall Through */
1468 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]1469 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1470 break;
1471 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
1472 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200[diff] [blame]1473 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1474 err = 0;
1475 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1476 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200[diff] [blame]1477 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1478 err = -EOPNOTSUPP;
1479 goto unlock;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1480 }
1481
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1482 err = 0;
1483
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1484 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]1485 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
1486 u8 rsp = smp_confirm(smp);
1487 if (rsp)
1488 smp_failure(conn, rsp);
1489 }
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1490
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1491unlock:
1492 l2cap_chan_unlock(chan);
1493 return err;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1494}
1495
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1496static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1497{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1498 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1499 struct l2cap_chan *chan = conn->smp;
Johan Hedbergb3c64102014-07-10 11:02:07 +0300[diff] [blame]1500 struct hci_dev *hdev = conn->hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1501 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1502 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1503 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1504
1505 BT_DBG("conn %p", conn);
1506
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1507 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]1508 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1509
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]1510 if (conn->hcon->role != HCI_ROLE_SLAVE)
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1511 return SMP_CMD_NOTSUPP;
1512
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1513 if (!chan->data)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1514 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1515 else
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1516 smp = chan->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1517
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300[diff] [blame]1518 if (!smp)
1519 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1520
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1521 /* We didn't start the pairing, so match remote */
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]1522 auth = req->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1523
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300[diff] [blame]1524 if (!test_bit(HCI_BONDABLE, &hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1525 (auth & SMP_AUTH_BONDING))
Johan Hedbergb3c64102014-07-10 11:02:07 +0300[diff] [blame]1526 return SMP_PAIRING_NOTSUPP;
1527
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1528 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1529 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1530 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1531
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]1532 build_pairing_cmd(conn, req, &rsp, auth);
1533
1534 if (rsp.auth_req & SMP_AUTH_SC)
1535 set_bit(SMP_FLAG_SC, &smp->flags);
1536
Johan Hedberg5be5e272014-09-10 17:58:54 -0700[diff] [blame]1537 if (conn->hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -0700[diff] [blame]1538 sec_level = BT_SECURITY_MEDIUM;
1539 else
1540 sec_level = authreq_to_seclevel(auth);
1541
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1542 if (sec_level > conn->hcon->pending_sec_level)
1543 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200[diff] [blame]1544
Stephen Hemminger49c922b2014-10-27 21:12:20 -0700[diff] [blame]1545 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300[diff] [blame]1546 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1547 u8 method;
1548
1549 method = get_auth_method(smp, conn->hcon->io_capability,
1550 req->io_capability);
1551 if (method == JUST_WORKS || method == JUST_CFM)
1552 return SMP_AUTH_REQUIREMENTS;
1553 }
1554
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1555 key_size = min(req->max_key_size, rsp.max_key_size);
1556 if (check_enc_key_size(conn, key_size))
1557 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1558
Johan Hedberge84a6b12013-12-02 10:49:03 +0200[diff] [blame]1559 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1560
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1561 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1562 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300[diff] [blame]1563
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1564 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]1565
1566 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
1567
1568 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1569 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
1570 /* Clear bits which are generated but not distributed */
1571 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1572 /* Wait for Public Key from Initiating Device */
1573 return 0;
1574 } else {
1575 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1576 }
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1577
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1578 /* Request setup of TK */
1579 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
1580 if (ret)
1581 return SMP_UNSPECIFIED;
1582
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1583 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1584}
1585
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]1586static u8 sc_send_public_key(struct smp_chan *smp)
1587{
1588 BT_DBG("");
1589
Johan Hedberg6c0dcc52014-06-06 15:33:30 +0300[diff] [blame]1590 while (true) {
1591 /* Generate local key pair for Secure Connections */
1592 if (!ecc_make_key(smp->local_pk, smp->local_sk))
1593 return SMP_UNSPECIFIED;
1594
1595 /* This is unlikely, but we need to check that we didn't
1596 * accidentially generate a debug key.
1597 */
1598 if (memcmp(smp->local_sk, debug_sk, 32))
1599 break;
1600 }
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]1601
1602 BT_DBG("Local Public Key X: %32phN", smp->local_pk);
1603 BT_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]);
1604 BT_DBG("Local Private Key: %32phN", smp->local_sk);
1605
1606 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk);
1607
1608 return 0;
1609}
1610
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1611static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1612{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1613 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1614 struct l2cap_chan *chan = conn->smp;
1615 struct smp_chan *smp = chan->data;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]1616 struct hci_dev *hdev = conn->hcon->hdev;
Johan Hedberg3a7dbfb2014-09-10 17:37:41 -0700[diff] [blame]1617 u8 key_size, auth;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1618 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1619
1620 BT_DBG("conn %p", conn);
1621
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1622 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]1623 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1624
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]1625 if (conn->hcon->role != HCI_ROLE_MASTER)
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1626 return SMP_CMD_NOTSUPP;
1627
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1628 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1629
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1630 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300[diff] [blame]1631
1632 key_size = min(req->max_key_size, rsp->max_key_size);
1633 if (check_enc_key_size(conn, key_size))
1634 return SMP_ENC_KEY_SIZE;
1635
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]1636 auth = rsp->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1637
Johan Hedberg65668772014-05-16 11:03:34 +0300[diff] [blame]1638 if ((req->auth_req & SMP_AUTH_SC) && (auth & SMP_AUTH_SC))
1639 set_bit(SMP_FLAG_SC, &smp->flags);
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]1640 else if (conn->hcon->pending_sec_level > BT_SECURITY_HIGH)
1641 conn->hcon->pending_sec_level = BT_SECURITY_HIGH;
Johan Hedberg65668772014-05-16 11:03:34 +0300[diff] [blame]1642
Stephen Hemminger49c922b2014-10-27 21:12:20 -0700[diff] [blame]1643 /* If we need MITM check that it can be achieved */
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300[diff] [blame]1644 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
1645 u8 method;
1646
1647 method = get_auth_method(smp, req->io_capability,
1648 rsp->io_capability);
1649 if (method == JUST_WORKS || method == JUST_CFM)
1650 return SMP_AUTH_REQUIREMENTS;
1651 }
1652
Johan Hedberge84a6b12013-12-02 10:49:03 +0200[diff] [blame]1653 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1654
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1655 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1656 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1657
Johan Hedbergfdcc4be2014-03-14 10:53:50 +0200[diff] [blame]1658 /* Update remote key distribution in case the remote cleared
1659 * some bits that we had enabled in our request.
1660 */
1661 smp->remote_key_dist &= rsp->resp_key_dist;
1662
Johan Hedberg3b191462014-06-06 10:50:15 +0300[diff] [blame]1663 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1664 /* Clear bits which are generated but not distributed */
1665 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1666 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
1667 return sc_send_public_key(smp);
1668 }
1669
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1670 auth |= req->auth_req;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1671
Johan Hedberg476585e2012-06-06 18:54:15 +0800[diff] [blame]1672 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1673 if (ret)
1674 return SMP_UNSPECIFIED;
1675
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]1676 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1677
1678 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]1679 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]1680 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1681
1682 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1683}
1684
Johan Hedbergdcee2b32014-06-06 11:36:38 +0300[diff] [blame]1685static u8 sc_check_confirm(struct smp_chan *smp)
1686{
1687 struct l2cap_conn *conn = smp->conn;
1688
1689 BT_DBG("");
1690
1691 /* Public Key exchange must happen before any other steps */
1692 if (!test_bit(SMP_FLAG_REMOTE_PK, &smp->flags))
1693 return SMP_UNSPECIFIED;
1694
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1695 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
1696 return sc_passkey_round(smp, SMP_CMD_PAIRING_CONFIRM);
1697
Johan Hedbergdcee2b32014-06-06 11:36:38 +0300[diff] [blame]1698 if (conn->hcon->out) {
1699 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1700 smp->prnd);
1701 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1702 }
1703
1704 return 0;
1705}
1706
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1707static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1708{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1709 struct l2cap_chan *chan = conn->smp;
1710 struct smp_chan *smp = chan->data;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1711
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1712 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
1713
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1714 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]1715 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1716
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1717 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
1718 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1719
Johan Hedbergdcee2b32014-06-06 11:36:38 +0300[diff] [blame]1720 if (test_bit(SMP_FLAG_SC, &smp->flags))
1721 return sc_check_confirm(smp);
1722
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1723 if (conn->hcon->out) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]1724 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1725 smp->prnd);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1726 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1727 return 0;
1728 }
1729
1730 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +0300[diff] [blame]1731 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]1732 else
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]1733 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1734
1735 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1736}
1737
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1738static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1739{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1740 struct l2cap_chan *chan = conn->smp;
1741 struct smp_chan *smp = chan->data;
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]1742 struct hci_conn *hcon = conn->hcon;
1743 u8 *pkax, *pkbx, *na, *nb;
1744 u32 passkey;
1745 int err;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1746
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1747 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300[diff] [blame]1748
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1749 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]1750 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1751
Johan Hedberg943a7322014-03-18 12:58:24 +0200[diff] [blame]1752 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1753 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1754
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]1755 if (!test_bit(SMP_FLAG_SC, &smp->flags))
1756 return smp_random(smp);
1757
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1758 /* Passkey entry has special treatment */
1759 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
1760 return sc_passkey_round(smp, SMP_CMD_PAIRING_RANDOM);
1761
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]1762 if (hcon->out) {
1763 u8 cfm[16];
1764
1765 err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
1766 smp->rrnd, 0, cfm);
1767 if (err)
1768 return SMP_UNSPECIFIED;
1769
1770 if (memcmp(smp->pcnf, cfm, 16))
1771 return SMP_CONFIRM_FAILED;
1772
1773 pkax = smp->local_pk;
1774 pkbx = smp->remote_pk;
1775 na = smp->prnd;
1776 nb = smp->rrnd;
1777 } else {
1778 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1779 smp->prnd);
1780 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1781
1782 pkax = smp->remote_pk;
1783 pkbx = smp->local_pk;
1784 na = smp->rrnd;
1785 nb = smp->prnd;
1786 }
1787
Johan Hedberg760b0182014-06-06 11:44:05 +0300[diff] [blame]1788 /* Generate MacKey and LTK */
1789 err = sc_mackey_and_ltk(smp, smp->mackey, smp->tk);
1790 if (err)
1791 return SMP_UNSPECIFIED;
1792
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1793 if (smp->method == JUST_WORKS) {
1794 if (hcon->out) {
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1795 sc_dhkey_check(smp);
Johan Hedbergdddd3052014-06-01 15:38:09 +0300[diff] [blame]1796 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1797 }
1798 return 0;
1799 }
1800
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1801 err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]1802 if (err)
1803 return SMP_UNSPECIFIED;
1804
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]1805 err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, hcon->type,
1806 hcon->dst_type, passkey, 0);
1807 if (err)
1808 return SMP_UNSPECIFIED;
1809
1810 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
1811
Johan Hedberg191dc7fe22014-06-06 11:39:49 +0300[diff] [blame]1812 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1813}
1814
Marcel Holtmannf81cd822014-07-01 10:59:24 +0200[diff] [blame]1815static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1816{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300[diff] [blame]1817 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1818 struct hci_conn *hcon = conn->hcon;
1819
Johan Hedbergf3a73d92014-05-29 15:02:59 +0300[diff] [blame]1820 key = hci_find_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, hcon->role);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1821 if (!key)
Marcel Holtmannf81cd822014-07-01 10:59:24 +0200[diff] [blame]1822 return false;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1823
Johan Hedberga6f78332014-09-10 17:37:45 -0700[diff] [blame]1824 if (smp_ltk_sec_level(key) < sec_level)
Marcel Holtmannf81cd822014-07-01 10:59:24 +0200[diff] [blame]1825 return false;
Johan Hedberg4dab7862012-06-07 14:58:37 +0800[diff] [blame]1826
Johan Hedberg51a8efd2012-01-16 06:10:31 +0200[diff] [blame]1827 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Marcel Holtmannf81cd822014-07-01 10:59:24 +0200[diff] [blame]1828 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1829
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300[diff] [blame]1830 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
1831 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1832
Johan Hedbergfe59a052014-07-01 19:14:12 +0300[diff] [blame]1833 /* We never store STKs for master role, so clear this flag */
1834 clear_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags);
1835
Marcel Holtmannf81cd822014-07-01 10:59:24 +0200[diff] [blame]1836 return true;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1837}
Marcel Holtmannf1560462013-10-13 05:43:25 -0700[diff] [blame]1838
Johan Hedberg35dc6f82014-11-13 10:55:18 +0200[diff] [blame]1839bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level,
1840 enum smp_key_pref key_pref)
Johan Hedberg854f4722014-07-01 18:40:20 +0300[diff] [blame]1841{
1842 if (sec_level == BT_SECURITY_LOW)
1843 return true;
1844
Johan Hedberg35dc6f82014-11-13 10:55:18 +0200[diff] [blame]1845 /* If we're encrypted with an STK but the caller prefers using
1846 * LTK claim insufficient security. This way we allow the
1847 * connection to be re-encrypted with an LTK, even if the LTK
1848 * provides the same level of security. Only exception is if we
1849 * don't have an LTK (e.g. because of key distribution bits).
Johan Hedberg9ab65d602014-07-01 19:14:13 +0300[diff] [blame]1850 */
Johan Hedberg35dc6f82014-11-13 10:55:18 +0200[diff] [blame]1851 if (key_pref == SMP_USE_LTK &&
1852 test_bit(HCI_CONN_STK_ENCRYPT, &hcon->flags) &&
Johan Hedbergf3a73d92014-05-29 15:02:59 +0300[diff] [blame]1853 hci_find_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, hcon->role))
Johan Hedberg9ab65d602014-07-01 19:14:13 +0300[diff] [blame]1854 return false;
1855
Johan Hedberg854f4722014-07-01 18:40:20 +0300[diff] [blame]1856 if (hcon->sec_level >= sec_level)
1857 return true;
1858
1859 return false;
1860}
1861
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1862static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1863{
1864 struct smp_cmd_security_req *rp = (void *) skb->data;
1865 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300[diff] [blame]1866 struct hci_conn *hcon = conn->hcon;
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]1867 struct hci_dev *hdev = hcon->hdev;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1868 struct smp_chan *smp;
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1869 u8 sec_level, auth;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1870
1871 BT_DBG("conn %p", conn);
1872
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1873 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]1874 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]1875
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]1876 if (hcon->role != HCI_ROLE_MASTER)
Johan Hedberg86ca9ea2013-11-05 11:30:39 +0200[diff] [blame]1877 return SMP_CMD_NOTSUPP;
1878
Johan Hedberg0edb14d2014-05-26 13:29:28 +0300[diff] [blame]1879 auth = rp->auth_req & AUTH_REQ_MASK(hdev);
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1880
Johan Hedberg5be5e272014-09-10 17:58:54 -0700[diff] [blame]1881 if (hcon->io_capability == HCI_IO_NO_INPUT_OUTPUT)
Johan Hedberg1afc2a12014-09-10 17:37:44 -0700[diff] [blame]1882 sec_level = BT_SECURITY_MEDIUM;
1883 else
1884 sec_level = authreq_to_seclevel(auth);
1885
Johan Hedberg35dc6f82014-11-13 10:55:18 +0200[diff] [blame]1886 if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK))
Johan Hedberg854f4722014-07-01 18:40:20 +0300[diff] [blame]1887 return 0;
1888
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1889 if (sec_level > hcon->pending_sec_level)
1890 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -0300[diff] [blame]1891
Johan Hedberg4dab7862012-06-07 14:58:37 +0800[diff] [blame]1892 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300[diff] [blame]1893 return 0;
1894
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1895 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +0300[diff] [blame]1896 if (!smp)
1897 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1898
Johan Hedbergb6ae8452014-07-30 09:22:22 +0300[diff] [blame]1899 if (!test_bit(HCI_BONDABLE, &hcon->hdev->dev_flags) &&
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1900 (auth & SMP_AUTH_BONDING))
Johan Hedberg616d55b2014-07-29 14:18:48 +0300[diff] [blame]1901 return SMP_PAIRING_NOTSUPP;
1902
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1903 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1904
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1905 memset(&cp, 0, sizeof(cp));
Johan Hedbergc05b9332014-09-10 17:37:42 -0700[diff] [blame]1906 build_pairing_cmd(conn, &cp, NULL, auth);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1907
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1908 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1909 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300[diff] [blame]1910
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1911 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1912 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300[diff] [blame]1913
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]1914 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]1915}
1916
Vinicius Costa Gomescc110922012-08-23 21:32:43 -0300[diff] [blame]1917int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1918{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -0300[diff] [blame]1919 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedbergc68b7f12014-09-06 06:59:10 +0300[diff] [blame]1920 struct l2cap_chan *chan;
Johan Hedberg0a66cf22014-03-24 14:39:03 +0200[diff] [blame]1921 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1922 __u8 authreq;
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1923 int ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1924
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -0300[diff] [blame]1925 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
1926
Johan Hedberg0a66cf22014-03-24 14:39:03 +0200[diff] [blame]1927 /* This may be NULL if there's an unexpected disconnection */
1928 if (!conn)
1929 return 1;
1930
Johan Hedbergc68b7f12014-09-06 06:59:10 +0300[diff] [blame]1931 chan = conn->smp;
1932
Johan Hedberg757aee02013-04-24 13:05:32 +0300[diff] [blame]1933 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -0300[diff] [blame]1934 return 1;
1935
Johan Hedberg35dc6f82014-11-13 10:55:18 +0200[diff] [blame]1936 if (smp_sufficient_security(hcon, sec_level, SMP_USE_LTK))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300[diff] [blame]1937 return 1;
1938
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1939 if (sec_level > hcon->pending_sec_level)
1940 hcon->pending_sec_level = sec_level;
1941
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]1942 if (hcon->role == HCI_ROLE_MASTER)
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1943 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
1944 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1945
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1946 l2cap_chan_lock(chan);
1947
1948 /* If SMP is already in progress ignore this request */
1949 if (chan->data) {
1950 ret = 0;
1951 goto unlock;
1952 }
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1953
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300[diff] [blame]1954 smp = smp_chan_create(conn);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1955 if (!smp) {
1956 ret = 1;
1957 goto unlock;
1958 }
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1959
1960 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1961
Johan Hedbergd2eb9e12014-05-16 10:59:06 +0300[diff] [blame]1962 if (test_bit(HCI_SC_ENABLED, &hcon->hdev->dev_flags))
1963 authreq |= SMP_AUTH_SC;
1964
Johan Hedberg79897d22014-06-01 09:45:24 +0300[diff] [blame]1965 /* Require MITM if IO Capability allows or the security level
1966 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +0200[diff] [blame]1967 */
Johan Hedberg79897d22014-06-01 09:45:24 +0300[diff] [blame]1968 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +0300[diff] [blame]1969 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +0200[diff] [blame]1970 authreq |= SMP_AUTH_MITM;
1971
Johan Hedberg40bef302014-07-16 11:42:27 +0300[diff] [blame]1972 if (hcon->role == HCI_ROLE_MASTER) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300[diff] [blame]1973 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300[diff] [blame]1974
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1975 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]1976 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1977 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300[diff] [blame]1978
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1979 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1980 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1981 } else {
1982 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -0800[diff] [blame]1983 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1984 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]1985 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1986 }
1987
Johan Hedberg4a74d652014-05-20 09:45:50 +0300[diff] [blame]1988 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1989 ret = 0;
Johan Hedbergedca7922014-03-24 15:54:11 +0200[diff] [blame]1990
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]1991unlock:
1992 l2cap_chan_unlock(chan);
1993 return ret;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]1994}
1995
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]1996static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
1997{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]1998 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]1999 struct l2cap_chan *chan = conn->smp;
2000 struct smp_chan *smp = chan->data;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]2001
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]2002 BT_DBG("conn %p", conn);
2003
2004 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]2005 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]2006
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2007 SMP_ALLOW_CMD(smp, SMP_CMD_MASTER_IDENT);
Johan Hedberg6131ddc2014-02-18 10:19:37 +0200[diff] [blame]2008
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]2009 skb_pull(skb, sizeof(*rp));
2010
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300[diff] [blame]2011 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]2012
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2013 return 0;
2014}
2015
2016static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
2017{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]2018 struct smp_cmd_master_ident *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2019 struct l2cap_chan *chan = conn->smp;
2020 struct smp_chan *smp = chan->data;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300[diff] [blame]2021 struct hci_dev *hdev = conn->hcon->hdev;
2022 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +0200[diff] [blame]2023 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300[diff] [blame]2024 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2025
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]2026 BT_DBG("conn %p", conn);
2027
2028 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]2029 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200[diff] [blame]2030
Johan Hedberg9747a9f2014-02-26 23:33:43 +0200[diff] [blame]2031 /* Mark the information as received */
2032 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
2033
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2034 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
2035 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
Johan Hedberg196332f2014-09-09 16:21:46 -0700[diff] [blame]2036 else if (smp->remote_key_dist & SMP_DIST_SIGN)
2037 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2038
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300[diff] [blame]2039 skb_pull(skb, sizeof(*rp));
2040
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700[diff] [blame]2041 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +0300[diff] [blame]2042 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +0200[diff] [blame]2043 authenticated, smp->tk, smp->enc_key_size,
2044 rp->ediv, rp->rand);
2045 smp->ltk = ltk;
Johan Hedbergc6e81e92014-09-05 22:19:54 +0300[diff] [blame]2046 if (!(smp->remote_key_dist & KEY_DIST_MASK))
Johan Hedbergd6268e82014-09-05 22:19:51 +0300[diff] [blame]2047 smp_distribute_keys(smp);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2048
2049 return 0;
2050}
2051
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2052static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
2053{
2054 struct smp_cmd_ident_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2055 struct l2cap_chan *chan = conn->smp;
2056 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2057
2058 BT_DBG("");
2059
2060 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]2061 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2062
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2063 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
Johan Hedberg6131ddc2014-02-18 10:19:37 +0200[diff] [blame]2064
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2065 skb_pull(skb, sizeof(*info));
2066
2067 memcpy(smp->irk, info->irk, 16);
2068
2069 return 0;
2070}
2071
2072static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
2073 struct sk_buff *skb)
2074{
2075 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2076 struct l2cap_chan *chan = conn->smp;
2077 struct smp_chan *smp = chan->data;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2078 struct hci_conn *hcon = conn->hcon;
2079 bdaddr_t rpa;
2080
2081 BT_DBG("");
2082
2083 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]2084 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2085
Johan Hedberg9747a9f2014-02-26 23:33:43 +0200[diff] [blame]2086 /* Mark the information as received */
2087 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
2088
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2089 if (smp->remote_key_dist & SMP_DIST_SIGN)
2090 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
2091
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2092 skb_pull(skb, sizeof(*info));
2093
Johan Hedberga9a58f82014-02-25 22:24:37 +0200[diff] [blame]2094 /* Strictly speaking the Core Specification (4.1) allows sending
2095 * an empty address which would force us to rely on just the IRK
2096 * as "identity information". However, since such
2097 * implementations are not known of and in order to not over
2098 * complicate our implementation, simply pretend that we never
2099 * received an IRK for such a device.
2100 */
2101 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
2102 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +0300[diff] [blame]2103 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +0200[diff] [blame]2104 }
2105
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2106 bacpy(&smp->id_addr, &info->bdaddr);
2107 smp->id_addr_type = info->addr_type;
2108
2109 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
2110 bacpy(&rpa, &hcon->dst);
2111 else
2112 bacpy(&rpa, BDADDR_ANY);
2113
Johan Hedberg23d0e122014-02-19 14:57:46 +0200[diff] [blame]2114 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
2115 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2116
Johan Hedberg31dd6242014-06-27 14:23:02 +0300[diff] [blame]2117distribute:
Johan Hedbergc6e81e92014-09-05 22:19:54 +0300[diff] [blame]2118 if (!(smp->remote_key_dist & KEY_DIST_MASK))
2119 smp_distribute_keys(smp);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2120
2121 return 0;
2122}
2123
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2124static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
2125{
2126 struct smp_cmd_sign_info *rp = (void *) skb->data;
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2127 struct l2cap_chan *chan = conn->smp;
2128 struct smp_chan *smp = chan->data;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2129 struct smp_csrk *csrk;
2130
2131 BT_DBG("conn %p", conn);
2132
2133 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300[diff] [blame]2134 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2135
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2136 /* Mark the information as received */
2137 smp->remote_key_dist &= ~SMP_DIST_SIGN;
2138
2139 skb_pull(skb, sizeof(*rp));
2140
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2141 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
2142 if (csrk) {
2143 csrk->master = 0x01;
2144 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
2145 }
2146 smp->csrk = csrk;
Johan Hedbergd6268e82014-09-05 22:19:51 +0300[diff] [blame]2147 smp_distribute_keys(smp);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2148
2149 return 0;
2150}
2151
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]2152static u8 sc_select_method(struct smp_chan *smp)
2153{
2154 struct l2cap_conn *conn = smp->conn;
2155 struct hci_conn *hcon = conn->hcon;
2156 struct smp_cmd_pairing *local, *remote;
2157 u8 local_mitm, remote_mitm, local_io, remote_io, method;
2158
2159 /* The preq/prsp contain the raw Pairing Request/Response PDUs
2160 * which are needed as inputs to some crypto functions. To get
2161 * the "struct smp_cmd_pairing" from them we need to skip the
2162 * first byte which contains the opcode.
2163 */
2164 if (hcon->out) {
2165 local = (void *) &smp->preq[1];
2166 remote = (void *) &smp->prsp[1];
2167 } else {
2168 local = (void *) &smp->prsp[1];
2169 remote = (void *) &smp->preq[1];
2170 }
2171
2172 local_io = local->io_capability;
2173 remote_io = remote->io_capability;
2174
2175 local_mitm = (local->auth_req & SMP_AUTH_MITM);
2176 remote_mitm = (remote->auth_req & SMP_AUTH_MITM);
2177
2178 /* If either side wants MITM, look up the method from the table,
2179 * otherwise use JUST WORKS.
2180 */
2181 if (local_mitm || remote_mitm)
2182 method = get_auth_method(smp, local_io, remote_io);
2183 else
2184 method = JUST_WORKS;
2185
2186 /* Don't confirm locally initiated pairing attempts */
2187 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
2188 method = JUST_WORKS;
2189
2190 return method;
2191}
2192
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]2193static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)
2194{
2195 struct smp_cmd_public_key *key = (void *) skb->data;
2196 struct hci_conn *hcon = conn->hcon;
2197 struct l2cap_chan *chan = conn->smp;
2198 struct smp_chan *smp = chan->data;
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]2199 struct hci_dev *hdev = hcon->hdev;
Johan Hedbergcbbbe3e2014-06-06 11:30:08 +0300[diff] [blame]2200 struct smp_cmd_pairing_confirm cfm;
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]2201 int err;
2202
2203 BT_DBG("conn %p", conn);
2204
2205 if (skb->len < sizeof(*key))
2206 return SMP_INVALID_PARAMS;
2207
2208 memcpy(smp->remote_pk, key, 64);
2209
2210 /* Non-initiating device sends its public key after receiving
2211 * the key from the initiating device.
2212 */
2213 if (!hcon->out) {
2214 err = sc_send_public_key(smp);
2215 if (err)
2216 return err;
2217 }
2218
2219 BT_DBG("Remote Public Key X: %32phN", smp->remote_pk);
2220 BT_DBG("Remote Public Key Y: %32phN", &smp->remote_pk[32]);
2221
2222 if (!ecdh_shared_secret(smp->remote_pk, smp->local_sk, smp->dhkey))
2223 return SMP_UNSPECIFIED;
2224
2225 BT_DBG("DHKey %32phN", smp->dhkey);
2226
2227 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags);
2228
Johan Hedberg5e3d3d92014-05-31 18:51:02 +0300[diff] [blame]2229 smp->method = sc_select_method(smp);
2230
2231 BT_DBG("%s selected method 0x%02x", hdev->name, smp->method);
2232
2233 /* JUST_WORKS and JUST_CFM result in an unauthenticated key */
2234 if (smp->method == JUST_WORKS || smp->method == JUST_CFM)
2235 hcon->pending_sec_level = BT_SECURITY_MEDIUM;
2236 else
2237 hcon->pending_sec_level = BT_SECURITY_FIPS;
2238
Johan Hedbergaeb7d462014-05-31 18:52:28 +0300[diff] [blame]2239 if (!memcmp(debug_pk, smp->remote_pk, 64))
2240 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
2241
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]2242 if (smp->method == DSP_PASSKEY) {
2243 get_random_bytes(&hcon->passkey_notify,
2244 sizeof(hcon->passkey_notify));
2245 hcon->passkey_notify %= 1000000;
2246 hcon->passkey_entered = 0;
2247 smp->passkey_round = 0;
2248 if (mgmt_user_passkey_notify(hdev, &hcon->dst, hcon->type,
2249 hcon->dst_type,
2250 hcon->passkey_notify,
2251 hcon->passkey_entered))
2252 return SMP_UNSPECIFIED;
2253 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2254 return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY);
2255 }
2256
2257 if (hcon->out)
2258 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2259
2260 if (smp->method == REQ_PASSKEY) {
2261 if (mgmt_user_passkey_request(hdev, &hcon->dst, hcon->type,
2262 hcon->dst_type))
2263 return SMP_UNSPECIFIED;
2264 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2265 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
2266 return 0;
2267 }
2268
Johan Hedbergcbbbe3e2014-06-06 11:30:08 +0300[diff] [blame]2269 /* The Initiating device waits for the non-initiating device to
2270 * send the confirm value.
2271 */
2272 if (conn->hcon->out)
2273 return 0;
2274
2275 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd,
2276 0, cfm.confirm_val);
2277 if (err)
2278 return SMP_UNSPECIFIED;
2279
2280 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cfm), &cfm);
2281 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2282
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]2283 return 0;
2284}
2285
Johan Hedberg6433a9a2014-06-06 11:47:30 +0300[diff] [blame]2286static int smp_cmd_dhkey_check(struct l2cap_conn *conn, struct sk_buff *skb)
2287{
2288 struct smp_cmd_dhkey_check *check = (void *) skb->data;
2289 struct l2cap_chan *chan = conn->smp;
2290 struct hci_conn *hcon = conn->hcon;
2291 struct smp_chan *smp = chan->data;
2292 u8 a[7], b[7], *local_addr, *remote_addr;
2293 u8 io_cap[3], r[16], e[16];
2294 int err;
2295
2296 BT_DBG("conn %p", conn);
2297
2298 if (skb->len < sizeof(*check))
2299 return SMP_INVALID_PARAMS;
2300
2301 memcpy(a, &hcon->init_addr, 6);
2302 memcpy(b, &hcon->resp_addr, 6);
2303 a[6] = hcon->init_addr_type;
2304 b[6] = hcon->resp_addr_type;
2305
2306 if (hcon->out) {
2307 local_addr = a;
2308 remote_addr = b;
2309 memcpy(io_cap, &smp->prsp[1], 3);
2310 } else {
2311 local_addr = b;
2312 remote_addr = a;
2313 memcpy(io_cap, &smp->preq[1], 3);
2314 }
2315
2316 memset(r, 0, sizeof(r));
2317
Johan Hedberg38606f12014-06-25 11:10:28 +0300[diff] [blame]2318 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2319 put_unaligned_le32(hcon->passkey_notify, r);
2320
Johan Hedberg6433a9a2014-06-06 11:47:30 +0300[diff] [blame]2321 err = smp_f6(smp->tfm_cmac, smp->mackey, smp->rrnd, smp->prnd, r,
2322 io_cap, remote_addr, local_addr, e);
2323 if (err)
2324 return SMP_UNSPECIFIED;
2325
2326 if (memcmp(check->e, e, 16))
2327 return SMP_DHKEY_CHECK_FAILED;
2328
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]2329 if (!hcon->out) {
2330 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
2331 set_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags);
2332 return 0;
2333 }
Johan Hedbergd378a2d2014-05-31 18:53:36 +0300[diff] [blame]2334
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]2335 /* Slave sends DHKey check as response to master */
2336 sc_dhkey_check(smp);
2337 }
Johan Hedbergd378a2d2014-05-31 18:53:36 +0300[diff] [blame]2338
Johan Hedbergd3e54a82014-06-04 11:07:40 +0300[diff] [blame^]2339 sc_add_ltk(smp);
Johan Hedberg6433a9a2014-06-06 11:47:30 +0300[diff] [blame]2340
2341 if (hcon->out) {
2342 hci_le_start_enc(hcon, 0, 0, smp->tk);
2343 hcon->enc_key_size = smp->enc_key_size;
2344 }
2345
2346 return 0;
2347}
2348
Johan Hedberg4befb862014-08-11 22:06:38 +0300[diff] [blame]2349static int smp_sig_channel(struct l2cap_chan *chan, struct sk_buff *skb)
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2350{
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2351 struct l2cap_conn *conn = chan->conn;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -0700[diff] [blame]2352 struct hci_conn *hcon = conn->hcon;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2353 struct smp_chan *smp;
Marcel Holtmann92381f52013-10-03 01:23:08 -0700[diff] [blame]2354 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2355 int err = 0;
2356
Marcel Holtmann7b9899d2013-10-03 00:00:57 -0700[diff] [blame]2357 if (hcon->type != LE_LINK) {
2358 kfree_skb(skb);
Johan Hedberg3432711f2013-10-16 11:37:01 +0300[diff] [blame]2359 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -0700[diff] [blame]2360 }
2361
Johan Hedberg8ae9b982014-08-11 22:06:39 +0300[diff] [blame]2362 if (skb->len < 1)
Marcel Holtmann92381f52013-10-03 01:23:08 -0700[diff] [blame]2363 return -EILSEQ;
Marcel Holtmann92381f52013-10-03 01:23:08 -0700[diff] [blame]2364
Marcel Holtmann06ae3312013-10-18 03:43:00 -0700[diff] [blame]2365 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -0300[diff] [blame]2366 reason = SMP_PAIRING_NOTSUPP;
2367 goto done;
2368 }
2369
Marcel Holtmann92381f52013-10-03 01:23:08 -0700[diff] [blame]2370 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2371 skb_pull(skb, sizeof(code));
2372
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2373 smp = chan->data;
2374
2375 if (code > SMP_CMD_MAX)
2376 goto drop;
2377
Johan Hedberg24bd0bd2014-09-10 17:37:43 -0700[diff] [blame]2378 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2379 goto drop;
2380
2381 /* If we don't have a context the only allowed commands are
2382 * pairing request and security request.
Johan Hedberg8cf9fa12013-01-29 10:44:23 -0600[diff] [blame]2383 */
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2384 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
2385 goto drop;
Johan Hedberg8cf9fa12013-01-29 10:44:23 -0600[diff] [blame]2386
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2387 switch (code) {
2388 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2389 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2390 break;
2391
2392 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +0200[diff] [blame]2393 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2394 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2395 break;
2396
2397 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2398 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]2399 break;
2400
2401 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2402 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]2403 break;
2404
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2405 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2406 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]2407 break;
2408
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2409 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300[diff] [blame]2410 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300[diff] [blame]2411 break;
2412
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2413 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2414 reason = smp_cmd_encrypt_info(conn, skb);
2415 break;
2416
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2417 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2418 reason = smp_cmd_master_ident(conn, skb);
2419 break;
2420
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2421 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2422 reason = smp_cmd_ident_info(conn, skb);
2423 break;
2424
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2425 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +0200[diff] [blame]2426 reason = smp_cmd_ident_addr_info(conn, skb);
2427 break;
2428
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2429 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700[diff] [blame]2430 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2431 break;
2432
Johan Hedbergd8f8edb2014-06-06 11:09:28 +0300[diff] [blame]2433 case SMP_CMD_PUBLIC_KEY:
2434 reason = smp_cmd_public_key(conn, skb);
2435 break;
2436
Johan Hedberg6433a9a2014-06-06 11:47:30 +0300[diff] [blame]2437 case SMP_CMD_DHKEY_CHECK:
2438 reason = smp_cmd_dhkey_check(conn, skb);
2439 break;
2440
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2441 default:
2442 BT_DBG("Unknown command code 0x%2.2x", code);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2443 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -0300[diff] [blame]2444 goto done;
2445 }
2446
2447done:
Johan Hedberg9b7b18e2014-08-18 20:33:31 +0300[diff] [blame]2448 if (!err) {
2449 if (reason)
2450 smp_failure(conn, reason);
Johan Hedberg8ae9b982014-08-11 22:06:39 +0300[diff] [blame]2451 kfree_skb(skb);
Johan Hedberg9b7b18e2014-08-18 20:33:31 +0300[diff] [blame]2452 }
2453
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2454 return err;
Johan Hedbergb28b4942014-09-05 22:19:55 +0300[diff] [blame]2455
2456drop:
2457 BT_ERR("%s unexpected SMP command 0x%02x from %pMR", hcon->hdev->name,
2458 code, &hcon->dst);
2459 kfree_skb(skb);
2460 return 0;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300[diff] [blame]2461}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300[diff] [blame]2462
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2463static void smp_teardown_cb(struct l2cap_chan *chan, int err)
2464{
2465 struct l2cap_conn *conn = chan->conn;
2466
2467 BT_DBG("chan %p", chan);
2468
Johan Hedbergfc75cc82014-09-05 22:19:52 +0300[diff] [blame]2469 if (chan->data)
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2470 smp_chan_destroy(conn);
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2471
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2472 conn->smp = NULL;
2473 l2cap_chan_put(chan);
2474}
2475
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]2476static void smp_resume_cb(struct l2cap_chan *chan)
2477{
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]2478 struct smp_chan *smp = chan->data;
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]2479 struct l2cap_conn *conn = chan->conn;
2480 struct hci_conn *hcon = conn->hcon;
2481
2482 BT_DBG("chan %p", chan);
2483
Johan Hedberg86d14072014-08-11 22:06:43 +0300[diff] [blame]2484 if (!smp)
2485 return;
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]2486
Johan Hedberg84bc0db2014-09-05 22:19:49 +0300[diff] [blame]2487 if (!test_bit(HCI_CONN_ENCRYPT, &hcon->flags))
2488 return;
2489
Johan Hedberg86d14072014-08-11 22:06:43 +0300[diff] [blame]2490 cancel_delayed_work(&smp->security_timer);
2491
Johan Hedbergd6268e82014-09-05 22:19:51 +0300[diff] [blame]2492 smp_distribute_keys(smp);
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]2493}
2494
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2495static void smp_ready_cb(struct l2cap_chan *chan)
2496{
2497 struct l2cap_conn *conn = chan->conn;
2498
2499 BT_DBG("chan %p", chan);
2500
2501 conn->smp = chan;
2502 l2cap_chan_hold(chan);
2503}
2504
Johan Hedberg4befb862014-08-11 22:06:38 +0300[diff] [blame]2505static int smp_recv_cb(struct l2cap_chan *chan, struct sk_buff *skb)
2506{
2507 int err;
2508
2509 BT_DBG("chan %p", chan);
2510
2511 err = smp_sig_channel(chan, skb);
2512 if (err) {
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]2513 struct smp_chan *smp = chan->data;
Johan Hedberg4befb862014-08-11 22:06:38 +0300[diff] [blame]2514
Johan Hedbergb68fda62014-08-11 22:06:40 +0300[diff] [blame]2515 if (smp)
2516 cancel_delayed_work_sync(&smp->security_timer);
Johan Hedberg4befb862014-08-11 22:06:38 +0300[diff] [blame]2517
Johan Hedberg1e91c292014-08-18 20:33:29 +0300[diff] [blame]2518 hci_disconnect(chan->conn->hcon, HCI_ERROR_AUTH_FAILURE);
Johan Hedberg4befb862014-08-11 22:06:38 +0300[diff] [blame]2519 }
2520
2521 return err;
2522}
2523
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2524static struct sk_buff *smp_alloc_skb_cb(struct l2cap_chan *chan,
2525 unsigned long hdr_len,
2526 unsigned long len, int nb)
2527{
2528 struct sk_buff *skb;
2529
2530 skb = bt_skb_alloc(hdr_len + len, GFP_KERNEL);
2531 if (!skb)
2532 return ERR_PTR(-ENOMEM);
2533
2534 skb->priority = HCI_PRIO_MAX;
2535 bt_cb(skb)->chan = chan;
2536
2537 return skb;
2538}
2539
2540static const struct l2cap_ops smp_chan_ops = {
2541 .name = "Security Manager",
2542 .ready = smp_ready_cb,
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2543 .recv = smp_recv_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2544 .alloc_skb = smp_alloc_skb_cb,
2545 .teardown = smp_teardown_cb,
Johan Hedberg44f1a7a2014-08-11 22:06:36 +0300[diff] [blame]2546 .resume = smp_resume_cb,
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2547
2548 .new_connection = l2cap_chan_no_new_connection,
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2549 .state_change = l2cap_chan_no_state_change,
2550 .close = l2cap_chan_no_close,
2551 .defer = l2cap_chan_no_defer,
2552 .suspend = l2cap_chan_no_suspend,
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2553 .set_shutdown = l2cap_chan_no_set_shutdown,
2554 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
2555 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
2556};
2557
2558static inline struct l2cap_chan *smp_new_conn_cb(struct l2cap_chan *pchan)
2559{
2560 struct l2cap_chan *chan;
2561
2562 BT_DBG("pchan %p", pchan);
2563
2564 chan = l2cap_chan_create();
2565 if (!chan)
2566 return NULL;
2567
2568 chan->chan_type = pchan->chan_type;
2569 chan->ops = &smp_chan_ops;
2570 chan->scid = pchan->scid;
2571 chan->dcid = chan->scid;
2572 chan->imtu = pchan->imtu;
2573 chan->omtu = pchan->omtu;
2574 chan->mode = pchan->mode;
2575
Johan Hedbergabe84902014-11-12 22:22:21 +0200[diff] [blame]2576 /* Other L2CAP channels may request SMP routines in order to
2577 * change the security level. This means that the SMP channel
2578 * lock must be considered in its own category to avoid lockdep
2579 * warnings.
2580 */
2581 atomic_set(&chan->nesting, L2CAP_NESTING_SMP);
2582
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2583 BT_DBG("created chan %p", chan);
2584
2585 return chan;
2586}
2587
2588static const struct l2cap_ops smp_root_chan_ops = {
2589 .name = "Security Manager Root",
2590 .new_connection = smp_new_conn_cb,
2591
2592 /* None of these are implemented for the root channel */
2593 .close = l2cap_chan_no_close,
2594 .alloc_skb = l2cap_chan_no_alloc_skb,
2595 .recv = l2cap_chan_no_recv,
2596 .state_change = l2cap_chan_no_state_change,
2597 .teardown = l2cap_chan_no_teardown,
2598 .ready = l2cap_chan_no_ready,
2599 .defer = l2cap_chan_no_defer,
2600 .suspend = l2cap_chan_no_suspend,
2601 .resume = l2cap_chan_no_resume,
2602 .set_shutdown = l2cap_chan_no_set_shutdown,
2603 .get_sndtimeo = l2cap_chan_no_get_sndtimeo,
2604 .memcpy_fromiovec = l2cap_chan_no_memcpy_fromiovec,
2605};
2606
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2607int smp_register(struct hci_dev *hdev)
2608{
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2609 struct l2cap_chan *chan;
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2610 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2611
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2612 BT_DBG("%s", hdev->name);
2613
Johan Hedbergadae20c2014-11-13 14:37:48 +0200[diff] [blame]2614 tfm_aes = crypto_alloc_blkcipher("ecb(aes)", 0, 0);
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2615 if (IS_ERR(tfm_aes)) {
2616 int err = PTR_ERR(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2617 BT_ERR("Unable to create crypto context");
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2618 return err;
2619 }
2620
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2621 chan = l2cap_chan_create();
2622 if (!chan) {
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2623 crypto_free_blkcipher(tfm_aes);
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2624 return -ENOMEM;
2625 }
2626
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2627 chan->data = tfm_aes;
2628
Johan Hedberg5d88cc72014-08-08 09:37:18 +0300[diff] [blame]2629 l2cap_add_scid(chan, L2CAP_CID_SMP);
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2630
2631 l2cap_chan_set_defaults(chan);
2632
2633 bacpy(&chan->src, &hdev->bdaddr);
2634 chan->src_type = BDADDR_LE_PUBLIC;
2635 chan->state = BT_LISTEN;
2636 chan->mode = L2CAP_MODE_BASIC;
2637 chan->imtu = L2CAP_DEFAULT_MTU;
2638 chan->ops = &smp_root_chan_ops;
2639
Johan Hedbergabe84902014-11-12 22:22:21 +0200[diff] [blame]2640 /* Set correct nesting level for a parent/listening channel */
2641 atomic_set(&chan->nesting, L2CAP_NESTING_PARENT);
2642
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2643 hdev->smp_data = chan;
2644
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2645 return 0;
2646}
2647
2648void smp_unregister(struct hci_dev *hdev)
2649{
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2650 struct l2cap_chan *chan = hdev->smp_data;
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2651 struct crypto_blkcipher *tfm_aes;
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2652
2653 if (!chan)
2654 return;
2655
2656 BT_DBG("%s chan %p", hdev->name, chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2657
Johan Hedbergdefce9e2014-08-08 09:37:17 +0300[diff] [blame]2658 tfm_aes = chan->data;
2659 if (tfm_aes) {
2660 chan->data = NULL;
2661 crypto_free_blkcipher(tfm_aes);
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2662 }
Johan Hedberg70db83c2014-08-08 09:37:16 +0300[diff] [blame]2663
2664 hdev->smp_data = NULL;
2665 l2cap_chan_put(chan);
Johan Hedberg711eafe2014-08-08 09:32:52 +0300[diff] [blame]2666}