Linux Kernel  3.7.1
 All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
smp.c
Go to the documentation of this file.
1 /*
2  BlueZ - Bluetooth protocol stack for Linux
3  Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4 
5  This program is free software; you can redistribute it and/or modify
6  it under the terms of the GNU General Public License version 2 as
7  published by the Free Software Foundation;
8 
9  THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10  OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11  FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12  IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13  CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14  WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15  ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16  OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17 
18  ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19  COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20  SOFTWARE IS DISCLAIMED.
21 */
22 
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
26 
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31 #include <net/bluetooth/smp.h>
32 
33 #define SMP_TIMEOUT msecs_to_jiffies(30000)
34 
35 #define AUTH_REQ_MASK 0x07
36 
37 static inline void swap128(u8 src[16], u8 dst[16])
38 {
39  int i;
40  for (i = 0; i < 16; i++)
41  dst[15 - i] = src[i];
42 }
43 
44 static inline void swap56(u8 src[7], u8 dst[7])
45 {
46  int i;
47  for (i = 0; i < 7; i++)
48  dst[6 - i] = src[i];
49 }
50 
51 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
52 {
53  struct blkcipher_desc desc;
54  struct scatterlist sg;
55  int err, iv_len;
56  unsigned char iv[128];
57 
58  if (tfm == NULL) {
59  BT_ERR("tfm %p", tfm);
60  return -EINVAL;
61  }
62 
63  desc.tfm = tfm;
64  desc.flags = 0;
65 
66  err = crypto_blkcipher_setkey(tfm, k, 16);
67  if (err) {
68  BT_ERR("cipher setkey failed: %d", err);
69  return err;
70  }
71 
72  sg_init_one(&sg, r, 16);
73 
74  iv_len = crypto_blkcipher_ivsize(tfm);
75  if (iv_len) {
76  memset(&iv, 0xff, iv_len);
77  crypto_blkcipher_set_iv(tfm, iv, iv_len);
78  }
79 
80  err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
81  if (err)
82  BT_ERR("Encrypt data error %d", err);
83 
84  return err;
85 }
86 
87 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
88  u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
89  u8 _rat, bdaddr_t *ra, u8 res[16])
90 {
91  u8 p1[16], p2[16];
92  int err;
93 
94  memset(p1, 0, 16);
95 
96  /* p1 = pres || preq || _rat || _iat */
97  swap56(pres, p1);
98  swap56(preq, p1 + 7);
99  p1[14] = _rat;
100  p1[15] = _iat;
101 
102  memset(p2, 0, 16);
103 
104  /* p2 = padding || ia || ra */
105  baswap((bdaddr_t *) (p2 + 4), ia);
106  baswap((bdaddr_t *) (p2 + 10), ra);
107 
108  /* res = r XOR p1 */
109  u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
110 
111  /* res = e(k, res) */
112  err = smp_e(tfm, k, res);
113  if (err) {
114  BT_ERR("Encrypt data error");
115  return err;
116  }
117 
118  /* res = res XOR p2 */
119  u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
120 
121  /* res = e(k, res) */
122  err = smp_e(tfm, k, res);
123  if (err)
124  BT_ERR("Encrypt data error");
125 
126  return err;
127 }
128 
129 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
130  u8 r1[16], u8 r2[16], u8 _r[16])
131 {
132  int err;
133 
134  /* Just least significant octets from r1 and r2 are considered */
135  memcpy(_r, r1 + 8, 8);
136  memcpy(_r + 8, r2 + 8, 8);
137 
138  err = smp_e(tfm, k, _r);
139  if (err)
140  BT_ERR("Encrypt data error");
141 
142  return err;
143 }
144 
145 static int smp_rand(u8 *buf)
146 {
147  get_random_bytes(buf, 16);
148 
149  return 0;
150 }
151 
152 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
153  u16 dlen, void *data)
154 {
155  struct sk_buff *skb;
156  struct l2cap_hdr *lh;
157  int len;
158 
159  len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
160 
161  if (len > conn->mtu)
162  return NULL;
163 
164  skb = bt_skb_alloc(len, GFP_ATOMIC);
165  if (!skb)
166  return NULL;
167 
168  lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
169  lh->len = cpu_to_le16(sizeof(code) + dlen);
171 
172  memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
173 
174  memcpy(skb_put(skb, dlen), data, dlen);
175 
176  return skb;
177 }
178 
179 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
180 {
181  struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
182 
183  BT_DBG("code 0x%2.2x", code);
184 
185  if (!skb)
186  return;
187 
188  skb->priority = HCI_PRIO_MAX;
189  hci_send_acl(conn->hchan, skb, 0);
190 
193 }
194 
195 static __u8 authreq_to_seclevel(__u8 authreq)
196 {
197  if (authreq & SMP_AUTH_MITM)
198  return BT_SECURITY_HIGH;
199  else
200  return BT_SECURITY_MEDIUM;
201 }
202 
203 static __u8 seclevel_to_authreq(__u8 sec_level)
204 {
205  switch (sec_level) {
206  case BT_SECURITY_HIGH:
208  case BT_SECURITY_MEDIUM:
209  return SMP_AUTH_BONDING;
210  default:
211  return SMP_AUTH_NONE;
212  }
213 }
214 
215 static void build_pairing_cmd(struct l2cap_conn *conn,
216  struct smp_cmd_pairing *req,
217  struct smp_cmd_pairing *rsp,
218  __u8 authreq)
219 {
220  u8 dist_keys = 0;
221 
222  if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
223  dist_keys = SMP_DIST_ENC_KEY;
224  authreq |= SMP_AUTH_BONDING;
225  } else {
226  authreq &= ~SMP_AUTH_BONDING;
227  }
228 
229  if (rsp == NULL) {
230  req->io_capability = conn->hcon->io_capability;
233  req->init_key_dist = 0;
234  req->resp_key_dist = dist_keys;
235  req->auth_req = (authreq & AUTH_REQ_MASK);
236  return;
237  }
238 
239  rsp->io_capability = conn->hcon->io_capability;
242  rsp->init_key_dist = 0;
243  rsp->resp_key_dist = req->resp_key_dist & dist_keys;
244  rsp->auth_req = (authreq & AUTH_REQ_MASK);
245 }
246 
247 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
248 {
249  struct smp_chan *smp = conn->smp_chan;
250 
251  if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
252  (max_key_size < SMP_MIN_ENC_KEY_SIZE))
253  return SMP_ENC_KEY_SIZE;
254 
255  smp->enc_key_size = max_key_size;
256 
257  return 0;
258 }
259 
260 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
261 {
262  struct hci_conn *hcon = conn->hcon;
263 
264  if (send)
265  smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
266  &reason);
267 
268  clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->hcon->flags);
269  mgmt_auth_failed(conn->hcon->hdev, conn->dst, hcon->type,
271 
273 
274  if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
275  smp_chan_destroy(conn);
276 }
277 
278 #define JUST_WORKS 0x00
279 #define JUST_CFM 0x01
280 #define REQ_PASSKEY 0x02
281 #define CFM_PASSKEY 0x03
282 #define REQ_OOB 0x04
283 #define OVERLAP 0xFF
284 
285 static const u8 gen_method[5][5] = {
286  { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
287  { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
288  { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
289  { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
291 };
292 
293 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
294  u8 local_io, u8 remote_io)
295 {
296  struct hci_conn *hcon = conn->hcon;
297  struct smp_chan *smp = conn->smp_chan;
298  u8 method;
299  u32 passkey = 0;
300  int ret = 0;
301 
302  /* Initialize key for JUST WORKS */
303  memset(smp->tk, 0, sizeof(smp->tk));
305 
306  BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
307 
308  /* If neither side wants MITM, use JUST WORKS */
309  /* If either side has unknown io_caps, use JUST WORKS */
310  /* Otherwise, look up method from the table */
311  if (!(auth & SMP_AUTH_MITM) ||
312  local_io > SMP_IO_KEYBOARD_DISPLAY ||
313  remote_io > SMP_IO_KEYBOARD_DISPLAY)
314  method = JUST_WORKS;
315  else
316  method = gen_method[remote_io][local_io];
317 
318  /* If not bonding, don't ask user to confirm a Zero TK */
319  if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
320  method = JUST_WORKS;
321 
322  /* If Just Works, Continue with Zero TK */
323  if (method == JUST_WORKS) {
325  return 0;
326  }
327 
328  /* Not Just Works/Confirm results in MITM Authentication */
329  if (method != JUST_CFM)
331 
332  /* If both devices have Keyoard-Display I/O, the master
333  * Confirms and the slave Enters the passkey.
334  */
335  if (method == OVERLAP) {
336  if (hcon->link_mode & HCI_LM_MASTER)
337  method = CFM_PASSKEY;
338  else
339  method = REQ_PASSKEY;
340  }
341 
342  /* Generate random passkey. Not valid until confirmed. */
343  if (method == CFM_PASSKEY) {
344  u8 key[16];
345 
346  memset(key, 0, sizeof(key));
347  get_random_bytes(&passkey, sizeof(passkey));
348  passkey %= 1000000;
349  put_unaligned_le32(passkey, key);
350  swap128(key, smp->tk);
351  BT_DBG("PassKey: %d", passkey);
352  }
353 
354  hci_dev_lock(hcon->hdev);
355 
356  if (method == REQ_PASSKEY)
357  ret = mgmt_user_passkey_request(hcon->hdev, conn->dst,
358  hcon->type, hcon->dst_type);
359  else
360  ret = mgmt_user_confirm_request(hcon->hdev, conn->dst,
361  hcon->type, hcon->dst_type,
362  cpu_to_le32(passkey), 0);
363 
364  hci_dev_unlock(hcon->hdev);
365 
366  return ret;
367 }
368 
369 static void confirm_work(struct work_struct *work)
370 {
371  struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
372  struct l2cap_conn *conn = smp->conn;
373  struct crypto_blkcipher *tfm;
375  int ret;
376  u8 res[16], reason;
377 
378  BT_DBG("conn %p", conn);
379 
380  tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
381  if (IS_ERR(tfm)) {
382  reason = SMP_UNSPECIFIED;
383  goto error;
384  }
385 
386  smp->tfm = tfm;
387 
388  if (conn->hcon->out)
389  ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 0,
390  conn->src, conn->hcon->dst_type, conn->dst, res);
391  else
392  ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
393  conn->hcon->dst_type, conn->dst, 0, conn->src,
394  res);
395  if (ret) {
396  reason = SMP_UNSPECIFIED;
397  goto error;
398  }
399 
401 
402  swap128(res, cp.confirm_val);
403  smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
404 
405  return;
406 
407 error:
408  smp_failure(conn, reason, 1);
409 }
410 
411 static void random_work(struct work_struct *work)
412 {
413  struct smp_chan *smp = container_of(work, struct smp_chan, random);
414  struct l2cap_conn *conn = smp->conn;
415  struct hci_conn *hcon = conn->hcon;
416  struct crypto_blkcipher *tfm = smp->tfm;
417  u8 reason, confirm[16], res[16], key[16];
418  int ret;
419 
420  if (IS_ERR_OR_NULL(tfm)) {
421  reason = SMP_UNSPECIFIED;
422  goto error;
423  }
424 
425  BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
426 
427  if (hcon->out)
428  ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 0,
429  conn->src, hcon->dst_type, conn->dst, res);
430  else
431  ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
432  hcon->dst_type, conn->dst, 0, conn->src, res);
433  if (ret) {
434  reason = SMP_UNSPECIFIED;
435  goto error;
436  }
437 
438  swap128(res, confirm);
439 
440  if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
441  BT_ERR("Pairing failed (confirmation values mismatch)");
442  reason = SMP_CONFIRM_FAILED;
443  goto error;
444  }
445 
446  if (hcon->out) {
447  u8 stk[16], rand[8];
448  __le16 ediv;
449 
450  memset(rand, 0, sizeof(rand));
451  ediv = 0;
452 
453  smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
454  swap128(key, stk);
455 
456  memset(stk + smp->enc_key_size, 0,
458 
460  reason = SMP_UNSPECIFIED;
461  goto error;
462  }
463 
464  hci_le_start_enc(hcon, ediv, rand, stk);
465  hcon->enc_key_size = smp->enc_key_size;
466  } else {
467  u8 stk[16], r[16], rand[8];
468  __le16 ediv;
469 
470  memset(rand, 0, sizeof(rand));
471  ediv = 0;
472 
473  swap128(smp->prnd, r);
474  smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
475 
476  smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
477  swap128(key, stk);
478 
479  memset(stk + smp->enc_key_size, 0,
481 
482  hci_add_ltk(hcon->hdev, conn->dst, hcon->dst_type,
483  HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
484  ediv, rand);
485  }
486 
487  return;
488 
489 error:
490  smp_failure(conn, reason, 1);
491 }
492 
493 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
494 {
495  struct smp_chan *smp;
496 
497  smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
498  if (!smp)
499  return NULL;
500 
501  INIT_WORK(&smp->confirm, confirm_work);
502  INIT_WORK(&smp->random, random_work);
503 
504  smp->conn = conn;
505  conn->smp_chan = smp;
506  conn->hcon->smp_conn = conn;
507 
508  hci_conn_hold(conn->hcon);
509 
510  return smp;
511 }
512 
513 void smp_chan_destroy(struct l2cap_conn *conn)
514 {
515  struct smp_chan *smp = conn->smp_chan;
516 
517  BUG_ON(!smp);
518 
519  if (smp->tfm)
520  crypto_free_blkcipher(smp->tfm);
521 
522  kfree(smp);
523  conn->smp_chan = NULL;
524  conn->hcon->smp_conn = NULL;
525  hci_conn_put(conn->hcon);
526 }
527 
528 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
529 {
530  struct l2cap_conn *conn = hcon->smp_conn;
531  struct smp_chan *smp;
532  u32 value;
533  u8 key[16];
534 
535  BT_DBG("");
536 
537  if (!conn)
538  return -ENOTCONN;
539 
540  smp = conn->smp_chan;
541 
542  switch (mgmt_op) {
544  value = le32_to_cpu(passkey);
545  memset(key, 0, sizeof(key));
546  BT_DBG("PassKey: %d", value);
547  put_unaligned_le32(value, key);
548  swap128(key, smp->tk);
549  /* Fall Through */
552  break;
555  smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
556  return 0;
557  default:
558  smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
559  return -EOPNOTSUPP;
560  }
561 
562  /* If it is our turn to send Pairing Confirm, do so now */
564  queue_work(hcon->hdev->workqueue, &smp->confirm);
565 
566  return 0;
567 }
568 
569 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
570 {
571  struct smp_cmd_pairing rsp, *req = (void *) skb->data;
572  struct smp_chan *smp;
573  u8 key_size;
574  u8 auth = SMP_AUTH_NONE;
575  int ret;
576 
577  BT_DBG("conn %p", conn);
578 
579  if (conn->hcon->link_mode & HCI_LM_MASTER)
580  return SMP_CMD_NOTSUPP;
581 
582  if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
583  smp = smp_chan_create(conn);
584  else
585  smp = conn->smp_chan;
586 
587  if (!smp)
588  return SMP_UNSPECIFIED;
589 
590  smp->preq[0] = SMP_CMD_PAIRING_REQ;
591  memcpy(&smp->preq[1], req, sizeof(*req));
592  skb_pull(skb, sizeof(*req));
593 
594  /* We didn't start the pairing, so match remote */
595  if (req->auth_req & SMP_AUTH_BONDING)
596  auth = req->auth_req;
597 
598  conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
599 
600  build_pairing_cmd(conn, req, &rsp, auth);
601 
602  key_size = min(req->max_key_size, rsp.max_key_size);
603  if (check_enc_key_size(conn, key_size))
604  return SMP_ENC_KEY_SIZE;
605 
606  ret = smp_rand(smp->prnd);
607  if (ret)
608  return SMP_UNSPECIFIED;
609 
610  smp->prsp[0] = SMP_CMD_PAIRING_RSP;
611  memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
612 
613  smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
614 
615  /* Request setup of TK */
616  ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
617  if (ret)
618  return SMP_UNSPECIFIED;
619 
620  return 0;
621 }
622 
623 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
624 {
625  struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
626  struct smp_chan *smp = conn->smp_chan;
627  struct hci_dev *hdev = conn->hcon->hdev;
628  u8 key_size, auth = SMP_AUTH_NONE;
629  int ret;
630 
631  BT_DBG("conn %p", conn);
632 
633  if (!(conn->hcon->link_mode & HCI_LM_MASTER))
634  return SMP_CMD_NOTSUPP;
635 
636  skb_pull(skb, sizeof(*rsp));
637 
638  req = (void *) &smp->preq[1];
639 
640  key_size = min(req->max_key_size, rsp->max_key_size);
641  if (check_enc_key_size(conn, key_size))
642  return SMP_ENC_KEY_SIZE;
643 
644  ret = smp_rand(smp->prnd);
645  if (ret)
646  return SMP_UNSPECIFIED;
647 
648  smp->prsp[0] = SMP_CMD_PAIRING_RSP;
649  memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
650 
651  if ((req->auth_req & SMP_AUTH_BONDING) &&
652  (rsp->auth_req & SMP_AUTH_BONDING))
653  auth = SMP_AUTH_BONDING;
654 
655  auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
656 
657  ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
658  if (ret)
659  return SMP_UNSPECIFIED;
660 
662 
663  /* Can't compose response until we have been confirmed */
664  if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
665  return 0;
666 
667  queue_work(hdev->workqueue, &smp->confirm);
668 
669  return 0;
670 }
671 
672 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
673 {
674  struct smp_chan *smp = conn->smp_chan;
675  struct hci_dev *hdev = conn->hcon->hdev;
676 
677  BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
678 
679  memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
680  skb_pull(skb, sizeof(smp->pcnf));
681 
682  if (conn->hcon->out) {
683  u8 random[16];
684 
685  swap128(smp->prnd, random);
686  smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
687  random);
688  } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
689  queue_work(hdev->workqueue, &smp->confirm);
690  } else {
692  }
693 
694  return 0;
695 }
696 
697 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
698 {
699  struct smp_chan *smp = conn->smp_chan;
700  struct hci_dev *hdev = conn->hcon->hdev;
701 
702  BT_DBG("conn %p", conn);
703 
704  swap128(skb->data, smp->rrnd);
705  skb_pull(skb, sizeof(smp->rrnd));
706 
707  queue_work(hdev->workqueue, &smp->random);
708 
709  return 0;
710 }
711 
712 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
713 {
714  struct smp_ltk *key;
715  struct hci_conn *hcon = conn->hcon;
716 
717  key = hci_find_ltk_by_addr(hcon->hdev, conn->dst, hcon->dst_type);
718  if (!key)
719  return 0;
720 
721  if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
722  return 0;
723 
725  return 1;
726 
727  hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
728  hcon->enc_key_size = key->enc_size;
729 
730  return 1;
731 
732 }
733 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
734 {
735  struct smp_cmd_security_req *rp = (void *) skb->data;
736  struct smp_cmd_pairing cp;
737  struct hci_conn *hcon = conn->hcon;
738  struct smp_chan *smp;
739 
740  BT_DBG("conn %p", conn);
741 
742  hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
743 
744  if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
745  return 0;
746 
748  return 0;
749 
750  smp = smp_chan_create(conn);
751 
752  skb_pull(skb, sizeof(*rp));
753 
754  memset(&cp, 0, sizeof(cp));
755  build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
756 
757  smp->preq[0] = SMP_CMD_PAIRING_REQ;
758  memcpy(&smp->preq[1], &cp, sizeof(cp));
759 
760  smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
761 
762  return 0;
763 }
764 
765 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
766 {
767  struct l2cap_conn *conn = hcon->l2cap_data;
768  struct smp_chan *smp = conn->smp_chan;
769  __u8 authreq;
770 
771  BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
772 
773  if (!lmp_host_le_capable(hcon->hdev))
774  return 1;
775 
776  if (sec_level == BT_SECURITY_LOW)
777  return 1;
778 
779  if (hcon->sec_level >= sec_level)
780  return 1;
781 
782  if (hcon->link_mode & HCI_LM_MASTER)
783  if (smp_ltk_encrypt(conn, sec_level))
784  goto done;
785 
787  return 0;
788 
789  smp = smp_chan_create(conn);
790  if (!smp)
791  return 1;
792 
793  authreq = seclevel_to_authreq(sec_level);
794 
795  if (hcon->link_mode & HCI_LM_MASTER) {
796  struct smp_cmd_pairing cp;
797 
798  build_pairing_cmd(conn, &cp, NULL, authreq);
799  smp->preq[0] = SMP_CMD_PAIRING_REQ;
800  memcpy(&smp->preq[1], &cp, sizeof(cp));
801 
802  smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
803  } else {
804  struct smp_cmd_security_req cp;
805  cp.auth_req = authreq;
806  smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
807  }
808 
809 done:
810  hcon->pending_sec_level = sec_level;
811 
812  return 0;
813 }
814 
815 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
816 {
817  struct smp_cmd_encrypt_info *rp = (void *) skb->data;
818  struct smp_chan *smp = conn->smp_chan;
819 
820  skb_pull(skb, sizeof(*rp));
821 
822  memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
823 
824  return 0;
825 }
826 
827 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
828 {
829  struct smp_cmd_master_ident *rp = (void *) skb->data;
830  struct smp_chan *smp = conn->smp_chan;
831  struct hci_dev *hdev = conn->hcon->hdev;
832  struct hci_conn *hcon = conn->hcon;
833  u8 authenticated;
834 
835  skb_pull(skb, sizeof(*rp));
836 
837  hci_dev_lock(hdev);
838  authenticated = (conn->hcon->sec_level == BT_SECURITY_HIGH);
839  hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
840  HCI_SMP_LTK, 1, authenticated, smp->tk, smp->enc_key_size,
841  rp->ediv, rp->rand);
842  smp_distribute_keys(conn, 1);
843  hci_dev_unlock(hdev);
844 
845  return 0;
846 }
847 
848 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
849 {
850  __u8 code = skb->data[0];
851  __u8 reason;
852  int err = 0;
853 
854  if (!lmp_host_le_capable(conn->hcon->hdev)) {
855  err = -ENOTSUPP;
856  reason = SMP_PAIRING_NOTSUPP;
857  goto done;
858  }
859 
860  skb_pull(skb, sizeof(code));
861 
862  switch (code) {
863  case SMP_CMD_PAIRING_REQ:
864  reason = smp_cmd_pairing_req(conn, skb);
865  break;
866 
868  smp_failure(conn, skb->data[0], 0);
869  reason = 0;
870  err = -EPERM;
871  break;
872 
873  case SMP_CMD_PAIRING_RSP:
874  reason = smp_cmd_pairing_rsp(conn, skb);
875  break;
876 
878  reason = smp_cmd_security_req(conn, skb);
879  break;
880 
882  reason = smp_cmd_pairing_confirm(conn, skb);
883  break;
884 
886  reason = smp_cmd_pairing_random(conn, skb);
887  break;
888 
890  reason = smp_cmd_encrypt_info(conn, skb);
891  break;
892 
894  reason = smp_cmd_master_ident(conn, skb);
895  break;
896 
897  case SMP_CMD_IDENT_INFO:
899  case SMP_CMD_SIGN_INFO:
900  /* Just ignored */
901  reason = 0;
902  break;
903 
904  default:
905  BT_DBG("Unknown command code 0x%2.2x", code);
906 
907  reason = SMP_CMD_NOTSUPP;
908  err = -EOPNOTSUPP;
909  goto done;
910  }
911 
912 done:
913  if (reason)
914  smp_failure(conn, reason, 1);
915 
916  kfree_skb(skb);
917  return err;
918 }
919 
921 {
922  struct smp_cmd_pairing *req, *rsp;
923  struct smp_chan *smp = conn->smp_chan;
924  __u8 *keydist;
925 
926  BT_DBG("conn %p force %d", conn, force);
927 
928  if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
929  return 0;
930 
931  rsp = (void *) &smp->prsp[1];
932 
933  /* The responder sends its keys first */
934  if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
935  return 0;
936 
937  req = (void *) &smp->preq[1];
938 
939  if (conn->hcon->out) {
940  keydist = &rsp->init_key_dist;
941  *keydist &= req->init_key_dist;
942  } else {
943  keydist = &rsp->resp_key_dist;
944  *keydist &= req->resp_key_dist;
945  }
946 
947 
948  BT_DBG("keydist 0x%x", *keydist);
949 
950  if (*keydist & SMP_DIST_ENC_KEY) {
951  struct smp_cmd_encrypt_info enc;
952  struct smp_cmd_master_ident ident;
953  struct hci_conn *hcon = conn->hcon;
954  u8 authenticated;
955  __le16 ediv;
956 
957  get_random_bytes(enc.ltk, sizeof(enc.ltk));
958  get_random_bytes(&ediv, sizeof(ediv));
959  get_random_bytes(ident.rand, sizeof(ident.rand));
960 
961  smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
962 
963  authenticated = hcon->sec_level == BT_SECURITY_HIGH;
964  hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
965  HCI_SMP_LTK_SLAVE, 1, authenticated,
966  enc.ltk, smp->enc_key_size, ediv, ident.rand);
967 
968  ident.ediv = ediv;
969 
970  smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
971 
972  *keydist &= ~SMP_DIST_ENC_KEY;
973  }
974 
975  if (*keydist & SMP_DIST_ID_KEY) {
976  struct smp_cmd_ident_addr_info addrinfo;
977  struct smp_cmd_ident_info idinfo;
978 
979  /* Send a dummy key */
980  get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
981 
982  smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
983 
984  /* Just public address */
985  memset(&addrinfo, 0, sizeof(addrinfo));
986  bacpy(&addrinfo.bdaddr, conn->src);
987 
988  smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
989  &addrinfo);
990 
991  *keydist &= ~SMP_DIST_ID_KEY;
992  }
993 
994  if (*keydist & SMP_DIST_SIGN) {
995  struct smp_cmd_sign_info sign;
996 
997  /* Send a dummy key */
998  get_random_bytes(sign.csrk, sizeof(sign.csrk));
999 
1000  smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1001 
1002  *keydist &= ~SMP_DIST_SIGN;
1003  }
1004 
1005  if (conn->hcon->out || force) {
1006  clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1008  smp_chan_destroy(conn);
1009  }
1010 
1011  return 0;
1012 }