2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src[16], u8 dst[16])
41 for (i = 0; i < 16; i++)
45 static inline void swap56(u8 src[7], u8 dst[7])
48 for (i = 0; i < 7; i++)
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
57 unsigned char iv[128];
60 BT_ERR("tfm %p", tfm);
67 err = crypto_blkcipher_setkey(tfm, k, 16);
69 BT_ERR("cipher setkey failed: %d", err);
73 sg_init_one(&sg, r, 16);
75 iv_len = crypto_blkcipher_ivsize(tfm);
77 memset(&iv, 0xff, iv_len);
78 crypto_blkcipher_set_iv(tfm, iv, iv_len);
81 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
83 BT_ERR("Encrypt data error %d", err);
88 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
89 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
90 u8 _rat, bdaddr_t *ra, u8 res[16])
97 /* p1 = pres || preq || _rat || _iat */
105 /* p2 = padding || ia || ra */
106 baswap((bdaddr_t *) (p2 + 4), ia);
107 baswap((bdaddr_t *) (p2 + 10), ra);
110 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
112 /* res = e(k, res) */
113 err = smp_e(tfm, k, res);
115 BT_ERR("Encrypt data error");
119 /* res = res XOR p2 */
120 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
122 /* res = e(k, res) */
123 err = smp_e(tfm, k, res);
125 BT_ERR("Encrypt data error");
130 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
131 u8 r2[16], u8 _r[16])
135 /* Just least significant octets from r1 and r2 are considered */
136 memcpy(_r, r1 + 8, 8);
137 memcpy(_r + 8, r2 + 8, 8);
139 err = smp_e(tfm, k, _r);
141 BT_ERR("Encrypt data error");
146 static int smp_rand(u8 *buf)
148 get_random_bytes(buf, 16);
153 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
154 u16 dlen, void *data)
157 struct l2cap_hdr *lh;
160 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
165 skb = bt_skb_alloc(len, GFP_ATOMIC);
169 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
170 lh->len = cpu_to_le16(sizeof(code) + dlen);
171 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
173 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
175 memcpy(skb_put(skb, dlen), data, dlen);
180 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
182 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
184 BT_DBG("code 0x%2.2x", code);
189 skb->priority = HCI_PRIO_MAX;
190 hci_send_acl(conn->hchan, skb, 0);
192 cancel_delayed_work_sync(&conn->security_timer);
193 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
196 static __u8 authreq_to_seclevel(__u8 authreq)
198 if (authreq & SMP_AUTH_MITM)
199 return BT_SECURITY_HIGH;
201 return BT_SECURITY_MEDIUM;
204 static __u8 seclevel_to_authreq(__u8 sec_level)
207 case BT_SECURITY_HIGH:
208 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
209 case BT_SECURITY_MEDIUM:
210 return SMP_AUTH_BONDING;
212 return SMP_AUTH_NONE;
216 static void build_pairing_cmd(struct l2cap_conn *conn,
217 struct smp_cmd_pairing *req,
218 struct smp_cmd_pairing *rsp, __u8 authreq)
222 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
223 dist_keys = SMP_DIST_ENC_KEY;
224 authreq |= SMP_AUTH_BONDING;
226 authreq &= ~SMP_AUTH_BONDING;
230 req->io_capability = conn->hcon->io_capability;
231 req->oob_flag = SMP_OOB_NOT_PRESENT;
232 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
233 req->init_key_dist = 0;
234 req->resp_key_dist = dist_keys;
235 req->auth_req = (authreq & AUTH_REQ_MASK);
239 rsp->io_capability = conn->hcon->io_capability;
240 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
241 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
242 rsp->init_key_dist = 0;
243 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
244 rsp->auth_req = (authreq & AUTH_REQ_MASK);
247 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
249 struct smp_chan *smp = conn->smp_chan;
251 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
252 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
253 return SMP_ENC_KEY_SIZE;
255 smp->enc_key_size = max_key_size;
260 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
262 struct hci_conn *hcon = conn->hcon;
265 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
268 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
269 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
270 HCI_ERROR_AUTH_FAILURE);
272 cancel_delayed_work_sync(&conn->security_timer);
274 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
275 smp_chan_destroy(conn);
278 #define JUST_WORKS 0x00
279 #define JUST_CFM 0x01
280 #define REQ_PASSKEY 0x02
281 #define CFM_PASSKEY 0x03
285 static const u8 gen_method[5][5] = {
286 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
287 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
288 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
289 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
290 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
293 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
294 u8 local_io, u8 remote_io)
296 struct hci_conn *hcon = conn->hcon;
297 struct smp_chan *smp = conn->smp_chan;
302 /* Initialize key for JUST WORKS */
303 memset(smp->tk, 0, sizeof(smp->tk));
304 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
306 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
308 /* If neither side wants MITM, use JUST WORKS */
309 /* If either side has unknown io_caps, use JUST WORKS */
310 /* Otherwise, look up method from the table */
311 if (!(auth & SMP_AUTH_MITM) ||
312 local_io > SMP_IO_KEYBOARD_DISPLAY ||
313 remote_io > SMP_IO_KEYBOARD_DISPLAY)
316 method = gen_method[remote_io][local_io];
318 /* If not bonding, don't ask user to confirm a Zero TK */
319 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
322 /* If Just Works, Continue with Zero TK */
323 if (method == JUST_WORKS) {
324 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
328 /* Not Just Works/Confirm results in MITM Authentication */
329 if (method != JUST_CFM)
330 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
332 /* If both devices have Keyoard-Display I/O, the master
333 * Confirms and the slave Enters the passkey.
335 if (method == OVERLAP) {
336 if (hcon->link_mode & HCI_LM_MASTER)
337 method = CFM_PASSKEY;
339 method = REQ_PASSKEY;
342 /* Generate random passkey. Not valid until confirmed. */
343 if (method == CFM_PASSKEY) {
346 memset(key, 0, sizeof(key));
347 get_random_bytes(&passkey, sizeof(passkey));
349 put_unaligned_le32(passkey, key);
350 swap128(key, smp->tk);
351 BT_DBG("PassKey: %d", passkey);
354 hci_dev_lock(hcon->hdev);
356 if (method == REQ_PASSKEY)
357 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
358 hcon->type, hcon->dst_type);
360 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
361 hcon->type, hcon->dst_type,
362 cpu_to_le32(passkey), 0);
364 hci_dev_unlock(hcon->hdev);
369 static void confirm_work(struct work_struct *work)
371 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
372 struct l2cap_conn *conn = smp->conn;
373 struct crypto_blkcipher *tfm;
374 struct smp_cmd_pairing_confirm cp;
378 BT_DBG("conn %p", conn);
380 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
382 reason = SMP_UNSPECIFIED;
389 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
390 conn->hcon->src_type, &conn->hcon->src,
391 conn->hcon->dst_type, &conn->hcon->dst, res);
393 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
394 conn->hcon->dst_type, &conn->hcon->dst,
395 conn->hcon->src_type, &conn->hcon->src, res);
397 reason = SMP_UNSPECIFIED;
401 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
403 swap128(res, cp.confirm_val);
404 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
409 smp_failure(conn, reason, 1);
412 static void random_work(struct work_struct *work)
414 struct smp_chan *smp = container_of(work, struct smp_chan, random);
415 struct l2cap_conn *conn = smp->conn;
416 struct hci_conn *hcon = conn->hcon;
417 struct crypto_blkcipher *tfm = smp->tfm;
418 u8 reason, confirm[16], res[16], key[16];
421 if (IS_ERR_OR_NULL(tfm)) {
422 reason = SMP_UNSPECIFIED;
426 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
429 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
430 hcon->src_type, &hcon->src,
431 hcon->dst_type, &hcon->dst, res);
433 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
434 hcon->dst_type, &hcon->dst,
435 hcon->src_type, &hcon->src, res);
437 reason = SMP_UNSPECIFIED;
441 swap128(res, confirm);
443 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
444 BT_ERR("Pairing failed (confirmation values mismatch)");
445 reason = SMP_CONFIRM_FAILED;
453 memset(rand, 0, sizeof(rand));
456 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
459 memset(stk + smp->enc_key_size, 0,
460 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
462 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
463 reason = SMP_UNSPECIFIED;
467 hci_le_start_enc(hcon, ediv, rand, stk);
468 hcon->enc_key_size = smp->enc_key_size;
470 u8 stk[16], r[16], rand[8];
473 memset(rand, 0, sizeof(rand));
476 swap128(smp->prnd, r);
477 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
479 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
482 memset(stk + smp->enc_key_size, 0,
483 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
485 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
486 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
493 smp_failure(conn, reason, 1);
496 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
498 struct smp_chan *smp;
500 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
504 INIT_WORK(&smp->confirm, confirm_work);
505 INIT_WORK(&smp->random, random_work);
508 conn->smp_chan = smp;
509 conn->hcon->smp_conn = conn;
511 hci_conn_hold(conn->hcon);
516 void smp_chan_destroy(struct l2cap_conn *conn)
518 struct smp_chan *smp = conn->smp_chan;
523 crypto_free_blkcipher(smp->tfm);
526 conn->smp_chan = NULL;
527 conn->hcon->smp_conn = NULL;
528 hci_conn_drop(conn->hcon);
531 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
533 struct l2cap_conn *conn = hcon->smp_conn;
534 struct smp_chan *smp;
543 smp = conn->smp_chan;
546 case MGMT_OP_USER_PASSKEY_REPLY:
547 value = le32_to_cpu(passkey);
548 memset(key, 0, sizeof(key));
549 BT_DBG("PassKey: %d", value);
550 put_unaligned_le32(value, key);
551 swap128(key, smp->tk);
553 case MGMT_OP_USER_CONFIRM_REPLY:
554 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
556 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
557 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
558 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
561 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
565 /* If it is our turn to send Pairing Confirm, do so now */
566 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
567 queue_work(hcon->hdev->workqueue, &smp->confirm);
572 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
574 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
575 struct smp_chan *smp;
577 u8 auth = SMP_AUTH_NONE;
580 BT_DBG("conn %p", conn);
582 if (conn->hcon->link_mode & HCI_LM_MASTER)
583 return SMP_CMD_NOTSUPP;
585 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
586 smp = smp_chan_create(conn);
588 smp = conn->smp_chan;
591 return SMP_UNSPECIFIED;
593 smp->preq[0] = SMP_CMD_PAIRING_REQ;
594 memcpy(&smp->preq[1], req, sizeof(*req));
595 skb_pull(skb, sizeof(*req));
597 /* We didn't start the pairing, so match remote */
598 if (req->auth_req & SMP_AUTH_BONDING)
599 auth = req->auth_req;
601 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
603 build_pairing_cmd(conn, req, &rsp, auth);
605 key_size = min(req->max_key_size, rsp.max_key_size);
606 if (check_enc_key_size(conn, key_size))
607 return SMP_ENC_KEY_SIZE;
609 ret = smp_rand(smp->prnd);
611 return SMP_UNSPECIFIED;
613 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
614 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
616 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
618 /* Request setup of TK */
619 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
621 return SMP_UNSPECIFIED;
626 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
628 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
629 struct smp_chan *smp = conn->smp_chan;
630 struct hci_dev *hdev = conn->hcon->hdev;
631 u8 key_size, auth = SMP_AUTH_NONE;
634 BT_DBG("conn %p", conn);
636 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
637 return SMP_CMD_NOTSUPP;
639 skb_pull(skb, sizeof(*rsp));
641 req = (void *) &smp->preq[1];
643 key_size = min(req->max_key_size, rsp->max_key_size);
644 if (check_enc_key_size(conn, key_size))
645 return SMP_ENC_KEY_SIZE;
647 ret = smp_rand(smp->prnd);
649 return SMP_UNSPECIFIED;
651 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
652 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
654 if ((req->auth_req & SMP_AUTH_BONDING) &&
655 (rsp->auth_req & SMP_AUTH_BONDING))
656 auth = SMP_AUTH_BONDING;
658 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
660 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
662 return SMP_UNSPECIFIED;
664 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
666 /* Can't compose response until we have been confirmed */
667 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
670 queue_work(hdev->workqueue, &smp->confirm);
675 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
677 struct smp_chan *smp = conn->smp_chan;
678 struct hci_dev *hdev = conn->hcon->hdev;
680 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
682 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
683 skb_pull(skb, sizeof(smp->pcnf));
685 if (conn->hcon->out) {
688 swap128(smp->prnd, random);
689 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
691 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
692 queue_work(hdev->workqueue, &smp->confirm);
694 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
700 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
702 struct smp_chan *smp = conn->smp_chan;
703 struct hci_dev *hdev = conn->hcon->hdev;
705 BT_DBG("conn %p", conn);
707 swap128(skb->data, smp->rrnd);
708 skb_pull(skb, sizeof(smp->rrnd));
710 queue_work(hdev->workqueue, &smp->random);
715 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
718 struct hci_conn *hcon = conn->hcon;
720 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type);
724 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
727 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
730 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
731 hcon->enc_key_size = key->enc_size;
736 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
738 struct smp_cmd_security_req *rp = (void *) skb->data;
739 struct smp_cmd_pairing cp;
740 struct hci_conn *hcon = conn->hcon;
741 struct smp_chan *smp;
743 BT_DBG("conn %p", conn);
745 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
746 return SMP_CMD_NOTSUPP;
748 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
750 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
753 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
756 smp = smp_chan_create(conn);
758 skb_pull(skb, sizeof(*rp));
760 memset(&cp, 0, sizeof(cp));
761 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
763 smp->preq[0] = SMP_CMD_PAIRING_REQ;
764 memcpy(&smp->preq[1], &cp, sizeof(cp));
766 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
771 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
773 struct l2cap_conn *conn = hcon->l2cap_data;
774 struct smp_chan *smp = conn->smp_chan;
777 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
779 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
782 if (sec_level == BT_SECURITY_LOW)
785 if (hcon->sec_level >= sec_level)
788 if (hcon->link_mode & HCI_LM_MASTER)
789 if (smp_ltk_encrypt(conn, sec_level))
792 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
795 smp = smp_chan_create(conn);
799 authreq = seclevel_to_authreq(sec_level);
801 if (hcon->link_mode & HCI_LM_MASTER) {
802 struct smp_cmd_pairing cp;
804 build_pairing_cmd(conn, &cp, NULL, authreq);
805 smp->preq[0] = SMP_CMD_PAIRING_REQ;
806 memcpy(&smp->preq[1], &cp, sizeof(cp));
808 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
810 struct smp_cmd_security_req cp;
811 cp.auth_req = authreq;
812 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
816 hcon->pending_sec_level = sec_level;
821 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
823 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
824 struct smp_chan *smp = conn->smp_chan;
826 skb_pull(skb, sizeof(*rp));
828 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
833 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
835 struct smp_cmd_master_ident *rp = (void *) skb->data;
836 struct smp_chan *smp = conn->smp_chan;
837 struct hci_dev *hdev = conn->hcon->hdev;
838 struct hci_conn *hcon = conn->hcon;
841 skb_pull(skb, sizeof(*rp));
844 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
845 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
846 authenticated, smp->tk, smp->enc_key_size,
848 smp_distribute_keys(conn, 1);
849 hci_dev_unlock(hdev);
854 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
856 struct hci_conn *hcon = conn->hcon;
860 if (hcon->type != LE_LINK) {
870 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
872 reason = SMP_PAIRING_NOTSUPP;
877 skb_pull(skb, sizeof(code));
880 * The SMP context must be initialized for all other PDUs except
881 * pairing and security requests. If we get any other PDU when
882 * not initialized simply disconnect (done if this function
885 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
887 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
893 case SMP_CMD_PAIRING_REQ:
894 reason = smp_cmd_pairing_req(conn, skb);
897 case SMP_CMD_PAIRING_FAIL:
898 smp_failure(conn, skb->data[0], 0);
903 case SMP_CMD_PAIRING_RSP:
904 reason = smp_cmd_pairing_rsp(conn, skb);
907 case SMP_CMD_SECURITY_REQ:
908 reason = smp_cmd_security_req(conn, skb);
911 case SMP_CMD_PAIRING_CONFIRM:
912 reason = smp_cmd_pairing_confirm(conn, skb);
915 case SMP_CMD_PAIRING_RANDOM:
916 reason = smp_cmd_pairing_random(conn, skb);
919 case SMP_CMD_ENCRYPT_INFO:
920 reason = smp_cmd_encrypt_info(conn, skb);
923 case SMP_CMD_MASTER_IDENT:
924 reason = smp_cmd_master_ident(conn, skb);
927 case SMP_CMD_IDENT_INFO:
928 case SMP_CMD_IDENT_ADDR_INFO:
929 case SMP_CMD_SIGN_INFO:
935 BT_DBG("Unknown command code 0x%2.2x", code);
937 reason = SMP_CMD_NOTSUPP;
944 smp_failure(conn, reason, 1);
950 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
952 struct smp_cmd_pairing *req, *rsp;
953 struct smp_chan *smp = conn->smp_chan;
956 BT_DBG("conn %p force %d", conn, force);
958 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
961 rsp = (void *) &smp->prsp[1];
963 /* The responder sends its keys first */
964 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
967 req = (void *) &smp->preq[1];
969 if (conn->hcon->out) {
970 keydist = &rsp->init_key_dist;
971 *keydist &= req->init_key_dist;
973 keydist = &rsp->resp_key_dist;
974 *keydist &= req->resp_key_dist;
978 BT_DBG("keydist 0x%x", *keydist);
980 if (*keydist & SMP_DIST_ENC_KEY) {
981 struct smp_cmd_encrypt_info enc;
982 struct smp_cmd_master_ident ident;
983 struct hci_conn *hcon = conn->hcon;
987 get_random_bytes(enc.ltk, sizeof(enc.ltk));
988 get_random_bytes(&ediv, sizeof(ediv));
989 get_random_bytes(ident.rand, sizeof(ident.rand));
991 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
993 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
994 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
995 HCI_SMP_LTK_SLAVE, 1, authenticated,
996 enc.ltk, smp->enc_key_size, ediv, ident.rand);
1000 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1002 *keydist &= ~SMP_DIST_ENC_KEY;
1005 if (*keydist & SMP_DIST_ID_KEY) {
1006 struct smp_cmd_ident_addr_info addrinfo;
1007 struct smp_cmd_ident_info idinfo;
1009 /* Send a dummy key */
1010 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1012 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1014 /* Just public address */
1015 memset(&addrinfo, 0, sizeof(addrinfo));
1016 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1018 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1021 *keydist &= ~SMP_DIST_ID_KEY;
1024 if (*keydist & SMP_DIST_SIGN) {
1025 struct smp_cmd_sign_info sign;
1027 /* Send a dummy key */
1028 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1030 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1032 *keydist &= ~SMP_DIST_SIGN;
1035 if (conn->hcon->out || force) {
1036 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1037 cancel_delayed_work_sync(&conn->security_timer);
1038 smp_chan_destroy(conn);