2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src[16], u8 dst[16])
41 for (i = 0; i < 16; i++)
45 static inline void swap56(u8 src[7], u8 dst[7])
48 for (i = 0; i < 7; i++)
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
57 unsigned char iv[128];
60 BT_ERR("tfm %p", tfm);
67 err = crypto_blkcipher_setkey(tfm, k, 16);
69 BT_ERR("cipher setkey failed: %d", err);
73 sg_init_one(&sg, r, 16);
75 iv_len = crypto_blkcipher_ivsize(tfm);
77 memset(&iv, 0xff, iv_len);
78 crypto_blkcipher_set_iv(tfm, iv, iv_len);
81 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
83 BT_ERR("Encrypt data error %d", err);
88 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
89 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
90 u8 _rat, bdaddr_t *ra, u8 res[16])
97 /* p1 = pres || preq || _rat || _iat */
105 /* p2 = padding || ia || ra */
106 baswap((bdaddr_t *) (p2 + 4), ia);
107 baswap((bdaddr_t *) (p2 + 10), ra);
110 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
112 /* res = e(k, res) */
113 err = smp_e(tfm, k, res);
115 BT_ERR("Encrypt data error");
119 /* res = res XOR p2 */
120 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
122 /* res = e(k, res) */
123 err = smp_e(tfm, k, res);
125 BT_ERR("Encrypt data error");
130 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
131 u8 r2[16], u8 _r[16])
135 /* Just least significant octets from r1 and r2 are considered */
136 memcpy(_r, r1 + 8, 8);
137 memcpy(_r + 8, r2 + 8, 8);
139 err = smp_e(tfm, k, _r);
141 BT_ERR("Encrypt data error");
146 static int smp_rand(u8 *buf)
148 get_random_bytes(buf, 16);
153 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
154 u16 dlen, void *data)
157 struct l2cap_hdr *lh;
160 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
165 skb = bt_skb_alloc(len, GFP_ATOMIC);
169 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
170 lh->len = cpu_to_le16(sizeof(code) + dlen);
171 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
173 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
175 memcpy(skb_put(skb, dlen), data, dlen);
180 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
182 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
184 BT_DBG("code 0x%2.2x", code);
189 skb->priority = HCI_PRIO_MAX;
190 hci_send_acl(conn->hchan, skb, 0);
192 cancel_delayed_work_sync(&conn->security_timer);
193 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
196 static __u8 authreq_to_seclevel(__u8 authreq)
198 if (authreq & SMP_AUTH_MITM)
199 return BT_SECURITY_HIGH;
201 return BT_SECURITY_MEDIUM;
204 static __u8 seclevel_to_authreq(__u8 sec_level)
207 case BT_SECURITY_HIGH:
208 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
209 case BT_SECURITY_MEDIUM:
210 return SMP_AUTH_BONDING;
212 return SMP_AUTH_NONE;
216 static void build_pairing_cmd(struct l2cap_conn *conn,
217 struct smp_cmd_pairing *req,
218 struct smp_cmd_pairing *rsp, __u8 authreq)
222 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
223 dist_keys = SMP_DIST_ENC_KEY;
224 authreq |= SMP_AUTH_BONDING;
226 authreq &= ~SMP_AUTH_BONDING;
230 req->io_capability = conn->hcon->io_capability;
231 req->oob_flag = SMP_OOB_NOT_PRESENT;
232 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
233 req->init_key_dist = 0;
234 req->resp_key_dist = dist_keys;
235 req->auth_req = (authreq & AUTH_REQ_MASK);
239 rsp->io_capability = conn->hcon->io_capability;
240 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
241 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
242 rsp->init_key_dist = 0;
243 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
244 rsp->auth_req = (authreq & AUTH_REQ_MASK);
247 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
249 struct smp_chan *smp = conn->smp_chan;
251 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
252 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
253 return SMP_ENC_KEY_SIZE;
255 smp->enc_key_size = max_key_size;
260 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
262 struct hci_conn *hcon = conn->hcon;
265 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
268 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
269 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
270 HCI_ERROR_AUTH_FAILURE);
272 cancel_delayed_work_sync(&conn->security_timer);
274 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
275 smp_chan_destroy(conn);
278 #define JUST_WORKS 0x00
279 #define JUST_CFM 0x01
280 #define REQ_PASSKEY 0x02
281 #define CFM_PASSKEY 0x03
285 static const u8 gen_method[5][5] = {
286 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
287 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
288 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
289 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
290 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
293 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
294 u8 local_io, u8 remote_io)
296 struct hci_conn *hcon = conn->hcon;
297 struct smp_chan *smp = conn->smp_chan;
302 /* Initialize key for JUST WORKS */
303 memset(smp->tk, 0, sizeof(smp->tk));
304 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
306 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
308 /* If neither side wants MITM, use JUST WORKS */
309 /* If either side has unknown io_caps, use JUST WORKS */
310 /* Otherwise, look up method from the table */
311 if (!(auth & SMP_AUTH_MITM) ||
312 local_io > SMP_IO_KEYBOARD_DISPLAY ||
313 remote_io > SMP_IO_KEYBOARD_DISPLAY)
316 method = gen_method[remote_io][local_io];
318 /* If not bonding, don't ask user to confirm a Zero TK */
319 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
322 /* If Just Works, Continue with Zero TK */
323 if (method == JUST_WORKS) {
324 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
328 /* Not Just Works/Confirm results in MITM Authentication */
329 if (method != JUST_CFM)
330 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
332 /* If both devices have Keyoard-Display I/O, the master
333 * Confirms and the slave Enters the passkey.
335 if (method == OVERLAP) {
336 if (hcon->link_mode & HCI_LM_MASTER)
337 method = CFM_PASSKEY;
339 method = REQ_PASSKEY;
342 /* Generate random passkey. Not valid until confirmed. */
343 if (method == CFM_PASSKEY) {
346 memset(key, 0, sizeof(key));
347 get_random_bytes(&passkey, sizeof(passkey));
349 put_unaligned_le32(passkey, key);
350 swap128(key, smp->tk);
351 BT_DBG("PassKey: %d", passkey);
354 hci_dev_lock(hcon->hdev);
356 if (method == REQ_PASSKEY)
357 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
358 hcon->type, hcon->dst_type);
360 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
361 hcon->type, hcon->dst_type,
362 cpu_to_le32(passkey), 0);
364 hci_dev_unlock(hcon->hdev);
369 static void confirm_work(struct work_struct *work)
371 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
372 struct l2cap_conn *conn = smp->conn;
373 struct crypto_blkcipher *tfm;
374 struct smp_cmd_pairing_confirm cp;
378 BT_DBG("conn %p", conn);
380 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
382 reason = SMP_UNSPECIFIED;
389 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
390 conn->hcon->src_type, &conn->hcon->src,
391 conn->hcon->dst_type, &conn->hcon->dst, res);
393 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
394 conn->hcon->dst_type, &conn->hcon->dst,
395 conn->hcon->src_type, &conn->hcon->src, res);
397 reason = SMP_UNSPECIFIED;
401 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
403 swap128(res, cp.confirm_val);
404 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
409 smp_failure(conn, reason, 1);
412 static void random_work(struct work_struct *work)
414 struct smp_chan *smp = container_of(work, struct smp_chan, random);
415 struct l2cap_conn *conn = smp->conn;
416 struct hci_conn *hcon = conn->hcon;
417 struct crypto_blkcipher *tfm = smp->tfm;
418 u8 reason, confirm[16], res[16], key[16];
421 if (IS_ERR_OR_NULL(tfm)) {
422 reason = SMP_UNSPECIFIED;
426 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
429 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
430 hcon->src_type, &hcon->src,
431 hcon->dst_type, &hcon->dst, res);
433 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
434 hcon->dst_type, &hcon->dst,
435 hcon->src_type, &hcon->src, res);
437 reason = SMP_UNSPECIFIED;
441 swap128(res, confirm);
443 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
444 BT_ERR("Pairing failed (confirmation values mismatch)");
445 reason = SMP_CONFIRM_FAILED;
453 memset(rand, 0, sizeof(rand));
456 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
459 memset(stk + smp->enc_key_size, 0,
460 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
462 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
463 reason = SMP_UNSPECIFIED;
467 hci_le_start_enc(hcon, ediv, rand, stk);
468 hcon->enc_key_size = smp->enc_key_size;
470 u8 stk[16], r[16], rand[8];
473 memset(rand, 0, sizeof(rand));
476 swap128(smp->prnd, r);
477 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
479 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
482 memset(stk + smp->enc_key_size, 0,
483 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
485 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
486 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
493 smp_failure(conn, reason, 1);
496 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
498 struct smp_chan *smp;
500 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
504 INIT_WORK(&smp->confirm, confirm_work);
505 INIT_WORK(&smp->random, random_work);
508 conn->smp_chan = smp;
509 conn->hcon->smp_conn = conn;
511 hci_conn_hold(conn->hcon);
516 void smp_chan_destroy(struct l2cap_conn *conn)
518 struct smp_chan *smp = conn->smp_chan;
523 crypto_free_blkcipher(smp->tfm);
526 conn->smp_chan = NULL;
527 conn->hcon->smp_conn = NULL;
528 hci_conn_drop(conn->hcon);
531 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
533 struct l2cap_conn *conn = hcon->smp_conn;
534 struct smp_chan *smp;
543 smp = conn->smp_chan;
546 case MGMT_OP_USER_PASSKEY_REPLY:
547 value = le32_to_cpu(passkey);
548 memset(key, 0, sizeof(key));
549 BT_DBG("PassKey: %d", value);
550 put_unaligned_le32(value, key);
551 swap128(key, smp->tk);
553 case MGMT_OP_USER_CONFIRM_REPLY:
554 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
556 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
557 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
558 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
561 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
565 /* If it is our turn to send Pairing Confirm, do so now */
566 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
567 queue_work(hcon->hdev->workqueue, &smp->confirm);
572 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
574 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
575 struct smp_chan *smp;
577 u8 auth = SMP_AUTH_NONE;
580 BT_DBG("conn %p", conn);
582 if (conn->hcon->link_mode & HCI_LM_MASTER)
583 return SMP_CMD_NOTSUPP;
585 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
586 smp = smp_chan_create(conn);
588 smp = conn->smp_chan;
591 return SMP_UNSPECIFIED;
593 smp->preq[0] = SMP_CMD_PAIRING_REQ;
594 memcpy(&smp->preq[1], req, sizeof(*req));
595 skb_pull(skb, sizeof(*req));
597 /* We didn't start the pairing, so match remote */
598 if (req->auth_req & SMP_AUTH_BONDING)
599 auth = req->auth_req;
601 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
603 build_pairing_cmd(conn, req, &rsp, auth);
605 key_size = min(req->max_key_size, rsp.max_key_size);
606 if (check_enc_key_size(conn, key_size))
607 return SMP_ENC_KEY_SIZE;
609 ret = smp_rand(smp->prnd);
611 return SMP_UNSPECIFIED;
613 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
614 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
616 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
618 /* Request setup of TK */
619 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
621 return SMP_UNSPECIFIED;
626 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
628 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
629 struct smp_chan *smp = conn->smp_chan;
630 struct hci_dev *hdev = conn->hcon->hdev;
631 u8 key_size, auth = SMP_AUTH_NONE;
634 BT_DBG("conn %p", conn);
636 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
637 return SMP_CMD_NOTSUPP;
639 skb_pull(skb, sizeof(*rsp));
641 req = (void *) &smp->preq[1];
643 key_size = min(req->max_key_size, rsp->max_key_size);
644 if (check_enc_key_size(conn, key_size))
645 return SMP_ENC_KEY_SIZE;
647 ret = smp_rand(smp->prnd);
649 return SMP_UNSPECIFIED;
651 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
652 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
654 if ((req->auth_req & SMP_AUTH_BONDING) &&
655 (rsp->auth_req & SMP_AUTH_BONDING))
656 auth = SMP_AUTH_BONDING;
658 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
660 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
662 return SMP_UNSPECIFIED;
664 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
666 /* Can't compose response until we have been confirmed */
667 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
670 queue_work(hdev->workqueue, &smp->confirm);
675 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
677 struct smp_chan *smp = conn->smp_chan;
678 struct hci_dev *hdev = conn->hcon->hdev;
680 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
682 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
683 skb_pull(skb, sizeof(smp->pcnf));
685 if (conn->hcon->out) {
688 swap128(smp->prnd, random);
689 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
691 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
692 queue_work(hdev->workqueue, &smp->confirm);
694 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
700 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
702 struct smp_chan *smp = conn->smp_chan;
703 struct hci_dev *hdev = conn->hcon->hdev;
705 BT_DBG("conn %p", conn);
707 swap128(skb->data, smp->rrnd);
708 skb_pull(skb, sizeof(smp->rrnd));
710 queue_work(hdev->workqueue, &smp->random);
715 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
718 struct hci_conn *hcon = conn->hcon;
720 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type);
724 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
727 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
730 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
731 hcon->enc_key_size = key->enc_size;
736 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
738 struct smp_cmd_security_req *rp = (void *) skb->data;
739 struct smp_cmd_pairing cp;
740 struct hci_conn *hcon = conn->hcon;
741 struct smp_chan *smp;
743 BT_DBG("conn %p", conn);
745 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
747 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
750 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
753 smp = smp_chan_create(conn);
755 skb_pull(skb, sizeof(*rp));
757 memset(&cp, 0, sizeof(cp));
758 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
760 smp->preq[0] = SMP_CMD_PAIRING_REQ;
761 memcpy(&smp->preq[1], &cp, sizeof(cp));
763 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
768 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
770 struct l2cap_conn *conn = hcon->l2cap_data;
771 struct smp_chan *smp = conn->smp_chan;
774 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
776 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
779 if (sec_level == BT_SECURITY_LOW)
782 if (hcon->sec_level >= sec_level)
785 if (hcon->link_mode & HCI_LM_MASTER)
786 if (smp_ltk_encrypt(conn, sec_level))
789 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
792 smp = smp_chan_create(conn);
796 authreq = seclevel_to_authreq(sec_level);
798 if (hcon->link_mode & HCI_LM_MASTER) {
799 struct smp_cmd_pairing cp;
801 build_pairing_cmd(conn, &cp, NULL, authreq);
802 smp->preq[0] = SMP_CMD_PAIRING_REQ;
803 memcpy(&smp->preq[1], &cp, sizeof(cp));
805 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
807 struct smp_cmd_security_req cp;
808 cp.auth_req = authreq;
809 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
813 hcon->pending_sec_level = sec_level;
818 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
820 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
821 struct smp_chan *smp = conn->smp_chan;
823 skb_pull(skb, sizeof(*rp));
825 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
830 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
832 struct smp_cmd_master_ident *rp = (void *) skb->data;
833 struct smp_chan *smp = conn->smp_chan;
834 struct hci_dev *hdev = conn->hcon->hdev;
835 struct hci_conn *hcon = conn->hcon;
838 skb_pull(skb, sizeof(*rp));
841 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
842 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
843 authenticated, smp->tk, smp->enc_key_size,
845 smp_distribute_keys(conn, 1);
846 hci_dev_unlock(hdev);
851 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
853 struct hci_conn *hcon = conn->hcon;
857 if (hcon->type != LE_LINK) {
867 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
869 reason = SMP_PAIRING_NOTSUPP;
874 skb_pull(skb, sizeof(code));
877 * The SMP context must be initialized for all other PDUs except
878 * pairing and security requests. If we get any other PDU when
879 * not initialized simply disconnect (done if this function
882 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
884 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
890 case SMP_CMD_PAIRING_REQ:
891 reason = smp_cmd_pairing_req(conn, skb);
894 case SMP_CMD_PAIRING_FAIL:
895 smp_failure(conn, skb->data[0], 0);
900 case SMP_CMD_PAIRING_RSP:
901 reason = smp_cmd_pairing_rsp(conn, skb);
904 case SMP_CMD_SECURITY_REQ:
905 reason = smp_cmd_security_req(conn, skb);
908 case SMP_CMD_PAIRING_CONFIRM:
909 reason = smp_cmd_pairing_confirm(conn, skb);
912 case SMP_CMD_PAIRING_RANDOM:
913 reason = smp_cmd_pairing_random(conn, skb);
916 case SMP_CMD_ENCRYPT_INFO:
917 reason = smp_cmd_encrypt_info(conn, skb);
920 case SMP_CMD_MASTER_IDENT:
921 reason = smp_cmd_master_ident(conn, skb);
924 case SMP_CMD_IDENT_INFO:
925 case SMP_CMD_IDENT_ADDR_INFO:
926 case SMP_CMD_SIGN_INFO:
932 BT_DBG("Unknown command code 0x%2.2x", code);
934 reason = SMP_CMD_NOTSUPP;
941 smp_failure(conn, reason, 1);
947 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
949 struct smp_cmd_pairing *req, *rsp;
950 struct smp_chan *smp = conn->smp_chan;
953 BT_DBG("conn %p force %d", conn, force);
955 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
958 rsp = (void *) &smp->prsp[1];
960 /* The responder sends its keys first */
961 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
964 req = (void *) &smp->preq[1];
966 if (conn->hcon->out) {
967 keydist = &rsp->init_key_dist;
968 *keydist &= req->init_key_dist;
970 keydist = &rsp->resp_key_dist;
971 *keydist &= req->resp_key_dist;
975 BT_DBG("keydist 0x%x", *keydist);
977 if (*keydist & SMP_DIST_ENC_KEY) {
978 struct smp_cmd_encrypt_info enc;
979 struct smp_cmd_master_ident ident;
980 struct hci_conn *hcon = conn->hcon;
984 get_random_bytes(enc.ltk, sizeof(enc.ltk));
985 get_random_bytes(&ediv, sizeof(ediv));
986 get_random_bytes(ident.rand, sizeof(ident.rand));
988 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
990 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
991 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
992 HCI_SMP_LTK_SLAVE, 1, authenticated,
993 enc.ltk, smp->enc_key_size, ediv, ident.rand);
997 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
999 *keydist &= ~SMP_DIST_ENC_KEY;
1002 if (*keydist & SMP_DIST_ID_KEY) {
1003 struct smp_cmd_ident_addr_info addrinfo;
1004 struct smp_cmd_ident_info idinfo;
1006 /* Send a dummy key */
1007 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1009 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1011 /* Just public address */
1012 memset(&addrinfo, 0, sizeof(addrinfo));
1013 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1015 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1018 *keydist &= ~SMP_DIST_ID_KEY;
1021 if (*keydist & SMP_DIST_SIGN) {
1022 struct smp_cmd_sign_info sign;
1024 /* Send a dummy key */
1025 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1027 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1029 *keydist &= ~SMP_DIST_SIGN;
1032 if (conn->hcon->out || force) {
1033 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1034 cancel_delayed_work_sync(&conn->security_timer);
1035 smp_chan_destroy(conn);