2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src[16], u8 dst[16])
41 for (i = 0; i < 16; i++)
45 static inline void swap56(u8 src[7], u8 dst[7])
48 for (i = 0; i < 7; i++)
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
57 unsigned char iv[128];
60 BT_ERR("tfm %p", tfm);
67 err = crypto_blkcipher_setkey(tfm, k, 16);
69 BT_ERR("cipher setkey failed: %d", err);
73 sg_init_one(&sg, r, 16);
75 iv_len = crypto_blkcipher_ivsize(tfm);
77 memset(&iv, 0xff, iv_len);
78 crypto_blkcipher_set_iv(tfm, iv, iv_len);
81 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
83 BT_ERR("Encrypt data error %d", err);
88 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
89 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
90 u8 _rat, bdaddr_t *ra, u8 res[16])
97 /* p1 = pres || preq || _rat || _iat */
105 /* p2 = padding || ia || ra */
106 baswap((bdaddr_t *) (p2 + 4), ia);
107 baswap((bdaddr_t *) (p2 + 10), ra);
110 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
112 /* res = e(k, res) */
113 err = smp_e(tfm, k, res);
115 BT_ERR("Encrypt data error");
119 /* res = res XOR p2 */
120 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
122 /* res = e(k, res) */
123 err = smp_e(tfm, k, res);
125 BT_ERR("Encrypt data error");
130 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
131 u8 r1[16], u8 r2[16], u8 _r[16])
135 /* Just least significant octets from r1 and r2 are considered */
136 memcpy(_r, r1 + 8, 8);
137 memcpy(_r + 8, r2 + 8, 8);
139 err = smp_e(tfm, k, _r);
141 BT_ERR("Encrypt data error");
146 static int smp_rand(u8 *buf)
148 get_random_bytes(buf, 16);
153 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
154 u16 dlen, void *data)
157 struct l2cap_hdr *lh;
160 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
165 skb = bt_skb_alloc(len, GFP_ATOMIC);
169 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
170 lh->len = cpu_to_le16(sizeof(code) + dlen);
171 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
173 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
175 memcpy(skb_put(skb, dlen), data, dlen);
180 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
182 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
184 BT_DBG("code 0x%2.2x", code);
189 skb->priority = HCI_PRIO_MAX;
190 hci_send_acl(conn->hchan, skb, 0);
192 cancel_delayed_work_sync(&conn->security_timer);
193 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
196 static __u8 authreq_to_seclevel(__u8 authreq)
198 if (authreq & SMP_AUTH_MITM)
199 return BT_SECURITY_HIGH;
201 return BT_SECURITY_MEDIUM;
204 static __u8 seclevel_to_authreq(__u8 sec_level)
207 case BT_SECURITY_HIGH:
208 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
209 case BT_SECURITY_MEDIUM:
210 return SMP_AUTH_BONDING;
212 return SMP_AUTH_NONE;
216 static void build_pairing_cmd(struct l2cap_conn *conn,
217 struct smp_cmd_pairing *req,
218 struct smp_cmd_pairing *rsp,
223 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
224 dist_keys = SMP_DIST_ENC_KEY;
225 authreq |= SMP_AUTH_BONDING;
227 authreq &= ~SMP_AUTH_BONDING;
231 req->io_capability = conn->hcon->io_capability;
232 req->oob_flag = SMP_OOB_NOT_PRESENT;
233 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
234 req->init_key_dist = 0;
235 req->resp_key_dist = dist_keys;
236 req->auth_req = (authreq & AUTH_REQ_MASK);
240 rsp->io_capability = conn->hcon->io_capability;
241 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
242 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
243 rsp->init_key_dist = 0;
244 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
245 rsp->auth_req = (authreq & AUTH_REQ_MASK);
248 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
250 struct smp_chan *smp = conn->smp_chan;
252 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
253 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
254 return SMP_ENC_KEY_SIZE;
256 smp->enc_key_size = max_key_size;
261 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
263 struct hci_conn *hcon = conn->hcon;
266 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
269 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
270 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
271 HCI_ERROR_AUTH_FAILURE);
273 cancel_delayed_work_sync(&conn->security_timer);
275 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
276 smp_chan_destroy(conn);
279 #define JUST_WORKS 0x00
280 #define JUST_CFM 0x01
281 #define REQ_PASSKEY 0x02
282 #define CFM_PASSKEY 0x03
286 static const u8 gen_method[5][5] = {
287 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
288 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
289 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
290 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
291 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
294 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
295 u8 local_io, u8 remote_io)
297 struct hci_conn *hcon = conn->hcon;
298 struct smp_chan *smp = conn->smp_chan;
303 /* Initialize key for JUST WORKS */
304 memset(smp->tk, 0, sizeof(smp->tk));
305 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
307 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
309 /* If neither side wants MITM, use JUST WORKS */
310 /* If either side has unknown io_caps, use JUST WORKS */
311 /* Otherwise, look up method from the table */
312 if (!(auth & SMP_AUTH_MITM) ||
313 local_io > SMP_IO_KEYBOARD_DISPLAY ||
314 remote_io > SMP_IO_KEYBOARD_DISPLAY)
317 method = gen_method[remote_io][local_io];
319 /* If not bonding, don't ask user to confirm a Zero TK */
320 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
323 /* If Just Works, Continue with Zero TK */
324 if (method == JUST_WORKS) {
325 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
329 /* Not Just Works/Confirm results in MITM Authentication */
330 if (method != JUST_CFM)
331 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
333 /* If both devices have Keyoard-Display I/O, the master
334 * Confirms and the slave Enters the passkey.
336 if (method == OVERLAP) {
337 if (hcon->link_mode & HCI_LM_MASTER)
338 method = CFM_PASSKEY;
340 method = REQ_PASSKEY;
343 /* Generate random passkey. Not valid until confirmed. */
344 if (method == CFM_PASSKEY) {
347 memset(key, 0, sizeof(key));
348 get_random_bytes(&passkey, sizeof(passkey));
350 put_unaligned_le32(passkey, key);
351 swap128(key, smp->tk);
352 BT_DBG("PassKey: %d", passkey);
355 hci_dev_lock(hcon->hdev);
357 if (method == REQ_PASSKEY)
358 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
359 hcon->type, hcon->dst_type);
361 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
362 hcon->type, hcon->dst_type,
363 cpu_to_le32(passkey), 0);
365 hci_dev_unlock(hcon->hdev);
370 static void confirm_work(struct work_struct *work)
372 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
373 struct l2cap_conn *conn = smp->conn;
374 struct crypto_blkcipher *tfm;
375 struct smp_cmd_pairing_confirm cp;
379 BT_DBG("conn %p", conn);
381 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
383 reason = SMP_UNSPECIFIED;
390 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 0,
391 &conn->hcon->src, conn->hcon->dst_type,
392 &conn->hcon->dst, res);
394 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
395 conn->hcon->dst_type, &conn->hcon->dst, 0,
396 &conn->hcon->src, res);
398 reason = SMP_UNSPECIFIED;
402 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
404 swap128(res, cp.confirm_val);
405 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
410 smp_failure(conn, reason, 1);
413 static void random_work(struct work_struct *work)
415 struct smp_chan *smp = container_of(work, struct smp_chan, random);
416 struct l2cap_conn *conn = smp->conn;
417 struct hci_conn *hcon = conn->hcon;
418 struct crypto_blkcipher *tfm = smp->tfm;
419 u8 reason, confirm[16], res[16], key[16];
422 if (IS_ERR_OR_NULL(tfm)) {
423 reason = SMP_UNSPECIFIED;
427 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
430 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 0,
431 &hcon->src, hcon->dst_type, &hcon->dst, res);
433 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
434 hcon->dst_type, &hcon->dst, 0, &hcon->src, res);
436 reason = SMP_UNSPECIFIED;
440 swap128(res, confirm);
442 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
443 BT_ERR("Pairing failed (confirmation values mismatch)");
444 reason = SMP_CONFIRM_FAILED;
452 memset(rand, 0, sizeof(rand));
455 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
458 memset(stk + smp->enc_key_size, 0,
459 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
461 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
462 reason = SMP_UNSPECIFIED;
466 hci_le_start_enc(hcon, ediv, rand, stk);
467 hcon->enc_key_size = smp->enc_key_size;
469 u8 stk[16], r[16], rand[8];
472 memset(rand, 0, sizeof(rand));
475 swap128(smp->prnd, r);
476 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
478 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
481 memset(stk + smp->enc_key_size, 0,
482 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
484 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
485 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
492 smp_failure(conn, reason, 1);
495 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
497 struct smp_chan *smp;
499 smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
503 INIT_WORK(&smp->confirm, confirm_work);
504 INIT_WORK(&smp->random, random_work);
507 conn->smp_chan = smp;
508 conn->hcon->smp_conn = conn;
510 hci_conn_hold(conn->hcon);
515 void smp_chan_destroy(struct l2cap_conn *conn)
517 struct smp_chan *smp = conn->smp_chan;
522 crypto_free_blkcipher(smp->tfm);
525 conn->smp_chan = NULL;
526 conn->hcon->smp_conn = NULL;
527 hci_conn_drop(conn->hcon);
530 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
532 struct l2cap_conn *conn = hcon->smp_conn;
533 struct smp_chan *smp;
542 smp = conn->smp_chan;
545 case MGMT_OP_USER_PASSKEY_REPLY:
546 value = le32_to_cpu(passkey);
547 memset(key, 0, sizeof(key));
548 BT_DBG("PassKey: %d", value);
549 put_unaligned_le32(value, key);
550 swap128(key, smp->tk);
552 case MGMT_OP_USER_CONFIRM_REPLY:
553 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
555 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
556 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
557 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
560 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
564 /* If it is our turn to send Pairing Confirm, do so now */
565 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
566 queue_work(hcon->hdev->workqueue, &smp->confirm);
571 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
573 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
574 struct smp_chan *smp;
576 u8 auth = SMP_AUTH_NONE;
579 BT_DBG("conn %p", conn);
581 if (conn->hcon->link_mode & HCI_LM_MASTER)
582 return SMP_CMD_NOTSUPP;
584 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
585 smp = smp_chan_create(conn);
587 smp = conn->smp_chan;
590 return SMP_UNSPECIFIED;
592 smp->preq[0] = SMP_CMD_PAIRING_REQ;
593 memcpy(&smp->preq[1], req, sizeof(*req));
594 skb_pull(skb, sizeof(*req));
596 /* We didn't start the pairing, so match remote */
597 if (req->auth_req & SMP_AUTH_BONDING)
598 auth = req->auth_req;
600 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
602 build_pairing_cmd(conn, req, &rsp, auth);
604 key_size = min(req->max_key_size, rsp.max_key_size);
605 if (check_enc_key_size(conn, key_size))
606 return SMP_ENC_KEY_SIZE;
608 ret = smp_rand(smp->prnd);
610 return SMP_UNSPECIFIED;
612 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
613 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
615 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
617 /* Request setup of TK */
618 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
620 return SMP_UNSPECIFIED;
625 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
627 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
628 struct smp_chan *smp = conn->smp_chan;
629 struct hci_dev *hdev = conn->hcon->hdev;
630 u8 key_size, auth = SMP_AUTH_NONE;
633 BT_DBG("conn %p", conn);
635 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
636 return SMP_CMD_NOTSUPP;
638 skb_pull(skb, sizeof(*rsp));
640 req = (void *) &smp->preq[1];
642 key_size = min(req->max_key_size, rsp->max_key_size);
643 if (check_enc_key_size(conn, key_size))
644 return SMP_ENC_KEY_SIZE;
646 ret = smp_rand(smp->prnd);
648 return SMP_UNSPECIFIED;
650 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
651 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
653 if ((req->auth_req & SMP_AUTH_BONDING) &&
654 (rsp->auth_req & SMP_AUTH_BONDING))
655 auth = SMP_AUTH_BONDING;
657 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
659 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
661 return SMP_UNSPECIFIED;
663 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
665 /* Can't compose response until we have been confirmed */
666 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
669 queue_work(hdev->workqueue, &smp->confirm);
674 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
676 struct smp_chan *smp = conn->smp_chan;
677 struct hci_dev *hdev = conn->hcon->hdev;
679 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
681 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
682 skb_pull(skb, sizeof(smp->pcnf));
684 if (conn->hcon->out) {
687 swap128(smp->prnd, random);
688 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
690 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
691 queue_work(hdev->workqueue, &smp->confirm);
693 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
699 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
701 struct smp_chan *smp = conn->smp_chan;
702 struct hci_dev *hdev = conn->hcon->hdev;
704 BT_DBG("conn %p", conn);
706 swap128(skb->data, smp->rrnd);
707 skb_pull(skb, sizeof(smp->rrnd));
709 queue_work(hdev->workqueue, &smp->random);
714 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
717 struct hci_conn *hcon = conn->hcon;
719 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type);
723 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
726 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
729 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
730 hcon->enc_key_size = key->enc_size;
735 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
737 struct smp_cmd_security_req *rp = (void *) skb->data;
738 struct smp_cmd_pairing cp;
739 struct hci_conn *hcon = conn->hcon;
740 struct smp_chan *smp;
742 BT_DBG("conn %p", conn);
744 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
746 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
749 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
752 smp = smp_chan_create(conn);
754 skb_pull(skb, sizeof(*rp));
756 memset(&cp, 0, sizeof(cp));
757 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
759 smp->preq[0] = SMP_CMD_PAIRING_REQ;
760 memcpy(&smp->preq[1], &cp, sizeof(cp));
762 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
767 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
769 struct l2cap_conn *conn = hcon->l2cap_data;
770 struct smp_chan *smp = conn->smp_chan;
773 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
775 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
778 if (sec_level == BT_SECURITY_LOW)
781 if (hcon->sec_level >= sec_level)
784 if (hcon->link_mode & HCI_LM_MASTER)
785 if (smp_ltk_encrypt(conn, sec_level))
788 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
791 smp = smp_chan_create(conn);
795 authreq = seclevel_to_authreq(sec_level);
797 if (hcon->link_mode & HCI_LM_MASTER) {
798 struct smp_cmd_pairing cp;
800 build_pairing_cmd(conn, &cp, NULL, authreq);
801 smp->preq[0] = SMP_CMD_PAIRING_REQ;
802 memcpy(&smp->preq[1], &cp, sizeof(cp));
804 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
806 struct smp_cmd_security_req cp;
807 cp.auth_req = authreq;
808 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
812 hcon->pending_sec_level = sec_level;
817 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
819 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
820 struct smp_chan *smp = conn->smp_chan;
822 skb_pull(skb, sizeof(*rp));
824 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
829 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
831 struct smp_cmd_master_ident *rp = (void *) skb->data;
832 struct smp_chan *smp = conn->smp_chan;
833 struct hci_dev *hdev = conn->hcon->hdev;
834 struct hci_conn *hcon = conn->hcon;
837 skb_pull(skb, sizeof(*rp));
840 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
841 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
842 authenticated, smp->tk, smp->enc_key_size,
844 smp_distribute_keys(conn, 1);
845 hci_dev_unlock(hdev);
850 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
852 struct hci_conn *hcon = conn->hcon;
856 if (hcon->type != LE_LINK) {
866 if (!test_bit(HCI_LE_ENABLED, &conn->hcon->hdev->dev_flags)) {
868 reason = SMP_PAIRING_NOTSUPP;
873 skb_pull(skb, sizeof(code));
876 * The SMP context must be initialized for all other PDUs except
877 * pairing and security requests. If we get any other PDU when
878 * not initialized simply disconnect (done if this function
881 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
883 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
889 case SMP_CMD_PAIRING_REQ:
890 reason = smp_cmd_pairing_req(conn, skb);
893 case SMP_CMD_PAIRING_FAIL:
894 smp_failure(conn, skb->data[0], 0);
899 case SMP_CMD_PAIRING_RSP:
900 reason = smp_cmd_pairing_rsp(conn, skb);
903 case SMP_CMD_SECURITY_REQ:
904 reason = smp_cmd_security_req(conn, skb);
907 case SMP_CMD_PAIRING_CONFIRM:
908 reason = smp_cmd_pairing_confirm(conn, skb);
911 case SMP_CMD_PAIRING_RANDOM:
912 reason = smp_cmd_pairing_random(conn, skb);
915 case SMP_CMD_ENCRYPT_INFO:
916 reason = smp_cmd_encrypt_info(conn, skb);
919 case SMP_CMD_MASTER_IDENT:
920 reason = smp_cmd_master_ident(conn, skb);
923 case SMP_CMD_IDENT_INFO:
924 case SMP_CMD_IDENT_ADDR_INFO:
925 case SMP_CMD_SIGN_INFO:
931 BT_DBG("Unknown command code 0x%2.2x", code);
933 reason = SMP_CMD_NOTSUPP;
940 smp_failure(conn, reason, 1);
946 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
948 struct smp_cmd_pairing *req, *rsp;
949 struct smp_chan *smp = conn->smp_chan;
952 BT_DBG("conn %p force %d", conn, force);
954 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
957 rsp = (void *) &smp->prsp[1];
959 /* The responder sends its keys first */
960 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
963 req = (void *) &smp->preq[1];
965 if (conn->hcon->out) {
966 keydist = &rsp->init_key_dist;
967 *keydist &= req->init_key_dist;
969 keydist = &rsp->resp_key_dist;
970 *keydist &= req->resp_key_dist;
974 BT_DBG("keydist 0x%x", *keydist);
976 if (*keydist & SMP_DIST_ENC_KEY) {
977 struct smp_cmd_encrypt_info enc;
978 struct smp_cmd_master_ident ident;
979 struct hci_conn *hcon = conn->hcon;
983 get_random_bytes(enc.ltk, sizeof(enc.ltk));
984 get_random_bytes(&ediv, sizeof(ediv));
985 get_random_bytes(ident.rand, sizeof(ident.rand));
987 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
989 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
990 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
991 HCI_SMP_LTK_SLAVE, 1, authenticated,
992 enc.ltk, smp->enc_key_size, ediv, ident.rand);
996 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
998 *keydist &= ~SMP_DIST_ENC_KEY;
1001 if (*keydist & SMP_DIST_ID_KEY) {
1002 struct smp_cmd_ident_addr_info addrinfo;
1003 struct smp_cmd_ident_info idinfo;
1005 /* Send a dummy key */
1006 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1008 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1010 /* Just public address */
1011 memset(&addrinfo, 0, sizeof(addrinfo));
1012 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1014 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1017 *keydist &= ~SMP_DIST_ID_KEY;
1020 if (*keydist & SMP_DIST_SIGN) {
1021 struct smp_cmd_sign_info sign;
1023 /* Send a dummy key */
1024 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1026 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1028 *keydist &= ~SMP_DIST_SIGN;
1031 if (conn->hcon->out || force) {
1032 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1033 cancel_delayed_work_sync(&conn->security_timer);
1034 smp_chan_destroy(conn);