2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36 #define AUTH_REQ_MASK 0x07
38 static inline void swap128(u8 src[16], u8 dst[16])
41 for (i = 0; i < 16; i++)
45 static inline void swap56(u8 src[7], u8 dst[7])
48 for (i = 0; i < 7; i++)
52 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
54 struct blkcipher_desc desc;
55 struct scatterlist sg;
57 unsigned char iv[128];
60 BT_ERR("tfm %p", tfm);
67 err = crypto_blkcipher_setkey(tfm, k, 16);
69 BT_ERR("cipher setkey failed: %d", err);
73 sg_init_one(&sg, r, 16);
75 iv_len = crypto_blkcipher_ivsize(tfm);
77 memset(&iv, 0xff, iv_len);
78 crypto_blkcipher_set_iv(tfm, iv, iv_len);
81 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
83 BT_ERR("Encrypt data error %d", err);
88 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
89 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
90 u8 _rat, bdaddr_t *ra, u8 res[16])
97 /* p1 = pres || preq || _rat || _iat */
105 /* p2 = padding || ia || ra */
106 baswap((bdaddr_t *) (p2 + 4), ia);
107 baswap((bdaddr_t *) (p2 + 10), ra);
110 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
112 /* res = e(k, res) */
113 err = smp_e(tfm, k, res);
115 BT_ERR("Encrypt data error");
119 /* res = res XOR p2 */
120 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
122 /* res = e(k, res) */
123 err = smp_e(tfm, k, res);
125 BT_ERR("Encrypt data error");
130 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
131 u8 r1[16], u8 r2[16], u8 _r[16])
135 /* Just least significant octets from r1 and r2 are considered */
136 memcpy(_r, r1 + 8, 8);
137 memcpy(_r + 8, r2 + 8, 8);
139 err = smp_e(tfm, k, _r);
141 BT_ERR("Encrypt data error");
146 static int smp_rand(u8 *buf)
148 get_random_bytes(buf, 16);
153 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
154 u16 dlen, void *data)
157 struct l2cap_hdr *lh;
160 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
165 skb = bt_skb_alloc(len, GFP_ATOMIC);
169 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
170 lh->len = cpu_to_le16(sizeof(code) + dlen);
171 lh->cid = __constant_cpu_to_le16(L2CAP_CID_SMP);
173 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
175 memcpy(skb_put(skb, dlen), data, dlen);
180 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
182 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
184 BT_DBG("code 0x%2.2x", code);
189 skb->priority = HCI_PRIO_MAX;
190 hci_send_acl(conn->hchan, skb, 0);
192 cancel_delayed_work_sync(&conn->security_timer);
193 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
196 static __u8 authreq_to_seclevel(__u8 authreq)
198 if (authreq & SMP_AUTH_MITM)
199 return BT_SECURITY_HIGH;
201 return BT_SECURITY_MEDIUM;
204 static __u8 seclevel_to_authreq(__u8 sec_level)
207 case BT_SECURITY_HIGH:
208 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
209 case BT_SECURITY_MEDIUM:
210 return SMP_AUTH_BONDING;
212 return SMP_AUTH_NONE;
216 static void build_pairing_cmd(struct l2cap_conn *conn,
217 struct smp_cmd_pairing *req,
218 struct smp_cmd_pairing *rsp,
223 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
224 dist_keys = SMP_DIST_ENC_KEY;
225 authreq |= SMP_AUTH_BONDING;
227 authreq &= ~SMP_AUTH_BONDING;
231 req->io_capability = conn->hcon->io_capability;
232 req->oob_flag = SMP_OOB_NOT_PRESENT;
233 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
234 req->init_key_dist = 0;
235 req->resp_key_dist = dist_keys;
236 req->auth_req = (authreq & AUTH_REQ_MASK);
240 rsp->io_capability = conn->hcon->io_capability;
241 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
242 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
243 rsp->init_key_dist = 0;
244 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
245 rsp->auth_req = (authreq & AUTH_REQ_MASK);
248 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
250 struct smp_chan *smp = conn->smp_chan;
252 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
253 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
254 return SMP_ENC_KEY_SIZE;
256 smp->enc_key_size = max_key_size;
261 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
263 struct hci_conn *hcon = conn->hcon;
266 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
269 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
270 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
271 HCI_ERROR_AUTH_FAILURE);
273 cancel_delayed_work_sync(&conn->security_timer);
275 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
276 smp_chan_destroy(conn);
279 #define JUST_WORKS 0x00
280 #define JUST_CFM 0x01
281 #define REQ_PASSKEY 0x02
282 #define CFM_PASSKEY 0x03
286 static const u8 gen_method[5][5] = {
287 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
288 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
289 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
290 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
291 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
294 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
295 u8 local_io, u8 remote_io)
297 struct hci_conn *hcon = conn->hcon;
298 struct smp_chan *smp = conn->smp_chan;
303 /* Initialize key for JUST WORKS */
304 memset(smp->tk, 0, sizeof(smp->tk));
305 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
307 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
309 /* If neither side wants MITM, use JUST WORKS */
310 /* If either side has unknown io_caps, use JUST WORKS */
311 /* Otherwise, look up method from the table */
312 if (!(auth & SMP_AUTH_MITM) ||
313 local_io > SMP_IO_KEYBOARD_DISPLAY ||
314 remote_io > SMP_IO_KEYBOARD_DISPLAY)
317 method = gen_method[remote_io][local_io];
319 /* If not bonding, don't ask user to confirm a Zero TK */
320 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
323 /* If Just Works, Continue with Zero TK */
324 if (method == JUST_WORKS) {
325 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
329 /* Not Just Works/Confirm results in MITM Authentication */
330 if (method != JUST_CFM)
331 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
333 /* If both devices have Keyoard-Display I/O, the master
334 * Confirms and the slave Enters the passkey.
336 if (method == OVERLAP) {
337 if (hcon->link_mode & HCI_LM_MASTER)
338 method = CFM_PASSKEY;
340 method = REQ_PASSKEY;
343 /* Generate random passkey. Not valid until confirmed. */
344 if (method == CFM_PASSKEY) {
347 memset(key, 0, sizeof(key));
348 get_random_bytes(&passkey, sizeof(passkey));
350 put_unaligned_le32(passkey, key);
351 swap128(key, smp->tk);
352 BT_DBG("PassKey: %d", passkey);
355 hci_dev_lock(hcon->hdev);
357 if (method == REQ_PASSKEY)
358 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
359 hcon->type, hcon->dst_type);
361 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
362 hcon->type, hcon->dst_type,
363 cpu_to_le32(passkey), 0);
365 hci_dev_unlock(hcon->hdev);
370 static void confirm_work(struct work_struct *work)
372 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
373 struct l2cap_conn *conn = smp->conn;
374 struct crypto_blkcipher *tfm;
375 struct smp_cmd_pairing_confirm cp;
379 BT_DBG("conn %p", conn);
381 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
383 reason = SMP_UNSPECIFIED;
390 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
391 conn->hcon->src_type, &conn->hcon->src,
392 conn->hcon->dst_type, &conn->hcon->dst, res);
394 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
395 conn->hcon->dst_type, &conn->hcon->dst,
396 conn->hcon->src_type, &conn->hcon->src, res);
398 reason = SMP_UNSPECIFIED;
402 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
404 swap128(res, cp.confirm_val);
405 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
410 smp_failure(conn, reason, 1);
413 static void random_work(struct work_struct *work)
415 struct smp_chan *smp = container_of(work, struct smp_chan, random);
416 struct l2cap_conn *conn = smp->conn;
417 struct hci_conn *hcon = conn->hcon;
418 struct crypto_blkcipher *tfm = smp->tfm;
419 u8 reason, confirm[16], res[16], key[16];
422 if (IS_ERR_OR_NULL(tfm)) {
423 reason = SMP_UNSPECIFIED;
427 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
430 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
431 hcon->src_type, &hcon->src,
432 hcon->dst_type, &hcon->dst, res);
434 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
435 hcon->dst_type, &hcon->dst,
436 hcon->src_type, &hcon->src, res);
438 reason = SMP_UNSPECIFIED;
442 swap128(res, confirm);
444 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
445 BT_ERR("Pairing failed (confirmation values mismatch)");
446 reason = SMP_CONFIRM_FAILED;
454 memset(rand, 0, sizeof(rand));
457 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
460 memset(stk + smp->enc_key_size, 0,
461 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
463 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
464 reason = SMP_UNSPECIFIED;
468 hci_le_start_enc(hcon, ediv, rand, stk);
469 hcon->enc_key_size = smp->enc_key_size;
471 u8 stk[16], r[16], rand[8];
474 memset(rand, 0, sizeof(rand));
477 swap128(smp->prnd, r);
478 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
480 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
483 memset(stk + smp->enc_key_size, 0,
484 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
486 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
487 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
494 smp_failure(conn, reason, 1);
497 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
499 struct smp_chan *smp;
501 smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
505 INIT_WORK(&smp->confirm, confirm_work);
506 INIT_WORK(&smp->random, random_work);
509 conn->smp_chan = smp;
510 conn->hcon->smp_conn = conn;
512 hci_conn_hold(conn->hcon);
517 void smp_chan_destroy(struct l2cap_conn *conn)
519 struct smp_chan *smp = conn->smp_chan;
524 crypto_free_blkcipher(smp->tfm);
527 conn->smp_chan = NULL;
528 conn->hcon->smp_conn = NULL;
529 hci_conn_drop(conn->hcon);
532 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
534 struct l2cap_conn *conn = hcon->smp_conn;
535 struct smp_chan *smp;
544 smp = conn->smp_chan;
547 case MGMT_OP_USER_PASSKEY_REPLY:
548 value = le32_to_cpu(passkey);
549 memset(key, 0, sizeof(key));
550 BT_DBG("PassKey: %d", value);
551 put_unaligned_le32(value, key);
552 swap128(key, smp->tk);
554 case MGMT_OP_USER_CONFIRM_REPLY:
555 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
557 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
558 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
559 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
562 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
566 /* If it is our turn to send Pairing Confirm, do so now */
567 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
568 queue_work(hcon->hdev->workqueue, &smp->confirm);
573 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
575 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
576 struct smp_chan *smp;
578 u8 auth = SMP_AUTH_NONE;
581 BT_DBG("conn %p", conn);
583 if (conn->hcon->link_mode & HCI_LM_MASTER)
584 return SMP_CMD_NOTSUPP;
586 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
587 smp = smp_chan_create(conn);
589 smp = conn->smp_chan;
592 return SMP_UNSPECIFIED;
594 smp->preq[0] = SMP_CMD_PAIRING_REQ;
595 memcpy(&smp->preq[1], req, sizeof(*req));
596 skb_pull(skb, sizeof(*req));
598 /* We didn't start the pairing, so match remote */
599 if (req->auth_req & SMP_AUTH_BONDING)
600 auth = req->auth_req;
602 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
604 build_pairing_cmd(conn, req, &rsp, auth);
606 key_size = min(req->max_key_size, rsp.max_key_size);
607 if (check_enc_key_size(conn, key_size))
608 return SMP_ENC_KEY_SIZE;
610 ret = smp_rand(smp->prnd);
612 return SMP_UNSPECIFIED;
614 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
615 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
617 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
619 /* Request setup of TK */
620 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
622 return SMP_UNSPECIFIED;
627 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
629 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
630 struct smp_chan *smp = conn->smp_chan;
631 struct hci_dev *hdev = conn->hcon->hdev;
632 u8 key_size, auth = SMP_AUTH_NONE;
635 BT_DBG("conn %p", conn);
637 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
638 return SMP_CMD_NOTSUPP;
640 skb_pull(skb, sizeof(*rsp));
642 req = (void *) &smp->preq[1];
644 key_size = min(req->max_key_size, rsp->max_key_size);
645 if (check_enc_key_size(conn, key_size))
646 return SMP_ENC_KEY_SIZE;
648 ret = smp_rand(smp->prnd);
650 return SMP_UNSPECIFIED;
652 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
653 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
655 if ((req->auth_req & SMP_AUTH_BONDING) &&
656 (rsp->auth_req & SMP_AUTH_BONDING))
657 auth = SMP_AUTH_BONDING;
659 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
661 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
663 return SMP_UNSPECIFIED;
665 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
667 /* Can't compose response until we have been confirmed */
668 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
671 queue_work(hdev->workqueue, &smp->confirm);
676 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
678 struct smp_chan *smp = conn->smp_chan;
679 struct hci_dev *hdev = conn->hcon->hdev;
681 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
683 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
684 skb_pull(skb, sizeof(smp->pcnf));
686 if (conn->hcon->out) {
689 swap128(smp->prnd, random);
690 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
692 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
693 queue_work(hdev->workqueue, &smp->confirm);
695 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
701 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
703 struct smp_chan *smp = conn->smp_chan;
704 struct hci_dev *hdev = conn->hcon->hdev;
706 BT_DBG("conn %p", conn);
708 swap128(skb->data, smp->rrnd);
709 skb_pull(skb, sizeof(smp->rrnd));
711 queue_work(hdev->workqueue, &smp->random);
716 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
719 struct hci_conn *hcon = conn->hcon;
721 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type);
725 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
728 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
731 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
732 hcon->enc_key_size = key->enc_size;
737 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
739 struct smp_cmd_security_req *rp = (void *) skb->data;
740 struct smp_cmd_pairing cp;
741 struct hci_conn *hcon = conn->hcon;
742 struct smp_chan *smp;
744 BT_DBG("conn %p", conn);
746 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
748 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
751 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
754 smp = smp_chan_create(conn);
756 skb_pull(skb, sizeof(*rp));
758 memset(&cp, 0, sizeof(cp));
759 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
761 smp->preq[0] = SMP_CMD_PAIRING_REQ;
762 memcpy(&smp->preq[1], &cp, sizeof(cp));
764 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
769 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
771 struct l2cap_conn *conn = hcon->l2cap_data;
772 struct smp_chan *smp = conn->smp_chan;
775 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
777 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
780 if (sec_level == BT_SECURITY_LOW)
783 if (hcon->sec_level >= sec_level)
786 if (hcon->link_mode & HCI_LM_MASTER)
787 if (smp_ltk_encrypt(conn, sec_level))
790 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
793 smp = smp_chan_create(conn);
797 authreq = seclevel_to_authreq(sec_level);
799 if (hcon->link_mode & HCI_LM_MASTER) {
800 struct smp_cmd_pairing cp;
802 build_pairing_cmd(conn, &cp, NULL, authreq);
803 smp->preq[0] = SMP_CMD_PAIRING_REQ;
804 memcpy(&smp->preq[1], &cp, sizeof(cp));
806 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
808 struct smp_cmd_security_req cp;
809 cp.auth_req = authreq;
810 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
814 hcon->pending_sec_level = sec_level;
819 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
821 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
822 struct smp_chan *smp = conn->smp_chan;
824 skb_pull(skb, sizeof(*rp));
826 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
831 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
833 struct smp_cmd_master_ident *rp = (void *) skb->data;
834 struct smp_chan *smp = conn->smp_chan;
835 struct hci_dev *hdev = conn->hcon->hdev;
836 struct hci_conn *hcon = conn->hcon;
839 skb_pull(skb, sizeof(*rp));
842 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
843 hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 1,
844 authenticated, smp->tk, smp->enc_key_size,
846 smp_distribute_keys(conn, 1);
847 hci_dev_unlock(hdev);
852 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
854 struct hci_conn *hcon = conn->hcon;
858 if (hcon->type != LE_LINK) {
868 if (!test_bit(HCI_LE_ENABLED, &conn->hcon->hdev->dev_flags)) {
870 reason = SMP_PAIRING_NOTSUPP;
875 skb_pull(skb, sizeof(code));
878 * The SMP context must be initialized for all other PDUs except
879 * pairing and security requests. If we get any other PDU when
880 * not initialized simply disconnect (done if this function
883 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
885 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
891 case SMP_CMD_PAIRING_REQ:
892 reason = smp_cmd_pairing_req(conn, skb);
895 case SMP_CMD_PAIRING_FAIL:
896 smp_failure(conn, skb->data[0], 0);
901 case SMP_CMD_PAIRING_RSP:
902 reason = smp_cmd_pairing_rsp(conn, skb);
905 case SMP_CMD_SECURITY_REQ:
906 reason = smp_cmd_security_req(conn, skb);
909 case SMP_CMD_PAIRING_CONFIRM:
910 reason = smp_cmd_pairing_confirm(conn, skb);
913 case SMP_CMD_PAIRING_RANDOM:
914 reason = smp_cmd_pairing_random(conn, skb);
917 case SMP_CMD_ENCRYPT_INFO:
918 reason = smp_cmd_encrypt_info(conn, skb);
921 case SMP_CMD_MASTER_IDENT:
922 reason = smp_cmd_master_ident(conn, skb);
925 case SMP_CMD_IDENT_INFO:
926 case SMP_CMD_IDENT_ADDR_INFO:
927 case SMP_CMD_SIGN_INFO:
933 BT_DBG("Unknown command code 0x%2.2x", code);
935 reason = SMP_CMD_NOTSUPP;
942 smp_failure(conn, reason, 1);
948 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
950 struct smp_cmd_pairing *req, *rsp;
951 struct smp_chan *smp = conn->smp_chan;
954 BT_DBG("conn %p force %d", conn, force);
956 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
959 rsp = (void *) &smp->prsp[1];
961 /* The responder sends its keys first */
962 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
965 req = (void *) &smp->preq[1];
967 if (conn->hcon->out) {
968 keydist = &rsp->init_key_dist;
969 *keydist &= req->init_key_dist;
971 keydist = &rsp->resp_key_dist;
972 *keydist &= req->resp_key_dist;
976 BT_DBG("keydist 0x%x", *keydist);
978 if (*keydist & SMP_DIST_ENC_KEY) {
979 struct smp_cmd_encrypt_info enc;
980 struct smp_cmd_master_ident ident;
981 struct hci_conn *hcon = conn->hcon;
985 get_random_bytes(enc.ltk, sizeof(enc.ltk));
986 get_random_bytes(&ediv, sizeof(ediv));
987 get_random_bytes(ident.rand, sizeof(ident.rand));
989 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
991 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
992 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
993 HCI_SMP_LTK_SLAVE, 1, authenticated,
994 enc.ltk, smp->enc_key_size, ediv, ident.rand);
998 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1000 *keydist &= ~SMP_DIST_ENC_KEY;
1003 if (*keydist & SMP_DIST_ID_KEY) {
1004 struct smp_cmd_ident_addr_info addrinfo;
1005 struct smp_cmd_ident_info idinfo;
1007 /* Send a dummy key */
1008 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
1010 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1012 /* Just public address */
1013 memset(&addrinfo, 0, sizeof(addrinfo));
1014 bacpy(&addrinfo.bdaddr, &conn->hcon->src);
1016 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1019 *keydist &= ~SMP_DIST_ID_KEY;
1022 if (*keydist & SMP_DIST_SIGN) {
1023 struct smp_cmd_sign_info sign;
1025 /* Send a dummy key */
1026 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1028 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1030 *keydist &= ~SMP_DIST_SIGN;
1033 if (conn->hcon->out || force) {
1034 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1035 cancel_delayed_work_sync(&conn->security_timer);
1036 smp_chan_destroy(conn);