search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Linux 3.16.2
[linux/fpc-iii.git] / net / bluetooth / smp.c
blobe33a982161c1db063b5cb96f06a10babb5f0b436
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
26
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31
32 #include "smp.h"
33
34 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35
36 #define AUTH_REQ_MASK 0x07
37
38 #define SMP_FLAG_TK_VALID 1
39 #define SMP_FLAG_CFM_PENDING 2
40 #define SMP_FLAG_MITM_AUTH 3
41 #define SMP_FLAG_COMPLETE 4
42 #define SMP_FLAG_INITIATOR 5
43
44 struct smp_chan {
45 struct l2cap_conn *conn;
46 u8 preq[7]; /* SMP Pairing Request */
47 u8 prsp[7]; /* SMP Pairing Response */
48 u8 prnd[16]; /* SMP Pairing Random (local) */
49 u8 rrnd[16]; /* SMP Pairing Random (remote) */
50 u8 pcnf[16]; /* SMP Pairing Confirm */
51 u8 tk[16]; /* SMP Temporary Key */
52 u8 enc_key_size;
53 u8 remote_key_dist;
54 bdaddr_t id_addr;
55 u8 id_addr_type;
56 u8 irk[16];
57 struct smp_csrk *csrk;
58 struct smp_csrk *slave_csrk;
59 struct smp_ltk *ltk;
60 struct smp_ltk *slave_ltk;
61 struct smp_irk *remote_irk;
62 unsigned long flags;
63 };
64
65 static inline void swap128(const u8 src[16], u8 dst[16])
66 {
67 int i;
68 for (i = 0; i < 16; i++)
69 dst[15 - i] = src[i];
70 }
71
72 static inline void swap56(const u8 src[7], u8 dst[7])
73 {
74 int i;
75 for (i = 0; i < 7; i++)
76 dst[6 - i] = src[i];
77 }
78
79 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
80 {
81 struct blkcipher_desc desc;
82 struct scatterlist sg;
83 uint8_t tmp[16], data[16];
84 int err;
85
86 if (tfm == NULL) {
87 BT_ERR("tfm %p", tfm);
88 return -EINVAL;
89 }
90
91 desc.tfm = tfm;
92 desc.flags = 0;
93
94 /* The most significant octet of key corresponds to k[0] */
95 swap128(k, tmp);
96
97 err = crypto_blkcipher_setkey(tfm, tmp, 16);
98 if (err) {
99 BT_ERR("cipher setkey failed: %d", err);
100 return err;
101 }
102
103 /* Most significant octet of plaintextData corresponds to data[0] */
104 swap128(r, data);
105
106 sg_init_one(&sg, data, 16);
107
108 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
109 if (err)
110 BT_ERR("Encrypt data error %d", err);
111
112 /* Most significant octet of encryptedData corresponds to data[0] */
113 swap128(data, r);
114
115 return err;
116 }
117
118 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
119 {
120 u8 _res[16];
121 int err;
122
123 /* r' = padding || r */
124 memcpy(_res, r, 3);
125 memset(_res + 3, 0, 13);
126
127 err = smp_e(tfm, irk, _res);
128 if (err) {
129 BT_ERR("Encrypt error");
130 return err;
131 }
132
133 /* The output of the random address function ah is:
134 * ah(h, r) = e(k, r') mod 2^24
135 * The output of the security function e is then truncated to 24 bits
136 * by taking the least significant 24 bits of the output of e as the
137 * result of ah.
138 */
139 memcpy(res, _res, 3);
140
141 return 0;
142 }
143
144 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
145 bdaddr_t *bdaddr)
146 {
147 u8 hash[3];
148 int err;
149
150 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
151
152 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
153 if (err)
154 return false;
155
156 return !memcmp(bdaddr->b, hash, 3);
157 }
158
159 int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
160 {
161 int err;
162
163 get_random_bytes(&rpa->b[3], 3);
164
165 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
166 rpa->b[5] |= 0x40; /* Set second most significant bit */
167
168 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
169 if (err < 0)
170 return err;
171
172 BT_DBG("RPA %pMR", rpa);
173
174 return 0;
175 }
176
177 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
178 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
179 u8 _rat, bdaddr_t *ra, u8 res[16])
180 {
181 u8 p1[16], p2[16];
182 int err;
183
184 memset(p1, 0, 16);
185
186 /* p1 = pres || preq || _rat || _iat */
187 p1[0] = _iat;
188 p1[1] = _rat;
189 memcpy(p1 + 2, preq, 7);
190 memcpy(p1 + 9, pres, 7);
191
192 /* p2 = padding || ia || ra */
193 memcpy(p2, ra, 6);
194 memcpy(p2 + 6, ia, 6);
195 memset(p2 + 12, 0, 4);
196
197 /* res = r XOR p1 */
198 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
199
200 /* res = e(k, res) */
201 err = smp_e(tfm, k, res);
202 if (err) {
203 BT_ERR("Encrypt data error");
204 return err;
205 }
206
207 /* res = res XOR p2 */
208 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
209
210 /* res = e(k, res) */
211 err = smp_e(tfm, k, res);
212 if (err)
213 BT_ERR("Encrypt data error");
214
215 return err;
216 }
217
218 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
219 u8 r2[16], u8 _r[16])
220 {
221 int err;
222
223 /* Just least significant octets from r1 and r2 are considered */
224 memcpy(_r, r2, 8);
225 memcpy(_r + 8, r1, 8);
226
227 err = smp_e(tfm, k, _r);
228 if (err)
229 BT_ERR("Encrypt data error");
230
231 return err;
232 }
233
234 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
235 u16 dlen, void *data)
236 {
237 struct sk_buff *skb;
238 struct l2cap_hdr *lh;
239 int len;
240
241 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
242
243 if (len > conn->mtu)
244 return NULL;
245
246 skb = bt_skb_alloc(len, GFP_ATOMIC);
247 if (!skb)
248 return NULL;
249
250 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
251 lh->len = cpu_to_le16(sizeof(code) + dlen);
252 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
253
254 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
255
256 memcpy(skb_put(skb, dlen), data, dlen);
257
258 return skb;
259 }
260
261 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
262 {
263 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
264
265 BT_DBG("code 0x%2.2x", code);
266
267 if (!skb)
268 return;
269
270 skb->priority = HCI_PRIO_MAX;
271 hci_send_acl(conn->hchan, skb, 0);
272
273 cancel_delayed_work_sync(&conn->security_timer);
274 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
275 }
276
277 static __u8 authreq_to_seclevel(__u8 authreq)
278 {
279 if (authreq & SMP_AUTH_MITM)
280 return BT_SECURITY_HIGH;
281 else
282 return BT_SECURITY_MEDIUM;
283 }
284
285 static __u8 seclevel_to_authreq(__u8 sec_level)
286 {
287 switch (sec_level) {
288 case BT_SECURITY_HIGH:
289 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
290 case BT_SECURITY_MEDIUM:
291 return SMP_AUTH_BONDING;
292 default:
293 return SMP_AUTH_NONE;
294 }
295 }
296
297 static void build_pairing_cmd(struct l2cap_conn *conn,
298 struct smp_cmd_pairing *req,
299 struct smp_cmd_pairing *rsp, __u8 authreq)
300 {
301 struct smp_chan *smp = conn->smp_chan;
302 struct hci_conn *hcon = conn->hcon;
303 struct hci_dev *hdev = hcon->hdev;
304 u8 local_dist = 0, remote_dist = 0;
305
306 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
307 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
308 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
309 authreq |= SMP_AUTH_BONDING;
310 } else {
311 authreq &= ~SMP_AUTH_BONDING;
312 }
313
314 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
315 remote_dist |= SMP_DIST_ID_KEY;
316
317 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
318 local_dist |= SMP_DIST_ID_KEY;
319
320 if (rsp == NULL) {
321 req->io_capability = conn->hcon->io_capability;
322 req->oob_flag = SMP_OOB_NOT_PRESENT;
323 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
324 req->init_key_dist = local_dist;
325 req->resp_key_dist = remote_dist;
326 req->auth_req = (authreq & AUTH_REQ_MASK);
327
328 smp->remote_key_dist = remote_dist;
329 return;
330 }
331
332 rsp->io_capability = conn->hcon->io_capability;
333 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
334 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
335 rsp->init_key_dist = req->init_key_dist & remote_dist;
336 rsp->resp_key_dist = req->resp_key_dist & local_dist;
337 rsp->auth_req = (authreq & AUTH_REQ_MASK);
338
339 smp->remote_key_dist = rsp->init_key_dist;
340 }
341
342 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
343 {
344 struct smp_chan *smp = conn->smp_chan;
345
346 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
347 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
348 return SMP_ENC_KEY_SIZE;
349
350 smp->enc_key_size = max_key_size;
351
352 return 0;
353 }
354
355 static void smp_failure(struct l2cap_conn *conn, u8 reason)
356 {
357 struct hci_conn *hcon = conn->hcon;
358
359 if (reason)
360 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
361 &reason);
362
363 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
364 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
365 HCI_ERROR_AUTH_FAILURE);
366
367 cancel_delayed_work_sync(&conn->security_timer);
368
369 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
370 smp_chan_destroy(conn);
371 }
372
373 #define JUST_WORKS 0x00
374 #define JUST_CFM 0x01
375 #define REQ_PASSKEY 0x02
376 #define CFM_PASSKEY 0x03
377 #define REQ_OOB 0x04
378 #define OVERLAP 0xFF
379
380 static const u8 gen_method[5][5] = {
381 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
382 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
383 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
384 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
385 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
386 };
387
388 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
389 {
390 /* If either side has unknown io_caps, use JUST WORKS */
391 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
392 remote_io > SMP_IO_KEYBOARD_DISPLAY)
393 return JUST_WORKS;
394
395 return gen_method[remote_io][local_io];
396 }
397
398 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
399 u8 local_io, u8 remote_io)
400 {
401 struct hci_conn *hcon = conn->hcon;
402 struct smp_chan *smp = conn->smp_chan;
403 u8 method;
404 u32 passkey = 0;
405 int ret = 0;
406
407 /* Initialize key for JUST WORKS */
408 memset(smp->tk, 0, sizeof(smp->tk));
409 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
410
411 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
412
413 /* If neither side wants MITM, use JUST WORKS */
414 /* Otherwise, look up method from the table */
415 if (!(auth & SMP_AUTH_MITM))
416 method = JUST_WORKS;
417 else
418 method = get_auth_method(smp, local_io, remote_io);
419
420 /* If not bonding, don't ask user to confirm a Zero TK */
421 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
422 method = JUST_WORKS;
423
424 /* Don't confirm locally initiated pairing attempts */
425 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
426 method = JUST_WORKS;
427
428 /* If Just Works, Continue with Zero TK */
429 if (method == JUST_WORKS) {
430 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
431 return 0;
432 }
433
434 /* Not Just Works/Confirm results in MITM Authentication */
435 if (method != JUST_CFM)
436 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
437
438 /* If both devices have Keyoard-Display I/O, the master
439 * Confirms and the slave Enters the passkey.
440 */
441 if (method == OVERLAP) {
442 if (hcon->link_mode & HCI_LM_MASTER)
443 method = CFM_PASSKEY;
444 else
445 method = REQ_PASSKEY;
446 }
447
448 /* Generate random passkey. */
449 if (method == CFM_PASSKEY) {
450 memset(smp->tk, 0, sizeof(smp->tk));
451 get_random_bytes(&passkey, sizeof(passkey));
452 passkey %= 1000000;
453 put_unaligned_le32(passkey, smp->tk);
454 BT_DBG("PassKey: %d", passkey);
455 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
456 }
457
458 hci_dev_lock(hcon->hdev);
459
460 if (method == REQ_PASSKEY)
461 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
462 hcon->type, hcon->dst_type);
463 else if (method == JUST_CFM)
464 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
465 hcon->type, hcon->dst_type,
466 passkey, 1);
467 else
468 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
469 hcon->type, hcon->dst_type,
470 passkey, 0);
471
472 hci_dev_unlock(hcon->hdev);
473
474 return ret;
475 }
476
477 static u8 smp_confirm(struct smp_chan *smp)
478 {
479 struct l2cap_conn *conn = smp->conn;
480 struct hci_dev *hdev = conn->hcon->hdev;
481 struct crypto_blkcipher *tfm = hdev->tfm_aes;
482 struct smp_cmd_pairing_confirm cp;
483 int ret;
484
485 BT_DBG("conn %p", conn);
486
487 /* Prevent mutual access to hdev->tfm_aes */
488 hci_dev_lock(hdev);
489
490 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
491 conn->hcon->init_addr_type, &conn->hcon->init_addr,
492 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
493 cp.confirm_val);
494
495 hci_dev_unlock(hdev);
496
497 if (ret)
498 return SMP_UNSPECIFIED;
499
500 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
501
502 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
503
504 return 0;
505 }
506
507 static u8 smp_random(struct smp_chan *smp)
508 {
509 struct l2cap_conn *conn = smp->conn;
510 struct hci_conn *hcon = conn->hcon;
511 struct hci_dev *hdev = hcon->hdev;
512 struct crypto_blkcipher *tfm = hdev->tfm_aes;
513 u8 confirm[16];
514 int ret;
515
516 if (IS_ERR_OR_NULL(tfm))
517 return SMP_UNSPECIFIED;
518
519 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
520
521 /* Prevent mutual access to hdev->tfm_aes */
522 hci_dev_lock(hdev);
523
524 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
525 hcon->init_addr_type, &hcon->init_addr,
526 hcon->resp_addr_type, &hcon->resp_addr, confirm);
527
528 hci_dev_unlock(hdev);
529
530 if (ret)
531 return SMP_UNSPECIFIED;
532
533 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
534 BT_ERR("Pairing failed (confirmation values mismatch)");
535 return SMP_CONFIRM_FAILED;
536 }
537
538 if (hcon->out) {
539 u8 stk[16];
540 __le64 rand = 0;
541 __le16 ediv = 0;
542
543 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, stk);
544
545 memset(stk + smp->enc_key_size, 0,
546 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
547
548 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
549 return SMP_UNSPECIFIED;
550
551 hci_le_start_enc(hcon, ediv, rand, stk);
552 hcon->enc_key_size = smp->enc_key_size;
553 } else {
554 u8 stk[16], auth;
555 __le64 rand = 0;
556 __le16 ediv = 0;
557
558 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
559 smp->prnd);
560
561 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, stk);
562
563 memset(stk + smp->enc_key_size, 0,
564 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
565
566 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
567 auth = 1;
568 else
569 auth = 0;
570
571 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
572 HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size,
573 ediv, rand);
574 }
575
576 return 0;
577 }
578
579 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
580 {
581 struct smp_chan *smp;
582
583 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
584 if (!smp)
585 return NULL;
586
587 smp->conn = conn;
588 conn->smp_chan = smp;
589 conn->hcon->smp_conn = conn;
590
591 hci_conn_hold(conn->hcon);
592
593 return smp;
594 }
595
596 void smp_chan_destroy(struct l2cap_conn *conn)
597 {
598 struct smp_chan *smp = conn->smp_chan;
599 bool complete;
600
601 BUG_ON(!smp);
602
603 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
604 mgmt_smp_complete(conn->hcon, complete);
605
606 kfree(smp->csrk);
607 kfree(smp->slave_csrk);
608
609 /* If pairing failed clean up any keys we might have */
610 if (!complete) {
611 if (smp->ltk) {
612 list_del(&smp->ltk->list);
613 kfree(smp->ltk);
614 }
615
616 if (smp->slave_ltk) {
617 list_del(&smp->slave_ltk->list);
618 kfree(smp->slave_ltk);
619 }
620
621 if (smp->remote_irk) {
622 list_del(&smp->remote_irk->list);
623 kfree(smp->remote_irk);
624 }
625 }
626
627 kfree(smp);
628 conn->smp_chan = NULL;
629 conn->hcon->smp_conn = NULL;
630 hci_conn_drop(conn->hcon);
631 }
632
633 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
634 {
635 struct l2cap_conn *conn = hcon->smp_conn;
636 struct smp_chan *smp;
637 u32 value;
638
639 BT_DBG("");
640
641 if (!conn)
642 return -ENOTCONN;
643
644 smp = conn->smp_chan;
645
646 switch (mgmt_op) {
647 case MGMT_OP_USER_PASSKEY_REPLY:
648 value = le32_to_cpu(passkey);
649 memset(smp->tk, 0, sizeof(smp->tk));
650 BT_DBG("PassKey: %d", value);
651 put_unaligned_le32(value, smp->tk);
652 /* Fall Through */
653 case MGMT_OP_USER_CONFIRM_REPLY:
654 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
655 break;
656 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
657 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
658 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
659 return 0;
660 default:
661 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
662 return -EOPNOTSUPP;
663 }
664
665 /* If it is our turn to send Pairing Confirm, do so now */
666 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
667 u8 rsp = smp_confirm(smp);
668 if (rsp)
669 smp_failure(conn, rsp);
670 }
671
672 return 0;
673 }
674
675 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
676 {
677 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
678 struct smp_chan *smp;
679 u8 key_size, auth, sec_level;
680 int ret;
681
682 BT_DBG("conn %p", conn);
683
684 if (skb->len < sizeof(*req))
685 return SMP_INVALID_PARAMS;
686
687 if (conn->hcon->link_mode & HCI_LM_MASTER)
688 return SMP_CMD_NOTSUPP;
689
690 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
691 smp = smp_chan_create(conn);
692 else
693 smp = conn->smp_chan;
694
695 if (!smp)
696 return SMP_UNSPECIFIED;
697
698 smp->preq[0] = SMP_CMD_PAIRING_REQ;
699 memcpy(&smp->preq[1], req, sizeof(*req));
700 skb_pull(skb, sizeof(*req));
701
702 /* We didn't start the pairing, so match remote */
703 auth = req->auth_req;
704
705 sec_level = authreq_to_seclevel(auth);
706 if (sec_level > conn->hcon->pending_sec_level)
707 conn->hcon->pending_sec_level = sec_level;
708
709 /* If we need MITM check that it can be acheived */
710 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
711 u8 method;
712
713 method = get_auth_method(smp, conn->hcon->io_capability,
714 req->io_capability);
715 if (method == JUST_WORKS || method == JUST_CFM)
716 return SMP_AUTH_REQUIREMENTS;
717 }
718
719 build_pairing_cmd(conn, req, &rsp, auth);
720
721 key_size = min(req->max_key_size, rsp.max_key_size);
722 if (check_enc_key_size(conn, key_size))
723 return SMP_ENC_KEY_SIZE;
724
725 get_random_bytes(smp->prnd, sizeof(smp->prnd));
726
727 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
728 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
729
730 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
731
732 /* Request setup of TK */
733 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
734 if (ret)
735 return SMP_UNSPECIFIED;
736
737 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
738
739 return 0;
740 }
741
742 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
743 {
744 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
745 struct smp_chan *smp = conn->smp_chan;
746 u8 key_size, auth = SMP_AUTH_NONE;
747 int ret;
748
749 BT_DBG("conn %p", conn);
750
751 if (skb->len < sizeof(*rsp))
752 return SMP_INVALID_PARAMS;
753
754 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
755 return SMP_CMD_NOTSUPP;
756
757 skb_pull(skb, sizeof(*rsp));
758
759 req = (void *) &smp->preq[1];
760
761 key_size = min(req->max_key_size, rsp->max_key_size);
762 if (check_enc_key_size(conn, key_size))
763 return SMP_ENC_KEY_SIZE;
764
765 /* If we need MITM check that it can be acheived */
766 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
767 u8 method;
768
769 method = get_auth_method(smp, req->io_capability,
770 rsp->io_capability);
771 if (method == JUST_WORKS || method == JUST_CFM)
772 return SMP_AUTH_REQUIREMENTS;
773 }
774
775 get_random_bytes(smp->prnd, sizeof(smp->prnd));
776
777 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
778 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
779
780 /* Update remote key distribution in case the remote cleared
781 * some bits that we had enabled in our request.
782 */
783 smp->remote_key_dist &= rsp->resp_key_dist;
784
785 if ((req->auth_req & SMP_AUTH_BONDING) &&
786 (rsp->auth_req & SMP_AUTH_BONDING))
787 auth = SMP_AUTH_BONDING;
788
789 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
790
791 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
792 if (ret)
793 return SMP_UNSPECIFIED;
794
795 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
796
797 /* Can't compose response until we have been confirmed */
798 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
799 return smp_confirm(smp);
800
801 return 0;
802 }
803
804 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
805 {
806 struct smp_chan *smp = conn->smp_chan;
807
808 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
809
810 if (skb->len < sizeof(smp->pcnf))
811 return SMP_INVALID_PARAMS;
812
813 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
814 skb_pull(skb, sizeof(smp->pcnf));
815
816 if (conn->hcon->out)
817 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
818 smp->prnd);
819 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
820 return smp_confirm(smp);
821 else
822 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
823
824 return 0;
825 }
826
827 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
828 {
829 struct smp_chan *smp = conn->smp_chan;
830
831 BT_DBG("conn %p", conn);
832
833 if (skb->len < sizeof(smp->rrnd))
834 return SMP_INVALID_PARAMS;
835
836 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
837 skb_pull(skb, sizeof(smp->rrnd));
838
839 return smp_random(smp);
840 }
841
842 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
843 {
844 struct smp_ltk *key;
845 struct hci_conn *hcon = conn->hcon;
846
847 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
848 hcon->out);
849 if (!key)
850 return 0;
851
852 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
853 return 0;
854
855 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
856 return 1;
857
858 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
859 hcon->enc_key_size = key->enc_size;
860
861 return 1;
862 }
863
864 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
865 {
866 struct smp_cmd_security_req *rp = (void *) skb->data;
867 struct smp_cmd_pairing cp;
868 struct hci_conn *hcon = conn->hcon;
869 struct smp_chan *smp;
870 u8 sec_level;
871
872 BT_DBG("conn %p", conn);
873
874 if (skb->len < sizeof(*rp))
875 return SMP_INVALID_PARAMS;
876
877 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
878 return SMP_CMD_NOTSUPP;
879
880 sec_level = authreq_to_seclevel(rp->auth_req);
881 if (sec_level > hcon->pending_sec_level)
882 hcon->pending_sec_level = sec_level;
883
884 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
885 return 0;
886
887 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
888 return 0;
889
890 smp = smp_chan_create(conn);
891
892 skb_pull(skb, sizeof(*rp));
893
894 memset(&cp, 0, sizeof(cp));
895 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
896
897 smp->preq[0] = SMP_CMD_PAIRING_REQ;
898 memcpy(&smp->preq[1], &cp, sizeof(cp));
899
900 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
901
902 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
903
904 return 0;
905 }
906
907 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
908 {
909 if (sec_level == BT_SECURITY_LOW)
910 return true;
911
912 if (hcon->sec_level >= sec_level)
913 return true;
914
915 return false;
916 }
917
918 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
919 {
920 struct l2cap_conn *conn = hcon->l2cap_data;
921 struct smp_chan *smp;
922 __u8 authreq;
923
924 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
925
926 /* This may be NULL if there's an unexpected disconnection */
927 if (!conn)
928 return 1;
929
930 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
931 return 1;
932
933 if (smp_sufficient_security(hcon, sec_level))
934 return 1;
935
936 if (sec_level > hcon->pending_sec_level)
937 hcon->pending_sec_level = sec_level;
938
939 if (hcon->link_mode & HCI_LM_MASTER)
940 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
941 return 0;
942
943 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
944 return 0;
945
946 smp = smp_chan_create(conn);
947 if (!smp)
948 return 1;
949
950 authreq = seclevel_to_authreq(sec_level);
951
952 /* Require MITM if IO Capability allows or the security level
953 * requires it.
954 */
955 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
956 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
957 authreq |= SMP_AUTH_MITM;
958
959 if (hcon->link_mode & HCI_LM_MASTER) {
960 struct smp_cmd_pairing cp;
961
962 build_pairing_cmd(conn, &cp, NULL, authreq);
963 smp->preq[0] = SMP_CMD_PAIRING_REQ;
964 memcpy(&smp->preq[1], &cp, sizeof(cp));
965
966 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
967 } else {
968 struct smp_cmd_security_req cp;
969 cp.auth_req = authreq;
970 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
971 }
972
973 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
974
975 return 0;
976 }
977
978 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
979 {
980 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
981 struct smp_chan *smp = conn->smp_chan;
982
983 BT_DBG("conn %p", conn);
984
985 if (skb->len < sizeof(*rp))
986 return SMP_INVALID_PARAMS;
987
988 /* Ignore this PDU if it wasn't requested */
989 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
990 return 0;
991
992 skb_pull(skb, sizeof(*rp));
993
994 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
995
996 return 0;
997 }
998
999 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1000 {
1001 struct smp_cmd_master_ident *rp = (void *) skb->data;
1002 struct smp_chan *smp = conn->smp_chan;
1003 struct hci_dev *hdev = conn->hcon->hdev;
1004 struct hci_conn *hcon = conn->hcon;
1005 struct smp_ltk *ltk;
1006 u8 authenticated;
1007
1008 BT_DBG("conn %p", conn);
1009
1010 if (skb->len < sizeof(*rp))
1011 return SMP_INVALID_PARAMS;
1012
1013 /* Ignore this PDU if it wasn't requested */
1014 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1015 return 0;
1016
1017 /* Mark the information as received */
1018 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1019
1020 skb_pull(skb, sizeof(*rp));
1021
1022 hci_dev_lock(hdev);
1023 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1024 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK,
1025 authenticated, smp->tk, smp->enc_key_size,
1026 rp->ediv, rp->rand);
1027 smp->ltk = ltk;
1028 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1029 smp_distribute_keys(conn);
1030 hci_dev_unlock(hdev);
1031
1032 return 0;
1033 }
1034
1035 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1036 {
1037 struct smp_cmd_ident_info *info = (void *) skb->data;
1038 struct smp_chan *smp = conn->smp_chan;
1039
1040 BT_DBG("");
1041
1042 if (skb->len < sizeof(*info))
1043 return SMP_INVALID_PARAMS;
1044
1045 /* Ignore this PDU if it wasn't requested */
1046 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1047 return 0;
1048
1049 skb_pull(skb, sizeof(*info));
1050
1051 memcpy(smp->irk, info->irk, 16);
1052
1053 return 0;
1054 }
1055
1056 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1057 struct sk_buff *skb)
1058 {
1059 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1060 struct smp_chan *smp = conn->smp_chan;
1061 struct hci_conn *hcon = conn->hcon;
1062 bdaddr_t rpa;
1063
1064 BT_DBG("");
1065
1066 if (skb->len < sizeof(*info))
1067 return SMP_INVALID_PARAMS;
1068
1069 /* Ignore this PDU if it wasn't requested */
1070 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1071 return 0;
1072
1073 /* Mark the information as received */
1074 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1075
1076 skb_pull(skb, sizeof(*info));
1077
1078 /* Strictly speaking the Core Specification (4.1) allows sending
1079 * an empty address which would force us to rely on just the IRK
1080 * as "identity information". However, since such
1081 * implementations are not known of and in order to not over
1082 * complicate our implementation, simply pretend that we never
1083 * received an IRK for such a device.
1084 */
1085 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1086 BT_ERR("Ignoring IRK with no identity address");
1087 smp_distribute_keys(conn);
1088 return 0;
1089 }
1090
1091 bacpy(&smp->id_addr, &info->bdaddr);
1092 smp->id_addr_type = info->addr_type;
1093
1094 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1095 bacpy(&rpa, &hcon->dst);
1096 else
1097 bacpy(&rpa, BDADDR_ANY);
1098
1099 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1100 smp->id_addr_type, smp->irk, &rpa);
1101
1102 smp_distribute_keys(conn);
1103
1104 return 0;
1105 }
1106
1107 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1108 {
1109 struct smp_cmd_sign_info *rp = (void *) skb->data;
1110 struct smp_chan *smp = conn->smp_chan;
1111 struct hci_dev *hdev = conn->hcon->hdev;
1112 struct smp_csrk *csrk;
1113
1114 BT_DBG("conn %p", conn);
1115
1116 if (skb->len < sizeof(*rp))
1117 return SMP_INVALID_PARAMS;
1118
1119 /* Ignore this PDU if it wasn't requested */
1120 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1121 return 0;
1122
1123 /* Mark the information as received */
1124 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1125
1126 skb_pull(skb, sizeof(*rp));
1127
1128 hci_dev_lock(hdev);
1129 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1130 if (csrk) {
1131 csrk->master = 0x01;
1132 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1133 }
1134 smp->csrk = csrk;
1135 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1136 smp_distribute_keys(conn);
1137 hci_dev_unlock(hdev);
1138
1139 return 0;
1140 }
1141
1142 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1143 {
1144 struct hci_conn *hcon = conn->hcon;
1145 __u8 code, reason;
1146 int err = 0;
1147
1148 if (hcon->type != LE_LINK) {
1149 kfree_skb(skb);
1150 return 0;
1151 }
1152
1153 if (skb->len < 1) {
1154 kfree_skb(skb);
1155 return -EILSEQ;
1156 }
1157
1158 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1159 err = -ENOTSUPP;
1160 reason = SMP_PAIRING_NOTSUPP;
1161 goto done;
1162 }
1163
1164 code = skb->data[0];
1165 skb_pull(skb, sizeof(code));
1166
1167 /*
1168 * The SMP context must be initialized for all other PDUs except
1169 * pairing and security requests. If we get any other PDU when
1170 * not initialized simply disconnect (done if this function
1171 * returns an error).
1172 */
1173 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1174 !conn->smp_chan) {
1175 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1176 kfree_skb(skb);
1177 return -ENOTSUPP;
1178 }
1179
1180 switch (code) {
1181 case SMP_CMD_PAIRING_REQ:
1182 reason = smp_cmd_pairing_req(conn, skb);
1183 break;
1184
1185 case SMP_CMD_PAIRING_FAIL:
1186 smp_failure(conn, 0);
1187 reason = 0;
1188 err = -EPERM;
1189 break;
1190
1191 case SMP_CMD_PAIRING_RSP:
1192 reason = smp_cmd_pairing_rsp(conn, skb);
1193 break;
1194
1195 case SMP_CMD_SECURITY_REQ:
1196 reason = smp_cmd_security_req(conn, skb);
1197 break;
1198
1199 case SMP_CMD_PAIRING_CONFIRM:
1200 reason = smp_cmd_pairing_confirm(conn, skb);
1201 break;
1202
1203 case SMP_CMD_PAIRING_RANDOM:
1204 reason = smp_cmd_pairing_random(conn, skb);
1205 break;
1206
1207 case SMP_CMD_ENCRYPT_INFO:
1208 reason = smp_cmd_encrypt_info(conn, skb);
1209 break;
1210
1211 case SMP_CMD_MASTER_IDENT:
1212 reason = smp_cmd_master_ident(conn, skb);
1213 break;
1214
1215 case SMP_CMD_IDENT_INFO:
1216 reason = smp_cmd_ident_info(conn, skb);
1217 break;
1218
1219 case SMP_CMD_IDENT_ADDR_INFO:
1220 reason = smp_cmd_ident_addr_info(conn, skb);
1221 break;
1222
1223 case SMP_CMD_SIGN_INFO:
1224 reason = smp_cmd_sign_info(conn, skb);
1225 break;
1226
1227 default:
1228 BT_DBG("Unknown command code 0x%2.2x", code);
1229
1230 reason = SMP_CMD_NOTSUPP;
1231 err = -EOPNOTSUPP;
1232 goto done;
1233 }
1234
1235 done:
1236 if (reason)
1237 smp_failure(conn, reason);
1238
1239 kfree_skb(skb);
1240 return err;
1241 }
1242
1243 static void smp_notify_keys(struct l2cap_conn *conn)
1244 {
1245 struct smp_chan *smp = conn->smp_chan;
1246 struct hci_conn *hcon = conn->hcon;
1247 struct hci_dev *hdev = hcon->hdev;
1248 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1249 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1250 bool persistent;
1251
1252 if (smp->remote_irk) {
1253 mgmt_new_irk(hdev, smp->remote_irk);
1254 /* Now that user space can be considered to know the
1255 * identity address track the connection based on it
1256 * from now on.
1257 */
1258 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1259 hcon->dst_type = smp->remote_irk->addr_type;
1260 l2cap_conn_update_id_addr(hcon);
1261 }
1262
1263 /* The LTKs and CSRKs should be persistent only if both sides
1264 * had the bonding bit set in their authentication requests.
1265 */
1266 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1267
1268 if (smp->csrk) {
1269 smp->csrk->bdaddr_type = hcon->dst_type;
1270 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1271 mgmt_new_csrk(hdev, smp->csrk, persistent);
1272 }
1273
1274 if (smp->slave_csrk) {
1275 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1276 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1277 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1278 }
1279
1280 if (smp->ltk) {
1281 smp->ltk->bdaddr_type = hcon->dst_type;
1282 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1283 mgmt_new_ltk(hdev, smp->ltk, persistent);
1284 }
1285
1286 if (smp->slave_ltk) {
1287 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1288 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1289 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1290 }
1291 }
1292
1293 int smp_distribute_keys(struct l2cap_conn *conn)
1294 {
1295 struct smp_cmd_pairing *req, *rsp;
1296 struct smp_chan *smp = conn->smp_chan;
1297 struct hci_conn *hcon = conn->hcon;
1298 struct hci_dev *hdev = hcon->hdev;
1299 __u8 *keydist;
1300
1301 BT_DBG("conn %p", conn);
1302
1303 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1304 return 0;
1305
1306 rsp = (void *) &smp->prsp[1];
1307
1308 /* The responder sends its keys first */
1309 if (hcon->out && (smp->remote_key_dist & 0x07))
1310 return 0;
1311
1312 req = (void *) &smp->preq[1];
1313
1314 if (hcon->out) {
1315 keydist = &rsp->init_key_dist;
1316 *keydist &= req->init_key_dist;
1317 } else {
1318 keydist = &rsp->resp_key_dist;
1319 *keydist &= req->resp_key_dist;
1320 }
1321
1322 BT_DBG("keydist 0x%x", *keydist);
1323
1324 if (*keydist & SMP_DIST_ENC_KEY) {
1325 struct smp_cmd_encrypt_info enc;
1326 struct smp_cmd_master_ident ident;
1327 struct smp_ltk *ltk;
1328 u8 authenticated;
1329 __le16 ediv;
1330 __le64 rand;
1331
1332 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1333 get_random_bytes(&ediv, sizeof(ediv));
1334 get_random_bytes(&rand, sizeof(rand));
1335
1336 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1337
1338 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1339 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1340 HCI_SMP_LTK_SLAVE, authenticated, enc.ltk,
1341 smp->enc_key_size, ediv, rand);
1342 smp->slave_ltk = ltk;
1343
1344 ident.ediv = ediv;
1345 ident.rand = rand;
1346
1347 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1348
1349 *keydist &= ~SMP_DIST_ENC_KEY;
1350 }
1351
1352 if (*keydist & SMP_DIST_ID_KEY) {
1353 struct smp_cmd_ident_addr_info addrinfo;
1354 struct smp_cmd_ident_info idinfo;
1355
1356 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1357
1358 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1359
1360 /* The hci_conn contains the local identity address
1361 * after the connection has been established.
1362 *
1363 * This is true even when the connection has been
1364 * established using a resolvable random address.
1365 */
1366 bacpy(&addrinfo.bdaddr, &hcon->src);
1367 addrinfo.addr_type = hcon->src_type;
1368
1369 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1370 &addrinfo);
1371
1372 *keydist &= ~SMP_DIST_ID_KEY;
1373 }
1374
1375 if (*keydist & SMP_DIST_SIGN) {
1376 struct smp_cmd_sign_info sign;
1377 struct smp_csrk *csrk;
1378
1379 /* Generate a new random key */
1380 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1381
1382 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1383 if (csrk) {
1384 csrk->master = 0x00;
1385 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1386 }
1387 smp->slave_csrk = csrk;
1388
1389 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1390
1391 *keydist &= ~SMP_DIST_SIGN;
1392 }
1393
1394 /* If there are still keys to be received wait for them */
1395 if ((smp->remote_key_dist & 0x07))
1396 return 0;
1397
1398 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1399 cancel_delayed_work_sync(&conn->security_timer);
1400 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1401 smp_notify_keys(conn);
1402
1403 smp_chan_destroy(conn);
1404
1405 return 0;
1406 }
Linux with added FPC-III support