search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
xen: Add xen_arch_suspend()
[linux/fpc-iii.git] / net / bluetooth / smp.c
blobb7b6d387ef5d8840951726ab96bf4710bee66945
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/algapi.h>
26 #include <crypto/b128ops.h>
27
28 #include <net/bluetooth/bluetooth.h>
29 #include <net/bluetooth/hci_core.h>
30 #include <net/bluetooth/l2cap.h>
31 #include <net/bluetooth/mgmt.h>
32
33 #include "smp.h"
34
35 #define SMP_TIMEOUT msecs_to_jiffies(30000)
36
37 #define AUTH_REQ_MASK 0x07
38
39 #define SMP_FLAG_TK_VALID 1
40 #define SMP_FLAG_CFM_PENDING 2
41 #define SMP_FLAG_MITM_AUTH 3
42 #define SMP_FLAG_COMPLETE 4
43 #define SMP_FLAG_INITIATOR 5
44
45 struct smp_chan {
46 struct l2cap_conn *conn;
47 u8 preq[7]; /* SMP Pairing Request */
48 u8 prsp[7]; /* SMP Pairing Response */
49 u8 prnd[16]; /* SMP Pairing Random (local) */
50 u8 rrnd[16]; /* SMP Pairing Random (remote) */
51 u8 pcnf[16]; /* SMP Pairing Confirm */
52 u8 tk[16]; /* SMP Temporary Key */
53 u8 enc_key_size;
54 u8 remote_key_dist;
55 bdaddr_t id_addr;
56 u8 id_addr_type;
57 u8 irk[16];
58 struct smp_csrk *csrk;
59 struct smp_csrk *slave_csrk;
60 struct smp_ltk *ltk;
61 struct smp_ltk *slave_ltk;
62 struct smp_irk *remote_irk;
63 unsigned long flags;
64 };
65
66 static inline void swap128(const u8 src[16], u8 dst[16])
67 {
68 int i;
69 for (i = 0; i < 16; i++)
70 dst[15 - i] = src[i];
71 }
72
73 static inline void swap56(const u8 src[7], u8 dst[7])
74 {
75 int i;
76 for (i = 0; i < 7; i++)
77 dst[6 - i] = src[i];
78 }
79
80 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
81 {
82 struct blkcipher_desc desc;
83 struct scatterlist sg;
84 uint8_t tmp[16], data[16];
85 int err;
86
87 if (tfm == NULL) {
88 BT_ERR("tfm %p", tfm);
89 return -EINVAL;
90 }
91
92 desc.tfm = tfm;
93 desc.flags = 0;
94
95 /* The most significant octet of key corresponds to k[0] */
96 swap128(k, tmp);
97
98 err = crypto_blkcipher_setkey(tfm, tmp, 16);
99 if (err) {
100 BT_ERR("cipher setkey failed: %d", err);
101 return err;
102 }
103
104 /* Most significant octet of plaintextData corresponds to data[0] */
105 swap128(r, data);
106
107 sg_init_one(&sg, data, 16);
108
109 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
110 if (err)
111 BT_ERR("Encrypt data error %d", err);
112
113 /* Most significant octet of encryptedData corresponds to data[0] */
114 swap128(data, r);
115
116 return err;
117 }
118
119 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
120 {
121 u8 _res[16];
122 int err;
123
124 /* r' = padding || r */
125 memcpy(_res, r, 3);
126 memset(_res + 3, 0, 13);
127
128 err = smp_e(tfm, irk, _res);
129 if (err) {
130 BT_ERR("Encrypt error");
131 return err;
132 }
133
134 /* The output of the random address function ah is:
135 * ah(h, r) = e(k, r') mod 2^24
136 * The output of the security function e is then truncated to 24 bits
137 * by taking the least significant 24 bits of the output of e as the
138 * result of ah.
139 */
140 memcpy(res, _res, 3);
141
142 return 0;
143 }
144
145 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
146 bdaddr_t *bdaddr)
147 {
148 u8 hash[3];
149 int err;
150
151 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
152
153 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
154 if (err)
155 return false;
156
157 return !crypto_memneq(bdaddr->b, hash, 3);
158 }
159
160 int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
161 {
162 int err;
163
164 get_random_bytes(&rpa->b[3], 3);
165
166 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
167 rpa->b[5] |= 0x40; /* Set second most significant bit */
168
169 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
170 if (err < 0)
171 return err;
172
173 BT_DBG("RPA %pMR", rpa);
174
175 return 0;
176 }
177
178 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
179 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
180 u8 _rat, bdaddr_t *ra, u8 res[16])
181 {
182 u8 p1[16], p2[16];
183 int err;
184
185 memset(p1, 0, 16);
186
187 /* p1 = pres || preq || _rat || _iat */
188 p1[0] = _iat;
189 p1[1] = _rat;
190 memcpy(p1 + 2, preq, 7);
191 memcpy(p1 + 9, pres, 7);
192
193 /* p2 = padding || ia || ra */
194 memcpy(p2, ra, 6);
195 memcpy(p2 + 6, ia, 6);
196 memset(p2 + 12, 0, 4);
197
198 /* res = r XOR p1 */
199 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
200
201 /* res = e(k, res) */
202 err = smp_e(tfm, k, res);
203 if (err) {
204 BT_ERR("Encrypt data error");
205 return err;
206 }
207
208 /* res = res XOR p2 */
209 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
210
211 /* res = e(k, res) */
212 err = smp_e(tfm, k, res);
213 if (err)
214 BT_ERR("Encrypt data error");
215
216 return err;
217 }
218
219 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
220 u8 r2[16], u8 _r[16])
221 {
222 int err;
223
224 /* Just least significant octets from r1 and r2 are considered */
225 memcpy(_r, r2, 8);
226 memcpy(_r + 8, r1, 8);
227
228 err = smp_e(tfm, k, _r);
229 if (err)
230 BT_ERR("Encrypt data error");
231
232 return err;
233 }
234
235 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
236 u16 dlen, void *data)
237 {
238 struct sk_buff *skb;
239 struct l2cap_hdr *lh;
240 int len;
241
242 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
243
244 if (len > conn->mtu)
245 return NULL;
246
247 skb = bt_skb_alloc(len, GFP_ATOMIC);
248 if (!skb)
249 return NULL;
250
251 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
252 lh->len = cpu_to_le16(sizeof(code) + dlen);
253 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
254
255 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
256
257 memcpy(skb_put(skb, dlen), data, dlen);
258
259 return skb;
260 }
261
262 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
263 {
264 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
265
266 BT_DBG("code 0x%2.2x", code);
267
268 if (!skb)
269 return;
270
271 skb->priority = HCI_PRIO_MAX;
272 hci_send_acl(conn->hchan, skb, 0);
273
274 cancel_delayed_work_sync(&conn->security_timer);
275 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
276 }
277
278 static __u8 authreq_to_seclevel(__u8 authreq)
279 {
280 if (authreq & SMP_AUTH_MITM)
281 return BT_SECURITY_HIGH;
282 else
283 return BT_SECURITY_MEDIUM;
284 }
285
286 static __u8 seclevel_to_authreq(__u8 sec_level)
287 {
288 switch (sec_level) {
289 case BT_SECURITY_HIGH:
290 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
291 case BT_SECURITY_MEDIUM:
292 return SMP_AUTH_BONDING;
293 default:
294 return SMP_AUTH_NONE;
295 }
296 }
297
298 static void build_pairing_cmd(struct l2cap_conn *conn,
299 struct smp_cmd_pairing *req,
300 struct smp_cmd_pairing *rsp, __u8 authreq)
301 {
302 struct smp_chan *smp = conn->smp_chan;
303 struct hci_conn *hcon = conn->hcon;
304 struct hci_dev *hdev = hcon->hdev;
305 u8 local_dist = 0, remote_dist = 0;
306
307 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
308 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
309 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
310 authreq |= SMP_AUTH_BONDING;
311 } else {
312 authreq &= ~SMP_AUTH_BONDING;
313 }
314
315 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
316 remote_dist |= SMP_DIST_ID_KEY;
317
318 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
319 local_dist |= SMP_DIST_ID_KEY;
320
321 if (rsp == NULL) {
322 req->io_capability = conn->hcon->io_capability;
323 req->oob_flag = SMP_OOB_NOT_PRESENT;
324 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
325 req->init_key_dist = local_dist;
326 req->resp_key_dist = remote_dist;
327 req->auth_req = (authreq & AUTH_REQ_MASK);
328
329 smp->remote_key_dist = remote_dist;
330 return;
331 }
332
333 rsp->io_capability = conn->hcon->io_capability;
334 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
335 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
336 rsp->init_key_dist = req->init_key_dist & remote_dist;
337 rsp->resp_key_dist = req->resp_key_dist & local_dist;
338 rsp->auth_req = (authreq & AUTH_REQ_MASK);
339
340 smp->remote_key_dist = rsp->init_key_dist;
341 }
342
343 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
344 {
345 struct smp_chan *smp = conn->smp_chan;
346
347 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
348 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
349 return SMP_ENC_KEY_SIZE;
350
351 smp->enc_key_size = max_key_size;
352
353 return 0;
354 }
355
356 static void smp_failure(struct l2cap_conn *conn, u8 reason)
357 {
358 struct hci_conn *hcon = conn->hcon;
359
360 if (reason)
361 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
362 &reason);
363
364 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
365 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
366 HCI_ERROR_AUTH_FAILURE);
367
368 cancel_delayed_work_sync(&conn->security_timer);
369
370 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
371 smp_chan_destroy(conn);
372 }
373
374 #define JUST_WORKS 0x00
375 #define JUST_CFM 0x01
376 #define REQ_PASSKEY 0x02
377 #define CFM_PASSKEY 0x03
378 #define REQ_OOB 0x04
379 #define OVERLAP 0xFF
380
381 static const u8 gen_method[5][5] = {
382 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
383 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
384 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
385 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
386 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
387 };
388
389 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
390 {
391 /* If either side has unknown io_caps, use JUST WORKS */
392 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
393 remote_io > SMP_IO_KEYBOARD_DISPLAY)
394 return JUST_WORKS;
395
396 return gen_method[remote_io][local_io];
397 }
398
399 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
400 u8 local_io, u8 remote_io)
401 {
402 struct hci_conn *hcon = conn->hcon;
403 struct smp_chan *smp = conn->smp_chan;
404 u8 method;
405 u32 passkey = 0;
406 int ret = 0;
407
408 /* Initialize key for JUST WORKS */
409 memset(smp->tk, 0, sizeof(smp->tk));
410 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
411
412 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
413
414 /* If neither side wants MITM, use JUST WORKS */
415 /* Otherwise, look up method from the table */
416 if (!(auth & SMP_AUTH_MITM))
417 method = JUST_WORKS;
418 else
419 method = get_auth_method(smp, local_io, remote_io);
420
421 /* If not bonding, don't ask user to confirm a Zero TK */
422 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
423 method = JUST_WORKS;
424
425 /* Don't confirm locally initiated pairing attempts */
426 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
427 method = JUST_WORKS;
428
429 /* If Just Works, Continue with Zero TK */
430 if (method == JUST_WORKS) {
431 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
432 return 0;
433 }
434
435 /* Not Just Works/Confirm results in MITM Authentication */
436 if (method != JUST_CFM) {
437 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
438 if (hcon->pending_sec_level < BT_SECURITY_HIGH)
439 hcon->pending_sec_level = BT_SECURITY_HIGH;
440 }
441
442 /* If both devices have Keyoard-Display I/O, the master
443 * Confirms and the slave Enters the passkey.
444 */
445 if (method == OVERLAP) {
446 if (hcon->link_mode & HCI_LM_MASTER)
447 method = CFM_PASSKEY;
448 else
449 method = REQ_PASSKEY;
450 }
451
452 /* Generate random passkey. */
453 if (method == CFM_PASSKEY) {
454 memset(smp->tk, 0, sizeof(smp->tk));
455 get_random_bytes(&passkey, sizeof(passkey));
456 passkey %= 1000000;
457 put_unaligned_le32(passkey, smp->tk);
458 BT_DBG("PassKey: %d", passkey);
459 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
460 }
461
462 hci_dev_lock(hcon->hdev);
463
464 if (method == REQ_PASSKEY)
465 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
466 hcon->type, hcon->dst_type);
467 else if (method == JUST_CFM)
468 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
469 hcon->type, hcon->dst_type,
470 passkey, 1);
471 else
472 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
473 hcon->type, hcon->dst_type,
474 passkey, 0);
475
476 hci_dev_unlock(hcon->hdev);
477
478 return ret;
479 }
480
481 static u8 smp_confirm(struct smp_chan *smp)
482 {
483 struct l2cap_conn *conn = smp->conn;
484 struct hci_dev *hdev = conn->hcon->hdev;
485 struct crypto_blkcipher *tfm = hdev->tfm_aes;
486 struct smp_cmd_pairing_confirm cp;
487 int ret;
488
489 BT_DBG("conn %p", conn);
490
491 /* Prevent mutual access to hdev->tfm_aes */
492 hci_dev_lock(hdev);
493
494 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
495 conn->hcon->init_addr_type, &conn->hcon->init_addr,
496 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
497 cp.confirm_val);
498
499 hci_dev_unlock(hdev);
500
501 if (ret)
502 return SMP_UNSPECIFIED;
503
504 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
505
506 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
507
508 return 0;
509 }
510
511 static u8 smp_random(struct smp_chan *smp)
512 {
513 struct l2cap_conn *conn = smp->conn;
514 struct hci_conn *hcon = conn->hcon;
515 struct hci_dev *hdev = hcon->hdev;
516 struct crypto_blkcipher *tfm = hdev->tfm_aes;
517 u8 confirm[16];
518 int ret;
519
520 if (IS_ERR_OR_NULL(tfm))
521 return SMP_UNSPECIFIED;
522
523 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
524
525 /* Prevent mutual access to hdev->tfm_aes */
526 hci_dev_lock(hdev);
527
528 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
529 hcon->init_addr_type, &hcon->init_addr,
530 hcon->resp_addr_type, &hcon->resp_addr, confirm);
531
532 hci_dev_unlock(hdev);
533
534 if (ret)
535 return SMP_UNSPECIFIED;
536
537 if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
538 BT_ERR("Pairing failed (confirmation values mismatch)");
539 return SMP_CONFIRM_FAILED;
540 }
541
542 if (hcon->out) {
543 u8 stk[16];
544 __le64 rand = 0;
545 __le16 ediv = 0;
546
547 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, stk);
548
549 memset(stk + smp->enc_key_size, 0,
550 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
551
552 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
553 return SMP_UNSPECIFIED;
554
555 hci_le_start_enc(hcon, ediv, rand, stk);
556 hcon->enc_key_size = smp->enc_key_size;
557 } else {
558 u8 stk[16], auth;
559 __le64 rand = 0;
560 __le16 ediv = 0;
561
562 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
563 smp->prnd);
564
565 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, stk);
566
567 memset(stk + smp->enc_key_size, 0,
568 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
569
570 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
571 auth = 1;
572 else
573 auth = 0;
574
575 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
576 HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size,
577 ediv, rand);
578 }
579
580 return 0;
581 }
582
583 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
584 {
585 struct smp_chan *smp;
586
587 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
588 if (!smp)
589 return NULL;
590
591 smp->conn = conn;
592 conn->smp_chan = smp;
593 conn->hcon->smp_conn = conn;
594
595 hci_conn_hold(conn->hcon);
596
597 return smp;
598 }
599
600 void smp_chan_destroy(struct l2cap_conn *conn)
601 {
602 struct smp_chan *smp = conn->smp_chan;
603 bool complete;
604
605 BUG_ON(!smp);
606
607 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
608 mgmt_smp_complete(conn->hcon, complete);
609
610 kfree(smp->csrk);
611 kfree(smp->slave_csrk);
612
613 /* If pairing failed clean up any keys we might have */
614 if (!complete) {
615 if (smp->ltk) {
616 list_del(&smp->ltk->list);
617 kfree(smp->ltk);
618 }
619
620 if (smp->slave_ltk) {
621 list_del(&smp->slave_ltk->list);
622 kfree(smp->slave_ltk);
623 }
624
625 if (smp->remote_irk) {
626 list_del(&smp->remote_irk->list);
627 kfree(smp->remote_irk);
628 }
629 }
630
631 kfree(smp);
632 conn->smp_chan = NULL;
633 conn->hcon->smp_conn = NULL;
634 hci_conn_drop(conn->hcon);
635 }
636
637 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
638 {
639 struct l2cap_conn *conn = hcon->smp_conn;
640 struct smp_chan *smp;
641 u32 value;
642
643 BT_DBG("");
644
645 if (!conn)
646 return -ENOTCONN;
647
648 smp = conn->smp_chan;
649
650 switch (mgmt_op) {
651 case MGMT_OP_USER_PASSKEY_REPLY:
652 value = le32_to_cpu(passkey);
653 memset(smp->tk, 0, sizeof(smp->tk));
654 BT_DBG("PassKey: %d", value);
655 put_unaligned_le32(value, smp->tk);
656 /* Fall Through */
657 case MGMT_OP_USER_CONFIRM_REPLY:
658 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
659 break;
660 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
661 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
662 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
663 return 0;
664 default:
665 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
666 return -EOPNOTSUPP;
667 }
668
669 /* If it is our turn to send Pairing Confirm, do so now */
670 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
671 u8 rsp = smp_confirm(smp);
672 if (rsp)
673 smp_failure(conn, rsp);
674 }
675
676 return 0;
677 }
678
679 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
680 {
681 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
682 struct smp_chan *smp;
683 u8 key_size, auth, sec_level;
684 int ret;
685
686 BT_DBG("conn %p", conn);
687
688 if (skb->len < sizeof(*req))
689 return SMP_INVALID_PARAMS;
690
691 if (conn->hcon->link_mode & HCI_LM_MASTER)
692 return SMP_CMD_NOTSUPP;
693
694 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
695 smp = smp_chan_create(conn);
696 else
697 smp = conn->smp_chan;
698
699 if (!smp)
700 return SMP_UNSPECIFIED;
701
702 smp->preq[0] = SMP_CMD_PAIRING_REQ;
703 memcpy(&smp->preq[1], req, sizeof(*req));
704 skb_pull(skb, sizeof(*req));
705
706 /* We didn't start the pairing, so match remote */
707 auth = req->auth_req;
708
709 sec_level = authreq_to_seclevel(auth);
710 if (sec_level > conn->hcon->pending_sec_level)
711 conn->hcon->pending_sec_level = sec_level;
712
713 /* If we need MITM check that it can be acheived */
714 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
715 u8 method;
716
717 method = get_auth_method(smp, conn->hcon->io_capability,
718 req->io_capability);
719 if (method == JUST_WORKS || method == JUST_CFM)
720 return SMP_AUTH_REQUIREMENTS;
721 }
722
723 build_pairing_cmd(conn, req, &rsp, auth);
724
725 key_size = min(req->max_key_size, rsp.max_key_size);
726 if (check_enc_key_size(conn, key_size))
727 return SMP_ENC_KEY_SIZE;
728
729 get_random_bytes(smp->prnd, sizeof(smp->prnd));
730
731 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
732 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
733
734 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
735
736 /* Request setup of TK */
737 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
738 if (ret)
739 return SMP_UNSPECIFIED;
740
741 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
742
743 return 0;
744 }
745
746 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
747 {
748 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
749 struct smp_chan *smp = conn->smp_chan;
750 u8 key_size, auth = SMP_AUTH_NONE;
751 int ret;
752
753 BT_DBG("conn %p", conn);
754
755 if (skb->len < sizeof(*rsp))
756 return SMP_INVALID_PARAMS;
757
758 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
759 return SMP_CMD_NOTSUPP;
760
761 skb_pull(skb, sizeof(*rsp));
762
763 req = (void *) &smp->preq[1];
764
765 key_size = min(req->max_key_size, rsp->max_key_size);
766 if (check_enc_key_size(conn, key_size))
767 return SMP_ENC_KEY_SIZE;
768
769 /* If we need MITM check that it can be acheived */
770 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
771 u8 method;
772
773 method = get_auth_method(smp, req->io_capability,
774 rsp->io_capability);
775 if (method == JUST_WORKS || method == JUST_CFM)
776 return SMP_AUTH_REQUIREMENTS;
777 }
778
779 get_random_bytes(smp->prnd, sizeof(smp->prnd));
780
781 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
782 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
783
784 /* Update remote key distribution in case the remote cleared
785 * some bits that we had enabled in our request.
786 */
787 smp->remote_key_dist &= rsp->resp_key_dist;
788
789 if ((req->auth_req & SMP_AUTH_BONDING) &&
790 (rsp->auth_req & SMP_AUTH_BONDING))
791 auth = SMP_AUTH_BONDING;
792
793 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
794
795 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
796 if (ret)
797 return SMP_UNSPECIFIED;
798
799 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
800
801 /* Can't compose response until we have been confirmed */
802 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
803 return smp_confirm(smp);
804
805 return 0;
806 }
807
808 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
809 {
810 struct smp_chan *smp = conn->smp_chan;
811
812 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
813
814 if (skb->len < sizeof(smp->pcnf))
815 return SMP_INVALID_PARAMS;
816
817 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
818 skb_pull(skb, sizeof(smp->pcnf));
819
820 if (conn->hcon->out)
821 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
822 smp->prnd);
823 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
824 return smp_confirm(smp);
825 else
826 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
827
828 return 0;
829 }
830
831 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
832 {
833 struct smp_chan *smp = conn->smp_chan;
834
835 BT_DBG("conn %p", conn);
836
837 if (skb->len < sizeof(smp->rrnd))
838 return SMP_INVALID_PARAMS;
839
840 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
841 skb_pull(skb, sizeof(smp->rrnd));
842
843 return smp_random(smp);
844 }
845
846 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
847 {
848 struct smp_ltk *key;
849 struct hci_conn *hcon = conn->hcon;
850
851 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
852 hcon->out);
853 if (!key)
854 return 0;
855
856 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
857 return 0;
858
859 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
860 return 1;
861
862 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
863 hcon->enc_key_size = key->enc_size;
864
865 return 1;
866 }
867
868 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
869 {
870 struct smp_cmd_security_req *rp = (void *) skb->data;
871 struct smp_cmd_pairing cp;
872 struct hci_conn *hcon = conn->hcon;
873 struct smp_chan *smp;
874 u8 sec_level;
875
876 BT_DBG("conn %p", conn);
877
878 if (skb->len < sizeof(*rp))
879 return SMP_INVALID_PARAMS;
880
881 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
882 return SMP_CMD_NOTSUPP;
883
884 sec_level = authreq_to_seclevel(rp->auth_req);
885 if (sec_level > hcon->pending_sec_level)
886 hcon->pending_sec_level = sec_level;
887
888 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
889 return 0;
890
891 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
892 return 0;
893
894 smp = smp_chan_create(conn);
895
896 skb_pull(skb, sizeof(*rp));
897
898 memset(&cp, 0, sizeof(cp));
899 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
900
901 smp->preq[0] = SMP_CMD_PAIRING_REQ;
902 memcpy(&smp->preq[1], &cp, sizeof(cp));
903
904 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
905
906 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
907
908 return 0;
909 }
910
911 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
912 {
913 if (sec_level == BT_SECURITY_LOW)
914 return true;
915
916 if (hcon->sec_level >= sec_level)
917 return true;
918
919 return false;
920 }
921
922 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
923 {
924 struct l2cap_conn *conn = hcon->l2cap_data;
925 struct smp_chan *smp;
926 __u8 authreq;
927
928 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
929
930 /* This may be NULL if there's an unexpected disconnection */
931 if (!conn)
932 return 1;
933
934 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
935 return 1;
936
937 if (smp_sufficient_security(hcon, sec_level))
938 return 1;
939
940 if (sec_level > hcon->pending_sec_level)
941 hcon->pending_sec_level = sec_level;
942
943 if (hcon->link_mode & HCI_LM_MASTER)
944 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
945 return 0;
946
947 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
948 return 0;
949
950 smp = smp_chan_create(conn);
951 if (!smp)
952 return 1;
953
954 authreq = seclevel_to_authreq(sec_level);
955
956 /* Require MITM if IO Capability allows or the security level
957 * requires it.
958 */
959 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
960 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
961 authreq |= SMP_AUTH_MITM;
962
963 if (hcon->link_mode & HCI_LM_MASTER) {
964 struct smp_cmd_pairing cp;
965
966 build_pairing_cmd(conn, &cp, NULL, authreq);
967 smp->preq[0] = SMP_CMD_PAIRING_REQ;
968 memcpy(&smp->preq[1], &cp, sizeof(cp));
969
970 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
971 } else {
972 struct smp_cmd_security_req cp;
973 cp.auth_req = authreq;
974 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
975 }
976
977 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
978
979 return 0;
980 }
981
982 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
983 {
984 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
985 struct smp_chan *smp = conn->smp_chan;
986
987 BT_DBG("conn %p", conn);
988
989 if (skb->len < sizeof(*rp))
990 return SMP_INVALID_PARAMS;
991
992 /* Ignore this PDU if it wasn't requested */
993 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
994 return 0;
995
996 skb_pull(skb, sizeof(*rp));
997
998 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
999
1000 return 0;
1001 }
1002
1003 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1004 {
1005 struct smp_cmd_master_ident *rp = (void *) skb->data;
1006 struct smp_chan *smp = conn->smp_chan;
1007 struct hci_dev *hdev = conn->hcon->hdev;
1008 struct hci_conn *hcon = conn->hcon;
1009 struct smp_ltk *ltk;
1010 u8 authenticated;
1011
1012 BT_DBG("conn %p", conn);
1013
1014 if (skb->len < sizeof(*rp))
1015 return SMP_INVALID_PARAMS;
1016
1017 /* Ignore this PDU if it wasn't requested */
1018 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1019 return 0;
1020
1021 /* Mark the information as received */
1022 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1023
1024 skb_pull(skb, sizeof(*rp));
1025
1026 hci_dev_lock(hdev);
1027 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
1028 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK,
1029 authenticated, smp->tk, smp->enc_key_size,
1030 rp->ediv, rp->rand);
1031 smp->ltk = ltk;
1032 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1033 smp_distribute_keys(conn);
1034 hci_dev_unlock(hdev);
1035
1036 return 0;
1037 }
1038
1039 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1040 {
1041 struct smp_cmd_ident_info *info = (void *) skb->data;
1042 struct smp_chan *smp = conn->smp_chan;
1043
1044 BT_DBG("");
1045
1046 if (skb->len < sizeof(*info))
1047 return SMP_INVALID_PARAMS;
1048
1049 /* Ignore this PDU if it wasn't requested */
1050 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1051 return 0;
1052
1053 skb_pull(skb, sizeof(*info));
1054
1055 memcpy(smp->irk, info->irk, 16);
1056
1057 return 0;
1058 }
1059
1060 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1061 struct sk_buff *skb)
1062 {
1063 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1064 struct smp_chan *smp = conn->smp_chan;
1065 struct hci_conn *hcon = conn->hcon;
1066 bdaddr_t rpa;
1067
1068 BT_DBG("");
1069
1070 if (skb->len < sizeof(*info))
1071 return SMP_INVALID_PARAMS;
1072
1073 /* Ignore this PDU if it wasn't requested */
1074 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1075 return 0;
1076
1077 /* Mark the information as received */
1078 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1079
1080 skb_pull(skb, sizeof(*info));
1081
1082 /* Strictly speaking the Core Specification (4.1) allows sending
1083 * an empty address which would force us to rely on just the IRK
1084 * as "identity information". However, since such
1085 * implementations are not known of and in order to not over
1086 * complicate our implementation, simply pretend that we never
1087 * received an IRK for such a device.
1088 */
1089 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1090 BT_ERR("Ignoring IRK with no identity address");
1091 smp_distribute_keys(conn);
1092 return 0;
1093 }
1094
1095 bacpy(&smp->id_addr, &info->bdaddr);
1096 smp->id_addr_type = info->addr_type;
1097
1098 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1099 bacpy(&rpa, &hcon->dst);
1100 else
1101 bacpy(&rpa, BDADDR_ANY);
1102
1103 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1104 smp->id_addr_type, smp->irk, &rpa);
1105
1106 smp_distribute_keys(conn);
1107
1108 return 0;
1109 }
1110
1111 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1112 {
1113 struct smp_cmd_sign_info *rp = (void *) skb->data;
1114 struct smp_chan *smp = conn->smp_chan;
1115 struct hci_dev *hdev = conn->hcon->hdev;
1116 struct smp_csrk *csrk;
1117
1118 BT_DBG("conn %p", conn);
1119
1120 if (skb->len < sizeof(*rp))
1121 return SMP_INVALID_PARAMS;
1122
1123 /* Ignore this PDU if it wasn't requested */
1124 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1125 return 0;
1126
1127 /* Mark the information as received */
1128 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1129
1130 skb_pull(skb, sizeof(*rp));
1131
1132 hci_dev_lock(hdev);
1133 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1134 if (csrk) {
1135 csrk->master = 0x01;
1136 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1137 }
1138 smp->csrk = csrk;
1139 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1140 smp_distribute_keys(conn);
1141 hci_dev_unlock(hdev);
1142
1143 return 0;
1144 }
1145
1146 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1147 {
1148 struct hci_conn *hcon = conn->hcon;
1149 __u8 code, reason;
1150 int err = 0;
1151
1152 if (hcon->type != LE_LINK) {
1153 kfree_skb(skb);
1154 return 0;
1155 }
1156
1157 if (skb->len < 1) {
1158 kfree_skb(skb);
1159 return -EILSEQ;
1160 }
1161
1162 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
1163 err = -ENOTSUPP;
1164 reason = SMP_PAIRING_NOTSUPP;
1165 goto done;
1166 }
1167
1168 code = skb->data[0];
1169 skb_pull(skb, sizeof(code));
1170
1171 /*
1172 * The SMP context must be initialized for all other PDUs except
1173 * pairing and security requests. If we get any other PDU when
1174 * not initialized simply disconnect (done if this function
1175 * returns an error).
1176 */
1177 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1178 !conn->smp_chan) {
1179 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1180 kfree_skb(skb);
1181 return -ENOTSUPP;
1182 }
1183
1184 switch (code) {
1185 case SMP_CMD_PAIRING_REQ:
1186 reason = smp_cmd_pairing_req(conn, skb);
1187 break;
1188
1189 case SMP_CMD_PAIRING_FAIL:
1190 smp_failure(conn, 0);
1191 reason = 0;
1192 err = -EPERM;
1193 break;
1194
1195 case SMP_CMD_PAIRING_RSP:
1196 reason = smp_cmd_pairing_rsp(conn, skb);
1197 break;
1198
1199 case SMP_CMD_SECURITY_REQ:
1200 reason = smp_cmd_security_req(conn, skb);
1201 break;
1202
1203 case SMP_CMD_PAIRING_CONFIRM:
1204 reason = smp_cmd_pairing_confirm(conn, skb);
1205 break;
1206
1207 case SMP_CMD_PAIRING_RANDOM:
1208 reason = smp_cmd_pairing_random(conn, skb);
1209 break;
1210
1211 case SMP_CMD_ENCRYPT_INFO:
1212 reason = smp_cmd_encrypt_info(conn, skb);
1213 break;
1214
1215 case SMP_CMD_MASTER_IDENT:
1216 reason = smp_cmd_master_ident(conn, skb);
1217 break;
1218
1219 case SMP_CMD_IDENT_INFO:
1220 reason = smp_cmd_ident_info(conn, skb);
1221 break;
1222
1223 case SMP_CMD_IDENT_ADDR_INFO:
1224 reason = smp_cmd_ident_addr_info(conn, skb);
1225 break;
1226
1227 case SMP_CMD_SIGN_INFO:
1228 reason = smp_cmd_sign_info(conn, skb);
1229 break;
1230
1231 default:
1232 BT_DBG("Unknown command code 0x%2.2x", code);
1233
1234 reason = SMP_CMD_NOTSUPP;
1235 err = -EOPNOTSUPP;
1236 goto done;
1237 }
1238
1239 done:
1240 if (reason)
1241 smp_failure(conn, reason);
1242
1243 kfree_skb(skb);
1244 return err;
1245 }
1246
1247 static void smp_notify_keys(struct l2cap_conn *conn)
1248 {
1249 struct smp_chan *smp = conn->smp_chan;
1250 struct hci_conn *hcon = conn->hcon;
1251 struct hci_dev *hdev = hcon->hdev;
1252 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1253 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1254 bool persistent;
1255
1256 if (smp->remote_irk) {
1257 mgmt_new_irk(hdev, smp->remote_irk);
1258 /* Now that user space can be considered to know the
1259 * identity address track the connection based on it
1260 * from now on.
1261 */
1262 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1263 hcon->dst_type = smp->remote_irk->addr_type;
1264 l2cap_conn_update_id_addr(hcon);
1265 }
1266
1267 /* The LTKs and CSRKs should be persistent only if both sides
1268 * had the bonding bit set in their authentication requests.
1269 */
1270 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1271
1272 if (smp->csrk) {
1273 smp->csrk->bdaddr_type = hcon->dst_type;
1274 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1275 mgmt_new_csrk(hdev, smp->csrk, persistent);
1276 }
1277
1278 if (smp->slave_csrk) {
1279 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1280 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
1281 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
1282 }
1283
1284 if (smp->ltk) {
1285 smp->ltk->bdaddr_type = hcon->dst_type;
1286 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1287 mgmt_new_ltk(hdev, smp->ltk, persistent);
1288 }
1289
1290 if (smp->slave_ltk) {
1291 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1292 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
1293 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
1294 }
1295 }
1296
1297 int smp_distribute_keys(struct l2cap_conn *conn)
1298 {
1299 struct smp_cmd_pairing *req, *rsp;
1300 struct smp_chan *smp = conn->smp_chan;
1301 struct hci_conn *hcon = conn->hcon;
1302 struct hci_dev *hdev = hcon->hdev;
1303 __u8 *keydist;
1304
1305 BT_DBG("conn %p", conn);
1306
1307 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
1308 return 0;
1309
1310 rsp = (void *) &smp->prsp[1];
1311
1312 /* The responder sends its keys first */
1313 if (hcon->out && (smp->remote_key_dist & 0x07))
1314 return 0;
1315
1316 req = (void *) &smp->preq[1];
1317
1318 if (hcon->out) {
1319 keydist = &rsp->init_key_dist;
1320 *keydist &= req->init_key_dist;
1321 } else {
1322 keydist = &rsp->resp_key_dist;
1323 *keydist &= req->resp_key_dist;
1324 }
1325
1326 BT_DBG("keydist 0x%x", *keydist);
1327
1328 if (*keydist & SMP_DIST_ENC_KEY) {
1329 struct smp_cmd_encrypt_info enc;
1330 struct smp_cmd_master_ident ident;
1331 struct smp_ltk *ltk;
1332 u8 authenticated;
1333 __le16 ediv;
1334 __le64 rand;
1335
1336 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1337 get_random_bytes(&ediv, sizeof(ediv));
1338 get_random_bytes(&rand, sizeof(rand));
1339
1340 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1341
1342 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
1343 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
1344 HCI_SMP_LTK_SLAVE, authenticated, enc.ltk,
1345 smp->enc_key_size, ediv, rand);
1346 smp->slave_ltk = ltk;
1347
1348 ident.ediv = ediv;
1349 ident.rand = rand;
1350
1351 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1352
1353 *keydist &= ~SMP_DIST_ENC_KEY;
1354 }
1355
1356 if (*keydist & SMP_DIST_ID_KEY) {
1357 struct smp_cmd_ident_addr_info addrinfo;
1358 struct smp_cmd_ident_info idinfo;
1359
1360 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
1361
1362 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1363
1364 /* The hci_conn contains the local identity address
1365 * after the connection has been established.
1366 *
1367 * This is true even when the connection has been
1368 * established using a resolvable random address.
1369 */
1370 bacpy(&addrinfo.bdaddr, &hcon->src);
1371 addrinfo.addr_type = hcon->src_type;
1372
1373 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
1374 &addrinfo);
1375
1376 *keydist &= ~SMP_DIST_ID_KEY;
1377 }
1378
1379 if (*keydist & SMP_DIST_SIGN) {
1380 struct smp_cmd_sign_info sign;
1381 struct smp_csrk *csrk;
1382
1383 /* Generate a new random key */
1384 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1385
1386 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1387 if (csrk) {
1388 csrk->master = 0x00;
1389 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1390 }
1391 smp->slave_csrk = csrk;
1392
1393 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1394
1395 *keydist &= ~SMP_DIST_SIGN;
1396 }
1397
1398 /* If there are still keys to be received wait for them */
1399 if ((smp->remote_key_dist & 0x07))
1400 return 0;
1401
1402 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1403 cancel_delayed_work_sync(&conn->security_timer);
1404 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1405 smp_notify_keys(conn);
1406
1407 smp_chan_destroy(conn);
1408
1409 return 0;
1410 }
Linux with added FPC-III support