blob: a38941593e8b1c1d569d520377e02877dcc7d26c [file] [log] [blame]
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001/*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21*/
22
Gustavo Padovan8c520a52012-05-23 04:04:22 -030023#include <linux/crypto.h>
24#include <linux/scatterlist.h>
25#include <crypto/b128ops.h>
26
Anderson Brigliaeb492e02011-06-09 18:50:40 -030027#include <net/bluetooth/bluetooth.h>
28#include <net/bluetooth/hci_core.h>
29#include <net/bluetooth/l2cap.h>
Brian Gix2b64d152011-12-21 16:12:12 -080030#include <net/bluetooth/mgmt.h>
Marcel Holtmannac4b7232013-10-10 14:54:16 -070031
32#include "smp.h"
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030033
Marcel Holtmann17b02e62012-03-01 14:32:37 -080034#define SMP_TIMEOUT msecs_to_jiffies(30000)
Vinicius Costa Gomes5d3de7d2011-06-14 13:37:41 -030035
Johan Hedberg065a13e2012-10-11 16:26:06 +020036#define AUTH_REQ_MASK 0x07
37
Johan Hedberg533e35d2014-06-16 19:25:18 +030038enum {
39 SMP_FLAG_TK_VALID,
40 SMP_FLAG_CFM_PENDING,
41 SMP_FLAG_MITM_AUTH,
42 SMP_FLAG_COMPLETE,
43 SMP_FLAG_INITIATOR,
44};
Johan Hedberg4bc58f52014-05-20 09:45:47 +030045
46struct smp_chan {
47 struct l2cap_conn *conn;
48 u8 preq[7]; /* SMP Pairing Request */
49 u8 prsp[7]; /* SMP Pairing Response */
50 u8 prnd[16]; /* SMP Pairing Random (local) */
51 u8 rrnd[16]; /* SMP Pairing Random (remote) */
52 u8 pcnf[16]; /* SMP Pairing Confirm */
53 u8 tk[16]; /* SMP Temporary Key */
54 u8 enc_key_size;
55 u8 remote_key_dist;
56 bdaddr_t id_addr;
57 u8 id_addr_type;
58 u8 irk[16];
59 struct smp_csrk *csrk;
60 struct smp_csrk *slave_csrk;
61 struct smp_ltk *ltk;
62 struct smp_ltk *slave_ltk;
63 struct smp_irk *remote_irk;
Johan Hedberg4a74d652014-05-20 09:45:50 +030064 unsigned long flags;
Johan Hedberg4bc58f52014-05-20 09:45:47 +030065};
66
Johan Hedberg8a2936f2014-06-16 19:25:19 +030067static inline void swap_buf(const u8 *src, u8 *dst, size_t len)
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030068{
Johan Hedberg8a2936f2014-06-16 19:25:19 +030069 size_t i;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030070
Johan Hedberg8a2936f2014-06-16 19:25:19 +030071 for (i = 0; i < len; i++)
72 dst[len - 1 - i] = src[i];
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030073}
74
75static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
76{
77 struct blkcipher_desc desc;
78 struct scatterlist sg;
Johan Hedberg943a7322014-03-18 12:58:24 +020079 uint8_t tmp[16], data[16];
Johan Hedberg201a5922013-12-02 10:49:04 +020080 int err;
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030081
82 if (tfm == NULL) {
83 BT_ERR("tfm %p", tfm);
84 return -EINVAL;
85 }
86
87 desc.tfm = tfm;
88 desc.flags = 0;
89
Johan Hedberg943a7322014-03-18 12:58:24 +020090 /* The most significant octet of key corresponds to k[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +030091 swap_buf(k, tmp, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +020092
93 err = crypto_blkcipher_setkey(tfm, tmp, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -030094 if (err) {
95 BT_ERR("cipher setkey failed: %d", err);
96 return err;
97 }
98
Johan Hedberg943a7322014-03-18 12:58:24 +020099 /* Most significant octet of plaintextData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300100 swap_buf(r, data, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200101
102 sg_init_one(&sg, data, 16);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300103
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300104 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
105 if (err)
106 BT_ERR("Encrypt data error %d", err);
107
Johan Hedberg943a7322014-03-18 12:58:24 +0200108 /* Most significant octet of encryptedData corresponds to data[0] */
Johan Hedberg8a2936f2014-06-16 19:25:19 +0300109 swap_buf(data, r, 16);
Johan Hedberg943a7322014-03-18 12:58:24 +0200110
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300111 return err;
112}
113
Johan Hedberg60478052014-02-18 10:19:31 +0200114static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
115{
Johan Hedberg943a7322014-03-18 12:58:24 +0200116 u8 _res[16];
Johan Hedberg60478052014-02-18 10:19:31 +0200117 int err;
118
119 /* r' = padding || r */
Johan Hedberg943a7322014-03-18 12:58:24 +0200120 memcpy(_res, r, 3);
121 memset(_res + 3, 0, 13);
Johan Hedberg60478052014-02-18 10:19:31 +0200122
Johan Hedberg943a7322014-03-18 12:58:24 +0200123 err = smp_e(tfm, irk, _res);
Johan Hedberg60478052014-02-18 10:19:31 +0200124 if (err) {
125 BT_ERR("Encrypt error");
126 return err;
127 }
128
129 /* The output of the random address function ah is:
130 * ah(h, r) = e(k, r') mod 2^24
131 * The output of the security function e is then truncated to 24 bits
132 * by taking the least significant 24 bits of the output of e as the
133 * result of ah.
134 */
Johan Hedberg943a7322014-03-18 12:58:24 +0200135 memcpy(res, _res, 3);
Johan Hedberg60478052014-02-18 10:19:31 +0200136
137 return 0;
138}
139
140bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16],
141 bdaddr_t *bdaddr)
142{
143 u8 hash[3];
144 int err;
145
146 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk);
147
148 err = smp_ah(tfm, irk, &bdaddr->b[3], hash);
149 if (err)
150 return false;
151
152 return !memcmp(bdaddr->b, hash, 3);
153}
154
Johan Hedbergb1e2b3a2014-02-23 19:42:19 +0200155int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa)
156{
157 int err;
158
159 get_random_bytes(&rpa->b[3], 3);
160
161 rpa->b[5] &= 0x3f; /* Clear two most significant bits */
162 rpa->b[5] |= 0x40; /* Set second most significant bit */
163
164 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b);
165 if (err < 0)
166 return err;
167
168 BT_DBG("RPA %pMR", rpa);
169
170 return 0;
171}
172
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300173static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
Marcel Holtmannf1560462013-10-13 05:43:25 -0700174 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
175 u8 _rat, bdaddr_t *ra, u8 res[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300176{
177 u8 p1[16], p2[16];
178 int err;
179
180 memset(p1, 0, 16);
181
182 /* p1 = pres || preq || _rat || _iat */
Johan Hedberg943a7322014-03-18 12:58:24 +0200183 p1[0] = _iat;
184 p1[1] = _rat;
185 memcpy(p1 + 2, preq, 7);
186 memcpy(p1 + 9, pres, 7);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300187
188 /* p2 = padding || ia || ra */
Johan Hedberg943a7322014-03-18 12:58:24 +0200189 memcpy(p2, ra, 6);
190 memcpy(p2 + 6, ia, 6);
191 memset(p2 + 12, 0, 4);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300192
193 /* res = r XOR p1 */
194 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
195
196 /* res = e(k, res) */
197 err = smp_e(tfm, k, res);
198 if (err) {
199 BT_ERR("Encrypt data error");
200 return err;
201 }
202
203 /* res = res XOR p2 */
204 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
205
206 /* res = e(k, res) */
207 err = smp_e(tfm, k, res);
208 if (err)
209 BT_ERR("Encrypt data error");
210
211 return err;
212}
213
Marcel Holtmannf1560462013-10-13 05:43:25 -0700214static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16],
215 u8 r2[16], u8 _r[16])
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300216{
217 int err;
218
219 /* Just least significant octets from r1 and r2 are considered */
Johan Hedberg943a7322014-03-18 12:58:24 +0200220 memcpy(_r, r2, 8);
221 memcpy(_r + 8, r1, 8);
Anderson Brigliad22ef0b2011-06-09 18:50:44 -0300222
223 err = smp_e(tfm, k, _r);
224 if (err)
225 BT_ERR("Encrypt data error");
226
227 return err;
228}
229
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300230static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700231 u16 dlen, void *data)
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300232{
233 struct sk_buff *skb;
234 struct l2cap_hdr *lh;
235 int len;
236
237 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
238
239 if (len > conn->mtu)
240 return NULL;
241
242 skb = bt_skb_alloc(len, GFP_ATOMIC);
243 if (!skb)
244 return NULL;
245
246 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
247 lh->len = cpu_to_le16(sizeof(code) + dlen);
Joe Perchesdcf4adb2014-03-12 10:52:35 -0700248 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300249
250 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
251
252 memcpy(skb_put(skb, dlen), data, dlen);
253
254 return skb;
255}
256
257static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
258{
259 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
260
261 BT_DBG("code 0x%2.2x", code);
262
263 if (!skb)
264 return;
265
Luiz Augusto von Dentz73d80de2011-11-02 15:52:01 +0200266 skb->priority = HCI_PRIO_MAX;
267 hci_send_acl(conn->hchan, skb, 0);
Vinicius Costa Gomese2dcd112011-08-19 21:06:50 -0300268
Gustavo F. Padovan6c9d42a2011-12-20 10:57:27 -0200269 cancel_delayed_work_sync(&conn->security_timer);
Marcel Holtmann17b02e62012-03-01 14:32:37 -0800270 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300271}
272
Brian Gix2b64d152011-12-21 16:12:12 -0800273static __u8 authreq_to_seclevel(__u8 authreq)
274{
275 if (authreq & SMP_AUTH_MITM)
276 return BT_SECURITY_HIGH;
277 else
278 return BT_SECURITY_MEDIUM;
279}
280
281static __u8 seclevel_to_authreq(__u8 sec_level)
282{
283 switch (sec_level) {
284 case BT_SECURITY_HIGH:
285 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
286 case BT_SECURITY_MEDIUM:
287 return SMP_AUTH_BONDING;
288 default:
289 return SMP_AUTH_NONE;
290 }
291}
292
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300293static void build_pairing_cmd(struct l2cap_conn *conn,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700294 struct smp_cmd_pairing *req,
295 struct smp_cmd_pairing *rsp, __u8 authreq)
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300296{
Johan Hedbergfd349c02014-02-18 10:19:36 +0200297 struct smp_chan *smp = conn->smp_chan;
298 struct hci_conn *hcon = conn->hcon;
299 struct hci_dev *hdev = hcon->hdev;
300 u8 local_dist = 0, remote_dist = 0;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300301
Johan Hedberga8b2d5c2012-01-08 23:11:15 +0200302 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700303 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
304 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300305 authreq |= SMP_AUTH_BONDING;
Brian Gix2b64d152011-12-21 16:12:12 -0800306 } else {
307 authreq &= ~SMP_AUTH_BONDING;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300308 }
309
Johan Hedbergfd349c02014-02-18 10:19:36 +0200310 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags))
311 remote_dist |= SMP_DIST_ID_KEY;
312
Johan Hedberg863efaf2014-02-22 19:06:32 +0200313 if (test_bit(HCI_PRIVACY, &hdev->dev_flags))
314 local_dist |= SMP_DIST_ID_KEY;
315
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300316 if (rsp == NULL) {
317 req->io_capability = conn->hcon->io_capability;
318 req->oob_flag = SMP_OOB_NOT_PRESENT;
319 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200320 req->init_key_dist = local_dist;
321 req->resp_key_dist = remote_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200322 req->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200323
324 smp->remote_key_dist = remote_dist;
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300325 return;
326 }
327
328 rsp->io_capability = conn->hcon->io_capability;
329 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
330 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
Johan Hedbergfd349c02014-02-18 10:19:36 +0200331 rsp->init_key_dist = req->init_key_dist & remote_dist;
332 rsp->resp_key_dist = req->resp_key_dist & local_dist;
Johan Hedberg065a13e2012-10-11 16:26:06 +0200333 rsp->auth_req = (authreq & AUTH_REQ_MASK);
Johan Hedbergfd349c02014-02-18 10:19:36 +0200334
335 smp->remote_key_dist = rsp->init_key_dist;
Vinicius Costa Gomesb8e66ea2011-06-09 18:50:52 -0300336}
337
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300338static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
339{
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300340 struct smp_chan *smp = conn->smp_chan;
341
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300342 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
Marcel Holtmannf1560462013-10-13 05:43:25 -0700343 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300344 return SMP_ENC_KEY_SIZE;
345
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300346 smp->enc_key_size = max_key_size;
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300347
348 return 0;
349}
350
Johan Hedberg84794e12013-11-06 11:24:57 +0200351static void smp_failure(struct l2cap_conn *conn, u8 reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800352{
Johan Hedbergbab73cb2012-02-09 16:07:29 +0200353 struct hci_conn *hcon = conn->hcon;
354
Johan Hedberg84794e12013-11-06 11:24:57 +0200355 if (reason)
Brian Gix4f957a72011-11-23 08:28:36 -0800356 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
Marcel Holtmannf1560462013-10-13 05:43:25 -0700357 &reason);
Brian Gix4f957a72011-11-23 08:28:36 -0800358
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700359 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags);
360 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type,
361 HCI_ERROR_AUTH_FAILURE);
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300362
Andre Guedes61a0cfb2012-08-01 20:34:15 -0300363 cancel_delayed_work_sync(&conn->security_timer);
364
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700365 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300366 smp_chan_destroy(conn);
Brian Gix4f957a72011-11-23 08:28:36 -0800367}
368
Brian Gix2b64d152011-12-21 16:12:12 -0800369#define JUST_WORKS 0x00
370#define JUST_CFM 0x01
371#define REQ_PASSKEY 0x02
372#define CFM_PASSKEY 0x03
373#define REQ_OOB 0x04
374#define OVERLAP 0xFF
375
376static const u8 gen_method[5][5] = {
377 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
378 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
379 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
380 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
381 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
382};
383
Johan Hedberg581370c2014-06-17 13:07:38 +0300384static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
385{
386 /* If either side has unknown io_caps, use JUST WORKS */
387 if (local_io > SMP_IO_KEYBOARD_DISPLAY ||
388 remote_io > SMP_IO_KEYBOARD_DISPLAY)
389 return JUST_WORKS;
390
391 return gen_method[remote_io][local_io];
392}
393
Brian Gix2b64d152011-12-21 16:12:12 -0800394static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
395 u8 local_io, u8 remote_io)
396{
397 struct hci_conn *hcon = conn->hcon;
398 struct smp_chan *smp = conn->smp_chan;
399 u8 method;
400 u32 passkey = 0;
401 int ret = 0;
402
403 /* Initialize key for JUST WORKS */
404 memset(smp->tk, 0, sizeof(smp->tk));
Johan Hedberg4a74d652014-05-20 09:45:50 +0300405 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800406
407 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
408
409 /* If neither side wants MITM, use JUST WORKS */
Brian Gix2b64d152011-12-21 16:12:12 -0800410 /* Otherwise, look up method from the table */
Johan Hedberg581370c2014-06-17 13:07:38 +0300411 if (!(auth & SMP_AUTH_MITM))
Brian Gix2b64d152011-12-21 16:12:12 -0800412 method = JUST_WORKS;
413 else
Johan Hedberg581370c2014-06-17 13:07:38 +0300414 method = get_auth_method(smp, local_io, remote_io);
Brian Gix2b64d152011-12-21 16:12:12 -0800415
416 /* If not bonding, don't ask user to confirm a Zero TK */
417 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
418 method = JUST_WORKS;
419
Johan Hedberga82505c2014-03-24 14:39:07 +0200420 /* Don't confirm locally initiated pairing attempts */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300421 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
Johan Hedberga82505c2014-03-24 14:39:07 +0200422 method = JUST_WORKS;
423
Brian Gix2b64d152011-12-21 16:12:12 -0800424 /* If Just Works, Continue with Zero TK */
425 if (method == JUST_WORKS) {
Johan Hedberg4a74d652014-05-20 09:45:50 +0300426 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800427 return 0;
428 }
429
430 /* Not Just Works/Confirm results in MITM Authentication */
431 if (method != JUST_CFM)
Johan Hedberg4a74d652014-05-20 09:45:50 +0300432 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800433
434 /* If both devices have Keyoard-Display I/O, the master
435 * Confirms and the slave Enters the passkey.
436 */
437 if (method == OVERLAP) {
Johan Hedberg4dae2792014-06-24 17:03:50 +0300438 if (test_bit(HCI_CONN_MASTER, &hcon->flags))
Brian Gix2b64d152011-12-21 16:12:12 -0800439 method = CFM_PASSKEY;
440 else
441 method = REQ_PASSKEY;
442 }
443
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200444 /* Generate random passkey. */
Brian Gix2b64d152011-12-21 16:12:12 -0800445 if (method == CFM_PASSKEY) {
Johan Hedberg943a7322014-03-18 12:58:24 +0200446 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800447 get_random_bytes(&passkey, sizeof(passkey));
448 passkey %= 1000000;
Johan Hedberg943a7322014-03-18 12:58:24 +0200449 put_unaligned_le32(passkey, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800450 BT_DBG("PassKey: %d", passkey);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300451 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800452 }
453
454 hci_dev_lock(hcon->hdev);
455
456 if (method == REQ_PASSKEY)
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700457 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200458 hcon->type, hcon->dst_type);
Johan Hedberg4eb65e62014-03-24 14:39:05 +0200459 else if (method == JUST_CFM)
460 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
461 hcon->type, hcon->dst_type,
462 passkey, 1);
Brian Gix2b64d152011-12-21 16:12:12 -0800463 else
Johan Hedberg01ad34d2014-03-19 14:14:53 +0200464 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst,
Johan Hedberg272d90d2012-02-09 15:26:12 +0200465 hcon->type, hcon->dst_type,
Johan Hedberg39adbff2014-03-20 08:18:14 +0200466 passkey, 0);
Brian Gix2b64d152011-12-21 16:12:12 -0800467
468 hci_dev_unlock(hcon->hdev);
469
470 return ret;
471}
472
Johan Hedberg1cc61142014-05-20 09:45:52 +0300473static u8 smp_confirm(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300474{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300475 struct l2cap_conn *conn = smp->conn;
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200476 struct hci_dev *hdev = conn->hcon->hdev;
477 struct crypto_blkcipher *tfm = hdev->tfm_aes;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300478 struct smp_cmd_pairing_confirm cp;
479 int ret;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300480
481 BT_DBG("conn %p", conn);
482
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200483 /* Prevent mutual access to hdev->tfm_aes */
484 hci_dev_lock(hdev);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300485
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200486 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
487 conn->hcon->init_addr_type, &conn->hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200488 conn->hcon->resp_addr_type, &conn->hcon->resp_addr,
489 cp.confirm_val);
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200490
491 hci_dev_unlock(hdev);
492
Johan Hedberg1cc61142014-05-20 09:45:52 +0300493 if (ret)
494 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300495
Johan Hedberg4a74d652014-05-20 09:45:50 +0300496 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800497
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300498 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
499
Johan Hedberg1cc61142014-05-20 09:45:52 +0300500 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300501}
502
Johan Hedberg861580a2014-05-20 09:45:51 +0300503static u8 smp_random(struct smp_chan *smp)
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300504{
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300505 struct l2cap_conn *conn = smp->conn;
506 struct hci_conn *hcon = conn->hcon;
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200507 struct hci_dev *hdev = hcon->hdev;
508 struct crypto_blkcipher *tfm = hdev->tfm_aes;
Johan Hedberg861580a2014-05-20 09:45:51 +0300509 u8 confirm[16];
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300510 int ret;
511
Johan Hedberg861580a2014-05-20 09:45:51 +0300512 if (IS_ERR_OR_NULL(tfm))
513 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300514
515 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
516
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200517 /* Prevent mutual access to hdev->tfm_aes */
518 hci_dev_lock(hdev);
519
Johan Hedbergb1cd5fd2014-02-28 12:54:17 +0200520 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
521 hcon->init_addr_type, &hcon->init_addr,
Johan Hedberg943a7322014-03-18 12:58:24 +0200522 hcon->resp_addr_type, &hcon->resp_addr, confirm);
Johan Hedberg893ce8b2014-02-18 21:41:31 +0200523
524 hci_dev_unlock(hdev);
525
Johan Hedberg861580a2014-05-20 09:45:51 +0300526 if (ret)
527 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300528
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300529 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
530 BT_ERR("Pairing failed (confirmation values mismatch)");
Johan Hedberg861580a2014-05-20 09:45:51 +0300531 return SMP_CONFIRM_FAILED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300532 }
533
534 if (hcon->out) {
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800535 u8 stk[16];
536 __le64 rand = 0;
537 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300538
Johan Hedberg943a7322014-03-18 12:58:24 +0200539 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300540
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300541 memset(stk + smp->enc_key_size, 0,
Gustavo F. Padovan04124682012-03-08 01:25:00 -0300542 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300543
Johan Hedberg861580a2014-05-20 09:45:51 +0300544 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
545 return SMP_UNSPECIFIED;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300546
547 hci_le_start_enc(hcon, ediv, rand, stk);
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300548 hcon->enc_key_size = smp->enc_key_size;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300549 } else {
Johan Hedbergfff34902014-06-10 15:19:50 +0300550 u8 stk[16], auth;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -0800551 __le64 rand = 0;
552 __le16 ediv = 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300553
Johan Hedberg943a7322014-03-18 12:58:24 +0200554 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
555 smp->prnd);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300556
Johan Hedberg943a7322014-03-18 12:58:24 +0200557 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, stk);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300558
Vinicius Costa Gomesf7aa6112012-01-30 19:29:12 -0300559 memset(stk + smp->enc_key_size, 0,
Marcel Holtmannf1560462013-10-13 05:43:25 -0700560 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300561
Johan Hedbergfff34902014-06-10 15:19:50 +0300562 if (hcon->pending_sec_level == BT_SECURITY_HIGH)
563 auth = 1;
564 else
565 auth = 0;
566
Johan Hedberg7d5843b2014-06-16 19:25:15 +0300567 /* Even though there's no _SLAVE suffix this is the
568 * slave STK we're adding for later lookup (the master
569 * STK never needs to be stored).
570 */
Marcel Holtmannce39fb42013-10-13 02:23:39 -0700571 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +0300572 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300573 }
574
Johan Hedberg861580a2014-05-20 09:45:51 +0300575 return 0;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300576}
577
578static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
579{
580 struct smp_chan *smp;
581
Marcel Holtmannf1560462013-10-13 05:43:25 -0700582 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300583 if (!smp)
584 return NULL;
585
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300586 smp->conn = conn;
587 conn->smp_chan = smp;
Brian Gix2b64d152011-12-21 16:12:12 -0800588 conn->hcon->smp_conn = conn;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300589
590 hci_conn_hold(conn->hcon);
591
592 return smp;
593}
594
595void smp_chan_destroy(struct l2cap_conn *conn)
596{
Brian Gixc8eb9692011-11-23 08:28:35 -0800597 struct smp_chan *smp = conn->smp_chan;
Johan Hedbergf4a407be2014-02-18 21:41:34 +0200598 bool complete;
Brian Gixc8eb9692011-11-23 08:28:35 -0800599
Vinicius Costa Gomesf1c09c02012-02-01 18:27:56 -0300600 BUG_ON(!smp);
Brian Gixc8eb9692011-11-23 08:28:35 -0800601
Johan Hedberg4a74d652014-05-20 09:45:50 +0300602 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
Johan Hedbergf4a407be2014-02-18 21:41:34 +0200603 mgmt_smp_complete(conn->hcon, complete);
604
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -0700605 kfree(smp->csrk);
606 kfree(smp->slave_csrk);
607
Johan Hedberg759331d2014-02-28 10:10:16 +0200608 /* If pairing failed clean up any keys we might have */
609 if (!complete) {
610 if (smp->ltk) {
611 list_del(&smp->ltk->list);
612 kfree(smp->ltk);
613 }
614
615 if (smp->slave_ltk) {
616 list_del(&smp->slave_ltk->list);
617 kfree(smp->slave_ltk);
618 }
619
620 if (smp->remote_irk) {
621 list_del(&smp->remote_irk->list);
622 kfree(smp->remote_irk);
623 }
624 }
625
Brian Gixc8eb9692011-11-23 08:28:35 -0800626 kfree(smp);
627 conn->smp_chan = NULL;
Brian Gix2b64d152011-12-21 16:12:12 -0800628 conn->hcon->smp_conn = NULL;
David Herrmann76a68ba2013-04-06 20:28:37 +0200629 hci_conn_drop(conn->hcon);
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300630}
631
Brian Gix2b64d152011-12-21 16:12:12 -0800632int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
633{
634 struct l2cap_conn *conn = hcon->smp_conn;
635 struct smp_chan *smp;
636 u32 value;
Brian Gix2b64d152011-12-21 16:12:12 -0800637
638 BT_DBG("");
639
640 if (!conn)
641 return -ENOTCONN;
642
643 smp = conn->smp_chan;
644
645 switch (mgmt_op) {
646 case MGMT_OP_USER_PASSKEY_REPLY:
647 value = le32_to_cpu(passkey);
Johan Hedberg943a7322014-03-18 12:58:24 +0200648 memset(smp->tk, 0, sizeof(smp->tk));
Brian Gix2b64d152011-12-21 16:12:12 -0800649 BT_DBG("PassKey: %d", value);
Johan Hedberg943a7322014-03-18 12:58:24 +0200650 put_unaligned_le32(value, smp->tk);
Brian Gix2b64d152011-12-21 16:12:12 -0800651 /* Fall Through */
652 case MGMT_OP_USER_CONFIRM_REPLY:
Johan Hedberg4a74d652014-05-20 09:45:50 +0300653 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800654 break;
655 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
656 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
Johan Hedberg84794e12013-11-06 11:24:57 +0200657 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Brian Gix2b64d152011-12-21 16:12:12 -0800658 return 0;
659 default:
Johan Hedberg84794e12013-11-06 11:24:57 +0200660 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED);
Brian Gix2b64d152011-12-21 16:12:12 -0800661 return -EOPNOTSUPP;
662 }
663
664 /* If it is our turn to send Pairing Confirm, do so now */
Johan Hedberg1cc61142014-05-20 09:45:52 +0300665 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
666 u8 rsp = smp_confirm(smp);
667 if (rsp)
668 smp_failure(conn, rsp);
669 }
Brian Gix2b64d152011-12-21 16:12:12 -0800670
671 return 0;
672}
673
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300674static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300675{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300676 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300677 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300678 u8 key_size, auth, sec_level;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300679 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300680
681 BT_DBG("conn %p", conn);
682
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200683 if (skb->len < sizeof(*req))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300684 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200685
Johan Hedberg4dae2792014-06-24 17:03:50 +0300686 if (test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
Brian Gix2b64d152011-12-21 16:12:12 -0800687 return SMP_CMD_NOTSUPP;
688
Johan Hedberg51a8efd2012-01-16 06:10:31 +0200689 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300690 smp = smp_chan_create(conn);
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300691 else
692 smp = conn->smp_chan;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300693
Andrei Emeltchenkod08fd0e2012-07-19 17:03:43 +0300694 if (!smp)
695 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300696
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300697 smp->preq[0] = SMP_CMD_PAIRING_REQ;
698 memcpy(&smp->preq[1], req, sizeof(*req));
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300699 skb_pull(skb, sizeof(*req));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300700
Brian Gix2b64d152011-12-21 16:12:12 -0800701 /* We didn't start the pairing, so match remote */
Johan Hedberg1ef35822014-05-20 09:45:48 +0300702 auth = req->auth_req;
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300703
Johan Hedbergc7262e72014-06-17 13:07:37 +0300704 sec_level = authreq_to_seclevel(auth);
705 if (sec_level > conn->hcon->pending_sec_level)
706 conn->hcon->pending_sec_level = sec_level;
Ido Yarivfdde0a22012-03-05 20:09:38 +0200707
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300708 /* If we need MITM check that it can be acheived */
709 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
710 u8 method;
711
712 method = get_auth_method(smp, conn->hcon->io_capability,
713 req->io_capability);
714 if (method == JUST_WORKS || method == JUST_CFM)
715 return SMP_AUTH_REQUIREMENTS;
716 }
717
Brian Gix2b64d152011-12-21 16:12:12 -0800718 build_pairing_cmd(conn, req, &rsp, auth);
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300719
720 key_size = min(req->max_key_size, rsp.max_key_size);
721 if (check_enc_key_size(conn, key_size))
722 return SMP_ENC_KEY_SIZE;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300723
Johan Hedberge84a6b12013-12-02 10:49:03 +0200724 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300725
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300726 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
727 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300728
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300729 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300730
Brian Gix2b64d152011-12-21 16:12:12 -0800731 /* Request setup of TK */
732 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
733 if (ret)
734 return SMP_UNSPECIFIED;
735
Johan Hedberg4a74d652014-05-20 09:45:50 +0300736 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergedca7922014-03-24 15:54:11 +0200737
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300738 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300739}
740
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300741static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300742{
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300743 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300744 struct smp_chan *smp = conn->smp_chan;
Brian Gix2b64d152011-12-21 16:12:12 -0800745 u8 key_size, auth = SMP_AUTH_NONE;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300746 int ret;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300747
748 BT_DBG("conn %p", conn);
749
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200750 if (skb->len < sizeof(*rsp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300751 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200752
Johan Hedberg4dae2792014-06-24 17:03:50 +0300753 if (!test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
Brian Gix2b64d152011-12-21 16:12:12 -0800754 return SMP_CMD_NOTSUPP;
755
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300756 skb_pull(skb, sizeof(*rsp));
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300757
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300758 req = (void *) &smp->preq[1];
Vinicius Costa Gomes3158c502011-06-14 13:37:42 -0300759
760 key_size = min(req->max_key_size, rsp->max_key_size);
761 if (check_enc_key_size(conn, key_size))
762 return SMP_ENC_KEY_SIZE;
763
Johan Hedberg2ed8f652014-06-17 13:07:39 +0300764 /* If we need MITM check that it can be acheived */
765 if (conn->hcon->pending_sec_level >= BT_SECURITY_HIGH) {
766 u8 method;
767
768 method = get_auth_method(smp, req->io_capability,
769 rsp->io_capability);
770 if (method == JUST_WORKS || method == JUST_CFM)
771 return SMP_AUTH_REQUIREMENTS;
772 }
773
Johan Hedberge84a6b12013-12-02 10:49:03 +0200774 get_random_bytes(smp->prnd, sizeof(smp->prnd));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300775
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300776 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
777 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300778
Johan Hedbergfdcc4be2014-03-14 10:53:50 +0200779 /* Update remote key distribution in case the remote cleared
780 * some bits that we had enabled in our request.
781 */
782 smp->remote_key_dist &= rsp->resp_key_dist;
783
Brian Gix2b64d152011-12-21 16:12:12 -0800784 if ((req->auth_req & SMP_AUTH_BONDING) &&
Marcel Holtmannf1560462013-10-13 05:43:25 -0700785 (rsp->auth_req & SMP_AUTH_BONDING))
Brian Gix2b64d152011-12-21 16:12:12 -0800786 auth = SMP_AUTH_BONDING;
787
788 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
789
Johan Hedberg476585e2012-06-06 18:54:15 +0800790 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
Brian Gix2b64d152011-12-21 16:12:12 -0800791 if (ret)
792 return SMP_UNSPECIFIED;
793
Johan Hedberg4a74d652014-05-20 09:45:50 +0300794 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Brian Gix2b64d152011-12-21 16:12:12 -0800795
796 /* Can't compose response until we have been confirmed */
Johan Hedberg4a74d652014-05-20 09:45:50 +0300797 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +0300798 return smp_confirm(smp);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300799
800 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300801}
802
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300803static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300804{
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300805 struct smp_chan *smp = conn->smp_chan;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300806
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300807 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
808
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200809 if (skb->len < sizeof(smp->pcnf))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300810 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200811
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300812 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
813 skb_pull(skb, sizeof(smp->pcnf));
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300814
Johan Hedberg943a7322014-03-18 12:58:24 +0200815 if (conn->hcon->out)
816 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
817 smp->prnd);
Johan Hedberg4a74d652014-05-20 09:45:50 +0300818 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
Johan Hedberg1cc61142014-05-20 09:45:52 +0300819 return smp_confirm(smp);
Johan Hedberg943a7322014-03-18 12:58:24 +0200820 else
Johan Hedberg4a74d652014-05-20 09:45:50 +0300821 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300822
823 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300824}
825
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300826static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300827{
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300828 struct smp_chan *smp = conn->smp_chan;
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300829
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300830 BT_DBG("conn %p", conn);
Anderson Briglia7d24ddc2011-06-09 18:50:46 -0300831
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200832 if (skb->len < sizeof(smp->rrnd))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300833 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200834
Johan Hedberg943a7322014-03-18 12:58:24 +0200835 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300836 skb_pull(skb, sizeof(smp->rrnd));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300837
Johan Hedberg861580a2014-05-20 09:45:51 +0300838 return smp_random(smp);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300839}
840
Johan Hedberg4dab7862012-06-07 14:58:37 +0800841static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300842{
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300843 struct smp_ltk *key;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300844 struct hci_conn *hcon = conn->hcon;
845
Johan Hedberg98a0b842014-01-30 19:40:00 -0800846 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type,
847 hcon->out);
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300848 if (!key)
849 return 0;
850
Johan Hedberg4dab7862012-06-07 14:58:37 +0800851 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
852 return 0;
853
Johan Hedberg51a8efd2012-01-16 06:10:31 +0200854 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300855 return 1;
856
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -0300857 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
858 hcon->enc_key_size = key->enc_size;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300859
860 return 1;
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300861}
Marcel Holtmannf1560462013-10-13 05:43:25 -0700862
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300863static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300864{
865 struct smp_cmd_security_req *rp = (void *) skb->data;
866 struct smp_cmd_pairing cp;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300867 struct hci_conn *hcon = conn->hcon;
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300868 struct smp_chan *smp;
Johan Hedbergc7262e72014-06-17 13:07:37 +0300869 u8 sec_level;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300870
871 BT_DBG("conn %p", conn);
872
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200873 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300874 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200875
Johan Hedberg4dae2792014-06-24 17:03:50 +0300876 if (!test_bit(HCI_CONN_MASTER, &conn->hcon->flags))
Johan Hedberg86ca9ea2013-11-05 11:30:39 +0200877 return SMP_CMD_NOTSUPP;
878
Johan Hedbergc7262e72014-06-17 13:07:37 +0300879 sec_level = authreq_to_seclevel(rp->auth_req);
880 if (sec_level > hcon->pending_sec_level)
881 hcon->pending_sec_level = sec_level;
Vinicius Costa Gomesfeb45eb2011-08-25 20:02:35 -0300882
Johan Hedberg4dab7862012-06-07 14:58:37 +0800883 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
Vinicius Costa Gomes988c5992011-08-25 20:02:28 -0300884 return 0;
885
Johan Hedberg51a8efd2012-01-16 06:10:31 +0200886 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300887 return 0;
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300888
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300889 smp = smp_chan_create(conn);
Johan Hedbergc29d2442014-06-16 19:25:14 +0300890 if (!smp)
891 return SMP_UNSPECIFIED;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300892
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300893 skb_pull(skb, sizeof(*rp));
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300894
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300895 memset(&cp, 0, sizeof(cp));
Vinicius Costa Gomes54790f72011-07-07 18:59:38 -0300896 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300897
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300898 smp->preq[0] = SMP_CMD_PAIRING_REQ;
899 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300900
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300901 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300902
Johan Hedberg4a74d652014-05-20 09:45:50 +0300903 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergedca7922014-03-24 15:54:11 +0200904
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -0300905 return 0;
Anderson Briglia88ba43b2011-06-09 18:50:42 -0300906}
907
Johan Hedbergad32a2f2013-05-14 18:05:12 +0300908bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level)
909{
910 if (sec_level == BT_SECURITY_LOW)
911 return true;
912
913 if (hcon->sec_level >= sec_level)
914 return true;
915
916 return false;
917}
918
Vinicius Costa Gomescc110922012-08-23 21:32:43 -0300919int smp_conn_security(struct hci_conn *hcon, __u8 sec_level)
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300920{
Vinicius Costa Gomescc110922012-08-23 21:32:43 -0300921 struct l2cap_conn *conn = hcon->l2cap_data;
Johan Hedberg0a66cf22014-03-24 14:39:03 +0200922 struct smp_chan *smp;
Brian Gix2b64d152011-12-21 16:12:12 -0800923 __u8 authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300924
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -0300925 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
926
Johan Hedberg0a66cf22014-03-24 14:39:03 +0200927 /* This may be NULL if there's an unexpected disconnection */
928 if (!conn)
929 return 1;
930
Johan Hedberg757aee02013-04-24 13:05:32 +0300931 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags))
Andre Guedes2e65c9d2011-06-30 19:20:56 -0300932 return 1;
933
Johan Hedbergad32a2f2013-05-14 18:05:12 +0300934 if (smp_sufficient_security(hcon, sec_level))
Vinicius Costa Gomesf1cb9af2011-01-26 21:42:57 -0300935 return 1;
936
Johan Hedbergc7262e72014-06-17 13:07:37 +0300937 if (sec_level > hcon->pending_sec_level)
938 hcon->pending_sec_level = sec_level;
939
Johan Hedberg4dae2792014-06-24 17:03:50 +0300940 if (test_bit(HCI_CONN_MASTER, &hcon->flags))
Johan Hedbergc7262e72014-06-17 13:07:37 +0300941 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
942 return 0;
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300943
Johan Hedberg51a8efd2012-01-16 06:10:31 +0200944 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300945 return 0;
946
Vinicius Costa Gomes8aab4752011-09-05 14:31:31 -0300947 smp = smp_chan_create(conn);
Brian Gix2b64d152011-12-21 16:12:12 -0800948 if (!smp)
949 return 1;
950
951 authreq = seclevel_to_authreq(sec_level);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300952
Johan Hedberg79897d22014-06-01 09:45:24 +0300953 /* Require MITM if IO Capability allows or the security level
954 * requires it.
Johan Hedberg2e233642014-03-18 15:42:30 +0200955 */
Johan Hedberg79897d22014-06-01 09:45:24 +0300956 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT ||
Johan Hedbergc7262e72014-06-17 13:07:37 +0300957 hcon->pending_sec_level > BT_SECURITY_MEDIUM)
Johan Hedberg2e233642014-03-18 15:42:30 +0200958 authreq |= SMP_AUTH_MITM;
959
Johan Hedberg4dae2792014-06-24 17:03:50 +0300960 if (test_bit(HCI_CONN_MASTER, &hcon->flags)) {
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -0300961 struct smp_cmd_pairing cp;
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300962
Brian Gix2b64d152011-12-21 16:12:12 -0800963 build_pairing_cmd(conn, &cp, NULL, authreq);
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300964 smp->preq[0] = SMP_CMD_PAIRING_REQ;
965 memcpy(&smp->preq[1], &cp, sizeof(cp));
Anderson Brigliaf01ead32011-06-09 18:50:45 -0300966
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300967 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
968 } else {
969 struct smp_cmd_security_req cp;
Brian Gix2b64d152011-12-21 16:12:12 -0800970 cp.auth_req = authreq;
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300971 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
972 }
973
Johan Hedberg4a74d652014-05-20 09:45:50 +0300974 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
Johan Hedbergedca7922014-03-24 15:54:11 +0200975
Anderson Brigliaeb492e02011-06-09 18:50:40 -0300976 return 0;
977}
978
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300979static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
980{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300981 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300982 struct smp_chan *smp = conn->smp_chan;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300983
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200984 BT_DBG("conn %p", conn);
985
986 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +0300987 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +0200988
Johan Hedberg6131ddc2014-02-18 10:19:37 +0200989 /* Ignore this PDU if it wasn't requested */
990 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
991 return 0;
992
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300993 skb_pull(skb, sizeof(*rp));
994
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -0300995 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -0300996
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -0300997 return 0;
998}
999
1000static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
1001{
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001002 struct smp_cmd_master_ident *rp = (void *) skb->data;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001003 struct smp_chan *smp = conn->smp_chan;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001004 struct hci_dev *hdev = conn->hcon->hdev;
1005 struct hci_conn *hcon = conn->hcon;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001006 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001007 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001008
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001009 BT_DBG("conn %p", conn);
1010
1011 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001012 return SMP_INVALID_PARAMS;
Johan Hedbergc46b98b2014-02-18 10:19:29 +02001013
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001014 /* Ignore this PDU if it wasn't requested */
1015 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY))
1016 return 0;
1017
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001018 /* Mark the information as received */
1019 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
1020
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001021 skb_pull(skb, sizeof(*rp));
1022
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001023 hci_dev_lock(hdev);
Marcel Holtmannce39fb42013-10-13 02:23:39 -07001024 authenticated = (hcon->sec_level == BT_SECURITY_HIGH);
Johan Hedberg2ceba532014-06-16 19:25:16 +03001025 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, SMP_LTK,
Johan Hedberg23d0e122014-02-19 14:57:46 +02001026 authenticated, smp->tk, smp->enc_key_size,
1027 rp->ediv, rp->rand);
1028 smp->ltk = ltk;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001029 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
Johan Hedberg4bd6d382014-02-26 23:33:45 +02001030 smp_distribute_keys(conn);
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001031 hci_dev_unlock(hdev);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001032
1033 return 0;
1034}
1035
Johan Hedbergfd349c02014-02-18 10:19:36 +02001036static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb)
1037{
1038 struct smp_cmd_ident_info *info = (void *) skb->data;
1039 struct smp_chan *smp = conn->smp_chan;
1040
1041 BT_DBG("");
1042
1043 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001044 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001045
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001046 /* Ignore this PDU if it wasn't requested */
1047 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1048 return 0;
1049
Johan Hedbergfd349c02014-02-18 10:19:36 +02001050 skb_pull(skb, sizeof(*info));
1051
1052 memcpy(smp->irk, info->irk, 16);
1053
1054 return 0;
1055}
1056
1057static int smp_cmd_ident_addr_info(struct l2cap_conn *conn,
1058 struct sk_buff *skb)
1059{
1060 struct smp_cmd_ident_addr_info *info = (void *) skb->data;
1061 struct smp_chan *smp = conn->smp_chan;
1062 struct hci_conn *hcon = conn->hcon;
1063 bdaddr_t rpa;
1064
1065 BT_DBG("");
1066
1067 if (skb->len < sizeof(*info))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001068 return SMP_INVALID_PARAMS;
Johan Hedbergfd349c02014-02-18 10:19:36 +02001069
Johan Hedberg6131ddc2014-02-18 10:19:37 +02001070 /* Ignore this PDU if it wasn't requested */
1071 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY))
1072 return 0;
1073
Johan Hedberg9747a9f2014-02-26 23:33:43 +02001074 /* Mark the information as received */
1075 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
1076
Johan Hedbergfd349c02014-02-18 10:19:36 +02001077 skb_pull(skb, sizeof(*info));
1078
Johan Hedberg31dd6242014-06-27 14:23:02 +03001079 hci_dev_lock(hcon->hdev);
1080
Johan Hedberga9a58f82014-02-25 22:24:37 +02001081 /* Strictly speaking the Core Specification (4.1) allows sending
1082 * an empty address which would force us to rely on just the IRK
1083 * as "identity information". However, since such
1084 * implementations are not known of and in order to not over
1085 * complicate our implementation, simply pretend that we never
1086 * received an IRK for such a device.
1087 */
1088 if (!bacmp(&info->bdaddr, BDADDR_ANY)) {
1089 BT_ERR("Ignoring IRK with no identity address");
Johan Hedberg31dd6242014-06-27 14:23:02 +03001090 goto distribute;
Johan Hedberga9a58f82014-02-25 22:24:37 +02001091 }
1092
Johan Hedbergfd349c02014-02-18 10:19:36 +02001093 bacpy(&smp->id_addr, &info->bdaddr);
1094 smp->id_addr_type = info->addr_type;
1095
1096 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type))
1097 bacpy(&rpa, &hcon->dst);
1098 else
1099 bacpy(&rpa, BDADDR_ANY);
1100
Johan Hedberg23d0e122014-02-19 14:57:46 +02001101 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
1102 smp->id_addr_type, smp->irk, &rpa);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001103
Johan Hedberg31dd6242014-06-27 14:23:02 +03001104distribute:
Johan Hedberg4bd6d382014-02-26 23:33:45 +02001105 smp_distribute_keys(conn);
Johan Hedbergfd349c02014-02-18 10:19:36 +02001106
Johan Hedberg31dd6242014-06-27 14:23:02 +03001107 hci_dev_unlock(hcon->hdev);
1108
Johan Hedbergfd349c02014-02-18 10:19:36 +02001109 return 0;
1110}
1111
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001112static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb)
1113{
1114 struct smp_cmd_sign_info *rp = (void *) skb->data;
1115 struct smp_chan *smp = conn->smp_chan;
1116 struct hci_dev *hdev = conn->hcon->hdev;
1117 struct smp_csrk *csrk;
1118
1119 BT_DBG("conn %p", conn);
1120
1121 if (skb->len < sizeof(*rp))
Johan Hedberg38e4a912014-05-08 14:19:11 +03001122 return SMP_INVALID_PARAMS;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001123
1124 /* Ignore this PDU if it wasn't requested */
1125 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1126 return 0;
1127
1128 /* Mark the information as received */
1129 smp->remote_key_dist &= ~SMP_DIST_SIGN;
1130
1131 skb_pull(skb, sizeof(*rp));
1132
1133 hci_dev_lock(hdev);
1134 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1135 if (csrk) {
1136 csrk->master = 0x01;
1137 memcpy(csrk->val, rp->csrk, sizeof(csrk->val));
1138 }
1139 smp->csrk = csrk;
1140 if (!(smp->remote_key_dist & SMP_DIST_SIGN))
1141 smp_distribute_keys(conn);
1142 hci_dev_unlock(hdev);
1143
1144 return 0;
1145}
1146
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001147int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
1148{
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001149 struct hci_conn *hcon = conn->hcon;
Marcel Holtmann92381f52013-10-03 01:23:08 -07001150 __u8 code, reason;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001151 int err = 0;
1152
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001153 if (hcon->type != LE_LINK) {
1154 kfree_skb(skb);
Johan Hedberg34327112013-10-16 11:37:01 +03001155 return 0;
Marcel Holtmann7b9899d2013-10-03 00:00:57 -07001156 }
1157
Marcel Holtmann92381f52013-10-03 01:23:08 -07001158 if (skb->len < 1) {
1159 kfree_skb(skb);
1160 return -EILSEQ;
1161 }
1162
Marcel Holtmann06ae3312013-10-18 03:43:00 -07001163 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) {
Andre Guedes2e65c9d2011-06-30 19:20:56 -03001164 err = -ENOTSUPP;
1165 reason = SMP_PAIRING_NOTSUPP;
1166 goto done;
1167 }
1168
Marcel Holtmann92381f52013-10-03 01:23:08 -07001169 code = skb->data[0];
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001170 skb_pull(skb, sizeof(code));
1171
Johan Hedberg8cf9fa12013-01-29 10:44:23 -06001172 /*
1173 * The SMP context must be initialized for all other PDUs except
1174 * pairing and security requests. If we get any other PDU when
1175 * not initialized simply disconnect (done if this function
1176 * returns an error).
1177 */
1178 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ &&
1179 !conn->smp_chan) {
1180 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code);
1181 kfree_skb(skb);
1182 return -ENOTSUPP;
1183 }
1184
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001185 switch (code) {
1186 case SMP_CMD_PAIRING_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001187 reason = smp_cmd_pairing_req(conn, skb);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001188 break;
1189
1190 case SMP_CMD_PAIRING_FAIL:
Johan Hedberg84794e12013-11-06 11:24:57 +02001191 smp_failure(conn, 0);
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001192 reason = 0;
1193 err = -EPERM;
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001194 break;
1195
1196 case SMP_CMD_PAIRING_RSP:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001197 reason = smp_cmd_pairing_rsp(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001198 break;
1199
1200 case SMP_CMD_SECURITY_REQ:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001201 reason = smp_cmd_security_req(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001202 break;
1203
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001204 case SMP_CMD_PAIRING_CONFIRM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001205 reason = smp_cmd_pairing_confirm(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001206 break;
1207
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001208 case SMP_CMD_PAIRING_RANDOM:
Vinicius Costa Gomesda85e5e2011-06-09 18:50:53 -03001209 reason = smp_cmd_pairing_random(conn, skb);
Anderson Briglia88ba43b2011-06-09 18:50:42 -03001210 break;
1211
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001212 case SMP_CMD_ENCRYPT_INFO:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001213 reason = smp_cmd_encrypt_info(conn, skb);
1214 break;
1215
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001216 case SMP_CMD_MASTER_IDENT:
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001217 reason = smp_cmd_master_ident(conn, skb);
1218 break;
1219
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001220 case SMP_CMD_IDENT_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001221 reason = smp_cmd_ident_info(conn, skb);
1222 break;
1223
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001224 case SMP_CMD_IDENT_ADDR_INFO:
Johan Hedbergfd349c02014-02-18 10:19:36 +02001225 reason = smp_cmd_ident_addr_info(conn, skb);
1226 break;
1227
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001228 case SMP_CMD_SIGN_INFO:
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001229 reason = smp_cmd_sign_info(conn, skb);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001230 break;
1231
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001232 default:
1233 BT_DBG("Unknown command code 0x%2.2x", code);
1234
1235 reason = SMP_CMD_NOTSUPP;
Vinicius Costa Gomes3a0259b2011-06-09 18:50:43 -03001236 err = -EOPNOTSUPP;
1237 goto done;
1238 }
1239
1240done:
1241 if (reason)
Johan Hedberg84794e12013-11-06 11:24:57 +02001242 smp_failure(conn, reason);
Anderson Brigliaeb492e02011-06-09 18:50:40 -03001243
1244 kfree_skb(skb);
1245 return err;
1246}
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001247
Johan Hedberg35d70272014-02-19 14:57:47 +02001248static void smp_notify_keys(struct l2cap_conn *conn)
1249{
1250 struct smp_chan *smp = conn->smp_chan;
1251 struct hci_conn *hcon = conn->hcon;
1252 struct hci_dev *hdev = hcon->hdev;
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001253 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1254 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1255 bool persistent;
Johan Hedberg35d70272014-02-19 14:57:47 +02001256
Johan Hedberg61b1a7f2014-03-20 12:54:16 +02001257 if (smp->remote_irk) {
Johan Hedberg95fbac82014-02-19 15:18:31 +02001258 mgmt_new_irk(hdev, smp->remote_irk);
Johan Hedberg61b1a7f2014-03-20 12:54:16 +02001259 /* Now that user space can be considered to know the
1260 * identity address track the connection based on it
1261 * from now on.
1262 */
1263 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1264 hcon->dst_type = smp->remote_irk->addr_type;
1265 l2cap_conn_update_id_addr(hcon);
1266 }
Johan Hedberg95fbac82014-02-19 15:18:31 +02001267
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001268 /* The LTKs and CSRKs should be persistent only if both sides
1269 * had the bonding bit set in their authentication requests.
1270 */
1271 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING);
1272
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001273 if (smp->csrk) {
1274 smp->csrk->bdaddr_type = hcon->dst_type;
1275 bacpy(&smp->csrk->bdaddr, &hcon->dst);
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001276 mgmt_new_csrk(hdev, smp->csrk, persistent);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001277 }
1278
1279 if (smp->slave_csrk) {
1280 smp->slave_csrk->bdaddr_type = hcon->dst_type;
1281 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst);
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001282 mgmt_new_csrk(hdev, smp->slave_csrk, persistent);
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001283 }
1284
Johan Hedberg35d70272014-02-19 14:57:47 +02001285 if (smp->ltk) {
1286 smp->ltk->bdaddr_type = hcon->dst_type;
1287 bacpy(&smp->ltk->bdaddr, &hcon->dst);
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001288 mgmt_new_ltk(hdev, smp->ltk, persistent);
Johan Hedberg35d70272014-02-19 14:57:47 +02001289 }
1290
1291 if (smp->slave_ltk) {
1292 smp->slave_ltk->bdaddr_type = hcon->dst_type;
1293 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
Marcel Holtmann53ac6ab2014-03-09 23:38:42 -07001294 mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
Johan Hedberg35d70272014-02-19 14:57:47 +02001295 }
1296}
1297
Johan Hedberg4bd6d382014-02-26 23:33:45 +02001298int smp_distribute_keys(struct l2cap_conn *conn)
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001299{
1300 struct smp_cmd_pairing *req, *rsp;
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001301 struct smp_chan *smp = conn->smp_chan;
Johan Hedberg524237c2014-02-22 19:06:31 +02001302 struct hci_conn *hcon = conn->hcon;
1303 struct hci_dev *hdev = hcon->hdev;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001304 __u8 *keydist;
1305
Johan Hedberg4bd6d382014-02-26 23:33:45 +02001306 BT_DBG("conn %p", conn);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001307
Johan Hedberg524237c2014-02-22 19:06:31 +02001308 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001309 return 0;
1310
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001311 rsp = (void *) &smp->prsp[1];
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001312
1313 /* The responder sends its keys first */
Johan Hedbergefabba32014-02-26 23:33:44 +02001314 if (hcon->out && (smp->remote_key_dist & 0x07))
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001315 return 0;
1316
Vinicius Costa Gomes1c1def02011-09-05 14:31:30 -03001317 req = (void *) &smp->preq[1];
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001318
Johan Hedberg524237c2014-02-22 19:06:31 +02001319 if (hcon->out) {
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001320 keydist = &rsp->init_key_dist;
1321 *keydist &= req->init_key_dist;
1322 } else {
1323 keydist = &rsp->resp_key_dist;
1324 *keydist &= req->resp_key_dist;
1325 }
1326
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001327 BT_DBG("keydist 0x%x", *keydist);
1328
1329 if (*keydist & SMP_DIST_ENC_KEY) {
1330 struct smp_cmd_encrypt_info enc;
1331 struct smp_cmd_master_ident ident;
Johan Hedberg23d0e122014-02-19 14:57:46 +02001332 struct smp_ltk *ltk;
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001333 u8 authenticated;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001334 __le16 ediv;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -08001335 __le64 rand;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001336
1337 get_random_bytes(enc.ltk, sizeof(enc.ltk));
1338 get_random_bytes(&ediv, sizeof(ediv));
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -08001339 get_random_bytes(&rand, sizeof(rand));
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001340
1341 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
1342
Vinicius Costa Gomesc9839a12012-02-02 21:08:01 -03001343 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
Johan Hedberg524237c2014-02-22 19:06:31 +02001344 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type,
Johan Hedberg2ceba532014-06-16 19:25:16 +03001345 SMP_LTK_SLAVE, authenticated, enc.ltk,
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -08001346 smp->enc_key_size, ediv, rand);
Johan Hedberg23d0e122014-02-19 14:57:46 +02001347 smp->slave_ltk = ltk;
Vinicius Costa Gomes16b90832011-07-07 18:59:39 -03001348
Andrei Emeltchenko58115372012-03-12 12:13:06 +02001349 ident.ediv = ediv;
Marcel Holtmannfe39c7b2014-02-27 16:00:28 -08001350 ident.rand = rand;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001351
1352 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
1353
1354 *keydist &= ~SMP_DIST_ENC_KEY;
1355 }
1356
1357 if (*keydist & SMP_DIST_ID_KEY) {
1358 struct smp_cmd_ident_addr_info addrinfo;
1359 struct smp_cmd_ident_info idinfo;
1360
Johan Hedberg863efaf2014-02-22 19:06:32 +02001361 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk));
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001362
1363 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
1364
Johan Hedberg82d4b352014-02-23 19:42:18 +02001365 /* The hci_conn contains the local identity address
1366 * after the connection has been established.
1367 *
1368 * This is true even when the connection has been
1369 * established using a resolvable random address.
1370 */
Johan Hedberg524237c2014-02-22 19:06:31 +02001371 bacpy(&addrinfo.bdaddr, &hcon->src);
Johan Hedberg82d4b352014-02-23 19:42:18 +02001372 addrinfo.addr_type = hcon->src_type;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001373
1374 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
Marcel Holtmannf1560462013-10-13 05:43:25 -07001375 &addrinfo);
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001376
1377 *keydist &= ~SMP_DIST_ID_KEY;
1378 }
1379
1380 if (*keydist & SMP_DIST_SIGN) {
1381 struct smp_cmd_sign_info sign;
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001382 struct smp_csrk *csrk;
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001383
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001384 /* Generate a new random key */
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001385 get_random_bytes(sign.csrk, sizeof(sign.csrk));
1386
Marcel Holtmann7ee4ea32014-03-09 12:19:17 -07001387 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL);
1388 if (csrk) {
1389 csrk->master = 0x00;
1390 memcpy(csrk->val, sign.csrk, sizeof(csrk->val));
1391 }
1392 smp->slave_csrk = csrk;
1393
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001394 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
1395
1396 *keydist &= ~SMP_DIST_SIGN;
1397 }
1398
Johan Hedbergefabba32014-02-26 23:33:44 +02001399 /* If there are still keys to be received wait for them */
1400 if ((smp->remote_key_dist & 0x07))
1401 return 0;
1402
Johan Hedberg1d98bf42014-03-24 14:39:08 +02001403 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags);
1404 cancel_delayed_work_sync(&conn->security_timer);
Johan Hedberg4a74d652014-05-20 09:45:50 +03001405 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
Johan Hedberg1d98bf42014-03-24 14:39:08 +02001406 smp_notify_keys(conn);
Johan Hedbergefabba32014-02-26 23:33:44 +02001407
Johan Hedberg1d98bf42014-03-24 14:39:08 +02001408 smp_chan_destroy(conn);
Vinicius Costa Gomesd26a2342011-08-19 21:06:51 -03001409
Vinicius Costa Gomes7034b912011-07-07 18:59:34 -03001410 return 0;
1411}