2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
23 #include <linux/crypto.h>
24 #include <linux/scatterlist.h>
25 #include <crypto/b128ops.h>
27 #include <net/bluetooth/bluetooth.h>
28 #include <net/bluetooth/hci_core.h>
29 #include <net/bluetooth/l2cap.h>
30 #include <net/bluetooth/mgmt.h>
31 #include <net/bluetooth/smp.h>
33 #define SMP_TIMEOUT msecs_to_jiffies(30000)
35 static inline void swap128(u8 src[16], u8 dst[16])
38 for (i = 0; i < 16; i++)
42 static inline void swap56(u8 src[7], u8 dst[7])
45 for (i = 0; i < 7; i++)
49 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
51 struct blkcipher_desc desc;
52 struct scatterlist sg;
54 unsigned char iv[128];
57 BT_ERR("tfm %p", tfm);
64 err = crypto_blkcipher_setkey(tfm, k, 16);
66 BT_ERR("cipher setkey failed: %d", err);
70 sg_init_one(&sg, r, 16);
72 iv_len = crypto_blkcipher_ivsize(tfm);
74 memset(&iv, 0xff, iv_len);
75 crypto_blkcipher_set_iv(tfm, iv, iv_len);
78 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
80 BT_ERR("Encrypt data error %d", err);
85 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
86 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
87 u8 _rat, bdaddr_t *ra, u8 res[16])
94 /* p1 = pres || preq || _rat || _iat */
102 /* p2 = padding || ia || ra */
103 baswap((bdaddr_t *) (p2 + 4), ia);
104 baswap((bdaddr_t *) (p2 + 10), ra);
107 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
109 /* res = e(k, res) */
110 err = smp_e(tfm, k, res);
112 BT_ERR("Encrypt data error");
116 /* res = res XOR p2 */
117 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
119 /* res = e(k, res) */
120 err = smp_e(tfm, k, res);
122 BT_ERR("Encrypt data error");
127 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
128 u8 r1[16], u8 r2[16], u8 _r[16])
132 /* Just least significant octets from r1 and r2 are considered */
133 memcpy(_r, r1 + 8, 8);
134 memcpy(_r + 8, r2 + 8, 8);
136 err = smp_e(tfm, k, _r);
138 BT_ERR("Encrypt data error");
143 static int smp_rand(u8 *buf)
145 get_random_bytes(buf, 16);
150 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
151 u16 dlen, void *data)
154 struct l2cap_hdr *lh;
157 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
162 skb = bt_skb_alloc(len, GFP_ATOMIC);
166 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
167 lh->len = cpu_to_le16(sizeof(code) + dlen);
168 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
170 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
172 memcpy(skb_put(skb, dlen), data, dlen);
177 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
179 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
181 BT_DBG("code 0x%2.2x", code);
186 skb->priority = HCI_PRIO_MAX;
187 hci_send_acl(conn->hchan, skb, 0);
189 cancel_delayed_work_sync(&conn->security_timer);
190 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT);
193 static __u8 authreq_to_seclevel(__u8 authreq)
195 if (authreq & SMP_AUTH_MITM)
196 return BT_SECURITY_HIGH;
198 return BT_SECURITY_MEDIUM;
201 static __u8 seclevel_to_authreq(__u8 sec_level)
204 case BT_SECURITY_HIGH:
205 return SMP_AUTH_MITM | SMP_AUTH_BONDING;
206 case BT_SECURITY_MEDIUM:
207 return SMP_AUTH_BONDING;
209 return SMP_AUTH_NONE;
213 static void build_pairing_cmd(struct l2cap_conn *conn,
214 struct smp_cmd_pairing *req,
215 struct smp_cmd_pairing *rsp,
220 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) {
221 dist_keys = SMP_DIST_ENC_KEY;
222 authreq |= SMP_AUTH_BONDING;
224 authreq &= ~SMP_AUTH_BONDING;
228 req->io_capability = conn->hcon->io_capability;
229 req->oob_flag = SMP_OOB_NOT_PRESENT;
230 req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
231 req->init_key_dist = 0;
232 req->resp_key_dist = dist_keys;
233 req->auth_req = authreq;
237 rsp->io_capability = conn->hcon->io_capability;
238 rsp->oob_flag = SMP_OOB_NOT_PRESENT;
239 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
240 rsp->init_key_dist = 0;
241 rsp->resp_key_dist = req->resp_key_dist & dist_keys;
242 rsp->auth_req = authreq;
245 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
247 struct smp_chan *smp = conn->smp_chan;
249 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
250 (max_key_size < SMP_MIN_ENC_KEY_SIZE))
251 return SMP_ENC_KEY_SIZE;
253 smp->enc_key_size = max_key_size;
258 static void smp_failure(struct l2cap_conn *conn, u8 reason, u8 send)
260 struct hci_conn *hcon = conn->hcon;
263 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
266 clear_bit(HCI_CONN_ENCRYPT_PEND, &conn->hcon->flags);
267 mgmt_auth_failed(conn->hcon->hdev, conn->dst, hcon->type,
268 hcon->dst_type, reason);
270 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) {
271 cancel_delayed_work_sync(&conn->security_timer);
272 smp_chan_destroy(conn);
276 #define JUST_WORKS 0x00
277 #define JUST_CFM 0x01
278 #define REQ_PASSKEY 0x02
279 #define CFM_PASSKEY 0x03
283 static const u8 gen_method[5][5] = {
284 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
285 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY },
286 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY },
287 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM },
288 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP },
291 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth,
292 u8 local_io, u8 remote_io)
294 struct hci_conn *hcon = conn->hcon;
295 struct smp_chan *smp = conn->smp_chan;
300 /* Initialize key for JUST WORKS */
301 memset(smp->tk, 0, sizeof(smp->tk));
302 clear_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
304 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io);
306 /* If neither side wants MITM, use JUST WORKS */
307 /* If either side has unknown io_caps, use JUST WORKS */
308 /* Otherwise, look up method from the table */
309 if (!(auth & SMP_AUTH_MITM) ||
310 local_io > SMP_IO_KEYBOARD_DISPLAY ||
311 remote_io > SMP_IO_KEYBOARD_DISPLAY)
314 method = gen_method[remote_io][local_io];
316 /* If not bonding, don't ask user to confirm a Zero TK */
317 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM)
320 /* If Just Works, Continue with Zero TK */
321 if (method == JUST_WORKS) {
322 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
326 /* Not Just Works/Confirm results in MITM Authentication */
327 if (method != JUST_CFM)
328 set_bit(SMP_FLAG_MITM_AUTH, &smp->smp_flags);
330 /* If both devices have Keyoard-Display I/O, the master
331 * Confirms and the slave Enters the passkey.
333 if (method == OVERLAP) {
334 if (hcon->link_mode & HCI_LM_MASTER)
335 method = CFM_PASSKEY;
337 method = REQ_PASSKEY;
340 /* Generate random passkey. Not valid until confirmed. */
341 if (method == CFM_PASSKEY) {
344 memset(key, 0, sizeof(key));
345 get_random_bytes(&passkey, sizeof(passkey));
347 put_unaligned_le32(passkey, key);
348 swap128(key, smp->tk);
349 BT_DBG("PassKey: %d", passkey);
352 hci_dev_lock(hcon->hdev);
354 if (method == REQ_PASSKEY)
355 ret = mgmt_user_passkey_request(hcon->hdev, conn->dst,
356 hcon->type, hcon->dst_type);
358 ret = mgmt_user_confirm_request(hcon->hdev, conn->dst,
359 hcon->type, hcon->dst_type,
360 cpu_to_le32(passkey), 0);
362 hci_dev_unlock(hcon->hdev);
367 static void confirm_work(struct work_struct *work)
369 struct smp_chan *smp = container_of(work, struct smp_chan, confirm);
370 struct l2cap_conn *conn = smp->conn;
371 struct crypto_blkcipher *tfm;
372 struct smp_cmd_pairing_confirm cp;
376 BT_DBG("conn %p", conn);
378 tfm = crypto_alloc_blkcipher("ecb(aes)", 0, CRYPTO_ALG_ASYNC);
380 reason = SMP_UNSPECIFIED;
387 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 0,
388 conn->src, conn->hcon->dst_type, conn->dst, res);
390 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp,
391 conn->hcon->dst_type, conn->dst, 0, conn->src,
394 reason = SMP_UNSPECIFIED;
398 clear_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
400 swap128(res, cp.confirm_val);
401 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
406 smp_failure(conn, reason, 1);
409 static void random_work(struct work_struct *work)
411 struct smp_chan *smp = container_of(work, struct smp_chan, random);
412 struct l2cap_conn *conn = smp->conn;
413 struct hci_conn *hcon = conn->hcon;
414 struct crypto_blkcipher *tfm = smp->tfm;
415 u8 reason, confirm[16], res[16], key[16];
418 if (IS_ERR_OR_NULL(tfm)) {
419 reason = SMP_UNSPECIFIED;
423 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
426 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 0,
427 conn->src, hcon->dst_type, conn->dst, res);
429 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp,
430 hcon->dst_type, conn->dst, 0, conn->src, res);
432 reason = SMP_UNSPECIFIED;
436 swap128(res, confirm);
438 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) {
439 BT_ERR("Pairing failed (confirmation values mismatch)");
440 reason = SMP_CONFIRM_FAILED;
448 memset(rand, 0, sizeof(rand));
451 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, key);
454 memset(stk + smp->enc_key_size, 0,
455 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
457 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) {
458 reason = SMP_UNSPECIFIED;
462 hci_le_start_enc(hcon, ediv, rand, stk);
463 hcon->enc_key_size = smp->enc_key_size;
465 u8 stk[16], r[16], rand[8];
468 memset(rand, 0, sizeof(rand));
471 swap128(smp->prnd, r);
472 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
474 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, key);
477 memset(stk + smp->enc_key_size, 0,
478 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size);
480 hci_add_ltk(hcon->hdev, conn->dst, hcon->dst_type,
481 HCI_SMP_STK_SLAVE, 0, 0, stk, smp->enc_key_size,
488 smp_failure(conn, reason, 1);
491 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn)
493 struct smp_chan *smp;
495 smp = kzalloc(sizeof(struct smp_chan), GFP_ATOMIC);
499 INIT_WORK(&smp->confirm, confirm_work);
500 INIT_WORK(&smp->random, random_work);
503 conn->smp_chan = smp;
504 conn->hcon->smp_conn = conn;
506 hci_conn_hold(conn->hcon);
511 void smp_chan_destroy(struct l2cap_conn *conn)
513 struct smp_chan *smp = conn->smp_chan;
518 crypto_free_blkcipher(smp->tfm);
521 conn->smp_chan = NULL;
522 conn->hcon->smp_conn = NULL;
523 hci_conn_put(conn->hcon);
526 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey)
528 struct l2cap_conn *conn = hcon->smp_conn;
529 struct smp_chan *smp;
538 smp = conn->smp_chan;
541 case MGMT_OP_USER_PASSKEY_REPLY:
542 value = le32_to_cpu(passkey);
543 memset(key, 0, sizeof(key));
544 BT_DBG("PassKey: %d", value);
545 put_unaligned_le32(value, key);
546 swap128(key, smp->tk);
548 case MGMT_OP_USER_CONFIRM_REPLY:
549 set_bit(SMP_FLAG_TK_VALID, &smp->smp_flags);
551 case MGMT_OP_USER_PASSKEY_NEG_REPLY:
552 case MGMT_OP_USER_CONFIRM_NEG_REPLY:
553 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
556 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED, 1);
560 /* If it is our turn to send Pairing Confirm, do so now */
561 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags))
562 queue_work(hcon->hdev->workqueue, &smp->confirm);
567 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
569 struct smp_cmd_pairing rsp, *req = (void *) skb->data;
570 struct smp_chan *smp;
572 u8 auth = SMP_AUTH_NONE;
575 BT_DBG("conn %p", conn);
577 if (conn->hcon->link_mode & HCI_LM_MASTER)
578 return SMP_CMD_NOTSUPP;
580 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
581 smp = smp_chan_create(conn);
583 smp = conn->smp_chan;
585 smp->preq[0] = SMP_CMD_PAIRING_REQ;
586 memcpy(&smp->preq[1], req, sizeof(*req));
587 skb_pull(skb, sizeof(*req));
589 /* We didn't start the pairing, so match remote */
590 if (req->auth_req & SMP_AUTH_BONDING)
591 auth = req->auth_req;
593 conn->hcon->pending_sec_level = authreq_to_seclevel(auth);
595 build_pairing_cmd(conn, req, &rsp, auth);
597 key_size = min(req->max_key_size, rsp.max_key_size);
598 if (check_enc_key_size(conn, key_size))
599 return SMP_ENC_KEY_SIZE;
601 ret = smp_rand(smp->prnd);
603 return SMP_UNSPECIFIED;
605 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
606 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
608 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
610 /* Request setup of TK */
611 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability);
613 return SMP_UNSPECIFIED;
618 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
620 struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
621 struct smp_chan *smp = conn->smp_chan;
622 struct hci_dev *hdev = conn->hcon->hdev;
623 u8 key_size, auth = SMP_AUTH_NONE;
626 BT_DBG("conn %p", conn);
628 if (!(conn->hcon->link_mode & HCI_LM_MASTER))
629 return SMP_CMD_NOTSUPP;
631 skb_pull(skb, sizeof(*rsp));
633 req = (void *) &smp->preq[1];
635 key_size = min(req->max_key_size, rsp->max_key_size);
636 if (check_enc_key_size(conn, key_size))
637 return SMP_ENC_KEY_SIZE;
639 ret = smp_rand(smp->prnd);
641 return SMP_UNSPECIFIED;
643 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
644 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
646 if ((req->auth_req & SMP_AUTH_BONDING) &&
647 (rsp->auth_req & SMP_AUTH_BONDING))
648 auth = SMP_AUTH_BONDING;
650 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM;
652 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability);
654 return SMP_UNSPECIFIED;
656 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
658 /* Can't compose response until we have been confirmed */
659 if (!test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags))
662 queue_work(hdev->workqueue, &smp->confirm);
667 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
669 struct smp_chan *smp = conn->smp_chan;
670 struct hci_dev *hdev = conn->hcon->hdev;
672 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
674 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
675 skb_pull(skb, sizeof(smp->pcnf));
677 if (conn->hcon->out) {
680 swap128(smp->prnd, random);
681 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
683 } else if (test_bit(SMP_FLAG_TK_VALID, &smp->smp_flags)) {
684 queue_work(hdev->workqueue, &smp->confirm);
686 set_bit(SMP_FLAG_CFM_PENDING, &smp->smp_flags);
692 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
694 struct smp_chan *smp = conn->smp_chan;
695 struct hci_dev *hdev = conn->hcon->hdev;
697 BT_DBG("conn %p", conn);
699 swap128(skb->data, smp->rrnd);
700 skb_pull(skb, sizeof(smp->rrnd));
702 queue_work(hdev->workqueue, &smp->random);
707 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
710 struct hci_conn *hcon = conn->hcon;
712 key = hci_find_ltk_by_addr(hcon->hdev, conn->dst, hcon->dst_type);
716 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated)
719 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags))
722 hci_le_start_enc(hcon, key->ediv, key->rand, key->val);
723 hcon->enc_key_size = key->enc_size;
728 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
730 struct smp_cmd_security_req *rp = (void *) skb->data;
731 struct smp_cmd_pairing cp;
732 struct hci_conn *hcon = conn->hcon;
733 struct smp_chan *smp;
735 BT_DBG("conn %p", conn);
737 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req);
739 if (smp_ltk_encrypt(conn, hcon->pending_sec_level))
742 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
745 smp = smp_chan_create(conn);
747 skb_pull(skb, sizeof(*rp));
749 memset(&cp, 0, sizeof(cp));
750 build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
752 smp->preq[0] = SMP_CMD_PAIRING_REQ;
753 memcpy(&smp->preq[1], &cp, sizeof(cp));
755 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
760 int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
762 struct hci_conn *hcon = conn->hcon;
763 struct smp_chan *smp = conn->smp_chan;
766 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
768 if (!lmp_host_le_capable(hcon->hdev))
771 if (sec_level == BT_SECURITY_LOW)
774 if (hcon->sec_level >= sec_level)
777 if (hcon->link_mode & HCI_LM_MASTER)
778 if (smp_ltk_encrypt(conn, sec_level))
781 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags))
784 smp = smp_chan_create(conn);
788 authreq = seclevel_to_authreq(sec_level);
790 if (hcon->link_mode & HCI_LM_MASTER) {
791 struct smp_cmd_pairing cp;
793 build_pairing_cmd(conn, &cp, NULL, authreq);
794 smp->preq[0] = SMP_CMD_PAIRING_REQ;
795 memcpy(&smp->preq[1], &cp, sizeof(cp));
797 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
799 struct smp_cmd_security_req cp;
800 cp.auth_req = authreq;
801 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
805 hcon->pending_sec_level = sec_level;
810 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
812 struct smp_cmd_encrypt_info *rp = (void *) skb->data;
813 struct smp_chan *smp = conn->smp_chan;
815 skb_pull(skb, sizeof(*rp));
817 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
822 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
824 struct smp_cmd_master_ident *rp = (void *) skb->data;
825 struct smp_chan *smp = conn->smp_chan;
826 struct hci_dev *hdev = conn->hcon->hdev;
827 struct hci_conn *hcon = conn->hcon;
830 skb_pull(skb, sizeof(*rp));
833 authenticated = (conn->hcon->sec_level == BT_SECURITY_HIGH);
834 hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
835 HCI_SMP_LTK, 1, authenticated, smp->tk, smp->enc_key_size,
837 smp_distribute_keys(conn, 1);
838 hci_dev_unlock(hdev);
843 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
845 __u8 code = skb->data[0];
849 if (!lmp_host_le_capable(conn->hcon->hdev)) {
851 reason = SMP_PAIRING_NOTSUPP;
855 skb_pull(skb, sizeof(code));
858 case SMP_CMD_PAIRING_REQ:
859 reason = smp_cmd_pairing_req(conn, skb);
862 case SMP_CMD_PAIRING_FAIL:
863 smp_failure(conn, skb->data[0], 0);
868 case SMP_CMD_PAIRING_RSP:
869 reason = smp_cmd_pairing_rsp(conn, skb);
872 case SMP_CMD_SECURITY_REQ:
873 reason = smp_cmd_security_req(conn, skb);
876 case SMP_CMD_PAIRING_CONFIRM:
877 reason = smp_cmd_pairing_confirm(conn, skb);
880 case SMP_CMD_PAIRING_RANDOM:
881 reason = smp_cmd_pairing_random(conn, skb);
884 case SMP_CMD_ENCRYPT_INFO:
885 reason = smp_cmd_encrypt_info(conn, skb);
888 case SMP_CMD_MASTER_IDENT:
889 reason = smp_cmd_master_ident(conn, skb);
892 case SMP_CMD_IDENT_INFO:
893 case SMP_CMD_IDENT_ADDR_INFO:
894 case SMP_CMD_SIGN_INFO:
900 BT_DBG("Unknown command code 0x%2.2x", code);
902 reason = SMP_CMD_NOTSUPP;
909 smp_failure(conn, reason, 1);
915 int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
917 struct smp_cmd_pairing *req, *rsp;
918 struct smp_chan *smp = conn->smp_chan;
921 BT_DBG("conn %p force %d", conn, force);
923 if (!test_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags))
926 rsp = (void *) &smp->prsp[1];
928 /* The responder sends its keys first */
929 if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
932 req = (void *) &smp->preq[1];
934 if (conn->hcon->out) {
935 keydist = &rsp->init_key_dist;
936 *keydist &= req->init_key_dist;
938 keydist = &rsp->resp_key_dist;
939 *keydist &= req->resp_key_dist;
943 BT_DBG("keydist 0x%x", *keydist);
945 if (*keydist & SMP_DIST_ENC_KEY) {
946 struct smp_cmd_encrypt_info enc;
947 struct smp_cmd_master_ident ident;
948 struct hci_conn *hcon = conn->hcon;
952 get_random_bytes(enc.ltk, sizeof(enc.ltk));
953 get_random_bytes(&ediv, sizeof(ediv));
954 get_random_bytes(ident.rand, sizeof(ident.rand));
956 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
958 authenticated = hcon->sec_level == BT_SECURITY_HIGH;
959 hci_add_ltk(conn->hcon->hdev, conn->dst, hcon->dst_type,
960 HCI_SMP_LTK_SLAVE, 1, authenticated,
961 enc.ltk, smp->enc_key_size, ediv, ident.rand);
965 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
967 *keydist &= ~SMP_DIST_ENC_KEY;
970 if (*keydist & SMP_DIST_ID_KEY) {
971 struct smp_cmd_ident_addr_info addrinfo;
972 struct smp_cmd_ident_info idinfo;
974 /* Send a dummy key */
975 get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
977 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
979 /* Just public address */
980 memset(&addrinfo, 0, sizeof(addrinfo));
981 bacpy(&addrinfo.bdaddr, conn->src);
983 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
986 *keydist &= ~SMP_DIST_ID_KEY;
989 if (*keydist & SMP_DIST_SIGN) {
990 struct smp_cmd_sign_info sign;
992 /* Send a dummy key */
993 get_random_bytes(sign.csrk, sizeof(sign.csrk));
995 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
997 *keydist &= ~SMP_DIST_SIGN;
1000 if (conn->hcon->out || force) {
1001 clear_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags);
1002 cancel_delayed_work_sync(&conn->security_timer);
1003 smp_chan_destroy(conn);