1 /* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS 10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. 12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY 13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 20 SOFTWARE IS DISCLAIMED. 21 */ 22 23 #include <linux/crypto.h> 24 #include <linux/scatterlist.h> 25 #include <crypto/b128ops.h> 26 27 #include <net/bluetooth/bluetooth.h> 28 #include <net/bluetooth/hci_core.h> 29 #include <net/bluetooth/l2cap.h> 30 #include <net/bluetooth/mgmt.h> 31 32 #include "smp.h" 33 34 #define SMP_TIMEOUT msecs_to_jiffies(30000) 35 36 #define AUTH_REQ_MASK 0x07 37 38 #define SMP_FLAG_TK_VALID 1 39 #define SMP_FLAG_CFM_PENDING 2 40 #define SMP_FLAG_MITM_AUTH 3 41 #define SMP_FLAG_COMPLETE 4 42 #define SMP_FLAG_INITIATOR 5 43 44 struct smp_chan { 45 struct l2cap_conn *conn; 46 u8 preq[7]; /* SMP Pairing Request */ 47 u8 prsp[7]; /* SMP Pairing Response */ 48 u8 prnd[16]; /* SMP Pairing Random (local) */ 49 u8 rrnd[16]; /* SMP Pairing Random (remote) */ 50 u8 pcnf[16]; /* SMP Pairing Confirm */ 51 u8 tk[16]; /* SMP Temporary Key */ 52 u8 enc_key_size; 53 u8 remote_key_dist; 54 bdaddr_t id_addr; 55 u8 id_addr_type; 56 u8 irk[16]; 57 struct smp_csrk *csrk; 58 struct smp_csrk *slave_csrk; 59 struct smp_ltk *ltk; 60 struct smp_ltk *slave_ltk; 61 struct smp_irk *remote_irk; 62 unsigned long flags; 63 }; 64 65 static inline void swap128(const u8 src[16], u8 dst[16]) 66 { 67 int i; 68 for (i = 0; i < 16; i++) 69 dst[15 - i] = src[i]; 70 } 71 72 static inline void swap56(const u8 src[7], u8 dst[7]) 73 { 74 int i; 75 for (i = 0; i < 7; i++) 76 dst[6 - i] = src[i]; 77 } 78 79 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r) 80 { 81 struct blkcipher_desc desc; 82 struct scatterlist sg; 83 uint8_t tmp[16], data[16]; 84 int err; 85 86 if (tfm == NULL) { 87 BT_ERR("tfm %p", tfm); 88 return -EINVAL; 89 } 90 91 desc.tfm = tfm; 92 desc.flags = 0; 93 94 /* The most significant octet of key corresponds to k[0] */ 95 swap128(k, tmp); 96 97 err = crypto_blkcipher_setkey(tfm, tmp, 16); 98 if (err) { 99 BT_ERR("cipher setkey failed: %d", err); 100 return err; 101 } 102 103 /* Most significant octet of plaintextData corresponds to data[0] */ 104 swap128(r, data); 105 106 sg_init_one(&sg, data, 16); 107 108 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16); 109 if (err) 110 BT_ERR("Encrypt data error %d", err); 111 112 /* Most significant octet of encryptedData corresponds to data[0] */ 113 swap128(data, r); 114 115 return err; 116 } 117 118 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3]) 119 { 120 u8 _res[16]; 121 int err; 122 123 /* r' = padding || r */ 124 memcpy(_res, r, 3); 125 memset(_res + 3, 0, 13); 126 127 err = smp_e(tfm, irk, _res); 128 if (err) { 129 BT_ERR("Encrypt error"); 130 return err; 131 } 132 133 /* The output of the random address function ah is: 134 * ah(h, r) = e(k, r') mod 2^24 135 * The output of the security function e is then truncated to 24 bits 136 * by taking the least significant 24 bits of the output of e as the 137 * result of ah. 138 */ 139 memcpy(res, _res, 3); 140 141 return 0; 142 } 143 144 bool smp_irk_matches(struct crypto_blkcipher *tfm, u8 irk[16], 145 bdaddr_t *bdaddr) 146 { 147 u8 hash[3]; 148 int err; 149 150 BT_DBG("RPA %pMR IRK %*phN", bdaddr, 16, irk); 151 152 err = smp_ah(tfm, irk, &bdaddr->b[3], hash); 153 if (err) 154 return false; 155 156 return !memcmp(bdaddr->b, hash, 3); 157 } 158 159 int smp_generate_rpa(struct crypto_blkcipher *tfm, u8 irk[16], bdaddr_t *rpa) 160 { 161 int err; 162 163 get_random_bytes(&rpa->b[3], 3); 164 165 rpa->b[5] &= 0x3f; /* Clear two most significant bits */ 166 rpa->b[5] |= 0x40; /* Set second most significant bit */ 167 168 err = smp_ah(tfm, irk, &rpa->b[3], rpa->b); 169 if (err < 0) 170 return err; 171 172 BT_DBG("RPA %pMR", rpa); 173 174 return 0; 175 } 176 177 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16], 178 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia, 179 u8 _rat, bdaddr_t *ra, u8 res[16]) 180 { 181 u8 p1[16], p2[16]; 182 int err; 183 184 memset(p1, 0, 16); 185 186 /* p1 = pres || preq || _rat || _iat */ 187 p1[0] = _iat; 188 p1[1] = _rat; 189 memcpy(p1 + 2, preq, 7); 190 memcpy(p1 + 9, pres, 7); 191 192 /* p2 = padding || ia || ra */ 193 memcpy(p2, ra, 6); 194 memcpy(p2 + 6, ia, 6); 195 memset(p2 + 12, 0, 4); 196 197 /* res = r XOR p1 */ 198 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1); 199 200 /* res = e(k, res) */ 201 err = smp_e(tfm, k, res); 202 if (err) { 203 BT_ERR("Encrypt data error"); 204 return err; 205 } 206 207 /* res = res XOR p2 */ 208 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2); 209 210 /* res = e(k, res) */ 211 err = smp_e(tfm, k, res); 212 if (err) 213 BT_ERR("Encrypt data error"); 214 215 return err; 216 } 217 218 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16], u8 r1[16], 219 u8 r2[16], u8 _r[16]) 220 { 221 int err; 222 223 /* Just least significant octets from r1 and r2 are considered */ 224 memcpy(_r, r2, 8); 225 memcpy(_r + 8, r1, 8); 226 227 err = smp_e(tfm, k, _r); 228 if (err) 229 BT_ERR("Encrypt data error"); 230 231 return err; 232 } 233 234 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code, 235 u16 dlen, void *data) 236 { 237 struct sk_buff *skb; 238 struct l2cap_hdr *lh; 239 int len; 240 241 len = L2CAP_HDR_SIZE + sizeof(code) + dlen; 242 243 if (len > conn->mtu) 244 return NULL; 245 246 skb = bt_skb_alloc(len, GFP_ATOMIC); 247 if (!skb) 248 return NULL; 249 250 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE); 251 lh->len = cpu_to_le16(sizeof(code) + dlen); 252 lh->cid = cpu_to_le16(L2CAP_CID_SMP); 253 254 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code)); 255 256 memcpy(skb_put(skb, dlen), data, dlen); 257 258 return skb; 259 } 260 261 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data) 262 { 263 struct sk_buff *skb = smp_build_cmd(conn, code, len, data); 264 265 BT_DBG("code 0x%2.2x", code); 266 267 if (!skb) 268 return; 269 270 skb->priority = HCI_PRIO_MAX; 271 hci_send_acl(conn->hchan, skb, 0); 272 273 cancel_delayed_work_sync(&conn->security_timer); 274 schedule_delayed_work(&conn->security_timer, SMP_TIMEOUT); 275 } 276 277 static __u8 authreq_to_seclevel(__u8 authreq) 278 { 279 if (authreq & SMP_AUTH_MITM) 280 return BT_SECURITY_HIGH; 281 else 282 return BT_SECURITY_MEDIUM; 283 } 284 285 static __u8 seclevel_to_authreq(__u8 sec_level) 286 { 287 switch (sec_level) { 288 case BT_SECURITY_HIGH: 289 return SMP_AUTH_MITM | SMP_AUTH_BONDING; 290 case BT_SECURITY_MEDIUM: 291 return SMP_AUTH_BONDING; 292 default: 293 return SMP_AUTH_NONE; 294 } 295 } 296 297 static void build_pairing_cmd(struct l2cap_conn *conn, 298 struct smp_cmd_pairing *req, 299 struct smp_cmd_pairing *rsp, __u8 authreq) 300 { 301 struct smp_chan *smp = conn->smp_chan; 302 struct hci_conn *hcon = conn->hcon; 303 struct hci_dev *hdev = hcon->hdev; 304 u8 local_dist = 0, remote_dist = 0; 305 306 if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->dev_flags)) { 307 local_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN; 308 remote_dist = SMP_DIST_ENC_KEY | SMP_DIST_SIGN; 309 authreq |= SMP_AUTH_BONDING; 310 } else { 311 authreq &= ~SMP_AUTH_BONDING; 312 } 313 314 if (test_bit(HCI_RPA_RESOLVING, &hdev->dev_flags)) 315 remote_dist |= SMP_DIST_ID_KEY; 316 317 if (test_bit(HCI_PRIVACY, &hdev->dev_flags)) 318 local_dist |= SMP_DIST_ID_KEY; 319 320 if (rsp == NULL) { 321 req->io_capability = conn->hcon->io_capability; 322 req->oob_flag = SMP_OOB_NOT_PRESENT; 323 req->max_key_size = SMP_MAX_ENC_KEY_SIZE; 324 req->init_key_dist = local_dist; 325 req->resp_key_dist = remote_dist; 326 req->auth_req = (authreq & AUTH_REQ_MASK); 327 328 smp->remote_key_dist = remote_dist; 329 return; 330 } 331 332 rsp->io_capability = conn->hcon->io_capability; 333 rsp->oob_flag = SMP_OOB_NOT_PRESENT; 334 rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE; 335 rsp->init_key_dist = req->init_key_dist & remote_dist; 336 rsp->resp_key_dist = req->resp_key_dist & local_dist; 337 rsp->auth_req = (authreq & AUTH_REQ_MASK); 338 339 smp->remote_key_dist = rsp->init_key_dist; 340 } 341 342 static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size) 343 { 344 struct smp_chan *smp = conn->smp_chan; 345 346 if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) || 347 (max_key_size < SMP_MIN_ENC_KEY_SIZE)) 348 return SMP_ENC_KEY_SIZE; 349 350 smp->enc_key_size = max_key_size; 351 352 return 0; 353 } 354 355 static void smp_failure(struct l2cap_conn *conn, u8 reason) 356 { 357 struct hci_conn *hcon = conn->hcon; 358 359 if (reason) 360 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason), 361 &reason); 362 363 clear_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags); 364 mgmt_auth_failed(hcon->hdev, &hcon->dst, hcon->type, hcon->dst_type, 365 HCI_ERROR_AUTH_FAILURE); 366 367 cancel_delayed_work_sync(&conn->security_timer); 368 369 if (test_and_clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 370 smp_chan_destroy(conn); 371 } 372 373 #define JUST_WORKS 0x00 374 #define JUST_CFM 0x01 375 #define REQ_PASSKEY 0x02 376 #define CFM_PASSKEY 0x03 377 #define REQ_OOB 0x04 378 #define OVERLAP 0xFF 379 380 static const u8 gen_method[5][5] = { 381 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY }, 382 { JUST_WORKS, JUST_CFM, REQ_PASSKEY, JUST_WORKS, REQ_PASSKEY }, 383 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, CFM_PASSKEY }, 384 { JUST_WORKS, JUST_CFM, JUST_WORKS, JUST_WORKS, JUST_CFM }, 385 { CFM_PASSKEY, CFM_PASSKEY, REQ_PASSKEY, JUST_WORKS, OVERLAP }, 386 }; 387 388 static int tk_request(struct l2cap_conn *conn, u8 remote_oob, u8 auth, 389 u8 local_io, u8 remote_io) 390 { 391 struct hci_conn *hcon = conn->hcon; 392 struct smp_chan *smp = conn->smp_chan; 393 u8 method; 394 u32 passkey = 0; 395 int ret = 0; 396 397 /* Initialize key for JUST WORKS */ 398 memset(smp->tk, 0, sizeof(smp->tk)); 399 clear_bit(SMP_FLAG_TK_VALID, &smp->flags); 400 401 BT_DBG("tk_request: auth:%d lcl:%d rem:%d", auth, local_io, remote_io); 402 403 /* If neither side wants MITM, use JUST WORKS */ 404 /* If either side has unknown io_caps, use JUST WORKS */ 405 /* Otherwise, look up method from the table */ 406 if (!(auth & SMP_AUTH_MITM) || 407 local_io > SMP_IO_KEYBOARD_DISPLAY || 408 remote_io > SMP_IO_KEYBOARD_DISPLAY) 409 method = JUST_WORKS; 410 else 411 method = gen_method[remote_io][local_io]; 412 413 /* If not bonding, don't ask user to confirm a Zero TK */ 414 if (!(auth & SMP_AUTH_BONDING) && method == JUST_CFM) 415 method = JUST_WORKS; 416 417 /* Don't confirm locally initiated pairing attempts */ 418 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags)) 419 method = JUST_WORKS; 420 421 /* If Just Works, Continue with Zero TK */ 422 if (method == JUST_WORKS) { 423 set_bit(SMP_FLAG_TK_VALID, &smp->flags); 424 return 0; 425 } 426 427 /* Not Just Works/Confirm results in MITM Authentication */ 428 if (method != JUST_CFM) 429 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags); 430 431 /* If both devices have Keyoard-Display I/O, the master 432 * Confirms and the slave Enters the passkey. 433 */ 434 if (method == OVERLAP) { 435 if (hcon->link_mode & HCI_LM_MASTER) 436 method = CFM_PASSKEY; 437 else 438 method = REQ_PASSKEY; 439 } 440 441 /* Generate random passkey. */ 442 if (method == CFM_PASSKEY) { 443 memset(smp->tk, 0, sizeof(smp->tk)); 444 get_random_bytes(&passkey, sizeof(passkey)); 445 passkey %= 1000000; 446 put_unaligned_le32(passkey, smp->tk); 447 BT_DBG("PassKey: %d", passkey); 448 set_bit(SMP_FLAG_TK_VALID, &smp->flags); 449 } 450 451 hci_dev_lock(hcon->hdev); 452 453 if (method == REQ_PASSKEY) 454 ret = mgmt_user_passkey_request(hcon->hdev, &hcon->dst, 455 hcon->type, hcon->dst_type); 456 else if (method == JUST_CFM) 457 ret = mgmt_user_confirm_request(hcon->hdev, &hcon->dst, 458 hcon->type, hcon->dst_type, 459 passkey, 1); 460 else 461 ret = mgmt_user_passkey_notify(hcon->hdev, &hcon->dst, 462 hcon->type, hcon->dst_type, 463 passkey, 0); 464 465 hci_dev_unlock(hcon->hdev); 466 467 return ret; 468 } 469 470 static u8 smp_confirm(struct smp_chan *smp) 471 { 472 struct l2cap_conn *conn = smp->conn; 473 struct hci_dev *hdev = conn->hcon->hdev; 474 struct crypto_blkcipher *tfm = hdev->tfm_aes; 475 struct smp_cmd_pairing_confirm cp; 476 int ret; 477 478 BT_DBG("conn %p", conn); 479 480 /* Prevent mutual access to hdev->tfm_aes */ 481 hci_dev_lock(hdev); 482 483 ret = smp_c1(tfm, smp->tk, smp->prnd, smp->preq, smp->prsp, 484 conn->hcon->init_addr_type, &conn->hcon->init_addr, 485 conn->hcon->resp_addr_type, &conn->hcon->resp_addr, 486 cp.confirm_val); 487 488 hci_dev_unlock(hdev); 489 490 if (ret) 491 return SMP_UNSPECIFIED; 492 493 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags); 494 495 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp); 496 497 return 0; 498 } 499 500 static u8 smp_random(struct smp_chan *smp) 501 { 502 struct l2cap_conn *conn = smp->conn; 503 struct hci_conn *hcon = conn->hcon; 504 struct hci_dev *hdev = hcon->hdev; 505 struct crypto_blkcipher *tfm = hdev->tfm_aes; 506 u8 confirm[16]; 507 int ret; 508 509 if (IS_ERR_OR_NULL(tfm)) 510 return SMP_UNSPECIFIED; 511 512 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave"); 513 514 /* Prevent mutual access to hdev->tfm_aes */ 515 hci_dev_lock(hdev); 516 517 ret = smp_c1(tfm, smp->tk, smp->rrnd, smp->preq, smp->prsp, 518 hcon->init_addr_type, &hcon->init_addr, 519 hcon->resp_addr_type, &hcon->resp_addr, confirm); 520 521 hci_dev_unlock(hdev); 522 523 if (ret) 524 return SMP_UNSPECIFIED; 525 526 if (memcmp(smp->pcnf, confirm, sizeof(smp->pcnf)) != 0) { 527 BT_ERR("Pairing failed (confirmation values mismatch)"); 528 return SMP_CONFIRM_FAILED; 529 } 530 531 if (hcon->out) { 532 u8 stk[16]; 533 __le64 rand = 0; 534 __le16 ediv = 0; 535 536 smp_s1(tfm, smp->tk, smp->rrnd, smp->prnd, stk); 537 538 memset(stk + smp->enc_key_size, 0, 539 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); 540 541 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) 542 return SMP_UNSPECIFIED; 543 544 hci_le_start_enc(hcon, ediv, rand, stk); 545 hcon->enc_key_size = smp->enc_key_size; 546 } else { 547 u8 stk[16], auth; 548 __le64 rand = 0; 549 __le16 ediv = 0; 550 551 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd), 552 smp->prnd); 553 554 smp_s1(tfm, smp->tk, smp->prnd, smp->rrnd, stk); 555 556 memset(stk + smp->enc_key_size, 0, 557 SMP_MAX_ENC_KEY_SIZE - smp->enc_key_size); 558 559 if (hcon->pending_sec_level == BT_SECURITY_HIGH) 560 auth = 1; 561 else 562 auth = 0; 563 564 hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type, 565 HCI_SMP_STK_SLAVE, auth, stk, smp->enc_key_size, 566 ediv, rand); 567 } 568 569 return 0; 570 } 571 572 static struct smp_chan *smp_chan_create(struct l2cap_conn *conn) 573 { 574 struct smp_chan *smp; 575 576 smp = kzalloc(sizeof(*smp), GFP_ATOMIC); 577 if (!smp) 578 return NULL; 579 580 smp->conn = conn; 581 conn->smp_chan = smp; 582 conn->hcon->smp_conn = conn; 583 584 hci_conn_hold(conn->hcon); 585 586 return smp; 587 } 588 589 void smp_chan_destroy(struct l2cap_conn *conn) 590 { 591 struct smp_chan *smp = conn->smp_chan; 592 bool complete; 593 594 BUG_ON(!smp); 595 596 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags); 597 mgmt_smp_complete(conn->hcon, complete); 598 599 kfree(smp->csrk); 600 kfree(smp->slave_csrk); 601 602 /* If pairing failed clean up any keys we might have */ 603 if (!complete) { 604 if (smp->ltk) { 605 list_del(&smp->ltk->list); 606 kfree(smp->ltk); 607 } 608 609 if (smp->slave_ltk) { 610 list_del(&smp->slave_ltk->list); 611 kfree(smp->slave_ltk); 612 } 613 614 if (smp->remote_irk) { 615 list_del(&smp->remote_irk->list); 616 kfree(smp->remote_irk); 617 } 618 } 619 620 kfree(smp); 621 conn->smp_chan = NULL; 622 conn->hcon->smp_conn = NULL; 623 hci_conn_drop(conn->hcon); 624 } 625 626 int smp_user_confirm_reply(struct hci_conn *hcon, u16 mgmt_op, __le32 passkey) 627 { 628 struct l2cap_conn *conn = hcon->smp_conn; 629 struct smp_chan *smp; 630 u32 value; 631 632 BT_DBG(""); 633 634 if (!conn) 635 return -ENOTCONN; 636 637 smp = conn->smp_chan; 638 639 switch (mgmt_op) { 640 case MGMT_OP_USER_PASSKEY_REPLY: 641 value = le32_to_cpu(passkey); 642 memset(smp->tk, 0, sizeof(smp->tk)); 643 BT_DBG("PassKey: %d", value); 644 put_unaligned_le32(value, smp->tk); 645 /* Fall Through */ 646 case MGMT_OP_USER_CONFIRM_REPLY: 647 set_bit(SMP_FLAG_TK_VALID, &smp->flags); 648 break; 649 case MGMT_OP_USER_PASSKEY_NEG_REPLY: 650 case MGMT_OP_USER_CONFIRM_NEG_REPLY: 651 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); 652 return 0; 653 default: 654 smp_failure(conn, SMP_PASSKEY_ENTRY_FAILED); 655 return -EOPNOTSUPP; 656 } 657 658 /* If it is our turn to send Pairing Confirm, do so now */ 659 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) { 660 u8 rsp = smp_confirm(smp); 661 if (rsp) 662 smp_failure(conn, rsp); 663 } 664 665 return 0; 666 } 667 668 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb) 669 { 670 struct smp_cmd_pairing rsp, *req = (void *) skb->data; 671 struct smp_chan *smp; 672 u8 key_size, auth; 673 int ret; 674 675 BT_DBG("conn %p", conn); 676 677 if (skb->len < sizeof(*req)) 678 return SMP_INVALID_PARAMS; 679 680 if (conn->hcon->link_mode & HCI_LM_MASTER) 681 return SMP_CMD_NOTSUPP; 682 683 if (!test_and_set_bit(HCI_CONN_LE_SMP_PEND, &conn->hcon->flags)) 684 smp = smp_chan_create(conn); 685 else 686 smp = conn->smp_chan; 687 688 if (!smp) 689 return SMP_UNSPECIFIED; 690 691 smp->preq[0] = SMP_CMD_PAIRING_REQ; 692 memcpy(&smp->preq[1], req, sizeof(*req)); 693 skb_pull(skb, sizeof(*req)); 694 695 /* We didn't start the pairing, so match remote */ 696 auth = req->auth_req; 697 698 conn->hcon->pending_sec_level = authreq_to_seclevel(auth); 699 700 build_pairing_cmd(conn, req, &rsp, auth); 701 702 key_size = min(req->max_key_size, rsp.max_key_size); 703 if (check_enc_key_size(conn, key_size)) 704 return SMP_ENC_KEY_SIZE; 705 706 get_random_bytes(smp->prnd, sizeof(smp->prnd)); 707 708 smp->prsp[0] = SMP_CMD_PAIRING_RSP; 709 memcpy(&smp->prsp[1], &rsp, sizeof(rsp)); 710 711 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp); 712 713 /* Request setup of TK */ 714 ret = tk_request(conn, 0, auth, rsp.io_capability, req->io_capability); 715 if (ret) 716 return SMP_UNSPECIFIED; 717 718 clear_bit(SMP_FLAG_INITIATOR, &smp->flags); 719 720 return 0; 721 } 722 723 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb) 724 { 725 struct smp_cmd_pairing *req, *rsp = (void *) skb->data; 726 struct smp_chan *smp = conn->smp_chan; 727 u8 key_size, auth = SMP_AUTH_NONE; 728 int ret; 729 730 BT_DBG("conn %p", conn); 731 732 if (skb->len < sizeof(*rsp)) 733 return SMP_INVALID_PARAMS; 734 735 if (!(conn->hcon->link_mode & HCI_LM_MASTER)) 736 return SMP_CMD_NOTSUPP; 737 738 skb_pull(skb, sizeof(*rsp)); 739 740 req = (void *) &smp->preq[1]; 741 742 key_size = min(req->max_key_size, rsp->max_key_size); 743 if (check_enc_key_size(conn, key_size)) 744 return SMP_ENC_KEY_SIZE; 745 746 get_random_bytes(smp->prnd, sizeof(smp->prnd)); 747 748 smp->prsp[0] = SMP_CMD_PAIRING_RSP; 749 memcpy(&smp->prsp[1], rsp, sizeof(*rsp)); 750 751 /* Update remote key distribution in case the remote cleared 752 * some bits that we had enabled in our request. 753 */ 754 smp->remote_key_dist &= rsp->resp_key_dist; 755 756 if ((req->auth_req & SMP_AUTH_BONDING) && 757 (rsp->auth_req & SMP_AUTH_BONDING)) 758 auth = SMP_AUTH_BONDING; 759 760 auth |= (req->auth_req | rsp->auth_req) & SMP_AUTH_MITM; 761 762 ret = tk_request(conn, 0, auth, req->io_capability, rsp->io_capability); 763 if (ret) 764 return SMP_UNSPECIFIED; 765 766 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags); 767 768 /* Can't compose response until we have been confirmed */ 769 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags)) 770 return smp_confirm(smp); 771 772 return 0; 773 } 774 775 static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb) 776 { 777 struct smp_chan *smp = conn->smp_chan; 778 779 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave"); 780 781 if (skb->len < sizeof(smp->pcnf)) 782 return SMP_INVALID_PARAMS; 783 784 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf)); 785 skb_pull(skb, sizeof(smp->pcnf)); 786 787 if (conn->hcon->out) 788 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd), 789 smp->prnd); 790 else if (test_bit(SMP_FLAG_TK_VALID, &smp->flags)) 791 return smp_confirm(smp); 792 else 793 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags); 794 795 return 0; 796 } 797 798 static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb) 799 { 800 struct smp_chan *smp = conn->smp_chan; 801 802 BT_DBG("conn %p", conn); 803 804 if (skb->len < sizeof(smp->rrnd)) 805 return SMP_INVALID_PARAMS; 806 807 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd)); 808 skb_pull(skb, sizeof(smp->rrnd)); 809 810 return smp_random(smp); 811 } 812 813 static u8 smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level) 814 { 815 struct smp_ltk *key; 816 struct hci_conn *hcon = conn->hcon; 817 818 key = hci_find_ltk_by_addr(hcon->hdev, &hcon->dst, hcon->dst_type, 819 hcon->out); 820 if (!key) 821 return 0; 822 823 if (sec_level > BT_SECURITY_MEDIUM && !key->authenticated) 824 return 0; 825 826 if (test_and_set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->flags)) 827 return 1; 828 829 hci_le_start_enc(hcon, key->ediv, key->rand, key->val); 830 hcon->enc_key_size = key->enc_size; 831 832 return 1; 833 } 834 835 static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb) 836 { 837 struct smp_cmd_security_req *rp = (void *) skb->data; 838 struct smp_cmd_pairing cp; 839 struct hci_conn *hcon = conn->hcon; 840 struct smp_chan *smp; 841 842 BT_DBG("conn %p", conn); 843 844 if (skb->len < sizeof(*rp)) 845 return SMP_INVALID_PARAMS; 846 847 if (!(conn->hcon->link_mode & HCI_LM_MASTER)) 848 return SMP_CMD_NOTSUPP; 849 850 hcon->pending_sec_level = authreq_to_seclevel(rp->auth_req); 851 852 if (smp_ltk_encrypt(conn, hcon->pending_sec_level)) 853 return 0; 854 855 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 856 return 0; 857 858 smp = smp_chan_create(conn); 859 860 skb_pull(skb, sizeof(*rp)); 861 862 memset(&cp, 0, sizeof(cp)); 863 build_pairing_cmd(conn, &cp, NULL, rp->auth_req); 864 865 smp->preq[0] = SMP_CMD_PAIRING_REQ; 866 memcpy(&smp->preq[1], &cp, sizeof(cp)); 867 868 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp); 869 870 clear_bit(SMP_FLAG_INITIATOR, &smp->flags); 871 872 return 0; 873 } 874 875 bool smp_sufficient_security(struct hci_conn *hcon, u8 sec_level) 876 { 877 if (sec_level == BT_SECURITY_LOW) 878 return true; 879 880 if (hcon->sec_level >= sec_level) 881 return true; 882 883 return false; 884 } 885 886 int smp_conn_security(struct hci_conn *hcon, __u8 sec_level) 887 { 888 struct l2cap_conn *conn = hcon->l2cap_data; 889 struct smp_chan *smp; 890 __u8 authreq; 891 892 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level); 893 894 /* This may be NULL if there's an unexpected disconnection */ 895 if (!conn) 896 return 1; 897 898 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) 899 return 1; 900 901 if (smp_sufficient_security(hcon, sec_level)) 902 return 1; 903 904 if (hcon->link_mode & HCI_LM_MASTER) 905 if (smp_ltk_encrypt(conn, sec_level)) 906 goto done; 907 908 if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 909 return 0; 910 911 smp = smp_chan_create(conn); 912 if (!smp) 913 return 1; 914 915 authreq = seclevel_to_authreq(sec_level); 916 917 /* Require MITM if IO Capability allows or the security level 918 * requires it. 919 */ 920 if (hcon->io_capability != HCI_IO_NO_INPUT_OUTPUT || 921 sec_level > BT_SECURITY_MEDIUM) 922 authreq |= SMP_AUTH_MITM; 923 924 if (hcon->link_mode & HCI_LM_MASTER) { 925 struct smp_cmd_pairing cp; 926 927 build_pairing_cmd(conn, &cp, NULL, authreq); 928 smp->preq[0] = SMP_CMD_PAIRING_REQ; 929 memcpy(&smp->preq[1], &cp, sizeof(cp)); 930 931 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp); 932 } else { 933 struct smp_cmd_security_req cp; 934 cp.auth_req = authreq; 935 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp); 936 } 937 938 set_bit(SMP_FLAG_INITIATOR, &smp->flags); 939 940 done: 941 hcon->pending_sec_level = sec_level; 942 943 return 0; 944 } 945 946 static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb) 947 { 948 struct smp_cmd_encrypt_info *rp = (void *) skb->data; 949 struct smp_chan *smp = conn->smp_chan; 950 951 BT_DBG("conn %p", conn); 952 953 if (skb->len < sizeof(*rp)) 954 return SMP_INVALID_PARAMS; 955 956 /* Ignore this PDU if it wasn't requested */ 957 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY)) 958 return 0; 959 960 skb_pull(skb, sizeof(*rp)); 961 962 memcpy(smp->tk, rp->ltk, sizeof(smp->tk)); 963 964 return 0; 965 } 966 967 static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb) 968 { 969 struct smp_cmd_master_ident *rp = (void *) skb->data; 970 struct smp_chan *smp = conn->smp_chan; 971 struct hci_dev *hdev = conn->hcon->hdev; 972 struct hci_conn *hcon = conn->hcon; 973 struct smp_ltk *ltk; 974 u8 authenticated; 975 976 BT_DBG("conn %p", conn); 977 978 if (skb->len < sizeof(*rp)) 979 return SMP_INVALID_PARAMS; 980 981 /* Ignore this PDU if it wasn't requested */ 982 if (!(smp->remote_key_dist & SMP_DIST_ENC_KEY)) 983 return 0; 984 985 /* Mark the information as received */ 986 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY; 987 988 skb_pull(skb, sizeof(*rp)); 989 990 hci_dev_lock(hdev); 991 authenticated = (hcon->sec_level == BT_SECURITY_HIGH); 992 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, HCI_SMP_LTK, 993 authenticated, smp->tk, smp->enc_key_size, 994 rp->ediv, rp->rand); 995 smp->ltk = ltk; 996 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY)) 997 smp_distribute_keys(conn); 998 hci_dev_unlock(hdev); 999 1000 return 0; 1001 } 1002 1003 static int smp_cmd_ident_info(struct l2cap_conn *conn, struct sk_buff *skb) 1004 { 1005 struct smp_cmd_ident_info *info = (void *) skb->data; 1006 struct smp_chan *smp = conn->smp_chan; 1007 1008 BT_DBG(""); 1009 1010 if (skb->len < sizeof(*info)) 1011 return SMP_INVALID_PARAMS; 1012 1013 /* Ignore this PDU if it wasn't requested */ 1014 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY)) 1015 return 0; 1016 1017 skb_pull(skb, sizeof(*info)); 1018 1019 memcpy(smp->irk, info->irk, 16); 1020 1021 return 0; 1022 } 1023 1024 static int smp_cmd_ident_addr_info(struct l2cap_conn *conn, 1025 struct sk_buff *skb) 1026 { 1027 struct smp_cmd_ident_addr_info *info = (void *) skb->data; 1028 struct smp_chan *smp = conn->smp_chan; 1029 struct hci_conn *hcon = conn->hcon; 1030 bdaddr_t rpa; 1031 1032 BT_DBG(""); 1033 1034 if (skb->len < sizeof(*info)) 1035 return SMP_INVALID_PARAMS; 1036 1037 /* Ignore this PDU if it wasn't requested */ 1038 if (!(smp->remote_key_dist & SMP_DIST_ID_KEY)) 1039 return 0; 1040 1041 /* Mark the information as received */ 1042 smp->remote_key_dist &= ~SMP_DIST_ID_KEY; 1043 1044 skb_pull(skb, sizeof(*info)); 1045 1046 /* Strictly speaking the Core Specification (4.1) allows sending 1047 * an empty address which would force us to rely on just the IRK 1048 * as "identity information". However, since such 1049 * implementations are not known of and in order to not over 1050 * complicate our implementation, simply pretend that we never 1051 * received an IRK for such a device. 1052 */ 1053 if (!bacmp(&info->bdaddr, BDADDR_ANY)) { 1054 BT_ERR("Ignoring IRK with no identity address"); 1055 smp_distribute_keys(conn); 1056 return 0; 1057 } 1058 1059 bacpy(&smp->id_addr, &info->bdaddr); 1060 smp->id_addr_type = info->addr_type; 1061 1062 if (hci_bdaddr_is_rpa(&hcon->dst, hcon->dst_type)) 1063 bacpy(&rpa, &hcon->dst); 1064 else 1065 bacpy(&rpa, BDADDR_ANY); 1066 1067 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr, 1068 smp->id_addr_type, smp->irk, &rpa); 1069 1070 smp_distribute_keys(conn); 1071 1072 return 0; 1073 } 1074 1075 static int smp_cmd_sign_info(struct l2cap_conn *conn, struct sk_buff *skb) 1076 { 1077 struct smp_cmd_sign_info *rp = (void *) skb->data; 1078 struct smp_chan *smp = conn->smp_chan; 1079 struct hci_dev *hdev = conn->hcon->hdev; 1080 struct smp_csrk *csrk; 1081 1082 BT_DBG("conn %p", conn); 1083 1084 if (skb->len < sizeof(*rp)) 1085 return SMP_INVALID_PARAMS; 1086 1087 /* Ignore this PDU if it wasn't requested */ 1088 if (!(smp->remote_key_dist & SMP_DIST_SIGN)) 1089 return 0; 1090 1091 /* Mark the information as received */ 1092 smp->remote_key_dist &= ~SMP_DIST_SIGN; 1093 1094 skb_pull(skb, sizeof(*rp)); 1095 1096 hci_dev_lock(hdev); 1097 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL); 1098 if (csrk) { 1099 csrk->master = 0x01; 1100 memcpy(csrk->val, rp->csrk, sizeof(csrk->val)); 1101 } 1102 smp->csrk = csrk; 1103 if (!(smp->remote_key_dist & SMP_DIST_SIGN)) 1104 smp_distribute_keys(conn); 1105 hci_dev_unlock(hdev); 1106 1107 return 0; 1108 } 1109 1110 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb) 1111 { 1112 struct hci_conn *hcon = conn->hcon; 1113 __u8 code, reason; 1114 int err = 0; 1115 1116 if (hcon->type != LE_LINK) { 1117 kfree_skb(skb); 1118 return 0; 1119 } 1120 1121 if (skb->len < 1) { 1122 kfree_skb(skb); 1123 return -EILSEQ; 1124 } 1125 1126 if (!test_bit(HCI_LE_ENABLED, &hcon->hdev->dev_flags)) { 1127 err = -ENOTSUPP; 1128 reason = SMP_PAIRING_NOTSUPP; 1129 goto done; 1130 } 1131 1132 code = skb->data[0]; 1133 skb_pull(skb, sizeof(code)); 1134 1135 /* 1136 * The SMP context must be initialized for all other PDUs except 1137 * pairing and security requests. If we get any other PDU when 1138 * not initialized simply disconnect (done if this function 1139 * returns an error). 1140 */ 1141 if (code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ && 1142 !conn->smp_chan) { 1143 BT_ERR("Unexpected SMP command 0x%02x. Disconnecting.", code); 1144 kfree_skb(skb); 1145 return -ENOTSUPP; 1146 } 1147 1148 switch (code) { 1149 case SMP_CMD_PAIRING_REQ: 1150 reason = smp_cmd_pairing_req(conn, skb); 1151 break; 1152 1153 case SMP_CMD_PAIRING_FAIL: 1154 smp_failure(conn, 0); 1155 reason = 0; 1156 err = -EPERM; 1157 break; 1158 1159 case SMP_CMD_PAIRING_RSP: 1160 reason = smp_cmd_pairing_rsp(conn, skb); 1161 break; 1162 1163 case SMP_CMD_SECURITY_REQ: 1164 reason = smp_cmd_security_req(conn, skb); 1165 break; 1166 1167 case SMP_CMD_PAIRING_CONFIRM: 1168 reason = smp_cmd_pairing_confirm(conn, skb); 1169 break; 1170 1171 case SMP_CMD_PAIRING_RANDOM: 1172 reason = smp_cmd_pairing_random(conn, skb); 1173 break; 1174 1175 case SMP_CMD_ENCRYPT_INFO: 1176 reason = smp_cmd_encrypt_info(conn, skb); 1177 break; 1178 1179 case SMP_CMD_MASTER_IDENT: 1180 reason = smp_cmd_master_ident(conn, skb); 1181 break; 1182 1183 case SMP_CMD_IDENT_INFO: 1184 reason = smp_cmd_ident_info(conn, skb); 1185 break; 1186 1187 case SMP_CMD_IDENT_ADDR_INFO: 1188 reason = smp_cmd_ident_addr_info(conn, skb); 1189 break; 1190 1191 case SMP_CMD_SIGN_INFO: 1192 reason = smp_cmd_sign_info(conn, skb); 1193 break; 1194 1195 default: 1196 BT_DBG("Unknown command code 0x%2.2x", code); 1197 1198 reason = SMP_CMD_NOTSUPP; 1199 err = -EOPNOTSUPP; 1200 goto done; 1201 } 1202 1203 done: 1204 if (reason) 1205 smp_failure(conn, reason); 1206 1207 kfree_skb(skb); 1208 return err; 1209 } 1210 1211 static void smp_notify_keys(struct l2cap_conn *conn) 1212 { 1213 struct smp_chan *smp = conn->smp_chan; 1214 struct hci_conn *hcon = conn->hcon; 1215 struct hci_dev *hdev = hcon->hdev; 1216 struct smp_cmd_pairing *req = (void *) &smp->preq[1]; 1217 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1]; 1218 bool persistent; 1219 1220 if (smp->remote_irk) { 1221 mgmt_new_irk(hdev, smp->remote_irk); 1222 /* Now that user space can be considered to know the 1223 * identity address track the connection based on it 1224 * from now on. 1225 */ 1226 bacpy(&hcon->dst, &smp->remote_irk->bdaddr); 1227 hcon->dst_type = smp->remote_irk->addr_type; 1228 l2cap_conn_update_id_addr(hcon); 1229 } 1230 1231 /* The LTKs and CSRKs should be persistent only if both sides 1232 * had the bonding bit set in their authentication requests. 1233 */ 1234 persistent = !!((req->auth_req & rsp->auth_req) & SMP_AUTH_BONDING); 1235 1236 if (smp->csrk) { 1237 smp->csrk->bdaddr_type = hcon->dst_type; 1238 bacpy(&smp->csrk->bdaddr, &hcon->dst); 1239 mgmt_new_csrk(hdev, smp->csrk, persistent); 1240 } 1241 1242 if (smp->slave_csrk) { 1243 smp->slave_csrk->bdaddr_type = hcon->dst_type; 1244 bacpy(&smp->slave_csrk->bdaddr, &hcon->dst); 1245 mgmt_new_csrk(hdev, smp->slave_csrk, persistent); 1246 } 1247 1248 if (smp->ltk) { 1249 smp->ltk->bdaddr_type = hcon->dst_type; 1250 bacpy(&smp->ltk->bdaddr, &hcon->dst); 1251 mgmt_new_ltk(hdev, smp->ltk, persistent); 1252 } 1253 1254 if (smp->slave_ltk) { 1255 smp->slave_ltk->bdaddr_type = hcon->dst_type; 1256 bacpy(&smp->slave_ltk->bdaddr, &hcon->dst); 1257 mgmt_new_ltk(hdev, smp->slave_ltk, persistent); 1258 } 1259 } 1260 1261 int smp_distribute_keys(struct l2cap_conn *conn) 1262 { 1263 struct smp_cmd_pairing *req, *rsp; 1264 struct smp_chan *smp = conn->smp_chan; 1265 struct hci_conn *hcon = conn->hcon; 1266 struct hci_dev *hdev = hcon->hdev; 1267 __u8 *keydist; 1268 1269 BT_DBG("conn %p", conn); 1270 1271 if (!test_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags)) 1272 return 0; 1273 1274 rsp = (void *) &smp->prsp[1]; 1275 1276 /* The responder sends its keys first */ 1277 if (hcon->out && (smp->remote_key_dist & 0x07)) 1278 return 0; 1279 1280 req = (void *) &smp->preq[1]; 1281 1282 if (hcon->out) { 1283 keydist = &rsp->init_key_dist; 1284 *keydist &= req->init_key_dist; 1285 } else { 1286 keydist = &rsp->resp_key_dist; 1287 *keydist &= req->resp_key_dist; 1288 } 1289 1290 BT_DBG("keydist 0x%x", *keydist); 1291 1292 if (*keydist & SMP_DIST_ENC_KEY) { 1293 struct smp_cmd_encrypt_info enc; 1294 struct smp_cmd_master_ident ident; 1295 struct smp_ltk *ltk; 1296 u8 authenticated; 1297 __le16 ediv; 1298 __le64 rand; 1299 1300 get_random_bytes(enc.ltk, sizeof(enc.ltk)); 1301 get_random_bytes(&ediv, sizeof(ediv)); 1302 get_random_bytes(&rand, sizeof(rand)); 1303 1304 smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc); 1305 1306 authenticated = hcon->sec_level == BT_SECURITY_HIGH; 1307 ltk = hci_add_ltk(hdev, &hcon->dst, hcon->dst_type, 1308 HCI_SMP_LTK_SLAVE, authenticated, enc.ltk, 1309 smp->enc_key_size, ediv, rand); 1310 smp->slave_ltk = ltk; 1311 1312 ident.ediv = ediv; 1313 ident.rand = rand; 1314 1315 smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident); 1316 1317 *keydist &= ~SMP_DIST_ENC_KEY; 1318 } 1319 1320 if (*keydist & SMP_DIST_ID_KEY) { 1321 struct smp_cmd_ident_addr_info addrinfo; 1322 struct smp_cmd_ident_info idinfo; 1323 1324 memcpy(idinfo.irk, hdev->irk, sizeof(idinfo.irk)); 1325 1326 smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo); 1327 1328 /* The hci_conn contains the local identity address 1329 * after the connection has been established. 1330 * 1331 * This is true even when the connection has been 1332 * established using a resolvable random address. 1333 */ 1334 bacpy(&addrinfo.bdaddr, &hcon->src); 1335 addrinfo.addr_type = hcon->src_type; 1336 1337 smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo), 1338 &addrinfo); 1339 1340 *keydist &= ~SMP_DIST_ID_KEY; 1341 } 1342 1343 if (*keydist & SMP_DIST_SIGN) { 1344 struct smp_cmd_sign_info sign; 1345 struct smp_csrk *csrk; 1346 1347 /* Generate a new random key */ 1348 get_random_bytes(sign.csrk, sizeof(sign.csrk)); 1349 1350 csrk = kzalloc(sizeof(*csrk), GFP_KERNEL); 1351 if (csrk) { 1352 csrk->master = 0x00; 1353 memcpy(csrk->val, sign.csrk, sizeof(csrk->val)); 1354 } 1355 smp->slave_csrk = csrk; 1356 1357 smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign); 1358 1359 *keydist &= ~SMP_DIST_SIGN; 1360 } 1361 1362 /* If there are still keys to be received wait for them */ 1363 if ((smp->remote_key_dist & 0x07)) 1364 return 0; 1365 1366 clear_bit(HCI_CONN_LE_SMP_PEND, &hcon->flags); 1367 cancel_delayed_work_sync(&conn->security_timer); 1368 set_bit(SMP_FLAG_COMPLETE, &smp->flags); 1369 smp_notify_keys(conn); 1370 1371 smp_chan_destroy(conn); 1372 1373 return 0; 1374 } 1375