]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - net/bluetooth/smp.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Bluetooth: Add support for resuming socket when SMP is finished
[mirror_ubuntu-bionic-kernel.git] / net / bluetooth / smp.c
1 /*
2 BlueZ - Bluetooth protocol stack for Linux
3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License version 2 as
7 published by the Free Software Foundation;
8
9 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
10 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
11 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
12 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
13 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
14 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
15 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
16 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
17
18 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
19 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
20 SOFTWARE IS DISCLAIMED.
21 */
22
23 #include <net/bluetooth/bluetooth.h>
24 #include <net/bluetooth/hci_core.h>
25 #include <net/bluetooth/l2cap.h>
26 #include <net/bluetooth/smp.h>
27 #include <linux/crypto.h>
28 #include <crypto/b128ops.h>
29
30 static inline void swap128(u8 src[16], u8 dst[16])
31 {
32 int i;
33 for (i = 0; i < 16; i++)
34 dst[15 - i] = src[i];
35 }
36
37 static inline void swap56(u8 src[7], u8 dst[7])
38 {
39 int i;
40 for (i = 0; i < 7; i++)
41 dst[6 - i] = src[i];
42 }
43
44 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
45 {
46 struct blkcipher_desc desc;
47 struct scatterlist sg;
48 int err, iv_len;
49 unsigned char iv[128];
50
51 if (tfm == NULL) {
52 BT_ERR("tfm %p", tfm);
53 return -EINVAL;
54 }
55
56 desc.tfm = tfm;
57 desc.flags = 0;
58
59 err = crypto_blkcipher_setkey(tfm, k, 16);
60 if (err) {
61 BT_ERR("cipher setkey failed: %d", err);
62 return err;
63 }
64
65 sg_init_one(&sg, r, 16);
66
67 iv_len = crypto_blkcipher_ivsize(tfm);
68 if (iv_len) {
69 memset(&iv, 0xff, iv_len);
70 crypto_blkcipher_set_iv(tfm, iv, iv_len);
71 }
72
73 err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
74 if (err)
75 BT_ERR("Encrypt data error %d", err);
76
77 return err;
78 }
79
80 static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
81 u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
82 u8 _rat, bdaddr_t *ra, u8 res[16])
83 {
84 u8 p1[16], p2[16];
85 int err;
86
87 memset(p1, 0, 16);
88
89 /* p1 = pres || preq || _rat || _iat */
90 swap56(pres, p1);
91 swap56(preq, p1 + 7);
92 p1[14] = _rat;
93 p1[15] = _iat;
94
95 memset(p2, 0, 16);
96
97 /* p2 = padding || ia || ra */
98 baswap((bdaddr_t *) (p2 + 4), ia);
99 baswap((bdaddr_t *) (p2 + 10), ra);
100
101 /* res = r XOR p1 */
102 u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
103
104 /* res = e(k, res) */
105 err = smp_e(tfm, k, res);
106 if (err) {
107 BT_ERR("Encrypt data error");
108 return err;
109 }
110
111 /* res = res XOR p2 */
112 u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
113
114 /* res = e(k, res) */
115 err = smp_e(tfm, k, res);
116 if (err)
117 BT_ERR("Encrypt data error");
118
119 return err;
120 }
121
122 static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
123 u8 r1[16], u8 r2[16], u8 _r[16])
124 {
125 int err;
126
127 /* Just least significant octets from r1 and r2 are considered */
128 memcpy(_r, r1 + 8, 8);
129 memcpy(_r + 8, r2 + 8, 8);
130
131 err = smp_e(tfm, k, _r);
132 if (err)
133 BT_ERR("Encrypt data error");
134
135 return err;
136 }
137
138 static int smp_rand(u8 *buf)
139 {
140 get_random_bytes(buf, 16);
141
142 return 0;
143 }
144
145 static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
146 u16 dlen, void *data)
147 {
148 struct sk_buff *skb;
149 struct l2cap_hdr *lh;
150 int len;
151
152 len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
153
154 if (len > conn->mtu)
155 return NULL;
156
157 skb = bt_skb_alloc(len, GFP_ATOMIC);
158 if (!skb)
159 return NULL;
160
161 lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
162 lh->len = cpu_to_le16(sizeof(code) + dlen);
163 lh->cid = cpu_to_le16(L2CAP_CID_SMP);
164
165 memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
166
167 memcpy(skb_put(skb, dlen), data, dlen);
168
169 return skb;
170 }
171
172 static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
173 {
174 struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
175
176 BT_DBG("code 0x%2.2x", code);
177
178 if (!skb)
179 return;
180
181 hci_send_acl(conn->hcon, skb, 0);
182 }
183
184 static void smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
185 {
186 struct smp_cmd_pairing *rp = (void *) skb->data;
187
188 BT_DBG("conn %p", conn);
189
190 conn->preq[0] = SMP_CMD_PAIRING_REQ;
191 memcpy(&conn->preq[1], rp, sizeof(*rp));
192 skb_pull(skb, sizeof(*rp));
193
194 rp->io_capability = 0x00;
195 rp->oob_flag = 0x00;
196 rp->max_key_size = 16;
197 rp->init_key_dist = 0x00;
198 rp->resp_key_dist = 0x00;
199 rp->auth_req &= (SMP_AUTH_BONDING | SMP_AUTH_MITM);
200
201 /* Just works */
202 memset(conn->tk, 0, sizeof(conn->tk));
203
204 conn->prsp[0] = SMP_CMD_PAIRING_RSP;
205 memcpy(&conn->prsp[1], rp, sizeof(*rp));
206
207 smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(*rp), rp);
208 }
209
210 static void smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
211 {
212 struct smp_cmd_pairing *rp = (void *) skb->data;
213 struct smp_cmd_pairing_confirm cp;
214 struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
215 int ret;
216 u8 res[16];
217
218 BT_DBG("conn %p", conn);
219
220 /* Just works */
221 memset(conn->tk, 0, sizeof(conn->tk));
222
223 conn->prsp[0] = SMP_CMD_PAIRING_RSP;
224 memcpy(&conn->prsp[1], rp, sizeof(*rp));
225 skb_pull(skb, sizeof(*rp));
226
227 ret = smp_rand(conn->prnd);
228 if (ret)
229 return;
230
231 ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
232 conn->src, conn->hcon->dst_type, conn->dst, res);
233 if (ret)
234 return;
235
236 swap128(res, cp.confirm_val);
237
238 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
239 }
240
241 static void smp_cmd_pairing_confirm(struct l2cap_conn *conn,
242 struct sk_buff *skb)
243 {
244 struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
245
246 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
247
248 memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
249 skb_pull(skb, sizeof(conn->pcnf));
250
251 if (conn->hcon->out) {
252 u8 random[16];
253
254 swap128(conn->prnd, random);
255 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
256 random);
257 } else {
258 struct smp_cmd_pairing_confirm cp;
259 int ret;
260 u8 res[16];
261
262 ret = smp_rand(conn->prnd);
263 if (ret)
264 return;
265
266 ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
267 conn->hcon->dst_type, conn->dst,
268 0, conn->src, res);
269 if (ret)
270 return;
271
272 swap128(res, cp.confirm_val);
273
274 smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
275 }
276 }
277
278 static void smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
279 {
280 struct hci_conn *hcon = conn->hcon;
281 struct crypto_blkcipher *tfm = hcon->hdev->tfm;
282 int ret;
283 u8 key[16], res[16], random[16], confirm[16];
284
285 swap128(skb->data, random);
286 skb_pull(skb, sizeof(random));
287
288 memset(hcon->ltk, 0, sizeof(hcon->ltk));
289
290 if (conn->hcon->out)
291 ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
292 conn->src, conn->hcon->dst_type, conn->dst,
293 res);
294 else
295 ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
296 conn->hcon->dst_type, conn->dst, 0, conn->src,
297 res);
298 if (ret)
299 return;
300
301 BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
302
303 swap128(res, confirm);
304
305 if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
306 struct smp_cmd_pairing_fail cp;
307
308 BT_ERR("Pairing failed (confirmation values mismatch)");
309 cp.reason = SMP_CONFIRM_FAILED;
310 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(cp), &cp);
311 return;
312 }
313
314 if (conn->hcon->out) {
315 __le16 ediv;
316 u8 rand[8];
317
318 smp_s1(tfm, conn->tk, random, conn->prnd, key);
319 swap128(key, hcon->ltk);
320
321 memset(rand, 0, sizeof(rand));
322 ediv = 0;
323 hci_le_start_enc(hcon, ediv, rand, hcon->ltk);
324 } else {
325 u8 r[16];
326
327 swap128(conn->prnd, r);
328 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
329
330 smp_s1(tfm, conn->tk, conn->prnd, random, key);
331 swap128(key, hcon->ltk);
332 }
333 }
334
335 static void smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
336 {
337 struct smp_cmd_security_req *rp = (void *) skb->data;
338 struct smp_cmd_pairing cp;
339 struct hci_conn *hcon = conn->hcon;
340
341 BT_DBG("conn %p", conn);
342
343 if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
344 return;
345
346 skb_pull(skb, sizeof(*rp));
347 memset(&cp, 0, sizeof(cp));
348
349 cp.io_capability = 0x00;
350 cp.oob_flag = 0x00;
351 cp.max_key_size = 16;
352 cp.init_key_dist = 0x00;
353 cp.resp_key_dist = 0x00;
354 cp.auth_req = rp->auth_req & (SMP_AUTH_BONDING | SMP_AUTH_MITM);
355
356 conn->preq[0] = SMP_CMD_PAIRING_REQ;
357 memcpy(&conn->preq[1], &cp, sizeof(cp));
358
359 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
360
361 set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
362 }
363
364 static __u8 seclevel_to_authreq(__u8 level)
365 {
366 switch (level) {
367 case BT_SECURITY_HIGH:
368 /* For now we don't support bonding */
369 return SMP_AUTH_MITM;
370
371 default:
372 return SMP_AUTH_NONE;
373 }
374 }
375
376 int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
377 {
378 struct hci_conn *hcon = conn->hcon;
379 __u8 authreq;
380
381 BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
382
383 if (IS_ERR(hcon->hdev->tfm))
384 return 1;
385
386 if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
387 return 0;
388
389 if (sec_level == BT_SECURITY_LOW)
390 return 1;
391
392 if (hcon->sec_level >= sec_level)
393 return 1;
394
395 authreq = seclevel_to_authreq(sec_level);
396
397 if (hcon->link_mode & HCI_LM_MASTER) {
398 struct smp_cmd_pairing cp;
399 cp.io_capability = 0x00;
400 cp.oob_flag = 0x00;
401 cp.max_key_size = 16;
402 cp.init_key_dist = 0x00;
403 cp.resp_key_dist = 0x00;
404 cp.auth_req = authreq;
405
406 conn->preq[0] = SMP_CMD_PAIRING_REQ;
407 memcpy(&conn->preq[1], &cp, sizeof(cp));
408
409 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
410 } else {
411 struct smp_cmd_security_req cp;
412 cp.auth_req = authreq;
413 smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
414 }
415
416 hcon->pending_sec_level = sec_level;
417 set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
418
419 return 0;
420 }
421
422 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
423 {
424 __u8 code = skb->data[0];
425 __u8 reason;
426 int err = 0;
427
428 if (IS_ERR(conn->hcon->hdev->tfm)) {
429 err = PTR_ERR(conn->hcon->hdev->tfm);
430 reason = SMP_PAIRING_NOTSUPP;
431 goto done;
432 }
433
434 skb_pull(skb, sizeof(code));
435
436 switch (code) {
437 case SMP_CMD_PAIRING_REQ:
438 smp_cmd_pairing_req(conn, skb);
439 break;
440
441 case SMP_CMD_PAIRING_FAIL:
442 break;
443
444 case SMP_CMD_PAIRING_RSP:
445 smp_cmd_pairing_rsp(conn, skb);
446 break;
447
448 case SMP_CMD_SECURITY_REQ:
449 smp_cmd_security_req(conn, skb);
450 break;
451
452 case SMP_CMD_PAIRING_CONFIRM:
453 smp_cmd_pairing_confirm(conn, skb);
454 break;
455
456 case SMP_CMD_PAIRING_RANDOM:
457 smp_cmd_pairing_random(conn, skb);
458 break;
459
460 case SMP_CMD_ENCRYPT_INFO:
461 case SMP_CMD_MASTER_IDENT:
462 case SMP_CMD_IDENT_INFO:
463 case SMP_CMD_IDENT_ADDR_INFO:
464 case SMP_CMD_SIGN_INFO:
465 default:
466 BT_DBG("Unknown command code 0x%2.2x", code);
467
468 reason = SMP_CMD_NOTSUPP;
469 err = -EOPNOTSUPP;
470 goto done;
471 }
472
473 done:
474 if (reason)
475 smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
476 &reason);
477
478 kfree_skb(skb);
479 return err;
480 }
ubuntu-bionic-kernel mirror