Lines Matching refs:smp
38 #include "smp.h"
55 #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
541 struct smp_dev *smp;
547 smp = chan->data;
551 err = set_ecdh_privkey(smp->tfm_ecdh, debug_sk);
554 memcpy(smp->local_pk, debug_pk, 64);
555 smp->debug_key = true;
559 err = generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk);
566 if (crypto_memneq(smp->local_pk, debug_pk, 64))
569 smp->debug_key = false;
572 SMP_DBG("OOB Public Key X: %32phN", smp->local_pk);
573 SMP_DBG("OOB Public Key Y: %32phN", smp->local_pk + 32);
575 get_random_bytes(smp->local_rand, 16);
577 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk,
578 smp->local_rand, 0, hash);
582 memcpy(rand, smp->local_rand, 16);
584 smp->local_oob = true;
591 struct l2cap_chan *chan = conn->smp;
592 struct smp_chan *smp;
616 smp = chan->data;
618 cancel_delayed_work_sync(&smp->security_timer);
619 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
651 struct l2cap_chan *chan = conn->smp;
652 struct smp_chan *smp = chan->data;
689 set_bit(SMP_FLAG_REMOTE_OOB, &smp->flags);
691 memcpy(smp->rr, oob_data->rand256, 16);
692 memcpy(smp->pcnf, oob_data->hash256, 16);
693 SMP_DBG("OOB Remote Confirmation: %16phN", smp->pcnf);
694 SMP_DBG("OOB Remote Random: %16phN", smp->rr);
709 smp->remote_key_dist = remote_dist;
720 smp->remote_key_dist = rsp->init_key_dist;
725 struct l2cap_chan *chan = conn->smp;
727 struct smp_chan *smp = chan->data;
737 smp->enc_key_size = max_key_size;
744 struct l2cap_chan *chan = conn->smp;
745 struct smp_chan *smp = chan->data;
749 BUG_ON(!smp);
751 cancel_delayed_work_sync(&smp->security_timer);
753 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
756 kfree_sensitive(smp->csrk);
757 kfree_sensitive(smp->responder_csrk);
758 kfree_sensitive(smp->link_key);
760 crypto_free_shash(smp->tfm_cmac);
761 crypto_free_kpp(smp->tfm_ecdh);
766 if (smp->ltk && smp->ltk->type == SMP_LTK_P256_DEBUG &&
768 list_del_rcu(&smp->ltk->list);
769 kfree_rcu(smp->ltk, rcu);
770 smp->ltk = NULL;
775 if (smp->ltk) {
776 list_del_rcu(&smp->ltk->list);
777 kfree_rcu(smp->ltk, rcu);
780 if (smp->responder_ltk) {
781 list_del_rcu(&smp->responder_ltk->list);
782 kfree_rcu(smp->responder_ltk, rcu);
785 if (smp->remote_irk) {
786 list_del_rcu(&smp->remote_irk->list);
787 kfree_rcu(smp->remote_irk, rcu);
792 kfree_sensitive(smp);
799 struct l2cap_chan *chan = conn->smp;
835 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
844 if (test_bit(SMP_FLAG_SC, &smp->flags))
854 struct l2cap_chan *chan = conn->smp;
855 struct smp_chan *smp = chan->data;
860 memset(smp->tk, 0, sizeof(smp->tk));
861 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
873 smp->method = JUST_CFM;
875 smp->method = get_auth_method(smp, local_io, remote_io);
878 if (smp->method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR,
879 &smp->flags))
880 smp->method = JUST_WORKS;
883 if (smp->method == JUST_CFM &&
885 smp->method = JUST_WORKS;
889 if (smp->method == JUST_WORKS) {
896 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
903 if (test_bit(SMP_FLAG_SC, &smp->flags))
907 if (smp->method != JUST_CFM) {
908 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
916 if (smp->method == OVERLAP) {
918 smp->method = CFM_PASSKEY;
920 smp->method = REQ_PASSKEY;
924 if (smp->method == CFM_PASSKEY) {
925 memset(smp->tk, 0, sizeof(smp->tk));
928 put_unaligned_le32(passkey, smp->tk);
930 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
933 if (smp->method == REQ_PASSKEY)
936 else if (smp->method == JUST_CFM)
948 static u8 smp_confirm(struct smp_chan *smp)
950 struct l2cap_conn *conn = smp->conn;
956 ret = smp_c1(smp->tk, smp->prnd, smp->preq, smp->prsp,
963 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
965 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
968 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
970 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
975 static u8 smp_random(struct smp_chan *smp)
977 struct l2cap_conn *conn = smp->conn;
985 ret = smp_c1(smp->tk, smp->rrnd, smp->preq, smp->prsp,
991 if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
1002 smp_s1(smp->tk, smp->rrnd, smp->prnd, stk);
1007 hci_le_start_enc(hcon, ediv, rand, stk, smp->enc_key_size);
1008 hcon->enc_key_size = smp->enc_key_size;
1015 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1016 smp->prnd);
1018 smp_s1(smp->tk, smp->prnd, smp->rrnd, stk);
1030 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
1038 struct l2cap_chan *chan = conn->smp;
1039 struct smp_chan *smp = chan->data;
1042 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1043 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1061 if (smp->remote_irk) {
1062 smp->remote_irk->link_type = hcon->type;
1063 mgmt_new_irk(hdev, smp->remote_irk, persistent);
1070 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1071 hcon->dst_type = smp->remote_irk->addr_type;
1076 if (smp->csrk) {
1077 smp->csrk->link_type = hcon->type;
1078 smp->csrk->bdaddr_type = hcon->dst_type;
1079 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1080 mgmt_new_csrk(hdev, smp->csrk, persistent);
1083 if (smp->responder_csrk) {
1084 smp->responder_csrk->link_type = hcon->type;
1085 smp->responder_csrk->bdaddr_type = hcon->dst_type;
1086 bacpy(&smp->responder_csrk->bdaddr, &hcon->dst);
1087 mgmt_new_csrk(hdev, smp->responder_csrk, persistent);
1090 if (smp->ltk) {
1091 smp->ltk->link_type = hcon->type;
1092 smp->ltk->bdaddr_type = hcon->dst_type;
1093 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1094 mgmt_new_ltk(hdev, smp->ltk, persistent);
1097 if (smp->responder_ltk) {
1098 smp->responder_ltk->link_type = hcon->type;
1099 smp->responder_ltk->bdaddr_type = hcon->dst_type;
1100 bacpy(&smp->responder_ltk->bdaddr, &hcon->dst);
1101 mgmt_new_ltk(hdev, smp->responder_ltk, persistent);
1104 if (smp->link_key) {
1108 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
1115 key = hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
1116 smp->link_key, type, 0, &persistent);
1134 static void sc_add_ltk(struct smp_chan *smp)
1136 struct hci_conn *hcon = smp->conn->hcon;
1139 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
1149 smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1150 key_type, auth, smp->tk, smp->enc_key_size,
1154 static void sc_generate_link_key(struct smp_chan *smp)
1159 smp->link_key = kzalloc(16, GFP_KERNEL);
1160 if (!smp->link_key)
1163 if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
1167 if (smp_h7(smp->tfm_cmac, smp->tk, salt, smp->link_key)) {
1168 kfree_sensitive(smp->link_key);
1169 smp->link_key = NULL;
1176 if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
1177 kfree_sensitive(smp->link_key);
1178 smp->link_key = NULL;
1183 if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
1184 kfree_sensitive(smp->link_key);
1185 smp->link_key = NULL;
1190 static void smp_allow_key_dist(struct smp_chan *smp)
1196 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
1197 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
1198 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1199 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1200 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1201 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1204 static void sc_generate_ltk(struct smp_chan *smp)
1208 struct hci_conn *hcon = smp->conn->hcon;
1219 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1221 if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
1225 if (smp_h7(smp->tfm_cmac, key->val, salt, smp->tk))
1231 if (smp_h6(smp->tfm_cmac, key->val, tmp2, smp->tk))
1235 if (smp_h6(smp->tfm_cmac, smp->tk, brle, smp->tk))
1238 sc_add_ltk(smp);
1241 static void smp_distribute_keys(struct smp_chan *smp)
1244 struct l2cap_conn *conn = smp->conn;
1251 rsp = (void *) &smp->prsp[1];
1254 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
1255 smp_allow_key_dist(smp);
1259 req = (void *) &smp->preq[1];
1269 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1271 sc_generate_link_key(smp);
1273 sc_generate_ltk(smp);
1293 get_random_bytes(enc.ltk, smp->enc_key_size);
1294 memset(enc.ltk + smp->enc_key_size, 0,
1295 sizeof(enc.ltk) - smp->enc_key_size);
1305 smp->enc_key_size, ediv, rand);
1306 smp->responder_ltk = ltk;
1355 smp->responder_csrk = csrk;
1363 if (smp->remote_key_dist & KEY_DIST_MASK) {
1364 smp_allow_key_dist(smp);
1368 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1376 struct smp_chan *smp = container_of(work, struct smp_chan,
1378 struct l2cap_conn *conn = smp->conn;
1388 struct l2cap_chan *chan = conn->smp;
1389 struct smp_chan *smp;
1391 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
1392 if (!smp)
1395 smp->tfm_cmac = crypto_alloc_shash("cmac(aes)", 0, 0);
1396 if (IS_ERR(smp->tfm_cmac)) {
1401 smp->tfm_ecdh = crypto_alloc_kpp("ecdh", 0, 0);
1402 if (IS_ERR(smp->tfm_ecdh)) {
1407 smp->conn = conn;
1408 chan->data = smp;
1410 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
1412 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
1416 return smp;
1419 crypto_free_shash(smp->tfm_cmac);
1421 kfree_sensitive(smp);
1425 static int sc_mackey_and_ltk(struct smp_chan *smp, u8 mackey[16], u8 ltk[16])
1427 struct hci_conn *hcon = smp->conn->hcon;
1431 na = smp->prnd;
1432 nb = smp->rrnd;
1434 na = smp->rrnd;
1435 nb = smp->prnd;
1443 return smp_f5(smp->tfm_cmac, smp->dhkey, na, nb, a, b, mackey, ltk);
1446 static void sc_dhkey_check(struct smp_chan *smp)
1448 struct hci_conn *hcon = smp->conn->hcon;
1461 memcpy(io_cap, &smp->preq[1], 3);
1465 memcpy(io_cap, &smp->prsp[1], 3);
1470 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
1473 if (smp->method == REQ_OOB)
1474 memcpy(r, smp->rr, 16);
1476 smp_f6(smp->tfm_cmac, smp->mackey, smp->prnd, smp->rrnd, r, io_cap,
1479 smp_send_cmd(smp->conn, SMP_CMD_DHKEY_CHECK, sizeof(check), &check);
1482 static u8 sc_passkey_send_confirm(struct smp_chan *smp)
1484 struct l2cap_conn *conn = smp->conn;
1489 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1492 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1494 if (smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd, r,
1503 static u8 sc_passkey_round(struct smp_chan *smp, u8 smp_op)
1505 struct l2cap_conn *conn = smp->conn;
1511 if (smp->passkey_round >= 20)
1516 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1519 if (smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
1520 smp->rrnd, r, cfm))
1523 if (crypto_memneq(smp->pcnf, cfm, 16))
1526 smp->passkey_round++;
1528 if (smp->passkey_round == 20) {
1530 if (sc_mackey_and_ltk(smp, smp->mackey, smp->tk))
1539 sizeof(smp->prnd), smp->prnd);
1540 if (smp->passkey_round == 20)
1541 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1543 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1548 if (smp->passkey_round != 20)
1549 return sc_passkey_round(smp, 0);
1552 sc_dhkey_check(smp);
1553 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1558 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
1559 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1563 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1567 sizeof(smp->prnd), smp->prnd);
1571 return sc_passkey_send_confirm(smp);
1580 smp->passkey_round + 1);
1582 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1584 return sc_passkey_send_confirm(smp);
1590 static int sc_user_reply(struct smp_chan *smp, u16 mgmt_op, __le32 passkey)
1592 struct l2cap_conn *conn = smp->conn;
1596 clear_bit(SMP_FLAG_WAIT_USER, &smp->flags);
1600 smp_failure(smp->conn, SMP_PASSKEY_ENTRY_FAILED);
1603 smp_failure(smp->conn, SMP_NUMERIC_COMP_FAILED);
1607 smp->passkey_round = 0;
1609 if (test_and_clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags))
1614 if (sc_passkey_round(smp, smp_op))
1622 sc_dhkey_check(smp);
1623 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1624 } else if (test_and_clear_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags)) {
1625 sc_dhkey_check(smp);
1626 sc_add_ltk(smp);
1636 struct smp_chan *smp;
1645 chan = conn->smp;
1655 smp = chan->data;
1657 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1658 err = sc_user_reply(smp, mgmt_op, passkey);
1665 memset(smp->tk, 0, sizeof(smp->tk));
1667 put_unaligned_le32(value, smp->tk);
1670 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
1686 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
1687 u8 rsp = smp_confirm(smp);
1697 static void build_bredr_pairing_cmd(struct smp_chan *smp,
1701 struct l2cap_conn *conn = smp->conn;
1724 smp->remote_key_dist = remote_dist;
1736 smp->remote_key_dist = rsp->init_key_dist;
1742 struct l2cap_chan *chan = conn->smp;
1744 struct smp_chan *smp;
1757 smp = smp_chan_create(conn);
1759 smp = chan->data;
1761 if (!smp)
1774 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1775 memcpy(&smp->preq[1], req, sizeof(*req));
1783 set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
1792 set_bit(SMP_FLAG_SC, &smp->flags);
1794 build_bredr_pairing_cmd(smp, req, &rsp);
1797 set_bit(SMP_FLAG_CT2, &smp->flags);
1804 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1806 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1807 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
1810 smp_distribute_keys(smp);
1817 set_bit(SMP_FLAG_SC, &smp->flags);
1820 set_bit(SMP_FLAG_CT2, &smp->flags);
1835 method = get_auth_method(smp, conn->hcon->io_capability,
1845 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1847 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1848 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
1852 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
1859 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1861 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1862 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
1864 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1877 static u8 sc_send_public_key(struct smp_chan *smp)
1879 struct hci_dev *hdev = smp->conn->hcon->hdev;
1883 if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
1892 memcpy(smp->local_pk, smp_dev->local_pk, 64);
1893 memcpy(smp->lr, smp_dev->local_rand, 16);
1896 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1903 if (set_ecdh_privkey(smp->tfm_ecdh, debug_sk))
1905 memcpy(smp->local_pk, debug_pk, 64);
1906 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1910 if (generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk))
1916 if (crypto_memneq(smp->local_pk, debug_pk, 64))
1922 SMP_DBG("Local Public Key X: %32phN", smp->local_pk);
1923 SMP_DBG("Local Public Key Y: %32phN", smp->local_pk + 32);
1925 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk);
1933 struct l2cap_chan *chan = conn->smp;
1934 struct smp_chan *smp = chan->data;
1949 req = (void *) &smp->preq[1];
1965 set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
1967 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1968 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
1973 smp->remote_key_dist &= rsp->resp_key_dist;
1976 set_bit(SMP_FLAG_CT2, &smp->flags);
1981 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1982 smp_distribute_keys(smp);
1987 set_bit(SMP_FLAG_SC, &smp->flags);
1995 method = get_auth_method(smp, req->io_capability,
2001 get_random_bytes(smp->prnd, sizeof(smp->prnd));
2006 smp->remote_key_dist &= rsp->resp_key_dist;
2008 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
2010 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
2011 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
2012 return sc_send_public_key(smp);
2021 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
2024 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
2025 return smp_confirm(smp);
2030 static u8 sc_check_confirm(struct smp_chan *smp)
2032 struct l2cap_conn *conn = smp->conn;
2036 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2037 return sc_passkey_round(smp, SMP_CMD_PAIRING_CONFIRM);
2040 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2041 smp->prnd);
2042 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2052 static int fixup_sc_false_positive(struct smp_chan *smp)
2054 struct l2cap_conn *conn = smp->conn;
2071 req = (void *) &smp->preq[1];
2072 rsp = (void *) &smp->prsp[1];
2075 smp->remote_key_dist = (req->init_key_dist & rsp->resp_key_dist);
2084 clear_bit(SMP_FLAG_SC, &smp->flags);
2091 struct l2cap_chan *chan = conn->smp;
2092 struct smp_chan *smp = chan->data;
2099 if (skb->len < sizeof(smp->pcnf))
2102 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
2103 skb_pull(skb, sizeof(smp->pcnf));
2105 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
2109 if (test_bit(SMP_FLAG_REMOTE_PK, &smp->flags))
2110 return sc_check_confirm(smp);
2114 ret = fixup_sc_false_positive(smp);
2120 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2121 smp->prnd);
2122 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2126 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
2127 return smp_confirm(smp);
2129 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
2136 struct l2cap_chan *chan = conn->smp;
2137 struct smp_chan *smp = chan->data;
2145 if (skb->len < sizeof(smp->rrnd))
2148 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
2149 skb_pull(skb, sizeof(smp->rrnd));
2151 if (!test_bit(SMP_FLAG_SC, &smp->flags))
2152 return smp_random(smp);
2155 pkax = smp->local_pk;
2156 pkbx = smp->remote_pk;
2157 na = smp->prnd;
2158 nb = smp->rrnd;
2160 pkax = smp->remote_pk;
2161 pkbx = smp->local_pk;
2162 na = smp->rrnd;
2163 nb = smp->prnd;
2166 if (smp->method == REQ_OOB) {
2169 sizeof(smp->prnd), smp->prnd);
2170 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2175 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2176 return sc_passkey_round(smp, SMP_CMD_PAIRING_RANDOM);
2181 err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
2182 smp->rrnd, 0, cfm);
2186 if (crypto_memneq(smp->pcnf, cfm, 16))
2189 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2190 smp->prnd);
2191 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2194 if (smp->method != JUST_WORKS)
2214 err = sc_mackey_and_ltk(smp, smp->mackey, smp->tk);
2218 if (smp->method == REQ_OOB) {
2220 sc_dhkey_check(smp);
2221 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2226 err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
2233 if (smp->method == JUST_WORKS)
2241 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
2299 struct smp_chan *smp;
2335 smp = smp_chan_create(conn);
2336 if (!smp)
2348 smp->preq[0] = SMP_CMD_PAIRING_REQ;
2349 memcpy(&smp->preq[1], &cp, sizeof(cp));
2352 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
2361 struct smp_chan *smp;
2385 chan = conn->smp;
2399 smp = smp_chan_create(conn);
2400 if (!smp) {
2429 smp->preq[0] = SMP_CMD_PAIRING_REQ;
2430 memcpy(&smp->preq[1], &cp, sizeof(cp));
2433 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
2438 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
2441 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
2455 struct smp_chan *smp;
2469 chan = conn->smp;
2475 smp = chan->data;
2476 if (smp) {
2479 smp->ltk = NULL;
2480 smp->responder_ltk = NULL;
2481 smp->remote_irk = NULL;
2483 if (test_bit(SMP_FLAG_COMPLETE, &smp->flags))
2499 struct l2cap_chan *chan = conn->smp;
2500 struct smp_chan *smp = chan->data;
2516 SMP_ALLOW_CMD(smp, SMP_CMD_INITIATOR_IDENT);
2520 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
2528 struct l2cap_chan *chan = conn->smp;
2529 struct smp_chan *smp = chan->data;
2541 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
2543 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
2544 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
2545 else if (smp->remote_key_dist & SMP_DIST_SIGN)
2546 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
2552 authenticated, smp->tk, smp->enc_key_size,
2554 smp->ltk = ltk;
2555 if (!(smp->remote_key_dist & KEY_DIST_MASK))
2556 smp_distribute_keys(smp);
2564 struct l2cap_chan *chan = conn->smp;
2565 struct smp_chan *smp = chan->data;
2581 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
2585 memcpy(smp->irk, info->irk, 16);
2594 struct l2cap_chan *chan = conn->smp;
2595 struct smp_chan *smp = chan->data;
2605 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
2607 if (smp->remote_key_dist & SMP_DIST_SIGN)
2608 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
2641 bacpy(&smp->id_addr, &info->bdaddr);
2642 smp->id_addr_type = info->addr_type;
2649 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
2650 smp->id_addr_type, smp->irk, &rpa);
2653 if (!(smp->remote_key_dist & KEY_DIST_MASK))
2654 smp_distribute_keys(smp);
2662 struct l2cap_chan *chan = conn->smp;
2663 struct smp_chan *smp = chan->data;
2672 smp->remote_key_dist &= ~SMP_DIST_SIGN;
2684 smp->csrk = csrk;
2685 smp_distribute_keys(smp);
2690 static u8 sc_select_method(struct smp_chan *smp)
2692 struct l2cap_conn *conn = smp->conn;
2697 if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags) ||
2698 test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags))
2707 local = (void *) &smp->preq[1];
2708 remote = (void *) &smp->prsp[1];
2710 local = (void *) &smp->prsp[1];
2711 remote = (void *) &smp->preq[1];
2724 method = get_auth_method(smp, local_io, remote_io);
2729 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
2739 struct l2cap_chan *chan = conn->smp;
2740 struct smp_chan *smp = chan->data;
2754 if (!test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags) &&
2755 !crypto_memneq(key, smp->local_pk, 64)) {
2760 memcpy(smp->remote_pk, key, 64);
2762 if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {
2763 err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,
2764 smp->rr, 0, cfm.confirm_val);
2768 if (crypto_memneq(cfm.confirm_val, smp->pcnf, 16))
2776 err = sc_send_public_key(smp);
2781 SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk);
2782 SMP_DBG("Remote Public Key Y: %32phN", smp->remote_pk + 32);
2787 if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
2798 tfm_ecdh = smp->tfm_ecdh;
2801 if (compute_ecdh_secret(tfm_ecdh, smp->remote_pk, smp->dhkey))
2804 SMP_DBG("DHKey %32phN", smp->dhkey);
2806 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags);
2808 smp->method = sc_select_method(smp);
2810 bt_dev_dbg(hdev, "selected method 0x%02x", smp->method);
2813 if (smp->method == JUST_WORKS || smp->method == JUST_CFM)
2818 if (!crypto_memneq(debug_pk, smp->remote_pk, 64))
2819 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
2821 if (smp->method == DSP_PASSKEY) {
2826 smp->passkey_round = 0;
2832 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2833 return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY);
2836 if (smp->method == REQ_OOB) {
2839 sizeof(smp->prnd), smp->prnd);
2841 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2847 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2849 if (smp->method == REQ_PASSKEY) {
2853 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2854 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
2864 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd,
2870 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2878 struct l2cap_chan *chan = conn->smp;
2880 struct smp_chan *smp = chan->data;
2898 memcpy(io_cap, &smp->prsp[1], 3);
2902 memcpy(io_cap, &smp->preq[1], 3);
2907 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2909 else if (smp->method == REQ_OOB)
2910 memcpy(r, smp->lr, 16);
2912 err = smp_f6(smp->tfm_cmac, smp->mackey, smp->rrnd, smp->prnd, r,
2921 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
2922 set_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags);
2927 sc_dhkey_check(smp);
2930 sc_add_ltk(smp);
2933 hci_le_start_enc(hcon, 0, 0, smp->tk, smp->enc_key_size);
2934 hcon->enc_key_size = smp->enc_key_size;
2954 struct smp_chan *smp;
2969 smp = chan->data;
2974 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
2980 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
3072 conn->smp = NULL;
3082 struct smp_chan *smp;
3123 smp = smp_chan_create(conn);
3124 if (!smp) {
3129 set_bit(SMP_FLAG_SC, &smp->flags);
3134 build_bredr_pairing_cmd(smp, &req, NULL);
3136 smp->preq[0] = SMP_CMD_PAIRING_REQ;
3137 memcpy(&smp->preq[1], &req, sizeof(req));
3140 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
3145 struct smp_chan *smp = chan->data;
3156 if (!smp)
3162 cancel_delayed_work(&smp->security_timer);
3164 smp_distribute_keys(smp);
3180 conn->smp = chan;
3194 struct smp_chan *smp = chan->data;
3196 if (smp)
3197 cancel_delayed_work_sync(&smp->security_timer);
3289 struct smp_dev *smp;
3294 smp = NULL;
3298 smp = kzalloc(sizeof(*smp), GFP_KERNEL);
3299 if (!smp)
3305 kfree_sensitive(smp);
3313 kfree_sensitive(smp);
3317 smp->local_oob = false;
3318 smp->tfm_cmac = tfm_cmac;
3319 smp->tfm_ecdh = tfm_ecdh;
3324 if (smp) {
3325 crypto_free_shash(smp->tfm_cmac);
3326 crypto_free_kpp(smp->tfm_ecdh);
3327 kfree_sensitive(smp);
3332 chan->data = smp;
3365 struct smp_dev *smp;
3369 smp = chan->data;
3370 if (smp) {
3372 crypto_free_shash(smp->tfm_cmac);
3373 crypto_free_kpp(smp->tfm_ecdh);
3374 kfree_sensitive(smp);