Lines Matching refs:smp
37 #include "smp.h"
54 #define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
542 struct smp_dev *smp;
548 smp = chan->data;
552 err = set_ecdh_privkey(smp->tfm_ecdh, debug_sk);
555 memcpy(smp->local_pk, debug_pk, 64);
556 smp->debug_key = true;
560 err = generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk);
567 if (crypto_memneq(smp->local_pk, debug_pk, 64))
570 smp->debug_key = false;
573 SMP_DBG("OOB Public Key X: %32phN", smp->local_pk);
574 SMP_DBG("OOB Public Key Y: %32phN", smp->local_pk + 32);
576 get_random_bytes(smp->local_rand, 16);
578 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk,
579 smp->local_rand, 0, hash);
583 memcpy(rand, smp->local_rand, 16);
585 smp->local_oob = true;
592 struct l2cap_chan *chan = conn->smp;
593 struct smp_chan *smp;
617 smp = chan->data;
619 cancel_delayed_work_sync(&smp->security_timer);
620 schedule_delayed_work(&smp->security_timer, SMP_TIMEOUT);
652 struct l2cap_chan *chan = conn->smp;
653 struct smp_chan *smp = chan->data;
690 set_bit(SMP_FLAG_REMOTE_OOB, &smp->flags);
692 memcpy(smp->rr, oob_data->rand256, 16);
693 memcpy(smp->pcnf, oob_data->hash256, 16);
694 SMP_DBG("OOB Remote Confirmation: %16phN", smp->pcnf);
695 SMP_DBG("OOB Remote Random: %16phN", smp->rr);
710 smp->remote_key_dist = remote_dist;
721 smp->remote_key_dist = rsp->init_key_dist;
726 struct l2cap_chan *chan = conn->smp;
728 struct smp_chan *smp = chan->data;
738 smp->enc_key_size = max_key_size;
745 struct l2cap_chan *chan = conn->smp;
746 struct smp_chan *smp = chan->data;
750 BUG_ON(!smp);
752 cancel_delayed_work_sync(&smp->security_timer);
754 complete = test_bit(SMP_FLAG_COMPLETE, &smp->flags);
757 kfree_sensitive(smp->csrk);
758 kfree_sensitive(smp->responder_csrk);
759 kfree_sensitive(smp->link_key);
761 crypto_free_shash(smp->tfm_cmac);
762 crypto_free_kpp(smp->tfm_ecdh);
767 if (smp->ltk && smp->ltk->type == SMP_LTK_P256_DEBUG &&
769 list_del_rcu(&smp->ltk->list);
770 kfree_rcu(smp->ltk, rcu);
771 smp->ltk = NULL;
776 if (smp->ltk) {
777 list_del_rcu(&smp->ltk->list);
778 kfree_rcu(smp->ltk, rcu);
781 if (smp->responder_ltk) {
782 list_del_rcu(&smp->responder_ltk->list);
783 kfree_rcu(smp->responder_ltk, rcu);
786 if (smp->remote_irk) {
787 list_del_rcu(&smp->remote_irk->list);
788 kfree_rcu(smp->remote_irk, rcu);
793 kfree_sensitive(smp);
800 struct l2cap_chan *chan = conn->smp;
836 static u8 get_auth_method(struct smp_chan *smp, u8 local_io, u8 remote_io)
845 if (test_bit(SMP_FLAG_SC, &smp->flags))
855 struct l2cap_chan *chan = conn->smp;
856 struct smp_chan *smp = chan->data;
861 memset(smp->tk, 0, sizeof(smp->tk));
862 clear_bit(SMP_FLAG_TK_VALID, &smp->flags);
874 smp->method = JUST_CFM;
876 smp->method = get_auth_method(smp, local_io, remote_io);
879 if (smp->method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR,
880 &smp->flags))
881 smp->method = JUST_WORKS;
884 if (smp->method == JUST_CFM &&
886 smp->method = JUST_WORKS;
890 if (smp->method == JUST_WORKS) {
897 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
904 if (test_bit(SMP_FLAG_SC, &smp->flags))
908 if (smp->method != JUST_CFM) {
909 set_bit(SMP_FLAG_MITM_AUTH, &smp->flags);
917 if (smp->method == OVERLAP) {
919 smp->method = CFM_PASSKEY;
921 smp->method = REQ_PASSKEY;
925 if (smp->method == CFM_PASSKEY) {
926 memset(smp->tk, 0, sizeof(smp->tk));
929 put_unaligned_le32(passkey, smp->tk);
931 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
934 if (smp->method == REQ_PASSKEY)
937 else if (smp->method == JUST_CFM)
949 static u8 smp_confirm(struct smp_chan *smp)
951 struct l2cap_conn *conn = smp->conn;
957 ret = smp_c1(smp->tk, smp->prnd, smp->preq, smp->prsp,
964 clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
966 smp_send_cmd(smp->conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
969 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
971 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
976 static u8 smp_random(struct smp_chan *smp)
978 struct l2cap_conn *conn = smp->conn;
986 ret = smp_c1(smp->tk, smp->rrnd, smp->preq, smp->prsp,
992 if (crypto_memneq(smp->pcnf, confirm, sizeof(smp->pcnf))) {
1003 smp_s1(smp->tk, smp->rrnd, smp->prnd, stk);
1008 hci_le_start_enc(hcon, ediv, rand, stk, smp->enc_key_size);
1009 hcon->enc_key_size = smp->enc_key_size;
1016 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
1017 smp->prnd);
1019 smp_s1(smp->tk, smp->prnd, smp->rrnd, stk);
1031 SMP_STK, auth, stk, smp->enc_key_size, ediv, rand);
1039 struct l2cap_chan *chan = conn->smp;
1040 struct smp_chan *smp = chan->data;
1043 struct smp_cmd_pairing *req = (void *) &smp->preq[1];
1044 struct smp_cmd_pairing *rsp = (void *) &smp->prsp[1];
1062 if (smp->remote_irk) {
1063 smp->remote_irk->link_type = hcon->type;
1064 mgmt_new_irk(hdev, smp->remote_irk, persistent);
1071 bacpy(&hcon->dst, &smp->remote_irk->bdaddr);
1072 hcon->dst_type = smp->remote_irk->addr_type;
1082 if (smp->csrk) {
1083 smp->csrk->link_type = hcon->type;
1084 smp->csrk->bdaddr_type = hcon->dst_type;
1085 bacpy(&smp->csrk->bdaddr, &hcon->dst);
1086 mgmt_new_csrk(hdev, smp->csrk, persistent);
1089 if (smp->responder_csrk) {
1090 smp->responder_csrk->link_type = hcon->type;
1091 smp->responder_csrk->bdaddr_type = hcon->dst_type;
1092 bacpy(&smp->responder_csrk->bdaddr, &hcon->dst);
1093 mgmt_new_csrk(hdev, smp->responder_csrk, persistent);
1096 if (smp->ltk) {
1097 smp->ltk->link_type = hcon->type;
1098 smp->ltk->bdaddr_type = hcon->dst_type;
1099 bacpy(&smp->ltk->bdaddr, &hcon->dst);
1100 mgmt_new_ltk(hdev, smp->ltk, persistent);
1103 if (smp->responder_ltk) {
1104 smp->responder_ltk->link_type = hcon->type;
1105 smp->responder_ltk->bdaddr_type = hcon->dst_type;
1106 bacpy(&smp->responder_ltk->bdaddr, &hcon->dst);
1107 mgmt_new_ltk(hdev, smp->responder_ltk, persistent);
1110 if (smp->link_key) {
1114 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
1121 key = hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
1122 smp->link_key, type, 0, &persistent);
1140 static void sc_add_ltk(struct smp_chan *smp)
1142 struct hci_conn *hcon = smp->conn->hcon;
1145 if (test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags))
1155 smp->ltk = hci_add_ltk(hcon->hdev, &hcon->dst, hcon->dst_type,
1156 key_type, auth, smp->tk, smp->enc_key_size,
1160 static void sc_generate_link_key(struct smp_chan *smp)
1165 smp->link_key = kzalloc(16, GFP_KERNEL);
1166 if (!smp->link_key)
1169 if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
1173 if (smp_h7(smp->tfm_cmac, smp->tk, salt, smp->link_key)) {
1174 kfree_sensitive(smp->link_key);
1175 smp->link_key = NULL;
1182 if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
1183 kfree_sensitive(smp->link_key);
1184 smp->link_key = NULL;
1189 if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
1190 kfree_sensitive(smp->link_key);
1191 smp->link_key = NULL;
1196 static void smp_allow_key_dist(struct smp_chan *smp)
1202 if (smp->remote_key_dist & SMP_DIST_ENC_KEY)
1203 SMP_ALLOW_CMD(smp, SMP_CMD_ENCRYPT_INFO);
1204 else if (smp->remote_key_dist & SMP_DIST_ID_KEY)
1205 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
1206 else if (smp->remote_key_dist & SMP_DIST_SIGN)
1207 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
1210 static void sc_generate_ltk(struct smp_chan *smp)
1214 struct hci_conn *hcon = smp->conn->hcon;
1225 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1227 if (test_bit(SMP_FLAG_CT2, &smp->flags)) {
1231 if (smp_h7(smp->tfm_cmac, key->val, salt, smp->tk))
1237 if (smp_h6(smp->tfm_cmac, key->val, tmp2, smp->tk))
1241 if (smp_h6(smp->tfm_cmac, smp->tk, brle, smp->tk))
1244 sc_add_ltk(smp);
1247 static void smp_distribute_keys(struct smp_chan *smp)
1250 struct l2cap_conn *conn = smp->conn;
1257 rsp = (void *) &smp->prsp[1];
1260 if (hcon->out && (smp->remote_key_dist & KEY_DIST_MASK)) {
1261 smp_allow_key_dist(smp);
1265 req = (void *) &smp->preq[1];
1275 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1277 sc_generate_link_key(smp);
1279 sc_generate_ltk(smp);
1299 get_random_bytes(enc.ltk, smp->enc_key_size);
1300 memset(enc.ltk + smp->enc_key_size, 0,
1301 sizeof(enc.ltk) - smp->enc_key_size);
1311 smp->enc_key_size, ediv, rand);
1312 smp->responder_ltk = ltk;
1361 smp->responder_csrk = csrk;
1369 if (smp->remote_key_dist & KEY_DIST_MASK) {
1370 smp_allow_key_dist(smp);
1374 set_bit(SMP_FLAG_COMPLETE, &smp->flags);
1382 struct smp_chan *smp = container_of(work, struct smp_chan,
1384 struct l2cap_conn *conn = smp->conn;
1394 struct l2cap_chan *chan = conn->smp;
1395 struct smp_chan *smp;
1397 smp = kzalloc(sizeof(*smp), GFP_ATOMIC);
1398 if (!smp)
1401 smp->tfm_cmac = crypto_alloc_shash("cmac(aes)", 0, 0);
1402 if (IS_ERR(smp->tfm_cmac)) {
1407 smp->tfm_ecdh = crypto_alloc_kpp("ecdh-nist-p256", 0, 0);
1408 if (IS_ERR(smp->tfm_ecdh)) {
1413 smp->conn = conn;
1414 chan->data = smp;
1416 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_FAIL);
1418 INIT_DELAYED_WORK(&smp->security_timer, smp_timeout);
1422 return smp;
1425 crypto_free_shash(smp->tfm_cmac);
1427 kfree_sensitive(smp);
1431 static int sc_mackey_and_ltk(struct smp_chan *smp, u8 mackey[16], u8 ltk[16])
1433 struct hci_conn *hcon = smp->conn->hcon;
1437 na = smp->prnd;
1438 nb = smp->rrnd;
1440 na = smp->rrnd;
1441 nb = smp->prnd;
1449 return smp_f5(smp->tfm_cmac, smp->dhkey, na, nb, a, b, mackey, ltk);
1452 static void sc_dhkey_check(struct smp_chan *smp)
1454 struct hci_conn *hcon = smp->conn->hcon;
1467 memcpy(io_cap, &smp->preq[1], 3);
1471 memcpy(io_cap, &smp->prsp[1], 3);
1476 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
1479 if (smp->method == REQ_OOB)
1480 memcpy(r, smp->rr, 16);
1482 smp_f6(smp->tfm_cmac, smp->mackey, smp->prnd, smp->rrnd, r, io_cap,
1485 smp_send_cmd(smp->conn, SMP_CMD_DHKEY_CHECK, sizeof(check), &check);
1488 static u8 sc_passkey_send_confirm(struct smp_chan *smp)
1490 struct l2cap_conn *conn = smp->conn;
1495 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1498 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1500 if (smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd, r,
1509 static u8 sc_passkey_round(struct smp_chan *smp, u8 smp_op)
1511 struct l2cap_conn *conn = smp->conn;
1517 if (smp->passkey_round >= 20)
1522 r = ((hcon->passkey_notify >> smp->passkey_round) & 0x01);
1525 if (smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
1526 smp->rrnd, r, cfm))
1529 if (crypto_memneq(smp->pcnf, cfm, 16))
1532 smp->passkey_round++;
1534 if (smp->passkey_round == 20) {
1536 if (sc_mackey_and_ltk(smp, smp->mackey, smp->tk))
1545 sizeof(smp->prnd), smp->prnd);
1546 if (smp->passkey_round == 20)
1547 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1549 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1554 if (smp->passkey_round != 20)
1555 return sc_passkey_round(smp, 0);
1558 sc_dhkey_check(smp);
1559 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1564 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
1565 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
1569 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
1573 sizeof(smp->prnd), smp->prnd);
1577 return sc_passkey_send_confirm(smp);
1586 smp->passkey_round + 1);
1588 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1590 return sc_passkey_send_confirm(smp);
1596 static int sc_user_reply(struct smp_chan *smp, u16 mgmt_op, __le32 passkey)
1598 struct l2cap_conn *conn = smp->conn;
1602 clear_bit(SMP_FLAG_WAIT_USER, &smp->flags);
1606 smp_failure(smp->conn, SMP_PASSKEY_ENTRY_FAILED);
1609 smp_failure(smp->conn, SMP_NUMERIC_COMP_FAILED);
1613 smp->passkey_round = 0;
1615 if (test_and_clear_bit(SMP_FLAG_CFM_PENDING, &smp->flags))
1620 if (sc_passkey_round(smp, smp_op))
1628 sc_dhkey_check(smp);
1629 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
1630 } else if (test_and_clear_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags)) {
1631 sc_dhkey_check(smp);
1632 sc_add_ltk(smp);
1642 struct smp_chan *smp;
1651 chan = conn->smp;
1661 smp = chan->data;
1663 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1664 err = sc_user_reply(smp, mgmt_op, passkey);
1671 memset(smp->tk, 0, sizeof(smp->tk));
1673 put_unaligned_le32(value, smp->tk);
1676 set_bit(SMP_FLAG_TK_VALID, &smp->flags);
1692 if (test_bit(SMP_FLAG_CFM_PENDING, &smp->flags)) {
1693 u8 rsp = smp_confirm(smp);
1703 static void build_bredr_pairing_cmd(struct smp_chan *smp,
1707 struct l2cap_conn *conn = smp->conn;
1730 smp->remote_key_dist = remote_dist;
1742 smp->remote_key_dist = rsp->init_key_dist;
1748 struct l2cap_chan *chan = conn->smp;
1750 struct smp_chan *smp;
1763 smp = smp_chan_create(conn);
1765 smp = chan->data;
1767 if (!smp)
1780 smp->preq[0] = SMP_CMD_PAIRING_REQ;
1781 memcpy(&smp->preq[1], req, sizeof(*req));
1789 set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
1798 set_bit(SMP_FLAG_SC, &smp->flags);
1800 build_bredr_pairing_cmd(smp, req, &rsp);
1803 set_bit(SMP_FLAG_CT2, &smp->flags);
1810 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1812 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1813 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
1816 smp_distribute_keys(smp);
1823 set_bit(SMP_FLAG_SC, &smp->flags);
1826 set_bit(SMP_FLAG_CT2, &smp->flags);
1841 method = get_auth_method(smp, conn->hcon->io_capability,
1851 get_random_bytes(smp->prnd, sizeof(smp->prnd));
1853 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1854 memcpy(&smp->prsp[1], &rsp, sizeof(rsp));
1858 clear_bit(SMP_FLAG_INITIATOR, &smp->flags);
1865 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
1867 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
1868 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
1870 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1883 static u8 sc_send_public_key(struct smp_chan *smp)
1885 struct hci_dev *hdev = smp->conn->hcon->hdev;
1889 if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
1898 memcpy(smp->local_pk, smp_dev->local_pk, 64);
1899 memcpy(smp->lr, smp_dev->local_rand, 16);
1902 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1909 if (set_ecdh_privkey(smp->tfm_ecdh, debug_sk))
1911 memcpy(smp->local_pk, debug_pk, 64);
1912 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
1916 if (generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk))
1922 if (crypto_memneq(smp->local_pk, debug_pk, 64))
1928 SMP_DBG("Local Public Key X: %32phN", smp->local_pk);
1929 SMP_DBG("Local Public Key Y: %32phN", smp->local_pk + 32);
1931 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk);
1939 struct l2cap_chan *chan = conn->smp;
1940 struct smp_chan *smp = chan->data;
1955 req = (void *) &smp->preq[1];
1971 set_bit(SMP_FLAG_LOCAL_OOB, &smp->flags);
1973 smp->prsp[0] = SMP_CMD_PAIRING_RSP;
1974 memcpy(&smp->prsp[1], rsp, sizeof(*rsp));
1979 smp->remote_key_dist &= rsp->resp_key_dist;
1982 set_bit(SMP_FLAG_CT2, &smp->flags);
1987 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
1988 smp_distribute_keys(smp);
1993 set_bit(SMP_FLAG_SC, &smp->flags);
2001 method = get_auth_method(smp, req->io_capability,
2007 get_random_bytes(smp->prnd, sizeof(smp->prnd));
2012 smp->remote_key_dist &= rsp->resp_key_dist;
2014 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
2016 smp->remote_key_dist &= ~SMP_SC_NO_DIST;
2017 SMP_ALLOW_CMD(smp, SMP_CMD_PUBLIC_KEY);
2018 return sc_send_public_key(smp);
2027 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
2030 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
2031 return smp_confirm(smp);
2036 static u8 sc_check_confirm(struct smp_chan *smp)
2038 struct l2cap_conn *conn = smp->conn;
2042 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2043 return sc_passkey_round(smp, SMP_CMD_PAIRING_CONFIRM);
2046 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2047 smp->prnd);
2048 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2058 static int fixup_sc_false_positive(struct smp_chan *smp)
2060 struct l2cap_conn *conn = smp->conn;
2077 req = (void *) &smp->preq[1];
2078 rsp = (void *) &smp->prsp[1];
2081 smp->remote_key_dist = (req->init_key_dist & rsp->resp_key_dist);
2090 clear_bit(SMP_FLAG_SC, &smp->flags);
2097 struct l2cap_chan *chan = conn->smp;
2098 struct smp_chan *smp = chan->data;
2105 if (skb->len < sizeof(smp->pcnf))
2108 memcpy(smp->pcnf, skb->data, sizeof(smp->pcnf));
2109 skb_pull(skb, sizeof(smp->pcnf));
2111 if (test_bit(SMP_FLAG_SC, &smp->flags)) {
2115 if (test_bit(SMP_FLAG_REMOTE_PK, &smp->flags))
2116 return sc_check_confirm(smp);
2120 ret = fixup_sc_false_positive(smp);
2126 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2127 smp->prnd);
2128 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2132 if (test_bit(SMP_FLAG_TK_VALID, &smp->flags))
2133 return smp_confirm(smp);
2135 set_bit(SMP_FLAG_CFM_PENDING, &smp->flags);
2142 struct l2cap_chan *chan = conn->smp;
2143 struct smp_chan *smp = chan->data;
2151 if (skb->len < sizeof(smp->rrnd))
2154 memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
2155 skb_pull(skb, sizeof(smp->rrnd));
2157 if (!test_bit(SMP_FLAG_SC, &smp->flags))
2158 return smp_random(smp);
2161 pkax = smp->local_pk;
2162 pkbx = smp->remote_pk;
2163 na = smp->prnd;
2164 nb = smp->rrnd;
2166 pkax = smp->remote_pk;
2167 pkbx = smp->local_pk;
2168 na = smp->rrnd;
2169 nb = smp->prnd;
2172 if (smp->method == REQ_OOB) {
2175 sizeof(smp->prnd), smp->prnd);
2176 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2181 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2182 return sc_passkey_round(smp, SMP_CMD_PAIRING_RANDOM);
2187 err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
2188 smp->rrnd, 0, cfm);
2192 if (crypto_memneq(smp->pcnf, cfm, 16))
2195 smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
2196 smp->prnd);
2197 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2200 if (smp->method != JUST_WORKS)
2220 err = sc_mackey_and_ltk(smp, smp->mackey, smp->tk);
2224 if (smp->method == REQ_OOB) {
2226 sc_dhkey_check(smp);
2227 SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
2232 err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
2239 if (smp->method == JUST_WORKS)
2247 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
2305 struct smp_chan *smp;
2341 smp = smp_chan_create(conn);
2342 if (!smp)
2354 smp->preq[0] = SMP_CMD_PAIRING_REQ;
2355 memcpy(&smp->preq[1], &cp, sizeof(cp));
2358 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
2367 struct smp_chan *smp;
2391 chan = conn->smp;
2405 smp = smp_chan_create(conn);
2406 if (!smp) {
2435 smp->preq[0] = SMP_CMD_PAIRING_REQ;
2436 memcpy(&smp->preq[1], &cp, sizeof(cp));
2439 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
2444 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_REQ);
2447 set_bit(SMP_FLAG_INITIATOR, &smp->flags);
2461 struct smp_chan *smp;
2475 chan = conn->smp;
2481 smp = chan->data;
2482 if (smp) {
2485 smp->ltk = NULL;
2486 smp->responder_ltk = NULL;
2487 smp->remote_irk = NULL;
2489 if (test_bit(SMP_FLAG_COMPLETE, &smp->flags))
2505 struct l2cap_chan *chan = conn->smp;
2506 struct smp_chan *smp = chan->data;
2522 SMP_ALLOW_CMD(smp, SMP_CMD_INITIATOR_IDENT);
2526 memcpy(smp->tk, rp->ltk, sizeof(smp->tk));
2534 struct l2cap_chan *chan = conn->smp;
2535 struct smp_chan *smp = chan->data;
2547 smp->remote_key_dist &= ~SMP_DIST_ENC_KEY;
2549 if (smp->remote_key_dist & SMP_DIST_ID_KEY)
2550 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_INFO);
2551 else if (smp->remote_key_dist & SMP_DIST_SIGN)
2552 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
2558 authenticated, smp->tk, smp->enc_key_size,
2560 smp->ltk = ltk;
2561 if (!(smp->remote_key_dist & KEY_DIST_MASK))
2562 smp_distribute_keys(smp);
2570 struct l2cap_chan *chan = conn->smp;
2571 struct smp_chan *smp = chan->data;
2587 SMP_ALLOW_CMD(smp, SMP_CMD_IDENT_ADDR_INFO);
2591 memcpy(smp->irk, info->irk, 16);
2600 struct l2cap_chan *chan = conn->smp;
2601 struct smp_chan *smp = chan->data;
2611 smp->remote_key_dist &= ~SMP_DIST_ID_KEY;
2613 if (smp->remote_key_dist & SMP_DIST_SIGN)
2614 SMP_ALLOW_CMD(smp, SMP_CMD_SIGN_INFO);
2647 bacpy(&smp->id_addr, &info->bdaddr);
2648 smp->id_addr_type = info->addr_type;
2655 smp->remote_irk = hci_add_irk(conn->hcon->hdev, &smp->id_addr,
2656 smp->id_addr_type, smp->irk, &rpa);
2659 if (!(smp->remote_key_dist & KEY_DIST_MASK))
2660 smp_distribute_keys(smp);
2668 struct l2cap_chan *chan = conn->smp;
2669 struct smp_chan *smp = chan->data;
2678 smp->remote_key_dist &= ~SMP_DIST_SIGN;
2690 smp->csrk = csrk;
2691 smp_distribute_keys(smp);
2696 static u8 sc_select_method(struct smp_chan *smp)
2698 struct l2cap_conn *conn = smp->conn;
2703 if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags) ||
2704 test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags))
2713 local = (void *) &smp->preq[1];
2714 remote = (void *) &smp->prsp[1];
2716 local = (void *) &smp->prsp[1];
2717 remote = (void *) &smp->preq[1];
2730 method = get_auth_method(smp, local_io, remote_io);
2735 if (method == JUST_CFM && test_bit(SMP_FLAG_INITIATOR, &smp->flags))
2745 struct l2cap_chan *chan = conn->smp;
2746 struct smp_chan *smp = chan->data;
2760 if (!test_bit(SMP_FLAG_DEBUG_KEY, &smp->flags) &&
2761 !crypto_memneq(key, smp->local_pk, 64)) {
2766 memcpy(smp->remote_pk, key, 64);
2768 if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {
2769 err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,
2770 smp->rr, 0, cfm.confirm_val);
2774 if (crypto_memneq(cfm.confirm_val, smp->pcnf, 16))
2782 err = sc_send_public_key(smp);
2787 SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk);
2788 SMP_DBG("Remote Public Key Y: %32phN", smp->remote_pk + 32);
2793 if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) {
2804 tfm_ecdh = smp->tfm_ecdh;
2807 if (compute_ecdh_secret(tfm_ecdh, smp->remote_pk, smp->dhkey))
2810 SMP_DBG("DHKey %32phN", smp->dhkey);
2812 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags);
2814 smp->method = sc_select_method(smp);
2816 bt_dev_dbg(hdev, "selected method 0x%02x", smp->method);
2819 if (smp->method == JUST_WORKS || smp->method == JUST_CFM)
2824 if (!crypto_memneq(debug_pk, smp->remote_pk, 64))
2825 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags);
2827 if (smp->method == DSP_PASSKEY) {
2832 smp->passkey_round = 0;
2838 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2839 return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY);
2842 if (smp->method == REQ_OOB) {
2845 sizeof(smp->prnd), smp->prnd);
2847 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2853 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2855 if (smp->method == REQ_PASSKEY) {
2859 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_CONFIRM);
2860 set_bit(SMP_FLAG_WAIT_USER, &smp->flags);
2870 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->remote_pk, smp->prnd,
2876 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RANDOM);
2884 struct l2cap_chan *chan = conn->smp;
2886 struct smp_chan *smp = chan->data;
2904 memcpy(io_cap, &smp->prsp[1], 3);
2908 memcpy(io_cap, &smp->preq[1], 3);
2913 if (smp->method == REQ_PASSKEY || smp->method == DSP_PASSKEY)
2915 else if (smp->method == REQ_OOB)
2916 memcpy(r, smp->lr, 16);
2918 err = smp_f6(smp->tfm_cmac, smp->mackey, smp->rrnd, smp->prnd, r,
2927 if (test_bit(SMP_FLAG_WAIT_USER, &smp->flags)) {
2928 set_bit(SMP_FLAG_DHKEY_PENDING, &smp->flags);
2933 sc_dhkey_check(smp);
2936 sc_add_ltk(smp);
2939 hci_le_start_enc(hcon, 0, 0, smp->tk, smp->enc_key_size);
2940 hcon->enc_key_size = smp->enc_key_size;
2960 struct smp_chan *smp;
2975 smp = chan->data;
2980 if (smp && !test_and_clear_bit(code, &smp->allow_cmd))
2986 if (!smp && code != SMP_CMD_PAIRING_REQ && code != SMP_CMD_SECURITY_REQ)
3078 conn->smp = NULL;
3088 struct smp_chan *smp;
3129 smp = smp_chan_create(conn);
3130 if (!smp) {
3135 set_bit(SMP_FLAG_SC, &smp->flags);
3140 build_bredr_pairing_cmd(smp, &req, NULL);
3142 smp->preq[0] = SMP_CMD_PAIRING_REQ;
3143 memcpy(&smp->preq[1], &req, sizeof(req));
3146 SMP_ALLOW_CMD(smp, SMP_CMD_PAIRING_RSP);
3151 struct smp_chan *smp = chan->data;
3162 if (!smp)
3168 cancel_delayed_work(&smp->security_timer);
3170 smp_distribute_keys(smp);
3186 conn->smp = chan;
3200 struct smp_chan *smp = chan->data;
3202 if (smp)
3203 cancel_delayed_work_sync(&smp->security_timer);
3295 struct smp_dev *smp;
3300 smp = NULL;
3304 smp = kzalloc(sizeof(*smp), GFP_KERNEL);
3305 if (!smp)
3311 kfree_sensitive(smp);
3319 kfree_sensitive(smp);
3323 smp->local_oob = false;
3324 smp->tfm_cmac = tfm_cmac;
3325 smp->tfm_ecdh = tfm_ecdh;
3330 if (smp) {
3331 crypto_free_shash(smp->tfm_cmac);
3332 crypto_free_kpp(smp->tfm_ecdh);
3333 kfree_sensitive(smp);
3338 chan->data = smp;
3371 struct smp_dev *smp;
3375 smp = chan->data;
3376 if (smp) {
3378 crypto_free_shash(smp->tfm_cmac);
3379 crypto_free_kpp(smp->tfm_ecdh);
3380 kfree_sensitive(smp);