1 files changed, 705 insertions, 0 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
new file mode 100644
index 00000000000..c45dd737cdd
--- /dev/null
+++ b/net/bluetooth/smp.c
@@ -0,0 +1,705 @@
+/*
+   BlueZ - Bluetooth protocol stack for Linux
+   Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License version 2 as
+   published by the Free Software Foundation;
+   THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+   OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+   FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
+   IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
+   CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
+   WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+   ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+   ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
+   COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
+   SOFTWARE IS DISCLAIMED.
+*/
+#include <net/bluetooth/bluetooth.h>
+#include <net/bluetooth/hci_core.h>
+#include <net/bluetooth/l2cap.h>
+#include <net/bluetooth/smp.h>
+#include <linux/crypto.h>
+#include <linux/scatterlist.h>
+#include <crypto/b128ops.h>
+#define SMP_TIMEOUT 30000 /* 30 seconds */
+static inline void swap128(u8 src[16], u8 dst[16])
+{
+        int i;
+        for (i = 0; i < 16; i++)
+                dst[15 - i] = src[i];
+}
+static inline void swap56(u8 src[7], u8 dst[7])
+{
+        int i;
+        for (i = 0; i < 7; i++)
+                dst[6 - i] = src[i];
+}
+static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
+{
+        struct blkcipher_desc desc;
+        struct scatterlist sg;
+        int err, iv_len;
+        unsigned char iv[128];
+        if (tfm == NULL) {
+                BT_ERR("tfm %p", tfm);
+                return -EINVAL;
+        }
+        desc.tfm = tfm;
+        desc.flags = 0;
+        err = crypto_blkcipher_setkey(tfm, k, 16);
+        if (err) {
+                BT_ERR("cipher setkey failed: %d", err);
+                return err;
+        }
+        sg_init_one(&sg, r, 16);
+        iv_len = crypto_blkcipher_ivsize(tfm);
+        if (iv_len) {
+                memset(&iv, 0xff, iv_len);
+                crypto_blkcipher_set_iv(tfm, iv, iv_len);
+        }
+        err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
+        if (err)
+                BT_ERR("Encrypt data error %d", err);
+        return err;
+}
+static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
+                u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
+                u8 _rat, bdaddr_t *ra, u8 res[16])
+{
+        u8 p1[16], p2[16];
+        int err;
+        memset(p1, 0, 16);
+        /* p1 = pres || preq || _rat || _iat */
+        swap56(pres, p1);
+        swap56(preq, p1 + 7);
+        p1[14] = _rat;
+        p1[15] = _iat;
+        memset(p2, 0, 16);
+        /* p2 = padding || ia || ra */
+        baswap((bdaddr_t *) (p2 + 4), ia);
+        baswap((bdaddr_t *) (p2 + 10), ra);
+        /* res = r XOR p1 */
+        u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
+        /* res = e(k, res) */
+        err = smp_e(tfm, k, res);
+        if (err) {
+                BT_ERR("Encrypt data error");
+                return err;
+        }
+        /* res = res XOR p2 */
+        u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
+        /* res = e(k, res) */
+        err = smp_e(tfm, k, res);
+        if (err)
+                BT_ERR("Encrypt data error");
+        return err;
+}
+static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
+                        u8 r1[16], u8 r2[16], u8 _r[16])
+{
+        int err;
+        /* Just least significant octets from r1 and r2 are considered */
+        memcpy(_r, r1 + 8, 8);
+        memcpy(_r + 8, r2 + 8, 8);
+        err = smp_e(tfm, k, _r);
+        if (err)
+                BT_ERR("Encrypt data error");
+        return err;
+}
+static int smp_rand(u8 *buf)
+{
+        get_random_bytes(buf, 16);
+        return 0;
+}
+static struct sk_buff *smp_build_cmd(struct l2cap_conn *conn, u8 code,
+                                                u16 dlen, void *data)
+{
+        struct sk_buff *skb;
+        struct l2cap_hdr *lh;
+        int len;
+        len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
+        if (len > conn->mtu)
+                return NULL;
+        skb = bt_skb_alloc(len, GFP_ATOMIC);
+        if (!skb)
+                return NULL;
+        lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
+        lh->len = cpu_to_le16(sizeof(code) + dlen);
+        lh->cid = cpu_to_le16(L2CAP_CID_SMP);
+        memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
+        memcpy(skb_put(skb, dlen), data, dlen);
+        return skb;
+}
+static void smp_send_cmd(struct l2cap_conn *conn, u8 code, u16 len, void *data)
+{
+        struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
+        BT_DBG("code 0x%2.2x", code);
+        if (!skb)
+                return;
+        hci_send_acl(conn->hcon, skb, 0);
+}
+static __u8 seclevel_to_authreq(__u8 level)
+{
+        switch (level) {
+        case BT_SECURITY_HIGH:
+                /* Right now we don't support bonding */
+                return SMP_AUTH_MITM;
+        default:
+                return SMP_AUTH_NONE;
+        }
+}
+static void build_pairing_cmd(struct l2cap_conn *conn,
+                                struct smp_cmd_pairing *req,
+                                struct smp_cmd_pairing *rsp,
+                                __u8 authreq)
+{
+        u8 dist_keys;
+        dist_keys = 0;
+        if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->flags)) {
+                dist_keys = SMP_DIST_ENC_KEY | SMP_DIST_ID_KEY | SMP_DIST_SIGN;
+                authreq |= SMP_AUTH_BONDING;
+        }
+        if (rsp == NULL) {
+                req->io_capability = conn->hcon->io_capability;
+                req->oob_flag = SMP_OOB_NOT_PRESENT;
+                req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
+                req->init_key_dist = dist_keys;
+                req->resp_key_dist = dist_keys;
+                req->auth_req = authreq;
+                return;
+        }
+        rsp->io_capability = conn->hcon->io_capability;
+        rsp->oob_flag = SMP_OOB_NOT_PRESENT;
+        rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
+        rsp->init_key_dist = req->init_key_dist & dist_keys;
+        rsp->resp_key_dist = req->resp_key_dist & dist_keys;
+        rsp->auth_req = authreq;
+}
+static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
+{
+        if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
+                        (max_key_size < SMP_MIN_ENC_KEY_SIZE))
+                return SMP_ENC_KEY_SIZE;
+        conn->smp_key_size = max_key_size;
+        return 0;
+}
+static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct smp_cmd_pairing rsp, *req = (void *) skb->data;
+        u8 key_size;
+        BT_DBG("conn %p", conn);
+        conn->preq[0] = SMP_CMD_PAIRING_REQ;
+        memcpy(&conn->preq[1], req, sizeof(*req));
+        skb_pull(skb, sizeof(*req));
+        if (req->oob_flag)
+                return SMP_OOB_NOT_AVAIL;
+        /* We didn't start the pairing, so no requirements */
+        build_pairing_cmd(conn, req, &rsp, SMP_AUTH_NONE);
+        key_size = min(req->max_key_size, rsp.max_key_size);
+        if (check_enc_key_size(conn, key_size))
+                return SMP_ENC_KEY_SIZE;
+        /* Just works */
+        memset(conn->tk, 0, sizeof(conn->tk));
+        conn->prsp[0] = SMP_CMD_PAIRING_RSP;
+        memcpy(&conn->prsp[1], &rsp, sizeof(rsp));
+        smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
+        mod_timer(&conn->security_timer, jiffies +
+                                        msecs_to_jiffies(SMP_TIMEOUT));
+        mod_timer(&conn->security_timer, jiffies +
+                                        msecs_to_jiffies(SMP_TIMEOUT));
+        return 0;
+}
+static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
+        struct smp_cmd_pairing_confirm cp;
+        struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
+        int ret;
+        u8 res[16], key_size;
+        BT_DBG("conn %p", conn);
+        skb_pull(skb, sizeof(*rsp));
+        req = (void *) &conn->preq[1];
+        key_size = min(req->max_key_size, rsp->max_key_size);
+        if (check_enc_key_size(conn, key_size))
+                return SMP_ENC_KEY_SIZE;
+        if (rsp->oob_flag)
+                return SMP_OOB_NOT_AVAIL;
+        /* Just works */
+        memset(conn->tk, 0, sizeof(conn->tk));
+        conn->prsp[0] = SMP_CMD_PAIRING_RSP;
+        memcpy(&conn->prsp[1], rsp, sizeof(*rsp));
+        ret = smp_rand(conn->prnd);
+        if (ret)
+                return SMP_UNSPECIFIED;
+        ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
+                        conn->src, conn->hcon->dst_type, conn->dst, res);
+        if (ret)
+                return SMP_UNSPECIFIED;
+        swap128(res, cp.confirm_val);
+        smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
+        return 0;
+}
+static u8 smp_cmd_pairing_confirm(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
+        BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
+        memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
+        skb_pull(skb, sizeof(conn->pcnf));
+        if (conn->hcon->out) {
+                u8 random[16];
+                swap128(conn->prnd, random);
+                smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
+                                                                random);
+        } else {
+                struct smp_cmd_pairing_confirm cp;
+                int ret;
+                u8 res[16];
+                ret = smp_rand(conn->prnd);
+                if (ret)
+                        return SMP_UNSPECIFIED;
+                ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
+                                                conn->hcon->dst_type, conn->dst,
+                                                0, conn->src, res);
+                if (ret)
+                        return SMP_CONFIRM_FAILED;
+                swap128(res, cp.confirm_val);
+                smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
+        }
+        mod_timer(&conn->security_timer, jiffies +
+                                        msecs_to_jiffies(SMP_TIMEOUT));
+        return 0;
+}
+static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct hci_conn *hcon = conn->hcon;
+        struct crypto_blkcipher *tfm = hcon->hdev->tfm;
+        int ret;
+        u8 key[16], res[16], random[16], confirm[16];
+        swap128(skb->data, random);
+        skb_pull(skb, sizeof(random));
+        if (conn->hcon->out)
+                ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
+                                conn->src, conn->hcon->dst_type, conn->dst,
+                                res);
+        else
+                ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
+                                conn->hcon->dst_type, conn->dst, 0, conn->src,
+                                res);
+        if (ret)
+                return SMP_UNSPECIFIED;
+        BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
+        swap128(res, confirm);
+        if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
+                BT_ERR("Pairing failed (confirmation values mismatch)");
+                return SMP_CONFIRM_FAILED;
+        }
+        if (conn->hcon->out) {
+                u8 stk[16], rand[8];
+                __le16 ediv;
+                memset(rand, 0, sizeof(rand));
+                ediv = 0;
+                smp_s1(tfm, conn->tk, random, conn->prnd, key);
+                swap128(key, stk);
+                memset(stk + conn->smp_key_size, 0,
+                                SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
+                hci_le_start_enc(hcon, ediv, rand, stk);
+                hcon->enc_key_size = conn->smp_key_size;
+        } else {
+                u8 stk[16], r[16], rand[8];
+                __le16 ediv;
+                memset(rand, 0, sizeof(rand));
+                ediv = 0;
+                swap128(conn->prnd, r);
+                smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
+                smp_s1(tfm, conn->tk, conn->prnd, random, key);
+                swap128(key, stk);
+                memset(stk + conn->smp_key_size, 0,
+                                SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
+                hci_add_ltk(conn->hcon->hdev, 0, conn->dst, conn->smp_key_size,
+                                                        ediv, rand, stk);
+        }
+        return 0;
+}
+static u8 smp_cmd_security_req(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct smp_cmd_security_req *rp = (void *) skb->data;
+        struct smp_cmd_pairing cp;
+        struct hci_conn *hcon = conn->hcon;
+        BT_DBG("conn %p", conn);
+        if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
+                return 0;
+        skb_pull(skb, sizeof(*rp));
+        memset(&cp, 0, sizeof(cp));
+        build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
+        conn->preq[0] = SMP_CMD_PAIRING_REQ;
+        memcpy(&conn->preq[1], &cp, sizeof(cp));
+        smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
+        mod_timer(&conn->security_timer, jiffies +
+                                        msecs_to_jiffies(SMP_TIMEOUT));
+        set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
+        return 0;
+}
+int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
+{
+        struct hci_conn *hcon = conn->hcon;
+        __u8 authreq;
+        BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
+        if (!lmp_host_le_capable(hcon->hdev))
+                return 1;
+        if (IS_ERR(hcon->hdev->tfm))
+                return 1;
+        if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
+                return 0;
+        if (sec_level == BT_SECURITY_LOW)
+                return 1;
+        if (hcon->sec_level >= sec_level)
+                return 1;
+        authreq = seclevel_to_authreq(sec_level);
+        if (hcon->link_mode & HCI_LM_MASTER) {
+                struct smp_cmd_pairing cp;
+                struct link_key *key;
+                key = hci_find_link_key_type(hcon->hdev, conn->dst,
+                                                        HCI_LK_SMP_LTK);
+                if (key) {
+                        struct key_master_id *master = (void *) key->data;
+                        hci_le_start_enc(hcon, master->ediv, master->rand,
+                                                                key->val);
+                        hcon->enc_key_size = key->pin_len;
+                        goto done;
+                }
+                build_pairing_cmd(conn, &cp, NULL, authreq);
+                conn->preq[0] = SMP_CMD_PAIRING_REQ;
+                memcpy(&conn->preq[1], &cp, sizeof(cp));
+                mod_timer(&conn->security_timer, jiffies +
+                                        msecs_to_jiffies(SMP_TIMEOUT));
+                smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
+        } else {
+                struct smp_cmd_security_req cp;
+                cp.auth_req = authreq;
+                smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
+        }
+done:
+        hcon->pending_sec_level = sec_level;
+        set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
+        return 0;
+}
+static int smp_cmd_encrypt_info(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct smp_cmd_encrypt_info *rp = (void *) skb->data;
+        skb_pull(skb, sizeof(*rp));
+        memcpy(conn->tk, rp->ltk, sizeof(conn->tk));
+        return 0;
+}
+static int smp_cmd_master_ident(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        struct smp_cmd_master_ident *rp = (void *) skb->data;
+        skb_pull(skb, sizeof(*rp));
+        hci_add_ltk(conn->hcon->hdev, 1, conn->src, conn->smp_key_size,
+                                                rp->ediv, rp->rand, conn->tk);
+        smp_distribute_keys(conn, 1);
+        return 0;
+}
+int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb)
+{
+        __u8 code = skb->data[0];
+        __u8 reason;
+        int err = 0;
+        if (!lmp_host_le_capable(conn->hcon->hdev)) {
+                err = -ENOTSUPP;
+                reason = SMP_PAIRING_NOTSUPP;
+                goto done;
+        }
+        if (IS_ERR(conn->hcon->hdev->tfm)) {
+                err = PTR_ERR(conn->hcon->hdev->tfm);
+                reason = SMP_PAIRING_NOTSUPP;
+                goto done;
+        }
+        skb_pull(skb, sizeof(code));
+        switch (code) {
+        case SMP_CMD_PAIRING_REQ:
+                reason = smp_cmd_pairing_req(conn, skb);
+                break;
+        case SMP_CMD_PAIRING_FAIL:
+                reason = 0;
+                err = -EPERM;
+                break;
+        case SMP_CMD_PAIRING_RSP:
+                reason = smp_cmd_pairing_rsp(conn, skb);
+                break;
+        case SMP_CMD_SECURITY_REQ:
+                reason = smp_cmd_security_req(conn, skb);
+                break;
+        case SMP_CMD_PAIRING_CONFIRM:
+                reason = smp_cmd_pairing_confirm(conn, skb);
+                break;
+        case SMP_CMD_PAIRING_RANDOM:
+                reason = smp_cmd_pairing_random(conn, skb);
+                break;
+        case SMP_CMD_ENCRYPT_INFO:
+                reason = smp_cmd_encrypt_info(conn, skb);
+                break;
+        case SMP_CMD_MASTER_IDENT:
+                reason = smp_cmd_master_ident(conn, skb);
+                break;
+        case SMP_CMD_IDENT_INFO:
+        case SMP_CMD_IDENT_ADDR_INFO:
+        case SMP_CMD_SIGN_INFO:
+                /* Just ignored */
+                reason = 0;
+                break;
+        default:
+                BT_DBG("Unknown command code 0x%2.2x", code);
+                reason = SMP_CMD_NOTSUPP;
+                err = -EOPNOTSUPP;
+                goto done;
+        }
+done:
+        if (reason)
+                smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
+                                                                &reason);
+        kfree_skb(skb);
+        return err;
+}
+int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
+{
+        struct smp_cmd_pairing *req, *rsp;
+        __u8 *keydist;
+        BT_DBG("conn %p force %d", conn, force);
+        if (IS_ERR(conn->hcon->hdev->tfm))
+                return PTR_ERR(conn->hcon->hdev->tfm);
+        rsp = (void *) &conn->prsp[1];
+        /* The responder sends its keys first */
+        if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
+                return 0;
+        req = (void *) &conn->preq[1];
+        if (conn->hcon->out) {
+                keydist = &rsp->init_key_dist;
+                *keydist &= req->init_key_dist;
+        } else {
+                keydist = &rsp->resp_key_dist;
+                *keydist &= req->resp_key_dist;
+        }
+        BT_DBG("keydist 0x%x", *keydist);
+        if (*keydist & SMP_DIST_ENC_KEY) {
+                struct smp_cmd_encrypt_info enc;
+                struct smp_cmd_master_ident ident;
+                __le16 ediv;
+                get_random_bytes(enc.ltk, sizeof(enc.ltk));
+                get_random_bytes(&ediv, sizeof(ediv));
+                get_random_bytes(ident.rand, sizeof(ident.rand));
+                smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
+                hci_add_ltk(conn->hcon->hdev, 1, conn->dst, conn->smp_key_size,
+                                                ediv, ident.rand, enc.ltk);
+                ident.ediv = cpu_to_le16(ediv);
+                smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
+                *keydist &= ~SMP_DIST_ENC_KEY;
+        }
+        if (*keydist & SMP_DIST_ID_KEY) {
+                struct smp_cmd_ident_addr_info addrinfo;
+                struct smp_cmd_ident_info idinfo;
+                /* Send a dummy key */
+                get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
+                smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
+                /* Just public address */
+                memset(&addrinfo, 0, sizeof(addrinfo));
+                bacpy(&addrinfo.bdaddr, conn->src);
+                smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
+                                                                &addrinfo);
+                *keydist &= ~SMP_DIST_ID_KEY;
+        }
+        if (*keydist & SMP_DIST_SIGN) {
+                struct smp_cmd_sign_info sign;
+                /* Send a dummy key */
+                get_random_bytes(sign.csrk, sizeof(sign.csrk));
+                smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
+                *keydist &= ~SMP_DIST_SIGN;
+        }
+        return 0;
+}

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c new file mode 100644 index 00000000000..c45dd737cdd --- /dev/null +++ b/net/bluetooth/smp.c
@@ -0,0 +1,705 @@
	1	/*
	2	BlueZ - Bluetooth protocol stack for Linux
	3	Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies).
	4
	5	This program is free software; you can redistribute it and/or modify
	6	it under the terms of the GNU General Public License version 2 as
	7	published by the Free Software Foundation;
	8
	9	THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
	10	OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
	11	FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
	12	IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
	13	CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
	14	WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	15	ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	16	OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	17
	18	ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
	19	COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
	20	SOFTWARE IS DISCLAIMED.
	21	*/
	22
	23	#include <net/bluetooth/bluetooth.h>
	24	#include <net/bluetooth/hci_core.h>
	25	#include <net/bluetooth/l2cap.h>
	26	#include <net/bluetooth/smp.h>
	27	#include <linux/crypto.h>
	28	#include <linux/scatterlist.h>
	29	#include <crypto/b128ops.h>
	30
	31	#define SMP_TIMEOUT 30000 /* 30 seconds */
	32
	33	static inline void swap128(u8 src[16], u8 dst[16])
	34	{
	35	int i;
	36	for (i = 0; i < 16; i++)
	37	dst[15 - i] = src[i];
	38	}
	39
	40	static inline void swap56(u8 src[7], u8 dst[7])
	41	{
	42	int i;
	43	for (i = 0; i < 7; i++)
	44	dst[6 - i] = src[i];
	45	}
	46
	47	static int smp_e(struct crypto_blkcipher tfm, const u8 k, u8 *r)
	48	{
	49	struct blkcipher_desc desc;
	50	struct scatterlist sg;
	51	int err, iv_len;
	52	unsigned char iv[128];
	53
	54	if (tfm == NULL) {
	55	BT_ERR("tfm %p", tfm);
	56	return -EINVAL;
	57	}
	58
	59	desc.tfm = tfm;
	60	desc.flags = 0;
	61
	62	err = crypto_blkcipher_setkey(tfm, k, 16);
	63	if (err) {
	64	BT_ERR("cipher setkey failed: %d", err);
	65	return err;
	66	}
	67
	68	sg_init_one(&sg, r, 16);
	69
	70	iv_len = crypto_blkcipher_ivsize(tfm);
	71	if (iv_len) {
	72	memset(&iv, 0xff, iv_len);
	73	crypto_blkcipher_set_iv(tfm, iv, iv_len);
	74	}
	75
	76	err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
	77	if (err)
	78	BT_ERR("Encrypt data error %d", err);
	79
	80	return err;
	81	}
	82
	83	static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
	84	u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
	85	u8 _rat, bdaddr_t *ra, u8 res[16])
	86	{
	87	u8 p1[16], p2[16];
	88	int err;
	89
	90	memset(p1, 0, 16);
	91
	92	/* p1 = pres \|\| preq \|\| _rat \|\| _iat */
	93	swap56(pres, p1);
	94	swap56(preq, p1 + 7);
	95	p1[14] = _rat;
	96	p1[15] = _iat;
	97
	98	memset(p2, 0, 16);
	99
	100	/* p2 = padding \|\| ia \|\| ra */
	101	baswap((bdaddr_t *) (p2 + 4), ia);
	102	baswap((bdaddr_t *) (p2 + 10), ra);
	103
	104	/* res = r XOR p1 */
	105	u128_xor((u128 ) res, (u128 ) r, (u128 *) p1);
	106
	107	/* res = e(k, res) */
	108	err = smp_e(tfm, k, res);
	109	if (err) {
	110	BT_ERR("Encrypt data error");
	111	return err;
	112	}
	113
	114	/* res = res XOR p2 */
	115	u128_xor((u128 ) res, (u128 ) res, (u128 *) p2);
	116
	117	/* res = e(k, res) */
	118	err = smp_e(tfm, k, res);
	119	if (err)
	120	BT_ERR("Encrypt data error");
	121
	122	return err;
	123	}
	124
	125	static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
	126	u8 r1[16], u8 r2[16], u8 _r[16])
	127	{
	128	int err;
	129
	130	/* Just least significant octets from r1 and r2 are considered */
	131	memcpy(_r, r1 + 8, 8);
	132	memcpy(_r + 8, r2 + 8, 8);
	133
	134	err = smp_e(tfm, k, _r);
	135	if (err)
	136	BT_ERR("Encrypt data error");
	137
	138	return err;
	139	}
	140
	141	static int smp_rand(u8 *buf)
	142	{
	143	get_random_bytes(buf, 16);
	144
	145	return 0;
	146	}
	147
	148	static struct sk_buff smp_build_cmd(struct l2cap_conn conn, u8 code,
	149	u16 dlen, void *data)
	150	{
	151	struct sk_buff *skb;
	152	struct l2cap_hdr *lh;
	153	int len;
	154
	155	len = L2CAP_HDR_SIZE + sizeof(code) + dlen;
	156
	157	if (len > conn->mtu)
	158	return NULL;
	159
	160	skb = bt_skb_alloc(len, GFP_ATOMIC);
	161	if (!skb)
	162	return NULL;
	163
	164	lh = (struct l2cap_hdr *) skb_put(skb, L2CAP_HDR_SIZE);
	165	lh->len = cpu_to_le16(sizeof(code) + dlen);
	166	lh->cid = cpu_to_le16(L2CAP_CID_SMP);
	167
	168	memcpy(skb_put(skb, sizeof(code)), &code, sizeof(code));
	169
	170	memcpy(skb_put(skb, dlen), data, dlen);
	171
	172	return skb;
	173	}
	174
	175	static void smp_send_cmd(struct l2cap_conn conn, u8 code, u16 len, void data)
	176	{
	177	struct sk_buff *skb = smp_build_cmd(conn, code, len, data);
	178
	179	BT_DBG("code 0x%2.2x", code);
	180
	181	if (!skb)
	182	return;
	183
	184	hci_send_acl(conn->hcon, skb, 0);
	185	}
	186
	187	static __u8 seclevel_to_authreq(__u8 level)
	188	{
	189	switch (level) {
	190	case BT_SECURITY_HIGH:
	191	/* Right now we don't support bonding */
	192	return SMP_AUTH_MITM;
	193
	194	default:
	195	return SMP_AUTH_NONE;
	196	}
	197	}
	198
	199	static void build_pairing_cmd(struct l2cap_conn *conn,
	200	struct smp_cmd_pairing *req,
	201	struct smp_cmd_pairing *rsp,
	202	__u8 authreq)
	203	{
	204	u8 dist_keys;
	205
	206	dist_keys = 0;
	207	if (test_bit(HCI_PAIRABLE, &conn->hcon->hdev->flags)) {
	208	dist_keys = SMP_DIST_ENC_KEY \| SMP_DIST_ID_KEY \| SMP_DIST_SIGN;
	209	authreq \|= SMP_AUTH_BONDING;
	210	}
	211
	212	if (rsp == NULL) {
	213	req->io_capability = conn->hcon->io_capability;
	214	req->oob_flag = SMP_OOB_NOT_PRESENT;
	215	req->max_key_size = SMP_MAX_ENC_KEY_SIZE;
	216	req->init_key_dist = dist_keys;
	217	req->resp_key_dist = dist_keys;
	218	req->auth_req = authreq;
	219	return;
	220	}
	221
	222	rsp->io_capability = conn->hcon->io_capability;
	223	rsp->oob_flag = SMP_OOB_NOT_PRESENT;
	224	rsp->max_key_size = SMP_MAX_ENC_KEY_SIZE;
	225	rsp->init_key_dist = req->init_key_dist & dist_keys;
	226	rsp->resp_key_dist = req->resp_key_dist & dist_keys;
	227	rsp->auth_req = authreq;
	228	}
	229
	230	static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
	231	{
	232	if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) \|\|
	233	(max_key_size < SMP_MIN_ENC_KEY_SIZE))
	234	return SMP_ENC_KEY_SIZE;
	235
	236	conn->smp_key_size = max_key_size;
	237
	238	return 0;
	239	}
	240
	241	static u8 smp_cmd_pairing_req(struct l2cap_conn conn, struct sk_buff skb)
	242	{
	243	struct smp_cmd_pairing rsp, req = (void ) skb->data;
	244	u8 key_size;
	245
	246	BT_DBG("conn %p", conn);
	247
	248	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	249	memcpy(&conn->preq[1], req, sizeof(*req));
	250	skb_pull(skb, sizeof(*req));
	251
	252	if (req->oob_flag)
	253	return SMP_OOB_NOT_AVAIL;
	254
	255	/* We didn't start the pairing, so no requirements */
	256	build_pairing_cmd(conn, req, &rsp, SMP_AUTH_NONE);
	257
	258	key_size = min(req->max_key_size, rsp.max_key_size);
	259	if (check_enc_key_size(conn, key_size))
	260	return SMP_ENC_KEY_SIZE;
	261
	262	/* Just works */
	263	memset(conn->tk, 0, sizeof(conn->tk));
	264
	265	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
	266	memcpy(&conn->prsp[1], &rsp, sizeof(rsp));
	267
	268	smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
	269
	270	mod_timer(&conn->security_timer, jiffies +
	271	msecs_to_jiffies(SMP_TIMEOUT));
	272
	273	mod_timer(&conn->security_timer, jiffies +
	274	msecs_to_jiffies(SMP_TIMEOUT));
	275
	276	return 0;
	277	}
	278
	279	static u8 smp_cmd_pairing_rsp(struct l2cap_conn conn, struct sk_buff skb)
	280	{
	281	struct smp_cmd_pairing req, rsp = (void *) skb->data;
	282	struct smp_cmd_pairing_confirm cp;
	283	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
	284	int ret;
	285	u8 res[16], key_size;
	286
	287	BT_DBG("conn %p", conn);
	288
	289	skb_pull(skb, sizeof(*rsp));
	290
	291	req = (void *) &conn->preq[1];
	292
	293	key_size = min(req->max_key_size, rsp->max_key_size);
	294	if (check_enc_key_size(conn, key_size))
	295	return SMP_ENC_KEY_SIZE;
	296
	297	if (rsp->oob_flag)
	298	return SMP_OOB_NOT_AVAIL;
	299
	300	/* Just works */
	301	memset(conn->tk, 0, sizeof(conn->tk));
	302
	303	conn->prsp[0] = SMP_CMD_PAIRING_RSP;
	304	memcpy(&conn->prsp[1], rsp, sizeof(*rsp));
	305
	306	ret = smp_rand(conn->prnd);
	307	if (ret)
	308	return SMP_UNSPECIFIED;
	309
	310	ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp, 0,
	311	conn->src, conn->hcon->dst_type, conn->dst, res);
	312	if (ret)
	313	return SMP_UNSPECIFIED;
	314
	315	swap128(res, cp.confirm_val);
	316
	317	smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
	318
	319	return 0;
	320	}
	321
	322	static u8 smp_cmd_pairing_confirm(struct l2cap_conn conn, struct sk_buff skb)
	323	{
	324	struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
	325
	326	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
	327
	328	memcpy(conn->pcnf, skb->data, sizeof(conn->pcnf));
	329	skb_pull(skb, sizeof(conn->pcnf));
	330
	331	if (conn->hcon->out) {
	332	u8 random[16];
	333
	334	swap128(conn->prnd, random);
	335	smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(random),
	336	random);
	337	} else {
	338	struct smp_cmd_pairing_confirm cp;
	339	int ret;
	340	u8 res[16];
	341
	342	ret = smp_rand(conn->prnd);
	343	if (ret)
	344	return SMP_UNSPECIFIED;
	345
	346	ret = smp_c1(tfm, conn->tk, conn->prnd, conn->preq, conn->prsp,
	347	conn->hcon->dst_type, conn->dst,
	348	0, conn->src, res);
	349	if (ret)
	350	return SMP_CONFIRM_FAILED;
	351
	352	swap128(res, cp.confirm_val);
	353
	354	smp_send_cmd(conn, SMP_CMD_PAIRING_CONFIRM, sizeof(cp), &cp);
	355	}
	356
	357	mod_timer(&conn->security_timer, jiffies +
	358	msecs_to_jiffies(SMP_TIMEOUT));
	359
	360	return 0;
	361	}
	362
	363	static u8 smp_cmd_pairing_random(struct l2cap_conn conn, struct sk_buff skb)
	364	{
	365	struct hci_conn *hcon = conn->hcon;
	366	struct crypto_blkcipher *tfm = hcon->hdev->tfm;
	367	int ret;
	368	u8 key[16], res[16], random[16], confirm[16];
	369
	370	swap128(skb->data, random);
	371	skb_pull(skb, sizeof(random));
	372
	373	if (conn->hcon->out)
	374	ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp, 0,
	375	conn->src, conn->hcon->dst_type, conn->dst,
	376	res);
	377	else
	378	ret = smp_c1(tfm, conn->tk, random, conn->preq, conn->prsp,
	379	conn->hcon->dst_type, conn->dst, 0, conn->src,
	380	res);
	381	if (ret)
	382	return SMP_UNSPECIFIED;
	383
	384	BT_DBG("conn %p %s", conn, conn->hcon->out ? "master" : "slave");
	385
	386	swap128(res, confirm);
	387
	388	if (memcmp(conn->pcnf, confirm, sizeof(conn->pcnf)) != 0) {
	389	BT_ERR("Pairing failed (confirmation values mismatch)");
	390	return SMP_CONFIRM_FAILED;
	391	}
	392
	393	if (conn->hcon->out) {
	394	u8 stk[16], rand[8];
	395	__le16 ediv;
	396
	397	memset(rand, 0, sizeof(rand));
	398	ediv = 0;
	399
	400	smp_s1(tfm, conn->tk, random, conn->prnd, key);
	401	swap128(key, stk);
	402
	403	memset(stk + conn->smp_key_size, 0,
	404	SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
	405
	406	hci_le_start_enc(hcon, ediv, rand, stk);
	407	hcon->enc_key_size = conn->smp_key_size;
	408	} else {
	409	u8 stk[16], r[16], rand[8];
	410	__le16 ediv;
	411
	412	memset(rand, 0, sizeof(rand));
	413	ediv = 0;
	414
	415	swap128(conn->prnd, r);
	416	smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(r), r);
	417
	418	smp_s1(tfm, conn->tk, conn->prnd, random, key);
	419	swap128(key, stk);
	420
	421	memset(stk + conn->smp_key_size, 0,
	422	SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
	423
	424	hci_add_ltk(conn->hcon->hdev, 0, conn->dst, conn->smp_key_size,
	425	ediv, rand, stk);
	426	}
	427
	428	return 0;
	429	}
	430
	431	static u8 smp_cmd_security_req(struct l2cap_conn conn, struct sk_buff skb)
	432	{
	433	struct smp_cmd_security_req rp = (void ) skb->data;
	434	struct smp_cmd_pairing cp;
	435	struct hci_conn *hcon = conn->hcon;
	436
	437	BT_DBG("conn %p", conn);
	438
	439	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
	440	return 0;
	441
	442	skb_pull(skb, sizeof(*rp));
	443
	444	memset(&cp, 0, sizeof(cp));
	445	build_pairing_cmd(conn, &cp, NULL, rp->auth_req);
	446
	447	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	448	memcpy(&conn->preq[1], &cp, sizeof(cp));
	449
	450	smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
	451
	452	mod_timer(&conn->security_timer, jiffies +
	453	msecs_to_jiffies(SMP_TIMEOUT));
	454
	455	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
	456
	457	return 0;
	458	}
	459
	460	int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
	461	{
	462	struct hci_conn *hcon = conn->hcon;
	463	__u8 authreq;
	464
	465	BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);
	466
	467	if (!lmp_host_le_capable(hcon->hdev))
	468	return 1;
	469
	470	if (IS_ERR(hcon->hdev->tfm))
	471	return 1;
	472
	473	if (test_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend))
	474	return 0;
	475
	476	if (sec_level == BT_SECURITY_LOW)
	477	return 1;
	478
	479	if (hcon->sec_level >= sec_level)
	480	return 1;
	481
	482	authreq = seclevel_to_authreq(sec_level);
	483
	484	if (hcon->link_mode & HCI_LM_MASTER) {
	485	struct smp_cmd_pairing cp;
	486	struct link_key *key;
	487
	488	key = hci_find_link_key_type(hcon->hdev, conn->dst,
	489	HCI_LK_SMP_LTK);
	490	if (key) {
	491	struct key_master_id master = (void ) key->data;
	492
	493	hci_le_start_enc(hcon, master->ediv, master->rand,
	494	key->val);
	495	hcon->enc_key_size = key->pin_len;
	496
	497	goto done;
	498	}
	499
	500	build_pairing_cmd(conn, &cp, NULL, authreq);
	501	conn->preq[0] = SMP_CMD_PAIRING_REQ;
	502	memcpy(&conn->preq[1], &cp, sizeof(cp));
	503
	504	mod_timer(&conn->security_timer, jiffies +
	505	msecs_to_jiffies(SMP_TIMEOUT));
	506
	507	smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);
	508	} else {
	509	struct smp_cmd_security_req cp;
	510	cp.auth_req = authreq;
	511	smp_send_cmd(conn, SMP_CMD_SECURITY_REQ, sizeof(cp), &cp);
	512	}
	513
	514	done:
	515	hcon->pending_sec_level = sec_level;
	516	set_bit(HCI_CONN_ENCRYPT_PEND, &hcon->pend);
	517
	518	return 0;
	519	}
	520
	521	static int smp_cmd_encrypt_info(struct l2cap_conn conn, struct sk_buff skb)
	522	{
	523	struct smp_cmd_encrypt_info rp = (void ) skb->data;
	524
	525	skb_pull(skb, sizeof(*rp));
	526
	527	memcpy(conn->tk, rp->ltk, sizeof(conn->tk));
	528
	529	return 0;
	530	}
	531
	532	static int smp_cmd_master_ident(struct l2cap_conn conn, struct sk_buff skb)
	533	{
	534	struct smp_cmd_master_ident rp = (void ) skb->data;
	535
	536	skb_pull(skb, sizeof(*rp));
	537
	538	hci_add_ltk(conn->hcon->hdev, 1, conn->src, conn->smp_key_size,
	539	rp->ediv, rp->rand, conn->tk);
	540
	541	smp_distribute_keys(conn, 1);
	542
	543	return 0;
	544	}
	545
	546	int smp_sig_channel(struct l2cap_conn conn, struct sk_buff skb)
	547	{
	548	__u8 code = skb->data[0];
	549	__u8 reason;
	550	int err = 0;
	551
	552	if (!lmp_host_le_capable(conn->hcon->hdev)) {
	553	err = -ENOTSUPP;
	554	reason = SMP_PAIRING_NOTSUPP;
	555	goto done;
	556	}
	557
	558	if (IS_ERR(conn->hcon->hdev->tfm)) {
	559	err = PTR_ERR(conn->hcon->hdev->tfm);
	560	reason = SMP_PAIRING_NOTSUPP;
	561	goto done;
	562	}
	563
	564	skb_pull(skb, sizeof(code));
	565
	566	switch (code) {
	567	case SMP_CMD_PAIRING_REQ:
	568	reason = smp_cmd_pairing_req(conn, skb);
	569	break;
	570
	571	case SMP_CMD_PAIRING_FAIL:
	572	reason = 0;
	573	err = -EPERM;
	574	break;
	575
	576	case SMP_CMD_PAIRING_RSP:
	577	reason = smp_cmd_pairing_rsp(conn, skb);
	578	break;
	579
	580	case SMP_CMD_SECURITY_REQ:
	581	reason = smp_cmd_security_req(conn, skb);
	582	break;
	583
	584	case SMP_CMD_PAIRING_CONFIRM:
	585	reason = smp_cmd_pairing_confirm(conn, skb);
	586	break;
	587
	588	case SMP_CMD_PAIRING_RANDOM:
	589	reason = smp_cmd_pairing_random(conn, skb);
	590	break;
	591
	592	case SMP_CMD_ENCRYPT_INFO:
	593	reason = smp_cmd_encrypt_info(conn, skb);
	594	break;
	595
	596	case SMP_CMD_MASTER_IDENT:
	597	reason = smp_cmd_master_ident(conn, skb);
	598	break;
	599
	600	case SMP_CMD_IDENT_INFO:
	601	case SMP_CMD_IDENT_ADDR_INFO:
	602	case SMP_CMD_SIGN_INFO:
	603	/* Just ignored */
	604	reason = 0;
	605	break;
	606
	607	default:
	608	BT_DBG("Unknown command code 0x%2.2x", code);
	609
	610	reason = SMP_CMD_NOTSUPP;
	611	err = -EOPNOTSUPP;
	612	goto done;
	613	}
	614
	615	done:
	616	if (reason)
	617	smp_send_cmd(conn, SMP_CMD_PAIRING_FAIL, sizeof(reason),
	618	&reason);
	619
	620	kfree_skb(skb);
	621	return err;
	622	}
	623
	624	int smp_distribute_keys(struct l2cap_conn *conn, __u8 force)
	625	{
	626	struct smp_cmd_pairing req, rsp;
	627	__u8 *keydist;
	628
	629	BT_DBG("conn %p force %d", conn, force);
	630
	631	if (IS_ERR(conn->hcon->hdev->tfm))
	632	return PTR_ERR(conn->hcon->hdev->tfm);
	633
	634	rsp = (void *) &conn->prsp[1];
	635
	636	/* The responder sends its keys first */
	637	if (!force && conn->hcon->out && (rsp->resp_key_dist & 0x07))
	638	return 0;
	639
	640	req = (void *) &conn->preq[1];
	641
	642	if (conn->hcon->out) {
	643	keydist = &rsp->init_key_dist;
	644	*keydist &= req->init_key_dist;
	645	} else {
	646	keydist = &rsp->resp_key_dist;
	647	*keydist &= req->resp_key_dist;
	648	}
	649
	650
	651	BT_DBG("keydist 0x%x", *keydist);
	652
	653	if (*keydist & SMP_DIST_ENC_KEY) {
	654	struct smp_cmd_encrypt_info enc;
	655	struct smp_cmd_master_ident ident;
	656	__le16 ediv;
	657
	658	get_random_bytes(enc.ltk, sizeof(enc.ltk));
	659	get_random_bytes(&ediv, sizeof(ediv));
	660	get_random_bytes(ident.rand, sizeof(ident.rand));
	661
	662	smp_send_cmd(conn, SMP_CMD_ENCRYPT_INFO, sizeof(enc), &enc);
	663
	664	hci_add_ltk(conn->hcon->hdev, 1, conn->dst, conn->smp_key_size,
	665	ediv, ident.rand, enc.ltk);
	666
	667	ident.ediv = cpu_to_le16(ediv);
	668
	669	smp_send_cmd(conn, SMP_CMD_MASTER_IDENT, sizeof(ident), &ident);
	670
	671	*keydist &= ~SMP_DIST_ENC_KEY;
	672	}
	673
	674	if (*keydist & SMP_DIST_ID_KEY) {
	675	struct smp_cmd_ident_addr_info addrinfo;
	676	struct smp_cmd_ident_info idinfo;
	677
	678	/* Send a dummy key */
	679	get_random_bytes(idinfo.irk, sizeof(idinfo.irk));
	680
	681	smp_send_cmd(conn, SMP_CMD_IDENT_INFO, sizeof(idinfo), &idinfo);
	682
	683	/* Just public address */
	684	memset(&addrinfo, 0, sizeof(addrinfo));
	685	bacpy(&addrinfo.bdaddr, conn->src);
	686
	687	smp_send_cmd(conn, SMP_CMD_IDENT_ADDR_INFO, sizeof(addrinfo),
	688	&addrinfo);
	689
	690	*keydist &= ~SMP_DIST_ID_KEY;
	691	}
	692
	693	if (*keydist & SMP_DIST_SIGN) {
	694	struct smp_cmd_sign_info sign;
	695
	696	/* Send a dummy key */
	697	get_random_bytes(sign.csrk, sizeof(sign.csrk));
	698
	699	smp_send_cmd(conn, SMP_CMD_SIGN_INFO, sizeof(sign), &sign);
	700
	701	*keydist &= ~SMP_DIST_SIGN;
	702	}
	703
	704	return 0;
	705	}