Bluetooth: Add support for LE SC key generation

As the last step of the LE SC pairing process it's time to generate and distribute keys. The generation part is unique to LE SC and so this patch adds a dedicated function for it. We also clear the distribution bits for keys which are not distributed with LE SC, so that the code shared with legacy SMP will not go ahead and try to distribute them. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
author: Johan Hedberg <johan.hedberg@intel.com> 2014-06-06 04:54:04 -0400
committer: Marcel Holtmann <marcel@holtmann.org> 2014-12-03 10:51:18 -0500
commit: 6a77083af57f2dc515a01c8ec82610ab0e7baa59 (patch)
tree: 98f03ccb27bc3811671fa0d085b9a4852a049425 /net/bluetooth
parent: 6433a9a2c47e5b3ddfdb86ee5b57a6eada1f6da7 (diff)
1 files changed, 57 insertions, 0 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index f59f0510e0b0..20fa07aa9364 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -77,6 +77,7 @@ struct smp_chan {
        struct smp_ltk  *ltk;
        struct smp_ltk  *slave_ltk;
        struct smp_irk  *remote_irk;
+        u8              *link_key;
        unsigned long   flags;
        /* Secure Connections variables */
@@ -321,6 +322,22 @@ static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
        return err;
 }
+static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16],
+                  const u8 key_id[4], u8 res[16])
+{
+        int err;
+        BT_DBG("w %16phN key_id %4phN", w, key_id);
+        err = aes_cmac(tfm_cmac, w, key_id, 4, res);
+        if (err)
+                return err;
+        BT_DBG("res %16phN", res);
+        return err;
+}
 static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
 {
        u8 _res[16];
@@ -594,6 +611,7 @@ static void smp_chan_destroy(struct l2cap_conn *conn)
        kfree(smp->csrk);
        kfree(smp->slave_csrk);
+        kfree(smp->link_key);
        crypto_free_blkcipher(smp->tfm_aes);
        crypto_free_hash(smp->tfm_cmac);
@@ -907,6 +925,37 @@ static void smp_notify_keys(struct l2cap_conn *conn)
                bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
                mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
        }
+        if (smp->link_key) {
+                hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
+                                 smp->link_key, HCI_LK_AUTH_COMBINATION_P256,
+                                 0, NULL);
+        }
+}
+static void sc_generate_link_key(struct smp_chan *smp)
+{
+        /* These constants are as specified in the core specification.
+         * In ASCII they spell out to 'tmp1' and 'lebr'.
+         */
+        const u8 tmp1[4] = { 0x31, 0x70, 0x6d, 0x74 };
+        const u8 lebr[4] = { 0x72, 0x62, 0x65, 0x6c };
+        smp->link_key = kzalloc(16, GFP_KERNEL);
+        if (!smp->link_key)
+                return;
+        if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
+                kfree(smp->link_key);
+                smp->link_key = NULL;
+                return;
+        }
+        if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
+                kfree(smp->link_key);
+                smp->link_key = NULL;
+                return;
+        }
 }
 static void smp_allow_key_dist(struct smp_chan *smp)
@@ -951,6 +1000,14 @@ static void smp_distribute_keys(struct smp_chan *smp)
                *keydist &= req->resp_key_dist;
        }
+        if (test_bit(SMP_FLAG_SC, &smp->flags)) {
+                if (*keydist & SMP_DIST_LINK_KEY)
+                        sc_generate_link_key(smp);
+                /* Clear the keys which are generated but not distributed */
+                *keydist &= ~SMP_SC_NO_DIST;
+        }
        BT_DBG("keydist 0x%x", *keydist);
        if (*keydist & SMP_DIST_ENC_KEY) {
author	Johan Hedberg <johan.hedberg@intel.com>	2014-06-06 04:54:04 -0400
committer	Marcel Holtmann <marcel@holtmann.org>	2014-12-03 10:51:18 -0500
commit	6a77083af57f2dc515a01c8ec82610ab0e7baa59 (patch)
tree	98f03ccb27bc3811671fa0d085b9a4852a049425 /net/bluetooth
parent	6433a9a2c47e5b3ddfdb86ee5b57a6eada1f6da7 (diff)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index f59f0510e0b0..20fa07aa9364 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c
@@ -77,6 +77,7 @@ struct smp_chan {
77	struct smp_ltk *ltk;	77	struct smp_ltk *ltk;
78	struct smp_ltk *slave_ltk;	78	struct smp_ltk *slave_ltk;
79	struct smp_irk *remote_irk;	79	struct smp_irk *remote_irk;
		80	u8 *link_key;
80	unsigned long flags;	81	unsigned long flags;
81		82
82	/* Secure Connections variables */	83	/* Secure Connections variables */
@@ -321,6 +322,22 @@ static int smp_e(struct crypto_blkcipher tfm, const u8 k, u8 *r)
321	return err;	322	return err;
322	}	323	}
323		324
		325	static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16],
		326	const u8 key_id[4], u8 res[16])
		327	{
		328	int err;
		329
		330	BT_DBG("w %16phN key_id %4phN", w, key_id);
		331
		332	err = aes_cmac(tfm_cmac, w, key_id, 4, res);
		333	if (err)
		334	return err;
		335
		336	BT_DBG("res %16phN", res);
		337
		338	return err;
		339	}
		340
324	static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])	341	static int smp_ah(struct crypto_blkcipher *tfm, u8 irk[16], u8 r[3], u8 res[3])
325	{	342	{
326	u8 _res[16];	343	u8 _res[16];
@@ -594,6 +611,7 @@ static void smp_chan_destroy(struct l2cap_conn *conn)
594		611
595	kfree(smp->csrk);	612	kfree(smp->csrk);
596	kfree(smp->slave_csrk);	613	kfree(smp->slave_csrk);
		614	kfree(smp->link_key);
597		615
598	crypto_free_blkcipher(smp->tfm_aes);	616	crypto_free_blkcipher(smp->tfm_aes);
599	crypto_free_hash(smp->tfm_cmac);	617	crypto_free_hash(smp->tfm_cmac);
@@ -907,6 +925,37 @@ static void smp_notify_keys(struct l2cap_conn *conn)
907	bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);	925	bacpy(&smp->slave_ltk->bdaddr, &hcon->dst);
908	mgmt_new_ltk(hdev, smp->slave_ltk, persistent);	926	mgmt_new_ltk(hdev, smp->slave_ltk, persistent);
909	}	927	}
		928
		929	if (smp->link_key) {
		930	hci_add_link_key(hdev, smp->conn->hcon, &hcon->dst,
		931	smp->link_key, HCI_LK_AUTH_COMBINATION_P256,
		932	0, NULL);
		933	}
		934	}
		935
		936	static void sc_generate_link_key(struct smp_chan *smp)
		937	{
		938	/* These constants are as specified in the core specification.
		939	* In ASCII they spell out to 'tmp1' and 'lebr'.
		940	*/
		941	const u8 tmp1[4] = { 0x31, 0x70, 0x6d, 0x74 };
		942	const u8 lebr[4] = { 0x72, 0x62, 0x65, 0x6c };
		943
		944	smp->link_key = kzalloc(16, GFP_KERNEL);
		945	if (!smp->link_key)
		946	return;
		947
		948	if (smp_h6(smp->tfm_cmac, smp->tk, tmp1, smp->link_key)) {
		949	kfree(smp->link_key);
		950	smp->link_key = NULL;
		951	return;
		952	}
		953
		954	if (smp_h6(smp->tfm_cmac, smp->link_key, lebr, smp->link_key)) {
		955	kfree(smp->link_key);
		956	smp->link_key = NULL;
		957	return;
		958	}
910	}	959	}
911		960
912	static void smp_allow_key_dist(struct smp_chan *smp)	961	static void smp_allow_key_dist(struct smp_chan *smp)
@@ -951,6 +1000,14 @@ static void smp_distribute_keys(struct smp_chan *smp)
951	*keydist &= req->resp_key_dist;	1000	*keydist &= req->resp_key_dist;
952	}	1001	}
953		1002
		1003	if (test_bit(SMP_FLAG_SC, &smp->flags)) {
		1004	if (*keydist & SMP_DIST_LINK_KEY)
		1005	sc_generate_link_key(smp);
		1006
		1007	/* Clear the keys which are generated but not distributed */
		1008	*keydist &= ~SMP_SC_NO_DIST;
		1009	}
		1010
954	BT_DBG("keydist 0x%x", *keydist);	1011	BT_DBG("keydist 0x%x", *keydist);
955		1012
956	if (*keydist & SMP_DIST_ENC_KEY) {	1013	if (*keydist & SMP_DIST_ENC_KEY) {