aboutsummaryrefslogtreecommitdiffstats
path: root/net/bluetooth
diff options
context:
space:
mode:
authorJohan Hedberg <johan.hedberg@intel.com>2014-12-01 15:03:16 -0500
committerMarcel Holtmann <marcel@holtmann.org>2014-12-03 10:51:21 -0500
commitc7a3d57db67ce7524c72ecb33f82c099f270a109 (patch)
treedebe8b6b8b40080cf9ec81a589e5af6d1f5625f3 /net/bluetooth
parenta29b073351ffdda0ce9745f3bd98f5a513c523d7 (diff)
Bluetooth: Introduce SMP_DBG macro for low-level debuging
The various inputs & outputs of the crypto functions as well as the values of the ECDH keys can be considered security sensitive. They should therefore not end up in dmesg by mistake. This patch introduces a new SMP_DBG macro which requires explicit compilation with -DDEBUG to be enabled. All crypto related data logs now use this macro instead of BT_DBG. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'net/bluetooth')
-rw-r--r--net/bluetooth/smp.c68
1 files changed, 40 insertions, 28 deletions
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 059a3da08ad7..13b40e8af95e 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -32,6 +32,18 @@
32#include "ecc.h" 32#include "ecc.h"
33#include "smp.h" 33#include "smp.h"
34 34
35/* Low-level debug macros to be used for stuff that we don't want
36 * accidentially in dmesg, i.e. the values of the various crypto keys
37 * and the inputs & outputs of crypto functions.
38 */
39#ifdef DEBUG
40#define SMP_DBG(fmt, ...) printk(KERN_DEBUG "%s: " fmt, __func__, \
41 ##__VA_ARGS__)
42#else
43#define SMP_DBG(fmt, ...) no_printk(KERN_DEBUG "%s: " fmt, __func__, \
44 ##__VA_ARGS__)
45#endif
46
35#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd) 47#define SMP_ALLOW_CMD(smp, code) set_bit(code, &smp->allow_cmd)
36 48
37/* Keys which are not distributed with Secure Connections */ 49/* Keys which are not distributed with Secure Connections */
@@ -154,8 +166,8 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m,
154 swap_buf(k, tmp, 16); 166 swap_buf(k, tmp, 16);
155 swap_buf(m, msg_msb, len); 167 swap_buf(m, msg_msb, len);
156 168
157 BT_DBG("msg (len %zu) %*phN", len, (int) len, m); 169 SMP_DBG("msg (len %zu) %*phN", len, (int) len, m);
158 BT_DBG("key %16phN", k); 170 SMP_DBG("key %16phN", k);
159 171
160 err = crypto_hash_setkey(tfm, tmp, 16); 172 err = crypto_hash_setkey(tfm, tmp, 16);
161 if (err) { 173 if (err) {
@@ -179,7 +191,7 @@ static int aes_cmac(struct crypto_hash *tfm, const u8 k[16], const u8 *m,
179 191
180 swap_buf(mac_msb, mac, 16); 192 swap_buf(mac_msb, mac, 16);
181 193
182 BT_DBG("mac %16phN", mac); 194 SMP_DBG("mac %16phN", mac);
183 195
184 return 0; 196 return 0;
185} 197}
@@ -190,9 +202,9 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
190 u8 m[65]; 202 u8 m[65];
191 int err; 203 int err;
192 204
193 BT_DBG("u %32phN", u); 205 SMP_DBG("u %32phN", u);
194 BT_DBG("v %32phN", v); 206 SMP_DBG("v %32phN", v);
195 BT_DBG("x %16phN z %02x", x, z); 207 SMP_DBG("x %16phN z %02x", x, z);
196 208
197 m[0] = z; 209 m[0] = z;
198 memcpy(m + 1, v, 32); 210 memcpy(m + 1, v, 32);
@@ -202,7 +214,7 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
202 if (err) 214 if (err)
203 return err; 215 return err;
204 216
205 BT_DBG("res %16phN", res); 217 SMP_DBG("res %16phN", res);
206 218
207 return err; 219 return err;
208} 220}
@@ -223,15 +235,15 @@ static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16],
223 u8 m[53], t[16]; 235 u8 m[53], t[16];
224 int err; 236 int err;
225 237
226 BT_DBG("w %32phN", w); 238 SMP_DBG("w %32phN", w);
227 BT_DBG("n1 %16phN n2 %16phN", n1, n2); 239 SMP_DBG("n1 %16phN n2 %16phN", n1, n2);
228 BT_DBG("a1 %7phN a2 %7phN", a1, a2); 240 SMP_DBG("a1 %7phN a2 %7phN", a1, a2);
229 241
230 err = aes_cmac(tfm_cmac, salt, w, 32, t); 242 err = aes_cmac(tfm_cmac, salt, w, 32, t);
231 if (err) 243 if (err)
232 return err; 244 return err;
233 245
234 BT_DBG("t %16phN", t); 246 SMP_DBG("t %16phN", t);
235 247
236 memcpy(m, length, 2); 248 memcpy(m, length, 2);
237 memcpy(m + 2, a2, 7); 249 memcpy(m + 2, a2, 7);
@@ -246,7 +258,7 @@ static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16],
246 if (err) 258 if (err)
247 return err; 259 return err;
248 260
249 BT_DBG("mackey %16phN", mackey); 261 SMP_DBG("mackey %16phN", mackey);
250 262
251 m[52] = 1; /* Counter */ 263 m[52] = 1; /* Counter */
252 264
@@ -254,7 +266,7 @@ static int smp_f5(struct crypto_hash *tfm_cmac, u8 w[32], u8 n1[16], u8 n2[16],
254 if (err) 266 if (err)
255 return err; 267 return err;
256 268
257 BT_DBG("ltk %16phN", ltk); 269 SMP_DBG("ltk %16phN", ltk);
258 270
259 return 0; 271 return 0;
260} 272}
@@ -267,9 +279,9 @@ static int smp_f6(struct crypto_hash *tfm_cmac, const u8 w[16],
267 u8 m[65]; 279 u8 m[65];
268 int err; 280 int err;
269 281
270 BT_DBG("w %16phN", w); 282 SMP_DBG("w %16phN", w);
271 BT_DBG("n1 %16phN n2 %16phN", n1, n2); 283 SMP_DBG("n1 %16phN n2 %16phN", n1, n2);
272 BT_DBG("r %16phN io_cap %3phN a1 %7phN a2 %7phN", r, io_cap, a1, a2); 284 SMP_DBG("r %16phN io_cap %3phN a1 %7phN a2 %7phN", r, io_cap, a1, a2);
273 285
274 memcpy(m, a2, 7); 286 memcpy(m, a2, 7);
275 memcpy(m + 7, a1, 7); 287 memcpy(m + 7, a1, 7);
@@ -293,9 +305,9 @@ static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
293 u8 m[80], tmp[16]; 305 u8 m[80], tmp[16];
294 int err; 306 int err;
295 307
296 BT_DBG("u %32phN", u); 308 SMP_DBG("u %32phN", u);
297 BT_DBG("v %32phN", v); 309 SMP_DBG("v %32phN", v);
298 BT_DBG("x %16phN y %16phN", x, y); 310 SMP_DBG("x %16phN y %16phN", x, y);
299 311
300 memcpy(m, y, 16); 312 memcpy(m, y, 16);
301 memcpy(m + 16, v, 32); 313 memcpy(m + 16, v, 32);
@@ -308,7 +320,7 @@ static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
308 *val = get_unaligned_le32(tmp); 320 *val = get_unaligned_le32(tmp);
309 *val %= 1000000; 321 *val %= 1000000;
310 322
311 BT_DBG("val %06u", *val); 323 SMP_DBG("val %06u", *val);
312 324
313 return 0; 325 return 0;
314} 326}
@@ -357,13 +369,13 @@ static int smp_h6(struct crypto_hash *tfm_cmac, const u8 w[16],
357{ 369{
358 int err; 370 int err;
359 371
360 BT_DBG("w %16phN key_id %4phN", w, key_id); 372 SMP_DBG("w %16phN key_id %4phN", w, key_id);
361 373
362 err = aes_cmac(tfm_cmac, w, key_id, 4, res); 374 err = aes_cmac(tfm_cmac, w, key_id, 4, res);
363 if (err) 375 if (err)
364 return err; 376 return err;
365 377
366 BT_DBG("res %16phN", res); 378 SMP_DBG("res %16phN", res);
367 379
368 return err; 380 return err;
369} 381}
@@ -1742,9 +1754,9 @@ static u8 sc_send_public_key(struct smp_chan *smp)
1742 } 1754 }
1743 } 1755 }
1744 1756
1745 BT_DBG("Local Public Key X: %32phN", smp->local_pk); 1757 SMP_DBG("Local Public Key X: %32phN", smp->local_pk);
1746 BT_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]); 1758 SMP_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]);
1747 BT_DBG("Local Private Key: %32phN", smp->local_sk); 1759 SMP_DBG("Local Private Key: %32phN", smp->local_sk);
1748 1760
1749 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk); 1761 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk);
1750 1762
@@ -2390,13 +2402,13 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)
2390 return err; 2402 return err;
2391 } 2403 }
2392 2404
2393 BT_DBG("Remote Public Key X: %32phN", smp->remote_pk); 2405 SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk);
2394 BT_DBG("Remote Public Key Y: %32phN", &smp->remote_pk[32]); 2406 SMP_DBG("Remote Public Key Y: %32phN", &smp->remote_pk[32]);
2395 2407
2396 if (!ecdh_shared_secret(smp->remote_pk, smp->local_sk, smp->dhkey)) 2408 if (!ecdh_shared_secret(smp->remote_pk, smp->local_sk, smp->dhkey))
2397 return SMP_UNSPECIFIED; 2409 return SMP_UNSPECIFIED;
2398 2410
2399 BT_DBG("DHKey %32phN", smp->dhkey); 2411 SMP_DBG("DHKey %32phN", smp->dhkey);
2400 2412
2401 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags); 2413 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags);
2402 2414
generated by cgit v1.2.2 (git 2.25.0) at 2025-08-31 14:03:03 -0400