From: "Gustavo F. Padovan" <padovan@profusion.mobi>
To: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Cc: linux-bluetooth@vger.kernel.org,
Anderson Briglia <anderson.briglia@openbossa.org>,
Anderson Lizardo <anderson.lizardo@openbossa.org>,
Bruna Moreira <bruna.moreira@openbossa.org>
Subject: Re: [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions
Date: Wed, 6 Apr 2011 20:26:32 -0300 [thread overview]
Message-ID: <20110406232632.GC2228@joana> (raw)
In-Reply-To: <1302054716-24534-6-git-send-email-vinicius.gomes@openbossa.org>
Hi Vinicius,
* Vinicius Costa Gomes <vinicius.gomes@openbossa.org> [2011-04-05 22:51:46 -0300]:
> From: Anderson Briglia <anderson.briglia@openbossa.org>
>
> This patch implements SMP crypto functions called ah, c1, s1 and e.
> It also implements auxiliary functions. All These functions are needed
> for SMP keys generation.
>
> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
> Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org>
> Signed-off-by: Bruna Moreira <bruna.moreira@openbossa.org>
> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
> ---
> net/bluetooth/smp.c | 122 +++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 files changed, 122 insertions(+), 0 deletions(-)
>
> diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
> index 42aed82..58047e8 100644
> --- a/net/bluetooth/smp.c
> +++ b/net/bluetooth/smp.c
> @@ -24,6 +24,128 @@
> #include <net/bluetooth/hci_core.h>
> #include <net/bluetooth/l2cap.h>
> #include <net/bluetooth/smp.h>
> +#include <linux/crypto.h>
> +#include <crypto/b128ops.h>
> +
> +static inline void swap128(u8 src[16], u8 dst[16])
> +{
> + int i;
> + for (i = 0; i < 16; i++)
> + dst[15 - i] = src[i];
> +}
> +
> +static inline void swap56(u8 src[7], u8 dst[7])
> +{
> + int i;
> + for (i = 0; i < 7; i++)
> + dst[6 - i] = src[i];
> +}
> +
> +static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
> +{
> + struct blkcipher_desc desc;
> + struct scatterlist sg;
> + int err, iv_len;
> + unsigned char iv[128];
> +
> + if (tfm == NULL) {
> + BT_ERR("tfm %p", tfm);
> + return -EINVAL;
> + }
> +
> + desc.tfm = tfm;
> + desc.flags = 0;
> +
> + err = crypto_blkcipher_setkey(tfm, k, 16);
> + if (err) {
> + BT_ERR("cipher setkey failed: %d", err);
> + return err;
> + }
> +
> + sg_init_one(&sg, r, 16);
> +
> + iv_len = crypto_blkcipher_ivsize(tfm);
> + if (iv_len) {
> + memset(&iv, 0xff, iv_len);
> + crypto_blkcipher_set_iv(tfm, iv, iv_len);
> + }
> +
> + err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
> + if (err)
> + BT_ERR("Encrypt data error %d", err);
> +
> + return err;
> +}
> +
> +static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
> + u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
> + u8 _rat, bdaddr_t *ra, u8 res[16])
> +{
> + u8 p1[16], p2[16], pair[7];
> + bdaddr_t addr;
> + int err;
> +
> + /* p1 = pres || preq || _rat || _iat */
> + memset(p1, 0, 16);
> + swap56(pres, pair);
> +
> + memcpy(p1, pair, 7);
> + swap56(preq, pair);
> +
> + memcpy(p1 + 7, pair, 7);
swap56(pres, p1)
swap56(preq, pi + 7)
> + *(p1 + 14) = _rat;
> + *(p1 + 15) = _iat;
Isn't p1[14] = _rat better?
btw, if fill all 16 bytes here, there is no need for a memset(p1)
> +
> + /* p2 = padding || ia || ra */
> + memset(p2, 0, 16);
> + baswap(&addr, ia);
> + memcpy(p2 + 4, &addr, 6);
> + baswap(&addr, ra);
> + memcpy(p2 + 10, &addr, 6);
baswap(p2 + 4, ia) should have the same effect.
> + /* res = r XOR p1 */
> + u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
> +
> + /* res = e(k, res) */
> + err = smp_e(tfm, k, res);
> + if (err) {
> + BT_ERR("Encrypt data error");
> + return err;
> + }
> +
> + /* res = res XOR p2 */
> + u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
> +
> + /* res = e(k, res) */
> + err = smp_e(tfm, k, res);
> + if (err)
> + BT_ERR("Encrypt data error");
> +
> + return err;
> +}
> +
> +static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
> + u8 r1[16], u8 r2[16], u8 _r[16])
> +{
> + int err;
> +
> + /* Just least significant octets from r1 and r2 are considered */
> + memcpy(_r, r1 + 8, 8);
> + memcpy(_r + 8, r2 + 8, 8);
> +
> + err = smp_e(tfm, k, _r);
> + if (err)
> + BT_ERR("Encrypt data error");
> +
> + return err;
> +}
> +
> +static int smp_rand(u8 *buf)
This can be void.
> +{
> + get_random_bytes(buf, 16);
> +
> + return 0;
> +}
>
--
Gustavo F. Padovan
http://profusion.mobi
next prev parent reply other threads:[~2011-04-06 23:26 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-06 1:51 [bluetooth-next 00/15] SM Just Works Implementation Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 01/15] Bluetooth: Implement the first SMP commands Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 02/15] Bluetooth: Start SMP procedure Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 03/15] Bluetooth: simple SMP pairing negotiation Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 04/15] Bluetooth: Add support for using the crypto subsystem Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions Vinicius Costa Gomes
2011-04-06 23:26 ` Gustavo F. Padovan [this message]
2011-04-06 1:51 ` [bluetooth-next 06/15] Bluetooth: Add SMP confirmation structs Vinicius Costa Gomes
2011-04-06 23:36 ` Gustavo F. Padovan
2011-04-08 21:55 ` Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 07/15] Bluetooth: Add SMP confirmation checks methods Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 08/15] Bluetooth: Minor fix in SMP methods Vinicius Costa Gomes
2011-04-06 19:09 ` Gustavo F. Padovan
2011-04-06 1:51 ` [bluetooth-next 09/15] Bluetooth: Add support for LE Start Encryption Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 10/15] Bluetooth: Add support for resuming socket when SMP is finished Vinicius Costa Gomes
2011-04-07 0:11 ` Gustavo F. Padovan
2011-04-07 14:48 ` Vinicius Costa Gomes
2011-04-08 16:34 ` Marcel Holtmann
2011-04-06 1:51 ` [bluetooth-next 11/15] Bluetooth: Fix initial security level of LE links Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 12/15] Bluetooth: Update the security level when link is encrypted Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 13/15] Bluetooth: Add support for Pairing features exchange Vinicius Costa Gomes
2011-04-06 19:18 ` Gustavo F. Padovan
2011-04-06 1:51 ` [bluetooth-next 14/15] Bluetooth: Add support for SMP timeout Vinicius Costa Gomes
2011-04-07 0:14 ` Gustavo F. Padovan
2011-04-07 0:32 ` Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 15/15] Bluetooth: Add key size checks for SMP Vinicius Costa Gomes
-- strict thread matches above, loose matches on Subject: below --
2011-02-21 17:23 [bluetooth-next 00/15] SMP Just Works Implementation Vinicius Costa Gomes
2011-02-21 17:23 ` [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions Vinicius Costa Gomes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110406232632.GC2228@joana \
--to=padovan@profusion.mobi \
--cc=anderson.briglia@openbossa.org \
--cc=anderson.lizardo@openbossa.org \
--cc=bruna.moreira@openbossa.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=vinicius.gomes@openbossa.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.