[PATCH 19/49] Bluetooth: Add support for LE SC numeric comparison

linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Johan Hedberg <johan.hedberg@gmail.com>
To: linux-bluetooth@vger.kernel.org
Subject: [PATCH 19/49] Bluetooth: Add support for LE SC numeric comparison
Date: Wed,  3 Dec 2014 17:02:13 +0200	[thread overview]
Message-ID: <1417618963-18010-20-git-send-email-johan.hedberg@gmail.com> (raw)
In-Reply-To: <1417618963-18010-1-git-send-email-johan.hedberg@gmail.com>

From: Johan Hedberg <johan.hedberg@intel.com>

After the Pairing Confirm and Random PDUs have been exchanged in LE SC
it's time to generate a numeric comparison value using a new smp_g2
cryptographic function (which also builds on AES-CMAC). This patch adds
the smp_g2 implementation and updates the Pairing Random PDU handler to
proceed with the value genration and user confirmation.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
---
 net/bluetooth/smp.c | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 70 insertions(+), 1 deletion(-)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 36f3c75ac858..00bafcae8814 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -175,6 +175,32 @@ static int smp_f4(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
 	return err;
 }
 
+static int smp_g2(struct crypto_hash *tfm_cmac, const u8 u[32], const u8 v[32],
+		  const u8 x[16], const u8 y[16], u32 *val)
+{
+	u8 m[80], tmp[16];
+	int err;
+
+	BT_DBG("u %32phN", u);
+	BT_DBG("v %32phN", v);
+	BT_DBG("x %16phN y %16phN", x, y);
+
+	memcpy(m, y, 16);
+	memcpy(m + 16, v, 32);
+	memcpy(m + 48, u, 32);
+
+	err = aes_cmac(tfm_cmac, x, m, sizeof(m), tmp);
+	if (err)
+		return err;
+
+	*val = get_unaligned_le32(tmp);
+	*val %= 1000000;
+
+	BT_DBG("val %06u", *val);
+
+	return 0;
+}
+
 static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
 {
 	struct blkcipher_desc desc;
@@ -1270,6 +1296,10 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
 {
 	struct l2cap_chan *chan = conn->smp;
 	struct smp_chan *smp = chan->data;
+	struct hci_conn *hcon = conn->hcon;
+	u8 *pkax, *pkbx, *na, *nb;
+	u32 passkey;
+	int err;
 
 	BT_DBG("conn %p", conn);
 
@@ -1279,7 +1309,46 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
 	memcpy(smp->rrnd, skb->data, sizeof(smp->rrnd));
 	skb_pull(skb, sizeof(smp->rrnd));
 
-	return smp_random(smp);
+	if (!test_bit(SMP_FLAG_SC, &smp->flags))
+		return smp_random(smp);
+
+	if (hcon->out) {
+		u8 cfm[16];
+
+		err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->local_pk,
+			     smp->rrnd, 0, cfm);
+		if (err)
+			return SMP_UNSPECIFIED;
+
+		if (memcmp(smp->pcnf, cfm, 16))
+			return SMP_CONFIRM_FAILED;
+
+		pkax = smp->local_pk;
+		pkbx = smp->remote_pk;
+		na   = smp->prnd;
+		nb   = smp->rrnd;
+	} else {
+		smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, sizeof(smp->prnd),
+			     smp->prnd);
+		SMP_ALLOW_CMD(smp, SMP_CMD_DHKEY_CHECK);
+
+		pkax = smp->remote_pk;
+		pkbx = smp->local_pk;
+		na   = smp->rrnd;
+		nb   = smp->prnd;
+	}
+
+	err = smp_g2(smp->tfm_cmac, pkax, pkbx, na, nb, &passkey);
+	if (err)
+		return SMP_UNSPECIFIED;
+
+	err = mgmt_user_confirm_request(hcon->hdev, &hcon->dst,
+					hcon->type, hcon->dst_type,
+					passkey, 0);
+	if (err)
+		return SMP_UNSPECIFIED;
+
+	return 0;
 }
 
 static bool smp_ltk_encrypt(struct l2cap_conn *conn, u8 sec_level)
-- 
2.1.0

next prev parent reply	other threads:[~2014-12-03 15:02 UTC|newest]

Thread overview: 51+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-12-03 15:01 [PATCH 00/49] Bluetooth: LE Secure Connections support Johan Hedberg
2014-12-03 15:01 ` [PATCH 01/49] Bluetooth: Add basic SMP defines for LE Secure Connections Johan Hedberg
2014-12-03 15:01 ` [PATCH 02/49] Bluetooth: Make auth_req mask dependent on SC enabled or not Johan Hedberg
2014-12-03 15:01 ` [PATCH 03/49] Bluetooth: Add SMP flag for SC and set it when necessary Johan Hedberg
2014-12-03 15:01 ` [PATCH 04/49] Bluetooth: Update SMP security level to/from auth_req for SC Johan Hedberg
2014-12-03 15:01 ` [PATCH 05/49] Bluetooth: Add mgmt support for LE Secure Connections LTK types Johan Hedberg
2014-12-03 15:02 ` [PATCH 06/49] Bluetooth: Set the correct security level for SC LTKs Johan Hedberg
2014-12-03 15:02 ` [PATCH 07/49] Bluetooth: Use custom macro for testing BR/EDR SC enabled Johan Hedberg
2014-12-03 15:02 ` [PATCH 08/49] Bluetooth: Add mgmt_set_secure_conn support for any LE adapter Johan Hedberg
2014-12-03 15:02 ` [PATCH 09/49] Bluetooth: Update LTK lookup to correctly deal with SC LTKs Johan Hedberg
2014-12-03 15:02 ` [PATCH 10/49] Bluetooth: Remove unused hci_find_ltk function Johan Hedberg
2014-12-03 15:02 ` [PATCH 11/49] Bluetooth: Rename hci_find_ltk_by_addr to hci_find_ltk Johan Hedberg
2014-12-03 15:02 ` [PATCH 12/49] Bluetooth: Set link key generation bit if necessary for LE SC Johan Hedberg
2014-12-03 15:02 ` [PATCH 13/49] Bluetooth: Add basic support for AES-CMAC Johan Hedberg
2014-12-03 15:02 ` [PATCH 14/49] Bluetooth: Add ECC library for LE Secure Connections Johan Hedberg
2014-12-03 15:02 ` [PATCH 15/49] Bluetooth: Add basic support for sending our LE SC public key Johan Hedberg
2014-12-03 15:02 ` [PATCH 16/49] Bluetooth: Add handler function for receiving " Johan Hedberg
2014-12-03 15:02 ` [PATCH 17/49] Bluetooth: Add support for sending LE SC Confirm value Johan Hedberg
2014-12-03 15:02 ` [PATCH 18/49] Bluetooth: Add LE SC support for responding to Pairing Confirm PDU Johan Hedberg
2014-12-03 15:02 ` Johan Hedberg [this message]
2014-12-03 15:02 ` [PATCH 20/49] Bluetooth: Add support for handling LE SC user response Johan Hedberg
2014-12-03 15:02 ` [PATCH 21/49] Bluetooth: Add support for LE SC DHKey check PDU Johan Hedberg
2014-12-03 15:02 ` [PATCH 22/49] Bluetooth: Add support for LE SC key generation Johan Hedberg
2014-12-03 15:02 ` [PATCH 23/49] Bluetooth: Track authentication method in SMP context Johan Hedberg
2014-12-03 15:02 ` [PATCH 24/49] Bluetooth: Add selection of the SC authentication method Johan Hedberg
2014-12-03 15:02 ` [PATCH 25/49] Bluetooth: Detect SMP SC debug keys Johan Hedberg
2014-12-03 15:02 ` [PATCH 26/49] Bluetooth: Add check for accidentally generating a debug key Johan Hedberg
2014-12-03 15:02 ` [PATCH 27/49] Bluetooth: Set correct LTK type and authentication for SC Johan Hedberg
2014-12-03 15:02 ` [PATCH 28/49] Bluetooth: Add support for SC just-works pairing Johan Hedberg
2014-12-03 15:02 ` [PATCH 29/49] Bluetooth: Fix BR/EDR Link Key type when derived through LE SC Johan Hedberg
2014-12-03 15:02 ` [PATCH 30/49] Bluetooth: Add passkey entry support for " Johan Hedberg
2014-12-03 15:02 ` [PATCH 31/49] Bluetooth: Fix DHKey Check sending order for slave role Johan Hedberg
2014-12-03 15:02 ` [PATCH 32/49] Bluetooth: Add dummy handler for LE SC keypress notification Johan Hedberg
2014-12-03 15:02 ` [PATCH 33/49] Bluetooth: Use debug keys for SMP when HCI_USE_DEBUG_KEYS is set Johan Hedberg
2014-12-03 15:02 ` [PATCH 34/49] Bluetooth: Add hci_conn flag for new link key generation Johan Hedberg
2014-12-03 15:02 ` [PATCH 35/49] Bluetooth: Add debugfs switch for forcing SMP over BR/EDR Johan Hedberg
2014-12-03 15:02 ` [PATCH 36/49] Bluetooth: Add skeleton for BR/EDR SMP channel Johan Hedberg
2014-12-03 15:02 ` [PATCH 37/49] Bluetooth: Add full SMP BR/EDR support Johan Hedberg
2014-12-03 15:02 ` [PATCH 38/49] Bluetooth: Add SC-only mode support for SMP Johan Hedberg
2014-12-03 15:02 ` [PATCH 39/49] Bluetooth: Unify remote OOB data functions Johan Hedberg
2014-12-03 15:02 ` [PATCH 40/49] Bluetooth: Store address type with OOB data Johan Hedberg
2014-12-03 15:02 ` [PATCH 41/49] Bluetooth: Add support for adding remote OOB data for LE Johan Hedberg
2014-12-03 15:02 ` [PATCH 42/49] Bluetooth: Set SMP OOB flag if OOB data is available Johan Hedberg
2014-12-03 15:02 ` [PATCH 43/49] Bluetooth: Add basic LE SC OOB support for remote OOB data Johan Hedberg
2014-12-03 15:02 ` [PATCH 44/49] Bluetooth: Introduce SMP_DBG macro for low-level debuging Johan Hedberg
2014-12-03 15:02 ` [PATCH 45/49] Bluetooth: Fix missing const declarations in SMP functions Johan Hedberg
2014-12-03 15:02 ` [PATCH 46/49] Bluetooth: Organize SMP crypto functions to logical sections Johan Hedberg
2014-12-03 15:02 ` [PATCH 47/49] Bluetooth: Fix SMP debug key handling Johan Hedberg
2014-12-03 15:02 ` [PATCH 48/49] Bluetooth: Fix minor coding style issue in smp.c Johan Hedberg
2014-12-03 15:02 ` [PATCH 49/49] Bluetooth: Fix false-positive "uninitialized" compiler warning Johan Hedberg
2014-12-03 15:56 ` [PATCH 00/49] Bluetooth: LE Secure Connections support Marcel Holtmann

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:36f3c75ac85 dfblob:00bafcae881 )
 OR (
bs:"[PATCH 19/49] Bluetooth: Add support for LE SC numeric comparison" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1417618963-18010-20-git-send-email-johan.hedberg@gmail.com \
    --to=johan.hedberg@gmail.com \
    --cc=linux-bluetooth@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).