From: "Gustavo F. Padovan" <padovan@profusion.mobi>
To: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Cc: linux-bluetooth@vger.kernel.org,
Anderson Briglia <anderson.briglia@openbossa.org>,
Anderson Lizardo <anderson.lizardo@openbossa.org>,
Bruna Moreira <bruna.moreira@openbossa.org>
Subject: Re: [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions
Date: Wed, 6 Apr 2011 20:26:32 -0300 [thread overview]
Message-ID: <20110406232632.GC2228@joana> (raw)
In-Reply-To: <1302054716-24534-6-git-send-email-vinicius.gomes@openbossa.org>
Hi Vinicius,
* Vinicius Costa Gomes <vinicius.gomes@openbossa.org> [2011-04-05 22:51:46 -0300]:
> From: Anderson Briglia <anderson.briglia@openbossa.org>
>
> This patch implements SMP crypto functions called ah, c1, s1 and e.
> It also implements auxiliary functions. All These functions are needed
> for SMP keys generation.
>
> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
> Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org>
> Signed-off-by: Bruna Moreira <bruna.moreira@openbossa.org>
> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
> ---
> net/bluetooth/smp.c | 122 +++++++++++++++++++++++++++++++++++++++++++++++++++
> 1 files changed, 122 insertions(+), 0 deletions(-)
>
> diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
> index 42aed82..58047e8 100644
> --- a/net/bluetooth/smp.c
> +++ b/net/bluetooth/smp.c
> @@ -24,6 +24,128 @@
> #include <net/bluetooth/hci_core.h>
> #include <net/bluetooth/l2cap.h>
> #include <net/bluetooth/smp.h>
> +#include <linux/crypto.h>
> +#include <crypto/b128ops.h>
> +
> +static inline void swap128(u8 src[16], u8 dst[16])
> +{
> + int i;
> + for (i = 0; i < 16; i++)
> + dst[15 - i] = src[i];
> +}
> +
> +static inline void swap56(u8 src[7], u8 dst[7])
> +{
> + int i;
> + for (i = 0; i < 7; i++)
> + dst[6 - i] = src[i];
> +}
> +
> +static int smp_e(struct crypto_blkcipher *tfm, const u8 *k, u8 *r)
> +{
> + struct blkcipher_desc desc;
> + struct scatterlist sg;
> + int err, iv_len;
> + unsigned char iv[128];
> +
> + if (tfm == NULL) {
> + BT_ERR("tfm %p", tfm);
> + return -EINVAL;
> + }
> +
> + desc.tfm = tfm;
> + desc.flags = 0;
> +
> + err = crypto_blkcipher_setkey(tfm, k, 16);
> + if (err) {
> + BT_ERR("cipher setkey failed: %d", err);
> + return err;
> + }
> +
> + sg_init_one(&sg, r, 16);
> +
> + iv_len = crypto_blkcipher_ivsize(tfm);
> + if (iv_len) {
> + memset(&iv, 0xff, iv_len);
> + crypto_blkcipher_set_iv(tfm, iv, iv_len);
> + }
> +
> + err = crypto_blkcipher_encrypt(&desc, &sg, &sg, 16);
> + if (err)
> + BT_ERR("Encrypt data error %d", err);
> +
> + return err;
> +}
> +
> +static int smp_c1(struct crypto_blkcipher *tfm, u8 k[16], u8 r[16],
> + u8 preq[7], u8 pres[7], u8 _iat, bdaddr_t *ia,
> + u8 _rat, bdaddr_t *ra, u8 res[16])
> +{
> + u8 p1[16], p2[16], pair[7];
> + bdaddr_t addr;
> + int err;
> +
> + /* p1 = pres || preq || _rat || _iat */
> + memset(p1, 0, 16);
> + swap56(pres, pair);
> +
> + memcpy(p1, pair, 7);
> + swap56(preq, pair);
> +
> + memcpy(p1 + 7, pair, 7);
swap56(pres, p1)
swap56(preq, pi + 7)
> + *(p1 + 14) = _rat;
> + *(p1 + 15) = _iat;
Isn't p1[14] = _rat better?
btw, if fill all 16 bytes here, there is no need for a memset(p1)
> +
> + /* p2 = padding || ia || ra */
> + memset(p2, 0, 16);
> + baswap(&addr, ia);
> + memcpy(p2 + 4, &addr, 6);
> + baswap(&addr, ra);
> + memcpy(p2 + 10, &addr, 6);
baswap(p2 + 4, ia) should have the same effect.
> + /* res = r XOR p1 */
> + u128_xor((u128 *) res, (u128 *) r, (u128 *) p1);
> +
> + /* res = e(k, res) */
> + err = smp_e(tfm, k, res);
> + if (err) {
> + BT_ERR("Encrypt data error");
> + return err;
> + }
> +
> + /* res = res XOR p2 */
> + u128_xor((u128 *) res, (u128 *) res, (u128 *) p2);
> +
> + /* res = e(k, res) */
> + err = smp_e(tfm, k, res);
> + if (err)
> + BT_ERR("Encrypt data error");
> +
> + return err;
> +}
> +
> +static int smp_s1(struct crypto_blkcipher *tfm, u8 k[16],
> + u8 r1[16], u8 r2[16], u8 _r[16])
> +{
> + int err;
> +
> + /* Just least significant octets from r1 and r2 are considered */
> + memcpy(_r, r1 + 8, 8);
> + memcpy(_r + 8, r2 + 8, 8);
> +
> + err = smp_e(tfm, k, _r);
> + if (err)
> + BT_ERR("Encrypt data error");
> +
> + return err;
> +}
> +
> +static int smp_rand(u8 *buf)
This can be void.
> +{
> + get_random_bytes(buf, 16);
> +
> + return 0;
> +}
>
--
Gustavo F. Padovan
http://profusion.mobi
next prev parent reply other threads:[~2011-04-06 23:26 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-04-06 1:51 [bluetooth-next 00/15] SM Just Works Implementation Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 01/15] Bluetooth: Implement the first SMP commands Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 02/15] Bluetooth: Start SMP procedure Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 03/15] Bluetooth: simple SMP pairing negotiation Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 04/15] Bluetooth: Add support for using the crypto subsystem Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions Vinicius Costa Gomes
2011-04-06 23:26 ` Gustavo F. Padovan [this message]
2011-04-06 1:51 ` [bluetooth-next 06/15] Bluetooth: Add SMP confirmation structs Vinicius Costa Gomes
2011-04-06 23:36 ` Gustavo F. Padovan
2011-04-08 21:55 ` Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 07/15] Bluetooth: Add SMP confirmation checks methods Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 08/15] Bluetooth: Minor fix in SMP methods Vinicius Costa Gomes
2011-04-06 19:09 ` Gustavo F. Padovan
2011-04-06 1:51 ` [bluetooth-next 09/15] Bluetooth: Add support for LE Start Encryption Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 10/15] Bluetooth: Add support for resuming socket when SMP is finished Vinicius Costa Gomes
2011-04-07 0:11 ` Gustavo F. Padovan
2011-04-07 14:48 ` Vinicius Costa Gomes
2011-04-08 16:34 ` Marcel Holtmann
2011-04-06 1:51 ` [bluetooth-next 11/15] Bluetooth: Fix initial security level of LE links Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 12/15] Bluetooth: Update the security level when link is encrypted Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 13/15] Bluetooth: Add support for Pairing features exchange Vinicius Costa Gomes
2011-04-06 19:18 ` Gustavo F. Padovan
2011-04-06 1:51 ` [bluetooth-next 14/15] Bluetooth: Add support for SMP timeout Vinicius Costa Gomes
2011-04-07 0:14 ` Gustavo F. Padovan
2011-04-07 0:32 ` Vinicius Costa Gomes
2011-04-06 1:51 ` [bluetooth-next 15/15] Bluetooth: Add key size checks for SMP Vinicius Costa Gomes
-- strict thread matches above, loose matches on Subject: below --
2011-02-21 17:23 [bluetooth-next 00/15] SMP Just Works Implementation Vinicius Costa Gomes
2011-02-21 17:23 ` [bluetooth-next 05/15] Bluetooth: LE SMP Cryptoolbox functions Vinicius Costa Gomes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110406232632.GC2228@joana \
--to=padovan@profusion.mobi \
--cc=anderson.briglia@openbossa.org \
--cc=anderson.lizardo@openbossa.org \
--cc=bruna.moreira@openbossa.org \
--cc=linux-bluetooth@vger.kernel.org \
--cc=vinicius.gomes@openbossa.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).