| smp.c (a297641610963bbb238ea77b32a2e958c4f7b184) | smp.c (c0153b0b901a16663ff91504fea25fb51d57cc29) |
|---|---|
| 1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 --- 70 unchanged lines hidden (view full) --- 79 SMP_FLAG_REMOTE_OOB, 80 SMP_FLAG_LOCAL_OOB, 81 SMP_FLAG_CT2, 82}; 83 84struct smp_dev { 85 /* Secure Connections OOB data */ 86 u8 local_pk[64]; | 1/* 2 BlueZ - Bluetooth protocol stack for Linux 3 Copyright (C) 2011 Nokia Corporation and/or its subsidiary(-ies). 4 5 This program is free software; you can redistribute it and/or modify 6 it under the terms of the GNU General Public License version 2 as 7 published by the Free Software Foundation; 8 --- 70 unchanged lines hidden (view full) --- 79 SMP_FLAG_REMOTE_OOB, 80 SMP_FLAG_LOCAL_OOB, 81 SMP_FLAG_CT2, 82}; 83 84struct smp_dev { 85 /* Secure Connections OOB data */ 86 u8 local_pk[64]; |
| 87 u8 local_sk[32]; | |
| 88 u8 local_rand[16]; 89 bool debug_key; 90 91 u8 min_key_size; 92 u8 max_key_size; 93 94 struct crypto_cipher *tfm_aes; 95 struct crypto_shash *tfm_cmac; --- 25 unchanged lines hidden (view full) --- 121 struct smp_irk *remote_irk; 122 u8 *link_key; 123 unsigned long flags; 124 u8 method; 125 u8 passkey_round; 126 127 /* Secure Connections variables */ 128 u8 local_pk[64]; | 87 u8 local_rand[16]; 88 bool debug_key; 89 90 u8 min_key_size; 91 u8 max_key_size; 92 93 struct crypto_cipher *tfm_aes; 94 struct crypto_shash *tfm_cmac; --- 25 unchanged lines hidden (view full) --- 120 struct smp_irk *remote_irk; 121 u8 *link_key; 122 unsigned long flags; 123 u8 method; 124 u8 passkey_round; 125 126 /* Secure Connections variables */ 127 u8 local_pk[64]; |
| 129 u8 local_sk[32]; | |
| 130 u8 remote_pk[64]; 131 u8 dhkey[32]; 132 u8 mackey[16]; 133 134 struct crypto_cipher *tfm_aes; 135 struct crypto_shash *tfm_cmac; 136 struct crypto_kpp *tfm_ecdh; 137}; --- 425 unchanged lines hidden (view full) --- 563 564 if (!chan || !chan->data) 565 return -EOPNOTSUPP; 566 567 smp = chan->data; 568 569 if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) { 570 BT_DBG("Using debug keys"); | 128 u8 remote_pk[64]; 129 u8 dhkey[32]; 130 u8 mackey[16]; 131 132 struct crypto_cipher *tfm_aes; 133 struct crypto_shash *tfm_cmac; 134 struct crypto_kpp *tfm_ecdh; 135}; --- 425 unchanged lines hidden (view full) --- 561 562 if (!chan || !chan->data) 563 return -EOPNOTSUPP; 564 565 smp = chan->data; 566 567 if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) { 568 BT_DBG("Using debug keys"); |
| 569 err = set_ecdh_privkey(smp->tfm_ecdh, debug_sk); 570 if (err) 571 return err; |
|
| 571 memcpy(smp->local_pk, debug_pk, 64); | 572 memcpy(smp->local_pk, debug_pk, 64); |
| 572 memcpy(smp->local_sk, debug_sk, 32); | |
| 573 smp->debug_key = true; 574 } else { 575 while (true) { | 573 smp->debug_key = true; 574 } else { 575 while (true) { |
| 576 /* Seed private key with random number */ 577 get_random_bytes(smp->local_sk, 32); 578 579 /* Generate local key pair for Secure Connections */ 580 err = generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk, 581 smp->local_sk); | 576 /* Generate key pair for Secure Connections */ 577 err = generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk); |
| 582 if (err) 583 return err; 584 585 /* This is unlikely, but we need to check that 586 * we didn't accidentially generate a debug key. 587 */ | 578 if (err) 579 return err; 580 581 /* This is unlikely, but we need to check that 582 * we didn't accidentially generate a debug key. 583 */ |
| 588 if (crypto_memneq(smp->local_sk, debug_sk, 32)) | 584 if (crypto_memneq(smp->local_pk, debug_pk, 64)) |
| 589 break; 590 } 591 smp->debug_key = false; 592 } 593 594 SMP_DBG("OOB Public Key X: %32phN", smp->local_pk); 595 SMP_DBG("OOB Public Key Y: %32phN", smp->local_pk + 32); | 585 break; 586 } 587 smp->debug_key = false; 588 } 589 590 SMP_DBG("OOB Public Key X: %32phN", smp->local_pk); 591 SMP_DBG("OOB Public Key Y: %32phN", smp->local_pk + 32); |
| 596 SMP_DBG("OOB Private Key: %32phN", smp->local_sk); | |
| 597 598 get_random_bytes(smp->local_rand, 16); 599 600 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk, 601 smp->local_rand, 0, hash); 602 if (err < 0) 603 return err; 604 --- 1290 unchanged lines hidden (view full) --- 1895 struct smp_dev *smp_dev; 1896 1897 if (!chan || !chan->data) 1898 return SMP_UNSPECIFIED; 1899 1900 smp_dev = chan->data; 1901 1902 memcpy(smp->local_pk, smp_dev->local_pk, 64); | 592 593 get_random_bytes(smp->local_rand, 16); 594 595 err = smp_f4(smp->tfm_cmac, smp->local_pk, smp->local_pk, 596 smp->local_rand, 0, hash); 597 if (err < 0) 598 return err; 599 --- 1290 unchanged lines hidden (view full) --- 1890 struct smp_dev *smp_dev; 1891 1892 if (!chan || !chan->data) 1893 return SMP_UNSPECIFIED; 1894 1895 smp_dev = chan->data; 1896 1897 memcpy(smp->local_pk, smp_dev->local_pk, 64); |
| 1903 memcpy(smp->local_sk, smp_dev->local_sk, 32); | |
| 1904 memcpy(smp->lr, smp_dev->local_rand, 16); 1905 1906 if (smp_dev->debug_key) 1907 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags); 1908 1909 goto done; 1910 } 1911 1912 if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) { 1913 BT_DBG("Using debug keys"); | 1898 memcpy(smp->lr, smp_dev->local_rand, 16); 1899 1900 if (smp_dev->debug_key) 1901 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags); 1902 1903 goto done; 1904 } 1905 1906 if (hci_dev_test_flag(hdev, HCI_USE_DEBUG_KEYS)) { 1907 BT_DBG("Using debug keys"); |
| 1908 if (set_ecdh_privkey(smp->tfm_ecdh, debug_sk)) 1909 return SMP_UNSPECIFIED; |
|
| 1914 memcpy(smp->local_pk, debug_pk, 64); | 1910 memcpy(smp->local_pk, debug_pk, 64); |
| 1915 memcpy(smp->local_sk, debug_sk, 32); | |
| 1916 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags); 1917 } else { 1918 while (true) { | 1911 set_bit(SMP_FLAG_DEBUG_KEY, &smp->flags); 1912 } else { 1913 while (true) { |
| 1919 /* Seed private key with random number */ 1920 get_random_bytes(smp->local_sk, 32); 1921 1922 /* Generate local key pair for Secure Connections */ 1923 if (generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk, 1924 smp->local_sk)) | 1914 /* Generate key pair for Secure Connections */ 1915 if (generate_ecdh_keys(smp->tfm_ecdh, smp->local_pk)) |
| 1925 return SMP_UNSPECIFIED; 1926 1927 /* This is unlikely, but we need to check that 1928 * we didn't accidentially generate a debug key. 1929 */ | 1916 return SMP_UNSPECIFIED; 1917 1918 /* This is unlikely, but we need to check that 1919 * we didn't accidentially generate a debug key. 1920 */ |
| 1930 if (crypto_memneq(smp->local_sk, debug_sk, 32)) | 1921 if (crypto_memneq(smp->local_pk, debug_pk, 64)) |
| 1931 break; 1932 } 1933 } 1934 1935done: 1936 SMP_DBG("Local Public Key X: %32phN", smp->local_pk); 1937 SMP_DBG("Local Public Key Y: %32phN", smp->local_pk + 32); | 1922 break; 1923 } 1924 } 1925 1926done: 1927 SMP_DBG("Local Public Key X: %32phN", smp->local_pk); 1928 SMP_DBG("Local Public Key Y: %32phN", smp->local_pk + 32); |
| 1938 SMP_DBG("Local Private Key: %32phN", smp->local_sk); | |
| 1939 1940 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk); 1941 1942 return 0; 1943} 1944 1945static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb) 1946{ --- 711 unchanged lines hidden (view full) --- 2658 2659static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb) 2660{ 2661 struct smp_cmd_public_key *key = (void *) skb->data; 2662 struct hci_conn *hcon = conn->hcon; 2663 struct l2cap_chan *chan = conn->smp; 2664 struct smp_chan *smp = chan->data; 2665 struct hci_dev *hdev = hcon->hdev; | 1929 1930 smp_send_cmd(smp->conn, SMP_CMD_PUBLIC_KEY, 64, smp->local_pk); 1931 1932 return 0; 1933} 1934 1935static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb) 1936{ --- 711 unchanged lines hidden (view full) --- 2648 2649static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb) 2650{ 2651 struct smp_cmd_public_key *key = (void *) skb->data; 2652 struct hci_conn *hcon = conn->hcon; 2653 struct l2cap_chan *chan = conn->smp; 2654 struct smp_chan *smp = chan->data; 2655 struct hci_dev *hdev = hcon->hdev; |
| 2656 struct crypto_kpp *tfm_ecdh; |
|
| 2666 struct smp_cmd_pairing_confirm cfm; 2667 int err; 2668 2669 BT_DBG("conn %p", conn); 2670 2671 if (skb->len < sizeof(*key)) 2672 return SMP_INVALID_PARAMS; 2673 --- 16 unchanged lines hidden (view full) --- 2690 err = sc_send_public_key(smp); 2691 if (err) 2692 return err; 2693 } 2694 2695 SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk); 2696 SMP_DBG("Remote Public Key Y: %32phN", smp->remote_pk + 32); 2697 | 2657 struct smp_cmd_pairing_confirm cfm; 2658 int err; 2659 2660 BT_DBG("conn %p", conn); 2661 2662 if (skb->len < sizeof(*key)) 2663 return SMP_INVALID_PARAMS; 2664 --- 16 unchanged lines hidden (view full) --- 2681 err = sc_send_public_key(smp); 2682 if (err) 2683 return err; 2684 } 2685 2686 SMP_DBG("Remote Public Key X: %32phN", smp->remote_pk); 2687 SMP_DBG("Remote Public Key Y: %32phN", smp->remote_pk + 32); 2688 |
| 2698 if (!compute_ecdh_secret(smp->tfm_ecdh, smp->remote_pk, smp->local_sk, 2699 smp->dhkey)) | 2689 /* Compute the shared secret on the same crypto tfm on which the private 2690 * key was set/generated. 2691 */ 2692 if (test_bit(SMP_FLAG_LOCAL_OOB, &smp->flags)) { 2693 struct smp_dev *smp_dev = chan->data; 2694 2695 tfm_ecdh = smp_dev->tfm_ecdh; 2696 } else { 2697 tfm_ecdh = smp->tfm_ecdh; 2698 } 2699 2700 if (compute_ecdh_secret(tfm_ecdh, smp->remote_pk, smp->dhkey)) |
| 2700 return SMP_UNSPECIFIED; 2701 2702 SMP_DBG("DHKey %32phN", smp->dhkey); 2703 2704 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags); 2705 2706 smp->method = sc_select_method(smp); 2707 --- 809 unchanged lines hidden (view full) --- 3517 chan = hdev->smp_data; 3518 hdev->smp_data = NULL; 3519 smp_del_chan(chan); 3520 } 3521} 3522 3523#if IS_ENABLED(CONFIG_BT_SELFTEST_SMP) 3524 | 2701 return SMP_UNSPECIFIED; 2702 2703 SMP_DBG("DHKey %32phN", smp->dhkey); 2704 2705 set_bit(SMP_FLAG_REMOTE_PK, &smp->flags); 2706 2707 smp->method = sc_select_method(smp); 2708 --- 809 unchanged lines hidden (view full) --- 3518 chan = hdev->smp_data; 3519 hdev->smp_data = NULL; 3520 smp_del_chan(chan); 3521 } 3522} 3523 3524#if IS_ENABLED(CONFIG_BT_SELFTEST_SMP) 3525 |
| 3525static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits) 3526{ 3527 int i; 3528 3529 for (i = 0; i < ndigits; i++) 3530 out[i] = __swab64(in[ndigits - 1 - i]); 3531} 3532 | |
| 3533static int __init test_debug_key(struct crypto_kpp *tfm_ecdh) 3534{ | 3526static int __init test_debug_key(struct crypto_kpp *tfm_ecdh) 3527{ |
| 3535 u8 pk[64], sk[32]; | 3528 u8 pk[64]; |
| 3536 int err; 3537 | 3529 int err; 3530 |
| 3538 swap_digits((u64 *)debug_sk, (u64 *)sk, 4); | 3531 err = set_ecdh_privkey(tfm_ecdh, debug_sk); 3532 if (err) 3533 return err; |
| 3539 | 3534 |
| 3540 err = generate_ecdh_keys(tfm_ecdh, pk, sk); | 3535 err = generate_ecdh_public_key(tfm_ecdh, pk); |
| 3541 if (err) 3542 return err; 3543 | 3536 if (err) 3537 return err; 3538 |
| 3544 if (crypto_memneq(sk, debug_sk, 32)) 3545 return -EINVAL; 3546 | |
| 3547 if (crypto_memneq(pk, debug_pk, 64)) 3548 return -EINVAL; 3549 3550 return 0; 3551} 3552 3553static int __init test_ah(struct crypto_cipher *tfm_aes) 3554{ --- 365 unchanged lines hidden --- | 3539 if (crypto_memneq(pk, debug_pk, 64)) 3540 return -EINVAL; 3541 3542 return 0; 3543} 3544 3545static int __init test_ah(struct crypto_cipher *tfm_aes) 3546{ --- 365 unchanged lines hidden --- |