summaryrefslogtreecommitdiffstats
path: root/net/bluetooth/smp.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Bluetooth: Set security level on incoming pairing requestIdo Yariv2012-03-081-0/+2
| | | | | | | | | | | | | | | If a master would like to raise the security level, it will send a pairing request. While the pending security level is set on an incoming security request (from a slave), it is not set on a pairing request. As a result, the security level would not be raised on the slave in such case. Fix this by setting the pending security when receiving pairing requests according to the requested authorization. Signed-off-by: Ido Yariv <ido@wizery.com> Acked-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix access to the STK generation methods matrixIdo Yariv2012-03-081-1/+1
| | | | | | | | | | | The major index of the table is actually the remote I/O capabilities, not the local ones. As a result, devices with different I/O capabilities could have used wrong or even unsupported generation methods. Signed-off-by: Ido Yariv <ido@wizery.com> CC: Brian Gix <bgix@codeaurora.org> Acked-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: fix conding style issues all over the treeGustavo F. Padovan2012-03-081-17/+13
| | | | Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Update MGMT and SMP timeout constants to use msecs_to_jiffiesMarcel Holtmann2012-03-011-3/+2
| | | | | | | | | The MGMT and SMP timeout constants are always used in form of jiffies. So just include the conversion from msecs in the define itself. This has the advantage of making the code where the timeout is used more readable. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
* Bluetooth: Add address type to mgmt_ev_auth_failedJohan Hedberg2012-02-131-1/+4
| | | | | | | | This patch updates the Authentication Failed mgmt event to match the latest API specification by adding an address type to it. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org>
* Bluetooth: Add address type to user_confirm and user_passkey messagesJohan Hedberg2012-02-131-1/+3
| | | | | | | | | This patch upadate the user confirm and user passkey mgmt messages to match the latest API specification by adding an address type parameter to them. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org>
* Bluetooth: Use the updated key structures for handling LTKsVinicius Costa Gomes2012-02-131-15/+23
| | | | | | | | | | | | This updates all the users of the older way, that was using the link_keys list to store the SMP keys, to use the new way. This includes defining new types for the keys, we have a type for each combination of STK/LTK and Master/Slave. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
* Bluetooth: Fix invalid memory access when there's no SMP channelVinicius Costa Gomes2012-02-131-3/+6
| | | | | | | | | We only should try to free the SMP channel that was created if there is a pending SMP session. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
* Bluetooth: Rename smp_key_size to enc_key_sizeVinicius Costa Gomes2012-02-131-9/+9
| | | | | | | | | This makes clear that this is the size of the key used to encrypt the link. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
* Bluetooth: Rename conn->pend to conn->flagsJohan Hedberg2012-02-131-10/+9
| | | | | | | | | These flags can and will be used for more general purpose values than just pending state transitions so the more common name "flags" makes more sense than "pend". Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org>
* Bluetooth: Move mgmt related flags from hdev->flags to hdev->dev_flagsJohan Hedberg2012-02-131-1/+1
| | | | | | | | There's no point in exposing these to user-space (which is what happens to everything in hdev->flags) so move them to dev_flags instead. Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org>
* Bluetooth: Incorrect address while storing LTK.Hemant Gupta2011-12-231-1/+1
| | | | | | | | | | This patch fixes incorrect address storage while storing Long Term Key for LE Devices using SMP (Security Manager Protocol). The address stored should be of remote device and not of source device. Signed-off-by: Hemant Gupta <hemant.gupta@stericsson.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add MITM mechanism to LE-SMPBrian Gix2011-12-221-22/+204
| | | | | | | | | | | To achive Man-In-The-Middle (MITM) level security with Low Energy, we have to enable User Passkey Comparison. This commit modifies the hard-coded JUST-WORKS pairing mechanism to support query via the MGMT interface of Passkey comparison and User Confirmation. Signed-off-by: Brian Gix <bgix@codeaurora.org> Acked-by: Marcel Holtmann<marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: convert security timer to delayed_workGustavo F. Padovan2011-12-201-3/+4
| | | | | | | This one also needs to run in process context Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Centralize SMP pairing failure handlingBrian Gix2011-12-011-6/+16
| | | | | Signed-off-by: Brian Gix <bgix@codeaurora.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Cleanup blkcipher on SMP terminationBrian Gix2011-12-011-1/+9
| | | | | | | The blkcipher must be freed to avoid memory leak. Signed-off-by: Brian Gix <bgix@codeaurora.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: prioritizing data over HCILuiz Augusto von Dentz2011-11-071-1/+2
| | | | | | | | | | | | | This implement priority based scheduler using skbuffer priority set via SO_PRIORITY socket option. It introduces hci_chan_hash (list of HCI Channel/hci_chan) per connection, each item in this list refer to a L2CAP connection and it is used to queue the data for transmission. Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com> Acked-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Remove support for other SMP keys than the LTKVinicius Costa Gomes2011-09-211-1/+1
| | | | | | | | | For now, only the LTK is properly supported. We are able to receive and generate the other types of keys, but we are not able to use them. So it's better not request them to be distributed. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix not setting a pending security levelVinicius Costa Gomes2011-09-211-0/+2
| | | | | | | | For slave initiated security, we should set a default security level, for now BT_SECURITY_MEDIUM. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Use the LTK after receiving a LE Security RequestVinicius Costa Gomes2011-09-211-18/+28
| | | | | | | | | When receiving a security request from the remote device we should find if there is already a LTK associated with the remote device, if found we should use it to encrypt the link. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix sending wrong authentication requirementsVinicius Costa Gomes2011-09-211-17/+2
| | | | | | | | Until we support any pairing method (Passkey Entry, OOB) that gives MITM protection we shouldn't send that we have MITM protection. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move SMP crypto functions to a workqueueVinicius Costa Gomes2011-09-211-101/+176
| | | | | | | | | The function crypto_blkcipher_setkey() called by smp_e() can sleep, so all the crypto work has to be moved to hci_dev workqueue. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Move SMP fields to a separate structureVinicius Costa Gomes2011-09-211-54/+54
| | | | | | | | | The objective is to make the core to have as little as possible information about SMP procedures and logic. Now, all the SMP specific information is hidden from the core. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add a flag to indicate that SMP is going onVinicius Costa Gomes2011-09-211-10/+34
| | | | | | | | | | | | | | | Add HCI_CONN_LE_SMP_PEND flag to indicate that SMP is pending for that connection. This allows to have information that an SMP procedure is going on for that connection. We use the HCI_CONN_ENCRYPT_PEND to indicate that encryption (HCI_LE_Start_Encryption) is pending for that connection. While a SMP procedure is going on we hold an reference to the connection, to avoid disconnections. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Reset the security timer when a command is queuedVinicius Costa Gomes2011-09-211-12/+3
| | | | | | | | | | | Each time a SMP command is enqueued, we reset the SMP timer, this way we follow exactly what the spec mandates: "The Security Manager Timer shall be reset when an L2CAP SMP command is queued for transmission." Vol. 3, Part H, Section 3.4 Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for storing the key sizeVinicius Costa Gomes2011-07-081-5/+9
| | | | | | | | | | | | | | | | | In some cases it will be useful having the key size used for encrypting the link. For example, some profiles may restrict some operations depending on the key length. The key size is stored in the key that is passed to userspace using the pin_length field in the key structure. For now this field is only valid for LE controllers. 3.0+HS controllers define the Read Encryption Key Size command, this field is intended for storing the value returned by that command. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Remove unused field in hci_connVinicius Costa Gomes2011-07-081-2/+0
| | | | | Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Use the stored LTK for restabilishing securityVinicius Costa Gomes2011-07-081-0/+12
| | | | | | | | | | Now that it's possible that the exchanged key is present in the link key list, we may be able to estabilish security with an already existing key, without need to perform any SMP procedure. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Use the link key list to temporarily store the STKVinicius Costa Gomes2011-07-081-8/+15
| | | | | | | | | With this we can use only one place to store all keys, without need to use a field in the connection structure for this purpose. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for storing the LTKVinicius Costa Gomes2011-07-081-6/+14
| | | | | | | | Now when the LTK is received from the remote or generated it is stored, so it can later be used. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Fix SM pairing parameters negotiationVinicius Costa Gomes2011-07-081-10/+30
| | | | | | | | | | | | | Before implementing SM key distribution, the pairing features exchange must be better negotiated, taking into account some features of the host and connection requirements. If we are in the "not pairable" state, it makes no sense to exchange any key. This allows for simplification of the key negociation method. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for SMP phase 3 (key distribution)Vinicius Costa Gomes2011-07-081-2/+112
| | | | | | | | | | | | | This adds support for generating and distributing all the keys specified in the third phase of SMP. This will make possible to re-establish secure connections, resolve private addresses and sign commands. For now, the values generated are random. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Remove enable_smp parameterAndre Guedes2011-07-071-0/+9
| | | | | | | | The enable_smp parameter is no longer needed. It can be replaced by checking lmp_host_le_capable. Signed-off-by: Andre Guedes <andre.guedes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: include scatterlist.h where neededStephen Rothwell2011-06-241-0/+1
| | | | | | | | | | | | | | | net/bluetooth/smp.c: In function 'smp_e': net/bluetooth/smp.c:49:21: error: storage size of 'sg' isn't known net/bluetooth/smp.c:67:2: error: implicit declaration of function 'sg_init_one' net/bluetooth/smp.c:49:21: warning: unused variable 'sg' Caused by commit d22ef0bc83c5 ("Bluetooth: Add LE SMP Cryptoolbox functions"). Missing include file, presumably. This batch has been in the bluetooth tree since June 14, so it may have been exposed by the removal of linux/mm.h from netdevice.h ... Signed-off-by: Stephen Rothwell <sfr@canb.auug.org.au> Signed-off-by: John W. Linville <linville@tuxdriver.com>
* Bluetooth: Add key size checks for SMPVinicius Costa Gomes2011-06-141-13/+41
| | | | | | | | | | | This patch implements a check in smp cmd pairing request and pairing response to verify if encryption key maximum size is compatible in both slave and master when SMP Pairing is requested. Keys are also masked to the correct negotiated size. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for SMP timeoutVinicius Costa Gomes2011-06-141-0/+14
| | | | | | | | | | | | This patch adds support for disconnecting the link when SMP procedure takes more than 30 seconds. SMP begins when either the Pairing Request command is sent or the Pairing Response is received, and it ends when the link is encrypted (or terminated). Vol 3, Part H Section 3.4. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for Pairing features exchangeVinicius Costa Gomes2011-06-131-53/+53
| | | | | | | | | | | This patch implements a simple version of the SMP Pairing Features exchange procedure (Vol. 3 Part H, Section 2.3.5.1). For now, everything that would cause a Pairing Method different of Just Works to be chosen is rejected. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for building pairing commandsVinicius Costa Gomes2011-06-131-0/+11
| | | | | | | | | | | Before we are able to do a proper exchange of pairing parameters, we need a unified way of building pairing requests and responses. For IO Capability we use the value that was set by userspace, using the management interface. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for resuming socket when SMP is finishedVinicius Costa Gomes2011-06-131-12/+28
| | | | | | | | This adds support for resuming the user space traffic when SMP negotiation is complete. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Remove debug statementsVinicius Costa Gomes2011-06-131-5/+1
| | | | | | | | Now that these commands are sent to the controller we can use hcidump to verify that the correct values are produced. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for LE Start EncryptionVinicius Costa Gomes2011-06-131-4/+12
| | | | | | | | | This adds support for starting SMP Phase 2 Encryption, when the initial SMP negotiation is successful. This adds the LE Start Encryption and LE Long Term Key Request commands and related events. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add SMP confirmation checks methodsAnderson Briglia2011-06-131-14/+83
| | | | | | | | | This patch includes support for generating and sending the random value used to produce the confirmation value. Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add SMP confirmation structsAnderson Briglia2011-06-131-0/+17
| | | | | | | | | This patch adds initial support for verifying the confirmation value that the remote side has sent. Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add LE SMP Cryptoolbox functionsAnderson Briglia2011-06-131-0/+117
| | | | | | | | | | | | This patch implements SMP crypto functions called ah, c1, s1 and e. It also implements auxiliary functions. All These functions are needed for SMP keys generation. Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Anderson Lizardo <anderson.lizardo@openbossa.org> Signed-off-by: Bruna Moreira <bruna.moreira@openbossa.org> Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add support for using the crypto subsystemVinicius Costa Gomes2011-06-131-4/+18
| | | | | | | | | | | | | This will allow using the crypto subsystem for encrypting data. As SMP (Security Manager Protocol) is implemented almost entirely on the host side and the crypto module already implements the needed methods (AES-128), it makes sense to use it. There's now a new module option to enable/disable SMP support. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Add simple SMP pairing negotiationAnderson Briglia2011-06-131-5/+102
| | | | | | | | | This implementation only exchanges SMP messages between the Host and the Remote. No keys are being generated. TK and STK generation will be provided in further patches. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>
* Bluetooth: Implement the first SMP commandsAnderson Briglia2011-06-131-0/+146
These simple commands will allow the SMP procedure to be started and terminated with a not supported error. This is the first step toward something useful. Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org> Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org> Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>