This callback is called if identity was resolved for remote device
that was using Resolvable Private Address while connection. From
now on only Identity Address is used.
Change-Id: I5976be575a8e4ad8c13f56d7bc274d751ae37511
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
When remote device initiate pairing but its IRK is already known
identity address was used to calculate confirmation value. This
resulted in 'Confirm Value Failed' error and pairing failure.
To avoid any confusion simply track initiator and responder addresses
used for connection.
This fix re-enabling security with iPhone if device was unpaired
only on iPhone side.
Change-Id: I07d9589bee5fea7f6b028472b1709090a5755e31
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
When sending security request for connection with pending high
security level, authentication requirements should indicate that
MITM is required.
< ACL Data TX: Handle 64 flags 0x00 dlen 6
SMP: Security Request (0x0b) len 1
Authentication requirement: Bonding, MITM, Legacy,
No Keypresses (0x05)
Change-Id: Ie78e021726063b0eee415bfa7189962fe0b2d94b
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
When re-pairing was successful (indicated by enabling encryption with
STK) old keys are no longer needed as those will be replaced by keys
distributed in new pairing.
Change-Id: If2a81e8e94f35eb04ce9a7e4d782094632cbd77a
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Fail if we have keys that are stronger than keys that will be
distributed in new pairing. This is to avoid replacing authenticated
keys with unauthenticated ones.
Change-Id: If81b158f68a818d7a6e5d2854b482f34516b4737
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Keys from same pairing have are of similar key type and
this can be stored in single place.
Change-Id: I38426c282604769424098af6ee26e0cf9cb5f358
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Ensure smp->remote_dist tracks unreceived PDUs both for slave and
master role, and use the same logic in all PDU handlers for
remote_dist and allowed_cmds.
Change-Id: If4769d0be0118e8e764d7483f0d93ef8b61fa398
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There is no need to have sparate bool in context structure while
flags field is available.
Change-Id: Ib1bcf9794c32268897b0a873787566a620f3097b
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If slave is requesting MITM protection verify if LTK is authenticated
before enabling encryption.
Change-Id: I6642f88945b0ca0310880935edbcfa2a6764c8d8
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
There is no point in initializing security if required security level
is not reachable due to local IO capabilities.
Change-Id: I00d3cc552fcce4d1aac9498c90dcd826735dcb2b
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to store information if key was generated during
authenticated or unauthenticated pairing.
Change-Id: Idd398749c869e6278bf10909cfb768ba09565d54
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If JustWorks pairing is used for pairing don't report failure.
Change-Id: I23cee54a74dd021c1f273d987ca67066452d7801
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Flags for indicating if stored TK is valid and if confirm sending
was delayed are required for properly handling passkey entry input.
This is to avoid using incorrent TK or sending SMP commands in invalid
order.
Change-Id: I11e162331e93311f292f0723fc9f860c753d7d96
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to request passkey being entered by user.
Change-Id: I6a56c65ca689473659a13c19f8578058476d2685
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to track which pairing method was used and is
a preparation for storing information if resulting keys
are authenticated.
Change-Id: Ib9fc762d19bd4add6f0b431745eeb9e2780016d4
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
cnt is in le byte order so print keys->remote_csrk.cnt instead.
Change-Id: I2c2970f0bdf91960d978fea248bc0dbc23fdfd53
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
bt_smp_sign_packet() signs data packet adding signature and count at
the end of data.
Change-Id: I6cca931cf33d74a765f4b4aa126aae10bee7ef4c
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
This adds validation for passed callbacks. Previously registered
callbacks need to be explicitly unregistered by passing NULL.
It is no longer possible to implicitly overwrite callback
structure.
Input Output Capabilities generation is factored out to separate
function. This is in preparation for adding more callbacks.
Change-Id: Ie809ea2daa80f9c54585efb459b49af1107007d3
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to register agent with display capability resulting
in DisplayOnly InputOuput Capability being used.
Change-Id: I98931af35c51a71882b60303c0f5d4da19eefbc4
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
bt_smp_sign_verify() checks signature if csrk is present.
Change-Id: I90be8be769539860a245b141bf27549a3506a111
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Sign data using AES-CMAC algorithm and add test to self-tests executed
at init.
Change-Id: If01ec38a9897f74c26d1ba5c32304114d208549a
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Follow Key Distribution order: CSRK shall be sent after BDADDR Info.
Change-Id: I08a784ebc56d5f891e81bb9f2c7d215d47f1f6a5
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Store remote CSRK key upon receiving SMP Signing Info command.
Change-Id: I62e8fafc9bef5fd765edc5455b7eb17ea0961605
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Include CSRK to Key Distribution fields in Pairing Request and
Response.
Change-Id: I0a564bd2675760b6b30f0288b6f26e24a161811f
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Connection Signature Resolving Keys allows to sign data sent over not
encrypted connection.
Change-Id: Ia73e5572acc99f53a183f94597d57865563279d1
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
Whole smp context is already cleared up in smp_init().
Change-Id: Ided5d61dc6e859bd1a17b8b8d410f1ef8b2bebb0
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Initial setting of allowable commands can be put in one
function since it repeats in few places.
Change-Id: I645731810a2d83179af3e095bc20eb66809d9d8f
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
In smp_init we reset smp so that Pairing Failed command is deleted
from allowable commands and the pointer to the associated conn is lost.
With this patch associated conn is copied and the Pairing Failed
command is marked as allowed.
Change-Id: I7a71f985ca9d9d332e392aeb9368053a8c084750
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
Using swap_in_place algorithm allows to eliminate more buffers.
Change-Id: Ifefd291e45b84213114d665adff9839fb131a185
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
In a case there no crypto library, AES-CMAC Message Authentication Code
might be calculated with the help of Host Controller LE Encrypt command.
Change-Id: If7073bf4baa3f86c04728712f6789cc269673da7
Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
With this patch, Identity Information and Identity Address
Information are properly received. There was a bug when
returning too early from smp_pairing_master function
and not setting BT_SMP_CMD_IDENT_INFO bit in allowed_cmds.
bt: bt_smp_recv (0x0010f054): Received SMP code 0x06 len 17
bt: smp_pairing_encrypt (0x0010f054):
bt: bt_smp_recv (0x0010f054): Received SMP code 0x07 len 11
bt: smp_pairing_master (0x0010f054):
bt: bt_smp_recv (0x0010f054): Received SMP code 0x08 len 17
bt: bt_smp_recv: Unexpected SMP code 0x08
bt: bt_smp_recv (0x0010f054): Received SMP code 0x09 len 8
bt: bt_smp_recv: Unexpected SMP code 0x09
The return should be after distributing LTK, EDIV and Rand if
IdKey was not set.
bt: bt_smp_recv (0x0010effc): Received SMP code 0x06 len 17
bt: smp_pairing_encrypt (0x0010effc):
bt: bt_smp_recv (0x0010effc): Received SMP code 0x07 len 11
bt: smp_pairing_master (0x0010effc):
bt: bt_smp_recv (0x0010effc): Received SMP code 0x08 len 17
bt: smp_ident_info (0x0010effc):
bt: bt_smp_recv (0x0010effc): Received SMP code 0x09 len 8
bt: smp_ident_addr_info (0x0010effc):
bt: smp_ident_addr_info (0x0010effc): identity 88:63:DF:88:0E:83 (public)
bt: bt_smp_disconnected (0x0010effc): conn 0x0010badc handle 64
Change-Id: Ic98cf6fd6ad2f7e41c6cd506d39fc9a9571a491f
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
If remote sends Pairing Failed any subsequent pairing procedure should
be restarted from Feature Exchange phase.
Change-Id: Ieccb4e64525e82092b8b0928bd3715f46eded9a2
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Specification clearly defines when each PDU is allowed to be send.
With this patch unexpected PDUs are rejected. This allows for better
resilience when remote device misbehaves. Another benefit is that
PDUs handlers doesn't have to do additional checks for unexpected
sequence or missing PDUs.
Specification is not clear on reject policy though. It could be
responding with Pairing Failed, disconnect link or just drop unexpected
data. This patch implements last option. Dropping unexpected data is
also present in other widely used implementations and proved to be
sufficient.
Change-Id: I9a28a0b7bea71775e656300f71172e60b2df3d9c
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Master should distribute keys only after slave distributed own keys.
Change-Id: Ibd339bd18699fe054bf2443103a4dc5785f494ab
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
This is in preparation for distributing keys in correct order when
acting as a master.
Change-Id: I3054f167dfd5c7514ab1efaecab7854a24d8f11a
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
Store EDIV and Rand received in pairing master identification request.
Change-Id: Id495934a04470f098da7d36e933e74fb4f052415
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
If received confirm is valid and we are master start encryption with
generated STK.
Change-Id: I874b3081b6e4b0b9711ba20ee4b99ff5bfcb5bd4
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>
