iOS BT stack has a bug in LE SC implementation. If EncKey is not set in
key distribution it sends Pairing Failed PDU if any (?) keys were
distributed. This wasn't visible before as without local privacy no
keys were distributed for LE SC with iPhone.
Change-Id: I36c2398ea821c6048d970b93a58189eb466ea434
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If incoming pairing request would result in JustWorks pairing this
can be used to request consent from user for accepting it.
Change-Id: If0695d0e1bb010bade6a16abe1b57a2ce07856cc
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This is in preparation for adding support to confirm incoming pairing
requests. smp_pairing_req is now more similar to smp_pairing_rsp making
code easier to follow.
Change-Id: Ie5a77ae5092b7bbf76a482d0bd49e022c4d19d70
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
So far the assumption has been that the host stack manages all
incoming and outgoing buffers. For the incoming buffers (from the
controller) this has required hci_core.c to manage its own pools and
do the host flow control. This setup makes perfect sense for an
architecture where the controller resides remotely on a different CPU
& address space (i.e. the "traditional" HCI transport case).
When the stack runs on a system where the controller resides in the
same address space this setup doesn't work that well. In such a
scenario the incoming buffers are ideally created as low down in the
stack as possible (i.e. below HCI), which means that the current
hci_core.c cannot be responsible for managing their pools.
To allow for both types of architectures this patch introduces a new
BLUETOOTH_HOST_BUFFERS Kconfig option that can be selected to say that
host-side management is desired, or deselected to say that the
controller (residing in the same address space) takes care of managing
the incoming buffers.
So far the incoming buffer types were identified by hci_core.c by
looking at their "free pool" pointers, however as soon as the pools
are allowed to be somewhere else this doesn't work. To solve this we
now require a minimum user data size for all Bluetooth buffers and use
that to store the buffer type.
Change-Id: I14bc32007e3e3f17c654f71f79b520650028d7ce
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Renames routine to be clear to be used to register LE L2CAP fixed
channel only. The routine operates on le_channels list object that also
was renamed to reflect the connection type. Updates all calls to
the procedure in the stack.
Change-Id: I01348b8186a0f537532f6a7b9dc59586827b204b
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
In many cases when we want to access the 'val' member of bt_addr_le_t
it's in situations where the type needed is actually bt_addr_t. To
avoid unnecessary typecasts in these places simply embed bt_addr_t
inside bt_addr_le_t.
Change-Id: I7eecf129bee1dcf085abc83ec2f32e1a10b0b5aa
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Add initial support for the Privacy Feature, including the ability to
manage a local IRK and to use Resolvable Random Addresses.
Change-Id: I1c70aea67078dd2a5d07f3b797c37746ebe9ab61
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This will be needed to implement local privacy support.
Change-Id: I6222a7d396d47929d6f8946793bbf3f49eaae179
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
The helper for analyzing (fiber) stack usage is in no way specific to
Bluetooth and will likely be of use to many other places as well. Move
it therefore to include/misc.
Change-Id: Iedb699dbe248aca305e387998d37bb339cfb0e21
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
bt_auth_cancel can be used to cancel any type of pairing.
Change-Id: Ia1a6ba834186ab6d5082d3eb473319c2d70cf4a7
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This add following handling of LE SC debug keys:
- if debug keys are disabled locally generated public/private keys
is checked to not match debug keys by accident
- if debug keys are enabled those are used as local public/private
keys pair allowing sniffing of encrypted air traffic
- tracking of remote device using debug keys
- debug keys are discarded after disconnection regardless of bonding
flag being set or not
- due to HCI interface limitation debug keys are not supported for
HCI based ECDH and compilation error will be rised for such
configuration
Change-Id: Ie147b1893c4a6b9542b4d2c261973a7acbd8de96
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Those two indicate SMP failure, so while in keys distribution phase,
if we receive Pairing Failed, or there is SMP Timeout, the keys
distributed so far shall considered as invalid and cleared.
Another flag SMP_FLAG_KEYS_DISTRO is needed to save the old keys
if this failure appears before distribution of new keys.
Change-Id: I9a917740c02955aa149170b84ae547f5c8c4b7ad
Signed-off-by: Mariusz Skamra <mariusz.skamra@tieto.com>
Instead of returning a 'void *', the nanokernel fiber_delayed_start()
family of routines now return a handle of type nano_thread_id_t.
Consequently, the nanokernel fiber_delayed_start_cancel() family of
routines now accept a parameter of type nano_thread_id_t instead of
'void *'.
The complete list of affected nanokernel routines is:
fiber_delayed_start() fiber_delayed_start_cancel()
fiber_fiber_delayed_start() fiber_fiber_delayed_start_cancel()
task_fiber_delayed_start() task_fiber_delayed_start_cancel()
Change-Id: Ibd4658df3ef07e79a81b7643a8be9ea5ffe08ba0
Signed-off-by: Peter Mitsis <peter.mitsis@windriver.com>
If remote device indicates no bond pairing there is no point in
storing any keys. If no keys are stored key storage is freed on
disconnection. Keeping key storage around while device is connected
is important for GATT being able to check encryption key size also
for paired but not bonded devices.
Change-Id: If80e9d4c6da02e73c8730972a7a388b0b7d14ba6
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
legacy_pairing_rsp is used only for legacy pairing. Fix following
with CONFIG_BLUETOOTH_SMP_SC_ONLY set.
CC net/bluetooth/smp.o
net/bluetooth/smp.c: In function 'legacy_pairing_rsp':
net/bluetooth/smp.c:1207:16: warning: implicit declaration of function
'legacy_get_pair_method' [-Wimplicit-function-declaration]
smp->method = legacy_get_pair_method(smp, remote_io);
^
net/bluetooth/smp.c:1209:8: warning: implicit declaration of function
'legacy_request_tk' [-Wimplicit-function-declaration]
ret = legacy_request_tk(smp);
^
net/bluetooth/smp.c:1216:10: warning: implicit declaration of function
'legacy_send_pairing_confirm' [-Wimplicit-function-declaration]
return legacy_send_pairing_confirm(smp);
^
net/bluetooth/smp.c: At top level:
net/bluetooth/smp.c:1201:16: warning: 'legacy_pairing_rsp' defined but not
used [-Wunused-function]
static uint8_t legacy_pairing_rsp(struct bt_smp *smp, uint8_t remote_io)
^
Change-Id: I0d65efa71859c23cf5b6f0bfa3386a23543bf907
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Since now TinyCrypt is always enabled there is no need for HCI
backup code.
Change-Id: I6cf9c2bd15dc9a6c0dd98cd7aff0ea137eb0be8b
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
TinyCrypt provides implementation of AES CMAC so there is not need
for internal implementation in SMP code.
Change-Id: I15fe0daf8fca8c44b002636983b46502419c57a5
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to use ECC implementation from TinyCrypt instead of
controller based ECC.
Change-Id: I09bdff78899c1ac5cd1d10243d4c00c4d0a75d83
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
There is no need to keep this in bt_dev structure as this is not
used outside of SMP code.
Change-Id: I24a1d9daffb4d382bf1ed07a5645e4cbdafa3c5e
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
In legacy passkey entry method confirm value is sent first.
Change-Id: Ic379650dab64715be6d281fa8d3389f5ff34a978
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Use uint8_t for pointer arithmetic when clearing SMP context so that
correct memory is cleared.
Change-Id: I8b88bc4c2eb181397bce5fb80a6ab250086cb17d
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
To have some proper split of conn.h and bluetooth.h APIs make sure all
bt_conn related ones are in conn.h. This also helps avoid forward
declarations for some upcoming patches where we need bluetooth.h
defines from within conn.h.
Change-Id: Ief3d32118a6749fb5785dab6cb3fee4ebb86ddb4
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This way we can pass any errors back to the application.
Change-Id: Ic53b858a73436e1c9c4d03e358aeffae7fd837ab
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This function is always called with valid connection.
Change-Id: I756990a22f7c56939fd8e92c498d722a0467ab84
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Converts bt_keys type to atomic_t flags to enable consistent and
compact key type management.
Change-Id: Ie384168da6d5d0d1b305a33988ce7689ba3a4c6a
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
If pairing is rejected due to unsatisfying auth requirements
pending response buffer should be freed.
Change-Id: I8bbdad5fac8cd6dbcd674c7ad9725cf44ef79004
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This patch introduce new Kconfig option that is used to indicate if
device should operate in Secure Connection Only Mode. Enabling this
option removes support for LE Legacy Pairing.
Change-Id: If224b6786f4c840959fe87a31f0224bc1e21f90e
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Moves object handling user authentication callback interface exposed
in public API to hci core module and exports internally LE SMP
authentication handlers.
The stack authentication API methods call based on connection type
the correct internal methods. Currently only LE SMP backend
is implemented.
Make getting local io capa in runtime.
Change-Id: I17459096616a620467b4fa01c53fd4bc0b59af9b
Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
This fix a regression where incorrect confirm function was used
for legacy pairing.
Change-Id: Ia39aed6b8e9a3cb24b451cdb0219f41ceb5e6c6e
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Make sure the name reflects that it is used only for legacy pairing.
Change-Id: I757311991e9f879f377978b8adb02c7f9758b6b2
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
All legacy pairing code is now separated in dedicated helper functions
(with 'legacy' prefix). Main code flow is LE SC oriented and legacy
pairing is always handled as exception from LE SC code:
if (!atomic_test_bit(&smp->flags, SMP_FLAG_SC)) {
return legacy_foo(smp);
}
This is in preparation for enabling LE SC only mode.
Change-Id: I89705e6b780014417adaed41bd3beaf4791d8d3f
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This function is not used outside of smp.c file.
Change-Id: Ib2158330959f2b4b1d63695480e82ac506243ab8
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
We'll need this e.g. for NRPA generation even when SMP isn't enabled.
Change-Id: I4bffca3a180fda8f6757e902f8e255ba497b0bf5
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
There is no need to lookup SMP context again from conn object if
SMP context is already found.
Change-Id: I47ed1da69dc3030021c16579f8039e376ba11320
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
If HCI based ECC is used we should delay sending local Public Key in
LE SC pairing until it is generated by controller.
Change-Id: Ic979fc8efa40a8089ac2b74cbcfac21bdca79bfe
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Use same ifdefs rule in all places in SMP code. This makes code
easier to read.
Change-Id: I6936ca6f7a0212fc1918ed18d247f3e6d73f0370
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
SMP code is cutted by ifdefs for central and peripheral roles support.
To make code easier to understand we follow same rule for all code:
if (conn->role == BT_HCI_ROLE_MASTER) {
/* master specififc code */
return;
}
/* slave specififc code */
This simple rule allows for covering all build options (only central,
only peripheral or both) in clean way.
Change-Id: I37e65e7444090860069bfa6e9adc5cae07f0c0b9
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allow to reuse same code in follow-up patch.
Change-Id: Ie057943f72b0c3c77d44590b56dd5ff9aa53005f
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
In JustWorks/PasskeyConfirmation pairing slave doesn't check remote
confirmation value (as it doesn't receive one). Factor out confirmation
check to helper and use it only when needed. This keeps code easy to
understand.
Change-Id: Ifb31bc3f2b53586a9c92b29b01e9832c124b0951
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
Issue causing crash is already fixed so now proper BE to cpu convertion
can be used.
Change-Id: If07ed6f3b342b9e6a58e62c9a6f5fee9bc11133a
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This allows to request user to input passkey displayed on remote
device when LE SC connection are used. Since similar method was
already present in legacy pairing no new public API is required.
Change-Id: I331647d5442e65162d25bbdd37ceb8b1ed841fc6
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
When Passkey Entry protocol is used for LE SC and device has
display capabilities random passkey is generated and displayed
to user.
Passkey Entry is different that Passkey Confirm due to common
secret (entered passkey) being injected at begining of pairing.
After that 20 passkey rounds are performed to disclose passkey.
This "gradual disclosure" prevents leakage of more than 1 bit of
un-guessed Passkey information in the case of a MITM attack.
Due to 20 rounds of confirm-random PDU exchange this pairing
method takes more time comparing to JustWorks or Passkey Comparison.
Since similar method was already present in legacy pairing no new
public API is required.
Change-Id: Ibb36320dc751e4fae43aa8c08ca57a2a984bf491
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
SMP_FLAG_TK_VALID and SMP_FLAG_USER_CONFIRM flags can be replaced
by single flag that express 'waiting for user input'. This makes
code simpler and easier to follow. Same flag will be used for
passkey entry pairing.
Change-Id: Icb857b07e3f5db1ef870cb4bc09a5f5d9efbca6a
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This prepares code for introducing more pairing methods for LE SC.
Changes in following patches will be easier to review.
Change-Id: I59ea283c4dcf8537808ddf71a63df7c6ca34a5f6
Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
