Bluetooth: Add key size checks for SMP

This patch implements a check in smp cmd pairing request and pairing
response to verify if encryption key maximum size is compatible in both
slave and master when SMP Pairing is requested. Keys are also masked to
the correct negotiated size.

Signed-off-by: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Signed-off-by: Anderson Briglia <anderson.briglia@openbossa.org>
Signed-off-by: Gustavo F. Padovan <padovan@profusion.mobi>

diff --git a/include/net/bluetooth/l2cap.h b/include/net/bluetooth/l2cap.h
index 157419afe5325095e31888316aaf4aec4a82598c..bf1c7f681932a4ac9e3ac945e9cf27c9006c00eb 100644 (file)
--- a/include/net/bluetooth/l2cap.h
+++ b/include/net/bluetooth/l2cap.h
@@ -400,6 +400,7 @@ struct l2cap_conn {
        __u8            prnd[16]; /* SMP Pairing Random */
        __u8            pcnf[16]; /* SMP Pairing Confirm */
        __u8            tk[16]; /* SMP Temporary Key */
+       __u8            smp_key_size;
 
        struct timer_list security_timer;
 

diff --git a/include/net/bluetooth/smp.h b/include/net/bluetooth/smp.h
index 111853ab239ac9a2fc17735e555b01eb5092e738..4fb7d198a87642cd862e0e88b3c3cf375d0ce3d3 100644 (file)
--- a/include/net/bluetooth/smp.h
+++ b/include/net/bluetooth/smp.h
@@ -112,6 +112,9 @@ struct smp_cmd_security_req {
 #define SMP_UNSPECIFIED                0x08
 #define SMP_REPEATED_ATTEMPTS          0x09
 
+#define SMP_MIN_ENC_KEY_SIZE           7
+#define SMP_MAX_ENC_KEY_SIZE           16
+
 /* SMP Commands */
 int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level);
 int smp_sig_channel(struct l2cap_conn *conn, struct sk_buff *skb);

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 39886786eb7ffd5c9d8918105702fe82fc1a0c76..52e9ec2644c10445fed7804d85e4581ac913cc2f 100644 (file)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -200,35 +200,51 @@ static void build_pairing_cmd(struct l2cap_conn *conn,
 {
        cmd->io_capability = conn->hcon->io_capability;
        cmd->oob_flag = SMP_OOB_NOT_PRESENT;
-       cmd->max_key_size = 16;
+       cmd->max_key_size = SMP_MAX_ENC_KEY_SIZE;
        cmd->init_key_dist = 0x00;
        cmd->resp_key_dist = 0x00;
        cmd->auth_req = authreq;
 }
 
+static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
+{
+       if ((max_key_size > SMP_MAX_ENC_KEY_SIZE) ||
+                       (max_key_size < SMP_MIN_ENC_KEY_SIZE))
+               return SMP_ENC_KEY_SIZE;
+
+       conn->smp_key_size = max_key_size;
+
+       return 0;
+}
+
 static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
 {
-       struct smp_cmd_pairing *rp = (void *) skb->data;
+       struct smp_cmd_pairing rsp, *req = (void *) skb->data;
+       u8 key_size;
 
        BT_DBG("conn %p", conn);
 
        conn->preq[0] = SMP_CMD_PAIRING_REQ;
-       memcpy(&conn->preq[1], rp, sizeof(*rp));
-       skb_pull(skb, sizeof(*rp));
+       memcpy(&conn->preq[1], req, sizeof(*req));
+       skb_pull(skb, sizeof(*req));
 
-       if (rp->oob_flag)
+       if (req->oob_flag)
                return SMP_OOB_NOT_AVAIL;
 
        /* We didn't start the pairing, so no requirements */
-       build_pairing_cmd(conn, rp, SMP_AUTH_NONE);
+       build_pairing_cmd(conn, &rsp, SMP_AUTH_NONE);
+
+       key_size = min(req->max_key_size, rsp.max_key_size);
+       if (check_enc_key_size(conn, key_size))
+               return SMP_ENC_KEY_SIZE;
 
        /* Just works */
        memset(conn->tk, 0, sizeof(conn->tk));
 
        conn->prsp[0] = SMP_CMD_PAIRING_RSP;
-       memcpy(&conn->prsp[1], rp, sizeof(*rp));
+       memcpy(&conn->prsp[1], &rsp, sizeof(rsp));
 
-       smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(*rp), rp);
+       smp_send_cmd(conn, SMP_CMD_PAIRING_RSP, sizeof(rsp), &rsp);
 
        mod_timer(&conn->security_timer, jiffies +
                                        msecs_to_jiffies(SMP_TIMEOUT));
@@ -238,24 +254,30 @@ static u8 smp_cmd_pairing_req(struct l2cap_conn *conn, struct sk_buff *skb)
 
 static u8 smp_cmd_pairing_rsp(struct l2cap_conn *conn, struct sk_buff *skb)
 {
-       struct smp_cmd_pairing *rp = (void *) skb->data;
+       struct smp_cmd_pairing *req, *rsp = (void *) skb->data;
        struct smp_cmd_pairing_confirm cp;
        struct crypto_blkcipher *tfm = conn->hcon->hdev->tfm;
        int ret;
-       u8 res[16];
+       u8 res[16], key_size;
 
        BT_DBG("conn %p", conn);
 
-       skb_pull(skb, sizeof(*rp));
+       skb_pull(skb, sizeof(*rsp));
+
+       req = (void *) &conn->preq[1];
 
-       if (rp->oob_flag)
+       key_size = min(req->max_key_size, rsp->max_key_size);
+       if (check_enc_key_size(conn, key_size))
+               return SMP_ENC_KEY_SIZE;
+
+       if (rsp->oob_flag)
                return SMP_OOB_NOT_AVAIL;
 
        /* Just works */
        memset(conn->tk, 0, sizeof(conn->tk));
 
        conn->prsp[0] = SMP_CMD_PAIRING_RSP;
-       memcpy(&conn->prsp[1], rp, sizeof(*rp));
+       memcpy(&conn->prsp[1], rsp, sizeof(*rsp));
 
        ret = smp_rand(conn->prnd);
        if (ret)
@@ -353,6 +375,9 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
                smp_s1(tfm, conn->tk, random, conn->prnd, key);
                swap128(key, hcon->ltk);
 
+               memset(hcon->ltk + conn->smp_key_size, 0,
+                               SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
+
                memset(rand, 0, sizeof(rand));
                ediv = 0;
                hci_le_start_enc(hcon, ediv, rand, hcon->ltk);
@@ -364,6 +389,9 @@ static u8 smp_cmd_pairing_random(struct l2cap_conn *conn, struct sk_buff *skb)
 
                smp_s1(tfm, conn->tk, conn->prnd, random, key);
                swap128(key, hcon->ltk);
+
+               memset(hcon->ltk + conn->smp_key_size, 0,
+                               SMP_MAX_ENC_KEY_SIZE - conn->smp_key_size);
        }
 
        return 0;