1 /**
2 * @file smp.h
3 * Security Manager Protocol implementation header
4 */
5
6 /*
7 * Copyright (c) 2015-2016 Intel Corporation
8 *
9 * SPDX-License-Identifier: Apache-2.0
10 */
11
12 struct bt_smp_hdr {
13 uint8_t code;
14 } __packed;
15
16 #define BT_SMP_ERR_SUCCESS 0x00
17 #define BT_SMP_ERR_PASSKEY_ENTRY_FAILED 0x01
18 #define BT_SMP_ERR_OOB_NOT_AVAIL 0x02
19 #define BT_SMP_ERR_AUTH_REQUIREMENTS 0x03
20 #define BT_SMP_ERR_CONFIRM_FAILED 0x04
21 #define BT_SMP_ERR_PAIRING_NOTSUPP 0x05
22 #define BT_SMP_ERR_ENC_KEY_SIZE 0x06
23 #define BT_SMP_ERR_CMD_NOTSUPP 0x07
24 #define BT_SMP_ERR_UNSPECIFIED 0x08
25 #define BT_SMP_ERR_REPEATED_ATTEMPTS 0x09
26 #define BT_SMP_ERR_INVALID_PARAMS 0x0a
27 #define BT_SMP_ERR_DHKEY_CHECK_FAILED 0x0b
28 #define BT_SMP_ERR_NUMERIC_COMP_FAILED 0x0c
29 #define BT_SMP_ERR_BREDR_PAIRING_IN_PROGRESS 0x0d
30 #define BT_SMP_ERR_CROSS_TRANSP_NOT_ALLOWED 0x0e
31 #define BT_SMP_ERR_KEY_REJECTED 0x0f
32
33 #define BT_SMP_IO_DISPLAY_ONLY 0x00
34 #define BT_SMP_IO_DISPLAY_YESNO 0x01
35 #define BT_SMP_IO_KEYBOARD_ONLY 0x02
36 #define BT_SMP_IO_NO_INPUT_OUTPUT 0x03
37 #define BT_SMP_IO_KEYBOARD_DISPLAY 0x04
38
39 #define BT_SMP_OOB_DATA_MASK 0x01
40 #define BT_SMP_OOB_NOT_PRESENT 0x00
41 #define BT_SMP_OOB_PRESENT 0x01
42
43 #define BT_SMP_MIN_ENC_KEY_SIZE CONFIG_BT_SMP_MIN_ENC_KEY_SIZE
44 #define BT_SMP_MAX_ENC_KEY_SIZE 16
45
46 #define BT_SMP_DIST_ENC_KEY 0x01
47 #define BT_SMP_DIST_ID_KEY 0x02
48 #define BT_SMP_DIST_SIGN 0x04
49 #define BT_SMP_DIST_LINK_KEY 0x08
50
51 #define BT_SMP_DIST_MASK 0x0f
52
53 #define BT_SMP_AUTH_NONE 0x00
54 #define BT_SMP_AUTH_BONDING 0x01
55 #define BT_SMP_AUTH_MITM 0x04
56 #define BT_SMP_AUTH_SC 0x08
57 #define BT_SMP_AUTH_KEYPRESS 0x10
58 #define BT_SMP_AUTH_CT2 0x20
59
60 #define BT_SMP_CMD_PAIRING_REQ 0x01
61 #define BT_SMP_CMD_PAIRING_RSP 0x02
62 struct bt_smp_pairing {
63 uint8_t io_capability;
64 uint8_t oob_flag;
65 uint8_t auth_req;
66 uint8_t max_key_size;
67 uint8_t init_key_dist;
68 uint8_t resp_key_dist;
69 } __packed;
70
71 #define BT_SMP_CMD_PAIRING_CONFIRM 0x03
72 struct bt_smp_pairing_confirm {
73 uint8_t val[16];
74 } __packed;
75
76 #define BT_SMP_CMD_PAIRING_RANDOM 0x04
77 struct bt_smp_pairing_random {
78 uint8_t val[16];
79 } __packed;
80
81 #define BT_SMP_CMD_PAIRING_FAIL 0x05
82 struct bt_smp_pairing_fail {
83 uint8_t reason;
84 } __packed;
85
86 #define BT_SMP_CMD_ENCRYPT_INFO 0x06
87 struct bt_smp_encrypt_info {
88 uint8_t ltk[16];
89 } __packed;
90
91 #define BT_SMP_CMD_CENTRAL_IDENT 0x07
92 struct bt_smp_central_ident {
93 uint8_t ediv[2];
94 uint8_t rand[8];
95 } __packed;
96
97 #define BT_SMP_CMD_IDENT_INFO 0x08
98 struct bt_smp_ident_info {
99 uint8_t irk[16];
100 } __packed;
101
102 #define BT_SMP_CMD_IDENT_ADDR_INFO 0x09
103 struct bt_smp_ident_addr_info {
104 bt_addr_le_t addr;
105 } __packed;
106
107 #define BT_SMP_CMD_SIGNING_INFO 0x0a
108 struct bt_smp_signing_info {
109 uint8_t csrk[16];
110 } __packed;
111
112 #define BT_SMP_CMD_SECURITY_REQUEST 0x0b
113 struct bt_smp_security_request {
114 uint8_t auth_req;
115 } __packed;
116
117 #define BT_SMP_CMD_PUBLIC_KEY 0x0c
118 struct bt_smp_public_key {
119 uint8_t x[32];
120 uint8_t y[32];
121 } __packed;
122
123 #define BT_SMP_DHKEY_CHECK 0x0d
124 struct bt_smp_dhkey_check {
125 uint8_t e[16];
126 } __packed;
127
128 #define BT_SMP_KEYPRESS_NOTIFICATION 0x0e
129 struct bt_smp_keypress_notif {
130 uint8_t type;
131 } __packed;
132
133 #define BT_SMP_NUM_CMDS 0x0f
134
135 int bt_smp_start_security(struct bt_conn *conn);
136 bool bt_smp_request_ltk(struct bt_conn *conn, uint64_t rand, uint16_t ediv,
137 uint8_t *ltk);
138
139 void bt_smp_update_keys(struct bt_conn *conn);
140
141 int bt_smp_br_send_pairing_req(struct bt_conn *conn);
142
143 int bt_smp_init(void);
144
145 int bt_smp_auth_cb_overlay(struct bt_conn *conn, const struct bt_conn_auth_cb *cb);
146 int bt_smp_auth_keypress_notify(struct bt_conn *conn,
147 enum bt_conn_auth_keypress type);
148 int bt_smp_auth_passkey_entry(struct bt_conn *conn, unsigned int passkey);
149 int bt_smp_auth_passkey_confirm(struct bt_conn *conn);
150 int bt_smp_auth_pairing_confirm(struct bt_conn *conn);
151 int bt_smp_auth_cancel(struct bt_conn *conn);
152
153 int bt_smp_le_oob_set_tk(struct bt_conn *conn, const uint8_t *tk);
154 int bt_smp_le_oob_generate_sc_data(struct bt_le_oob_sc_data *le_sc_oob);
155 int bt_smp_le_oob_set_sc_data(struct bt_conn *conn,
156 const struct bt_le_oob_sc_data *oobd_local,
157 const struct bt_le_oob_sc_data *oobd_remote);
158 int bt_smp_le_oob_get_sc_data(struct bt_conn *conn,
159 const struct bt_le_oob_sc_data **oobd_local,
160 const struct bt_le_oob_sc_data **oobd_remote);
161
162 /** brief Verify signed message
163 *
164 * @param conn Bluetooth connection
165 * @param buf received packet buffer with message and signature
166 *
167 * @return 0 in success, error code otherwise
168 */
169 int bt_smp_sign_verify(struct bt_conn *conn, struct net_buf *buf);
170
171 /** brief Sign message
172 *
173 * @param conn Bluetooth connection
174 * @param buf message buffer
175 *
176 * @return 0 in success, error code otherwise
177 */
178 int bt_smp_sign(struct bt_conn *conn, struct net_buf *buf);
179
180 /** Generate IRK from Identity Root (IR) */
181 int bt_smp_irk_get(uint8_t *ir, uint8_t *irk);
182
183 /** Converts a SMP error to string.
184 *
185 * The error codes are described in the Bluetooth Core specification,
186 * Vol 3, Part H, Section 3.5.5.
187 *
188 * The Security Manager Protocol documentation found in Vol 4, Part H,
189 * describes when the different error codes are used.
190 *
191 * See also the defined BT_SMP_ERR_* macros.
192 *
193 * @return The string representation of the SMP error code.
194 */
195 #if defined(CONFIG_BT_SMP_ERR_TO_STR)
196 const char *bt_smp_err_to_str(uint8_t smp_err);
197 #else
bt_smp_err_to_str(uint8_t smp_err)198 static inline const char *bt_smp_err_to_str(uint8_t smp_err)
199 {
200 ARG_UNUSED(smp_err);
201
202 return "";
203 }
204 #endif
205
