From: Andrei Emeltchenko <[email protected]>
Add basic crypto support to btdev using Linux crypto infrastructure.
---
emulator/btdev.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/emulator/btdev.c b/emulator/btdev.c
index ad65cf8..c95a5c7 100644
--- a/emulator/btdev.c
+++ b/emulator/btdev.c
@@ -35,6 +35,7 @@
#include "src/shared/util.h"
#include "src/shared/timeout.h"
+#include "src/shared/crypto.h"
#include "monitor/bt.h"
#include "btdev.h"
@@ -75,6 +76,8 @@ struct btdev {
struct hook *hook_list[MAX_HOOK_ENTRIES];
+ struct bt_crypto *crypto;
+
uint16_t manufacturer;
uint8_t version;
uint16_t revision;
@@ -414,6 +417,7 @@ static void set_le_commands(struct btdev *btdev)
btdev->commands[26] |= 0x04; /* LE Set Scan Parameters */
btdev->commands[26] |= 0x08; /* LE Set Scan Enable */
btdev->commands[26] |= 0x40; /* LE Read White List Size */
+ btdev->commands[27] |= 0x40; /* LE Encrypt */
btdev->commands[27] |= 0x80; /* LE Rand */
btdev->commands[28] |= 0x08; /* LE Read Supported States */
btdev->commands[28] |= 0x10; /* LE Receiver Test */
@@ -605,6 +609,9 @@ struct btdev *btdev_create(enum btdev_type type, uint16_t id)
get_bdaddr(id, index, btdev->bdaddr);
+ if (type == BTDEV_TYPE_BREDRLE || type == BTDEV_TYPE_LE)
+ btdev->crypto = bt_crypto_new();
+
return btdev;
}
@@ -1910,6 +1917,7 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
const struct bt_hci_cmd_le_set_scan_enable *lsse;
const struct bt_hci_cmd_le_start_encrypt *lse;
const struct bt_hci_cmd_le_ltk_req_reply *llrr;
+ const struct bt_hci_cmd_le_encrypt *lenc_cmd;
const struct bt_hci_cmd_read_local_amp_assoc *rlaa_cmd;
const struct bt_hci_cmd_read_rssi *rrssi;
const struct bt_hci_cmd_read_tx_power *rtxp;
@@ -1956,6 +1964,7 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
struct bt_hci_rsp_le_read_adv_tx_power lratp;
struct bt_hci_rsp_le_read_supported_states lrss;
struct bt_hci_rsp_le_read_white_list_size lrwls;
+ struct bt_hci_rsp_le_encrypt lenc;
struct bt_hci_rsp_le_rand lr;
struct bt_hci_rsp_le_test_end lte;
struct bt_hci_rsp_remote_name_request_cancel rnrc_rsp;
@@ -2860,6 +2869,20 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
cmd_complete(btdev, opcode, &status, sizeof(status));
break;
+ case BT_HCI_CMD_LE_ENCRYPT:
+ if (btdev->type == BTDEV_TYPE_BREDR)
+ goto unsupported;
+ lenc_cmd = data;
+ if (!bt_crypto_e(btdev->crypto, lenc_cmd->key,
+ lenc_cmd->plaintext, lenc.data)) {
+ cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
+ opcode);
+ break;
+ }
+ lenc.status = BT_HCI_ERR_SUCCESS;
+ cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
+ break;
+
case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
if (btdev->type == BTDEV_TYPE_BREDR)
goto unsupported;
--
2.1.4
Hi Andrei,
On Wed, May 13, 2015, Andrei Emeltchenko wrote:
> Add basic crypto support to btdev using Linux crypto infrastructure.
> ---
> emulator/btdev.c | 23 +++++++++++++++++++++++
> 1 file changed, 23 insertions(+)
All three patches have been applied. Thanks.
Johan
Hi Andrei,
On Wednesday 13 of May 2015 15:09:00 Andrei Emeltchenko wrote:
> From: Andrei Emeltchenko <[email protected]>
>
> Add basic crypto support to btdev using Linux crypto infrastructure.
> ---
> emulator/btdev.c | 23 +++++++++++++++++++++++
> 1 file changed, 23 insertions(+)
>
> diff --git a/emulator/btdev.c b/emulator/btdev.c
> index ad65cf8..c95a5c7 100644
> --- a/emulator/btdev.c
> +++ b/emulator/btdev.c
> @@ -35,6 +35,7 @@
>
> #include "src/shared/util.h"
> #include "src/shared/timeout.h"
> +#include "src/shared/crypto.h"
> #include "monitor/bt.h"
> #include "btdev.h"
>
> @@ -75,6 +76,8 @@ struct btdev {
>
> struct hook *hook_list[MAX_HOOK_ENTRIES];
>
> + struct bt_crypto *crypto;
> +
> uint16_t manufacturer;
> uint8_t version;
> uint16_t revision;
> @@ -414,6 +417,7 @@ static void set_le_commands(struct btdev *btdev)
> btdev->commands[26] |= 0x04; /* LE Set Scan Parameters */
> btdev->commands[26] |= 0x08; /* LE Set Scan Enable */
> btdev->commands[26] |= 0x40; /* LE Read White List Size */
> + btdev->commands[27] |= 0x40; /* LE Encrypt */
> btdev->commands[27] |= 0x80; /* LE Rand */
> btdev->commands[28] |= 0x08; /* LE Read Supported States */
> btdev->commands[28] |= 0x10; /* LE Receiver Test */
> @@ -605,6 +609,9 @@ struct btdev *btdev_create(enum btdev_type type,
> uint16_t id)
>
> get_bdaddr(id, index, btdev->bdaddr);
>
> + if (type == BTDEV_TYPE_BREDRLE || type == BTDEV_TYPE_LE)
> + btdev->crypto = bt_crypto_new();
bt_crypto_new() may fail if kernel is missing support for it. Should it be
checked here?
Also crypto should be cleaned up in btdev_destroy().
> +
> return btdev;
> }
>
> @@ -1910,6 +1917,7 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, const struct bt_hci_cmd_le_set_scan_enable *lsse;
> const struct bt_hci_cmd_le_start_encrypt *lse;
> const struct bt_hci_cmd_le_ltk_req_reply *llrr;
> + const struct bt_hci_cmd_le_encrypt *lenc_cmd;
> const struct bt_hci_cmd_read_local_amp_assoc *rlaa_cmd;
> const struct bt_hci_cmd_read_rssi *rrssi;
> const struct bt_hci_cmd_read_tx_power *rtxp;
> @@ -1956,6 +1964,7 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, struct bt_hci_rsp_le_read_adv_tx_power lratp;
> struct bt_hci_rsp_le_read_supported_states lrss;
> struct bt_hci_rsp_le_read_white_list_size lrwls;
> + struct bt_hci_rsp_le_encrypt lenc;
> struct bt_hci_rsp_le_rand lr;
> struct bt_hci_rsp_le_test_end lte;
> struct bt_hci_rsp_remote_name_request_cancel rnrc_rsp;
> @@ -2860,6 +2869,20 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, cmd_complete(btdev, opcode, &status, sizeof(status));
> break;
>
> + case BT_HCI_CMD_LE_ENCRYPT:
> + if (btdev->type == BTDEV_TYPE_BREDR)
> + goto unsupported;
> + lenc_cmd = data;
> + if (!bt_crypto_e(btdev->crypto, lenc_cmd->key,
> + lenc_cmd->plaintext, lenc.data)) {
> + cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
> + opcode);
> + break;
> + }
> + lenc.status = BT_HCI_ERR_SUCCESS;
> + cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
> + break;
> +
> case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
> if (btdev->type == BTDEV_TYPE_BREDR)
> goto unsupported;
--
BR
Szymon Janc
From: Andrei Emeltchenko <[email protected]>
Use RFC 4493 "The AES-CMAC Algorithm" sample test vectors to test HCI
controller encryption.
---
tools/hci-tester.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 69 insertions(+)
diff --git a/tools/hci-tester.c b/tools/hci-tester.c
index a5dbde2..903921d 100644
--- a/tools/hci-tester.c
+++ b/tools/hci-tester.c
@@ -45,6 +45,19 @@ struct user_data {
uint16_t handle_ut;
};
+static void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len)
+{
+ int i;
+
+ for (i = 0; i < len; i++)
+ dst[len - 1 - i] = src[i];
+}
+
+static void test_debug(const char *str, void *user_data)
+{
+ tester_debug("%s", str);
+}
+
static void test_pre_setup_lt_address(const void *data, uint8_t size,
void *user_data)
{
@@ -339,6 +352,60 @@ static void test_le_clear_white_list(const void *test_data)
test_command(BT_HCI_CMD_LE_CLEAR_WHITE_LIST);
}
+static void test_le_encrypt_complete(const void *data, uint8_t size,
+ void *user_data)
+{
+ const struct bt_hci_rsp_le_encrypt *rsp = data;
+ uint8_t sample[16] = {
+ 0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3,
+ 0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f
+ };
+ uint8_t enc_data[16];
+
+ if (rsp->status) {
+ tester_warn("Failed HCI LE Encrypt (0x%02x)", rsp->status);
+ tester_test_failed();
+ return;
+ }
+
+ swap_buf(rsp->data, enc_data, 16);
+ util_hexdump('>', enc_data, 16, test_debug, NULL);
+
+ if (!memcmp(sample, enc_data, 16))
+ tester_test_passed();
+ else
+ tester_test_failed();
+}
+
+/* Data are taken from RFC 4493 Test Vectors */
+static void test_le_encrypt(const void *test_data)
+{
+ struct user_data *user = tester_get_data();
+ struct bt_hci_cmd_le_encrypt cmd;
+ uint8_t key[16] = {
+ 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+ 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
+ };
+ uint8_t plaintext[16] = { 0 };
+
+ /* Swap bytes since our interface has LE interface, opposed to
+ * common crypto interface
+ */
+ swap_buf(key, cmd.key, 16);
+ swap_buf(plaintext, cmd.plaintext, 16);
+
+ util_hexdump('<', cmd.key, 16, test_debug, NULL);
+ util_hexdump('<', cmd.plaintext, 16, test_debug, NULL);
+
+ if (!bt_hci_send(user->hci_ut, BT_HCI_CMD_LE_ENCRYPT, &cmd, sizeof(cmd),
+ test_le_encrypt_complete, NULL, NULL)) {
+ tester_warn("Failed to send HCI LE Encrypt command");
+ tester_test_failed();
+ return;
+ }
+
+}
+
static void test_inquiry_complete(const void *data, uint8_t size,
void *user_data)
{
@@ -657,6 +724,8 @@ int main(int argc, char *argv[])
test_le_read_white_list_size);
test_hci_local("LE Clear White List", NULL, NULL,
test_le_clear_white_list);
+ test_hci_local("LE Encrypt", NULL, NULL,
+ test_le_encrypt);
test_hci_local("Inquiry (LIAC)", NULL, NULL, test_inquiry_liac);
--
2.1.4
From: Andrei Emeltchenko <[email protected]>
Use standard Linux crypto infrastructure for emulating HCI LE Rand
command.
---
emulator/btdev.c | 21 +++++++++++++--------
1 file changed, 13 insertions(+), 8 deletions(-)
diff --git a/emulator/btdev.c b/emulator/btdev.c
index c95a5c7..7c9cc26 100644
--- a/emulator/btdev.c
+++ b/emulator/btdev.c
@@ -2883,6 +2883,19 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
break;
+ case BT_HCI_CMD_LE_RAND:
+ if (btdev->type == BTDEV_TYPE_BREDR)
+ goto unsupported;
+ if (!bt_crypto_random_bytes(btdev->crypto,
+ (uint8_t *)&lr.number, 8)) {
+ cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
+ opcode);
+ break;
+ }
+ lr.status = BT_HCI_ERR_SUCCESS;
+ cmd_complete(btdev, opcode, &lr, sizeof(lr));
+ break;
+
case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
if (btdev->type == BTDEV_TYPE_BREDR)
goto unsupported;
@@ -2911,14 +2924,6 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
cmd_complete(btdev, opcode, &status, sizeof(status));
break;
- case BT_HCI_CMD_LE_RAND:
- if (btdev->type == BTDEV_TYPE_BREDR)
- goto unsupported;
- lr.status = BT_HCI_ERR_SUCCESS;
- lr.number = rand();
- cmd_complete(btdev, opcode, &lr, sizeof(lr));
- break;
-
case BT_HCI_CMD_LE_READ_REMOTE_FEATURES:
if (btdev->type == BTDEV_TYPE_BREDR)
goto unsupported;
--
2.1.4