[PATCH 1/3] btdev: Add LE Encrypt command support to emulator

[PATCH 1/3] btdev: Add LE Encrypt command support to emulator

[Andrei Emeltchenko]

From: Andrei Emeltchenko <andrei.emeltchenko@intel.com>

Add basic crypto support to btdev using Linux crypto infrastructure.
---
 emulator/btdev.c | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)

diff --git a/emulator/btdev.c b/emulator/btdev.c
index ad65cf8..c95a5c7 100644
--- a/emulator/btdev.c
+++ b/emulator/btdev.c
@@ -35,6 +35,7 @@
 
 #include "src/shared/util.h"
 #include "src/shared/timeout.h"
+#include "src/shared/crypto.h"
 #include "monitor/bt.h"
 #include "btdev.h"
 
@@ -75,6 +76,8 @@ struct btdev {
 
 	struct hook *hook_list[MAX_HOOK_ENTRIES];
 
+	struct bt_crypto *crypto;
+
         uint16_t manufacturer;
         uint8_t  version;
 	uint16_t revision;
@@ -414,6 +417,7 @@ static void set_le_commands(struct btdev *btdev)
 	btdev->commands[26] |= 0x04;	/* LE Set Scan Parameters */
 	btdev->commands[26] |= 0x08;	/* LE Set Scan Enable */
 	btdev->commands[26] |= 0x40;	/* LE Read White List Size */
+	btdev->commands[27] |= 0x40;	/* LE Encrypt */
 	btdev->commands[27] |= 0x80;	/* LE Rand */
 	btdev->commands[28] |= 0x08;	/* LE Read Supported States */
 	btdev->commands[28] |= 0x10;	/* LE Receiver Test */
@@ -605,6 +609,9 @@ struct btdev *btdev_create(enum btdev_type type, uint16_t id)
 
 	get_bdaddr(id, index, btdev->bdaddr);
 
+	if (type == BTDEV_TYPE_BREDRLE || type == BTDEV_TYPE_LE)
+		btdev->crypto = bt_crypto_new();
+
 	return btdev;
 }
 
@@ -1910,6 +1917,7 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
 	const struct bt_hci_cmd_le_set_scan_enable *lsse;
 	const struct bt_hci_cmd_le_start_encrypt *lse;
 	const struct bt_hci_cmd_le_ltk_req_reply *llrr;
+	const struct bt_hci_cmd_le_encrypt *lenc_cmd;
 	const struct bt_hci_cmd_read_local_amp_assoc *rlaa_cmd;
 	const struct bt_hci_cmd_read_rssi *rrssi;
 	const struct bt_hci_cmd_read_tx_power *rtxp;
@@ -1956,6 +1964,7 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
 	struct bt_hci_rsp_le_read_adv_tx_power lratp;
 	struct bt_hci_rsp_le_read_supported_states lrss;
 	struct bt_hci_rsp_le_read_white_list_size lrwls;
+	struct bt_hci_rsp_le_encrypt lenc;
 	struct bt_hci_rsp_le_rand lr;
 	struct bt_hci_rsp_le_test_end lte;
 	struct bt_hci_rsp_remote_name_request_cancel rnrc_rsp;
@@ -2860,6 +2869,20 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
 		cmd_complete(btdev, opcode, &status, sizeof(status));
 		break;
 
+	case BT_HCI_CMD_LE_ENCRYPT:
+		if (btdev->type == BTDEV_TYPE_BREDR)
+			goto unsupported;
+		lenc_cmd = data;
+		if (!bt_crypto_e(btdev->crypto, lenc_cmd->key,
+				 lenc_cmd->plaintext, lenc.data)) {
+			cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
+				   opcode);
+			break;
+		}
+		lenc.status = BT_HCI_ERR_SUCCESS;
+		cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
+		break;
+
 	case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
 		if (btdev->type == BTDEV_TYPE_BREDR)
 			goto unsupported;
-- 
2.1.4

[PATCH 2/3] btdev: Refactor Le Rand using Linux crypto infrastructure

[Andrei Emeltchenko]

From: Andrei Emeltchenko <andrei.emeltchenko@intel.com>

Use standard Linux crypto infrastructure for emulating HCI LE Rand
command.
---
 emulator/btdev.c | 21 +++++++++++++--------
 1 file changed, 13 insertions(+), 8 deletions(-)

diff --git a/emulator/btdev.c b/emulator/btdev.c
index c95a5c7..7c9cc26 100644
--- a/emulator/btdev.c
+++ b/emulator/btdev.c
@@ -2883,6 +2883,19 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
 		cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
 		break;
 
+	case BT_HCI_CMD_LE_RAND:
+		if (btdev->type == BTDEV_TYPE_BREDR)
+			goto unsupported;
+		if (!bt_crypto_random_bytes(btdev->crypto,
+					    (uint8_t *)&lr.number, 8)) {
+			cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
+				   opcode);
+			break;
+		}
+		lr.status = BT_HCI_ERR_SUCCESS;
+		cmd_complete(btdev, opcode, &lr, sizeof(lr));
+		break;
+
 	case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
 		if (btdev->type == BTDEV_TYPE_BREDR)
 			goto unsupported;
@@ -2911,14 +2924,6 @@ static void default_cmd(struct btdev *btdev, uint16_t opcode,
 		cmd_complete(btdev, opcode, &status, sizeof(status));
 		break;
 
-	case BT_HCI_CMD_LE_RAND:
-		if (btdev->type == BTDEV_TYPE_BREDR)
-			goto unsupported;
-		lr.status = BT_HCI_ERR_SUCCESS;
-		lr.number = rand();
-		cmd_complete(btdev, opcode, &lr, sizeof(lr));
-		break;
-
 	case BT_HCI_CMD_LE_READ_REMOTE_FEATURES:
 		if (btdev->type == BTDEV_TYPE_BREDR)
 			goto unsupported;
-- 
2.1.4

[PATCH 3/3] tester: Add HCI LE Encrypt command test

[Andrei Emeltchenko]

From: Andrei Emeltchenko <andrei.emeltchenko@intel.com>

Use RFC 4493 "The AES-CMAC Algorithm" sample test vectors to test HCI
controller encryption.
---
 tools/hci-tester.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)

diff --git a/tools/hci-tester.c b/tools/hci-tester.c
index a5dbde2..903921d 100644
--- a/tools/hci-tester.c
+++ b/tools/hci-tester.c
@@ -45,6 +45,19 @@ struct user_data {
 	uint16_t handle_ut;
 };
 
+static void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len)
+{
+	int i;
+
+	for (i = 0; i < len; i++)
+		dst[len - 1 - i] = src[i];
+}
+
+static void test_debug(const char *str, void *user_data)
+{
+	tester_debug("%s", str);
+}
+
 static void test_pre_setup_lt_address(const void *data, uint8_t size,
 							void *user_data)
 {
@@ -339,6 +352,60 @@ static void test_le_clear_white_list(const void *test_data)
 	test_command(BT_HCI_CMD_LE_CLEAR_WHITE_LIST);
 }
 
+static void test_le_encrypt_complete(const void *data, uint8_t size,
+								void *user_data)
+{
+	const struct bt_hci_rsp_le_encrypt *rsp = data;
+	uint8_t sample[16] = {
+		0x7d, 0xf7, 0x6b, 0x0c, 0x1a, 0xb8, 0x99, 0xb3,
+		0x3e, 0x42, 0xf0, 0x47, 0xb9, 0x1b, 0x54, 0x6f
+	};
+	uint8_t enc_data[16];
+
+	if (rsp->status) {
+		tester_warn("Failed HCI LE Encrypt (0x%02x)", rsp->status);
+		tester_test_failed();
+		return;
+	}
+
+	swap_buf(rsp->data, enc_data, 16);
+	util_hexdump('>', enc_data, 16, test_debug, NULL);
+
+	if (!memcmp(sample, enc_data, 16))
+		tester_test_passed();
+	else
+		tester_test_failed();
+}
+
+/* Data are taken from RFC 4493 Test Vectors */
+static void test_le_encrypt(const void *test_data)
+{
+	struct user_data *user = tester_get_data();
+	struct bt_hci_cmd_le_encrypt cmd;
+	uint8_t key[16] = {
+		0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
+		0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c
+	};
+	uint8_t plaintext[16] = { 0 };
+
+	/* Swap bytes since our interface has LE interface, opposed to
+	 * common crypto interface
+	 */
+	swap_buf(key, cmd.key, 16);
+	swap_buf(plaintext, cmd.plaintext, 16);
+
+	util_hexdump('<', cmd.key, 16, test_debug, NULL);
+	util_hexdump('<', cmd.plaintext, 16, test_debug, NULL);
+
+	if (!bt_hci_send(user->hci_ut, BT_HCI_CMD_LE_ENCRYPT, &cmd, sizeof(cmd),
+					test_le_encrypt_complete, NULL, NULL)) {
+		tester_warn("Failed to send HCI LE Encrypt command");
+		tester_test_failed();
+		return;
+	}
+
+}
+
 static void test_inquiry_complete(const void *data, uint8_t size,
 							void *user_data)
 {
@@ -657,6 +724,8 @@ int main(int argc, char *argv[])
 				test_le_read_white_list_size);
 	test_hci_local("LE Clear White List", NULL, NULL,
 				test_le_clear_white_list);
+	test_hci_local("LE Encrypt", NULL, NULL,
+				test_le_encrypt);
 
 	test_hci_local("Inquiry (LIAC)", NULL, NULL, test_inquiry_liac);
 
-- 
2.1.4

Re: [PATCH 1/3] btdev: Add LE Encrypt command support to emulator

[Szymon Janc]

Hi Andrei,

On Wednesday 13 of May 2015 15:09:00 Andrei Emeltchenko wrote:
> From: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
> 
> Add basic crypto support to btdev using Linux crypto infrastructure.
> ---
>  emulator/btdev.c | 23 +++++++++++++++++++++++
>  1 file changed, 23 insertions(+)
> 
> diff --git a/emulator/btdev.c b/emulator/btdev.c
> index ad65cf8..c95a5c7 100644
> --- a/emulator/btdev.c
> +++ b/emulator/btdev.c
> @@ -35,6 +35,7 @@
> 
>  #include "src/shared/util.h"
>  #include "src/shared/timeout.h"
> +#include "src/shared/crypto.h"
>  #include "monitor/bt.h"
>  #include "btdev.h"
> 
> @@ -75,6 +76,8 @@ struct btdev {
> 
>  	struct hook *hook_list[MAX_HOOK_ENTRIES];
> 
> +	struct bt_crypto *crypto;
> +
>          uint16_t manufacturer;
>          uint8_t  version;
>  	uint16_t revision;
> @@ -414,6 +417,7 @@ static void set_le_commands(struct btdev *btdev)
>  	btdev->commands[26] |= 0x04;	/* LE Set Scan Parameters */
>  	btdev->commands[26] |= 0x08;	/* LE Set Scan Enable */
>  	btdev->commands[26] |= 0x40;	/* LE Read White List Size */
> +	btdev->commands[27] |= 0x40;	/* LE Encrypt */
>  	btdev->commands[27] |= 0x80;	/* LE Rand */
>  	btdev->commands[28] |= 0x08;	/* LE Read Supported States */
>  	btdev->commands[28] |= 0x10;	/* LE Receiver Test */
> @@ -605,6 +609,9 @@ struct btdev *btdev_create(enum btdev_type type,
> uint16_t id)
> 
>  	get_bdaddr(id, index, btdev->bdaddr);
> 
> +	if (type == BTDEV_TYPE_BREDRLE || type == BTDEV_TYPE_LE)
> +		btdev->crypto = bt_crypto_new();

bt_crypto_new() may fail if kernel is missing support for it. Should it be 
checked here?

Also crypto should be cleaned up in btdev_destroy().

> +
>  	return btdev;
>  }
> 
> @@ -1910,6 +1917,7 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, const struct bt_hci_cmd_le_set_scan_enable *lsse;
>  	const struct bt_hci_cmd_le_start_encrypt *lse;
>  	const struct bt_hci_cmd_le_ltk_req_reply *llrr;
> +	const struct bt_hci_cmd_le_encrypt *lenc_cmd;
>  	const struct bt_hci_cmd_read_local_amp_assoc *rlaa_cmd;
>  	const struct bt_hci_cmd_read_rssi *rrssi;
>  	const struct bt_hci_cmd_read_tx_power *rtxp;
> @@ -1956,6 +1964,7 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, struct bt_hci_rsp_le_read_adv_tx_power lratp;
>  	struct bt_hci_rsp_le_read_supported_states lrss;
>  	struct bt_hci_rsp_le_read_white_list_size lrwls;
> +	struct bt_hci_rsp_le_encrypt lenc;
>  	struct bt_hci_rsp_le_rand lr;
>  	struct bt_hci_rsp_le_test_end lte;
>  	struct bt_hci_rsp_remote_name_request_cancel rnrc_rsp;
> @@ -2860,6 +2869,20 @@ static void default_cmd(struct btdev *btdev, uint16_t
> opcode, cmd_complete(btdev, opcode, &status, sizeof(status));
>  		break;
> 
> +	case BT_HCI_CMD_LE_ENCRYPT:
> +		if (btdev->type == BTDEV_TYPE_BREDR)
> +			goto unsupported;
> +		lenc_cmd = data;
> +		if (!bt_crypto_e(btdev->crypto, lenc_cmd->key,
> +				 lenc_cmd->plaintext, lenc.data)) {
> +			cmd_status(btdev, BT_HCI_ERR_COMMAND_DISALLOWED,
> +				   opcode);
> +			break;
> +		}
> +		lenc.status = BT_HCI_ERR_SUCCESS;
> +		cmd_complete(btdev, opcode, &lenc, sizeof(lenc));
> +		break;
> +
>  	case BT_HCI_CMD_LE_READ_SUPPORTED_STATES:
>  		if (btdev->type == BTDEV_TYPE_BREDR)
>  			goto unsupported;

-- 
BR
Szymon Janc

Re: [PATCH 1/3] btdev: Add LE Encrypt command support to emulator

[Johan Hedberg]

Hi Andrei,

On Wed, May 13, 2015, Andrei Emeltchenko wrote:
> Add basic crypto support to btdev using Linux crypto infrastructure.
> ---
>  emulator/btdev.c | 23 +++++++++++++++++++++++
>  1 file changed, 23 insertions(+)

All three patches have been applied. Thanks.

Johan