Bluetooth: Add signature verification function

bt_smp_sign_verify() checks signature if csrk is present. Change-Id: I90be8be769539860a245b141bf27549a3506a111 Signed-off-by: Andrei Emeltchenko <andrei.emeltchenko@intel.com>
2015-07-15 17:06:35 +03:00 · 2015-07-15 17:06:35 +03:00 · b029073dee
commit b029073dee
parent c0824c73fa
2 changed files with 51 additions and 1 deletions
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@ -1077,7 +1077,6 @@ bool bt_smp_irk_matches(const uint8_t irk[16], const bt_addr_t *addr)
 	return !memcmp(addr->val, hash, 3);
 }

-#if defined(CONFIG_BLUETOOTH_SMP_SELFTEST)
 /* spaw octets for LE encrypt */
 static void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len)
 {
@ -1300,6 +1299,48 @@ static int smp_sign_buf(const uint8_t *key, uint8_t *msg, uint16_t len)
 	return 0;
 }

+int bt_smp_sign_verify(struct bt_conn *conn, struct bt_buf *buf)
+{
+	struct bt_keys *keys;
+	uint8_t sig[12];
+	uint32_t cnt;
+	int err;
+
+	/* Store signature incl. count */
+	memcpy(sig, bt_buf_tail(buf) - sizeof(sig), sizeof(sig));
+
+	keys = bt_keys_get_type(BT_KEYS_REMOTE_CSRK, &conn->dst);
+	if (!keys) {
+		BT_ERR("Unable to get keys for %s\n",
+		       bt_addr_le_str(&conn->dst));
+		return -ENOENT;
+	}
+
+	/* Copy signing count */
+	cnt = sys_cpu_to_le32(keys->remote_csrk.cnt);
+	memcpy(bt_buf_tail(buf) - sizeof(sig), &cnt, sizeof(cnt));
+
+	BT_DBG("Sign data len %u key %s count %u\n", buf->len - sizeof(sig),
+	       h(keys->remote_csrk.val, 16), cnt);
+
+	err = smp_sign_buf(keys->remote_csrk.val, buf->data,
+			      buf->len - sizeof(sig));
+	if (err) {
+		BT_ERR("Unable to create signature for %s\n",
+		       bt_addr_le_str(&conn->dst));
+		return -EIO;
+	};
+
+	if (memcmp(sig, bt_buf_tail(buf) - sizeof(sig), sizeof(sig))) {
+		BT_ERR("Unable to verify signature for %s\n",
+		       bt_addr_le_str(&conn->dst));
+		return -EBADMSG;
+	};
+
+	return 0;
+}
+
+#if defined(CONFIG_BLUETOOTH_SMP_SELFTEST)
 /* Test vectors are taken from RFC 4493
 * https://tools.ietf.org/html/rfc4493
 * Same mentioned in the Bluetooth Spec.
--- a/net/bluetooth/smp.h
+++ b/net/bluetooth/smp.h
@ -143,3 +143,12 @@ int bt_smp_send_pairing_req(struct bt_conn *conn);
 int bt_smp_send_security_req(struct bt_conn *conn);

 int bt_smp_init(void);
+
+/** brief Verify signed message
+ *
+ *  @param conn Bluetooth connection
+ *  @param buf received packet buffer with message and signature
+ *
+ *  @return 0 in success, error code otherwise
+ */
+int bt_smp_sign_verify(struct bt_conn *conn, struct bt_buf *buf);