• Marcel Holtmann's avatar
    Bluetooth: Add support for local OOB data with Secure Connections · 4d2d2796
    Marcel Holtmann authored
    For Secure Connections support and the usage of out-of-band pairing,
    it is needed to read the P-256 hash and randomizer or P-192 hash and
    randomizer. This change will read P-192 data when Secure Connections
    is disabled and P-192 and P-256 data when it is enabled.
    
    The difference is between using HCI Read Local OOB Data and using the
    new HCI Read Local OOB Extended Data command. The first one has been
    introduced with Bluetooth 2.1 and returns only the P-192 data.
    
    < HCI Command: Read Local OOB Data (0x03|0x0057) plen 0
    > HCI Event: Command Complete (0x0e) plen 36
          Read Local OOB Data (0x03|0x0057) ncmd 1
            Status: Success (0x00)
            Hash C from P-192: 975a59baa1c4eee391477cb410b23e6d
            Randomizer R with P-192: 9ee63b7dec411d3b467c5ae446df7f7d
    
    The second command has been introduced with Bluetooth 4.1 and will
    return P-192 and P-256 data.
    
    < HCI Command: Read Local OOB Extended Data (0x03|0x007d) plen 0
    > HCI Event: Command Complete (0x0e) plen 68
          Read Local OOB Extended Data (0x03|0x007d) ncmd 1
            Status: Success (0x00)
            Hash C from P-192: 6489731804b156fa6355efb8124a1389
            Randomizer R with P-192: 4781d5352fb215b2958222b3937b6026
            Hash C from P-256: 69ef8a928b9d07fc149e630e74ecb991
            Randomizer R with P-256: 4781d5352fb215b2958222b3937b6026
    
    The change for the management interface is transparent and no change
    is required for existing userspace. The Secure Connections feature
    needs to be manually enabled. When it is disabled, then userspace
    only gets the P-192 returned and with Secure Connections enabled,
    userspace gets P-192 and P-256 in an extended structure.
    
    It is also acceptable to just ignore the P-256 data since it is not
    required to support them. The pairing with out-of-band credentials
    will still succeed. However then of course no Secure Connection will
    b established.
    Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
    Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
    4d2d2796
hci_core.h 32.4 KB