All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C
@ 2020-05-13  8:18 Łukasz Rymanowski
  2020-05-18  7:59 ` Marcel Holtmann
  0 siblings, 1 reply; 2+ messages in thread
From: Łukasz Rymanowski @ 2020-05-13  8:18 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: Łukasz Rymanowski

Security Mode 1 level 4, force us to use have key size 16 octects long.
This patch adds check for that.

This is required for the qualification test GAP/SEC/SEM/BI-10-C

Logs from test when ATT is configured with sec level BT_SECURITY_FIPS

< ACL Data TX: Handle 3585 flags 0x00 dlen 11                                                                       #28 [hci0] 3.785965
      SMP: Pairing Request (0x01) len 6
        IO capability: DisplayYesNo (0x01)
        OOB data: Authentication data not present (0x00)
        Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
        Max encryption key size: 16
        Initiator key distribution: EncKey Sign (0x05)
        Responder key distribution: EncKey IdKey Sign (0x07)
> ACL Data RX: Handle 3585 flags 0x02 dlen 11                                                                       #35 [hci0] 3.883020
      SMP: Pairing Response (0x02) len 6
        IO capability: DisplayYesNo (0x01)
        OOB data: Authentication data not present (0x00)
        Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
        Max encryption key size: 7
        Initiator key distribution: EncKey Sign (0x05)
        Responder key distribution: EncKey IdKey Sign (0x07)
< ACL Data TX: Handle 3585 flags 0x00 dlen 6                                                                        #36 [hci0] 3.883136
      SMP: Pairing Failed (0x05) len 1
        Reason: Encryption key size (0x06)

Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
---
 net/bluetooth/smp.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 5510017cf9ff..b9f5f74cd4a7 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -730,6 +730,10 @@ static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
 	struct hci_dev *hdev = conn->hcon->hdev;
 	struct smp_chan *smp = chan->data;
 
+	if (conn->hcon->pending_sec_level == BT_SECURITY_FIPS &&
+	    max_key_size != SMP_MAX_ENC_KEY_SIZE)
+		return SMP_ENC_KEY_SIZE;
+
 	if (max_key_size > hdev->le_max_key_size ||
 	    max_key_size < SMP_MIN_ENC_KEY_SIZE)
 		return SMP_ENC_KEY_SIZE;
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C
  2020-05-13  8:18 [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C Łukasz Rymanowski
@ 2020-05-18  7:59 ` Marcel Holtmann
  0 siblings, 0 replies; 2+ messages in thread
From: Marcel Holtmann @ 2020-05-18  7:59 UTC (permalink / raw)
  To: Łukasz Rymanowski; +Cc: linux-bluetooth

Hi Lukasz,

> Security Mode 1 level 4, force us to use have key size 16 octects long.
> This patch adds check for that.
> 
> This is required for the qualification test GAP/SEC/SEM/BI-10-C
> 
> Logs from test when ATT is configured with sec level BT_SECURITY_FIPS
> 
> < ACL Data TX: Handle 3585 flags 0x00 dlen 11                                                                       #28 [hci0] 3.785965
>      SMP: Pairing Request (0x01) len 6
>        IO capability: DisplayYesNo (0x01)
>        OOB data: Authentication data not present (0x00)
>        Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
>        Max encryption key size: 16
>        Initiator key distribution: EncKey Sign (0x05)
>        Responder key distribution: EncKey IdKey Sign (0x07)
>> ACL Data RX: Handle 3585 flags 0x02 dlen 11                                                                       #35 [hci0] 3.883020
>      SMP: Pairing Response (0x02) len 6
>        IO capability: DisplayYesNo (0x01)
>        OOB data: Authentication data not present (0x00)
>        Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
>        Max encryption key size: 7
>        Initiator key distribution: EncKey Sign (0x05)
>        Responder key distribution: EncKey IdKey Sign (0x07)
> < ACL Data TX: Handle 3585 flags 0x00 dlen 6                                                                        #36 [hci0] 3.883136
>      SMP: Pairing Failed (0x05) len 1
>        Reason: Encryption key size (0x06)
> 
> Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
> ---
> net/bluetooth/smp.c | 4 ++++
> 1 file changed, 4 insertions(+)

patch has been applied to bluetooth-next tree.

Regards

Marcel


^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-05-18  7:59 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-13  8:18 [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C Łukasz Rymanowski
2020-05-18  7:59 ` Marcel Holtmann

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.