From: "Łukasz Rymanowski" <lukasz.rymanowski@codecoup.pl>
To: linux-bluetooth@vger.kernel.org
Cc: "Łukasz Rymanowski" <lukasz.rymanowski@codecoup.pl>
Subject: [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C
Date: Wed, 13 May 2020 10:18:53 +0200 [thread overview]
Message-ID: <20200513081853.362-1-lukasz.rymanowski@codecoup.pl> (raw)
Security Mode 1 level 4, force us to use have key size 16 octects long.
This patch adds check for that.
This is required for the qualification test GAP/SEC/SEM/BI-10-C
Logs from test when ATT is configured with sec level BT_SECURITY_FIPS
< ACL Data TX: Handle 3585 flags 0x00 dlen 11 #28 [hci0] 3.785965
SMP: Pairing Request (0x01) len 6
IO capability: DisplayYesNo (0x01)
OOB data: Authentication data not present (0x00)
Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
Max encryption key size: 16
Initiator key distribution: EncKey Sign (0x05)
Responder key distribution: EncKey IdKey Sign (0x07)
> ACL Data RX: Handle 3585 flags 0x02 dlen 11 #35 [hci0] 3.883020
SMP: Pairing Response (0x02) len 6
IO capability: DisplayYesNo (0x01)
OOB data: Authentication data not present (0x00)
Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d)
Max encryption key size: 7
Initiator key distribution: EncKey Sign (0x05)
Responder key distribution: EncKey IdKey Sign (0x07)
< ACL Data TX: Handle 3585 flags 0x00 dlen 6 #36 [hci0] 3.883136
SMP: Pairing Failed (0x05) len 1
Reason: Encryption key size (0x06)
Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl>
---
net/bluetooth/smp.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 5510017cf9ff..b9f5f74cd4a7 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -730,6 +730,10 @@ static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size)
struct hci_dev *hdev = conn->hcon->hdev;
struct smp_chan *smp = chan->data;
+ if (conn->hcon->pending_sec_level == BT_SECURITY_FIPS &&
+ max_key_size != SMP_MAX_ENC_KEY_SIZE)
+ return SMP_ENC_KEY_SIZE;
+
if (max_key_size > hdev->le_max_key_size ||
max_key_size < SMP_MIN_ENC_KEY_SIZE)
return SMP_ENC_KEY_SIZE;
--
2.20.1
next reply other threads:[~2020-05-13 8:19 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-13 8:18 Łukasz Rymanowski [this message]
2020-05-18 7:59 ` [PATCH] bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200513081853.362-1-lukasz.rymanowski@codecoup.pl \
--to=lukasz.rymanowski@codecoup.pl \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).