Linux-Bluetooth Archive on lore.kernel.org
 help / Atom feed
* Bluetooth ECDH selftest failed (endianness issue?)
@ 2018-12-27  3:21 Andrey Batyiev
  2018-12-29  7:35 ` Marcel Holtmann
  0 siblings, 1 reply; 8+ messages in thread
From: Andrey Batyiev @ 2018-12-27  3:21 UTC (permalink / raw)
  To: linux-bluetooth

Hello everyone,

I'm trying to pair my MIPS based router with a phone (using bluez),
without success.
I have turned on debugging features of bluetooth kernel module and I
got this in dmesg:

[  234.481526] Bluetooth: Core ver 2.22
[  234.485231] Bluetooth: Starting self testing
[  234.525375] Bluetooth: ECDH sample 1 failed
[  234.529728] Bluetooth: Finished self testing

Also, I checked hcidump, and it seems that SMP "Pairing confirm"
command got rejected by the phone with an error ("Reason: Unspecified
Reason (0x08)").
As far as I understand, ECDH computation is involved in a pairing process.

However, my Linux desktop is able to successfully pair to the phone
(Ubuntu 18.04) via the same dongle, using same version of bluez.

The huge difference between my desktop and router is endianness:
router is big-endian, while desktop is little-endian. Maybe, that's
the case?

I'm not sure how to debug this, could you please advise?

Router specs:
CPU: QCA9531 (MIPS_24KC, big-endian)
Distro: OpenWRT git master
Linux: 4.14.88
BlueZ: 5.49
Bluetooth dongle: CSR8510 A10

Thanks,
  Andrey

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2018-12-27  3:21 Bluetooth ECDH selftest failed (endianness issue?) Andrey Batyiev
@ 2018-12-29  7:35 ` Marcel Holtmann
  2019-01-03 20:19   ` Andrey Batyiev
  0 siblings, 1 reply; 8+ messages in thread
From: Marcel Holtmann @ 2018-12-29  7:35 UTC (permalink / raw)
  To: Andrey Batyiev; +Cc: linux-bluetooth

Hi Andrey,

> I'm trying to pair my MIPS based router with a phone (using bluez),
> without success.
> I have turned on debugging features of bluetooth kernel module and I
> got this in dmesg:
> 
> [  234.481526] Bluetooth: Core ver 2.22
> [  234.485231] Bluetooth: Starting self testing
> [  234.525375] Bluetooth: ECDH sample 1 failed
> [  234.529728] Bluetooth: Finished self testing
> 
> Also, I checked hcidump, and it seems that SMP "Pairing confirm"
> command got rejected by the phone with an error ("Reason: Unspecified
> Reason (0x08)").
> As far as I understand, ECDH computation is involved in a pairing process.

I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.

Regards

Marcel


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2018-12-29  7:35 ` Marcel Holtmann
@ 2019-01-03 20:19   ` Andrey Batyiev
  2019-01-07 22:37     ` Andrey Batyiev
  0 siblings, 1 reply; 8+ messages in thread
From: Andrey Batyiev @ 2019-01-03 20:19 UTC (permalink / raw)
  To: Marcel Holtmann; +Cc: linux-bluetooth

[-- Attachment #1: Type: text/plain, Size: 426 bytes --]

Hello Marcel,

On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.

Binary trace from the MIPS system is attached. Hope it helps.

Thanks,
   Andrey

[-- Attachment #2: trace.log --]
[-- Type: text/x-log, Size: 6696 bytes --]

btsnoop\0\0\0\0\x01\0\0\aÑ\0\0\0\x1d\0\0\0\x1dÿÿ\0\f\0\0\0\0\0â\Bë'ÝÆLinux version 4.14.88 (mips)\0\0\0\0!\0\0\0!ÿÿ\0\f\0\0\0\0\0â\Bë'ÝÓBluetooth subsystem version 2.22\0\0\0\0\x10\0\0\0\x10\0\0\0\0\0\0\0\0\0â\Bë'ÝÖ\0\x01\x13qÚ}\x1a\0hci0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\b\0\0\0\0\0â\Bë'ÝØ\0\0\0\b\0\0\0\b\0\0\0
\0\0\0\0\0â\Bë'ÝÛ\x13qÚ}\x1a\0
\0\0\0\0\x1e\0\0\0\x1eÿÿ\0\x0e\0\0\0\0\0â\Bë'Ýß\x01\0\0\0\x02\0\x01\x0e\0\x01\0\0\0\x10bluetoothd\0\0\0\0\0\0\0\0\0\x1e\0\0\0\x1eÿÿ\0\x0e\0\0\0\0\0â\Bë'Þ\x15\x02\0\0\0\x02\0\x01\x0e\0\x01\0\0\0\x10btmon\0\0\0\0\0\0\0\0\0\0\0\0\0\0\x15\0\0\0\x15\0\0\0\x03\0\0\0\0\0â\Bì:"\v>\x13\x01\0E\0\x01\x01$tiäI}\x18\0\0\0H\0\x05\0\0\0\x13\0\0\0\x13\0\0\0\x11\0\0\0\0\0â\Bì:"N\x02\0\0\0\v\0$tiäI}\x02\0\0\0\0\0\0\0\0\0\x13\0\0\0\x13\0\0\0\x11\0\0\0\0\0â\Bì:"N\x01\0\0\0\v\0$tiäI}\x02\0\0\0\0\0\0\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\Bì:±rE\0\a\0\x03\0\x04\0\x02\x05\x02\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì;'ÚE \v\0\a\0:\0	\x05\x02\0\0\0\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì;+Ö\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\Bì;,\x02E \a\0\x03\0\x04\0\x02¹\0\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\Bì;3,E\0\a\0\x03\0\x04\0\x03\x05\x02\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\Bì;\x06E \a\0\x03\0\x04\0\x03¹\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì;žÍE\0\v\0\a\0\x04\0\x10\x01\0ÿÿ\0(\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì<\x123E \v\0\a\0\x04\0\x10\x01\0ÿÿ\0(\0\0\0\x16\0\0\0\x16\0\0\0\x04\0\0\0\0\0â\Bì<\x14\x11E\0\x12\0\x0e\0\x04\0\x11\x06\x01\0\x05\0\0\x18\x06\0	\0\x01\x18\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì<\x169\x13\x05\x01E\0\x01\0\0\0\0\x16\0\0\0\x16\0\0\0\x05\0\0\0\0\0â\Bì<‡hE \x12\0\x0e\0\x04\0\x11\x06\x01\0\x05\0\0\x18\x06\0	\0\x01\x18\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì<‰\x1aE\0\v\0\a\0\x04\0\x10
\0ÿÿ\0(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì<‹i\x13\x05\x01E\0\x01\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì<ü™E \v\0\a\0\x04\0\x10
\0ÿÿ\0(\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\Bì<þjE\0	\0\x05\0\x04\0\x01\x10
\0
\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì=\0™\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\Bì=qÇE ^[\0*\0\x04\0\x11\x14
\0\x0e\0fC®\x10yHø¥‘E´»x\x1eaÐ\x0f\0\0\0\x17\0\0\0\x17\0\0\0\x05\0\0\0\0\0â\Bì=qæE\x10\x13\0\0\x13\0®\x04]ÜCӐ“BEgIà€¤Ÿ\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì=s{E\0\v\0\a\0\x04\0\x10\x14\0ÿÿ\0(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì=uÈ\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì=}„\x13\x05\x01E\0\x01\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì=æ÷E \v\0\a\0\x04\0\b\x06\0	\0\x03(\0\0\0\x11\0\0\0\x11\0\0\0\x04\0\0\0\0\0â\Bì=èãE\0\r\0	\0\x04\0	\a\a\0 \b\0\x05*\0\0\0\x1c\0\0\0\x1c\0\0\0\x05\0\0\0\0\0â\Bì>\(E \x18\0\x14\0\x04\0\x11\x06\x14\0\x17\0\x0f\x18\x18\0\x1d\0\x05\x18\x1e\0"\0
\x18\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì>]ÞE\0\v\0\a\0\x04\0\x10#\0ÿÿ\0(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì>`*\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\Bì>ÑXE 	\0\x05\0\x04\0\x04	\0	\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì>Ñ¿\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x04\0\0\0\0\0â\Bì>ÓiE\0
\0\x06\0\x04\0\x05\x01	\0\x02)\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\Bì?FˆE ^[\0*\0\x04\0\x11\x14#\0,\0Ð\0-\x12\x1eK\x0f¤™Nε1ô\x05y-\0\0\0\x17\0\0\0\x17\0\0\0\x05\0\0\0\0\0â\Bì?F­E\x10\x13\0\08\0ÜøU­\x02ÅôŽ:C6\x0f+PÓ‰\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì?HJE\0\v\0\a\0\x04\0\x109\0ÿÿ\0(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì?J‰\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì?RD\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\Bì?»¶E 	\0\x05\0\x04\0\x12	\0\x02\0\0\0\0	\0\0\0	\0\0\0\x04\0\0\0\0\0â\Bì?½ïE\0\x05\0\x01\0\x04\0\x13\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\Bì@0çE 	\0\x05\0\x04\0\x01\x109\0
\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì@4DE\0\v\0\a\0\x04\0\x10\x01\0ÿÿ\x01(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì@4Þ\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì@©ü\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\BìAyE 	\0\x05\0\x04\0\x01\x108\0
\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìA’BE\0\v\0\a\0\x04\0\b\x01\08\0\x02(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìA”z\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\BìBzÓE 	\0\x05\0\x04\0\x01\b8\0
\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìB|ŽE\0\v\0\a\0\x04\0\b\x01\08\0\x03(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìB~Ú\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìCe6E ^[\0\x17\0\x04\0	\a\x02\0\x02\x03\0\0*\x04\0\x02\x05\0\x01*\a\0 \b\0\x05*\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìCfÖE\0\v\0\a\0\x04\0\b\b\08\0\x03(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìCi8\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìDO–E ^[\0,\0\x04\0	\x15\v\0˜\f\0I\0Ù'îTí„‘L7šlUg†\0\0\0\x19\0\0\0\x19\0\0\0\x05\0\0\0\0\0â\BìDO¶E\x10\x15\0\x10\0˜\x11\0ÌãIÅ{§z‘ÍC™[±­\v¯\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìDQXE\0\v\0\a\0\x04\0\b\x11\08\0\x03(\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìDS™\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìE9ùE ^[\0%\0\x04\0	\a\x15\0\x12\x16\0\x19*\x19\0\x12\x1a\0+*\x1c\0\x02\x1d\0\x0f*\0\0\0\x12\0\0\0\x12\0\0\0\x05\0\0\0\0\0â\BìE:)E\x10\x0e\0\x1f\0\x02 \0)*!\0\x02"\0$*\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìE:l\x13\x05\x01E\0\x01\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìE;õE\0\v\0\a\0\x04\0\b"\08\0\x03(\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìF$ZE ^[\0€\0\x04\0	\x15$\0ˆ%\0ÙÙªý½›!˜¨IáEóØÑi\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìF$€E\x10^[\0'\0\x10(\0½\x1d¢™æ%XŒÙB\x01c\r\x12¿Ÿ*\0\x10+\0û\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìF(U\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìF(‚E\x10^[\0{|Îj³D¾µKÖ$éÆê".\0˜/\0ÂQÊ÷V\x0eß\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\BìF,4E\x10^[\0¸ŠJ±W؁<›2\0˜3\0\x02Á–º’»\fš\x1fA€Î\0\0\0\x1c\0\0\0\x1c\0\0\0\x05\0\0\0\0\0â\BìF,YE\x10\x18\0«|/6\0Š7\0×Õ»p¨£«¦ØF«#Œó²Æ\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\BìF-åE\0\v\0\a\0\x04\0\b7\08\0\x03(\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\BìG\x0e¶E 	\0\x05\0\x04\0\x01\b8\0
\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìG\x12±\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìG\x14=E\0	\0\x05\0\x04\0\x04	\0	\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìGù\x18E 
\0\x06\0\x04\0\x05\x01	\0\x02)\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìGû9E\0	\0\x05\0\x04\0\x04\r\0\x0e\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìGý\x16\x13\x05\x01E\0\x01\0\0\0\0\x12\0\0\0\x12\0\0\0\x05\0\0\0\0\0â\BìHãtE \x0e\0
\0\x04\0\x05\x01\r\0\0)\x0e\0\x02)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìHåE\0\a\0\x03\0\x04\0
\r\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìHçv\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìIÍ×E \a\0\x03\0\x04\0\v\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìIÏËE\0	\0\x05\0\x04\0\x04\x12\0\x13\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìIÑØ\x13\x05\x01E\0\x01\0\0\0\0\x12\0\0\0\x12\0\0\0\x05\0\0\0\0\0â\BìJ¸3E \x0e\0
\0\x04\0\x05\x01\x12\0\0)\x13\0\x02)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìJºcE\0\a\0\x03\0\x04\0
\x12\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìJ¼6\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìK¢•E \a\0\x03\0\x04\0\v\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìK¤ŒE\0	\0\x05\0\x04\0\x04\x17\0\x17\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìK¦™\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìLâ\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìM\x02%E 
\0\x06\0\x04\0\x05\x01\x17\0\x02)\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìM\x04VE\0	\0\x05\0\x04\0\x04^[\0^[\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìMìˆE 
\0\x06\0\x04\0\x05\x01^[\0\x02)\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìMîÝE\0	\0\x05\0\x04\0\x04&\0&\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìMð†\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìNÖäE 
\0\x06\0\x04\0\x05\x01&\0\0)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìNØúE\0\a\0\x03\0\x04\0
&\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìNÚæ\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìOÁGE \a\0\x03\0\x04\0\v\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìOÃ7E\0	\0\x05\0\x04\0\x04)\0)\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìOÅI\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìP«£E 
\0\x06\0\x04\0\x05\x01)\0\x02)\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìP­ËE\0	\0\x05\0\x04\0\x04,\0,\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìP¯¦\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìQ–\bE 
\0\x06\0\x04\0\x05\x01,\0\x02)\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìQ˜'E\0	\0\x05\0\x04\0\x040\01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìQš\a\x13\x05\x01E\0\x01\0\0\0\0\x12\0\0\0\x12\0\0\0\x05\0\0\0\0\0â\BìR€gE \x0e\0
\0\x04\0\x05\x010\0\0)1\0\x02)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìR‚E\0\a\0\x03\0\x04\0
0\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìR„e\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìSjÃE \a\0\x03\0\x04\0\v\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìSl±E\0	\0\x05\0\x04\0\x044\05\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìSnË\x13\x05\x01E\0\x01\0\0\0\0\x12\0\0\0\x12\0\0\0\x05\0\0\0\0\0â\BìTU(E \x0e\0
\0\x04\0\x05\x014\0\0)5\0\x02)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìTWNE\0\a\0\x03\0\x04\0
4\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìTY%\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìU?ƒE \a\0\x03\0\x04\0\v\x01\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìUAuE\0	\0\x05\0\x04\0\x048\08\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìUC‰\x13\x05\x01E\0\x01\0\0\0\0\x0e\0\0\0\x0e\0\0\0\x05\0\0\0\0\0â\BìV)æE 
\0\x06\0\x04\0\x05\x018\0\0)\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìV,\0E\0\a\0\x03\0\x04\0
8\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìV-æ\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìW\x14CE \a\0\x03\0\x04\0\v\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìW\x18B\x13\x05\x01E\0\x01\0\0\0\0e\0\0\0eÿÿ\0\r\0\0\0\0\0â\BìW„\x18\x04\vbluetoothd\0Can't store services for private addressed device /org/bluez/hci0/dev_7D_49_E4_69_74_24\0\0\0\0d\0\0\0dÿÿ\0\r\0\0\0\0\0â\BìWí\x04\vbluetoothd\0Can't store GATT db for private addressed device /org/bluez/hci0/dev_7D_49_E4_69_74_24\0\0\0\0\r\0\0\0\r\0\0\0\x04\0\0\0\0\0â\BìW•æE\0	\0\x05\0\x04\0\x12	\0\x02\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìXsè\x13\x05\x01E\0\x01\0\0\0\0	\0\0\0	\0\0\0\x05\0\0\0\0\0â\BìXt\x19E \x05\0\x01\0\x04\0\x13\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìY\x01\aE\0\a\0\x03\0\x04\0
\x03\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìYÓ\x7f\x13\x05\x01E\0\x01\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\BìYÓ²E \v\0\a\0\x04\0\viPhone\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìYÙÛE\0\a\0\x03\0\x04\0
\x05\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\BìZ½Ý\x13\x05\x01E\0\x01\0\0\0\0\v\0\0\0\v\0\0\0\x05\0\0\0\0\0â\BìZ¾\x0eE \a\0\x03\0\x04\0\v@\0\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\BìZÄ9E\0\a\0\x03\0\x04\0
\x16\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì[¨9\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\Bì[¨dE 	\0\x05\0\x04\0\x01
\x16\0\x05\0\0\0
\0\0\0
\0\0\0\x04\0\0\0\0\0â\Bì[­¤E\0\x06\0\x02\0\x06\0\v	\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì\\x1dkE \v\0\a\0\x04\0\b\x01\0\x05\0\0*\0\0\0\x10\0\0\0\x10\0\0\0\x04\0\0\0\0\0â\Bì\":E\0\f\0\b\0\x04\0	\x06\x03\0Test\0\0\0\v\0\0\0\v\0\0\0\x04\0\0\0\0\0â\Bì\%`E\0\a\0\x03\0\x04\0
\x16\0\0\0\0\x0f\0\0\0\x0f\0\0\0\x05\0\0\0\0\0â\Bì\’‰E \v\0\a\0\x06\0\x01\x04\0	\x10\x03\x03\0\0\0\x0f\0\0\0\x0f\0\0\0\x04\0\0\0\0\0â\Bì\“
E\0\v\0\a\0\x06\0\x02\x03\0	\x10\x03\x01\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì\–Š\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì\žL\x13\x05\x01E\0\x01\0\0\0\0\r\0\0\0\r\0\0\0\x05\0\0\0\0\0â\Bì]\a¸E 	\0\x05\0\x04\0\x01
\x16\0\x05\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì]\v´\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bì]|ì\x13\x05\x01E\0\x01\0\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\Bí\x0fŽÕE ^[\0A\0\x06\0\fŒ"µSÓ:ŽŸÎŸìãæ\x1a\x04\x04³ÊèFAÁ\0\0\0\x1f\0\0\0\x1f\0\0\0\x05\0\0\0\0\0â\Bí\x0f’ÖE\x10^[\0Á…©çyíè\x1cÓ3ÓàqÃf¨{\x17……ú(?Ïýï \0\0\0\x13\0\0\0\x13\0\0\0\x05\0\0\0\0\0â\Bí\x0f’þE\x10\x0f\0&áßü]š`’/\x18½àEµ\0\0\0I\0\0\0I\0\0\0\x04\0\0\0\0\0â\Bí\x10\x1e‚E\0E\0A\0\x06\0\fD€Kôý¡³\fÒ›šn$	h¤\x01^[rnø“+^[çCfœE\x7f\x18ø)¥—¦¯ì¶ßrRÏØŠø¬=8ÂÜ\x01æá8³{\x03aõb¨Íx\0\0\0\x19\0\0\0\x19\0\0\0\x04\0\0\0\0\0â\Bí\x10\x1e±E\0\x15\0\x11\0\x06\0\x03o¢w1Wî\x0f0¾ÛâM¤Åû=\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bí\x10„ò\x13\x05\x01E\0\x01\0\0\0\0\a\0\0\0\a\0\0\0\x03\0\0\0\0\0â\Bí\x10îo\x13\x05\x01E\0\x01\0\0\0\0
\0\0\0
\0\0\0\x05\0\0\0\0\0â\Bí\x10î•E \x06\0\x02\0\x06\0\x05\b\0\0\0\x0e\0\0\0\x0e\0\0\0\x11\0\0\0\0\0â\Bí\x10îä\x02\0\0\0\x11\0$tiäI}\x02\x05\0\0\0\x0e\0\0\0\x0e\0\0\0\x11\0\0\0\0\0â\Bí\x10îä\x01\0\0\0\x11\0$tiäI}\x02\x05\0\0\0
\0\0\0
\0\0\0\x05\0\0\0\0\0â\Bí\x10î E \x06\0\x02\0\x06\0\x05\b\0\0\0\x06\0\0\0\x06\0\0\0\x02\0\0\0\0\0â\Bí\x10ï\x1e\x06\x04\x03E\0\x05\0\0\0\x06\0\0\0\x06\0\0\0\x03\0\0\0\0\0â\Bí\x11\x03Ó\x0f\x04\0\x01\x06\x04\0\0\0\x06\0\0\0\x06\0\0\0\x03\0\0\0\0\0â\Bí\x11ܳ\x05\x04\0E\0\x16\0\0\0\x0e\0\0\0\x0e\0\0\0\x11\0\0\0\0\0â\Bí\x11Ý\b\x02\0\0\0\f\0$tiäI}\x02\x02\0\0\0\x0e\0\0\0\x0e\0\0\0\x11\0\0\0\0\0â\Bí\x11Ý\b\x01\0\0\0\f\0$tiäI}\x02\x02\0\0\0\x12\0\0\0\x12\0\0\0\x02\0\0\0\0\0â\Bí\x1a¶á\x06 \x0f\0\b\0\b\0\0\0\0\0\0\0\0\0\a\0\0\0\0\x06\0\0\0\x06\0\0\0\x03\0\0\0\0\0â\Bí\x1aºY\x0e\x04\x01\x06 \0\0\0\0\x04\0\0\0\x04\0\0\0\x02\0\0\0\0\0â\Bí\x1aºÃ
 \x01\x01\0\0\0\x06\0\0\0\x06\0\0\0\x03\0\0\0\0\0â\Bí\x1aÂ\x19\x0e\x04\x01
 \0

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2019-01-03 20:19   ` Andrey Batyiev
@ 2019-01-07 22:37     ` Andrey Batyiev
  2019-01-18  9:43       ` Marcel Holtmann
  0 siblings, 1 reply; 8+ messages in thread
From: Andrey Batyiev @ 2019-01-07 22:37 UTC (permalink / raw)
  To: Marcel Holtmann; +Cc: linux-bluetooth

Hello Marcel,

> On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.

I found out that if I change "swap_digits" method in
"net/bluetooth/ecdh_helper.c" to

static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits)
{
int i;

for (i = 0; i < ndigits; i++)
        out[i] = in[ndigits - 1 - i];
}

then BLE pairing on big-endian become operational. I'm not sure what
proper fix should be: is it a problem with crypto API usage or a
problem with crypto itself?

Thanks,
   Andrey

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2019-01-07 22:37     ` Andrey Batyiev
@ 2019-01-18  9:43       ` Marcel Holtmann
  2019-01-18 13:51         ` Emil Lenngren
  0 siblings, 1 reply; 8+ messages in thread
From: Marcel Holtmann @ 2019-01-18  9:43 UTC (permalink / raw)
  To: Andrey Batyiev, Johan Hedberg; +Cc: linux-bluetooth

Hi Andrey,

>> On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
>> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.
> 
> I found out that if I change "swap_digits" method in
> "net/bluetooth/ecdh_helper.c" to
> 
> static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits)
> {
> int i;
> 
> for (i = 0; i < ndigits; i++)
>        out[i] = in[ndigits - 1 - i];
> }
> 
> then BLE pairing on big-endian become operational. I'm not sure what
> proper fix should be: is it a problem with crypto API usage or a
> problem with crypto itself?

if the kernel ECC and ECDH crypto already swaps for us, then we don’t need to do it again. So all the swap_digits most likely can be removed from net/bluetooth/.

Regards

Marcel


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2019-01-18  9:43       ` Marcel Holtmann
@ 2019-01-18 13:51         ` Emil Lenngren
  2019-01-21 14:53           ` Marcel Holtmann
  0 siblings, 1 reply; 8+ messages in thread
From: Emil Lenngren @ 2019-01-18 13:51 UTC (permalink / raw)
  To: Marcel Holtmann; +Cc: Andrey Batyiev, Johan Hedberg, Bluez mailing list

Hi,

Den fre 18 jan. 2019 kl 04:44 skrev Marcel Holtmann <marcel@holtmann.org>:
>
> Hi Andrey,
>
> >> On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
> >> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.
> >
> > I found out that if I change "swap_digits" method in
> > "net/bluetooth/ecdh_helper.c" to
> >
> > static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits)
> > {
> > int i;
> >
> > for (i = 0; i < ndigits; i++)
> >        out[i] = in[ndigits - 1 - i];
> > }
> >
> > then BLE pairing on big-endian become operational. I'm not sure what
> > proper fix should be: is it a problem with crypto API usage or a
> > problem with crypto itself?
>
> if the kernel ECC and ECDH crypto already swaps for us, then we don’t need to do it again. So all the swap_digits most likely can be removed from net/bluetooth/.
>
> Regards
>
> Marcel
>

The Bluetooth standard is a bit strange. It assumes the AES standard
is big endian (although it is really just defined on a byte level),
but since Bluetooth is little-endian everywhere, all AES 128-bit
values must be reversed when a standard AES library is used. In
particular, SMP reverses the AES values. So the swap_digits should be
kept.

/Emil

^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2019-01-18 13:51         ` Emil Lenngren
@ 2019-01-21 14:53           ` Marcel Holtmann
  2019-01-21 16:56             ` Emil Lenngren
  0 siblings, 1 reply; 8+ messages in thread
From: Marcel Holtmann @ 2019-01-21 14:53 UTC (permalink / raw)
  To: Emil Lenngren; +Cc: Andrey Batyiev, Johan Hedberg, Bluez mailing list

Hi Emil,

>>>> On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
>>>> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.
>>> 
>>> I found out that if I change "swap_digits" method in
>>> "net/bluetooth/ecdh_helper.c" to
>>> 
>>> static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits)
>>> {
>>> int i;
>>> 
>>> for (i = 0; i < ndigits; i++)
>>>       out[i] = in[ndigits - 1 - i];
>>> }
>>> 
>>> then BLE pairing on big-endian become operational. I'm not sure what
>>> proper fix should be: is it a problem with crypto API usage or a
>>> problem with crypto itself?
>> 
>> if the kernel ECC and ECDH crypto already swaps for us, then we don’t need to do it again. So all the swap_digits most likely can be removed from net/bluetooth/.
>> 
>> Regards
>> 
>> Marcel
>> 
> 
> The Bluetooth standard is a bit strange. It assumes the AES standard
> is big endian (although it is really just defined on a byte level),
> but since Bluetooth is little-endian everywhere, all AES 128-bit
> values must be reversed when a standard AES library is used. In
> particular, SMP reverses the AES values. So the swap_digits should be
> kept.

so you are saying just reversing is needed, but not swapping? But then this is no longer swap_digits, it is just a reverse. What do you want us to do in this case now?

Regards

Marcel


^ permalink raw reply	[flat|nested] 8+ messages in thread

* Re: Bluetooth ECDH selftest failed (endianness issue?)
  2019-01-21 14:53           ` Marcel Holtmann
@ 2019-01-21 16:56             ` Emil Lenngren
  0 siblings, 0 replies; 8+ messages in thread
From: Emil Lenngren @ 2019-01-21 16:56 UTC (permalink / raw)
  To: Marcel Holtmann; +Cc: Andrey Batyiev, Johan Hedberg, Bluez mailing list

Hi Andrey and Marcel,

Den mån 21 jan. 2019 kl 15:53 skrev Marcel Holtmann <marcel@holtmann.org>:
>
> Hi Emil,
>
> >>>> On Sat, Dec 29, 2018 at 9:35 AM Marcel Holtmann <marcel@holtmann.org> wrote:
> >>>> I think that our ECDH code was endian safe, but then it got changed at some point to use standard crypto and maybe something went wrong there. Can just provide the btmon -w trace.log for the SMP pairing so that I can have a look at the binary trace.
> >>>
> >>> I found out that if I change "swap_digits" method in
> >>> "net/bluetooth/ecdh_helper.c" to
> >>>
> >>> static inline void swap_digits(u64 *in, u64 *out, unsigned int ndigits)
> >>> {
> >>> int i;
> >>>
> >>> for (i = 0; i < ndigits; i++)
> >>>       out[i] = in[ndigits - 1 - i];
> >>> }
> >>>
> >>> then BLE pairing on big-endian become operational. I'm not sure what
> >>> proper fix should be: is it a problem with crypto API usage or a
> >>> problem with crypto itself?
> >>
> >> if the kernel ECC and ECDH crypto already swaps for us, then we don’t need to do it again. So all the swap_digits most likely can be removed from net/bluetooth/.
> >>
> >> Regards
> >>
> >> Marcel
> >>
> >
> > The Bluetooth standard is a bit strange. It assumes the AES standard
> > is big endian (although it is really just defined on a byte level),
> > but since Bluetooth is little-endian everywhere, all AES 128-bit
> > values must be reversed when a standard AES library is used. In
> > particular, SMP reverses the AES values. So the swap_digits should be
> > kept.
>
> so you are saying just reversing is needed, but not swapping? But then this is no longer swap_digits, it is just a reverse. What do you want us to do in this case now?

First, I was a bit too quick. This is not about AES but about
NIST-ECDH. Nevertheless, the kernel API seems to assume big endian
order of the values regardless of platform, per the NIST
specification.

By looking some more into the kernel ECDH code, the Bluetooth code is
not the buggy one. Instead the ECDH kernel code turns out to be wrong.
The function ecc_swap_digits in crypto/ecc.c looks like the following:

static inline void ecc_swap_digits(const u64 *in, u64 *out,
unsigned int ndigits)
{
    int i;
    for (i = 0; i < ndigits; i++)
        out[i] = __swab64(in[ndigits - 1 - i]);
}

It is basically used to load a pointer-casted byte buffer into an
internal little endian representation of u64 values and vice versa. So
it works on little endian platforms but will fail on big endian
platforms. Applying your patch here is the correct thing to do, and
not in the Bluetooth code. But instead of using no swap for big endian
and __swab64 for little endian platforms, simply use the be64_to_cpu
helper.

/Emil

^ permalink raw reply	[flat|nested] 8+ messages in thread

end of thread, back to index

Thread overview: 8+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-27  3:21 Bluetooth ECDH selftest failed (endianness issue?) Andrey Batyiev
2018-12-29  7:35 ` Marcel Holtmann
2019-01-03 20:19   ` Andrey Batyiev
2019-01-07 22:37     ` Andrey Batyiev
2019-01-18  9:43       ` Marcel Holtmann
2019-01-18 13:51         ` Emil Lenngren
2019-01-21 14:53           ` Marcel Holtmann
2019-01-21 16:56             ` Emil Lenngren

Linux-Bluetooth Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-bluetooth/0 linux-bluetooth/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-bluetooth linux-bluetooth/ https://lore.kernel.org/linux-bluetooth \
		linux-bluetooth@vger.kernel.org linux-bluetooth@archiver.kernel.org
	public-inbox-index linux-bluetooth


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-bluetooth


AGPL code for this site: git clone https://public-inbox.org/ public-inbox