From: Marcel Holtmann <marcel@holtmann.org>
To: Alain Michaud <alainmichaud@google.com>
Cc: Alain Michaud <alainm@chromium.org>,
Marcel Holtmann <marcel.holtmann@intel.com>,
BlueZ <linux-bluetooth@vger.kernel.org>
Subject: Re: [PATCH v2] bluetooth: Enforce classic key size verification.
Date: Wed, 25 Mar 2020 19:19:02 +0100 [thread overview]
Message-ID: <D1D08F4A-9FAE-4E68-B005-E2573E42D1D8@holtmann.org> (raw)
In-Reply-To: <1AFDC1E2-8875-4EFC-8A75-DAB89DA9FFB5@holtmann.org>
Hi Alain,
>> I suspect we'd want bluetoothd to have a configuration that can enforce a more secure posture.
>>
>> Unfortunately when the command isn't supported, the platform is left between a rock and hard place... There isn't much we can do but to block the use of Bluetooth if the platform requires a more secure posture.
>
> so if the BR/EDR part is not up to the policy that the host requires, we could still configure the LE part. BlueZ is set up in this way that you can run a dual-mode controller as just a LE controller.
>
> I would also opt for the kernel just tells us what options it have. Then at least we can provide some feedback to the end-user on why Bluetooth is not available or why only selected features are available.
what about something like this:
+Read Security Features Command
+==============================
+
+ Command Code: 0x0048
+ Controller Index: <controller id>
+ Command Parameters:
+ Return Parameters: Security_Data_Length (2 Octets)
+ Security_Data (0-65535 Octets)
+
+ This command is used to retrieve the supported security features
+ by the controller or the kernel.
+
+ The Security_Data_Length and Security_Data parameters provide
+ a list of security settings, features and information. It uses
+ the same format as EIR_Data, but with the namespace defined here.
+
+ Data Type Name
+ --------------------
+ 0x01 Flags
+ 0x02 Max Encryption Key Size (BR/EDR)
+ 0x03 Max Encryption Key Size (LE)
+ 0x04 Encryption Key Size enforcement (BR/EDR)
+ 0x05 Encryption Key Size enforcement (LE)
+ 0x06 ECDH Public Key validation (BR/EDR)
+ 0x07 ECDH Public Key validation (LE)
+
+
+ Max Encryption Key Size (BR/EDR and LE)
+
+ When the field is present, then it provides 1 Octet value
+ indicating the max encryption key size. If the field is not
+ present, then it is unknown what the max encryption key
+ size of the controller or host is in use.
+
+ Encryption Key Size Enforcement (BR/EDR and LE)
+
+ When the field is present, then it provides 1 Octet value
+ indicating the min encryption key size that is enforced by
+ the controller or host. If the field is not present, then
+ it is unknown what the controller or host are enforcing.
+
+ ECDH Public Key validation (BR/EDR and LE)
+
+ When the field is present, then it provides 1 Octet value
+ indicating if public key validation is in use (0x01) or not
+ available (0x00). If the field is not present, then it is
+ unknown if the controller or host are validating public keys.
+
+ This command generates a Command Complete event on success or
+ a Command Status event on failure.
+
+ Possible errors: Invalid Parameters
+ Invalid Index
Maybe this is overkill, but it would give us some flexible way of having the kernel tell us what is supported. Then bluetoothd can decide to power a controller or parts of a controller.
Regards
Marcel
next prev parent reply other threads:[~2020-03-25 18:19 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-20 13:37 [PATCH v2] bluetooth: Enforce classic key size verification Alain Michaud
2020-03-20 13:41 ` Alain Michaud
2020-03-22 8:17 ` Marcel Holtmann
2020-03-24 15:17 ` Alain Michaud
2020-03-24 18:33 ` Marcel Holtmann
2020-03-24 19:29 ` Alain Michaud
2020-03-25 8:37 ` Marcel Holtmann
[not found] ` <CALWDO_XjO9=2Y_W-uAXxb+myh1nLvF7_CxrprtLZ=pAj-FrVaQ@mail.gmail.com>
2020-03-25 14:43 ` Marcel Holtmann
2020-03-25 18:19 ` Marcel Holtmann [this message]
2020-03-25 18:20 ` Alain Michaud
2020-03-22 8:08 ` Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=D1D08F4A-9FAE-4E68-B005-E2573E42D1D8@holtmann.org \
--to=marcel@holtmann.org \
--cc=alainm@chromium.org \
--cc=alainmichaud@google.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=marcel.holtmann@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).