Message ID | 20200513081853.362-1-lukasz.rymanowski@codecoup.pl (mailing list archive) |
---|---|
State | Accepted |
Delegated to: | Marcel Holtmann |
Headers | show |
Series | bluetooth/smp: Fix for GAP/SEC/SEM/BI-10-C | expand |
Hi Lukasz, > Security Mode 1 level 4, force us to use have key size 16 octects long. > This patch adds check for that. > > This is required for the qualification test GAP/SEC/SEM/BI-10-C > > Logs from test when ATT is configured with sec level BT_SECURITY_FIPS > > < ACL Data TX: Handle 3585 flags 0x00 dlen 11 #28 [hci0] 3.785965 > SMP: Pairing Request (0x01) len 6 > IO capability: DisplayYesNo (0x01) > OOB data: Authentication data not present (0x00) > Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d) > Max encryption key size: 16 > Initiator key distribution: EncKey Sign (0x05) > Responder key distribution: EncKey IdKey Sign (0x07) >> ACL Data RX: Handle 3585 flags 0x02 dlen 11 #35 [hci0] 3.883020 > SMP: Pairing Response (0x02) len 6 > IO capability: DisplayYesNo (0x01) > OOB data: Authentication data not present (0x00) > Authentication requirement: Bonding, MITM, SC, No Keypresses (0x0d) > Max encryption key size: 7 > Initiator key distribution: EncKey Sign (0x05) > Responder key distribution: EncKey IdKey Sign (0x07) > < ACL Data TX: Handle 3585 flags 0x00 dlen 6 #36 [hci0] 3.883136 > SMP: Pairing Failed (0x05) len 1 > Reason: Encryption key size (0x06) > > Signed-off-by: Łukasz Rymanowski <lukasz.rymanowski@codecoup.pl> > --- > net/bluetooth/smp.c | 4 ++++ > 1 file changed, 4 insertions(+) patch has been applied to bluetooth-next tree. Regards Marcel
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c index 5510017cf9ff..b9f5f74cd4a7 100644 --- a/net/bluetooth/smp.c +++ b/net/bluetooth/smp.c @@ -730,6 +730,10 @@ static u8 check_enc_key_size(struct l2cap_conn *conn, __u8 max_key_size) struct hci_dev *hdev = conn->hcon->hdev; struct smp_chan *smp = chan->data; + if (conn->hcon->pending_sec_level == BT_SECURITY_FIPS && + max_key_size != SMP_MAX_ENC_KEY_SIZE) + return SMP_ENC_KEY_SIZE; + if (max_key_size > hdev->le_max_key_size || max_key_size < SMP_MIN_ENC_KEY_SIZE) return SMP_ENC_KEY_SIZE;