Bluetooth: Add support for handling P-256 derived link keys
Before being able to enable Secure Connections support, the core needs to know on how to handle P-256 derived link keys. The difference between authenticated and unauthenticated P-256 derived link keys is the same as its P-192 counter parts. Signed-off-by: Marcel Holtmann <marcel@holtmann.org> Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>wifi-calibration
parent
11015c7903
commit
66138ce8e5
|
@ -802,12 +802,14 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
|
||||||
|
|
||||||
/* An authenticated combination key has sufficient security for any
|
/* An authenticated combination key has sufficient security for any
|
||||||
security level. */
|
security level. */
|
||||||
if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192)
|
if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
|
||||||
|
conn->key_type == HCI_LK_AUTH_COMBINATION_P256)
|
||||||
goto encrypt;
|
goto encrypt;
|
||||||
|
|
||||||
/* An unauthenticated combination key has sufficient security for
|
/* An unauthenticated combination key has sufficient security for
|
||||||
security level 1 and 2. */
|
security level 1 and 2. */
|
||||||
if (conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 &&
|
if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
|
||||||
|
conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
|
||||||
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
|
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
|
||||||
goto encrypt;
|
goto encrypt;
|
||||||
|
|
||||||
|
|
|
@ -2633,7 +2633,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
|
||||||
|
|
||||||
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
|
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
|
||||||
if (conn) {
|
if (conn) {
|
||||||
if (key->type == HCI_LK_UNAUTH_COMBINATION_P192 &&
|
if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 ||
|
||||||
|
key->type == HCI_LK_UNAUTH_COMBINATION_P256) &&
|
||||||
conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
|
conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
|
||||||
BT_DBG("%s ignoring unauthenticated key", hdev->name);
|
BT_DBG("%s ignoring unauthenticated key", hdev->name);
|
||||||
goto not_found;
|
goto not_found;
|
||||||
|
|
Loading…
Reference in New Issue