Commit 66138ce8 authored by Marcel Holtmann's avatar Marcel Holtmann Committed by Johan Hedberg

Bluetooth: Add support for handling P-256 derived link keys

Before being able to enable Secure Connections support, the core needs
to know on how to handle P-256 derived link keys. The difference between
authenticated and unauthenticated P-256 derived link keys is the same as
its P-192 counter parts.
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
parent 11015c79
...@@ -802,12 +802,14 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type) ...@@ -802,12 +802,14 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
/* An authenticated combination key has sufficient security for any /* An authenticated combination key has sufficient security for any
security level. */ security level. */
if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192) if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
conn->key_type == HCI_LK_AUTH_COMBINATION_P256)
goto encrypt; goto encrypt;
/* An unauthenticated combination key has sufficient security for /* An unauthenticated combination key has sufficient security for
security level 1 and 2. */ security level 1 and 2. */
if (conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 && if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
(sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW)) (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
goto encrypt; goto encrypt;
......
...@@ -2633,7 +2633,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb) ...@@ -2633,7 +2633,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
if (conn) { if (conn) {
if (key->type == HCI_LK_UNAUTH_COMBINATION_P192 && if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 ||
key->type == HCI_LK_UNAUTH_COMBINATION_P256) &&
conn->auth_type != 0xff && (conn->auth_type & 0x01)) { conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
BT_DBG("%s ignoring unauthenticated key", hdev->name); BT_DBG("%s ignoring unauthenticated key", hdev->name);
goto not_found; goto not_found;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment