Bluetooth: Add support for handling P-256 derived link keys
authorMarcel Holtmann <marcel@holtmann.org>
Fri, 10 Jan 2014 10:07:20 +0000 (02:07 -0800)
committerJohan Hedberg <johan.hedberg@intel.com>
Thu, 13 Feb 2014 07:51:32 +0000 (09:51 +0200)
Before being able to enable Secure Connections support, the core needs
to know on how to handle P-256 derived link keys. The difference between
authenticated and unauthenticated P-256 derived link keys is the same as
its P-192 counter parts.

Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
net/bluetooth/hci_conn.c
net/bluetooth/hci_event.c

index 251f22e32fbfb5ede7e3d2f7c1974a1e5c51eb38..cf96b3438a91b1c4d5efc1cd03b353d711ace9e8 100644 (file)
@@ -802,12 +802,14 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type)
 
        /* An authenticated combination key has sufficient security for any
           security level. */
-       if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192)
+       if (conn->key_type == HCI_LK_AUTH_COMBINATION_P192 ||
+           conn->key_type == HCI_LK_AUTH_COMBINATION_P256)
                goto encrypt;
 
        /* An unauthenticated combination key has sufficient security for
           security level 1 and 2. */
-       if (conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 &&
+       if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 ||
+            conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) &&
            (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW))
                goto encrypt;
 
index defa1252b534ba4a5cc03c05f30a0a1f674d22d5..b3c5396e0c1b44785f273a48c388d3baaf7bce77 100644 (file)
@@ -2633,7 +2633,8 @@ static void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff *skb)
 
        conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
        if (conn) {
-               if (key->type == HCI_LK_UNAUTH_COMBINATION_P192 &&
+               if ((key->type == HCI_LK_UNAUTH_COMBINATION_P192 ||
+                    key->type == HCI_LK_UNAUTH_COMBINATION_P256) &&
                    conn->auth_type != 0xff && (conn->auth_type & 0x01)) {
                        BT_DBG("%s ignoring unauthenticated key", hdev->name);
                        goto not_found;