Linux bluetooth development
 help / color / mirror / Atom feed
From: Bastien Nocera <hadess@hadess.net>
To: Waldemar.Rymarkiewicz@tieto.com
Cc: linux-bluetooth@vger.kernel.org,
	par-gunnar.p.hjalmdahl@stericsson.com,
	joakim.xj.ceder@stericsson.com, johan.hedberg@gmail.com,
	arunkr.singh@stericsson.com
Subject: RE: [PATCH] BT_SECURITY_HIGH requires 16 digit pin code
Date: Fri, 27 Aug 2010 13:32:35 +0100	[thread overview]
Message-ID: <1282912355.835.40.camel@localhost.localdomain> (raw)
In-Reply-To: <99B09243E1A5DA4898CDD8B7001114480976E15A2C@EXMB04.eu.tieto.com>

On Fri, 2010-08-27 at 15:26 +0300, Waldemar.Rymarkiewicz@tieto.com
wrote:
> Hi,
> 
> >-----Original Message-----
> >From: Bastien Nocera [mailto:hadess@hadess.net] 
> >Sent: Friday, August 27, 2010 2:12 PM
> >To: Rymarkiewicz Waldemar
> >Cc: linux-bluetooth@vger.kernel.org; 
> >par-gunnar.p.hjalmdahl@stericsson.com; 
> >joakim.xj.ceder@stericsson.com; johan.hedberg@gmail.com
> >Subject: Re: [PATCH] BT_SECURITY_HIGH requires 16 digit pin code
> >
> >On Fri, 2010-08-27 at 13:45 +0200, Waldemar Rymarkiewicz wrote:
> >> The security level BT_SECURITY_HIGH expects secure connection and a 
> >> minimum 16 digit pin code used for bonding. It's requitred 
> >by the Sim 
> >> Access Profile.
> >
> >How is user-space (meaning the pairing agent) supposed to handle that?
> >I'd need to make changes to gnome-bluetooth to use longer PIN 
> >codes for the maximum security.
> >
> >Cheers
> >
> 
> I assume that user will know that the 16 digit pin is requred, so
> should be enough to let the user type 16 digit in an agent I guess.
> Usually a service that requires high security will generate right pin
> code.

How would they know? Pairing the device isn't connecting to the
service... Furthermore, gnome-bluetooth's wizard takes a lot of care
generating pin codes for the user by default, so we'd need to know that
a 16 digit pin code is required.

Supporting 16 digits pin code would probably require interface changes.

And I was under the impression that the PIN code's length didn't come
into account for the creation of the encryption, just for the initial
challenge-response needed to verify the device is who it says it is.

> Originaly the high security level was planned to require max pin code
> lenght as I know.




  reply	other threads:[~2010-08-27 12:32 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-08-27 11:45 [PATCH] BT_SECURITY_HIGH requires 16 digit pin code Waldemar Rymarkiewicz
2010-08-27 12:12 ` Bastien Nocera
2010-08-27 12:26   ` Waldemar.Rymarkiewicz
2010-08-27 12:32     ` Bastien Nocera [this message]
2010-08-27 12:45     ` Johan Hedberg
2010-08-27 13:32       ` Waldemar.Rymarkiewicz
2010-08-27 20:11         ` Johan Hedberg
2010-09-02 13:27       ` Waldemar.Rymarkiewicz
2010-09-02 13:51         ` Johan Hedberg
2010-09-02 15:30           ` Waldemar.Rymarkiewicz
2010-09-07  8:57           ` Waldemar.Rymarkiewicz

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1282912355.835.40.camel@localhost.localdomain \
    --to=hadess@hadess.net \
    --cc=Waldemar.Rymarkiewicz@tieto.com \
    --cc=arunkr.singh@stericsson.com \
    --cc=joakim.xj.ceder@stericsson.com \
    --cc=johan.hedberg@gmail.com \
    --cc=linux-bluetooth@vger.kernel.org \
    --cc=par-gunnar.p.hjalmdahl@stericsson.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox