From: Szymon Janc <szymon.janc@codecoup.pl>
To: linux-bluetooth@vger.kernel.org
Subject: Re: [PATCH v2] Add support for requiring min key size for access GATT characteristics
Date: Tue, 20 Mar 2018 10:54:34 +0100 [thread overview]
Message-ID: <1750602.IAkq0TOekg@ix> (raw)
In-Reply-To: <20180320093503.23828-1-szymon.janc@codecoup.pl>
On Tuesday, 20 March 2018 10:35:03 CET Szymon Janc wrote:
> This allows to configure bluetoothd to require minimum encryption key
> size when accessing GATT server characteristics. It is a global
> configuration option affecting whole GATT database.
> ---
> peripheral/gatt.c | 2 +-
> src/adapter.c | 45 ++++++++++++++++++++++++++++++++-------------
> src/device.c | 15 +++++++++++++--
> src/device.h | 1 +
> src/hcid.h | 2 ++
> src/main.c | 10 ++++++++++
> src/main.conf | 5 +++++
> src/shared/att.c | 22 +++++++++++++++++++---
> src/shared/att.h | 3 ++-
> src/shared/gatt-client.c | 4 ++--
> src/shared/gatt-server.c | 36 ++++++++++++++++++++++++++++--------
> src/shared/gatt-server.h | 3 ++-
> tools/btgatt-server.c | 2 +-
> unit/test-gatt.c | 2 +-
> 14 files changed, 119 insertions(+), 33 deletions(-)
>
> diff --git a/peripheral/gatt.c b/peripheral/gatt.c
> index 5ae19a8e5..08541c424 100644
> --- a/peripheral/gatt.c
> +++ b/peripheral/gatt.c
> @@ -128,7 +128,7 @@ static struct gatt_conn *gatt_conn_new(int fd)
>
> bt_att_set_security(conn->att, BT_SECURITY_MEDIUM);
>
> - conn->gatt = bt_gatt_server_new(gatt_db, conn->att, mtu);
> + conn->gatt = bt_gatt_server_new(gatt_db, conn->att, mtu, 0);
> if (!conn->gatt) {
> fprintf(stderr, "Failed to create GATT server\n");
> bt_att_unref(conn->att);
> diff --git a/src/adapter.c b/src/adapter.c
> index 6d7d61504..6b9222bcf 100644
> --- a/src/adapter.c
> +++ b/src/adapter.c
> @@ -3441,25 +3441,27 @@ failed:
> return ltk;
> }
>
> -static GSList *get_ltk_info(GKeyFile *key_file, const char *peer,
> +static struct smp_ltk_info *get_ltk_info(GKeyFile *key_file, const char
> *peer, + uint8_t bdaddr_type)
> +{
> + DBG("%s", peer);
> +
> + return get_ltk(key_file, peer, bdaddr_type, "LongTermKey");
> +}
> +
> +static struct smp_ltk_info *get_slave_ltk_info(GKeyFile *key_file,
> + const char *peer,
> uint8_t bdaddr_type)
> {
> struct smp_ltk_info *ltk;
> - GSList *l = NULL;
>
> DBG("%s", peer);
>
> - ltk = get_ltk(key_file, peer, bdaddr_type, "LongTermKey");
> - if (ltk)
> - l = g_slist_append(l, ltk);
> -
> ltk = get_ltk(key_file, peer, bdaddr_type, "SlaveLongTermKey");
> - if (ltk) {
> + if (ltk)
> ltk->master = false;
> - l = g_slist_append(l, ltk);
> - }
>
> - return l;
> + return ltk;
> }
>
> static struct irk_info *get_irk_info(GKeyFile *key_file, const char *peer,
> @@ -4019,7 +4021,9 @@ static void load_devices(struct btd_adapter *adapter)
> char filename[PATH_MAX];
> GKeyFile *key_file;
> struct link_key_info *key_info;
> - GSList *list, *ltk_info;
> + struct smp_ltk_info *ltk_info;
> + struct smp_ltk_info *slave_ltk_info;
> + GSList *list;
> struct irk_info *irk_info;
> struct conn_param *param;
> uint8_t bdaddr_type;
> @@ -4044,7 +4048,13 @@ static void load_devices(struct btd_adapter *adapter)
> bdaddr_type = get_le_addr_type(key_file);
>
> ltk_info = get_ltk_info(key_file, entry->d_name, bdaddr_type);
> - ltks = g_slist_concat(ltks, ltk_info);
> + if (ltk_info)
> + ltks = g_slist_append(ltks, ltk_info);
> +
> + slave_ltk_info = get_slave_ltk_info(key_file, entry->d_name,
> + bdaddr_type);
> + if (slave_ltk_info)
> + ltks = g_slist_append(ltks, slave_ltk_info);
>
> irk_info = get_irk_info(key_file, entry->d_name, bdaddr_type);
> if (irk_info)
> @@ -4079,9 +4089,16 @@ device_exist:
> device_set_bonded(device, BDADDR_BREDR);
> }
>
> - if (ltk_info) {
> + if (ltk_info || slave_ltk_info) {
> device_set_paired(device, bdaddr_type);
> device_set_bonded(device, bdaddr_type);
> +
> + if (ltk_info)
> + device_set_ltk_enc_size(device,
> + ltk_info->enc_size);
> + else if (slave_ltk_info)
> + device_set_ltk_enc_size(device,
> + slave_ltk_info->enc_size);
> }
>
> free:
> @@ -7464,6 +7481,8 @@ static void new_long_term_key_callback(uint16_t index,
> uint16_t length, device_set_bonded(device, addr->type);
> }
>
> + device_set_ltk_enc_size(device, ev->key.enc_size);
> +
> bonding_complete(adapter, &addr->bdaddr, addr->type, 0);
> }
>
> diff --git a/src/device.c b/src/device.c
> index 7c7196ca1..f3c5e7925 100644
> --- a/src/device.c
> +++ b/src/device.c
> @@ -243,6 +243,7 @@ struct btd_device {
>
> struct csrk_info *local_csrk;
> struct csrk_info *remote_csrk;
> + uint8_t ltk_enc_size;
>
> sdp_list_t *tmp_records;
>
> @@ -1460,6 +1461,12 @@ bool device_is_disconnecting(struct btd_device
> *device) return device->disconn_timer > 0;
> }
>
> +void device_set_ltk_enc_size(struct btd_device *device, uint8_t enc_size)
> +{
> + device->ltk_enc_size = enc_size;
> + bt_att_set_enc_key_size(device->att, device->ltk_enc_size);
> +}
> +
> static void device_set_auto_connect(struct btd_device *device, gboolean
> enable) {
> char addr[18];
> @@ -4834,10 +4841,14 @@ static void gatt_server_init(struct btd_device
> *device, struct gatt_db *db)
>
> gatt_server_cleanup(device);
>
> - device->server = bt_gatt_server_new(db, device->att, device->att_mtu);
> - if (!device->server)
> + device->server = bt_gatt_server_new(db, device->att, device->att_mtu,
> + main_opts.min_enc_key_size);
> + if (!device->server) {
> error("Failed to initialize bt_gatt_server");
> + return;
> + }
>
> + bt_att_set_enc_key_size(device->att, device->ltk_enc_size);
> bt_gatt_server_set_debug(device->server, gatt_debug, NULL, NULL);
> }
>
> diff --git a/src/device.h b/src/device.h
> index bc046f780..306c813fc 100644
> --- a/src/device.h
> +++ b/src/device.h
> @@ -130,6 +130,7 @@ void device_add_connection(struct btd_device *dev,
> uint8_t bdaddr_type); void device_remove_connection(struct btd_device
> *device, uint8_t bdaddr_type); void device_request_disconnect(struct
> btd_device *device, DBusMessage *msg); bool device_is_disconnecting(struct
> btd_device *device);
> +void device_set_ltk_enc_size(struct btd_device *device, uint8_t enc_size);
>
> typedef void (*disconnect_watch) (struct btd_device *device, gboolean
> removal, void *user_data);
> diff --git a/src/hcid.h b/src/hcid.h
> index 62e2bd606..2c2b89d9c 100644
> --- a/src/hcid.h
> +++ b/src/hcid.h
> @@ -54,6 +54,8 @@ struct main_opts {
>
> bt_mode_t mode;
> bt_gatt_cache_t gatt_cache;
> +
> + uint8_t min_enc_key_size;
> };
>
> extern struct main_opts main_opts;
> diff --git a/src/main.c b/src/main.c
> index 21f0b14a4..29a78e64c 100644
> --- a/src/main.c
> +++ b/src/main.c
> @@ -407,6 +407,16 @@ static void parse_config(GKeyFile *config)
>
> main_opts.gatt_cache = parse_gatt_cache(str);
>
> + val = g_key_file_get_integer(config, "GATT",
> + "MinEncKeySize", &err);
> + if (err) {
> + DBG("%s", err->message);
> + g_clear_error(&err);
> + } else {
> + DBG("min_enc_key_size=%d", val);
> + main_opts.min_enc_key_size = val;
> + }
> +
> g_free(str);
> }
>
> diff --git a/src/main.conf b/src/main.conf
> index 21986b386..cbae32ec5 100644
> --- a/src/main.conf
> +++ b/src/main.conf
> @@ -77,6 +77,11 @@
> # Default: always
> #Cache = always
>
> +# Minimum required Encryption Key Size for accessing secured
> characteristics. +# Possible values: 0 and 7-16. 0 means don't care.
> +# Defaults to 0
> +# MinEncKeySize = 0
> +
> [Policy]
> #
> # The ReconnectUUIDs defines the set of remote services that should try
> diff --git a/src/shared/att.c b/src/shared/att.c
> index 0aab246d6..8bf3f4611 100644
> --- a/src/shared/att.c
> +++ b/src/shared/att.c
> @@ -55,6 +55,7 @@ struct bt_att {
> struct io *io;
> bool io_on_l2cap;
> int io_sec_level; /* Only used for non-L2CAP */
> + uint8_t enc_size;
>
> struct queue *req_queue; /* Queued ATT protocol requests */
> struct att_send_op *pending_req;
> @@ -602,7 +603,7 @@ static bool change_security(struct bt_att *att, uint8_t
> ecode) if (att->io_sec_level != BT_ATT_SECURITY_AUTO)
> return false;
>
> - security = bt_att_get_security(att);
> + security = bt_att_get_security(att, NULL);
>
> if (ecode == BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION &&
> security < BT_ATT_SECURITY_MEDIUM) {
> @@ -1454,7 +1455,7 @@ bool bt_att_unregister_all(struct bt_att *att)
> return true;
> }
>
> -int bt_att_get_security(struct bt_att *att)
> +int bt_att_get_security(struct bt_att *att, uint8_t *enc_size)
> {
> struct bt_security sec;
> socklen_t len;
> @@ -1462,14 +1463,21 @@ int bt_att_get_security(struct bt_att *att)
> if (!att)
> return -EINVAL;
>
> - if (!att->io_on_l2cap)
> + if (!att->io_on_l2cap) {
> + if (enc_size)
> + *enc_size = att->enc_size;
> +
> return att->io_sec_level;
> + }
>
> memset(&sec, 0, sizeof(sec));
> len = sizeof(sec);
> if (getsockopt(att->fd, SOL_BLUETOOTH, BT_SECURITY, &sec, &len) < 0)
> return -EIO;
>
> + if (enc_size)
> + *enc_size = att->enc_size;
> +
> return sec.level;
> }
>
> @@ -1496,6 +1504,14 @@ bool bt_att_set_security(struct bt_att *att, int
> level) return true;
> }
>
> +void bt_att_set_enc_key_size(struct bt_att *att, uint8_t enc_size)
> +{
> + if (!att)
> + return;
> +
> + att->enc_size = enc_size;
> +}
> +
> static bool sign_set_key(struct sign_info **sign, uint8_t key[16],
> bt_att_counter_func_t func, void *user_data)
> {
> diff --git a/src/shared/att.h b/src/shared/att.h
> index 7bffee7d6..49d93269b 100644
> --- a/src/shared/att.h
> +++ b/src/shared/att.h
> @@ -84,8 +84,9 @@ bool bt_att_unregister_disconnect(struct bt_att *att,
> unsigned int id);
>
> bool bt_att_unregister_all(struct bt_att *att);
>
> -int bt_att_get_security(struct bt_att *att);
> +int bt_att_get_security(struct bt_att *att, uint8_t *enc_size);
> bool bt_att_set_security(struct bt_att *att, int level);
> +void bt_att_set_enc_key_size(struct bt_att *att, uint8_t enc_size);
>
> bool bt_att_set_local_key(struct bt_att *att, uint8_t sign_key[16],
> bt_att_counter_func_t func, void *user_data);
> diff --git a/src/shared/gatt-client.c b/src/shared/gatt-client.c
> index e1d489d32..a5c7b1485 100644
> --- a/src/shared/gatt-client.c
> +++ b/src/shared/gatt-client.c
> @@ -2466,7 +2466,7 @@ unsigned int bt_gatt_client_write_without_response(
>
> /* Only use signed write if unencrypted */
> if (signed_write) {
> - security = bt_att_get_security(client->att);
> + security = bt_att_get_security(client->att, NULL);
> op = security > BT_SECURITY_LOW ? BT_ATT_OP_WRITE_CMD :
> BT_ATT_OP_SIGNED_WRITE_CMD;
> } else
> @@ -3182,5 +3182,5 @@ int bt_gatt_client_get_security(struct bt_gatt_client
> *client) if (!client)
> return -1;
>
> - return bt_att_get_security(client->att);
> + return bt_att_get_security(client->att, NULL);
> }
> diff --git a/src/shared/gatt-server.c b/src/shared/gatt-server.c
> index faa56abeb..f6c98e277 100644
> --- a/src/shared/gatt-server.c
> +++ b/src/shared/gatt-server.c
> @@ -103,6 +103,8 @@ struct bt_gatt_server {
> unsigned int prep_write_id;
> unsigned int exec_write_id;
>
> + uint8_t min_enc_size;
> +
> struct queue *prep_queue;
> unsigned int max_prep_queue_len;
>
> @@ -382,6 +384,7 @@ done:
> static uint8_t check_permissions(struct bt_gatt_server *server,
> struct gatt_db_attribute *attr, uint32_t mask)
> {
> + uint8_t enc_size;
> uint32_t perm;
> int security;
>
> @@ -397,15 +400,30 @@ static uint8_t check_permissions(struct bt_gatt_server
> *server, if (!perm)
> return 0;
>
> - security = bt_att_get_security(server->att);
> - if (perm & BT_ATT_PERM_SECURE && security < BT_ATT_SECURITY_FIPS)
> - return BT_ATT_ERROR_AUTHENTICATION;
> + security = bt_att_get_security(server->att, &enc_size);
> + if (perm & BT_ATT_PERM_SECURE) {
> + if (security < BT_ATT_SECURITY_FIPS)
> + return BT_ATT_ERROR_AUTHENTICATION;
> +
> + if (server->min_enc_size && server->min_enc_size > enc_size)
> + return BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION_KEY_SIZE;
> + }
>
> - if (perm & BT_ATT_PERM_AUTHEN && security < BT_ATT_SECURITY_HIGH)
> - return BT_ATT_ERROR_AUTHENTICATION;
> + if (perm & BT_ATT_PERM_AUTHEN) {
> + if (security < BT_ATT_SECURITY_HIGH)
> + return BT_ATT_ERROR_AUTHENTICATION;
>
> - if (perm & BT_ATT_PERM_ENCRYPT && security < BT_ATT_SECURITY_MEDIUM)
> - return BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION;
> + if (server->min_enc_size && server->min_enc_size > enc_size)
> + return BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION_KEY_SIZE;
> + }
> +
> + if (perm & BT_ATT_PERM_ENCRYPT) {
> + if (security < BT_ATT_SECURITY_MEDIUM)
> + return BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION;
> +
> + if (server->min_enc_size && server->min_enc_size > enc_size)
> + return BT_ATT_ERROR_INSUFFICIENT_ENCRYPTION_KEY_SIZE;
> + }
>
> return 0;
> }
> @@ -1481,7 +1499,8 @@ static bool gatt_server_register_att_handlers(struct
> bt_gatt_server *server) }
>
> struct bt_gatt_server *bt_gatt_server_new(struct gatt_db *db,
> - struct bt_att *att, uint16_t mtu)
> + struct bt_att *att, uint16_t mtu,
> + uint8_t min_enc_size)
> {
> struct bt_gatt_server *server;
>
> @@ -1494,6 +1513,7 @@ struct bt_gatt_server *bt_gatt_server_new(struct
> gatt_db *db, server->mtu = MAX(mtu, BT_ATT_DEFAULT_LE_MTU);
> server->max_prep_queue_len = DEFAULT_MAX_PREP_QUEUE_LEN;
> server->prep_queue = queue_new();
> + server->min_enc_size = min_enc_size;
>
> if (!gatt_server_register_att_handlers(server)) {
> bt_gatt_server_free(server);
> diff --git a/src/shared/gatt-server.h b/src/shared/gatt-server.h
> index 74a6c721e..d5d209350 100644
> --- a/src/shared/gatt-server.h
> +++ b/src/shared/gatt-server.h
> @@ -26,7 +26,8 @@
> struct bt_gatt_server;
>
> struct bt_gatt_server *bt_gatt_server_new(struct gatt_db *db,
> - struct bt_att *att, uint16_t mtu);
> + struct bt_att *att, uint16_t mtu,
> + uint8_t min_enc_size);
> uint16_t bt_gatt_server_get_mtu(struct bt_gatt_server *server);
>
> struct bt_gatt_server *bt_gatt_server_ref(struct bt_gatt_server *server);
> diff --git a/tools/btgatt-server.c b/tools/btgatt-server.c
> index fadaff2ad..89812bd75 100644
> --- a/tools/btgatt-server.c
> +++ b/tools/btgatt-server.c
> @@ -583,7 +583,7 @@ static struct server *server_create(int fd, uint16_t
> mtu, bool hr_visible) goto fail;
> }
>
> - server->gatt = bt_gatt_server_new(server->db, server->att, mtu);
> + server->gatt = bt_gatt_server_new(server->db, server->att, mtu, 0);
> if (!server->gatt) {
> fprintf(stderr, "Failed to create GATT server\n");
> goto fail;
> diff --git a/unit/test-gatt.c b/unit/test-gatt.c
> index 5d79e94c0..c7e28f865 100644
> --- a/unit/test-gatt.c
> +++ b/unit/test-gatt.c
> @@ -667,7 +667,7 @@ static struct context *create_context(uint16_t mtu,
> gconstpointer data) g_assert(context->server_db);
>
> context->server = bt_gatt_server_new(context->server_db,
> - context->att, mtu);
> + context->att, mtu, 0);
> g_assert(context->server);
>
> bt_gatt_server_set_debug(context->server, print_debug,
This has some issues, V3 will follow.
--
pozdrawiam
Szymon Janc
prev parent reply other threads:[~2018-03-20 9:54 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-20 9:35 [PATCH v2] Add support for requiring min key size for access GATT characteristics Szymon Janc
2018-03-20 9:54 ` Szymon Janc [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1750602.IAkq0TOekg@ix \
--to=szymon.janc@codecoup.pl \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).