[PATCH BlueZ v3 1/6] lib: Add Key Size information to the security information

[PATCH BlueZ v3 1/6] lib: Add Key Size information to the security information

[Vinicius Costa Gomes]

Since some time the kernel has the capability to return the length of
the key that was used to encrypt the link.

This patch exposes that field to userspace so more applications can take
decisions based on this information.
---
 lib/bluetooth.h |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/lib/bluetooth.h b/lib/bluetooth.h
index 5bd4f03..1dee6df 100644
--- a/lib/bluetooth.h
+++ b/lib/bluetooth.h
@@ -63,6 +63,7 @@ extern "C" {
 #define BT_SECURITY	4
 struct bt_security {
 	uint8_t level;
+	uint8_t key_size;
 };
 #define BT_SECURITY_SDP		0
 #define BT_SECURITY_LOW		1
-- 
1.7.8.1

[PATCH BlueZ v3 2/6] btio: Add support for getting the Encryption Key Size via btio

[Vinicius Costa Gomes]

Some profiles specify some restriction depending on the length
of the key used to encrypt the link, this adds an way to retrieve
that value from the kernel.
---
 btio/btio.c |   19 +++++++++++++++++++
 btio/btio.h |    1 +
 2 files changed, 20 insertions(+), 0 deletions(-)

diff --git a/btio/btio.c b/btio/btio.c
index a45a9cc..77ddb1d 100644
--- a/btio/btio.c
+++ b/btio/btio.c
@@ -511,6 +511,21 @@ static int set_priority(int sock, uint32_t prio)
 	return 0;
 }
 
+static gboolean get_key_size(int sock, int *size, GError **err)
+{
+	struct bt_security sec;
+	socklen_t len;
+
+	memset(&sec, 0, sizeof(sec));
+	len = sizeof(sec);
+	if (getsockopt(sock, SOL_BLUETOOTH, BT_SECURITY, &sec, &len) == 0) {
+		*size = sec.key_size;
+		return TRUE;
+	}
+
+	return FALSE;
+}
+
 static gboolean l2cap_set(int sock, int sec_level, uint16_t imtu,
 				uint16_t omtu, uint8_t mode, int master,
 				int flushable, uint32_t priority, GError **err)
@@ -875,6 +890,10 @@ static gboolean l2cap_get(int sock, GError **err, BtIOOption opt1,
 						va_arg(args, int *), err))
 				return FALSE;
 			break;
+		case BT_IO_OPT_KEY_SIZE:
+			if (!get_key_size(sock, va_arg(args, int *), err))
+				return FALSE;
+			break;
 		case BT_IO_OPT_PSM:
 			*(va_arg(args, uint16_t *)) = src.l2_psm ?
 					btohs(src.l2_psm) : btohs(dst.l2_psm);
diff --git a/btio/btio.h b/btio/btio.h
index ae55b61..7e3e130 100644
--- a/btio/btio.h
+++ b/btio/btio.h
@@ -52,6 +52,7 @@ typedef enum {
 	BT_IO_OPT_DEST_BDADDR,
 	BT_IO_OPT_DEFER_TIMEOUT,
 	BT_IO_OPT_SEC_LEVEL,
+	BT_IO_OPT_KEY_SIZE,
 	BT_IO_OPT_CHANNEL,
 	BT_IO_OPT_SOURCE_CHANNEL,
 	BT_IO_OPT_DEST_CHANNEL,
-- 
1.7.8.1

[PATCH BlueZ v3 3/6] test: Add support for passing the CID to btiotest

[Vinicius Costa Gomes]

If we want to test LE connections using btiotest we need to be
able to inform btio the Channel ID that we want to connect to, so
the kernel is able to learn that we want to establish a LE connection.
---
 test/btiotest.c |   16 ++++++++++------
 1 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/test/btiotest.c b/test/btiotest.c
index 91fc1d5..f02711d 100644
--- a/test/btiotest.c
+++ b/test/btiotest.c
@@ -225,8 +225,8 @@ static void confirm_cb(GIOChannel *io, gpointer user_data)
 }
 
 static void l2cap_connect(const char *src, const char *dst, uint16_t psm,
-						gint disconn, gint sec,
-						gint prio)
+						uint16_t cid, gint disconn,
+						gint sec, gint prio)
 {
 	struct io_data *data;
 	GError *err = NULL;
@@ -242,6 +242,7 @@ static void l2cap_connect(const char *src, const char *dst, uint16_t psm,
 						BT_IO_OPT_SOURCE, src,
 						BT_IO_OPT_DEST, dst,
 						BT_IO_OPT_PSM, psm,
+						BT_IO_OPT_CID, cid,
 						BT_IO_OPT_SEC_LEVEL, sec,
 						BT_IO_OPT_PRIORITY, prio,
 						BT_IO_OPT_INVALID);
@@ -251,6 +252,7 @@ static void l2cap_connect(const char *src, const char *dst, uint16_t psm,
 						&err,
 						BT_IO_OPT_DEST, dst,
 						BT_IO_OPT_PSM, psm,
+						BT_IO_OPT_CID, cid,
 						BT_IO_OPT_SEC_LEVEL, sec,
 						BT_IO_OPT_PRIORITY, prio,
 						BT_IO_OPT_INVALID);
@@ -470,6 +472,7 @@ static gint opt_accept = DEFAULT_ACCEPT_TIMEOUT;
 static gint opt_sec = 0;
 static gboolean opt_master = FALSE;
 static gint opt_priority = 0;
+static gint opt_cid = 0;
 
 static GMainLoop *main_loop;
 
@@ -478,6 +481,8 @@ static GOptionEntry options[] = {
 				"RFCOMM channel" },
 	{ "psm", 'p', 0, G_OPTION_ARG_INT, &opt_psm,
 				"L2CAP PSM" },
+	{ "cid", 'j', 0, G_OPTION_ARG_INT, &opt_cid,
+				"L2CAP CID" },
 	{ "sco", 's', 0, G_OPTION_ARG_NONE, &opt_sco,
 				"Use SCO" },
 	{ "defer", 'd', 0, G_OPTION_ARG_NONE, &opt_defer,
@@ -522,11 +527,10 @@ int main(int argc, char *argv[])
 		opt_accept, opt_reject, opt_disconn, opt_defer, opt_sec,
 		opt_priority);
 
-	if (opt_psm) {
+	if (opt_psm || opt_cid) {
 		if (argc > 1)
-			l2cap_connect(opt_dev, argv[1], opt_psm,
-							opt_disconn, opt_sec,
-							opt_priority);
+			l2cap_connect(opt_dev, argv[1], opt_psm, opt_cid,
+					opt_disconn, opt_sec, opt_priority);
 		else
 			l2cap_listen(opt_dev, opt_psm, opt_defer, opt_reject,
 					opt_disconn, opt_accept, opt_sec,
-- 
1.7.8.1

[PATCH BlueZ v3 4/6] test: Add support for btiotest to returning the key size

[Vinicius Costa Gomes]

---
 test/btiotest.c |   13 +++++++++++++
 1 files changed, 13 insertions(+), 0 deletions(-)

diff --git a/test/btiotest.c b/test/btiotest.c
index f02711d..03f026d 100644
--- a/test/btiotest.c
+++ b/test/btiotest.c
@@ -135,6 +135,19 @@ static void connect_cb(GIOChannel *io, GError *err, gpointer user_data)
 			printf("imtu=%u, omtu=%u\n", imtu, omtu);
 	}
 
+	if (data->type == BT_IO_L2CAP) {
+		uint8_t key_size;
+
+		if (!bt_io_get(io, data->type, &err,
+					BT_IO_OPT_KEY_SIZE, &key_size,
+					BT_IO_OPT_INVALID)) {
+			printf("Unable to get L2CAP Key size: %s\n",
+								err->message);
+			g_clear_error(&err);
+		} else
+			printf("key_size=%u\n", key_size);
+	}
+
 	if (data->disconn == 0) {
 		g_io_channel_shutdown(io, TRUE, NULL);
 		printf("Disconnected\n");
-- 
1.7.8.1

[PATCH BlueZ v3 5/6] btio: Remove the default security level from btio

[Vinicius Costa Gomes]

The default value of sec_level when setting *any* option
using bt_io_set() was BT_SECURITY_MEDIUM. This was causing
the security procedure being started in some situations that
it should not.
---
 btio/btio.c |    1 -
 1 files changed, 0 insertions(+), 1 deletions(-)

diff --git a/btio/btio.c b/btio/btio.c
index 77ddb1d..825907d 100644
--- a/btio/btio.c
+++ b/btio/btio.c
@@ -695,7 +695,6 @@ static gboolean parse_set_opts(struct set_opts *opts, GError **err,
 	/* Set defaults */
 	opts->defer = DEFAULT_DEFER_TIMEOUT;
 	opts->master = -1;
-	opts->sec_level = BT_IO_SEC_MEDIUM;
 	opts->mode = L2CAP_MODE_BASIC;
 	opts->flushable = -1;
 	opts->priority = 0;
-- 
1.7.8.1

[PATCH BlueZ v3 6/6] btio: Fix users to not expect a default security level

[Vinicius Costa Gomes]

The users of btio should not expect that btio will set the security
level to medium if it wasn't specified. Now, all the users specfify
the security level needed.
---
 audio/avdtp.c        |    1 +
 audio/gateway.c      |    2 ++
 audio/headset.c      |    1 +
 input/device.c       |    1 +
 network/connection.c |    1 +
 serial/port.c        |    2 ++
 6 files changed, 8 insertions(+), 0 deletions(-)

diff --git a/audio/avdtp.c b/audio/avdtp.c
index d3568ba..cd66fd4 100644
--- a/audio/avdtp.c
+++ b/audio/avdtp.c
@@ -2525,6 +2525,7 @@ static GIOChannel *l2cap_connect(struct avdtp *session)
 				BT_IO_OPT_SOURCE_BDADDR, &session->server->src,
 				BT_IO_OPT_DEST_BDADDR, &session->dst,
 				BT_IO_OPT_PSM, AVDTP_PSM,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_INVALID);
 	if (!io) {
 		error("%s", err->message);
diff --git a/audio/gateway.c b/audio/gateway.c
index 9b1aab3..bde3e02 100644
--- a/audio/gateway.c
+++ b/audio/gateway.c
@@ -501,6 +501,7 @@ static void get_record_cb(sdp_list_t *recs, int err, gpointer user_data)
 	io = bt_io_connect(BT_IO_RFCOMM, rfcomm_connect_cb, dev, NULL, &gerr,
 				BT_IO_OPT_SOURCE_BDADDR, &dev->src,
 				BT_IO_OPT_DEST_BDADDR, &dev->dst,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_CHANNEL, ch,
 				BT_IO_OPT_INVALID);
 	if (!io) {
@@ -847,6 +848,7 @@ unsigned int gateway_request_stream(struct audio_device *dev,
 		io = bt_io_connect(BT_IO_SCO, sco_connect_cb, dev, NULL, &err,
 				BT_IO_OPT_SOURCE_BDADDR, &dev->src,
 				BT_IO_OPT_DEST_BDADDR, &dev->dst,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_INVALID);
 		if (!io) {
 			error("%s", err->message);
diff --git a/audio/headset.c b/audio/headset.c
index c5ea58b..a10a386 100644
--- a/audio/headset.c
+++ b/audio/headset.c
@@ -1625,6 +1625,7 @@ static int rfcomm_connect(struct audio_device *dev, headset_stream_cb_t cb,
 					BT_IO_OPT_SOURCE_BDADDR, &dev->src,
 					BT_IO_OPT_DEST_BDADDR, &dev->dst,
 					BT_IO_OPT_CHANNEL, hs->rfcomm_ch,
+					BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 					BT_IO_OPT_INVALID);
 
 	hs->rfcomm_ch = -1;
diff --git a/input/device.c b/input/device.c
index a1ecdd7..0ab63c0 100644
--- a/input/device.c
+++ b/input/device.c
@@ -368,6 +368,7 @@ static gboolean rfcomm_connect(struct input_conn *iconn, GError **err)
 				NULL, err,
 				BT_IO_OPT_SOURCE_BDADDR, &idev->src,
 				BT_IO_OPT_DEST_BDADDR, &idev->dst,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_INVALID);
 	if (!io)
 		return FALSE;
diff --git a/network/connection.c b/network/connection.c
index ca1f4b2..f864972 100644
--- a/network/connection.c
+++ b/network/connection.c
@@ -373,6 +373,7 @@ static DBusMessage *connection_connect(DBusConnection *conn,
 				BT_IO_OPT_SOURCE_BDADDR, &peer->src,
 				BT_IO_OPT_DEST_BDADDR, &peer->dst,
 				BT_IO_OPT_PSM, BNEP_PSM,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_OMTU, BNEP_MTU,
 				BT_IO_OPT_IMTU, BNEP_MTU,
 				BT_IO_OPT_INVALID);
diff --git a/serial/port.c b/serial/port.c
index 5b76d14..36e3bd6 100644
--- a/serial/port.c
+++ b/serial/port.c
@@ -422,6 +422,7 @@ static void get_record_cb(sdp_list_t *recs, int err, gpointer user_data)
 				BT_IO_OPT_SOURCE_BDADDR, &device->src,
 				BT_IO_OPT_DEST_BDADDR, &device->dst,
 				BT_IO_OPT_CHANNEL, port->channel,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_INVALID);
 	if (!port->io) {
 		error("%s", gerr->message);
@@ -462,6 +463,7 @@ connect:
 				BT_IO_OPT_SOURCE_BDADDR, &device->src,
 				BT_IO_OPT_DEST_BDADDR, &device->dst,
 				BT_IO_OPT_CHANNEL, port->channel,
+				BT_IO_OPT_SEC_LEVEL, BT_IO_SEC_MEDIUM,
 				BT_IO_OPT_INVALID);
 	if (port->io == NULL)
 		return -EIO;
-- 
1.7.8.1

Re: [PATCH BlueZ v3 1/6] lib: Add Key Size information to the security information

[Johan Hedberg]

Hi Vinicius,

On Tue, Jan 24, 2012, Vinicius Costa Gomes wrote:
> Since some time the kernel has the capability to return the length of
> the key that was used to encrypt the link.
> 
> This patch exposes that field to userspace so more applications can take
> decisions based on this information.
> ---
>  lib/bluetooth.h |    1 +
>  1 files changed, 1 insertions(+), 0 deletions(-)

All six patches have been applied. Thanks.

Johan