From: Brian Gix <bgix@codeaurora.org>
To: Vinicius Costa Gomes <vinicius.gomes@openbossa.org>
Cc: linux-bluetooth@vger.kernel.org, Johan Hedberg <johan.hedberg@gmail.com>
Subject: Re: [PATCH 1/8] Bluetooth: Add structures for the new LTK exchange messages
Date: Mon, 12 Dec 2011 09:37:12 -0800 [thread overview]
Message-ID: <4EE63BC8.5020409@codeaurora.org> (raw)
In-Reply-To: <20111212130750.GA14194@samus>
Hi Vinicius, Johan,
On 12/12/2011 5:07 AM, Vinicius Costa Gomes wrote:
> Hi Brian,
>
> On 09:39 Wed 07 Dec, Brian Gix wrote:
>> > Hi Vinicius,
>> >
>> > On 12/6/2011 4:48 PM, Vinicius Costa Gomes wrote:
>>> > >This defines two in the kernel side of BlueZ two new messages, one
>>> > >event that will inform userspace that a new Long Term Key was
>>> > >exchanged and one that will allow userspace to load LTKs into
>>> > >the kernel.
>>> > >
>>> > >Acked-by: Marcel Holtmann<marcel@holtmann.org>
>>> > >Signed-off-by: Vinicius Costa Gomes<vinicius.gomes@openbossa.org>
>>> > >---
>>> > > include/net/bluetooth/mgmt.h | 21 +++++++++++++++++++++
>>> > > 1 files changed, 21 insertions(+), 0 deletions(-)
>>> > >
>>> > >diff --git a/include/net/bluetooth/mgmt.h b/include/net/bluetooth/mgmt.h
>>> > >index 3b68806..0f100fa9 100644
>>> > >--- a/include/net/bluetooth/mgmt.h
>>> > >+++ b/include/net/bluetooth/mgmt.h
>>> > >@@ -264,6 +264,21 @@ struct mgmt_cp_user_passkey_neg_reply {
>>> > > bdaddr_t bdaddr;
>>> > > } __packed;
>>> > >
>>> > >+struct mgmt_ltk_info {
>>> > >+ bdaddr_t bdaddr;
>>> > >+ __u8 pin_len;
>>> > >+ __u8 enc_size;
>>> > >+ __le16 ediv;
>>> > >+ __u8 rand[8];
>>> > >+ __u8 val[16];
>>> > >+} __packed;
>> >
>> > I think we definitely want to store the auth level (octet) that was
>> > used to generate this key and/or the sec_level. Some profiles may
>> > require MITM (high sec_level) and from this key definition, there is
>> > no way to tell if it is Medium (no MITM) or High.
>> >
> Yeah, I was thinking about infering the security level using the pin_len
> field, but that assumption breaks once we have OOB. I will add this
> field.
>
Sorry I was not on the IRC when you were discussing the SMP-LTK
communication between Kernel and BluZ, but I was copied on the
conversation from a colleague.
I think everything you guys said was sound. An "authenticated" field
that is simply 0 or 1 should be sufficient for preserving the security
level that the key represents.
Also, I have looked at Hemants patch and it looks correct. It is
suitable for either SSP passkey request and entry, or SMP passkey
request and entry.
It should have no impact on how we handle LTK communication and storage.
--
Brian Gix
bgix@codeaurora.org
Employee of Qualcomm Innovation Center, Inc.
Qualcomm Innovation Center, Inc. is a member of Code Aurora Forum
next prev parent reply other threads:[~2011-12-12 17:37 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-07 0:48 [PATCH 0/8] Bluetooth: SMP Key Exchange Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 1/8] Bluetooth: Add structures for the new LTK exchange messages Vinicius Costa Gomes
2011-12-07 15:44 ` Hemant Gupta
2011-12-12 13:17 ` Vinicius Costa Gomes
2011-12-13 3:28 ` Hemant Gupta
2011-12-07 17:39 ` Brian Gix
2011-12-12 13:07 ` Vinicius Costa Gomes
2011-12-12 17:37 ` Brian Gix [this message]
2011-12-12 15:16 ` Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 2/8] Bluetooth: Add a custom type for Short Term Keys Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 3/8] Bluetooth: Rename smp_key_size to enc_key_size Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 4/8] Bluetooth: Change SMP procedures to use the new key structures Vinicius Costa Gomes
2011-12-07 7:49 ` Andrei Emeltchenko
2011-12-07 0:48 ` [PATCH 5/8] Bluetooth: Add new mgmt handlers for Long Term Keys Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 6/8] Bluetooth: Add support for reusing the same hci_conn for LE links Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 7/8] Bluetooth: Disconnect the link if encryption fails Vinicius Costa Gomes
2011-12-07 0:48 ` [PATCH 8/8] Bluetooth: Only increase the connection sec-level if encryption is successful Vinicius Costa Gomes
-- strict thread matches above, loose matches on Subject: below --
2012-01-30 22:29 [PATCH 0/8] [Resend] New MGMT messages for SMP Long Term Keys Vinicius Costa Gomes
2012-01-30 22:29 ` [PATCH 1/8] Bluetooth: Add structures for the new LTK exchange messages Vinicius Costa Gomes
2012-01-30 22:38 ` Marcel Holtmann
2012-01-13 19:39 [PATCH 0/8] New MGMT messages for SMP Long Term Keys Vinicius Costa Gomes
2012-01-13 19:39 ` [PATCH 1/8] Bluetooth: Add structures for the new LTK exchange messages Vinicius Costa Gomes
2012-01-13 20:37 ` Brian Gix
2012-01-13 20:40 ` Vinicius Costa Gomes
2012-01-17 0:14 ` Vinicius Costa Gomes
2011-11-11 1:03 [PATCH 0/8] New LTK messages Vinicius Costa Gomes
2011-11-11 1:03 ` [PATCH 1/8] Bluetooth: Add structures for the new LTK exchange messages Vinicius Costa Gomes
2011-11-12 23:33 ` Marcel Holtmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4EE63BC8.5020409@codeaurora.org \
--to=bgix@codeaurora.org \
--cc=johan.hedberg@gmail.com \
--cc=linux-bluetooth@vger.kernel.org \
--cc=vinicius.gomes@openbossa.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).