Commit 60b83f57 authored by Waldemar Rymarkiewicz's avatar Waldemar Rymarkiewicz Committed by Gustavo F. Padovan

Bluetooth: Ignore key unauthenticated for high security

High security level for pre v2.1 devices requires combination link key
authenticated by at least 16 digit PIN code.

It's also necessary to update key_type and pin_length when the key
exists and is sufficently secured for the connection as there will be
no link key notify event in that case.
Signed-off-by: default avatarWaldemar Rymarkiewicz <waldemar.rymarkiewicz@tieto.com>
Signed-off-by: default avatarGustavo F. Padovan <padovan@profusion.mobi>
parent 13d39315
...@@ -2059,11 +2059,23 @@ static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff ...@@ -2059,11 +2059,23 @@ static inline void hci_link_key_request_evt(struct hci_dev *hdev, struct sk_buff
} }
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr); conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
if (conn) {
if (key->type == HCI_LK_UNAUTH_COMBINATION &&
conn->auth_type != 0xff &&
(conn->auth_type & 0x01)) {
BT_DBG("%s ignoring unauthenticated key", hdev->name);
goto not_found;
}
if (key->type == HCI_LK_UNAUTH_COMBINATION && conn && if (key->type == HCI_LK_COMBINATION && key->pin_len < 16 &&
conn->auth_type != 0xff && (conn->auth_type & 0x01)) { conn->pending_sec_level == BT_SECURITY_HIGH) {
BT_DBG("%s ignoring unauthenticated key", hdev->name); BT_DBG("%s ignoring key unauthenticated for high \
goto not_found; security", hdev->name);
goto not_found;
}
conn->key_type = key->type;
conn->pin_length = key->pin_len;
} }
bacpy(&cp.bdaddr, &ev->bdaddr); bacpy(&cp.bdaddr, &ev->bdaddr);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment