Bluetooth: Refactor type of keys as flags
Converts bt_keys type to atomic_t flags to enable consistent and compact key type management. Change-Id: Ie384168da6d5d0d1b305a33988ce7689ba3a4c6a Signed-off-by: Arkadiusz Lichwa <arkadiusz.lichwa@tieto.com>
This commit is contained in:
Arkadiusz Lichwa
Anas Nashif
parent
fa3b78bd07
commit
524ef5ee1d
4 changed files with 22 additions and 21 deletions
|
|
@ -179,12 +179,14 @@ static int start_security(struct bt_conn *conn)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conn->required_sec_level > BT_SECURITY_MEDIUM &&
|
if (conn->required_sec_level > BT_SECURITY_MEDIUM &&
|
||||||
conn->keys->type != BT_KEYS_AUTHENTICATED) {
|
!atomic_test_bit(&conn->keys->flags,
|
||||||
|
BT_KEYS_AUTHENTICATED)) {
|
||||||
return bt_smp_send_pairing_req(conn);
|
return bt_smp_send_pairing_req(conn);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conn->required_sec_level > BT_SECURITY_HIGH &&
|
if (conn->required_sec_level > BT_SECURITY_HIGH &&
|
||||||
conn->keys->type != BT_KEYS_AUTHENTICATED &&
|
!atomic_test_bit(&conn->keys->flags,
|
||||||
|
BT_KEYS_AUTHENTICATED) &&
|
||||||
!(conn->keys->keys & BT_KEYS_LTK_P256)) {
|
!(conn->keys->keys & BT_KEYS_LTK_P256)) {
|
||||||
return bt_smp_send_pairing_req(conn);
|
return bt_smp_send_pairing_req(conn);
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -817,7 +817,8 @@ static void update_sec_level(struct bt_conn *conn)
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (conn->keys && conn->keys->type == BT_KEYS_AUTHENTICATED) {
|
if (conn->keys && atomic_test_bit(&conn->keys->flags,
|
||||||
|
BT_KEYS_AUTHENTICATED)) {
|
||||||
if (conn->keys->keys & BT_KEYS_LTK_P256) {
|
if (conn->keys->keys & BT_KEYS_LTK_P256) {
|
||||||
conn->sec_level = BT_SECURITY_FIPS;
|
conn->sec_level = BT_SECURITY_FIPS;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,6 @@ enum {
|
||||||
};
|
};
|
||||||
|
|
||||||
enum {
|
enum {
|
||||||
BT_KEYS_UNAUTHENTICATED,
|
|
||||||
BT_KEYS_AUTHENTICATED,
|
BT_KEYS_AUTHENTICATED,
|
||||||
};
|
};
|
||||||
|
|
||||||
|
|
@ -54,7 +53,7 @@ struct bt_csrk {
|
||||||
struct bt_keys {
|
struct bt_keys {
|
||||||
bt_addr_le_t addr;
|
bt_addr_le_t addr;
|
||||||
int keys;
|
int keys;
|
||||||
uint8_t type;
|
atomic_t flags;
|
||||||
uint8_t enc_size;
|
uint8_t enc_size;
|
||||||
|
|
||||||
#if !defined(CONFIG_BLUETOOTH_SMP_SC_ONLY)
|
#if !defined(CONFIG_BLUETOOTH_SMP_SC_ONLY)
|
||||||
|
|
|
||||||
|
|
@ -1100,7 +1100,7 @@ static uint8_t legacy_request_tk(struct bt_smp *smp)
|
||||||
* keys with unauthenticated ones.
|
* keys with unauthenticated ones.
|
||||||
*/
|
*/
|
||||||
keys = bt_keys_find_addr(&conn->le.dst);
|
keys = bt_keys_find_addr(&conn->le.dst);
|
||||||
if (keys && keys->type == BT_KEYS_AUTHENTICATED &&
|
if (keys && atomic_test_bit(&keys->flags, BT_KEYS_AUTHENTICATED) &&
|
||||||
smp->method == JUST_WORKS) {
|
smp->method == JUST_WORKS) {
|
||||||
BT_ERR("JustWorks failed, authenticated keys present");
|
BT_ERR("JustWorks failed, authenticated keys present");
|
||||||
return BT_SMP_ERR_UNSPECIFIED;
|
return BT_SMP_ERR_UNSPECIFIED;
|
||||||
|
|
@ -1752,19 +1752,6 @@ static uint8_t smp_pairing_confirm(struct bt_smp *smp, struct net_buf *buf)
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static uint8_t get_keys_type(uint8_t method)
|
|
||||||
{
|
|
||||||
switch (method) {
|
|
||||||
case PASSKEY_DISPLAY:
|
|
||||||
case PASSKEY_INPUT:
|
|
||||||
case PASSKEY_CONFIRM:
|
|
||||||
return BT_KEYS_AUTHENTICATED;
|
|
||||||
case JUST_WORKS:
|
|
||||||
default:
|
|
||||||
return BT_KEYS_UNAUTHENTICATED;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
static uint8_t sc_smp_send_dhkey_check(struct bt_smp *smp, const uint8_t *e)
|
static uint8_t sc_smp_send_dhkey_check(struct bt_smp *smp, const uint8_t *e)
|
||||||
{
|
{
|
||||||
struct bt_smp_dhkey_check *req;
|
struct bt_smp_dhkey_check *req;
|
||||||
|
|
@ -2271,7 +2258,7 @@ static uint8_t smp_security_request(struct bt_smp *smp, struct net_buf *buf)
|
||||||
|
|
||||||
/* if MITM required key must be authenticated */
|
/* if MITM required key must be authenticated */
|
||||||
if ((auth & BT_SMP_AUTH_MITM) &&
|
if ((auth & BT_SMP_AUTH_MITM) &&
|
||||||
conn->keys->type != BT_KEYS_AUTHENTICATED) {
|
!atomic_test_bit(&conn->keys->flags, BT_KEYS_AUTHENTICATED)) {
|
||||||
if (get_io_capa() != BT_SMP_IO_NO_INPUT_OUTPUT) {
|
if (get_io_capa() != BT_SMP_IO_NO_INPUT_OUTPUT) {
|
||||||
BT_INFO("New auth requirements: 0x%x, repairing",
|
BT_INFO("New auth requirements: 0x%x, repairing",
|
||||||
auth);
|
auth);
|
||||||
|
|
@ -3318,7 +3305,19 @@ void bt_smp_update_keys(struct bt_conn *conn)
|
||||||
* it is important to store it since type is used to determine
|
* it is important to store it since type is used to determine
|
||||||
* security level upon encryption
|
* security level upon encryption
|
||||||
*/
|
*/
|
||||||
conn->keys->type = get_keys_type(smp->method);
|
switch (smp->method) {
|
||||||
|
case PASSKEY_DISPLAY:
|
||||||
|
case PASSKEY_INPUT:
|
||||||
|
case PASSKEY_CONFIRM:
|
||||||
|
atomic_set_bit(&conn->keys->flags, BT_KEYS_AUTHENTICATED);
|
||||||
|
break;
|
||||||
|
case JUST_WORKS:
|
||||||
|
default:
|
||||||
|
/* unauthenticated key, clear it */
|
||||||
|
atomic_clear_bit(&conn->keys->flags, BT_KEYS_AUTHENTICATED);
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
conn->keys->enc_size = get_encryption_key_size(smp);
|
conn->keys->enc_size = get_encryption_key_size(smp);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue