Bluetooth: SAP Authentication changes
SAP profile requires 16 pin length authentication for BT 1.2/2.0
devices as per specification. These changes were present for hciops
pluging, the current changes are for Management operations plugin.
Signed-off-by: Prabhakaran Mc <prabhakaranmc@codeaurora.org>
diff --git a/net/bluetooth/hci_event.c b/net/bluetooth/hci_event.c
index 84e3975..ae483c6 100644
--- a/net/bluetooth/hci_event.c
+++ b/net/bluetooth/hci_event.c
@@ -1122,9 +1122,10 @@
return 0;
/* Only request authentication for SSP connections or non-SSP
- * devices with sec_level HIGH */
+ * devices with sec_level >= BT_SECURITY_MEDIUM*/
+ BT_DBG("Pending sec level is %d", conn->pending_sec_level);
if (!(hdev->ssp_mode > 0 && conn->ssp_mode > 0) &&
- conn->pending_sec_level != BT_SECURITY_HIGH)
+ conn->pending_sec_level < BT_SECURITY_MEDIUM)
return 0;
return 1;
@@ -2461,6 +2462,17 @@
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
+ if (conn) {
+ BT_DBG("Conn pending sec level is %d, ssp is %d, key len is %d",
+ conn->pending_sec_level, conn->ssp_mode, key->pin_len);
+ }
+ if (conn && (conn->ssp_mode == 0) &&
+ (conn->pending_sec_level == BT_SECURITY_HIGH) &&
+ (key->pin_len != 16)) {
+ BT_DBG("Security is high ignoring this key");
+ goto not_found;
+ }
+
if (key->type == 0x04 && conn && conn->auth_type != 0xff &&
(conn->auth_type & 0x01)) {
BT_DBG("%s ignoring unauthenticated key", hdev->name);
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index 2145168..310e17e 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c
@@ -1340,7 +1340,14 @@
hci_dev_lock(hdev);
- if (cp->io_cap == 0x03) {
+ cp = (void *) data;
+
+ if (len != sizeof(*cp))
+ return cmd_status(sk, index, MGMT_OP_PAIR_DEVICE, EINVAL);
+
+ BT_DBG("SSP Cap is %d", cp->ssp_cap);
+ io_cap = cp->io_cap;
+ if ((cp->ssp_cap == 0) || (io_cap == 0x03)) {
sec_level = BT_SECURITY_MEDIUM;
auth_type = HCI_AT_DEDICATED_BONDING;
} else {