From patchwork Tue Apr 7 08:56:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Archie Pusaka X-Patchwork-Id: 11477743 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 5E01E1392 for ; Tue, 7 Apr 2020 08:56:27 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 3BE712074F for ; Tue, 7 Apr 2020 08:56:27 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="Ib+pPA5F" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727923AbgDGI40 (ORCPT ); Tue, 7 Apr 2020 04:56:26 -0400 Received: from mail-qk1-f202.google.com ([209.85.222.202]:55530 "EHLO mail-qk1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgDGI40 (ORCPT ); Tue, 7 Apr 2020 04:56:26 -0400 Received: by mail-qk1-f202.google.com with SMTP id h186so2438297qkc.22 for ; Tue, 07 Apr 2020 01:56:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=ixePdWgFw7g7y9K8+PNzUptUWWtYVQio9P5eRJlOWfI=; b=Ib+pPA5Far2EmK+YIW23DQtUF7TXviRk//RDVLoD4Zr1KTennPsvSDKCGTvs70lVRP 0tsya6iYtFeRIAn4yzOaEWBogEEdwK/oeFISCcO7imMSuv0CGuIlV3ejJu6tLotp1Osl BlcedprkajcfNqwKMAucVFAOoLuZNG5nZRkHsfmPn+yZrP/jOWl2ENUX8yS47UARg/60 YVBqgeCABLVFUny76miAV/G1uo3hz5sLb9PBLzwVshj1kg6dJTijdY2rDo2KVCfoakI6 QGPVfgVrTObihhPT9/cNUsazwKtHfMhlrs6RlxP/qTMmARxJkXKBV/+wIk8wH47UcaQc y3Pg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=ixePdWgFw7g7y9K8+PNzUptUWWtYVQio9P5eRJlOWfI=; b=jQtvJgrWaCXWTzFrj3e/evcVu45r0fYyhW8jpMSemfvPP+ZqGdwLXpIRIotuCzVZM0 nIvCzPtxuoD6GZNPD3vWBM6zdps86SXzfYHF8xJIFyiXKs4nXkK42Kvr9Aho2PtUQtvN LGMpBNBMM7Xk4ugAKDAnHoTCkCSKzCLAITLOjugADaGbvpwOk25c8p9X1YNu8mPvP/dU ga9ua9/lTOGZX8vlh69eOiC58ByncpIKsIegdGn9OsOJQuy7q4zVmYVR4ySc7LoeiYTs 2AywZUIZ8JPyTBflD1SrJj2RXx3pe9lNpXZjg2sJ1ymnuAVput4acTWQNu/DmnYNNDd1 yfkA== X-Gm-Message-State: AGi0Pub9bJywMChMyk6d0Dpt+KuGm97H7YkXumDwkHq0idmC4o0HZJrQ zDVE+9nawqdqVGVRiaxaORGB8q3H4+8R8aL6lNn7Zx1nSpPc7Y0Fuk309YaojWxBCjqTShDjJnk vknjVTKX29YmoCZsyp+738ltv9CNcXj4Dgqyykji9XQYCkLSgCRfG446KUs6yD+Y2nm6uxIIH+v Gm X-Google-Smtp-Source: APiQypJsRFhF1zyvxTU5lV5ZiJzefbJZCK1qaiXgagAdsNe2GESx9bGWQ3QSW5V5TUXZGDd2etzBbWOzMQEj X-Received: by 2002:a0c:b90e:: with SMTP id u14mr1110360qvf.177.1586249783485; Tue, 07 Apr 2020 01:56:23 -0700 (PDT) Date: Tue, 7 Apr 2020 16:56:07 +0800 In-Reply-To: <20200407085610.231013-1-apusaka@google.com> Message-Id: <20200407165521.Bluez.v4.1.I6373c573d8c831d0c96974911469e2ac6bff1e42@changeid> Mime-Version: 1.0 References: <20200407085610.231013-1-apusaka@google.com> X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog Subject: [Bluez PATCH v4 1/4] shared/crypto: Add bt_crypto_verify_att_sign From: Archie Pusaka To: linux-bluetooth , Luiz Augusto von Dentz Cc: Archie Pusaka Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Archie Pusaka This is used to verify the signature of incoming ATT packets. --- Changes in v4: None Changes in v3: - Add check for the case where pdu_len < ATT_SIGN_LEN Changes in v2: None src/shared/crypto.c | 28 ++++++++++++++++++++++++++-- src/shared/crypto.h | 2 ++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/src/shared/crypto.c b/src/shared/crypto.c index 5c5e1217d..5cc88ce4a 100644 --- a/src/shared/crypto.c +++ b/src/shared/crypto.c @@ -75,6 +75,8 @@ struct af_alg_iv { /* Maximum message length that can be passed to aes_cmac */ #define CMAC_MSG_MAX 80 +#define ATT_SIGN_LEN 12 + struct bt_crypto { int ref_count; int ecb_aes; @@ -265,7 +267,8 @@ static inline void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len) bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], const uint8_t *m, uint16_t m_len, - uint32_t sign_cnt, uint8_t signature[12]) + uint32_t sign_cnt, + uint8_t signature[ATT_SIGN_LEN]) { int fd; int len; @@ -319,10 +322,31 @@ bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], * 12 octets */ swap_buf(out, tmp, 16); - memcpy(signature, tmp + 4, 12); + memcpy(signature, tmp + 4, ATT_SIGN_LEN); return true; } + +bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16], + const uint8_t *pdu, uint16_t pdu_len) +{ + uint8_t generated_sign[ATT_SIGN_LEN]; + const uint8_t *sign; + uint32_t sign_cnt; + + if (pdu_len < ATT_SIGN_LEN) + return false; + + sign = pdu + pdu_len - ATT_SIGN_LEN; + sign_cnt = get_le32(sign); + + if (!bt_crypto_sign_att(crypto, key, pdu, pdu_len - ATT_SIGN_LEN, + sign_cnt, generated_sign)) + return false; + + return memcmp(generated_sign, sign, ATT_SIGN_LEN) == 0; +} + /* * Security function e * diff --git a/src/shared/crypto.h b/src/shared/crypto.h index c58d2e104..d17daa835 100644 --- a/src/shared/crypto.h +++ b/src/shared/crypto.h @@ -62,5 +62,7 @@ bool bt_crypto_h6(struct bt_crypto *crypto, const uint8_t w[16], bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], const uint8_t *m, uint16_t m_len, uint32_t sign_cnt, uint8_t signature[12]); +bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16], + const uint8_t *pdu, uint16_t pdu_len); bool bt_crypto_gatt_hash(struct bt_crypto *crypto, struct iovec *iov, size_t iov_len, uint8_t res[16]); From patchwork Tue Apr 7 08:56:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Archie Pusaka X-Patchwork-Id: 11477745 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id D947D1392 for ; Tue, 7 Apr 2020 08:56:32 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id B7B0A20771 for ; Tue, 7 Apr 2020 08:56:32 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="kTq8XMV2" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727952AbgDGI4c (ORCPT ); Tue, 7 Apr 2020 04:56:32 -0400 Received: from mail-pl1-f202.google.com ([209.85.214.202]:39799 "EHLO mail-pl1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgDGI4c (ORCPT ); Tue, 7 Apr 2020 04:56:32 -0400 Received: by mail-pl1-f202.google.com with SMTP id d11so1864424pll.6 for ; Tue, 07 Apr 2020 01:56:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=k1OfTEDDWoKD1wyJgxjBcp+qqrvnEMjWFoVpDUtkU1M=; b=kTq8XMV2/n/Ie4gFML0a1XRufILkC6etTcwexxWnsdZcIRv2aksd7U0NOBuIORE+2D UBdxisYCl9vxt8S0RmylrcZ2/QqfdlWsPR62O4dh6dAY8bw9n7IWDtcwsqeoRCmQGpfJ ui2/WohJIHh97ei9HmpoTWyh6akFnhybKZAZLQFKv7zfdUPwRYMQaT4kOckSE/6B+QBl pgn796RcxSY4+Q7tMrUvI3bQihjRtMK4WUFp3LsCVAfOGLxeXE+RhYst3bvfVW96o7ex Y3e2q8FU9WHH8uCRl8vFnDOEY1XO6R5uAVYFeGpoWAqmRcJ81bO7aBXkYxRnStDUVZE+ bDNw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=k1OfTEDDWoKD1wyJgxjBcp+qqrvnEMjWFoVpDUtkU1M=; b=LycMn2TPaX49EyZrEPurPUbIq5aHLBIc7O4D3i7hJ1e6RUCdIMomBErhF5ttnqQuab oJXEPB7CXmnTJg0oWf+jMbkDvuAMEnKf2Mm8QYqIf2fVfIJ0fq4iA/DrSziSY4VQx20M 8lUEtqOdEYPwwBjym0EVfF+W/NDkYjPQPhhk8CANXrwKnJceNYI4lfnrFLsG3wrnu0h5 FnJpmQgJMF/h21IFONADMuLFG2/hEgdn9+dowDO14S9lR8JD4p1oVEFM6H8Fuxjps6yc tQ8Mp2YZYTe31VnsI/PV8qytmFUqr7Toniyh9JMgJBEBA5ufJkqUaRrMlKRbWvhMOuy1 kiDw== X-Gm-Message-State: AGi0PubnjzY02mSJn6W8GV8jCwcO+ENemGFhInjPf+iisYuEBSGsLtyG edcwKi3y2UqbmJtbVp6wmXEDDb6jU2H8yRqMvldlnhTrQHFtHapld7KXcWWzW9ajPvBZ68p1Ocw fVV5ppKjyDl0CL4QATo6kAnAxRYrvF6vfL4skUOwI+6Vlfl4B5RNbAa1YSQ5noiBPLmYmNZm+IU zT X-Google-Smtp-Source: APiQypKaOToMHUyYMrCBtqArjbNqDITE/aiYoubfZtAvS2U/HubcaIIPBspq6HElEhHIU+ucWVCVMy+JoxTO X-Received: by 2002:a17:90b:4d09:: with SMTP id mw9mr1539484pjb.101.1586249789501; Tue, 07 Apr 2020 01:56:29 -0700 (PDT) Date: Tue, 7 Apr 2020 16:56:08 +0800 In-Reply-To: <20200407085610.231013-1-apusaka@google.com> Message-Id: <20200407165521.Bluez.v4.2.Ieda68013af7fbafbf53fbf7c8fd85ea295153e5e@changeid> Mime-Version: 1.0 References: <20200407085610.231013-1-apusaka@google.com> X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog Subject: [Bluez PATCH v4 2/4] unit/test-crypto: test for bt_crypto_verify_att_sign From: Archie Pusaka To: linux-bluetooth , Luiz Augusto von Dentz Cc: Archie Pusaka Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Archie Pusaka Adding tests for verifying att signature --- Changes in v4: - Fix wrong variable assignment Changes in v3: - Add unit test Changes in v2: None unit/test-crypto.c | 59 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) diff --git a/unit/test-crypto.c b/unit/test-crypto.c index e20b2fa66..46c7c0e5c 100644 --- a/unit/test-crypto.c +++ b/unit/test-crypto.c @@ -272,6 +272,58 @@ static void test_gatt_hash(gconstpointer data) tester_test_passed(); } +struct verify_sign_test_data { + const uint8_t *msg; + uint16_t msg_len; + const uint8_t *key; + bool match; +}; + +static const uint8_t msg_to_verify_pass[] = { + 0xd2, 0x12, 0x00, 0x13, 0x37, 0x01, 0x00, 0x00, 0x00, 0xF1, 0x87, 0x1E, + 0x93, 0x3C, 0x90, 0x0F, 0xf2 +}; + +static const struct verify_sign_test_data verify_sign_pass_data = { + .msg = msg_to_verify_pass, + .msg_len = sizeof(msg_to_verify_pass), + .key = key_5, + .match = true, +}; + +static const uint8_t msg_to_verify_bad_sign[] = { + 0xd2, 0x12, 0x00, 0x13, 0x37, 0x01, 0x00, 0x00, 0x00, 0xF1, 0x87, 0x1E, + 0x93, 0x3C, 0x90, 0x0F, 0xf1 +}; + +static const struct verify_sign_test_data verify_sign_bad_sign_data = { + .msg = msg_to_verify_bad_sign, + .msg_len = sizeof(msg_to_verify_bad_sign), + .key = key_5, + .match = false, +}; + +static const uint8_t msg_to_verify_too_short[] = { + 0xd2, 0x12, 0x00, 0x13, 0x37 +}; + +static const struct verify_sign_test_data verify_sign_too_short_data = { + .msg = msg_to_verify_too_short, + .msg_len = sizeof(msg_to_verify_too_short), + .key = key_5, + .match = false, +}; + +static void test_verify_sign(gconstpointer data) +{ + const struct verify_sign_test_data *d = data; + bool result = bt_crypto_verify_att_sign(crypto, d->key, d->msg, + d->msg_len); + g_assert(result == d->match); + + tester_test_passed(); +} + int main(int argc, char *argv[]) { int exit_status; @@ -292,6 +344,13 @@ int main(int argc, char *argv[]) tester_add("/crypto/gatt_hash", NULL, NULL, test_gatt_hash, NULL); + tester_add("/crypto/verify_sign_pass", &verify_sign_pass_data, + NULL, test_verify_sign, NULL); + tester_add("/crypto/verify_sign_bad_sign", &verify_sign_bad_sign_data, + NULL, test_verify_sign, NULL); + tester_add("/crypto/verify_sign_too_short", &verify_sign_too_short_data, + NULL, test_verify_sign, NULL); + exit_status = tester_run(); bt_crypto_unref(crypto); From patchwork Tue Apr 7 08:56:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Archie Pusaka X-Patchwork-Id: 11477747 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 8DBEF112C for ; Tue, 7 Apr 2020 08:56:38 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 6D4DB20771 for ; Tue, 7 Apr 2020 08:56:38 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="ucUQYalJ" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727958AbgDGI4i (ORCPT ); Tue, 7 Apr 2020 04:56:38 -0400 Received: from mail-pg1-f202.google.com ([209.85.215.202]:45515 "EHLO mail-pg1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgDGI4h (ORCPT ); Tue, 7 Apr 2020 04:56:37 -0400 Received: by mail-pg1-f202.google.com with SMTP id v29so1904832pgo.12 for ; Tue, 07 Apr 2020 01:56:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Qeg3a+GT/t1CBST+N2dWD+HdLtuOyVVP4PFOkkE3kV0=; b=ucUQYalJDVip2CzNCTR+kxrQn3bouuD1OPeAi994xT35k+WZcAKFoum97a2iQMrgvM sX1KFhSy/5Vxu4aWb95AYr1ha5tc2CvUvCKGcEcQumw+5RqR0BmX1GPNE+0086L8fZdn QwjXWJR9t38PfQ60V9rxVV+xZsYnFg2EGhmDHJxcYwYzRPZlvE6mPkpOclqkoIpfFh3S 6KlcGoWTA5GZSHTYDPq/RHChQ04bbagzYYeuzTcxatzjj7hCZZHepDpOwZnIZGJq/W50 qaZl0FfmMeYNrau/av0YmNpUi8NYX9r8n9r432i3IybBDD2OjsTlFVMNZwz5MpXMF6bk jvFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Qeg3a+GT/t1CBST+N2dWD+HdLtuOyVVP4PFOkkE3kV0=; b=JNzynEOnoyCpdY0dndprkzINzsPH/TCMoAZH+qv8ICDIGTxE4+DKxrifEI2rBxF6Q6 kwf1/+U2PYX9VfFCJ2JVLyRMHFWEKFANx41J44QeTewGuD2gN/ZSv0jkn07Be+u8SOtP wlSd2v+hGia7bRTw2XLm/si3SFzbSOPyhrTrgvogn1RveIila5MDpiihYiBddsOy3Zpg 1akOjuhd0zY9I+2ESOkeNYNSsVA8ScletfSmNPG+a1GuWoXDpSOqzMdrNGX3t51s2zk/ LPTaUX2vjdQCvajUvw3tgL7CAzODsAaRE2q186K0FH+fRnYlnbQK9vs7+RPUUC20bXoq EY9Q== X-Gm-Message-State: AGi0PuZMkijm+Bh+2H8Fv87dcC+2RILkWX/sc6TcWo9CWRknUTkvpw1U VAP+b1o9q8qdSxM3WW1Ogd53TePaALsSrBBHQ6Lmjl2IehquJ6ShlgVRhYLkpMrP/QQNYiJqIjO jwbr3HJJ3KoPkwtqYQx4vwEBeDCMQBKZLk1TyAqkkh5yAfrukci0wd2G3gvHCIOltbgx2hg4iNt E3 X-Google-Smtp-Source: APiQypJutldv//2AmFQEKLU5PoCCOXflKXTelYmQV18FJsfii4bv/sbf9VGMG5K/Cmm7388gGkJGleyBe47I X-Received: by 2002:a63:dd0a:: with SMTP id t10mr1037234pgg.50.1586249794429; Tue, 07 Apr 2020 01:56:34 -0700 (PDT) Date: Tue, 7 Apr 2020 16:56:09 +0800 In-Reply-To: <20200407085610.231013-1-apusaka@google.com> Message-Id: <20200407165521.Bluez.v4.3.I28a54f18ca82b58e44689a0c76663e735fefb6f1@changeid> Mime-Version: 1.0 References: <20200407085610.231013-1-apusaka@google.com> X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog Subject: [Bluez PATCH v4 3/4] shared/att: Check the signature of att packets From: Archie Pusaka To: linux-bluetooth , Luiz Augusto von Dentz Cc: Archie Pusaka Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Archie Pusaka Tested to pass these BT certification test SM/MAS/SIGN/BV-03-C SM/MAS/SIGN/BI-01-C --- Changes in v4: None Changes in v3: - Separate into three patches Changes in v2: - Move the signature verification part to crypto.c - Attempt not to copy the whole pdu while verifying the signature by not separating the opcode from the rest of pdu too early, so we don't have to rejoin them later. src/shared/att.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/src/shared/att.c b/src/shared/att.c index 948a5548b..31c6901fb 100644 --- a/src/shared/att.c +++ b/src/shared/att.c @@ -881,15 +881,15 @@ static void respond_not_supported(struct bt_att *att, uint8_t opcode) NULL); } -static bool handle_signed(struct bt_att *att, uint8_t opcode, uint8_t *pdu, - ssize_t pdu_len) +static bool handle_signed(struct bt_att *att, uint8_t *pdu, ssize_t pdu_len) { uint8_t *signature; uint32_t sign_cnt; struct sign_info *sign; + uint8_t opcode = pdu[0]; /* Check if there is enough data for a signature */ - if (pdu_len < 2 + BT_ATT_SIGNATURE_LEN) + if (pdu_len < 3 + BT_ATT_SIGNATURE_LEN) goto fail; sign = att->remote_sign; @@ -903,10 +903,8 @@ static bool handle_signed(struct bt_att *att, uint8_t opcode, uint8_t *pdu, if (!sign->counter(&sign_cnt, sign->user_data)) goto fail; - /* Generate signature and verify it */ - if (!bt_crypto_sign_att(att->crypto, sign->key, pdu, - pdu_len - BT_ATT_SIGNATURE_LEN, sign_cnt, - signature)) + /* Verify received signature */ + if (!bt_crypto_verify_att_sign(att->crypto, sign->key, pdu, pdu_len)) goto fail; return true; @@ -918,15 +916,16 @@ fail: return false; } -static void handle_notify(struct bt_att_chan *chan, uint8_t opcode, - uint8_t *pdu, ssize_t pdu_len) +static void handle_notify(struct bt_att_chan *chan, uint8_t *pdu, + ssize_t pdu_len) { struct bt_att *att = chan->att; const struct queue_entry *entry; bool found; + uint8_t opcode = pdu[0]; - if ((opcode & ATT_OP_SIGNED_MASK) && !att->crypto) { - if (!handle_signed(att, opcode, pdu, pdu_len)) + if ((opcode & ATT_OP_SIGNED_MASK) && att->crypto) { + if (!handle_signed(att, pdu, pdu_len)) return; pdu_len -= BT_ATT_SIGNATURE_LEN; } @@ -963,7 +962,7 @@ static void handle_notify(struct bt_att_chan *chan, uint8_t opcode, found = true; if (notify->callback) - notify->callback(chan, opcode, pdu, pdu_len, + notify->callback(chan, opcode, pdu + 1, pdu_len - 1, notify->user_data); /* callback could remove all entries from notify list */ @@ -1054,7 +1053,7 @@ static bool can_read_data(struct io *io, void *user_data) util_debug(att->debug_callback, att->debug_data, "(chan %p) ATT PDU received: 0x%02x", chan, opcode); - handle_notify(chan, opcode, pdu + 1, bytes_read - 1); + handle_notify(chan, pdu, bytes_read); break; } From patchwork Tue Apr 7 08:56:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Archie Pusaka X-Patchwork-Id: 11477749 Return-Path: Received: from mail.kernel.org (pdx-korg-mail-1.web.codeaurora.org [172.30.200.123]) by pdx-korg-patchwork-2.web.codeaurora.org (Postfix) with ESMTP id 3F8BD1392 for ; Tue, 7 Apr 2020 08:56:43 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id 1CF8620771 for ; Tue, 7 Apr 2020 08:56:43 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=pass (2048-bit key) header.d=google.com header.i=@google.com header.b="MwSfnbxb" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727923AbgDGI4m (ORCPT ); Tue, 7 Apr 2020 04:56:42 -0400 Received: from mail-pl1-f201.google.com ([209.85.214.201]:41331 "EHLO mail-pl1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgDGI4m (ORCPT ); Tue, 7 Apr 2020 04:56:42 -0400 Received: by mail-pl1-f201.google.com with SMTP id u16so134699plq.8 for ; Tue, 07 Apr 2020 01:56:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=lM3d0cm86Nb/bkeV31ug0t8xTN773qSnytS58ID4fmU=; b=MwSfnbxbtCi7NUeb2ybu+8+EpQNsj4n8o3YC4LBPOjQKdYub2Fa97PCNRAw1WCAXkK kemZ7fmHPXqeXL4oxB9xumo+NdpNze+IHHvmXDkiauJNHdATDn/UMmhEsL1Jv+3oyWV/ 8S7I7Ou/EOpJSyvDIs6CZGV07nAtIFxKADpvEc1MiQNRSpaQ3MeLjiRLoIFiQPV8zbrb jf8y/7ZT5lhVuf9uACFmaKXJLFkjfR29DBEoCm/GfZA/Ij2CO4dcAE4e89MW4zHhvhBx JE1HGhcc9Sj5cN9kvXHR+b4Xpr1+txc0A9jGoVaAsSkDJSQvoFJjX1oLBRTpwNe/IVaD nf3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=lM3d0cm86Nb/bkeV31ug0t8xTN773qSnytS58ID4fmU=; b=rXwA5jwdL+x92nV+iq6ehOd38gN4805+jK0VKcOzmwj26RskBvtGxaYSU3iHhySTPJ roWP45TY90Kwn+DUeUIiQstGHZnFiojsnFdCk40YKAZ9p5QAk219F/7wqpQwB9ARbmu6 Fqz1p6H6lL3Njj8oVZRLJjwhjaZ1yiEfofUh6/7yGF0U8tIDNkLhuzN4oNii6FVzuNRV C9Lrk6bQlR24PMGEb3qWZxx46P9q8MvRjm3yHdy6m+ahqj9haxVKu67kEhbGXzJGweZP mEXq2MZnEW2csqeZdqxEy+CFXzAy9ZLOJT3J/r8gByagD9dBQI06iN+E9XcChkpioJwS KJNw== X-Gm-Message-State: AGi0PuZu3bqZNWHc0MrPWcEWaFhjwcEm3RL6YNEJSyS0P4PGS0dDYXFk S6811B7IJKaZkX2VBo1pNXjuQIMu/B+5jtlEKoI3EjdiDk4504poQV59YKe0iAjaDzevI9/M3WK bNEv35h3lrAlHC+NrczUkUtn5aECc5MR7kgWuQP/GRhSLlVngxKDuAHADJBFBEkKpwLHqKzTJ35 v4 X-Google-Smtp-Source: APiQypIMMNrQYxg3ncPXrJqdquFwU2eK5R2mMCr7GxUSItIET64/n1qEE810PBDPO/NGfZio7TjeeCnpHLqj X-Received: by 2002:a17:90b:30f:: with SMTP id ay15mr1560079pjb.134.1586249799353; Tue, 07 Apr 2020 01:56:39 -0700 (PDT) Date: Tue, 7 Apr 2020 16:56:10 +0800 In-Reply-To: <20200407085610.231013-1-apusaka@google.com> Message-Id: <20200407165521.Bluez.v4.4.I6813a39e5d8499d24471d7b575c7ef6c493a046c@changeid> Mime-Version: 1.0 References: <20200407085610.231013-1-apusaka@google.com> X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog Subject: [Bluez PATCH v4 4/4] unit/test-gatt: Fix unknown request with signed bit From: Archie Pusaka To: linux-bluetooth , Luiz Augusto von Dentz Cc: Archie Pusaka Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Archie Pusaka The BT spec doesn't make it explicit of what should happen when receiving a bad signed att request packet. According to BT core spec Vol 3, Part C, Sec 10.4.2: A device receiving signed data shall authenticate it by performing the Signing Algorithm. If the MAC computed by the Signing Algorithm does not match the received MAC, the verification fails and the Host shall ignore the received Data PDU. According to BT core spec Vol 3, Part F, Sec 3.3 If a server receives a request that it does not support, then the server shall respond with the ATT_ERROR_RSP PDU with the error code Request Not Supported. This patch does this two things: (1) Removing the signed bit to the existing tests so they are not in a conflicting state within the bluetooth spec, while still keeping the original intent of the test. (2) Add another test that purposely fall within this grey area with some comments. --- Changes in v4: - Fixing test-gatt.c Changes in v3: None Changes in v2: None unit/test-gatt.c | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/unit/test-gatt.c b/unit/test-gatt.c index 36dd2847c..139a6fc72 100644 --- a/unit/test-gatt.c +++ b/unit/test-gatt.c @@ -4473,16 +4473,38 @@ int main(int argc, char *argv[]) raw_pdu(0x18, 0x01), raw_pdu(0x01, 0x18, 0x25, 0x00, 0x06)); - define_test_server("/robustness/unkown-request", + define_test_server("/robustness/unknown-request", test_server, service_db_1, NULL, raw_pdu(0x03, 0x00, 0x02), - raw_pdu(0xbf, 0x00), - raw_pdu(0x01, 0xbf, 0x00, 0x00, 0x06)); + raw_pdu(0x3f, 0x00), + raw_pdu(0x01, 0x3f, 0x00, 0x00, 0x06)); + + define_test_server("/robustness/unknown-command", + test_server, service_db_1, NULL, + raw_pdu(0x03, 0x00, 0x02), + raw_pdu(0x7f, 0x00), + raw_pdu()); - define_test_server("/robustness/unkown-command", + /* + * According to BT core spec Vol 3, Part C, Sec 10.4.2: + * A device receiving signed data shall authenticate it by performing + * the Signing Algorithm. If the MAC computed by the Signing Algorithm + * does not match the received MAC, the verification fails and the Host + * shall ignore the received Data PDU. + * + * However, according to BT core spec Vol 3, Part F, Sec 3.3 + * If a server receives a request that it does not support, then the + * server shall respond with the ATT_ERROR_RSP PDU with the error code + * Request Not Supported. + * + * Since there is no explicit instruction on what should be done in + * case the server receives a bad signed unsupported request, here + * we just ignore the received PDU. + */ + define_test_server("/robustness/signed-unknown-request", test_server, service_db_1, NULL, raw_pdu(0x03, 0x00, 0x02), - raw_pdu(0xff, 0x00), + raw_pdu(0xbf, 0x00), raw_pdu()); return tester_run();