Created
September 6, 2023 19:43
-
-
Save Vudentz/be49a40789ec713f9441face9bd642cc to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/net/bluetooth/hci_conn.c b/net/bluetooth/hci_conn.c | |
index 98da2cf6d7bd..09ea09e4d306 100644 | |
--- a/net/bluetooth/hci_conn.c | |
+++ b/net/bluetooth/hci_conn.c | |
@@ -2408,34 +2408,38 @@ int hci_conn_security(struct hci_conn *conn, __u8 sec_level, __u8 auth_type, | |
if (!test_bit(HCI_CONN_AUTH, &conn->flags)) | |
goto auth; | |
- /* An authenticated FIPS approved combination key has sufficient | |
- * security for security level 4. */ | |
- if (conn->key_type == HCI_LK_AUTH_COMBINATION_P256 && | |
- sec_level == BT_SECURITY_FIPS) | |
- goto encrypt; | |
- | |
- /* An authenticated combination key has sufficient security for | |
- security level 3. */ | |
- if ((conn->key_type == HCI_LK_AUTH_COMBINATION_P192 || | |
- conn->key_type == HCI_LK_AUTH_COMBINATION_P256) && | |
- sec_level == BT_SECURITY_HIGH) | |
- goto encrypt; | |
- | |
- /* An unauthenticated combination key has sufficient security for | |
- security level 1 and 2. */ | |
- if ((conn->key_type == HCI_LK_UNAUTH_COMBINATION_P192 || | |
- conn->key_type == HCI_LK_UNAUTH_COMBINATION_P256) && | |
- (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW)) | |
- goto encrypt; | |
- | |
- /* A combination key has always sufficient security for the security | |
- levels 1 or 2. High security level requires the combination key | |
- is generated using maximum PIN code length (16). | |
- For pre 2.1 units. */ | |
- if (conn->key_type == HCI_LK_COMBINATION && | |
- (sec_level == BT_SECURITY_MEDIUM || sec_level == BT_SECURITY_LOW || | |
- conn->pin_length == 16)) | |
- goto encrypt; | |
+ switch (conn->key_type) { | |
+ case HCI_LK_AUTH_COMBINATION_P256: | |
+ /* An authenticated FIPS approved combination key has | |
+ * sufficient security for security level 4 or lower. | |
+ */ | |
+ if (sec_level <= BT_SECURITY_FIPS) | |
+ goto encrypt; | |
+ break; | |
+ case HCI_LK_AUTH_COMBINATION_P192: | |
+ /* An authenticated combination key has sufficient security for | |
+ * security level 3 or lower. | |
+ */ | |
+ if (sec_level <= BT_SECURITY_HIGH) | |
+ goto encrypt; | |
+ break; | |
+ case HCI_LK_UNAUTH_COMBINATION_P192: | |
+ case HCI_LK_UNAUTH_COMBINATION_P256: | |
+ /* An unauthenticated combination key has sufficient security | |
+ * for security level 2 or lower. | |
+ */ | |
+ if (sec_level <= BT_SECURITY_MEDIUM) | |
+ goto encrypt; | |
+ break; | |
+ case HCI_LK_COMBINATION: | |
+ /* A combination key has always sufficient security for the | |
+ * security levels 2 or lower. High security level requires the | |
+ * combination key is generated using maximum PIN code length | |
+ * (16). For pre 2.1 units. | |
+ */ | |
+ if (sec_level <= BT_SECURITY_MEDIUM || conn->pin_length == 16) | |
+ goto encrypt; | |
+ } | |
auth: | |
if (test_bit(HCI_CONN_ENCRYPT_PEND, &conn->flags)) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment