Received: by 2002:a25:824b:0:0:0:0:0 with SMTP id d11csp2398898ybn; Thu, 26 Sep 2019 11:16:04 -0700 (PDT) X-Google-Smtp-Source: APXvYqzdv7N4bIDbKBf7g6F+Lt2xzrNJcGbyGTJV7npq2qIpme+RudajK9KOaJZ7T65kLvcohBqr X-Received: by 2002:a17:906:a40d:: with SMTP id l13mr4191126ejz.237.1569521764225; Thu, 26 Sep 2019 11:16:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569521764; cv=none; d=google.com; s=arc-20160816; b=vreNoVJmMliI/oMIBCvM4l6Fo3Sakt28I0G7qWN7r6oei3UCFRH9KwbBL9QgUABjmJ Oq4wQQiK/VYCLgC6QYiueehbY0T4hE0/wIcvGAwPhQSQ2M7F2I0Oaf/Ctk8wDtx5eHzO RDfDvQFX69rPiiO7YCaqerD3ZYCcRYBRBSzcuGpk5JBlcyGjdBrL/qVRBCfwQNrSng/j +h9XZ1ulAan+HUD7RR4WiQMVaYMC7KhQsOXM7yLIsmNnmof1u8JrCGZO7bRhccmy6V7P V+aqz53B3HxlX8wDtL+nOPA/NBY38k6l29HIQQ32106fF66h94OYPDGFm6N2mju9vzO0 dTag== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=hyf66SHJUf7H+4G6lLVU07rRYJsLEDehBc0Kj+P5S+k=; b=C72IvSaGHGVhN1y4eyFPTOWzao+tV2sIaKcReeKONegKNN5EspC1+1IHFKxIA661Nl 3fhciLXeSBwrleG0voE/a2MGtTBhmHZbOwUtN1hgwVj48GHBCHt3qD7XORRhVrsM0qGt ZiMaJ/VwXJvIspnx93PPLhwZ8cHwqBWVKBludHx6W5SteoAUp3oRFEDLA2sg10JFtFtT ZVxjg1OyaP3kIBhfgnd3qjoCgj5fj7rzEUKn4r1Ze/zGCk0O99PSFL6Tda03e75DVy7i inB1e4JSOvq/4Gru+x4DQ9dUNMYKrTuh4k2H00Yk6aa0Y7768vuYNaRMSIxIAeM7Op8q lSwA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id m1si1432684ejb.44.2019.09.26.11.15.09; Thu, 26 Sep 2019 11:16:04 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726029AbfIZSPI (ORCPT + 99 others); Thu, 26 Sep 2019 14:15:08 -0400 Received: from mga03.intel.com ([134.134.136.65]:23188 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727919AbfIZSPI (ORCPT ); Thu, 26 Sep 2019 14:15:08 -0400 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 26 Sep 2019 11:15:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,552,1559545200"; d="scan'208";a="196461224" Received: from bgi1-mobl2.amr.corp.intel.com ([10.251.25.152]) by FMSMGA003.fm.intel.com with ESMTP; 26 Sep 2019 11:15:07 -0700 From: Brian Gix To: linux-bluetooth@vger.kernel.org Cc: brian.gix@intel.com, inga.stotland@intel.com, michal.lowas-rzechonek@silvair.com Subject: [PATCH BlueZ v3 1/3] mesh: Add remote boolean to DevKey transactions Date: Thu, 26 Sep 2019 11:14:42 -0700 Message-Id: <20190926181444.4916-2-brian.gix@intel.com> X-Mailer: git-send-email 2.21.0 In-Reply-To: <20190926181444.4916-1-brian.gix@intel.com> References: <20190926181444.4916-1-brian.gix@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org DevKey operations require authorization on the part of the applications making the requests. Messages to state changing Servers should use device keys from the remote (destination) to demonstrate authorization. --- doc/mesh-api.txt | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/doc/mesh-api.txt b/doc/mesh-api.txt index 9b9f4e3de..a589616eb 100644 --- a/doc/mesh-api.txt +++ b/doc/mesh-api.txt @@ -245,7 +245,7 @@ Methods: org.bluez.mesh.Error.InvalidArguments org.bluez.mesh.Error.NotFound - void DevKeySend(object element_path, uint16 destination, + void DevKeySend(object element_path, uint16 destination, boolean remote, uint16 net_index, array{byte} data) This method is used to send a message originated by a local @@ -259,6 +259,12 @@ Methods: destination must be a uint16 to a unicast address, or a well known group address. + The remote parameter, if true, looks up the device key by the + destination address in the key database to encrypt the message. + If remote is true, but requested key does not exist, a NotFound + error will be returned. If set to false, the local node's + device key is used. + The net_index parameter is the subnet index of the network on which the message is to be sent. @@ -782,8 +788,8 @@ Methods: The data parameter is the incoming message. - void DevKeyMessageReceived(uint16 source, uint16 net_index, - array{byte} data) + void DevKeyMessageReceived(uint16 source, boolean remote, + uint16 net_index, array{byte} data) This method is called by meshd daemon when a message arrives addressed to the application, which was sent with the remote @@ -792,6 +798,11 @@ Methods: The source parameter is unicast address of the remote node-element that sent the message. + The remote parameter if true indicates that the device key + used to decrypt the message was from the sender. False + indicates that the local nodes device key was used, and the + message has permissions to modify local states. + The net_index parameter indicates what subnet the message was received on, and if a response is required, the same subnet must be used to send the response. -- 2.21.0