Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4162504ybb; Tue, 7 Apr 2020 01:57:14 -0700 (PDT) X-Google-Smtp-Source: APiQypLgb+SB++0IYl/sFWAaXBn0RcVpRSvW1fOq4R2qmCd+zgWMJD3T86Jq/yTluzgW5LaOXZr4 X-Received: by 2002:a05:6830:23a3:: with SMTP id m3mr666317ots.265.1586249834001; Tue, 07 Apr 2020 01:57:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586249833; cv=none; d=google.com; s=arc-20160816; b=kR+IMwoTAuQuuUHicLLeA/fSAvXOhx2ItaiUhpg519RQQJp156IleUWTvCEinBkHQ/ HPOaciRZf7sHm5/wur0mmCsxHzv7dxbdUrCqtaTiyuOQE6Il4lRI+ypq1c1loOzYDZDB g77iQDgR//29ylcbDQN56h+ADgJ9xNMpzPwIBfR5goHoD4UVCZkb2/8ub3YL0H80bhJJ x6Mto8ZsuIrjJka+Rh0KYWUmxsB+M/PCKfe6s5ty++3mIFA347bLiXKX6Sa+cBN1LMKm yMORzlIfOOAliuxd4xn2k46kgzFTm+uPTHxZzf10eXrPZIvHvpXVFSb+mnfRPohh+ZEK pzSQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:from:subject:references :mime-version:message-id:in-reply-to:date:dkim-signature; bh=Qeg3a+GT/t1CBST+N2dWD+HdLtuOyVVP4PFOkkE3kV0=; b=dLCmayhdfWnYbxwgltFUCeusSnZz+N4nl2qh2onNNjb+cLSj31TgpMgTYS63y4XWMT jD1+3Lmg/8rx3J9y8YbZymA4wwnyoyb56MuKpI5wKmtlEx1CHx9ATugLLepHLRDCo1dR GWC441PMorYlJ3ADJ6E5aQ92yNPsz2Fwh8jPLDuJbAlYeUrIwMesFDf5ViDo3SPbd1FF rsThxxwM0a+PXdxZ6BVhcg/4dsFNsUxi/0F927EiAYyXAv1quAKstTTgoCgpcjsz7KKR opfygnAWxME4gQ4yW9KOAc2yoB2KoL/X9zEc3WmMU4ZJHGdkjXZGGpICqM822/sUMAT9 xvtg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ucUQYalJ; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i12si414677oii.113.2020.04.07.01.56.42; Tue, 07 Apr 2020 01:57:13 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=ucUQYalJ; spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727945AbgDGI4i (ORCPT + 99 others); Tue, 7 Apr 2020 04:56:38 -0400 Received: from mail-pg1-f202.google.com ([209.85.215.202]:45515 "EHLO mail-pg1-f202.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725883AbgDGI4h (ORCPT ); Tue, 7 Apr 2020 04:56:37 -0400 Received: by mail-pg1-f202.google.com with SMTP id v29so1904832pgo.12 for ; Tue, 07 Apr 2020 01:56:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=date:in-reply-to:message-id:mime-version:references:subject:from:to :cc; bh=Qeg3a+GT/t1CBST+N2dWD+HdLtuOyVVP4PFOkkE3kV0=; b=ucUQYalJDVip2CzNCTR+kxrQn3bouuD1OPeAi994xT35k+WZcAKFoum97a2iQMrgvM sX1KFhSy/5Vxu4aWb95AYr1ha5tc2CvUvCKGcEcQumw+5RqR0BmX1GPNE+0086L8fZdn QwjXWJR9t38PfQ60V9rxVV+xZsYnFg2EGhmDHJxcYwYzRPZlvE6mPkpOclqkoIpfFh3S 6KlcGoWTA5GZSHTYDPq/RHChQ04bbagzYYeuzTcxatzjj7hCZZHepDpOwZnIZGJq/W50 qaZl0FfmMeYNrau/av0YmNpUi8NYX9r8n9r432i3IybBDD2OjsTlFVMNZwz5MpXMF6bk jvFw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:in-reply-to:message-id:mime-version :references:subject:from:to:cc; bh=Qeg3a+GT/t1CBST+N2dWD+HdLtuOyVVP4PFOkkE3kV0=; b=JNzynEOnoyCpdY0dndprkzINzsPH/TCMoAZH+qv8ICDIGTxE4+DKxrifEI2rBxF6Q6 kwf1/+U2PYX9VfFCJ2JVLyRMHFWEKFANx41J44QeTewGuD2gN/ZSv0jkn07Be+u8SOtP wlSd2v+hGia7bRTw2XLm/si3SFzbSOPyhrTrgvogn1RveIila5MDpiihYiBddsOy3Zpg 1akOjuhd0zY9I+2ESOkeNYNSsVA8ScletfSmNPG+a1GuWoXDpSOqzMdrNGX3t51s2zk/ LPTaUX2vjdQCvajUvw3tgL7CAzODsAaRE2q186K0FH+fRnYlnbQK9vs7+RPUUC20bXoq EY9Q== X-Gm-Message-State: AGi0PuZMkijm+Bh+2H8Fv87dcC+2RILkWX/sc6TcWo9CWRknUTkvpw1U VAP+b1o9q8qdSxM3WW1Ogd53TePaALsSrBBHQ6Lmjl2IehquJ6ShlgVRhYLkpMrP/QQNYiJqIjO jwbr3HJJ3KoPkwtqYQx4vwEBeDCMQBKZLk1TyAqkkh5yAfrukci0wd2G3gvHCIOltbgx2hg4iNt E3 X-Received: by 2002:a63:dd0a:: with SMTP id t10mr1037234pgg.50.1586249794429; Tue, 07 Apr 2020 01:56:34 -0700 (PDT) Date: Tue, 7 Apr 2020 16:56:09 +0800 In-Reply-To: <20200407085610.231013-1-apusaka@google.com> Message-Id: <20200407165521.Bluez.v4.3.I28a54f18ca82b58e44689a0c76663e735fefb6f1@changeid> Mime-Version: 1.0 References: <20200407085610.231013-1-apusaka@google.com> X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog Subject: [Bluez PATCH v4 3/4] shared/att: Check the signature of att packets From: Archie Pusaka To: linux-bluetooth , Luiz Augusto von Dentz Cc: Archie Pusaka Content-Type: text/plain; charset="UTF-8" Sender: linux-bluetooth-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org From: Archie Pusaka Tested to pass these BT certification test SM/MAS/SIGN/BV-03-C SM/MAS/SIGN/BI-01-C --- Changes in v4: None Changes in v3: - Separate into three patches Changes in v2: - Move the signature verification part to crypto.c - Attempt not to copy the whole pdu while verifying the signature by not separating the opcode from the rest of pdu too early, so we don't have to rejoin them later. src/shared/att.c | 25 ++++++++++++------------- 1 file changed, 12 insertions(+), 13 deletions(-) diff --git a/src/shared/att.c b/src/shared/att.c index 948a5548b..31c6901fb 100644 --- a/src/shared/att.c +++ b/src/shared/att.c @@ -881,15 +881,15 @@ static void respond_not_supported(struct bt_att *att, uint8_t opcode) NULL); } -static bool handle_signed(struct bt_att *att, uint8_t opcode, uint8_t *pdu, - ssize_t pdu_len) +static bool handle_signed(struct bt_att *att, uint8_t *pdu, ssize_t pdu_len) { uint8_t *signature; uint32_t sign_cnt; struct sign_info *sign; + uint8_t opcode = pdu[0]; /* Check if there is enough data for a signature */ - if (pdu_len < 2 + BT_ATT_SIGNATURE_LEN) + if (pdu_len < 3 + BT_ATT_SIGNATURE_LEN) goto fail; sign = att->remote_sign; @@ -903,10 +903,8 @@ static bool handle_signed(struct bt_att *att, uint8_t opcode, uint8_t *pdu, if (!sign->counter(&sign_cnt, sign->user_data)) goto fail; - /* Generate signature and verify it */ - if (!bt_crypto_sign_att(att->crypto, sign->key, pdu, - pdu_len - BT_ATT_SIGNATURE_LEN, sign_cnt, - signature)) + /* Verify received signature */ + if (!bt_crypto_verify_att_sign(att->crypto, sign->key, pdu, pdu_len)) goto fail; return true; @@ -918,15 +916,16 @@ fail: return false; } -static void handle_notify(struct bt_att_chan *chan, uint8_t opcode, - uint8_t *pdu, ssize_t pdu_len) +static void handle_notify(struct bt_att_chan *chan, uint8_t *pdu, + ssize_t pdu_len) { struct bt_att *att = chan->att; const struct queue_entry *entry; bool found; + uint8_t opcode = pdu[0]; - if ((opcode & ATT_OP_SIGNED_MASK) && !att->crypto) { - if (!handle_signed(att, opcode, pdu, pdu_len)) + if ((opcode & ATT_OP_SIGNED_MASK) && att->crypto) { + if (!handle_signed(att, pdu, pdu_len)) return; pdu_len -= BT_ATT_SIGNATURE_LEN; } @@ -963,7 +962,7 @@ static void handle_notify(struct bt_att_chan *chan, uint8_t opcode, found = true; if (notify->callback) - notify->callback(chan, opcode, pdu, pdu_len, + notify->callback(chan, opcode, pdu + 1, pdu_len - 1, notify->user_data); /* callback could remove all entries from notify list */ @@ -1054,7 +1053,7 @@ static bool can_read_data(struct io *io, void *user_data) util_debug(att->debug_callback, att->debug_data, "(chan %p) ATT PDU received: 0x%02x", chan, opcode); - handle_notify(chan, opcode, pdu + 1, bytes_read - 1); + handle_notify(chan, pdu, bytes_read); break; } -- 2.26.0.292.g33ef6b2f38-goog