Received: by 2002:a25:6193:0:0:0:0:0 with SMTP id v141csp4162507ybb;
        Tue, 7 Apr 2020 01:57:14 -0700 (PDT)
X-Google-Smtp-Source: APiQypLkufWX692Jilom+n9NlX/KFNSp1STqnogK3w2zpKbvJuC68JQ190waZ+KbJqlxaNSqhuh+
X-Received: by 2002:a9d:1c8e:: with SMTP id l14mr720756ota.151.1586249834016;
        Tue, 07 Apr 2020 01:57:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1586249834; cv=none;
        d=google.com; s=arc-20160816;
        b=NQ5jimpk5IE2W40MmCuR/wVDz4Pmx+B4U8BVPWmKE3mRHLviTgQJ6jtoTpasHSbd/3
         Km6ALVnj8ci+uEFcyhItYCaJLKfG1hEtybnoDIHzR3+rHdpE9eU1oO2pQwYTlk0/oZKo
         mF/rkdkJ4u4yAq39BKW9f332XIymXZT1KLERH01lJwz7iWn456uWUTpYg5Fexyt0Snta
         rFjnj0n3/OAlg8FEUyFGBRHwooh5SoTQHI1R9R1spnda4x3rj6+xQwihmK0o7aEUy1N+
         bxnM04miVLQhQn8pPy4sWtTwSt8gMspzCVXHGdEir5nIttVyp1YjVxxpBFAsaW9LdwiW
         I6Ew==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:from:subject:mime-version
         :message-id:date:dkim-signature;
        bh=MsletKaS9d38EHgVig7lT8fVNs9FCtETCC+O92XYQKc=;
        b=CYVvkOyw0w2htMVq+mbCBVEizrcXs4V81hWGT/9bX58wvKQHDVTszkgSO9aH8pFJGf
         qQXVyL6NhsBcwbfE8dYmgG2Q5ZsQLx00ZCYe3g4j4RaKNub0xmS8cnIZl5+d9FdewBt2
         WMhnT/NUUSAqbJi3kk1HjG1GthHS59b438ImhCpjiQnuue/b//tpvGNbnWpLns/6ZTnM
         PjdapIRpzu5Ik16JMUDyQcKtBs3y9XLN0TRl8KSwq60+7mqfz4Y/HrjwLDD0ZvekgE3y
         mQ46R1zeqMFwglUBBJr6ft6khmZ3n/bb11MKdrxtHdGoafqiu3rlu42QhAolQpuHbK1j
         fB0A==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=aofYEHqw;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Return-Path: <linux-bluetooth-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id e25si1072752oti.274.2020.04.07.01.56.25;
        Tue, 07 Apr 2020 01:57:13 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@google.com header.s=20161025 header.b=aofYEHqw;
       spf=pass (google.com: best guess record for domain of linux-bluetooth-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org;
       dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1726353AbgDGI4S (ORCPT <rfc822;dungeonmaster2392@gmail.com>
        + 99 others); Tue, 7 Apr 2020 04:56:18 -0400
Received: from mail-qk1-f201.google.com ([209.85.222.201]:39466 "EHLO
        mail-qk1-f201.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1725883AbgDGI4S (ORCPT
        <rfc822;linux-bluetooth@vger.kernel.org>);
        Tue, 7 Apr 2020 04:56:18 -0400
Received: by mail-qk1-f201.google.com with SMTP id a21so2493709qkg.6
        for <linux-bluetooth@vger.kernel.org>; Tue, 07 Apr 2020 01:56:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=google.com; s=20161025;
        h=date:message-id:mime-version:subject:from:to:cc;
        bh=MsletKaS9d38EHgVig7lT8fVNs9FCtETCC+O92XYQKc=;
        b=aofYEHqwgI1ki+uweyFbtZh9+Edg1qkGZwlDx9hcnNEOCT8i6prY8DfW6Kf4ocrZht
         X9AxdITpr56vdGak7/WH0Q/tVcyRlbQVCjiqaCudFWQxvkABLy0MXx8p7v8ZmKikw/0L
         30kq9wwVg2EYxU7GzoTaXn2rDz/kmK1G0PDRnhh8e0QvDEdQpncuVgjsuJvM+Li35Hk8
         3e2EJxjQYtQoO3HLGd8BCqeE8hK/a2noAaL8c6X/XjM6qiJU2vEKB+H9QaslkM8NNSUf
         CgCgeFwJuEuLqCKAqxqtOD5UgfYMWa0dB5Hh4F0sxT/XzVsA2Q1Bz4eYnsuv/Awsy9+b
         Xmig==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:message-id:mime-version:subject:from:to:cc;
        bh=MsletKaS9d38EHgVig7lT8fVNs9FCtETCC+O92XYQKc=;
        b=PeS9sCbr75ycCOQW0CHg6F4W8pI8QlZwd79lKx5QRx4ELrgno1eP1NryYTUsJU7QTE
         saapJ6jPDOmlkG4ky6xOEwbDEArqq95Yb1cKdpMFH8h7Rw6hBecCtJ6b/9lsibAs8Q4N
         ZW18kV03z4+5fRSufUtF8DOshraB74VtvM2i+xyk6nS17MFj3jPMAzbh9YFk70SvoxY+
         z+7R1hsW+HiBKSLnUvyS0qB9tWA7Jxucj4+pfVHRy9oxzUSaFMrOTa0w+UrQBicXLK3R
         eLIFZk8Y3+wMsTYlmeNDYgu6TM56tWqpBaXSwQM1p85raFJpaAr7MKkUGU+awXovc9Zj
         iuig==
X-Gm-Message-State: AGi0PuYdn1MDPGWlaLA2J9qBnrOmiRipYYm2XA7yDwbJ7VxFGBEkTJI7
        eiCYrYYCzAGgfcX49ZEimmcJ2SuslyZFRYlGA8Tq7182v7tCsHlJqqPyJ6kk1sjRg99cJ7fpm/i
        Zs1pUD+gNE/i2Xma15sw8d/Kafy2pNw73N5K9B+Sf6m3/Y0Qzsa3way02xls1UixjcPMHcPVq2Q
        CT
X-Received: by 2002:ac8:7752:: with SMTP id g18mr1172115qtu.125.1586249777280;
 Tue, 07 Apr 2020 01:56:17 -0700 (PDT)
Date:   Tue,  7 Apr 2020 16:56:06 +0800
Message-Id: <20200407085610.231013-1-apusaka@google.com>
Mime-Version: 1.0
X-Mailer: git-send-email 2.26.0.292.g33ef6b2f38-goog
Subject: [Bluez PATCH v4 0/4] Check the signature of att packets
From:   Archie Pusaka <apusaka@google.com>
To:     linux-bluetooth <linux-bluetooth@vger.kernel.org>,
        Luiz Augusto von Dentz <luiz.dentz@gmail.com>
Cc:     Archie Pusaka <apusaka@chromium.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-bluetooth-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-bluetooth.vger.kernel.org>
X-Mailing-List: linux-bluetooth@vger.kernel.org

From: Archie Pusaka <apusaka@chromium.org>

According to bluetooth spec Ver 5.1, Vol 3, Part C (GAP), 10.4.2
A device receiving signed data shall authenticate it by performing
the Signing Algorithm. The signed data shall be authenticated by
performing the Signing Algorithm where m is the Data PDU to be
authenticated, k is the stored CSRK and the SignCounter is the
received counter value. If the MAC computed by the Signing
Algorithm does not match the received MAC, the verification fails
and the Host shall ignore the received Data PDU.

Currently bluez ignore the signature of received signed att
packets, as the function bt_crypto_sign_att() only generates the
signature, and not actually make any check about the genuineness
of the signature itself.

This patch also fix a wrong boolean condition which prevents
handle_signed() to be called.

Tested to pass these BT certification test
SM/MAS/SIGN/BV-03-C
SM/MAS/SIGN/BI-01-C

Changes in v4:
- Fix wrong variable assignment
- Fixing test-gatt.c

Changes in v3:
- Add check for the case where pdu_len < ATT_SIGN_LEN
- Add unit test
- Separate into three patches

Changes in v2:
- Move the signature verification part to crypto.c
- Attempt not to copy the whole pdu while verifying the signature
  by not separating the opcode from the rest of pdu too early, so
  we don't have to rejoin them later.

Archie Pusaka (4):
  shared/crypto: Add bt_crypto_verify_att_sign
  unit/test-crypto: test for bt_crypto_verify_att_sign
  shared/att: Check the signature of att packets
  unit/test-gatt: Fix unknown request with signed bit

 src/shared/att.c    | 25 +++++++++----------
 src/shared/crypto.c | 28 +++++++++++++++++++--
 src/shared/crypto.h |  2 ++
 unit/test-crypto.c  | 59 +++++++++++++++++++++++++++++++++++++++++++++
 unit/test-gatt.c    | 32 ++++++++++++++++++++----
 5 files changed, 126 insertions(+), 20 deletions(-)

-- 
2.26.0.292.g33ef6b2f38-goog