[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 11 Nov 2020 10:52:48 +0100
From: Marcel Holtmann <marcel@...tmann.org>
To: Archie Pusaka <apusaka@...gle.com>
Cc: linux-bluetooth <linux-bluetooth@...r.kernel.org>,
CrosBT Upstreaming <chromeos-bluetooth-upstreaming@...omium.org>,
Archie Pusaka <apusaka@...omium.org>,
Alain Michaud <alainm@...omium.org>,
"David S. Miller" <davem@...emloft.net>,
Jakub Kicinski <kuba@...nel.org>,
Johan Hedberg <johan.hedberg@...il.com>,
open list <linux-kernel@...r.kernel.org>,
netdev@...r.kernel.org
Subject: Re: [PATCH v2] Bluetooth: Enforce key size of 16 bytes on FIPS level
Hi Archie,
> According to the spec Ver 5.2, Vol 3, Part C, Sec 5.2.2.8:
> Device in security mode 4 level 4 shall enforce:
> 128-bit equivalent strength for link and encryption keys required
> using FIPS approved algorithms (E0 not allowed, SAFER+ not allowed,
> and P-192 not allowed; encryption key not shortened)
>
> This patch rejects connection with key size below 16 for FIPS
> level services.
>
> Signed-off-by: Archie Pusaka <apusaka@...omium.org>
> Reviewed-by: Alain Michaud <alainm@...omium.org>
>
> ---
>
> Sorry for the long delay. This patch fell out of my radar.
>
> Changes in v2:
> * Add comment on enforcing 16 bytes key size
>
> net/bluetooth/l2cap_core.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
patch has been applied to bluetooth-next tree.
Regards
Marcel
Powered by blists - more mailing lists