Hi Tudor, > That Bluetooth SMP knows about the private key is pointless, since the > detection of debug key usage is actually via the public key portion. > With this patch set, the Bluetooth SMP will stop keeping a copy of the > ecdh private key. We let the crypto subsystem to generate and handle > the ecdh private key, potentially benefiting of hardware ecc private key > generation and retention. > > Tested with selftest and with btmon and smp-tester on top of hci_vhci, > with ecdh done in both software and hardware (through atmel-ecc driver). > All tests passed. > > RFC version can be found at: > https://www.mail-archive.com/linux-crypto@xxxxxxxxxxxxxxx/msg28036.html > > Changes in v2: > - add patches 2, 3, 4. > - adress Marcel's suggestions: > - revive the check for accidentally generated debug keys > - bypass the handling of private key to the crypto subsytem, > even when using debug keys. > > > Tudor Ambarus (5): > Bluetooth: move ecdh allocation outside of ecdh_helper > Bluetooth: ecdh_helper - reveal error codes > Bluetooth: selftest - check for errors when computing ZZ > Bluetooth: ecdh_helper - fix leak of private key > Bluetooth: let the crypto subsystem generate the ecc privkey > > net/bluetooth/ecdh_helper.c | 228 ++++++++++++++++++++++---------------------- > net/bluetooth/ecdh_helper.h | 9 +- > net/bluetooth/selftest.c | 46 +++++++-- > net/bluetooth/smp.c | 127 +++++++++++++++--------- > 4 files changed, 240 insertions(+), 170 deletions(-) all 5 patches have been applied to bluetooth-next tree. Regards Marcel
