Bluetooth: Fix exposing full value of shortened LTKs When we notify user space of a new LTK or distribute an LTK to the remote peer the value passed should be the shortened version so that it's easy to compare values in various traces. The core spec also sets the requirements for the shortening/masking as: "The masking shall be done after generation and before being distributed, used or stored." Signed-off-by: Johan Hedberg <johan.hedberg@intel.com> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

commit: 1fc62c526a5717c63d9dbedd2e6a530467349713 [log] [tgz]
author: Johan Hedberg <johan.hedberg@intel.com> Wed Jun 10 11:11:20 2015 +0300
committer: Marcel Holtmann <marcel@holtmann.org> Wed Jun 10 10:50:06 2015 +0200
tree: 2a046d6e337cf63bf40f9ac991f2ff46291e9da8
parent: 61b2fc2bb53f162121f4267f10d2a662911f3e86 [diff] [blame]
diff --git a/net/bluetooth/mgmt.c b/net/bluetooth/mgmt.c
index a6f21f8..e41bbe2 100644
--- a/net/bluetooth/mgmt.c
+++ b/net/bluetooth/mgmt.c

@@ -7603,7 +7603,12 @@
 	if (key->type == SMP_LTK)
 		ev.key.master = 1;
 
-	memcpy(ev.key.val, key->val, sizeof(key->val));
+	/* Make sure we copy only the significant bytes based on the
+	 * encryption key size, and set the rest of the value to zeroes.
+	 */
+	memcpy(ev.key.val, key->val, sizeof(key->enc_size));
+	memset(ev.key.val + key->enc_size, 0,
+	       sizeof(ev.key.val) - key->enc_size);
 
 	mgmt_event(MGMT_EV_NEW_LONG_TERM_KEY, hdev, &ev, sizeof(ev), NULL);
 }
commit	1fc62c526a5717c63d9dbedd2e6a530467349713	[log] [tgz]
author	Johan Hedberg <johan.hedberg@intel.com>	Wed Jun 10 11:11:20 2015 +0300
committer	Marcel Holtmann <marcel@holtmann.org>	Wed Jun 10 10:50:06 2015 +0200
tree	2a046d6e337cf63bf40f9ac991f2ff46291e9da8
parent	61b2fc2bb53f162121f4267f10d2a662911f3e86 [diff] [blame]