zephyrbot
commented
5 months ago Hi @jhedberg, @jori-nordic,
This issue, marked as an Enhancement, was opened a while ago and did not get any traction. It was just assigned to you based on the labels. If you don't consider yourself the right person to address this issue, please re-assing it to the right person.
Please take a moment to review if the issue is still relevant to the project. If it is, please provide feedback and direction on how to move forward. If it is not, has already been addressed, is a duplicate, or is no longer relevant, please close it with a short comment explaining the reason.
@sjanc you are also encouraged to help moving this issue forward by providing additional information and confirming this request/issue is still relevant to you.
Thanks!
Is your enhancement proposal related to a problem? Please describe.
Currently encryption key size verification is letf up to application in accept() callback, while security level is validated by the stack. This could be simplified and keysize could also be validated by the stack so that each application don't have to reimplement this check.
See discussion in for some background: https://github.com/zephyrproject-rtos/zephyr/pull/40177
Describe the solution you'd like
Key size verification could be don in l2cap_check_security() in l2cap.c, and -EPERM would be removed from allowed returns on accept() call (could be left for time being for backward compatibility though)