sm: abort pairing if bonding information is not deleted in re-erncryption failed handler with ENABLE_LE_PROACTIVE_AUTHENTICATION

2025-03-17 01:21:04 +00:00 · 2020-12-07 12:38:37 +01:00 · 2020-12-07 12:38:37 +01:00 · 19a4077283
commit 19a4077283
parent 9b75de03b9
1 changed files with 16 additions and 1 deletions
--- a/src/ble/sm.c
+++ b/src/ble/sm.c
@ -2668,15 +2668,30 @@ static void sm_run(void){
                        have_ltk = !sm_is_null_key(ltk);
                        if (have_ltk){
                            log_info("pairing request but LTK available");
-                            // emit re-ecnryption start/fail sequence
+                            // emit re-encryption start/fail sequence
                            sm_reencryption_started(connection);
                            sm_reencryption_complete(connection, ERROR_CODE_PIN_OR_KEY_MISSING);
                        }
                        break;
                    default:
+                        have_ltk = false;
                        break;
                }

+#ifdef ENABLE_LE_PROACTIVE_AUTHENTICATION
+                // Reject pairing if we (still) have LTK
+                if (have_ltk){
+                    memset(ltk, 0, 16);
+                    le_device_db_encryption_get(connection->sm_le_db_index, NULL, NULL, ltk, NULL, NULL, NULL, NULL);
+                    have_ltk = !sm_is_null_key(ltk);
+                    if (have_ltk){
+                        connection->sm_le_db_index = -1;
+                        sm_pairing_error(connection, SM_REASON_UNSPECIFIED_REASON);
+                        break;
+                    }
+                }
+#endif
+
 				sm_init_setup(connection);
                sm_pairing_started(connection);