From 613da3de4622303cf6d8e95d99a2aed55af9d1f0 Mon Sep 17 00:00:00 2001
From: Matthias Ringwald <matthias@ringwald.ch>
Date: Thu, 23 Jun 2016 12:57:43 +0200
Subject: [PATCH] sm: store LTK in db for SC. document key management strategy

---
 src/ble/sm.c | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/src/ble/sm.c b/src/ble/sm.c
index ac2ffa3b8..6916fc544 100644
--- a/src/ble/sm.c
+++ b/src/ble/sm.c
@@ -1261,7 +1261,6 @@ static void sm_key_distribution_handle_all_received(sm_connection_t * sm_conn){
     }
 
     if (le_db_index >= 0){
-        le_device_db_local_counter_set(le_db_index, 0);
         
         // store local CSRK
         if (setup->sm_key_distribution_send_set & SM_KEYDIST_FLAG_SIGNING_IDENTIFICATION){
@@ -1277,9 +1276,10 @@ static void sm_key_distribution_handle_all_received(sm_connection_t * sm_conn){
             le_device_db_remote_counter_set(le_db_index, 0);
         }
 
-        // store encryption information
-        if (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_ENCRYPTION_INFORMATION   
-            && setup->sm_key_distribution_received_set &  SM_KEYDIST_FLAG_MASTER_IDENTIFICATION){
+        // store encryption information if a) secure connections or b) peer LTK, EDIV, RAND have been received
+        if ((setup->sm_use_secure_connections)
+            || (  (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_ENCRYPTION_INFORMATION)   
+               && (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_MASTER_IDENTIFICATION ))){
             log_info("sm: set encryption information (key size %u, authenticatd %u)", sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated);
             le_device_db_encryption_set(le_db_index, setup->sm_peer_ediv, setup->sm_peer_rand, setup->sm_peer_ltk,
                 sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated, sm_conn->sm_connection_authorization_state == AUTHORIZATION_GRANTED);
@@ -1393,6 +1393,11 @@ static void sm_sc_cmac_done(uint8_t * hash){
             sm_conn->sm_engine_state = SM_SC_W2_CALCULATE_F5_LTK;
             break;            
         case SM_SC_W4_CALCULATE_F5_LTK:
+            // store data for later key storage
+            setup->sm_peer_ediv = 0;
+            memset(setup->sm_peer_rand, 0, 8);
+            memcpy(setup->sm_peer_ltk, hash, 16);
+            // store generated LTK and continue
             memcpy(setup->sm_ltk, hash, 16);
             sm_conn->sm_engine_state = SM_SC_W2_CALCULATE_F6_FOR_DHKEY_CHECK;
             break; 
@@ -1697,6 +1702,15 @@ static void h6_calculate_br_edr_link_key(sm_connection_t * sm_conn){
 
 #endif
 
+// key management legacy connections:
+// - potentially two different LTKs based on direction. each device stores LTK provided by peer
+// - master stores LTK, EDIV, RAND. responder optionally stored master LTK (only if it needs to reconnect)
+// - initiators reconnects: initiator uses stored LTK, EDIV, RAND generated by responder
+// - responder  reconnects: responder uses LTK receveived from master
+
+// key management secure connections:
+// - both devices store same LTK from ECDH key exchange. 
+
 static void sm_load_security_info(sm_connection_t * sm_connection){
     int encryption_key_size;
     int authenticated;