mirror of
https://github.com/bluekitchen/btstack.git
synced 2024-12-28 15:20:39 +00:00
sm starts encryption using ltk/ediv/rand from previous bonding
This commit is contained in:
matthias.ringwald@gmail.com
parent
9ec080fd8e
commit
85cacb82ec
40
ble/sm.c
40
ble/sm.c
@ -1008,9 +1008,8 @@ static void sm_run(void){
|
||||
break;
|
||||
case SM_INITIATOR_PH0_HAS_LTK:
|
||||
// fetch data from device db
|
||||
// ltk
|
||||
// ediv
|
||||
// rand
|
||||
le_device_db_encryption_get(sm_connection->sm_le_db_index, &setup->sm_peer_ediv, setup->sm_peer_rand, setup->sm_peer_ltk);
|
||||
sm_connection->sm_engine_state = SM_INITIATOR_PH0_SEND_START_ENCRYPTION;
|
||||
break;
|
||||
case SM_RESPONDER_PH0_RECEIVED_LTK:
|
||||
// re-establish previously used LTK using Rand and EDIV
|
||||
@ -1058,6 +1057,14 @@ static void sm_run(void){
|
||||
switch (connection->sm_engine_state){
|
||||
|
||||
// initiator side
|
||||
case SM_INITIATOR_PH0_SEND_START_ENCRYPTION: {
|
||||
sm_key_t peer_ltk_flipped;
|
||||
swap128(setup->sm_peer_ltk, peer_ltk_flipped);
|
||||
connection->sm_engine_state = SM_INITIATOR_PH0_W4_CONNECTION_ENCRYPTED;
|
||||
hci_send_cmd(&hci_le_start_encryption, connection->sm_handle, setup->sm_peer_rand, setup->sm_peer_ediv, peer_ltk_flipped);
|
||||
return;
|
||||
}
|
||||
|
||||
case SM_INITIATOR_PH1_SEND_PAIRING_REQUEST:
|
||||
setup->sm_m_preq.code = SM_CODE_PAIRING_REQUEST;
|
||||
connection->sm_engine_state = SM_INITIATOR_PH1_W4_PAIRING_RESPONSE;
|
||||
@ -1652,12 +1659,20 @@ static void sm_event_packet_handler (uint8_t packet_type, uint16_t channel, uint
|
||||
sm_conn->sm_actual_encryption_key_size);
|
||||
if (!sm_conn->sm_connection_encrypted) break;
|
||||
// continue if part of initial pairing
|
||||
if (sm_conn->sm_engine_state == SM_PH2_W4_CONNECTION_ENCRYPTED) {
|
||||
if (sm_conn->sm_role){
|
||||
sm_conn->sm_engine_state = SM_PH3_GET_RANDOM;
|
||||
} else {
|
||||
sm_conn->sm_engine_state = SM_PH3_RECEIVE_KEYS;
|
||||
}
|
||||
switch (sm_conn->sm_engine_state){
|
||||
case SM_INITIATOR_PH0_W4_CONNECTION_ENCRYPTED:
|
||||
sm_conn->sm_engine_state = SM_GENERAL_IDLE;
|
||||
sm_done_for_handle(sm_conn->sm_handle);
|
||||
break;
|
||||
case SM_PH2_W4_CONNECTION_ENCRYPTED:
|
||||
if (sm_conn->sm_role){
|
||||
sm_conn->sm_engine_state = SM_PH3_GET_RANDOM;
|
||||
} else {
|
||||
sm_conn->sm_engine_state = SM_PH3_RECEIVE_KEYS;
|
||||
}
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
break;
|
||||
|
||||
@ -1667,6 +1682,13 @@ static void sm_event_packet_handler (uint8_t packet_type, uint16_t channel, uint
|
||||
sm_conn = sm_get_connection_for_handle(handle);
|
||||
if (!sm_conn) break;
|
||||
|
||||
// delete stored bonding on disconnect with authentication failure in ph0
|
||||
if (sm_conn->sm_role == 0
|
||||
&& sm_conn->sm_engine_state == SM_INITIATOR_PH0_W4_CONNECTION_ENCRYPTED
|
||||
&& packet[2] == ERROR_CODE_AUTHENTICATION_FAILURE){
|
||||
le_device_db_remove(sm_conn->sm_le_db_index);
|
||||
}
|
||||
|
||||
sm_conn->sm_engine_state = SM_GENERAL_IDLE;
|
||||
sm_conn->sm_handle = 0;
|
||||
break;
|
||||
|
||||
@ -164,7 +164,7 @@ static void sm_event_packet_handler (void * connection, uint8_t packet_type, uin
|
||||
|
||||
case HCI_SUBEVENT_LE_LONG_TERM_KEY_REQUEST:
|
||||
log_info("LTK Request: state %u", sm_state_responding);
|
||||
sm_state_responding = SM_RESPONDER_SEND_LTK_REQUESTED_NEGATIVE_REPLY;
|
||||
sm_state_responding = SM_RESPONDER_PH0_SEND_LTK_REQUESTED_NEGATIVE_REPLY;
|
||||
break;
|
||||
|
||||
default:
|
||||
@ -192,7 +192,7 @@ static void sm_run(void){
|
||||
|
||||
// assert that we can send either one
|
||||
switch (sm_state_responding){
|
||||
case SM_RESPONDER_SEND_LTK_REQUESTED_NEGATIVE_REPLY:
|
||||
case SM_RESPONDER_PH0_SEND_LTK_REQUESTED_NEGATIVE_REPLY:
|
||||
if (!hci_can_send_command_packet_now()) return;
|
||||
hci_send_cmd(&hci_le_long_term_key_negative_reply, sm_response_handle);
|
||||
sm_state_responding = SM_GENERAL_IDLE;
|
||||
|
||||
@ -47,11 +47,11 @@ GATT_CLIENT += \
|
||||
|
||||
SM_REAL += \
|
||||
sm.c \
|
||||
le_device_db_memory.c \
|
||||
le_device_db_memory.c \
|
||||
|
||||
SM_MINIMAL += \
|
||||
sm_minimal.c \
|
||||
le_db_dummy.c \
|
||||
le_device_db_dummy.c \
|
||||
|
||||
PAN += \
|
||||
pan.c \
|
||||
|
||||
@ -626,10 +626,11 @@ extern "C" {
|
||||
|
||||
// from Bluetooth Core Specification
|
||||
#define ERROR_CODE_UNKNOWN_CONNECTION_IDENTIFIER 0x02
|
||||
#define ERROR_CODE_AUTHENTICATION_FAILURE 0x05
|
||||
#define ERROR_CODE_COMMAND_DISALLOWED 0x0C
|
||||
#define ERROR_CODE_PAIRING_NOT_ALLOWED 0x18
|
||||
#define ERROR_CODE_INSUFFICIENT_SECURITY 0x2F
|
||||
|
||||
|
||||
// last error code in 2.1 is 0x38 - we start with 0x50 for BTstack errors
|
||||
#define BTSTACK_CONNECTION_TO_BTDAEMON_FAILED 0x50
|
||||
#define BTSTACK_ACTIVATION_FAILED_SYSTEM_BLUETOOTH 0x51
|
||||
|
||||
@ -409,13 +409,13 @@ typedef enum {
|
||||
SM_INITIATOR_CONNECTED,
|
||||
SM_INITIATOR_PH0_HAS_LTK,
|
||||
SM_INITIATOR_PH0_SEND_START_ENCRYPTION,
|
||||
SM_INITIATOR_PH0_W4_CONNECTION_ENCRYPTED,
|
||||
SM_INITIATOR_PH1_W2_SEND_PAIRING_REQUEST,
|
||||
SM_INITIATOR_PH1_SEND_PAIRING_REQUEST,
|
||||
SM_INITIATOR_PH1_W4_PAIRING_RESPONSE,
|
||||
SM_INITIATOR_PH2_W4_PAIRING_CONFIRM,
|
||||
SM_INITIATOR_PH2_W4_PAIRING_RANDOM,
|
||||
SM_INITIATOR_PH3_SEND_START_ENCRYPTION,
|
||||
SM_INITIATOR_PH3_XXXX,
|
||||
|
||||
} security_manager_state_t;
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user