gap: only store link key if at least one side requests bonding during the IO Capabilities exchange.

2025-03-14 10:21:49 +00:00 · 2024-10-23 15:16:36 +02:00 · 2024-10-23 15:16:36 +02:00 · af411b3ff8
commit af411b3ff8
parent ca8a5d3cc1
2 changed files with 6 additions and 0 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -45,6 +45,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 ### Changed
 - GAP: return command disallowed if disconnect already requested
 - GAP: improve handling of incorrectly resolved addresses in HCI_SUBEVENT_LE_CONNECTION_COMPLETE
+- GAP: only store link key if at least one side requests bonding during the IO Capabilities exchange.
 - GOEP Client: remove goep_client_create_connection. Use goep_client_connect instead.
 - HID Parser: cleanup of function names and signatures
 - HIDS Client: use error code instead of att status in conencted event
--- a/src/hci.c
+++ b/src/hci.c
@ -4017,6 +4017,11 @@ static void event_handler(uint8_t *packet, uint16_t size){
            // only store link key:
            // - if bondable enabled
            if (hci_stack->bondable == false) break;
+            // - if at least one side requests bonding during the IO Capabilities exchange.
+            // Note: we drop bonding flag in acceptor role if remote doesn't request it
+            bool bonding_local  = conn->io_cap_request_auth_req  >= SSP_IO_AUTHREQ_MITM_PROTECTION_NOT_REQUIRED_DEDICATED_BONDING;
+            bool bonding_remote = conn->io_cap_response_auth_req >= SSP_IO_AUTHREQ_MITM_PROTECTION_NOT_REQUIRED_DEDICATED_BONDING;
+            if ((bonding_local == false) && (bonding_remote == false)) break;
            // - if security level sufficient
            if (gap_security_level_for_link_key_type(link_key_type) < conn->requested_security_level) break;
            gap_store_link_key_for_bd_addr(addr, &packet[8], conn->link_key_type);