mirror of
https://github.com/bluekitchen/btstack.git
synced 2025-03-25 16:43:28 +00:00
sm: store non-truncated LTK in setup->sm_local_ltk for cross transport key derivation - see E6405
This commit is contained in:
parent
893e933318
commit
b18300a6ef
11
src/ble/sm.c
11
src/ble/sm.c
@ -1406,7 +1406,12 @@ static void sm_sc_cmac_done(uint8_t * hash){
|
||||
sm_conn->sm_engine_state = SM_SC_W2_CALCULATE_F5_LTK;
|
||||
break;
|
||||
case SM_SC_W4_CALCULATE_F5_LTK:
|
||||
// truncate sm_ltk, but keep full LTK for cross-transport key derivation in sm_local_ltk
|
||||
// Errata Service Release to the Bluetooth Specification: ESR09
|
||||
// E6405 – Cross transport key derivation from a key of size less than 128 bits
|
||||
// Note: When the BR/EDR link key is being derived from the LTK, the derivation is done before the LTK gets masked."
|
||||
memcpy(setup->sm_ltk, hash, 16);
|
||||
memcpy(setup->sm_local_ltk, 16);
|
||||
sm_truncate_key(setup->sm_ltk, sm_conn->sm_actual_encryption_key_size);
|
||||
sm_conn->sm_engine_state = SM_SC_W2_CALCULATE_F6_FOR_DHKEY_CHECK;
|
||||
break;
|
||||
@ -1701,8 +1706,12 @@ static void h6_engine(sm_connection_t * sm_conn, const sm_key_t w, const uint32_
|
||||
sm_cmac_general_start(w, message_len, &sm_sc_cmac_get_byte, &sm_sc_cmac_done);
|
||||
}
|
||||
|
||||
// For SC, setup->sm_local_ltk holds full LTK (sm_ltk is already truncated)
|
||||
// Errata Service Release to the Bluetooth Specification: ESR09
|
||||
// E6405 – Cross transport key derivation from a key of size less than 128 bits
|
||||
// "Note: When the BR/EDR link key is being derived from the LTK, the derivation is done before the LTK gets masked."
|
||||
static void h6_calculate_ilk(sm_connection_t * sm_conn){
|
||||
h6_engine(sm_conn, setup->sm_ltk, 0x746D7031); // "tmp1"
|
||||
h6_engine(sm_conn, setup->sm_local_ltk, 0x746D7031); // "tmp1"
|
||||
}
|
||||
|
||||
static void h6_calculate_br_edr_link_key(sm_connection_t * sm_conn){
|
||||
|
Loading…
x
Reference in New Issue
Block a user