fixed unsafe use in HCI_SUBEVENT_LE_LONG_TERM_KEY_REQUEST

ble/sm.c

@@ -954,9 +954,9 @@ static void sm_run(void){
             hci_send_cmd(&hci_le_rand);
             sm_state_responding_next_state();
             return;
+
         case SM_STATE_PH2_C1_GET_ENC_B:
         case SM_STATE_PH2_C1_GET_ENC_D:
-        case SM_STATE_PH2_CALC_STK:
         case SM_STATE_PH3_LTK_GET_ENC:
         case SM_STATE_PH4_Y_GET_ENC:
         case SM_STATE_PH4_LTK_GET_ENC:
@@ -983,6 +983,15 @@ static void sm_run(void){
             sm_aes128_start(sm_aes128_key, sm_aes128_plaintext);
             sm_state_responding_next_state();
             break;
+        case SM_STATE_PH2_CALC_STK:
+            // already busy?
+            if (sm_aes128_active) break;
+            // calculate STK
+            sm_aes128_set_key(sm_tk);
+            sm_s1_r_prime(sm_s_random, sm_m_random, sm_aes128_plaintext);
+            sm_aes128_start(sm_aes128_key, sm_aes128_plaintext);
+            sm_state_responding_next_state();
+            break;
         case SM_STATE_PH3_Y_GET_ENC:
             // already busy?
             if (sm_aes128_active) break;
@@ -1357,13 +1366,6 @@ static void sm_event_packet_handler (uint8_t packet_type, uint16_t channel, uint
                         case HCI_SUBEVENT_LE_LONG_TERM_KEY_REQUEST:
                             log_info("LTK Request: state %u", sm_state_responding);
                             if (sm_state_responding == SM_STATE_PH2_W4_LTK_REQUEST){
-
-                                // SM_AES128_PLAINTEXT_USED_WIHTOUT_CHECK
-
-                                // calculate STK
-                                log_info("LTK Request: calculating STK");
-                                sm_aes128_set_key(sm_tk);
-                                sm_s1_r_prime(sm_s_random, sm_m_random, sm_aes128_plaintext);
                                 sm_state_responding = SM_STATE_PH2_CALC_STK;
                                 break;
                             }