From f55bd52945f4ddd49af344f18580538ca5157f2b Mon Sep 17 00:00:00 2001
From: Matthias Ringwald <matthias@ringwald.ch>
Date: Tue, 21 Aug 2018 17:59:19 +0200
Subject: [PATCH] sm: drop LTK flag from Pairing Response for Secure
 Connections

---
 CHANGELOG.md |  3 ++-
 src/ble/sm.c | 21 +++++++++++++++------
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 26e15d5d7..57923adf8 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,7 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
 
 ### Fixed
 - GATT Server: Allow enable Notifications/Indication with Write Command. Fixes issue with some Android devices.
-- SM: Fix pairing for Secure Connections with Bonding if remote sends additional keys
+- SM: fix pairing for Secure Connections with Bonding if remote sends additional keys
+- SM: drop LTK flag from Pairing Response for Secure Connections
 
 ## Changes June 2018
 
diff --git a/src/ble/sm.c b/src/ble/sm.c
index 1de7781de..abe81c73c 100644
--- a/src/ble/sm.c
+++ b/src/ble/sm.c
@@ -2358,21 +2358,30 @@ static void sm_run(void){
 
 #ifdef ENABLE_LE_PERIPHERAL
             case SM_RESPONDER_PH1_SEND_PAIRING_RESPONSE:
-                // echo initiator for now
                 sm_pairing_packet_set_code(setup->sm_s_pres,SM_CODE_PAIRING_RESPONSE);
+
+                // start with initiator key dist flags
                 key_distribution_flags = sm_key_distribution_flags_for_auth_req();
 
+#ifdef ENABLE_LE_SECURE_CONNECTIONS
+                // LTK (= encyrption information & master identification) only exchanged for LE Legacy Connection
+                if (setup->sm_use_secure_connections){
+                    key_distribution_flags &= ~SM_KEYDIST_ENC_KEY;
+                }
+#endif
+                // setup in response 
+                sm_pairing_packet_set_initiator_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_initiator_key_distribution(setup->sm_m_preq) & key_distribution_flags);
+                sm_pairing_packet_set_responder_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_responder_key_distribution(setup->sm_m_preq) & key_distribution_flags);
+
+                // update key distribution after ENC was dropped
+                sm_setup_key_distribution(sm_pairing_packet_get_responder_key_distribution(setup->sm_s_pres));
+
                 if (setup->sm_use_secure_connections){
                     connection->sm_engine_state = SM_SC_W4_PUBLIC_KEY_COMMAND;
                 } else {
                     connection->sm_engine_state = SM_RESPONDER_PH1_W4_PAIRING_CONFIRM;
                 }
 
-                sm_pairing_packet_set_initiator_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_initiator_key_distribution(setup->sm_m_preq) & key_distribution_flags);
-                sm_pairing_packet_set_responder_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_responder_key_distribution(setup->sm_m_preq) & key_distribution_flags);
-                // update key distribution after ENC was dropped
-                sm_setup_key_distribution(sm_pairing_packet_get_responder_key_distribution(setup->sm_s_pres));
-
                 l2cap_send_connectionless(connection->sm_handle, L2CAP_CID_SECURITY_MANAGER_PROTOCOL, (uint8_t*) &setup->sm_s_pres, sizeof(sm_pairing_packet_t));
                 sm_timeout_reset(connection);
                 // SC Numeric Comparison will trigger user response after public keys & nonces have been exchanged