mirror/btstack
1
0
Fork 0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-02-22 06:41:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

sm: drop LTK flag from Pairing Response for Secure Connections

Browse Source
This commit is contained in:
Matthias Ringwald 2018-08-21 17:59:19 +02:00
parent 44263cccde
commit f55bd52945
2 changed files with 17 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -11,7 +11,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
### Fixed ### Fixed
- GATT Server: Allow enable Notifications/Indication with Write Command. Fixes issue with some Android devices. - GATT Server: Allow enable Notifications/Indication with Write Command. Fixes issue with some Android devices.
- SM: Fix pairing for Secure Connections with Bonding if remote sends additional keys - SM: fix pairing for Secure Connections with Bonding if remote sends additional keys
- SM: drop LTK flag from Pairing Response for Secure Connections
## Changes June 2018 ## Changes June 2018

21
src/ble/sm.c
View File

@ -2358,21 +2358,30 @@ static void sm_run(void){
#ifdef ENABLE_LE_PERIPHERAL #ifdef ENABLE_LE_PERIPHERAL
case SM_RESPONDER_PH1_SEND_PAIRING_RESPONSE: case SM_RESPONDER_PH1_SEND_PAIRING_RESPONSE:
// echo initiator for now
sm_pairing_packet_set_code(setup->sm_s_pres,SM_CODE_PAIRING_RESPONSE); sm_pairing_packet_set_code(setup->sm_s_pres,SM_CODE_PAIRING_RESPONSE);
// start with initiator key dist flags
key_distribution_flags = sm_key_distribution_flags_for_auth_req(); key_distribution_flags = sm_key_distribution_flags_for_auth_req();
#ifdef ENABLE_LE_SECURE_CONNECTIONS
// LTK (= encyrption information & master identification) only exchanged for LE Legacy Connection
if (setup->sm_use_secure_connections){
key_distribution_flags &= ~SM_KEYDIST_ENC_KEY;
}
#endif
// setup in response
sm_pairing_packet_set_initiator_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_initiator_key_distribution(setup->sm_m_preq) & key_distribution_flags);
sm_pairing_packet_set_responder_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_responder_key_distribution(setup->sm_m_preq) & key_distribution_flags);
// update key distribution after ENC was dropped
sm_setup_key_distribution(sm_pairing_packet_get_responder_key_distribution(setup->sm_s_pres));
if (setup->sm_use_secure_connections){ if (setup->sm_use_secure_connections){
connection->sm_engine_state = SM_SC_W4_PUBLIC_KEY_COMMAND; connection->sm_engine_state = SM_SC_W4_PUBLIC_KEY_COMMAND;
} else { } else {
connection->sm_engine_state = SM_RESPONDER_PH1_W4_PAIRING_CONFIRM; connection->sm_engine_state = SM_RESPONDER_PH1_W4_PAIRING_CONFIRM;
} }
sm_pairing_packet_set_initiator_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_initiator_key_distribution(setup->sm_m_preq) & key_distribution_flags);
sm_pairing_packet_set_responder_key_distribution(setup->sm_s_pres, sm_pairing_packet_get_responder_key_distribution(setup->sm_m_preq) & key_distribution_flags);
// update key distribution after ENC was dropped
sm_setup_key_distribution(sm_pairing_packet_get_responder_key_distribution(setup->sm_s_pres));
l2cap_send_connectionless(connection->sm_handle, L2CAP_CID_SECURITY_MANAGER_PROTOCOL, (uint8_t*) &setup->sm_s_pres, sizeof(sm_pairing_packet_t)); l2cap_send_connectionless(connection->sm_handle, L2CAP_CID_SECURITY_MANAGER_PROTOCOL, (uint8_t*) &setup->sm_s_pres, sizeof(sm_pairing_packet_t));
sm_timeout_reset(connection); sm_timeout_reset(connection);
// SC Numeric Comparison will trigger user response after public keys & nonces have been exchanged // SC Numeric Comparison will trigger user response after public keys & nonces have been exchanged