diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.c b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.c index 561fca4bfe..ea34dde567 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.c +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.c @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -233,6 +234,7 @@ static void smpDmConnCback(dmEvt_t *pDmEvt) pCcb->attempts = SmpDbGetFailureCount((dmConnId_t) pDmEvt->hdr.param); pCcb->lastSentKey = 0; pCcb->state = 0; + pCcb->keyReady = FALSE; /* Resume the attempts state if necessary */ smpResumeAttemptsState((dmConnId_t) pDmEvt->hdr.param); @@ -710,6 +712,11 @@ uint8_t *SmpDmGetStk(dmConnId_t connId, uint8_t *pSecLevel) /* get connection control block */ pCcb = smpCcbByConnId(connId); + if ((pCcb == NULL) || (pCcb->keyReady == FALSE)) + { + return NULL; + } + if (smpCb.lescSupported && pCcb->pScCcb->lescEnabled && (pCcb->pScCcb->pLtk != NULL)) { /* set security level */ diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.h b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.h index fe9b91d905..3100bf3585 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.h +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smp_main.h @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -314,6 +315,7 @@ typedef struct uint8_t token; /* AES transaction token */ uint8_t attempts; /* Failed pairing attempts */ uint8_t lastSentKey; /* Command code of last sent key */ + bool_t keyReady; /* Encryption key is ready */ smpScCcb_t *pScCcb; /* LE Secure Connection control blocks */ } smpCcb_t; diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_act.c b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_act.c index 68836ab33b..0e32fba540 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_act.c +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_act.c @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -269,6 +270,7 @@ void smpiActStkEncrypt(smpCcb_t *pCcb, smpMsg_t *pMsg) /* adjust key based on max key length */ memcpy(buf, pMsg->aes.pCiphertext, encKeyLen); memset((buf + encKeyLen), 0, (SMP_KEY_LEN - encKeyLen)); + pCcb->keyReady = TRUE; secLevel = (pCcb->auth & SMP_AUTH_MITM_FLAG) ? DM_SEC_LEVEL_ENC_AUTH : DM_SEC_LEVEL_ENC; DmSmpEncryptReq(pCcb->connId, secLevel, buf); diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_sc_act.c b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_sc_act.c index a5c11c3cbb..8ef115bdc1 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_sc_act.c +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpi_sc_act.c @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -463,6 +464,7 @@ void smpiScActDHKeyCheckVerify(smpCcb_t *pCcb, smpMsg_t *pMsg) /* Adjust key based on max key length */ memcpy(buf, pCcb->pScCcb->pLtk->ltk_t, encKeyLen); memset((buf + encKeyLen), 0, (SMP_KEY_LEN - encKeyLen)); + pCcb->keyReady = TRUE; /* Initiate encryption */ DmSmpEncryptReq(pCcb->connId, smpGetScSecLevel(pCcb), buf); diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_act.c b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_act.c index 72e60965d7..8917dae286 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_act.c +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_act.c @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -284,6 +285,7 @@ void smprActSendPairRandom(smpCcb_t *pCcb, smpMsg_t *pMsg) /* store STK and adjust based on max key length */ memcpy(pCcb->pScr->buf.b3, pMsg->aes.pCiphertext, encKeyLen); memset((pCcb->pScr->buf.b3 + encKeyLen), 0, (SMP_KEY_LEN - encKeyLen)); + pCcb->keyReady = TRUE; /* start smp response timer */ smpStartRspTimer(pCcb); diff --git a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_sc_act.c b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_sc_act.c index 5691b00a31..0ad796a037 100644 --- a/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_sc_act.c +++ b/features/FEATURE_BLE/targets/TARGET_CORDIO/stack/ble-host/sources/stack/smp/smpr_sc_act.c @@ -1,4 +1,5 @@ /* Copyright (c) 2009-2019 Arm Limited + * Copyright (c) 2019-2020 Packetcraft, Inc. * SPDX-License-Identifier: Apache-2.0 * * Licensed under the Apache License, Version 2.0 (the "License"); @@ -524,6 +525,7 @@ void smprScActDHKeyCheckSend(smpCcb_t *pCcb, smpMsg_t *pMsg) pCcb->pairReq[SMP_MAXKEY_POS] : pCcb->pairRsp[SMP_MAXKEY_POS]; memset((pCcb->pScCcb->pLtk->ltk_t + encKeyLen), 0, (SMP_KEY_LEN - encKeyLen)); + pCcb->keyReady = TRUE; /* Send the DH Key check Eb to the initiator */ smpScSendDHKeyCheck(pCcb, pMsg, pCcb->pScCcb->pScratch->Nb_Eb);