ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #7688 from paul-szczepanek-arm/nrf-ltk-fix 

BLE: call secure connections versions of ltk functions
pull/7747/head
Cruz Monrreal 2018-08-09 10:15:58 -05:00 committed by GitHub
parent 1ab05c28f6 6c9bd163b1
commit 2b92b260d0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 67 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

97
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp
View File

@ -760,6 +760,24 @@ nRF5xSecurityManager& nRF5xSecurityManager::get_security_manager()
return _security_manager; return _security_manager;
} }
/**
* EDIV and Rand are invalid if both are zero
*/
bool is_ediv_rand_valid(const uint16_t ediv, const uint8_t* rand)
{
for (int i = 0; i < BLE_GAP_SEC_RAND_LEN; ++i) {
if (rand[i]) {
return true;
}
}
if (ediv != 0) {
return true;
}
return false;
}
bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt) bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
{ {
nRF5xSecurityManager& self = nRF5xSecurityManager::get_security_manager(); nRF5xSecurityManager& self = nRF5xSecurityManager::get_security_manager();
@ -846,11 +864,17 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
const ble_gap_evt_sec_info_request_t& req = const ble_gap_evt_sec_info_request_t& req =
gap_evt.params.sec_info_request; gap_evt.params.sec_info_request;
handler->on_ltk_request( if (is_ediv_rand_valid(req.master_id.ediv, req.master_id.rand)) {
connection, handler->on_ltk_request(
ediv_t((uint8_t*)(&req.master_id.ediv)), connection,
rand_t(req.master_id.rand) ediv_t((uint8_t*)(&req.master_id.ediv)),
); rand_t(req.master_id.rand)
);
} else {
/* no valid EDIV and Rand
* request ltk generated with secure connection */
handler->on_ltk_request(connection);
}
return true; return true;
} }
@ -948,34 +972,47 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
peer_dist = pairing_cb->initiator_dist; peer_dist = pairing_cb->initiator_dist;
} }
if (own_dist.get_encryption()) { if (is_ediv_rand_valid(
handler->on_keys_distributed_local_ltk( pairing_cb->own_enc_key.master_id.ediv,
pairing_cb->own_enc_key.master_id.rand
)
) {
if (own_dist.get_encryption()) {
handler->on_keys_distributed_local_ltk(
connection,
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
);
handler->on_keys_distributed_local_ediv_rand(
connection,
ediv_t(reinterpret_cast<uint8_t*>(
&pairing_cb->own_enc_key.master_id.ediv
)),
pairing_cb->own_enc_key.master_id.rand
);
}
if (peer_dist.get_encryption()) {
handler->on_keys_distributed_ltk(
connection,
ltk_t(pairing_cb->peer_enc_key.enc_info.ltk)
);
handler->on_keys_distributed_ediv_rand(
connection,
ediv_t(reinterpret_cast<uint8_t*>(
&pairing_cb->peer_enc_key.master_id.ediv
)),
pairing_cb->peer_enc_key.master_id.rand
);
}
} else {
/* no valid EDIV and Rand meaning this is a
* Secure Connections key */
handler->on_secure_connections_ltk_generated(
connection, connection,
ltk_t(pairing_cb->own_enc_key.enc_info.ltk) ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
); );
handler->on_keys_distributed_local_ediv_rand(
connection,
ediv_t(reinterpret_cast<uint8_t*>(
&pairing_cb->own_enc_key.master_id.ediv
)),
pairing_cb->own_enc_key.master_id.rand
);
}
if (peer_dist.get_encryption()) {
handler->on_keys_distributed_ltk(
connection,
ltk_t(pairing_cb->peer_enc_key.enc_info.ltk)
);
handler->on_keys_distributed_ediv_rand(
connection,
ediv_t(reinterpret_cast<uint8_t*>(
&pairing_cb->peer_enc_key.master_id.ediv
)),
pairing_cb->peer_enc_key.master_id.rand
);
} }
if (peer_dist.get_identity()) { if (peer_dist.get_identity()) {