ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

factored out whole ediv rand check

pull/7753/head
paul-szczepanek-arm 2018-08-08 17:02:43 +01:00 committed by adbridge
parent dbeded5fbb
commit 37985e5912
1 changed files with 38 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

65
features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp
View File

@ -760,14 +760,22 @@ nRF5xSecurityManager& nRF5xSecurityManager::get_security_manager()
return _security_manager; return _security_manager;
} }
bool is_rand_invalid(const uint8_t* rand) /**
* EDIV and Rand are invalid if both are zero
*/
bool is_ediv_rand_valid(const uint16_t ediv, const uint8_t* rand)
{ {
for (int i = 0; i < BLE_GAP_SEC_RAND_LEN; ++i) { for (int i = 0; i < BLE_GAP_SEC_RAND_LEN; ++i) {
if (rand[i]) { if (rand[i]) {
return false; return true;
} }
} }
return true;
if (ediv != 0) {
return true;
}
return false;
} }
bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt) bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
@ -856,17 +864,16 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
const ble_gap_evt_sec_info_request_t& req = const ble_gap_evt_sec_info_request_t& req =
gap_evt.params.sec_info_request; gap_evt.params.sec_info_request;
if (req.master_id.ediv == 0 && if (is_ediv_rand_valid(req.master_id.ediv, req.master_id.rand)) {
is_rand_invalid(req.master_id.rand)
) {
// request ltk generated with secure connection
handler->on_ltk_request(connection);
} else {
handler->on_ltk_request( handler->on_ltk_request(
connection, connection,
ediv_t((uint8_t*)(&req.master_id.ediv)), ediv_t((uint8_t*)(&req.master_id.ediv)),
rand_t(req.master_id.rand) rand_t(req.master_id.rand)
); );
} else {
/* no valid EDIV and Rand
* request ltk generated with secure connection */
handler->on_ltk_request(connection);
} }
return true; return true;
@ -965,27 +972,24 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
peer_dist = pairing_cb->initiator_dist; peer_dist = pairing_cb->initiator_dist;
} }
if (pairing_cb->own_enc_key.master_id.ediv == 0 && if (is_ediv_rand_valid(
is_rand_invalid(pairing_cb->own_enc_key.master_id.rand) pairing_cb->own_enc_key.master_id.ediv,
pairing_cb->own_enc_key.master_id.rand
)
) { ) {
handler->on_secure_connections_ltk_generated(
connection,
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
);
} else {
if (own_dist.get_encryption()) { if (own_dist.get_encryption()) {
handler->on_keys_distributed_local_ltk( handler->on_keys_distributed_local_ltk(
connection, connection,
ltk_t(pairing_cb->own_enc_key.enc_info.ltk) ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
); );
handler->on_keys_distributed_local_ediv_rand( handler->on_keys_distributed_local_ediv_rand(
connection, connection,
ediv_t(reinterpret_cast<uint8_t*>( ediv_t(reinterpret_cast<uint8_t*>(
&pairing_cb->own_enc_key.master_id.ediv &pairing_cb->own_enc_key.master_id.ediv
)), )),
pairing_cb->own_enc_key.master_id.rand pairing_cb->own_enc_key.master_id.rand
); );
} }
if (peer_dist.get_encryption()) { if (peer_dist.get_encryption()) {
@ -1002,6 +1006,13 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
pairing_cb->peer_enc_key.master_id.rand pairing_cb->peer_enc_key.master_id.rand
); );
} }
} else {
/* no valid EDIV and Rand meaning this is a
* Secure Connections key */
handler->on_secure_connections_ltk_generated(
connection,
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
);
} }
if (peer_dist.get_identity()) { if (peer_dist.get_identity()) {