ARMmbed
/
mbed-os
mirror of https://github.com/ARMmbed/mbed-os.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge pull request #29 from paul-szczepanek-arm/no-sign-when-encrypted 

check encryption before signing
pull/6932/head
Paul Szczepanek 2018-04-11 15:51:02 +01:00 committed by GitHub
parent 1f81d20914 1e6455da0b
commit 9be8837f77
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 12 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
features/FEATURE_BLE/source/generic/GenericGattClient.cpp
View File

@ -1084,6 +1084,18 @@ ble_error_t GenericGattClient::write(
uint16_t mtu = get_mtu(connection_handle);
/* if link is encrypted signed writes should be normal writes */
if (cmd == GattClient::GATT_OP_SIGNED_WRITE_CMD) {
ble::link_encryption_t encryption(ble::link_encryption_t::NOT_ENCRYPTED);
SecurityManager &sm = createBLEInstance()->getSecurityManager();
ble_error_t status = sm.getLinkEncryption(connection_handle, &encryption);
if (status == BLE_ERROR_NONE
|| encryption == ble::link_encryption_t::ENCRYPTED
|| encryption == ble::link_encryption_t::ENCRYPTED_WITH_MITM) {
cmd = GattClient::GATT_OP_WRITE_CMD;
}
}
if (cmd == GattClient::GATT_OP_WRITE_CMD) {
if (length > (uint16_t) (mtu - WRITE_HEADER_LENGTH)) {
return BLE_ERROR_PARAM_OUT_OF_RANGE;
@ -1094,7 +1106,6 @@ ble_error_t GenericGattClient::write(
make_const_ArrayView(value, length)
);
} else if (cmd == GattClient::GATT_OP_SIGNED_WRITE_CMD) {
/*TODO check encryption status */
if (length > (uint16_t) (mtu - WRITE_HEADER_LENGTH - CMAC_LENGTH - MAC_COUNTER_LENGTH)) {
return BLE_ERROR_PARAM_OUT_OF_RANGE;
}