From fbb926d77e2d7b44c6b61ec1bf141039ee30002c Mon Sep 17 00:00:00 2001 From: paul-szczepanek-arm <33840200+paul-szczepanek-arm@users.noreply.github.com> Date: Fri, 3 Aug 2018 15:28:41 +0100 Subject: [PATCH] call the correct ltk function when SC is used --- .../source/nRF5xPalSecurityManager.cpp | 69 +++++++++++-------- 1 file changed, 42 insertions(+), 27 deletions(-) diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp index 49ea2de83d..3c49c922c9 100644 --- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp +++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp @@ -846,11 +846,19 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt) const ble_gap_evt_sec_info_request_t& req = gap_evt.params.sec_info_request; - handler->on_ltk_request( - connection, - ediv_t((uint8_t*)(&req.master_id.ediv)), - rand_t(req.master_id.rand) - ); + uint8_t invalid_rand[BLE_GAP_SEC_RAND_LEN] = { 0 }; + if (req.master_id.ediv == 0 && + memcmp(req.master_id.rand, invalid_rand, sizeof(invalid_rand) == 0) + ) { + // request ltk generated with secure connection + handler->on_ltk_request(connection); + } else { + handler->on_ltk_request( + connection, + ediv_t((uint8_t*)(&req.master_id.ediv)), + rand_t(req.master_id.rand) + ); + } return true; } @@ -948,34 +956,41 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt) peer_dist = pairing_cb->initiator_dist; } - if (own_dist.get_encryption()) { - handler->on_keys_distributed_local_ltk( + if (status.lesc) { + handler->on_secure_connections_ltk_generated( connection, ltk_t(pairing_cb->own_enc_key.enc_info.ltk) ); + } else { + if (own_dist.get_encryption()) { + handler->on_keys_distributed_local_ltk( + connection, + ltk_t(pairing_cb->own_enc_key.enc_info.ltk) + ); - handler->on_keys_distributed_local_ediv_rand( - connection, - ediv_t(reinterpret_cast( - &pairing_cb->own_enc_key.master_id.ediv - )), - pairing_cb->own_enc_key.master_id.rand - ); - } + handler->on_keys_distributed_local_ediv_rand( + connection, + ediv_t(reinterpret_cast( + &pairing_cb->own_enc_key.master_id.ediv + )), + pairing_cb->own_enc_key.master_id.rand + ); + } - if (peer_dist.get_encryption()) { - handler->on_keys_distributed_ltk( - connection, - ltk_t(pairing_cb->peer_enc_key.enc_info.ltk) - ); + if (peer_dist.get_encryption()) { + handler->on_keys_distributed_ltk( + connection, + ltk_t(pairing_cb->peer_enc_key.enc_info.ltk) + ); - handler->on_keys_distributed_ediv_rand( - connection, - ediv_t(reinterpret_cast( - &pairing_cb->peer_enc_key.master_id.ediv - )), - pairing_cb->peer_enc_key.master_id.rand - ); + handler->on_keys_distributed_ediv_rand( + connection, + ediv_t(reinterpret_cast( + &pairing_cb->peer_enc_key.master_id.ediv + )), + pairing_cb->peer_enc_key.master_id.rand + ); + } } if (peer_dist.get_identity()) {