Bluetooth: SMP: Fix pairing using debug keys

Fix issue when checking if SMP pairing procedure is allowed to use the SMP debug keys. This check did not consider the case where the keys pointer was assigned, but did not contain a valid LTK key. This resulted in being unable to pair with debug keys without an existing bond. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
2019-09-02 12:45:54 +02:00 · 2019-09-02 12:45:54 +02:00 · 361cbea9cd
commit 361cbea9cd
parent 8f75cf732d
1 changed files with 21 additions and 2 deletions
--- a/subsys/bluetooth/host/smp.c
+++ b/subsys/bluetooth/host/smp.c
@ -646,6 +646,26 @@ bool update_keys_check(struct bt_smp *smp)
 	return true;
 }

+static bool update_debug_keys_check(struct bt_smp *smp)
+{
+	struct bt_conn *conn = smp->chan.chan.conn;
+
+	if (!conn->le.keys) {
+		conn->le.keys = bt_keys_get_addr(conn->id, &conn->le.dst);
+	}
+
+	if (!conn->le.keys ||
+	    !(conn->le.keys->keys & (BT_KEYS_LTK_P256 | BT_KEYS_LTK))) {
+		return true;
+	}
+
+	if (conn->le.keys->flags & BT_KEYS_DEBUG) {
+		return false;
+	}
+
+	return true;
+}
+
 #if defined(CONFIG_BT_PRIVACY) || defined(CONFIG_BT_SIGNING) || \
 	!defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 /* For TX callbacks */
@ -3667,8 +3687,7 @@ static u8_t smp_public_key(struct bt_smp *smp, struct net_buf *buf)
 		/* Don't allow a bond established without debug key to be
 		 * updated using LTK generated from debug key.
 		 */
-		if (smp->chan.chan.conn->le.keys &&
-		    !(smp->chan.chan.conn->le.keys->flags & BT_KEYS_DEBUG)) {
+		if (!update_debug_keys_check(smp)) {
 			return BT_SMP_ERR_AUTH_REQUIREMENTS;
 		}
 	}