From 361cbea9cd92575b8b396855bc1dd96043c8abe6 Mon Sep 17 00:00:00 2001 From: Joakim Andersson Date: Mon, 2 Sep 2019 12:45:54 +0200 Subject: [PATCH] Bluetooth: SMP: Fix pairing using debug keys Fix issue when checking if SMP pairing procedure is allowed to use the SMP debug keys. This check did not consider the case where the keys pointer was assigned, but did not contain a valid LTK key. This resulted in being unable to pair with debug keys without an existing bond. Signed-off-by: Joakim Andersson --- subsys/bluetooth/host/smp.c | 23 +++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/subsys/bluetooth/host/smp.c b/subsys/bluetooth/host/smp.c index 138f15d59e8..f8b32a1188b 100644 --- a/subsys/bluetooth/host/smp.c +++ b/subsys/bluetooth/host/smp.c @@ -646,6 +646,26 @@ bool update_keys_check(struct bt_smp *smp) return true; } +static bool update_debug_keys_check(struct bt_smp *smp) +{ + struct bt_conn *conn = smp->chan.chan.conn; + + if (!conn->le.keys) { + conn->le.keys = bt_keys_get_addr(conn->id, &conn->le.dst); + } + + if (!conn->le.keys || + !(conn->le.keys->keys & (BT_KEYS_LTK_P256 | BT_KEYS_LTK))) { + return true; + } + + if (conn->le.keys->flags & BT_KEYS_DEBUG) { + return false; + } + + return true; +} + #if defined(CONFIG_BT_PRIVACY) || defined(CONFIG_BT_SIGNING) || \ !defined(CONFIG_BT_SMP_SC_PAIR_ONLY) /* For TX callbacks */ @@ -3667,8 +3687,7 @@ static u8_t smp_public_key(struct bt_smp *smp, struct net_buf *buf) /* Don't allow a bond established without debug key to be * updated using LTK generated from debug key. */ - if (smp->chan.chan.conn->le.keys && - !(smp->chan.chan.conn->le.keys->flags & BT_KEYS_DEBUG)) { + if (!update_debug_keys_check(smp)) { return BT_SMP_ERR_AUTH_REQUIREMENTS; } }