Bluetooth: Store key type in common structure
Keys from same pairing have are of similar key type and this can be stored in single place. Change-Id: I38426c282604769424098af6ee26e0cf9cb5f358 Signed-off-by: Szymon Janc <ext.szymon.janc@tieto.com>
This commit is contained in:
Szymon Janc
Anas Nashif
parent
90121208ab
commit
4f9ba8129b
4 changed files with 23 additions and 33 deletions
|
|
@ -532,7 +532,7 @@ int bt_conn_security(struct bt_conn *conn, bt_security_t sec)
|
|||
keys = bt_keys_find(BT_KEYS_LTK, &conn->dst);
|
||||
if (keys) {
|
||||
if (sec > BT_SECURITY_MEDIUM &&
|
||||
keys->ltk.type != BT_KEYS_AUTHENTICATED) {
|
||||
keys->type != BT_KEYS_AUTHENTICATED) {
|
||||
goto pair;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -311,32 +311,13 @@ static void analyze_stacks(struct bt_conn *conn, struct bt_conn **ref)
|
|||
|
||||
static void update_sec_level(struct bt_conn *conn)
|
||||
{
|
||||
uint8_t type = BT_KEYS_UNAUTHENTICATED;
|
||||
struct bt_keys *keys;
|
||||
|
||||
if (conn->role == BT_HCI_ROLE_MASTER) {
|
||||
struct bt_keys *keys;
|
||||
|
||||
keys = bt_keys_find(BT_KEYS_LTK, &conn->dst);
|
||||
if (keys) {
|
||||
type = keys->ltk.type;
|
||||
}
|
||||
} else {
|
||||
struct bt_keys *keys;
|
||||
|
||||
keys = bt_keys_find(BT_KEYS_SLAVE_LTK, &conn->dst);
|
||||
if (keys) {
|
||||
type = keys->slave_ltk.type;
|
||||
}
|
||||
}
|
||||
|
||||
switch (type) {
|
||||
case BT_KEYS_AUTHENTICATED:
|
||||
keys = bt_keys_find_addr(&conn->dst);
|
||||
if (keys && keys->type == BT_KEYS_AUTHENTICATED) {
|
||||
conn->sec_level = BT_SECURITY_HIGH;
|
||||
break;
|
||||
case BT_KEYS_UNAUTHENTICATED:
|
||||
default:
|
||||
} else {
|
||||
conn->sec_level = BT_SECURITY_MEDIUM;
|
||||
break;
|
||||
}
|
||||
|
||||
if (conn->required_sec_level > conn->sec_level) {
|
||||
|
|
|
|||
|
|
@ -48,7 +48,6 @@ enum {
|
|||
};
|
||||
|
||||
struct bt_ltk {
|
||||
uint8_t type;
|
||||
uint64_t rand;
|
||||
uint16_t ediv;
|
||||
uint8_t val[16];
|
||||
|
|
@ -60,7 +59,6 @@ struct bt_irk {
|
|||
};
|
||||
|
||||
struct bt_csrk {
|
||||
uint8_t type;
|
||||
uint8_t val[16];
|
||||
uint32_t cnt;
|
||||
};
|
||||
|
|
@ -68,6 +66,7 @@ struct bt_csrk {
|
|||
struct bt_keys {
|
||||
bt_addr_le_t addr;
|
||||
int keys;
|
||||
uint8_t type;
|
||||
|
||||
struct bt_ltk slave_ltk;
|
||||
struct bt_ltk ltk;
|
||||
|
|
|
|||
|
|
@ -748,6 +748,17 @@ static uint8_t smp_pairing_random(struct bt_conn *conn, struct bt_buf *buf)
|
|||
return BT_SMP_ERR_UNSPECIFIED;
|
||||
}
|
||||
|
||||
keys = bt_keys_get_addr(&conn->dst);
|
||||
if (!keys) {
|
||||
return BT_SMP_ERR_UNSPECIFIED;
|
||||
}
|
||||
|
||||
/* store key type deducted from pairing method used
|
||||
* it is important to store it since type is used to determine
|
||||
* security level upon encryption
|
||||
*/
|
||||
keys->type = get_keys_type(smp->method);
|
||||
|
||||
/* Rand and EDiv are 0 for the STK */
|
||||
if (bt_conn_le_start_encryption(conn, 0, 0, stk)) {
|
||||
BT_ERR("Failed to start encryption\n");
|
||||
|
|
@ -771,7 +782,11 @@ static uint8_t smp_pairing_random(struct bt_conn *conn, struct bt_buf *buf)
|
|||
return BT_SMP_ERR_UNSPECIFIED;
|
||||
}
|
||||
|
||||
keys->slave_ltk.type = get_keys_type(smp->method);
|
||||
/* store key type deducted from pairing method used
|
||||
* it is important to store it since type is used to determine
|
||||
* security level upon encryption
|
||||
*/
|
||||
keys->type = get_keys_type(smp->method);
|
||||
|
||||
/* Rand and EDiv are 0 for the STK */
|
||||
keys->slave_ltk.rand = 0;
|
||||
|
|
@ -858,7 +873,6 @@ static void bt_smp_distribute_keys(struct bt_conn *conn)
|
|||
le_rand(keys->slave_ltk.val, sizeof(keys->slave_ltk.val));
|
||||
le_rand(&keys->slave_ltk.rand, sizeof(keys->slave_ltk.rand));
|
||||
le_rand(&keys->slave_ltk.ediv, sizeof(keys->slave_ltk.ediv));
|
||||
keys->slave_ltk.type = get_keys_type(smp->method);
|
||||
|
||||
buf = bt_smp_create_pdu(conn, BT_SMP_CMD_ENCRYPT_INFO,
|
||||
sizeof(*info));
|
||||
|
|
@ -893,7 +907,6 @@ static void bt_smp_distribute_keys(struct bt_conn *conn)
|
|||
|
||||
le_rand(keys->local_csrk.val, sizeof(keys->local_csrk.val));
|
||||
keys->local_csrk.cnt = 0;
|
||||
keys->local_csrk.type = get_keys_type(smp->method);
|
||||
|
||||
buf = bt_smp_create_pdu(conn, BT_SMP_CMD_SIGNING_INFO,
|
||||
sizeof(*info));
|
||||
|
|
@ -925,7 +938,6 @@ static uint8_t smp_encrypt_info(struct bt_conn *conn, struct bt_buf *buf)
|
|||
}
|
||||
|
||||
memcpy(keys->ltk.val, req->ltk, 16);
|
||||
keys->ltk.type = get_keys_type(smp->method);
|
||||
|
||||
atomic_set_bit(&smp->allowed_cmds, BT_SMP_CMD_MASTER_IDENT);
|
||||
|
||||
|
|
@ -1045,7 +1057,6 @@ static uint8_t smp_signing_info(struct bt_conn *conn, struct bt_buf *buf)
|
|||
}
|
||||
|
||||
memcpy(keys->remote_csrk.val, req->csrk, sizeof(keys->remote_csrk.val));
|
||||
keys->remote_csrk.type = get_keys_type(smp->method);
|
||||
|
||||
smp->remote_dist &= ~BT_SMP_DIST_SIGN;
|
||||
|
||||
|
|
@ -1075,8 +1086,7 @@ static uint8_t smp_security_request(struct bt_conn *conn, struct bt_buf *buf)
|
|||
goto pair;
|
||||
}
|
||||
|
||||
if ((auth & BT_SMP_AUTH_MITM) &&
|
||||
keys->ltk.type != BT_KEYS_AUTHENTICATED) {
|
||||
if ((auth & BT_SMP_AUTH_MITM) && keys->type != BT_KEYS_AUTHENTICATED) {
|
||||
if (bt_smp_io_capa != BT_SMP_IO_NO_INPUT_OUTPUT) {
|
||||
BT_INFO("New auth requirements: 0x%x, repairing", auth);
|
||||
goto pair;
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue