Skip to content

[Backport v2.4-branch] Bluetooth: host: Overwrite existing bond when IRK has been updated #33433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Mar 23, 2021
Merged

[Backport v2.4-branch] Bluetooth: host: Overwrite existing bond when IRK has been updated #33433

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
49fd858
Bluetooth: host: Refactor update_keys_check to operate on keys as input
joerchan Mar 11, 2021
7b87c79
Bluetooth: host: Overwrite existing bond when IRK has been updated
joerchan Mar 11, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
36 changes: 21 additions & 15 deletions subsys/bluetooth/host/smp.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -737,14 +737,8 @@ static uint8_t get_encryption_key_size(struct bt_smp *smp)
/* Check that if a new pairing procedure with an existing bond will not lower
* the established security level of the bond.
*/
static bool update_keys_check(struct bt_smp *smp)
static bool update_keys_check(struct bt_smp *smp, struct bt_keys *keys)
{
struct bt_conn *conn = smp->chan.chan.conn;

if (!conn->le.keys) {
conn->le.keys = bt_keys_get_addr(conn->id, &conn->le.dst);
}

if (IS_ENABLED(CONFIG_BT_SMP_DISABLE_LEGACY_JW_PASSKEY) &&
!atomic_test_bit(smp->flags, SMP_FLAG_SC) &&
smp->method != LEGACY_OOB) {
Expand All @@ -756,27 +750,27 @@ static bool update_keys_check(struct bt_smp *smp)
return false;
}

if (!conn->le.keys ||
!(conn->le.keys->keys & (BT_KEYS_LTK_P256 | BT_KEYS_LTK))) {
if (!keys ||
!(keys->keys & (BT_KEYS_LTK_P256 | BT_KEYS_LTK))) {
return true;
}

if (conn->le.keys->enc_size > get_encryption_key_size(smp)) {
if (keys->enc_size > get_encryption_key_size(smp)) {
return false;
}

if ((conn->le.keys->keys & BT_KEYS_LTK_P256) &&
if ((keys->keys & BT_KEYS_LTK_P256) &&
!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
return false;
}

if ((conn->le.keys->flags & BT_KEYS_AUTHENTICATED) &&
if ((keys->flags & BT_KEYS_AUTHENTICATED) &&
smp->method == JUST_WORKS) {
return false;
}

if (!IS_ENABLED(CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE) &&
(!(conn->le.keys->flags & BT_KEYS_AUTHENTICATED)
(!(keys->flags & BT_KEYS_AUTHENTICATED)
&& smp->method == JUST_WORKS)) {
return false;
}
Expand Down Expand Up @@ -2938,7 +2932,7 @@ static uint8_t smp_pairing_req(struct bt_smp *smp, struct net_buf *buf)

smp->method = get_pair_method(smp, req->io_capability);

if (!update_keys_check(smp)) {
if (!update_keys_check(smp, conn->le.keys)) {
return BT_SMP_ERR_AUTH_REQUIREMENTS;
}

Expand Down Expand Up @@ -3139,7 +3133,7 @@ static uint8_t smp_pairing_rsp(struct bt_smp *smp, struct net_buf *buf)

smp->method = get_pair_method(smp, rsp->io_capability);

if (!update_keys_check(smp)) {
if (!update_keys_check(smp, conn->le.keys)) {
return BT_SMP_ERR_AUTH_REQUIREMENTS;
}

Expand Down Expand Up @@ -3737,6 +3731,18 @@ static uint8_t smp_ident_addr_info(struct bt_smp *smp, struct net_buf *buf)
return BT_SMP_ERR_INVALID_PARAMS;
}

if (bt_addr_le_cmp(&conn->le.dst, &req->addr) != 0) {
struct bt_keys *keys = bt_keys_find_addr(conn->id, &req->addr);

if (keys) {
if (!update_keys_check(smp, keys)) {
return BT_SMP_ERR_UNSPECIFIED;
}

bt_keys_clear(keys);
}
}

if (atomic_test_bit(smp->flags, SMP_FLAG_BOND)) {
const bt_addr_le_t *dst;
struct bt_keys *keys;
Expand Down