Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6cf2d3f4 authored by Josh Wu's avatar Josh Wu
Browse files

BTM: Always encrypt ACL after auth complete 

Setting encryption aggressively can improve the success rate of CTKD and
protect privacy. The availability of CTKD should not be the requirement
of encryption after auth.

Tag: #stability
Bug: 198755234
Test: gd/cert/run
Change-Id: I6ea10cfd4331cb31bad74230a04e3e614c1b7fe1
parent 26edcd97

system/stack/btm/btm_sec.cc

+16 −26
Original line number Diff line number Diff line
@@ -3143,16 +3143,6 @@ void btm_sec_auth_complete(uint16_t handle, tHCI_STATUS status) { 
    } else {

      BTM_LogHistory(kBtmLogTag, p_dev_rec->bd_addr, "Bonding completed",

                     hci_error_code_text(status));

      BTM_TRACE_DEBUG("TRYING TO DECIDE IF CAN USE SMP_BR_CHNL");

      if (p_dev_rec->new_encryption_key_is_p256 &&

          (btm_sec_use_smp_br_chnl(p_dev_rec))

          /* no LE keys are available, do deriving */

          && (!(p_dev_rec->sec_flags & BTM_SEC_LE_LINK_KEY_KNOWN) ||

              /* or BR key is higher security than existing LE keys */

              (!(p_dev_rec->sec_flags & BTM_SEC_LE_LINK_KEY_AUTHED) &&

               (p_dev_rec->sec_flags & BTM_SEC_LINK_KEY_AUTHED)))) {

        BTM_TRACE_DEBUG(

            "link encrypted afer dedic bonding can use SMP_BR_CHNL");



      tHCI_ROLE role = HCI_ROLE_UNKNOWN;

      BTM_GetRole(p_dev_rec->bd_addr, &role);
@@ -3163,13 +3153,13 @@ void btm_sec_auth_complete(uint16_t handle, tHCI_STATUS status) { 
                          BTM_BLE_SEC_NONE);

      } else if (p_dev_rec->IsLocallyInitiated()) {

        // Encryption will be set in role_changed callback

          BTM_TRACE_DEBUG(

        LOG_INFO(

            "%s auth completed in role=peripheral, try to switch role and "

            "encrypt",

            __func__);

        BTM_SwitchRoleToCentral(p_dev_rec->RemoteAddress());

      }

      }



      l2cu_start_post_bond_timer(p_dev_rec->hci_handle);

    }