Loading system/stack/smp/smp_act.cc +13 −13 Original line number Diff line number Diff line Loading @@ -78,7 +78,7 @@ static void smp_update_key_mask(tSMP_CB* p_cb, uint8_t key_type, bool recv) { "before update role=%d recv=%d local_i_key=0x%02x, local_r_key=0x%02x", p_cb->role, recv, p_cb->local_i_key, p_cb->local_r_key); if (((p_cb->le_secure_connections_mode_is_used) || (p_cb->smp_over_br)) && if (((p_cb->sc_mode_required_by_peer) || (p_cb->smp_over_br)) && ((key_type == SMP_SEC_KEY_TYPE_ENC) || (key_type == SMP_SEC_KEY_TYPE_LK))) { /* in LE SC mode LTK, CSRK and BR/EDR LK are derived locally instead of Loading Loading @@ -176,10 +176,10 @@ void smp_send_app_cback(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { p_cb->loc_auth_req, p_cb->local_io_capability, p_cb->loc_oob_flag, p_cb->loc_enc_size, p_cb->local_i_key, p_cb->local_r_key); p_cb->secure_connections_only_mode_required = p_cb->sc_only_mode_locally_required = (p_cb->init_security_mode == BTM_SEC_MODE_SC) ? true : false; /* just for PTS, force SC bit */ if (p_cb->secure_connections_only_mode_required) { if (p_cb->sc_only_mode_locally_required) { p_cb->loc_auth_req |= SMP_SC_SUPPORT_BIT; } Loading @@ -191,7 +191,7 @@ void smp_send_app_cback(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { remote_lmp_version); } if (!p_cb->secure_connections_only_mode_required && if (!p_cb->sc_only_mode_locally_required && (!(p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) || (remote_lmp_version && remote_lmp_version < HCI_PROTO_VERSION_4_2) || Loading Loading @@ -467,11 +467,11 @@ void smp_proc_sec_req(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { break; case BTM_BLE_SEC_REQ_ACT_PAIR: p_cb->secure_connections_only_mode_required = p_cb->sc_only_mode_locally_required = (p_cb->init_security_mode == BTM_SEC_MODE_SC) ? true : false; /* respond to non SC pairing request as failure in SC only mode */ if (p_cb->secure_connections_only_mode_required && if (p_cb->sc_only_mode_locally_required && (auth_req & SMP_SC_SUPPORT_BIT) == 0) { tSMP_INT_DATA smp_int_data; smp_int_data.status = SMP_PAIR_AUTH_FAIL; Loading Loading @@ -595,8 +595,8 @@ void smp_proc_pair_cmd(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { p_cb->local_r_key &= p_cb->peer_r_key; p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( Loading @@ -617,8 +617,8 @@ void smp_proc_pair_cmd(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { { p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( "Central requires secure connection only mode " Loading Loading @@ -1238,7 +1238,7 @@ void smp_check_auth_req(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { "rcvs enc_enable=%d i_keys=0x%x r_keys=0x%x (i-initiator r-responder)", enc_enable, p_cb->local_i_key, p_cb->local_r_key); if (enc_enable == 1) { if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { /* In LE SC mode LTK is used instead of STK and has to be always saved */ p_cb->local_i_key |= SMP_SEC_KEY_TYPE_ENC; p_cb->local_r_key |= SMP_SEC_KEY_TYPE_ENC; Loading Loading @@ -1473,8 +1473,8 @@ void smp_process_io_response(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { /* pairing started by peer (central) Pairing Request */ p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( "Peripheral requires secure connection only mode " Loading system/stack/smp/smp_int.h +6 −3 Original line number Diff line number Diff line Loading @@ -314,11 +314,14 @@ class tSMP_CB { tSMP_OOB_FLAG loc_oob_flag; tSMP_AUTH_REQ peer_auth_req; tSMP_AUTH_REQ loc_auth_req; bool secure_connections_only_mode_required; /* true if locally SM is required to operate */ bool sc_only_mode_locally_required; /* true if sc_only required required locally */ bool sc_mode_required_by_peer; /* true if peer requires sc in pair_req or pair_rsp */ /* either in Secure Connections mode or not at all */ tSMP_ASSO_MODEL selected_association_model; bool le_secure_connections_mode_is_used; bool key_derivation_h7_used; bool le_sc_kp_notif_is_used; tSMP_SC_KEY_TYPE local_keypress_notification; Loading system/stack/smp/smp_keys.cc +2 −2 Original line number Diff line number Diff line Loading @@ -160,7 +160,7 @@ void smp_generate_stk(tSMP_CB* p_cb, UNUSED_ATTR tSMP_INT_DATA* p_data) { LOG_VERBOSE("addr:%s", ADDRESS_TO_LOGGABLE_CSTR(p_cb->pairing_bda)); if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { LOG_VERBOSE("FOR LE SC LTK IS USED INSTEAD OF STK"); output = p_cb->ltk; } else { Loading Loading @@ -546,7 +546,7 @@ void smp_generate_ltk(tSMP_CB* p_cb, UNUSED_ATTR tSMP_INT_DATA* p_data) { if (smp_get_br_state() == SMP_BR_STATE_BOND_PENDING) { smp_br_process_link_key(p_cb, NULL); return; } else if (p_cb->le_secure_connections_mode_is_used) { } else if (p_cb->sc_mode_required_by_peer) { smp_process_secure_connection_long_term_key(); return; } Loading system/stack/smp/smp_utils.cc +7 −8 Original line number Diff line number Diff line Loading @@ -1294,7 +1294,7 @@ void smp_reject_unexpected_pairing_command(const RawAddress& bd_addr) { * Note If Secure Connections Only mode is required locally then we * come to this point only if both sides support Secure * Connections mode, i.e. * if p_cb->secure_connections_only_mode_required = true * if p_cb->sc_only_mode_locally_required = true * then we come to this point only if * (p_cb->peer_auth_req & SMP_SC_SUPPORT_BIT) == * (p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) == Loading @@ -1303,7 +1303,7 @@ void smp_reject_unexpected_pairing_command(const RawAddress& bd_addr) { ******************************************************************************/ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { tSMP_ASSO_MODEL model = SMP_MODEL_OUT_OF_RANGE; p_cb->le_secure_connections_mode_is_used = false; p_cb->sc_mode_required_by_peer = false; LOG_VERBOSE("p_cb->peer_io_caps = %d p_cb->local_io_capability = %d", p_cb->peer_io_caps, p_cb->local_io_capability); Loading @@ -1311,12 +1311,12 @@ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { p_cb->peer_oob_flag, p_cb->loc_oob_flag); LOG_VERBOSE("p_cb->peer_auth_req = 0x%02x p_cb->loc_auth_req = 0x%02x", p_cb->peer_auth_req, p_cb->loc_auth_req); LOG_VERBOSE("p_cb->secure_connections_only_mode_required = %s", p_cb->secure_connections_only_mode_required ? "true" : "false"); LOG_VERBOSE("p_cb->sc_only_mode_locally_required = %s", p_cb->sc_only_mode_locally_required ? "true" : "false"); if ((p_cb->peer_auth_req & SMP_SC_SUPPORT_BIT) && (p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT)) { p_cb->le_secure_connections_mode_is_used = true; p_cb->sc_mode_required_by_peer = true; } if ((p_cb->peer_auth_req & SMP_H7_SUPPORT_BIT) && Loading @@ -1325,10 +1325,9 @@ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { } LOG_VERBOSE("use_sc_process = %d, h7 use = %d", p_cb->le_secure_connections_mode_is_used, p_cb->key_derivation_h7_used); p_cb->sc_mode_required_by_peer, p_cb->key_derivation_h7_used); if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { model = smp_select_association_model_secure_connections(p_cb); } else { model = smp_select_legacy_association_model(p_cb); Loading Loading
system/stack/smp/smp_act.cc +13 −13 Original line number Diff line number Diff line Loading @@ -78,7 +78,7 @@ static void smp_update_key_mask(tSMP_CB* p_cb, uint8_t key_type, bool recv) { "before update role=%d recv=%d local_i_key=0x%02x, local_r_key=0x%02x", p_cb->role, recv, p_cb->local_i_key, p_cb->local_r_key); if (((p_cb->le_secure_connections_mode_is_used) || (p_cb->smp_over_br)) && if (((p_cb->sc_mode_required_by_peer) || (p_cb->smp_over_br)) && ((key_type == SMP_SEC_KEY_TYPE_ENC) || (key_type == SMP_SEC_KEY_TYPE_LK))) { /* in LE SC mode LTK, CSRK and BR/EDR LK are derived locally instead of Loading Loading @@ -176,10 +176,10 @@ void smp_send_app_cback(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { p_cb->loc_auth_req, p_cb->local_io_capability, p_cb->loc_oob_flag, p_cb->loc_enc_size, p_cb->local_i_key, p_cb->local_r_key); p_cb->secure_connections_only_mode_required = p_cb->sc_only_mode_locally_required = (p_cb->init_security_mode == BTM_SEC_MODE_SC) ? true : false; /* just for PTS, force SC bit */ if (p_cb->secure_connections_only_mode_required) { if (p_cb->sc_only_mode_locally_required) { p_cb->loc_auth_req |= SMP_SC_SUPPORT_BIT; } Loading @@ -191,7 +191,7 @@ void smp_send_app_cback(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { remote_lmp_version); } if (!p_cb->secure_connections_only_mode_required && if (!p_cb->sc_only_mode_locally_required && (!(p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) || (remote_lmp_version && remote_lmp_version < HCI_PROTO_VERSION_4_2) || Loading Loading @@ -467,11 +467,11 @@ void smp_proc_sec_req(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { break; case BTM_BLE_SEC_REQ_ACT_PAIR: p_cb->secure_connections_only_mode_required = p_cb->sc_only_mode_locally_required = (p_cb->init_security_mode == BTM_SEC_MODE_SC) ? true : false; /* respond to non SC pairing request as failure in SC only mode */ if (p_cb->secure_connections_only_mode_required && if (p_cb->sc_only_mode_locally_required && (auth_req & SMP_SC_SUPPORT_BIT) == 0) { tSMP_INT_DATA smp_int_data; smp_int_data.status = SMP_PAIR_AUTH_FAIL; Loading Loading @@ -595,8 +595,8 @@ void smp_proc_pair_cmd(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { p_cb->local_r_key &= p_cb->peer_r_key; p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( Loading @@ -617,8 +617,8 @@ void smp_proc_pair_cmd(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { { p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( "Central requires secure connection only mode " Loading Loading @@ -1238,7 +1238,7 @@ void smp_check_auth_req(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { "rcvs enc_enable=%d i_keys=0x%x r_keys=0x%x (i-initiator r-responder)", enc_enable, p_cb->local_i_key, p_cb->local_r_key); if (enc_enable == 1) { if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { /* In LE SC mode LTK is used instead of STK and has to be always saved */ p_cb->local_i_key |= SMP_SEC_KEY_TYPE_ENC; p_cb->local_r_key |= SMP_SEC_KEY_TYPE_ENC; Loading Loading @@ -1473,8 +1473,8 @@ void smp_process_io_response(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { /* pairing started by peer (central) Pairing Request */ p_cb->selected_association_model = smp_select_association_model(p_cb); if (p_cb->secure_connections_only_mode_required && (!(p_cb->le_secure_connections_mode_is_used) || if (p_cb->sc_only_mode_locally_required && (!(p_cb->sc_mode_required_by_peer) || (p_cb->selected_association_model == SMP_MODEL_SEC_CONN_JUSTWORKS))) { LOG_ERROR( "Peripheral requires secure connection only mode " Loading
system/stack/smp/smp_int.h +6 −3 Original line number Diff line number Diff line Loading @@ -314,11 +314,14 @@ class tSMP_CB { tSMP_OOB_FLAG loc_oob_flag; tSMP_AUTH_REQ peer_auth_req; tSMP_AUTH_REQ loc_auth_req; bool secure_connections_only_mode_required; /* true if locally SM is required to operate */ bool sc_only_mode_locally_required; /* true if sc_only required required locally */ bool sc_mode_required_by_peer; /* true if peer requires sc in pair_req or pair_rsp */ /* either in Secure Connections mode or not at all */ tSMP_ASSO_MODEL selected_association_model; bool le_secure_connections_mode_is_used; bool key_derivation_h7_used; bool le_sc_kp_notif_is_used; tSMP_SC_KEY_TYPE local_keypress_notification; Loading
system/stack/smp/smp_keys.cc +2 −2 Original line number Diff line number Diff line Loading @@ -160,7 +160,7 @@ void smp_generate_stk(tSMP_CB* p_cb, UNUSED_ATTR tSMP_INT_DATA* p_data) { LOG_VERBOSE("addr:%s", ADDRESS_TO_LOGGABLE_CSTR(p_cb->pairing_bda)); if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { LOG_VERBOSE("FOR LE SC LTK IS USED INSTEAD OF STK"); output = p_cb->ltk; } else { Loading Loading @@ -546,7 +546,7 @@ void smp_generate_ltk(tSMP_CB* p_cb, UNUSED_ATTR tSMP_INT_DATA* p_data) { if (smp_get_br_state() == SMP_BR_STATE_BOND_PENDING) { smp_br_process_link_key(p_cb, NULL); return; } else if (p_cb->le_secure_connections_mode_is_used) { } else if (p_cb->sc_mode_required_by_peer) { smp_process_secure_connection_long_term_key(); return; } Loading
system/stack/smp/smp_utils.cc +7 −8 Original line number Diff line number Diff line Loading @@ -1294,7 +1294,7 @@ void smp_reject_unexpected_pairing_command(const RawAddress& bd_addr) { * Note If Secure Connections Only mode is required locally then we * come to this point only if both sides support Secure * Connections mode, i.e. * if p_cb->secure_connections_only_mode_required = true * if p_cb->sc_only_mode_locally_required = true * then we come to this point only if * (p_cb->peer_auth_req & SMP_SC_SUPPORT_BIT) == * (p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT) == Loading @@ -1303,7 +1303,7 @@ void smp_reject_unexpected_pairing_command(const RawAddress& bd_addr) { ******************************************************************************/ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { tSMP_ASSO_MODEL model = SMP_MODEL_OUT_OF_RANGE; p_cb->le_secure_connections_mode_is_used = false; p_cb->sc_mode_required_by_peer = false; LOG_VERBOSE("p_cb->peer_io_caps = %d p_cb->local_io_capability = %d", p_cb->peer_io_caps, p_cb->local_io_capability); Loading @@ -1311,12 +1311,12 @@ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { p_cb->peer_oob_flag, p_cb->loc_oob_flag); LOG_VERBOSE("p_cb->peer_auth_req = 0x%02x p_cb->loc_auth_req = 0x%02x", p_cb->peer_auth_req, p_cb->loc_auth_req); LOG_VERBOSE("p_cb->secure_connections_only_mode_required = %s", p_cb->secure_connections_only_mode_required ? "true" : "false"); LOG_VERBOSE("p_cb->sc_only_mode_locally_required = %s", p_cb->sc_only_mode_locally_required ? "true" : "false"); if ((p_cb->peer_auth_req & SMP_SC_SUPPORT_BIT) && (p_cb->loc_auth_req & SMP_SC_SUPPORT_BIT)) { p_cb->le_secure_connections_mode_is_used = true; p_cb->sc_mode_required_by_peer = true; } if ((p_cb->peer_auth_req & SMP_H7_SUPPORT_BIT) && Loading @@ -1325,10 +1325,9 @@ tSMP_ASSO_MODEL smp_select_association_model(tSMP_CB* p_cb) { } LOG_VERBOSE("use_sc_process = %d, h7 use = %d", p_cb->le_secure_connections_mode_is_used, p_cb->key_derivation_h7_used); p_cb->sc_mode_required_by_peer, p_cb->key_derivation_h7_used); if (p_cb->le_secure_connections_mode_is_used) { if (p_cb->sc_mode_required_by_peer) { model = smp_select_association_model_secure_connections(p_cb); } else { model = smp_select_legacy_association_model(p_cb); Loading
