Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit a983fc56 authored by Chen Chen's avatar Chen Chen
Browse files

Check Classic key before cross-key derivation 

Bug: 158854097
Test: atest net_test_stack_smp
Tag: #security
Ignore-AOSP-First: Security fix

Change-Id: Id88241324e9fb89ef14e50b52eb459a0d81c492b
parent b254009d

system/stack/smp/smp_act.cc

+11 −1
Original line number Diff line number Diff line
@@ -1254,7 +1254,17 @@ void smp_key_distribution(tSMP_CB* p_cb, tSMP_INT_DATA* p_data) { 
    /* state check to prevent re-entrant */

    if (smp_get_state() == SMP_STATE_BOND_PENDING) {

      if (p_cb->derive_lk) {

        tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(p_cb->pairing_bda);

        if (!(p_dev_rec->sec_flags & BTM_SEC_LE_LINK_KEY_AUTHED) &&

            (p_dev_rec->sec_flags & BTM_SEC_LINK_KEY_AUTHED)) {

          SMP_TRACE_DEBUG(

              "%s BR key is higher security than existing LE keys, don't "

              "derive LK from LTK",

              __func__);

          android_errorWriteLog(0x534e4554, "158854097");

        } else {

          smp_derive_link_key_from_long_term_key(p_cb, NULL);

        }

        p_cb->derive_lk = false;

      }