n btm_sec_save_le_key() set BTM_SEC_LE_LINK_KEY_KNOWN (and BTM_SEC_LE_LINK_KEY_AUTHED if MITM was used) when process a local Long Term Key (key type BTM_LE_KEY_LENC). This is because these flags share bits with the BTM_SEC_FLAG_LKEY_KNOWN (and BTM_SEC_FLAG_LKEY_AUTHED) flag in btm_api.h. Without this code a link that is encrypted via SM pairing where only the local device exchanges the LTK (peer does not send its LTK) will not allow GATT operations that require encryption (request will be incorrectly rejected with insufficient authentication reason, regardless of if MITM is required).

Merges https://github.com/espressif/esp-idf/pull/1320
2017-11-26 16:25:46 -05:00 · 2017-11-26 16:25:46 -05:00 · eb408e50c4
parent 60da98ee0b
commit eb408e50c4
1 changed files with 8 additions and 0 deletions
--- a/components/bt/bluedroid/stack/btm/btm_ble.c
+++ b/components/bt/bluedroid/stack/btm/btm_ble.c
@ -1221,6 +1221,14 @@ void btm_sec_save_le_key(BD_ADDR bd_addr, tBTM_LE_KEY_TYPE key_type, tBTM_LE_KEY
            p_rec->ble.keys.key_size = p_keys->lenc_key.key_size;
            p_rec->ble.key_type |= BTM_LE_KEY_LENC;

+            /* Set that link key is known since this shares field with BTM_SEC_FLAG_LKEY_KNOWN flag in btm_api.h*/
+            p_rec->sec_flags |=  BTM_SEC_LE_LINK_KEY_KNOWN;
+            if ( p_keys->pcsrk_key.sec_level == SMP_SEC_AUTHENTICATED) {
+                p_rec->sec_flags |= BTM_SEC_LE_LINK_KEY_AUTHED;
+            } else {
+                p_rec->sec_flags &= ~BTM_SEC_LE_LINK_KEY_AUTHED;
+            }
+
            BTM_TRACE_DEBUG("BTM_LE_KEY_LENC key_type=0x%x DIV=0x%x key_size=0x%x sec_level=0x%x",
                            p_rec->ble.key_type,
                            p_rec->ble.keys.div,