Skip to content

Commit 6c9bd16

Browse files
paul-szczepanek-armpaul-szczepanek-arm
committed
factored out whole ediv rand check
1 parent cbf1776 commit 6c9bd16

File tree

1 file changed

+39
-28
lines changed

1 file changed

+39
-28
lines changed

features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp

Lines changed: 39 additions & 28 deletions
Original file line numberDiff line numberDiff line change
@@ -760,14 +760,22 @@ nRF5xSecurityManager& nRF5xSecurityManager::get_security_manager()
760760
return _security_manager;
761761
}
762762

763-
bool is_rand_invalid(const uint8_t* rand)
763+
/**
764+
* EDIV and Rand are invalid if both are zero
765+
*/
766+
bool is_ediv_rand_valid(const uint16_t ediv, const uint8_t* rand)
764767
{
765768
for (int i = 0; i < BLE_GAP_SEC_RAND_LEN; ++i) {
766769
if (rand[i]) {
767-
return false;
770+
return true;
768771
}
769772
}
770-
return true;
773+
774+
if (ediv != 0) {
775+
return true;
776+
}
777+
778+
return false;
771779
}
772780

773781
bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
@@ -856,17 +864,16 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
856864
const ble_gap_evt_sec_info_request_t& req =
857865
gap_evt.params.sec_info_request;
858866

859-
if (req.master_id.ediv == 0 &&
860-
is_rand_invalid(req.master_id.rand)
861-
) {
862-
// request ltk generated with secure connection
863-
handler->on_ltk_request(connection);
864-
} else {
867+
if (is_ediv_rand_valid(req.master_id.ediv, req.master_id.rand)) {
865868
handler->on_ltk_request(
866869
connection,
867870
ediv_t((uint8_t*)(&req.master_id.ediv)),
868871
rand_t(req.master_id.rand)
869872
);
873+
} else {
874+
/* no valid EDIV and Rand
875+
* request ltk generated with secure connection */
876+
handler->on_ltk_request(connection);
870877
}
871878

872879
return true;
@@ -965,27 +972,24 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
965972
peer_dist = pairing_cb->initiator_dist;
966973
}
967974

968-
if (pairing_cb->own_enc_key.master_id.ediv == 0 &&
969-
is_rand_invalid(pairing_cb->own_enc_key.master_id.rand)
975+
if (is_ediv_rand_valid(
976+
pairing_cb->own_enc_key.master_id.ediv,
977+
pairing_cb->own_enc_key.master_id.rand
978+
)
970979
) {
971-
handler->on_secure_connections_ltk_generated(
972-
connection,
973-
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
974-
);
975-
} else {
976980
if (own_dist.get_encryption()) {
977-
handler->on_keys_distributed_local_ltk(
978-
connection,
979-
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
980-
);
981-
982-
handler->on_keys_distributed_local_ediv_rand(
983-
connection,
984-
ediv_t(reinterpret_cast<uint8_t*>(
985-
&pairing_cb->own_enc_key.master_id.ediv
986-
)),
987-
pairing_cb->own_enc_key.master_id.rand
988-
);
981+
handler->on_keys_distributed_local_ltk(
982+
connection,
983+
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
984+
);
985+
986+
handler->on_keys_distributed_local_ediv_rand(
987+
connection,
988+
ediv_t(reinterpret_cast<uint8_t*>(
989+
&pairing_cb->own_enc_key.master_id.ediv
990+
)),
991+
pairing_cb->own_enc_key.master_id.rand
992+
);
989993
}
990994

991995
if (peer_dist.get_encryption()) {
@@ -1002,6 +1006,13 @@ bool nRF5xSecurityManager::sm_handler(const ble_evt_t *evt)
10021006
pairing_cb->peer_enc_key.master_id.rand
10031007
);
10041008
}
1009+
} else {
1010+
/* no valid EDIV and Rand meaning this is a
1011+
* Secure Connections key */
1012+
handler->on_secure_connections_ltk_generated(
1013+
connection,
1014+
ltk_t(pairing_cb->own_enc_key.enc_info.ltk)
1015+
);
10051016
}
10061017

10071018
if (peer_dist.get_identity()) {

0 commit comments

Comments
 (0)