This is an automated email from the ASF dual-hosted git repository.
kopyscinski pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/mynewt-nimble.git
The following commit(s) were added to refs/heads/master by this push:
new 32621d0 host: fail pairing in SC only when peripheral doesn't support
SC
32621d0 is described below
commit 32621d01b444d99dedba8fe85c44a2bb1b2460c4
Author: Krzysztof Kopyściński <[email protected]>
AuthorDate: Tue Mar 16 09:42:33 2021 +0100
host: fail pairing in SC only when peripheral doesn't support SC
If we, as central, send pairing request in SC only mode we can
receive pairing response with with SC pairing not supported flag
in AuthReq. In this case we should fail pairing with BLE_SM_ERR_AUTHREQ
error.
This is required to pass GAP/SEC/SEM/BV-28-C
---
nimble/host/src/ble_sm.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/nimble/host/src/ble_sm.c b/nimble/host/src/ble_sm.c
index d405589..b4e8096 100644
--- a/nimble/host/src/ble_sm.c
+++ b/nimble/host/src/ble_sm.c
@@ -1886,6 +1886,9 @@ ble_sm_pair_rsp_rx(uint16_t conn_handle, struct os_mbuf
**om,
} else if (rsp->max_enc_key_size > BLE_SM_PAIR_KEY_SZ_MAX) {
res->sm_err = BLE_SM_ERR_INVAL;
res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_INVAL);
+ } else if (!ble_sm_verify_auth_requirements(rsp->authreq)) {
+ res->sm_err = BLE_SM_ERR_AUTHREQ;
+ res->app_status = BLE_HS_SM_US_ERR(BLE_SM_ERR_AUTHREQ);
} else {
ble_sm_pair_cfg(proc);
