Bluetooth: Host: Add CONFIG_BT_BONDING_REQUIRED flag

demantmrrv · jhedberg · commit bf361aa66cfe · 2019-12-09T17:05:32.000+02:00
Added configuration for accepting pairing requests only if both devices
has bonding flag set in order to reject other devices at an early stage,
thus leaving more chance for devices expected to bond.

With the CONFIG_BT_BONDING_REQUIRED flag the device only accept pairing
requests if it has CONFIG_BT_BONMDABLE set and the device requesting
pairing has Bonding_Flags field set to Bonding (0x01) in its AuthReq.
Note: When using bt_set_bondable(false) pairing requests will be
rejected when CONFIG_BT_BONDING_REQUIRED is set.

Signed-off-by: Martin Rieva &lt;mrrv@demant.com&gt;
diff --git a/subsys/bluetooth/host/Kconfig b/subsys/bluetooth/host/Kconfig
@@ -348,6 +348,14 @@ config BT_BONDABLE
 	  Bonding flag in AuthReq of SMP Pairing Request/Response will be set
 	  indicating the support for this mode.
 
+config BT_BONDING_REQUIRED
+	bool "Always require bonding"
+	depends on BT_BONDABLE
+	help
+	  When this option is enabled remote devices are required to always
+	  set the bondable flag in their pairing request. Any other kind of
+	  requests will be rejected.
+
 config BT_STORE_DEBUG_KEYS
 	bool "Store Debug Mode bonds"
 	help
diff --git a/subsys/bluetooth/host/smp.c b/subsys/bluetooth/host/smp.c
@@ -2774,6 +2774,9 @@ static u8_t smp_pairing_req(struct bt_smp *smp, struct net_buf *buf)
 	if ((rsp->auth_req & BT_SMP_AUTH_BONDING) &&
 	    (req->auth_req & BT_SMP_AUTH_BONDING)) {
 		atomic_set_bit(smp->flags, SMP_FLAG_BOND);
+	} else if (IS_ENABLED(CONFIG_BT_BONDING_REQUIRED)) {
+		/* Reject pairing req if not both intend to bond */
+		return BT_SMP_ERR_UNSPECIFIED;
 	}
 
 	atomic_set_bit(smp->flags, SMP_FLAG_PAIRING);
@@ -2955,6 +2958,9 @@ static u8_t smp_pairing_rsp(struct bt_smp *smp, struct net_buf *buf)
 	if ((rsp->auth_req & BT_SMP_AUTH_BONDING) &&
 	    (req->auth_req & BT_SMP_AUTH_BONDING)) {
 		atomic_set_bit(smp->flags, SMP_FLAG_BOND);
+	} else if (IS_ENABLED(CONFIG_BT_BONDING_REQUIRED)) {
+		/* Reject pairing req if not both intend to bond */
+		return BT_SMP_ERR_UNSPECIFIED;
 	}
 
 	smp->method = get_pair_method(smp, rsp->io_capability);
@@ -3686,6 +3692,12 @@ static u8_t smp_security_request(struct bt_smp *smp, struct net_buf *buf)
 		auth = req->auth_req & BT_SMP_AUTH_MASK;
 	}
 
+	if (IS_ENABLED(CONFIG_BT_BONDING_REQUIRED) &&
+	    !(bondable && (auth & BT_SMP_AUTH_BONDING))) {
+		/* Reject security req if not both intend to bond */
+		return BT_SMP_ERR_UNSPECIFIED;
+	}
+
 	if (conn->le.keys) {
 		/* Make sure we have an LTK to encrypt with */
 		if (!(conn->le.keys->keys & (BT_KEYS_LTK_P256 | BT_KEYS_LTK))) {
