Skip to content
Browse files

Bluetooth: SMP: Don't return STK if it hasn't been generated yet

The SMP_FLAG_ENC_PENDING flag indicates that we've generated an STK
and are waiting for encryption to happen. In case the remote enables
encryption prematurely we should not try to encrypt with whatever is
stored in smp->tk, rather reject the pairing attempt.

Fixes #3222

Signed-off-by: Johan Hedberg <>
  • Loading branch information...
jhedberg committed Jul 25, 2018
1 parent 9ffab9e commit 4fe8eddd27c2fe1618f84d8f5bc33bbf0bc18fa6
Showing with 4 additions and 0 deletions.
  1. +4 −0 subsys/bluetooth/host/smp.c
@@ -4432,6 +4432,10 @@ bool bt_smp_get_tk(struct bt_conn *conn, u8_t *tk)
return false;

if (!atomic_test_bit(smp->flags, SMP_FLAG_ENC_PENDING)) {
return false;

enc_size = get_encryption_key_size(smp);


0 comments on commit 4fe8edd

Please sign in to comment.
You can’t perform that action at this time.