No negative response if remote enabled encryption too soon

[zephyrbot]

Reported by Szymon Janc:

This was found with robustness tester.

If we are in the process of pairing (and thus has no valid key yet) we should reply with negative response for any LTK requests we get until STK/LTK is computed.

Currently we reply with whatever we store in smp->tk depending on when LTK request was received.

(Imported from Jira ZEP-1771)

[nashif]

@jhedberg any update on this?

[nashif]

@jhedberg ping

[jhedberg]

I think the following might work as a fix:

diff --git a/subsys/bluetooth/host/smp.c b/subsys/bluetooth/host/smp.c
index 707f1fdb61..4994527ab7 100644
--- a/subsys/bluetooth/host/smp.c
+++ b/subsys/bluetooth/host/smp.c
@@ -4412,6 +4412,10 @@ bool bt_smp_get_tk(struct bt_conn *conn, u8_t *tk)
                return false;
        }
 
+       if (!atomic_test_bit(smp->flags, SMP_FLAG_ENC_PENDING)) {
+               return false;
+       }
+
        enc_size = get_encryption_key_size(smp);
 
        /*

@sjanc looks reasonable to you?