Bluetooth: host: Allow to disable legacy pairing.

joerchan · jhedberg · commit 912cdc0b8eb5 · 2018-10-16T14:25:56.000+03:00
Add option to disable legacy pairing and only use secure connection.
If legacy pairing was requested pairing will be denied with status
insufficient authenticated

Signed-off-by: Joakim Andersson &lt;joakim.andersson@nordicsemi.no&gt;
diff --git a/subsys/bluetooth/host/Kconfig b/subsys/bluetooth/host/Kconfig
@@ -284,8 +284,18 @@ config BT_SIGNING
 	  This option enables data signing which is used for transferring
 	  authenticated data in an unencrypted connection.
 
+config BT_SMP_SC_PAIR_ONLY
+	bool "Disable legacy pairing"
+	help
+	  This option disables LE legacy pairing and forces LE secure connection
+	  pairing. All Security Mode 1 levels can be used with legacy pairing
+	  disabled, but pairing with devices that do not support secure
+	  connections pairing will not be supported.
+	  To force a higher security level use "Secure Connections Only Mode"
+
 config BT_SMP_SC_ONLY
 	bool "Secure Connections Only Mode"
+	select BT_SMP_SC_PAIR_ONLY
 	help
 	  This option enables support for Secure Connection Only Mode. In this
 	  mode device shall only use Security Mode 1 Level 4 with exception
diff --git a/subsys/bluetooth/host/hci_core.c b/subsys/bluetooth/host/hci_core.c
@@ -2919,7 +2919,7 @@ static void le_ltk_request(struct net_buf *buf)
 		goto done;
 	}
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	if (conn->le.keys && (conn->le.keys->keys & BT_KEYS_SLAVE_LTK) &&
 	    !memcmp(conn->le.keys->slave_ltk.rand, &evt->rand, 8) &&
 	    !memcmp(conn->le.keys->slave_ltk.ediv, &evt->ediv, 2)) {
@@ -2944,7 +2944,7 @@ static void le_ltk_request(struct net_buf *buf)
 		bt_hci_cmd_send(BT_HCI_OP_LE_LTK_REQ_REPLY, buf);
 		goto done;
 	}
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 	le_ltk_neg_reply(evt->handle);
 
diff --git a/subsys/bluetooth/host/keys.h b/subsys/bluetooth/host/keys.h
@@ -56,9 +56,9 @@ struct bt_keys {
 	struct bt_csrk		local_csrk;
 	struct bt_csrk		remote_csrk;
 #endif /* BT_SIGNING */
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	struct bt_ltk		slave_ltk;
-#endif /* CONFIG_BT_SMP_SC_ONLY */
+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */
 };
 
 #define BT_KEYS_STORAGE_LEN     (sizeof(struct bt_keys) - \
diff --git a/subsys/bluetooth/host/smp.c b/subsys/bluetooth/host/smp.c
@@ -186,7 +186,7 @@ static unsigned int fixed_passkey = BT_PASSKEY_INVALID;
 			    fixed_passkey != BT_PASSKEY_INVALID && \
 			    (smp)->method == PASSKEY_DISPLAY)
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 /* based on table 2.8 Core Spec 2.3.5.1 Vol. 3 Part H */
 static const u8_t gen_method_legacy[5 /* remote */][5 /* local */] = {
 	{ JUST_WORKS, JUST_WORKS, PASSKEY_INPUT, JUST_WORKS, PASSKEY_INPUT },
@@ -197,7 +197,7 @@ static const u8_t gen_method_legacy[5 /* remote */][5 /* local */] = {
 	{ PASSKEY_DISPLAY, PASSKEY_DISPLAY, PASSKEY_INPUT, JUST_WORKS,
 	  PASSKEY_ROLE },
 };
-#endif /* CONFIG_BT_SMP_SC_ONLY */
+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 /* based on table 2.8 Core Spec 2.3.5.1 Vol. 3 Part H */
 static const u8_t gen_method_sc[5 /* remote */][5 /* local */] = {
@@ -542,7 +542,7 @@ static u8_t get_encryption_key_size(struct bt_smp *smp)
 }
 
 #if defined(CONFIG_BT_PRIVACY) || defined(CONFIG_BT_SIGNING) || \
-	!defined(CONFIG_BT_SMP_SC_ONLY)
+	!defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 /* For TX callbacks */
 static void smp_pairing_complete(struct bt_smp *smp, u8_t status);
 #if defined(CONFIG_BT_BREDR)
@@ -1607,7 +1607,7 @@ static u8_t smp_send_pairing_random(struct bt_smp *smp)
 	return 0;
 }
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 static void xor_128(const u8_t p[16], const u8_t q[16], u8_t r[16])
 {
 	size_t len = 16;
@@ -1658,7 +1658,7 @@ static int smp_c1(const u8_t k[16], const u8_t r[16],
 
 	return bt_encrypt_le(k, enc_data, enc_data);
 }
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 static u8_t smp_send_pairing_confirm(struct bt_smp *smp)
 {
@@ -1707,7 +1707,7 @@ static u8_t smp_send_pairing_confirm(struct bt_smp *smp)
 	return 0;
 }
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 static void ident_sent(struct bt_conn *conn)
 {
 	smp_check_complete(conn, BT_SMP_DIST_ENC_KEY);
@@ -1772,7 +1772,7 @@ static void legacy_distribute_keys(struct bt_smp *smp)
 		}
 	}
 }
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 static void bt_smp_distribute_keys(struct bt_smp *smp)
 {
@@ -1784,12 +1784,12 @@ static void bt_smp_distribute_keys(struct bt_smp *smp)
 		return;
 	}
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	/* Distribute legacy pairing specific keys */
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
 		legacy_distribute_keys(smp);
 	}
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 #if defined(CONFIG_BT_PRIVACY)
 	if (smp->local_dist & BT_SMP_DIST_ID_KEY) {
@@ -1871,7 +1871,7 @@ static u8_t send_pairing_rsp(struct bt_smp *smp)
 }
 #endif /* CONFIG_BT_PERIPHERAL */
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 static int smp_s1(const u8_t k[16], const u8_t r1[16],
 		  const u8_t r2[16], u8_t out[16])
 {
@@ -2250,7 +2250,7 @@ static u8_t smp_master_ident(struct bt_smp *smp, struct net_buf *buf)
 {
 	return BT_SMP_ERR_CMD_NOTSUPP;
 }
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 static int _smp_init(struct bt_smp *smp)
 {
@@ -2439,11 +2439,11 @@ static u8_t smp_pairing_req(struct bt_smp *smp, struct net_buf *buf)
 	atomic_set_bit(smp->flags, SMP_FLAG_PAIRING);
 
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
-#if defined(CONFIG_BT_SMP_SC_ONLY)
+#if defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 		return BT_SMP_ERR_AUTH_REQUIREMENTS;
 #else
 		return legacy_pairing_req(smp, req->io_capability);
-#endif /* CONFIG_BT_SMP_SC_ONLY */
+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */
 	}
 
 	smp->method = get_pair_method(smp, req->io_capability);
@@ -2592,11 +2592,11 @@ static u8_t smp_pairing_rsp(struct bt_smp *smp, struct net_buf *buf)
 	}
 
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
-#if defined(CONFIG_BT_SMP_SC_ONLY)
+#if defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 		return BT_SMP_ERR_AUTH_REQUIREMENTS;
 #else
 		return legacy_pairing_rsp(smp, rsp->io_capability);
-#endif /* CONFIG_BT_SMP_SC_ONLY */
+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */
 	}
 
 	smp->method = get_pair_method(smp, rsp->io_capability);
@@ -2651,11 +2651,11 @@ static u8_t smp_pairing_confirm(struct bt_smp *smp, struct net_buf *buf)
 		return 0;
 	}
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
 		return legacy_pairing_confirm(smp);
 	}
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 	switch (smp->method) {
 	case PASSKEY_DISPLAY:
@@ -2900,11 +2900,11 @@ static u8_t smp_pairing_random(struct bt_smp *smp, struct net_buf *buf)
 
 	memcpy(smp->rrnd, req->val, sizeof(smp->rrnd));
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
 		return legacy_pairing_random(smp);
 	}
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 #if defined(CONFIG_BT_CENTRAL)
 	if (smp->chan.chan.conn->role == BT_HCI_ROLE_MASTER) {
@@ -4240,12 +4240,12 @@ int bt_smp_auth_passkey_entry(struct bt_conn *conn, unsigned int passkey)
 		return -EINVAL;
 	}
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 	if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {
 		legacy_passkey_entry(smp, passkey);
 		return 0;
 	}
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 	smp->passkey = sys_cpu_to_le32(passkey);
 
@@ -4346,7 +4346,7 @@ int bt_smp_auth_cancel(struct bt_conn *conn)
 	}
 }
 
-#if !defined(CONFIG_BT_SMP_SC_ONLY)
+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)
 int bt_smp_auth_pairing_confirm(struct bt_conn *conn)
 {
 	struct bt_smp *smp;
@@ -4398,7 +4398,7 @@ int bt_smp_auth_pairing_confirm(struct bt_conn *conn)
 	/* confirm_pairing will never be called in LE SC only mode */
 	return -EINVAL;
 }
-#endif /* !CONFIG_BT_SMP_SC_ONLY */
+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */
 
 #if defined(CONFIG_BT_FIXED_PASSKEY)
 int bt_passkey_set(unsigned int passkey)
@@ -4578,8 +4578,8 @@ int bt_smp_init(void)
 	};
 
 	sc_supported = le_sc_supported();
-	if (IS_ENABLED(CONFIG_BT_SMP_SC_ONLY) && !sc_supported) {
-		BT_ERR("SC Only Mode selected but LE SC not supported");
+	if (IS_ENABLED(CONFIG_BT_SMP_SC_PAIR_ONLY) && !sc_supported) {
+		BT_ERR("SC Pair Only Mode selected but LE SC not supported");
 		return -ENOENT;
 	}
 

Original file line number	Diff line number	Diff line change
`@@ -2919,7 +2919,7 @@ static void le_ltk_request(struct net_buf *buf)`
`2919`	`2919`	`goto done;`
`2920`	`2920`	`}`
`2921`	`2921`
`2922`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`2922`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`2923`	`2923`	`if (conn->le.keys && (conn->le.keys->keys & BT_KEYS_SLAVE_LTK) &&`
`2924`	`2924`	`!memcmp(conn->le.keys->slave_ltk.rand, &evt->rand, 8) &&`
`2925`	`2925`	`!memcmp(conn->le.keys->slave_ltk.ediv, &evt->ediv, 2)) {`
`@@ -2944,7 +2944,7 @@ static void le_ltk_request(struct net_buf *buf)`
`2944`	`2944`	`bt_hci_cmd_send(BT_HCI_OP_LE_LTK_REQ_REPLY, buf);`
`2945`	`2945`	`goto done;`
`2946`	`2946`	`}`
`2947`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`2947`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2948`	`2948`
`2949`	`2949`	`le_ltk_neg_reply(evt->handle);`
`2950`	`2950`
Original file line number	Diff line number	Diff line change
`@@ -186,7 +186,7 @@ static unsigned int fixed_passkey = BT_PASSKEY_INVALID;`
`186`	`186`	`fixed_passkey != BT_PASSKEY_INVALID && \`
`187`	`187`	`(smp)->method == PASSKEY_DISPLAY)`
`188`	`188`
`189`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`189`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`190`	`190`	`/* based on table 2.8 Core Spec 2.3.5.1 Vol. 3 Part H */`
`191`	`191`	`static const u8_t gen_method_legacy[5 /* remote /][5 / local */] = {`
`192`	`192`	`{ JUST_WORKS, JUST_WORKS, PASSKEY_INPUT, JUST_WORKS, PASSKEY_INPUT },`
`@@ -197,7 +197,7 @@ static const u8_t gen_method_legacy[5 /* remote /][5 / local */] = {`
`197`	`197`	`{ PASSKEY_DISPLAY, PASSKEY_DISPLAY, PASSKEY_INPUT, JUST_WORKS,`
`198`	`198`	`PASSKEY_ROLE },`
`199`	`199`	`};`
`200`		`-#endif /* CONFIG_BT_SMP_SC_ONLY */`
	`200`	`+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */`
`201`	`201`
`202`	`202`	`/* based on table 2.8 Core Spec 2.3.5.1 Vol. 3 Part H */`
`203`	`203`	`static const u8_t gen_method_sc[5 /* remote /][5 / local */] = {`
`@@ -542,7 +542,7 @@ static u8_t get_encryption_key_size(struct bt_smp *smp)`
`542`	`542`	`}`
`543`	`543`
`544`	`544`	`#if defined(CONFIG_BT_PRIVACY) \|\| defined(CONFIG_BT_SIGNING) \|\| \`
`545`		`- !defined(CONFIG_BT_SMP_SC_ONLY)`
	`545`	`+ !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`546`	`546`	`/* For TX callbacks */`
`547`	`547`	`static void smp_pairing_complete(struct bt_smp *smp, u8_t status);`
`548`	`548`	`#if defined(CONFIG_BT_BREDR)`
`@@ -1607,7 +1607,7 @@ static u8_t smp_send_pairing_random(struct bt_smp *smp)`
`1607`	`1607`	`return 0;`
`1608`	`1608`	`}`
`1609`	`1609`
`1610`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`1610`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`1611`	`1611`	`static void xor_128(const u8_t p[16], const u8_t q[16], u8_t r[16])`
`1612`	`1612`	`{`
`1613`	`1613`	`size_t len = 16;`
`@@ -1658,7 +1658,7 @@ static int smp_c1(const u8_t k[16], const u8_t r[16],`
`1658`	`1658`
`1659`	`1659`	`return bt_encrypt_le(k, enc_data, enc_data);`
`1660`	`1660`	`}`
`1661`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`1661`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`1662`	`1662`
`1663`	`1663`	`static u8_t smp_send_pairing_confirm(struct bt_smp *smp)`
`1664`	`1664`	`{`
`@@ -1707,7 +1707,7 @@ static u8_t smp_send_pairing_confirm(struct bt_smp *smp)`
`1707`	`1707`	`return 0;`
`1708`	`1708`	`}`
`1709`	`1709`
`1710`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`1710`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`1711`	`1711`	`static void ident_sent(struct bt_conn *conn)`
`1712`	`1712`	`{`
`1713`	`1713`	`smp_check_complete(conn, BT_SMP_DIST_ENC_KEY);`
`@@ -1772,7 +1772,7 @@ static void legacy_distribute_keys(struct bt_smp *smp)`
`1772`	`1772`	`}`
`1773`	`1773`	`}`
`1774`	`1774`	`}`
`1775`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`1775`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`1776`	`1776`
`1777`	`1777`	`static void bt_smp_distribute_keys(struct bt_smp *smp)`
`1778`	`1778`	`{`
`@@ -1784,12 +1784,12 @@ static void bt_smp_distribute_keys(struct bt_smp *smp)`
`1784`	`1784`	`return;`
`1785`	`1785`	`}`
`1786`	`1786`
`1787`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`1787`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`1788`	`1788`	`/* Distribute legacy pairing specific keys */`
`1789`	`1789`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`1790`	`1790`	`legacy_distribute_keys(smp);`
`1791`	`1791`	`}`
`1792`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`1792`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`1793`	`1793`
`1794`	`1794`	`#if defined(CONFIG_BT_PRIVACY)`
`1795`	`1795`	`if (smp->local_dist & BT_SMP_DIST_ID_KEY) {`
`@@ -1871,7 +1871,7 @@ static u8_t send_pairing_rsp(struct bt_smp *smp)`
`1871`	`1871`	`}`
`1872`	`1872`	`#endif /* CONFIG_BT_PERIPHERAL */`
`1873`	`1873`
`1874`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`1874`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`1875`	`1875`	`static int smp_s1(const u8_t k[16], const u8_t r1[16],`
`1876`	`1876`	`const u8_t r2[16], u8_t out[16])`
`1877`	`1877`	`{`
`@@ -2250,7 +2250,7 @@ static u8_t smp_master_ident(struct bt_smp smp, struct net_buf buf)`
`2250`	`2250`	`{`
`2251`	`2251`	`return BT_SMP_ERR_CMD_NOTSUPP;`
`2252`	`2252`	`}`
`2253`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`2253`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2254`	`2254`
`2255`	`2255`	`static int _smp_init(struct bt_smp *smp)`
`2256`	`2256`	`{`
`@@ -2439,11 +2439,11 @@ static u8_t smp_pairing_req(struct bt_smp smp, struct net_buf buf)`
`2439`	`2439`	`atomic_set_bit(smp->flags, SMP_FLAG_PAIRING);`
`2440`	`2440`
`2441`	`2441`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`2442`		`-#if defined(CONFIG_BT_SMP_SC_ONLY)`
	`2442`	`+#if defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`2443`	`2443`	`return BT_SMP_ERR_AUTH_REQUIREMENTS;`
`2444`	`2444`	`#else`
`2445`	`2445`	`return legacy_pairing_req(smp, req->io_capability);`
`2446`		`-#endif /* CONFIG_BT_SMP_SC_ONLY */`
	`2446`	`+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2447`	`2447`	`}`
`2448`	`2448`
`2449`	`2449`	`smp->method = get_pair_method(smp, req->io_capability);`
`@@ -2592,11 +2592,11 @@ static u8_t smp_pairing_rsp(struct bt_smp smp, struct net_buf buf)`
`2592`	`2592`	`}`
`2593`	`2593`
`2594`	`2594`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`2595`		`-#if defined(CONFIG_BT_SMP_SC_ONLY)`
	`2595`	`+#if defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`2596`	`2596`	`return BT_SMP_ERR_AUTH_REQUIREMENTS;`
`2597`	`2597`	`#else`
`2598`	`2598`	`return legacy_pairing_rsp(smp, rsp->io_capability);`
`2599`		`-#endif /* CONFIG_BT_SMP_SC_ONLY */`
	`2599`	`+#endif /* CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2600`	`2600`	`}`
`2601`	`2601`
`2602`	`2602`	`smp->method = get_pair_method(smp, rsp->io_capability);`
`@@ -2651,11 +2651,11 @@ static u8_t smp_pairing_confirm(struct bt_smp smp, struct net_buf buf)`
`2651`	`2651`	`return 0;`
`2652`	`2652`	`}`
`2653`	`2653`
`2654`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`2654`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`2655`	`2655`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`2656`	`2656`	`return legacy_pairing_confirm(smp);`
`2657`	`2657`	`}`
`2658`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`2658`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2659`	`2659`
`2660`	`2660`	`switch (smp->method) {`
`2661`	`2661`	`case PASSKEY_DISPLAY:`
`@@ -2900,11 +2900,11 @@ static u8_t smp_pairing_random(struct bt_smp smp, struct net_buf buf)`
`2900`	`2900`
`2901`	`2901`	`memcpy(smp->rrnd, req->val, sizeof(smp->rrnd));`
`2902`	`2902`
`2903`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`2903`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`2904`	`2904`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`2905`	`2905`	`return legacy_pairing_random(smp);`
`2906`	`2906`	`}`
`2907`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`2907`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`2908`	`2908`
`2909`	`2909`	`#if defined(CONFIG_BT_CENTRAL)`
`2910`	`2910`	`if (smp->chan.chan.conn->role == BT_HCI_ROLE_MASTER) {`
`@@ -4240,12 +4240,12 @@ int bt_smp_auth_passkey_entry(struct bt_conn *conn, unsigned int passkey)`
`4240`	`4240`	`return -EINVAL;`
`4241`	`4241`	`}`
`4242`	`4242`
`4243`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`4243`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`4244`	`4244`	`if (!atomic_test_bit(smp->flags, SMP_FLAG_SC)) {`
`4245`	`4245`	`legacy_passkey_entry(smp, passkey);`
`4246`	`4246`	`return 0;`
`4247`	`4247`	`}`
`4248`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`4248`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`4249`	`4249`
`4250`	`4250`	`smp->passkey = sys_cpu_to_le32(passkey);`
`4251`	`4251`
`@@ -4346,7 +4346,7 @@ int bt_smp_auth_cancel(struct bt_conn *conn)`
`4346`	`4346`	`}`
`4347`	`4347`	`}`
`4348`	`4348`
`4349`		`-#if !defined(CONFIG_BT_SMP_SC_ONLY)`
	`4349`	`+#if !defined(CONFIG_BT_SMP_SC_PAIR_ONLY)`
`4350`	`4350`	`int bt_smp_auth_pairing_confirm(struct bt_conn *conn)`
`4351`	`4351`	`{`
`4352`	`4352`	`struct bt_smp *smp;`
`@@ -4398,7 +4398,7 @@ int bt_smp_auth_pairing_confirm(struct bt_conn *conn)`
`4398`	`4398`	`/* confirm_pairing will never be called in LE SC only mode */`
`4399`	`4399`	`return -EINVAL;`
`4400`	`4400`	`}`
`4401`		`-#endif /* !CONFIG_BT_SMP_SC_ONLY */`
	`4401`	`+#endif /* !CONFIG_BT_SMP_SC_PAIR_ONLY */`
`4402`	`4402`
`4403`	`4403`	`#if defined(CONFIG_BT_FIXED_PASSKEY)`
`4404`	`4404`	`int bt_passkey_set(unsigned int passkey)`
`@@ -4578,8 +4578,8 @@ int bt_smp_init(void)`
`4578`	`4578`	`};`
`4579`	`4579`
`4580`	`4580`	`sc_supported = le_sc_supported();`
`4581`		`- if (IS_ENABLED(CONFIG_BT_SMP_SC_ONLY) && !sc_supported) {`
`4582`		`- BT_ERR("SC Only Mode selected but LE SC not supported");`
	`4581`	`+ if (IS_ENABLED(CONFIG_BT_SMP_SC_PAIR_ONLY) && !sc_supported) {`
	`4582`	`+ BT_ERR("SC Pair Only Mode selected but LE SC not supported");`
`4583`	`4583`	`return -ENOENT;`
`4584`	`4584`	`}`
`4585`	`4585`