diff options
author | MichaĆ Lowas-Rzechonek <michal.lowas-rzechonek@silvair.com> | 2019-10-03 13:07:47 -0700 |
---|---|---|
committer | Brian Gix <brian.gix@intel.com> | 2019-10-03 13:10:16 -0700 |
commit | 37bbe30c92a729a4f819fde349443ce07a23cf93 (patch) | |
tree | afdd2ba86be3406af21de2c60e03a87da3e6d6d9 /mesh/model.c | |
parent | 45beec16bd26c246eb1378344be7e4a23abd5937 (diff) | |
download | bluez-37bbe30c92a729a4f819fde349443ce07a23cf93.tar.gz |
mesh: Align appkey_packet_decrypt with dev and virt variants.
Move appkey_packet_decrypt to mesh/model, rename it to
app_packet_decrypt, make it private and change arguments to be aligned
with other decryption functions.
Also, simplify the implementation using an inline loop, removing the
need of mod_decrypt struct.
Diffstat (limited to 'mesh/model.c')
-rw-r--r-- | mesh/model.c | 73 |
1 files changed, 64 insertions, 9 deletions
diff --git a/mesh/model.c b/mesh/model.c index 3ceb52746..84f1dc74c 100644 --- a/mesh/model.c +++ b/mesh/model.c @@ -353,6 +353,62 @@ static void forward_model(void *a, void *b) fwd->done = true; } +static int app_packet_decrypt(struct mesh_net *net, const uint8_t *data, + uint16_t size, bool szmict, uint16_t src, + uint16_t dst, uint8_t *virt, uint16_t virt_size, + uint8_t key_aid, uint32_t seq, + uint32_t iv_idx, uint8_t *out) +{ + struct l_queue *app_keys = mesh_net_get_app_keys(net); + const struct l_queue_entry *entry; + + if (!app_keys) + return -1; + + for (entry = l_queue_get_entries(app_keys); entry; + entry = entry->next) { + const uint8_t *old_key = NULL, *new_key = NULL; + uint8_t old_key_aid, new_key_aid; + int app_idx; + bool decrypted; + + app_idx = appkey_get_key_idx(entry->data, + &old_key, &old_key_aid, + &new_key, &new_key_aid); + + if (app_idx < 0) + continue; + + if (old_key && old_key_aid == key_aid) { + decrypted = mesh_crypto_payload_decrypt(NULL, 0, data, + size, szmict, src, dst, key_aid, + seq, iv_idx, out, old_key); + + if (decrypted) { + print_packet("Used App Key", old_key, 16); + return app_idx; + } + + print_packet("Failed App Key", old_key, 16); + } + + if (new_key && new_key_aid == key_aid) { + decrypted = mesh_crypto_payload_decrypt(NULL, 0, data, + size, szmict, src, dst, key_aid, + seq, iv_idx, out, new_key); + + if (decrypted) { + print_packet("Used App Key", new_key, 16); + return app_idx; + } + + print_packet("Failed App Key", new_key, 16); + } + } + + return -1; +} + static int dev_packet_decrypt(struct mesh_node *node, const uint8_t *data, uint16_t size, bool szmict, uint16_t src, uint16_t dst, uint8_t key_aid, uint32_t seq, @@ -395,11 +451,10 @@ static int virt_packet_decrypt(struct mesh_net *net, const uint8_t *data, if (virt->addr != dst) continue; - decrypt_idx = appkey_packet_decrypt(net, szmict, seq, - iv_idx, src, dst, - virt->label, 16, - key_aid, - data, size, out); + decrypt_idx = app_packet_decrypt(net, data, size, szmict, src, + dst, virt->label, 16, + key_aid, seq, iv_idx, + out); if (decrypt_idx >= 0) { *decrypt_virt = virt; @@ -853,10 +908,10 @@ bool mesh_model_rx(struct mesh_node *node, bool szmict, uint32_t seq0, iv_index, clear_text, &decrypt_virt); else - decrypt_idx = appkey_packet_decrypt(net, szmict, seq0, - iv_index, src, dst, - NULL, 0, key_aid, data, - size, clear_text); + decrypt_idx = app_packet_decrypt(net, data, size, szmict, src, + dst, NULL, 0, + key_aid, seq0, iv_index, + clear_text); if (decrypt_idx < 0) { l_error("model.c - Failed to decrypt application payload"); |