diff options
author | Brian Gix <brian.gix@intel.com> | 2021-03-08 15:36:53 -0800 |
---|---|---|
committer | Brian Gix <brian.gix@intel.com> | 2021-03-09 06:09:01 -0800 |
commit | 13c98ce3256f852b1d43c9dec1fe0d0a217f5d43 (patch) | |
tree | b08fe16f9d50d8aa715a0e37087b910b8edfe853 /mesh/prov-initiator.c | |
parent | f3e4937bc6a4fd01e21a5b26d40807c33572e7cb (diff) | |
download | bluez-13c98ce3256f852b1d43c9dec1fe0d0a217f5d43.tar.gz |
mesh: Validate OTA provision security material
When validating incoming security material, ensure that the data is
unique to the provisioning session.
Diffstat (limited to 'mesh/prov-initiator.c')
-rw-r--r-- | mesh/prov-initiator.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/mesh/prov-initiator.c b/mesh/prov-initiator.c index 8399282ee..4f492a49c 100644 --- a/mesh/prov-initiator.c +++ b/mesh/prov-initiator.c @@ -202,6 +202,10 @@ static bool prov_calc_secret(const uint8_t *pub, const uint8_t *priv, static bool int_credentials(struct mesh_prov_initiator *prov) { + if (!memcmp(prov->conf_inputs.prv_pub_key, + prov->conf_inputs.dev_pub_key, 64)) + return false; + if (!prov_calc_secret(prov->conf_inputs.dev_pub_key, prov->private_key, prov->secret)) return false; @@ -736,6 +740,12 @@ static void int_prov_rx(void *user_data, const uint8_t *data, uint16_t len) case PROV_RANDOM: /* Random */ prov->state = INT_PROV_RAND_ACKED; + /* Disallow matching random values */ + if (!memcmp(prov->rand_auth_workspace, data, 16)) { + fail_code[1] = PROV_ERR_INVALID_PDU; + goto failure; + } + /* RXed Device Confirmation */ calc_local_material(data); memcpy(prov->rand_auth_workspace + 16, data, 16); |