diff options
author | Brian Gix <brian.gix@intel.com> | 2021-04-08 12:01:34 -0700 |
---|---|---|
committer | Brian Gix <brian.gix@intel.com> | 2021-04-09 08:40:03 -0700 |
commit | 9be85f867856195e16c9b94b605f65f6389eda33 (patch) | |
tree | 983a99623af1101f63e3ea696739ca5ca163c977 /mesh/prov-initiator.c | |
parent | b5b7e6203b9303b20751f4ef0ad2d6a01a671ae9 (diff) | |
download | bluez-9be85f867856195e16c9b94b605f65f6389eda33.tar.gz |
mesh: Add Provisioning Confirmation validity check
Validate generated and received confirmation data is unique during
provisioning.
Diffstat (limited to 'mesh/prov-initiator.c')
-rw-r--r-- | mesh/prov-initiator.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/mesh/prov-initiator.c b/mesh/prov-initiator.c index 4f492a49c..ae9c646de 100644 --- a/mesh/prov-initiator.c +++ b/mesh/prov-initiator.c @@ -279,6 +279,7 @@ static void send_confirm(struct mesh_prov_initiator *prov) msg.opcode = PROV_CONFIRM; mesh_crypto_aes_cmac(prov->calc_key, prov->rand_auth_workspace, 32, msg.conf); + memcpy(prov->confirm, msg.conf, sizeof(prov->confirm)); prov->trans_tx(prov->trans_data, &msg, sizeof(msg)); prov->state = INT_PROV_CONF_SENT; prov->expected = PROV_CONFIRM; @@ -732,6 +733,13 @@ static void int_prov_rx(void *user_data, const uint8_t *data, uint16_t len) case PROV_CONFIRM: /* Confirmation */ prov->state = INT_PROV_CONF_ACKED; /* RXed Device Confirmation */ + + /* Disallow echoed values */ + if (!memcmp(prov->confirm, data, 16)) { + fail_code[1] = PROV_ERR_INVALID_PDU; + goto failure; + } + memcpy(prov->confirm, data, 16); print_packet("ConfirmationDevice", prov->confirm, 16); send_random(prov); |