mesh: Add Provisioning Confirmation validity check

Validate generated and received confirmation data is unique during provisioning.
author: Brian Gix <brian.gix@intel.com> 2021-04-08 12:01:34 -0700
committer: Brian Gix <brian.gix@intel.com> 2021-04-09 08:40:03 -0700
commit: 9be85f867856195e16c9b94b605f65f6389eda33 (patch)
tree: 983a99623af1101f63e3ea696739ca5ca163c977 /mesh/prov-initiator.c
parent: b5b7e6203b9303b20751f4ef0ad2d6a01a671ae9 (diff)
download: bluez-9be85f867856195e16c9b94b605f65f6389eda33.tar.gz
1 files changed, 8 insertions, 0 deletions
diff --git a/mesh/prov-initiator.c b/mesh/prov-initiator.c
index 4f492a49c..ae9c646de 100644
--- a/mesh/prov-initiator.c
+++ b/mesh/prov-initiator.c
@@ -279,6 +279,7 @@ static void send_confirm(struct mesh_prov_initiator *prov)
 	msg.opcode = PROV_CONFIRM;
 	mesh_crypto_aes_cmac(prov->calc_key, prov->rand_auth_workspace,
 			32, msg.conf);
+	memcpy(prov->confirm, msg.conf, sizeof(prov->confirm));
 	prov->trans_tx(prov->trans_data, &msg, sizeof(msg));
 	prov->state = INT_PROV_CONF_SENT;
 	prov->expected = PROV_CONFIRM;
@@ -732,6 +733,13 @@ static void int_prov_rx(void *user_data, const uint8_t *data, uint16_t len)
 	case PROV_CONFIRM: /* Confirmation */
 		prov->state = INT_PROV_CONF_ACKED;
 		/* RXed Device Confirmation */
+
+		/* Disallow echoed values */
+		if (!memcmp(prov->confirm, data, 16)) {
+			fail_code[1] = PROV_ERR_INVALID_PDU;
+			goto failure;
+		}
+
 		memcpy(prov->confirm, data, 16);
 		print_packet("ConfirmationDevice", prov->confirm, 16);
 		send_random(prov);
author	Brian Gix <brian.gix@intel.com>	2021-04-08 12:01:34 -0700
committer	Brian Gix <brian.gix@intel.com>	2021-04-09 08:40:03 -0700
commit	9be85f867856195e16c9b94b605f65f6389eda33 (patch)
tree	983a99623af1101f63e3ea696739ca5ca163c977 /mesh/prov-initiator.c
parent	b5b7e6203b9303b20751f4ef0ad2d6a01a671ae9 (diff)
download	bluez-9be85f867856195e16c9b94b605f65f6389eda33.tar.gz