sm.c (ba9fc86712b5e7645ab9cf646b1020091eeff43f) sm.c (026587490746caba523909998b442a2ae1c06bb5)
1/*
2 * Copyright (C) 2014 BlueKitchen GmbH
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright

--- 4032 unchanged lines hidden (view full) ---

4041 sm_pdu_received_in_wrong_state(sm_conn);
4042 break;
4043 }
4044
4045 // store public key for DH Key calculation
4046 reverse_256(&packet[01], &setup->sm_peer_q[0]);
4047 reverse_256(&packet[33], &setup->sm_peer_q[32]);
4048
1/*
2 * Copyright (C) 2014 BlueKitchen GmbH
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 *
8 * 1. Redistributions of source code must retain the above copyright

--- 4032 unchanged lines hidden (view full) ---

4041 sm_pdu_received_in_wrong_state(sm_conn);
4042 break;
4043 }
4044
4045 // store public key for DH Key calculation
4046 reverse_256(&packet[01], &setup->sm_peer_q[0]);
4047 reverse_256(&packet[33], &setup->sm_peer_q[32]);
4048
4049 // CVE-2020-26558: abort pairing if remote uses the same public key
4050 if (memcmp(&setup->sm_peer_q, ec_q, 64) == 0){
4051 log_info("Remote PK matches ours");
4052 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED);
4053 break;
4054 }
4055
4049 // validate public key
4050 err = btstack_crypto_ecc_p256_validate_public_key(setup->sm_peer_q);
4051 if (err != 0){
4056 // validate public key
4057 err = btstack_crypto_ecc_p256_validate_public_key(setup->sm_peer_q);
4058 if (err != 0){
4052 log_error("sm: peer public key invalid %x", err);
4059 log_info("sm: peer public key invalid %x", err);
4053 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED);
4054 break;
4055 }
4056
4057 // start calculating dhkey
4058 btstack_crypto_ecc_p256_calculate_dhkey(&sm_crypto_ecc_p256_request, setup->sm_peer_q, setup->sm_dhkey, sm_sc_dhkey_calculated, (void*)(uintptr_t) sm_conn->sm_handle);
4059
4060

--- 813 unchanged lines hidden ---
4060 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED);
4061 break;
4062 }
4063
4064 // start calculating dhkey
4065 btstack_crypto_ecc_p256_calculate_dhkey(&sm_crypto_ecc_p256_request, setup->sm_peer_q, setup->sm_dhkey, sm_sc_dhkey_calculated, (void*)(uintptr_t) sm_conn->sm_handle);
4066
4067

--- 813 unchanged lines hidden ---