| sm.c (ba9fc86712b5e7645ab9cf646b1020091eeff43f) | sm.c (026587490746caba523909998b442a2ae1c06bb5) |
|---|---|
| 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 4032 unchanged lines hidden (view full) --- 4041 sm_pdu_received_in_wrong_state(sm_conn); 4042 break; 4043 } 4044 4045 // store public key for DH Key calculation 4046 reverse_256(&packet[01], &setup->sm_peer_q[0]); 4047 reverse_256(&packet[33], &setup->sm_peer_q[32]); 4048 | 1/* 2 * Copyright (C) 2014 BlueKitchen GmbH 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions 6 * are met: 7 * 8 * 1. Redistributions of source code must retain the above copyright --- 4032 unchanged lines hidden (view full) --- 4041 sm_pdu_received_in_wrong_state(sm_conn); 4042 break; 4043 } 4044 4045 // store public key for DH Key calculation 4046 reverse_256(&packet[01], &setup->sm_peer_q[0]); 4047 reverse_256(&packet[33], &setup->sm_peer_q[32]); 4048 |
| 4049 // CVE-2020-26558: abort pairing if remote uses the same public key 4050 if (memcmp(&setup->sm_peer_q, ec_q, 64) == 0){ 4051 log_info("Remote PK matches ours"); 4052 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED); 4053 break; 4054 } 4055 |
|
| 4049 // validate public key 4050 err = btstack_crypto_ecc_p256_validate_public_key(setup->sm_peer_q); 4051 if (err != 0){ | 4056 // validate public key 4057 err = btstack_crypto_ecc_p256_validate_public_key(setup->sm_peer_q); 4058 if (err != 0){ |
| 4052 log_error("sm: peer public key invalid %x", err); | 4059 log_info("sm: peer public key invalid %x", err); |
| 4053 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED); 4054 break; 4055 } 4056 4057 // start calculating dhkey 4058 btstack_crypto_ecc_p256_calculate_dhkey(&sm_crypto_ecc_p256_request, setup->sm_peer_q, setup->sm_dhkey, sm_sc_dhkey_calculated, (void*)(uintptr_t) sm_conn->sm_handle); 4059 4060 --- 813 unchanged lines hidden --- | 4060 sm_pairing_error(sm_conn, SM_REASON_DHKEY_CHECK_FAILED); 4061 break; 4062 } 4063 4064 // start calculating dhkey 4065 btstack_crypto_ecc_p256_calculate_dhkey(&sm_crypto_ecc_p256_request, setup->sm_peer_q, setup->sm_dhkey, sm_sc_dhkey_calculated, (void*)(uintptr_t) sm_conn->sm_handle); 4066 4067 --- 813 unchanged lines hidden --- |