提交 a8ca617c 编写于 作者: J Johan Hedberg 提交者: Marcel Holtmann

Bluetooth: Don't send public key if OOB data verification fails

When we receive the remote public key, if we have remote OOB data
there's no point in sending our public key to the remote if the OOB data
doesn't match. This patch moves the test for this higher up in the
smp_cmd_public_key() function.
Signed-off-by: NJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: NMarcel Holtmann <marcel@holtmann.org>
上级 94ea7257
...@@ -2515,6 +2515,16 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb) ...@@ -2515,6 +2515,16 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)
memcpy(smp->remote_pk, key, 64); memcpy(smp->remote_pk, key, 64);
if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {
err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,
smp->rr, 0, cfm.confirm_val);
if (err)
return SMP_UNSPECIFIED;
if (memcmp(cfm.confirm_val, smp->pcnf, 16))
return SMP_CONFIRM_FAILED;
}
/* Non-initiating device sends its public key after receiving /* Non-initiating device sends its public key after receiving
* the key from the initiating device. * the key from the initiating device.
*/ */
...@@ -2562,16 +2572,6 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb) ...@@ -2562,16 +2572,6 @@ static int smp_cmd_public_key(struct l2cap_conn *conn, struct sk_buff *skb)
return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY); return sc_passkey_round(smp, SMP_CMD_PUBLIC_KEY);
} }
if (test_bit(SMP_FLAG_REMOTE_OOB, &smp->flags)) {
err = smp_f4(smp->tfm_cmac, smp->remote_pk, smp->remote_pk,
smp->rr, 0, cfm.confirm_val);
if (err)
return SMP_UNSPECIFIED;
if (memcmp(cfm.confirm_val, smp->pcnf, 16))
return SMP_CONFIRM_FAILED;
}
if (smp->method == REQ_OOB) { if (smp->method == REQ_OOB) {
if (hcon->out) if (hcon->out)
smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM, smp_send_cmd(conn, SMP_CMD_PAIRING_RANDOM,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册