Commit 6c0dcc50 authored by Johan Hedberg's avatar Johan Hedberg Committed by Marcel Holtmann
Browse files

Bluetooth: Add check for accidentally generating a debug key 



It is very unlikely, but to have a 100% guarantee of the generated key
type we need to reject any keys which happen to match the debug key.

Signed-off-by: default avatarJohan Hedberg <johan.hedberg@intel.com>
Signed-off-by: default avatarMarcel Holtmann <marcel@holtmann.org>
parent aeb7d461

net/bluetooth/smp.c

+11 −3
Original line number Diff line number Diff line
@@ -1399,10 +1399,18 @@ static u8 sc_send_public_key(struct smp_chan *smp) 
{

	BT_DBG("");



	while (true) {

		/* Generate local key pair for Secure Connections */

		if (!ecc_make_key(smp->local_pk, smp->local_sk))

			return SMP_UNSPECIFIED;



		/* This is unlikely, but we need to check that we didn't

		 * accidentially generate a debug key.

		 */

		if (memcmp(smp->local_sk, debug_sk, 32))

			break;

	}



	BT_DBG("Local Public Key X: %32phN", smp->local_pk);

	BT_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]);

	BT_DBG("Local Private Key:  %32phN", smp->local_sk);

CRA Git | Maintained and supported by SUSTech CRA and CCSE