Skip to content
Permalink
Browse files

Bluetooth: Mesh: Fix rejecting invalid remote public key

Mesh Profile Spec v1.0.1 | Section 5.4.2.3:
"The Provisioner and the device shall check whether the public key
provided by the peer device or obtained OOB is valid (see Section
5.4.3.1).

When the Provisioner receives an invalid public key, then provisioning
fails, and the Provisioner shall act as described in Section 5.4.4.
When the device receives an invalid public key, then provisioning
fails, and the device shall act as described in Section 5.4.4."

This is also in Erratum 10395 which is Mandatory for Mesh v1.0.

The code was already rejecting the key, however that rejection
happened only after we had already sent our public key as response,
which got interpreted as acceptance by the tester (PTS).

Fixes MESH/NODE/PROV/BI-13-C.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
  • Loading branch information...
jhedberg committed Jun 25, 2019
1 parent 1027471 commit c4e225109ed4488ec3a04b9ab3ac496785d041a5
Showing with 16 additions and 12 deletions.
  1. +16 −12 subsys/bluetooth/host/mesh/prov.c
@@ -909,20 +909,11 @@ static void send_pub_key(void)

BT_DBG("Local Public Key: %s", bt_hex(key, 64));

prov_buf_init(&buf, PROV_PUB_KEY);

/* Swap X and Y halves independently to big-endian */
sys_memcpy_swap(net_buf_simple_add(&buf, 32), key, 32);
sys_memcpy_swap(net_buf_simple_add(&buf, 32), &key[32], 32);

memcpy(&link.conf_inputs[81], &buf.data[1], 64);

prov_send(&buf);

/* Copy remote key in little-endian for bt_dh_key_gen().
* X and Y halves are swapped independently.
* X and Y halves are swapped independently. Use response
* buffer as a temporary storage location. The bt_dh_key_gen()
* will also take care of validating the remote public key.
*/
net_buf_simple_reset(&buf);
sys_memcpy_swap(buf.data, &link.conf_inputs[17], 32);
sys_memcpy_swap(&buf.data[32], &link.conf_inputs[49], 32);

@@ -932,6 +923,19 @@ static void send_pub_key(void)
return;
}

prov_buf_init(&buf, PROV_PUB_KEY);

/* Swap X and Y halves independently to big-endian */
sys_memcpy_swap(net_buf_simple_add(&buf, 32), key, 32);
sys_memcpy_swap(net_buf_simple_add(&buf, 32), &key[32], 32);

memcpy(&link.conf_inputs[81], &buf.data[1], 64);

if (prov_send(&buf)) {
BT_ERR("Failed to send Public Key");
return;
}

link.expect = PROV_CONFIRM;
}

0 comments on commit c4e2251

Please sign in to comment.
You can’t perform that action at this time.