diff --git a/test/mesh/provisioning_device.c b/test/mesh/provisioning_device.c index 76206e286..08ae57c42 100644 --- a/test/mesh/provisioning_device.c +++ b/test/mesh/provisioning_device.c @@ -510,7 +510,12 @@ static void provisioning_handle_public_key_dhkey(void * arg){ static void provisioning_handle_public_key(uint8_t *packet, uint16_t size){ - if (size != sizeof(remote_ec_q)) return; + // validate public key + if (size != sizeof(remote_ec_q) || btstack_crypto_ecc_p256_validate_public_key(packet) != 0){ + printf("Public Key invalid, abort provisioning"); + provisioning_handle_provisioning_error(0x07); // Unexpected Error + return; + } // stop emit public OOK if specified and send to crypto module if (prov_public_key_oob_available && prov_public_key_oob_used){