From d2447ec35f7cd53447f44ad9e08b0c3a8e635bc1 Mon Sep 17 00:00:00 2001
From: Matthias Ringwald <matthias@ringwald.ch>
Date: Thu, 25 Oct 2018 11:06:36 +0200
Subject: [PATCH] mesh: validate public key in provisioning_device

---
 test/mesh/provisioning_device.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/test/mesh/provisioning_device.c b/test/mesh/provisioning_device.c
index 76206e286..08ae57c42 100644
--- a/test/mesh/provisioning_device.c
+++ b/test/mesh/provisioning_device.c
@@ -510,7 +510,12 @@ static void provisioning_handle_public_key_dhkey(void * arg){
 
 static void provisioning_handle_public_key(uint8_t *packet, uint16_t size){
 
-    if (size != sizeof(remote_ec_q)) return;
+    // validate public key
+    if (size != sizeof(remote_ec_q) || btstack_crypto_ecc_p256_validate_public_key(packet) != 0){
+        printf("Public Key invalid, abort provisioning");
+        provisioning_handle_provisioning_error(0x07);   // Unexpected Error
+        return;
+    }
 
     // stop emit public OOK if specified and send to crypto module
     if (prov_public_key_oob_available && prov_public_key_oob_used){