mirror/btstack
1
0
Fork 0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-02-20 18:40:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

sm: fix validation of confirm value for secure connection Passkey entry

Browse Source
This commit is contained in:
Matthias Ringwald 2020-06-22 13:16:36 +02:00
parent 321122182e
commit d686b2d04a
2 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
CHANGELOG.md
View File

@ -10,7 +10,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.
### Fixed
- HFP: Fix parsing of empty fields, e.g. phone number in +CLCC and other AT commands
- sm: Fix validation of confirm value for secure connection Passkey entry
### Added
- GAP: Detect Secure Connection -> Legacy Connection Downgrade Attack by remote features and actual encryption type (BIAS)
- GAP: Mutual authentication: request authentication after Classic connection got encrypted (BIAS)

5
src/ble/sm.c
View File

@ -3797,8 +3797,11 @@ static void sm_pdu_handler(uint8_t packet_type, hci_con_handle_t con_handle, uin
// validate confirm value if Cb = f4(Pkb, Pka, Nb, z)
// only check for JUST WORK/NC in initiator role OR passkey entry
log_info("SM_SC_W4_PAIRING_RANDOM, responder: %u, just works: %u, passkey used %u, passkey entry %u",
IS_RESPONDER(sm_conn->sm_role), sm_just_works_or_numeric_comparison(setup->sm_stk_generation_method),
sm_passkey_used(setup->sm_stk_generation_method), sm_passkey_entry(setup->sm_stk_generation_method));
if ( (!IS_RESPONDER(sm_conn->sm_role) && sm_just_works_or_numeric_comparison(setup->sm_stk_generation_method))
|| (sm_passkey_used(setup->sm_stk_generation_method)) ) {
|| (sm_passkey_entry(setup->sm_stk_generation_method)) ) {
sm_conn->sm_engine_state = SM_SC_W2_CMAC_FOR_CHECK_CONFIRMATION;
break;
}