mirror/btstack
1
0
Fork 0
mirror of https://github.com/bluekitchen/btstack.git synced 2025-04-01 04:20:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

sm: disable RNG in micro-ecc for standard version

Browse Source
This commit is contained in:
Matthias Ringwald 2017-08-14 15:01:03 +02:00
parent 1ce327b5b6
commit e6343eb699
1 changed files with 7 additions and 3 deletions

10
src/ble/sm.c

@ -1364,17 +1364,17 @@ static void sm_key_distribution_handle_all_received(sm_connection_t * sm_conn){
#endif #endif
// store encryption information for secure connections: LTK generated by ECDH // store encryption information for secure connections: LTK generated by ECDH
if (setup->sm_use_secure_connections){ if (setup->sm_use_secure_connections){
log_info("sm: store SC LTK (key size %u, authenticatd %u)", sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated); log_info("sm: store SC LTK (key size %u, authenticated %u)", sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated);
uint8_t zero_rand[8]; uint8_t zero_rand[8];
memset(zero_rand, 0, 8); memset(zero_rand, 0, 8);
le_device_db_encryption_set(le_db_index, 0, zero_rand, setup->sm_ltk, sm_conn->sm_actual_encryption_key_size, le_device_db_encryption_set(le_db_index, 0, zero_rand, setup->sm_ltk, sm_conn->sm_actual_encryption_key_size,
sm_conn->sm_connection_authenticated, sm_conn->sm_connection_authorization_state == AUTHORIZATION_GRANTED); sm_conn->sm_connection_authenticated, sm_conn->sm_connection_authorization_state == AUTHORIZATION_GRANTED);
} }
// store encryption infromation for legacy pairing: peer LTK, EDIV, RAND // store encryption information for legacy pairing: peer LTK, EDIV, RAND
else if ( (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_ENCRYPTION_INFORMATION) else if ( (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_ENCRYPTION_INFORMATION)
&& (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_MASTER_IDENTIFICATION )){ && (setup->sm_key_distribution_received_set & SM_KEYDIST_FLAG_MASTER_IDENTIFICATION )){
log_info("sm: set encryption information (key size %u, authenticatd %u)", sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated); log_info("sm: set encryption information (key size %u, authenticated %u)", sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated);
le_device_db_encryption_set(le_db_index, setup->sm_peer_ediv, setup->sm_peer_rand, setup->sm_peer_ltk, le_device_db_encryption_set(le_db_index, setup->sm_peer_ediv, setup->sm_peer_rand, setup->sm_peer_ltk,
sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated, sm_conn->sm_connection_authorization_state == AUTHORIZATION_GRANTED); sm_conn->sm_actual_encryption_key_size, sm_conn->sm_connection_authenticated, sm_conn->sm_connection_authorization_state == AUTHORIZATION_GRANTED);
@ -2840,6 +2840,10 @@ static void sm_handle_random_result(uint8_t * data){
#if uECC_SUPPORTS_secp256r1 #if uECC_SUPPORTS_secp256r1
// standard version // standard version
uECC_make_key(ec_q, ec_d, uECC_secp256r1()); uECC_make_key(ec_q, ec_d, uECC_secp256r1());
// disable RNG again, as returning no randmon data lets shared key generation fail
log_info("disable uECC RNG in standard version after key generation");
uECC_set_rng(NULL);
#else #else
// static version // static version
uECC_make_key(ec_q, ec_d); uECC_make_key(ec_q, ec_d);