From: Johan Hedberg <johan.hedberg@xxxxxxxxx>
It is very unlikely, but to have a 100% guarantee of the generated key
type we need to reject any keys which happen to match the debug key.
Signed-off-by: Johan Hedberg <johan.hedberg@xxxxxxxxx>
---
net/bluetooth/smp.c | 14 +++++++++++---
1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index 74b0489fea4f..13fbe05d33cb 100644
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -1399,9 +1399,17 @@ static u8 sc_send_public_key(struct smp_chan *smp)
{
BT_DBG("");
- /* Generate local key pair for Secure Connections */
- if (!ecc_make_key(smp->local_pk, smp->local_sk))
- return SMP_UNSPECIFIED;
+ while (true) {
+ /* Generate local key pair for Secure Connections */
+ if (!ecc_make_key(smp->local_pk, smp->local_sk))
+ return SMP_UNSPECIFIED;
+
+ /* This is unlikely, but we need to check that we didn't
+ * accidentially generate a debug key.
+ */
+ if (memcmp(smp->local_sk, debug_sk, 32))
+ break;
+ }
BT_DBG("Local Public Key X: %32phN", smp->local_pk);
BT_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]);
--
2.1.0
--
To unsubscribe from this list: send the line "unsubscribe linux-bluetooth" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
