From: Archie Pusaka <apusaka@xxxxxxxxxxxx> This is used to verify the signature of incoming ATT packets. --- Changes in v4: None Changes in v3: - Add check for the case where pdu_len < ATT_SIGN_LEN Changes in v2: None src/shared/crypto.c | 28 ++++++++++++++++++++++++++-- src/shared/crypto.h | 2 ++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/src/shared/crypto.c b/src/shared/crypto.c index 5c5e1217d..5cc88ce4a 100644 --- a/src/shared/crypto.c +++ b/src/shared/crypto.c @@ -75,6 +75,8 @@ struct af_alg_iv { /* Maximum message length that can be passed to aes_cmac */ #define CMAC_MSG_MAX 80 +#define ATT_SIGN_LEN 12 + struct bt_crypto { int ref_count; int ecb_aes; @@ -265,7 +267,8 @@ static inline void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len) bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], const uint8_t *m, uint16_t m_len, - uint32_t sign_cnt, uint8_t signature[12]) + uint32_t sign_cnt, + uint8_t signature[ATT_SIGN_LEN]) { int fd; int len; @@ -319,10 +322,31 @@ bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], * 12 octets */ swap_buf(out, tmp, 16); - memcpy(signature, tmp + 4, 12); + memcpy(signature, tmp + 4, ATT_SIGN_LEN); return true; } + +bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16], + const uint8_t *pdu, uint16_t pdu_len) +{ + uint8_t generated_sign[ATT_SIGN_LEN]; + const uint8_t *sign; + uint32_t sign_cnt; + + if (pdu_len < ATT_SIGN_LEN) + return false; + + sign = pdu + pdu_len - ATT_SIGN_LEN; + sign_cnt = get_le32(sign); + + if (!bt_crypto_sign_att(crypto, key, pdu, pdu_len - ATT_SIGN_LEN, + sign_cnt, generated_sign)) + return false; + + return memcmp(generated_sign, sign, ATT_SIGN_LEN) == 0; +} + /* * Security function e * diff --git a/src/shared/crypto.h b/src/shared/crypto.h index c58d2e104..d17daa835 100644 --- a/src/shared/crypto.h +++ b/src/shared/crypto.h @@ -62,5 +62,7 @@ bool bt_crypto_h6(struct bt_crypto *crypto, const uint8_t w[16], bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16], const uint8_t *m, uint16_t m_len, uint32_t sign_cnt, uint8_t signature[12]); +bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16], + const uint8_t *pdu, uint16_t pdu_len); bool bt_crypto_gatt_hash(struct bt_crypto *crypto, struct iovec *iov, size_t iov_len, uint8_t res[16]); -- 2.26.0.292.g33ef6b2f38-goog