From 299c86cc84063a311abfd9677935f7fd8fd92cc3 Mon Sep 17 00:00:00 2001 From: lly Date: Mon, 2 Sep 2019 14:40:28 +0800 Subject: [PATCH] ble_mesh: fix rejecting invalid remote public key --- components/bt/esp_ble_mesh/mesh_core/prov.c | 28 ++++++++++++--------- 1 file changed, 16 insertions(+), 12 deletions(-) diff --git a/components/bt/esp_ble_mesh/mesh_core/prov.c b/components/bt/esp_ble_mesh/mesh_core/prov.c index 51555678a0..c7c1dae4dc 100644 --- a/components/bt/esp_ble_mesh/mesh_core/prov.c +++ b/components/bt/esp_ble_mesh/mesh_core/prov.c @@ -937,6 +937,20 @@ static void send_pub_key(void) PROV_BUF(buf, 65); const u8_t *key; + /* Copy remote key in little-endian for bt_mesh_dh_key_gen(). + * X and Y halves are swapped independently. Use response + * buffer as a temporary storage location. The validating of + * the remote public key is finished when it is received. + */ + sys_memcpy_swap(buf.data, &link.conf_inputs[17], 32); + sys_memcpy_swap(&buf.data[32], &link.conf_inputs[49], 32); + + if (bt_mesh_dh_key_gen(buf.data, prov_dh_key_cb, 0)) { + BT_ERR("%s, Unable to generate DHKey", __func__); + prov_send_fail_msg(PROV_ERR_UNEXP_ERR); + return; + } + key = bt_mesh_pub_key_get(); if (!key) { BT_ERR("%s, No public key available", __func__); @@ -954,18 +968,8 @@ static void send_pub_key(void) memcpy(&link.conf_inputs[81], &buf.data[1], 64); - prov_send(&buf); - - /* Copy remote key in little-endian for bt_mesh_dh_key_gen(). - * X and Y halves are swapped independently. - */ - net_buf_simple_reset(&buf); - sys_memcpy_swap(buf.data, &link.conf_inputs[17], 32); - sys_memcpy_swap(&buf.data[32], &link.conf_inputs[49], 32); - - if (bt_mesh_dh_key_gen(buf.data, prov_dh_key_cb, 0)) { - BT_ERR("%s, Unable to generate DHKey", __func__); - prov_send_fail_msg(PROV_ERR_UNEXP_ERR); + if (prov_send(&buf)) { + BT_ERR("Failed to send Public Key"); return; }