Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp2140116pxb; Mon, 8 Mar 2021 15:39:00 -0800 (PST) X-Google-Smtp-Source: ABdhPJzcviBakCh82DXLRs84AI3aeLNichb3bp5PDyfkuRbZRumruqaiIVg7M00ntjbYJzjSfuw+ X-Received: by 2002:a17:906:a3d1:: with SMTP id ca17mr17476878ejb.92.1615246740780; Mon, 08 Mar 2021 15:39:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1615246740; cv=none; d=google.com; s=arc-20160816; b=shuXYDbxjrLUVSVaOPDls0LvO2Y650L8OcNqRWCj0YFIy8iwQgnOtbHkisEVIg0qVo +mR87Pt1xbUNqnvYz6w+ElNThb6g191jBPtHzTPrRPTkdbtIolgRKHt79HE8zjShaDSi LsQbiWH+0Nl36Y/UknS3ztGt3arZoQ4uFADI4+DJDMILku1wPaOL6kOZoyCnl7o5BoEo ryfhq0ps9OddpSfHsOiwP+j7cXaGKS5l7aItxyjlCW9N+vrxEGcNQ12mo9WiW1kWU3L4 Mv2KUHJmnoTcjvPBRRiS+I1+7lou4aKmFv+kz1wPDp+5srEgPEWgzcWPD96GcOcYS2+0 YMcw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:ironport-sdr:ironport-sdr; bh=fZJ3BXGkhI339zQQnErZW4OP7f7pHBIcLMpsjs/zESw=; b=ezrncXUmhJ5S+IIPCW3+O0F+VnCqfFWNjLB6ABvuctjmylwoy7dPsJz5GtvZNyGjo7 kRM1y/U5NJqd4uJRRonkJyI0vKKYuh82nKo/oNUO3RUU3aEPFMiBvNduPk5aYVpsXJqe 5dq/N2JVn6lB0UFcvPqXGyhLwD60ljOrFoHJdkToWtZOnJQok80YOJBzbgw2389rZGTh zLG4/kGwa3L+ANCuWgesKxSBgIuZarHg6g/0m1JehCNYmrlOBD5wPIqSu47DXiNGxGAl go6wVToO3Frf3sHFlz25p0w1UHMr5Pd8ODm9orzcwGwrY2yquZo5m2WDTdHCw55HpM0v VNbQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id z5si8012472edp.552.2021.03.08.15.38.37; Mon, 08 Mar 2021 15:39:00 -0800 (PST) Received-SPF: pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-bluetooth-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-bluetooth-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230476AbhCHXhQ (ORCPT + 99 others); Mon, 8 Mar 2021 18:37:16 -0500 Received: from mga03.intel.com ([134.134.136.65]:37274 "EHLO mga03.intel.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230460AbhCHXhQ (ORCPT ); Mon, 8 Mar 2021 18:37:16 -0500 IronPort-SDR: ZAf1uAosfqEtzI8dQGKWcmOGlA7+ywLBPzroLPW1LtsjpwTd1kcfy8gxGEYvztzxVgsWrCkubh gYqMqyi5yCBQ== X-IronPort-AV: E=McAfee;i="6000,8403,9917"; a="188174056" X-IronPort-AV: E=Sophos;i="5.81,233,1610438400"; d="scan'208";a="188174056" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Mar 2021 15:37:15 -0800 IronPort-SDR: IWgoyCzpMnSBXSjOT0n/4JqRMWy040Qc9bwc6lsd2E8tOTQdl/pkWjQg8/xTdc5ni2UuixCB/P 7alAB2KTP7vw== X-IronPort-AV: E=Sophos;i="5.81,233,1610438400"; d="scan'208";a="437664818" Received: from bgi1-mobl2.amr.corp.intel.com ([10.212.191.212]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Mar 2021 15:37:15 -0800 From: Brian Gix To: linux-bluetooth@vger.kernel.org Cc: inga.stotland@intel.com, luiz.dentz@gmail.com, Brian Gix Subject: [PATCH BlueZ] mesh: Validate OTA provision security material Date: Mon, 8 Mar 2021 15:36:53 -0800 Message-Id: <20210308233653.187406-1-brian.gix@intel.com> X-Mailer: git-send-email 2.25.4 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-bluetooth@vger.kernel.org When validating incoming security material, ensure that the data is unique to the provisioning session. --- mesh/prov-acceptor.c | 11 +++++++++++ mesh/prov-initiator.c | 10 ++++++++++ 2 files changed, 21 insertions(+) diff --git a/mesh/prov-acceptor.c b/mesh/prov-acceptor.c index a03ee1ce5..4ec6ea34a 100644 --- a/mesh/prov-acceptor.c +++ b/mesh/prov-acceptor.c @@ -203,6 +203,10 @@ static bool prov_calc_secret(const uint8_t *pub, const uint8_t *priv, static bool acp_credentials(struct mesh_prov_acceptor *prov) { + if (!memcmp(prov->conf_inputs.prv_pub_key, + prov->conf_inputs.dev_pub_key, 64)) + return false; + if (!prov_calc_secret(prov->conf_inputs.prv_pub_key, prov->private_key, prov->secret)) return false; @@ -529,6 +533,13 @@ static void acp_prov_rx(void *user_data, const uint8_t *data, uint16_t len) break; case PROV_RANDOM: /* Random Value */ + + /* Disallow matching random values */ + if (!memcmp(prov->rand_auth_workspace, data, 16)) { + fail.reason = PROV_ERR_INVALID_PDU; + goto failure; + } + /* Calculate Session key (needed later) while data is fresh */ mesh_crypto_prov_prov_salt(prov->salt, data, prov->rand_auth_workspace, diff --git a/mesh/prov-initiator.c b/mesh/prov-initiator.c index 8399282ee..4f492a49c 100644 --- a/mesh/prov-initiator.c +++ b/mesh/prov-initiator.c @@ -202,6 +202,10 @@ static bool prov_calc_secret(const uint8_t *pub, const uint8_t *priv, static bool int_credentials(struct mesh_prov_initiator *prov) { + if (!memcmp(prov->conf_inputs.prv_pub_key, + prov->conf_inputs.dev_pub_key, 64)) + return false; + if (!prov_calc_secret(prov->conf_inputs.dev_pub_key, prov->private_key, prov->secret)) return false; @@ -736,6 +740,12 @@ static void int_prov_rx(void *user_data, const uint8_t *data, uint16_t len) case PROV_RANDOM: /* Random */ prov->state = INT_PROV_RAND_ACKED; + /* Disallow matching random values */ + if (!memcmp(prov->rand_auth_workspace, data, 16)) { + fail_code[1] = PROV_ERR_INVALID_PDU; + goto failure; + } + /* RXed Device Confirmation */ calc_local_material(data); memcpy(prov->rand_auth_workspace + 16, data, 16); -- 2.25.4