Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit dfa0c4b1 authored by Jakub Pawlowski's avatar Jakub Pawlowski
Browse files

Fix issue around Encryption during Pairing 

* ECC_PointMult erases private key argument, pass copy instead of
original value.
* Specify Z parameter for ECC Points

This fixes issues where LE Secure connection pairing between old and new
stack was failing due to DHKey mismatch

Test: manual pairing between phone running new and old stack
Bug: 147086339
Change-Id: Ied3404c2eb2ca55b717042ea099e1aefed1c3e8d
parent ef23cf92

system/gd/security/ecc/p_256_ecc_pp.h

+2 −1
Original line number Diff line number Diff line
@@ -60,7 +60,8 @@ static constexpr elliptic_curve_t curve_p256{ 
    .omega = {0},



    .G = {.x = {0xd898c296, 0xf4a13945, 0x2deb33a0, 0x77037d81, 0x63a440f2, 0xf8bce6e5, 0xe12c4247, 0x6b17d1f2},

          .y = {0x37bf51f5, 0xcbb64068, 0x6b315ece, 0x2bce3357, 0x7c0f9e16, 0x8ee7eb4a, 0xfe1a7f9b, 0x4fe342e2}},

          .y = {0x37bf51f5, 0xcbb64068, 0x6b315ece, 0x2bce3357, 0x7c0f9e16, 0x8ee7eb4a, 0xfe1a7f9b, 0x4fe342e2},

          .z = {0x00000001, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000, 0x00000000}},

};



/* This function checks that point is on the elliptic curve*/

system/gd/security/ecdh_keys.cc

+5 −1
Original line number Diff line number Diff line
@@ -45,9 +45,10 @@ namespace security { 


std::pair<std::array<uint8_t, 32>, EcdhPublicKey> GenerateECDHKeyPair() {

  std::array<uint8_t, 32> private_key = GenerateRandom<32>();

  std::array<uint8_t, 32> private_key_copy = private_key;

  ecc::Point public_key;



  ECC_PointMult(&public_key, &(ecc::curve_p256.G), (uint32_t*)private_key.data());

  ECC_PointMult(&public_key, &(ecc::curve_p256.G), (uint32_t*)private_key_copy.data());



  EcdhPublicKey pk;

  memcpy(pk.x.data(), public_key.x, 32);
@@ -71,6 +72,9 @@ std::array<uint8_t, 32> ComputeDHKey(std::array<uint8_t, 32> my_private_key, Ecd 
  memcpy(private_key, my_private_key.data(), 32);

  memcpy(peer_publ_key.x, remote_public_key.x.data(), 32);

  memcpy(peer_publ_key.y, remote_public_key.y.data(), 32);

  memset(peer_publ_key.z, 0, 32);

  peer_publ_key.z[0] = 1;



  ECC_PointMult(&new_publ_key, &peer_publ_key, (uint32_t*)private_key);



  std::array<uint8_t, 32> dhkey;