Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e423dbbf authored by Jakub Pawlowski's avatar Jakub Pawlowski
Browse files

LE Legacy Pairing fixes

This patch fixes issues found during tests against real devices

Test: Pair with android TV remote, security key
Bug: 142341141
Change-Id: I2fb15c97f4e60710fa986762576211e4048d5271
parent cf78b637
Loading
Loading
Loading
Loading
+6 −6
Original line number Diff line number Diff line
@@ -161,14 +161,14 @@ Octet16 link_key_to_ltk(const Octet16& link_key, bool use_h7) {
  return h6(iltk, keyID_brle);
}

Octet16 c1(const Octet16& k, const Octet16& r, const uint8_t* pres, const uint8_t* preq, const uint8_t iat,
Octet16 c1(const Octet16& k, const Octet16& r, const uint8_t* preq, const uint8_t* pres, const uint8_t iat,
           const uint8_t* ia, const uint8_t rat, const uint8_t* ra) {
  Octet16 p1;
  auto it = p1.begin();
  it = std::copy(pres, pres + 7, it);
  it = std::copy(preq, preq + 7, it);
  it = std::copy(&rat, &rat + 1, it);
  it = std::copy(&iat, &iat + 1, it);
  it = std::copy(&rat, &rat + 1, it);
  it = std::copy(preq, preq + 7, it);
  it = std::copy(pres, pres + 7, it);

  for (uint8_t i = 0; i < OCTET16_LEN; i++) {
    p1[i] = r[i] ^ p1[i];
@@ -179,9 +179,9 @@ Octet16 c1(const Octet16& k, const Octet16& r, const uint8_t* pres, const uint8_
  std::array<uint8_t, 4> padding{0};
  Octet16 p2;
  it = p2.begin();
  it = std::copy(padding.begin(), padding.end(), it);
  it = std::copy(ia, ia + 6, it);
  it = std::copy(ra, ra + 6, it);
  it = std::copy(ia, ia + 6, it);
  it = std::copy(padding.begin(), padding.end(), it);

  for (uint8_t i = 0; i < OCTET16_LEN; i++) {
    p2[i] = p1bis[i] ^ p2[i];
+6 −21
Original line number Diff line number Diff line
@@ -124,17 +124,16 @@ StkOrFailure PairingHandlerLe::DoLegacyStage2(const InitialInformations& i, cons

    // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
    // LOG(INFO) << +(IAmMaster(i)) << " mrand = " << base::HexEncode(mrand.data(), mrand.size());
    // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
    // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
    // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;
    // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
    // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());

    Octet16 mconfirm = crypto_toolbox::c1(
        tk, mrand, preq.data(), pres.data(), (uint8_t)i.my_connection_address.GetAddressType(),
        i.my_connection_address.GetAddress().address, (uint8_t)i.remote_connection_address.GetAddressType(),
        i.remote_connection_address.GetAddress().address);

    // LOG(INFO) << +(IAmMaster(i)) << " mconfirm = " << base::HexEncode(mconfirm.data(), mconfirm.size());

    LOG_INFO("Master sends Mconfirm");
    SendL2capPacket(i, PairingConfirmBuilder::Create(mconfirm));

@@ -155,14 +154,8 @@ StkOrFailure PairingHandlerLe::DoLegacyStage2(const InitialInformations& i, cons
    }
    srand = std::get<PairingRandomView>(random_pkt).GetRandomValue();

    // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
    // LOG(INFO) << +(IAmMaster(i)) << " srand = " << base::HexEncode(srand.data(), srand.size());
    // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
    // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
    // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
    // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;

    Octet16 sconfirm_generated = crypto_toolbox::c1(
        tk, srand, preq.data(), pres.data(), (uint8_t)i.my_connection_address.GetAddressType(),
        i.my_connection_address.GetAddress().address, (uint8_t)i.remote_connection_address.GetAddressType(),
@@ -202,14 +195,6 @@ StkOrFailure PairingHandlerLe::DoLegacyStage2(const InitialInformations& i, cons
    }
    mrand = std::get<PairingRandomView>(random_pkt).GetRandomValue();

    // LOG(INFO) << +(IAmMaster(i)) << " tk = " << base::HexEncode(tk.data(), tk.size());
    // LOG(INFO) << +(IAmMaster(i)) << " mrand = " << base::HexEncode(mrand.data(), mrand.size());
    // LOG(INFO) << +(IAmMaster(i)) << " preq = " << base::HexEncode(preq.data(), preq.size());
    // LOG(INFO) << +(IAmMaster(i)) << " pres = " << base::HexEncode(pres.data(), pres.size());
    // LOG(INFO) << +(IAmMaster(i)) << " i.my_connection_address_type = " << +i.my_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.my_connection_address.address = " << i.my_connection_address;
    // LOG(INFO) << +(IAmMaster(i)) << " i.remote_connection_address_type = " << +i.remote_connection_address_type;
    // LOG(INFO) << +(IAmMaster(i)) << " i.i.remote_connection_address.address = " << i.remote_connection_address;
    Octet16 mconfirm_generated = crypto_toolbox::c1(
        tk, mrand, preq.data(), pres.data(), (uint8_t)i.remote_connection_address.GetAddressType(),
        i.remote_connection_address.GetAddress().address, (uint8_t)i.my_connection_address.GetAddressType(),
@@ -228,7 +213,7 @@ StkOrFailure PairingHandlerLe::DoLegacyStage2(const InitialInformations& i, cons
  LOG_INFO("Legacy stage 2 finish");

  /* STK */
  return crypto_toolbox::s1(tk, srand, mrand);
  return crypto_toolbox::s1(tk, mrand, srand);
}
}  // namespace security
}  // namespace bluetooth
 No newline at end of file