@@ -75,6 +75,8 @@ struct af_alg_iv {
/* Maximum message length that can be passed to aes_cmac */
#define CMAC_MSG_MAX 80
+#define ATT_SIGN_LEN 12
+
struct bt_crypto {
int ref_count;
int ecb_aes;
@@ -265,7 +267,8 @@ static inline void swap_buf(const uint8_t *src, uint8_t *dst, uint16_t len)
bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16],
const uint8_t *m, uint16_t m_len,
- uint32_t sign_cnt, uint8_t signature[12])
+ uint32_t sign_cnt,
+ uint8_t signature[ATT_SIGN_LEN])
{
int fd;
int len;
@@ -319,10 +322,31 @@ bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16],
* 12 octets
*/
swap_buf(out, tmp, 16);
- memcpy(signature, tmp + 4, 12);
+ memcpy(signature, tmp + 4, ATT_SIGN_LEN);
return true;
}
+
+bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16],
+ const uint8_t *pdu, uint16_t pdu_len)
+{
+ uint8_t generated_sign[ATT_SIGN_LEN];
+ const uint8_t *sign;
+ uint32_t sign_cnt;
+
+ if (pdu_len < ATT_SIGN_LEN)
+ return false;
+
+ sign = pdu + pdu_len - ATT_SIGN_LEN;
+ sign_cnt = get_le32(sign);
+
+ if (!bt_crypto_sign_att(crypto, key, pdu, pdu_len - ATT_SIGN_LEN,
+ sign_cnt, generated_sign))
+ return false;
+
+ return memcmp(generated_sign, sign, ATT_SIGN_LEN) == 0;
+}
+
/*
* Security function e
*
@@ -62,5 +62,7 @@ bool bt_crypto_h6(struct bt_crypto *crypto, const uint8_t w[16],
bool bt_crypto_sign_att(struct bt_crypto *crypto, const uint8_t key[16],
const uint8_t *m, uint16_t m_len,
uint32_t sign_cnt, uint8_t signature[12]);
+bool bt_crypto_verify_att_sign(struct bt_crypto *crypto, const uint8_t key[16],
+ const uint8_t *pdu, uint16_t pdu_len);
bool bt_crypto_gatt_hash(struct bt_crypto *crypto, struct iovec *iov,
size_t iov_len, uint8_t res[16]);
From: Archie Pusaka <apusaka@chromium.org> This is used to verify the signature of incoming ATT packets. --- Changes in v4: None Changes in v3: - Add check for the case where pdu_len < ATT_SIGN_LEN Changes in v2: None src/shared/crypto.c | 28 ++++++++++++++++++++++++++-- src/shared/crypto.h | 2 ++ 2 files changed, 28 insertions(+), 2 deletions(-)