Seich
/
HomeSpan
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fixed bug in pairing logic that would drop leading zeros when transmitting SALT 

A 16-byte SALT with a leading zero would be sent as only a 15-byte number.  The chance of this occuring is 1 in 256, which is small but still significant.  Solution is to specify required size of MPI output in loadTLV.  This forces mbedtls_mpi_write_binary() to pad with leading zeros.

Also eliminated unused code (TLV pack_old).
This commit is contained in:
Gregg 2021-02-06 16:29:55 -06:00
parent 03e43e0bbb
commit 170f972d3b
5 changed files with 8 additions and 32 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/HAP.cpp
View File

@ -451,8 +451,8 @@ int HAPClient::postPairSetupURL(){
tlv8.clear();
tlv8.val(kTLVType_State,pairState_M2); // set State=<M2>
srp.createPublicKey(); // create accessory public key from random Pair-Setup code (displayed to user)
srp.loadTLV(kTLVType_PublicKey,&srp.B); // load server public key, B
srp.loadTLV(kTLVType_Salt,&srp.s); // load salt, s
srp.loadTLV(kTLVType_PublicKey,&srp.B,384); // load server public key, B
srp.loadTLV(kTLVType_Salt,&srp.s,16); // load salt, s
tlvRespond(); // send response to client
pairStatus=pairState_M3; // set next expected pair-state request from client
@ -489,7 +489,7 @@ int HAPClient::postPairSetupURL(){
srp.createProof(); // M1 has been successully verified; now create accessory proof M2
tlv8.clear(); // clear TLV records
tlv8.val(kTLVType_State,pairState_M4); // set State=<M4>
srp.loadTLV(kTLVType_Proof,&srp.M2); // load M2 counter-proof
srp.loadTLV(kTLVType_Proof,&srp.M2,64); // load M2 counter-proof
tlvRespond(); // send response to client
pairStatus=pairState_M5; // set next expected pair-state request from client

3
src/SRP.cpp
View File

@ -238,9 +238,8 @@ void SRP6A::createProof(){
//////////////////////////////////////
int SRP6A::loadTLV(kTLVType tag, mbedtls_mpi *mpi){
int SRP6A::loadTLV(kTLVType tag, mbedtls_mpi *mpi, int nBytes){
int nBytes=mbedtls_mpi_size(mpi);
uint8_t *buf=HAPClient::tlv8.buf(tag,nBytes);
if(!buf)

5
src/SRP.h
View File

@ -81,8 +81,9 @@ struct SRP6A {
void createPublicKey(); // computes x, v, and B from random s, P, and b
void createSessionKey(); // computes u from A and B, and then S from A, v, u, and b
int loadTLV(kTLVType tag, mbedtls_mpi *mpi); // load binary contents of mpi into a TLV record and set its length
int writeTLV(kTLVType tag, mbedtls_mpi *mpi); // write binary contents of a TLV record into an mpi
int loadTLV(kTLVType tag, mbedtls_mpi *mpi, int nBytes); // load binary contents of mpi into a TLV record and set its length
int writeTLV(kTLVType tag, mbedtls_mpi *mpi); // write binary contents of a TLV record into an mpi
int verifyProof(); // verify M1 SRP6A Proof received from HAP client (return 1 on success, 0 on failure)
void createProof(); // create M2 server-side SRP6A Proof based on M1 as received from HAP Client

24
src/TLV.h
View File

@ -215,30 +215,6 @@ void TLV<tagType, maxTags>::print(){
} // loop over all TLVs
}
//////////////////////////////////////
// TLV pack_old(buf)
template<class tagType, int maxTags>
int TLV<tagType, maxTags>::pack_old(uint8_t *buf){
int n=0;
for(int i=0;i<numTags;i++){
if(tlv[i].len>0){
*buf++=tlv[i].tag;
*buf++=tlv[i].len;
memcpy(buf,tlv[i].val,tlv[i].len);
buf+=tlv[i].len;
n+=tlv[i].len+2;
} // len>0
} // loop over all TLVs
return(n);
}
//////////////////////////////////////
// TLV pack(tlvBuf)

2
src/src.ino
View File

@ -8,7 +8,7 @@ void setup() {
Serial.begin(115200);
homeSpan.setLogLevel(1);
homeSpan.setLogLevel(2);
homeSpan.setHostNameSuffix("");
homeSpan.setPortNum(1200);