diff --git a/src/HAP.cpp b/src/HAP.cpp index d51d01e..caa5824 100644 --- a/src/HAP.cpp +++ b/src/HAP.cpp @@ -404,24 +404,22 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ case pairState_M3:{ // 'SRP Verify Request' - responseTLV.add(kTLVType_State,pairState_M4); // set State= + responseTLV.add(kTLVType_State,pairState_M4); // set State= auto itPublicKey=iosTLV.find(kTLVType_PublicKey); auto itClientProof=iosTLV.find(kTLVType_Proof); - if(iosTLV.len(itPublicKey)<=0 || iosTLV.len(itClientProof)<=0){ + if(iosTLV.len(itPublicKey)<=0 || iosTLV.len(itClientProof)!=64){ LOG0("\n*** ERROR: One or both of the required 'PublicKey' and 'Proof' TLV records for this step is bad or missing\n\n"); responseTLV.add(kTLVType_Error,tagError_Unknown); // set Error=Unknown (there is no specific error type for missing/bad TLV data) tlvRespond(responseTLV); // send response to client pairStatus=pairState_M1; // reset pairStatus to first step of unpaired return(0); }; - -// mbedtls_mpi_read_binary(&srp->M1,*itClientProof,(*itClientProof).len); // load client Proof TLV into M1 srp->createSessionKey(*itPublicKey,(*itPublicKey).len); // create session key, K, from client Public Key, A - if(!srp->verifyClientProof(*itClientProof,(*itClientProof).len)){ // verify client Proof, M1 + if(!srp->verifyClientProof(*itClientProof)){ // verify client Proof, M1 LOG0("\n*** ERROR: SRP Proof Verification Failed\n\n"); responseTLV.add(kTLVType_Error,tagError_Authentication); // set Error=Authentication tlvRespond(responseTLV); // send response to client @@ -431,8 +429,7 @@ int HAPClient::postPairSetupURL(uint8_t *content, size_t len){ auto itAccProof=responseTLV.add(kTLVType_Proof,64,NULL); // create blank accessory Proof TLV with space for 64 bytes - srp->createProof(); // M1 has been successully verified; now create accessory proof M2 - mbedtls_mpi_write_binary(&srp->M2,*itAccProof,(*itAccProof).len); // load accessory Proof, M2, into TLV + srp->createAccProof(*itAccProof); // M1 has been successully verified; now create accessory Proof M2 tlvRespond(responseTLV); // send response to client pairStatus=pairState_M5; // set next expected pair-state request from client return(1); diff --git a/src/SRP.cpp b/src/SRP.cpp index 2d7597f..f58a212 100644 --- a/src/SRP.cpp +++ b/src/SRP.cpp @@ -194,12 +194,12 @@ void SRP6A::createSessionKey(const uint8_t *publicKey, size_t len){ ////////////////////////////////////// -int SRP6A::verifyClientProof(const uint8_t *proof, size_t len){ +int SRP6A::verifyClientProof(const uint8_t *proof){ TempBuffer tBuf(976); // temporary buffer for staging TempBuffer tHash(64); // temporary buffer for storing SHA-512 results - mbedtls_mpi_read_binary(&M1,proof,len); // load client Proof into M1 + mbedtls_mpi_read_binary(&M1,proof,64); // load client Proof into M1 size_t count=0; // total number of bytes for final hash size_t sLen; @@ -241,7 +241,7 @@ int SRP6A::verifyClientProof(const uint8_t *proof, size_t len){ ////////////////////////////////////// -void SRP6A::createProof(){ +void SRP6A::createAccProof(uint8_t *proof){ uint8_t tBuf[512]; // temporary buffer for staging @@ -252,6 +252,8 @@ void SRP6A::createProof(){ mbedtls_mpi_write_binary(&K,tBuf+448,64); // concatenate K to staging buffer mbedtls_sha512_ret(tBuf,512,tBuf,0); // create hash of data mbedtls_mpi_read_binary(&M2,tBuf,64); // load hash results into mpi structure M2 + + mbedtls_mpi_write_binary(&M2,proof,64); // write M2 into proof } diff --git a/src/SRP.h b/src/SRP.h index 7e5f0ec..4ac73dc 100644 --- a/src/SRP.h +++ b/src/SRP.h @@ -106,11 +106,11 @@ struct SRP6A { void *operator new(size_t size){return(HS_MALLOC(size));} // override new operator to use PSRAM when available - void createVerifyCode(const char *setupCode, Verification *vData); // generates random s and computes v; writes back resulting verification data - void createPublicKey(const Verification *vData, uint8_t *publicKey); // generates random b and computes k and B; writes back resulting accessory public key - void createSessionKey(const uint8_t *publicKey, size_t len); // computes u, S, and K from controller public key, A - int verifyClientProof(const uint8_t *proof, size_t len); // verify M1 SRP6A Proof received from HAP client (return 1 on success, 0 on failure) - void createProof(); // create M2 server-side SRP6A Proof based on M1 as received from HAP Client + void createVerifyCode(const char *setupCode, Verification *vData); // generates random s and computes v; writes back resulting Verification Data + void createPublicKey(const Verification *vData, uint8_t *publicKey); // generates random b and computes k and B; writes back resulting Accessory Public Key + void createSessionKey(const uint8_t *publicKey, size_t len); // computes u, S, and K from Client Public Key, A (of variable length) + int verifyClientProof(const uint8_t *proof); // verifies Client Proof, M1, received from HAP client (return 1 on success, 0 on failure) + void createAccProof(uint8_t *proof); // computes M2; write back resulting Accessory Proof void print(mbedtls_mpi *mpi); // prints size of mpi (in bytes), followed by the mpi itself (as a hex character string)