diff mbox series

[1/1] mesh: Validate Provisioning Start PDU values

Message ID 1585078044-14974-10-git-send-email-prathyusha.n@samsung.com (mailing list archive)
State Superseded
Delegated to: Brian Gix
Headers show
Series [1/1] mesh: Validate Provisioning Start PDU values | expand

Commit Message

Prathyusha Nelluri March 24, 2020, 7:27 p.m. UTC
From: Prathyusha N <prathyusha.n@samsung.com>

Check for inconsistent Authentication method versus Authentication
Action and Authentication Size fields before proceeding for
exchanging public keys. Check for Public Key OOB in Capabilities
and Start PDU.
---
 mesh/prov-acceptor.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
diff mbox series

Patch

diff --git a/mesh/prov-acceptor.c b/mesh/prov-acceptor.c
index 03972c227..d0ae77322 100644
--- a/mesh/prov-acceptor.c
+++ b/mesh/prov-acceptor.c
@@ -393,6 +393,21 @@  static void acp_prov_rx(void *user_data, const uint8_t *data, uint16_t len)
 			goto failure;
 		}
 
+		if (prov->conf_inputs.start.auth_method < 2 &&
+				(prov->conf_inputs.start.auth_action ||
+					prov->conf_inputs.start.auth_size)) {
+			l_debug("inconsistent auth method and action");
+			fail.reason = PROV_ERR_INVALID_FORMAT;
+			goto failure;
+		}
+
+		if (prov->conf_inputs.caps.pub_type !=
+				prov->conf_inputs.start.pub_key) {
+			l_debug("inconsistent pubkey type");
+			fail.reason = PROV_ERR_INVALID_FORMAT;
+			goto failure;
+		}
+
 		if (prov->conf_inputs.start.pub_key) {
 			if (prov->conf_inputs.caps.pub_type) {
 				/* Prompt Agent for Private Key of OOB */