Bluetooth: Add check for accidentally generating a debug key

It is very unlikely, but to have a 100% guarantee of the generated key
type we need to reject any keys which happen to match the debug key.

Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Signed-off-by: Marcel Holtmann <marcel@holtmann.org>

diff --git a/net/bluetooth/smp.c b/net/bluetooth/smp.c
index ddc76cf45cfbd9ebd22c2decd5d654f92cfbbcc2..63d5ba7774e06baf053bdf7b93dba566a75d2f59 100644 (file)
--- a/net/bluetooth/smp.c
+++ b/net/bluetooth/smp.c
@@ -1399,9 +1399,17 @@ static u8 sc_send_public_key(struct smp_chan *smp)
 {
        BT_DBG("");
 
-       /* Generate local key pair for Secure Connections */
-       if (!ecc_make_key(smp->local_pk, smp->local_sk))
-               return SMP_UNSPECIFIED;
+       while (true) {
+               /* Generate local key pair for Secure Connections */
+               if (!ecc_make_key(smp->local_pk, smp->local_sk))
+                       return SMP_UNSPECIFIED;
+
+               /* This is unlikely, but we need to check that we didn't
+                * accidentially generate a debug key.
+                */
+               if (memcmp(smp->local_sk, debug_sk, 32))
+                       break;
+       }
 
        BT_DBG("Local Public Key X: %32phN", smp->local_pk);
        BT_DBG("Local Public Key Y: %32phN", &smp->local_pk[32]);