linux-bluetooth.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [PATCH BlueZ v2] mesh: Fix decryption when on more than one Network
@ 2019-04-15 21:16 Brian Gix
  2019-04-16 17:14 ` Gix, Brian
  0 siblings, 1 reply; 2+ messages in thread
From: Brian Gix @ 2019-04-15 21:16 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: inga.stotland, brian.gix

Multiple networks use different IV Index's, so we should only use
decryption cache after successful decoding.
---
 mesh/net-keys.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/mesh/net-keys.c b/mesh/net-keys.c
index 84e3982f5..4f85d5e52 100644
--- a/mesh/net-keys.c
+++ b/mesh/net-keys.c
@@ -216,8 +216,14 @@ uint32_t net_key_decrypt(uint32_t iv_index, const uint8_t *pkt, size_t len,
 	if (iv_pkt != iv_flag)
 		iv_index--;
 
-	if (cache_len == len && memcmp(pkt, cache_pkt, len) == 0)
+	/* If we already successfully decrypted this packet, use cached data */
+	if (cache_id && cache_len == len && !memcmp(pkt, cache_pkt, len)) {
+		/* IV Index must match what was used to decrypt */
+		if (cache_iv_index != iv_index)
+			return 0;
+
 		goto done;
+	}
 
 	cache_id = 0;
 	memcpy(cache_pkt, pkt, len);
@@ -228,9 +234,6 @@ uint32_t net_key_decrypt(uint32_t iv_index, const uint8_t *pkt, size_t len,
 	l_queue_foreach(keys, decrypt_net_pkt, NULL);
 
 done:
-	if (cache_iv_index != iv_index)
-		return 0;
-
 	if (cache_id) {
 		*plain = cache_plain;
 		*plain_len = cache_plainlen;
-- 
2.14.5


^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [PATCH BlueZ v2] mesh: Fix decryption when on more than one Network
  2019-04-15 21:16 [PATCH BlueZ v2] mesh: Fix decryption when on more than one Network Brian Gix
@ 2019-04-16 17:14 ` Gix, Brian
  0 siblings, 0 replies; 2+ messages in thread
From: Gix, Brian @ 2019-04-16 17:14 UTC (permalink / raw)
  To: linux-bluetooth; +Cc: Stotland, Inga

[-- Attachment #1: Type: text/plain, Size: 1305 bytes --]

Patch Applied

On Mon, 2019-04-15 at 14:16 -0700, Brian Gix wrote:
> Multiple networks use different IV Index's, so we should only use
> decryption cache after successful decoding.
> ---
>  mesh/net-keys.c | 11 +++++++----
>  1 file changed, 7 insertions(+), 4 deletions(-)
> 
> diff --git a/mesh/net-keys.c b/mesh/net-keys.c
> index 84e3982f5..4f85d5e52 100644
> --- a/mesh/net-keys.c
> +++ b/mesh/net-keys.c
> @@ -216,8 +216,14 @@ uint32_t net_key_decrypt(uint32_t iv_index,
> const uint8_t *pkt, size_t len,
>  	if (iv_pkt != iv_flag)
>  		iv_index--;
>  
> -	if (cache_len == len && memcmp(pkt, cache_pkt, len) == 0)
> +	/* If we already successfully decrypted this packet, use cached
> data */
> +	if (cache_id && cache_len == len && !memcmp(pkt, cache_pkt,
> len)) {
> +		/* IV Index must match what was used to decrypt */
> +		if (cache_iv_index != iv_index)
> +			return 0;
> +
>  		goto done;
> +	}
>  
>  	cache_id = 0;
>  	memcpy(cache_pkt, pkt, len);
> @@ -228,9 +234,6 @@ uint32_t net_key_decrypt(uint32_t iv_index, const
> uint8_t *pkt, size_t len,
>  	l_queue_foreach(keys, decrypt_net_pkt, NULL);
>  
>  done:
> -	if (cache_iv_index != iv_index)
> -		return 0;
> -
>  	if (cache_id) {
>  		*plain = cache_plain;
>  		*plain_len = cache_plainlen;

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3250 bytes --]

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-04-16 17:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-04-15 21:16 [PATCH BlueZ v2] mesh: Fix decryption when on more than one Network Brian Gix
2019-04-16 17:14 ` Gix, Brian

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).