multiprecision_mersenns_mult_mod(q->y, q->y, q->z, keyLength);
}
-
+bool ECC_ValidatePoint(const Point* pt) {
+ const size_t kl = KEY_LENGTH_DWORDS_P256;
+ p_256_init_curve(kl);
+
+ // Ensure y^2 = x^3 + a*x + b (mod p); a = -3
+
+ // y^2 mod p
+ DWORD y2_mod[kl];
+ memset(y2_mod, 0, sizeof(y2_mod));
+ multiprecision_mersenns_squa_mod(y2_mod, (DWORD*)pt->y, kl);
+
+ // Right hand side calculation
+ DWORD rhs[kl];
+ memset(rhs, 0, sizeof(rhs));
+ multiprecision_mersenns_squa_mod(rhs, (DWORD*)pt->x, kl);
+ DWORD three[kl];
+ memset(three, 0, sizeof(three));
+ three[0] = 3;
+ multiprecision_sub_mod(rhs, rhs, three, kl);
+ multiprecision_mersenns_mult_mod(rhs, rhs, (DWORD*)pt->x, kl);
+ multiprecision_add_mod(rhs, rhs, curve_p256.b, kl);
+
+ return multiprecision_compare(rhs, y2_mod, kl) == 0;
+}
#pragma once
+#include <stdbool.h>
#include "p_256_multprecision.h"
typedef unsigned long DWORD;
extern elliptic_curve_t curve;
extern elliptic_curve_t curve_p256;
+bool ECC_ValidatePoint(const Point* p);
+
void ECC_PointMult_Bin_NAF(Point *q, Point *p, DWORD *n, uint32_t keyLength);
#define ECC_PointMult(q, p, n, keyLength) ECC_PointMult_Bin_NAF(q, p, n, keyLength)
*
******************************************************************************/
+#include <log/log.h>
#include <string.h>
#include "device/include/interop.h"
#include "include/bt_target.h"
#include "stack/btm/btm_int.h"
#include "stack/include/l2c_api.h"
+#include "stack/smp/p_256_ecc_pp.h"
#include "stack/smp/smp_int.h"
#include "utils/include/bt_utils.h"
STREAM_TO_ARRAY(p_cb->peer_publ_key.x, p, BT_OCTET32_LEN);
STREAM_TO_ARRAY(p_cb->peer_publ_key.y, p, BT_OCTET32_LEN);
+
+ Point pt;
+ memcpy(pt.x, p_cb->peer_publ_key.x, BT_OCTET32_LEN);
+ memcpy(pt.y, p_cb->peer_publ_key.y, BT_OCTET32_LEN);
+
+ if (!ECC_ValidatePoint(&pt)) {
+ android_errorWriteLog(0x534e4554, "72377774");
+ smp_sm_event(p_cb, SMP_AUTH_CMPL_EVT, &reason);
+ return;
+ }
+
p_cb->flags |= SMP_PAIR_FLAG_HAVE_PEER_PUBL_KEY;
smp_wait_for_both_public_keys(p_cb, NULL);