From 09bd512da84dadf7f76facdb1d0d4871f233d04e Mon Sep 17 00:00:00 2001 From: Nic Costa Date: Tue, 8 Jan 2019 12:26:30 -0600 Subject: [PATCH] Fix parameters provided to oob generator function The function in the Nordic SDK for generating OOB data, sd_ble_gap_lesc_oob_data_get, requires local LE Secure Connection P256 Public Keys in {X,Y} format, but was being supplied with the local secret key. This caused the generated OOB data to fail to correspond to the Public Keys, which caused a mismatch during the OOB pairing phase of the OOB confirmation value by a remote peer when attempting to verify the OOB data against the Public Keys, ultimately causing the OOB pairing request to fail with a Confirm Value Failed (0x04) error. --- .../TARGET_NRF52/source/nRF5xPalSecurityManager.cpp | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp index a1d6b1e7e9..61c26d3688 100644 --- a/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp +++ b/features/FEATURE_BLE/targets/TARGET_NORDIC/TARGET_NORDIC_SOFTDEVICE/TARGET_NRF52/source/nRF5xPalSecurityManager.cpp @@ -15,6 +15,7 @@ */ #include +#include "platform/mbed_assert.h" #include "nRF5xPalSecurityManager.h" #include "nRF5xn.h" #include "ble/Gap.h" @@ -734,7 +735,9 @@ ble_error_t nRF5xSecurityManager::generate_secure_connections_oob() ble_gap_lesc_p256_pk_t own_secret; ble_gap_lesc_oob_data_t oob_data; - memcpy(own_secret.pk, secret.data(), secret.size()); + MBED_ASSERT(sizeof(own_secret.pk) >= X.size() + Y.size()); + memcpy(own_secret.pk, X.data(), X.size()); + memcpy(own_secret.pk + X.size(), Y.data(), Y.size()); uint32_t err = sd_ble_gap_lesc_oob_data_get( BLE_CONN_HANDLE_INVALID,