|
|
@@ -764,8 +764,7 @@ void smp_process_pairing_public_key(tSMP_CB *p_cb, tSMP_INT_DATA *p_data)
|
|
|
/* Check if the peer device's and own public key are not same. If they are same then
|
|
|
* return pairing fail. This check is needed to avoid 'Impersonation in Passkey entry
|
|
|
* protocol' vulnerability (CVE-2020-26558).*/
|
|
|
- if ((memcmp(p_cb->loc_publ_key.x, p_cb->peer_publ_key.x, sizeof(BT_OCTET32)) == 0) &&
|
|
|
- (memcmp(p_cb->loc_publ_key.y, p_cb->peer_publ_key.y, sizeof(BT_OCTET32)) == 0)) {
|
|
|
+ if ((memcmp(p_cb->loc_publ_key.x, p_cb->peer_publ_key.x, sizeof(BT_OCTET32)) == 0)) {
|
|
|
p_cb->status = SMP_PAIR_AUTH_FAIL;
|
|
|
p_cb->failure = SMP_PAIR_AUTH_FAIL;
|
|
|
reason = SMP_PAIR_AUTH_FAIL;
|
Island