From 7f077258400ce081c6eff6dd99c78e64ffee3927 Mon Sep 17 00:00:00 2001 From: Kevin Hester Date: Fri, 29 Jan 2021 10:15:48 +0800 Subject: [PATCH] make improperly sized AES128/256 keys non fatal, instead pad with zeros Fixes rebooting the board if someone specifies an invalid key --- src/mesh/NodeDB.cpp | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/src/mesh/NodeDB.cpp b/src/mesh/NodeDB.cpp index 42ce71ea7..ea79e6ccb 100644 --- a/src/mesh/NodeDB.cpp +++ b/src/mesh/NodeDB.cpp @@ -180,10 +180,14 @@ bool NodeDB::resetRadioConfig() channelSettings.psk.size = 1; } - // Convert the short single byte variants of psk into variant that can be used more generally + memset(activePSK, 0, sizeof(activePSK)); // In case the user provided a short key, we want to pad the rest with zeros memcpy(activePSK, channelSettings.psk.bytes, channelSettings.psk.size); activePSKSize = channelSettings.psk.size; - if (activePSKSize == 1) { + if(activePSKSize == 0) + DEBUG_MSG("Warning: User disabled encryption\n"); + else if (activePSKSize == 1) { + // Convert the short single byte variants of psk into variant that can be used more generally + uint8_t pskIndex = activePSK[0]; DEBUG_MSG("Expanding short PSK #%d\n", pskIndex); if (pskIndex == 0) @@ -195,6 +199,16 @@ bool NodeDB::resetRadioConfig() uint8_t *last = activePSK + sizeof(defaultpsk) - 1; *last = *last + pskIndex - 1; // index of 1 means no change vs defaultPSK } + } else if(activePSKSize < 16) { + // Error! The user specified only the first few bits of an AES128 key. So by convention we just pad the rest of the key + // with zeros + DEBUG_MSG("Warning: User provided a too short AES128 key - padding\n"); + activePSKSize = 16; + } else if(activePSKSize < 32 && activePSKSize != 16) { + // Error! The user specified only the first few bits of an AES256 key. So by convention we just pad the rest of the key + // with zeros + DEBUG_MSG("Warning: User provided a too short AES256 key - padding\n"); + activePSKSize = 32; } // Tell our crypto engine about the psk