From 4fe6b219b686708c10b9fa22169909f34e15b0bb Mon Sep 17 00:00:00 2001 From: Boris Zbarsky Date: Thu, 10 Nov 2022 13:03:47 +0100 Subject: [PATCH] Stop passing passcode by mutable reference to Spake2pVerifier::Generate. The generation bits never modify the passcode. Fixes https://github.com/project-chip/connectedhomeip/issues/23511 --- src/crypto/CHIPCryptoPAL.cpp | 4 ++-- src/crypto/CHIPCryptoPAL.h | 4 ++-- src/darwin/Framework/CHIP/MTRDeviceController.mm | 4 +--- 3 files changed, 5 insertions(+), 7 deletions(-) diff --git a/src/crypto/CHIPCryptoPAL.cpp b/src/crypto/CHIPCryptoPAL.cpp index 4a878eecfc5eeb..ca15a30b9cf33c 100644 --- a/src/crypto/CHIPCryptoPAL.cpp +++ b/src/crypto/CHIPCryptoPAL.cpp @@ -540,7 +540,7 @@ CHIP_ERROR Spake2pVerifier::Deserialize(const ByteSpan & inSerialized) return CHIP_NO_ERROR; } -CHIP_ERROR Spake2pVerifier::Generate(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t & setupPin) +CHIP_ERROR Spake2pVerifier::Generate(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t setupPin) { uint8_t serializedWS[kSpake2p_WS_Length * 2] = { 0 }; ReturnErrorOnFailure(ComputeWS(pbkdf2IterCount, salt, setupPin, serializedWS, sizeof(serializedWS))); @@ -572,7 +572,7 @@ CHIP_ERROR Spake2pVerifier::Generate(uint32_t pbkdf2IterCount, const ByteSpan & return err; } -CHIP_ERROR Spake2pVerifier::ComputeWS(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t & setupPin, uint8_t * ws, +CHIP_ERROR Spake2pVerifier::ComputeWS(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t setupPin, uint8_t * ws, uint32_t ws_len) { #ifdef ENABLE_HSM_PBKDF2 diff --git a/src/crypto/CHIPCryptoPAL.h b/src/crypto/CHIPCryptoPAL.h index a2b87df555d31a..b6b432c8848158 100644 --- a/src/crypto/CHIPCryptoPAL.h +++ b/src/crypto/CHIPCryptoPAL.h @@ -1351,7 +1351,7 @@ class Spake2pVerifier * * @return CHIP_ERROR The result of Spake2+ verifier generation */ - CHIP_ERROR Generate(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t & setupPin); + CHIP_ERROR Generate(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t setupPin); /** * @brief Compute the initiator values (w0, w1) used for PAKE input. @@ -1364,7 +1364,7 @@ class Spake2pVerifier * * @return CHIP_ERROR The result from running PBKDF2 */ - static CHIP_ERROR ComputeWS(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t & setupPin, uint8_t * ws, + static CHIP_ERROR ComputeWS(uint32_t pbkdf2IterCount, const ByteSpan & salt, uint32_t setupPin, uint8_t * ws, uint32_t ws_len); }; diff --git a/src/darwin/Framework/CHIP/MTRDeviceController.mm b/src/darwin/Framework/CHIP/MTRDeviceController.mm index 08e98db7af284a..33de705b8fc660 100644 --- a/src/darwin/Framework/CHIP/MTRDeviceController.mm +++ b/src/darwin/Framework/CHIP/MTRDeviceController.mm @@ -567,10 +567,8 @@ + (nullable NSData *)computePASEVerifierForSetupPasscode:(NSNumber *)setupPassco salt:(NSData *)salt error:(NSError * __autoreleasing *)error { - // Spake2pVerifier::Generate takes the passcode by non-const reference for some reason. - uint32_t unboxedSetupPasscode = [setupPasscode unsignedIntValue]; chip::Spake2pVerifier verifier; - CHIP_ERROR err = verifier.Generate([iterations unsignedIntValue], AsByteSpan(salt), unboxedSetupPasscode); + CHIP_ERROR err = verifier.Generate(iterations.unsignedIntValue, AsByteSpan(salt), setupPasscode.unsignedIntValue); if ([MTRDeviceController checkForError:err logMsg:kErrorSpake2pVerifierGenerationFailed error:error]) { return nil; }