From 26304dcc445016e00fd497e8d5e8c68979759eab Mon Sep 17 00:00:00 2001 From: Lukasz Rymanowski Date: Thu, 29 May 2014 15:49:36 +0200 Subject: [PATCH] android/gatt: Fix handling signed write command from remote As per spec (BT spec 4.1 Vol[3], Part F, chapter 3.4.5.4) message which should be taken to generate signature is opcode, handle and parameters --- android/gatt.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/android/gatt.c b/android/gatt.c index d11298fd9..e9d80934d 100644 --- a/android/gatt.c +++ b/android/gatt.c @@ -5075,8 +5075,9 @@ static void write_signed_cmd_request(const uint8_t *cmd, uint16_t cmd_len, } /* Generate signature and verify it */ - if (!bt_crypto_sign_att(crypto, csrk, value, vlen, sign_cnt, - t)) { + if (!bt_crypto_sign_att(crypto, csrk, cmd, + cmd_len - ATT_SIGNATURE_LEN, + sign_cnt, t)) { error("gatt: Error when generating att signature"); return; } -- 2.47.3