Fix hard-coded credentials for challenge-response authentication on uru4000 driver
We need to fix hard-coded symmetric-key for challenge-response authentication on uru4000 driver.
The driver uses a symmetric-key technique to encrypt the challenge data using AES encryption algorithm for authentication.
Here, the driver creates risk by exposing a hard-coded secret key as follows:
/* For 2nd generation MS devices */
static const unsigned char crkey[] = {
0x79, 0xac, 0x91, 0x79, 0x5c, 0xa1, 0x47, 0x8e,
0x98, 0xe0, 0x0f, 0x3c, 0x59, 0x8f, 0x5f, 0x4b,
};
We also need a symmetric-key distribution technique, as others do.