Skip to content
Permalink
Browse files

Bluetooth: Add BT_SMP_ENFORCE_MITM option

Having this option disabled, MITM flag state can be controlled by
bt_conn_security state. This option is enabled by default to not
change the current implementation behavior.
Related to SM/MAS/SCPK/BV-01-C.

Fixes #17463

Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
  • Loading branch information...
MariuszSkamra authored and jhedberg committed Jul 10, 2019
1 parent 6bdb1b8 commit 74dbd835c36a4e3cb036d4ca5a2532f8f3aec093
Showing with 15 additions and 5 deletions.
  1. +8 −0 subsys/bluetooth/host/Kconfig
  2. +7 −5 subsys/bluetooth/host/smp.c
@@ -287,6 +287,14 @@ config BT_BONDABLE
Bonding flag in AuthReq of SMP Pairing Request/Response will be set
indicating the support for this mode.

config BT_SMP_ENFORCE_MITM
bool "Enforce MITM protection"
default y
help
With this option enabled, the Security Manager will set MITM option in
the Authentication Requirements Flags whenever local IO Capabilities
allow the generated key to be authenticated.

config BT_OOB_DATA_FIXED
bool "Use a fixed random number for LESC OOB pairing"
depends on BT_TESTING
@@ -2306,15 +2306,17 @@ void bt_set_oob_data_flag(bool enable)
oobd_present = enable;
}

static u8_t get_auth(u8_t auth)
static u8_t get_auth(struct bt_conn *conn, u8_t auth)
{
if (sc_supported) {
auth &= BT_SMP_AUTH_MASK_SC;
} else {
auth &= BT_SMP_AUTH_MASK;
}

if (get_io_capa() == BT_SMP_IO_NO_INPUT_OUTPUT) {
if ((get_io_capa() == BT_SMP_IO_NO_INPUT_OUTPUT) ||
(!IS_ENABLED(CONFIG_BT_SMP_ENFORCE_MITM) &&
(conn->required_sec_level < BT_SECURITY_HIGH))) {
auth &= ~(BT_SMP_AUTH_MITM);
} else {
auth |= BT_SMP_AUTH_MITM;
@@ -2397,7 +2399,7 @@ int bt_smp_send_security_req(struct bt_conn *conn)
}

req = net_buf_add(req_buf, sizeof(*req));
req->auth_req = get_auth(BT_SMP_AUTH_DEFAULT);
req->auth_req = get_auth(conn, BT_SMP_AUTH_DEFAULT);

/* SMP timer is not restarted for SecRequest so don't use smp_send */
bt_l2cap_send(conn, BT_L2CAP_CID_SMP, req_buf);
@@ -2440,7 +2442,7 @@ static u8_t smp_pairing_req(struct bt_smp *smp, struct net_buf *buf)
smp->prsp[0] = BT_SMP_CMD_PAIRING_RSP;
rsp = (struct bt_smp_pairing *)&smp->prsp[1];

rsp->auth_req = get_auth(req->auth_req);
rsp->auth_req = get_auth(conn, req->auth_req);
rsp->io_capability = get_io_capa();
rsp->oob_flag = oobd_present ? BT_SMP_OOB_PRESENT :
BT_SMP_OOB_NOT_PRESENT;
@@ -2576,7 +2578,7 @@ int bt_smp_send_pairing_req(struct bt_conn *conn)

req = net_buf_add(req_buf, sizeof(*req));

req->auth_req = get_auth(BT_SMP_AUTH_DEFAULT);
req->auth_req = get_auth(conn, BT_SMP_AUTH_DEFAULT);
req->io_capability = get_io_capa();
req->oob_flag = oobd_present ? BT_SMP_OOB_PRESENT :
BT_SMP_OOB_NOT_PRESENT;

0 comments on commit 74dbd83

Please sign in to comment.
You can’t perform that action at this time.