diff --git a/doc/releases/migration-guide-4.1.rst b/doc/releases/migration-guide-4.1.rst index fa5cc2ed95f..d14d547b39d 100644 --- a/doc/releases/migration-guide-4.1.rst +++ b/doc/releases/migration-guide-4.1.rst @@ -243,6 +243,10 @@ Bluetooth Host The default value of :kconfig:option:`CONFIG_BT_BUF_ACL_RX_COUNT` has been set to 0. +* LE legacy pairing is no longer enabled by default since it's not secure. Leaving it enabled + makes a device vulnerable for downgrade attacks. If an application still needs to use LE legacy + pairing, it should disable :kconfig:option:`CONFIG_BT_SMP_SC_PAIR_ONLY` manually. + Bluetooth Crypto ================ diff --git a/samples/bluetooth/peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf b/samples/bluetooth/peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf index 7ffe275701c..47108c0aec4 100644 --- a/samples/bluetooth/peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf +++ b/samples/bluetooth/peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf @@ -1,3 +1,5 @@ # Set same the ACL RX buffer size as in hci_ipc on netcore so that # HCI Controller to Host Flowcontrol is supported. CONFIG_BT_BUF_ACL_RX_SIZE=255 + +CONFIG_BT_SMP_SC_PAIR_ONLY=n diff --git a/subsys/bluetooth/host/Kconfig b/subsys/bluetooth/host/Kconfig index 0478de2f45a..8094e3ae67f 100644 --- a/subsys/bluetooth/host/Kconfig +++ b/subsys/bluetooth/host/Kconfig @@ -549,6 +549,7 @@ config BT_SMP_APP_PAIRING_ACCEPT config BT_SMP_SC_PAIR_ONLY bool "Disable legacy pairing" + default y help This option disables LE legacy pairing and forces LE secure connection pairing. All Security Mode 1 levels can be used with legacy pairing @@ -744,8 +745,7 @@ config BT_SMP_MIN_ENC_KEY_SIZE int prompt "Minimum encryption key size accepted in octets" if !BT_SMP_SC_ONLY range 7 16 - default 16 if BT_SMP_SC_ONLY - default 7 + default 16 help This option sets the minimum encryption key size accepted during pairing. diff --git a/tests/bluetooth/host/id/bt_le_oob_set_legacy_tk/prj.conf b/tests/bluetooth/host/id/bt_le_oob_set_legacy_tk/prj.conf index 7041a2b047e..e390d293d14 100644 --- a/tests/bluetooth/host/id/bt_le_oob_set_legacy_tk/prj.conf +++ b/tests/bluetooth/host/id/bt_le_oob_set_legacy_tk/prj.conf @@ -3,6 +3,7 @@ CONFIG_BT=y CONFIG_BT_CENTRAL=y CONFIG_BT_EXT_ADV=y CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n CONFIG_BT_ID_MAX=4 CONFIG_ASSERT=y CONFIG_ASSERT_LEVEL=2 diff --git a/tests/bluetooth/tester/prj.conf b/tests/bluetooth/tester/prj.conf index a5ad5cb5787..3edea64b22c 100644 --- a/tests/bluetooth/tester/prj.conf +++ b/tests/bluetooth/tester/prj.conf @@ -8,6 +8,8 @@ CONFIG_BT_CENTRAL=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_PRIVACY=n CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n +CONFIG_BT_SMP_MIN_ENC_KEY_SIZE=7 CONFIG_BT_SMP_ENFORCE_MITM=n CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE=y CONFIG_BT_SMP_APP_PAIRING_ACCEPT=y diff --git a/tests/bsim/bluetooth/host/att/retry_on_sec_err/client/prj.conf b/tests/bsim/bluetooth/host/att/retry_on_sec_err/client/prj.conf index 32e911d4396..e4d047b494e 100644 --- a/tests/bsim/bluetooth/host/att/retry_on_sec_err/client/prj.conf +++ b/tests/bsim/bluetooth/host/att/retry_on_sec_err/client/prj.conf @@ -4,6 +4,7 @@ CONFIG_BT=y CONFIG_BT_CENTRAL=y CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n CONFIG_BT_GATT_CLIENT=y CONFIG_BT_ATT_RETRY_ON_SEC_ERR=y diff --git a/tests/bsim/bluetooth/host/att/retry_on_sec_err/server/prj.conf b/tests/bsim/bluetooth/host/att/retry_on_sec_err/server/prj.conf index 1b3a186979e..5529c897bdf 100644 --- a/tests/bsim/bluetooth/host/att/retry_on_sec_err/server/prj.conf +++ b/tests/bsim/bluetooth/host/att/retry_on_sec_err/server/prj.conf @@ -6,6 +6,7 @@ CONFIG_BT_PERIPHERAL=y CONFIG_BT_DEVICE_NAME_DYNAMIC=y CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n CONFIG_BT_EXT_ADV=y diff --git a/tests/bsim/bluetooth/ll/conn/prj_split_hci_uart.conf b/tests/bsim/bluetooth/ll/conn/prj_split_hci_uart.conf index 326cb04c468..f97b14c88a7 100644 --- a/tests/bsim/bluetooth/ll/conn/prj_split_hci_uart.conf +++ b/tests/bsim/bluetooth/ll/conn/prj_split_hci_uart.conf @@ -4,6 +4,7 @@ CONFIG_BT_CENTRAL=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_PRIVACY=y CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n CONFIG_BT_SIGNING=y CONFIG_BT_BAS=y CONFIG_BT_HRS=y diff --git a/tests/bsim/bluetooth/ll/conn/prj_split_privacy.conf b/tests/bsim/bluetooth/ll/conn/prj_split_privacy.conf index 7c490964fbe..1147e89ada6 100644 --- a/tests/bsim/bluetooth/ll/conn/prj_split_privacy.conf +++ b/tests/bsim/bluetooth/ll/conn/prj_split_privacy.conf @@ -4,6 +4,7 @@ CONFIG_BT_CENTRAL=y CONFIG_BT_PERIPHERAL=y CONFIG_BT_PRIVACY=y CONFIG_BT_SMP=y +CONFIG_BT_SMP_SC_PAIR_ONLY=n CONFIG_BT_SIGNING=y CONFIG_BT_BAS=y CONFIG_BT_HRS=y diff --git a/tests/bsim/bluetooth/samples/central_hr_peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf b/tests/bsim/bluetooth/samples/central_hr_peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf index 4d2c3afd09e..2565323d6c6 100644 --- a/tests/bsim/bluetooth/samples/central_hr_peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf +++ b/tests/bsim/bluetooth/samples/central_hr_peripheral_hr/boards/nrf5340bsim_nrf5340_cpuapp.conf @@ -1 +1,3 @@ CONFIG_BT_BUF_ACL_RX_SIZE=255 + +CONFIG_BT_SMP_SC_PAIR_ONLY=n