Log the security keys that the sniffer needs in order to sucessfully
decrypt the connection.
This option allows the sniffer to work in the cases where enabling
using the SMP debug keys is not wanted, either because it changes the
way the peer behaves or is denied by the peer.
It also enables the sniffer to decrypt a connection where the bond
already exists.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
ISO is a building block for BT_AUDIO but it is not only
useful for AUDIO, and as such should be possible to
enable without enabling BT_AUDIO.
This commit moves iso.c and iso_internal.h to the
host directory (from host/audio) and removes
the CMakeLists.txt.
The /audio directory is left intact for the Kconfig options
it provides, and as a directory for future BLE Audio
content.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Mark the option BT_FIXED_PASSKEY as an insecure option.
During Legacy pairing the passkey is used as encryption key, and
brute-forcing this is easy.
During LE Secure Connections the passkey is checked one bit at a time,
so when it is fixed the passkey can be deduced with series of pairing
attempts.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Refactor out implementation of functions defined in buf.h to its own
source file buf.c
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
Add Bluetooth 5.1 Direction Finding HCI command:
HCI_LE_Read_Antenna_Information handling to Host.
Add wrapper function to handle send the command
and receive response from Controller.
Signed-off-by: Piotr Pryga <piotr.pryga@nordicsemi.no>
Move implementation of hci_driver.h exposed functions to a common file.
The functions exposed by hci_driver.h header file is implemented in
either hci_core.c, or hci_raw.c. But since these functions would be
identical for both implementations have them in a new file that is
included for both.
Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
This adds CONFIG_BT_CONN_DISABLE_SECURITY which can be used to disable
security checks for incoming requests enabling to test accessing GATT
attributes and L2CAP channels that would otherwise require
encryption/authentication in order to be accessed.
It depends on BT_TESTING to indicate to the users that this is a
testing feature which shall not be used in production.
Signed-off-by: Luiz Augusto von Dentz <luiz.von.dentz@intel.com>
Add warning about enabling the options below so that users are
aware that this is a security risk.
- CONFIG_BT_DEBUG_SMP
- CONFIG_BT_DEBUG_KEYS
- CONFIG_BT_OOB_DATA_FIXED
- CONFIG_BT_USE_DEBUG_KEYS
- CONFIG_BT_STORE_DEBUG_KEYS
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Moves the Mesh AES-CCM module out into a separate module, to make it
accessible from other subsystems. Adds the new CCM API in
include/bluetooth/crypto.h along with the bt_encrypt functions.
Signed-off-by: Trond Einar Snekvik <Trond.Einar.Snekvik@nordicsemi.no>
We've already got GATT services in subsys/bluetooth/services so
subsys/bluetooth/mesh is a more natural place. Aditionally this aims
to fix the Kconfig dependencies to be able to use mesh together with
BT_CUSTOM (i.e. a custom, potentially non-HCI, host stack).
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Update the files which contain no license information with the
'Apache-2.0' SPDX license identifier. Many source files in the tree are
missing licensing information, which makes it harder for compliance
tools to determine the correct license.
By default all files without license information are under the default
license of Zephyr, which is Apache version 2.
Signed-off-by: Anas Nashif <anas.nashif@intel.com>
The same functionality is now supported by the settings-based
solution, so remove bt_storage out of the way. There were stubs in
bt_storage to handle per-peer information (e.g. pairing keys) but this
was never actually implemented in full. The next step is to add this
support to the settings-based solution.
Leave the code for generating temporary IRK and identity address in
case BT_SETTINGS is not enabled. Also leave the code for using vendor
HCI to read the identity address, in which case the settings
implementation will not touch it.
Introduce a new bt_unpair() API to replace the removed
bt_storage_clear(), since the latter was actually doing more than just
storage management: it was also handling runtime storage of pairing
information. Later, the bt_unpair() implementation will be extended to
clear settings-based pairing storage.
There is one feature that the bt shell module looses: the ability to
give a specific identity address to the "init" command as a parameter.
We might look later in the future if this is really needed, and add a
separate API for this.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
Introduce a basic skeleton for peristent storage based on the settings
subsystem. Also enable support for this to the peripheral sample
application, so the new code gets exersized by CI. For now, the
implementation provides the same level support as the bt_storage API
ever did, i.e. for the identity address and the IRK.
Signed-off-by: Johan Hedberg <johan.hedberg@intel.com>
This introduces Bluetooth internal API intended to be used for
qualification purposes. Application may register callbacks to get
data that is not exposed by public API.
Signed-off-by: Mariusz Skamra <mariusz.skamra@codecoup.pl>
Introducing CMake is an important step in a larger effort to make
Zephyr easy to use for application developers working on different
platforms with different development environment needs.
Simplified, this change retains Kconfig as-is, and replaces all
Makefiles with CMakeLists.txt. The DSL-like Make language that KBuild
offers is replaced by a set of CMake extentions. These extentions have
either provided simple one-to-one translations of KBuild features or
introduced new concepts that replace KBuild concepts.
This is a breaking change for existing test infrastructure and build
scripts that are maintained out-of-tree. But for FW itself, no porting
should be necessary.
For users that just want to continue their work with minimal
disruption the following should suffice:
Install CMake 3.8.2+
Port any out-of-tree Makefiles to CMake.
Learn the absolute minimum about the new command line interface:
$ cd samples/hello_world
$ mkdir build && cd build
$ cmake -DBOARD=nrf52_pca10040 ..
$ cd build
$ make
PR: zephyrproject-rtos#4692
docs: http://docs.zephyrproject.org/getting_started/getting_started.html
Signed-off-by: Sebastian Boe <sebastian.boe@nordicsemi.no>
