Commit Graph

10 Commits

Author SHA1 Message Date
“YangZhao”
12ec4866b8 Fix the high-impact issues from the code analysis report from customer.
For the CID10564,10384,10280,10098,10038,The memory was released in other place.
For the CID10365,it release the memory in the function when sent successfully.
For the CID10268,10011, we need not change the code.
2021-11-22 17:38:02 +08:00
Chinmay Chhajed
b75e034b3c Bluedroid: Check only x component of passkey to avoid passkey impersonation attack. 2021-05-28 14:28:54 +05:30
zwj
077722696a add option to enable multi-connection 2021-04-20 02:41:14 +00:00
zwj
7c1c669799 component/bt: add BLE v5.0 feature for bluedroid host 2021-01-15 17:55:12 +08:00
Chinmay Chhajed
d73ebb570b Bluedroid: Fixes for some vulnerabilities.
This commit fixes 'Impersonation in Passkey entry protocol'
(CVE-2020-26558) and suggests fixes for other vulnerabilites like
'Impersonation in the Pin Pairing Protocol' (CVE-2020-26555) and
'Authentication of the LE Legacy Pairing Protocol'

CVE-2020-26558 can be easily implemented if the peer device can
impersonate our public key. This commit adds a check by comparing our
and received public key and returns failed pairing if keys are same.

This commit also adds comments suggesting to use secure connection when
supported by all devices.
2020-12-24 10:52:12 +00:00
Angus Gratton
66fb5a29bb Whitespace: Automated whitespace fixes (large commit)
Apply the pre-commit hook whitespace fixes to all files in the repo.

(Line endings, blank lines at end of file, trailing whitespace)
2020-11-11 07:36:35 +00:00
wangcheng
418b32e71b master missing BLE_AUTH_CMPL_EVT after restart 2020-05-13 20:33:24 +08:00
Geng Yu Chao
46c53ab8c8 btdm:fix the problem that Not getting complete Identity Address (Public Address) of the Privacy-enabled Bonded Device after bonding. beacuse of the wrong memcpy in LE_KEY callback handler. 2019-12-09 15:21:49 +08:00
Prasad Alatkar
2c3648b619 BT/Bluedroid : Add support to set min encryption key requirement
- Modifies `smp_utils.c` to add check on encryption key size received from
  peer.
- Modifies `esp_ble_gap_set_security_param` API to add minimum encryption key
  size requirement.
2019-09-25 11:56:47 +08:00
Hrishikesh Dhayagude
21165edf41 Bluetooth component refactoring 2019-06-30 16:39:00 +08:00