robertc2000 opened a new pull request, #16364:
URL: https://github.com/apache/nuttx/pull/16364
## Summary
This PR introduces support for Legacy Bluetooth Pairing with Passkey Entry,
specifically enabling the NuttX device to act in a "DisplayOnly" I/O capability
role. This allows the device to pair with a peer (e.g., a smartphone) that has
keyboard input capabilities, achieving Man-in-the-Middle (MITM) protection
(Security Level 3 - BT_SECURITY_HIGH).
## Impact
- Enables legacy MITM-protected pairing for Bluetooth using "Passkey Entry",
which enhances the security of Bluetooth connections compared to "Just Works"
pairing. Thus, applications are now able to request and make use of
BT_SECURITY_HIGH level.
- Introduces a new authentication callback API (bt_smp_auth_cb_s) that
applications must implement, for example if they wish to support Passkey
display in a way other than a simple console log (e.g. via an LCD display).
- Configuration: added a new configuration option to define the device's I/O
capabilities. The user must select 'DeviceOnly' to enable MITM protection
logic. By default, it is set to NoInput/NoOutput capabilities which means it
will use the 'Just Works' method.
- Core SMP Logic: pairing request/response handlers now select the pairing
method based on mutual capabilities and determine/generate the Temporary Key
(TK) accordingly (passkey-derived or zero for Just Works). The security level
achieved during pairing is now stored with the connection and the derived keys.
Other changes include refinement of security request handlers to integrate this
feature and to accurately track key distribution.
- GATT Access Control: attributes that require higher privileges can now be
read/written only after the user has authenticated successfully. Permission
flags such as BT_GATT_PERM_READ_AUTHEN or BT_GATT_PERM_WRITE_AUTHEN are now
correctly enforced based on the achieved `conn->sec_level`.
## Testing
1. Setup
- Used an ESP32 board as the NuttX device
- Peer device: Android smartphone running nRF Connect for Mobile (as a
Master device which attempts to connect and request bonding with the NuttX
slave device)
2. Test Cases Executed:
- **Successful Pairing (Peer Initiated):**
- nRF Connect connected to NuttX and initiated bonding.
- NuttX correctly displayed the 6-digit passkey on its console.
- The displayed passkey was entered into nRF Connect app on the phone.
- Pairing completed successfully as shown by the logs on NuttX, and
also by the Android app which displays successful bonding status.
- **Failed Pairing (Incorrect Passkey):**
- An incorrect passkey was entered into nRF Connect.
- Pairing failed. NuttX rejected the request and no bonding was made.
- **Testing NoInputNoOutput:**
- While the first 2 tests focused on testing the MITM feature, this
test verifies that if the device is configured with no IO capabilities
(therefore MITM is not possible in this case), the stack defaults to
negotiating with the peer to using 'Just Works' method.
- **Testing GATT access controls:**
- Defined an attribute with BT_GATT_PERM_READ_AUTHEN (can be read only
by authenticated users).
- Failed to read it as an unauthenticated user.
- Successfully read it as an authenticated user.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscr...@nuttx.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
