Default the Minimum encryption key size to 16.
Key with reduced size is easier to brut force.
Disable LE legacy pairing by default since it's not secure.
These defaults should suite majority of newly developed applications.
It's better to use sensible more secure defaults,
so applications that really need less secure option consciously change it,
not the other way around.
This may help to prevent downgrade attacks.
Signed-off-by: Sergey Korotkov <sergey.korotkov@nordicsemi.no>
Log the create BIG params for debugging purposes.
Also slightly modifies the `qos` struct to use a more
suitable struct to avoid always doing `qos->tx->` and
can now just be `qos->`.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Referring to MshDFU_v1.0 Sections 6.1.1, 6.2.1 and 7.1.1 model
descriptions: DFU/DFD server/clients extend BLOB Transfer root models
and DFD server requires Firmware Update Client on the same element. For
this reason we need to make sure that those main models or root models
exist on the same element. And also firmware update client can not be
forced to be in the first element.
For all model extention call return the error code in case of an error.
Signed-off-by: alperen sener <alperen.sener@nordicsemi.no>
It is recommended to record the subunit type itself instead of the
subunit ID when validating the transaction. This approach is more
meaningful and less prone to misinterpretation.
Signed-off-by: Zihao Gao <gaozihao@xiaomi.com>
Deprecate BT_CTLR, and add a new HAS_BT_CTLR as a virtual option which
specific users (like BT_LL_SW_SPLIT) select. This also means that we can
remove all places that were forcefully enabling the BT_CTLR option, and
instead we now depend on devicetree to get some local LL HCI driver
enabled which in turn also enables the HAS_BT_CTLR option.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
Removes legacy configuration options. The same coverage is provided by
existing PSA_WANT_... selects.
Signed-off-by: Håvard Reierstad <haavard.reierstad@nordicsemi.no>
Initializes the `net_idx` field of the ack context properly for KRP
functions in the Config Client.
This fixes a problem where `bt_mesh_cfg_cli_krp_get` and
`bt_mesh_cfg_cli_krp_set` would always fail the ack ctx comparison if
`key_net_idx` was != 0.
Signed-off-by: Ludvig Jordet <ludvig.jordet@nordicsemi.no>
After the switch from TinyCrypt to PSA Crypto API as crypto
backend, runtime crashes might happen on some platform due
to BT_LONG_WQ's stack size not being large enough. This
commit fixes this issue.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
When BT_SEND_ECC_EMULATION and the platform uses Mbed TLS as PSA
Crypto provider, we select the Cortex-M software optimized
implementation of the secp256r1 curve algorithms. This is much
faster than the standard support provided by Mbed TLS and it
also reduces ROM footprint.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commits puts in order log messages when unpacking CDP0 and CDP1 so
that it a bit more clear where the error happens.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This commit checks that config client doesn't pull out data outside of
the buffer.
Fixes#80012
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Coverity complains about uninitialized prohibited fields. Even though it
is not used because it is "prohibited", it is simpler to just
initialized it with the value received from a server.
Fixes#81939
Coverity-CID: 434649
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
This moves GATT releated defines that are used by both Mesh Proxy
Service and Mesh Provisioning Service implementations to a common
header file.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
By default if CONFIG_BT_MESH_PROXY_USE_DEVICE_NAME
or CONFIG_BT_MESH_PB_GATT_USE_DEVICE_NAME is enabled, the mesh stack
will add BT_DATA_NAME_COMPLETE AD Type along with the Mesh Proxy Service
or Mesh Provisioning Service advertisements accordingly.
When BT_LE_ADV_OPT_USE_NAME was present and
CONFIG_BT_DEVICE_NAME_DYNAMIC is enabled, the advertised name was
automatically updated by the host. This turned out to be a side-effect
rather than expected behavior and after #71700 this behavior waa
changed.
But customers use dynamic name feature.
This commit makes the mesh stack use bt_get_name to get the device name,
which returns runtime name if CONFIG_BT_DEVICE_NAME_DYNAMIC is enabled.
Signed-off-by: Pavel Vasilyev <pavel.vasilyev@nordicsemi.no>
Since the TinyCrypt library is being deprecated in Zephyr, this
commit modified the dependencies of BT_RPA. Instead of selecting
TinyCrypt, it relies on BT_HOST_CRYPTO or BT_CTLR_CRYPTO. This
helps both in the deprecation process of TinyCrypt, but also this
is more correct dependency since these 2 symbols are extensively
used in the rpa.c source code.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
Since the TinyCrypt library is being deprecated in Zephyr, this
commit set TinyCrypt usage in BT mesh as deprecated and it sets
Mbed TLS PSA Crypto API as the default option (when TF-M is not
available).
Tests are also updated in this commit.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
This commit sets PSA Crypto API as the default library to perform
ECC-DH in HCI, replacing TinyCrypt (which is being deprecated).
Therefore the symbol BT_TINYCRYPT_ECC is renamed as BT_SEND_ECC_EMULATION.
References in samples/tests are also fixed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
CONFIG_BT_USE_PSA_API was used in BT crypto/host modules to select
PSA crypto API over TinyCrypt (which was the default until now).
Since TinyCrypt is being deprecated and PSA crypto API is the new
standard library for crypto operations, CONFIG_BT_USE_PSA_API is
no more needed.
Signed-off-by: Valerio Setti <vsetti@baylibre.com>
The API documentation already states that the controller may require
the scan interval and window used for scanning and connection
establishment to be equal to obtain the best performance.
This commit prints out a warning when this is not the case. The code
size is unchanged when `CONFIG_BT_SCAN_AND_INITIATE_IN_PARALLEL=n`.
This makes application developers aware that using the parameters
`BT_LE_SCAN_ACTIVE_CONTINUOUS` with `BT_CONN_LE_CREATE_CONN` may not
give the best performance.
Signed-off-by: Rubin Gerritsen <rubin.gerritsen@nordicsemi.no>
Because the number of ACL RX buffers must be at least the number of
maximum connections plus one, increasing `CONFIG_BT_MAX_CONN` could
inadvertently lead to a build failure if the number of ACL RX buffers is
not also increased. This dependency may not be obvious to users.
To address this issue, this commit deprecates the
`CONFIG_BT_BUF_RX_COUNT` Kconfig symbol and computes the value in
`buf.h` using the new `BT_BUF_RX_COUNT` define. Note that the default
value and the minimum range value have been changed to 0 to "disable"
the option.
Additionally, to allow users to increase the number of ACL RX buffers,
this commit introduces the new `CONFIG_BT_BUF_RX_COUNT_EXTRA` Kconfig
symbol. The value of this symbol will be added to the computed value of
`BT_BUF_RX_COUNT`.
The configurations of tests and samples have been updated to reflect
these changes.
Signed-off-by: Théo Battrel <theo.battrel@nordicsemi.no>
when receiving the io cap request from controller, call
pairing_accept to check whether application accept the
pairing. If no, reply BT_HCI_OP_IO_CAPABILITY_NEG_REPLY.
Signed-off-by: Mark Wang <yichang.wang@nxp.com>
Fix CIS offset calculation by Central for subsequent CISes
such that when compensating for dissimilar ACL and ISO
intervals, ensure that minimum offset does not cause a
collision between the ACL and the CIS event at the instant.
Fixes commit 3b3d53f09e ("Bluetooth: Controller: Fix CIS
offset_min for dissimilar interval").
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
This API gives better control on L2CAP COC credits and suits better
for Upper Tester implementation.
Co-authored-by: Szymon Janc <szymon.janc@codecoup.pl>
Signed-off-by: Aleksander Wasaznik <aleksander.wasaznik@nordicsemi.no>
This fix calling seg_recv() callback being called even though channel
is being disconnected due to SDU overflow.
Signed-off-by: Szymon Janc <szymon.janc@codecoup.pl>
Fix ISO Sync Receiver implementation to correctly prevent
subevent from pre-empted in the unreserve time space.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix ISO Sync Receiver time reservation calculation to use
peer broadcasted bis_spacing and sub_interval, instead of
incorrectly calculating using local implementation used
tMSS value.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix ISO Sync Receiver implementation to correctly reflect
the payload number and timestamp for the skipped SDU.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
The ASCS unit tests had various errors after adding support for
dynamic registration.
Several tests did not properly clean up after failure, causing other
tests to fail when they shouldn't.
Moved the register tests to their own file as they should not
do the register in the "before" function.
The test_ascs_unregister_with_ases_in_config_state test was also
removed, as it had both issues and the state that it wants to test
cannot be reached with the current API - It is not possible to
put an ASE in the configured state without callbacks,
and registered callbacks prevents us from calling
bt_bap_unicast_server_unregister to trigger the case as that can
only be done if callbacks are unregistered. Since unregistering
callbacks also puts all ASEs to the idle state, it is not possible
to call bt_bap_unicast_server_unregister for a non-idle ASE.
The testcase.yaml was also missing some Kconfig options to
properly enable the client tests.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
bt_le_set_auto_conn() function is not working as
expected. Also, it doesn't have any test coverage
and any usage in sample applications.
The function is deprecated
Fixes#81597
Signed-off-by: Ivan Iushkov <ivan.iushkov@nordicsemi.no>
bt_conn_le_create logs a warning if the provided conn is
non-NULL which was the case here. Simply set it to
NULL as it is a local variable.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Add implementation for Extended Advertising Auxiliary PDUs
to use ticks slot window feature.
This will allow the periodic scheduling of AUX_ADV_IND PDUs
to drift upto 10 ms advertising delay minus the ticks_slot
time reservation of the AUX_ADV_IND PDU when overlapping
with other states/roles that cannot be moved around, to
avoid skipping them.
Having an active Extended Advertising simultaneously with
an ISO Synchronized Receiver or Connected ISO connection
will now have less ISO SDU loss when using 10 ms ISO
intervals.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Introduce ticker reschedule with drift so that role like
AUX_ADV_IND can start after overlapping states and roles
using time reservations.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Fix to reschedule before overlap and be collision resolved
in the next periodic interval for tickers using slot window
yield.
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Remove the deprecated HCI driver API which was provided by the hci_driver.h
header file. The deprecation happened in Zephyr 3.7, so the API can now be
removed for Zephyr 4.1.
Signed-off-by: Johan Hedberg <johan.hedberg@silabs.com>
This commit changes the BSIM tests to use the same recv callback
for all tests. The purpose of this is to reduce code duplication
and make it easier to maintain the tests.
This also changes the recv_cb so that in case of any error we log
the most recently received SDU, which should provide more
information about why a test failed in case of RX error.
PBP had to be updated a bit to support the audio_stream
struct.
Also modifies a check and log in bap_stream that was less than
helpful to determine if it was the stream or the endpoint that
was NULL.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Aligns subnet bridge related commands according to conventions used for
rest of the shell commands. Also updates documentations to reflect the
change.
Signed-off-by: Omkar Kulkarni <omkar.kulkarni@nordicsemi.no>
TASK_SHUTDOWN was deprecated in newer SOCs and now removed
in MDK 8.68 (nrfx 3.9.0)
Signed-off-by: Alberto Escolar Piedras <alberto.escolar.piedras@nordicsemi.no>
Signed-off-by: Vinayak Kariappa Chettimada <vich@nordicsemi.no>
Change the select to a depends on for the Kconfig options
for HAS and HAS_CLIENT.
This is an effort to reduce the number of selects used by
LE Audio.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Change the select of BT_PER_ADV_SYNC and BT_EXT_ADV to
depends on. This is an effort to reduce the use of
select for Kconfig options.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
Modify ASCS and BAP Broadcast sink to depend on the PAC options
instead of selecting them.
Since Kconfig does not support "depends on X if Y",
a select for PAC_{SRC,SNK} is used depending on
ASCS_ASE_{SRC,SNK}.
Signed-off-by: Emil Gydesen <emil.gydesen@nordicsemi.no>
