97d59a7c6d
Mark the option BT_FIXED_PASSKEY as an insecure option. During Legacy pairing the passkey is used as encryption key, and brute-forcing this is easy. During LE Secure Connections the passkey is checked one bit at a time, so when it is fixed the passkey can be deduced with series of pairing attempts. Signed-off-by: Joakim Andersson <joakim.andersson@nordicsemi.no>
1.9 KiB
1.9 KiB
| 1 | HW_STACK_PROTECTION | y |
|---|---|---|
| 2 | INIT_STACKS | n |
| 3 | KERNEL_DEBUG | n |
| 4 | BOOT_BANNER | n |
| 5 | BOOT_DELAY | 0 |
| 6 | THREAD_MONITOR | n |
| 7 | THREAD_NAME | n |
| 8 | STACK_CANARIES | y |
| 9 | EXECUTE_XOR_WRITE | y |
| 10 | STACK_POINTER_RANDOM | 100 |
| 11 | BOUNDS_CHECK_BYPASS_MITIGATION | y |
| 12 | PERFORMANCE_METRICS | n |
| 13 | STATS | n |
| 14 | DEBUG | n |
| 15 | TRACING | n |
| 16 | STACK_USAGE | n |
| 17 | PRINTK | n |
| 18 | EARLY_CONSOLE | n |
| 19 | ASSERT | n |
| 20 | OBJECT_TRACING | n |
| 21 | OVERRIDE_FRAME_POINTER_DEFAULT | y |
| 22 | DEBUG_INFO | n |
| 23 | OPENOCD_SUPPORT | n |
| 24 | TRACING_CPU_STATS | n |
| 25 | TRACING_CTF | n |
| 26 | USE_SEGGER_RTT | n |
| 27 | LOG | n |
| 28 | SHELL | n |
| 29 | TEST_RANDOM_GENERATOR | n |
| 30 | ZTEST | n |
| 31 | TEST | n |
| 32 | TEST_SHELL | n |
| 33 | TEST_EXTRA_STACKSIZE | 0 |
| 34 | TEST_USERSPACE | n |
| 35 | BUILD_OUTPUT_STRIPPED | y |
| 36 | SOC_ATMEL_SAME70_DISABLE_ERASE_PIN | y |
| 37 | SOC_ATMEL_SAME70_WAIT_MODE | n |
| 38 | FAULT_DUMP | 0 |
| 39 | EXCEPTION_DEBUG | n |
| 40 | X86_MMU | y |
| 41 | BUILTIN_STACK_GUARD | y |
| 42 | MPU_STACK_GUARD | y |
| 43 | STACK_SENTINEL | y |
| 44 | BT_DEBUG_SMP | n |
| 45 | BT_OOB_DATA_FIXED | n |
| 46 | BT_FIXED_PASSKEY | n |
| 47 | BT_DEBUG_KEYS | n |
| 48 | BT_USE_DEBUG_KEYS | n |
| 49 | BT_STORE_DEBUG_KEYS | n |
| 50 | BT_CONN_DISABLE_SECURITY | n |
| 51 | MCUMGR_CMD_FS_MGMT | n |