Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Skip to content
Commit f20fdd9b authored by Brian Delwiche's avatar Brian Delwiche
Browse files

Disallow connect with Secure Connections downgrade 

As a guard against the BLUFFS attack, check security parameters of
incoming connections against cached values and disallow connection if
these parameters are downgraded or changed from their cached values.

This CL adds the connection-time check for Secure Connections mode.

Bug: 314331379
Test: m libbluetooth
Test: manual

To test this CL, please ensure that BR/EDR initial connections and reconnections  (after cycling remote devices, cycling Bluetooth, restarting the phone, etc.) work against remote devices which both support and do not support Secure Connections mode, and with all supported bonding types.  Basic validation of LE bonding functionality should be done as well.

Tag: #security
Ignore-AOSP-First: Security
Merged-In: I874a606a8e61006651dfb0932365b1aea248c100
Merged-In: Ica99bf1dc47163b17e0649450398006edf4364d6
Change-Id: I9130476600d31b59608e0e419b5136d255174265
parent 3cf3d9d9
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment