Add support for checking security downgrade
As a guard against the BLUFFS attack, we will need to check the security parameters of incoming connections against cached values and disallow connection if these parameters are downgraded or changed from their cached values. Future CLs will add checks during connection. This CL adds the functions that will be needed to perform those checks and the necessary mocks. Currently supported checks are : IO capabilities (must be an exact match), Secure Connections capability (must not be a downgrade), and session key length (must not be a downgrade). Maximum session key length, which was previously not cached, has been added to the device security manager cache. To QA: This CL is a logical no-op by itself. Tests should be performed as described in ag/25815924 and ag/25815925/ Bug: 314331379 Test: m libbluetooth Tag: #security Ignore-AOSP-First: Security (cherry picked from commit 3cf3d9d9) (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:c17811e6a2357eb34368a1a0a6ed5dec19d980ed) Merged-In: I972fd4a3a4d4566968d097df9f27396a821fb24f Change-Id: I972fd4a3a4d4566968d097df9f27396a821fb24f
Showing
- system/btif/src/btif_storage.cc 30 additions, 0 deletionssystem/btif/src/btif_storage.cc
- system/include/hardware/bluetooth.h 14 additions, 0 deletionssystem/include/hardware/bluetooth.h
- system/stack/btm/btm_sec.cc 103 additions, 0 deletionssystem/stack/btm/btm_sec.cc
- system/stack/btm/btm_sec.h 23 additions, 0 deletionssystem/stack/btm/btm_sec.h
- system/stack/include/sec_hci_link_interface.h 3 additions, 0 deletionssystem/stack/include/sec_hci_link_interface.h
- system/test/headless/bt_property.cc 6 additions, 0 deletionssystem/test/headless/bt_property.cc
- system/test/mock/mock_stack_btm_sec.cc 9 additions, 0 deletionssystem/test/mock/mock_stack_btm_sec.cc
Loading
Please register or sign in to comment