Commit 1cd09e2b authored by schneider's avatar schneider

fix(ble): Actually require a MITM protected connection

Not that it really matters much at the moment as we allow bondings at
any point in time, but this will hopefully change soon.
parent 5d4325cf
......@@ -87,11 +87,11 @@ static const appSlaveCfg_t bleSlaveCfg =
/*! configurable parameters for security */
static const appSecCfg_t bleSecCfg =
{
DM_AUTH_BOND_FLAG | DM_AUTH_SC_FLAG, /*! Authentication and bonding flags */
0, /*! Initiator key distribution flags */
DM_KEY_DIST_LTK, /*! Responder key distribution flags */
FALSE, /*! TRUE if Out-of-band pairing data is present */
TRUE /*! TRUE to initiate security upon connection */
.auth = DM_AUTH_MITM_FLAG | DM_AUTH_BOND_FLAG | DM_AUTH_SC_FLAG, /*! Authentication and bonding flags */
.iKeyDist = 0, /*! Initiator key distribution flags */
.rKeyDist = DM_KEY_DIST_LTK, /*! Responder key distribution flags */
.oob=FALSE, /*! TRUE if Out-of-band pairing data is present */
.initiateSec = TRUE /*! TRUE to initiate security upon connection */
};
/*! configurable parameters for connection parameter update */
......@@ -118,15 +118,15 @@ static const basCfg_t bleBasCfg =
/*! SMP security parameter configuration */
static const smpCfg_t bleSmpCfg =
{
3000, /*! 'Repeated attempts' timeout in msec */
SMP_IO_DISP_YES_NO, /*! I/O Capability */
7, /*! Minimum encryption key length */
16, /*! Maximum encryption key length */
3, /*! Attempts to trigger 'repeated attempts' timeout */
DM_AUTH_MITM_FLAG, /*! Device authentication requirements */
64000, /*! Maximum 'Repeated attempts' timeout in msec */
64000, /*! Time msec before attemptExp decreases */
2, /*! Exponent to raise attemptTimeout on maxAttempts */
.attemptTimeout = 3000, /*! 'Repeated attempts' timeout in msec */
.ioCap = SMP_IO_DISP_YES_NO, /*! I/O Capability */
.minKeyLen = 16, /*! Minimum encryption key length */
.maxKeyLen = 16, /*! Maximum encryption key length */
.maxAttempts = 3, /*! Attempts to trigger 'repeated attempts' timeout */
.auth = DM_AUTH_MITM_FLAG | DM_AUTH_SC_FLAG, /*! Device authentication requirements */
.maxAttemptTimeout = 64000, /*! Maximum 'Repeated attempts' timeout in msec */
.attemptDecTimeout = 64000, /*! Time msec before attemptExp decreases */
.attemptExp = 2, /*! Exponent to raise attemptTimeout on maxAttempts */
};
/* Configuration structure */
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment