fix(nimble): Fixed BLE security vulnerability when using fixed IRK

rahult-github · rahult-github · commit e5c1a03e52dc · 2024-07-25T15:11:59.000+05:30
diff --git a/components/bt/host/nimble/Kconfig.in b/components/bt/host/nimble/Kconfig.in
@@ -164,6 +164,16 @@ config BT_NIMBLE_NVS_PERSIST
     help
             Enable this flag to make bonding persistent across device reboots
 
+config BT_NIMBLE_SMP_ID_RESET
+    bool "Reset device identity when all bonding records are deleted"
+    default n
+    help
+        There are tracking risks associated with using a fixed or static IRK.
+        If enabled this option, Bluedroid will assign a new randomly-generated IRK
+        when all pairing and bonding records are deleted. This would decrease the ability
+        of a previously paired peer to be used to determine whether a device
+        with which it previously shared an IRK is within range.
+
 menuconfig BT_NIMBLE_SECURITY_ENABLE
     bool "Enable BLE SM feature"
     depends on BT_NIMBLE_ENABLED
diff --git a/components/bt/host/nimble/nimble b/components/bt/host/nimble/nimble
@@ -1 +1 @@
-Subproject commit ec9f21253ae539b44855fed223bee52979a9d251
+Subproject commit 46ae5865554f2fd7df829b6b9b5ca24522b9ad76
diff --git a/components/bt/host/nimble/port/include/esp_nimble_cfg.h b/components/bt/host/nimble/port/include/esp_nimble_cfg.h
@@ -892,6 +892,14 @@
 #define MYNEWT_VAL_BLE_SM_THEIR_KEY_DIST (0)
 #endif
 
+#ifndef MYNEWT_VAL_BLE_SMP_ID_RESET
+#ifdef CONFIG_BT_NIMBLE_SMP_ID_RESET
+#define MYNEWT_VAL_BLE_SMP_ID_RESET CONFIG_BT_NIMBLE_SMP_ID_RESET
+#else
+#define MYNEWT_VAL_BLE_SMP_ID_RESET (0)
+#endif
+#endif
+
 #ifndef MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS
 #define MYNEWT_VAL_BLE_CRYPTO_STACK_MBEDTLS (CONFIG_BT_NIMBLE_CRYPTO_STACK_MBEDTLS)
 #endif
