esp_ble_mesh_provisioner_set_static_oob_value() function

This function is called by Provisioner to set static oob value used for provisioning. AuthValues selected using a cryptographically secure random or pseudorandom number generator and having the maximum permitted entropy (128-bits) will be most difficult to brute-force. AuthValues with reduced entropy or generated in a predictable manner will not grant the same level of protection against this vulnerability. Selecting a new AuthValue with each provisioning attempt can also make it more difficult to launch a brute-force attack by requiring the attacker to restart the search with each provisioning attempt (CVE-2020-26556).

Syntax

Show:

Summary

Declaration

from esp_ble_mesh_provisioning_api.h:348

esp_err_t esp_ble_mesh_provisioner_set_static_oob_value(const uint8_t *value, uint8_t length);

Arguments

Argument

Description

value

Pointer to the static oob value.

length

Length of the static oob value.

Return value

ESP_OK on success or error code otherwise.

Notes

The Bluetooth SIG recommends that mesh implementations enforce a randomly selected AuthValue using all of the available bits, where permitted by the implementation. A large entropy helps ensure that a brute-force of the AuthValue, even a static AuthValue, cannot normally be completed in a reasonable time (CVE-2020-26557).