Security failed level 1 err 9 connecting error with bonded device

Hi all!

I'm developing a BLE device implementing automation IO profile, peripheral role.

I can connect normally and discover all services and characteristics from nRF Connect android app, but after bonding, I never can connect again, I receive 

Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
Disconnected (reason 61)

Am I missing something? Do I need to manually save bond information?

My code is the following:

Fullscreen
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
#include <zephyr/zephyr.h>
#include <zephyr/logging/log.h>
#include <zephyr/bluetooth/bluetooth.h>
#include <zephyr/bluetooth/uuid.h>
#include <zephyr/bluetooth/gatt.h>
#include <zephyr/settings/settings.h>
#include <device.h>
#include <drivers/flash.h>
#include <storage/flash_map.h>
#include <fs/nvs.h>
#include <stdio.h>
#include <string.h>
#include "../cfg/config.h"
#include "ble.h"
#include <zephyr/kernel.h>
#include <zephyr/sys/reboot.h>
#include <zephyr/sys/printk.h>
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Thanks!

Pedro.

Parents
  • Hi Pedro,

    Are you able to upload your project so I can try to reproduce the error on my end? The pairing fails because the link is encrypted/decrypted incorrectly, which is unusual error. The bonding information should be stored to flash automatically be the Zephyr host. 

    Best regards,

    Vidar

  • Hi Vidar,

    Attached to this post you can find the project. 

    Thanks for your help!

    ble-io-bridge-periph.zip

    Edit: I'm using ncs 2.0.2

  • Hi Vidar,

    Thanks for the modified fw! I've tested it and got same error when trying to connect after bonding.

    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected (reason 61)

    But I discovered the problem was the mobile phone! (A Huawei P20 Pro). Even rebooting phone, reinstalling nRF Connect app, deleting bondings... didn't work. I tried with another phones (1 iphone and 2 android) and worked perfectly.

    Why can this be happening?

    Thank you very much for your help. Now I'm using another phone to do tests and all is working fine. 

  • Hi Pedro,

    It is good to know that you are not seeing this issue with other phones. But I haven't found any known interoperability issues in our database for this particular phone that should affect pairing. Do you have a nRF52 DK board to test with? It would be interesting to know if you experienced the same pairing error with other SDK samples. 

    Best regards,

    Vidar

  • Hi Vidar,

    I tested ble-io-bridge-periph-mod.zip with a nRF52 DK (nRF52832) and same problem occurs with a Huawei P20 pro. I hope this info helps you. If you need I do more test just ask me.

    Kind regards, 

    Pedro.

  • Hi Pedro,

    What I meant to suggest was that you try pairing with an entirely different application to see if it results in the same error. This might help narrow down the problem. It's possible that the issue might be timing related somehow.

    Attached is a precompiled hex for the HID keyboard example from nRF5 SDK 17.1.0 which you may try.

    1055.ble_app_hids_keyboard_pca10040_s132.hex

    You can use nrfjprog to program it:

    Fullscreen
    1
    $ nrfjprog --program ble_app_hids_keyboard_pca10040_s132.hex --chiperase --verify -r
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    Kind regards,

    Vidar

  • Hi Vidar,

    I tested your precompiled example in nRF52 DK and Huawei P20 pro and it works perfectly. After bonding I can connect and disconnect manually, and also when I reset nRF52 DK, it connects automatically to phone.

    Kind regards,

    Pedro

    Edit: I tried with HIDS Keyboard sample in NCS 2.0.2 and does not work after bonding. Same security problem occurs. It keeps trying to connect in a loop, throwing this error:

    Fullscreen
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Reply
  • Hi Vidar,

    I tested your precompiled example in nRF52 DK and Huawei P20 pro and it works perfectly. After bonding I can connect and disconnect manually, and also when I reset nRF52 DK, it connects automatically to phone.

    Kind regards,

    Pedro

    Edit: I tried with HIDS Keyboard sample in NCS 2.0.2 and does not work after bonding. Same security problem occurs. It keeps trying to connect in a loop, throwing this error:

    Fullscreen
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    Connected 3C:CD:5D:3F:DC:50 (public)
    Advertising successfully started
    Security failed: 3C:CD:5D:3F:DC:50 (public) level 1 err 9
    Disconnected from 3C:CD:5D:3F:DC:50 (public) (reason 61)
    Advertising continued
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Children
  • Hi Pedro,

    Interesting find. Can you please also try the ble_app_hrs example from nRF5 SDK 17.1.0 (hex file is attached). This example supports LE secure connections pairing, same as the HID example in NCS. 

    7178.ble_app_hrs_pca10040_s132.hex

    Kind regards,

    Vidar

  • Hi Vidar!

    7178.ble_app_hrs_pca10040_s132.hex

    This example works fine with P20 pro.

    Kind regards,

    Pedro.

  • Hi Pedro,

    Please try the hex attached below as well, if you don't mind testing a bit more. This is the HID keyboard sample from SDK v2.4.2.

    1134.zephyr.hex

    Please also remember to erase the chip between the tests to ensure there is no existing bonding data stored on the device which may affect the result.

    Kind regards,

    Vidar

  • Hi Vidar,

    I flashed your hex with nrfjprog --program zephyr.hex --chiperase --verify -r but unfortunately I can not see any device that seems to be your example, when scanning ble with nrf connect app. I tried with 2 phones.

    What is the advertising name?

    This is the log info I can see in the serial port of nRF52 DK:

    Fullscreen
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    *** Booting Zephyr OS build v3.3.99-ncs1-1 ***
    Starting Bluetooth Peripheral HIDS keyboard example
    I: 6 Sectors of 4096 bytes
    I: alloc wra: 0, fd0
    I: data wra: 0, 1c
    I: SoftDevice Controller build revision:
    I: e0 7e 2e c1 5e 05 85 23 |.~..^..#
    I: 46 15 dc fa 8e 29 7d 70 |F....)}p
    I: 10 93 a5 fc |....
    I: HW Platform: Nordic Semiconductor (0x0002)
    I: HW Variant: nRF52x (0x0002)
    I: Firmware: Standard Bluetooth controller (0x00) Version 224.11902 Build 2231721665
    I: No ID address. App must call settings_load()
    Bluetooth initialized
    I: Identity: D7:06:A1:24:26:8D (random)
    I: HCI: version 5.4 (0x0d) revision 0x1077, manufacturer 0x0059
    I: LMP: version 5.4 (0x0d) subver 0x1077
    NFC configuration start
    NFC configuration done
    XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

    if you don't mind testing a bit more.

    I'm here to help!

    Kind regards,

    Pedro.

  • Hi Pedro,

    I'm not sure why it didn't work. It's supposed to advertise as "Nordic_HIDS_keyboard". Please try this hex file instead.

    4645.zephyr.hex

    Thanks,

    Vidar