Questions about BLE security settings

Hello, I'm an engineer living in Japan.

【Development environment】
"PCA10040 (nRF52832)" x 2 (central/peripheral)
"SDK:17.1.0"
"IDE:Segger Embedded Studio for ARM7.10a"

This is a question regarding BLE security settings.

Below are the security measures I would like to implement on the peripheral side.

●Security settings that I want to set
1. When connecting for the first time, allow connections from any central device.

2. For the second and subsequent connections, only the central device connected the first time will be accepted.
　* It does not appear when searching from the central device.

3. Delete connection information only when a specific button is pressed, and accept only the central device when connecting for the first time.

I used "ble_app_hids_keyboard" stored in the SDK of Ver17.1.0 as a reference.
Set up security using “peer manager” + “whitelist”
I ported it to a program I created, but the connection refusal behavior did not work.

When you check the log output from the "ble_app_hids_keyboard" sample program,
I understand that if the following log is output, the connection will be refused from the second generation.

"<info> app: m_whitelist_peer_cnt 1, MAX_PEERS_WLIST 8"
In the program I created, even if I connect from central
The connection could not be refused because the status did not change from "m_whitelist_peer_cnt 0".
I have confirmed that the advertisement signal from the peripheral is received by the central and is working.

Question 1)
Please tell me the conditions under which "m_whitelist_peer_cnt" is counted up in the sample program "ble_app_hids_keyboard".

Question 2)
Please let me know if there is a way to deny connections from the second device onwards using peer manager.
　
Question 3)
It seems possible to make the whitelist work without using a peer manager.
Please tell me the disadvantages (risks) in that case.
*This is the code written in "nrf_dfu_ble.c".

Question 4)
Please tell me the recommended method for implementing the above "security settings that I want to set".
It would be helpful if you could tell me with sample code.

Top Replies

Terutaka Takeuji over 1 year ago in reply to Hung Bui +1 verified

Hello, Hung Bui Last weekend, I was able to develop a central side sample program using nRF52832. I can now connect the nRF52832 to the peripheral side program "25841.main.c" and build a product that…

Parents

0 Hung Bui over 1 year ago

Hi,

Please clarify, when you tested with the ble_app_his_keyboard, the security feature of the example is what you need, correct ?
This means you can pair with a central, after that the m_whitelist_peer_cnt will be increased. You can't connect with other centrals. If you want to allow a new central to connect you press button 2 (BTN_ID_WHITELIST_OFF) then the device will advertise openly and allow ne central to connect.

If that's what you need, then we will need to look into why in your application it didn't work that way. m_whitelist_peer_cnt should be increased if you do bonding with the central device and the bond information is stored (handled by peer manager automatically). You need to make sure that bonding is enabled (SEC_PARAM_BOND=1)
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Terutaka Takeuji over 1 year ago in reply to Hung Bui

Mr. Hung Bui, thank you for your reply.
I apologize for not being able to reply as I have been away for a long time.
I started work yesterday for the first time in a while, but the problem is still not resolved.

I understand the confirmation contents of the sample program "ble_app_his_keyboard".
I understand that pressing button 2 (BTN_ID_WHITELIST_OFF) to reset will remove the whitelist information.
"SEC_PARAM_BOND=1" was the same in the program I created, so there is no problem.

I asked this question because I wanted to port the whitelist to a program I was creating using "ble_app_his_keyboard" as a reference, but the method using a peer manager required the use of the "ble_advertising.c" module. When I ported this to a program I was writing, the build succeeded, but I found that the functionality I was building was affected.
Therefore, we are considering doing away with dynamic whitelisting using peer managers.

Starting today, I would like to implement a dynamic whitelist without using a peer manager.
I would like to apply a dynamic whitelist using the DFU method using "nrf_dfu_ble.c" as a reference.
However, I am having trouble finding any reference materials even after searching on DevZone and the Internet.
I found multiple tickets asking similar questions to mine, but no proper answers.

question)
Please let me know if there is a sample program that implements a dynamic whitelist on the peripheral side without using a peer manager.
I would like to know what kind of sample programs I can build if I only have DFU samples.

thank you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Terutaka Takeuji over 1 year ago in reply to Hung Bui

thank you for your reply.
Sorry for the late reply, I was busy with other work.

I checked the operation of the "3872.main.c" you sent to me on the HRS (Heart Rate Sensor) project.
The results were as follows.

■Heart Rate Sensor sample operation results
Confirmed with 2 smartphones and 1 nRF52832.
　
①Start advertising
Scan with smartphone A and smartphone B and both will be displayed.
② Connection
Establish a connection with smartphone A.
A connection cannot be established from smartphone B.
③Disconnection
　Disconnect the connection using smartphone A.
The peripheral LED lamp does not go out.
A connection can be made from smartphone B.
*Unstable condition.
④Reset processing Power On/Off
I scanned with smartphone A and smartphone B and could not search for either.
*Is the whitelist enabled?
⑤ Execute “delete_bonds”
When I press the reset button while holding down button 2, the following error occurs and I cannot delete the whitelist.
<error> app: ERROR 8 [NRF_ERROR_INVALID_STATE] at C:\Nordic\SDK\17.1.0\examples\ble_peripheral\ble_app_hrs\main.c:209
PC at: 0x00033D59
　<error> app: End of error report
⑥ After program initialization
　Do the same movement as above.

I have confirmed the above behavior.
After the reset, the whitelist appears to be working, but
It was not possible to initialize the whitelist, so the results could not be said to be successful.

I added "identities_set" to the sample program "36087.main.c" that I sent earlier and confirmed its operation.
The result was the same error as before and it didn't work.

Is it impossible to operate the whitelist and peer manager without using "ble_advertising.c"?

In the sample you sent, the timing at which "peer_id_count" is counted up is strange, but it is counted up after the reset, so I think it is possible.
I will continue to challenge myself based on the sample program I received.
If you have any good information, please contact me.

thank you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Terutaka Takeuji over 1 year ago in reply to Terutaka Takeuji

Hello, Hung Bui

I improved "36087.main.c" based on the sample program you taught me last time, and since I was able to get the expected behavior, I am attaching the program.

The attached program works by replacing main.c in "ble_app_hrs".
It was very difficult because I had to modify the project file and config file so that it would work with the "ble_app_blinky" project that was originally based on it.

The operation of the attached program is described below.
■Operation confirmation environment
Confirmed with 2 smartphones and 1 nRF52832.

■Program operation
This program performs a simple operation in which LED lamp 3 lights up when a connection is received, and then LED lamp 3 turns off when a connection is received.

①Start advertising
If you scan with smartphone A and smartphone B, both will be displayed.
②Connection
Connect with smartphone A.
Connection cannot be made from smartphone B.
③ Cutting
Disconnect from smartphone A.
Connection cannot be made from smartphone B.
*I can delete the connection, but for some reason I can't disconnect it.
④Reset processing or power on/off
I scanned with smartphone A and smartphone B, but neither was searched.
*The whitelist will be enabled and will no longer appear in the scan.
The reason it is not displayed on smartphone A is because the settings have been deleted.
⑤ Execute “delete_bonds”
If you hold down Button 2 and press the Reset button, the whitelist will be deleted and you will be able to scan again.

problem)
●Peripheral side
Connections can be deleted after creating a whitelist, but cannot be disconnected.
I have confirmed that the "ble_app_hids_keyboard" sample allows disconnection even after creating a whitelist.

●Central side
I don't know how to create a whitelist for connections.
When connecting with a smartphone, a whitelist is created, but with a central program based on "ble_app_blinky_c", the whitelist is not created even if the connection is successful.

question)
1. Please tell me how to release the connection in the peripheral side program.

2. Please tell me how to create a whitelist for connections in the central program.
I am thinking of creating a central program by analyzing the sample program "ble_app_hrs_c",
but do I need to set a whitelist for the central program as well?

thank you.

Fullscreen 25841.main.c Download

/**
 * Copyright (c) 2015 - 2021, Nordic Semiconductor ASA
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without modification,
 * are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice, this
 *    list of conditions and the following disclaimer.
 *
 * 2. Redistributions in binary form, except as embedded into a Nordic
 *    Semiconductor ASA integrated circuit in a product or a software update for
 *    such product, must reproduce the above copyright notice, this list of
 *    conditions and the following disclaimer in the documentation and/or other
 *    materials provided with the distribution.
 *
 * 3. Neither the name of Nordic Semiconductor ASA nor the names of its
 *    contributors may be used to endorse or promote products derived from this
 *    software without specific prior written permission.
 *
 * 4. This software, with or without modification, must only be used with a
 *    Nordic Semiconductor ASA integrated circuit.
 *
 * 5. Any software provided in binary form under this license must not be reverse
 *    engineered, decompiled, modified and/or disassembled.
 *
 * THIS SOFTWARE IS PROVIDED BY NORDIC SEMICONDUCTOR ASA "AS IS" AND ANY EXPRESS
 * OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
 * OF MERCHANTABILITY, NONINFRINGEMENT, AND FITNESS FOR A PARTICULAR PURPOSE ARE
 * DISCLAIMED. IN NO EVENT SHALL NORDIC SEMICONDUCTOR ASA OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
 * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
 * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 *
 */
/**
 * @brief Blinky Sample Application main file.
 *
 * This file contains the source code for a sample server application using the LED Button service.
 */

#include <stdint.h>
#include <string.h>
#include "nordic_common.h"
#include "nrf.h"
#include "app_error.h"
#include "ble.h"
#include "ble_err.h"
#include "ble_hci.h"
#include "ble_srv_common.h"
#include "ble_advdata.h"
#include "ble_conn_params.h"
#include "nrf_sdh.h"
#include "nrf_sdh_ble.h"
#include "boards.h"
#include "app_timer.h"
#include "app_button.h"
#include "ble_lbs.h"
#include "nrf_ble_gatt.h"
#include "nrf_ble_qwr.h"
#include "nrf_pwr_mgmt.h"

#include "nrf_log.h"
#include "nrf_log_ctrl.h"
#include "nrf_log_default_backends.h"
#include "nrf_delay.h"

// white list include -------------------------
#include "peer_manager.h"
#include "peer_manager_handler.h"

#include "nrf_ble_lesc.h"
#include "nrf_sdm.h"
#include "ble_advertising.h"
#include "nrf_sdh_soc.h"
#include "fds.h"
#include "ble_conn_state.h"
#include "ble_bas.h"
#include "ble_hrs.h"
#include "ble_dis.h"
#include "sensorsim.h"
#include "bsp_btn_ble.h"
// white list include -------------------------

#define ADVERTISING_LED                 BSP_BOARD_LED_0                         /**< Is on when device is advertising. */
#define CONNECTED_LED                   BSP_BOARD_LED_1                         /**< Is on when device has connected. */
#define LEDBUTTON_LED1                  BSP_BOARD_LED_0                         
#define LEDBUTTON_LED2                  BSP_BOARD_LED_1                         
#define LEDBUTTON_LED3                  BSP_BOARD_LED_2                         /**< LED to be toggled with the help of the LED Button Service. */
#define LEDBUTTON_LED4                  BSP_BOARD_LED_3                         /**< LED to be toggled with the help of the LED Button Service. */

static char DEVICE_NAME[15] = "Nordic_0000100";

#define APP_BLE_OBSERVER_PRIO           3                                       /**< Application's BLE observer priority. You shouldn't need to modify this value. */
#define APP_BLE_CONN_CFG_TAG            1                                       /**< A tag identifying the SoftDevice BLE configuration. */

#define APP_ADV_INTERVAL                240                                     /**< The advertising interval (in units of 0.625 ms; this value corresponds to 40 ms). */
#define APP_ADV_DURATION                BLE_GAP_ADV_TIMEOUT_GENERAL_UNLIMITED   /**< The advertising time-out (in units of seconds). When set to 0, we will never time out. */


#define MIN_CONN_INTERVAL               MSEC_TO_UNITS(100, UNIT_1_25_MS)        /**< Minimum acceptable connection interval (0.5 seconds). */
#define MAX_CONN_INTERVAL               MSEC_TO_UNITS(200, UNIT_1_25_MS)        /**< Maximum acceptable connection interval (1 second). */
#define SLAVE_LATENCY                   0                                       /**< Slave latency. */
#define CONN_SUP_TIMEOUT                MSEC_TO_UNITS(4000, UNIT_10_MS)         /**< Connection supervisory time-out (4 seconds). */


#define FIRST_CONN_PARAMS_UPDATE_DELAY  APP_TIMER_TICKS(20000)                  /**< Time from initiating event (connect or start of notification) to first time sd_ble_gap_conn_param_update is called (15 seconds). */
#define NEXT_CONN_PARAMS_UPDATE_DELAY   APP_TIMER_TICKS(5000)                   /**< Time between each call to sd_ble_gap_conn_param_update after the first call (5 seconds). */
#define MAX_CONN_PARAMS_UPDATE_COUNT    3                                       /**< Number of attempts before giving up the connection parameter negotiation. */

#define BUTTON_DETECTION_DELAY          APP_TIMER_TICKS(50)                     /**< Delay from a GPIOTE event until a button is reported as pushed (in number of timer ticks). */

#define DEAD_BEEF                       0xDEADBEEF                              /**< Value used as error code on stack dump, can be used to identify stack location on stack unwind. */

BLE_LBS_DEF(m_lbs);                                                             /**< LED Button Service instance. */
NRF_BLE_GATT_DEF(m_gatt);                                                       /**< GATT module instance. */
NRF_BLE_QWR_DEF(m_qwr);                                                         /**< Context for the Queued Write module.*/

static uint16_t m_conn_handle = BLE_CONN_HANDLE_INVALID;                        /**< Handle of the current connection. */
static uint8_t m_adv_handle = BLE_GAP_ADV_SET_HANDLE_NOT_SET;                   /**< Advertising handle used to identify an advertising set. */
static uint8_t m_enc_advdata[BLE_GAP_ADV_SET_DATA_SIZE_MAX];                    /**< Buffer for storing an encoded advertising set. */
static uint8_t m_enc_scan_response_data[BLE_GAP_ADV_SET_DATA_SIZE_MAX];         /**< Buffer for storing an encoded scan data. */

static void advertising_start(void);
static bool LED_status = false;

APP_TIMER_DEF(m_System_Reset);

// WhiteList Define -------------------------------------------------------------

#define SEC_PARAM_BOND                      1                                          /**< Perform bonding. */
#define SEC_PARAM_MITM                      0                                          /**< Man In The Middle protection not required. */
#define SEC_PARAM_LESC                      1                                          /**< LE Secure Connections not enabled. */
#define SEC_PARAM_KEYPRESS                  0                                          /**< Keypress notifications not enabled. */
#define SEC_PARAM_IO_CAPABILITIES           BLE_GAP_IO_CAPS_NONE                       /**< No I/O capabilities. */
#define SEC_PARAM_OOB                       0                                          /**< Out Of Band data not available. */
#define SEC_PARAM_MIN_KEY_SIZE              7                                          /**< Minimum encryption key size. */
#define SEC_PARAM_MAX_KEY_SIZE              16                                         /**< Maximum encryption key size. */

static pm_peer_id_t      m_peer_id;                                 /**< Device reference handle to the current bonded central. */

// WhiteList Define -------------------------------------------------------------

// WhiteList Process -------------------------------------------------------------

static void whitelist_set(pm_peer_id_list_skip_t skip)
{
    pm_peer_id_t peer_ids[BLE_GAP_WHITELIST_ADDR_MAX_COUNT];
    uint32_t     peer_id_count = BLE_GAP_WHITELIST_ADDR_MAX_COUNT;

    ret_code_t err_code = pm_peer_id_list(peer_ids, &peer_id_count, PM_PEER_ID_INVALID, skip);
    APP_ERROR_CHECK(err_code);

    NRF_LOG_INFO("\tm_whitelist_peer_cnt %d, MAX_PEERS_WLIST %d",
                   peer_id_count,
                   BLE_GAP_WHITELIST_ADDR_MAX_COUNT);

    err_code = pm_whitelist_set(peer_ids, peer_id_count);
    APP_ERROR_CHECK(err_code);
}

static void identities_set(pm_peer_id_list_skip_t skip)
{
    pm_peer_id_t peer_ids[BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT];
    uint32_t     peer_id_count = BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT;

    ret_code_t err_code = pm_peer_id_list(peer_ids, &peer_id_count, PM_PEER_ID_INVALID, skip);
    APP_ERROR_CHECK(err_code);

    err_code = pm_device_identities_list_set(peer_ids, peer_id_count);
    APP_ERROR_CHECK(err_code);
}

static void pm_evt_handler(pm_evt_t const * p_evt)
{
    pm_handler_on_pm_evt(p_evt);
    pm_handler_disconnect_on_sec_failure(p_evt);
    pm_handler_flash_clean(p_evt);

    switch (p_evt->evt_id)
    {
        case PM_EVT_CONN_SEC_SUCCEEDED:
            m_peer_id = p_evt->peer_id;
            break;

        case PM_EVT_PEERS_DELETE_SUCCEEDED:
            advertising_start();
            break;

        case PM_EVT_PEER_DATA_UPDATE_SUCCEEDED:
            if (     p_evt->params.peer_data_update_succeeded.flash_changed
                 && (p_evt->params.peer_data_update_succeeded.data_id == PM_PEER_DATA_ID_BONDING))
            {
                NRF_LOG_INFO("New Bond, add the peer to the whitelist if possible");
                // Note: You should check on what kind of white list policy your application should use.

                whitelist_set(PM_PEER_ID_LIST_SKIP_NO_ID_ADDR);
                NVIC_SystemReset();
            }
            break;

        default:
            break;
    }
}

static void peer_manager_init(void)
{
    ble_gap_sec_params_t sec_param;
    ret_code_t           err_code;

    err_code = pm_init();
    APP_ERROR_CHECK(err_code);

    memset(&sec_param, 0, sizeof(ble_gap_sec_params_t));

    // Security parameters to be used for all security procedures.
    sec_param.bond           = SEC_PARAM_BOND;
    sec_param.mitm           = SEC_PARAM_MITM;
    sec_param.lesc           = SEC_PARAM_LESC;
    sec_param.keypress       = SEC_PARAM_KEYPRESS;
    sec_param.io_caps        = SEC_PARAM_IO_CAPABILITIES;
    sec_param.oob            = SEC_PARAM_OOB;
    sec_param.min_key_size   = SEC_PARAM_MIN_KEY_SIZE;
    sec_param.max_key_size   = SEC_PARAM_MAX_KEY_SIZE;
    sec_param.kdist_own.enc  = 1;
    sec_param.kdist_own.id   = 1;
    sec_param.kdist_peer.enc = 1;
    sec_param.kdist_peer.id  = 1;

    err_code = pm_sec_params_set(&sec_param);
    APP_ERROR_CHECK(err_code);

    err_code = pm_register(pm_evt_handler);
    APP_ERROR_CHECK(err_code);
}

/**@brief Clear bond information from persistent storage.
 */
static void delete_bonds(void)
{
    ret_code_t err_code;

    NRF_LOG_INFO("Erase bonds!");

    err_code = pm_peers_delete();
    APP_ERROR_CHECK(err_code);
}

// WhiteList Process -------------------------------------------------------------


/**@brief Struct that contains pointers to the encoded advertising data. */
static ble_gap_adv_data_t m_adv_data =
{
    .adv_data =
    {
        .p_data = m_enc_advdata,
        .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX
    },
    .scan_rsp_data =
    {
        .p_data = m_enc_scan_response_data,
        .len    = BLE_GAP_ADV_SET_DATA_SIZE_MAX

    }
};

/**@brief Function for assert macro callback.
 *
 * @details This function will be called in case of an assert in the SoftDevice.
 *
 * @warning This handler is an example only and does not fit a final product. You need to analyze
 *          how your product is supposed to react in case of Assert.
 * @warning On assert from the SoftDevice, the system can only recover on reset.
 *
 * @param[in] line_num    Line number of the failing ASSERT call.
 * @param[in] p_file_name File name of the failing ASSERT call.
 */
void assert_nrf_callback(uint16_t line_num, const uint8_t * p_file_name)
{
    app_error_handler(DEAD_BEEF, line_num, p_file_name);
}


/**@brief Function for the LEDs initialization.
 *
 * @details Initializes all LEDs used by the application.
 */
static void leds_init(void)
{
    bsp_board_init(BSP_INIT_LEDS);
}


/**@brief Function for the Timer initialization.
 *
 * @details Initializes the timer module.
 */
static void timers_init(void)
{
    // Initialize timer module, making it use the scheduler
    ret_code_t err_code = app_timer_init();
    APP_ERROR_CHECK(err_code);
}


/**@brief Function for the GAP initialization.
 *
 * @details This function sets up all the necessary GAP (Generic Access Profile) parameters of the
 *          device including the device name, appearance, and the preferred connection parameters.
 */
static void gap_params_init(void)
{
    ret_code_t              err_code;
    ble_gap_conn_params_t   gap_conn_params;
    ble_gap_conn_sec_mode_t sec_mode;

    BLE_GAP_CONN_SEC_MODE_SET_OPEN(&sec_mode);

    err_code = sd_ble_gap_device_name_set(&sec_mode,
                                          (const uint8_t *)DEVICE_NAME,
                                          strlen(DEVICE_NAME));

    APP_ERROR_CHECK(err_code);

    memset(&gap_conn_params, 0, sizeof(gap_conn_params));

    gap_conn_params.min_conn_interval = MIN_CONN_INTERVAL;
    gap_conn_params.max_conn_interval = MAX_CONN_INTERVAL;
    gap_conn_params.slave_latency     = SLAVE_LATENCY;
    gap_conn_params.conn_sup_timeout  = CONN_SUP_TIMEOUT;

    err_code = sd_ble_gap_ppcp_set(&gap_conn_params);
    APP_ERROR_CHECK(err_code);
}

/**@brief Function for initializing the GATT module.
 */
static void gatt_init(void)
{
    ret_code_t err_code = nrf_ble_gatt_init(&m_gatt, NULL);
    APP_ERROR_CHECK(err_code);
}


/**@brief Function for initializing the Advertising functionality.
 *
 * @details Encodes the required advertising data and passes it to the stack.
 *          Also builds a structure to be passed to the stack when starting advertising.
 */
static void advertising_init(void)
{
    ret_code_t    err_code;
    ble_advdata_t advdata;
    ble_advdata_t srdata;

    ble_uuid_t adv_uuids[] = {{BLE_UUID_HUMAN_INTERFACE_DEVICE_SERVICE, BLE_UUID_TYPE_BLE}};
    //ble_uuid_t adv_uuids[] = {{LBS_UUID_SERVICE, m_lbs.uuid_type}};

    // Build and set advertising data.
    memset(&advdata, 0, sizeof(advdata));

    advdata.name_type          = BLE_ADVDATA_FULL_NAME;
    advdata.include_appearance = true;
    advdata.flags              = BLE_GAP_ADV_FLAG_BR_EDR_NOT_SUPPORTED;
    //advdata.flags              =  BLE_GAP_ADV_FLAGS_LE_ONLY_LIMITED_DISC_MODE;
    //advdata.flags              = BLE_GAP_ADV_FLAGS_LE_ONLY_GENERAL_DISC_MODE;
    
    memset(&srdata, 0, sizeof(srdata));
    srdata.uuids_complete.uuid_cnt = sizeof(adv_uuids) / sizeof(adv_uuids[0]);
    srdata.uuids_complete.p_uuids  = adv_uuids;

    err_code = ble_advdata_encode(&advdata, m_adv_data.adv_data.p_data, &m_adv_data.adv_data.len);
    APP_ERROR_CHECK(err_code);

    err_code = ble_advdata_encode(&srdata, m_adv_data.scan_rsp_data.p_data, &m_adv_data.scan_rsp_data.len);
    APP_ERROR_CHECK(err_code);

    ble_gap_adv_params_t adv_params;

    // Set advertising parameters.
    memset(&adv_params, 0, sizeof(adv_params));

    adv_params.primary_phy     = BLE_GAP_PHY_1MBPS;
    adv_params.duration        = APP_ADV_DURATION;
    adv_params.properties.type = BLE_GAP_ADV_TYPE_CONNECTABLE_SCANNABLE_UNDIRECTED;
    adv_params.p_peer_addr     = NULL;
    adv_params.filter_policy   = BLE_GAP_ADV_FP_FILTER_CONNREQ; //whitelist
    //adv_params.filter_policy   = BLE_GAP_ADV_FP_ANY;
    adv_params.interval        = APP_ADV_INTERVAL;

    err_code = sd_ble_gap_adv_set_configure(&m_adv_handle, &m_adv_data, &adv_params);
    NRF_LOG_INFO("ErrCode: %d", err_code);
    APP_ERROR_CHECK(err_code);
}

static void advertising_init_no_whitelist(void)
{
    ret_code_t    err_code;
    ble_advdata_t advdata;
    ble_advdata_t srdata;

    ble_uuid_t adv_uuids[] = {{BLE_UUID_HUMAN_INTERFACE_DEVICE_SERVICE, BLE_UUID_TYPE_BLE}};
    //static ble_uuid_t m_adv_uuids[] = {{BLE_UUID_HUMAN_INTERFACE_DEVICE_SERVICE, BLE_UUID_TYPE_BLE}};

    // Build and set advertising data.
    memset(&advdata, 0, sizeof(advdata));

    advdata.name_type          = BLE_ADVDATA_FULL_NAME;
    advdata.include_appearance = true;
    advdata.flags              = BLE_GAP_ADV_FLAGS_LE_ONLY_GENERAL_DISC_MODE;
    

    memset(&srdata, 0, sizeof(srdata));
    srdata.uuids_complete.uuid_cnt = sizeof(adv_uuids) / sizeof(adv_uuids[0]);
    srdata.uuids_complete.p_uuids  = adv_uuids;

    err_code = ble_advdata_encode(&advdata, m_adv_data.adv_data.p_data, &m_adv_data.adv_data.len);
    APP_ERROR_CHECK(err_code);

    err_code = ble_advdata_encode(&srdata, m_adv_data.scan_rsp_data.p_data, &m_adv_data.scan_rsp_data.len);
    APP_ERROR_CHECK(err_code);

    ble_gap_adv_params_t adv_params;

    // Set advertising parameters.
    memset(&adv_params, 0, sizeof(adv_params));

    adv_params.primary_phy     = BLE_GAP_PHY_1MBPS;
    adv_params.duration        = APP_ADV_DURATION;
    adv_params.properties.type = BLE_GAP_ADV_TYPE_CONNECTABLE_SCANNABLE_UNDIRECTED;
    adv_params.p_peer_addr     = NULL;
    adv_params.filter_policy   = BLE_GAP_ADV_FP_ANY;
    adv_params.interval        = APP_ADV_INTERVAL;
    err_code = sd_ble_gap_adv_set_configure(&m_adv_handle, &m_adv_data, &adv_params);
    APP_ERROR_CHECK(err_code);  
}


/**@brief Function for handling Queued Write Module errors.
 *
 * @details A pointer to this function will be passed to each service which may need to inform the
 *          application about an error.
 *
 * @param[in]   nrf_error   Error code containing information about what went wrong.
 */
static void nrf_qwr_error_handler(uint32_t nrf_error)
{
    APP_ERROR_HANDLER(nrf_error);
}

static void led_write_handler(uint16_t conn_handle, ble_lbs_t * p_lbs, uint8_t led_state)
{
    ret_code_t  err_code;
    uint32_t  err_code_S;
    switch (led_state)
    {       
      default:
        break;
    }
}



/**@brief Function for initializing services that will be used by the application.
 */
static void services_init(void)
{
    ret_code_t         err_code;
    ble_lbs_init_t     init     = {0};
    nrf_ble_qwr_init_t qwr_init = {0};

    // Initialize Queued Write Module.
    qwr_init.error_handler = nrf_qwr_error_handler;

    err_code = nrf_ble_qwr_init(&m_qwr, &qwr_init);
    APP_ERROR_CHECK(err_code);
}


/**@brief Function for handling the Connection Parameters Module.
 *
 * @details This function will be called for all events in the Connection Parameters Module that
 *          are passed to the application.
 *
 * @note All this function does is to disconnect. This could have been done by simply
 *       setting the disconnect_on_fail config parameter, but instead we use the event
 *       handler mechanism to demonstrate its use.
 *
 * @param[in] p_evt  Event received from the Connection Parameters Module.
 */
static void on_conn_params_evt(ble_conn_params_evt_t * p_evt)
{
    ret_code_t err_code;

    if (p_evt->evt_type == BLE_CONN_PARAMS_EVT_FAILED)
    {
        err_code = sd_ble_gap_disconnect(m_conn_handle, BLE_HCI_CONN_INTERVAL_UNACCEPTABLE);
        APP_ERROR_CHECK(err_code);
    }
}


/**@brief Function for handling a Connection Parameters error.
 *
 * @param[in] nrf_error  Error code containing information about what went wrong.
 */
static void conn_params_error_handler(uint32_t nrf_error)
{
    APP_ERROR_HANDLER(nrf_error);
}


/**@brief Function for initializing the Connection Parameters module.
 */
static void conn_params_init(void)
{
    ret_code_t             err_code;
    ble_conn_params_init_t cp_init;

    memset(&cp_init, 0, sizeof(cp_init));

    cp_init.p_conn_params                  = NULL;
    cp_init.first_conn_params_update_delay = FIRST_CONN_PARAMS_UPDATE_DELAY;
    cp_init.next_conn_params_update_delay  = NEXT_CONN_PARAMS_UPDATE_DELAY;
    cp_init.max_conn_params_update_count   = MAX_CONN_PARAMS_UPDATE_COUNT;
    cp_init.start_on_notify_cccd_handle    = BLE_GATT_HANDLE_INVALID;
    cp_init.disconnect_on_fail             = false;
    cp_init.evt_handler                    = on_conn_params_evt;
    cp_init.error_handler                  = conn_params_error_handler;

    err_code = ble_conn_params_init(&cp_init);
    APP_ERROR_CHECK(err_code);
}


/**@brief Function for starting advertising.
 */
static void advertising_start(void)
{
    ret_code_t           err_code;

    err_code = sd_ble_gap_adv_start(m_adv_handle, APP_BLE_CONN_CFG_TAG);
    APP_ERROR_CHECK(err_code);
}

static void advertising_stop(void)
{
    ret_code_t           err_code;

    err_code = sd_ble_gap_adv_stop(m_adv_handle);
    APP_ERROR_CHECK(err_code);
}

/**@brief Function for handling BLE events.
 *
 * @param[in]   p_ble_evt   Bluetooth stack event.
 * @param[in]   p_context   Unused.
 */
static void ble_evt_handler(ble_evt_t const * p_ble_evt, void * p_context)
{
    ret_code_t err_code;

    switch (p_ble_evt->header.evt_id)
    {
        case BLE_GAP_EVT_CONNECTED:
            NRF_LOG_INFO("Connected");
            m_conn_handle = p_ble_evt->evt.gap_evt.conn_handle;
            err_code = nrf_ble_qwr_conn_handle_assign(&m_qwr, m_conn_handle);
            APP_ERROR_CHECK(err_code);
            
            if (LED_status == false )
            {
                LED_status = true;
                bsp_board_led_on(LEDBUTTON_LED3);
            }else{
                LED_status = false;
                bsp_board_led_off(LEDBUTTON_LED3);
            }
            
            break;

        case BLE_GAP_EVT_DISCONNECTED:
            NRF_LOG_INFO("Disconnected");
            m_conn_handle = BLE_CONN_HANDLE_INVALID;
            advertising_start();

            break;

        case BLE_GAP_EVT_SEC_PARAMS_REQUEST:
            NRF_LOG_DEBUG("BLE_GAP_EVT_SEC_PARAMS_REQUEST");
            break;

        case BLE_GAP_EVT_PHY_UPDATE_REQUEST:
        {
            NRF_LOG_DEBUG("PHY update request.");
            ble_gap_phys_t const phys =
            {
                .rx_phys = BLE_GAP_PHY_AUTO,
                .tx_phys = BLE_GAP_PHY_AUTO,
            };
            err_code = sd_ble_gap_phy_update(p_ble_evt->evt.gap_evt.conn_handle, &phys);
            APP_ERROR_CHECK(err_code);
        } break;

        case BLE_GATTS_EVT_SYS_ATTR_MISSING:
            // No system attributes have been stored.
            err_code = sd_ble_gatts_sys_attr_set(m_conn_handle, NULL, 0, 0);
            APP_ERROR_CHECK(err_code);
            break;

        case BLE_GATTC_EVT_TIMEOUT:
            // Disconnect on GATT Client timeout event.
            NRF_LOG_DEBUG("GATT Client Timeout.");
            err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gattc_evt.conn_handle,
                                             BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
            APP_ERROR_CHECK(err_code);
            break;

        case BLE_GATTS_EVT_TIMEOUT:
            // Disconnect on GATT Server timeout event.
            NRF_LOG_DEBUG("GATT Server Timeout.");
            err_code = sd_ble_gap_disconnect(p_ble_evt->evt.gatts_evt.conn_handle,
                                             BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
            APP_ERROR_CHECK(err_code);
            break;
        
        default:
            // No implementation needed.
            break;
    }
}


/**@brief Function for initializing the BLE stack.
 *
 * @details Initializes the SoftDevice and the BLE event interrupt.
 */
static void ble_stack_init(void)
{
    ret_code_t err_code;

    err_code = nrf_sdh_enable_request();
    APP_ERROR_CHECK(err_code);

    // Configure the BLE stack using the default settings.
    // Fetch the start address of the application RAM.
    uint32_t ram_start = 0;
    err_code = nrf_sdh_ble_default_cfg_set(APP_BLE_CONN_CFG_TAG, &ram_start);
    APP_ERROR_CHECK(err_code);

    // Enable BLE stack.
    err_code = nrf_sdh_ble_enable(&ram_start);
    APP_ERROR_CHECK(err_code);

    // Register a handler for BLE events.
    NRF_SDH_BLE_OBSERVER(m_ble_observer, APP_BLE_OBSERVER_PRIO, ble_evt_handler, NULL);
}

static void log_init(void)
{
    ret_code_t err_code = NRF_LOG_INIT(NULL);
    APP_ERROR_CHECK(err_code);

    NRF_LOG_DEFAULT_BACKENDS_INIT();
}


/**@brief Function for initializing power management.
 */
static void power_management_init(void)
{
    ret_code_t err_code;
    err_code = nrf_pwr_mgmt_init();
    APP_ERROR_CHECK(err_code);
}


/**@brief Function for handling the idle state (main loop).
 *
 * @details If there is no pending log operation, then sleep until next the next event occurs.
 */
static void idle_state_handle(void)
{
    ret_code_t err_code;

    err_code = nrf_ble_lesc_request_handler();
    APP_ERROR_CHECK(err_code);

    if (NRF_LOG_PROCESS() == false)
    {
        nrf_pwr_mgmt_run();
    }
}

static void Nrf_Power_Type_init(void)
{
    sd_power_dcdc_mode_set(NRF_POWER_DCDC_ENABLE);
}

static void buttons_leds_init(bool * p_erase_bonds)
{
    ret_code_t err_code;
    bsp_event_t startup_event;

    err_code = bsp_init(BSP_INIT_LEDS | BSP_INIT_BUTTONS, NULL);
    APP_ERROR_CHECK(err_code);

    err_code = bsp_btn_ble_init(NULL, &startup_event);
    APP_ERROR_CHECK(err_code);

    *p_erase_bonds = (startup_event == BSP_EVENT_CLEAR_BONDING_DATA);
}

static void SystemReset_handler(void * p_context)
{
    NVIC_SystemReset();
}

static void create_SystemReset_timers(void)
{
    ret_code_t err_code;

    // Create timers
    err_code = app_timer_create(&m_System_Reset,
                                APP_TIMER_MODE_REPEATED,
                                SystemReset_handler);
    APP_ERROR_CHECK(err_code);
}

/**@brief Function for application main entry.
 */
int main(void)
{
    bool erase_bonds;

    ret_code_t err_code;
    uint32_t  err_code_S;

    pm_peer_id_t peer_ids[BLE_GAP_WHITELIST_ADDR_MAX_COUNT];
    uint32_t     peer_id_count = BLE_GAP_WHITELIST_ADDR_MAX_COUNT; 
     
    // Initialize.
    log_init();
    leds_init();
    timers_init();
    buttons_leds_init(&erase_bonds);

    power_management_init();
    ble_stack_init();
    gap_params_init();
    gatt_init();
    services_init();
    conn_params_init();
    Nrf_Power_Type_init();
    peer_manager_init();

    create_SystemReset_timers();

    //WhiteList Judge
    err_code = pm_peer_id_list(peer_ids, &peer_id_count, PM_PEER_ID_INVALID, PM_PEER_ID_LIST_ALL_ID);
    APP_ERROR_CHECK(err_code);
    if (peer_id_count!=0)
    {
      NRF_LOG_INFO("Advertising with whitelist");
      whitelist_set(PM_PEER_ID_LIST_SKIP_NO_ID_ADDR);
      identities_set(PM_PEER_ID_LIST_SKIP_NO_IRK);
      advertising_init();
    }
    else
    {
      NRF_LOG_INFO("No bonded device, advertising with no whitelist");
      advertising_init_no_whitelist();
    }

    if (erase_bonds == true)
    {
        delete_bonds();

        err_code_S = app_timer_start(m_System_Reset, APP_TIMER_TICKS(500), NULL); 
        APP_ERROR_CHECK(err_code_S);
    }
    else
    {
        advertising_start();
    }   

    // Start execution.
    NRF_LOG_INFO("System started.");

    // Enter main loop.
    while (true)
    {
        idle_state_handle();
    }
}


/**
 * @}
 */

0 Hung Bui over 1 year ago in reply to Terutaka Takeuji

Hi 輝隆,
I'm glad that you managed to make it works.
I'm not so sure what you mean by "can not be disconnected"
Could you describe what exactly happen when you try to disconnect from the central (the phone ?) side ?

Regarding whitelisting on the central, it's possible to do scanning (and connecting) with whitelist. I'm not aware of a sample that does whitelist with scanning, but I don't think it would be much different compare to what you need to implement on the peripheral side.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Terutaka Takeuji over 1 year ago in reply to Hung Bui

Hello, Hung Bui. Happy new year
I am starting work today after a long winter break.

>I don't really understand what you mean by "cannot disconnect".
> Could you please explain exactly what happens when I try to disconnect from the central (phone?) side?
→Disconnect is an operation that disconnects communication while leaving the settings unchanged.
Deleting means deleting the settings themselves.
I'm attaching an image because it may not be conveyed in words.

Also, I didn't explain security because I thought it was only for the peripheral side, but this product uses the nRF52832 on the central side as well.
We are verifying the implementation of security measures to prevent unauthorized access from smartphones.
I understand that security settings using a whitelist + peer manager require security settings for the central device as well.
The "ble_app_hids_keyboard" sample program did not have a paired central sample program, but "ble_app_hrs_c" had a peripheral paired sample program.
Therefore, our plan is to create a central program using "ble_app_hrs_c" as a reference.

Please let me know if my thinking is wrong.

thank you.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Hung Bui over 1 year ago in reply to Terutaka Takeuji

Hi 輝隆,

It's not common way of handling BLE device using the Bluetooth setting. You may want to try using an app, for example nRF Connect app to connect and disconnect.
There could be some reason that the phone doesn't want to disconnect. From what I can see, it's most likely that the phone didn't send the disconnect command.

You may want to capture a sniffer trace of the connection, so that we can check if the phone actually send the connection termination request or not.

But as I said the common way of handling BLE device is to use an app.

Regarding your whitelisting question, the whitelist when used on one side of the connection is independent/transparent to the other side of the the connection. This mean if you use whitelist on the advertiser, it simply filter out the connection request or scan request of other scanner/central. It only allow the connect request or scan request from the scanners/centrals that are in the list.

So the central doesn't need to know about if the advertiser is using whitelist or not.

If you want to implement whitelist on the central side it's fine. But you should have a reason for that.

Whitelisting doesn't provide much of security from my opinion. Any device can spoof the peer address and can pass through the whitelist. The actual security you can implement is to do pairing and bonding between the two device.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Hung Bui over 1 year ago in reply to Terutaka Takeuji

Hi 輝隆,

It's not common way of handling BLE device using the Bluetooth setting. You may want to try using an app, for example nRF Connect app to connect and disconnect.
There could be some reason that the phone doesn't want to disconnect. From what I can see, it's most likely that the phone didn't send the disconnect command.

You may want to capture a sniffer trace of the connection, so that we can check if the phone actually send the connection termination request or not.

But as I said the common way of handling BLE device is to use an app.

Regarding your whitelisting question, the whitelist when used on one side of the connection is independent/transparent to the other side of the the connection. This mean if you use whitelist on the advertiser, it simply filter out the connection request or scan request of other scanner/central. It only allow the connect request or scan request from the scanners/centrals that are in the list.

So the central doesn't need to know about if the advertiser is using whitelist or not.

If you want to implement whitelist on the central side it's fine. But you should have a reason for that.

Whitelisting doesn't provide much of security from my opinion. Any device can spoof the peer address and can pass through the whitelist. The actual security you can implement is to do pairing and bonding between the two device.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

+1 Terutaka Takeuji over 1 year ago in reply to Hung Bui

Hello, Hung Bui

Last weekend, I was able to develop a central side sample program using nRF52832.
I can now connect the nRF52832 to the peripheral side program "25841.main.c" and build a product that takes into account the security behavior I expected.

thank you very much.

Security could not be achieved with "ble_app_hrs_c", which was originally used as a central program.
After looking into it again, I thought that there might be some hints in the sample program "ble_app_multirole_lesc", and when I worked on it, I was able to create a central program that could execute all the specifications I had in mind.

The sample "ble_app_multirole_lesc" was a sample program that operated the central function and peripheral function at the same time, so I focused on checking the operation of the central function only.

I almost gave up, but I'm glad I succeeded.

thank you.
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel