Device: nRF52840
SDK version: nRF connect 2.6.1
Reference: Ble fundamental course lesson 5 excercise 2 solution (course github link)
Device configuration:
Device is configured as BLE peripheral mode with custom characteristics. Characteristics required bonding for read write "BT_GATT_PERM_READ_ENCRYPT | BT_GATT_PERM_WRITE_ENCRYPT". My device do not have any display or way to see logs. That is why for authentication I can not display the key. So I added following changes so that device is paired with out authentication.
prj.conf:
+CONFIG_BT_SMP_APP_PAIRING_ACCEPT=y
main.c:
static struct bt_conn_auth_cb auth_cb_display = {
// .passkey_display = auth_passkey_display,
.pairing_accept = auth_pairing_accept_cb,
.cancel = auth_cancel,
};
static enum bt_security_err auth_pairing_accept_cb (struct bt_conn *conn, const struct bt_conn_pairing_feat *const feat)
{
char addr[BT_ADDR_LE_STR_LEN];
bt_addr_le_to_str(bt_conn_get_dst(conn), addr, sizeof(addr));
printk("Pairing accept: %s\n", addr);
return BT_SECURITY_ERR_SUCCESS;
}
Problem Statement:
When filter list is empty, client connects with out any problem. I am using nRFconnect for android as a client. If I reconnect with out deleting bond information there is no issue at all. But If I erase the bond information and try to connect again. Then security update fails with error "Security failed: 50:8E:49:D2:4B:01 (public) level 1 err 4"
Here are complete logs:*** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
I: Starting bootloader
I: Primary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Secondary image: magic=unset, swap_type=0x1, copy_done=0x3, image_ok=0x3
I: Boot source: none
I: Image index: 0, Swap type: none
I: Bootloader chainload address offset: 0xc000
I: Jumping to the first image slot
ÿ*** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
starting application: 2.0
[00:00:00.007,629] •[0m<inf> fs_nvs: 2 Sectors of 4096 bytes•[0m
[00:00:00.007,629] •[0m<inf> fs_nvs: alloc wra: 0, fd0•[0m
[00:00:00.007,629] •[0m<inf> fs_nvs: data wra: 0, 1c•[0m
[00:00:00.007,751] •[0m<inf> bt_sdc_hci_driver: SoftDevice Controller build revision:
36 f0 e5 0e 87 68 48 fb 02 fd 9f 82 cc 32 e5 7b |6....hH. .....2.{
91 b1 5c ed |..\. •[0m
[00:00:00.009,887] •[0m<inf> bt_hci_core: HW Platform: Nordic Semiconductor (0x0002)•[0m
[00:00:00.009,918] •[0m<inf> bt_hci_core: HW Variant: nRF52x (0x0002)•[0m
[00:00:00.009,948] •[0m<inf> bt_hci_core: Firmware: Standard Bluetooth controller (0x00) Version 54.58864 Build 1214809870•[0m
[00:00:00.010,345] •[0m<inf> bt_hci_core: No ID address. App must call settings_load()•[0m
[00:00:00.010,864] •[0m<inf> bt_hci_core: Identity: CF:76:A1:98:70:98 (random)•[0m
[00:00:00.010,894] •[0m<inf> bt_hci_core: HCI: version 5.4 (0x0d) revision 0x118f, manufacturer 0x0059•[0m
[00:00:00.010,925] •[0m<inf> bt_hci_core: LMP: version 5.4 (0x0d) subver 0x118f•[0m
BLE Init: 0
Advertising with no Accept list
Advertising successfully started
Updated MTU: TX: 23 RX: 23 bytes
Connected
Updated MTU: TX: 517 RX: 247 bytes
Pairing accept: 45:03:52:BD:5A:C7 (random)
Security changed: 45:03:52:BD:5A:C7 (random) level 2
RDOUT -> Notification enabled
Data Input Size: 1
BLE_EVENT_PROCESS_RX_DATA
Data Input: •
BLE_EVENT_SEND_TX_DATA
Sending file content: This is a mock file for testing purposes.
It simulates the content of a real file being served by the HTTP server.
The file is not read from the SD card but is instead generated on-the-fly.
service attr count: 9
Warning, notification not enabled on the selected attribute
Data Sent To: 50:8E:49:D2:4B:01 (public)
RDOUT -> Notification disabled
Disconnected (reason 0x13)
Added following peer to accept list: 50:8E:49:D2:4B:01 (public)
Acceptlist setup number = 1
Advertising successfully started
Updated MTU: TX: 23 RX: 23 bytes
Connected
Security failed: 50:8E:49:D2:4B:01 (public) level 1 err 4
Updated MTU: TX: 517 RX: 247 bytes
Security failed: 50:8E:49:D2:4B:01 (public) level 1 err 4
Disconnected (reason 0x13)
Added following peer to accept list: 50:8E:49:D2:4B:01 (public)
Acceptlist setup number = 1
Advertising successfully started
Notes:
If I use the passkey display mechanism. Enter the passkey displayed on logs. Security level is update to 4. In this case even client forget the bond information, it is able to bond again with new key displayed in logs.
Issue is observed when client need to pair without authentication.
