• State Verified Answer
  • Replies 5 replies
  • Subscribers 71 subscribers
  • Views 3880 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 115348
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Why is GATT attribute security required to be enabled for passkey to work?

helpme

This is a follow-up question from devzone.nordicsemi.com/.../

I finally got passkey support to work on ble_app_uart but don't quite understand the changes made to the code to get things working.

I had to make some changes in ble_nus.c. BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.write_perm); was changed to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm);

If the code is set to BLE_GAP_CONN_SEC_MODE_SET_OPEN, nRF UART Android app will not be prompted for passkey. I need to use BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM so that nRF UART Android app will be prompted for password. Write permissions had to be changed to use BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM. Why is this required?

Parents
  • 0

    Why? Because if the permissions are open there's no encryption required so no need to encrypt the link at all so no need for a passkey because you're not encrypting.

  • 0 in reply to RK

    don't know why you're finding this so hard. You don't 'run' peer manager, peer manager is a piece of code which responds to the encryption request/response callbacks from the central and sends the responses required to encrypt the lik. So you need to build it into the app and feed it ble events so it can generate the correct responses when the central starts the encryption process. What however STARTS that process is your app responding to a characteristic read with an error that the characteristic can't be read without encryption, it does that because the permissions on the attribute are set not to be open but to require encryption. So you need both, attribute permissions to get the central to start encryption, peer manager (or your own version which does the same thing) to handle the callbacks which result from starting it.

Reply
  • 0 in reply to RK

    don't know why you're finding this so hard. You don't 'run' peer manager, peer manager is a piece of code which responds to the encryption request/response callbacks from the central and sends the responses required to encrypt the lik. So you need to build it into the app and feed it ble events so it can generate the correct responses when the central starts the encryption process. What however STARTS that process is your app responding to a characteristic read with an error that the characteristic can't be read without encryption, it does that because the permissions on the attribute are set not to be open but to require encryption. So you need both, attribute permissions to get the central to start encryption, peer manager (or your own version which does the same thing) to handle the callbacks which result from starting it.

Children
No Data
Related
Terms of service