Cannot pair with previously bonded peer when key is missing

RE: Cannot pair with previously bonded peer when key is missing

selim — Sat, 20 Aug 2016 19:23:02 GMT

What is the behavior on IOS? Can you please tell?

RE: Cannot pair with previously bonded peer when key is missing

Hung Bui — Wed, 03 Aug 2016 10:21:03 GMT

You are correct, this depends on the OS. I have experience for some Android OS version the bond information is removed automatically and the phone do a new bond. But it's not applied for all version and with all vendor. The app can't do anything with this. You need to tell the end customer to do "Forget this device" manually.

RE: Cannot pair with previously bonded peer when key is missing

helpme — Tue, 02 Aug 2016 12:24:19 GMT

Thanks for the answer. Can the source code of nRF-Connect Android app be modified such that it accepts the new request and replace the original authentic bond? I am worried this behavior is part of Android bluetooth stack and cannot be changed by the app source code.

RE: Cannot pair with previously bonded peer when key is missing

Hung Bui — Tue, 02 Aug 2016 12:19:48 GMT

Hi helpme,

As stated in the code: "How to handle this error is highly application dependent". It's up to the application and the central on how to deal with the situation.

If you have a look at the ble_app_proximity you can find that when that event happens PM_CONN_SEC_ERROR_PIN_OR_KEY_MISSING, we will not disconnect but request a new bond.

It's upto the central device to accept that or not.

The reason is that it expose a security risk that attacker can spoof the address of the peripheral device and request the central to do a new bond. If the central accepts that, the original authentic bond will be replaced.

The easiest to solve this it to let the end user to manually remove bond information on the phone (Forget this device)