This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Passkey activation

Hello,

we try to use static passkey protection on our devices. we use nrf51 sdk12 with s130. We read a few threads for setting a static passkey like here, here and some other threads.. But we dont find any information or some routines for init and handle the passkey process, when connecting to a device. For example: where to put in the function sd_ble_opt_set() and where is the part in the code, where i can exactly activate the passkey is ON.

Our application: We want to connect with a smartphone as central to a peripheral nRF51 Hardware without display. This should be protected first with a static passkey we defined in main with the following code. We dont use MITM protection.

#define STATIC_PASSKEY        "111111"
uint8_t passkey[] =           STATIC_PASSKEY;
  • Put it at the end of gap_params_init(). Make sure you set SEC_PARAM_IO_CAPABILITIES BLE_GAP_IO_CAPS_DISPLAY_ONLY

  • Hi Alex, thanks for your answer. I tried that. But i have no passkey request on my smartphone. I connect with iphone and android phones and it connects without any message, to type in any key. While testing, i had another problem with the passkey: i took the ble_app_gls example for testing. I dont know why, but when i try to connect to it with an android device, i dont get any connection, it abort direct after pushing connect. when i try with iphone, the passkey request appears on the phone. Does anybody know what is the problem here? thx

  • Passkey will be asked as soon as you try to read encrypted characteristic. Just connection doesn't require it. Also look at this thread . Some old Android don't ask passkey on connection. We have ASUS with Android 5.0.2 which doesn't work. By the way, I'm not good expert in BLE security I always thought that passkey is for MITM.

  • If you have trouble with ble_app_gls you should add another question. Please have a look at this, it may explain why you don't get a passkey request. And Alex you are correct, Passkey Entry and OOB is used to protect against MITM attacks.

  • Hey Alex and Petter, sorry, but we dont get it.
    We tried different things.
    We took the ble_app_template example with 2 new Characteristics.
    In main:
    "#define SEC_PARAM_IO_CAPABILITIES BLE_GAP_IO_CAPS_DISPLAY_ONLY"
    "#define STATIC_PASSKEY "111111"
    uint8_t passkey[] = STATIC_PASSKEY;

    in gap_params_init():
    err_code = sd_ble_gap_ppcp_set(&gap_conn_params);

    in our characteristic_add() for the secure characteristic:
    BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm);

    Now, when we are connected, we can see our characteristics. When we try to read out, there is the pin request. If i type in, the connection abort. There is no uart communication for mitm protection, so i think the static passkey is set correct!?

Related