This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Passkey activation

Hello,

we try to use static passkey protection on our devices. we use nrf51 sdk12 with s130. We read a few threads for setting a static passkey like here, here and some other threads.. But we dont find any information or some routines for init and handle the passkey process, when connecting to a device. For example: where to put in the function sd_ble_opt_set() and where is the part in the code, where i can exactly activate the passkey is ON.

Our application: We want to connect with a smartphone as central to a peripheral nRF51 Hardware without display. This should be protected first with a static passkey we defined in main with the following code. We dont use MITM protection.

#define STATIC_PASSKEY        "111111"
uint8_t passkey[] =           STATIC_PASSKEY;
  • I think we found the reason, why it didnt work. Our steps to set static passkey.

    1. in main.c.:

      // Standard defines #define SEC_PARAM_BOND 1 #define SEC_PARAM_MITM 0 #define SEC_PARAM_LESC 0 #define SEC_PARAM_KEYPRESS 0 #define SEC_PARAM_IO_CAPABILITIES BLE_GAP_IO_CAPS_DISPLAY_ONLY // passkey defines #define STATIC_PASSKEY "111111" uint8_t passkey[] = STATIC_PASSKEY; ble_opt_t static_pin_option;

    2. in gap_params_init():

      static_pin_option.gap_opt.passkey.p_passkey = passkey; err_code = sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &static_pin_option); APP_ERROR_CHECK(err_code);

    With this the passkey entry didnt work: it abort after key was typed in. So we compared our project with the ble_app_gls example line by line. I dont know exactly why, perhaps for some testing, in our peer_manager_init() the sec_param were set to:

    sec_param.kdist_own.enc  = 0;
    sec_param.kdist_own.id   = 0;
    sec_param.kdist_peer.enc = 0;
    sec_param.kdist_peer.id  = 0;
    

    and in gls example is set to 1. We changed it, and now it works as required. But, can anyone explane us why it is now working and what is the reason why it didnt work?

  • When in the peripheral role kdist_own defines which keys it shall distribute to the central, while kdist_peer defines which keys the central shall distribute to you.

    /** @brief Keys that can be exchanged during a bonding procedure. */
    typedef struct
    {
      uint8_t enc     : 1;                        /**< Long Term Key and Master Identification. */
      uint8_t id      : 1;                        /**< Identity Resolving Key and Identity Address Information. */
      uint8_t sign    : 1;                        /**< Connection Signature Resolving Key. */
      uint8_t link    : 1;                        /**< Derive the Link Key from the LTK. */
    } ble_gap_sec_kdist_t;
    
Related