• State Verified Answer
  • Replies 6 replies
  • Subscribers 62 subscribers
  • Views 6622 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 121604
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Add security to service Characteristic

Renix

In the BLE Characteristics, a beginner's tutorial

Martin mentions: Since this is a beginners tutorial we will keep it simple and leave the doors wide open. No security, encryption, or passkey needed.

Is there an example to add security? I have a server, no IO, so it has to be Just Works bonding. I tried using BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM() as suggested, but then the advertising stops

I use SDK13, so perhaps there is something else I need to do.

Any help appreciated

Parents
  • 0

    Bjørn I believe I actually have the security working for the read / write property of the Characteristic, but still have trouble with the Notification side. Perhaps I do not understand it, or something else is wrong.

    Note: I added read/write properties back to the characteristics.

    I set the security level for the read / write:

    BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm);
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm);

    Test: I cannot read or write to the Characteristic using iPhone. In MCP [10:23:42.3] Received Error Response: INSUFFICIENT_AUTHENTICATION, handle: 0x0020

    Once the iPhone is paired, I can read and write to the Characteristic. In MCP, If I hit Bond, I can also read / write. All seems GOOD then.

    What was confusing is if I tell iPhone to Forget the device, it does not ask to pair again. MCP still works as expected, just need to hit Delete bond info

    Question 1)

    Can the Notify property also have this security setting?

    1. This is how the Notify security is set? (I have it commented out for now)

      ble_gatts_attr_md_t cccd_md; memset(&cccd_md, 0, sizeof(cccd_md)); //GvR //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.read_perm); //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);

      BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm); cccd_md.vloc = BLE_GATTS_VLOC_STACK;
      char_md.p_cccd_md = &cccd_md; char_md.char_props.notify = 1;

    As soon as I change to ENC_NO_MITM I get the ERROR Fatal output from the UART, and advertising stops.

    Any help appreciated.

Reply
  • 0

    Bjørn I believe I actually have the security working for the read / write property of the Characteristic, but still have trouble with the Notification side. Perhaps I do not understand it, or something else is wrong.

    Note: I added read/write properties back to the characteristics.

    I set the security level for the read / write:

    BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm);
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm);

    Test: I cannot read or write to the Characteristic using iPhone. In MCP [10:23:42.3] Received Error Response: INSUFFICIENT_AUTHENTICATION, handle: 0x0020

    Once the iPhone is paired, I can read and write to the Characteristic. In MCP, If I hit Bond, I can also read / write. All seems GOOD then.

    What was confusing is if I tell iPhone to Forget the device, it does not ask to pair again. MCP still works as expected, just need to hit Delete bond info

    Question 1)

    Can the Notify property also have this security setting?

    1. This is how the Notify security is set? (I have it commented out for now)

      ble_gatts_attr_md_t cccd_md; memset(&cccd_md, 0, sizeof(cccd_md)); //GvR //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.read_perm); //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);

      BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm); cccd_md.vloc = BLE_GATTS_VLOC_STACK;
      char_md.p_cccd_md = &cccd_md; char_md.char_props.notify = 1;

    As soon as I change to ENC_NO_MITM I get the ERROR Fatal output from the UART, and advertising stops.

    Any help appreciated.

Children
No Data
Related