Add security to service Characteristic

RE: Add security to service Characteristic

Renix — Fri, 28 Apr 2017 14:50:10 GMT

Bjørn,

Yes, that is what I found too.

Page 537 of BLE4.2 states that Attribute Permissions Readable with no authentication or authorization. Writable with authentication and authorization defined by a higher layer specification or is implementation specific.

Thanks

RE: Add security to service Characteristic

bjorn-spockeli — Fri, 28 Apr 2017 12:54:48 GMT

**Q1:**Yes, you should be able configure the CCCD so that you must have an encrypted link, i.e. be paired or bonded in order to write to the CCCD to enable notifications.

**Q2:**I did some testing with the ble_app_hrs example and I found that if I set the CCCD read permission to open and the write permissions to encrypted with no MITM protection, i.e.

BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm);
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);

then it should work fine. So it looks like you cannot set the security level of the read permission of a CCCD, which I assume it stted in the BLE spec.

RE: Add security to service Characteristic

Renix — Wed, 26 Apr 2017 20:50:53 GMT

Bjørn I believe I actually have the security working for the read / write property of the Characteristic, but still have trouble with the Notification side. Perhaps I do not understand it, or something else is wrong.

Note: I added read/write properties back to the characteristics.

I set the security level for the read / write:

BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm);
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm);

Test: I cannot read or write to the Characteristic using iPhone. In MCP [10:23:42.3] Received Error Response: INSUFFICIENT_AUTHENTICATION, handle: 0x0020

Once the iPhone is paired, I can read and write to the Characteristic. In MCP, If I hit Bond, I can also read / write. All seems GOOD then.

What was confusing is if I tell iPhone to Forget the device, it does not ask to pair again. MCP still works as expected, just need to hit Delete bond info

Question 1)

Can the Notify property also have this security setting?

This is how the Notify security is set? (I have it commented out for now)

ble_gatts_attr_md_t cccd_md; memset(&cccd_md, 0, sizeof(cccd_md)); //GvR //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.read_perm); //BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);

BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm); cccd_md.vloc = BLE_GATTS_VLOC_STACK;
char_md.p_cccd_md = &cccd_md; char_md.char_props.notify = 1;

As soon as I change to ENC_NO_MITM I get the ERROR Fatal output from the UART, and advertising stops.

Any help appreciated.

RE: Add security to service Characteristic

bjorn-spockeli — Wed, 26 Apr 2017 09:39:10 GMT

Could you post your IROM and IRAM settings for the application in Keil?

No, if the characteristic does not have the read or write properties then setting BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM() will not have any effect as this will never be enforced since there is nothing to write to or read from.

RE: Add security to service Characteristic

Renix — Tue, 25 Apr 2017 14:51:08 GMT

Bjørn

code execution does not reach app_error_handler.

With both char_md.char_props.read = 1; and char_md.char_props.write = 1;

// OUR_JOB: Step 3.A, Configuring Client Characteristic Configuration Descriptor metadata and add to char_md structure ble_gatts_attr_md_t cccd_md; memset(&cccd_md, 0, sizeof(cccd_md)); //GvR BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);

//BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm);
//BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm);
cccd_md.vloc                = BLE_GATTS_VLOC_STACK;    
char_md.p_cccd_md           = &cccd_md;
char_md.char_props.notify   = 1;

I see the following on the UART output:

:ERROR:Fatal
SDH:WARNING:RAM start should be adjusted to 0x20001ff0.
SDH:WARNING:RAM size should be adjusted to 0xe010.

In IAR I have

define symbol __ICFEDIT_intvec_start__ = 0x1f000;
/*-Memory Regions-*/
define symbol __ICFEDIT_region_ROM_start__ = 0x1f000;
define symbol __ICFEDIT_region_ROM_end__   = 0x7ffff;
define symbol __ICFEDIT_region_RAM_start__ = 0x20002fff;
define symbol __ICFEDIT_region_RAM_end__   = 0x2000ffff;
export symbol __ICFEDIT_region_RAM_start__;
export symbol __ICFEDIT_region_RAM_end__;
/*-Sizes-*/
define symbol __ICFEDIT_size_cstack__ = 0x800;
define symbol __ICFEDIT_size_heap__   = 0x200;
/**** End of ICF editor section. ###ICF###*/

I guess there is no point in trying to use BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM() if I am not using //char_md.char_props.read = 1; or //char_md.char_props.write = 1;

Since it is the CCCD Notify property being displayed, I assume the MITH bonding is only for the read and write.

RE: Add security to service Characteristic

bjorn-spockeli — Tue, 25 Apr 2017 11:40:27 GMT

Can you debug the application and see if you end up in the app_error_handler? If so, take a look at the call stack and see which function that caused the error and which error code it returned.