• State Not Answered
  • Replies 5 replies
  • Subscribers 73 subscribers
  • Views 2692 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 122710
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Whitelist issue - IRK & Addr added

Markus

Hi,

we are developing a custom board based on an NRF51822 and for security reasons are using whitelisting.

So far this worked well with different iOS and Android devices but today I tested with a ZTE Android device (running Android 5.1). When bonding this Android device my whitelist addr_count and irk_count are both 0x01 (no previously bonded devices). And when advertising with whitelisting is supposed to start the device reboots. If I disable whitelisting everything works as expected.

Is there any way to solve this issue without disabling whitelisting? I don't quite understand why both the addres and irk are added to the whitelist? When bonding other devices only addr or irk are added.

I'm using device manager, SDK 11 and softdevice S130.

Thanks for your help

Parents
  • FormerMember
    0 FormerMember

    Which kind of address type does the ZTE Android device use, a resolvable address or a static address? The address type comes with the BLE_GAP_EVT_CONNECTED event.

    If the device starts to reboot, it is most likely because of an error code handled by the error handler.

    When advertising with whitelist could you run the chip in debug, step through the code and see if you can find a function returning an error?

    Another option is to set the "DEBUG" flag, set a breakpoint inside APP_ERROR_CHECK(), and see if the application will hit the breakpoint. And from there, check which line is causing the error.

    Update 14.06.2017: Perhaps a "hack" for private non-resolvable addresses is the easiest. When it comes to link security, there are the following two options: Use an encrypted link by using "pairing" or an open link (no encryption). In both cases, there are no data that should be persistently stored, all data related to a link are invalidated upon a connection. Therefore, it could perhaps be an option to skip using the device manager module for private non-resolvable addresses?

    One way to do so is the following:

    static void ble_evt_dispatch(ble_evt_t * p_ble_evt)
{
	uint8_t ble_addr_type = p_ble_evt->evt.gap_evt.params.connected.peer_addr.addr_type;

	if(ble_addr_type == BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_NON_RESOLVABLE)
	{
		// Custom handling of BLE events, device mananger module is not being used.
		my_custom_ble_evt_handler(p_ble_evt);
	} else {
		// Use device manager module
		dm_ble_evt_handler(p_ble_evt);
	}
          .....
    on_ble_evt(p_ble_evt);
    ble_advertising_on_ble_evt(p_ble_evt);
}
Reply
  • FormerMember
    0 FormerMember

    Which kind of address type does the ZTE Android device use, a resolvable address or a static address? The address type comes with the BLE_GAP_EVT_CONNECTED event.

    If the device starts to reboot, it is most likely because of an error code handled by the error handler.

    When advertising with whitelist could you run the chip in debug, step through the code and see if you can find a function returning an error?

    Another option is to set the "DEBUG" flag, set a breakpoint inside APP_ERROR_CHECK(), and see if the application will hit the breakpoint. And from there, check which line is causing the error.

    Update 14.06.2017: Perhaps a "hack" for private non-resolvable addresses is the easiest. When it comes to link security, there are the following two options: Use an encrypted link by using "pairing" or an open link (no encryption). In both cases, there are no data that should be persistently stored, all data related to a link are invalidated upon a connection. Therefore, it could perhaps be an option to skip using the device manager module for private non-resolvable addresses?

    One way to do so is the following:

    static void ble_evt_dispatch(ble_evt_t * p_ble_evt)
{
	uint8_t ble_addr_type = p_ble_evt->evt.gap_evt.params.connected.peer_addr.addr_type;

	if(ble_addr_type == BLE_GAP_ADDR_TYPE_RANDOM_PRIVATE_NON_RESOLVABLE)
	{
		// Custom handling of BLE events, device mananger module is not being used.
		my_custom_ble_evt_handler(p_ble_evt);
	} else {
		// Use device manager module
		dm_ble_evt_handler(p_ble_evt);
	}
          .....
    on_ble_evt(p_ble_evt);
    ble_advertising_on_ble_evt(p_ble_evt);
}
Children
No Data
Related
Terms of service