Hi!
I can't start project with OOB bonding. If I set settings like just works (MITM = 0, OOB =0), all works correct. But I need more security for bounding. For this reason I want to use OOB bonding. Or you can advise to me another mode for secure bounding.
I use on advertise size only MITM = 1, BOND = 1, OOB =1, like discribed here: link
On the central side I use PM, white list and same settings for OOB bound: MITM = 1, BOND = 1, OOB =1
And after start project, no bound central with peripherial. May be I have some wrongs when PM and white list init on central side?
void peer_manager_init(void)
{
ble_gap_sec_params_t sec_param;
ret_code_t err_code;
err_code = pm_init();
APP_ERROR_CHECK(err_code);
memset(&sec_param, 0, sizeof(ble_gap_sec_params_t));
sec_param.bond = SEC_PARAM_BOND;
sec_param.mitm = SEC_PARAM_MITM;
sec_param.lesc = SEC_PARAM_LESC;
sec_param.keypress = SEC_PARAM_KEYPRESS;
sec_param.io_caps = SEC_PARAM_IO_CAPABILITIES;
sec_param.oob = SEC_PARAM_OOB;
sec_param.min_key_size = SEC_PARAM_MIN_KEY_SIZE;
sec_param.max_key_size = SEC_PARAM_MAX_KEY_SIZE;
sec_param.kdist_own.enc = 1;
sec_param.kdist_own.id = 1;
sec_param.kdist_peer.enc = 1;
sec_param.kdist_peer.id = 1;
err_code = pm_sec_params_set(&sec_param);
APP_ERROR_CHECK(err_code);
err_code = pm_register(pm_evt_handler);
APP_ERROR_CHECK(err_code);
}
I whitelist init after scan start:
void scan_start(void)
{
uint32_t flash_busy;
if(ble_conn_state_n_centrals() >= CENTRAL_LINK_COUNT)
return;
scan_stop();
(void) fs_queued_op_count_get(&flash_busy);
if(flash_busy != 0)
return;
ble_gap_addr_t whitelist_addrs[8];
ble_gap_irk_t whitelist_irks[8];
memset(whitelist_addrs, 0x00, sizeof(whitelist_addrs));
memset(whitelist_irks, 0x00, sizeof(whitelist_irks));
uint32_t addr_cnt = (sizeof(whitelist_addrs) / sizeof(ble_gap_addr_t));
uint32_t irk_cnt = (sizeof(whitelist_irks) / sizeof(ble_gap_irk_t));
whitelist_load();
ret_code_t ret = pm_whitelist_get(whitelist_addrs, &addr_cnt, whitelist_irks, &irk
m_scan_param.use_whitelist = (((addr_cnt == 0) && (irk_cnt == 0)) || (m_bonding)) ? 0 : 1;
if(ble_conn_state_n_centrals() == 0)
{
m_scan_param.interval = BLE_GAP_SCAN_INTERVAL_MAX;
m_scan_param.window = BLE_GAP_SCAN_WINDOW_MAX;
}
else
{
m_scan_param.interval = SCAN_INTERVAL;
m_scan_param.window = SCAN_WINDOW;
}
ret = sd_ble_gap_scan_start(&m_scan_param);
APP_ERROR_CHECK(ret);
}