• State Not Answered
  • Replies 13 replies
  • Subscribers 73 subscribers
  • Views 10601 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 127016
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Avoid "Bluetooth pairing request" alert on iOS

Kasper Leonhardt

Hi.

I have an application that needs a low security encryption. Therefore I want to use "Just works" encryption. The pairing process is assumed to be in a "safe" place.

But iOS are prompting with the "Bluetooth pairing request" alert before every connection. And I thing that it is very annoying and irrelevant. I can accept the first alert, but not later.

I am using 7.2 softdevice on a nRF 51822.

Is it possible to suppress this message either from the BLE device (or perhaps in the iOS App).

Kasper

  • 0 in reply to shibshab

    I see you have one packet of type SMP (as seen in Protocol column), which is a Pairing Request (the one we are looking for). This is packet nr 213, and it comes after getting an "Insufficient Authentication" error message, indicating that the encryption requirements for the characteristic is in place.

    I do not see any response to this packet, have you verified that your code handles this correctly?

  • 0 in reply to shibshab

    @Kaster: As Shibshab pointed, you need to handle the BLE_GAP_EVT_SEC_PARAMS_REQUEST event and reply with the sd_ble_gap_sec_params_reply() with correct parameters. It's shown here.

  • 0 in reply to shibshab

    Thanks for you help shishab, so far. And you were right the call to sd_ble_gap_sec_params_reply did return with error (16=NRF_ERROR_INVALID_ADDR). I believe that the parameter p_sec_keyset cannot be NULL in this case, as suggested on the "Message Sequence Charts" as linked to before. The comment in the header file also describes the possibility to pass a NULL. I think I need more changes. So far I have changed following (probably not compleate list) from the uart example:

    • BLE_GAP_CONN_SEC_MODE_SET_OPEN changed to BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM
    • Parameters to sd_ble_gap_sec_params_reply
    • Upgraded from SD 7.2 to 8.0 (might need further changes) (main.c and ble_* files kept)

    But then I tried to change BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM, and correct in main.c. I expect that it should be more correct. But then no smp pairing request was performed. (and no call of sd_ble_gap_sec_info_reply).

    Maybe I should try to start all over from a new copy of the new version of the BLE UART example.

  • 0 in reply to shibshab

    Taking the UART example in 8.0 as an example. The necessary steps to enable Just Works encryption is:

    • Set SEC_PARAM_BOND to 0
    • For characteristics (read/write) set BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM

    Note that RX characteristic is WriteWithoutResponse, which will not allow you to verify using a sniffer that authentication is required. Set it to write by removing the line setting write_wo_resp to 1.

    Also note that this requires support on the iOS side (the nRF Toolbox app will not support this setup).

Related
Terms of service