• State Not Answered
  • +1 person also asked this people also asked this
  • Replies 38 replies
  • Subscribers 68 subscribers
  • Views 12042 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 207533
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

PASSKEY

katyon

 I’ve downloaded     nRF5_SDK_11.0.0_89a8197 and starting with examples from \examples\ble_peripheral\???\pca10040\s132\arm5_no_packs\

 I would like the other device to request a passkey (constant) at pairing (the passkey on my side is constant - no display needed)

After   gap_params_init();I’ve added the following code:

 

{

 static ble_opt_t optS;

   static uint8_t passw[]="123456";           

 optS.gap_opt.passkey.p_passkey=passw;

   err_code =sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &optS);

}

 

err_code returned :  0  

 

Still the module will pair and communicate without requesting a passkey.

I've tried to find an answer in Q&A . in some answers there was a reference to fields : io_caps,mitm. cant make out what does it mean. 

(these fields belong to structs relevant to services, not pairing)

 

Thanks for any help

   Yona

Parents
  • 0

    Hi Yona,

    You can change the permission/security level on the BLE characteristics to require MITM pairing. The central does not need to pair with the device if security level is set to "open".

    E..g, change BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.read_perm) to BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM (&attr_md.read_perm) if you want to limit read access to a certain characteristic. 

     

Reply
  • 0

    Hi Yona,

    You can change the permission/security level on the BLE characteristics to require MITM pairing. The central does not need to pair with the device if security level is set to "open".

    E..g, change BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.read_perm) to BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM (&attr_md.read_perm) if you want to limit read access to a certain characteristic. 

     

Children
  • 0 in reply to Vidar Berg

    thank you for the answer.

    making this change - finally  "produces"  the  events:

    BLE_GAP_EVT_SEC_PARAMS_REQUEST,   BLE_GAP_EVT_AUTH_STATUS

    how should I deal with them ?

    (as the cellphone application does not know that passkey is needed- so reading the characteristic results in a  BLE disconnection)

    Yona

  • 0 in reply to katyon

    Recommend to use the device manager module for handling of security requests. Device manger is implemented in most of the ble_peripheral examples, ble_app_hrs for instance.  

  • 0 in reply to Vidar Berg

    I would like to apologize for my repeating questions. 

    I took ble_app_hrs project ( DEVICE_NAME  =  "Nordic_HRM")

    it contains code for dealing with BLE_GAP_EVT_SEC_PARAMS_REQUEST

    I've added this code to define a constant passkey 


    static ble_opt_t optS;
    static uint8_t passw[]="123456";
    optS.gap_opt.passkey.p_passkey=passw;
    err_code =sd_ble_opt_set(BLE_GAP_OPT_PASSKEY,&optS);
    APP_ERROR_CHECK(err_code);

    than I've changed (for characteristic "Body Sensor Location") 

    BLE_GAP_CONN_SEC_MODE_SET_OPEN(&hrs_init.hrs_bsl_attr_md.read_perm);

     to 

    BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(&hrs_init.hrs_bsl_attr_md.read_perm);

    the result is that  "Body Sensor Location" will not preform the read (the read request from the cellphone application does not respond) 

    all other services work normal

    what am I missing ?

    thanks again

    Yona

  • 0 in reply to katyon

    Hi Yona,

    Looks like I forgot to mention that you need to enable MITM and set IO capability in device_manager_init(). See diff file below for necessary changes:

    Fullscreen static_passkey.diff Download 
    diff --git a/examples/ble_peripheral/ble_app_hrs/main.c b/examples/ble_peripheral/ble_app_hrs/main.c
index 6facd54..b7bf916 100644
--- a/examples/ble_peripheral/ble_app_hrs/main.c
+++ b/examples/ble_peripheral/ble_app_hrs/main.c
@@ -87,10 +87,10 @@
 #define MAX_CONN_PARAMS_UPDATE_COUNT     3                                          /**< Number of attempts before giving up the connection parameter negotiation. */
 
 #define SEC_PARAM_BOND                   1                                          /**< Perform bonding. */
-#define SEC_PARAM_MITM                   0                                          /**< Man In The Middle protection not required. */
+#define SEC_PARAM_MITM                   1                                          /**< Man In The Middle protection not required. */
 #define SEC_PARAM_LESC                   0                                          /**< LE Secure Connections not enabled. */
 #define SEC_PARAM_KEYPRESS               0                                          /**< Keypress notifications not enabled. */
-#define SEC_PARAM_IO_CAPABILITIES        BLE_GAP_IO_CAPS_NONE                       /**< No I/O capabilities. */
+#define SEC_PARAM_IO_CAPABILITIES        BLE_GAP_IO_CAPS_DISPLAY_ONLY               /**< No I/O capabilities. */
 #define SEC_PARAM_OOB                    0                                          /**< Out Of Band data not available. */
 #define SEC_PARAM_MIN_KEY_SIZE           7                                          /**< Minimum encryption key size. */
 #define SEC_PARAM_MAX_KEY_SIZE           16                                         /**< Maximum encryption key size. */
@@ -327,6 +327,15 @@ static void gap_params_init(void)
 
     err_code = sd_ble_gap_ppcp_set(&gap_conn_params);
     APP_ERROR_CHECK(err_code);
+                                          
+    static ble_opt_t optS;
+
+    static uint8_t passw[]="123456";           
+
+    optS.gap_opt.passkey.p_passkey=passw;
+
+    err_code =sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &optS);
+    APP_ERROR_CHECK(err_code);
 }
 
 
@@ -455,7 +464,7 @@ static void services_init(void)
     BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(&hrs_init.hrs_hrm_attr_md.read_perm);
     BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(&hrs_init.hrs_hrm_attr_md.write_perm);
 
-    BLE_GAP_CONN_SEC_MODE_SET_OPEN(&hrs_init.hrs_bsl_attr_md.read_perm);
+    BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(&hrs_init.hrs_bsl_attr_md.read_perm);
     BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(&hrs_init.hrs_bsl_attr_md.write_perm);
 
     err_code = ble_hrs_init(&m_hrs, &hrs_init);

    Vidar

Related