This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to do static authentication on PB_GATT unprovision advertise connection in nRF mesh

Hi,

When I am trying to connect nRF Mesh sdk 2.2 on nrf52832 DK using nRF connect mobile application I am able to connect without static passkey, now I want to enable static authentication on connection request from nRF connect. Is it possible to do some static authentication like BLE men in middle protection? In nrf mesh SDK which section I need to integrate this part

-

Thanks,

Pintu

  • Hi Pintu,

    Do you not get a disconnect when you access the data in or data out services on nRF Connect with the light switch proxy client or proxy server examples in mesh sdk v2.2.0? I believe this has something to do with a different packet format in the nRF Mesh app compared with nRF Connect for mobile. Do you realize that the source code for nRF Mesh is available (iOS, Android) & you are allowed to modify it, whereas nRF Connect for Mobile is not unfortunately?

    Also, we already use static authentication in our light switch example. See this case & comment from Hung Bui:

    "Static authentication (including OOB static authentication) is already used in our example. Currently we used a fix data (look for STATIC_AUTH_DATA). But you can use NFC, QR code or anything to update this value (on both provisioner and provisionee). It should be pretty straight forward to implement. Have a look at the config_params in main() in our light switch example."

    Kind Regards,

    Bjørn

  • Hi Bjorn,

    Sorry for late response.

    1) When I am writting hex in service UUID 0x1827 on 0x2ADB characteristic it got disconnect when entering 0x0001, so if I want to send user data on this before provisioning device need to custome this service?

    2) Got use case of STATIC_AUTH_DATA

    Thanks,

    Pintu

  • I changed static authentication data in proxy_server but it still it is allowed to provisioning with nRF mesh mobile application 

    include/light_switch_example_common.h:69

    :#define STATIC_AUTH_DATA {0x6E, 0x6F, 0x72, 0x64, 0x69, 0x63, 0x5F, 0x65, 0x78, 0x61, 0x6D, 0x70, 0x6C, 0x65, 0x5F, 0x30} instead 0x31

  • Hi

    I am using nrf52832 with proxy_server application and nRF mesh mobile application original for static oob authentication

    I tried to enable static authentication but not able to do, I added below code in file examples/common/src/mesh_provisionee.c

    uint32_t mesh_provisionee_prov_start(const mesh_provisionee_start_params_t * p_start_params)
    {
        __LOG(LOG_SRC_APP, LOG_LEVEL_INFO, "%s\n", __func__);
        nrf_mesh_prov_oob_caps_t prov_caps =
        {
            ACCESS_ELEMENT_COUNT,
            NRF_MESH_PROV_ALGORITHM_FIPS_P256EC,
            0,
            NRF_MESH_PROV_OOB_STATIC_TYPE_SUPPORTED,
            0,
            0,
            0,
            0
        };

        m_params = *p_start_params;
        if (m_params.p_static_data == NULL)
        {
            return NRF_ERROR_INVALID_PARAM;
        }

        m_prov_ctx.oob_size      = NRF_MESH_KEY_SIZE;   /**< Size of the chosen OOB authentication data. */
        m_prov_ctx.oob_method    = NRF_MESH_PROV_OOB_METHOD_STATIC;
        memcpy(m_prov_ctx.auth_value, m_params.p_static_data, NRF_MESH_KEY_SIZE);
        RETURN_ON_ERROR(nrf_mesh_prov_generate_keys(m_public_key, m_private_key));

    Below is log of provisioning

    Log:

    <t:     347638>, prov_provisionee.c,  602, prov_provisionee_cb_link_established
    <t:     347641>, mesh_provisionee.c,  191, prov_evt_handler: event NRF_MESH_PROV_EVT_LINK_ESTABLISHED
    <t:     375581>, main.c,  217, Successfully updated connection parameters
    <t:     484934>, main.c,  217, Successfully updated connection parameters
    <t:     905906>, prov_provisionee.c,  328, prov_provisionee_pkt_in: pkt type PROV_PDU_TYPE_INVITE
    <t:     905913>, prov_provisionee.c,  342, Provisionee: invite received!
    <t:     905916>, prov_provisionee.c,   98, send_capabilities
    <t:     905918>, prov_provisionee.c,  112, Provisionee: sending capabilities
    <t:     905921>, prov_provisionee.c,  113, send_capabilities: 010100010001000000000000
    <t:     905924>, provisioning.c,   56, send_data: 010100010001000000000000
    <t:     905930>, mesh_provisionee.c,  191, prov_evt_handler: event NRF_MESH_PROV_EVT_INVITE_RECEIVED
    <t:     905933>, prov_provisionee.c,  361, PDU type 0, duration 5
    <t:     922122>, prov_provisionee.c,  564, prov_provisionee_cb_ack_received:state NRF_MESH_PROV_STATE_INVITE
    <t:     938347>, prov_provisionee.c,  328, prov_provisionee_pkt_in: pkt type PROV_PDU_TYPE_START
    <t:     938352>, prov_provisionee.c,  369, Provisionee: provisioning start message received!
    <t:     938355>, prov_provisionee.c,  122, handle_prov_start
    <t:     938357>, prov_provisionee.c,  165, pub key oob 0, oob_method 0, oob_size 0, oob_action 0
    <t:     938361>, mesh_provisionee.c,  191, prov_evt_handler: event NRF_MESH_PROV_EVT_START_RECEIVED
    <t:     938412>, prov_provisionee.c,  328, prov_provisionee_pkt_in: pkt type PROV_PDU_TYPE_PUBLIC_KEY
    <t:     938419>, prov_provisionee.c,  397, Provisionee: public key message received!
    <t:     938423>, provisioning.c,   56, send_data: 03E9935776C5E156F6C4D2A4B24A3DE861C615689DFFECBC8BF3A311661EED914E3635E70EF30E1424FC542ADC89E4FE38250E4D52E6FFF4707E8DBA172A72402E
    <t:     954571>, prov_provisionee.c,  564, prov_provisionee_cb_ack_received:state NRF_MESH_PROV_STATE_WAIT_PUB_KEY
    <t:     954578>, prov_provisionee.c,  285, start_authentication
    <t:     959345>, prov_provisionee.c,  211, request_authentication
    <t:     959347>, prov_provisionee.c,  268, Provisionee: requested OOB none

    From the log i observer i am not able to enable static authentication, can you suggest solution for it.

    Thanks,

    Pintu

Related