• State Not Answered
  • Replies 12 replies
  • Subscribers 74 subscribers
  • Views 4486 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 219363
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

About sdk14.2 52832 password pairing timeout

June6

Hi

I'm working on a password pairing project. You must enter the correct password to connect properly.  And This function can be normally implemented between mobile phone and slave module. When the phone wants to connect, a password pairing box pops up, and you must enter your password to connect properly. But now the password function is also in effect between the master and slave modules. According to the simulation, it is known that the connection is broken because the master module did not respond to the password and the pairing timeout evt is entered from the module. How can i fix this problem?

Thanks

June6

  • 0

    The following code:

    int main(void)
{
    ret_code_t err_code;
    memcpy(passkey,STATIC_PASSKEY,6);	
    m_static_pin_option.gap_opt.passkey.p_passkey = passkey;																	
    err_code = sd_ble_opt_set(BLE_GAP_OPT_PASSKEY, &m_static_pin_option);
    APP_ERROR_CHECK(err_code); 
}

static void on_ble_peripheral_evt(ble_evt_t const * p_ble_evt, void * p_context)
{
    uint32_t                    err_code;
     
    switch (p_ble_evt->header.evt_id)
    {
        case BLE_GAP_EVT_CONNECTED:
        
            NRF_LOG_INFO("Connected");
            m_conn_handle = p_ble_evt->evt.gap_evt.conn_handle;
            sd_ble_gap_authenticate(m_conn_handle,&sec_params);
            
            break;
            
        case BLE_GAP_EVT_SEC_PARAMS_REQUEST:
        
            memset(&sec_params,0,sizeof(ble_gap_sec_params_t));
            
            sec_params.bond = 0;
            sec_params.mitm = 1;
            sec_params.lesc = 0;
            sec_params.keypress = 0;
            sec_params.io_caps = BLE_GAP_IO_CAPS_DISPLAY_ONLY;
            sec_params.oob = 0;
            sec_params.min_key_size = 7;
            sec_params.max_key_size = 16;
            
            err_code = sd_ble_gap_sec_params_reply(m_conn_handle,BLE_GAP_SEC_STATUS_SUCCESS,&sec_params,NULL);
            APP_ERROR_CHECK(err_code);
            
            break;
            
        case BLE_GAP_EVT_AUTH_STATUS:
            
            if(p_ble_evt->evt.gap_evt.params.auth_status.auth_status == BLE_GAP_SEC_STATUS_SUCCESS)
            {
                
            }
            
            else
            {
                err_code = sd_ble_gap_disconnect(m_conn_handle, BLE_HCI_REMOTE_USER_TERMINATED_CONNECTION);
                APP_ERROR_CHECK(err_code);
            }
            
            break;
    }
}


static void on_ble_central_evt(ble_evt_t const * p_ble_evt, void * p_context)
{
    switch (p_ble_evt->header.evt_id)
    {
        case BLE_GAP_EVT_CONNECTED:
        
            NRF_LOG_INFO("Connected to target.");
            
            err_code = ble_nus_c_handles_assign(&m_ble_nus_c, p_ble_evt->evt.gap_evt.conn_handle, NULL);
            APP_ERROR_CHECK(err_code);
            
            // start discovery of services. The NUS Client waits for a discovery result
            err_code = ble_db_discovery_start(&m_db_disc, p_ble_evt->evt.gap_evt.conn_handle);
            APP_ERROR_CHECK(err_code);	
            
            break;
            
        case BLE_GAP_EVT_SEC_PARAMS_REQUEST:
        
            // Pairing not supported
            err_code = sd_ble_gap_sec_params_reply(p_ble_evt->evt.gap_evt.conn_handle, BLE_GAP_SEC_STATUS_PAIRING_NOT_SUPP, NULL, NULL);
            APP_ERROR_CHECK(err_code);
            
            break;
    }
}

  • 0

    When the security authentication request is issued from the module, the mobile phone can respond manually by entering the password, so the function is normal. But if the main module is connected to the slave module, the main module does not have something similar to the mobile phone keyboard, so I do not know how the main module should respond.

  • 0

    Hi,

    Why do you want to exchange the encryption key this way? A more standard way would be to use LE Secure connection to establish the encrypted link in a secure way. Then you could use for instance numeric comparison or pass key entry to provide man-in-the-middle (MITM) protection.

  • 0 in reply to Einar Thorsrud

    Hi,

    Can you tell me the standard practice? It's better to attach the code?

    Thanks!

  • 0 in reply to June6

    Hi,

    I think I misunderstood the posts when I read them initially. Can you elaborate what you want to do? Is the problem that you use legacy pairing with static passkey MITM protection, and that this does not work when the peer is not a phone, but rather a device without a keyboard? If so, it should have the IO capabilities (io_caps) set accordingly, and MITM will not be used.

    Br,

    Einar

Related
Terms of service