• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 71 subscribers
  • Views 4042 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 104613
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

white list creation

sruthiraj koodathil

hii....

i want to make my device connected through a secret pass code (may be six digit)..ie. my device get advertise then when master control panel discover my device and try to connect ,there should be an exchange of a secret key.. then only the services should be available for master control panel....

what methode should i use.? whether whitelist will be usefull?

i am totally unfamiliar with whitelist.. do you help me to create a white list

  • 0

    The purpose of the whitelist is to restrict connection and/or scanning from everyone everyone except pre-determined devices that you know the address or Identity Resolving Key (IRK) of. For practical purposes, this means only bonded devices that you have had contact with from before.

    For your scenario, you could look at enforcing encryption at the start of the connection and make use of the static passkey functionality to set a secret PIN code. If the database is security-with-MITM-protected, it will deny anything but discovery operations until security is set up.

    It is also possible to make a custom solution based on authorization. If your protected attributes require authorization, the app will be asked to authorize each read/write (as configured). You could then deny all operations until a particular blob of data is written to one of the characteristics, and make that "unlock" reading/writing for that particular link.

  • 0

    thank you for your replay....

    yes, i have static key... before advertising i have set a passkey(123456) by using the API sd_ble_opt_set... its working fine.. but the thing is this pass key will be asked when we are going for a bonding... you can connect directly without bond...

    what i need is a connection should be established after entering the pass key...

    1.how to create whitelist? 2. in your paragraph you mentioned...on connection only one characterictics should available dat is used to unlock the other services ryt? but how can i implement it in my code?

  • 0 in reply to sruthiraj koodathil

    There is no passkey entry support for connections in the BLE spec, so what you are asking is not generally possible. If you have control over the IRK of the connecting device, you could set up a whitelist on the slave for it, but this is a 128-bit key. Not all central devices will let you set the IRK, so this is not a good solution however.

    The other solutions I mentioned are protection of the database only, and does not prohibit connections. This can be solved in code by either using the BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM macro on the read and write permissions of the attributes when you add them (and require security as soon as the device connects), or by setting the attribute rd_auth / wr_auth flags to 1 if you want to go the authorization route (App gets asked everytime a write/read operation happens).

  • 0 in reply to sruthiraj koodathil

    can you provide example for above solution ?

Related
Terms of service