Hi,
I've just learned that even with enabled pairing, it's still possible to "simply" connect to the device. But is there a way to force pairing on connection?
I'm using the NUS service, S132 soft device, and SDK15.
Hi,
I've just learned that even with enabled pairing, it's still possible to "simply" connect to the device. But is there a way to force pairing on connection?
I'm using the NUS service, S132 soft device, and SDK15.
Yes it is,
My program is based on hrs example + dfu merging.
I was thinking that, by using pairing protection with 6 digit fixed pathkey( no other choice cause no IO), i would not be able to read/write my characteriqtics. But with nrfConnect, if you are fast enough, when bounding window pops up , and you click cancel and really fast after, you are able to click on the row to read a characteristics, the connexion is maintained and you have access to all , without been securly paired !!!
I know i can protect each caracteristic by using : BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM , what i did.
But a side effect appears: after first pairing on the phone by writing the 6 digit passkey, the same windows pops up FOR EACH characteristic you read ( only the first time) ... so it s a bit anoying because you have the feeling to have paired at connexion step , but in fact it has absolutely no impact on security.
If you click cancel you are still connected and if fast enough you can even have access to all. If you paired successfully, you will have to enter this same path key for each characteristic you have protected, what give a strange effect to the final user, he has the feeling that first pairing didn't worked.
So, by searching on the devzone, i have seen this post that looks similar to what i want to do: First, ask pairng after connect. I yes , no more asked user to enter pathkey. If no or cancel, close connexion or retry but doesn't give access. Only paired device should have access.
The way used to add the characteristic in ble_dfu_buttonless_char_add ( the one that use SEC_JUST_WORKS in my soft) is different that the way i used:
My way:
static uint32_t settings_char_add(ble_settings_t * p_settings, const ble_settings_init_t * p_settings_init)
{
uint32_t err_code;
ble_gatts_char_md_t char_md;
ble_gatts_attr_md_t cccd_md;
ble_gatts_attr_t attr_char_value;
ble_uuid_t ble_uuid;
ble_gatts_attr_md_t attr_md;
memset(&char_md, 0, sizeof(char_md));
char_md.char_props.read = 1;
char_md.char_props.write = 1;
char_md.char_props.notify = 0;
char_md.p_char_user_desc = NULL;
char_md.p_char_pf = NULL;
char_md.p_user_desc_md = NULL;
char_md.p_cccd_md = NULL;
char_md.p_sccd_md = NULL;
memset(&attr_md, 0, sizeof(attr_md));
attr_md.read_perm = p_settings_init->settings_char_attr_md.read_perm;
attr_md.write_perm = p_settings_init->settings_char_attr_md.write_perm;
attr_md.vloc = BLE_GATTS_VLOC_STACK;
attr_md.rd_auth = 0;
attr_md.wr_auth = 0;
attr_md.vlen = 0;
ble_uuid.type = p_settings->uuid_type;
ble_uuid.uuid = SETTINGS_CHAR_UUID;
memset(&attr_char_value, 0, sizeof(attr_char_value));
attr_char_value.p_uuid = &ble_uuid;
attr_char_value.p_attr_md = &attr_md;
attr_char_value.init_len = sizeof(uint8_t);
attr_char_value.init_offs = 0;
attr_char_value.max_len = 256*sizeof(uint8_t);
//notification
memset(&cccd_md, 0, sizeof(cccd_md));
// Read operation on Cccd should be possible without authentication.
BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm);
BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm);
cccd_md.vloc = BLE_GATTS_VLOC_STACK;
char_md.char_props.notify = 0;
char_md.p_cccd_md = &cccd_md;
err_code = sd_ble_gatts_characteristic_add(p_settings->service_handle, &char_md,
&attr_char_value,
&p_settings->settings_handles);
if (err_code != NRF_SUCCESS)
{
return err_code;
}
return NRF_SUCCESS;
}
So i'm a bit confused and i don't know anymore how to proceed for this simple security level.
Thank you :)