Hi,
I am trying to test LESC Security Mode 1 Level 4 bonding with a peripheral ble_app_hrs on PCA10040 and pc-nrfconnect-ble (v2.2) with pc-nrfconnect-core(v2.6.2) with pc-ble-driver-js (v2.4.3) on PCA10040.
The peripheral device is implemented as mentioned here.
For pc-nrfconnect-ble, I modified package.json to use all dependencies from local repositories for pc-ble-driver-js and pc-nrfconnect-core. And I compiled everything locally from source, so there is no pre-built stuff fetched from github.
And I have run a scenario as:
1. Scan and connect Peripheral.
2. Perform bonding with LESC Security Mode 1 Level 4.
3. Disconnect Peripheral.
4. Connect Peripheral again.
The log for pc-nrfconnect-ble:
hrsc_lesc_bonding_nrfconnect_ble_pc_central.log
The log for Peripheral:
<info> app: Fast advertising. <info> app: Connected. <info> app: GATT ATT MTU on connection 0x0 changed to 247. <info> app: Passkey: 850729 <info> app: BLE_GAP_EVT_LESC_DHKEY_REQUEST <warning> nrf_ble_lesc: p_peer_public_key->is_valid but nrf_crypto_ecdh_compute result err_code: 0x0 <info> nrf_ble_lesc: Calling sd_ble_gap_lesc_dhkey_reply on conn_handle: 0 <info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 0, procedure: Bonding <info> app: BLE_GAP_EVT_AUTH_STATUS: status=0x0 bond=0x1 lv4: 1 kdist_own:0x1 kdist_peer:0x0 <info> app: Fast advertising. <info> app: Disconnected, reason 19. <info> app: Connected. <info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 0, procedure: Encryption <info> app: GATT ATT MTU on connection 0x0 changed to 247. <info> peer_manager_handler: Connection security failed: role: Peripheral, conn_handle: 0x0, procedure: Pairing, error: 133 <info> app: BLE_GAP_EVT_AUTH_STATUS: status=0x85 bond=0x0 lv4: 0 kdist_own:0x0 kdist_peer:0x0
Here are my questions.
1. From central log, why there is a trace showing mostly empty ble_gap_sec_keyset_t keyset information? I cannot find where this trace is implemented in source code?
2019-05-14T13:12:28.777Z DEBUG GAP_EVT_AUTH_STATUS time:2019-05-14T13:12:28.761Z connHandle:0 authStatus:0 authStatusName:bleGapSecStatusSuccess errorSrc:0 errorSrcName:bleGapSecStatusSourceLocal bonded:true sm1Levels:[lv1:true lv2:true lv3:true lv4:true] sm2Levels:[lv1:false lv2:false lv3:false lv4:false] kdistOwn:[enc:true sign:false link:false] kdistPeer:[enc:false sign:false link:false] keyset:[keysOwn:[encKey:[encInfo:[ltk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]] auth:true ltkLen:16 lesc:true] masterId:[ediv:0 rand:[[],[],[],[],[],[],[],[]]]] idKey:[idInfo:[irk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]] idAddrInfo:[address:00:00:00:00:00:00 type:public addrIdPeer:0]] signKey:[csrk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]] pk:[pk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]]] keysPeer:[encKey:[encInfo:[ltk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]] auth:false ltkLen:0 lesc:false] masterId:[ediv:0 rand:[[],[],[],[],[],[],[],[]]]] idKey:[idInfo:[irk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]] idAddrInfo:[address:00:00:00:00:00:00 type:public addrIdPeer:0]] signKey:[csrk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]] pk:[pk:[[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]]]]]
2. From central log, why there is a similar trace to the one in the previous question but with valid keyset information?
2019-05-14T13:12:28.791Z DEBUG Bond info: [["CB:76:12:5C:09:9D",{"keys_own":{"enc_key":{"enc_info":{"ltk":[202,20,206,74,234,248,52,226,180,232,21,75,73,235,111,76],"auth":true,"ltk_len":16,"lesc":true},"master_id":{"ediv":0,"rand":[0,0,0,0,0,0,0,0]}},"id_key":{"id_info":{"irk":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"id_addr_info":{"address":"00:00:00:00:00:00","type":"BLE_GAP_ADDR_TYPE_PUBLIC","addr_id_peer":0}},"sign_key":{"csrk":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"pk":{"pk":[116,158,103,26,253,159,228,93,217,135,141,150,109,73,64,179,141,180,171,25,163,38,7,30,184,123,172,149,20,83,205,90,217,208,204,139,82,70,136,18,87,119,112,10,152,58,171,228,3,14,207,17,98,2,27,124,232,225,181,174,35,136,138,203]}},"keys_peer":{"enc_key":{"enc_info":{"ltk":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0],"auth":false,"ltk_len":0,"lesc":false},"master_id":{"ediv":0,"rand":[0,0,0,0,0,0,0,0]}},"id_key":{"id_info":{"irk":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"id_addr_info":{"address":"00:00:00:00:00:00","type":"BLE_GAP_ADDR_TYPE_PUBLIC","addr_id_peer":0}},"sign_key":{"csrk":[0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]},"pk":{"pk":[176,131,11,186,219,18,116,201,71,45,4,50,251,207,105,86,201,205,19,128,18,194,225,47,9,181,216,35,160,200,132,60,21,182,1,35,122,26,33,233,16,108,16,159,147,102,151,176,134,46,107,145,60,8,96,11,156,212,245,82,225,249,53,191]}}}]]
3. To question 2, since bond info is from
function addBondInfo(state, device, params)from
export default function security(state = initialState, action)in securityReducer.js. Where is the source of "action.params" which contains the valid bond info?
4. After disconnect and re-connect, there is an error saying:
Central:
2019-05-14T13:13:00.174Z DEBUG GAP_EVT_AUTH_STATUS time:2019-05-14T13:13:00.126Z connHandle:0 authStatus:133 authStatusName:bleGapSecStatusPairingNotSupp errorSrc:1 errorSrcName:bleGapSecStatusSourceRemote bonded:false sm1Levels:[lv1:true lv2:true lv3:false lv4:false] sm2Levels:[lv1:false lv2:false lv3:false lv4:false] kdistOwn:[enc:false sign:false link:false] kdistPeer:[enc:false sign:false link:true] keyset:null 2019-05-14T13:13:00.175Z WARN Authentication failed with status BLE_GAP_SEC_STATUS_PAIRING_NOT_SUPP
Peripheral:
<info> peer_manager_handler: Connection security failed: role: Peripheral, conn_handle: 0x0, procedure: Pairing, error: 133 <info> app: BLE_GAP_EVT_AUTH_STATUS: status=0x85 bond=0x0 lv4: 0 kdist_own:0x0 kdist_peer:0x0
How come?
Thanks and best regards,
Chencheng
