This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to early detect notification enabling (writting 1 to CCCD)?

Hi I would like to, at app level, implement access control to characteristic. My characteristic is configured solely as notify (no read, no writing).

When a smartphone turns on the notify feature of the characteristic I would like to decided if it can go one (and receive notifications) or deny it and disconnect (no permission to turn n notification).


Is it possible to implement that? How?

How can I early detect that a smartphone is just trying to write 1 to the CCCD?


Thanks a lot

Alex

Parents
  • Hello,

    The usual way to determine this is to restrict what devices that can change the CCCD before it happens, rather than when it has already happened. I don't think you can do that.

    But the common way is to say that you need to be paired, or even use MITM protection in order to change the CCCD. This way, only known devices will be able to receive notifications. Would that work for you? If so, you can look into e.g. the way the ble_app_gls set up it's services and characteristics. 

    Inside services_init() in main.c, you can see that e.g. the gls_init.gl_meas_cccd_wr_sec = SEC_JUST_WORKS. This means that the link has to be encrypted with "JUST_WORKS" to change the CCCD.

    If it was set to SEC_OPEN, anyone can enable notifications, while if it was set to SEC_MITM, you would have to pair using MITM protection, such as an out of band passkey to be allowed to enable notifications.

Reply
  • Hello,

    The usual way to determine this is to restrict what devices that can change the CCCD before it happens, rather than when it has already happened. I don't think you can do that.

    But the common way is to say that you need to be paired, or even use MITM protection in order to change the CCCD. This way, only known devices will be able to receive notifications. Would that work for you? If so, you can look into e.g. the way the ble_app_gls set up it's services and characteristics. 

    Inside services_init() in main.c, you can see that e.g. the gls_init.gl_meas_cccd_wr_sec = SEC_JUST_WORKS. This means that the link has to be encrypted with "JUST_WORKS" to change the CCCD.

    If it was set to SEC_OPEN, anyone can enable notifications, while if it was set to SEC_MITM, you would have to pair using MITM protection, such as an out of band passkey to be allowed to enable notifications.

Children
Related