• State Verified Answer
  • Replies 1 reply
  • Subscribers 67 subscribers
  • Views 778 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 234029
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Security as Central a

youssefchei

Hello 

I'm using SDK 15.2 on nRF52 DK to test the ble_app_multirole_lesc example.

I downloaded the code to nRF52 DK to act as central.

I commented the scan_start() function then I downloaded the code to the other nRF52 DK to act as peripheral.

A secure BLE connection is established between the two DK.

Now I want to connect the central DK to smartphone without any security or bonding, but the connection can't be established.

I have modified the hrs init params in the main.c as following in the Central DK

    hrs_init_params.hrm_cccd_wr_sec = SEC_OPEN ;//SEC_MITM;
    hrs_init_params.bsl_rd_sec      = SEC_OPEN ; //SEC_MITM;

but still the connection between Central DK and a smartphone can't be established.

Is it possible to activate the security as Central and disable it as Peripheral for the same device(figure below)?

Best regards

Parents
  • +1

    Hello,

    If you look at the on_ble_evt() function in main.c, it calls pm_handler_secure_on_connection(p_ble_evt); before the switch(p_ble_evt->header.evt_id).

    If you look in the case BLE_GAP_EVT_CONNECTED inside the pm_handler_on_secure_connection() function you see that it will secure the connection using conn_secure();

    You can try to do this only if it is a peripheral or a central connection. If you are connecting to a phone, and you don't want to encrypt this connection,  I assume that the phone acts as a central, and the nRF as a peripheral in this connection.

    The BLE_GAP_EVT_CONNECTED has a variable called role, which you can see in ble_gap.h on line 1016.

    Try to add a check to see if the nRF is a peripheral or a central in this connection, and only secure the connection if you are a central in your on_ble_evt() in main.c:

    static void on_ble_evt(uint16_t conn_handle, ble_evt_t const * p_ble_evt)
{
    char        passkey[BLE_GAP_PASSKEY_LEN + 1];
    uint16_t    role = ble_conn_state_role(conn_handle);

    if (p_ble_evt->evt.gap_evt.params.connected.role == BLE_GAP_ROLE_CENTRAL)
    {
        pm_handler_secure_on_connection(p_ble_evt);
    }

    switch (p_ble_evt->header.evt_id)
    {
        case BLE_GAP_EVT_CONNECTED:
            m_connected_peers[conn_handle].is_connected = true;
            m_connected_peers[conn_handle].address = p_ble_evt->evt.gap_evt.params.connected.peer_addr;
            multi_qwr_conn_handle_assign(conn_handle);
            break;
        case ...

    Best regards,

    Edvin

Reply
  • +1

    Hello,

    If you look at the on_ble_evt() function in main.c, it calls pm_handler_secure_on_connection(p_ble_evt); before the switch(p_ble_evt->header.evt_id).

    If you look in the case BLE_GAP_EVT_CONNECTED inside the pm_handler_on_secure_connection() function you see that it will secure the connection using conn_secure();

    You can try to do this only if it is a peripheral or a central connection. If you are connecting to a phone, and you don't want to encrypt this connection,  I assume that the phone acts as a central, and the nRF as a peripheral in this connection.

    The BLE_GAP_EVT_CONNECTED has a variable called role, which you can see in ble_gap.h on line 1016.

    Try to add a check to see if the nRF is a peripheral or a central in this connection, and only secure the connection if you are a central in your on_ble_evt() in main.c:

    static void on_ble_evt(uint16_t conn_handle, ble_evt_t const * p_ble_evt)
{
    char        passkey[BLE_GAP_PASSKEY_LEN + 1];
    uint16_t    role = ble_conn_state_role(conn_handle);

    if (p_ble_evt->evt.gap_evt.params.connected.role == BLE_GAP_ROLE_CENTRAL)
    {
        pm_handler_secure_on_connection(p_ble_evt);
    }

    switch (p_ble_evt->header.evt_id)
    {
        case BLE_GAP_EVT_CONNECTED:
            m_connected_peers[conn_handle].is_connected = true;
            m_connected_peers[conn_handle].address = p_ble_evt->evt.gap_evt.params.connected.peer_addr;
            multi_qwr_conn_handle_assign(conn_handle);
            break;
        case ...

    Best regards,

    Edvin

Children
No Data
Related