• State Verified Answer
  • Replies 6 replies
  • Subscribers 67 subscribers
  • Views 1722 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 236475
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

About PassKey when "PM_CONN_SEC_PROCEDURE_ENCRYPTION"

takashina hiroki

I have a question about PeerManager.

SDK: 15.3.0
example: ble_app_multirole_lesc (I changed the source from the sample)
deviceA: EYSHJNZWZ (nRF52832)
deviceB: Android (ver9)

deviceA and deviceB are connected at the LESC security level.
The PeerManager settings at that time are shown below.

ble_gap_sec_params_t	sec_params;
ret_code_t				err_code;

memset(&sec_params, 0, sizeof(ble_gap_sec_params_t));

/*-  Security parameters to be used for all security procedures.	*/
sec_params.bond				= true;										/*- [in] Perform bonding.				*/
sec_params.mitm				= 1;										/*- [in] Enable Man In The Middle protection.	*/
sec_params.lesc				= 1;										/*- [in] Enable LE Secure Connection pairing.	*/
sec_params.keypress			= 0;										/*- [in] Enable generation of keypress notifications.	*/
sec_params.io_caps			= BLE_GAP_IO_CAPS_DISPLAY_YESNO;			/*- [in] IO capabilities				*/
sec_params.oob				= 0;										/*- [in] The OOB data flag.				*/
sec_params.min_key_size		= 7;										/*- [in] Minimum encryption key size in octets between 7 and 16. If 0 then not applicable in this instance.	*/
sec_params.max_key_size		= 16;										/*- [in] Maximum encryption key size in octets between min_key_size and 16.	*/
if( bond == true ) {
	sec_params.kdist_own.enc	= 1;									/*- [in] Key distribution bitmap: keys that the local device will distribute. Long Term Key and Master Identification.	*/
	sec_params.kdist_own.id		= 1;									/*- [in] Key distribution bitmap: keys that the local device will distribute. Identity Resolving Key and Identity Address Information.	*/
	sec_params.kdist_peer.enc	= 1;									/*- [in] Key distribution bitmap: keys that the remote device will distribute. Long Term Key and Master Identification.	*/
	sec_params.kdist_peer.id	= 1;									/*- [in] Key distribution bitmap: keys that the remote device will distribute. Identity Resolving Key and Identity Address Information.	*/
}
err_code = pm_sec_params_set(
							&sec_params									/*- [in] Security parameters to be used for subsequent security procedures.		*/
);																		/*- Function for providing pairing and bonding parameters to use for pairing procedures.	*/
APP_ERROR_CHECK(err_code);

Both devices also hold a key by bonding.
Then disconnect both devices.
And if you try to connect again, security starts with "PM_CONN_SEC_PROCEDURE_ENCRYPTION".
The PeerManager settings at that time are shown below.

ble_gap_sec_params_t	sec_params;
ret_code_t				err_code;

memset(&sec_params, 0, sizeof(ble_gap_sec_params_t));

/*-  Security parameters to be used for all security procedures.	*/
sec_params.bond				= false;									/*- [in] Perform bonding.				*/
sec_params.mitm				= 1;										/*- [in] Enable Man In The Middle protection.	*/
sec_params.lesc				= 1;										/*- [in] Enable LE Secure Connection pairing.	*/
sec_params.keypress			= 0;										/*- [in] Enable generation of keypress notifications.	*/
sec_params.io_caps			= BLE_GAP_IO_CAPS_DISPLAY_YESNO;			/*- [in] IO capabilities				*/
sec_params.oob				= 0;										/*- [in] The OOB data flag.				*/
sec_params.min_key_size		= 7;										/*- [in] Minimum encryption key size in octets between 7 and 16. If 0 then not applicable in this instance.	*/
sec_params.max_key_size		= 16;										/*- [in] Maximum encryption key size in octets between min_key_size and 16.	*/
if( bond == true ) {
	sec_params.kdist_own.enc	= 1;									/*- [in] Key distribution bitmap: keys that the local device will distribute. Long Term Key and Master Identification.	*/
	sec_params.kdist_own.id		= 1;									/*- [in] Key distribution bitmap: keys that the local device will distribute. Identity Resolving Key and Identity Address Information.	*/
	sec_params.kdist_peer.enc	= 1;									/*- [in] Key distribution bitmap: keys that the remote device will distribute. Long Term Key and Master Identification.	*/
	sec_params.kdist_peer.id	= 1;									/*- [in] Key distribution bitmap: keys that the remote device will distribute. Identity Resolving Key and Identity Address Information.	*/
}
err_code = pm_sec_params_set(
							&sec_params									/*- [in] Security parameters to be used for subsequent security procedures.		*/
);																		/*- Function for providing pairing and bonding parameters to use for pairing procedures.	*/
APP_ERROR_CHECK(err_code);

After that, "BLE_GAP_EVT_PASSKEY_DISPLAY" will run.
"passkey" in "ble_gap_evt_passkey_display_t" is not 6-digit passkey in ASCII ('0'-'9' digits only).
It looks like it contains a meaningless value.

・ Is it correct that "BLE_GAP_EVT_PASSKEY_DISPLAY" is called?
・ Why is "passkey" not 6-digit passkey in ASCII ('0'-'9' digits only)?

Parents Reply Children
No Data
Related