Device: nRF52832, SD132v7.0.1, NRFSDK 16.0.0
Host: nRF52840 USB BLE dongle, pc-ble-driver-py 0.14.1, Python script, Linux
We're developing a device that's a BLE Peripheral, with one characteristic for IO that requires Just Works pairing with LESC. The device is advertising and can be connected to by my Python script, as well as the nRF Connect app on my Android handset, as well as the nRF Connect app on my Macbook.
The nRF Connect app from mobile and Macbook can both pair with JW and establish a bond. In this case the device logs look like this:
[00:00:08.576,721] <info> app: Connected. [00:00:09.613,342] <info> app: BLE_GAP_EVT_LESC_DHKEY_REQUEST [00:00:09.724,853] <info> nrf_ble_lesc: Calling sd_ble_gap_lesc_dhkey_reply on conn_handle: 0 [00:00:10.242,736] <info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 0, procedure: Bonding [00:00:10.242,858] <info> app: BLE_GAP_EVT_AUTH_STATUS: status=0x0 bond=0x1 lv4: 0 kdist_own:0x3 kdist_peer:0x2 [00:00:10.245,727] <info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Bonding data, action: Update [00:00:10.247,558] <info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Peer rank, action: Update [00:00:10.249,572] <info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Local database, action: Update [00:00:10.423,889] <info> peer_manager_handler: Peer data updated in flash: peer_id: 0, data_id: Central address resolution, action: Update
When I try to connect from my Python script, which uses pc-ble-driver-py, my device emits these logs instead:
[00:04:18.167,480] <info> app: Connected. [00:04:26.011,230] <info> app: BLE_GAP_EVT_LESC_DHKEY_REQUEST [00:04:26.011,291] <warning> nrf_ble_lesc: Creating invalid shared secret to make LESC fail. [00:04:26.011,291] <info> nrf_ble_lesc: Calling sd_ble_gap_lesc_dhkey_reply on conn_handle: 0 [00:04:32.204,406] <info> peer_manager_handler: Connection security failed: role: Peripheral, conn_handle: 0x0, procedure: Bonding, error: 4352 [00:04:32.204,406] <info> app: Disconnected, reason 19.
Digging into the debugger in firmware, I land up deep in uECC where one of the transmitted keys fails validation, the ECC shared point on the curve isn't valid.
My Python script is pretty simple, after connecting I simply issue this:
auth_result = ble._adapter.authenticate(
conn_handle,
None, # "_role" argument doesn't appear to be used?
bond=True,
lesc=True,
mitm=False,
oob=False,
io_caps=nrf_ble_driver.BLEGapIOCaps.keyboard_display,
enc_own=True,
id_own=True,
enc_peer=True,
id_peer=True)
I'm calling authenticate from my main function, not a SD event handler.
When I perform a BLE packet capture, I see that the Python script is sending a public key of all zeroes:
I'm assuming I'm doing something wrong here, since the nRF Connect apps connect and bond just fine. Do you have any guidance about what could be causing this?
I've seen these threads:
https://devzone.nordicsemi.com/f/nordic-q-a/39468/ble-bonding-pairing-with-pc-ble-driver-py
https://devzone.nordicsemi.com/f/nordic-q-a/43907/nfc-ble-pairing-connection-issue
https://devzone.nordicsemi.com/f/nordic-q-a/42974/bonding-with-pc-ble-driver-py
but they don't seem to help my case.
I've also seen some answers that claim that LESC / bonding isn't supported in pc-ble-driver-py, but other people say they've gotten it working. Could someone also confirm / deny this please?
Thanks,
Charles
