• State Verified Answer
  • Replies 5 replies
  • Subscribers 73 subscribers
  • Views 1025 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 246705
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

BLE Mesh serial - cannot set the device key via UART

Sean Taylor

It is possible to provision the NetKey, AppKey and unicast address of a node using the serial protocol, using the following messages:

Mesh Subnet Add, Opcode: 0x92 - NetKey

Mesh Appkey Add, Opcode: 0x97 - I assume this sets the appkey that is used to encrypt data submitted with Bluetooth Mesh Packet Send, Opcode: 0xab

Mesh Addr Local Unicast Set Opcode: 0x9f

However I cannot find any way to provision a device key in a node via the serial protocol (we would like this option, in addition to the option to provision OTA).

If no device key is set in a node does this then mean that the node cannot be configured to publish a periodic heartbeat ?   (And another node could not subscribe to that heartbeat).

Without a device key set it seems that the whole configuration model would not be usable.  This may not be a problem in our application - I just need to understand it.  Thanks!

  • 0

    Hi,

    Regarding provisioning using a serial protocol, I suggest you have a look at our Interactive PyACI script and Interactive mesh provisioning and configuration

    If no device key is set in a node does this then mean that the node cannot be configured to publish a periodic heartbeat ?   (And another node could not subscribe to that heartbeat).

     Yes, that is correct. I would suggest you read through this.

  • 0 in reply to Mttrinh

    Thanks - I did run the light server provisioning demo, and captured the log file and analyzed it.  However ours is a different situation.  We would like to be able to provision every node in the mesh using serial - not over the air at all.  In a similar way as the dev.quick_setup() script does for the "sending mesh packets" demonstration.  We do not require mesh standard compliance - we intend to use it only as a data bearer, not for standard models.

    The one thing missing with configuring the nodes this way is no devkey is generated - so I was wondering if it's possible to write a devkey into the node using the serial protocol - the dev key could be generated by a RNG on our host processor.

    Also the serial example nrf5_SDK_for_Mesh_v4.0.0_src\examples\serial does not appear to contain support for being a mesh over-the-air provisionee. I'm not sure how complex or how much work it is to add the provisionee functionality into the serial example (by copying out of the light server, for example).

  • 0 in reply to Mttrinh

    I think I found a way to provision the device key via the UART of the node being configured

    1) The host sets the netkey of the node with "Bluetooth Mesh Subnet Add Opcode: 0x92"

    2) The host then sets the unicast address of the node with "Bluetooth Mesh Addr Local Unicast Set Opcode: 0x9f"

    3) The host then sets an "Bluetooth Mesh Devkey Add Opcode: 0x9c" with the unicast address set in setp 2, the subnet handle from step 1 and a RNG generated devkey.

    4) Finally the host would issue "Bluetooth Mesh Config Server Bind Opcode: 0xad" to bind the node's configuration server to the device key handle returned in step 3.

  • +1 in reply to Mttrinh

    A comment from our Mesh team regarding the device key:

    This is not provided for a reason. The device key is the most important part which secures the device settings. Therefore it is never exchanged over the air or via any interface. The device key gets generated independently at both ends during the provisioning process. Because of this, we did not think there is a need to set the device key over a serial interface. 

    For your purpose, you can, of course, use already available DSM APIs and add such custom serial command.

  • 0 in reply to Mttrinh

    Thanks - the example I gave above seems to work without any new DSM commands.

Related
Terms of service