• State Verified Answer
  • Replies 11 replies
  • Subscribers 86 subscribers
  • Views 4023 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 255516
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Authentication failed with status BLE_GAP_SEC_STATUS_INVALID_PARAMS

Alex

Hi!

I'm developing code for Central device on nRF52840. SDK 16.0.0 SoftDevice S140. 

Peripheral is a Bluetooth mini printer. I can connect to it and print. But when I try to bond calling pm_conn_secure() I have failure PM_EVT_CONN_SEC_FAILED with error BLE_GAP_SEC_STATUS_INVALID_PARAMS.(0x8A)

My settings are:

#define SEC_PARAM_BOND 1
#define SEC_PARAM_MITM 1
#define SEC_PARAM_IO_CAPABILITIES BLE_GAP_IO_CAPS_KEYBOARD_DISPLAY
#define SEC_PARAM_OOB 0
#define SEC_PARAM_MIN_KEY_SIZE 7
#define SEC_PARAM_MAX_KEY_SIZE 16
#define SEC_PARAM_LESC 1
#define SEC_PARAM_KEYPRESS 0

I tried to pair that printer on two Android phones. When I pair via Android settings I have passkey invitation. When I bond printer from nRF Connect for Android, on both phones it bonded without asking passkey. Not sure if bonded correctly because all Characteristics in printer are open.

nRF Connect for Windows 10 with PCA10040 as dongle behaves differently. It returns BLE_GAP_SEC_STATUS_INVALID_PARAMS

Log is below.

2020-08-28T15:33:24.563Z DEBUG 382 -> [00 7e 00 00 01 47 07 10 01 01 ] type: VENDOR_SPECIFIC reliable:yes seq#:5 ack#:0 payload_length:a data_integrity:1 header_checksum:8d err_code:0x0
2020-08-28T15:33:24.607Z DEBUG 378/ 0 <- [N/A] type: ACK reliable: no seq#:0 ack#:6 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:33:24.607Z DEBUG 379/ 0 <- [01 7e 00 00 00 00 ] type: VENDOR_SPECIFIC reliable:yes seq#:0 ack#:6 payload_length:6 data_integrity:1 header_checksum:a2 err_code:0x0
2020-08-28T15:33:24.608Z DEBUG 383 -> [N/A] type: ACK reliable: no seq#:0 ack#:1 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:33:24.608Z DEBUG Authenticate, secParams: r { "bond": true, "io_caps": 4, "lesc": true, "mitm": true, "oob": false, "keypress": false, "min_key_size": 7, "max_key_size": 16, "kdist_own": [object Object], "kdist_peer": [object Object] }
2020-08-28T15:33:24.655Z DEBUG 380/ 0 <- [02 19 00 00 00 8a 00 00 00 00 00 ] type: VENDOR_SPECIFIC reliable:yes seq#:1 ack#:6 payload_length:b data_integrity:1 header_checksum:51 err_code:0x0
2020-08-28T15:33:24.655Z DEBUG 384 -> [N/A] type: ACK reliable: no seq#:0 ack#:2 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:33:24.655Z DEBUG GAP_EVT_AUTH_STATUS time:2020-08-28T15:33:24.655Z connHandle:0 authStatus:138 authStatusName:bleGapSecStatusInvalidParams errorSrc:0 errorSrcName:bleGapSecStatusSourceLocal bonded:false sm1Levels:[lv1:false lv2:false lv3:false lv4:false] sm2Levels:[lv1:false lv2:false lv3:false lv4:false] kdistOwn:[enc:false sign:false link:false] kdistPeer:[enc:false sign:false link:false] lesc:false keyset:null
2020-08-28T15:33:24.656Z WARN Authentication failed with status BLE_GAP_SEC_STATUS_INVALID_PARAMS
2020-08-28T15:34:54.816Z DEBUG 385 -> [00 7e 00 00 01 43 07 10 01 01 ] type: VENDOR_SPECIFIC reliable:yes seq#:6 ack#:2 payload_length:a data_integrity:1 header_checksum:7c err_code:0x0
2020-08-28T15:34:54.851Z DEBUG 381/ 0 <- [N/A] type: ACK reliable: no seq#:0 ack#:7 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:34:54.851Z DEBUG 382/ 0 <- [01 7e 00 00 00 00 ] type: VENDOR_SPECIFIC reliable:yes seq#:2 ack#:7 payload_length:6 data_integrity:1 header_checksum:98 err_code:0x0
2020-08-28T15:34:54.851Z DEBUG 386 -> [N/A] type: ACK reliable: no seq#:0 ack#:3 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:34:54.852Z DEBUG Authenticate, secParams: r { "bond": true, "io_caps": 4, "lesc": false, "mitm": true, "oob": false, "keypress": false, "min_key_size": 7, "max_key_size": 16, "kdist_own": [object Object], "kdist_peer": [object Object] }
2020-08-28T15:34:54.897Z DEBUG 383/ 0 <- [02 19 00 00 00 8a 00 00 00 00 00 ] type: VENDOR_SPECIFIC reliable:yes seq#:3 ack#:7 payload_length:b data_integrity:1 header_checksum:47 err_code:0x0
2020-08-28T15:34:54.897Z DEBUG 387 -> [N/A] type: ACK reliable: no seq#:0 ack#:4 payload_length:0 data_integrity:0 err_code:0x0
2020-08-28T15:34:54.898Z DEBUG GAP_EVT_AUTH_STATUS time:2020-08-28T15:34:54.897Z connHandle:0 authStatus:138 authStatusName:bleGapSecStatusInvalidParams errorSrc:0 errorSrcName:bleGapSecStatusSourceLocal bonded:false sm1Levels:[lv1:false lv2:false lv3:false lv4:false] sm2Levels:[lv1:false lv2:false lv3:false lv4:false] kdistOwn:[enc:false sign:false link:false] kdistPeer:[enc:false sign:false link:false] lesc:false keyset:null
2020-08-28T15:34:54.898Z WARN Authentication failed with status BLE_GAP_SEC_STATUS_INVALID_PARAMS

When I try to pair printer via Windows it asks passkey.

Which parameter can be invalid? I believe I tried all possible combinations which makes sense.

Thanks.

Update.

Below is Sniffer logs.

Android nRF Connect application successfully bonded:

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1312 46.200   Master_0xa60a2eab     LE 1M      SMP      11         44689µs                      0          0          False      115           Sent Pairing Request: AuthReq: Bonding, MITM | Initiator Key(s): LTK, IRK, CSRK | Responder Key(s): LTK, IRK, CSRK

Frame 1312: 37 bytes on wire (296 bits), 37 bytes captured (296 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55640
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 35
    RSSI: -43 dBm
    Event counter: 115
    Delta time (end to start): 44689µs
    [Delta time (start to start): 44769µs]
    [Packet time (start to end): 168µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0b02
    [L2CAP Index: 57]
    CRC: 0xc26cf9
Bluetooth L2CAP Protocol
    Length: 7
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Request (0x01)
    IO Capability: Keyboard, Display (0x04)
    OOB Data Flags: OOB Auth. Data Not Present (0x00)
    AuthReq: 0x05, MITM Flag, Bonding Flags: Bonding
        000. .... = Reserved: 0x0
        ...0 .... = Keypress Flag: False
        .... 0... = Secure Connection Flag: False
        .... .1.. = MITM Flag: True
        .... ..01 = Bonding Flags: Bonding (0x1)
    Max Encryption Key Size: 16
    Initiator Key Distribution: 0x07, Signature Key (CSRK), Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True
    Responder Key Distribution: 0x07, Signature Key (CSRK), Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1313 46.245   Master_0xa60a2eab     LE 1M      SMP      11         44831µs                      0          0          False      116           Sent Pairing Request: AuthReq: Bonding, MITM | Initiator Key(s): LTK, IRK, CSRK | Responder Key(s): LTK, IRK, CSRK

Frame 1313: 37 bytes on wire (296 bits), 37 bytes captured (296 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55641
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 5
    RSSI: -41 dBm
    Event counter: 116
    Delta time (end to start): 44831µs
    [Delta time (start to start): 44999µs]
    [Packet time (start to end): 168µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0b02
    [L2CAP Index: 58]
    CRC: 0xc26cf9
Bluetooth L2CAP Protocol
    Length: 7
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Request (0x01)
    IO Capability: Keyboard, Display (0x04)
    OOB Data Flags: OOB Auth. Data Not Present (0x00)
    AuthReq: 0x05, MITM Flag, Bonding Flags: Bonding
        000. .... = Reserved: 0x0
        ...0 .... = Keypress Flag: False
        .... 0... = Secure Connection Flag: False
        .... .1.. = MITM Flag: True
        .... ..01 = Bonding Flags: Bonding (0x1)
    Max Encryption Key Size: 16
    Initiator Key Distribution: 0x07, Signature Key (CSRK), Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True
    Responder Key Distribution: 0x07, Signature Key (CSRK), Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1314 46.248   Slave_0xa60a2eab      LE 1M      SMP      11         151µs                        0          1          False      116           Rcvd Pairing Response: AuthReq: Bonding | Initiator Key(s): CSRK | Responder Key(s): LTK

Frame 1314: 37 bytes on wire (296 bits), 37 bytes captured (296 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55642
    Length of packet: 10
    Flags: 0x01
        .... ...1 = CRC: OK
        .... ..0. = Direction: Slave -> Master
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 5
    RSSI: -73 dBm
    Event counter: 116
    Delta time (end to start): 151µs
    [Delta time (start to start): 319µs]
    [Packet time (start to end): 168µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0b06
    [L2CAP Index: 59]
    CRC: 0x06748e
Bluetooth L2CAP Protocol
    Length: 7
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Response (0x02)
    IO Capability: No Input, No Output (0x03)
    OOB Data Flags: OOB Auth. Data Not Present (0x00)
    AuthReq: 0x01, Bonding Flags: Bonding
        000. .... = Reserved: 0x0
        ...0 .... = Keypress Flag: False
        .... 0... = Secure Connection Flag: False
        .... .0.. = MITM Flag: False
        .... ..01 = Bonding Flags: Bonding (0x1)
    Max Encryption Key Size: 16
    Initiator Key Distribution: 0x04, Signature Key (CSRK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..0. = Id Key (IRK): False
        .... ...0 = Encryption Key (LTK): False
    Responder Key Distribution: 0x01, Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .0.. = Signature Key (CSRK): False
        .... ..0. = Id Key (IRK): False
        .... ...1 = Encryption Key (LTK): True

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1315 46.291   Master_0xa60a2eab     LE 1M      SMP      21         44513µs                      1          1          False      117           Sent Pairing Confirm

Frame 1315: 47 bytes on wire (376 bits), 47 bytes captured (376 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55643
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 12
    RSSI: -39 dBm
    Event counter: 117
    Delta time (end to start): 44513µs
    [Delta time (start to start): 44681µs]
    [Packet time (start to end): 248µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x150e
    [L2CAP Index: 60]
    CRC: 0x73e44e
Bluetooth L2CAP Protocol
    Length: 17
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Confirm (0x03)
    Confirm Value: 564c8748f3c4f764f86f46a650c083bc

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1316 46.294   Slave_0xa60a2eab      LE 1M      SMP      21         150µs                        1          0          False      117           Rcvd Pairing Confirm

Frame 1316: 47 bytes on wire (376 bits), 47 bytes captured (376 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55644
    Length of packet: 10
    Flags: 0x01
        .... ...1 = CRC: OK
        .... ..0. = Direction: Slave -> Master
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 12
    RSSI: -76 dBm
    Event counter: 117
    Delta time (end to start): 150µs
    [Delta time (start to start): 398µs]
    [Packet time (start to end): 248µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x150a
    [L2CAP Index: 61]
    CRC: 0xb3590a
Bluetooth L2CAP Protocol
    Length: 17
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Confirm (0x03)
    Confirm Value: 5c5d2ff700ab71c89eb252ab4bb5fa05

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1317 46.336   Master_0xa60a2eab     LE 1M      SMP      21         44352µs                      0          0          False      118           Sent Pairing Random

Frame 1317: 47 bytes on wire (376 bits), 47 bytes captured (376 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55645
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 19
    RSSI: -41 dBm
    Event counter: 118
    Delta time (end to start): 44352µs
    [Delta time (start to start): 44600µs]
    [Packet time (start to end): 248µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x1502
    [L2CAP Index: 62]
    CRC: 0x095355
Bluetooth L2CAP Protocol
    Length: 17
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Random (0x04)
    Random Value: 631f89c457eaf1b3951c3296bdd3e447

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1318 46.382   Master_0xa60a2eab     LE 1M      SMP      21         44751µs                      0          0          False      119           Sent Pairing Random

Frame 1318: 47 bytes on wire (376 bits), 47 bytes captured (376 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55646
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 36
    RSSI: -43 dBm
    Event counter: 119
    Delta time (end to start): 44751µs
    [Delta time (start to start): 44999µs]
    [Packet time (start to end): 248µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x1502
    [L2CAP Index: 63]
    CRC: 0x095355
Bluetooth L2CAP Protocol
    Length: 17
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Random (0x04)
    Random Value: 631f89c457eaf1b3951c3296bdd3e447

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1319 46.427   Master_0xa60a2eab     LE 1M      LE LL    23         44751µs                      1          1          False      120           Control Opcode: LL_ENC_REQ

Frame 1319: 49 bytes on wire (392 bits), 49 bytes captured (392 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55647
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 33
    RSSI: -42 dBm
    Event counter: 120
    Delta time (end to start): 44751µs
    [Delta time (start to start): 44999µs]
    [Packet time (start to end): 264µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x170f
    Control Opcode: LL_ENC_REQ (0x03)
    Random Number: 0 (0x0000000000000000)
    Encrypted Diversifier: 0 (0x0000)
    Master Session Key Diversifier: 10986969477047204564 (0x98798e8725753ad4)
    Master Session Initialization Vector: 1727634650 (0x66f99cda)
    CRC: 0xa6d9c2

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
   1320 46.431   Slave_0xa60a2eab      LE 1M      LE LL    13         150µs                        1          0          True       120           Control Opcode: LL_ENC_RSP

Frame 1320: 39 bytes on wire (312 bits), 39 bytes captured (312 bits) on interface wireshark_extcap2016, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 55648
    Length of packet: 10
    Flags: 0x01
        .... ...1 = CRC: OK
        .... ..0. = Direction: Slave -> Master
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 33
    RSSI: -79 dBm
    Event counter: 120
    Delta time (end to start): 150µs
    [Delta time (start to start): 414µs]
    [Packet time (start to end): 184µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xa60a2eab
    [Master Address: 73:42:fd:0a:66:7b (73:42:fd:0a:66:7b)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0d1b
    Control Opcode: LL_ENC_RSP (0x04)
    Slave Session Key Diversifier: 13418200902072171183 (0xba3706a0b4d67aaf)
    Slave Session Initialization Vector: 2253425201 (0x0000000086508a31)
    CRC: 0x651c16

nRF52840 Central code bonding failed. I tried to change IO capability to match Android but it didn't help:

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
    181 6.866    Master_0xb066ed9d     LE 1M      SMP      11         149µs                        1          1          False      52            Sent Pairing Request: AuthReq: Bonding, MITM | Initiator Key(s): LTK, IRK | Responder Key(s): LTK, IRK

Frame 181: 37 bytes on wire (296 bits), 37 bytes captured (296 bits) on interface wireshark_extcap3496, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 5066
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 34
    RSSI: -53 dBm
    Event counter: 52
    Delta time (end to start): 149µs
    [Delta time (start to start): 229µs]
    [Packet time (start to end): 168µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xb066ed9d
    [Master Address: eb:a0:5a:49:e0:e2 (eb:a0:5a:49:e0:e2)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0b0e
    [L2CAP Index: 18]
    CRC: 0x8db90b
Bluetooth L2CAP Protocol
    Length: 7
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Request (0x01)
    IO Capability: Keyboard Only (0x02)
    OOB Data Flags: OOB Auth. Data Not Present (0x00)
    AuthReq: 0x05, MITM Flag, Bonding Flags: Bonding
        000. .... = Reserved: 0x0
        ...0 .... = Keypress Flag: False
        .... 0... = Secure Connection Flag: False
        .... .1.. = MITM Flag: True
        .... ..01 = Bonding Flags: Bonding (0x1)
    Max Encryption Key Size: 16
    Initiator Key Distribution: 0x03, Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .0.. = Signature Key (CSRK): False
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True
    Responder Key Distribution: 0x03, Id Key (IRK), Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .0.. = Signature Key (CSRK): False
        .... ..1. = Id Key (IRK): True
        .... ...1 = Encryption Key (LTK): True

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
    182 6.868    Slave_0xb066ed9d      LE 1M      SMP      11         150µs                        1          0          False      52            Rcvd Pairing Response: AuthReq: Bonding | Initiator Key(s): CSRK | Responder Key(s): LTK

Frame 182: 37 bytes on wire (296 bits), 37 bytes captured (296 bits) on interface wireshark_extcap3496, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 5067
    Length of packet: 10
    Flags: 0x01
        .... ...1 = CRC: OK
        .... ..0. = Direction: Slave -> Master
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 34
    RSSI: -75 dBm
    Event counter: 52
    Delta time (end to start): 150µs
    [Delta time (start to start): 318µs]
    [Packet time (start to end): 168µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xb066ed9d
    [Master Address: eb:a0:5a:49:e0:e2 (eb:a0:5a:49:e0:e2)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0b0a
    [L2CAP Index: 19]
    CRC: 0xda393f
Bluetooth L2CAP Protocol
    Length: 7
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Response (0x02)
    IO Capability: No Input, No Output (0x03)
    OOB Data Flags: OOB Auth. Data Not Present (0x00)
    AuthReq: 0x01, Bonding Flags: Bonding
        000. .... = Reserved: 0x0
        ...0 .... = Keypress Flag: False
        .... 0... = Secure Connection Flag: False
        .... .0.. = MITM Flag: False
        .... ..01 = Bonding Flags: Bonding (0x1)
    Max Encryption Key Size: 16
    Initiator Key Distribution: 0x04, Signature Key (CSRK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .1.. = Signature Key (CSRK): True
        .... ..0. = Id Key (IRK): False
        .... ...0 = Encryption Key (LTK): False
    Responder Key Distribution: 0x01, Encryption Key (LTK)
        0000 .... = Reserved: 0x0
        .... 0... = Link Key: False
        .... .0.. = Signature Key (CSRK): False
        .... ..0. = Id Key (IRK): False
        .... ...1 = Encryption Key (LTK): True

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
    183 6.893    Master_0xb066ed9d     LE 1M      SMP      6          29050µs                      0          0          False      53            Sent Pairing Failed: Invalid Parameters

Frame 183: 32 bytes on wire (256 bits), 32 bytes captured (256 bits) on interface wireshark_extcap3496, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 5068
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 13
    RSSI: -47 dBm
    Event counter: 53
    Delta time (end to start): 29050µs
    [Delta time (start to start): 29218µs]
    [Packet time (start to end): 128µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xb066ed9d
    [Master Address: eb:a0:5a:49:e0:e2 (eb:a0:5a:49:e0:e2)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0602
    [L2CAP Index: 20]
    CRC: 0xd3e3b2
Bluetooth L2CAP Protocol
    Length: 2
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Failed (0x05)
    Reason: Invalid Parameters (0x0a)

No.     Time     Source                PHY        Protocol Length     Delta time (µs end to start) SN         NESN       More Data  Event counter Info
    184 6.922    Master_0xb066ed9d     LE 1M      SMP      6          29871µs                      0          0          False      54            Sent Pairing Failed: Invalid Parameters

Frame 184: 32 bytes on wire (256 bits), 32 bytes captured (256 bits) on interface wireshark_extcap3496, id 0
Nordic BLE Sniffer
    Board: 7
    Header Version: 2, Packet counter: 5069
    Length of packet: 10
    Flags: 0x03
        .... ...1 = CRC: OK
        .... ..1. = Direction: Master -> Slave
        .... .0.. = Encrypted: No
        .... 0... = MIC (not relevant): 0
        .000 .... = PHY: LE 1M (0)
        0... .... = Reserved: 0
    Channel: 29
    RSSI: -51 dBm
    Event counter: 54
    Delta time (end to start): 29871µs
    [Delta time (start to start): 29999µs]
    [Packet time (start to end): 128µs]
Bluetooth Low Energy Link Layer
    Access Address: 0xb066ed9d
    [Master Address: eb:a0:5a:49:e0:e2 (eb:a0:5a:49:e0:e2)]
    [Slave Address: 0f:02:18:41:82:bb (0f:02:18:41:82:bb)]
    Data Header: 0x0602
    [L2CAP Index: 21]
    CRC: 0xd3e3b2
Bluetooth L2CAP Protocol
    Length: 2
    CID: Security Manager Protocol (0x0006)
Bluetooth Security Manager Protocol
    Opcode: Pairing Failed (0x05)
    Reason: Invalid Parameters (0x0a)

It looks like that the problem is in Signature Key (CSRK). Nordic SoftDevice doesn't support it. As soon as I enable it in security parameters, peer manager return error.

    // Signing is not supported.
    if (p_sec_params->kdist_own.sign || p_sec_params->kdist_peer.sign)
    {
        return false;
    }

  • 0

    Can you please attach the stripped down project for me to reproduce it at my desk. The nRF Connect behavior was interesting, so i think i want to reproduce it.

  • 0 in reply to Susheel Nuguru

    Well, I mentioned SDK 16.0.0 SoftDevice S140 on nRF52840 only to say that it behaves the same way as nRF Connect. In order to reproduce the issue you need nRF Connect and printer. I used nRF5280 central + printer slave. Or nRF Connect as central + printer slave. Printer is POS-5802DD. I don't think you can repeat it without printer. Do you have nRF Connect with higher debug level so I can run it with that printer? I'm using nRF Connet v3.4.2

  • 0
    I have failure PM_EVT_CONN_SEC_FAILED with error BLE_GAP_SEC_STATUS_INVALID_PARAMS.(0x8A)

     I do not think that PM_EVT_CONN_SEC_FAILED can fail based on invalid params. I think only error that it could return are

    #define PM_CONN_SEC_ERROR_PIN_OR_KEY_MISSING (PM_CONN_SEC_ERROR_BASE + 0x06)  /**< @brief Encryption failed because the peripheral has lost the LTK for this bond. See also @ref BLE_HCI_STATUS_CODE_PIN_OR_KEY_MISSING and Table 3.7 ("Pairing Failed Reason Codes") in the Bluetooth Core Specification 4.2, section 3.H.3.5.5 (@linkBLEcore).  */
#define PM_CONN_SEC_ERROR_MIC_FAILURE        (PM_CONN_SEC_ERROR_BASE + 0x3D)  /**< @brief Encryption ended with disconnection because of mismatching keys or a stray packet during a procedure. See the SoftDevice GAP Message Sequence Charts on encryption (@linkBLEMSCgap), the Bluetooth Core Specification 4.2, sections 6.B.5.1.3.1 and 3.H.3.5.5 (@linkBLEcore), and @ref BLE_HCI_CONN_TERMINATED_DUE_TO_MIC_FAILURE. */
#define PM_CONN_SEC_ERROR_DISCONNECT         (PM_CONN_SEC_ERROR_BASE + 0x100) /**< @brief Pairing or encryption did not finish before the link disconnected for an unrelated reason. */
#define PM_CONN_SEC_ERROR_SMP_TIMEOUT        (PM_CONN_SEC_ERROR_BASE + 0x101) /**< @brief Pairing/bonding could not start because an SMP time-out has already happened on this link. This means that no more pairing or bonding can happen on this link. To be able to pair or bond, the link must be disconnected and then reconnected. See Bluetooth Core Specification 4.2 section 3.H.3.4 (@linkBLEcore). */

  • 0 in reply to Susheel Nuguru

    OK, may be I look at wrong variables in my code but nRF Connect gives the same error

    2020-08-28T15:34:54.898Z WARN Authentication failed with status BLE_GAP_SEC_STATUS_INVALID_PARAMS

    Will the Sniffer help in this situation? I'll try to make it running when nRF Connect talks to printer.

  • 0 in reply to Alex

    Sorry for the late reply and the inconvenience caused by it. I had to be away from work for a few days. 

    I think the construction of that error message is not for the SDK. It is best to see the sniffer log of the transaction that failed.

Related
Terms of service