• State Not Answered
  • Replies 19 replies
  • Subscribers 75 subscribers
  • Views 4112 views
  • Users 0 members are here
Attachments (2) Download All
Nordic Case Info
  • Case ID: 256781
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Modify pre shared OOB key for Legacy Connection

Beldramma

Hi !

I am working on SDK 15.2 and on a NRF52832.

The others devices I will interact with are on BLE 4, so I can use only Legacy Connection mode for security. 

I would like to use Out of Band mode, with a pre shared key stored on my device. The other device, a BLE Gateway, will have a file with this key stored too. 

First, I would like to know if there are examples to do that. 

Second, i would like to know if it is possible to modify the value of the key and keep its value even if we switch off the device. 

Thanks,

  • 0 in reply to Beldramma

    If you include peer manager, then it will handle most of these events already (e.g. BLE_GAP_EVT_SEC_PARAMS_REQUEST):
    https://infocenter.nordicsemi.com/topic/sdk_nrf5_v17.0.2/lib_peer_manager.html

    The input/output passkey, display, oob are really the only exceptions I can think of. 

  • 0 in reply to Kenneth

    Ok, so for now I am trying to use the ble_app_hrs with Legacy connection and OOB. I have filled the security parameters as it is told in the peer-manager documentation. I have handled the BLE_GAP_EVT_AUTH_KEY_REQUEST by adding the call of the sd_ble_gap_auth_key_reply function.I have also modified the battery service to put the SEC_MITM security level for the read access.

    I have also modified the battery service to put the SEC_MITM security level for the read access.

    To connect to my device, I use for now my phone with the nrfConnect app.

    After doing that, I am not sure what i have to wait for. I can still connect to my device without any key asked. have checked, I don't enter in the event handler for the BLE_GAP_EVT_AUTH_KEY_REQUEST.

    Wha I have to do to enter in this event so I can send my OOB key ?

    When I connect to my device, I have this message from the peer_manager_handler : 

    <info> peer_manager_handler: Connection secured: role: Peripheral, conn_handle: 0, procedure: Encryption

    Is the security only applied when we want to read/write the attributes ?

    Then I have tried to read the Battery value, but nothing is happening., I cannot read the value and nothing is printed on the debug terminal so I have no information.

    Do you know what I have to do ?

  • 0 in reply to Beldramma

    If you want to bond with a phone using OOB, then you need to use NFC. I believe there is a HRS example in the nRF5 SDK that can do this for you (\ble_app_hrs_nfc_pairing). You have very little control of this, since it\s handled by the OS. Likely you will not be able to do OOB unless you have NFC in the first place (it's not possible to inject OOB from the app afaik). Also, the trigger to execute bonding is depending on the OS on the phone. 

  • 0 in reply to Kenneth

    Well I want to use OOB, but without NFC. In the future, my peripheral will be connected with a BLE gateway, so I can simulate it for now with a pca10040. Can I use the ble_app_hrs_c example directly or do I have to modify it also ?

    And what about my other question :

    Beldramma said:
    Is the security only applied when we want to read/write the attributes ?
  • 0 in reply to Beldramma

    The examples I shared should work out of the box, but it is for a slightly older SDK, so it may need some modifications.

    Beldramma said:
    Is the security only applied when we want to read/write the attributes ?

    If you set a specific security level for a characteristic, then there is no data exchanged on that characteristic until the security level on the link is met. When this occurs depends on how you want it to behave; you can bond before accessing characteristics or you can wait until you get an insufficient security level error when accessing the characteristic.

Related
Terms of service