• State Verified Answer
  • Replies 16 replies
  • Subscribers 74 subscribers
  • Views 4051 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 259160
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Pairing with qr code for passkey, production managament with crc and bootloader

Olfox

Hi,

My product have no keyboard or display , no nfc too. We want a paring procedure to not let open the connexion to everybody not paired first.

My idea was to use a fixed passkey into the code, and print into a qr code this passkey and mac adress. Our smartphone app will use this two parametres to scan and list only the product with concerned mac adress and then establish a paired connexion with the passkey, previously got by scanning the qr code.

My software also use secure bootloader to do DFU (s113 + ble_app_buttonless_dfu_ + secure_booloader_s113_pca10100) , nrf52833.

My questions is : 

1. Where to find this passkey into the code to set it ?

2. In production, i will have to personnalise this passkey into each product, making a different .hex with a specific crc to be able to boot i guess. Fastest way will be to build to get the good crc and flash only the memory adresse with good crc and passkey. Is it the good way to proceed ?

3. If it is, may be we need some script to first change the passkey into the source code, then build application , and finally program the device with nrfconnect command ? It seems to be quiet heavy but may be the unic solution?

4. in case of update of the firmware with dfu once customers has bought the product, does it means we will have to generate a unic zip for each product sales ? What is just impossible. So finally i dont't really see how to proceed a part of placing the passykey somewhere into the memory that is independant of crc check, what i don't think possible.

I didn't found easiest way to do something quiet simple in fact. This seems to be a typical case for BLE products , no?

Thanks a lot for your help, there is so many questions... Slight smile 

Parents
  • +1

    Hi Florian, 

    1. If you look for "static passkey" in devzone you should be able to find many example code for that, for example this: https://devzone.nordicsemi.com/f/nordic-q-a/15030/how-to-set-a-static-passkey-on-nrf52832-pca10040

    2. You can think of using the device ID in the FICR as the passkey. It can be consider unique to each device. The passkey has only 1 mil possibilities anyway. 

    3. If you use device ID in  FICR you don't need to change the code for each device. But you need to read the FICR of each of the device to print the QR code later on. 

    4. If you use Device ID you don't need to do modify the firmware for each device. 

  • 0 in reply to Hung Bui

    It is ok it works.

    On first connexion, i'm able to type the 6digit pincode extract from the 6 lsb of DEVICE_ID0. 

    But i have a strange effect. Once first phone paired it works fine. Then i pair a second phone, it works too. But when i try to connect the first phone, i get an error mesage on Android sayong " Association refused by myNrfDevice" where my Nrf device is my nrf52833.

    Is it possible to have two paired device or more ?

    Also when i try to dis associate on android side and then try to do the association process with pin code again, i have the same message ans i get this error on my nrf console:

    <info> peer_manager_handler: Connection security failed: role: Peripheral, conn_handle: 0x0, procedure: Bonding, error: 133

    I need to "Erase all" with SES to clean the nrf and then i can try again. It seems to be linked to the softdevice may be that keep in memory the second private key or something like this may be.

  • 0 in reply to Olfox

    Hi Florian, 
    It could be related to the feature that blocking an already bonded phone to bond again (allow_repairing). 
    Please have a look at this case: https://devzone.nordicsemi.com/f/nordic-q-a/37837/sdk15-paring-problem

    But this doesn't explain why you couldn't connect the first phone after you bond with 2nd phone. You may want to check the log on the nRF52 device. Also maybe capture a sniffer trace

  • 0 in reply to Hung Bui

    Hi Hung,

    Yes you are right, i realised there no link with the fact to pair a seconf phone, it was just link to the fact to delete bounded nrf in android that cause the issue. 

    I also had a "bug" that if you try to connect with nrfconnect app, the pop up windows to enter key is shown, but only with a Yes or Cancel button. If you click on Yes or Cancel the window disappear and if you are fast enough when you click on the servcie that has been list behind, it works and you are connected without re entered the passkey . Surprising :D 

    But ok i will try this, thanks for the link it is really helpfull !

    Concerning sniffer, i have two nrf52833 dev kit ( pca10100) i can use one for this purpose no problem. But this board seems to not be supported in the list. 

  • 0 in reply to Hung Bui

    It works fine ! i just replace false by true and now, no more issue.

    I can pair with device ID as passkey. I'm aware it is not the more secure ( i understand in 20 step the hacker can be paired ). On this point i don't understand why bluetooth protocol give the information of what bit is ok and what bit is not ... What interesst there is to do this at the end , it is just giving the possibility to guess the code after 20 trial no ? 

Reply
  • 0 in reply to Hung Bui

    It works fine ! i just replace false by true and now, no more issue.

    I can pair with device ID as passkey. I'm aware it is not the more secure ( i understand in 20 step the hacker can be paired ). On this point i don't understand why bluetooth protocol give the information of what bit is ok and what bit is not ... What interesst there is to do this at the end , it is just giving the possibility to guess the code after 20 trial no ? 

Children
  • 0 in reply to Olfox

    Hi again, 

    Please be aware that in this process: 

    The random number is generated after each step. So even if the hacker can try again it will be a new random number and they can't guess the correct bit after 20 times. But anyway using same static passkey would compromise the security protection of the method and it's not recommended by the spec. 

  • 0 in reply to Hung Bui

    Ok i see. But in my case as the code is not refeshed after each connexion, it is not perfectly secure , but in my application it is not really important and i don't really have another way to proceed unfortunately.

    I just tried to connect a third phone, and it connect ! without asking the pairing first ?!

    Is it linked to the fact that i only have three as  FDS_VIRTUAL_PAGES  ? Meaning two paired device possible?

  • 0 in reply to Olfox

    Any phone can connect to your device without bonding/pairing if you don't use a whitelist. If you have a characteristic that require encryption, then bonding will be triggered. 


    By having a static passkey your device has a slightly higher MITM protection compared to passkey. But it's not as good as having a randomized passkey. 

  • 0 in reply to Hung Bui

    Wooo there is no way to avoid connexion without entering pairing ? Because imagine my nrf advertise, and somebody not paired connect, and keep connexion.  As at the moment i have only one central connected at a time, it will be impossible for autorized mobil to connect on my nrf :( ....

    I have set all my charachetristic to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM and now i see pop up the pairing input windows, but for the dfu characteristique and the default Generic access, generic attribute and secure DFU service, it is still accesible. Ok for DFU there is then the check with signature.

    I noticed NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS exist in the sdk_config.h bit i don't know really the impact it could have

  • 0 in reply to Olfox

    You can disconnect the connection after a period of time if it doesn't initiate pairing or if you don't recognize that  device.

     
    But using whitelist is the best way of avoiding an unwanted central to connect to your device. You need either the central address or the central's IRK to setup whitelist. 

    Note that one can easily jam the advertising channels and block any connection. 

    You set NRF_DFU_BLE_BUTTONLESS_SUPPORTS_BONDS when you want to use the same bonding you used on your device to the central when doing DFU. 
    it's normal that the generic access , generic attribute is accessible without encryption. 
    If you want you can set the DFU service to require bonding. 

Related
Terms of service