This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Zephyr BLE static passkey between central and peripheral on two nrf52840s

Hi!

I am trying to develop a way for a Bluetooth Central and Bluetooth Peripheral using Secure Connections (security mode 1 level 2 if I'm not mistaken) using a static passkey. Both the Central and the Peripheral are nrf52840s, using the Connect SDK/Zephyr on both.

I have managed to get the Zephyr Heart Rate samples running on both devices (central_hr and peripheral_hr), however I am somewhat at a loss of how to change the code to enable static passkeys. Both devices will operate without any IO capability, such that the wanted feature is for the central and peripheral to pair only if they share the same (permanently stored) static passkey.

My understanding is that in order to achieve this, both devices has to communicate their IO capabilities are NoInputNoOutput with the MITM flag set high and CONFIG_BT_FIXED_PASSKEY to be enabled. I would like to build upon the Heart Rate example to test this features success. My questions are:

1) Where in the code should bt_passkey_set(unsigned in passkey) be placed, both for central and peripheral example?

2) How/where do I communicate the Centrals IO capabilities? I've found explanations with regards to the Peripheral, but haven't found this for the Central and don't quite get it from the example code.

3) Is there a possibility to be guided with instructions in order to move from the central_hr + peripheral_hr example to a working "central_hr_static_passkey" + "peripheral_hr_static_passkey"-example?

Code for the central_hr: https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/bluetooth/central_hr/src/main.c

Code fir the peripheral_hr: https://github.com/zephyrproject-rtos/zephyr/blob/master/samples/bluetooth/peripheral_hr/src/main.c

Please do tell if more information is needed or if I in any way can aid in this inquery.

Thanks a lot in advance,

Jonas

Top Replies

Kenneth over 3 years ago in reply to smohan +1

Maybe check out: https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/software/posts/building-a-ble-application-on-ncs-comparing-and-contrasting-to-softdevice-based-ble-applications https…

Parents

0 Kenneth over 3 years ago
Hi,

You need to add to prj.conf:

CONFIG_BT_SMP=y CONFIG_BT_FIXED_PASSKEY=y

In main.c make sure that .pairing_confirm callback is NULL like this:
static struct bt_conn_auth_cb conn_auth_callbacks = { .passkey_display = auth_passkey_display, .cancel = auth_cancel, .pairing_confirm = NULL, .pairing_complete = pairing_complete, .pairing_failed = pairing_failed };

Make sure to add to main():

unsigned int passkey = 123456; bt_passkey_set(passkey);

Then it should work out of the box for a device to fake a display with 123456. Also see attachment where I have modified peripheral_lbs.

For the device with passkey entry you will need to register a .passkey_entry callback in conn_auth_callbacks, make sure to call bt_conn_auth_passkey_entry(with 123456) in the callback.

Kenneth

8304.peripheral_lbs_fixed_passkey_ncs_1.4.0.zip
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Jonas G L over 3 years ago in reply to Kenneth

Thanks a lot for your input, @Kenneth. Peripheral seems to work as intended as of now. However, I still struggle to grapple with the Central part. Do you have a good reference/link with regards to how a central connects and communicates with a peripheral in Zephyr? There is a sea of UUIDs, Handles and callbacks and I cannot find a clear explanation how to:

- Scan for connectable advertising peripherals

- Connect to a certain peripheral

- Perform service discovery and be prompted with what is found

- Perform read and writes to the peripheral from the central.

The first two points I can infer from existing code, but the last two I don't see yet how to perform. Hope you can help.

BR, Jonas
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 smohan over 3 years ago in reply to Jonas G L

Hi Jonas,

I am working on a similar one, can you help me understand, how to update the IO capabilities on the peripheral device? and How to update the MITM flag?I could not find any api calls to be used from application layer
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Kenneth over 3 years ago in reply to smohan

Maybe check out:

https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/software/posts/building-a-ble-application-on-ncs-comparing-and-contrasting-to-softdevice-based-ble-applications

https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/software/posts/building-a-ble-application-on-ncs-sdk---contrasting-to-softdevice-based-ble-applications---part-2-central-role
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

0 Kenneth over 3 years ago in reply to smohan

Maybe check out:

https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/software/posts/building-a-ble-application-on-ncs-comparing-and-contrasting-to-softdevice-based-ble-applications

https://devzone.nordicsemi.com/nordic/nrf-connect-sdk-guides/b/software/posts/building-a-ble-application-on-ncs-sdk---contrasting-to-softdevice-based-ble-applications---part-2-central-role
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 smohan over 3 years ago in reply to Kenneth

Thanks a ton Kenneth for your reply! .

I am going through the tutorials . Btw, I understood setting MITM .What really confuses me is the logic behind the security implementation from SIG. While I used this example for testing the passkey pairing, I found that , when the peer device ( another nRF kit connected to windows lap nRF Connect BLE app loaded with connectivity firmware) changed its I/O capabilities to nokeyboard-nodisplay, the pairing happens though and it follows Just works(Level 2), I further came to conclusion that this dynamic changing of security pairing method happens as described in here .

I find a security breach here , as the example is set to connect with peers only via passkey method , but if the peer device finds a way to manipulate its IO capabilities as nokeyboard-nodisplay then, it could make connect via just works. So what the use in having passkey secure pairing implementation.

Later I read here that we can force to a security level here .through bt_conn_security(), as it was not implicitly provided by any GATT service. I am going to test this now.

It would be great if you could get back and comment on my understanding.

Regards/Mohan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Kenneth over 3 years ago in reply to smohan

smohan said:
I find a security breach here , as the example is set to connect with peers only via passkey method , but if the peer device finds a way to manipulate its IO capabilities as nokeyboard-nodisplay then, it could make connect via just works. So what the use in having passkey secure pairing implementation.

When you configure the GATT database, then you set the security level required to access these characteristics, so if the bond is established with lower than the intended security level, then the peer will not be able to write or read to these characteristics.

Kenneth
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 ErDarshan over 2 years ago in reply to smohan

Hi smohan,

I would like to have the same functionality as you described in the ticket. I can connect using static pass-key and nrf connect applications yet our goal is to have two nrf52840 (one as peripheral and one as central). Have you implemented central side code?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel