RE: how to handle pairing/bonding in serialization system?

Kenneth — Tue, 02 Mar 2021 13:37:40 GMT

If you need to support bonding, I would consider not use the serialized library api, but instead let the nRF52840 handle the bonding through peer manager, and make a custom serialized transport that only contain the application specific data.

Alternatively you would need to look at the central security procedures and implement the ones you want to support:
https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s140.api.v7.2.0/group___b_l_e___g_a_p___c_e_n_t_r_a_l___s_e_c___m_s_c.html

Edit: One more alternative could be to not use bonding (reject bonding), but instead encrypt the data in the application layer (instead of link layer). However, you would only be able to access characteristics that don't require security:
https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s140.api.v7.2.0/group___b_l_e___g_a_p___c_e_n_t_r_a_l___s_e_c___r_e_q___m_s_c.html

RE: how to handle pairing/bonding in serialization system?

misaka — Tue, 02 Mar 2021 12:34:08 GMT

With this design, now we can successfully find the peripheral advertisement, establish BLE connection, then failed at security request, because we don’t handle security request events in our system. The peripheral then disconnect.

Generally speaking, in a non-serialization system, pairing/bonding is handled by peer_manager module which haven’t ported in our system, it use a lot of internal nRF parts, including flash( store bonding information), cryptocell( if LESC is enabled, CC310 is used as crypto backend), so I'm considering how much effort to implement those hardware-related functions in the main processor.