• State Verified Answer
  • Replies 2 replies
  • Subscribers 86 subscribers
  • Views 1002 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 275304
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

CAF BLE state bond limit

langestefann

Hi, I am trying to use the CAF BLE state  module to manage my bluetooth connection.

To understand how it works I have been testing the nRF desktop application, which makes extensive use of the CAF BLE state module. The documentation of nRF desktop  states the following: 

When turned on, the nRF Desktop peripherals are advertising until they go to the suspended state or connect through Bluetooth. The peripheral supports one wireless connection at a time, but it can be bonded with multiple peers.

And in CAF BLE state documenation I read the following:

CAF assumes that Bluetooth Peripheral device supports only one simultaneous connection and can have up to one bond per Bluetooth local identity.

This is hard enforced by the following code in ble_state.c:200:

		if ((bond_find_data.peer_count > 0) &&
		    bt_addr_le_cmp(bt_conn_get_dst(conn),
				   &bond_find_data.peer_address)) {
			bt_addr_le_to_str(&bond_find_data.peer_address, addr_str,
					sizeof(addr_str));
			LOG_INF("Already bonded to %s", log_strdup(addr_str));
			goto disconnect; 
		}

For now I have uncommented the line `goto: disconnect` from ble_state.c and that seems to work fine, I can now store bond information for multiple devices. 

So I have the following questions:

  • How should I use the CAF BLE state module regarding bonds? I would like to be able to store multiple bonds.
  • How can I delete bond information on the peripheral device (nRF52840)? 
  • I have noticed that if I delete bond information from my phone and try to reconnect to my peripheral device  it will refuse the connection. Is there any way to handle this behaviour so that I can allow the device to reconnect again?

Thanks a lot

Parents
  • +1

    Hi,

    Some background information:

    BLE state module was previously part of nRF Desktop application, then it was separated to CAF. It follows nRF Desktop's assumptions related to Bluetooth operations. E.g. it assumes that peripheral has one bond per Bluetooth local identity, but the peripheral could use multiple Bluetooth local identities. When peripheral device uses given local identity, only the Bluetooth central that is bonded with that local identity can connect with the peripheral (if peripheral device has no bonded central for given local identity, any central may connect and bond to it).

    Because of this assumption, the module disallows for peripheral to have more than one bond per local identity.

    To answer your questions:

    • How should I use the CAF BLE state module regarding bonds? I would like to be able to store multiple bonds.

    The Bluetooth bonds management is not actually performed by CAF BLE state. Still, you could use multiple Bluetooth local identities and switch between them using ble_peer_operation_event. In nRF Desktop this task is implemented in ble_bond. The ble_bond module has many application-specific features (e.g. in nRF Desktop Bluetooth bonds are controlled using click_event related to predefined button), so the module is not part of CAF. You could implement needed functionalities in similar way for your application using Zephyr's Bluetooth API. See the following documentation pages for details:

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/doc/ble_bond.html#nrf-desktop-ble-bond - BLE bond module from nRF Desktop (source code available in src/applications/nrf_desktop/modules/ble_bond.c)

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/libraries/caf/caf_overview.html#c.ble_peer_operation_event - BLE peer operation event

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/README.html#bluetooth-in-nrf-desktop - Bluetooth guide related to nRF Destkop and Bluetooth Kconfig options that could be relevant for your application.​

    • How can I delete bond information on the peripheral device (nRF52840)?

    Use bt_unpair function. https://docs.zephyrproject.org/latest/reference/bluetooth/gap.html#c.bt_unpair

    See https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/doc/ble_bond.html#peer-erasing for details regarding bond erase in nRF Desktop. Keep in mind that peer erase functionality on nRF52840DK is by default enabled only in configuration that works as a dongle. You must enable it in configuration in order to use it for other configurations.

    • I have noticed that if I delete bond information from my phone and try to reconnect to my peripheral device it will refuse the connection. Is there any way to handle this behaviour so that I can allow the device to reconnect again?

    If your phone (central) has deleted bond information it is expected to be unable to reconnect with peripheral device. In that case you should remove bond information from peripheral and bond with the phone again. If you really want to let your phone to connect with the peripheral overwriting bond on peripheral device you should enable CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE. Keep in mind that it's not a good practice, since this would enable cases where an attacker could copy the peer device address to connect and start an unauthenticated pairing procedure to replace the existing bond.

Reply
  • +1

    Hi,

    Some background information:

    BLE state module was previously part of nRF Desktop application, then it was separated to CAF. It follows nRF Desktop's assumptions related to Bluetooth operations. E.g. it assumes that peripheral has one bond per Bluetooth local identity, but the peripheral could use multiple Bluetooth local identities. When peripheral device uses given local identity, only the Bluetooth central that is bonded with that local identity can connect with the peripheral (if peripheral device has no bonded central for given local identity, any central may connect and bond to it).

    Because of this assumption, the module disallows for peripheral to have more than one bond per local identity.

    To answer your questions:

    • How should I use the CAF BLE state module regarding bonds? I would like to be able to store multiple bonds.

    The Bluetooth bonds management is not actually performed by CAF BLE state. Still, you could use multiple Bluetooth local identities and switch between them using ble_peer_operation_event. In nRF Desktop this task is implemented in ble_bond. The ble_bond module has many application-specific features (e.g. in nRF Desktop Bluetooth bonds are controlled using click_event related to predefined button), so the module is not part of CAF. You could implement needed functionalities in similar way for your application using Zephyr's Bluetooth API. See the following documentation pages for details:

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/doc/ble_bond.html#nrf-desktop-ble-bond - BLE bond module from nRF Desktop (source code available in src/applications/nrf_desktop/modules/ble_bond.c)

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/libraries/caf/caf_overview.html#c.ble_peer_operation_event - BLE peer operation event

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/README.html#bluetooth-in-nrf-desktop - Bluetooth guide related to nRF Destkop and Bluetooth Kconfig options that could be relevant for your application.​

    • How can I delete bond information on the peripheral device (nRF52840)?

    Use bt_unpair function. https://docs.zephyrproject.org/latest/reference/bluetooth/gap.html#c.bt_unpair

    See https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/applications/nrf_desktop/doc/ble_bond.html#peer-erasing for details regarding bond erase in nRF Desktop. Keep in mind that peer erase functionality on nRF52840DK is by default enabled only in configuration that works as a dongle. You must enable it in configuration in order to use it for other configurations.

    • I have noticed that if I delete bond information from my phone and try to reconnect to my peripheral device it will refuse the connection. Is there any way to handle this behaviour so that I can allow the device to reconnect again?

    If your phone (central) has deleted bond information it is expected to be unable to reconnect with peripheral device. In that case you should remove bond information from peripheral and bond with the phone again. If you really want to let your phone to connect with the peripheral overwriting bond on peripheral device you should enable CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE. Keep in mind that it's not a good practice, since this would enable cases where an attacker could copy the peer device address to connect and start an unauthenticated pairing procedure to replace the existing bond.

Children
Related
Terms of service