• State Verified Answer
  • Locked Locked
  • Replies 6 replies
  • Subscribers 87 subscribers
  • Views 1501 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 277281
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I'd like to ask you about BLE Secure Mode 1 Level 4.

Mr.Chu

Hi,

What we are currently using is nRF52832, the central product is SDK16, and the peripheral product is SDK13.

Does SDK17 only support BLE Secure Mode 1 Level 4?

Are there any directions supported by SDK13 and SDK16?

I need your help.

  • 0

    Hi

    All SDKs since SDK v12.3.0 include an LE Secure Connections Multirole example that enforces Security Mode 1, Level 4, so this security mode is also supported in SDK16 and SDK13 as well.

    Best regards,

    Simon

  • 0 in reply to Simonr

    Hi, Simon

    Thanks for your help.

    Central is using SDK16 and periperal is using SDK13.

    I'm going to apply Security Mode 1 Level 4 respectively.

    Do you have any examples to refer to? 

    And is the functionality of Security Mode 1 Level 4 different in SDK17, SDK16, and SDK13?

    Best regards,

    Chu

  • 0

    Hi again

    The LE Secure Connections Multirole example is similar in all the SDK versions you mention. Since the security mode is part of the BLE spec. it has not changed much between the SDK releases.

    Best regards,

    Simon

  • 0 in reply to Simonr

    Hi

    Simonr

    Thanks.

    Is Security Mode 1 Level 4 correct to set the SEC parameter as follows? Or what can you look at to judge?

    #define SEC_PARAM_BOND                   1 
    #define SEC_PARAM_MITM                   1  
    #define SEC_PARAM_LESC                   1  
    #define SEC_PARAM_KEYPRESS               0 
    #define SEC_PARAM_IO_CAPABILITIES        BLE_GAP_IO_CAPS_DISPLAY_ONLY                      
    #define SEC_PARAM_OOB                    0
    #define SEC_PARAM_MIN_KEY_SIZE           7 
    #define SEC_PARAM_MAX_KEY_SIZE           16  
        ble_lbs_init_t init;

        BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(&init.dis_attr_md.read_perm);
        BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(&init.dis_attr_md.write_perm);

        err_code = ble_lbs_init(&m_lbs, &init);
        APP_ERROR_CHECK(err_code);

    +Add 

    SDK13

    In Peripheral, 4 devices are connected simultaneously, and 8 devices are registered internally. You have to pair each. Is there a way to select and pair peer id as the BD address of each device?


     

    Best regards,

    Chu

  • 0

    Security Mode 1 Level 4 is described as follows: "LESC MITM protected encrypted link using a 128-bit strength encryption key required." So MITM, LESC, and a 128-bit encryption key is required. So if the MITM and LESC are set to 1, and you have set an encryption key, that means you are in SEC MODE 1 Level 4. You can also do something like what some later SDK versions do, where the BLE_GAP_EVT_CONN_SEC_UPDATE reads the security mode and level and prints it out using NRF_LOG_INFO. This is usually done in ble_evt_handler() with the following code.

            case BLE_GAP_EVT_CONN_SEC_UPDATE:
            NRF_LOG_INFO("BLE_GAP_EVT_CONN_SEC_UPDATE");
            NRF_LOG_INFO("Security mode: %u. Security level: %u",
                         p_ble_evt->evt.gap_evt.params.conn_sec_update.conn_sec.sec_mode.sm,
                         p_ble_evt->evt.gap_evt.params.conn_sec_update.conn_sec.sec_mode.lv);
            break;

    Best regards,

    Simon

Related
Terms of service