• State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 90 subscribers
  • Views 2730 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 280302
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Please tell me how to set permissions.

sdi_kei

Hello.
I'm thinking about what I can do with peripheral rolls.

I have a question about GATT communication data.
The following content was described in the Core Specification of the Bluetooth SIG.

The following access permissions are possible:
• Readable
• Writeable
• Readable and writable
The following encryption permissions are possible:
• Encryption required
• No encryption required
The following authentication permissions are possible:
• Authentication Required
• No Authentication Required
The following authorization permissions are possible:
• Authorization Required
• No Authorization Required

I think that the structure used when setting the data of the characteristic is "ble_add_char_params_t".
How can I set the contents described?

Best regards.

  • 0

    Have a look at ble_gap.h from the nrf5 SDK.

    /**@defgroup BLE_GAP_CONN_SEC_MODE_SET_MACROS GAP attribute security requirement setters
 *
 * See @ref ble_gap_conn_sec_mode_t.
 * @{ */
/**@brief Set sec_mode pointed to by ptr to have no access rights.*/
#define BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(ptr)          do {(ptr)->sm = 0; (ptr)->lv = 0;} while(0)
/**@brief Set sec_mode pointed to by ptr to require no protection, open link.*/
#define BLE_GAP_CONN_SEC_MODE_SET_OPEN(ptr)               do {(ptr)->sm = 1; (ptr)->lv = 1;} while(0)
/**@brief Set sec_mode pointed to by ptr to require encryption, but no MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(ptr)        do {(ptr)->sm = 1; (ptr)->lv = 2;} while(0)
/**@brief Set sec_mode pointed to by ptr to require encryption and MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(ptr)      do {(ptr)->sm = 1; (ptr)->lv = 3;} while(0)
/**@brief Set sec_mode pointed to by ptr to require LESC encryption and MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(ptr) do {(ptr)->sm = 1; (ptr)->lv = 4;} while(0)
/**@brief Set sec_mode pointed to by ptr to require signing or encryption, no MITM protection needed.*/
#define BLE_GAP_CONN_SEC_MODE_SET_SIGNED_NO_MITM(ptr)     do {(ptr)->sm = 2; (ptr)->lv = 1;} while(0)
/**@brief Set sec_mode pointed to by ptr to require signing or encryption with MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_SIGNED_WITH_MITM(ptr)   do {(ptr)->sm = 2; (ptr)->lv = 2;} while(0)
/**@} */

    For example you can set the write permissions to LESC with MITM when initializing your characteristic:

        ble_gatts_attr_md_t cccd_md;
    BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(&cccd_md.write_perm);

  • 0 in reply to fhfs

    Hello.

    I think Encryption required is set to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM and No encryption required is BLE_GAP_CONN_SEC_MODE_SET_OPEN.

    Can you tell me what else applies?

    Best regards.

  • 0 in reply to sdi_kei

    Hello.

    Do you see the question?
    I would be grateful if the support engineer could answer if you like.

    Best regards.

  • 0 in reply to sdi_kei
    sdi_kei said:
    I think Encryption required is set to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM and No encryption required is BLE_GAP_CONN_SEC_MODE_SET_OPEN.

    Hi, 

    Encryption have different levels so it could be 

    BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM or 
    BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM
    and yes no encryption means you need to set the permissions to open 
    BLE_GAP_CONN_SEC_MODE_SET_OPEN.
    read and write access can be defined to the char properties like below
     add_char_params.read_access  = SEC_OPEN;
add_char_params.write_access = SEC_OPEN;
    The following authentication permissions are possible:
    • Authentication Required
    • No Authentication Required
    for the above you have 
    ble_add_char_params_t in components\softdevice\s112\headers\ble_gatt.h that you can set.
    I suggest you to see one of the ble service implementation like 
    components\ble\ble_services\ble_nus\ble_nus.c: 
    ble_nus_init to get a closer look a the example to use these settings.
  • 0 in reply to Susheel Nuguru

    Hello.

    Thank you for telling me about the settings.
    However, I checked the example, but I didn't understand some points, so please let me know.
    This is what we currently know.

    The following access permissions are possible:
• Readable
    add_char_params.read_access = SEC_OPEN;
• Writeable
    add_char_params.write_access = SEC_OPEN;
• Readable and writable
    Allow read and write
    
The following encryption permissions are possible:
• Encryption required
    BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM and BLE_GAP_CONN_SEC_MODE_SET_OPEN
• No encryption required
    BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM
    
The following authentication permissions are possible:
• Authentication Required
    not sure
• No Authentication Required
    BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS
    
The following authorization permissions are possible:
• Authorization Required
    not sure
• No Authorization Required
    not sure

    Best regards.

Related