• State Verified Answer
  • Locked Locked
  • Replies 11 replies
  • Subscribers 90 subscribers
  • Views 2730 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 280302
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Please tell me how to set permissions.

sdi_kei

Hello.
I'm thinking about what I can do with peripheral rolls.

I have a question about GATT communication data.
The following content was described in the Core Specification of the Bluetooth SIG.

The following access permissions are possible:
• Readable
• Writeable
• Readable and writable
The following encryption permissions are possible:
• Encryption required
• No encryption required
The following authentication permissions are possible:
• Authentication Required
• No Authentication Required
The following authorization permissions are possible:
• Authorization Required
• No Authorization Required

I think that the structure used when setting the data of the characteristic is "ble_add_char_params_t".
How can I set the contents described?

Best regards.

Parents
  • 0

    Have a look at ble_gap.h from the nrf5 SDK.

    /**@defgroup BLE_GAP_CONN_SEC_MODE_SET_MACROS GAP attribute security requirement setters
 *
 * See @ref ble_gap_conn_sec_mode_t.
 * @{ */
/**@brief Set sec_mode pointed to by ptr to have no access rights.*/
#define BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(ptr)          do {(ptr)->sm = 0; (ptr)->lv = 0;} while(0)
/**@brief Set sec_mode pointed to by ptr to require no protection, open link.*/
#define BLE_GAP_CONN_SEC_MODE_SET_OPEN(ptr)               do {(ptr)->sm = 1; (ptr)->lv = 1;} while(0)
/**@brief Set sec_mode pointed to by ptr to require encryption, but no MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(ptr)        do {(ptr)->sm = 1; (ptr)->lv = 2;} while(0)
/**@brief Set sec_mode pointed to by ptr to require encryption and MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM(ptr)      do {(ptr)->sm = 1; (ptr)->lv = 3;} while(0)
/**@brief Set sec_mode pointed to by ptr to require LESC encryption and MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(ptr) do {(ptr)->sm = 1; (ptr)->lv = 4;} while(0)
/**@brief Set sec_mode pointed to by ptr to require signing or encryption, no MITM protection needed.*/
#define BLE_GAP_CONN_SEC_MODE_SET_SIGNED_NO_MITM(ptr)     do {(ptr)->sm = 2; (ptr)->lv = 1;} while(0)
/**@brief Set sec_mode pointed to by ptr to require signing or encryption with MITM protection.*/
#define BLE_GAP_CONN_SEC_MODE_SET_SIGNED_WITH_MITM(ptr)   do {(ptr)->sm = 2; (ptr)->lv = 2;} while(0)
/**@} */

    For example you can set the write permissions to LESC with MITM when initializing your characteristic:

        ble_gatts_attr_md_t cccd_md;
    BLE_GAP_CONN_SEC_MODE_SET_LESC_ENC_WITH_MITM(&cccd_md.write_perm);

  • 0 in reply to fhfs

    Hello.

    I think Encryption required is set to BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM and No encryption required is BLE_GAP_CONN_SEC_MODE_SET_OPEN.

    Can you tell me what else applies?

    Best regards.

  • 0 in reply to fhfs

    Hello.

    What I want to do is create a characteristic that can only be read and written by central devices that meet certain criteria.

    At that time, you have to set each characteristic, but I don't know what kind of setting should be done, so please let me know.

    Best regards.

  • +1 in reply to sdi_kei

    Hello.

    I tried to summarize it with reference to what you taught me.
    Please tell me if this is the case.

    The following content showed the same thing.

BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS         ⇔   SEC_NO_ACCESS
BLE_GAP_CONN_SEC_MODE_SET_OPEN              ⇔   SEC_OPEN
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM       ⇔   SEC_JUST_WORKS
BLE_GAP_CONN_SEC_MODE_SET_ENC_WITH_MITM     ⇔   SEC_MITM
BLE_GAP_CONN_SEC_MODE_SET_SIGNED_NO_MITM    ⇔   SEC_SIGNED
BLE_GAP_CONN_SEC_MODE_SET_SIGNED_WITH_MITM  ⇔   SEC_SIGNED_MITM


The following access permissions are possible:
• Readable  → ble_gatt_char_props_t read = 1
• Writeable → ble_gatt_char_props_t write = 1
• Readable and writable → ble_gatt_char_props_t read = 1, write = 1

The following encryption permissions are possible:
• Encryption required → security_req_t SEC_JUST_WORKS & SEC_MITM & SEC_SIGNED & SEC_SIGNED_MITM
• No encryption required → security_req_t SEC_OPEN

The following authentication permissions are possible:
• Authentication Required → security_req_t SEC_MITM & SEC_SIGNED & SEC_SIGNED_MITM
• No Authentication Required → security_req_t SEC_OPEN & SEC_JUST_WORKS

The following authorization permissions are possible:
• Authorization Required → security_req_t SEC_MITM & SEC_SIGNED & SEC_SIGNED_MITM
• No Authorization Required → security_req_t SEC_OPEN & SEC_JUST_WORKS

    Best regards.

  • 0 in reply to sdi_kei

    Hello.

    I need your information to create a feature.
    If possible, please reply as soon as possible.

    Best regards.

  • 0 in reply to sdi_kei

    sorry for the delay, i had a covid case in my home and hence had to be away from work

    Yes, your reference settings and its understanding seems ok to me.

  • 0 in reply to Susheel Nuguru

    Hello.

    I'm sorry to hurry.
    How are you feeling. I am glad that you can return safely.

    Your answer was very helpful. Thank you very much.

    Best regards.

Reply Children
No Data
Related