How to disable the bond and pair?

RE: How to disable the bond and pair?

dcollier8 — Thu, 08 Feb 2018 22:56:22 GMT

If you do not want encryption, then use SSP, found here:

http://www.fte.com/docs/ssp.pdf

It says this:

Simple Pairing Debug Mode

Simple Pairing Debug Mode uses a different Link Key for encryption

than is used during

normal operation. As a component of the

Host Controller for any 2.1 compliant

Bluetooth

device, Simple Pairing Debug Mode can be

turned on so engineers can analyze

Bluetooth

data. Once the analysis is complete, Debug Mode can be switched off so that further

communication between the devices cannot be

compromised. The main point here to

remember is that a different Link Key is

used when in Simple Pairing Debug Mode,

thereby maintaining the enhan

ced 2.1 security process.

As an additional security feature, the Li

nk Key generated during debug mode is clearly

identified as having been created during

the debug process. This allows the

Bluetooth

Host

to recognize that the current Link Key is not

secure. The Host can

choose to initiate the

pairing process again, which results

in the generation of a new Link Key.

RE: How to disable the bond and pair?

dcollier8 — Thu, 08 Feb 2018 22:54:44 GMT

This code is used in the BLE event handler from the BLE dispatch to get the passkey:

static void ble_evt_dispatch(ble_evt_t * p_ble_evt)

{ on_ble_evt(p_ble_evt);

... then in the above event handler:

static void on_ble_evt(ble_evt_t * p_ble_evt)

switch (p_ble_evt->header.evt_id)
{

        case BLE_GAP_EVT_PASSKEY_DISPLAY:
        {
            NRF_LOG_INFO("event recd: BLE_GAP_EVT_PASSKEY_DISPLAY\r\n");
            char passkey[PASSKEY_LENGTH+1];
            memcpy(passkey,p_ble_evt->evt.gap_evt.params.passkey_display.passkey,PASSKEY_LENGTH);
            passkey[PASSKEY_LENGTH] = 0;
            // Don't send delayed Security Request if security procedure is already in progress.
            err_code = app_timer_stop(m_sec_req_timer_id);
            APP_ERROR_CHECK(err_code);

            //APP_LOG("Passkey: %s\r\n",passkey);
           //orig: NRF_LOG_INFO(0,"Passkey: '%s'",passkey);
            NRF_LOG_INFO("Passkey: %s\r\n", nrf_log_push(passkey));

        }break;//BLE_GAP_EVT_PASSKEY_DISPLAY

Hope this helps !

Donzo

RE: How to disable the bond and pair?

Petter Myhre — Wed, 22 Jul 2015 08:38:36 GMT

Why do you need a passkey if you don't need encrpytion? Passkey is used in the pairing process. Do you plan to have devices that have a display or keyboard so you can display or input a passkey? If not you could use static passkey, please see this question.

RE: How to disable the bond and pair?

eaglezcy — Wed, 22 Jul 2015 02:28:54 GMT

hi peter: thanks a lot! I have try your suggestion, and it works. but I still have one question. where is the passkey? where can I find the passkey? and how can I change the passkey from central?? Is there any example that have realize the function?? I can not find it in the sdk.

best regards!

RE: How to disable the bond and pair?

Petter Myhre — Tue, 21 Jul 2015 11:35:22 GMT

Pairing is the process of creating one or more shared secret keys.

Bonding is the act of storing the keys created during pairing for use in subsequent connection in order to form a trusted pair.

If you disable bonding, pairing is still done, i.e. the link gets encrypted.

The peripheral has a GATT server with a characteristic value and a CCCD that requires the link to be encrypted for them to be written to. In services_init(), please change:

BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.write_perm); to
BLE_GAP_CONN_SEC_MODE_SET_OPEN(&attr_md.write_perm); and
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm); to
BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.write_perm);

The central has a GATT client that will receive BLE_GATT_STATUS_ATTERR_INSUF_AUTHENTICATION or BLE_GATT_STATUS_ATTERR_INSUF_ENCRYPTION if it tries to write to an attribute (the characteristic value and the CCCD are attributes) that requires encryption for it to be written to. Please see the BLE_GATTC_EVT_WRITE_RSP case in client_handling_ble_evt_handler(). If one of these are received, it will call dm_security_setup_req() which will call initiate_security_request(), which will call sd_ble_gap_authenticate(). sd_ble_gap_authenticate() will initate the pairing process.

For you it should be suffient to only make the changes in the peripheral to "disable pairing", but I added the central part as well.

RE: How to disable the bond and pair?

eaglezcy — Tue, 21 Jul 2015 06:49:30 GMT

hi petter: Thanks a lot! The example is ...\nRF51_SDK_8.1.0_b6ed55f\examples\ble_central\ble_app_multilink_central and ...\nRF51_SDK_8.1.0_b6ed55f\examples\ble_central\ble_app_multilink_peripheral. I still have some question: 1. In this example, where can I find the passkey?? I can't find the encryption key. 2. How can I disable the link to be encrypted?? I do not need the link to be encrypted. 3. I do not know how this project to do the bond and pair, and I do not find the passkey, and do not know the process of bond and pair. Is the central or the peripheral erupt the bond and pair??

best regards! Thanks a lot!

RE: How to disable the bond and pair?

Petter Myhre — Mon, 20 Jul 2015 09:20:54 GMT

ble_central is just a folder not an example. What example are you using on the central side? What example are you using on the peripheral side? SEC_PARAM_BOND 0 just disables bonding, not pairing. It is with pairing the link gets encrypted, bonding is just saving the encryption keys for later connections.