• State Verified Answer
  • Locked Locked
  • Replies 54 replies
  • Subscribers 75 subscribers
  • Views 9303 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 283147
Options
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Soft device enable and disable - [DFU] disconnected by the remote device

AliMahmood123

Hello all

I am facing a very strange issue, already searched the forum but didnt find anything like it.

Okay so I can get DFU to work. For our custom application we have to disable the soft device for some time for sensor acquisitions and re enable it at a later time for OTA upgrades.

I simply use nrf_sdh_disable_request() to de initialize the soft device successfully, which it does.

I later re - enable soft device using the standard ble calls in example code:

ble_stack_init();
    peer_manager_init();
    gap_params_init();
    gatt_init();
    advertising_init();
    services_init_2();
    conn_params_init();   
     
    //Start execution.
    application_timers_start();
    advertising_start(erase_bonds);

BLE gets initialized successfully, device is advertised and connects to as well. The problem is in DFU. When I attempt DFU, it keeps getting stuck into trying to switch to bootloader, repeatedly giving
"[DFU] disconnected by the remote device"

The logs then try to open the firmware file again, re initiating the process but nothing happen. I have spend quite some time on this and hit a blocker. Any help is appreciated. There must be a step I am missing during re-enabling the soft device

  • 0 in reply to AliMahmood123

    There is always a re-connect taking place when you switch to bootloader DFU mode, the difference when bond sharing is enabled is that the connection will be secured with the encryption key provided by the app.

    Buttonless Secure DFU Service with bonds vs. Buttonless Secure DFU Service without bonds.

    You could modify the bootloader to support pairing and get link encryption that way. The problem then is how you are going to prevent other centrals from pairing with your bootloader.

  • 0 in reply to Vidar Berg

    Hi Vidar
    Okay So I have managed to do pairing, not bonding from buttonless app, I protected the DFU write characteristic with Just Works

    Now how should I ensure this when going into DFU Mode?

  • 0 in reply to AliMahmood123

    Wont the link be encrypted when it goes into DFU Mode as well, as the peer is forwarded?

  • 0 in reply to AliMahmood123

    Hi
    I've made some progress and now I can ask some to the point questions. I would be very grateful if you can read all and provide me with detailed answer.
    I have referred to https://infocenter.nordicsemi.com/index.jsp?topic=%2Fcom.nordic.infocenter.s132.api.v7.2.0%2Fgroup___b_l_e___g_a_p___p_e_r_i_p_h___s_e_c___m_s_c.html&cp=4_7_3_1_2_1_5_10 for the logs that I see.

    So I have two situations
    1) Bond forwarding - I have managed to encrypt the link and do bond forwarding as well. I did that by adding LESC crypto libraries separately. I got BLE_GAP_EVT_LESC_DHKEY_REQUEST and the whole flowchart as expected. I am still a bit confused as to how the default example (bond forwarding) could be encrypted without adding LESC and crypto support. That's just my curiosity.

    Anyways for the above situation, the LTK is generated and it's being used in DFU. My question here is that when the device goes into DFU Mode, is the session still encrypted?

    Another question here is regarding bond deletion, I get really weird behaviour when I delete bonds, it wasnt working with simply deleting from app in this case 1). I had to delete bonds from peer as well. I have still more testing to do but since we have a few days gap in replies that's why I prefer to ask everything up front

    2) Without bond forwarding - Only LESC - I disabled bond forwarding and bonding and just did pairing (No BLE pairing phase 3 of key exchange which is bonding). I also added CONN_JUST_WORKS on DFU characteristics.
    DFU works fine.
    My question here also is that when the device goes into DFU Mode, is the session still encrypted?

    Another question here is that when I do DFU with LESC and no bond forwarding, the device says "Bonded". That doesn't make any sense. I think this is a bug as I have not bonded in the first place. So on the upgraded firmware I simply forget the bonds and use the updated application. I dont have much problem with this but I just dont get the concept. I realize its due to adding just works on DFU characteristic. But I clearly "Pairing" logs as the role from peer manager. Then why does it say bonded?

    Please answer me clear cut on this so I can compare the above two situations to what I want
    And please answer all questions for easiness for you and me both. Thanks a lot in advance for hearing me out

  • 0 in reply to AliMahmood123

    Hi,

    AliMahmood123 said:
    1) Bond forwarding - I have managed to encrypt the link and do bond forwarding as well. I did that by adding LESC crypto libraries separately. I got BLE_GAP_EVT_LESC_DHKEY_REQUEST and the whole flowchart as expected. I am still a bit confused as to how the default example (bond forwarding) could be encrypted without adding LESC and crypto support. That's just my curiosity.

    The crypto libraries are only needed for the DH key exchange that takes place during the bonding procedure. Link encryption is done with the built-in AES HW block after the app has provided the softdevice with the LTK, and has no additional SW dependencies.

    AliMahmood123 said:
    My question here is that when the device goes into DFU Mode, is the session still encrypted?

    The device is reset when you enter DFU mode, so the central has to re-connect, and then encrypt the link again with the LTK (Encryption Establishment using stored keys).

    AliMahmood123 said:
    s regarding bond deletion, I get really weird behaviour when I delete bonds, it wasnt working with simply deleting from app in this case 1).

    Please see this post: https://devzone.nordicsemi.com/f/nordic-q-a/51965/pairing-and-bonding-after-deleting-synchronization

    AliMahmood123 said:
    I disabled bond forwarding and bonding and just did pairing (No BLE pairing phase 3 of key exchange which is bonding).

    I understand why you disable bond forwarding, but not why you're disabling bonding. Note that you don't need bond forwarding to support bonding in the main app.

    AliMahmood123 said:
    My question here also is that when the device goes into DFU Mode, is the session still encrypted?

    No. The current session will be terminated when you enter dfu mode.

    AliMahmood123 said:
    Then why does it say bonded?

    Seems like it may be a bug in android's BT stack: https://devzone.nordicsemi.com/f/nordic-q-a/43338/android-pairing-without-bonding---nrf-connect/. My impression is that very few use pairing, so that may explain why it has not been addressed, assuming it is indeed a bug.

Related
Terms of service