Is there an API that can get the authentication method?

RE: Is there an API that can get the authentication method?

sdi_kei — Fri, 25 Feb 2022 08:07:01 GMT

Hello.

You can only understand the IO function when the pairing request is sent from the other party.
I was able to understand. Thank you very much.

Best regards.

RE: Is there an API that can get the authentication method?

Sigurd — Mon, 21 Feb 2022 10:16:39 GMT

[quote user="sdi_kei"]The timing when you want information is when a BLE connection is made.[/quote][quote user="sdi_kei"]Is there a way to get the authentication method faster than "BLE_GAP_EVT_SEC_PARAMS_REQUEST"?[/quote]

No.If this is a new device that is connecting(that you have no prior bond to), then the information is not known when the device connects.

RE: Is there an API that can get the authentication method?

sdi_kei — Wed, 16 Feb 2022 05:25:17 GMT

Hello.

[quote userid="15146" url="~/f/nordic-q-a/84369/is-there-an-api-that-can-get-the-authentication-method/352806#352806"]No, you can use sd_ble_gap_sec_params_reply() to reply with a error-code and the paring will fail.[/quote]

My explanation was strange. I'm sorry.

The timing when you want information is when a BLE connection is made.
This is because if the other party's BLE device does not have an authentication method different from yours, you want to disconnect, and if they are the same, you want to perform pairing (bonding). Also, at this time, I would like to know the information on LESC.

I was able to confirm the authentication method with "BLE_GAP_EVT_SEC_PARAMS_REQUEST", but an event occurred at the timing when the BLE connection was made and pairing (bonding) was performed.
Therefore, we could only get the information later than we originally wanted.

Is there a way to get the authentication method faster than "BLE_GAP_EVT_SEC_PARAMS_REQUEST"?

Best regards.

RE: Is there an API that can get the authentication method?

Sigurd — Mon, 14 Feb 2022 07:45:20 GMT

[quote user="sdi_kei"]BLE_GAP_EVT_SEC_PARAMS_REQUEST, but this event occurs late. This is because it is confirmed that pairing will be performed when this event occurs[/quote]

No, you can use sd_ble_gap_sec_params_reply() to reply with a error-code and the paring will fail.

If you look at the IO capabilities(BLE_GAP_EVT_SEC_PARAMS_REQUEST, ble_gap_sec_params_t ble_gap_sec_params_t::io_caps and ::lesc), you should be able to determine the authentication method. See the table at step 4 here: https://www.bluetooth.com/blog/bluetooth-pairing-part-2-key-generation-methods/

RE: Is there an API that can get the authentication method?

sdi_kei — Mon, 14 Feb 2022 02:00:37 GMT

Hello.

BLE_GAP_EVT_SEC_PARAMS_REQUEST, but this event occurs late. This is because it is confirmed that pairing will be performed when this event occurs. I want to know how to authenticate to determine if it's a pairing device.

Is there any good way?

Best regards.

RE: Is there an API that can get the authentication method?

Sigurd — Fri, 11 Feb 2022 10:46:42 GMT

Hi,

I could not find a API for that. But in BLE_GAP_EVT_SEC_PARAMS_REQUEST you get the I/O capabilities of the other device.

Depending on the method used, you will get different events. See these Message Sequence Charts:

Bonding: Numeric Comparison:

https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s112.api.v7.3.0/group___b_l_e___g_a_p___p_e_r_i_p_h___l_e_s_c___b_o_n_d_i_n_g___n_c___m_s_c.html

Bonding: Passkey Entry, User Inputs on Peripheral:

https://infocenter.nordicsemi.com/topic/com.nordic.infocenter.s112.api.v7.3.0/group___b_l_e___g_a_p___p_e_r_i_p_h___l_e_s_c___b_o_n_d_i_n_g___p_k_e___c_d___m_s_c.html

RE: Is there an API that can get the authentication method?

sdi_kei — Tue, 08 Feb 2022 05:32:39 GMT

Hello.

thank you for your answer.
I know I can get the status of the connection, but looking at that information doesn't tell me which authentication method to use.
The authentication methods I would like to know are "Numeric Comparison" and "Passkey Entry".
Is it possible to obtain information like the site below?

https://infocenter.nordicsemi.com/index.jsp?topic=%2Fsdk_nrf5_v17.0.0%2Flib_pm_usage.html

Best regards.

RE: Is there an API that can get the authentication method?

Sigurd — Fri, 04 Feb 2022 11:55:34 GMT

Hi,

You can get the getting the security status of a connection using pm_conn_sec_status_get()

You also have the BLE_GAP_EVT_AUTH_STATUS event (Authentication procedure completed event)

         case BLE_GAP_EVT_AUTH_STATUS:
             NRF_LOG_INFO("BLE_GAP_EVT_AUTH_STATUS: status=0x%x bond=0x%x lv4: %d kdist_own:0x%x kdist_peer:0x%x",
                          p_ble_evt->evt.gap_evt.params.auth_status.auth_status,
                          p_ble_evt->evt.gap_evt.params.auth_status.bonded,
                          p_ble_evt->evt.gap_evt.params.auth_status.sm1_levels.lv4,
                          *((uint8_t *)&p_ble_evt->evt.gap_evt.params.auth_status.kdist_own),
                          *((uint8_t *)&p_ble_evt->evt.gap_evt.params.auth_status.kdist_peer));