• State Not Answered
  • Replies 5 replies
  • Subscribers 91 subscribers
  • Views 1861 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 284099
Options
Beware that this post is related to an SDK in maintenance mode
More Info: Consider nRF Connect SDK for new designs

Can't get Just Works bonding between nRF5 SDK and nRF Connect SDK to work

tyana

Central nRF5 device connects to peripheral NCS and initiates bonding.

The peripheral reports that security failed with error code 4 (BT_SECURITY_ERR_AUTH_REQUIREMENT) "The requested security level could not be reached".

Central nRF5 has these Peer Manager settings:

// Security parameters to be used for all security procedures.
sec_param.bond           = true;
sec_param.mitm           = false;
sec_param.lesc           = false;
sec_param.keypress       = false;
sec_param.io_caps        = BLE_GAP_IO_CAPS_NONE;
sec_param.oob            = false;
sec_param.min_key_size   = 7;
sec_param.max_key_size   = BLEAM_DATA_CHUNK_SIZE;
sec_param.kdist_own.enc  = true;
sec_param.kdist_own.id   = true;
sec_param.kdist_peer.enc = true;
sec_param.kdist_peer.id  = true;


Peripheral NCS device uses pretty much the Peripheral UART example but with button press requirement removed.

I tried removing security callbacks like the answer to this post suggested at the peripheral and setting the central nRF5 params differently, tried setting LESC as true, but it didn't work. With LESC set on central nRF5 I got NRF_ERROR_INVALID_ADDR on sd_ble_gap_sec_params_reply call. If I set the params at the central to only pairing/no bonding, the pairing is successful.

I'm pretty sure I'm missing something on either side, but I can't find any information on the subject. What can be done to have nRF5 and NCS devices to bond?

Parents
  • 0

    Hi

    Have you enabled the CONFIG_BT_NUS_SECURITY_ENABLED config in the peripheral_uart function? Unfortunately the UNSPECIFIED error could be a lot of things, as it points to that pairing failed, but that the reason could not be specified. For the AUTH_REQUIREMENT error, that points to the requested security level not being reached, which means the central and peripheral is likely not requesting the same security levels.

    Best regards,

    Simon

Reply
  • 0

    Hi

    Have you enabled the CONFIG_BT_NUS_SECURITY_ENABLED config in the peripheral_uart function? Unfortunately the UNSPECIFIED error could be a lot of things, as it points to that pairing failed, but that the reason could not be specified. For the AUTH_REQUIREMENT error, that points to the requested security level not being reached, which means the central and peripheral is likely not requesting the same security levels.

    Best regards,

    Simon

Children
  • 0 in reply to Simonr

    Hello! Sorry it took this long to reply.

    For the sake of experiment I took a proper clean peripheral_uart example from NCS 1.8.0 and also added bonding to ble_app_uart_c example from nRF5 SDK 15.3.0 basically by copying parts of ble_app_hrs_c into it.

    A simple bonding between these works, but LESC doesn't: with sec_param.lesc set to 1 in peer_manager_init in ble_app_uart_c and the respective conn_auth_callbacks set to NULL in peripheral_uart, the "security failed" with UNSPECIFIED error code at the peripheral device persist; judging by this diagram of LESC bonding, it fails at LESC authentication stage 1 just after DHKEY request is handled by the central, since no requests come after that.

    I want to get LESC to work but can't imagine what else is required for it to work.

    I'm attaching the modified ble_app_uart_c project/source if you would like to reproduce this behavior.

    ble_app_uart_c_with_lesc_bonding.zip

Related
Terms of service