Use of whitelist

Hi,

The IRK  is only exchanged during the pairing/bonding procedure. Unless you are making the devices in both ends, there is no other way to obtain the IRK. Mobile phones for instance typically always use a random resolvable address (privacy), so there you need the IRK (and pairing/bonding) in order to do whitelisting. If the devices does not use privacy, then you can simply whitelist the BLE address as this never changes in that case.

• Hi, thanks for your reply

I tried simply whitelist the BLE MAC addresses, but failed to connect to devices. The connection can be normal only after IRK is whitelisted. How can I make the whitelist not use IRK?

Which type device is your peer device, and does it use privacy? Is it a phone? If yes, you must use the IRK as the phones typically change address every 15 minutes. If the device does not use privacy, then you can whitelist a address. See for instance this thread.

Which type device is your peer device, and does it use privacy? Is it a phone? If yes, you must use the IRK as the phones typically change address every 15 minutes. If the device does not use privacy, then you can whitelist a address. See for instance this thread.

I use NRF52 DK board,The MAC address of the NRF52 DK board is fixed,I added the MAC address of the NRF52 DK board to the server whitelist, NRF52 DK board can not connect to the server.Is there something not configured?

Print the following:

Hi,

So both peers are nRF52 DKs and you do not specifically enable resolvable random address / privacy? If so, IRK is not relevant.

As you consistently get BLE_HCI_CONN_FAILED_TO_BE_ESTABLISHED after enabling whitelisting, that is consistent with whitelisting being used but that the the device is not in the whitelist.

By the way, are  you using whitelisting in the peripheral or central, or both?

A quite common mistake when manually adding whitelist for the first time is to get the endianness wrong, so you could either double-check that or change the byte order to see if that helps. If not, perhaps you can share the code you use to do whitelisting so I can check if it makes sense?

Hi,Thank you for your reply.

Whitelist is implemented on peripherals, The following is the implementation code for the peripheral.

I manually added the device address to the whitelist,I tried byte order inversion,The result is always the same.

The manually added  MAC address is obtained when the whitelist is not added.

static ble_gap_addr_t whitelist[BLE_GAP_WHITELIST_ADDR_MAX_COUNT] = {0, BLE_GAP_ADDR_TYPE_PUBLIC,0xFC, 0xF4, 0x53, 0x87, 0x0B, 0xC1};
//static ble_gap_addr_t whitelist[BLE_GAP_WHITELIST_ADDR_MAX_COUNT] = {0, BLE_GAP_ADDR_TYPE_PUBLIC,0xC1, 0x0B, 0x87, 0x53, 0xF4, 0xFC};

/**@brief Function for initializing the Advertising functionality.
 */
void advertising_init(uint16_t  uudis,uint8_t *CtrolType,ble_adv_Evt_handler_t  bleAdvEvtCallback)
{
    uint32_t               err_code;
    ble_advertising_init_t init;
    iBleAdvEvtCallbackHandler = bleAdvEvtCallback;
    ble_uuid_t adv_uuids[] =
    {
        {uudis, BLE_UUID_TYPE_BLE}
    };

    memset(&init, 0, sizeof(init));

    init.advdata.include_appearance = false;
    init.advdata.flags              = BLE_GAP_ADV_FLAGS_LE_ONLY_LIMITED_DISC_MODE;
    init.advdata.uuids_complete.uuid_cnt = sizeof(adv_uuids) / sizeof(adv_uuids[0]);
    init.advdata.uuids_complete.p_uuids  = adv_uuids;

    init.srdata.name_type = BLE_ADVDATA_FULL_NAME;
    init.srdata.include_appearance = true;
    
    
    init.config.ble_adv_fast_enabled  = true;
    init.config.ble_adv_fast_interval = APP_ADV_INTERVAL;
    init.config.ble_adv_fast_timeout  = APP_ADV_DURATION;
    init.evt_handler = on_adv_evt;
    
    init.config.ble_adv_whitelist_enabled = true;

    err_code = ble_advertising_init(&m_advertising, &init);
    APP_ERROR_CHECK(err_code);

    ble_advertising_conn_cfg_tag_set(&m_advertising, APP_BLE_CONN_CFG_TAG);
}
/**@brief Function for starting advertising. */
void advertising_start(void )
{
    ret_code_t err_code;
		ble_gap_addr_t const * addr_ptrs[BLE_GAP_WHITELIST_ADDR_MAX_COUNT] = {0};
		
		for (uint32_t i = 0; i < BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT; i++)
		{
				addr_ptrs[i] = &whitelist[i];
		}
		
    err_code = sd_ble_gap_whitelist_set(addr_ptrs, 1);
    APP_ERROR_CHECK(err_code);
    

    err_code = ble_advertising_start(&m_advertising, BLE_ADV_MODE_FAST);
    APP_ERROR_CHECK(err_code);
}

/**@brief Function for handling advertising events.
 *
 * @details This function will be called for advertising events which are passed to the application.
 *
 * @param[in] ble_adv_evt  Advertising event.
 */
static void on_adv_evt(ble_adv_evt_t ble_adv_evt)
{
    ret_code_t     err_code;
	uint32_t       addr_cnt = 1;
	uint32_t       irk_cnt  = 0;
	ble_gap_id_key_t         keys[BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT] = {0};
	ble_gap_id_key_t const * key_ptrs[BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT] = {0};	
    switch (ble_adv_evt)
    {
        case BLE_ADV_EVT_WHITELIST_REQUEST:
			for (uint32_t i = 0; i < BLE_GAP_DEVICE_IDENTITIES_MAX_COUNT; i++)
			{
				key_ptrs[i] = &keys[i];
				memcpy(&keys[i].id_addr_info, &whitelist[i], sizeof(ble_gap_addr_t));
			}
			
			err_code = sd_ble_gap_device_identities_set(key_ptrs, NULL, addr_cnt);
			APP_ERROR_CHECK(err_code);
			// Apply the whitelist.
			err_code = ble_advertising_whitelist_reply(&m_advertising,
    													 whitelist,
    													 addr_cnt,
    													 NULL,
    													 irk_cnt);
			APP_ERROR_CHECK(err_code);
            break;
        case BLE_ADV_EVT_FAST:
            NRF_LOG_INFO("Fast advertising.");
            break;
        case BLE_ADV_EVT_IDLE:
            
            break;
        default:
            break;
    }
}