How to exact Link Keys from Nordic nRF5340 Audio EDK?

Question

Our BQTF wishes to sniff LC3 packages, however without linkkeys, packages cannot be decrypted. 
 
 Any ideas on how to obtain link keys while debugging with a nRF5340 EDK attached or where to obtain them? 
 
 How are Link Keys extracted from the Nordic nRF5340 audio EDK? 
 
 Note the LC3 packages are visible in BIS mode, but they are encrypted in CIS mode.

Jpittevils · Accepted Answer

You've got two options I think. 
 Either do 
 CONFIG_BT_LOG_SNIFFER_INFO=y CONFIG_BT_DEBUG_LOG=y 
 This will print out the randomly generatied keys to the console so you can enter them manually in the sniffer. 
 Or you can do 
 CONFIG_BT_TINYCRYPT_ECC=y CONFIG_BT_USE_DEBUG_KEYS=y 
 Then the connection will use pre-determined keys that the sniffer should have stored in its memory and then it can decrypt the packets without any more input needed from you.

Elfving · Answer

Hello Otto, 
 
 Have a look at the response from Jowan below, which 100% correct. 
 If you go for the first option you can find the long term key in the log in the log 
 
 which you can then post in the Ellisys sniffer security panel. 
 
 Regards, 
 Elfving

How to exact Link Keys from Nordic nRF5340 Audio EDK?

Top Replies