嗨,我想在此参考设计中启用安全功能。我通过了所有步骤表单教程和软件部分指南。现在DA1485设备从手机询问了PIN码,但其所有服务都是免费的手机免费访问,并且可以在没有代码确认的情况下工作。
PS。当然,专有的应用程序DSP跳过连接,但我的一个可以在没有任何确认的情况下搭配和工作。
Device:
⚠️
嗨,...感谢您来论坛。令人兴奋的消息!我们现在正在迁至我们的新论坛平台,将提供更好的功能,并包含在主对话框网站中。所有帖子和帐户都已迁移。我们现在只接受新论坛上的流量 - 请发布任何新线程https://www.dialog-seminile.com/support.。我们将在未来几天修复错误/优化搜索和标记。
嗨,...感谢您来论坛。令人兴奋的消息!我们现在正在迁至我们的新论坛平台,将提供更好的功能,并包含在主对话框网站中。所有帖子和帐户都已迁移。我们现在只接受新论坛上的流量 - 请发布任何新线程https://www.dialog-seminile.com/support.。我们将在未来几天修复错误/优化搜索和标记。
Hi Andrey_Kiselnikov,
你能澄清你使用哪个SDK?请注意,安全教程基于SDK 6.0.4。强烈建议使用最新版本的SDK6.0.8。
Thanks, PM_Dialog
我使用的是那里的SDKin the package of this project. In the release note attached to this project wrote that it is based on SDK 6.0.6.
你好,你有什么更新吗?on this issue?
Hi Andrey_Kiselnikov,
您必须更改每个特征的许可才能被授权。如果您将特性设置为AUTH这意味着您将为特性添加安全性并需要授权。您能否澄清您使用的安全方案?请检查user_default_hnd_conf结构的.security_request_scenario到user_config.h标题文件中。使用def_sec_req_ne option选项在读/写的读/写期间需要授权,并且使用def_sec_req_on_connect在连接期间需要授权
Thanks, PM_Dialog
我检查了这两种情况。With DEF_SEC_REQ_ON_CONNECT authorization required but I can skip it and read and write data through the device. With DEF_SEC_REQ_NEVER I can do everything without any security requests. Moreover, I found the same problem on the forums with DA14580 devices (link attached).https://support.dialog-semiconductor.com/forums/post/dialog-smartbond-bl...- 软件/仅限允许配对 - 请求 - PIN码
PS。通过选择参数“def_sec_req_never”,启用了读取和写入操作的安全请求非常奇怪。
你好,你有什么更新吗?on this issue?
Hi Andrey_Kiselnikov,
您能从SDK6的默认BLE_APP_SECURY IDUCTION中下载固件吗?你面对同样的问题吗?我已经测试过,我无法复制你的问题。此外,如果您开发自己的应用程序,或者如果您尝试修改默认BLE_APP_SECURY示例,请澄清您是否可以澄清?def_sec_req_never称为安全方案,并不意味着在通过选择参数读取和写入操作时启用安全性。请注意,每个特征都有自己的安全性。请检查您是否使用app_set_prf_srv_perm(task_id_custs1,app_custs1_sec_req);命令。此命令启用所有特征的安全性并覆盖将它们放入数据库中的权限。所以,如果使用此,您将能够在没有任何安全请求的情况下访问数据库的所有特征。您发布的过去的线程适用于DA14680芯片而不是DA14580,因此这不会帮助您。
Thanks, PM_Dialog
I work with DSPS V6.150.2 reference project (https://support.dialog-semicondiondiondum/resource/da14585-dialog-serial -...),而不是ble_app_security示例。因此,我需要在此参考项目中启用安全性。问题是,此参考设计提供了对配对请求的所有服务,但我启用了所有安全设置。
Hi Andrey_Kiselnikov,
The DSPS reference application does not support security, so if you want to use this application you need to implement it by your own. As I have already mentioned the DSPS demo doesn't use the security feature, so there's no pairing between the devices, that’s why you are able to read/write into the characteristics without pairing. You can enable security by setting the CFG_APP_SECURITY definition in the da1458x_config_basic.h and also change the member security_request_scenario to DEF_SEC_REQ_ON_CONNECT in order for your device to request security upon connection. That will bond your device according to the parameters located in the user_config.h file in the user_security_information. Please, check theble_app_securityexample of the SDK in order to understand how the security features are implemented. Also, I strongly recommend you to follow the steps of the教程5:配对,粘接与安全“在DSP中启用安全性。您将能够在”教程“部分的”文档“选项卡中找到教程,也可以在以下链接以下
https://support.dialog-semiconductor.com/system/files/restricted/Training_05_ble_security_example_v1.1.pdf
Thanks, PM_Dialog
我做了所有这些步骤your last post before starting writing at the forum. The problem is that after enabling all security features (according to the training 5 manual), and recommendations from software portion guide I have the next situation:
1. After trying to connect the device to phone, the device sends a pairing request to the phone app
2.我看到一个带有PIN码入口文本框的系统对话框窗口
3. I can skip this window and reading and writing services still be able from the phone
So I need a help in changing the user_app_callbacks structure or default_app_on_connection function because It enables all services, before getting results of code exchange procedure.
Hi Andrey_Kiselnikov,
请从SDK的BLE_APP_SECURY示例中检查USER_APP_INIT()函数。如果定义了BLE_APP_SEC,则将执行app_set_prf_srv_perm(task_id_custs1,app_custs1_sec_req)。根据app_custs1_sec_req定义,此函数设置配置文件的服务权限访问权限。请您将App_custs1_sec_req更改为srv_perm_auth?似乎安全从配置文件数据库中禁用了安全性
Thanks, PM_Dialog
此功能 - app_set_prf_srv_perm() definded in "dsps-v61502" project, but never executed, where should I add it to execute?
你好,你有什么更新吗?on this issue?
嗨,有没有人?
Hi Andrey_Kiselnikov,
3. I can skip this window and reading and writing services still be able from the phone
如果拒绝配对,则应调用GapC_Bond_ind_Handler(),此功能将断开电话。
static const struct ke_msg_handler app_sec_process_handlers[] =
{
。。。。。。。
{GAPC_BOND_IND, (ke_msg_func_t)gapc_bond_ind_handler},
Thanks, but the program enters in case "GAPC_PAIRING_FAILED:" in "gapc_bond_ind_handler" only if I enter the wrong passkey. If I escape this window on phone screen or ignore it the program will still work.
Hi Andrey,
你可以测试不同的IO功能类型se_config.h. I think you should disable user escape the pairing window on the phone.
Could you use light bule to test your firmware?
/ ************************************************************
*Device IO Capability (@see gap_io_cap)
*
*- GAP_IO_CAP_DISPLAY_ONLY Display Only
*- GAP_IO_CAP_DISPLAY_YES_NO Display Yes No
*- GAP_IO_CAP_KB_ONLY Keyboard Only
*- GAP_IO_CAP_NO_INPUT_NO_OUTPUT No Input No Output
* - GAP_IO_CAP_KB_DISPLAY键盘显示
*
*Select only one option.
************************************************************
* /
#define USER_CFG_FEAT_IO_CAP GAP_IO_CAP_NO_INPUT_NO_OUTPUT //GAP_IO_CAP_DISPLAY_YES_NO
Tested them, it is still able connecting without confirming the passkey.
我发现了解决方案replacing a sending a features message function in security task state machine after PAIRING_SUCCEED case.
Hi Andrey_Kiselnikov,
Glad that your problem has been fixed. Thanks for your indication.
Thanks, PM_Dialog
HI Andrey_Kiselnikov
I want add Pair Function on DSPS too,
你可以给我你的源代码吗?