questions for paring and bonding process

11 posts / 0 new
Last post
mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
questions for paring and bonding process

Hi ,
I am trying to achieve paring .
here is how it should work

I double tab the device and it start advertising in GAP_LIM_DISCOVERABLE mode ( so that scanner in limited discovery mode can only see this device)
now phone(central) connects

after phone connects device (peripheral) will ask to enable security and key will transferred , paring is done .

now I have following question about

1. GAP_LIM_DISCOVERABLE stops after 180s(as mentioned in documentation) is there a handler that runs when this timeout of 180s occurs?
2. after phone connects what request i have to send to enable security
3 . after paring is done how to manage key and use it at the time of re-connection.( i know an option in which i can save it in eeprom so it will work in HW reset cases also)
4. is method of paring for android is different for android and ios?
我用sdk3.0.10.1
Thanks
Mohit

Device:
mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
?? any suggestions ??

?? any suggestions ??

mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
i am enabling the paring by

i am enabling the paring by setting authentication in one of the profile while sending enable request
req->sec_lvl = PERM(SVC, AUTH);

paring is happening i can see it on phone.
but the phone is not receiving characteristics notification.

mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
i am attaching my wireshark

i am attaching my wireshark log
I think there is some problem with paring itself

Attachment:
MT_dialog
Offline
Last seen:1 week 6 days ago
Staff
加入:2015-06-08 11:34
Hi mohit3112,

Hi mohit3112,

1. Yes, the advertise should end and the handler that will indicate the termination of the advertising is the same as when you cancel the advertising operation (.app_on_adv_undirect_complete) but with a different status GAP_ERR_TIMEOUT.

2. If you want the slave to make a security request after connection you should use the GAPC_SECURITY_CMD command, you can find an implementation for this in the ble_app_barebone/profile/peripheral projects by checking the .security_request_scenario and turn it into DEF_SEC_REQ_ON_CONNECT. Since you are in SDK 3 you should send this command when the connection handler executes.

3. After the pairing is complete and devices are bonded, the central in case of disconnection/connection should issue a encrytion request and the devices will check the allready existing keys (ediv and rand) in order to check the validity of the incoming connection. You can check the Smart Tag reference design which implement the security shceme and the storing of the data in a non volatile memory.

4. The pairing and bonding are defined by the bluetooth spec.

Thanks MT_dialog

mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
Hi, thanks for the answers ,

Hi, thanks for the answers , i looked at the smartTag project
i still have one doubt

when central device get the INSUFFICIENT_AUTH_ERROR or INSUFFICIENT_ENCRYPTION_ERROR it automatically starts paring right ?
so in peripheral device if i enable a profile like this

app_fsds_enable_prf_sec(PREM(SVC,AUTH));

(FSDS is my custom profile)
now when central device(android or iOS phone) tries to write the descriptor it will get error hence it will initiate paring ,
now after paring is done, I should be able to receive notification for characteristics on central side. But its not happening what could be issue ?

Thanks
Mohit

MT_dialog
Offline
Last seen:1 week 6 days ago
Staff
加入:2015-06-08 11:34
Hi mohit3112,

Hi mohit3112,

Yes, if the peripheral has secured characteristics and there is no security request, then the client should initiate security in order to access the restricted characteristic. Is the notification triggered from your device ? you can check from the custs1_val_ntf_req_handler(). Also the AUTH declaration shows that your characteristic requires not only ecryption but authentication as well, i guess that your security is Just works at the moment.

Thanks MT_dialog

mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
couldn't find the function

couldn't find the function that you mentioned (may be its in sdk 5 i am using 3 ) but here is what i did

ok so i put break point on app_send_paring_rsp_func() , and yes the phone (central device is sending the paring req) and peripheral device (pan147580) is getting it and sending response and they are getting paired also.

在第二个案例我一直在gattc_writ断点e_cmd_ind_handler to see is phone is able to write CCC descriptor after paring. and its not able to write the CCC descriptor after paring

then i sniff the packets to see what went wrong is saw in wrieshark some packets from slave to master saying "Encrypted packet decrypted incorrectly (bad MIC)"

so basically i am not able to read write attributes after paring

also you guessed it right i am trying to implement JustWorks paring

Thanks
mohit

Joacimwe
Offline
Last seen:1 year 3 months ago
Guru
加入:2014-01-14 06:45
Try PREM(SVC,UNAUTH) instead

Try PREM(SVC,UNAUTH) instead of PREM(SVC,AUTH).
Per the Bluetooth specification, there are multiple "levels" of access rights. We have unauthenticated encryption, authenticated encryption as well as authorization.
"Just works" usually means unauthenticated while MITM (with passkey entry) is authenticated.

MT_dialog
Offline
Last seen:1 week 6 days ago
Staff
加入:2015-06-08 11:34
Hi mohit3112,

Hi mohit3112,

As Joacimwe said try to set the permissions to UNAUTH instead of AUTH and check again, since there is no authorization you should not be able to interact with the characteristics. Since your connection security is using the Just Working pairing you wont be able to have an authorization scheme, you will have to implement a pass key in order for your connection to be authenticated.

Thanks MT_dialog

mohit3112
Offline
Last seen:7 months 2 weeks ago
Expert
加入:2014-08-04 13:45
thanks Joacimwe it works,

thanks Joacimwe it works, kinda confusing though ,will have to read up on ble security more
谢谢你的帮助

Mohit

Topic locked