Hi Łukasz,
Thanks for your reply. Where and when should the call to ble_sm_inject_io
take place? In my current setup, I had configured my device to use passkey
pairing, but for testing purposes, was hardcoding the passkey. The BLE
stack was requesting the passkey by calling the GAP event callback with
event->type = BLE_GAP_EVENT_PASSKEY_ACTION. I was then passing the passkey
as follows:
if (event->passkey.params.action == BLE_SM_IOACT_DISP) {
pk.action = event->passkey.params.action;
pk.passkey = 123456;
rc = ble_sm_inject_io(event->passkey.conn_handle, &pk);
dprintf("ble_sm_inject_io result: %d\n", rc);
}
In order to support OOB, I've changed my BLE syscfg configuration to the
following (modified SM_IO_CAP, SM_OOB_DATA_FLAG and SM_MITM):
BLE_ROLE_CENTRAL: 0
BLE_ROLE_OBSERVER: 0
BLE_SM_LEGACY: 1
BLE_SM_SC: 1
BLE_SM_IO_CAP: BLE_HS_IO_NO_INPUT_OUTPUT
BLE_SM_OOB_DATA_FLAG: 1
BLE_SM_MITM: 1
BLE_SM_BONDING: 1
BLE_SM_OUR_KEY_DIST: BLE_SM_PAIR_KEY_DIST_ENC | BLE_SM_PAIR_KEY_DIST_ID |
BLE_SM_PAIR_KEY_DIST_SIGN | BLE_SM_PAIR_KEY_DIST_LINK
BLE_SM_THEIR_KEY_DIST: BLE_SM_PAIR_KEY_DIST_ENC | BLE_SM_PAIR_KEY_DIST_ID |
BLE_SM_PAIR_KEY_DIST_SIGN | BLE_SM_PAIR_KEY_DIST_LINK
BLE_STORE_CONFIG_PERSIST: 1
I've tried replacing the code in BLE_GAP_EVENT_PASSKEY_ACTION with the
following code to load in a hard-coded TK:
if (event->passkey.params.action == BLE_SM_IOACT_OOB) {
pk.action = event->passkey.params.action;
uint8_t tk[16] = {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16};
memcpy(pk.oob, tk, sizeof(tk));
rc = ble_sm_inject_io(event->passkey.conn_handle, &pk);
dprintf("ble_sm_inject_io result: %d\n", rc);
}
However, it appears that BLE_GAP_EVENT_PASSKEY_ACTION is now not being
called anymore.
So the question is, at what point and where would I call ble_sm_inject_io
to insert the TK value?
Amr
On Fri, 26 Apr 2019 at 14:16, Łukasz Rymanowski <
lukasz.rymanow...@codecoup.pl> wrote:
> Hi Amr,
>
> Nimble does support OOB for Legacy and Secure Connections Pairing.
> In both cases you just need to provide OOB (TK) data exchanged by other
> means e.g. NFC to the NimBLE stack using "int ble_sm_inject_io(uint16_t
> conn_handle, struct ble_sm_io *pkey)".
>
> For Secure Connection make sure to set MYNEWT_VAL BLE_SM_SC to 1.
>
> Hope that helps
>
> Best
> Łukasz
>
>
>
> On Thu, 25 Apr 2019 at 22:19, Amr Bekhit <amrbek...@gmail.com> wrote:
>
> > Hello all,
> >
> > I'm interested in using OOB pairing over NFC to connect my peripheral
> > device to a master (an Android phone in this case). The NFC Forum has a
> > specification (
> >
> >
> https://nfc-forum.org/our-work/specifications-and-application-documents/application-documents/
> > )
> > which dictates how two NFC-capable BLE devices can exchange key
> > information. As far as I can tell from the specification, for BLE, the
> > peripheral can send its temporary key (TK) via NFC to the central.
> > Presumably, both parties would then enter that key into their Bluetooth
> > stacks and continue the connection process from that point on using just
> > BLE.
> >
> > Regarding this, I have the following question. Using the nimble stack,
> how
> > can we get the peripheral to
> > a) generate a TK and then enter that TK into the stack.
> > b) continue the connection from that point forwards?
> >
> > I noticed that the aforementioned specification document doesn't seem to
> > mention BLE Secure Connections - the TK is an aspect of BLE legacy
> pairing.
> > Does anyone know if there is a version of the standard that works with
> BLE
> > Secure Connection keys? Perhaps the assumption is that NFC pairing
> provides
> > the required identify verification and MITM protection that is provided
> by
> > BLE SC and so BLE Legacy can be used with the same level of security?
> >
> > Amr
> >
>
