- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Probably that I don't know if additional trick needed for enabling the pairing + encryption for application hello_client and hello_sensor.
I've done to remove the the following comment on both hello_client.c and hello_sensor.c:
p.s I'm using SDK 2.2 on 20737 evb.
// Uncomment the following line to enable OOB pairing. Change oob_tk[] below to the desired key.
#define OOB_PAIRING
But I don't see the encryption happen neither from the log message nor from air packet from sniffer.
void hello_client_encryption_changed(HCI_EVT_HDR *evt)
{
UINT8 status = *((UINT8 *)(evt + 1));
ble_trace1("encryption changed: %02x\n", status);
blecen_encryptionChanged(evt);
}
void hello_sensor_encryption_changed(HCI_EVT_HDR *evt)
{
BLEPROFILE_DB_PDU db_pdu;
UINT8 *bda = emconninfo_getPeerPubAddr();
ble_trace2("hello_sample, encryption changed %08x%04x\n",
(bda[5] << 24) + (bda[4] << 16) +
(bda[3] << 😎 + bda[2],
(bda[1] << 😎 + bda[0]);
Solved! Go to Solution.
- Labels:
-
MasterSlave
-
SDK 2.X
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I sincerely apologize for my fault of having the old version of sample code of hello_client.c and hello_sensor.c for testing the OOB pairing. Using the sample code from SDK 2.1.0 is not working at all for this feature.
Now I'm able to get correct pairing and encryption by using the sample code from SDK 2.2.0.
Truly sorry for my mistake and any inconvenience from your attention.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How are you generating the key?
My understanding is that when Out of Band pairing is used, the key should be generated by one device and provided to another device NOT through the Bluetooth Low Energy transport, but through some other method (for example NFC, wire,...).
I believe that the key is 16 bytes and that there is a requirement for the key to be different every time your device is engaged in pairing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I supposed that key is hard coded as below:
#ifdef OOB_PAIRING
const UINT8 oob_tk[LESMP_MAX_KEY_SIZE] = {0x41, 0x59, 0x1c, 0xd5, 0xea, 0x5a, 0x49, 0x55, 0xb6, 0x3b, 0x18, 0x7c, 0x46, 0xe, 0x13, 0x52};
#endif
....
#ifdef OOB_PAIRING
lesmp_setSMPOOBdata((UINT8*)oob_tk,LESMP_MAX_KEY_SIZE);
lesmp_setJustWorksNotPermitted();
lesmp_setPasskeyEntryNotPermitted();
#endif
Is there any missing steps that I need to try for this test? i.e. where should I generate/input the key to which role?
Isn't it working if I just enable the OOB to both master and slave?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Any update from this topic?
More info from sniffer:
I can only see the following messages:
S->M: Security request
M->S: Pairing request
S->M: Pairing response
But the expected messages, including Pairing Confirm, Pairing Random is not happened.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
are you doing this with two tag3, one a client and the other a sensor? As pointed above by mwf_mmfae, oob will require the pairing to be executed outside the bluetooth band (that's why it is called out-of-band). One example is bt pairing via nfc taggings, where the connection is established. I'm not sure you can accomplish this with just tag3...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Yes, I'm using the tag3.
Would you please elaborate bit more about testing OOB?
From my understanding of the specification, the TK (temporary key) should be the 128-bit random number which I suppose that it's assigned by this call
lesmp_setSMPOOBdata((UINT8*)oob_tk,LESMP_MAX_KEY_SIZE);
What's exactly the steps for testing the OOB on top of hello_client and hello_sensor?
* To demonstrate the app, work through the following steps.
* 1. Plug the WICED eval board into your computer
* 2. Build and download the application (to the WICED board)
* 3. Pair with a client
* 4. On the client side register for notifications
* 5. Push a button on the tag to send notifications to the client
*
* To test OOB/Passkey pairing uncomment corresponding compile flag before step 2 and
* use corresponding compile in the hello_client application.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We need to research this with the developers to see if someone can provide guidance on how to use our OOB pairing mechanism.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Is there any news from this topic?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We have initiated contact with the chip developers and they are testing the OOB pairing mechanism to confirm it works as designed. We should here something back in the next week or so.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi mwf_mmfae,
Is there any update from the testing progress?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The team reported back last night and apparently could not find anything wrong.
Essentially, the OOB pairing code included in both hello-sensor and hello_client has been tested and works fine.
The developers thought that you should also be able to figure out what to change based on the comments within the code.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I spoke to the developers and they said that uncommenting the code discussed above is really the extent of what's needed to use the sample mentioned (there are no other steps needed).
Essentially, OOB pairing should be enabled, just works should be disabled and both devices should know the same key exchanged over different transport.
Is this your understanding of how this process should be handled, or did you assume that this mechanism managed the OOB key exchange directly as well?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
>I spoke to the developers and they said that uncommenting the code discussed above is really the extent of what's >needed to use the sample mentioned (there are no other steps needed).
Well, I hope so, but the hello_client is always failed to start(continue) the encryption procedure. I've done the test on hello_sensor with LightBlue@iPhone, and it runs well with encryption ('just work' case) feature.
After checking the air packets, the hello_client is not proceeding to send 'pairing confirm' command after receiving 'sm_pairing_rsp' from hello_sensor.
So, how did you test this at your side, just uncomment this //#define OOB_PAIRING?
>Essentially, OOB pairing should be enabled, just works should be disabled and both devices should know the same >key exchanged over different transport.
Would you show me where to *enable* OOB? any additional change on source code of hello_client.c? or any operation that I missed? And I supposed that the OOB key has been *hard coded* in both source code of hello_client and hello_sensor as I explained before. Also the following code snippet has already show the correct setting like your said.
#ifdef OOB_PAIRING
lesmp_setSMPOOBdata((UINT8*)oob_tk,LESMP_MAX_KEY_SIZE);
lesmp_setJustWorksNotPermitted();
lesmp_setPasskeyEntryNotPermitted();
#endif
#ifdef PASSKEY_PAIRING
lesmp_setSMPassKey((UINT8*)passKey,LESMP_MAX_KEY_SIZE);
lesmp_setJustWorksNotPermitted();
#endif
From my understanding (referring to section 2.3.5.1 of part H. of vol. 3 of Bluetooth Spec), if OOB is not working, at least the just work shall be applied if non of passkey or OOB available between 2 BTLE device.
Again, from the log of air packet, the hello_client always failed to proceeding to send 'pairing confirm' after receiving 'sm_pairing_rsp' from hello_sensor. Would you explain this for me?
>Is this your understanding of how this process should be handled, or did you assume that this mechanism managed the OOB key exchange directly as well?
Don't really understand this. Am I missing any technical knowledge in running/enabling the OOB upon hello_client and hello_sensor? Please guide me the point to get out from this puzzle.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I will need to discuss with the developers to make sure your understanding is inline with our intended support of OOB pairing.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It is up to you to support only OOB pairing or allow Just Works pairing as well. OOB indeed will provide much higher security, so it is up to your application to figure out what it needs. To enable OOB pairing only you need to #define OOB_PAIRING on the the top of the file in both hello_client_c. and hello_sensor.c.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi victorz,
I just need the OOB pairing.
And unfortunately, I can't make it work by simply uncommentting #define OOB_PAIRING.
I appreciate that if you can provide the source code that you've tested at your side for proving the OOB pairing.
You can check the source code that I'm testing now as files enclosed.
It already spent a lot of time in *aligning* this question, and it's remain at the same spot, no any progress from my first post.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I sincerely apologize for my fault of having the old version of sample code of hello_client.c and hello_sensor.c for testing the OOB pairing. Using the sample code from SDK 2.1.0 is not working at all for this feature.
Now I'm able to get correct pairing and encryption by using the sample code from SDK 2.2.0.
Truly sorry for my mistake and any inconvenience from your attention.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content