Changing Encryption settings using API

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
Anonymous
Not applicable

I've been working on combining the OTA Fixed Stack bootloading functionality into the WPT Receiver example project, and I've been able to overcome a number of challenges in getting everything setup and configured correctly, however I am stuck on the issue of encryption.

   

The OTA bootloader security settings use "unauthenticated pair with encryption" and "Bonding", however the WPT Receiver needs to switch over and use the "no security" and "no bonding" security settings. Since the BLE Stack resides in the bootloader, I use the GUI to configure it for the OTA bootloader security settings (and this works just fine and I have no trouble performing OTA updates with CySmart). However, in the application code of the WPT Receiver, I am trying to change the settings to no security and no bonding in the code.

   

I've added code to update the cyBle_authInfo variable before making the call the CyBle_Start() in my int main() function, as shown below:

   

    cyBle_authInfo.bonding = CYBLE_GAP_BONDING_NONE;
    cyBle_authInfo.security = (CYBLE_GAP_SEC_MODE_1 | CYBLE_GAP_SEC_LEVEL_1 );
    
    /* Start CYBLE component and register generic event handler */
    CyBle_Start(AppCallBack);

   

It appears that this takes effect, as I'll explain below, but that there is still something missing from truly configuring the security settings properly. Here's what I observe with CySmart when trying to interact with the WPT Receiver (not in bootloader mode): I can connect to the device, no problem, then I discover all attributes, also no problem. However, when I click the button to "Enable All Notifications", I get the error message saying "Write characteristic descriptor failed. Insufficient encryption". Note that when running the original WPT Receiver example project, "Enable All Notifications" works just fine. 

   

So this leads me to believe that the code shown above to update cyBle_authInfo.security isn't taking effect, BUT, when I click "Pair" in CySmart, it responds with the message "Authentication failed. Pairing is not supported by the peer device.", so that leads me to believe that my update to cyBle_authInfo.bonding is working just fine. As you can imagine, I'm a bit perplexed as to what I need to do from here. I've scoured the BLE Stack documentation looking for any other related API calls to try in order to get the security settings to update or otherwise change the encryption settings.

   

I'd absolutely appreciate it if anyone could point out what I'm missing, or what else I should try in order to ensure I've removed the BLE encryption requirement from the application part of my program. Thanks so much!

0 Likes
1 Solution
Anonymous
Not applicable

The problem here is most likely in your GATT definition, which has security settings defined independently from the cyBle_authInfo structure. Can you check the Permissions section for the characteristic(s) in question in the BLE component configurator? Make sure that there are no security requirements for any enabled actions (read or write).

   

   

View solution in original post

0 Likes
2 Replies
Anonymous
Not applicable

The problem here is most likely in your GATT definition, which has security settings defined independently from the cyBle_authInfo structure. Can you check the Permissions section for the characteristic(s) in question in the BLE component configurator? Make sure that there are no security requirements for any enabled actions (read or write).

   

   

0 Likes
Anonymous
Not applicable

Thanks for pointing that out. I had a look and they were set for Encryption required, so changing them to No encryption required and rebuilding the code resulted in exactly the behavior I was looking for. Thanks so much for your help on this issue!

0 Likes