2 Replies Latest reply on Aug 3, 2016 8:15 AM by dturney_1462731

    Auth/Encrypt Bonding One-to-one

    dturney_1462731

      I'm designing both sides, Server and Client, and want to setup the bonding similar to what's show in the 100 days Privacy example.  

         

      The issue I'm having trouble understanding is that neither device has numerical keys for authorization.  

         

      The way I would like to work around this is, internally on the Peripheral/Server side, I'll use a formula to create a key using internal data, and on the Central/Client side, I can use the same formula and advertisement or scanned response data to create the create key to bond.  

         

      I've looked at the Privacy example because it will be a one-to-one setup, so no other devices will need to be bonded.

         

       How can I set this up to setup the link with little user interaction?  An idea would be that once the Central scans the unbonded peripheral, an LED flashed and waits for a single button press on the Central to complete/confirm bonding with that peripheral.

         

      Thank you in advance for any direction on this.

        • 1. Re: Auth/Encrypt Bonding One-to-one
          cjoachim_1597296

          Since you do not have numerical keys, your device has I/O Capabilities different from Keyboard. Maybe just Display? Maybe Display and a YesNo button? Or no IO capabilites - NoInputNoOutput

             

           

             

          Take a look at the BLE component: GAP Settings > Security -> I/O Capabilites !

          • 2. Re: Auth/Encrypt Bonding One-to-one
            dturney_1462731

            Thank you for your help!  That helps clear up some aspects, but I'm still confused about a few.  Mostly with the BLE events and APIs.  Basically, since there isn't really any inputs for entering a pairing key (one button on the peripheral side and 2 on the Central), I had a formula in mind so the Peripheral can create a static pairing key, and the Central can check against what its created dynamically for each device scanned.  I can see that, in my case, the Peripheral wil get a CYBLE_EVT_GAP_PASSKEY_ENTRY_REQUEST event, which it responds with CyBle_GapAuthPassKeyReply(...pairing key...).  What I can't find is where the Central accepts the key and validates it.  What event is generated or where do I set up the key on the Client side before/after CyBle_GapAuthPassKeyReply is called from the Peripheral?