[EZ-Serial Firmware for CYW2070x-based Modules] Encryption start trigger

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
KeTa_1341526
Level 5
Level 5
Distributor - TED (Japan)
10 likes given 10 likes received 5 likes given

Hello,

Please tell me about the trigger to start data encryption of EZ-Serial Firmware.

I think there are three ways to encrypt.

1. A case where pairing is performed by performing pairing from Central (pairing starts with "settings" of a smartphone etc.), and encrypted communication is taken over as it is.

2. A case where Central accesses a characteristic that has peripheral security enabled, and Central starts encryption when Insufficient Authentication is returned.

3. A case where the central starts encryption by sending a "slave security request" to the central after the peripheral connects.

I think Case 1 supports it. (Because it is normal encryption)

Are 2 and 3 supported by CYSPP Profile (CYSPP Service)?

Best regards,

Takahashi

0 Likes
1 Solution

I checked the FW code. You are right. It sends security request to initiate the pairing procedure.

View solution in original post

0 Likes
5 Replies
Owen_Zhang123
Moderator
Moderator
Moderator
5 questions asked 500 solutions authored 250 sign-ins

Case 1 and 2 are supported by the CYSPP profile.

Case 3 should be sent by the client device. The CYSPP client doesn't support this command.

0 Likes
KeTa_1341526
Level 5
Level 5
Distributor - TED (Japan)
10 likes given 10 likes received 5 likes given

Thank you.

However, I have a additional question about Case2 & Case3.

[Case2]

Q1.

Does the characteristic (ex. UUID 65333333-A115-11E2-9E9A-0800200CA102) in the CYSPP service (UUID 65333333-A115-11E2-9E9A-0800200CA100) already have PERMISSION(Read/write - Encryption/Authentication/Authorization) set?

[Case 3]

Q2.

My writing was wrong.

Case3 is considered to be a Slave Security request mainly used by Android OS.

When starting Pairing, iOS and Android recognize the following starting steps.

* Refer to the following.

  https://stackoverflow.com/questions/29204634/ios-bluetooth-ble-security-and-just-works-association-m...

iOS:

The slave (peripheral) receives an Attribute write request (ATT_WRITE_REQ) from the master (Central), and the slave returns ATT_ERROR_RSP. Then the master starts pairing (sending a Pairing request)

Android OS:

The slave (peripheral) sends a security start request (Slave Security Request) to the master (central).

Then the master starts pairing (sending a Pairing request)

Does EZ-Serial F/W support either pairing start method?

Best regards,

Takahashi

0 Likes

1. The character for CYSPP service is Read/write, not encryption.

You can refer to 3.8  Security and Encryption Examples for security operation.

2. The Slave Security Request command is not supported in the current API command of the EZ Serial.

Following is the latest EZ-Serial user guide: https://www.cypress.com/documentation/reference-designs/ez-serial-wiced-firmware-platform-user-guide...

0 Likes
KeTa_1341526
Level 5
Level 5
Distributor - TED (Japan)
10 likes given 10 likes received 5 likes given

Hello,

>2. The Slave Security Request command is not supported in the current API command of the EZ Serial.

Isn't Slave security request the /P (smp_pair) API?

In [3.8.1.1 Pairing in “Just Works” Mode Without MITM Protection (BLE)], it seems that /P API is used to make a Pairing request to the Peer Device.

Best regards,

Takahashi

0 Likes

I checked the FW code. You are right. It sends security request to initiate the pairing procedure.

0 Likes