2018-07-29 04:03 AM
Dear all
I have terrible problem regarding security in my application developed for a client. I am using BlueNRG-2 in my target system (which is custom made) and I observed the same situation on STEVAL-IDB007V1 as well.
To make things short, the easiest way to reproduce the problem is to upload the "Security peripheral" example onto STEVAL-IDB007V1 (EVAL for short) board, and make it run. Then download the nRF Connect application for Android (the best app I know), and bond with the EVAL. Bonding seems to work fine, although it sometimes would ask me for a PIN event though I opted for "JustWorks", but whatever. Then , after bonding I can connect without problems, BUT only after when I disconnect, firmware switches do undirected connectable calling aci_gap_set_undirected_connectable finction WITH the WHITELIST. And now whenever I try to connect again I get dreaded 0x85 GATT ERROR (read through nordic semi forums to see why I said "dreaded"). The only way to connect to EVAL board from now on is to reset it (it clears security databse and the whitelist) and to clear bond information on the cellphone. After every reset the EVAL board switches itself to general doscoverable mode (without whitelist) and accepts bonding and/or connecting. I spent few deys on this and:
* Tried HUAWEI honor 9, and Samsung galaxy s5
* Tried some old iPhone, and iPad (i'm not into Apple, so can't recall the mode ls, but surely BLE capable, and first connection works just fine).
*Tried Ubuntu 18.04 under which IT WORKS (i.e. I can reconnect after bonding), but only under it (!!!!)
* Tried STSW-BLUENRG1-DK version 2.6.0 and 3.0.0 (which BTW fixes completely different BUG I had previously).
* Tried my own firmware based on the Security example on the BlueNRG-2 target.
* If I don't use WHITELIST_FOR_ALL, every thing seems to work, but obviously I want to prevent other devices to be able to connect after my device was bonded with user's cellphone.
* In the ble_status.h there is an error constant named BLE_STATUS_INTERVAL_TOO_LARGE defined to 0x85 value suggesting, that maybe the issue has something to do with wrong connection or advertising intervals. I tried some shorter ones, but no luck.
* I tried many ideas found on nrodic semi forums, but still nothing.
I am leaning towards opinion, that this is a ST's BLE stack bug, but who knows... Please, if someone could test my scenario, that would be great. Or maybe you guys have some other idea for exclusive connections to a single bonded device, that also would be great.
2018-07-29 04:36 AM
Hey guys,
As suggested somewhere else on this forums It seems, that both iOS and Android Lollipop and higher uses Random Private Resolvalble addresses (http://www.summitdata.com/blog/overview-addressing-privacy-lairds-ble-modules/), so this would explain my case. So please If someone could help me to turn on "Controller Privacy" on my BlueNRG-2. Whenever I issue :
aci_gap_init (GAP_PERIPHERAL_ROLE, 0x02 .....
In my code, I get error BLE_STATUS_INVALID_PARAMS. It is as if I used some older version od BLE stack, where BLE 4.2 was not supported, but just like I said above, I use the newest STSW version 3.0.0. The same goes if I want to turn "LE secure connections" instead of "legacy pairing" then I get BLE_ERROR_UNSUPPORTED_FEATURE.
Thanks.
2018-08-01 09:44 AM
It indeed were problems with privacy. I made small article on how I fixed this in case someone was interested : http://www.iwasz.pl/electronics/bluenrg-2-android-source-code-troubleshooting-bonding-and-privacy/
2024-03-16 01:52 AM - edited 2024-03-16 02:10 AM
@LauraCx @Rene Lenerve @Laurent LOUAZON
Hi
Even though many years have passed, I still have this problem.
the BLE_Security example can't work correctly, after I flash the example, when I use nRF Connect in andorid 13 to connect Bluenrg1, it will auto disconnect after connect.
And because I use 16M high speed crystal, I can't enable Controller Privacy in my BlueNRG1 device.
Is there any solution or workaroung?