Out of Band Pairing

~Amit~ · ‎2020-06-18

Hi,

I have a project where we use the STM32WB55 with the ST25R3911B as NFC module for OOB pairing.

I couldn't find any example for OOB pairing flow.

My start point is the p2p_server example and I can see there are:

BleApplicationContext.BleApplicationContext_legacy.bleSecurityParam.OOB_Data
BleApplicationContext.BleApplicationContext_legacy.bleSecurityParam.OOB_Data_Present

which I assume are relevant for my cause.

After reading AN5289 I also can tell there are:

aci_gap_set_oob_data()
aci_gap_get_oob_data() - which in my case always return an array of '0' at the

But I can't figure how to connect the dots. is there any example for OOB?

when I am invoking get oob data as below I always get OOB_Data array of '0', why?

uint8_t Address_Type = 0;

uint8_t Address[6];

// initial value is just for seeing it gets override

uint8_t OOB_Data[16] = { 0x01, 0x02, 0x03 };

uint8_t OOB_Data_Len;

uint8_t getOobDataRes = aci_gap_get_oob_data(0x01, &Address_Type, Address, &OOB_Data_Len, OOB_Data);

If there is no example I would appreciate if you can answer my questions ( a reference to the relevant functions would be awsome! :(

when I invoke aci_gap_set_oob_data() what should be the content of OOB_Data argument? I can see it's 16 bytes (which I assume received from outside) but what are thay stand for? is there any standard for it?
What is the flow I need to conduct in order to pair a device once I recieved the NDEF via NFC?
After the pairing process, If I want them to bond what else is required?
After the bonding how can I implement white list such that only the bonded device would be able to connect?

Thanks

Remi QUINTIN · ‎2020-07-09

1) In fact the HCI_COMMAND_COMPLETE_EVT_CODE is already managed on the CMO+ core. So you wont see it at M4 core level.

2)The bonding list is managed internally by the CM0+ core in SRAM but is regularly saved in Flash memory when there no RF activity, especially after disconnection.

So this list should be available after reset. one possible cause is the reset of the device before any disconnection. The CM0+ would not have time to save the bonded devices list.

3) The white list is manage by the user using ACI function like HCI_LE_READ_WHITE_LIST_SIZE , HCI_LE_CLEAR_WHITE_LIST, HCI_LE_ADD_DEVICE_TO_WHITE_LIST, HCI_LE_REMOVE_DEVICE_FROM_WHITE_LIST.

Have a look at the AN5270 that describes those functions.

Amogh · ‎2022-02-28

Hello @Remi QUINTIN (Employee)

I have tried implementing the OOB from a firmware example I found on the forum, and from the little nuggets of information that I got from the above posts, I put together the pieces, but I haven't been able to trigger OOB Byte in the firmware version binary 1.13.0. I am using an android Android app and device is STM32Wb series microcontroller. Irrespective of permutations and combinations that I have tried, connection always falls back to numeric pairing.. :(

My Goal is to have Preset OOB Key on Device(STM32WB) and Phone(currently android) to establish a secure connection.

Added event mask to generate 256bit key after "aci_gap_set_authentication_requirement"

uint8_t ALL_EVENTS[8]={0x9F,0x01,0x00,0x00,0x00,0x00,0x00,0x00};
  hci_le_set_event_mask(ALL_EVENTS);  
  int status = hci_le_read_local_p256_public_key();
  APP_DBG_MSG("\r\n\r EVENT MASK To Generate a LOCAL 256 Key %d \n",status );

Added "HCI_LE_READ_LOCAL_P256_PUBLIC_KEY_COMPLETE_SUBEVT_CODE" event in

switch (meta_evt->subevent)
      {
             .// few more cases not shown for clarity
   case HCI_LE_READ_LOCAL_P256_PUBLIC_KEY_COMPLETE_SUBEVT_CODE:
        {       
          APP_DBG_MSG("\n\r OOB Key Gen Event!");
         runOOB();
        }
}

Added a runOOB Function

static void runOOB(void)
{
 
  uint8_t at = 0x00;          
  uint8_t add[6] = {0x00,0x00,0x00,0x00,0x00,0x00};
  uint8_t len = 0x10;
  uint8_t random[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
  uint8_t confirm[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
 
   int status = aci_gap_set_oob_data(0x00,0x00,0x00, 0, 0, 0);
     APP_DBG_MSG("\n\r OOB INITIALIZATION STATUS : %d", status);
 
 
  int statusRand = aci_gap_get_oob_data(0x01, &at,add,&len, random);
  int statusConfirm = aci_gap_get_oob_data(0x02, &at,add,&len, confirm);
  
 
   APP_DBG_MSG("\n\r OOB Key - Random Data: [");
 
for(int i =0; i <16; i++)
   APP_DBG_MSG("%02X:", random[i]);
 
   APP_DBG_MSG("]");
   APP_DBG_MSG("] \n\r OOB Key Hash : ");
 
for(int i =0; i <16; i++)
   APP_DBG_MSG("%02X:", confirm[i]);
  
 
}

Can you please provide some guidance, on what I might be doing wrong?

Thanks

Remy ISSALYS · ‎2022-04-04

Hello,

Did you receive HCI_LE_READ_LOCAL_P256_PUBLIC_KEY_COMPLETE_SUBEVT_CODE event ?

Your implementation seems to be right, once you have OOB data, you need to transmit theses data to the smartphone via NFC. You must write random and confirm data on NFC shield. Can you give us more information about your setup ? Which NFC library you used ?

Best Regards

Amogh · ‎2022-04-04

Hello,

Yes, I do receive the HCI_LE_READ_LOCAL_P256_PUBLIC_KEY_COMPLETE_SUBEVT_CODE , and able to generate the key and print on terminal, but on the android side, advertising packet doesn't contain the flag for OOB pairing, but rather only Pin based pairing.

Remy ISSALYS · ‎2022-04-05

Hello,

Once you have OOB data, you need to write random and confirm data on NFC shield (like X-NUCLEO-NFC04A1 board). OOB pairing demonstration firmware is available here:

https://www.st.com/en/embedded-software/stsw-st25dv004.html#overview

And android application for this demonstration is available here:

https://www.st.com/en/embedded-software/stsw-st25005.html

Best Regards