2024-05-06 07:35 PM
In `ble_defs.h`, we have the following security permissions for attributes:
/* Security permissions for an attribute
*/
#define ATTR_PERMISSION_NONE 0x00U /* No security. */
#define ATTR_PERMISSION_AUTHEN_READ 0x01U /* Need authentication to read */
#define ATTR_PERMISSION_AUTHOR_READ 0x02U /* Need authorization to read */
#define ATTR_PERMISSION_ENCRY_READ 0x04U /* Need encryption to read */
#define ATTR_PERMISSION_AUTHEN_WRITE 0x08U /* Need authentication to write */
#define ATTR_PERMISSION_AUTHOR_WRITE 0x10U /* Need authorization to write */
#define ATTR_PERMISSION_ENCRY_WRITE 0x20U /* Need encryption to write */
In particular, we have permissions to ensure ecryption of read and write operations, but no permissions to ensure encryption for notification, indication, or write-without-response.
If I create a characteristic with the write-without-response property and the encrypted write permission, then performing a write-without-response operation on that characteristic does not seem to trigger an "insufficient encryption" error on the central device and therefore does not trigger a pairing request on iOS.
However, if I create the same characteristic with the write property and the encrypted write permission, performing a write operation *does* trigger an "insufficient encryption" error and pairing request.
This makes me think the ATTR_PERMISSION_ENCRY_WRITE permission does not apply to write-without-response.
So, I am wondering how we can ensure that a particular notification, indication, or write-without-response is encrypted.
Thanks!
Solved! Go to Solution.
2024-11-21 03:01 AM
For your information, I open a ticket to the ST support, and I got the answer for these behaviors:
For the case declaration of a characteristic with CHAR_PROP_WRITE_WITHOUT_RESP and ATTR_PERMISSION_ENCRY_WRITE, but I can write into the characteristic without to be paired:
=> "yes, client can write the characteristic without pairing, but this write is ignored on server side and as there is no response, client is not notified. You can try by reading the characteristic value back, that as long as you're not bonded, write is not changing the characteristic value."
For the case declaration of a characteristic with (CHAR_PROP_NOTIFY | CHAR_PROP_READ) and ATTR_PERMISSION_ENCRY_READ, the Read access is protected by the pairing process, but I can activate the Notification and have data through Notification without to be paired:
=> "notification is enabled by writing into characteristic descriptor, to protect notification you need set ATTR_PERMISSION_ENCRY_WRITE"
For the notification, after applying the ENCRY_WRITE permission, when I try to activate the Notification, the smartphone ask for the pairing correctly.
(I use stack version 1.17.2 too)
Best regards
2024-06-02 10:10 AM
Hello @crwper
I'm not able to understand this behavior. Could you please explain more about it.
Best Regards.
STTwo-32
To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
2024-06-12 09:20 AM
I suppose the question is this: The flags in `ble_defs.h` only allow me to require encryption for "read" and/or "write" operations. But Bluetooth specifies several different ways we can interact with a characteristic, which STM32_WPAN refers to as:
So there are 5 ways to interact with the characteristic, but only 2 flags to control encryption requirements. I can think of two ways to look at this. First, the flags in `ble_defs.h` might refer to a broader category of interaction, e.g.:
Or, second, they might refer to specific STM32_WPAN operations, e.g.:
I suspect the first option is the correct one, but wanted to confirm rather than assuming this is the case.
2024-11-13 01:01 AM
I got the same issue
- declaration of a characteristic with CHAR_PROP_WRITE_WITHOUT_RESP and ATTR_PERMISSION_ENCRY_WRITE, but I can write into the characteristic without to be paired,
- declaration of a characteristic with (CHAR_PROP_NOTIFY | CHAR_PROP_READ) and ATTR_PERMISSION_ENCRY_READ, the Read access is protected by the pairing process, but I can activate the Notification and have data through Notification without to be paired.
So I wonder if you have resolved this issue ?
Best regards.
2024-11-13 05:56 AM
I get similar results to what you describe, but there are some details which might be important here. For my test, I have two characteristics:
If I reset all bonding information on both my peripheral and the host, then connect to my peripheral using LightBlue:
So reading from CRS_RX works as expected but the following outcomes are not as expected:
For this test I used stack version 1.17.2.
2024-11-21 03:01 AM
For your information, I open a ticket to the ST support, and I got the answer for these behaviors:
For the case declaration of a characteristic with CHAR_PROP_WRITE_WITHOUT_RESP and ATTR_PERMISSION_ENCRY_WRITE, but I can write into the characteristic without to be paired:
=> "yes, client can write the characteristic without pairing, but this write is ignored on server side and as there is no response, client is not notified. You can try by reading the characteristic value back, that as long as you're not bonded, write is not changing the characteristic value."
For the case declaration of a characteristic with (CHAR_PROP_NOTIFY | CHAR_PROP_READ) and ATTR_PERMISSION_ENCRY_READ, the Read access is protected by the pairing process, but I can activate the Notification and have data through Notification without to be paired:
=> "notification is enabled by writing into characteristic descriptor, to protect notification you need set ATTR_PERMISSION_ENCRY_WRITE"
For the notification, after applying the ENCRY_WRITE permission, when I try to activate the Notification, the smartphone ask for the pairing correctly.
(I use stack version 1.17.2 too)
Best regards
2024-11-26 06:51 PM
Thank you for sharing this!