cancel
Showing results for 
Search instead for 
Did you mean: 

STM32WBA OOB Pairing not working

Portilha
Associate II

Hello, I am working with STM32WBA52 and I am using the X-Nucleo-NFC07A1 Tag to try to perform BLE OOB Pairing. From the sparse existent documentation regarding this subject, I have understood that the SecurityParams_t structure had a flag to indicate OOB Pairing support, however this flag does not exist anymore. 

 

 

typedef struct
{
  /* IO capability of the device */
  uint8_t ioCapability;

  /**
   * Authentication requirement of the device
   * Man In the Middle protection required?
   */
  uint8_t mitm_mode;

  /* Bonding mode of the device */
  uint8_t bonding_mode;

  /**
   * this variable indicates whether to use a fixed pin
   * during the pairing process or a passkey has to be
   * requested to the application during the pairing process
   * 0 implies use fixed pin and 1 implies request for passkey
   */
  uint8_t Use_Fixed_Pin;

  /* Minimum encryption key size requirement */
  uint8_t encryptionKeySizeMin;

  /* Maximum encryption key size requirement */
  uint8_t encryptionKeySizeMax;

  /**
   * fixed pin to be used in the pairing process if
   * Use_Fixed_Pin is set to 1
   */
  uint32_t Fixed_Pin;

  /**
   * this flag indicates whether the host has to initiate
   * the security, wait for pairing or does not have any security
   * requirements.
   * 0x00 : no security required
   * 0x01 : host should initiate security by sending the slave security
   *        request command
   * 0x02 : host need not send the clave security request but it
   * has to wait for paiirng to complete before doing any other
   * processing
   */
  uint8_t initiateSecurity;
  /* USER CODE BEGIN tSecurityParams*/

  /* USER CODE END tSecurityParams */
}SecurityParams_t;

 

 

-> First I configure the authentication parameters:

 

 

 /* Initialize authentication */
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.mitm_mode             = CFG_MITM_PROTECTION;
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.encryptionKeySizeMin  = CFG_ENCRYPTION_KEY_SIZE_MIN;
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.encryptionKeySizeMax  = CFG_ENCRYPTION_KEY_SIZE_MAX;
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.Use_Fixed_Pin         = CFG_USED_FIXED_PIN;
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.Fixed_Pin             = CFG_FIXED_PIN;
  bleAppContext.BleApplicationContext_legacy.bleSecurityParam.bonding_mode          = CFG_BONDING_MODE;
  /* USER CODE BEGIN Ble_Hci_Gap_Gatt_Init_1*/

  /* USER CODE END Ble_Hci_Gap_Gatt_Init_1*/

  ret = aci_gap_set_authentication_requirement(bleAppContext.BleApplicationContext_legacy.bleSecurityParam.bonding_mode,
                                               bleAppContext.BleApplicationContext_legacy.bleSecurityParam.mitm_mode,
                                               CFG_SC_SUPPORT,
                                               CFG_KEYPRESS_NOTIFICATION_SUPPORT,
                                               bleAppContext.BleApplicationContext_legacy.bleSecurityParam.encryptionKeySizeMin,
                                               bleAppContext.BleApplicationContext_legacy.bleSecurityParam.encryptionKeySizeMax,
                                               bleAppContext.BleApplicationContext_legacy.bleSecurityParam.Use_Fixed_Pin,
                                               bleAppContext.BleApplicationContext_legacy.bleSecurityParam.Fixed_Pin,
                                               CFG_BD_ADDRESS_TYPE);

 

 

-> Then I generate the public key:

 

 

 uint8_t ALL_EVENTS[8]={0x9F,0x01,0x00,0x00,0x00,0x00,0x00,0x00};
 hci_le_set_event_mask(ALL_EVENTS);
 ret = hci_le_read_local_p256_public_key();

 

 

 -> Wait for the callback event:

 

 

 case HCI_LE_READ_LOCAL_P256_PUBLIC_KEY_COMPLETE_SUBEVT_CODE:
        {
        	APP_DBG_MSG("==> OOB Key Gen Event!\r\n");
            runOOB();
        }

 

 

-> runOOB function to set the OOB data in the NFC tag:

 

 

static void runOOB(void)
{
  uint8_t at = 0;
  uint8_t add[6] = {0,0,0,0,0,0};
  uint8_t len = 0;
  uint8_t rand[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
  uint8_t hash[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
  ST25DVxxKC_PASSWD_t default_password = {.MsbPasswd=0, .LsbPasswd=0};
  ST25DVxxKC_RF_PROT_ZONE_t rf_write_protect = {.PasswdCtrl = ST25DVXXKC_PROT_PASSWD1 , .RWprotection =ST25DVXXKC_WRITE_PROT};

  NFC07A1_NFCTAG_SetRFDisable_Dyn(0);
  NFC07A1_NFCTAG_PresentI2CPassword(0, default_password);
  NFC07A1_NFCTAG_WriteRFZxSS(0, ST25DVXXKC_PROT_ZONE1, rf_write_protect);


  /* This dummy call is required to enable OOB */
  #ifdef OOB_SECURE
  	  int status = aci_gap_set_oob_data(0,0,add, 0, 0, rand);
  #endif

   Ndef_Bluetooth_OOB_t NdefBle = {
		   	   	   	   	   	   	   	   .OptionalMask = (NDEF_BLUETOOTH_OPTION(BLUETOOTH_EIR_COMPLETE_LOCAL_NAME) |
		                                                NDEF_BLUETOOTH_OPTION(BLUETOOTH_EIR_SECURITY_MANAGER_TK_VALUE)),
                                       .LocalName = "ST25OOB",
                                       .Type = NDEF_BLUETOOTH_BLE,
                                       .Role = NDEF_BLE_ROLE_PERIPH_ONLY,
                                       .DeviceAddressType = NDEF_BLE_PUBLIC_ADDRESS_TYPE
   	   	   	   	   	   	   	   	  };


	#ifndef OOB_SECURE
	   memcpy(NdefBle.DeviceAddress,bd_addr_udn,sizeof(NdefBle.DeviceAddress));
	   for(int i = 5; i >= 0; i --)
		   NdefBle.DeviceAddress[i] = bd_addr_udn[5-i];
	#else
		   status = aci_gap_get_oob_data(1, &at,add,&len, rand);
		   status = aci_gap_get_oob_data(2, &at,add,&len, hash);

		   for(int i = 5; i >= 0; i --)
			   NdefBle.DeviceAddress[i] = add[5-i];
		   for(int i = 15; i >= 0; i --)
		   {
			   NdefBle.SimplePairingRandomizer[i] = rand[15-i];
			   NdefBle.SimplePairingHash[i] = hash[15-i];
		   }
	#endif

   NDEF_ClearNDEF();
   NDEF_AppendBluetoothOOB(&NdefBle, "STM32WBA52");

   NFC07A1_NFCTAG_ResetRFDisable_Dyn(0);
   LOG_INFO_APP("==> Run OOB Function Executed!\r\n");
   //BSP_LED_On(LED_BLUE);
}

 

 

This should allow to bluetooth pair by tapping the NFC tag with the phone, however it is requiring a pin as if it was using only the I/O capability (display one). Can anyone provide solutions?

Best regards.

0 REPLIES 0