Re: How does the app get notified if authentication failed?


Johan Hedberg
 

Hi Jun,

On Wed, Jun 13, 2018, Li, Jun R wrote:
In my BLE project, a passkey is required to access the NRF51 device;
thus the callback functions of “struct bt_conn_auth_cb” were
implemented to achieve secured paring. What I observed is that

1. The function “cancel” will be called if the other peer canceled
the pairing process.
2. The function “security_changed” will be called if the passkey
was successfully entered.
The second one is a bit ambiguous, since it'll also be called for
subsequent connections when the connection gets encrypted, even though
pairing is not in progress (it already happened over some earlier
connection).

However, my application was NOT notified if a wrong passkey was
entered, thus the BLE connection is still kept. Ideally, I hope to
immediately disconnect the connection if the passkey is wrong.
However, I can’t find a callback function to notify the application if
the passkey was wrong.

With more debugging logs, I can see the function
“smp_pairing_complete” got status (-4) when pairing failed while this
status is zero when successful.

Can anyone enlighten me what kind of function can be used to notify
the application that pairing failed? Thank you!
This seems to be an oversight in the API. I'd propose to add two new
entries to bt_conn_auth_cb, something like the following:

void (*pairing_complete)(struct bt_conn *conn, bool bonded);
void (*pairing_failed)(struct bt_conn *conn);

For the second one we might want to add another parameter for the
reason. An SMP error comes to mind, but then that wont be reusable for
BR/EDR (which we have experimental support for).

Actually, now that I think about it, bt_conn_auth_cb could be
problematic since it's possible to do just-works pairing without
registering such a structure. I wonder if our bt_conn_cb would be
better. That said, these callbacks are strictly about pairing..

Could you open a github issue to track this, so we get it done for 1.13?

Johan

Join devel@lists.zephyrproject.org to automatically receive all group messages.