Re: BLE "Just-Works" configuration

Jeremy Herbert

I ended up resolving this, it was to do with the previous bond information being stored. The following two configs fixed it:


Note that this is an insecure configuration, CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE allows a possible forced deauth and reauth MITM attack. But for testing it works fine.


On Sat, 13 Jun 2020 at 12:34, Jeremy Herbert via <> wrote:

I'm trying to set up Zephyr as a BLE peripheral with an nrf52810. I have the peripheral_hids example running fine, including bonding with the passkey being printed out over printk. However, my actual end device doesn't have any input/output other than a few buttons, so I'd like to change this to use "Just-Works" pairing so it can at least bond and have encrypted communication but not have MITM protection (ie BT_SECURITY_L2). I can't seem to find much documentation on implementing this scenario using Zephyr, so I was wondering if there is an example available on exactly what to do for this type of pairing/bonding where no input/output is available?

I did give it a try myself based on this example, but I am a bit stuck. I have tried setting the bt_conn_auth_cb members all to NULL, as well as changing the GATT entry permissions to BT_GATT_PERM_READ_ENCRYPT instead of BT_GATT_PERM_READ_AUTHEN (I also did the same for the BT_GATT_PERM_WRITE_AUTHEN).

When connecting and bonding with an android device (I'm using the nRF connect app), it asks to pair, but then on continuing with this it fails. In the debug log from the device I can see (I removed the MAC address):

Security failed: XX:XX:XX:XX:XX:XX (public) level 1 err 4

Disconnected from XX:XX:XX:XX:XX:XX (public) (reason 0x13)

where error code 4 is BT_SMP_ERR_CONFIRM_FAILED. I also tried setting a pairing_confirm callback in the bt_conn_auth_cb struct which just confirms the connection by calling bt_conn_auth_pairing_confirm(), but it doesn't appear to make a difference.

Any pointers would be appreciated.


Join to automatically receive all group messages.