This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

CC3200: SmartConfig Key entry

Part Number: CC3200
Other Parts Discussed in Thread: UNIFLASH,

Hello,

I successfully paired the launchpad in station mode using http server example. However, I am not able to find a way to do the same securely, i.e. use a key. There is a key field on the ios app. However I can't find where to set the key on the launchpad side. I browsed through the configuration settings in uniflash but didn't find anything. There has to be AES type of encryption capability, correct?

Thanks for your help and advice.

  • Hi David,

    Please take a look at sl_WlanSmartConfigStart() in wlan.h. AES encryption/decryption is done by the on-board crypto-engine on the CC3200.

    Best regards,
    Sarah
  • Hi Sarah, thank you for your reply. I am a bit confused here, in that case what is the "key" entry for on the iphone app? Do you mean that the same AES key is used in CC3200 and the iphone app and the "key" entry is redundant on the app? Again, thank you for feedback.

    Thanks,
    David
  • Hi David,

    Yes, this should be a pre-shared key known to both the app and the device. There's some more information on Smart Config in our provisioning white paper: www.ti.com/.../swry011.pdf

    Best regards,
    Sarah
  • Thank you for the document, very nice summary. As it is mentioned in the doc: "For enhanced security, SmartConfig has an option to encrypt the broadcast data with a pre-shared key between the device and the phone". There is a key field on the ios app (BTW the current ios app is different from the one pictured in the document. The current app has a "Key" field). However, I have some problems using the key on the launchpad side. Seems like it doesn't work when I put the key inside the function call in smartconfig.c file. I provided more details in the next post.

    Thanks,

    David

  • Problem description:

    I tried editing smartconfig.c file to set the key as follows:

    Example 1:

    lRetVal = sl_WlanSmartConfigStart(7, //groupIdBitmask
    1, //cipher
    16, //publicKeyLen
    16, //group1KeyLen
    16, //group2KeyLen
    "abc0abc0abc0abc0", //publicKey
    "abc1abc1abc1abc1", //group1Key
    "abc2abc2abc2abc2"); //group2Key

    This (Example 1) didn't work. When I started SmartConfig on my phone the STA didn't succeed in obtaining network info, even though it succeeded when I removed the keys as follows (Example 2). 

    Example 2:

    lRetVal = sl_WlanSmartConfigStart(7, //groupIdBitmask
    1, //cipher
    0, //publicKeyLen
    0, //group1KeyLen
    0, //group2KeyLen
    NULL, //publicKey
    NULL, //group1Key
    NULL); //group2Key

    Then I tried playing with cipher as follows:

    Example 3:

    lRetVal = sl_WlanSmartConfigStart(7, //groupIdBitmask
    SMART_CONFIG_CIPHER_NONE, //cipher
    16, //publicKeyLen
    16, //group1KeyLen
    16, //group2KeyLen
    "abc0abc0abc0abc0", //publicKey
    "abc1abc1abc1abc1", //group1Key
    "abc2abc2abc2abc2"); //group2Key

    This (Example 3) also worked, however it seemed like the iPhone app didn't care about the keys. I tried entering wrong keys in the iPhone app and the STA still was able to obtain network info. 

    Also, even though both Example 2 and Example 3 were successful, the iPhone app didn't report success in either of the examples. In both cases the app didn't confirm the success, it was rather keeping working as if it's still transferring the network info. However, I could see on TeraTerm that the station was connected to the AP and the IP was shown there as well.

    In summary, here are my questions:

    1) What's the mistake with Example 1, why didn't it work?

    2) Why did Example 3 succeed when entering wrong keys on the iPhone app?

    3) Why didn't iPhone app report success when the STA was able to connect to AP for Examples 2 and 3?

    4) What should the groupIdBitMask value be for 1, 2 and 3 groups? Could you clarify a bit the meaning of "group", what's its purpose?

    Thanks,

    David

  • Hi David,

    I believe the groups were designed so developers can assign certain profiles to different devices. I would suggest trying the recommended configuration from the SmartConfig sections of the User's Guide (www.ti.com/.../swru368a.pdf):

    "Parameters description:
    • groupIdBitmask – Use 1 as the default group ID bitmask (group ID 0).
    To encrypt the password when the encryption key is not stored in the serial flash of the device, use:
    • cipher = 1
    • publicKeyLen = 16
    • group1KeyLen = 0
    • group2KeyLen = 0
    • publicKey = put the key here (use a 16-character string)
    • group1Key = NULL
    • group2Key = NULL"


    You can hardcode the key into the code, or there is also a SmartConfig configuration group in Uniflash that allows you to set the "default" (public) key as well as the group IDs. In this case, you would set sl_WlanSmartConfigStart() to read the key from the serial flash (please see the User's Guide or the CC3200 Uniflash wiki page for more information).

    Has your setup worked for you without changing the encryption settings? We do recommend for product designs that you use AP Provisioning, as SmartConfig may not work with all routers. You can test your setup with the provisioning_smartconfig example in the SDK. The settings you listed in example 1 should have worked (assuming you set the app with one of the provided keys).

    Best regards,
    Sarah
  • I tried your suggested configuration:

    • groupIdBitmask – 1
    • cipher = 1
    • publicKeyLen = 16
    • group1KeyLen = 0
    • group2KeyLen = 0
    • publicKey = "abc0abc0abc0abc0"
    • group1Key = NULL
    • group2Key = NULL"


    The CC3200 connected to my AP and got an IP without any key. This shouldn't happen. Also, even though it was able to connect, the SmartConfig iPhone app didn't report the success. So applicable to this example, I am re-writing my 2 questions from the previous post:
    Why did it succeed when entering wrong keys on the iPhone app?
    Why didn't iPhone app report success when the STA was able to connect to AP?

    Thanks,
    David