• State Resolved
  • Locked Locked
  • Replies 2 replies
  • Subscribers 51 subscribers
  • Views 1230 views
  • Users 0 members are here
Support feedback
Options
Options
Related

This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

BLE Stack 1.3 Pairing/Bonding

Oliver Fueckert
Prodigy 50 points
Other Parts Discussed in Thread: CC2540, BLE-STACK

We are working on a Home Automation consumer device using CC2540 in the Peripheral Role.
Code is complete and during testing we stumbled across the following behavior while pairing/bonding with IOS:

The first pairing bonding attempt works just fine.
But when we delete the paired device in IOS Settings and try to reestablish the connection, no more pairing process is kicked off and the application fails.
It assume the BLE Stack retains the old Bond in NVRAM and does not realize the phone lost its LTKs. I would expect the Stack to start a new Bonding procedure for this device.

I realize I can brute force erase all the bonds in NVRAM, but as multiple enduser devices use the peripheral this is not a workable option.

Do we have an issue with our code or is this a problem with the TI BLE stack ? 

Any workaround or suggestions are greatly appreciated as we are under pressure to go to manufacturing asap and this problem presents a show-stopper for us.

best regards,

Oliver.

  • 0
    Intellectual 690 points

    Hi Oliver,

    I ran into this problem as well and believe it's an issue with iOS, not BLE-Stack.  

    When the iOS device forgets the CC2540, then when it tries to write to a characteristic with permissions of GATT_PERMIT_AUTHEN_READ_WRITE the CC2540 returns an ATT_ERR_INSUFFICIENT_ENCRYPT since it still thinks it's paired with the iOS device - instead of an ATT_ERR_INSUFFICIENT_AUTHEN which it returns when it's not paired.

    From what I found, iOS doesn't like the ATT_ERR_INSUFFICIENT_ENCRYPT error, and won't initiate pairing if it receives it.  It will initiate pairing if it receive the ATT_ERR_INSUFFICIENT_AUTHEN though. 

    So to get around this I set the permissions on my characteristics to GATT_PERMIT_READ_WRITE and then manually enforce GATT_PERMIT_AUTHEN_READ_WRITE in WriteAttrCB.  I then always return the ATT_ERR_INSUFFICIENT_AUTHEN error if the remote device is not authenticated or encrypted.

    John

  • 0 in reply to J.Sample
    Prodigy 50 points

    Thanks for taking the time to respond!

    Looking at the sniffer traces you are absolutly right.
    I'll refactor the WriteAttrCB and ReadAttrCB accordingly and give it a try.

    Ollie.