Hello,
I have a question about “Peer Manager” BLE library.
Based on documentation & usage example (https://infocenter.nordicsemi.com/topic/sdk_nrf5_v17.1.0/lib_pm_usage.html) the pm_sec_params_set is used in order to configure how the Peer Manager behaves.
I am trying an OOB LE Secure connection with CSRK key distribution set on security configuration parameters (please see below).
// ........ sec_param.bond = true; sec_param.mitm = true; sec_param.lesc = 1; sec_param.keypress = 0; sec_param.io_caps = BLE_GAP_IO_CAPS_DISPLAY_YESNO; sec_param.oob = true; sec_param.min_key_size = 7; sec_param.max_key_size = 16; sec_param.kdist_own.enc = 0; sec_param.kdist_own.id = 1; sec_param.kdist_own.sign = 1; //!!!!!!!!!! sec_param.kdist_peer.enc = 0; sec_param.kdist_peer.id = 1; sec_param.kdist_peer.sign = 1; //!!!!!!!!!! // .........
After a short analysis in the Peer Manager Library I saw that signing property is not supported (pm_sec_params_set returns 7 ).
// pm_sec_params_set(...) -> sm_sec_params_set(...) -> sec_params_verify(...)
static bool sec_params_verify(ble_gap_sec_params_t * p_sec_params)
{
// NULL check.
if (p_sec_params == NULL)
{
return false;
}
...
...
// Signing is not supported.
if (p_sec_params->kdist_own.sign || p_sec_params->kdist_peer.sign)
{
return false;
}
...
...
}
I am wonder if you know something about this limitation.
Based on BLE Core spec. Vol 3, Part H, Section 2.4.3.2 and Vol 3, Part H, Section 3.6.1 when using LE Secure Connections the CSRK may be distributed.
Thank you in advance.
Adrian
