How do I refuse bonding?
Posted: Sat Apr 16, 2022 12:02 am
Hi,
I am using bonding with JustWorks, but I would like to only have one bonded device and refuse any other attempt of bonding.
How do I accomplish that?
Here is what I have:
And then I call this on connection event:
This works fine with the JustWorks and it lets me bond my device correctly, but when a second device tries to connect, it also accepts the bonding. I would like to prevent the second one from ever being able to bond if already have one bonded device.
My device should also always refuse connection to any unsecured connections.
Can anyone point me to the right strategy to accomplish this?
I am using bonding with JustWorks, but I would like to only have one bonded device and refuse any other attempt of bonding.
How do I accomplish that?
Here is what I have:
Code: Select all
esp_ble_auth_req_t auth_req = ESP_LE_AUTH_REQ_SC_BOND; // bonding with peer device after authentication
esp_ble_io_cap_t iocap = ESP_IO_CAP_NONE; // set the IO capability to No output No input
uint8_t key_size = 16; // the key size should be 7~16 bytes
uint8_t init_key = ESP_BLE_ENC_KEY_MASK | ESP_BLE_ID_KEY_MASK;
uint8_t rsp_key = ESP_BLE_ENC_KEY_MASK | ESP_BLE_ID_KEY_MASK;
uint8_t auth_option = ESP_BLE_ONLY_ACCEPT_SPECIFIED_AUTH_ENABLE;
uint8_t oob_support = ESP_BLE_OOB_DISABLE;
esp_ble_gap_set_security_param(ESP_BLE_SM_AUTHEN_REQ_MODE, &auth_req, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_IOCAP_MODE, &iocap, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_MAX_KEY_SIZE, &key_size, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_ONLY_ACCEPT_SPECIFIED_SEC_AUTH, &auth_option, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_OOB_SUPPORT, &oob_support, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_SET_INIT_KEY, &init_key, sizeof(uint8_t));
esp_ble_gap_set_security_param(ESP_BLE_SM_SET_RSP_KEY, &rsp_key, sizeof(uint8_t));
Code: Select all
esp_ble_set_encryption(param->connect.remote_bda, ESP_BLE_SEC_ENCRYPT_MITM);
My device should also always refuse connection to any unsecured connections.
Can anyone point me to the right strategy to accomplish this?