Skip to main content
rdscliff
rdscliff
Associate III
May 1, 2019
Question

What does Status code of 0x03 mean for ACI_GAP_PAIRING_COMPLETE_EVENT mean?

  • May 1, 2019
  • 4 replies
  • 3204 views

I'm using a BlueNRG-2 Evaluation Board in network coprocessor mode with the GUI. Firmware is DTM v3.1. When trying to set up a secure paired connection, I sometimes get an event ACI_GAP_PAIRING_COMPLETE_EVENT with a Status code of 0x03. Status codes of 0,1, and 2 are valid. So what does code 3 mean? And the reason code is always zero.

From experimentation, one cause is an invalid authentication configuration. But another cause appears to be an uncommon situation where the remote phone is bonded but the BlueNRG-2 does not have Bonding_Mode turned on with the ACI_GAP_SET_AUTHENTICATION_REQUIREMENTS command. So the phone thinks the device has a key from a previous connection when it really doesn't.

This topic has been closed for replies.

4 replies

rdscliff
rdscliffAuthor
Associate III
May 4, 2019

I was digging through the documentation for more info on the stack security procedures. Found a "fixed" bug that appears related to my problem above:

  • ID 5284: aci_gap_pairing_complete_event has to be returned even after an encryption is initiated by the peer (master) and it fails because key is locally missing.

Is the new status code part of the bug fix?

Winfred LU
Winfred LU
ST Employee
May 7, 2019

Hi rdscliff,

Yes, the ID 5284 bug fixing is related.

Possible pairing status values would be:

  • 0x00: Success
  • 0x01: Timeout
  • 0x02: Pairing Failed
  • 0x03: Encryption failed, LTK missing on local device
  • 0x04: Encryption failed, LTK missing on peer device
  • 0x05: Encryption not supported by remote device

It's normal to always see 0 in reason code when status is 3.

A non-zero reason code is only valid when status is equal to 2 (failed).

The documents will be updated in the next DK release.

Best Regards,

Winfred

rdscliff
rdscliffAuthor
Associate III
May 24, 2019

So what is the procedure for re-pairing and exchanging LTKs after receiving a status code 3, LTK missing on local device? I've tried several things but none seem to work with an iPhone that was previously bonded.

I've tried sending an ACI_GAP_SLAVE_SECURITY_REQ to try to exchange a new key but I still get back the same ACI_GAP_PAIRING_COMPLETE_EVENT with status code 3. I tried inserting an ACI_GAP_ALLOW_REBOND before the ACI_GAP_SLAVE_SECURITY_REQ but that was flagged as "not allowed".

I just tried an Motorola Android phone and sending ACI_GAP_SLAVE_SECURITY_REQ seems to work and pairing completes successfully. So this might be an iOS problem.

rdscliff
rdscliffAuthor
Associate III
May 7, 2019

Thank you. Good to know what status=5 means since the handling in my code will need to be different.

TSane.1
TSane.1
Associate
July 7, 2020

@Winfred LU​ Which stack release do I need to pull this in, I am currently using V1.0.0.

The issue I see, seems similar, where in I don't see the paring complete ever being called (rarely called or not returned at all).

My Initiator parameters are (BLE112D)

Io capability 7 (Display with Keyboard), mitm enabled, encryption key min size 7, bonding enabled.

The peripheral is a bluenrg, with authentication details.

ret = aci_gap_set_authentication_requirement(  BONDING,

                              MITM_PROTECTION_REQUIRED,

                              SC_IS_SUPPORTED,    

                              KEYPRESS_IS_NOT_SUPPORTED,

                              7,

                              16,

                              DONOT_USE_FIXED_PIN_FOR_PAIRING,

                              pincode,

                              PUBLIC_ADDR);

Are these requirements for authentication valid ?

And does this seem a relatable issue ?

TSane.1
TSane.1
Associate
July 7, 2020

@Winfred LU​   Which stack release do I need to pull this in, I am currently using V1.0.0.

The issue I see, seems similar, where in I don't see the paring complete ever being called (rarely called or not returned at all).

My Initiator parameters are (BLE112D)

Io capability 7 (Display with Keyboard), mitm enabled, encryption key min size 7, bonding enabled.

The peripheral is a bluenrg, with authentication details.

ret = aci_gap_set_authentication_requirement(  BONDING,

                              MITM_PROTECTION_REQUIRED,

                              SC_IS_SUPPORTED,    

                              KEYPRESS_IS_NOT_SUPPORTED,

                              7,

                              16,

                              DONOT_USE_FIXED_PIN_FOR_PAIRING,

                              pincode,

                              PUBLIC_ADDR);

Are these requirements for authentication valid ?

And does this seem a relatable issue to ID 5284?

Terms & ConditionsAccessibility statement