• Hi
    Would like to secure my puck from connection/writing attempts.
    Not sure what others use - would like some input.
    Was thinking of either using a PIN code if I wanted to do something like connect/write new code, or making it connectable only when the button is pressed.

    Tried using this in the onInit function

    function onInit() {
      NRF.setSecurity({display : 1, keyboard : 1, mitm : 1, passkey : '1234'});
    
    

    but get this error

    Running onInit()...
    BLE Connected, queueing BLE restart for later
    Uncaught Error: ERR 0x7 (INVALID_PARAM)
     at line 1 col 72
    ...mitm : 1, passkey : '1234'});
                                  ^
    in function called from system
    

    Later I moved the NRF.setSecurity({display : 1, keyboard : 1, mitm : 1, passkey : '123456'});
    into the main body of the code and added "56", as it requires 6 characted PIN code.
    But I can still connect to it and it does not ask for the code

    And worst part is that now I am not able to connect to it =( It connects and then instantly disconnects

  • just did a hard reset to get back to it. Removed the "keyboard" option
    Now, while I was not able to push the code, I was still able to correct to it via nRF client and change its name

  • Hi! There are some options shown here that might help you: http://www.espruino.com/BLE+Security#passkey-pin-pairing

    This should work fine to stop connections: NRF.setSecurity({passkey:"123456", mitm:1, display:1});

    I was still able to correct to it via nRF client and change its name

    I'm not quite sure what you mean here. I believe you may be able to connect to the Puck but you won't be able to actually do anything. 'Changing the name' may just be the name that appears in nRF Connect - so nothing on the actual device.

    making it connectable only when the button is pressed.

    This is probably safest. Also, if you're not advertising data all the time you can use less power and make it last longer. Again there are a few code examples on http://www.espruino.com/BLE+Security

  • nRF client shows writeable attributes and name is one of them. I do not know how nRF client connects to change the name (as pairing/bonding is asking for a pin code) without real pairing. But it does and it does it on a device- once changed I can see it changed when I connect from IDE as well as other devices

  • Wow, thanks! I'll look into getting that changed - issue filed here: https://github.com/espruino/Espruino/issues/2033

    In Bluetooth LE each attribute has some security flags - whether it can be read/written by an insecure connection or not. The UART connection security flags are set so that you can't communicate without being in a secure connection (hence the need for a Pin) but it looks like you can change the name without that!

  • Post a reply
    • Bold
    • Italics
    • Link
    • Image
    • List
    • Quote
    • code
    • Preview
About

Would like to secure puck.js with a pin code but it fails

Posted by Avatar for user130485 @user130485

Actions