Security Manager (sm)#
The commands in this section are used to manage Bluetooth security, including commands for starting and stopping encryption and commands for management of all bonding operations.
The following procedure can be used to bond with a remote device:
Use command sm_configure to configure security requirements and I/O capabilities of this device.
Use command sm_set_bondable_mode to set this device into bondable mode.
Use command le_gap_connect to open a connection to the remote device.
After the connection is open, use command sm_increase_security to encrypt the connection. This will also start the bonding process.
If MITM is required, the application needs to display or ask user to enter a passkey during the process. See events sm_passkey_display and sm_passkey_request for more information. The following procedure can be used to respond the bonding initiated by a remote device:
Use command sm_configure to configure security requirements and I/O capabilities of this device.
Use command sm_set_bondable_mode to set this device into bondable mode.
Use command le_gap_start_advertising to set this device into advertising and connectable mode.
Open a connection to this device from the remote device.
After the connection is open, start the bonding process on the remote device.
If MITM is required, the application needs to display or ask user to enter a passkey during the process. See events sm_passkey_display and sm_passkey_request for more information.
sm commands#
sm_add_to_whitelist#
This command can be used to add device to whitelist, which can be enabled with le_gap_enable_whitelisting
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x07 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x13 | method | Message ID |
4-9 | bd_addr | address | Address of the device added to whitelist |
10 | uint8 | address_type | Address type of the device added to whitelist |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x13 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_add_to_whitelist_rsp_t *gecko_cmd_sm_add_to_whitelist(bd_addr address, uint8 address_type);
/* Response id */
gecko_rsp_sm_add_to_whitelist_id
/* Response structure */
struct gecko_msg_sm_add_to_whitelist_rsp_t
{
uint16 result
}
sm_bonding_confirm#
This command can be used for accepting or rejecting bonding request.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0e | method | Message ID |
4 | uint8 | connection | Connection handle |
5 | uint8 | confirm | Accept bonding request. Values: |
0: Reject
1: Accept bonding request
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0e | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_bonding_confirm_rsp_t *gecko_cmd_sm_bonding_confirm(uint8 connection, uint8 confirm);
/* Response id */
gecko_rsp_sm_bonding_confirm_id
/* Response structure */
struct gecko_msg_sm_bonding_confirm_rsp_t
{
uint16 result
}
sm_configure#
This command can be used to configure security requirements and I/O capabilities of the system.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x01 | method | Message ID |
4 | uint8 | flags | Security requirement bitmask. |
Bit 0: |
0: Allow bonding without MITM protection
1: Bonding requires MITM protection
Bit 1:
0: Allow encryption without bonding
1: Encryption requires bonding. Note that this setting will also enable bonding.
Bit 2:
0: Allow bonding with legacy pairing
1: Secure connections only
Bit 3:
0: Bonding request does not need to be confirmed
1: Bonding requests need to be confirmed. Received bonding requests are notified with sm_confirm_bonding events.
Bit 4:
0: Allow all connections
1: Allow connections only from bonded devices
Bit 5 to 7: Reserved
Default value: 0x00
5 | uint8 | io_capabilities | I/O Capabilities. See link
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x01 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_configure_rsp_t *gecko_cmd_sm_configure(uint8 flags, uint8 io_capabilities);
/* Response id */
gecko_rsp_sm_configure_id
/* Response structure */
struct gecko_msg_sm_configure_rsp_t
{
uint16 result
}
sm_delete_bonding#
This command can be used to delete specified bonding information or whitelist from Persistent Store.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x06 | method | Message ID |
4 | uint8 | bonding | Bonding handle |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x06 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_delete_bonding_rsp_t *gecko_cmd_sm_delete_bonding(uint8 bonding);
/* Response id */
gecko_rsp_sm_delete_bonding_id
/* Response structure */
struct gecko_msg_sm_delete_bonding_rsp_t
{
uint16 result
}
sm_delete_bondings#
This command can be used to delete all bonding information and whitelist from Persistent Store.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x00 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x07 | method | Message ID |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x07 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_delete_bondings_rsp_t *gecko_cmd_sm_delete_bondings();
/* Response id */
gecko_rsp_sm_delete_bondings_id
/* Response structure */
struct gecko_msg_sm_delete_bondings_rsp_t
{
uint16 result
}
sm_enter_passkey#
This command can be used to enter a passkey after receiving a passkey request event.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x05 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x08 | method | Message ID |
4 | uint8 | connection | Connection handle |
5-8 | int32 | passkey | Passkey. Valid range: 0-999999. Set -1 to cancel |
pairing. |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x08 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_enter_passkey_rsp_t *gecko_cmd_sm_enter_passkey(uint8 connection, int32 passkey);
/* Response id */
gecko_rsp_sm_enter_passkey_id
/* Response structure */
struct gecko_msg_sm_enter_passkey_rsp_t
{
uint16 result
}
sm_increase_security#
This command can be used to enhance the security of a connection to current security requirements. On an unencrypted connection, this will encrypt the connection and will also perform bonding if requested by both devices. On an encrypted connection, this will cause the connection re-encrypted.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x04 | method | Message ID |
4 | uint8 | connection | Connection handle |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x04 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_increase_security_rsp_t *gecko_cmd_sm_increase_security(uint8 connection);
/* Response id */
gecko_rsp_sm_increase_security_id
/* Response structure */
struct gecko_msg_sm_increase_security_rsp_t
{
uint16 result
}
Events generated#
Event | Description |
---|---|
le_connection_parameters | This event is triggered after increasing security |
has been completed successfully, and indicates the latest security mode of the | |
connection. | |
sm_bonded | This event is triggered if pairing or bonding was performed in |
this operation and the result is success. | |
sm_bonding_failed | This event is triggered if pairing or bonding was |
performed in this operation and the result is failure. |
sm_list_all_bondings#
This command can be used to list all bondings stored in the bonding database. Bondings are reported by using the sm_list_bonding_entry event for each bonding and the report is ended with sm_list_all_bondings_complete event. Recommended to be used only for debugging purposes, because reading from the Persistent Store is relatively slow.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x00 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0b | method | Message ID |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0b | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_list_all_bondings_rsp_t *gecko_cmd_sm_list_all_bondings();
/* Response id */
gecko_rsp_sm_list_all_bondings_id
/* Response structure */
struct gecko_msg_sm_list_all_bondings_rsp_t
{
uint16 result
}
Events generated#
Event | Description |
---|---|
sm_list_bonding_entry | |
sm_list_all_bondings_complete |
sm_passkey_confirm#
This command can be used for accepting or rejecting reported confirm value.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x09 | method | Message ID |
4 | uint8 | connection | Connection handle |
5 | uint8 | confirm | Accept confirm value. Values: |
0: Reject
1: Accept confirm value
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x09 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_passkey_confirm_rsp_t *gecko_cmd_sm_passkey_confirm(uint8 connection, uint8 confirm);
/* Response id */
gecko_rsp_sm_passkey_confirm_id
/* Response structure */
struct gecko_msg_sm_passkey_confirm_rsp_t
{
uint16 result
}
sm_set_bondable_mode#
This command can be used to set whether the device should accept new bondings. By default, the device does not accept new bondings.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x00 | method | Message ID |
4 | uint8 | bondable | Bondable mode. Values: |
0: New bondings not accepted
1: Bondings allowed
Default value: 0
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x00 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_set_bondable_mode_rsp_t *gecko_cmd_sm_set_bondable_mode(uint8 bondable);
/* Response id */
gecko_rsp_sm_set_bondable_mode_id
/* Response structure */
struct gecko_msg_sm_set_bondable_mode_rsp_t
{
uint16 result
}
sm_set_debug_mode#
This command can be used to set Security Manager in debug mode. In this mode the secure connections bonding uses debug keys, so that the encrypted packet can be opened by Bluetooth protocol analyzer. To disable the debug mode, you need to restart the device.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x00 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0f | method | Message ID |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0f | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_set_debug_mode_rsp_t *gecko_cmd_sm_set_debug_mode();
/* Response id */
gecko_rsp_sm_set_debug_mode_id
/* Response structure */
struct gecko_msg_sm_set_debug_mode_rsp_t
{
uint16 result
}
sm_set_oob_data#
This command can be used to set the OOB data (out-of-band encryption data) for legacy pairing for a device. The OOB data may be, for example, a PIN code exchanged over an alternate path like NFC. The device will not allow any other kind of bonding if OOB data is set. The OOB data cannot be set simultaneously with secure connections OOB data.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0a | method | Message ID |
4 | uint8array | oob_data | OOB data. To set OOB data, send a 16-byte |
array. To clear OOB data, send a zero-length array. |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x0a | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_set_oob_data_rsp_t *gecko_cmd_sm_set_oob_data(uint8 oob_data_len, const uint8 *oob_data_data);
/* Response id */
gecko_rsp_sm_set_oob_data_id
/* Response structure */
struct gecko_msg_sm_set_oob_data_rsp_t
{
uint16 result
}
sm_set_passkey#
This command can be used to enter a fixed passkey which will be used in the sm_passkey_display event.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x04 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x10 | method | Message ID |
4-7 | int32 | passkey | Passkey. Valid range: 0-999999. Set -1 to disable |
and start using random passkeys. |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x10 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_set_passkey_rsp_t *gecko_cmd_sm_set_passkey(int32 passkey);
/* Response id */
gecko_rsp_sm_set_passkey_id
/* Response structure */
struct gecko_msg_sm_set_passkey_rsp_t
{
uint16 result
}
sm_set_sc_remote_oob_data#
This command can be used to set OOB data and confirm values (out-of-band encryption) received from the remote device for secure connections pairing. OOB data must be enabled with sm_use_sc_oob before setting the remote device OOB data.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x12 | method | Message ID |
4 | uint8array | oob_data | Remote device OOB data and confirm values. To |
set OOB data, send a 32-byte array. First 16-bytes is the OOB data and last | |||
16-bytes the confirm value. To clear OOB data, send a zero-length array. |
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x12 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_set_sc_remote_oob_data_rsp_t *gecko_cmd_sm_set_sc_remote_oob_data(uint8 oob_data_len, const uint8 *oob_data_data);
/* Response id */
gecko_rsp_sm_set_sc_remote_oob_data_id
/* Response structure */
struct gecko_msg_sm_set_sc_remote_oob_data_rsp_t
{
uint16 result
}
sm_store_bonding_configuration#
This command can be used to set maximum allowed bonding count and bonding policy. The actual maximum number of bondings that can be supported depends on how much user data is stored in the NVM and the NVM size. The default value is 14.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x02 | method | Message ID |
4 | uint8 | max_bonding_count | Maximum allowed bonding count. Range: 1 to |
32 | |||
5 | uint8 | policy_flags | Bonding policy. Values: |
0: If database is full, new bonding attempts will fail
1: New bonding will overwrite the oldest existing bonding
2: New bonding will overwrite longest time ago used existing bonding
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x02 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
API#
/* Function */
struct gecko_msg_sm_store_bonding_configuration_rsp_t *gecko_cmd_sm_store_bonding_configuration(uint8 max_bonding_count, uint8 policy_flags);
/* Response id */
gecko_rsp_sm_store_bonding_configuration_id
/* Response structure */
struct gecko_msg_sm_store_bonding_configuration_rsp_t
{
uint16 result
}
sm_use_sc_oob#
This command can be used to enable the use of OOB data (out-of-band encryption data) for a device for secure connections pairing. The enabling will genarate new OOB data and confirm values which can be sent to the remote device. After enabling the secure connections OOB data, the remote devices OOB data can be set with sm_set_sc_remote_oob_data. Calling this function will erase any set remote device OOB data and confirm values. The device will not allow any other kind of bonding if OOB data is set. The secure connections OOB data cannot be enabled simultaneously with legacy pairing OOB data.
Command#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Command |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x11 | method | Message ID |
4 | uint8 | enable | Enable OOB with secure connections pairing. Values: |
0: disable
1: enable
Response#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0x20 | hilen | Message type: Response |
1 | 0x03 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x11 | method | Message ID |
4-5 | uint16 | result | Result code |
0: success
Non-zero: an error occurred
For other values refer to the Error codes
6 | uint8array | oob_data | OOB data. 32-byte array. First 16-bytes contain
randomly generated OOB data and last 16-bytes confirm value.
API#
/* Function */
struct gecko_msg_sm_use_sc_oob_rsp_t *gecko_cmd_sm_use_sc_oob(uint8 enable);
/* Response id */
gecko_rsp_sm_use_sc_oob_id
/* Response structure */
struct gecko_msg_sm_use_sc_oob_rsp_t
{
uint16 result,
uint8array oob_data
}
sm events#
sm_passkey_display#
This event indicates a request to display the passkey to the user.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x05 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x00 | method | Message ID |
4 | uint8 | connection | Connection handle |
5-8 | uint32 | passkey | Passkey. Range: 0 to 999999. |
NOTE! When displaying the passkey to the user, prefix the number with zeros in order to obtain a 6 digit number
Example: Passkey value is 42
Number to display to user is 000042
API#
/* event id*/
gecko_evt_sm_passkey_display_id
/* event structure*/
struct gecko_msg_sm_passkey_display_evt_t
{
uint8 connection,
uint32 passkey
}
sm_passkey_request#
This event indicates a request for the user to enter the passkey displayed on the remote device. Use the command sm_enter_passkey to input the passkey value.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x01 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x01 | method | Message ID |
4 | uint8 | connection | Connection handle |
API#
/* event id*/
gecko_evt_sm_passkey_request_id
/* event structure*/
struct gecko_msg_sm_passkey_request_evt_t
{
uint8 connection
}
sm_confirm_passkey#
This event indicates a request to display the passkey to the user and for the user to confirm the displayed passkey. Use the command sm_passkey_confirm to accept or reject the displayed passkey.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x05 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x02 | method | Message ID |
4 | uint8 | connection | Connection handle |
5-8 | uint32 | passkey | Passkey. Range: 0 to 999999. |
NOTE! When displaying the passkey to the user, prefix the number with zeros in order to obtain a 6 digit number
Example: Passkey value is 42
Number to display to user is 000042
API#
/* event id*/
gecko_evt_sm_confirm_passkey_id
/* event structure*/
struct gecko_msg_sm_confirm_passkey_evt_t
{
uint8 connection,
uint32 passkey
}
sm_bonded#
This event is triggered after the pairing or bonding procedure has been successfully completed.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x03 | method | Message ID |
4 | uint8 | connection | Connection handle |
5 | uint8 | bonding | Bonding handle. Values: |
0xff: Pairing completed without bonding - the pairing key will be discarded after disconnection.
Other: Procedure completed, pairing key stored with given bonding handle
API#
/* event id*/
gecko_evt_sm_bonded_id
/* event structure*/
struct gecko_msg_sm_bonded_evt_t
{
uint8 connection,
uint8 bonding
}
sm_bonding_failed#
This event is triggered if the pairing or bonding procedure has failed.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x03 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x04 | method | Message ID |
4 | uint8 | connection | Connection handle |
5-6 | uint16 | reason | Describes error that occurred |
API#
/* event id*/
gecko_evt_sm_bonding_failed_id
/* event structure*/
struct gecko_msg_sm_bonding_failed_evt_t
{
uint8 connection,
uint16 reason
}
sm_list_bonding_entry#
This event is triggered by the command sm_list_all_bondings if bondings exist in the local database.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x08 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x05 | method | Message ID |
4 | uint8 | bonding | Bonding handle |
5-10 | bd_addr | address | Bluetooth address of the remote device |
11 | uint8 | address_type | Address type |
API#
/* event id*/
gecko_evt_sm_list_bonding_entry_id
/* event structure*/
struct gecko_msg_sm_list_bonding_entry_evt_t
{
uint8 bonding,
bd_addr address,
uint8 address_type
}
sm_list_all_bondings_complete#
This event is triggered by the sm_list_all_bondings and follows sm_list_bonding_entry events.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x00 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x06 | method | Message ID |
API#
/* event id*/
gecko_evt_sm_list_all_bondings_complete_id
/* event structure*/
struct gecko_msg_sm_list_all_bondings_complete_evt_t
{
}
sm_confirm_bonding#
This event indicates a request to display that new bonding request has been received to the user and for the user to confirm the request. Use the command sm_bonding_confirm to accept or reject the bonding request.
Event#
Byte | Type | Name | Description |
---|---|---|---|
0 | 0xa0 | hilen | Message type: Event |
1 | 0x02 | lolen | Minimum payload length |
2 | 0x0f | class | Message class:Security Manager |
3 | 0x09 | method | Message ID |
4 | uint8 | connection | Connection handle |
5 | int8 | bonding_handle | Bonding handle for the request. Range: -1 to |
NOTE! When the bonding handle is anything else than -1 there is already existing bonding for this connection. Overwriting existing bonding is potential security risk.
API#
/* event id*/
gecko_evt_sm_confirm_bonding_id
/* event structure*/
struct gecko_msg_sm_confirm_bonding_evt_t
{
uint8 connection,
int8 bonding_handle
}
sm enumerations#
sm_bonding_key#
These values define the bonding information of the bonded device stored in persistent store.
Enumerations#
Value | Name | Description |
---|---|---|
1 | sm_bonding_key_ltk | LTK saved in master |
2 | sm_bonding_key_addr_public | Public Address |
4 | sm_bonding_key_addr_static | Static Address |
8 | sm_bonding_key_irk | Identity resolving key for resolvable private |
addresses | ||
16 | sm_bonding_key_edivrand | EDIV+RAND received from slave |
32 | sm_bonding_key_csrk | Connection signature resolving key |
64 | sm_bonding_key_masterid | EDIV+RAND sent to master |
sm_io_capability#
These values define the security management related I/O capabilities supported by the device
Enumerations#
Value | Name | Description |
---|---|---|
0 | sm_io_capability_displayonly | Display Only |
1 | sm_io_capability_displayyesno | Display with Yes/No-buttons |
2 | sm_io_capability_keyboardonly | Keyboard Only |
3 | sm_io_capability_noinputnooutput | No Input and No Output |
4 | sm_io_capability_keyboarddisplay | Display with Keyboard |