Skip to content

Commit

Permalink
Wifi Prov: Disabled the default support for BLE Encrpytion on charact…
Browse files Browse the repository at this point in the history
…eristics read /write

By default, disabled the BLE Encrpyption requirement for provisioning characteristic.
With this flag enabled, when remote attempts to read and if the ACL link is not encrypted,
ESP device will return Insufficient Authentication. It is remote device responsibility to go
for link encryption which may result in pairing.

Some devices do not proceed for any pairing and just show failure pop-up. Also, user needs
to remove bonding on remote phone manually and then try again. This is causing bad user experience.

End user can enable it as per their use case.
  • Loading branch information
rahult-github committed Nov 25, 2022
1 parent 5f25bd8 commit 6091627
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 4 deletions.
2 changes: 0 additions & 2 deletions components/wifi_provisioning/Kconfig
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ menu "Wi-Fi Provisioning Manager"
bool
prompt "Enable BLE bonding"
depends on BT_ENABLED
default y
help
This option is applicable only when provisioning transport is BLE.

Expand All @@ -34,7 +33,6 @@ menu "Wi-Fi Provisioning Manager"
config WIFI_PROV_BLE_FORCE_ENCRYPTION
bool
prompt "Force Link Encryption during characteristic Read / Write"
default y
help
Used to enforce link encryption when attempting to read / write characteristic

Expand Down
4 changes: 2 additions & 2 deletions examples/provisioning/wifi_prov_mgr/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -339,13 +339,13 @@ $IDF_PATH/components/esptool_py/esptool/esptool.py erase_region 0x9000 0x6000

### Bluetooth Pairing Request during provisioning

ESP-IDF now enforces link encryption requirement while performing GATT write on characteristics of provisioning service. This results in a pairing pop-up dialog, if link is not encrypted. This feature is enabled by default. In order to disable this feature and fallback to earlier behaviour of no pairing pop up during provisioning, please set CONFIG_WIFI_PROV_BLE_FORCE_ENCRYPTION=n in the sdkconfig or unselect the configuration using "idf.py menuconfig" .
ESP-IDF now has functionality to enforce link encryption requirement while performing GATT write on characteristics of provisioning service. This will however result in a pairing pop-up dialog, if link is not encrypted. This feature is disabled by default. In order to enable this feature, please set `CONFIG_WIFI_PROV_BLE_FORCE_ENCRYPTION=y` in the sdkconfig or select the configuration using "idf.py menuconfig" .

```
Component Config --> Wi-Fi Provisioning Manager --> Force Link Encryption during Characteristic Read/Write
```
Recompiling the application with above changes should suffice to disable this functionality.
Recompiling the application with above changes should suffice to enable this functionality.


### Unsupported platform
Expand Down

0 comments on commit 6091627

Please sign in to comment.