I'm developing a bluetooth application based on the bluetooth linux stack, blueZ 5.52. I'm using the Dbus interface. The module is running with BLE 4.2.
My device has the role of peripheral and centrals will be smartphones (Android and IOS). I succeeded to implement security through pincode.
My issue is that pincode is generated at each connection and I can't find a way to use static pincode.
I saw in the bluetooth specification 4.0 that we can set the PIN has fixed (7.3.6 Write PIN Type Command) but there is no way to give the pincode that we want to use ...
How can I use a fix pincode for my application ? Is it possible ?
Thank you for your help,
Since you mention you run BLE and not Bluetooth Classic, the "Write PIN type command" is not relevant (it's used for Bluetooth Classic).
With the security protocols in BLE, it's no longer possible to use a fixed passkey. A new random passkey must be generated at every attempt. The security protocol is designed in a way that the security property is destroyed if the passkey is reused. In particular, it requires on average 10 attempts to crack the passkey since you learn at least one extra bit of the key on every attempt.
See my answer at https://devzone.nordicsemi.com/f/nordic-q-a/35856/questions-about-lesc-mitm-and-passkey for more details.