Merge pull request #2404 from ssievert42/ble_disable_pairing

ble: allow disabling pairing with NRF.setSecurity
espruino · Aug 16, 2023 · 681f115 · 681f115
2 parents 1e8fedb + 0e3d5d2
commit 681f115
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 1 deletion.
diff --git a/ChangeLog b/ChangeLog
@@ -44,6 +44,7 @@
             nRF5x: Ensure we don't start advertising immediately after softdevice restart if NRF.sleep() was used
             Bangle.js2: Ensure `HRM-raw.raw` is set correctly after we moved to binary hrm algorithm
             nRF5x: Add `NRF.on("passkey", ...)` to allow passkey pairing with `NRF.setSecurity({mitm:1, display:1});`
+            nrf52: Allow disabling pairing with `NRF.setSecurity({pair:0})`
 
      2v18 : Fix drawString with setClipRect with 90/270-degree rotation (fix #2343)
             Pico/Wifi: Enabled JIT compiler

diff --git a/libs/bluetooth/jswrap_bluetooth.c b/libs/bluetooth/jswrap_bluetooth.c
@@ -3599,15 +3599,17 @@ NRF.setSecurity({
                   // - sent via the `BluetoothDevice.passkey` event
   keyboard : bool // default false, can this device enter a passkey
                   // - request sent via the `BluetoothDevice.passkeyRequest` event
+  pair : bool // default true, allow other devices to pair with this device
   bond : bool // default true, Perform bonding
+              // This stores info from pairing in flash and allows reconnecting without having to pair each time
   mitm : bool // default false, Man In The Middle protection
   lesc : bool // default false, LE Secure Connections
   passkey : // default "", or a 6 digit passkey to use (display must be true for this)
   oob : [0..15] // if specified, Out Of Band pairing is enabled and
                 // the 16 byte pairing code supplied here is used
   encryptUart : bool // default false (unless oob or passkey specified)
                      // This sets the BLE UART service such that it
-                     // is encrypted and can only be used from a bonded connection
+                     // is encrypted and can only be used from a paired connection
 });
 ```
 

diff --git a/targets/nrf5x/bluetooth.c b/targets/nrf5x/bluetooth.c
@@ -2140,6 +2140,16 @@ void jsble_update_security() {
     JsVar *v;
     if (jsvGetBoolAndUnLock(jsvObjectGetChildIfExists(options, "encryptUart")))
       encryptUart = true;
+    {
+      JsVar *pair;
+      pair = jsvObjectGetChildIfExists(options, "pair");
+      if (!jsvIsUndefined(pair) && !jsvGetBool(pair)) {
+        bleStatus |= BLE_IS_NOT_PAIRABLE;
+      } else {
+        bleStatus &= ~BLE_IS_NOT_PAIRABLE;
+      }
+      jsvUnLock(pair);
+    }
     // Check for passkey
     uint8_t passkey[BLE_GAP_PASSKEY_LEN+1];
     memset(passkey, 0, sizeof(passkey));