diff --git a/doc/nrf/libraries/bluetooth/mesh/vnd/images/bt_mesh_le_pair_resp.svg b/doc/nrf/libraries/bluetooth/mesh/vnd/images/bt_mesh_le_pair_resp.svg
index f02269c03894..a299e819c691 100644
--- a/doc/nrf/libraries/bluetooth/mesh/vnd/images/bt_mesh_le_pair_resp.svg
+++ b/doc/nrf/libraries/bluetooth/mesh/vnd/images/bt_mesh_le_pair_resp.svg
@@ -1,210 +1,344 @@
-
-
-
-
+
+
+
+
diff --git a/doc/nrf/libraries/bluetooth/mesh/vnd/le_pair_resp.rst b/doc/nrf/libraries/bluetooth/mesh/vnd/le_pair_resp.rst
index 68978b09884c..b9bb72186159 100644
--- a/doc/nrf/libraries/bluetooth/mesh/vnd/le_pair_resp.rst
+++ b/doc/nrf/libraries/bluetooth/mesh/vnd/le_pair_resp.rst
@@ -7,21 +7,18 @@ LE Pairing Responder
:local:
:depth: 2
-The LE Pairing Responder model is a vendor model.
+The LE Pairing Responder model is a vendor model and you must enable the :kconfig:option:`CONFIG_BT_APP_PASSKEY` Kconfig option to use this model.
This model can be used to hand over a passkey that will authenticate a Bluetooth LE connection over a mesh network when it is not possible to use other pairing methods.
-Before the pairing is initiated, an initiator should send an LE Pairing message with Passkey Reset sub-opcode to set a new passkey for the next pairing request.
+Before the pairing is initiated, an initiator must send an LE Pairing message with the Passkey Reset sub-opcode.
+If the passkey has been set by the :c:func:`bt_mesh_le_pair_resp_passkey_set` function, the predefined passkey will be returned in the Passkey Status message.
+Otherwise, a new passkey will be generated by LE Pairing Responder model and returned in the Passkey Status message.
The passkey returned in the LE Pairing message with the Passkey Status sub-opcode should be used for the next pairing.
-The passkey is generated using the :c:func:`bt_rand` function and set to the host using the :c:func:`bt_passkey_set` function.
-The latter requires the :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` option to be enabled.
-
-.. note::
- The warning generated by the :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` option should be disregarded as long as the application always invalidates the previously used passkey by calling the :c:func:`bt_mesh_le_pair_resp_passkey_invalidate` function regardless of the pairing result (see below).
-
-This model requires an application to only enable the display capability for the LE pairing by setting the :c:member:`bt_conn_auth_cb.pairing_display` callback.
-After every pairing request, the application must invalidate the previously used passkey by calling the :c:func:`bt_mesh_le_pair_resp_passkey_invalidate` function.
-This function can be called from callbacks :c:member:`bt_conn_auth_info_cb.pairing_complete` and :c:member:`bt_conn_auth_info_cb.pairing_failed`.
+This model requires an application to only enable the display capability for the LE pairing by setting the :c:member:`bt_conn_auth_cb.passkey_display` callback.
+The application must also set the :c:member:`bt_conn_auth_cb.app_passkey` callback to use the passkey generated by LE Pairing Responder model.
+After every pairing request, the application must invalidate the previously used passkey by calling the :c:func:`bt_mesh_le_pair_resp_passkey_invalidate` function or calling :c:func:`bt_mesh_le_pair_resp_passkey_set` with the :c:macro:`BT_PASSKEY_RAND` value.
+Those functions can be called from callbacks :c:member:`bt_conn_auth_info_cb.pairing_complete` and :c:member:`bt_conn_auth_info_cb.pairing_failed`.
See the :file:`samples/bluetooth/mesh/common/smp_bt_auth.c` file for the reference.
.. figure:: images/bt_mesh_le_pair_resp.svg
diff --git a/doc/nrf/releases_and_maturity/migration/migration_guide_3.2.rst b/doc/nrf/releases_and_maturity/migration/migration_guide_3.2.rst
index 5854547eb465..59001075b5a0 100644
--- a/doc/nrf/releases_and_maturity/migration/migration_guide_3.2.rst
+++ b/doc/nrf/releases_and_maturity/migration/migration_guide_3.2.rst
@@ -89,6 +89,24 @@ Matter
To build your custom board with Wi-Fi support, set both the :kconfig:option:`CONFIG_CHIP_WIFI` and :kconfig:option:`CONFIG_WIFI_NRF70` Kconfig options to ``y``.
+ * :ref:`matter_lock_sample` sample:
+
+ * The :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` kconfig option has been deprecated, replace it with the :kconfig:option:`CONFIG_BT_APP_PASSKEY` kconfig option.
+ Now, if you want to use a fixed passkey for the Matter Lock NUS service, register the ``app_passkey`` callback in the ``bt_conn_auth_cb`` structure.
+
+ For example:
+
+ .. code-block:: c
+
+ static uint32_t AuthAppPasskey(struct bt_conn *conn)
+ {
+ return 123456;
+ }
+
+ static struct bt_conn_auth_cb sConnAuthCallbacks = {
+ .app_passkey = AuthAppPasskey,
+ };
+
Serial LTE modem
----------------
diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
index e80bfe27bba6..f8c68b7a5549 100644
--- a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
+++ b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
@@ -166,6 +166,10 @@ Bluetooth Mesh
* Deprecated the :kconfig:option:`CONFIG_BT_MESH_NLC_PERF_CONF` and :kconfig:option:`CONFIG_BT_MESH_NLC_PERF_DEFAULT` Kconfig options.
Existing configurations continue to work but you should migrate to individual profile options.
+* Update the LE Pairing Responder model:
+
+ * Deprecated the :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` option in favor of the new and supported :kconfig:option:`CONFIG_BT_APP_PASSKEY` option.
+
DECT NR+
--------
@@ -383,8 +387,11 @@ Bluetooth Mesh samples
* Support for external flash memory for the ``nrf52840dk/nrf52840`` and the ``nrf54l15dk/nrf54l15/cpuapp`` as the secondary partition for the DFU process.
* Support for external flash settings for the ``nrf52840dk/nrf52840`` board targets.
- * Updated the :makevar:`FILE_SUFFIX` make variable to use more descriptive suffixes for external flash configurations.
- The new suffixes are ``_dfu_ext_flash`` for external flash DFU storage and ``_ext_flash_settings`` for external flash settings storage.
+ * Updated:
+
+ * The :makevar:`FILE_SUFFIX` make variable to use more descriptive suffixes for external flash configurations.
+ The new suffixes are ``_dfu_ext_flash`` for external flash DFU storage and ``_ext_flash_settings`` for external flash settings storage.
+ * The sample to use the :kconfig:option:`CONFIG_BT_APP_PASSKEY` option instead of the deprecated :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` option.
* :ref:`ble_mesh_dfu_target` sample:
@@ -568,6 +575,7 @@ Matter samples
* Added a callback for the auto-relock feature.
This resolves the :ref:`known issue ` KRKNWK-20691.
+ * Updated the NUS service to use the :kconfig:option:`CONFIG_BT_APP_PASSKEY` Kconfig option instead of the deprecated :kconfig:option:`CONFIG_BT_FIXED_PASSKEY` Kconfig option.
Networking samples
------------------
diff --git a/include/bluetooth/mesh/vnd/le_pair_resp.h b/include/bluetooth/mesh/vnd/le_pair_resp.h
index 3486c4eeec4e..d58bbcb4c509 100644
--- a/include/bluetooth/mesh/vnd/le_pair_resp.h
+++ b/include/bluetooth/mesh/vnd/le_pair_resp.h
@@ -43,11 +43,24 @@ void bt_mesh_le_pair_resp_passkey_invalidate(void);
* By default, passkeys will be randomly generated on every new request. This function allows to use
* pre-defined passkey instead.
*
- * @params passkey Passkey to use for the pairing, or @ref BT_PASSKEY_INVALID to use randomly
+ * @params passkey Passkey to use for the pairing, or @ref BT_PASSKEY_RAND to use randomly
* generated passkey again.
*/
void bt_mesh_le_pair_resp_passkey_set(uint32_t passkey);
+/** @brief Get passkey to be used in the very next pairing.
+ *
+ * This function will return the passkey set by the @ref bt_mesh_le_pair_resp_passkey_set function
+ * or it will return a randomly generated passkey by the reset message.
+ *
+ * If the passkey has never been set or the Reset message has never been received,
+ * @ref BT_PASSKEY_RAND will be returned.
+ *
+ * @return Passkey to be used in the very next pairing;
+ * @ref BT_PASSKEY_RAND if passkey is not set.
+ */
+uint32_t bt_mesh_le_pair_resp_passkey_get(void);
+
/** @cond INTERNAL_HIDDEN */
extern const struct bt_mesh_model_op _bt_mesh_le_pair_resp_op[];
diff --git a/samples/bluetooth/mesh/common/smp_bt_auth.c b/samples/bluetooth/mesh/common/smp_bt_auth.c
index 9a60b9d1af29..7931051bc686 100644
--- a/samples/bluetooth/mesh/common/smp_bt_auth.c
+++ b/samples/bluetooth/mesh/common/smp_bt_auth.c
@@ -47,12 +47,18 @@ static void pairing_confirm(struct bt_conn *conn)
printk("Pairing confirmed: %s\n", addr);
}
+static uint32_t app_passkey(struct bt_conn *conn)
+{
+ return bt_mesh_le_pair_resp_passkey_get();
+}
+
static struct bt_conn_auth_cb auth_cb = {
/* Enable passkey_display callback to enable the display capability. */
.passkey_display = passkey_display,
/* These 2 callbacks are required for passkey_display callback. */
.cancel = cancel,
.pairing_confirm = pairing_confirm,
+ .app_passkey = app_passkey,
};
static void pairing_complete(struct bt_conn *conn, bool bonded)
diff --git a/samples/bluetooth/mesh/dfu/distributor/overlay-smp-bt-auth.conf b/samples/bluetooth/mesh/dfu/distributor/overlay-smp-bt-auth.conf
index 57599466ce0a..d1a0243088a8 100644
--- a/samples/bluetooth/mesh/dfu/distributor/overlay-smp-bt-auth.conf
+++ b/samples/bluetooth/mesh/dfu/distributor/overlay-smp-bt-auth.conf
@@ -1,6 +1,6 @@
CONFIG_MCUMGR_TRANSPORT_BT_PERM_RW_AUTHEN=y
CONFIG_BT_SMP=y
-CONFIG_BT_FIXED_PASSKEY=y
+CONFIG_BT_APP_PASSKEY=y
CONFIG_BT_MESH_LE_PAIR_RESP=y
CONFIG_BT_SMP_SC_ONLY=y
CONFIG_BT_SMP_ALLOW_UNAUTH_OVERWRITE=n
diff --git a/samples/matter/common/src/bt_nus/bt_nus_service.cpp b/samples/matter/common/src/bt_nus/bt_nus_service.cpp
index af067d107139..333731e0e679 100644
--- a/samples/matter/common/src/bt_nus/bt_nus_service.cpp
+++ b/samples/matter/common/src/bt_nus/bt_nus_service.cpp
@@ -31,6 +31,9 @@ BT_CONN_CB_DEFINE(conn_callbacks) = {
bt_conn_auth_cb Nrf::NUSService::sConnAuthCallbacks = {
.passkey_display = AuthPasskeyDisplay,
.cancel = AuthCancel,
+#if defined(CONFIG_BT_APP_PASSKEY)
+ .app_passkey = AuthAppPasskey,
+#endif /* defined(CONFIG_BT_APP_PASSKEY) */
};
bt_conn_auth_info_cb Nrf::NUSService::sConnAuthInfoCallbacks = {
.pairing_complete = PairingComplete,
@@ -40,7 +43,8 @@ bt_nus_cb Nrf::NUSService::sNusCallbacks = {
.received = RxCallback,
};
-namespace Nrf {
+namespace Nrf
+{
NUSService NUSService::sInstance;
@@ -234,6 +238,14 @@ void NUSService::AuthPasskeyDisplay(bt_conn *conn, unsigned int passkey)
LOG_INF("PROVIDE THE FOLLOWING CODE IN YOUR MOBILE APP: %d", passkey);
}
+#if defined(CONFIG_BT_APP_PASSKEY)
+uint32_t NUSService::AuthAppPasskey(bt_conn *conn)
+{
+ return CONFIG_CHIP_NUS_FIXED_PASSKEY;
+}
+#endif /* defined(CONFIG_BT_APP_PASSKEY) */
+
+
void NUSService::AuthCancel(bt_conn *conn)
{
LOG_INF("NUS BT Pairing cancelled: %s", LogAddress(conn));
diff --git a/samples/matter/common/src/bt_nus/bt_nus_service.h b/samples/matter/common/src/bt_nus/bt_nus_service.h
index f28a7415c9f7..063b066ce6d1 100644
--- a/samples/matter/common/src/bt_nus/bt_nus_service.h
+++ b/samples/matter/common/src/bt_nus/bt_nus_service.h
@@ -85,6 +85,9 @@ class NUSService {
static void PairingComplete(struct bt_conn *conn, bool bonded);
static void PairingFailed(struct bt_conn *conn, enum bt_security_err reason);
static char* LogAddress(struct bt_conn *conn);
+#if defined(CONFIG_BT_APP_PASSKEY)
+ static uint32_t AuthAppPasskey(struct bt_conn *conn);
+#endif /* defined(CONFIG_BT_APP_PASSKEY) */
static struct bt_conn_auth_cb sConnAuthCallbacks;
static struct bt_conn_auth_info_cb sConnAuthInfoCallbacks;
diff --git a/samples/matter/lock/sample.yaml b/samples/matter/lock/sample.yaml
index 38e6930d1d14..7698f288fac1 100644
--- a/samples/matter/lock/sample.yaml
+++ b/samples/matter/lock/sample.yaml
@@ -124,7 +124,7 @@ tests:
build_only: true
extra_args:
- CONFIG_CHIP_NUS=y
- - CONFIG_BT_FIXED_PASSKEY=y
+ - CONFIG_BT_APP_PASSKEY=y
- CONFIG_CHIP_NUS_FIXED_PASSKEY=112233
integration_platforms:
- nrf52840dk/nrf52840
diff --git a/subsys/bluetooth/mesh/vnd/Kconfig b/subsys/bluetooth/mesh/vnd/Kconfig
index 46b0706be65b..904513e51711 100644
--- a/subsys/bluetooth/mesh/vnd/Kconfig
+++ b/subsys/bluetooth/mesh/vnd/Kconfig
@@ -85,10 +85,10 @@ config BT_MESH_DM_SRV_REFLECTOR_RANGING_WINDOW_US
endif # BT_MESH_DM_SRV
config BT_MESH_LE_PAIR_RESP
- bool "LE Pairing Responder model"
+ bool "LE Pairing Responder model [EXPERIMENTAL]"
select BT_MESH_VENDOR_MODELS
select EXPERIMENTAL
- depends on BT_FIXED_PASSKEY
+ depends on BT_APP_PASSKEY
depends on BT_SMP_SC_ONLY
help
Enable the LE Pairing Responder model. The LE Pairing Responder model is used to generate
diff --git a/subsys/bluetooth/mesh/vnd/le_pair_resp.c b/subsys/bluetooth/mesh/vnd/le_pair_resp.c
index 4755dd97676d..af3d7f02abde 100644
--- a/subsys/bluetooth/mesh/vnd/le_pair_resp.c
+++ b/subsys/bluetooth/mesh/vnd/le_pair_resp.c
@@ -24,14 +24,13 @@ LOG_MODULE_REGISTER(bt_mesh_le_pair_resp);
#define STATUS_PASSKEY_SET 0x00
#define STATUS_PASSKEY_NOT_SET 0x01
-static uint32_t predefined_passkey = BT_PASSKEY_INVALID;
+static uint32_t predefined_passkey = BT_PASSKEY_RAND;
static int handle_reset(const struct bt_mesh_model *model, struct bt_mesh_msg_ctx *ctx,
struct net_buf_simple *buf)
{
uint32_t passkey;
uint8_t status = STATUS_PASSKEY_SET;
- int err;
if (buf->len != 0) {
return -EINVAL;
@@ -39,16 +38,15 @@ static int handle_reset(const struct bt_mesh_model *model, struct bt_mesh_msg_ct
BT_MESH_MODEL_BUF_DEFINE(rsp, BT_MESH_LE_PAIR_OP, 5);
- if (predefined_passkey != BT_PASSKEY_INVALID) {
+ if (predefined_passkey != BT_PASSKEY_RAND) {
passkey = predefined_passkey;
} else {
passkey = sys_rand32_get() % 1000000;
- }
-
- err = bt_passkey_set(passkey);
- if (err) {
- LOG_ERR("Unable to set passkey (err: %d)", err);
- status = STATUS_PASSKEY_NOT_SET;
+ /* Overwrite the predefined passkey with the randomly generated passkey.
+ * LE pair responder can use the randomly generated passkey for the next
+ * pairing request.
+ */
+ predefined_passkey = passkey;
}
bt_mesh_model_msg_init(&rsp, BT_MESH_LE_PAIR_OP);
@@ -112,10 +110,15 @@ const struct bt_mesh_model_cb _bt_mesh_le_pair_resp_cb = {
void bt_mesh_le_pair_resp_passkey_invalidate(void)
{
- (void)bt_passkey_set(BT_PASSKEY_INVALID);
+ predefined_passkey = BT_PASSKEY_RAND;
}
void bt_mesh_le_pair_resp_passkey_set(uint32_t passkey)
{
predefined_passkey = passkey;
}
+
+uint32_t bt_mesh_le_pair_resp_passkey_get(void)
+{
+ return predefined_passkey;
+}
diff --git a/west.yml b/west.yml
index c4d73b375a60..bcaa628f265d 100644
--- a/west.yml
+++ b/west.yml
@@ -65,7 +65,7 @@ manifest:
# https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/zephyr/guides/modules.html
- name: zephyr
repo-path: sdk-zephyr
- revision: 81edaae95618fa845f67957037fe22bc8b063a84
+ revision: pull/3466/head
import:
# In addition to the zephyr repository itself, NCS also
# imports the contents of zephyr/west.yml at the above
@@ -156,7 +156,7 @@ manifest:
- name: matter
repo-path: sdk-connectedhomeip
path: modules/lib/matter
- revision: e5f2a2ff99493d9862a3aa5e370681287cf53cf0
+ revision: pull/653/head
west-commands: scripts/west/west-commands.yml
submodules:
- name: nlio