A test project to reproduce the issue related to BLE client authentication when switching from version ESP-IDF 5.1.3 to version ESP-IDF 5.1.4. The problem is that the BLE bond (procedure or data format) on 5.1.3 is different from 5.1.4 and when upgrading to a new version, the authorization flag is reset, but the others do not change.
For example:
- You have your own IoT project that uses the BLE feature. You are using the ESP-IDF 5.1.3 for developing new releases;
- At every new release, the customers can connect to your products without entering a password because they are bonded;
- You are using the next flags to protect data when creating characteristics: NIMBLE_PROPERTY::READ_AUTHEN, WRITE_AUTHEN, READ_ENC, WRITE_ENC;
- Then you start using the ESP-IDF 5.1.4 and release a new version of your product;
- Customers report that after a firmware update they have to re-enter the password to connect via BLE and this behaviour was not present in previous versions (or it can be another situation depending on BLE client: forever re-connect loop)
- ESP32 development board (rev 0)
- nRF Connect application
- installed ESP-IDF 5.1.3 and ESP-IDF 5.1.4
Server example of ESP-NIMBLE-CPP (https://github.com/h2zero/esp-nimble-cpp)
- Clear bond with your ESP32 device
- Build and flash the project with ESP-IDF 5.1.3
- Bond with your ESP32 device (you can use nRF Connect application)
- Reconnect
Now you must see:
--- onAuthenticationComplete ---
Authenticated: Yes
Encrypted: Yes
Bonded: Yes
- Build and flash the project with ESP-IDF 5.1.4
- Connect to ESP32
Now you must see:
--- onAuthenticationComplete ---
Authenticated: No
Encrypted: Yes
Bonded: Yes
The "Authenticated" flag after an firmware update is "Yes"
The "Authenticated" flag after an firmware update is "No"
Password: 123456