I'm trying to authenticate with an Ultralight C card on a Lumia device, a 640 in this case. I have the code and can successfully authenticate using the Emulator and an external Cardreader (Springcard Prox n Roll). The chipset (PN547) of the Lumia 640 (and other Lumia's) should be able to authenticate an Ultralight C card. When sending the authentication APBU I get a 6A 81 return (function not supported). Of course unauthenticated reading and writing works.
What can I do to get this working, will it work on other Lumia's ? Is is the PCSC layer which is refusing the authentication and not the chipset ?
Any thoughts ?
Related
I want to make a React-Native application to provide wifi-credentials to esp32 module via esp32 wifi access point.
I see there are some library of npm that we use to provisioning wifi config to esp32.
For ex.
react-native-esp32-idf
react-native-esp-idf-ble-provisioning-rn
But i'm confuse how to use them and may be these are provide credentials via BLE or Bluetooth but I want to provide SSID and PASS via wifi.
Means, I have a esp32 module and at begining i use it as a wifi-access-point then my application would be connected to esp32 by wifi automatiically then by communition through wifi-hotspot b/w app and device i provide cred. to device-esp32.
Thats it!
So how i make this application in react-native?
A simple approach would be like the following:
ESP32 is powered up
ESP32 opens a Wi-Fi access point
ESP32 starts an HTTP server acting as REST API
Any HTTP/REST client (including the react native app) can set the
Wi-Fi password and SSID using via the REST API
Once the Wi-Fi password and SSID are set, ESP32 restarts as a Wi-Fi
station and tries to connect to the configured Wi-Fi password and
SSID.
This way on your react native app you'll only need to use a simple HTTP/REST client
Is there a way in iOS or Android to set up a Bluetooth passkey passcode whenever another device wants to connect to my device via Bluetooth?
My application involves a BLE client connecting to a BLE server and the two devices will transmit data between each other. However, the data transmitted will be very sensitive security-wise. So beyond the standard encryption my goal is to not initiate data transmission until both devices have authenticated each other (e.g., with a passkey).
It seems like a Bluetooth passkey is something set up by the device manufacturer and not something able to be configured by the user. If so and there is no passkey pairing, would an acceptable alternative be to require a passkey to be exchanged (after the devices are paired) before the devices can transmit any sensitive data?
On a Android phone, assuming the phone is GATT server (which provides data for a client device to read), you can safeguard that data held in a characteristic by setting its read permission to PERMISSION_READ_ENCRYPTED_MITM .
For example, when you create a characteristic to be registered with the Bluetooth stack in Android, you do
BluetoothGattCharacteristic characteristic = new BluetoothGattCharacteristic(YOUR_UUID, BluetoothGattCharacteristic.PROPERTY_READ, BluetoothGattCharacteristic.PERMISSION_READ_ENCRYPTED_MITM)
In this way, anyone who wants to read the characteristic needs to create a secure bonding with your phone first, either by entering a passcode or compare two numerical values. The exact way for pairing is up to the Bluetooth stacks of both devices to negotiate (based on available IO on the client).
On the other hand, if the data you want to access is stored in a third remote device, and you don't need authentication (bonding/pairing) to read from it, and you cant access the firmware. Then you can not enforce secure transmission unilaterally from your phone.
I am trying to use USB RFID reader in our website.
by using navigator.usb.getDevices() i am selecting my device.
open() and selectConfiguration(1)
is working. but device.claimInterface(0); is giving me following error.
An attempt to claim a USB device interface has been blocked because it implements a protected interface class.
Chrome prevents certain interfaces from being accessed for security reasons. These interfaces are the following:
audio
HID
mass storage
smart card
video
audio/video
wireless controller
These are detailed in the following Chrome web test: https://cs.chromium.org/chromium/src/third_party/blink/web_tests/usb/protected-interface-classes.html?q=usb+protected+interface&sq=package:chromium&dr=C&l=9
There is a proposal for WebHID in progress, however: https://discourse.wicg.io/t/human-interface-device-hid-api/3070
I'm using BlueZ 5.49 and trying to connect, pair, and pass information between two different bluetooth devices.
It's seems like i have problem with enforcing security and authentication between the two.
I'm configuring each hci device with:
hciconfig hci0 pscan auth encrypt which as i read, is setting the device to security mode 3.
In addition i'm creating manualy this path in both sides: /var/lib/bluetooth/<local_bdaddr>/<remote_bdaddr>/info with LinkKey.
I've noticed that if i'm creating the path for only one device, and then trying to connect using rfcomm connect from the device without the infofile, the connection succeed, even though the device is lacking the info file which containts the LinkKey.
If i'm trying rfcomm connect from the device with the info file i'm getting Key Exchange Error, which is acceptable since the other device doesn't have the key.
My base line is that it seems that security and authentication are not enforced.
Many Thanks,
Liad
Apparently hci device is by default set to work in Secure Simple Pairing also known
as sspmode. Simple Pairing originaly generated to support devices that can't insert pin code during pairing process (such as headset).
Hence when a device is in sspmode enabled, it use a default pin key - say 0000, and then based on the pin, generating LinkKey to encrypt and authenticate, and thus not truely enforcing authentication as i mentioned before.
The line hciconfig hci0 sspmode disable is disabling the Secure Simple Pairing mode, and finally enforce authentication using the static LinkKey you supply
in the info file which located in /var/lib/bluetooth/<your_mac>/<remote_mac>/info.
I'm making wearable device like a Fitbit.
I want to know if I can use Echo to connect our device via bluetooth as router.
Then, it should be allowed to send some data to our web server from Echo.
(For now, it's connected with smartphone)
Is this possible for third party company?
Or it will be possible in a future?
Thanks.
The closest you can accomplish that is using alexa to call a lamba function that talks to your device:
1) Alexa -> Lambda -> IoT (MQTT) -> your device via wifi
2) Alexa -> Lambad -> IoT (MQTT) -> gateway -> your device via BT
"gateway" would be something like a Raspberry Pi.