I am using a Linux computer with bluez version 4.101. I am communicating with a BLE device in slave mode. I am trying to read data from the BLE device. But when I do that the read fails with the following error: "Attribute requires authentication before read/write". I can read data from many other characteristics but I fail on this one. The commands I am using are
-gatttool -b 11:22:33:44:55:66 --char-read
What do I need to do to read this data?
Note: I can read this data from my iPhone. But I need to pair, so maybe it is a pairing issue.
Try using --sec-level=medium or --sec-level=high with gatttool. I'm not sure how those work, but essentially you don't have the right level of security to read that attribute. Pairing ups your security level, and that's why it works on your iPhone.
You may also want to try -I for an interactive prompt with gatttool.
Related
I'm trying to pair from a Linux host (ARM based, Angstrom distribution) to a MCU driven embedded device using BLE Just Works Secure Connection. As a device I'm currently using an ESP32 dev kit flashed with the GATT security example. However, so far my tries weren't successful and I failed to find the according documentation, either.
I managed to pair my Android smartphone with the device, so pairing on the device side, in general, seems to work. I also tried to conduct the pairing without a Secure Connection (setting Authorization Request to SP_LE_AUTH_BOND) which worked with bluetoothctl or btmgmt.
I'm grateful for any documentation pointer how to perform pairing from the command line, Python scripting or any C/C++ code.
Have a look at the answer below and the included references; these cover pairing using BlueZ/Linux:-
Raspberry Pi BLE Encryption/Pairing
If this still doesn't work, please launch "btmon" on another terminal before starting the pairing process as that will give you an indication as to what is going wrong.
I hope this helps.
We've got a use case in which a BLE connection is used to do the basic configuration of an embedded device via an Android app (later also via an iPhone app). The embedded device runs Linux and thus uses BlueZ as Bluetooth stack.
Using the DBus-API of BlueZ, bonding is made possible by making the device pairable, discoverable, and activating advertising. After bonding the apps can access the GATT services and characteristics
(which require bonding to be read/written) on the embedded device.
After the setup is done the bonding of the device (running the app) that managed the setup process, is supposed to be removed. In order to do that we call RemoveDevice() of org.bluez.Adapter1.
The BlueZ documentation states the following
void RemoveDevice(object device)
This removes the remote device object at the given
path. It will remove also the pairing information.
Still the app is able to access the GATT characteristics afterwards.
If bluetoothctl is used to check the list of paired devices, the list is not containing that device anymore though. Before calling RemoveDevice() the bonded device was visible there.
If bluetootd is stopped and restarted the app is no longer able to read/write the GATT characteristics, but needs to re-bonded before doing so.
I can neither find any further information in the BlueZ documentation nor can I find anything about this topic searching anywhere else.
Is this intended behavior or is this a bug? Does "remove pairing information" also mean "remove bonding information"? If this is intended behavior, how do we properly terminate bonding with a device?
Should I use the BlueZ Management API instead of the BlueZ API? I'm not sure about this as multiple source state that the DBus-API is the way to go.
RemoveDevice() indeed removes the bonding information as well. So you have to disconnect first and then call RemoveDevice(). The next time you connect the bonding information will be gone.
However, note that if you only make use of encrypted characteristics, you can still connect and discover services. Only once you start reading/writing the encrypted characteristics will Bluez check if you are bonded.
I implemented the org.bluez.Agent1 interface using QDbus and I would like to set a fixed pin (that I will provide to the users) in order to authenticate all the pairing request and reject them if the pin is wrong. The agent capabilities should be "NoInputNoOutput" because the project will be deployed on the RaspberryPi 3 without keyboard or display. Is there a way to deal with this? Thank you
You should not initialize the capability as "NoInputOutput" for fixed key pairing. NoInputOutput means there is not display and there is no keyboard/UI possible for this device. Mentioning this capability for your Agent when registering with BlueZ means, instructing BlueZ (bluetoothd) not to call any Agent API for authentication.
This is typically useful to autopair without any manual intervention. You can see this sample code, which uses NoInputOutput capability to connect the device without any intervention.
What you need is "DisplayOnly" capability to instruct BlueZ to call "DisplayPinCode" or "DisplayPasskey" based on SSP support of your device.
You can implement DisplayPinCode/DisplayPasskey in your Agent to reply constant PIN always. So the Bluetooth device which tries to connect can use the same constant PIN for pairing.
Here Display Pin /Passkey is just the naming convention or hint to Agent developers to write wizard/UI or any form of display operations. But you can completely ignore the displaying operation and reply with static/constant 6 digit key for pairing.
Typically this Agent API is called by Bluez (in rasperry pi) when the device (iPhone/Android mobile/any bluetooth capable device) trying pair calls "RequestPasskey" or "RequestPinCode" from the device end.
We had the same issue in a project, and i moved on LE device do to the fact that apple device are only capable to connect to LE device for "safety" reasons.
I don't have that much ref to that but if this could help you in your researches.
I am working on a project with the beagle bone black wireless, where I need to be able to send music control commands to a phone. Note, I don't want to stream music to my beaglebone. I have spent about a week looking online, and found very little about this.
The OS for the beaglebone is Debian Jessie. I can get things like hci0tool, Bluetoothctl, hciconfig to work. I can detect and pair to a device. It seems though that my connection only lasts for the pairing process, and fails every time afterwards.
My current process is executing:
sudo su
bluetoothctl
power on
agent on
default-agent
scan on
I get the mac address
scan off
pair <MAC Address>
trust <MAC Address>
connect <MAC Address>
As of now pairing and trust succeed, though the connection ends after pairing finishes. And I have no idea of where to start for sending a command to a phone.
Connect call on Device1 interface will tries to connect all the profiles supported between the device and adapter. This happens by negotiating or exchanging the supported profiles.
Connection may not be possible when Adapter doesn't support the minimal requirement of profiles which is needed by the Device. In this case, you may need A2DP provider in adapter end to get connection successful. Yes, this is contradictory to this statement.
If you don't want to connect with all the profiles between Device and Adapter, then you can use ConnectProfile method in Device1 interface.
But bluetoothctl doesn't provide commands to achieve neither ConnectProfile nor you AVRCP commands.
You need to use D-Bus calls to get the communication with Bluetoothd. If your application is command line/shell based, you can use dbus-send/gdbus commands to address the D-Bus interface.
Although bluez-tools implements media control AVRCP commands, it doesn't provide any utility which uses it. Either you can compile bluez-tools as library and develop application using the media control API or use dbus-send/gdbus.
I have started with some samples using GDBUS, but not yet for AVRCP controls. See here : https://gist.github.com/parthitce
and Documentation here: https://www.linumiz.com/category/blog/
Hi This command in terminal
obexftp –nopath –noconn –uuid none –bluetooth <BTAddr> –channel <OPUSHChannelNo> –put <FileToPut>
Should allow a file to be sent to remote bluetooth device without the requirement of a pin on a remote device.
When i populate this with my data
obexftp –nopath –noconn –uuid none –bluetooth 64:89:9A:DE:49:FA –channel 12 –put DUN.jpg
I get the following error
Try `obexftp --help' for more information.
Nothing to do. Use --help for help.
I can get it to work with this terminal command
obexftp --nopath -noconn --uuid none --bluetooth 64:89:9A:DE:49:FA --channel 12 -put DUN.jpg
But the problem is the remote device asks the user to pair before allowing the file to be received. I need the solution to skip the pair request.
Or if anyone can suggest an alternative terminal solution where i can send a file from a raspberry pi to mobile device without the requirement to pair would be great.
Any suggestions would be gratefully appreciated. Thank you.
Even i am facing these issue. No matter how u use the obexftp with bluez, you need to use the pin to pair the device which was not acceptable by me.
Though there is one way around, use gnome-bluetooth package, you will be able to send the file using bluetooth-sento command with some parameters which i guess you will get it.
I have recently been attempting something similar using an embedded device and an Android phone. I believe what you are seeking is not possible as it would be a security risk for the Android device is you could just simply push a file to the Android device without first asking for permission/pairing. Unless you make modifications to the Android device and underlying code, I do not think you will be able to achieve your desired goal.