Bluetooth device maintains connection even after passkey (PIN) change - bluetooth

I am using a SPP Bluetooth module to send data between my Android phone app and the module. I stumbled upon an interesting thing today.
I pair to my module by entering a passkey
I can normally send data back and forth between my app and the module
From within my app I disconnect from the module and close my app.
On the module I change its passkey to a new value.
I reopen my app and can still exchange data. I do not need to go through pairing again. All security information exchanged by my phone and module when I first paired them (using the old passkey) seem to still be valid even after changing the PIN on the module.
I then close my app and unpair the device from Bluetooth settings.
After that I pair the two devices to make sure Passkey change was in fact accepted and surely enough it was. I can now only pair with the new PIN.
My surprise is that in point 5 above everything still worked even without updating the PIN also on my mobile phone. I plan on getting around this by calling removeBond() using reflection after I send the module a command to change PIN since this is enough for my particular use case. But if the PIN change could be triggered by something else then my phone this would not work.
My question is if this is normal. Bluetooth specs are quite long so I was hoping someone else knows this. I would imagine that after changing the passkey for a Bluetooth device all devices already paired with it will have to go through the pairing process again, this time with the new passkey. But steps above indicate this is not the case. Is this a bug on my Bluetooth module (Bluegiga WT12) or is this expected behaviour? Has Anyone encountered this before?
Thank you.
Cheers!

So, Bluetooth specs are more friendly than I thought. I found my answer in this paragraph:
The Bluetooth PIN is used to authenticate two Bluetooth devices (that have not
previously exchanged link keys) to each other and create a trusted relationship
between them. The PIN is used in the pairing procedure (see Section 11.2 on
page 241) to generate the initial link key that is used for further authentication.
So passkey is not like a password in a router. It is just a sequence which both devices need to know when connecting so that one authenticates the other. Once they are sure they can trust each other they exchange link keys and those are used for future communication. Passkeys/PINs are then irrelevant.
I hope I understand this right.
Terribly sorry for posting too soon.
Cheers!

Related

BLE Peripheral not displaying correctly

I am currently having some issues with connecting to my peripheral. The bluetooth module in our peripheral does not seem to be advertising a name initially. I've have found that once I connect to the peripheral for the first time it will update the name and my scanner is then able to see the correct name.
I have no understanding why this is the case. I have also tried it using the Swift app we are developing, as well as a range of Bluetooth scanners on iOS and Android so I do not believe that this is an OS or programming error on the scanner side.
Is there a specific parameter that should be set on the peripheral. As I am just the app developer I do not have very much understanding about how the module is handing the process.
Any help would be much appreciated.
Just to confirm the scanner does not see a name for the peripheral until it has connected once. After this it will start displaying the name. Once the peripherals name is changed the old name is still being displayed until I have connected to it once again.
To display the name of device you need to see in advertisementData Dictionary which contains several keys depending on your device, in callback of didDiscoverPeripheral from CentralManager.
- (void)centralManager:(CBCentralManager *)central didDiscoverPeripheral:(CBPeripheral *)peripheral advertisementData:(NSDictionary<NSString *, id> *)advertisementData RSSI:(NSNumber *)RSSI
You can look for key CBAdvertisementDataLocalNameKey.
If you do not see the name, you can make changes in your firmware to include a name in GATT characteristic .
You can use LightBlue app to verify once. This is a good app on app-store to test your BLE device.

Bluetooth Low Energy paired vs unpaired communication

As I understand it, Bluetooth Low Energy communication can be established with or without pairing. This is in the context of mobile development, Android more specifically but I believe iOS is more or less the same.
Are there instances where one would choose one over the other? And what would be the purpose? What is technically considered paired communication and what is considered unpaired communication?
I've dabbled around for a bit on the differences and have even made a few demo only apps related to BLE but I haven't found a clear explanation if what I am doing is actually considered paired or not.
Edit:
The reason I ask the question is that I believe I am looking to encrypt unpaired BLE connections. In some cases, and essentially my main use case, a mobile device may want to connect to several different peripherals randomly at different times throughout the day and the process of physically accepting a pair request seems unnecessary and quite time consuming. By 'randomly' I mean I am walking by one if I have a dozen scattered around my apartment and I personally don't know exactly which one without physically checking. I don't what to walk in the room the first time and have to manually pair each device, that would be insane if I had 100 devices. Note that these devices don't necessarily have to be connected at the same time, but could. Also note that I understand this isn't generally the main use case of the typical peripheral to mobile use case.
Here are a few differences:
If you bond the devices, the link will become encrypted, so it becomes more secure. So "paired" communication basically means the link is encrypted plus the device "knows" what it talks to.
The remote device also learns your phone's IRK (identity resolving key), which can be used to identify the phone later on. By default, the phone rotates the Bluetooth Device Address every 15 minutes or so. Without knowing the IRK, the peripheral can't identify the phone.
A good thing if the devices are bonded, is that the GATT db of the remote device gets cached, which means upon next connection, you don't have to wait a long time for service discovery to complete.
On Android, connecting by Bluetooth Device Address without first scanning is broken since the API lacks the "address type" bit (public/random address). If Android "guesses" wrong, you will connect to the wrong device and therefore fail. However if devices are bonded, the address type is stored and looked up based upon Bluetooth Device Address, which makes it work as expected. So if you plan to automatically connect to your peripherals in the background upon boot for example, it's a good idea to bond the devices.
A small detail is that Client Characteristic Configuration Descriptor values should also be stored by the GATT server and restored once the bonded device reconnects so it doesn't have to rewrite the descriptor value.
Some Bluetooth profiles needs bonding, for example HID (at least on iOS and Android).

Feasibility of BlueTooth Reader and App Project

I'm working on a project to track delivery trucks leaving and returning to the office.
While I know RFID would work, we're also looking at BlueTooth with mobile apps. Ideally, once a driver installs the app, we register a unique ID for the device, and a BT reader identifies when phones/deliveries leave and enter range without any user interaction.
From the Android 6.0 release notes, it looks like the MAC address is hidden from apps and BT broadcasting. https://developer.android.com/about/versions/marshmallow/android-6.0-changes#behavior-hardware-id
User management of app installs and enabling BT aside, is this feasible?
Can someone point me in the right direction to confirm what identifiers are available?
When I understand you correctly you actually do not want to track where a phone is but want to know if a person/truck/phone passes a kind of checkpoint or gate?
For newer smart phones you cannot rely on the visible MAC. Bluetooth classic is usually not visible and the BLE MAC is randomized as long as the device is not paired and bonded.
Indeed as PaulW11 stated, the simple way would be to implement an app which does BLE advertising with short advertising interval. Inside this advertisment you can put some custom data. This will be visible to everyone. This ID can be some random number, a number assigned by you or whatever.
At the gate you would implement a BLE scanner grabbing all advertisments near to it.
This should be easy to implement.
I would also like to mention the drawbacks here: If someone passes the gate you may miss him. BLE with Android is always tricky and you might have the situation that the bluetooth subsystem on a phone may have stopped working or so.
One the other hand if someone comes accidently near to your gate, you will think he left or returned. Near can be something around 50 m or so with good conditions or only 10 in other cases.
And even worse: If someone stays 'nearly' in the range of the gate you will see im sporadically. This may confuse your come and go logic if he is visible every 3 minutes or so...

bluez5: is possible to create a BLE connection asking for PIN/password?

I have a BLE server running, but I would like to limit the connection of remotes devices by asking/requesting for a PIN, passkey, or similar.
Is that possible in Low Energy? I do not mean classic bluetooth.
I am not really sure if it is possible or how to enable set it. I was unable to find any internet thread on how to enable or play with it (using bluez5).
According to the thread
How to change BLE pin programmatically, I see that
There is no password-protecting mechanism in the BLE standard for "login to a device".
Is that correct?
I have digging into this a little bit and, as commented, I was not able to find anything for that. But, I was looking into the bluez(5.46) code, and in "tools/btmgmt.c", function "prompt_input", there are PIN and PASSKEY request cases.
Or well, there is an alternative method? Maybe something like OOB pairing exchanging the TK? https://eewiki.net/display/Wireless/A+Basic+Introduction+to+BLE+Security#ABasicIntroductiontoBLESecurity-PairingMethodsforLESecureConnections(4.2devicesonly)

Bluetooth data to HID for BLED112

We have bought BLED112 to interface our target via BT.
An android app interacting with target via BT & USB (HID).
We have used some Bluetooth communication to write a program and send data to dongle.
Now can somebody here having any experince in converting that BT data to a HID signal.
Have anybody tried that?
Is there any BGScript code which we need to write to achieve that?
Please let me know if the thought is completely wrong.
Referring to a comment above which states,
We are writing an Android App which can send data to BLED112 over BLE interface or GATT. My question is how can I convert that data (basically a command) to an HID (key event), correct me if my understanding is wrong?
If I understand the use-case correctly, I think, in the initial stages of the development, you will need to use the BLE-GUI utility that BlueGiga provides.
With that utility you can see the communication between the BLED112 Dongle and the BLE112 Module. BLED112 shall be simulating what the android app would do?
First, you will need to know the GATT structure stored in BLED112 to write to or read from the BLED112.
Secondly, the way BLE112 works is an event-based implementation. Going through the API reference document for BLE112 shall help you understand the events generation conditions and codes that are generated modified when a characteristic value is updated by the android application, or read by android application. You get events for connection, disconnection, read from, write to, notification enabled for, indication enabled for, etc.
On the BLE112 side, depending upon what service and what characteristics in that service is going to be used for data transfer between Client (Android App) and Server (BLE112), you need to write suitable implementation in event callback handlers.
There is a standard service called Human Interface Device which has a reserved UUID: 0x1812.
Once you configure your BLE112 as a HID over GATT device, your android app shall see a service with UUID: 0x1812. Parse the service descriptor and get the characteristics bundled up into the service. You can read from or write to that service depending upon access parameters set in gatt.xml
As an example, say, if it is a Keyboard, you can send the scancode for (make and break) of the key depending upon what key is pressed. How to get a scancode is out of the scope of this question anyway, and sadly I had worked on PS2 keyboards, so I don't really know how to get the scancode from a USB keyboard.
So, you have the scancode for the key pressed, and you know the characteristics to write that into. Write it, the application should enable the Notifications for that characteristics, so that it is notified whenever the key is pressed and value is written into the characteristics. To let application enable notifications or indications for the characteristics, study the developer guide that talks about how to write a gatt.xml for Bluegiga-based BLE devices. I'll give you a hint: in xml, in the characteristics configuration you have to write notify="true".
About parsing of the service and characteristics in Android, Unfortunately I am not an android developer, but an embedded developer, I know how the BLE112 module part is to be implemented, while I have no insight of how android parses the data. But, there are plenty of question and discussions about it online, which you might understand better than me since you have an android background.

Resources