From: Marcel Holtmann <marcel@holtmann.org>
To: Jacek Konieczny <jajcus@jajcus.net>
Cc: linux-bluetooth@vger.kernel.org
Subject: Re: Is there a way to force legacy LE pairing for a device
Date: Tue, 2 Nov 2021 09:43:42 +0100 [thread overview]
Message-ID: <0CC57655-ABBE-49A9-88F2-92AE313B7968@holtmann.org> (raw)
In-Reply-To: <585f70ee-e8f0-dfbc-6d61-f5082a1c18aa@jajcus.net>
Hi Jacek,
> I have a problem connecting to a BT device from a Linux desktop –
> pairing fails, while an Android phone pairs properly.
>
> The obvious difference in the btsnoop logs is in the pairing request.
>
> Android:
> < ACL Data TX: Handle 65 flags 0x00 dlen 11
>
>
> #995 150.491086
> SMP: Pairing Request (0x01) len 6
> IO capability: KeyboardDisplay (0x04)
> OOB data: Authentication data not present (0x00)
> Authentication requirement: Bonding, MITM, Legacy, No Keypresses
> (0x05)
> Max encryption key size: 16
> Initiator key distribution: EncKey IdKey Sign (0x07)
> Responder key distribution: EncKey IdKey Sign (0x07)
> [...]
>> ACL Data RX: Handle 65 flags 0x02 dlen 11
>
>
> #1006 150.571137
> SMP: Pairing Response (0x02) len 6
> IO capability: NoInputNoOutput (0x03)
> OOB data: Authentication data not present (0x00)
> Authentication requirement: Bonding, No MITM, Legacy, No
> Keypresses (0x01)
> Max encryption key size: 16
> Initiator key distribution: EncKey (0x01)
> Responder key distribution: EncKey (0x01)
>
>
> And on Linux:
> < ACL Data TX: Handle 16 flags 0x00 dlen 11 #53 [hci0]
> 132.273100
> SMP: Pairing Request (0x01) len 6
> IO capability: NoInputNoOutput (0x03)
> OOB data: Authentication data not present (0x00)
> Authentication requirement: Bonding, No MITM, SC, No Keypresses,
> CT2 (0x29)
> Max encryption key size: 16
> Initiator key distribution: EncKey Sign LinkKey (0x0d)
> Responder key distribution: EncKey IdKey Sign LinkKey (0x0f)
> [...]
>> ACL Data RX: Handle 16 flags 0x02 dlen 6 #57 [hci0]
> 132.362160
> SMP: Pairing Failed (0x05) len 1
> Reason: Invalid parameters (0x0a)
>
>
>
> So it looks like 'Bonding, MITM, Legacy, No Keypresses' used by Android
> works and 'Bonding, No MITM, SC, No Keypresses, CT2' used by the desktop
> Linux (bluez 5.62, kernel '5.6.2-050602-lowlatency' from Ubuntu) does
> not (note: I am still quite ignorant about Bluetooth stuff).
>
> So my question is: is there any way to force using legacy pairing? Even
> if that requires bluez or kernel patching (though, I would rather avoid
> that).
>
you can use btmgmt tool from bluez.git to force Secure Connections off. I am not sure if that sticks when starting bluetoothd, but then you need to hack it out there.
I am really not sure how your device can be a qualified Bluetooth device and fail here. The handling of the flags has actually proper test cases to ensure that this does’t happen. And I remember that even Android switched to Secure Connections support at some point.
Regards
Marcel
next prev parent reply other threads:[~2021-11-02 8:43 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-11-01 17:25 Is there a way to force legacy LE pairing for a device Jacek Konieczny
2021-11-01 20:21 ` Luiz Augusto von Dentz
2021-11-02 7:54 ` Jacek Konieczny
2021-11-02 8:43 ` Marcel Holtmann [this message]
2021-11-02 16:20 ` Jacek Konieczny
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=0CC57655-ABBE-49A9-88F2-92AE313B7968@holtmann.org \
--to=marcel@holtmann.org \
--cc=jajcus@jajcus.net \
--cc=linux-bluetooth@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.