All of lore.kernel.org
 help / color / mirror / Atom feed
From: Zeno Endemann <zeno.endemann@kdab.com>
To: linux-bluetooth@vger.kernel.org
Subject: DBus API clarification about security
Date: Mon, 3 Jun 2019 14:24:06 +0200	[thread overview]
Message-ID: <d7ca4d07-2937-11a3-0156-f18906f6fb1c@kdab.com> (raw)

Hello,

I was trying to implement a BTLE Peripheral with characteristics only
accessible to paired devices.

IIUC for read/write characteristics, one is supposed to set the
"encrypt-read/write" org.bluez.GattCharacteristic1 "Flags" property, and
for notify/indicate characteristics the CCCD needs to have the
"encrypt-write" flags set instead. Is this correct?

The CCCD for a characteristic is apparently automatically generated by
bluez, so how is one supposed to override that? I tried to add a CCCD
manually to the example-gatt-server, like this:

class ClientCharacteristicConfigurationDescriptor(Descriptor):
    CCCD_UUID = '2902'
    def __init__(self, bus, index, characteristic):
        self.value = [dbus.Byte(0), dbus.Byte(0)]
        Descriptor.__init__(self, bus, index, self.CCCD_UUID,
                ['read', 'encrypt-write'], characteristic)
    def ReadValue(self, options):
        return self.value
    def WriteValue(self, value, options):
        self.value = value

But that didn't seem to work.

On that note, I wasn't really able to find documentation about those
flags (e.g. the difference between "encrypt-read",
"encrypt-authenticated-read", and "secure-read"). I assume these map
directly to some bluetooth specifications, which I have to admit not
knowing much about. But I was hoping to find some application developer
guidelines or similar publicly available documents, and not having to
study some long complicated specification first.

Any hints would be much appreciated.

Thanks,

-- 
Zeno Endemann | zeno.endemann@kdab.com | Software Engineer
KDAB (Deutschland) GmbH, a KDAB Group company
Tel: +49-30-521325470
KDAB - The Qt Experts

                 reply	other threads:[~2019-06-03 12:31 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d7ca4d07-2937-11a3-0156-f18906f6fb1c@kdab.com \
    --to=zeno.endemann@kdab.com \
    --cc=linux-bluetooth@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.