I need to connect to a remote BLE device using the security level Mode 1 Level 3. How do I do that using bluetoothctl, please?
I did:
- Connect to the device (success)
- Pair the device (success)
But, apparently, this did not set the security mode as I wished because when I try to write a given characteristic (this characteristic is writeable ;) I get the ATT error "Insufficient authentication (5)"
> ACL data: handle 70 flags 0x02 dlen 9
ATT: Error (0x01)
Error: Insufficient authentication (5)
Write req (0x12) on handle 0x0014
Step by step, this is what hcidump shows after connect:
< HCI Command: LE Set Scan Parameters (0x08|0x000b) plen 7
type 0x00 (passive)
interval 60.000ms window 30.000ms
own address: 0x00 (Public) policy: white list only
> HCI Event: Command Complete (0x0e) plen 4
LE Set Scan Parameters (0x08|0x000b) ncmd 1
status 0x00
< HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2
value 0x01 (scanning enabled)
filter duplicates 0x01 (enabled)
> HCI Event: Command Complete (0x0e) plen 4
LE Set Scan Enable (0x08|0x000c) ncmd 1
status 0x00
> HCI Event: LE Meta Event (0x3e) plen 43
LE Advertising Report
ADV_IND - Connectable undirected advertising (0)
bdaddr D2:A7:4C:76:F3:E0 (Random)
Flags: 0x06
Unknown type 0x06 with 16 bytes data
Unknown type 0xff with 8 bytes data
RSSI: -75
< HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2
value 0x00 (scanning disabled)
filter duplicates 0x00 (disabled)
> HCI Event: Command Complete (0x0e) plen 4
LE Set Scan Enable (0x08|0x000c) ncmd 1
status 0x00
< HCI Command: LE Create Connection (0x08|0x000d) plen 25
bdaddr D2:A7:4C:76:F3:E0 type 1
interval 96 window 96 initiator_filter 0
own_bdaddr_type 0 min_interval 6 max_interval 12
latency 0 supervision_to 400 min_ce 0 max_ce 0
> HCI Event: Command Status (0x0f) plen 4
LE Create Connection (0x08|0x000d) status 0x00 ncmd 1
> HCI Event: LE Meta Event (0x3e) plen 19
LE Connection Complete
status 0x00 handle 70, role master
bdaddr D2:A7:4C:76:F3:E0 (Random)
< HCI Command: LE Read Remote Used Features (0x08|0x0016) plen 2
> HCI Event: Command Status (0x0f) plen 4
LE Read Remote Used Features (0x08|0x0016) status 0x00 ncmd 1
> HCI Event: LE Meta Event (0x3e) plen 12
LE Read Remote Used Features Complete
status 0x00 handle 70
Features: 0x01 0x00 0x00 0x00 0x00 0x00 0x00 0x00
< ACL data: handle 70 flags 0x00 dlen 7
ATT: MTU req (0x02)
client rx mtu 517
> HCI Event: Number of Completed Packets (0x13) plen 5
handle 70 packets 1
...
Pairing does not actually show any more packets (!)
[D2A74C76F3E0]# pair D2:A7:4C:76:F3:E0
Attempting to pair with D2:A7:4C:76:F3:E0
[CHG] Device D2:A7:4C:76:F3:E0 Paired: yes
Pairing successful
Then, I do
[D2A74C76F3E0]# menu gatt
[D2A74C76F3E0]# select-attribute /org/bluez/hci0/dev_D2_A7_4C_76_F3_E0/service000c/char0013
[D2A74C76F3E0:/service000c/char0013]# write 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF
Attempting to write /org/bluez/hci0/dev_D2_A7_4C_76_F3_E0/service000c/char0013
and this issues the following packets:
< ACL data: handle 70 flags 0x00 dlen 8
ATT: Write req (0x12)
handle 0x0014 value 0xFF
> HCI Event: Number of Completed Packets (0x13) plen 5
handle 70 packets 1
> ACL data: handle 70 flags 0x02 dlen 9
ATT: Error (0x01)
Error: Insufficient authentication (5)
Write req (0x12) on handle 0x0014
(loop)
Note that it sends only one byte + it loops (this is probably a bug). But what's important to me is the answer: "Error: Insufficient authentication (5)" which obviously means the security level is incorrectly set.
If we look at information for the device:
# info
...
Paired: yes
Trusted: no
Blocked: no
Connected: yes
LegacyPairing: no
So, I believe I have connected but not with mode 1 level 3.
This is bluetoothctl version 5.50 on a Linux Mint host.
Note that however I get the same behaviour with bluetoothctl version 5.43 on a Raspberry Pi, except that it sends correctly the entire write packet. But the answer is the same.
< ACL data: handle 64 flags 0x00 dlen 15
ATT: Write req (0x12)
handle 0x0014 value 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF 0xFF
> ACL data: handle 64 flags 0x02 dlen 9
ATT: Error (0x01)
Error: Insufficient authentication (5)
Write req (0x12) on handle 0x0014
