Pairing, encryption, and passkeys

[brianreinhold]

I do not see any aioble examples where the details of pairing and/or encryption are illustrated. This works fine for just works situations but that is not the only possible pairing that takes place. I am having a hard time seeing how to handle the security function in aioble. in particular handling passkeys/confirmation on the client/central side. I have looked at the source code and see this:

    elif event == _IRQ_PASSKEY_ACTION:
        conn_handle, action, passkey = data
        log_info("passkey action", conn_handle, action, passkey)
        # if action == _PASSKEY_ACTION_NUMCMP:
        #     # TODO: Show this passkey and confirm accept/reject.
        #     accept = 1
        #     self._ble.gap_passkey(conn_handle, action, accept)
        # elif action == _PASSKEY_ACTION_DISP:
        #     # TODO: Generate and display a passkey so the remote device can enter it.
        #     passkey = 123456
        #     self._ble.gap_passkey(conn_handle, action, passkey)
        # elif action == _PASSKEY_ACTION_INPUT:
        #     # TODO: Ask the user to enter the passkey shown on the remote device.
        #     passkey = 123456
        #     self._ble.gap_passkey(conn_handle, action, passkey)
        # else:
        #     log_warn("unknown passkey action")

It is all the TODOs.. Using the bluetooth low-level APIs it is pretty straight forward, its just a matter of knowing the correct names for the IRQ event names. Is it possible to handle pairing/encryption details (especially passkeys and confirmations) using the aioble library? This ability is critical for our project. If so, are there any aioble examples of for this?

Thanks,

[jimmo]

@brianreinhold You're correct, this just isn't implemented yet in aioble. We need to come up with a good async-based API for this, although maybe in this case something with either callbacks or abstract methods makes more sense?

[brianreinhold]

@jimmo Is there full support for pairing in the low-level API?
How are security requests and insufficient authentications handled on the client side? Does the application receive some signal of these events or does the library automatically invoke pairing (in the security request case that would be encryption if already paired)?

[digital-codes]

would be interested in this issue too. I noticed that a ble_secrets.json file is created when the peripheral is a heart rate sensor, but not when it is a "only" environmental sensor. Probably the host (linux, in this case) is trying to bond the heart rate sensor implicitly.
I assume that the paired connected is still encrypted, correct?
Any ideas how to help?

[brianreinhold]

@digital-codes Could you clarify the situation? Are you looking at the client/central side or the server/peripheral side? I assume that the peripherals in both case require pairing and bonding. The only examples I know about contain only one pairing case and that is for a peripheral (no client partner) and it is for the low level. As far as aioble is concerned I have observed the following about the client side:

It responds to a peripheral security request with a pairing request but with the bonding flag cleared. The peripherals I have respond with the bonding flag set and aioble quits the pairing procedure but does not disconnect. One can keep going,

When the client tries to read/write a secured characteristic, aioble responds with an insufficient authentication error which the application must handle. By spec the client shall begin pairing/encryption as the case may be and repeat the operation after pairing succeeds. I have not implemented that pairing yet but looking at the security module source code it looks like the bonding flag can be set. There are methods in the security module that allow one to get the LTKs. The IRK and public BT address are also exposed in the protocol but I do not know if the api gives access to them (I have not gotten that far).

I have tried using the aioble config method to set the bonding flag to true but it does not work. I could not set it programmatically using the low-level library either. I might be doing something wrong.

Personally I hope that security requests and insufficient authentication/encryption errors are handled in the same way - either by the application or by aioble when it comes to the LTKs and other supporting keys.

When we get that working, then we can work on passkeys and yes/no confirmations. Many market health devices require such.
Keep in touch and maybe together we can work this out!