This thread has been locked.

If you have a related question, please click the "Ask a related question" button in the top right corner. The newly created question will be automatically linked to this question.

Enable encryption

Hi, 

We are basing our software on the Bluetopia SPPLEDemo but I can't wrap my head around the encryption. It doesn't seem to be enabled by default so my question is: how do I initiate encryption from our Tiva device (based on the code in SPPLEDemo)? 

Best Regards, 
Johan 

  • Hi Johan,

    You are using "PairLE" right? It looks to me that encryption is enabled by default.
    Can you please let me know why you say that it is not?

    Regards,
    Gigi Joseph.
  • Thank you for your attention!

    Sorry, I was a bit short in my description. We are not using LE at the moment. A smartphone initiates the pairing after the device has been set to pairable. Thus, we are using neither Pair() or ParLE().

    Can I set encryption enable via GAP after the device is set to pariable?

  • Hi Johan,

    You would need to have a connection handle to enable encryption on the link. You can use GAP_Set_Encryption_Mode() with the remote BD address or use HCI_Set_Connection_Encryption().

    Regards,
    Gigi Joseph.
  • Hi,

    I have tried the following without luck:

    Call GAP_Set_Encryption_Mode() with local address after the device has been set to pairable (according to the reference manual this will enable encryption for all future connections). The function returns -501.

    Call HCI_Set_Connection_Encryption() in etPort_Open_Indication SPP event callback. The function returns successfully.

    Call HCI_Write_Encryption_Mode() after the device has been set to pairable. The function returns successfully.

    I have enabled BT logging on the Android smartphone and I still see no trace of encryption being enabled or changed. Do you have any suggestions? What am I missing?

    Best Regards,
    Johan
  • Hi Johan,

    The methods #1 & #3 sends "HCI_Write_Encryption_Mode"command which is deprecated as per the BT Spec... and hence will not work.
    You must use "HCI_Set_Connection_Encryption" with the correct connection handle.

    The remote Android bluetooth device should send "HCI_Encryption_Change" event to its host. That should come in the snoop logs... Do you see this? Can you share those snoop logs?

    Regards,
    Gigi Joseph.
  • Hi,

    Alright. My call to HCI_Set_Connection_Encryption() is still made in the etPort_Open_Indication SPP event callback. The function returns successfully and the StatusResult variable is also zero.

    An etEncryption_Change_Event is caught in the HCI_Event_Callback() but when I verify the Encryption_Enable flag in the Event_Data the encryption is disabled.

    There is still no trace of encryption in the snoop logs.

    btsnoop_hci_hci_enc3.log

    Best Regards,
    Johan

  • Hi Johan,

    Then it looks like "LMP_encryption_mode_req" was rejected by the remote controller.
    This would not show up on the remote snoop logs.

    Do you have the option to get air sniffer log?

    Also, can you try with another remote device?
    This remote says that it does not support "Secure Connections (Host & Controller)".

    Regards,
    Gigi Joseph.
  • Hi,

    Unfortunately I do not have access to an air sniffer for BT Classic as these are quite expensive.

    I'm gonna try with another device. Where in the log do you see that this remote does not support "Secure Connections (Host & Controller)"?

    Best Regards,
    Johan