wl1271 ,BT encryption , simple secure mode auth

raghu ramaraj1

Other Parts Discussed in Thread: WL1271

Hi,

we are using AM335x + WL1271 (WG 7311) with kernel 3.2 . I am facing the following issue when i using the BT

1) Would like to enable encryption ? But i got the error like

# ./bt.sh
Found a Texas Instruments' chip!
Firmware file : /lib/firmware/TIInit_7.6.15.bts
Loaded BTS script version 1
texas: changing baud rate to 3000000, flow control to 1
Device setup complete
hci0: Type: BR/EDR Bus: UART
BD Address: 00:18:31:1A:AC:EF ACL MTU: 1021:4 SCO MTU: 180:4
UP RUNNING PSCAN ISCAN
RX bytes:1203 acl:0 sco:0 events:45 errors:0
TX bytes:1255 acl:0 sco:0 commands:45 errors:0
Features: 0xff 0xfe 0x2d 0xfe 0xdb 0xff 0x7b 0x87
Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3
Link policy: RSWITCH HOLD SNIFF
Link mode: SLAVE ACCEPT
Name: 'MYBT'
Class: 0x000200
Service Classes: Unspecified
Device Class: Phone, Uncategorized
HCI Version: 4.0 (0x6) Revision: 0x0
LMP Version: 4.0 (0x6) Subversion: 0x1f5d
Manufacturer: Texas Instruments Inc. (13)

# hcidump &
# HCI sniffer - Bluetooth packet analyzer ver 2.4
device: hci0 snap_len: 1028 filter: 0xffffffff

# hciconfig hci0 encrypt
< HCI Command: Write Authentication Enable (0x03|0x0020) plen 1
enable 1
> HCI Event: Command Complete (0x0e) plen 4
Write Authentication Enable (0x03|0x0020) ncmd 1
status 0x00
< HCI Command: Write Encryption Mode (0x03|0x0022) plen 1
mode 1
> HCI Event: Command Complete (0x0e) plen 4
Write Encryption Mode (0x03|0x0022) ncmd 1
status 0x01
Error: Unknown HCI Command
Can't set encrypt on hci0: Invalid request code (56)
#

2) would like to enable simple secure mode with auth . But i got the error like ...

#
# hciconfig hci0 sspmode 1
< HCI Command: Write Simple Pairing Mode (0x03|0x0056) plen 1
mode 0x01
> HCI Event: Command Complete (0x0e) plen 4
Write Simple Pairing Mode (0x03|0x0056) ncmd 1
status 0x00
< HCI Command: Read Simple Pairing Mode (0x03|0x0055) plen 0
> HCI Event: Command Complete (0x0e) plen 5
Read Simple Pairing Mode (0x03|0x0055) ncmd 1
status 0x00 mode 0x01
# hciconfig hci0 sspmode
< HCI Command: Read Simple Pairing Mode (0x03|0x0055) plen 0
> HCI Event: Command Complete (0x0e) plen 5
Read Simple Pairing Mode (0x03|0x0055) ncmd 1
status 0x00 mode 0x01
hci0: Type: BR/EDR Bus: UART
BD Address: 00:18:31:1A:AC:EF ACL MTU: 1021:4 SCO MTU: 180:4
Simple Pairing mode: Enabled
#
# hciconfig hci0 auth
< HCI Command: Write Authentication Enable (0x03|0x0020) plen 1
enable 1
> HCI Event: Command Complete (0x0e) plen 4
Write Authentication Enable (0x03|0x0020) ncmd 1
status 0x00
#
# hciconfig hci0 -a
hci0: Type: BR/EDR Bus: UART
BD Address: 00:18:31:1A:AC:EF ACL MTU: 1021:4 SCO MTU: 180:4
UP RUNNING PSCAN ISCAN AUTH
RX bytes:1551 acl:0 sco:0 events:56 errors:0
TX bytes:1313 acl:0 sco:0 commands:56 errors:0
Features: 0xff 0xfe 0x2d 0xfe 0xdb 0xff 0x7b 0x87
Packet type: DM1 DM3 DM5 DH1 DH3 DH5 HV1 HV2 HV3
Link policy: RSWITCH HOLD SNIFF
Link mode: SLAVE ACCEPT
< HCI Command: Read Local Name (0x03|0x0014) plen 0
> HCI Event: Command Complete (0x0e) plen 252
Read Local Name (0x03|0x0014) ncmd 1
status 0x00 name 'MYBT'
Name: 'MYBT'
< HCI Command: Read Class of Device (0x03|0x0023) plen 0
> HCI Event: Command Complete (0x0e) plen 7
Read Class of Device (0x03|0x0023) ncmd 1
status 0x00 class 0x000200
Class: 0x000200
Service Classes: Unspecified
Device Class: Phone, Uncategorized
< HCI Command: Read Local Version Information (0x04|0x0001) plen 0
> HCI Event: Command Complete (0x0e) plen 12
Read Local Version Information (0x04|0x0001) ncmd 1
status 0x00
HCI Version: 4.0 (0x6) HCI Revision: 0x0
LMP Version: 4.0 (0x6) LMP Subversion: 0x1f5d
Manufacturer: Texas Instruments Inc. (13)
HCI Version: 4.0 (0x6) Revision: 0x0
LMP Version: 4.0 (0x6) Subversion: 0x1f5d
Manufacturer: Texas Instruments Inc. (13)

# > HCI Event: Connect Request (0x04) plen 10
bdaddr 64:09:80:88:1E:CD class 0x5a020c type ACL
< HCI Command: Accept Connection Request (0x01|0x0009) plen 7
bdaddr 64:09:80:88:1E:CD role 0x01
Role: Slave
> HCI Event: Command Status (0x0f) plen 4
Accept Connection Request (0x01|0x0009) status 0x00 ncmd 1
> HCI Event: Link Key Request (0x17) plen 6
bdaddr 64:09:80:88:1E:CD
< HCI Command: Link Key Request Negative Reply (0x01|0x000c) plen 6
bdaddr 64:09:80:88:1E:CD
> HCI Event: Command Complete (0x0e) plen 10
Link Key Request Negative Reply (0x01|0x000c) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD
> HCI Event: PIN Code Request (0x16) plen 6
bdaddr 64:09:80:88:1E:CD
< HCI Command: PIN Code Request Negative Reply (0x01|0x000e) plen 6
bdaddr 64:09:80:88:1E:CD
> HCI Event: Command Complete (0x0e) plen 10
PIN Code Request Negative Reply (0x01|0x000e) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD
> HCI Event: Connect Complete (0x03) plen 11
status 0x18 handle 1 bdaddr 64:09:80:88:1E:CD type ACL encrypt 0x00
Error: Pairing Not Allowed

Even i tried to use agent .....i got "Connection Timeout"

# agent --path /org/bluez/agent 0000 &
#
# > HCI Event: Connect Request (0x04) plen 10
bdaddr 64:09:80:88:1E:CD class 0x5a020c type ACL
< HCI Command: Accept Connection Request (0x01|0x0009) plen 7
bdaddr 64:09:80:88:1E:CD role 0x01
Role: Slave
> HCI Event: Command Status (0x0f) plen 4
Accept Connection Request (0x01|0x0009) status 0x00 ncmd 1
> HCI Event: Link Key Request (0x17) plen 6
bdaddr 64:09:80:88:1E:CD
< HCI Command: Link Key Request Negative Reply (0x01|0x000c) plen 6
bdaddr 64:09:80:88:1E:CD
> HCI Event: Command Complete (0x0e) plen 10
Link Key Request Negative Reply (0x01|0x000c) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD
> HCI Event: PIN Code Request (0x16) plen 6
bdaddr 64:09:80:88:1E:CD
Pincode request for device /org/bluez/1258/hci0/dev_64_09_80_88_1E_CD
< HCI Command: PIN Code Request Reply (0x01|0x000d) plen 23
bdaddr 64:09:80:88:1E:CD len 4 pin '0000'
> HCI Event: Command Complete (0x0e) plen 10
PIN Code Request Reply (0x01|0x000d) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD
> HCI Event: Connect Complete (0x03) plen 11
status 0x08 handle 1 bdaddr 64:09:80:88:1E:CD type ACL encrypt 0x00
Error: Connection Timeout

Thanks & Regards

Raghu Ramaraj

over 10 years ago

0 Sundeep Javvaji over 10 years ago

TI__Mastermind 32615 points

Hi,

I did not see any problem in enabling SSP mode. when you are trying to connect you are getting pairing request for which you need to respond SSP response, which has to be taken care from the host and nothing to do with WL1271

Regarding the Encryption command see the post http://e2e.ti.com/support/wireless_connectivity/f/307/p/369219/1358327.aspx#1358327

0 raghu ramaraj1 over 10 years ago in reply to Sundeep Javvaji

Intellectual 530 points

Hi,

I dont have any issue of enabling the SSP mode. I am facing the issue when it is in auth mode .

I just tested with agent & without agent . But i got " Connection Timeout " and "Pairing Not Allowed" .

Pls see the logs which was shared already

I have tested Simple secure pairing with noauth option . There is no issue .

Guide me how to do Simple secure pairing with auth option .

Thanks & Regards

Raghu Ramaraj

0 John Murphy1 over 10 years ago in reply to raghu ramaraj1

Expert 1210 points

I've been having some issues with SSP mode on the WL1271, but I haven't had time to fix them.

One thing I've learnt about SSP is that if you want "secure" connections (i.e. auth?) you can't use the SSP "just works" mode, you need to use something like "display yes/no" mode.

ref: https://bluegiga.zendesk.com/entries/22264943-Serial-Port-Profile-SPP-connection-to-Android-fails

This sounds like the issue you're experiencing. I had a look at the "agent" source code, it appears to support "display yes/no" mode, but it looks like demo quality code to me.

Also if you using SSP (and not legacy pairing), I would expect a 6 digit random passkey, not the "0000" that you had in your logs.

Let me know it that works. :-)

0 raghu ramaraj1 over 10 years ago in reply to John Murphy1

Intellectual 530 points

Thanks for your response . Even i tried with am335x starter kit .

Pls find the log

> HCI Event: Connect Request (0x04) plen 10
bdaddr 64:09:80:88:1E:CD class 0x5a020c type ACL
< HCI Command: Accept Connection Request (0x01|0x0009) plen 7
bdaddr 64:09:80:88:1E:CD role 0x00
Role: Master
> HCI Event: Command Status (0x0f) plen 4
Accept Connection Request (0x01|0x0009) status 0x00 ncmd 1
> HCI Event: Role Change (0x12) plen 8
status 0x00 bdaddr 64:09:80:88:1E:CD role 0x00
Role: Master
> HCI Event: Link Key Request (0x17) plen 6
bdaddr 64:09:80:88:1E:CD
< HCI Command: Link Key Request Reply (0x01|0x000b) plen 22
bdaddr 64:09:80:88:1E:CD key 10D2AABE78426084B08FAC5D83AAEA96
> HCI Event: Command Complete (0x0e) plen 10
Link Key Request Reply (0x01|0x000b) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD
> HCI Event: PIN Code Request (0x16) plen 6
bdaddr 64:09:80:88:1E:CD
< HCI Command: PIN Code Request Reply (0x01|0x000d) plen 23
bdaddr 64:09:80:88:1E:CD len 6 pin '000000'
> HCI Event: Command Complete (0x0e) plen 10
PIN Code Request Reply (0x01|0x000d) ncmd 1
status 0x00 bdaddr 64:09:80:88:1E:CD

( I got the passkey prompt in the phone. then entered "000000" ) But i got "Connection timeout " after some time

> HCI Event: Connect Complete (0x03) plen 11
status 0x08 handle 1 bdaddr 64:09:80:88:1E:CD type ACL encrypt 0x00
Error: Connection Timeout

Do you think , is it a agent problem ? I would like to implement "Display only" mode in ssp .

0 John Murphy1 over 10 years ago in reply to raghu ramaraj1

Expert 1210 points

Have a look at Figure 4 "IO capability mapping to authentication stage 1" (page 131) to understand the differences between the SSP options.

http://www.microtechnica.tv/support/manual/iWRAP5_User_Guide.pdf

So "DisplayOnly" is only secure when the other device can do "Keyboard only".

I haven't got SSP properly working yet (we mostly use legacy pairing), so I can't recommend the agent...

Wi-Fi

Wi-Fi forum

wl1271 ,BT encryption , simple secure mode auth