BLE issue: Start_LE_Encryption fails

BLE issue: Start_LE_Encryption fails

[Ajay]

Hi,
	I am getting le_long_term_key_negative reply  from the remote device , 
on sending le_start_encryption . I am testing this with 2 ubuntu 
machines(3.2.5) with IOGEAR dual mode dongles .
	 I did  pairing  using blueman and  got corresponding link key 
from(/var/lib/bluetooth) . But i doubt, this key is specific to BR/EDR 
not for LE controller , since hcidump is not showing any packets related 
to smp .
    so please suggest me a way to do pairing using SMP and LE specific
-- 
Thanks & regards

  AJAY KV
  GlobalEdge software Ltd
  8892753703

Re: BLE issue: Start_LE_Encryption fails

[Anderson Lizardo]

[Forgot to reply to the list]

On Tue, Oct 30, 2012 at 7:49 AM, Anderson Lizardo
<anderson.lizardo@openbossa.org> wrote:
> Hi Ajay,
>
> On Sun, Oct 28, 2012 at 1:08 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>> Hi,
>>         I am getting le_long_term_key_negative reply  from the remote device
>> , on sending le_start_encryption . I am testing this with 2 ubuntu
>> machines(3.2.5) with IOGEAR dual mode dongles .
>
> To connect to a dual mode dongle, you need to set LE Adv. flags to
> 0x06 (which means general discoverable + BR/EDR not supported) on the
> acceptor side. You can use this command (on the acceptor/slave side):
>
> sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
>     $(perl -e 'print "00 " x 28')
>
> Next, enable LE advertising:
>
> sudo hciconfig hci0 leadv
>
> On the initiator/master side, run "hcitool lescan" and try pairing again.

Regards,
-- 
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil

Re: BLE issue: Start_LE_Encryption fails

[Ajay]

On Tuesday 30 October 2012 05:20 PM, Anderson Lizardo wrote:
> [Forgot to reply to the list]
>
> On Tue, Oct 30, 2012 at 7:49 AM, Anderson Lizardo
> <anderson.lizardo@openbossa.org> wrote:
>> Hi Ajay,
>>
>> On Sun, Oct 28, 2012 at 1:08 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>>> Hi,
>>>          I am getting le_long_term_key_negative reply  from the remote device
>>> , on sending le_start_encryption . I am testing this with 2 ubuntu
>>> machines(3.2.5) with IOGEAR dual mode dongles .
>>
>> To connect to a dual mode dongle, you need to set LE Adv. flags to
>> 0x06 (which means general discoverable + BR/EDR not supported) on the
>> acceptor side. You can use this command (on the acceptor/slave side):
>>
>> sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
>>      $(perl -e 'print "00 " x 28')
>>
>> Next, enable LE advertising:
>>
>> sudo hciconfig hci0 leadv
>>
>> On the initiator/master side, run "hcitool lescan" and try pairing again.
>
> Regards,
>

Thanks, but "sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 " ,   this 
command only sets the advertising data to zero right . so how do i set 
the adv flag as 0x06 . Which hci command is used for this  purpose .
  	


-- 
Thanks & regards

  AJAY KV
  GlobalEdge software Ltd
  8892753703

Re: BLE issue: Start_LE_Encryption fails

[Anderson Lizardo]

Hi Ajay,

On Sun, Oct 28, 2012 at 8:30 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
> Thanks, but "sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 " ,   this
> command only sets the advertising data to zero right . so how do i set the
> adv flag as 0x06 . Which hci command is used for this  purpose .

No, this sets adv. data to have "Flags" AD set to 0x06. But you missed
the second line of the command:

sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
    $(perl -e 'print "00 " x 28')

The second line is important because it fills the other bytes with
zero (which some controllers require).

Regards,
-- 
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil

Re: BLE issue: Start_LE_Encryption fails

[Ajay]

On Tuesday 30 October 2012 06:42 PM, Anderson Lizardo wrote:
> Hi Ajay,
>
> On Sun, Oct 28, 2012 at 8:30 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>> Thanks, but "sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 " ,   this
>> command only sets the advertising data to zero right . so how do i set the
>> adv flag as 0x06 . Which hci command is used for this  purpose .
>
> No, this sets adv. data to have "Flags" AD set to 0x06. But you missed
> the second line of the command:
>
> sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
>      $(perl -e 'print "00 " x 28')
>
> The second line is important because it fills the other bytes with
> zero (which some controllers require).
>
> Regards,
>
  ya , i got your point ,advertiser is informing the remote device  , 
that it is not BR/EDR capable .That is done and device is connecting now.
	But  still i dont know, how to do le specific pairing and 
start_encryption enable(part of le pairing) . Is there any tool in bluez 
  providing LE pairing before connecting the devices (want to try with 2 
ubuntu pc's ).

-- 
Thanks & regards

  AJAY KV
  GlobalEdge software Ltd
  8892753703

Re: BLE issue: Start_LE_Encryption fails

[Anderson Lizardo]

Hi Ajay,

On Sun, Oct 28, 2012 at 9:33 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>  ya , i got your point ,advertiser is informing the remote device  , that it
> is not BR/EDR capable .That is done and device is connecting now.
>         But  still i dont know, how to do le specific pairing and
> start_encryption enable(part of le pairing) . Is there any tool in bluez
> providing LE pairing before connecting the devices (want to try with 2
> ubuntu pc's ).

We use the "simple-agent" script from test/ directory in BlueZ for pairing.

On the slave side run:

test/simple-agent hci0

on the master side, after "hcitool lescan", run:

test/simple-agent hci0 <slave-address>

This should trigger Just Works SMP pairing.

Regards,
-- 
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil

Re: BLE issue: Start_LE_Encryption fails

[Ajay]

[-- Attachment #1: Type: text/plain, Size: 6467 bytes --]

On Sun, Oct 28, 2012 at 1:08 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
 > Hi,
 >         I am getting le_long_term_key_negative reply  from the remote 
device
 > , on sending le_start_encryption . I am testing this with 2 ubuntu
 > machines(3.2.5) with IOGEAR dual mode dongles .

To connect to a dual mode dongle, you need to set LE Adv. flags to
0x06 (which means general discoverable + BR/EDR not supported) on the
acceptor side. You can use this command (on the acceptor/slave side):

sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
     $(perl -e 'print "00 " x 28')

Next, enable LE advertising:

sudo hciconfig hci0 leadv

On the initiator/master side, run "hcitool lescan" and try pairing again.





Hi Ajay,

On Sun, Oct 28, 2012 at 8:30 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
 > Thanks, but "sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 " ,   this
 > command only sets the advertising data to zero right . so how do i 
set the
 > adv flag as 0x06 . Which hci command is used for this  purpose .

No, this sets adv. data to have "Flags" AD set to 0x06. But you missed
the second line of the command:

sudo hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
     $(perl -e 'print "00 " x 28')

The second line is important because it fills the other bytes with
zero (which some controllers require).





On Tuesday 30 October 2012 07:45 PM, Anderson Lizardo wrote:
> Hi Ajay,
>
> On Sun, Oct 28, 2012 at 9:33 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>>   ya , i got your point ,advertiser is informing the remote device  , that it
>> is not BR/EDR capable .That is done and device is connecting now.
>>          But  still i dont know, how to do le specific pairing and
>> start_encryption enable(part of le pairing) . Is there any tool in bluez
>> providing LE pairing before connecting the devices (want to try with 2
>> ubuntu pc's ).
>
> We use the "simple-agent" script from test/ directory in BlueZ for pairing.
>
> On the slave side run:
>
> test/simple-agent hci0
>
> on the master side, after "hcitool lescan", run:
>
> test/simple-agent hci0 <slave-address>
>
> This should trigger Just Works SMP pairing.
>
> Regards,
>


Hi,
     I have included some of our previous conversations  related to this 
issue.

I got some error while testing the above case for LE pairing using 
simple_agent . kindly find a solution



MASTER side
Steps followed
root@test:/home# hcitool lescan

root@test:/home# ./simple-agent  hci0 00:02:72:D6:A1:0D

Creating device failed: org.freedesktop.DBus.Error.NoReply: Did not 
receive a reply. Possible causes include: the remote application did not 
send a reply, the message bus security policy blocked the reply, the 
reply timeout expired, or the network connection was broken.

hcidump on master side
********************************************************************************
< HCI Command: LE Set Scan Parameters (0x08|0x000b) plen 7
     type 0x01 (active)
     interval 10.000ms window 10.000ms
     own address: 0x00 (Public) policy: All
 > HCI Event: Command Complete (0x0e) plen 4
     LE Set Scan Parameters (0x08|0x000b) ncmd 1
     status 0x00
< HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2
     value 0x01 (scanning enabled)
     filter duplicates 0x00 (disabled)
 > HCI Event: Command Complete (0x0e) plen 4
     LE Set Scan Enable (0x08|0x000c) ncmd 1
     status 0x00

       RSSI: -71
 > HCI Event: LE Meta Event (0x3e) plen 12
     LE Advertising Report
       SCAN_RSP - Scan Response (4)
       bdaddr 00:02:72:D6:A1:0D (Public)
       RSSI: -70
 > HCI Event: LE Meta Event (0x3e) plen 15
     LE Advertising Report
       ADV_IND - Connectable undirected advertising (0)
       bdaddr 00:02:72:D6:A1:0D (Public)
       Flags: 0x06
       RSSI: -69

 > HCI Event: LE Meta Event (0x3e) plen 12
     LE Advertising Report
       SCAN_RSP - Scan Response (4)
       bdaddr 00:02:72:D6:A1:0D (Public)

< HCI Command: LE Set Scan Enable (0x08|0x000c) plen 2
     value 0x00 (scanning disabled)
     filter duplicates 0x00 (disabled)
 > HCI Event: Command Complete (0x0e) plen 4
     LE Set Scan Enable (0x08|0x000c) ncmd 1
     status 0x00
< HCI Command: LE Create Connection (0x08|0x000d) plen 25
     bdaddr 00:02:72:D6:A1:0D type 0
 > HCI Event: Command Status (0x0f) plen 4
     LE Create Connection (0x08|0x000d) status 0x00 ncmd 1
 > HCI Event: LE Meta Event (0x3e) plen 19
     LE Connection Complete
       status 0x00 handle 64, role master
< ACL data: handle 64 flags 0x00 dlen 11
     ATT: Read By Group req (0x10)
       start 0x0001, end 0xffff
       type-uuid 0x2800
 > HCI Event: Number of Completed Packets (0x13) plen 5
     handle 64 packets 1
< HCI Command: Read Remote Version Information (0x01|0x001d) plen 2
     handle 64
 > HCI Event: Command Status (0x0f) plen 4
     Read Remote Version Information (0x01|0x001d) status 0x00 ncmd 1
 > HCI Event: Read Remote Ver Info Complete (0x0c) plen 8
     status 0x00 handle 64
     LMP Version: 4.0 (0x6) LMP Subversion: 0x220e
     Manufacturer: Broadcom Corporation (15)
< HCI Command: Disconnect (0x01|0x0006) plen 3
     handle 64 reason 0x13
     Reason: Remote User Terminated Connection
 > HCI Event: Command Status (0x0f) plen 4
     Disconnect (0x01|0x0006) status 0x00 ncmd 1
 > HCI Event: Disconn Complete (0x05) plen 4
     status 0x00 handle 64 reason 0x16
     Reason: Connection Terminated by Local Host


SLAVE side

root@test:/home#  hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
     			$(perl -e 'print "00 " x 28')
root@test:/home# hciconfig hci0  leadv


Hcidump shows ..

< HCI Command: LE Set Advertising Data (0x08|0x0008) plen 32
 > HCI Event: Command Complete (0x0e) plen 4
     LE Set Advertising Data (0x08|0x0008) ncmd 1
     status 0x00
< HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
 > HCI Event: Command Complete (0x0e) plen 4
     LE Set Advertise Enable (0x08|0x000a) ncmd 1
     status 0x00

 > HCI Event: LE Meta Event (0x3e) plen 19
     LE Connection Complete
       status 0x00 handle 64, role slave
       bdaddr 00:02:72:D6:AB:AD (Public)
 > ACL data: handle 64 flags 0x02 dlen 11
     ATT: Read By Group req (0x10)
       start 0x0001, end 0xffff
       type-uuid 0x2800
 > HCI Event: Disconn Complete (0x05) plen 4
     status 0x00 handle 64 reason 0x13
     Reason: Remote User Terminated Connection

***************************************************************************


-- 
Thanks & Regards

  AJAY KV
  GlobalEdge software Ltd
  8892753703

[-- Attachment #2: ajay_kv.vcf --]
[-- Type: text/x-vcard, Size: 74 bytes --]

begin:vcard
fn:AJAY KV
n:;AJAY
tel;cell:8892753703
version:2.1
end:vcard

Re: BLE issue: Start_LE_Encryption fails

[Anderson Lizardo]

Hi Ajay,

On Tue, Dec 4, 2012 at 2:49 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
> SLAVE side
>
> root@test:/home#  hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
>
>                         $(perl -e 'print "00 " x 28')
> root@test:/home# hciconfig hci0  leadv
>
>
> Hcidump shows ..
>
> < HCI Command: LE Set Advertising Data (0x08|0x0008) plen 32
>> HCI Event: Command Complete (0x0e) plen 4
>     LE Set Advertising Data (0x08|0x0008) ncmd 1
>     status 0x00
> < HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
>> HCI Event: Command Complete (0x0e) plen 4
>     LE Set Advertise Enable (0x08|0x000a) ncmd 1
>     status 0x00
>
>> HCI Event: LE Meta Event (0x3e) plen 19
>     LE Connection Complete
>       status 0x00 handle 64, role slave
>       bdaddr 00:02:72:D6:AB:AD (Public)
>> ACL data: handle 64 flags 0x02 dlen 11
>     ATT: Read By Group req (0x10)
>       start 0x0001, end 0xffff
>       type-uuid 0x2800

Your slave device is not answering to the Read By Group request,
therefore the master side is disconnecting due to timeout.

I suggest you first try using gatttool on the master side to connect
to the slave, and run "primary" to see if it is processing GATT
requests.

The bluez log from the slave side should help (I assume you are
running BlueZ on the slave side).

Regards,
-- 
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil

Re: BLE issue: Start_LE_Encryption fails

[Ajay]

[-- Attachment #1: Type: text/plain, Size: 3219 bytes --]

On Thursday 06 December 2012 04:20 PM, Anderson Lizardo wrote:
> Hi Ajay,
>
> On Tue, Dec 4, 2012 at 2:49 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>> SLAVE side
>>
>> root@test:/home#  hcitool -i hci0 cmd 0x08 0x0008 03 02 01 06 \
>>
>>                          $(perl -e 'print "00 " x 28')
>> root@test:/home# hciconfig hci0  leadv
>>
>>
>> Hcidump shows ..
>>
>> < HCI Command: LE Set Advertising Data (0x08|0x0008) plen 32
>>> HCI Event: Command Complete (0x0e) plen 4
>>      LE Set Advertising Data (0x08|0x0008) ncmd 1
>>      status 0x00
>> < HCI Command: LE Set Advertise Enable (0x08|0x000a) plen 1
>>> HCI Event: Command Complete (0x0e) plen 4
>>      LE Set Advertise Enable (0x08|0x000a) ncmd 1
>>      status 0x00
>>
>>> HCI Event: LE Meta Event (0x3e) plen 19
>>      LE Connection Complete
>>        status 0x00 handle 64, role slave
>>        bdaddr 00:02:72:D6:AB:AD (Public)
>>> ACL data: handle 64 flags 0x02 dlen 11
>>      ATT: Read By Group req (0x10)
>>        start 0x0001, end 0xffff
>>        type-uuid 0x2800
>
> Your slave device is not answering to the Read By Group request,
> therefore the master side is disconnecting due to timeout.
>
> I suggest you first try using gatttool on the master side to connect
> to the slave, and run "primary" to see if it is processing GATT
> requests.
>
> The bluez log from the slave side should help (I assume you are
> running BlueZ on the slave side).
>
> Regards,
>


Hi,
     I tried  "gatttool  -i hci0 -b <remote bdaddr> --primary " on 
master side  ,which creates   LE link and very next moment disconnects . 
How can i change the security level  of the link to medium?. still 
struggling to pair the device  (atleast "smp just works") ) . Is my 
kernel supportive (3.2.5)

	  few lines of code from the kernel (/net/bluetooth/smp.c)
	

int smp_conn_security(struct l2cap_conn *conn, __u8 sec_level)
{
         struct hci_conn *hcon = conn->hcon;
         struct smp_chan *smp = conn->smp_chan;

         BT_DBG("conn %p hcon %p level 0x%2.2x", conn, hcon, sec_level);

         if (!lmp_host_le_capable(hcon->hdev))
                 return 1;

         if (sec_level == BT_SECURITY_LOW)
                 return 1;

         if (hcon->sec_level >= sec_level)
                 return 1;

         if (hcon->link_mode & HCI_LM_MASTER)
                 if (smp_ltk_encrypt(conn))
                         goto done;

         if (test_and_set_bit(HCI_CONN_LE_SMP_PEND, &hcon->pend))
                 return 0;

         smp = smp_chan_create(conn);

         if (hcon->link_mode & HCI_LM_MASTER) {
                 struct smp_cmd_pairing cp;

                 build_pairing_cmd(conn, &cp, NULL, SMP_AUTH_NONE);
                 smp->preq[0] = SMP_CMD_PAIRING_REQ;
                 memcpy(&smp->preq[1], &cp, sizeof(cp));

                 smp_send_cmd(conn, SMP_CMD_PAIRING_REQ, sizeof(cp), &cp);


	Every time on LE create connection  process 	i	,smp_conn_security() 
getting called from hci layer .
   But  if(host_le_capable(hcon->hdev))
                 return 1;
condition returns without even checking the security level . so kindly 
show me the right way..	

   	

-- 
Thanks & Regards

  AJAY KV
  GlobalEdge software Ltd
  8892753703

[-- Attachment #2: ajay_kv.vcf --]
[-- Type: text/x-vcard, Size: 74 bytes --]

begin:vcard
fn:AJAY KV
n:;AJAY
tel;cell:8892753703
version:2.1
end:vcard

Re: BLE issue: Start_LE_Encryption fails

[Anderson Lizardo]

Hi,

On Sat, Dec 8, 2012 at 9:59 PM, Ajay <ajay.kv@globaledgesoft.com> wrote:
>     I tried  "gatttool  -i hci0 -b <remote bdaddr> --primary " on master
> side  ,which creates   LE link and very next moment disconnects . How can i
> change the security level  of the link to medium?. still struggling to pair
> the device  (atleast "smp just works") ) . Is my kernel supportive (3.2.5)

You can try using the --sec-level medium option.

>         Every time on LE create connection  process     i
> ,smp_conn_security() getting called from hci layer .
>   But  if(host_le_capable(hcon->hdev))
>                 return 1;
> condition returns without even checking the security level . so kindly show
> me the right way..

I suspect this check has been added recently to the kernel. Try
running bluetoothd oh the master side as well, it should then enable
host LE support through mgmt API and this check should pass.

Regards,
-- 
Anderson Lizardo
Instituto Nokia de Tecnologia - INdT
Manaus - Brazil