Re: recommended way to register on bluetooth event

[Johan Hedberg <johan.hedberg@gmail.com>]

Hi Ordit,

On 1 Oct 2019, at 16.36, Ordit Gross <ordit.gross@orcam.com> wrote:
> I would like to register on encryption changed event.
> As far as I could tell mgmt-api does not consist of such capability.
> I think that reading from an HCI socket may enable me to read all
> events (and the needed one as well).
> is there a better way of registering on encryption changed event?
> 
> The reason I need this capability in the first place is that I want to
> enable repairing if BLE Peripheral Removes Pairing keys.
> currently, when the peripheral deletes his side of keys and attempt to
> connect to master, the master will get  encryption changed event with
> error  "PIN or Key Missing".
> that's why I want to be notified on application that we got this
> event, so I can delete my side of keys as well..

Looking at the kernel code (hci_event.c) a “PIN or Key missing” encryption error should cause a unique MGMT_DEV_DISCONN_AUTH_FAILURE disconnection reason to be presented in the mgmt Device Disconnected event. So that could be one way to identify this in user space. That said, I think a better way would be to add some configurable policy to the kernel to decide what to do in such a case. This is also a security sensitive scenario, since the reason you get “PIN or Key missing” could be because someone is pretending to be the real device, i.e. they could force you to drop the keys for the real device without any authentication. So to be safe, the old keys should only be discarded when the new pairing has been successful, and the security level of the new pairing should be at least as strong as the old one. I don’t think this is doable in user space with the current design.

Johan