jacek12345
commented
1 year ago It works with sharing node. The only problem is with adding device.
Closed jacek12345 closed 1 year ago
jacek12345
commented
1 year ago It works with sharing node. The only problem is with adding device.
KhushbuShah25
commented
1 year ago Hi @jacek12345, Is it occurring every time for Android 7 phone ?
jacek12345
commented
1 year ago Yes, every time. I don't have any other device with Android 7, but this is 100% repeatable on this HUAWEI.
KhushbuShah25
commented
1 year ago Hi @jacek12345 ,
Can you try once after disabling CONFIG_WIFI_PROV_BLE_FORCE_ENCRYPTION, which you can find under Component Config -> Wi-Fi Provisioning Manager ?
jacek12345
commented
1 year ago Yes, this is it. Now it works. Can You explain issue and what next?
KhushbuShah25
commented
1 year ago Hi @jacek12345 ,
ESP-IDF now enforces link encryption requirement while performing GATT write on characteristics of provisioning service. This results in a pairing pop-up dialog, if link is not encrypted. This feature is enabled by default. Most Android phones initiate pairing request if encryption this flag is enabled at device side. But in some phones, Android BT stack is not initiating pairing request. This was the reason for failure. Added details about this flag in esp-idf example.
jacek12345
commented
1 year ago Thank You for reponse. Can you explain if disabling this flag somehow degrades whole system security?
rahult-github
commented
1 year ago Hi @jacek12345 ,
The flag basically adds encryption at gatt layer as a requirement to perform read / write operations. When a remote device attempts to access the characteristic, if the ACL link is not encrypted, the BLE stack will reject the read / write operation with insufficient authentication. The remote device should then proceed for encrypting the link ( which can result in re-pairing ). Now, this becomes remote device implementation specific. Hence in this case, some devices are showing failure ( as some phones handle this scenario, some do not ).
The intention is to make it secure. In IDF, the protocomm layer ( which gets used by rainmaker) is a wrapper on top of underlying BLE stack is intended to have end to end security. So, in this case, security is ensured already. Hence, it is ok to disable the flag without causing any side-effects.
Thanks, Rahul
jacek12345
commented
1 year ago Thank You
Android 7 API level 24 ESP32C3 IDF4.4.2 BLE Provisioning After scaning QR code nothing happens (only show waiting icon). In monitor no reaction. If choosing no QR code and BLE, it shows device but after tap, also nothing. One time it shows "Error! Communication failed. Device may not be supported". What can be the reason? The same esp device can add on iOS without problem. Also on Android 10 without problem.