Open hientv1999 opened 2 years ago
@hientv1999 at that time the pairing was not yet well supported, but if still relevant, you can try again using latest releases (Just Works pairing is supported there) or branches from https://github.com/hbldh/bleak/pull/1100 or https://github.com/hbldh/bleak/pull/1133 if advanced pairing methods are used.
bluetoothctl -v
) in case of Linux: 5.55Description
In the documentation of Bleak, there isn't any information about pairing with BLE server required authentication/encryption in Linux. I only found pair() under class bleak.backends.winrt.client.BleakClientWinRT for Windows, but I'm using Linux and it didn't work.
What I Tried
I'm essentially sending data from ESP32 as a BLE server to Raspberry Pi as a BLE client. I want the data to be encrypted. Here is my characteristics defining for ESP32 in void setup().
The BLE Server works well when I used LightBlue app on iPhone to connect to it and write/read all characteristics from it is good. However, Raspberry Pi using Bleak cannot read/write to any read_enc and write_enc characteristic. Below is the code I used in Raspberry Pi.
The error output
Characteristic beb5483e-36e1-4688-b7f5-ea07361b26a8 does not support write operations!
What I tried more
I also attempted to add
await client.pair(2)
right afterawait client.connect()
but it doesn't help. Please help me know if there is any workaround to utilize the encryption (and potentially authentication) feature of BLE. Since I'm transmitting WiFI SSID and Passkey, I need to keep the transfer very secure.Important note
If I just define the characteristics in ESP32 as write and read (without encryption), everything will work fine. Raspberry Pi using Bleak can send/receive data from ESP32 with no sweat.
A bit out-of-topic question
This is a question more related to merely BLE and slightly ESP32. In ESP32 code, this line
NimBLEDevice::setSecurityAuth(true, true, true);
enables bonding, man in the middle protection and secure connection pairing. I'm more interested in MIMP. If I don't have WRITE_ENC and READ_ENC (meaning I use only normal WRITE and READ for characteristics), is data still protected against MIM attack?