Testing BluetoothWin32Authentication Windows 7 Secure Simple Pairing (SSP) support
Testing Windows 7 SSP Support in our class BluetoothWin32Authentication.
(Native methods BluetoothRegisterForAuthenticationEx and BluetoothSendAuthenticationEx).
2011-February Alan McFarlane
Against BlueSoleil
Windows:
Win3 2Auth hndlr, peer: 00190E02C916 host2, m: NumericComparison, req: MITMProtectionNotRequiredBonding, io: DisplayYesNo, n_pk: 630773
BlueZ+Linux initiating the pair, with various IO-Capabilities
Using the BlueZ D-Bus API Agent method CreatePairedDevice which allows one
to set the IO-Capability to advertise, using modified version of their example
script simple-agent.py.
1. Old dongle in Linux
Linux:
rupert@linux:~> simple-agent2.py hci0 00:15:83:42:1b:0c
RequestPinCode (/org/bluez/18341/hci0/dev_00_15_83_42_1B_0C)
Enter PIN Code:
Windows:
Win32Auth hndlr, peer: 001583B41BFA linux-0, m: Legacy, req: MITMProtectionNotDefined, io: Undefined, n_pk:
(BTW: Using the built-in Bluetooth control-panel to add the device,
it displays a six-digit PIN. As I remember, with text
“Please enter the following PIN on ‘xxxx’.”).
2. Linux with 2.1 dongle, IO-Capability = Default (DisplayYesNo)
Linux:
rupert@linux:~> simple-agent2.py hci0 00:15:83:42:1b:0c
RequestConfirmation (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C, 518009)
Confirm passkey (yes/no): yes
Release
New device (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C)
Windows:
Win32Auth hndlr, peer: 001060552CCA linux-0, m: NumericComparison, req: MITMProtectionRequiredBonding, io: DisplayYesNo, n_pk: 518009
3. Linux IO-Capability = KeyboardOnly
Linux:
rupert@linux:~> simple-agent2.py hci0 00:15:83:42:1b:0c KeyboardOnly
RequestPasskey (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C)
Enter passkey: 766841
Release
New device (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C)
Windows:
Win32Auth hndlr, peer: 001060552CCA linux-0, m: PasskeyNotification, req: MITMProtectionRequiredBonding, io: KeyboardOnly, n_pk: 766841
4. NoInputNoOutput
Linux:
rupert@linux:~> simple-agent2.py hci0 00:15:83:42:1b:0c NoInputNoOutput delete
RequestConfirmation (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C, 904813)
Confirm passkey (yes/no): yes
Release
New device (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C)
Windows:
Win32Auth hndlr, peer: 001060552CCA linux-0, m: NumericComparison, req: MITMProtectionRequiredBonding, io: NoInputNoOutput, n_pk: 904813
Note: Had to tell the program to delete the device first.
Presumbly here because it is a change from an “Authenticated” to an “Unauthenticated” Link Key…
5. DisplayOnly
Linux:
rupert@linux:~> simple-agent2.py hci0 00:15:83:42:1b:0c DisplayOnly delete
RequestConfirmation (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C, 980045)
Confirm passkey (yes/no): yes
Release
New device (/org/bluez/20114/hci0/dev_00_15_83_42_1B_0C)
Windows:
Win32Auth hndlr, peer: 001060552CCA linux-0, m: NumericComparison, req: MITMProtectionRequiredBonding, io: DisplayOnly, n_pk: 980045
Note: did tell the program to delete the device first.