0

First of all, sorry for my bad english.

For the entire projet, I am trying to connect a generic smartwatch (this one) to an Arduino. The purpose is to gather information (heart rate for example). I don't know how the device communicate with the application Mistep. So I followed several steps. At this moment, I didn't analyze the establishment of the connection at the beginning but only the value (heart rate) transmission.

Running application with HCI/BLuetooth Log on Android

I analyzed this log in Wireshark.

First of all, I have a packet sent by the smartwatch and received by the Android machine:

Bluetooth HCI ACL Packet
.... 1110 0000 0001 = Connection Handle: 0x0e01
..00 .... .... .... = PB Flag: First Non-automatically Flushable Packet (0)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 17
[Connect in frame: 12999]
[Source BD_ADDR: d6:1c:5a:c3:05:** (d6:1c:5a:c3:05:**)]
[Source Device Name: HRW_1c5ac305**]
[Source Role: Unknown (0)]
[Destination BD_ADDR: IntelCor_95:05:** (fc:f8:ae:95:05:**)]
[Destination Device Name: VMware Virtual Platform]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]

Bluetooth Attribute Protocol
Opcode: Write Command (0x52)
    0... .... = Authentication Signature: False
    .1.. .... = Command: True
    ..01 0010 = Method: Write Request (0x12)
Handle: 0x0018 (Unknown)
    [UUID: Unknown (0xfff2)]
Value: 68260400110a1000bd16

Then the Android device send a packet (notification) to the smartwatch:

Edit:

Bluetooth HCI ACL Packet
.... 1110 0000 0001 = Connection Handle: 0x0e01
..10 .... .... .... = PB Flag: First Automatically Flushable Packet (2)
00.. .... .... .... = BC Flag: Point-To-Point (0)
Data Total Length: 9
[Connect in frame: 12999]
[Source BD_ADDR: IntelCor_95:05:** (fc:f8:ae:95:05:**)]
[Source Device Name: VMware Virtual Platform]
[Source Role: Unknown (0)]
[Destination BD_ADDR: d6:1c:5a:c3:05:25 (d6:1c:5a:c3:05:**)]
[Destination Device Name: HRW_1c5ac305**]
[Destination Role: Unknown (0)]
[Current Mode: Unknown (-1)]

Bluetooth Attribute Protocol
Opcode: Handle Value Notification (0x1b)
    0... .... = Authentication Signature: False
    .0.. .... = Command: False
    ..01 1011 = Method: Handle Value Notification (0x1b)
Handle: 0x000e (Heart Rate Measurement)
    [UUID: Heart Rate Measurement (0x2a37)]
Flags: 0x04, Sensor Support
    000. .... = Reserved: 0x00
    ...0 .... = RR Interval: False
    .... 0... = Energy Expended: False
    .... .1.. = Sensor Support: True
    .... ..0. = Sensor Contact: False
    .... ...0 = Value is UINT16: False
Value: 76

This packet contains the value of heart rate (76) but it is sent by Android device to the smartwatch for notification. I guess this value has been retrieved from the handle 0x0018 value: 68260400110a1000bd16. The problem is: I don't know how to get the value from this hexa.

Do you have an idea how to analyze the value and get the heart value ?

saraza
  • 41
  • 6
  • Something is not right here. How can the android device send a notification to the smartwatch with the heart rate value? It should be vice versa, since it is the smartwatch that measures the heart rate. Also, the smartwatch has the role of a server (providing data), it will not issue a write request. The UUID is unknown (what should the write request do?!), and the value 6826... is NOT the value of the notification. Check this link for the heart rate notification: https://www.bluetooth.com/specifications/gatt/viewer?attributeXmlFile=org.bluetooth.characteristic.heart_rate_measurement.xml – Thern Oct 18 '16 at 13:34
  • I added an edit in my first message with the "Bluetooth HCI ACL Packet" information. Source is the Android (Vmware) and destination is the smartwatch (d6:1c...) so something is wrong... Maybe both are inverted for an unknown reason and it could explain my misunderstanding... – saraza Oct 18 '16 at 19:28

0 Answers0