-1

In short

When I connect to a BLE device with an unofficial app/program, GATT commands are not executed by the device.

Does the app need to run some king of authentication with the device? (a Bulb)

My reverse engineering story

I am trying to reverse-engineer a Bluetooth LE bulb (the Holi Sleep Companion). I have successfully found the GATT messages I need:

  1. by reading the HCI journals from Android (dev tools)
  2. by disassembling the Java code of the Android app (Sleep360)

However, sending the exact same sequence of Bluetooth messages to the Bulb does not work.

While testing, I actually found that the following works for one GATT command if quickly run in the right order:

  1. I connect the official Android app
  2. I close the official Android app
  3. I connect my own app/program and send one GATT command (from the same device or another)

My tests

I run my tests with two methods:

  1. with the nF Connect Android app
  2. with my own python script running on a Linux laptop with bluez

Thank you for you help!

albinou
  • 13
  • 3

1 Answers1

0

No there is no such "authentication standard". You have the pairing and bonding however in the standard but that is usually taken care of by the system and not by an app in Android.

A manufacturer is free to use GATT as a transport layer and then build an authentication protocol on top of it.

Emil
  • 16,784
  • 2
  • 41
  • 52
  • Thanks for the input, very helpful! However, in my case, I don't find anything that could look like an authentication GATT message. Also, there is a for example a turn ON/OFF GATT message that does not send anything that could look like an authentication ID, so how would this work? Is there something else that could make my requests wrong for the bulb? Thanks a lot. – albinou May 04 '19 at 11:42
  • If you start the manufacturer app and turn on the lights, does the hci log show equivalent messages every time? When you then do the same thing in your app, do you see any differences in the hci messages? Maybe you can share the hci log? – Emil May 04 '19 at 13:35
  • Ohh, thanks. By asking me hci logs, I tried to make a clean log file and found out I had not understood the GATT commands properly! So I did make my bulb work. I still have some work to do to change the color but it works :-) Thank you very much. Once done, I'll publish the code. Cheers! – albinou May 06 '19 at 09:41
  • If anyone is interested, the code is here: https://gitlab.com/albinou/python-sleep360 – albinou May 10 '19 at 21:19