Menu
I am a complete newbie to the world of Android.Please forgive me if my question is too naive.
I have been working on a sample application to realize Bluetooth pairing between a Linux Box (FC-21 running Bluez-5.42) and an Android tablet. I am using NFC to transfer the Bluetooth name, address and OOB data from the PC to Android. I am able to send the above data from PC to Android over NFC (beam to be precise) and I am able to parse and decode all the data at the Android side. With the Bluetooth address of the Linux box available at Android, I can call CreateBond() to pair the Android tablet with Linux Box. I have tested this part and it works as expected.
Now, the problem with this method is that, during Bluetooth pairing Numeric comparison or passkey entry association model is used, which I feel is an aberration to the user experience when he is using NFC to do the pairing. Since I already have the OOB data of the PC, I would like to use the OOB association for pairing such that the user experience is not compromised.
To do this, when I replace CreateBond() with CreateBondOutOfBand() [using reflection], no pairing request is sent from Android to the Linux PC.
try {
showLog("Pairing started");
Method m = bDev.getClass().getMethod("createBondOutOfBand", byte[].class, byte[].class);
showLog("Found method");
Boolean flag = (Boolean) m.invoke(bDev, Hash, Rand,(Object[]) null);
//Method m = bDev.getClass().getMethod("createBond", (Class[]) null);
//Boolean flag = (Boolean) m.invoke(bDev, (Object[]) null);
if(flag)
showLog("Pairing successfully finished.");
else
showLog("Pairing failed");
} catch (Exception e) {
showLog("Pairing failed.");
}
I searched online but could not find any concrete evidence that OOB pairing can be implemented in Android.
Further, to check the behavior of native Android, I created a NFC tag with the Bluetooth name, address and OOB data of the Linux box. When I held the tag against the Android tablet, Bluettoth pairing was started but it was still not using OOB association model.
My questions are as follows,
Any inputs would be greatly appreciated.
Thanks,
Sai
493
asked Jan 12 '17 00:01
OOB pairing is a way of sharing the encryption keys by some other means than the 2.4GHz band. With MITM, there is still 1 in a million chance that a hacker may get access to all the informaiton. To address such concerns, BLE protocl provides a feature called Out-of-Band (OOB) Pairing.
The app framework provides access to the Bluetooth functionality through Bluetooth APIs. These APIs let apps connect to other Bluetooth devices, enabling point-to-point and multipoint wireless features. Using the Bluetooth APIs, an app can perform the following: Scan for other Bluetooth devices.
According to this,
Android 9 introduces new restrictions on the use of non-SDK interfaces, whether directly, via reflection, or via JNI. These restrictions are applied whenever an app references a non-SDK interface or attempts to obtain its handle using reflection or JNI.
Since createBondOutOfBand() and removeBond() are hidden from public documentation, these methods are restricted from Android 9. Calling these methods using reflection will cause exceptions.
72
answered Sep 26 '22 14:09
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With