The official Qt Bluetoothy API does not support OOB authentication. In fact, the Android APIs do not have official support for it either. There is a hidden function for it in BluetoothDevice on Android though:
https://android.googlesource.com/platform/frameworks/base/+/master/core/java/android/bluetooth/BluetoothDevice.java#1040 With reflection you should be able to access it. There are quite a few examples on the Internet. If Qt were to implement this type of pairing, the function would have to take the additional parameters into account. -- Alex ________________________________________ From: Interest <[email protected]> on behalf of Jérôme Godbout <[email protected]> Sent: Thursday, 22 November 2018 8:54:11 PM To: [email protected] Subject: [Interest] BLE OOB authentication Hi, How does one can perform an OOB authentication for secure connection with Qt under Android (and iOS if possible but not 100% required, but would be sweet if I can manage both)? I was doing anonymous connection with the QLowEnergyController:: connectToDevice() but I also seen the QBluetoothLocalDevice::requestPairing<http://doc.qt.io/qt-5/qbluetoothlocaldevice.html#requestPairing>() but I’m a little confuse with the API, should the authentication be part of the connection when the capability are exchanged. I have a device that required authenticated connection and ideally with OOB capability, but I doubt I can specify this on the Android application when connecting. The requestPairing only have 2 option paired and authorizedPaired, but this only give the paired device capability, what I’m looking for is the authentication but I cannot find anything? Is authenticated and secure BLE connection impossible with those? I known that BLE is not top secure even with those, but I would still need to implement it. Maybe someone have an example of NFC OOB pairing under Qt Android that (s)he could share? That would give some hint. The Qt Bluetooth connection API is hard to follow when I compare to the specs and other embedded BLE stack I work with. I have create the OOB pairing with BLE 4.0 with a few embedded stack, but I cannot figure out how to do this with Qt or Android properly. My device authentication is mandatory (anonymous and unsecure connection are not allowed). Is there a way to do the following with Bluetooth with Qt or even Android java level: 1. Is there any configuration to device capability for authentication? 2. Specify the MITM options? 3. Make OOB capable? 4. PIN entry authentication? 5. Establish a secure 4.0 or secured 4.2 connection? Seem like the pairing/connection/authentication have been highly confused with each other into Qt framework and Android API, it look like a huge ugly mess. Pairing != Authentication Connection != Pairing Connection != Authentication 1. Connection is the way to establish a link with the Bluetooth device, at that point you are on anonymous connection. 2. Authentication is the ability to make sure the connected device is the right one and you can accept or reject the device if it failed to authenticate. 3. Pairing is the act of avoiding the authentication to be needed again by keeping the previous negotiated authentication with the other device between connection. [36E56279] une compagnie [cid:[email protected]] RAPPROCHEZ LA DISTANCE Jérôme Godbout Développeur Logiciel Sénior / Senior Software Developer p: +1 (418) 800-1073 ext.:109 amotus.ca<http://www.amotus-solutions.com/> statum-iot.com<http://statum-iot.com/> [cid:[email protected]]<https://www.facebook.com/LesSolutionsAmotus/> [cid:[email protected]] <https://www.linkedin.com/company/amotus-solutions/> [cid:[email protected]] <https://twitter.com/AmotusSolutions> [cid:[email protected]] <https://www.youtube.com/channel/UCoYpQgsmj1iJZyDjTQ3x8Ig>
_______________________________________________ Interest mailing list [email protected] https://lists.qt-project.org/listinfo/interest
