Login/Register
Bluetooth Secure Simple Pairing (SSP) using QR code as Out of Band (OOB) channel
Asked Answered
androidbluetoothqr-codeandroid-bluetoothbluetooth-oob
L

1

12

I have a Windows 7 application, which uses Stollmann SDK to successfully bond PC with Android. The bidirectional exchange of Bluetooth MAC address, hash and randomizer is carried out out of band via NFC:

application with qr code

The source code of the Windows application unfortunately can not be shared here. On the Android side no app is needed and the Secure Simple Pairing is performed by the operating system (by HandoverManager?) once an NDEF message with application/vnd.bluetooth.ep.oob is received.

Now I am trying to create an Android app, which would use unidirectional authentication to perform OOB pairing via scanned QR code (instead of NFC).

A custom QR code would be shown at PC screen (generated by ZXing.Net) and contain Bluetooth MAC address, hash and randomizer.

However OOB bonding seems to be not implemented yet in Android -

BluetoothAdapter.java:

/**
 * Read the local Out of Band Pairing Data
 * <p>Requires {@link android.Manifest.permission#BLUETOOTH}
 *
 * @return Pair<byte[], byte[]> of Hash and Randomizer
 *
 * @hide
 */
public Pair<byte[], byte[]> readOutOfBandData() {
    if (getState() != STATE_ON) return null;
    //TODO(BT
    /*
    try {
        byte[] hash;
        byte[] randomizer;

        byte[] ret = mService.readOutOfBandData();

        if (ret  == null || ret.length != 32) return null;

        hash = Arrays.copyOfRange(ret, 0, 16);
        randomizer = Arrays.copyOfRange(ret, 16, 32);

        if (DBG) {
            Log.d(TAG, "readOutOfBandData:" + Arrays.toString(hash) +
              ":" + Arrays.toString(randomizer));
        }
        return new Pair<byte[], byte[]>(hash, randomizer);

    } catch (RemoteException e) {Log.e(TAG, "", e);}*/
    return null;
}

BluetoothDevice.java:

/**
 * Start the bonding (pairing) process with the remote device using the
 * Out Of Band mechanism.
 *
 * <p>This is an asynchronous call, it will return immediately. Register
 * for {@link #ACTION_BOND_STATE_CHANGED} intents to be notified when
 * the bonding process completes, and its result.
 *
 * <p>Android system services will handle the necessary user interactions
 * to confirm and complete the bonding process.
 *
 * <p>Requires {@link android.Manifest.permission#BLUETOOTH_ADMIN}.
 *
 * @param hash - Simple Secure pairing hash
 * @param randomizer - The random key obtained using OOB
 * @return false on immediate error, true if bonding will begin
 *
 * @hide
 */
public boolean createBondOutOfBand(byte[] hash, byte[] randomizer) {
    //TODO(BT)
    /*
    try {
        return sService.createBondOutOfBand(this, hash, randomizer);
    } catch (RemoteException e) {Log.e(TAG, "", e);}*/
    return false;
}

/**
 * Set the Out Of Band data for a remote device to be used later
 * in the pairing mechanism. Users can obtain this data through other
 * trusted channels
 *
 * <p>Requires {@link android.Manifest.permission#BLUETOOTH_ADMIN}.
 *
 * @param hash Simple Secure pairing hash
 * @param randomizer The random key obtained using OOB
 * @return false on error; true otherwise
 *
 * @hide
 */
public boolean setDeviceOutOfBandData(byte[] hash, byte[] randomizer) {
  //TODO(BT)
  /*
  try {
    return sService.setDeviceOutOfBandData(this, hash, randomizer);
  } catch (RemoteException e) {Log.e(TAG, "", e);} */
  return false;
}

My question:

Since OOB Bluetooth pairing works well over NFC on Android - do you think there is a (hackish) way to do the same via QR code?

Maybe (crazy idea) by feeding HandoverManager with a fake NDEF message?

Loopy answered 24/6, 2015 at 13:7 Comment(3)
I don't know if it's possible, but I love your crazy idea. Here is a shot in the dark which I do not have the time to test right now, but does the NFC send a Broadcast when triggered? play.google.com/store/apps/…Coagulate
I love this idea too. I have some headphones that are pleasure to pair with any device that supports NFC, but an absolute pain in the ass on anything else. It would be amazing to be able to initiate pairing for a seperate device via my phone.Lakisha
Hello, I can see this question was created 8 years ago. I wonder whether the industry has changed since. Based on google results it looks rather pessimistic. I experimented successfully with NFC yesterday but so far did not find a similar equivalent for QR codes. Has anyone ever got close to a working solution based on QR scanning?Emlynn
C
2

You can not fake the NFC broadcast which is actually posted by NFC service app when it detects the NFC tag. Since this is a protected broadcast non system apps can not broadcast the intent.

Conquistador answered 24/6, 2015 at 16:28 Comment(3)
Ok it makes sense that my app can not inject some system "event" or intent... but maybe I can just call HandoverManager and pass it my NDEF message? Also the purpose of my question is to find a way to perform "Secure Simple Pairing" over QR code (as OOB channel). This does not have to be some fake NFC message - maybe there is some better way.Loopy
Sorry for my incomplete answer. IMHO HandOverManager class may not be accessible directly as it is under nfc service package, you can experiment using Reflection.Conquistador
Check this it may be helpful to you. github.com/Mobisocial/EasyNFC/blob/master/src/main/java/…Conquistador

© 2022 - 2024 — McMap. All rights reserved.