opensourcemirror
/
Gadgetbridge
mirror of https://codeberg.org/Freeyourgadget/Gadgetbridge.git
1
0
Fork 0
Code Issues Releases Wiki Activity
Page: Pairing types and Auth Key
Pages
Activity Analysis Activity Sessions List Activity and Sleep Charts Amazfit Active Edge Amazfit Active Amazfit Balance Amazfit Band 5 Firmware Update Amazfit Band 5 Amazfit Band 7 Amazfit Bip 3 Pro Amazfit Bip 5 Amazfit Bip Firmware Update Amazfit Bip Getting Started Amazfit Bip Lite Amazfit Bip OS Amazfit Bip S Firmware Update Amazfit Bip S Amazfit Bip U Firmware Update Amazfit Bip U Amazfit Bip Amazfit Cheetah Pro Amazfit Cheetah Amazfit Cor 2 Firmware Update Amazfit Cor 2 Amazfit Cor Firmware Update Amazfit Cor Amazfit Falcon Amazfit GTR 3 Pro Amazfit GTR 3 Amazfit GTR 4 Amazfit GTR Mini Amazfit GTR Amazfit GTS 3 Amazfit GTS 4 Mini Amazfit GTS 4 Amazfit GTS Amazfit Neo Amazfit T Rex 2 Amazfit T Rex Ultra BT Protocol Reverse Engineering Bangle.js Bluetooth Intent API Brainstorming new UI Calls and SMS Casio GB 5600B/GB 6900B/GB X6900B/STB 1000 Casio GBX 100/GBD 200 Casio Companion Device pairing Configuration Data Export Import Merging Processing Developer Documentation FAQ Failed to start background service Femometer Vinca II Find phone Firmware Update FitPro Flipper Zero Fossil Hybrid HR Galaxy Buds Garmin devices HPlus Protocol HPlus HUAMI GPS Heart Rate data sharing Home How to Release Huami 2021 Issues Huami Alarms Huami Button Actions Huami Deep Sleep Detection Huami Device Actions Huami Heartrate measurement Huami Server Pairing Incoming call notification on Lineage OS Integrating with Sports Tracking apps Intent API Log Files Mi Band 1 Mi Band 2 Firmware Update Mi Band 2 HMZK Font Format Mi Band 2 Mi Band 3 Firmware Update Mi Band 3 Mi Band 4 Firmware Update Mi Band 4 Mi Band 5 Firmware Update Mi Band 5 Mi Band 6 Firmware Update Mi Band 6 Mi Band 7 Mi Band Compatibility Issues Mi Band Firmware Information Mi Band Firmware Update Mi Band Miscellaneous Pebble Tips Multiple devices Music info MyKronoz ZeTime New Device Tutorial New Website Nothing Ear (1) Notifications Nut OpenTracks API Pairing types and Auth Key Pairing Pebble 2 BTLE specifics Pebble Datalog Pebble Firmware updates Pebble Getting Started Pebble Language Packs Pebble Links Pebble Pairing Pebble System Apps Pebble Watchfaces Pebble PebbleKit Android App Compatibility Permissions Explained PineTime Restore from Titanium Backup SMA SMS notifications are lost somewhere Sony Headphones Sony Wena 3 Sports Activities Workouts SuperCars Support for a new Device Test Translating Gadgetbridge Watchfaces Weather When will a new release appear on f droid Widget WithingsSteel ZeTime Protocol Analysis Zepp OS iTag
2 Pairing types and Auth Key
Petr Vaněk edited this page 2022-01-04 19:13:51 +01:00
Table of Contents

There are several types of Bluetooth pairing machanism: Legacy Pairing and Secure Simple Pairing (SSP)

Legacy Pairing

Each device must enter a PIN code; pairing is only successful if both devices enter the same PIN code.

As for Gadgetbridge, devices just ask for confirmation/number during pairing, this is all.

Secure Simple Pairing (SSP)

SSP pairing is centered around a shared secret between 2 Bluetooth devices.

MAC Address remembering

  • the watch just remembers phone's BT MAC address as the shared secret

Application determined secret

  • The key is determined by the App (eg. Gadgetbridge, where we call it Auth Key), sent to the watch and then stored there
  • The key can be changed in the watch by re-pairing in Gadgetbridge, that means:
    • keep the device in Gadgetbridge, disconnect ot by long-press on device name in Gadgetbridge main screen
    • remove (unpair) the watch from Android phone Bluetooth pairing (if paired)
    • change the Gadgetbridge Auth Key (Gadgetbridge → Device → Settings → Auth Key) (if you erase the key, Gadgetbridge will generate new unique key)
    • press the + Add new device floating button
    • select the device and confirm the pairing on the watch

Re-using the Auth Key between multiple phones

If you use (copy/paste) the same Auth Key in several Gadgetbridge apps on different mobile devices (phones, tablets), all of them will be able to connect to your device and fetch data.

Vendor determined secret, aka server based pairing

Instead of the app deciding/generating the key, the vendor decides what this key is. For example for Huami devices, since the Bip Lite the key is generated by Huami servers and CANNOT be be decided by Gadgetbridge. This is based on signing, the server signs a random number FROM the watch with a UNKNOWN secret key under their control hidden away. IIRC the key is derived from the signature and the signature is checked by the watch.

In Gadgetbridge, this means that you must first obtain the secret, before you can pair your watch with Gadgetbridge. See more details in Server based pairing article.

Gadgetbridge

NEW WEBSITE

General

Sports/Activities

Smart Device Related

Wireless Earbuds

Others

Full list of supported devices

Development

Feature Discussion

FAQ

Build Code Quality: Java Total Alerts

Get it on F-Droid Donate

Download Donate Homepage Blog Wiki