问题
I am creating an BLE connection between a ble device and a mobile. the connection is first unsecured but will be updated to LESC just works from device side.
This works fine so far.
In Android (target SDK 28) I want to check (better getting an callback) if bluetooth connection is encrypted. I am using a BLE UART Service example.
I have access to an BluetoothGatt and BluetoothDevice object. But all methods, variables I found are either private or @SystemApi.
Can anyone help?
Following some part of class declaration showing the available objects:
public class UARTService extends Service {
private final static String TAG = UARTService.class.getSimpleName();
private BluetoothManager mBluetoothManager;
private BluetoothAdapter mBluetoothAdapter;
private String mBluetoothDeviceAddress;
private BluetoothGatt mBluetoothGatt;
...
}
回答1:
Sorry but I don't think you can, which really sucks. According to the Bluetooth specification one should be able to specify a security level for every GATT request, which you can do with for example Windows's BLE API. But Android doesn't seem to have that feature. Without that feature, it kind of destroys the whole idea of BLE security. You can check if the device is bonded but that is not a guarantee for the connection being encrypted.
https://developer.android.com/reference/android/bluetooth/BluetoothDevice#createL2capChannel(int) however can be used to force a MITM-secured link if you use L2CAP CoC, but you even then can't force LESC (Legacy MITM-pairing might be used which doesn't really protect from MITM at all).
来源:https://stackoverflow.com/questions/58746238/how-to-find-out-if-bluetooth-connection-is-encrypted