ESP32 ble-beta demo failing with GATT_INSUF_AUTHENTICATION: MITM required

system · April 17, 2019, 9:08pm

deanholdren wrote on April 17, 2019:

I’m using the features/ble-beta branch on an ESP32-DevkitC.
I also have the iOS Amazon FreeRTOS Client demo app running on my phone.
when I’m running the app, I see the device listed, and when I click on it, I get the pairing pop-up, and click pair, but then nothing seems to work. It doesn’t look like the pairing is acknowledged by the device. I’m trying to get WIFI Provisioning over BLE working. This is the output from make flash monitor


I (457) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
W (457) phy_init: failed to load RF calibration data (0x1102), falling back to full calibration
I (707) phy: phy_version: 4008, c9ae59f, Jan 25 2019, 16:54:06, 0, 2
2 79 [iot_thread] [INFO ][COMMON][790] Common libraries successfully initialized.
I (1107) wifi: wifi driver task: 3ffde258, prio:23, stack:3584, core=0
I (1107) wifi: wifi firmware version: c20ae09
I (1107) wifi: config NVS flash: enabled
I (1107) wifi: config nano formating: disabled
I (1107) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (1117) system_api: Base MAC address is not set, read default base MAC address from BLK0 of EFUSE
I (1147) wifi: Init dynamic tx buffer num: 64
I (1147) wifi: Init data frame dynamic rx buffer num: 64
I (1147) wifi: Init management frame dynamic rx buffer num: 64
I (1147) wifi: Init static rx buffer size: 1600
I (1147) wifi: Init static rx buffer num: 16
I (1157) wifi: Init dynamic rx buffer num: 64
3 87 [iot_thread] [INFO ][MQTT][870] MQTT library successfully initialized.
4 122 [Btc_task] [INFO ][DEMO][1220] BLE Connected to remote device, connId = 0

5 122 [iot_thread] [INFO ][DEMO][1220] MQTT demo client identifier is esp32_devkitc_dean1 (length 19).
6 128 [Btc_task] Changing MTU size for BLE connection from 512 to 185
E (2227) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (2567) BT_SMP: Value for numeric comparison = 566846
7 229 [InputTask] Numeric comparison:566846
8 230 [InputTask] Press 'y' to confirm
E (37517) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (37667) BT_BTM: BTM_GetSecurityFlags false

E (37667) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (37837) BT_BTM: BTM_GetSecurityFlags false

E (37837) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (38017) BT_BTM: BTM_GetSecurityFlags false

E (38017) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (38197) BT_BTM: BTM_GetSecurityFlags false

E (38197) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (38417) BT_BTM: BTM_GetSecurityFlags false

E (38427) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_AUTHENTICATION: MITM required
E (38507) BT_BTM: BTM_GetSecurityFlags false

E (40487) BT_BTM: BTM_GetSecurityFlags false

Edited by: deanholdren on Apr 17, 2019 2:08 PM

system · April 22, 2019, 7:08am

DanielH-aws wrote on April 22, 2019:

Hi @deanholdren,

From your transcript, it looks like the ESP32 demo is waiting for you to press ‘y’ on the serial console in order to acknowledge the pairing request and confirm that the displayed numeric code matches the one on your mobile device. Are you able to do so?

See [https://github.com/aws/amazon-freertos/blob/release-1.5/demos/ble/iot_ble_numericComparison.c#L87]. I’m linking to the release-1.5 branch here, which has merged in all of the changes from features/ble-beta

Once you’ve hit ‘y’, you should see a subsequent configPrintf message indicating that the key was accepted.