esp-idf: [regression] 4.4.5 ESP32S3 BLE authentication failure from IOS devices (IDFGH-10659)

Answers checklist.

  • I have read the documentation ESP-IDF Programming Guide and the issue is not addressed there.
  • I have updated my IDF branch (master or release) to the latest version and checked that the issue is present there.
  • I have searched the issue tracker for a similar issue and not found a similar issue.

General issue report

Between the following 2 commits 8b94183c9cb47ede8f02df5598d8b9d68c754860 and 3cec3a0026098d1b027f2103ec154a15baf97318

something changed in the BLE component.

The result of these changes make any IOS device fail to authenticate with error

GATT_TRACE_ERROR( "GATT_INSUF_AUTHENTICATION\n");

using esp provisioning 2.0.14 -> BLE -> encrypted communication selected

Android works fine.

About this issue

  • Original URL
  • State: closed
  • Created a year ago
  • Comments: 40 (26 by maintainers)

Most upvoted comments

@zhp0406 another test to do! use CONFIG_WIFI_PROV_BLE_BONDING set, which is not set by default.

I was able to connect with this on IOS 15, now we have to try IOS16 and IOS17

+1
KonssnoK on Aug 25, 2023

@zhp0406 apparently our patch works only on IOS 15.X but not on IOS 16…

So we are back at square one.

+1
KonssnoK on Aug 24, 2023

@zhp0406 did you have time to check the patch i submitted?

+1
KonssnoK on Aug 23, 2023

@KonssnoK you are right,it’s an app issue.and I will let my colleagues fix it ASAP.

+1
zhp0406 on Aug 15, 2023

@zhp0406 thanks. I guess then it’s an app issue, I will have to make my colleagues aware of it so that it doesn’t happen with our app side too.

I’ll try the patch

+1
KonssnoK on Aug 14, 2023

@zhp0406 i double confirm. once removed the option to force the encryption, also our FW started working with IOS.

So we can go back to the initial discussion, but now we know how to trigger it also on the example.

CONFIG_WIFI_PROV_BLE_FORCE_ENCRYPTION=y

I (01:00:23.554) main: Free internal heap size: 23775 bytes

I (37597) BT_BTM: BTM_InqDbRead: bd addr [6e6186966ecc]

I (37690) BT_GATT: GATT_GetConnIdIfConnected status=1

I (37692) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (37720) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (37723) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (37780) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (37840) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (37900) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (37975) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38035) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38095) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38155) BT_GATT: GATTS_SendRsp: conn_id: 1  trans_id: 1  Status: 0x0000

I (38156) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38215) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38275) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38335) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38395) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38455) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38515) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38575) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38635) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38695) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38697) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 2  Status: 0x0000

I (38698) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38755) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38757) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 3  Status: 0x0000

I (38758) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38815) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38817) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 4  Status: 0x0000

I (38818) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38875) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38877) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 5  Status: 0x0000

I (38878) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38935) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38937) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 6  Status: 0x0000

I (38938) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (38995) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (38998) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 7  Status: 0x0000

I (38999) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (39055) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (39057) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 8  Status: 0x0000

I (39058) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (40795) BT_GATT: GATTS_SendRsp: conn_id: 2  trans_id: 9  Status: 0x0000

I (40796) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 6e6186966ecc
I (01:01:00.348) offline: object saved to PSRAM, free 2096481
I (01:01:04.345) processor: send status... (60994ms)
+1
KonssnoK on Aug 3, 2023

@KonssnoK You are correct. When I use the provisioning app, there doesn’t seem to be any request for pairing. It goes directly to the pop-up page. So, how can I trigger the pairing process?

+1
zhp0406 on Aug 3, 2023

Working provisioning app

I (678) wifi:mode : sta (7c:df:a1:e0:74:40)
I (678) wifi:enable tsf
I (678) BLE_INIT: BT controller compile version [963cad4]
I (678) BLE_INIT: Bluetooth MAC: 7c:df:a1:e0:74:42

I (688) BT_BTM: btm_sec_set_security_level : sec: 0x0

I (688) BT_BTM: BTM_SEC_REG[0]: id 50, is_orig 1, psm 0x001f, proto_id 0, chan_id 0

I (698) BT_BTM:                : sec: 0x80, service name [] (up to 21 chars saved)

I (708) BT_BTM: btm_sec_set_security_level : sec: 0x0

I (708) BT_BTM: BTM_SEC_REG[0]: id 50, is_orig 0, psm 0x001f, proto_id 0, chan_id 0

I (718) BT_BTM:                : sec: 0x80, service name [] (up to 21 chars saved)

I (728) BT_GATT: GATT_Register
I (738) BT_GATT: allocated gatt_if=1

I (738) BT_GATT: GATT_StartIf gatt_if=1
I (738) BT_GATT: GATTS_CreateService

I (748) BT_GATT: GATTS_StartService
I (748) BT_GATT: GATT_Register
I (758) BT_GATT: allocated gatt_if=2

I (758) BT_GATT: GATT_StartIf gatt_if=2
I (768) BT_GATT: GATTS_CreateService

I (768) BT_GATT: GATTS_StartService
I (788) BT_BTM: BTM_SetPageScanType

I (788) BT_BTM: BTM_SetInquiryScanType

I (788) BT_GATT: GATT_Register
I (788) BT_GATT: allocated gatt_if=3

I (788) BT_GATT: GATT_StartIf gatt_if=3
I (798) BT_GATT: GATTS_CreateService

I (808) BT_GATT: GATTS_StartService
I (808) BT_APPL: BTA_DmSetBleAdvParamsAll: 256, 256

I (808) BT_APPL: adv_type = 0, addr_type_own = 0, chnl_map = 7, adv_fil_pol = 0

I (818) wifi_prov_mgr: Provisioning started with service name : PROV_E07440 
I (828) app: Provisioning started
I (828) app: If QR code is not visible, copy paste the below URL in a browser.
https://espressif.github.io/esp-jumpstart/qrcode.html?data={"ver":"v1","name":"PROV_E07440","pop":"abcd1234","transport":"ble"}
I (472788) BT_BTM: BTM_InqDbRead: bd addr [4e283631e018]

I (472848) BT_GATT: GATT_GetConnIdIfConnected status=1

I (472848) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (472868) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (472868) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (472908) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (472948) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (472978) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473078) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473148) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473228) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473298) BT_GATT: GATTS_SendRsp: conn_id: 1  trans_id: 1  Status: 0x0000

I (473298) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473378) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473448) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473528) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473598) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473678) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473748) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473828) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473898) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (473978) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (473978) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 2  Status: 0x0000

I (473978) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (474048) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (474048) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 3  Status: 0x0000

I (474048) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (474128) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (474128) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 4  Status: 0x0000

I (474128) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (474198) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (474198) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 5  Status: 0x0000

I (474198) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (474278) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (474278) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 6  Status: 0x0000

I (474278) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (474348) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (474348) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 7  Status: 0x0000

I (474348) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 4e283631e018
I (477158) BT_GATT: GATT_GetConnIdIfConnected status=0

W (477168) BT_HCI: hcif disc complete: hdl 0x1, rsn 0x13
I (477168) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (477168) BT_APPL: BTA_DmSetBleAdvParamsAll: 256, 256

I (477178) BT_APPL: adv_type = 0, addr_type_own = 0, chnl_map = 7, adv_fil_pol = 0

non-working internal FW

I (131488) wifi:Set ps type: 1

I (131491) wifi:enable tsf
I (131497) ESPNOW: espnow [version: 1.0] init
I (01:02:10.498) prov_BLE: Starting BLE provisioning
I (01:02:10.505) BLE_INIT: BT controller compile version [963cad4]
I (01:02:10.510) BLE_INIT: Bluetooth MAC: 7c:df:a1:ff:a5:16

I (131518) BT_BTM: btm_sec_set_security_level : sec: 0x0

I (131521) BT_BTM: BTM_SEC_REG[0]: id 50, is_orig 1, psm 0x001f, proto_id 0, chan_id 0

I (131530) BT_BTM:                : sec: 0x80, service name [] (up to 21 chars saved)

I (131539) BT_BTM: btm_sec_set_security_level : sec: 0x0

I (131545) BT_BTM: BTM_SEC_REG[0]: id 50, is_orig 0, psm 0x001f, proto_id 0, chan_id 0

I (131554) BT_BTM:                : sec: 0x80, service name [] (up to 21 chars saved)

I (131562) BT_GATT: GATT_Register
I (131567) BT_GATT: allocated gatt_if=1

I (131571) BT_GATT: GATT_StartIf gatt_if=1
I (131576) BT_GATT: GATTS_CreateService

I (131581) BT_GATT: GATTS_StartService
I (131586) BT_GATT: GATT_Register
I (131589) BT_GATT: allocated gatt_if=2

I (131594) BT_GATT: GATT_StartIf gatt_if=2
I (131599) BT_GATT: GATTS_CreateService

I (131604) BT_GATT: GATTS_StartService
I (131626) BT_BTM: BTM_SetPageScanType

I (131626) BT_BTM: BTM_SetInquiryScanType

I (131629) BT_GATT: GATT_Register
I (131630) BT_GATT: allocated gatt_if=3

I (01:02:10.632) wifi_prov_mgr: Provisioning started with service name : TIKO_FFA514 
I (131633) BT_GATT: GATT_StartIf gatt_if=3
I (01:02:10.643) prov_BLE: Provisioning started
I (131647) BT_GATT: GATTS_CreateService

I (131664) BT_GATT: GATTS_StartService
I (131665) BT_APPL: BTA_DmSetBleAdvParamsAll: 256, 256

I (131666) BT_APPL: adv_type = 0, addr_type_own = 0, chnl_map = 7, adv_fil_pol = 0

I (140602) BT_BTM: BTM_InqDbRead: bd addr [464c485c042d]

I (140703) BT_GATT: GATT_GetConnIdIfConnected status=1

I (140704) BT_L2CAP: L2CA_SetDesireRole() new:x1, disallow_switch:0
I (140733) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (140735) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (140793) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (140853) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (140913) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141021) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141096) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141171) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141246) BT_GATT: GATTS_SendRsp: conn_id: 1  trans_id: 1  Status: 0x0000

I (141247) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141321) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141396) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141471) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141546) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141621) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141696) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141771) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141846) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141921) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (141923) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 2  Status: 0x0000

I (141924) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (141996) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (141997) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 3  Status: 0x0000

I (141999) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (142071) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (142073) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 4  Status: 0x0000

I (142074) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (142146) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (142147) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 5  Status: 0x0000

I (142149) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
I (142221) BT_GATT: GATT_GetConnectionInfor conn_id=3
I (142223) BT_GATT: GATTS_SendRsp: conn_id: 3  trans_id: 6  Status: 0x0000

I (142224) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
E (142296) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_ENCRYPTION
I (142296) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0004  BDA: 464c485c042d
W (142374) BT_SMP: Non bonding: No keys will be exchanged
I (142376) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0006  BDA: 464c485c042d
I (168708) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0006  BDA: 464c485c042d
I (168714) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0006  BDA: 464c485c042d
I (168807) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0006  BDA: 464c485c042d
I (168884) BT_L2CAP: L2CA_SendFixedChnlData()  CID: 0x0006  BDA: 464c485c042d
W (168957) BT_SMP: FOR LE SC LTK IS USED INSTEAD OF STK
E (169183) BT_GATT: gatts_write_attr_perm_check - GATT_INSUF_ENCRYPTION

we didn’t touch the BLE, the whole code of esp-idf is shared beetween the 2 applications.

We had the following differences in sdkconfig

  • CONFIG_BT_CTRL_DFT_TX_POWER_LEVEL_P6
  • CONFIG_BT_CTRL_DFT_TX_POWER_LEVEL_EFF=10
  • logging to Warning
  • CONFIG_BT_MULTI_CONNECTION_ENBALE=n
+1
KonssnoK on Aug 3, 2023
Read more comments on GitHub
← esp-idf: register_chipv7_phy does not return, and makes the watchdog to call panic() (IDFGH-11529)
esp-idf: Ringbuffer timeouts in certain cases (IDFGH-5624) →