Join GitHub today
Classical BT SPP doesn't ask PIN code when pairing (IDFGH-484) #2774
When using legacy paring on BT SPP, it's expected to ESP32 ask a PIN code before pair with another device, but even setting a code on
ESP32 asks for a PIN when the smartphone is pairing, if this PIN is right, then pair
ESP32 is pairing without any proof of possession, allowing anyone to pair and send commands
I (933) SPP_ACCEPTOR_DEMO: ESP_SPP_INIT_EVT I (953) SPP_ACCEPTOR_DEMO: ESP_SPP_START_EVT I (167523) SPP_ACCEPTOR_DEMO: authentication success: Android phone I (167523) SPP_ACCEPTOR_DEMO: 3f 02 11 55 5a W (169573) BT_RFCOMM: rfc_find_lcid_mcb LCID reused LCID:0x41 current:0x0 W (169573) BT_RFCOMM: RFCOMM_DisconnectInd LCID:0x41 W (179723) BT_APPL: new conn_srvc id:26, app_id:255 I (179723) SPP_ACCEPTOR_DEMO: ESP_SPP_SRV_OPEN_EVT I (195373) SPP_ACCEPTOR_DEMO: speed(179.504532s ~ 195.156723s): 0.003067 kbit/s
Code to reproduce this issue
Basically it's the spp_acceptor example with some changes in the end: Full code is here
Hi, @copercini , When ESP32 pair with smartphone, they will use Secure Simple pairing instead of Legacy Pairing. And fixed pin is used for Legacy Pairing, so, fixed pin will not used.
yes! cool. ok i've been looking around on this exact same issue. Glad to see others have the exact same result as i have found through experimentation.