Linux Format - UK (2019-12)

(Antfer) #1
54 LXF256 December 2019 http://www.linuxformat.com

TUTORIALS Pi Bluetooth


WHY IS IT CALLED BLUETOOTH?


In 1997 Jim Kardach, an engineer from Intel, proposed the name
Bluetooth for the system he had developed that enabled cellular
devices to communicate with computers using a short-range wireless
link. Bluetooth was taken from the name of the second king of
Denmark, Harald Bluetooth, who reined from c. 958-986. The king
was credited with uniting different Scandinavian tribes into a single
kingdom. King Harald united the Danish counties in the same way
that Bluetooth unites multiple devices through one universal
standard communication protocol.
The idea for Bluetooth protocol originated with the Ericsson
cellphone company. Ericsson engineers were developing a wireless
method of attaching other devices to the cellphones. The original
Bluetooth Special Interest Group (SIG) was formed by Ericsson, Intel,
IBM, Nokia and Toshiba in 1996. Other companies such as Microsoft,
Apple and Lenovo have since joined. The SIG is responsible for
maintaining Bluetooth standards.

The Bluetooth specification defines four security
modes. A Bluetooth device must operate in one of
these four modes. Bluetooth devices in Security Mode 1
are non-secure – so if you’re looking for a device and it
specifies Security Mode 1, bear in mind the
communication is not secure.
Security Mode 2 is a service-level security mode that
is enforced where a local security manager controls
access to specific services. In this mode, deciding
whether a specific device is allowed to have access to
a specific service is available. This mode supports
authentication and encryption.
Security Mode 3 is the link level-enforced security
mode, where security procedures are initiated before
the physical link is fully established. Devices operating in
this mode mandate authentication and encryption for
all connections. Even service discovery is not possible
until after authentication, encryptions and authorisation
have been accomplished.
With Mode 3, even though link-level security is in
place it is still a good idea to have Mode 2 service level
to prevent authentication abuse – that is, a device being
able to authenticate without your knowledge. Typically,
Bluetooth service discovery can be performed prior to
any security challenges (authentication, encryption
and/or authorisation). Establishing Mode 3 level
security before Mode 2 provides enhanced security.
Security Mode 4 requires encryption for all services,
with the exception of Service Discovery. Security
requirements for services protected by Security Mode
4 must be classified as one of the following:
authenticated link key required, unauthenticated link

key required, or no security required. Mode 4 is
mandatory for communication between Bluetooth v2.1
devices, but can fall back to lower security modes for
compatibility when communicating with Bluetooth v2.0
or earlier devices.
So while there are four Security Modes for
Bluetooth, only three actually provide some level of
security. A device can be labelled as supporting
Security Mode 1 but that just means it has no security
features. Bluetooth does not address additional
security requirements such as audit, integrity and non-
repudiation. These requirements would need to be
provided through additional means.
The components and features that provide
Bluetooth security such as pairing and authentication
we will see in action shortly through the command line.

Bluetooth install
There are a number of commands that can be used to
determine the version of the Bluetooth protocol stack
deployed in a Linux-based OS. Depending on the
command, the resultant output can be as short as a
version number, or more details in addition to the
version number.
To get an idea of the different levels of version
details provided, try using any of the following
commands from the command line on a Pi: apt show -a
bluez , apt-cache policy bluez , apt list -a bluez ,
bluetoothctl -v or bluetoothd -v. The resulting output
should indicate that a Bluetooth protocol stack version
of 5.43 is deployed with the Raspbian OS– Raspbian
Buster and later will already come equipped with
version 5.50 or later.
We’ll assume that you have sufficient knowledge to
prepare a Raspberry Pi with the Raspbian OS and
establish a terminal connection to the Pi from a PC.
Before starting the exercises in this tutorial let’s
refresh the Raspbian OS to ensure all repositories and
software loads are current. Log in to the Pi and from the
command line interface (CLI) enter the following:
sudo apt-get update -y;sudo apt-get upgrade -y
Issue the following command to ensure the
dependencies are met for the replacement Bluetooth
protocol stack software installation:
sudo apt install -y libdbus-1-dev libglib2.0-dev libudev-
dev libical-dev libreadline-dev
To install/upgrade the replacement protocol stack
we need to download and compile the latest version of
the source code. The Raspbian software repository call
apt-get will not work because the version in the
repository will be the version currently installed.
We need to obtain the replacement software from
the source. Grab the tarball from the repository and
uncompress the file in the Pi’s home directory. After
unrolling the tarball, change to the new directory and
issue the command to clean out the old BlueZ libraries.
Finally, run the command sequence to compile the
software. All that can be done with:
wget https://mirrors.edge.kernel.org/pub/linux/
Bluetooth/bluez-5.50.tar.xz
tar -xvf bluez-5.50.tar.xz
cd bluez-5.50/
sudo rm -r /usr/lib/Bluetooth
./configure --prefix=/usr --mandir=/usr/share/man
--sysconfdir=/etc --localstatedir=/var --enable-

This tutorial
was inspired by
‘Baby Bluetooth
Steps on
Raspberry Pi 3’
at http://www.sigmdel.
ca/michel/
index_en.html.

The building blocks
for communicating
Bluetooth devices.

Applications Applications

MD SD

TCP/IP OBEX TCP/IP OBEX
PPP PPP
RFCOMM TCS RFCOMM TCS

AT AT

L2CAP L2CAP
Host Control Interface Host Control Interface
Link Managment Protocol Link Managment Protocol
Baseband Baseband
Radio Frequency Radio Frequency

SDP SDP

54 LXF256December 2019 5552Decmbr 019g2u 1


TUTORIALS Pi Bluetooth


WHY IS IT CALLED BLUETOOTH?


In 1997 Jim Kardach, an engineer from Intel, proposed the name
Bluetooth for the system he had developed that enabled cellular
devices to communicate with computers using a short-range wireless
link. Bluetooth was taken from the name of the second king of
Denmark, Harald Bluetooth, who reined from c. 958-986. The king
was credited with uniting different Scandinavian tribes into a single
kingdom. King Harald united the Danish counties in the same way
that Bluetooth unites multiple devices through one universal
standard communication protocol.
The idea for Bluetooth protocol originated with the Ericsson
cellphone company. Ericsson engineers were developing a wireless
method of attaching other devices to the cellphones. The original
Bluetooth Special Interest Group (SIG) was formed by Ericsson, Intel,
IBM, Nokia and Toshiba in 1996. Other companies such as Microsoft,
Apple and Lenovo have since joined. The SIG is responsible for
maintaining Bluetooth standards.

The Bluetooth specification defines four security
modes. A Bluetooth device must operate in one of
these four modes. Bluetooth devices in Security Mode 1
are non-secure – so if you’re looking for a device and it
specifies Security Mode 1, bear in mind the
communication is not secure.
Security Mode 2 is a service-level security mode that
is enforced where a local security manager controls
access to specific services. In this mode, deciding
whether a specific device is allowed to have access to
a specific service is available. This mode supports
authentication and encryption.
Security Mode 3 is the link level-enforced security
mode, where security procedures are initiated before
the physical link is fully established. Devices operating in
this mode mandate authentication and encryption for
all connections. Even service discovery is not possible
until after authentication, encryptions and authorisation
have been accomplished.
With Mode 3, even though link-level security is in
place it is still a good idea to have Mode 2 service level
to prevent authentication abuse – that is, a device being
able to authenticate without your knowledge. Typically,
Bluetooth service discovery can be performed prior to
any security challenges (authentication, encryption
and/or authorisation). Establishing Mode 3 level
security before Mode 2 provides enhanced security.
Security Mode 4 requires encryption for all services,
with the exception of Service Discovery. Security
requirements for services protected by Security Mode
4 must be classified as one of the following:
authenticated link key required, unauthenticated link

key required, or no security required. Mode 4 is
mandatory for communication between Bluetooth v2.1
devices, but can fall back to lower security modes for
compatibility when communicating with Bluetooth v2.0
or earlier devices.
So while there are four Security Modes for
Bluetooth, only three actually provide some level of
security. A device can be labelled as supporting
Security Mode 1 but that just means it has no security
features. Bluetooth does not address additional
security requirements such as audit, integrity and non-
repudiation. These requirements would need to be
provided through additional means.
The components and features that provide
Bluetooth security such as pairing and authentication
we will see in action shortly through the command line.

Bluetooth install
There are a number of commands that can be used to
determine the version of the Bluetooth protocol stack
deployed in a Linux-based OS. Depending on the
command, the resultant output can be as short as a
version number, or more details in addition to the
version number.
To get an idea of the different levels of version
details provided, try using any of the following
commands from the command line on a Pi: apt show -a
bluez , apt-cache policy bluez , apt list -a bluez ,
bluetoothctl -v or bluetoothd -v. The resulting output
should indicate that a Bluetooth protocol stack version
of 5.43 is deployed with the Raspbian OS– Raspbian
Buster and later will already come equipped with
version 5.50 or later.
We’ll assume that you have sufficient knowledge to
prepare a Raspberry Pi with the Raspbian OS and
establish a terminal connection to the Pi from a PC.
Before starting the exercises in this tutorial let’s
refresh the Raspbian OS to ensure all repositories and
software loads are current. Log in to the Pi and from the
command line interface (CLI) enter the following:
sudo apt-get update -y;sudo apt-get upgrade -y
Issue the following command to ensure the
dependencies are met for the replacement Bluetooth
protocol stack software installation:
sudo apt install -y libdbus-1-dev libglib2.0-dev libudev-
dev libical-dev libreadline-dev
To install/upgrade the replacement protocol stack
we need to download and compile the latest version of
the source code. The Raspbian software repository call
apt-get will not work because the version in the
repository will be the version currently installed.
We need to obtain the replacement software from
the source. Grab the tarball from the repository and
uncompress the file in the Pi’s home directory. After
unrolling the tarball, change to the new directory and
issue the command to clean out the old BlueZ libraries.
Finally, run the command sequence to compile the
software. All that can be done with:
wget https://mirrors.edge.kernel.org/pub/linux/
Bluetooth/bluez-5.50.tar.xz
tar -xvf bluez-5.50.tar.xz
cd bluez-5.50/
sudo rm -r /usr/lib/Bluetooth
./configure --prefix=/usr --mandir=/usr/share/man
--sysconfdir=/etc --localstatedir=/var --enable-

Thistutorial
wasinspiredby
‘BabyBluetooth
Stepson
RaspberryPi3’
atwww.sigmdel.
ca/michel/
index_en.html.

The building blocks
for communicating
Bluetooth devices.


Applications Applications

MD SD

TCP/IP OBEX TCP/IP OBEX
PPP PPP
RFCOMM TCS RFCOMM TCS

AT AT

L2CAP L2CAP
HostControlInterface HostControlInterface
LinkManagmentProtocol LinkManagmentProtocol
Baseband Baseband
RadioFrequency RadioFrequency

SDP SDP
Free download pdf