Gadgetbridge

Page: Pairing types and Auth Key

Activity Analysis

Activity Sessions List

Activity and Sleep Charts

Amazfit Band 5 Firmware Update

Amazfit Band 5

Amazfit Bip Firmware Update

Amazfit Bip Getting Started

Amazfit Bip Lite

Amazfit Bip OS

Amazfit Bip S Firmware Update

Amazfit Bip S

Amazfit Bip

Amazfit Cor 2 Firmware Update

Amazfit Cor 2

Amazfit Cor Firmware Update

Amazfit Cor

Amazfit GTR

Amazfit GTS

BT Protocol Reverse Engineering

Bangle.js

Brainstorming new UI

Calls and SMS

Casio GB 5600B/GB 6900B/GB X6900B

Casio GBX 100

Casio

Companion Device pairing

Configuration

Data Export Import Merging Processing

Developer Documentation

Failed to start background service

Fossil Hybrid HR

HPlus Protocol

HPlus

HUAMI GPS

Heart Rate data sharing

Home

How to Release

Huami Alarms

Huami Button Actions

Huami Deep Sleep Detection

Huami Device Actions

Huami Heartrate measurement

Huami Server Pairing

Incoming call notification on Lineage OS

Log Files

Mi Band 1

Mi Band 2 Firmware Update

Mi Band 2 HMZK Font Format

Mi Band 2

Mi Band 3 Firmware Update

Mi Band 3

Mi Band 4 Firmware Update

Mi Band 4

Mi Band 5 Firmware Update

Mi Band 5

Mi Band Compatibility Issues

Mi Band Firmware Information

Mi Band Firmware Update

Mi Band

Miscellaneous Pebble Tips

Multiple devices

MyKronoz ZeTime

New Device Tutorial

Notifications

Nut

Pairing types and Auth Key

Pairing

Pebble 2 BTLE specifics

Pebble Datalog

Pebble Firmware updates

Pebble Getting Started

Pebble Language Packs

Pebble Links

Pebble System Apps

Pebble Watchfaces

Pebble

PebbleKit Android App Compatibility

Permissions Explained

PineTime

SMS notifications are lost somewhere

Sports Activities Workouts

Starting Activity from the band

Support for a new Device

Test

Translating Gadgetbridge

Watchfaces

Weather

When will a new release appear on f droid

Widget

ZeTime Protocol Analysis

iTag

1 Pairing types and Auth Key

There are several types of Bluetooth pairing machanism: Legacy Pairing and Secure Simple Pairing (SSP)

Legacy Pairing

Each device must enter a PIN code; pairing is only successful if both devices enter the same PIN code.

As for Gadgetbridge, devices just ask for confirmation/number during pairing, this is all.

Secure Simple Pairing (SSP)

SSP pairing is centered around a shared secret between 2 Bluetooth devices.

MAC Address remembering

the watch just remembers phone's BT MAC address as the shared secret

Application determined secret

The key is determined by the App (eg. Gadgetbridge, where we call it Auth Key), sent to the watch and then stored there
The key can be changed in the watch by re-pairing in Gadgetbridge, that means:
- keep the device in Gadgetbridge, disconnect ot by long-press on device name in Gadgetbridge main screen
- remove (unpair) the watch from Android phone Bluetooth pairing (if paired)
- change the Gadgetbridge Auth Key (Gadgetbridge → Device → Settings → Auth Key) (if you erase the key, Gadgetbridge will generate new unique key)
- press the + Add new device floating button
- select the device and confirm the pairing on the watch

Re-using the Auth Key between multiple phones

If you use (copy/paste) the same Auth Key in several Gadgetbridge apps on different mobile devices (phones, tablets), all of them will be able to connect to your device and fetch data.

Vendor determined secret, aka server based pairing

Instead of the app deciding/generating the key, the vendor decides what this key is. For example for Huami devices, since the Bip Lite the key is generated by Huami servers and CANNOT be be decided by Gadgetbridge. This is based on signing, the server signs a random number FROM the watch with a UNKNOWN secret key under their controll hidden away. IIRC the key is derived from the signature and the signature is checked by the watch.

In Gadgetbridge, this means that you must first obtain the secret, before you can pair wour watch with gadgetbridge. See more details in Server based pairing article.

General

Sports/Activities

Device Related

Development

Feature Discussion

FAQ

Download Donate Homepage Blog Wiki