Secure Pair with Bumble - tips?

[mscottwvc]

I'm drinking from the firehose here and trying to pair a BLE device that uses secure pairing with Bumble. I have full wireshark logs of a successful pairing with the device. For a starting reference point the pairing response calls out: AuthReq:Bonding, MITM, SecureConnection Initiator keys: LTK, IRK and responder keys LTK, IRK

I started with the run_connect_and_encrypt.py script and havent gotten far. Right now its stuck on connecting to the target.
For the config I have what I started with device1.json and updated the mac with what I believe to be an acceptable mac address: AC:5A:FC:A5:A2:E3 right now the rest of the config is the same. I assume I'm missing a lot of stuff, however I thought it would at least get through the connect step so something basic must be wrong.

Debug log shows status pending, opcode HCI_LE_EXTENDED_CREATE_CONNECTION_COMMAND

[zxzxwu]

Could you provide a full log - including Bumble log, snoop log and the details of your environment?

A common mistake is that you are providing an address with wrong address type. XX:XX:XX:XX:XX:XX will be considered random address, while XX:XX:XX:XX:XX:XX/P is public.

[mscottwvc]

Ah thanks! Yes I was missing the /P and now I got past the connection part. Log is attached, device in pairing has mac A0:9E:1A:BA:E1:7F
pairBlack.log
Bumble is running in ubuntu with USB transport to bluetooth adapter.

Now I get keys not found in key store. So the IRK is in the config file, but is Bumble capable of generating the rest of the keys I need or do I need to write that part?

[zxzxwu]

run_connect_and_encrypt.py doesn't include a pairing session. If you want to try pairing, you need to use apps/pair.py example.

[mscottwvc]

Ah thanks!

[mscottwvc]

So far when I try to pair to my watch, the watch crashes....

[mscottwvc]

my pairing request packet is:
07000600010400d100303
However from my log I "want to" send (from the log at least):
070006000104002d100f0f

the 2 in the 2d I dont think matters because in the original response the device doesnt support ct2
However I tried adding it just to see and the watch still crashed so I think its mad about the last two bytes so I need to set
the sign key bit and the link key bit but havent figured out how to do that...

EDIT: got that done and my request bytes match, but watch still crashes, it must need command ahead of time

[mscottwvc]

How do I send an MTU exchange prior to pairing?