This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

HID L2CAP packet Analysis

Hello,

I captured following data using a Bluetooth dongle for WIN 7 and a Bluetooth keyboard . I also used Wireshark with USBCap driver to capture data going from BT Keyboard to BT USB Dongle in PC. Here is the L2cap part of captured packet from wireshark for key ‘a’   on BT keyboard.

0a  00  4f  00  a1  01  00  00  04  00  00  00  00 00

By looking at above packet, I can recognize the last 8 bytes resembling the same format as GATT in Nordic SDK BLE HID_Keyboard example, 00  00  04  00  00  00  00  00 , which 04 represent char ‘a’. Also I know 1st byte 0x0a is total length and 00 4f  is CID, but what I am not sure from this format, is byte#5 0xa1 and #6  0x01, what do they mean?   I also notice if I press one of the media key like volume -up, I get this:

06  00  4c  00  a1  02  00  02  00  00  ,  for L2cap part of packet.

I was hoping to get something similar to GATT format for consumer usage HID (consumer report usage 0x0c). but as you can see volume -up format above is different, it has 0xa1 and 0x02 for byte #5 and #6 ,  I am not sure what they mean? The next 4 bytes is 00 02 00 00, , looks like some bit-field index to a table. Any idea?

 

Thanks

Related