This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

L2CAP layer question

Can somebody explain what 0xA1 means in this raw L2CAP layer:

0a, 00, 4d, 00, A1, 01, 00, 00, 08, 00, 00, 00, 00, 00

I know 0a, total bytes, and 4d is channel ID, I am not sure what A1 and 01 is?

Thanks

Hi Petter,

Thank so much for your comments. Yes indeed, I sniff these packet by pressing a key from this keyboard, www.amazon.co.uk/.../ref=oh_aui_detailpage_o01_s00, and then I used a Teledyne sniffer to sniff.

The pattern comes from pressing F12 in that keyboard:

0a, 00, 4d, 00, A1, 01, 00, 00, 08, 00, 00, 00, 00, 00, it is just L2CAP layer only.

0a is in hex which 10 bytes of L2CAP length, and then 4d as you said its some kind of channel ID for connection, then the rest belongs to keyboard map HID ATT.

For example the last 8 bytes is keyboard HID code for key char 'e', that's number 8 in 3rd place. I am not sure about A1 and 01 in there. I think 01 is report ID for keyboard. I can create this pattern easily by using Nordic example (ble_app_hids_keyboard,main.c).

My main cquestion or concern is to re-create this pattern:

06 00 4b 00 a1 02 00 20 00 00

this is created by pressing "lock" key on the same keyboard.

I am not sure what code a1 02 00 20 means.

Is it a consumer Hid key report, or something else?

here is attached file for LOCK key pressed, its a file with extension cfa: MotoG4_Anker_Lock.cfa

you need to download this free CFA file viewer to view this file. www.fte.com/.../CPAS-download.aspx

here also is another capture file for key f12 pressed, it also has has key "hello" sequence in there

MotoG4_Anker_F12.cfa

Related