CSR BC5 chip，降低蓝牙SPP security

最新推荐文章于 2023-05-11 11:46:56 发布

jgw2008

最新推荐文章于 2023-05-11 11:46:56 发布

阅读量956

点赞数

分类专栏：蓝牙文章标签：蓝牙 security

本文链接：https://blog.csdn.net/jgw2008/article/details/77164749

版权

蓝牙专栏收录该内容

20 篇文章 1 订阅

订阅专栏

在蓝牙SPP设计的时候，很多产品是默认将security降到最低，不需要输入连接的PIN码。

做法是呼叫下面的函数“ConnectionSmRegisterIncomingservice”，将第三个参数设为“sec_in_none”即可，代码如下。

这个函数可以在SPP_SM_AUTHENTICATE_CFM/SPP_INIT_CFM/SPP_CONNECT_CFM时候被呼叫。

hid_spp/spp.c <spp_inquire()>

ConnectionSmRegisterIncomingService(protocol_l2cap, 0x0001, sec_in_none);

关于SPP security的参数，也是十分多的，如下面的定义，

typedef enum
{
    /*! No security - in Mode 4 this is equivalent to Security Level 0*/
    sec_in_none                    = 0x0000,                      
    /*! mode 4 & legacy - results in a  DM_SM_AUTORISE_IND on connection attempt
    for devices not marked in as 'trusted' in the device database. */
    sec_in_authorisation           = 0x0001,              
    /*! legacy - For connections where at least one device is not in mode 4, 
    legacy pairing procedure should be used. The users may have to enter PINS.
    */
    sec_in_authentication          = 0x0002, 
    /*! legacy - The link should be encrypted after legacy authentication. */
    sec_in_encryption              = 0x0004,
    /*! mode 4 - Where both devices are in Mode 4, Secure Simple Pairing is
    used. */
    sec4_in_ssp                    = 0x0100,
    /*! mode 4 - Where both devices are in Mode 4, Man-In-The-Middle protection
    is used. */
    sec4_in_mitm                   = 0x0200,
    /*! mode 4 - Don't support legacy security procedures. Prevents devices 
    using the legacy pairing procedures to autenticate devices that do not 
    support Secure Simple Pairing. */
    sec4_in_no_legacy              = 0x0400,
    /*! mode 4 - Security Level 1. Minimal user interaction required. 
    Encryption not necessary (for SDP - for all 2.1+EDR devices, it is mandated
    for all other services). MITM not necessary. */
    sec4_in_level_1                = sec4_in_ssp,
    /*! mode 4 - Security Level 2. MITM not necessary, Encryption desired. */
    sec4_in_level_2                = (sec4_in_ssp | sec_in_authentication | sec_in_encryption),
    /*! mode 4 - security Level 3. MITM necessary, Encryption disired, user 
    interaction is acceptable. */
    sec4_in_level_3                = (sec4_in_ssp | sec4_in_mitm | sec_in_authentication | sec_in_encryption)
} dm_security_in;

函数“ConnectionSmRegisterInComingService”定义如下，

/*! 
	@brief This function is called to register the security requirements for
	access to a service when the Bluestack Security Controller is in Security
	Mode 2 or 3.

    @param protocol_id The protocol identifier (protocol_l2cap or
    protocol_rfcomm).
    
    @param channel Channel for the protocol defined by the protocol_id that the
    access is being requested on (e.g. RFCOMM server channel number).
    
    @param security - A bitwise setting of the security to be used. See the
    documentation for dm_security_in.
	

	The registered security level is applied to all incoming connections on the
	specified 'channel'.
*/
void ConnectionSmRegisterIncomingService(dm_protocol_id protocol_id, uint32 channel, dm_security_in security);