BLE的配对与绑定
配对:主从机连接的密码配对过程,发起方可以是主机,也可以是从机模,配置为“GAPBOND_PAIRING_MODE_INITIATE”的一端发起的
绑定:连接一次后就一直绑定着不需要再输入密码
因为BLE的配对与绑定则发生在连接之后,可能导致数据泄露。这是因为连接后的配对绑定是有一定超时时间的,如果这个时间去读写数据就有可能导致数据泄露。通常可以把特征值在属性表中的属性设置为“加密读”或“加密写”,也就是改成“GATT_PERMIT_AUTHEN_READ”或“GATT_PERMIT_AUTHEN_WRITE”。设置读写权限
1、加密数据初始化(simpleBLEPeripheral.c的SimpleBLEPeripheral_Init函数中)
// Setup the GAP Bond Manage
uint32 passkey = 0; // passkey "000000"
uint8 pairMode = GAPBOND_PAIRING_MODE_NO_PAIRING;
if(m_at_ctx.PassKey!=0xffff)//如果配对码有效则开启配对
{
passkey=m_at_ctx.PassKey;
AIT_printf("PassKey:%d\r\n",m_at_ctx.PassKey);
pairMode = GAPBOND_PAIRING_MODE_INITIATE;
}
uint8 mitm = TRUE;
uint8 ioCap = GAPBOND_IO_CAP_DISPLAY_ONLY;
uint8 bonding = TRUE;
GAPBondMgr_SetParameter( GAPBOND_DEFAULT_PASSCODE, sizeof ( uint32 ), &passkey );
GAPBondMgr_SetParameter( GAPBOND_PAIRING_MODE, sizeof ( uint8 ), &pairMode );
GAPBondMgr_SetParameter( GAPBOND_MITM_PROTECTION, sizeof ( uint8 ), &mitm );
GAPBondMgr_SetParameter( GAPBOND_IO_CAPABILITIES, sizeof ( uint8 ), &ioCap );
GAPBondMgr_SetParameter( GAPBOND_BONDING_ENABLED, sizeof ( uint8 ), &bonding );
2、注册回调函数(替换simpleBLEPeripheral.c中的simpleBLEPeripheral_BondMgrCBs )
// Bond Manager Callbacks
const gapBondCBs_t simpleBLEBondCB =
{
simpleBLECentralPasscodeCB,
simpleBLECentralPairStateCB
};
static void simpleBLECentralPasscodeCB( uint8 *deviceAddr, uint16 connectionHandle,uint8 uiInputs, uint8 uiOutputs )
{
LOG("simpleBLECentralPasscodeCB\r\n");
#if (HAL_LCD == TRUE)
uint32 passcode=mAT_Ctx.PassKey;
GAPBondMgr_PasscodeRsp( connectionHandle, SUCCESS, passcode );//设置配对码
#endif
}
static void simpleBLECentralPairStateCB( uint16 connHandle, uint8 state, uint8 status )
{
LOG("simpleBLECentralPairStateCB in param state 0x%02X,status 0x%02X\r\n",state,status);
if ( state == GAPBOND_PAIRING_STATE_STARTED )//首次配对
{
LOG( "Pairing started\n" );
}
else if ( state == GAPBOND_PAIRING_STATE_COMPLETE )
{
if ( status == SUCCESS )
{
LOG( "Pairing success\n" );
}
else
{
LOG( "Pairing fail\n" );
}
}
else if ( state == GAPBOND_PAIRING_STATE_BONDED )
{
if ( status == SUCCESS )
{
LOG( "Bonding success\n" );
}
}
}
//在初始事件函数中注册回调函数
case BUP_OSAL_EVT_START_DEVICE:{ // Start the Device
VOID GAPRole_StartDevice( &bleuart_PeripheralCBs );
#ifndef PHY
extern const gapBondCBs_t simpleBLEBondCB;
// Register with bond manager after starting device
GAPBondMgr_Register((gapBondCBs_t*)&simpleBLEBondCB);
#endif
return ( events ^ BUP_OSAL_EVT_START_DEVICE );
}
以上两个函数,第一次连接时的进入先后顺序为:
ProcessPairStateCB——GAPBOND_PAIRING_STATE_STARTED(0x00)
ProcessPasscodeCB
ProcessPairStateCB——GAPBOND_PAIRING_STATE_COMPLETE(0x01)
绑定后再连接时的进入先后顺序为:
ProcessPairStateCB——GAPBOND_PAIRING_STATE_BONDED(0x02)
3、清除绑定
// Set up bond manager to erase all existing bonds after connection terminates
VOID GAPBondMgr_SetParameter( GAPBOND_ERASE_ALLBONDS, 0, NULL );