I use the Ble library, but I want to connect/pair only the first device/phone. After this only the first device is allowed to reconnect. How do I implement this? Is there a best practice? Do I need to filter the deviceid? Or are there better ways to acchieve this?
That can be achieved using the Filter Accept List (previously known as White List), which is standard in the BLE spec. How to use it depends on the Bluetooth stack you are using, so you should check the manual for the Bluetooth stack you are using (you didn't mention).
If you want to support Random Resolvable addresses, you can use the Resolving List where you put the corresponding IRKs.
But a personal opinion is to instead always let any device connect to your device, and then secure sensitive services using MITM-secure authentication instead (pairing). That could potentially lead to a better experience for the user, because otherwise any connection attempt from "wrong" device will just lead to a unknown connection error from the user which might be hard to understand.
Related
I have a configured DBC in CANoe with CAN messages and mapped signals. Now I would like to send the messages configured in the DBC in my simulation via Ethernet/TCP and still keep the signal mapping. The two ECUs are activated in the CAN and Ethernet networks. The transmission of general TCP messages works.
So far I have not found a working approach. Do you have any ideas? Are there ways to keep the signal mapping?
There are at least two projects that allow you to send CAN messages over Ethernet:
socketcand
cannelloni
There are also Applications that allow you to send/receive CAN-messages using these protocols and that support DBCs:
SavvyCAN supports socketcand (disclaimer: I implemented this support myself)
CANdevStudio supports cannelloni (I haven't tested it)
Both will keep your signal mapping intact.
If you specifically want to achieve this with CANoe, you might have better luck contacting Vector.
I want to know if my BLE 5 (low energy, not "typical"/core bluetooth) embedded system uses (preferably asymmetric) encryption, if encrypted at all.
I'm using this ble module that is communicating with an SOC. My SOC is capable of encryption but the FAE of the BLE module product couldn't come up with any useful information.
My program doesn't appear to have a bonding/pairing process, but I could be wrong since I did not take a closer look at the HAL layer program.
My question is, does BLE 5 require encryption?
If not, how do I find out if my connection is encrypted or not, using methods other than sniffers? For example are there any steps which must be gone through to facilitate encryption, in which case I should check if these steps were skipped or not? (If skipped then surely my communication is in plain texts).
ETA: The target BLE module is based on nrf52832, don't know what BLE stack/softdevice they are using. My soc is STM32WB55 series, using a rather comprehensive BLE stack that supports most functions of which name I couldn't recall for the moment.
BLE does not require encryption for a connection to be made.
At first, every BLE connection starts in Security Mode 1, Level 1 which does not use any encryption at all. Every message will be sent in cleartext. To increase the security two devices have to "pair". Security keys are exchange during the pairing process. There are multiple different pairing methods with different requirements. Have a look at this article for a starting point.
The pairing process is usually not started manually but automatically as soon as a device tries to access a secured characteristic. If you are using a phone to access such a characteristic you will be prompted with a pairing request popup. Based on your description I would assume that your connection is currently not encrypted.
To enable encryption on your SoC please have a look at the function aci_gatt_add_char. This document (direct download link) refers to this function on page 55 and shows that it takes Security_Permissions as an argument. The next page states the possible options as:
0x00: ATTR_PERMISSION_NONE
0x01: Need authentication to read
0x02: Need authorization to read
0x04: Link should be encrypted to read
0x08: Need authentication to write
0x10: Need authorization to write
0x20: Link should be encrypted for write
I'm working on a project that has server and client roles. I would like to have servers and clients automatically detecting each other. At a first glance, zeroconf seems to be the best solution. But it would add a dependency, Bonjour, to the project. I use Qt for the GUI and Qt has native support of broadcast and multicast. So I'm wondering if it's feasible to just use those features to replace zeroconf?
Here is a decent post about how zeroconf works.
I don't think I need the features of obtaining an IP Address and obtaining a Hostname from zeroconf. All I want is let one instance be aware of other instance's existence.
My current plan is combining broadcast and multicast. Each server chooses a unique multicast group and broadcast this group to the others. When a client wants to connect a to specific server, it joins the corresponding group.
Some people mention that it's normal that routers blocking local broadcast. If this is true, my plan would not be feasible.
Is there any standard way to implement this rather than using zeroconf?
i am working in an ARM based media processor. I need to implement upnp for the device. Advertisement is only needed, i.e device discovery so IP address of the device can be found. I was able to implement the advertisement but i am failed when the IP of the device changes. Is there a way i could detect the change in IP and change the advertisement of device. Thanks in advance
There is nothing 'in UPnP' that will handle this for you -- that makes sense as UPnP is a media sharing protocol and finding out the current IPs is something quite unrelated to media sharing as well as entirely Operating System specific.
If you were using a decent UPnP-library, then I would expect the library to provide this sort of functionality to you. But since you are saying you are implementing UPnP yourself... well, then you get to implement all of it yourself.
My first suggestion is Don't implement UPnP yourself. It may look simple but it really isn't. Find libraries that "invent the wheels" for you and concentrate on actually solving the problem you're trying to solve. I understand that getting libraries on to an embedded device is not always easy, but I can guarantee that implementing UPnP in even a half-assed way is quite difficult.
Assuming the first suggestion is not viable: Take a look at how GUPnP handles this: There are ContextManagers (that handle network contexts) for Connman, NetworkManager and generic Linux. The latter might be a useful starting point for you: https://git.gnome.org/browse/gupnp/tree/libgupnp/gupnp-linux-context-manager.c : the "context-available" signal is emitted when a network interface is up. Note that the code is licensed under LGPL.
I am building an app that sends information between two iPhones. The app is working great but the one problem I am having is that I have no way of telling whether bonjour is choosing wi-fi or bluetooth to make the connection. I would like to allow the user to be able to choose which they prefer. Also, is there way to programmatically tell is the device's bluetooth is on?
There is NO WAY TO TELL.
It's just one of those weird things.
And in fact there is no way to programmatically choose WiFi or Bluetooth. It's annoying but true.
Often, multidevice games will have a warning for users:
"Be sure to TURN OFF Bluetooth, to
ensure you are using your WiFi
connection."
That's the situation.
Bonjour is just a service discovery protocol - it doesn't care what kind of network you have. It will discover services across a mixture of networks (e.g. via bridges and routers), so it doesn't really make sense to try to map a service discovered via Bonjour to a single type of transport layer.