This example demonstrates the implementation of different security levels of pairing and the data transfer in a multi-connection environment.
This project instantiates a data hub that plays the roles of GAP Central, GAP Peripheral, GATT Client and GATT Server at the same time, and that is able to pair with up to 3 slaves at different security levels. In addition, the device will also be able to pair with a Master, to which it can send the data collected from the slaves or distribute the data from the master to the slaves.
Programming Language: C
Associated Parts: CYW20706
Related Hardware: CYW920706WCDEVAL Board (2 to 4 required)
Figure 1: Block Diagram
As shown in the abobe block diagram, the Secure Hub can connect with upto 3 slave devices (programmed with hello_sensor project). It in turn serves as a slave for a master device. All the CYW920706 devices will be able to communicate with the PC via PUART interfaces that appear as serial terminal COM Ports in the PC.
Firmware Flow of secure_hub Device:
Figure 2: Firmware Flow
APPLICATION_START is the program entry point. Here the peripheral UART is set for displaying Debug Messages. The BT Stack and the corresponding management callback are started using the wiced_bt_stack_init () API.
db_management_cback() function in secure_hub.c handles the events generated for the BLE Stack. The BTM_ENABLED_EVT indicates that the Bluetooth stack is ready. Upon the reception of this event, we start the Non Connectable High Duty Cycle advertisement. The Timer and GPIO Interrupts are registered. The Timer and GPIO Button Press Interrupt callbacks increment the suffix in the Device Name by 1 and then continues the advertisement with the incremented name.
In the secure_hub and the hello_sensor projects, the user needs to enter the desired security level and IO Capabilities via console. The console accepts inputs via PUART. The 4 security levels supported in this project are
The hello_sensor project starts advertising, once these details are entered. A Scan is initiated via GPIO Interrupt button press on the secure_hub device. The UUID of the service available in the hello_sensor node is verified in the callback, after which the connection is initiated by the secure_hub.
Once a connection is established with the slave, the secure_hub performs a GATT Discovery of the slave using the custom UUIDs of hello_service. The discovery happens in 3 stages:
The GATT DB of the hello_sensor device contains the hello service. The hello_service contains two characteristics (Refer hello_sensor/gatt_db.c and hello_sensor/gatt_db.h files)
This characteristic has the properties of Notification and Indication. The Bytes to be notified / indicated are typed in the serial terminal of the hello_sensor device and are transmitted as Notification or Indication to the secure_hub.
This characteristic has the properties of Read and Write. The secure nature of the application is demonstrated using this characteristic. In the gatt_db.c file of the hello_sensor, it can be noticed that the permissions of this characteristic includes these bitmasks: LEGATTDB_PERM_WRITE_REQ| LEGATTDB_PERM_AUTH_WRITABLE. This means that this characteristic can be written only when the link has been paired with MITM (Man in the middle protection). Security Levels (either BTM_LE_AUTH_REQ_MITM or BTM_LE_AUTH_REQ_SC_MITM The user has to manually take care of this in the application level. When other security levels are used, a write to this characteristic will result in an “Insufficient Authentication” error. Once this characteristic is successfully written by a one byte value, the Red LED on the board blinks as many times as the written value.
By the end of the discovery, the secure_hub device stores the Attribute handles of the HANDLE_HSENS_SERVICE_CHAR_BLINK characteristic and the CCCD (Client Characteristic Configuration Descriptor) of the HANDLE_HSENS_SERVICE_CHAR_NOTIFY characteristic. With the attribute handles, the secure_hub device can write to these characteristics descriptors. The CCCD Handle is required, so that the notifications / indications can be enabled / disabled on the hello_sensor slaves. The handles are stored in a global structure g_secure_hub.
At any instant a new slave may be connected to the secure_hub or a old one may detach itself by pressing the SW1 button the board. A maximum of 3 hello_sensor slaves can be connected to the secure_hub device at a time, in addition to a master.
The secure_hub keeps advertising, until a master has connected to it. It will again start advertising when the master has disconnected from it.
Secure_hub-BCM920706_P49 UART=COMxx download
Make sure that the Same as the Target Name checkbox is checked. Click OK. Create another target, in addition to the previous one as:
Helo_sensor-BCM920706_P49 UART=COMyy download
(Note: In the above targets, “xx” and “yy” are the HCI COM Port numbers of each of the devices)
Note: When the secure_hub tries to write to a slave with which it has paired with security levels without MITM, it will receive “Insufficient Authentication Error”. Also, when the master tries to write to the secure_hub, when no slaves are connected to the secure_hub, it will result in an “insufficient authorization” error.
Table1 lists all relevant application notes, code examples, knowledge base articles, device datasheets, and Component / user module datasheets.
Table 1: Related Documents
AN218191 - WICED™ Quick Start Guide for BT CYW20706
The Quick Start Guide can be accessed from Project Explorer -> 20706-A2_Bluetooth -> Doc
AN216535 - CYW92070xV3_EVAL Evaluation Board Hardware User Manual
The Hardware User Manual can be accessed from Project Explorer -> 20706-A2_Bluetooth -> Doc