Merge pull request #87 from jacobeva/nrf52-ble

nRF52 BLE improvements
This commit is contained in:
markqvist 2024-10-10 17:58:37 +02:00 committed by GitHub
commit 0e04754d7a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 173 additions and 119 deletions

View File

@ -387,39 +387,70 @@ char bt_devname[11];
bt_ssp_pin = 0; bt_ssp_pin = 0;
bt_state = BT_STATE_ON; bt_state = BT_STATE_ON;
} }
void bt_pairing_complete(uint16_t conn_handle, uint8_t auth_status) {
void bt_pairing_complete(uint16_t conn_handle, uint8_t auth_status) {
if (auth_status == BLE_GAP_SEC_STATUS_SUCCESS) { if (auth_status == BLE_GAP_SEC_STATUS_SUCCESS) {
BLEConnection* connection = Bluefruit.Connection(conn_handle);
ble_gap_conn_sec_mode_t security = connection->getSecureMode();
// On the NRF52 it is not possible with the Arduino library to reject
// requests from devices with no IO capabilities, which would allow
// bypassing pin entry through pairing using the "just works" mode.
// Therefore, we must check the security level of the connection after
// pairing to ensure "just works" has not been used. If it has, we need
// to disconnect, unpair and delete any bonding information immediately.
// Settings on the SerialBT service should prevent unauthorised access to
// the serial port anyway, but this is still wise to do regardless.
//
// Note: It may be nice to have this done in the BLESecurity class in the
// future, but as it stands right now I'd have to fork the BSP to do
// that, which I don't fancy doing. Impact on security is likely minimal.
// Requires investigation.
if (security.sm == 1 && security.lv >= 3) {
bt_state = BT_STATE_CONNECTED;
cable_state = CABLE_STATE_DISCONNECTED;
bt_disable_pairing(); bt_disable_pairing();
} else {
if (connection->bonded()) {
connection->removeBondKey();
}
connection->disconnect();
}
} else { } else {
bt_ssp_pin = 0; bt_ssp_pin = 0;
} }
} }
bool bt_passkey_callback(uint16_t conn_handle, uint8_t const passkey[6], bool match_request) { bool bt_passkey_callback(uint16_t conn_handle, uint8_t const passkey[6], bool match_request) {
for (int i = 0; i < 6; i++) { for (int i = 0; i < 6; i++) {
// multiply by tens however many times needed to make numbers appear in order // multiply by tens however many times needed to make numbers appear in order
bt_ssp_pin += ((int)passkey[i] - 48) * pow(10, 5-i); bt_ssp_pin += ((int)passkey[i] - 48) * pow(10, 5-i);
} }
kiss_indicate_btpin(); kiss_indicate_btpin();
if (match_request) {
if (bt_allow_pairing) { if (bt_allow_pairing) {
return true; return true;
} }
}
return false; return false;
} }
void bt_connect_callback(uint16_t conn_handle) { void bt_connect_callback(uint16_t conn_handle) {
bt_state = BT_STATE_CONNECTED; bt_state = BT_STATE_CONNECTED;
cable_state = CABLE_STATE_DISCONNECTED; cable_state = CABLE_STATE_DISCONNECTED;
}
void bt_disconnect_callback(uint16_t conn_handle, uint8_t reason) { //BLEConnection* conn = Bluefruit.Connection(conn_handle);
conn->requestPHY(BLE_GAP_PHY_2MBPS);
conn->requestMtuExchange(512+3);
conn->requestDataLengthUpdate();
}
void bt_disconnect_callback(uint16_t conn_handle, uint8_t reason) {
if (reason != BLE_GAP_SEC_STATUS_SUCCESS) {
bt_state = BT_STATE_ON; bt_state = BT_STATE_ON;
} }
}
bool bt_setup_hw() { bool bt_setup_hw() {
if (!bt_ready) { if (!bt_ready) {
#if HAS_EEPROM #if HAS_EEPROM
if (EEPROM.read(eeprom_addr(ADDR_CONF_BT)) == BT_ENABLE_BYTE) { if (EEPROM.read(eeprom_addr(ADDR_CONF_BT)) == BT_ENABLE_BYTE) {
@ -433,12 +464,19 @@ char bt_devname[11];
Bluefruit.configPrphBandwidth(BANDWIDTH_MAX); Bluefruit.configPrphBandwidth(BANDWIDTH_MAX);
Bluefruit.autoConnLed(false); Bluefruit.autoConnLed(false);
if (Bluefruit.begin()) { if (Bluefruit.begin()) {
Bluefruit.setTxPower(4); // Check bluefruit.h for supported values Bluefruit.setTxPower(8); // Check bluefruit.h for supported values
Bluefruit.Security.setIOCaps(true, true, false); Bluefruit.Security.setIOCaps(true, false, false); // display, yes; yes / no, no; keyboard, no
// This device is indeed capable of yes / no through the pairing mode
// being set, but I have chosen to set it thus to force the input of the
// pin on the device initiating the pairing.
Bluefruit.Security.setMITM(true);
Bluefruit.Security.setPairPasskeyCallback(bt_passkey_callback); Bluefruit.Security.setPairPasskeyCallback(bt_passkey_callback);
Bluefruit.Periph.setConnectCallback(bt_connect_callback); Bluefruit.Security.setSecuredCallback(bt_connect_callback);
Bluefruit.Periph.setDisconnectCallback(bt_disconnect_callback); Bluefruit.Periph.setDisconnectCallback(bt_disconnect_callback);
Bluefruit.Security.setPairCompleteCallback(bt_pairing_complete); Bluefruit.Security.setPairCompleteCallback(bt_pairing_complete);
//Bluefruit.Periph.setConnInterval(6, 12); // 7.5 - 15 ms
const ble_gap_addr_t gap_addr = Bluefruit.getAddr(); const ble_gap_addr_t gap_addr = Bluefruit.getAddr();
char *data = (char*)malloc(BT_DEV_ADDR_LEN+1); char *data = (char*)malloc(BT_DEV_ADDR_LEN+1);
for (int i = 0; i < BT_DEV_ADDR_LEN; i++) { for (int i = 0; i < BT_DEV_ADDR_LEN; i++) {
@ -459,9 +497,9 @@ char bt_devname[11];
} else { return false; } } else { return false; }
} else { return false; } } else { return false; }
} }
void bt_start() { void bt_start() {
if (bt_state == BT_STATE_OFF) { if (bt_state == BT_STATE_OFF) {
Bluefruit.setName(bt_devname); Bluefruit.setName(bt_devname);
bledis.setManufacturer(BLE_MANUFACTURER); bledis.setManufacturer(BLE_MANUFACTURER);
@ -469,11 +507,13 @@ char bt_devname[11];
// start device information service // start device information service
bledis.begin(); bledis.begin();
SerialBT.bufferTXD(true); // enable buffering
SerialBT.setPermission(SECMODE_ENC_WITH_MITM, SECMODE_ENC_WITH_MITM); // enable encryption for BLE serial
SerialBT.begin(); SerialBT.begin();
blebas.begin(); blebas.begin();
// non-connectable advertising
Bluefruit.Advertising.addFlags(BLE_GAP_ADV_FLAGS_LE_ONLY_GENERAL_DISC_MODE); Bluefruit.Advertising.addFlags(BLE_GAP_ADV_FLAGS_LE_ONLY_GENERAL_DISC_MODE);
Bluefruit.Advertising.addTxPower(); Bluefruit.Advertising.addTxPower();
@ -488,9 +528,9 @@ char bt_devname[11];
bt_state = BT_STATE_ON; bt_state = BT_STATE_ON;
} }
} }
bool bt_init() { bool bt_init() {
bt_state = BT_STATE_OFF; bt_state = BT_STATE_OFF;
if (bt_setup_hw()) { if (bt_setup_hw()) {
if (bt_enabled && !console_active) bt_start(); if (bt_enabled && !console_active) bt_start();
@ -498,18 +538,18 @@ char bt_devname[11];
} else { } else {
return false; return false;
} }
} }
void bt_enable_pairing() { void bt_enable_pairing() {
if (bt_state == BT_STATE_OFF) bt_start(); if (bt_state == BT_STATE_OFF) bt_start();
bt_allow_pairing = true; bt_allow_pairing = true;
bt_pairing_started = millis(); bt_pairing_started = millis();
bt_state = BT_STATE_PAIRING; bt_state = BT_STATE_PAIRING;
} }
void update_bt() { void update_bt() {
if (bt_allow_pairing && millis()-bt_pairing_started >= BT_PAIRING_TIMEOUT) { if (bt_allow_pairing && millis()-bt_pairing_started >= BT_PAIRING_TIMEOUT) {
bt_disable_pairing(); bt_disable_pairing();
} }
} }
#endif #endif

View File

@ -189,6 +189,7 @@
bool device_init_done = false; bool device_init_done = false;
bool eeprom_ok = false; bool eeprom_ok = false;
bool firmware_update_mode = false; bool firmware_update_mode = false;
bool serial_in_frame = false;
// Boot flags // Boot flags
#define START_FROM_BOOTLOADER 0x01 #define START_FROM_BOOTLOADER 0x01

View File

@ -668,6 +668,19 @@ void serial_write(uint8_t byte) {
Serial.write(byte); Serial.write(byte);
} else { } else {
SerialBT.write(byte); SerialBT.write(byte);
#if MCU_VARIANT == MCU_NRF52 && HAS_BLE
// This ensures that the TX buffer is flushed after a frame is queued in serial.
// serial_in_frame is used to ensure that the flush only happens at the end of the frame
if (serial_in_frame && byte == FEND) {
SerialBT.flushTXD();
serial_in_frame = false;
}
else if (!serial_in_frame && byte == FEND) {
serial_in_frame = true;
}
#endif
} }
#else #else
Serial.write(byte); Serial.write(byte);