According to the Guideline (see Appendix
A for detail), the Peripheral should reject the ATT request using the
Insufficient Authentication error code.
By this way, the Apple product can pair and bond with
accessory.
But the BLP(see Appendix
B for detail) asks the Peripheral to use the SM Slave Security Request
procedure, if the peripheral uses bonding.
So the conflict is the method of triggering
pairing and bonding.
I do like this:
When the
peripheral received an ATT read request of characteristic, the peripheral judges
whether the link is encrypted or not, if the link isn’t encrypted,
the peripheral
will send a SM Slave Security Request and reject the ATT request with
“Insufficient Encryption” error code. It works well, and the Apple
product does
pair and bond with the accessory successfully. But this method is not mentioned
explicitly in the “BluetoothDesignGuidelines R6.pdf”, and
will it be OK to
use this method in the future? Will Apple still allow do this in the
future?
Appendix A:
In
the
“BluetoothDesignGuidelines R6.pdf”, we found
that:
Pairing
The
Bluetooth accessory should not request pairing. If, for security reasons, the
accessory requires a bonded relationship with the Central, the Peripheral
should
reject the ATT request using the Insufficient Authentication error code, as
appropriate. See specification, Volume 3, Part F, Section 4 for details.
As a result,
the Apple product may proceed with the necessary security procedures.
Appendix B:
In the
“Blood
Pressure Profile”, we found that:
6.1
Blood Pressure Sensor Security Considerations
All
supported characteristics specified by the Blood Pressure Service shall be set
to
Security
Mode 1 and either Security Level 2 or 3.
The Blood
Pressure Sensor should bond with the Collector.
The Blood
Pressure Sensor should use the SM Slave Security Request procedure to
inform the
Collector of its security requirements. If the Blood
Pressure Sensor uses
bonding, it
shall use the SM Slave Security Request procedure.
All
characteristics specified by the Device Information Service that are relevant to
this
profile
should be set to the same security mode and level as the characteristics in the
Blood
Pressure Service.
Second
question:
The Blood Pressure monitor is a slave and the
Apple product is a master. We test on iOS 6.1.3.
If we use the pairing
method comply with “BluetoothDesignGuidelines R6.pdf”, it really
works well after pairing and bonding.
But after I selected “Forget this device”, the iOS cannot pair and bond
with my BLE device anymore. In addition, the slave also
could not know the iOS has forgot it.
When I debug the slave’s pairing and bonding
procedure, I find that even the iOS has forgot this device, the slave can still
use the
old IRK
resolving the new random device address into the Apple product’s public device
address, so, the slave considers itself is still
in the
bonding status. And because the iOS had forgot this device, the iOS did not
encrypted the link. In this case, when the slave
received an
ATT read request of characteristic, the slave shall reject this ATT read
request with the “Insufficient Encryption” error
code,
because the slave still ask a encrypted link. However, the iOS does nothing to
process this error code.
We also test on iOS 7 beta(11A4414e), there is no
problem anymore. Does there any way to resolve on 6.1.3, and will 7.0 or later
could keep
the status in beta
version.