admin管理员组文章数量:1641878
根据R15文档可知,Homekit广播数据分为两种类型:
HAP BLE Regular Advertisement 和 HAP BLE Encrypted Notification Advertisement
一、HAP BLE Regular Advertisement
这类广播主要用于广播设备的存在和设备当前的状态,广播数据格式如下
Bluetooth Low Energy Link Layer
Access Address: 0x8e89bed6
Packet Header: 0x2560 (PDU Type: ADV_IND, ChSel: #2, TxAdd: Random)
.... 0000 = PDU Type: ADV_IND (0x0)
...0 .... = RFU: 0
..1. .... = Channel Selection Algorithm: #2
.1.. .... = Tx Address: Random
0... .... = Reserved: False
Length: 37
Advertising Address: f5:70:62:10:c5:45 (f5:70:62:10:c5:45)
Advertising Data
Flags
Length: 2
Type: Flags (0x01)
000. .... = Reserved: 0x0
...0 .... = Simultaneous LE and BR/EDR to Same Device Capable (Host): false (0x0)
.... 0... = Simultaneous LE and BR/EDR to Same Device Capable (Controller): false (0x0)
.... .1.. = BR/EDR Not Supported: true (0x1)
.... ..1. = LE General Discoverable Mode: true (0x1)
.... ...0 = LE Limited Discoverable Mode: false (0x0)
Manufacturer Specific
Length: 22
Type: Manufacturer Specific (0xff)
Company ID: Apple, Inc. (0x004c)
Data: 0631004fbb71314f2006000500010204cf2205
Device Name (shortened): Mi
Length: 4
Type: Device Name (shortened) (0x08)
Device Name: Mi
CRC: 0x88aec1
1.1 Homekit广播数据解析
Homekit广播数据由Flags、Manufacturer data和Local name三个部分组成
02 01 06 16 ff 4c 00 06 31 00 4f bb 71 31 4f 20 06 00 05 00 01 02 04 cf 22 05 04 08 4d 69 20
拆分如下:
Flags:
02 01 06
Manufacturer data:
16 ff 4c 00 06 31 00 4f bb 71 31 4f 20 06 00 05 00 01 02 04 cf 22 05
解析如下:
| 后面数据长度 | 0x16 |
| 广播数据类型 | 0xFF |
| 公司ID | 0x004C |
| 类型 | 0x06(固定) |
| STL | 0x31(Homekit regular advertisement) |
| Status Flags | 0x00(0->已绑定,1->未绑定) |
| Device ID | 4f:bb:71:31:4f:20 |
| Accessory Category ID | 0x0006 (Locks) |
| Global Status Number | 0x0005 |
| Configuation Number | 0x01 |
| Compatible Version | 0x02(固定) |
| Setup Hash | <0x04cf2205> |
Local name:
04 08 4d 69 20
二、HAP BLE Encrypted Notification Advertisement
这类广播只能用于提示支持广播事件的特征值发生了改变(加密),iPhone收到此类广播会主动连接设备
Frame 991: 63 bytes on wire (504 bits), 63 bytes captured (504 bits) on interface wireshark_extcap2400, id 0
Nordic BLE Sniffer
Bluetooth Low Energy Link Layer
Access Address: 0x8e89bed6
Packet Header: 0x2560 (PDU Type: ADV_IND, ChSel: #2, TxAdd: Random)
.... 0000 = PDU Type: ADV_IND (0x0)
...0 .... = RFU: 0
..1. .... = Channel Selection Algorithm: #2
.1.. .... = Tx Address: Random
0... .... = Reserved: False
Length: 37
Advertising Address: ea:00:23:b3:51:c3 (ea:00:23:b3:51:c3)
Advertising Data
Flags
Length: 2
Type: Flags (0x01)
000. .... = Reserved: 0x0
...0 .... = Simultaneous LE and BR/EDR to Same Device Capable (Host): false (0x0)
.... 0... = Simultaneous LE and BR/EDR to Same Device Capable (Controller): false (0x0)
.... .1.. = BR/EDR Not Supported: true (0x1)
.... ..1. = LE General Discoverable Mode: true (0x1)
.... ...0 = LE Limited Discoverable Mode: false (0x0)
Manufacturer Specific
Length: 27
Type: Manufacturer Specific (0xff)
Company ID: Apple, Inc. (0x004c)
Data: 1136b1d320bef4e6f40f0085dbf19dd63898fee465d68798
CRC: 0x37625a
2.1 Homekit广播数据解析
Homekit广播数据由Flags、Manufacturer data两个部分组成
02 01 06 1b ff 4c 00 11 36 b1 d3 20 be f4 e6 f4 0f 00 85 db f1 9d d6 38 98 fe e4 65 d6 87 98
拆分如下:
Flags:
02 01 06
Manufacturer data:
1b ff 4c 00 11 36 b1 d3 20 be f4 e6 f4 0f 00 85 db f1 9d d6 38 98 fe e4 65 d6 87 98(红色部分为加密数据)
| 后面数据长度 | 0x1B |
| 广播数据类型 | 0xFF |
| 公司ID | 0x004C |
| 类型 | 0x11(固定) |
| STL | 0x36(Homekit BLE Encrypted Notification Advertisement) |
| Device ID | 4f:bb:71:31:4f:20 |
| Global Status Number | 0x0ff4(加密后的数据) |
| IID | 0x8500(加密的数据) |
| Value | 0xe4fe9838d69df1db(加密的数据) |
| Auth Tag | 0x98876d65(加密的数据) |
版权声明:本文标题:Nordic Homekit开发--Homekit广播数据解析 内容由热心网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:https://www.elefans.com/dongtai/1729328698a1196099.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论