Hi,
I'm working on solution to upload/update firmware via BLE.
Arduino library:
And web/mobile/desktop application:
There are 3 items that should be considered:
- mandatory, Integrity protection. DONE by crc32 checking
- optional, Version control possibility. DONE by additional characteristics
- optional, Security possibility. Still open
Don't know for this moment how to provide this possibility to user of ArduinoBleOTA library.
Will be nice to consider it now, without changing library interface and protocol i future.
I think that following possibilities should be considered:
- Authentication (Pin code) for whole connection, with and without transfer encryption
- Authentication (Pin code) for only OTA service, with and without transfer encryption
- Authentication (Pin code) for only OTA upload characteristics, with and without transfer encryption
Can't find simple example how to do that, and even don't know if each of these items are possible to implement in BLE or ArduinoBLE.
For NimBLE-Arduino library:
BLEDevice::setSecurityPasskey(123456);
BLEDevice::setSecurityAuth(true, true, true);
BLEDevice::setSecurityIOCap(BLE_HS_IO_DISPLAY_ONLY);
And override:
void ArduinoBleOTAClass::onConnect(BLEServer* pServer, ble_gap_conn_desc* desc)
{
BLEDevice::startSecurity(desc->conn_handle);
}
Than pin will be required for connection. How to implement in ArduinoBLE library?