Developing a secured SPP acceptor device

Topics: Bluetooth - Microsoft, Bluetooth - Other
Aug 17, 2014 at 7:17 PM
Hi,

I'm developing an industrial device and would like my device to be able to accept a bluetooth connection from a remote PC or PC application (not part of my develoment). This project is essentially a simple wire replacement (traditionally the remote PC has been physically connected to the industrial device via an RS232 cable).

So I think I've worked out that I need my device to support the SPP profile and to be an 'accceptor' as defined by the SPP specification. In addition, I would like the connection to require a pin to be entered on the remote PC/application and that pin should be defined by my device (the acceptor).

I'm currently only playing around with c# and the full .NET framework on Windows but eventually I will want to move this to a Windows CE and Compact Framework device. In both cases, I'm using the Microsoft Stack.

I'm really struggling with the concept of security in Bluetooth. Trying out different Bluetooth adapters, sometimes I see the initiator displaying a specific numeric code on screen, sometime I see the initiator prompted to enter a PIN. Is the type of security dictated by the version of Bluetooth used, and if so, it this driven by the initiator or the acceptor?

Also, I'm presuming that once I have my side working, a Windows PC that connected to my device will automatically create a virtual serial port to allow for example a terminal on the PC to communicate directly with my device. Is this the case or do I have to do something else to provide this behaviour?

I was recently experimenting with another Industrial device and managed to connect my Windows PC to it by entering the device's PIN in Windows when prompted. Windows then automatically installed a virtual port. Hence this is exactly the behaviour I'm after and so I know its certainly possible given some set of circumstances. I suppose the question is whether it is possible given my combination of adapter, stack, Bluetooth version, OS, etc etc.

I would greatly appreciate the benefit of someones experience. I'm totally new to Bluetooth!

Also, specific examples/sample code would be very useful.

Thanks in advance,
Lee.
Developer
Aug 19, 2014 at 10:24 AM
See https://32feet.codeplex.com/wikipage?title=BluetoothWin32Authentication&referringTitle=Documentation What pairing method is used depends first if both devices (both radio and software) are 2.1 or later, and then what the input/output capabilities are.
The pairing method used follows this pattern:
   if (either is pre-v2.1) then
      Legacy
   else if (Out-Of-Band channel) then
      OutOfBand
   else if (neither have "Man-in-the-Middle Protection Required") then
      (i.e. both have "Man-in-the-Middle Protection _Not_ Required")
      Just-Works
   else
      Depending on the two devices' "IO Capabilities", either NumericComparison or Passkey.
      Passkey is used when one device has KeyboardOnly -- and the peer device _isn't_ NoInputNoOutput.
I personally really don't like virtual serial ports creating them, finding out which is which, worrying about duplicates, etc. So I always try to use Sockets/Streams which BluetoothClient provides. However if you've existing apps that can only use serial ports then your need the virtual serial ports.
Aug 19, 2014 at 10:28 AM
Edited Aug 19, 2014 at 10:29 AM
Thanks Alan, that's very helpful. Then I suppose the question is now, how do I specify the IO capabilities of my industrial device? Obviously the Bluetooth adapter or stack can't know the capabilities of my device up front so I presume this can be specified somewhere via the API?