ESP32 C3开发实战 -7（BLE加密连接Bond）

在一些特定物联网产品，有时会遇到对BLE的GATT访问进行加密

先来看下BLE加密连接流程图

扫描&连接->安全请求->配对处理->生成加密key->链路加密，完成链路加密连接

实例项目开发时候，需要几个步骤来完成

1，BLE组件对应的SMP项设置：开启加密配对，加密连接，保存bond key到NVS

2，在这里使用:Just work bond。

ble host config:配置为:BLE_HS_IO_NO_INPUT_OUTPUT，无需输入pair key，

nimble_host_config_init

ble_hs_cfg.sm_io_cap = BLE_HS_IO_NO_INPUT_OUTPUT;//无输入，无输出设备

ble_hs_cfg.sm_bonding = 1;

ble_hs_cfg.sm_mitm = 0;

ble_hs_cfg.sm_our_key_dist |= BLE_SM_PAIR_KEY_DIST_ENC | BLE_SM_PAIR_KEY_DIST_ID;

ble_hs_cfg.sm_their_key_dist |= BLE_SM_PAIR_KEY_DIST_ENC | BLE_SM_PAIR_KEY_DIST_ID;

3，GATT层访问安全设定,读写需加密ENC

GATT的读写权限加密设定为：BLE_GATT_CHR_F_READ_ENC和BLE_GATT_CHR_F_WRITE_ENC

* GATT services table */

staticconststructble_gatt_svc_defgatt_svr_svcs[]= {

/* Heart rate service */

{.type = BLE_GATT_SVC_TYPE_PRIMARY,

.uuid = &heart_rate_svc_uuid.u,

.characteristics =

(structble_gatt_chr_def[]){

{/* Heart rate characteristic */

.uuid = &heart_rate_chr_uuid.u,

.access_cb =heart_rate_chr_access,

.flags = BLE_GATT_CHR_F_READ | BLE_GATT_CHR_F_INDICATE |

BLE_GATT_CHR_F_READ_ENC,

.val_handle = &heart_rate_chr_val_handle},

{

0,/* No more characteristics in this service. */

}}},

/* Automation IO service */

{

.type = BLE_GATT_SVC_TYPE_PRIMARY,

.uuid = &auto_io_svc_uuid.u,

.characteristics =

(structble_gatt_chr_def[]){

/* LED characteristic */

{.uuid = &led_chr_uuid.u,

.access_cb =led_chr_access,

.flags = BLE_GATT_CHR_F_WRITE | BLE_GATT_CHR_F_WRITE_ENC,

.val_handle = &led_chr_val_handle},

{0}},

}

{

0,/* No more services. */

},

};