问题描述
我想用一些低功耗蓝牙开发套件创建我自己的 iBeacon.Apple 尚未发布 iBeacon 的规范,但是,一些硬件开发人员已经从 AirLocate 示例代码中对 iBeacon 进行了逆向工程,并开始销售 iBeacon 开发套件.
I'd like to create my own iBeacon with some Bluetooth Low Energy dev kits. Apple has yet to release a specification for iBeacons, however, a few hardware developers have reverse Engineered the iBeacon from the AirLocate Sample code and started selling iBeacon dev kits.
iBeacon 蓝牙配置文件是什么?
低功耗蓝牙使用 GATT 进行 LE 配置文件服务发现.所以我认为我们需要知道 iBeacon 属性的属性句柄、属性类型、属性值,也许还有属性权限.那么对于 UUID 为 E2C56DB5-DFFB-48D2-B060-D0F5A71096E0 的 iBeacon,主要值为 1,次要值为 1,蓝牙 GATT 配置文件服务是什么?
Bluetooth Low Energy uses GATT for LE profile service discovery. So I think we need to know the Attribute Handle, Attribute Type, Attribute Value, and maybe the Attribute Permissions of the iBeacon attribute. So for an iBeacon with a UUID of E2C56DB5-DFFB-48D2-B060-D0F5A71096E0, a major value of 1 and a minor value of 1 what would the Bluetooth GATT profile service be?
以下是我根据 Apple 论坛上的讨论和文档所做的一些假设.
Here are some assumptions I've made from the discussion on Apple's forums and through the docs.
您只需查看蓝牙外设的配置文件服务 (GATT) 即可知道它是 iBeacon.
You only need to see the profile service (GATT) of a Bluetooth peripheral to know it is an iBeacon.
Major 和 Minor 键被编码在这个配置文件服务的某个地方
The Major and Minor keys are encoded somewhere in this profile service
这里有一些拥有 iBeacon Dev Kits 的公司似乎已经有了这个数字:
Heres some companies with iBeacon Dev Kits that seem to have this figure out already:
希望我们能及时在 Bluetooth.org 上发布这样的个人资料:https://www.bluetooth.org/en-us/specification/adopted-specifications
Hopefully, in time we will have a profile posted on Bluetooth.org like these: https://www.bluetooth.org/en-us/specification/adopted-specifications
推荐答案
对于带有 ProximityUUID E2C56DB5-DFFB-48D2-B060-D0F5A71096E0
,主要 0
,次要的 iBeacon0
,以及-59
RSSI的校准Tx Power,传输的BLE广告包如下所示:
For an iBeacon with ProximityUUID E2C56DB5-DFFB-48D2-B060-D0F5A71096E0
, major 0
, minor 0
, and calibrated Tx Power of -59
RSSI, the transmitted BLE advertisement packet looks like this:
d6 是 89 8e 40 24 05 a2 17 6e 3d 71 02 01 1a 1a ff 4c 00 02 15 e2 c5 6d b5 df fb 48 d2 b0 60 d0 f5 a6 0 b 0 0 0 5 c 08d 38 a5
这个数据包可以分解如下:
This packet can be broken down as follows:
d6 be 89 8e # Access address for advertising data (this is always the same fixed value)
40 # Advertising Channel PDU Header byte 0. Contains: (type = 0), (tx add = 1), (rx add = 0)
24 # Advertising Channel PDU Header byte 1. Contains: (length = total bytes of the advertising payload + 6 bytes for the BLE mac address.)
05 a2 17 6e 3d 71 # Bluetooth Mac address (note this is a spoofed address)
02 01 1a 1a ff 4c 00 02 15 e2 c5 6d b5 df fb 48 d2 b0 60 d0 f5 a7 10 96 e0 00 00 00 00 c5 # Bluetooth advertisement
52 ab 8d 38 a5 # checksum
该数据包的关键部分是蓝牙广告,可以这样分解:
The key part of that packet is the Bluetooth Advertisement, which can be broken down like this:
02 # Number of bytes that follow in first AD structure
01 # Flags AD type
1A # Flags value 0x1A = 000011010
bit 0 (OFF) LE Limited Discoverable Mode
bit 1 (ON) LE General Discoverable Mode
bit 2 (OFF) BR/EDR Not Supported
bit 3 (ON) Simultaneous LE and BR/EDR to Same Device Capable (controller)
bit 4 (ON) Simultaneous LE and BR/EDR to Same Device Capable (Host)
1A # Number of bytes that follow in second (and last) AD structure
FF # Manufacturer specific data AD type
4C 00 # Company identifier code (0x004C == Apple)
02 # Byte 0 of iBeacon advertisement indicator
15 # Byte 1 of iBeacon advertisement indicator
e2 c5 6d b5 df fb 48 d2 b0 60 d0 f5 a7 10 96 e0 # iBeacon proximity uuid
00 00 # major
00 00 # minor
c5 # The 2's complement of the calibrated Tx Power
任何可以配置为发送特定广告的蓝牙 LE 设备都可以生成上述数据包.我已经使用 Bluez 配置了一台 Linux 计算机来发送此广告,并且运行 Apple 的 AirLocate 测试代码的 iOS7 设备将其作为具有上述指定字段的 iBeacon 接收.请参阅:使用 BlueZ Stack 作为外设(广告商)
Any Bluetooth LE device that can be configured to send a specific advertisement can generate the above packet. I have configured a Linux computer using Bluez to send this advertisement, and iOS7 devices running Apple's AirLocate test code pick it up as an iBeacon with the fields specified above. See: Use BlueZ Stack As A Peripheral (Advertiser)
这个 博客 包含有关逆向工程过程的完整详细信息.
This blog has full details about the reverse engineering process.
这篇关于什么是 iBeacon 蓝牙配置文件的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!