7 Replies Latest reply on Aug 27, 2015 4:26 PM by JaeyoungY_71

    SDK3.3.1 with BCM943341: enabling connection to multiple centrals



      I am using the BCM943341WCD1 with SDK 3.3.1. The board is programmed to act as a peripheral hosting a GATT server. As of now, the connection is limited to one client (central).


      (1) I want to change the configuration to multiple centrals connecting to my BCM943341WCD1 acting as a peripheral. I am using the blue_proximity_reporter application as an example and there is a wiced_bt_cfg.c. In it, I see one configurable that I can change:


      /* GATT configuration */

          .gatt_cfg =                       /**< GATT settings */


               .appearance       = APPEARANCE_GENERIC_TAG, /**< GATT appearance (see #gatt_appearance_e) */

               .client_max_links = 0,   /**< Client config: maximum number of servers that local client can connect to  */

               .server_max_links = 1,   /**< Server config: maximum number of remote clients connections allowed by the local */

               .max_attr_len     = 360, /**< Maximum attribute length; gki_cfg must have a corresponding buffer pool that can hold this length */



      (2) Besides that, is there anything I need to configure.


      (3) Also, when multiple centrals connect to a peripheral:

          3.a) how are the read/write requests for characteristics serialized. I am hoping that the BLE stack takes care of that at lower layers and for me, I just handle connections with different connection IDs.

          3.b) How can I enable read-only+notification-only access to some (may be do some MAC filtering -- maintained that as a white list or a blacklist for deny connections) or Read/Write access to some.


      (4) The BLE mac address can be spoofed? or is it like ethernet where every hardware has a unique burned-in mac address?






        • 1. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

          I will work with the Manager of the AE/FAE team to come up with a path for support on this issue.




          Have you tried working through the local SW resource at our distribution partner?  He is actually very good and could help during the time we research and try to assign internal resources to address this issue.



          • 2. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

            Right now, we are working with Andrew. I will ask him to respond to this in private.

            • 3. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

              Please let us know which WICED production module partner (Modules and Development) you are planning on using as well since we rely heavily on our module partners for support as well.


              At this point, I believe Inventek Systems is the only partner with production 4334X based modules.



              • 4. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

                We are with Inventek Systems regarding module production for the 943341, although I am using the Broadcom eval board (BCM943341WCD1).

                • 5. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

                  Hi Manish,


                  Yes, WICED supports multiple clients when using GATT server. I have verified this working with the WICED 43341 eval board with the ble_proximity_reporter, connecting with the LightBlue app on the iPhone and the WICED Smart Explorer on a Android device.

                  You will need to change the code in the ble_proximity_reporter as it is programmed to turn off advertisements once it has made a connection. This will be in ble_proximity_gatt_cback() in ble_proximity_reporter.c

                       case GATT_CONNECTION_STATUS_EVT:


                  1) 2) Changing the following should be all that is needed to enable multiple connections.

                  .server_max_links = 1,


                  3) (a) Yes this is handled by the BLE stack

                      (b) You can keep track of the connection handles by p_event_data->connection_status.conn_id. With this you should be able to maintain a whitelist/blacklist for fine-granularity permissions.

                  4) BLE addresses can be spoofed. If you use encryption this should take care of any security issues with existing connections.




                  • 6. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

                    Thanks Jae.


                    The BLE peripheral that uses the BCM943341 and acts as a peripheral to any central, does not have an in-built display for OOB key or pairing. It has some LEDs and a speaker. We may use that for OOB.


                    As of now, our security settings for any connection is set to BTM_SEC_NONE.


                    However, we wish to have BLE addresses not be spoofed and we also want to have OOB key for secure pairing. Which security option should we choose?


                    BTM_SEC_IN_AUTHENTICATE         = 0x0002,    /**< Inbound call requires authentication */

                        BTM_SEC_OUT_AUTHENTICATE        = 0x0010,    /**< Outbound call requires authentication */

                        BTM_SEC_ENCRYPT                 = 0x0024,    /**< Requires encryption (inbound and outbound) */

                        BTM_SEC_SECURE_CONNECTION       = 0x0040     /**< Secure Connections Mode (P-256 based Secure Simple Pairing and Authentication) */

                    • 7. Re: SDK3.3.1 with BCM943341: enabling connection to multiple centrals

                      Hi Manish,


                      Security level would not expose any OOB usage, since OOB is just one of the pairing methods that could achieve security level. If the device is intended to use OOB pairing when OOB data is available, the application should process the BTM_PAIRING_IO_CAPABILITIES_BLE_REQUEST_EVT and respond oob_data availability in the callback data. If both sides could agree on OOB method, the application would expect security callback events depending on which SMP pairing version is undergoing; and feed the OOB data back through wiced API call.

                      The security level you mentioned would only apply on BR/EDR service. It would have no impact on the LE link unfortunately. But you could enforce authentication on LE link by passing BTM_BLE_SEC_ENCRYPT_MITM in wiced_bt_dev_set_encryption().

                      I hope this helped.