oberstet
commented
7 years ago The BLE Gatt Server mode on the device is used for two crucial initial setup steps:
- write the Wifi SSID and password to be used
- read the device public key for pairing
So this allows for both reading and writing small pieces of information on a device from a smartphone app in a secure and wireless way.
The essential configuration that needs managed on the device is:
- Wifi settings
- Crossbar.io URL
- Device public key
When this information is set, and the Wifi is working, the BLE is not needed. All actual device payload traffic is always running over Wifi.
When the device boots, it will check for the presence of a private Ed25519 key in the persistent memory (see https://ed25519.cr.yp.to/).
If there is no key, it will generate a new private key and store that in persistent memory. When a key has been freshly generated, it will also store a flag "new-key" in persistent memory.
The device then checks for Wifi and Crossbar.io configuration in persistent memory.
If the configuration is incomplete, it will start a BLE Gatt Server (see below), enter "BLE configuration mode" and start blinking the LED.
Subsequently during boot, the flag "unpaired" is checked for.
If the device is unpaired, the device will check if the Wifi and Crossbar.io URL are configured.
If the Wifi is configured, it will try connecting to the configured Crossbar.io router using WAMP-RawSocket-CBOR over TCP-TLS as transport.
It will then authenticate using WAMP-cryptosign with the device public-private key pair.
When connected, the device will start blinking green, and when the device and all app components are finally ready, it will show green permanently, only shortly flashing green-white-green every N seconds for heartbeating.