Original URL: http://blog.sina.com.cn/s/blog_69b5d2a50101f23c.html
1. Overview
The SDP is the service Discovery Protocol for Bluetooth, which is used to discover the service that the remote device can provide. It is only responsible for discovering the other supported service, not responsible for the specific implementation of the service.
2. Background ConceptsEach service in the SDP is represented by a servicerecord (with a unique 32bit handle), each servicerecord consisting of a number of serviceattribute, Serviceattribute consists of the attribute ID and attribute valuel two parts. These record can be accessed through the SDP request to obtain service information for the device. The data element is a data structure used in the SDP, as follows:
The specific type and size index can be queried for spec p1580 and p1581. The Data element can be used to represent Attribute Id,attribute Range,attribute value. Each service record consists of at least two attribute:1. Servicerecordhandle (Attribute id = 0x0000) 2.ServiceClassIDList (Attribute id = 0x0001) servicerecordhandle is a 32-bit integer, A service recordserviceclassidlist that uniquely identifies an SDP represents the following structure for the service classes transport that the service record belongs to Request/resposne:
3. Some frame---local hsot for the SDP, the remote slave is ResposneFirst, the local host carries out a series of sdp_servicesearchattributerequest, and the remote slave is resposne. The instructions for this request are as follows:
SERVICESEARCHPATTERN Specifies the service recordattributeidlist to be looked for to indicate the service Some attributes in the record we can take a look at this request by some frame.
frame91:sdp_servicesearchattributerequest00001001 00000000 00010100 00000000 00010100 00000000 01000100 00000000
00000110
00000000 00000000
00000000 00001111
00110101 00000011 00011001 00000001 00000000
00000011 11111000
00110101 00000101 00001010 00000000 00000000 11111111 11111111
00000000The first four bytes are the HCI layer wrapper connection Handle:00001001 00000000 = 0x9 = 9Total Length:00010100 00000000 = 0x0014 = 20 below two bytes is the wrapper of the L2CAP layer PDU Length:00010100 00000000 = 0x0014 = 20Channel Id:01000100 00000000 = 0x0044 Below is the part of the SDP:
PDU ID: Yes Sdp_servicesearchattributerequest
Transaction ID: 0x0000
Parameter Length: 0x000f = 15///Note here that the SDP is msb!!! Back is the parameter part of the SDP request
Servicesearchpattern: This section is a series of data elements, which are explained in the reference data element as follows: 00110101:00110 = 6 indicates that the data part is the datasource element sequence 101 = 5 means the following byte represents the Size 00000011 = 3 indicates that the data element size is 3 bytes 00011001 (the first Data element in data element sequence): 00011 = 3 means uuid 001 = 1 means 2 Bytes0 0000001 00000000 = 0x0100 represents the actual UUID: query Uudi value, indicating L2cap
Max Amount of Attribute Data to Return: 0x03f8 = 1016
List of requested Attributes: This is another data element sequence, which is analyzed as follows: 00110101:00110 = 6 indicates that the data part is the database element sequence 101 = 5 means that the following byte represents the size of the data element 000001 01 = 5 indicates that the data element size is 5 bytes 00001010:00001 = 1 means that unsigned Integer 010 = 2 means 4 bytes This means a attribute ID range00000000 000 00000 11111111 11111111: Represents the attribute ID from 0x0000 to 0xFFFF
Bytes for continuation length: 0 Note: The purpose of this request should be to search all attributes of the L2CAP service. PS: Do not know which 2B to make the agreement, need to make so complex??
Frame92:sdp_servicesearchattributeresponseThe resposne of the distal slave, carrying parameters as follows: Attributelistsbytecount,attributelists,continuationstatel2cap the length of the PDU shown is 256, the data is boundless ... Let's take a look at some key points. PDU id:00000111 = 0x07 sdp_servicesearchattributeresponsetransaction id:0x0000attribute List Byte count:246//PS: By, ATT Ributelists has so many bytes Attributelistsbytecount = 00000000 11110110 = 0X00F6 = 246 Take a look at the beginning of the Attributelists 3 bytes: 00110110 00000011 0011110100110110:00110 means that the data element sequence 110 = 6 means the following two bytes represent the size of the data element 00000011 00111101 = 0x33d = 829//So many bytes are required to use Continuationstate.Take a look at a few attribute: the first attributelist: The top three bytes is 00110110 00000000 01001110 parse the following (PS: Write parsing software company really good): 00110110:00110 means data Element Sequence 110 = 6 indicates that the following two bytes represent the size of the data element 00000000 01001110 = 0x004e = 78//The first AttributeList has 78 bytes first attribute:00 001001 00000000 0000000000001 indicates that the unsigned Integer 001 represents 2 bytes (the Attribute ID is 16-bit) and the Attribute ID is 00000000 00000000, which represents Servicerecordhandleattribute value for 0x00010000 again to see a attribute:
0000100100000000 00000001
00110101 00000110 00011001
00010001 00010010
00011001 00010010 00000011
00001001: unsigned integer, 2 bytes00000000 00000001 = 0x01:attribute ID = 0x01: Is the Serviceclassidlist property
00110101 00000110:uuid,6 bytes
00011001
00010001 00010010:uuid,2 Bytes, Attribute value is 0x1112
00011001 00010010 00000011:uuid,2 bytes, atribute value is 0x1203The rest of the attribute did not look, too much, which SB formulated the Agreement!! The last continuationstate:00000000 11110110 = 0x00f6//This response is not enough to pass all the attribute back, 0X00F6 will be used in the next sdp_servicesearchattributerequest. If it is sufficient to return all the attribute, the Continuationstate is 1 bytes =0.Note: The above is a sdp_servicesearchattributerequest and a sdp_servicesearchattributeresponse. Here is another set of request and Resposne.
frame100:sdp_servicesearchattributerequestUnlike the previous sdp_servicesearchattributerequest, the transaction ID is 0x0001, continuation length bytes is 0x00f6, The last time the Resposne returned, stating that the request was requested to continue sending the last response that was not sent. Until frame128 completed all the response, in this process, the remote slave also began to send the SDP request to the local host.
3. The remote Slave sends the REQUSST to the local host, and the local host is Resposne
frame110:sdp_servicesearchattributerequestAt the end of the slave, the SDP request was sent to the local host at Frame110, and it can be seen that the SDP request and the Resposne are interspersed, not necessarily waiting for the other party to complete the SDP request. FRAME110 is the requset of the PNP information, and the local host sends the SDP slave to the remote requset in Frame121.
4. Summary:The SDP is used to discover the services that the other person can provide, in the form of SDP Requset and SDP Resposne. From the captured package, the SDP Service at both ends sends the SDP Requset to each other. It is important to note that the byte order of MSB in the SDP is different from L2cap and HCI, in addition to the data Element, which is represented by the ID and value of each attribute. PS: I just want to say that people who make this kind of agreement can go to die.
"Go" fts grab packet look at Bluetooth's SDP entire process
