Programmatically Update Link Key from 3rd Party Software
Now the BPA 600 protocol analyzer user can update the link keys for either of the classic links using a very common Windows message WM_COPYDATA. The mechanism is to send a WM_COPYDATA message to the BPA 600 datasource.
The best scenario for doing this is when the devices are doing SSP and they are NOT in debug mode. The following is a snippet of code that gives an example of programmatically sending link key to the ComProbe Protocol Analysis System software. In order to do this the user needs to know both addresses of the devices in the link for which they wish to update the link key. Also, the Datasource expects the master and slave addresses in LSB to MSB format.
If the link key is sent to ComProbe software after encryption has been turned on over the air, ComProbe software will flag an error on the Start Encryption packet. Depending on when the link key has been sent down, ComProbe software may however still be able to sniff the link successfully. In order to guarantee that ComProbe software is able to sniff the link the link key should be sent to ComProbe software as soon as it is available and before encryption has been turned on over the air.
Use the following code for BPA 600:
#define HCI_LINK_KEY 1000
HWND nHandle = ::FindWindow(NULL,"BPA 600 datasource");
if(nHandle != 0)
{
COPYDATASTRUCT ds;
enum
{
EncryptionKeySize = 16,
sizeAddressDevice = 6
};
BYTE abytAddressDevice1[sizeAddressDevice] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc }; //LSB->MSB
BYTE abytAddressDevice2[sizeAddressDevice] = { 0x21, 0x43, 0x65, 0x87, 0xa9, 0xcb };
BYTE abytLinkKey[EncryptionKeySize] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff };
ds.cbData = sizeAddressDevice + sizeAddressDevice + EncryptionKeySize;
ds.dwData = HCI_LINK_KEY;
BYTE bytData[sizeAddressDevice + sizeAddressDevice + EncryptionKeySize];
memcpy(&bytData,&abytAddressDevice1,sizeAddressDevice);
memcpy(&bytData[sizeAddressDevice],&abytAddressDevice2,sizeAddressDevice);
memcpy(&bytData[sizeAddressDevice+sizeAddressDevice],&abytLinkKey,EncryptionKeySize);
ds.lpData = &bytData;
::SendMessage(nHandle, WM_COPYDATA, (WPARAM)GetSafeHwnd(), (LPARAM)&ds);
}