BLE: Advertising local name and service UUID from background iOS

1
votes

According to iOS documentation, when an iOS application that utilizes BLE as a peripheral moves to background mode, peripheral name is not advertised and all service UUIDs are placed in a special ‘overflow’ area, they can be discovered only by an iOS device which is explicitly scanning for them.

I sniffed the BLE packets sent over the air when application is in background. There is no local name and service UUID data. There is an 'overflow' area which encodes the service UUID. A brief discussion can be found here: https://github.com/crownstone/bluenet-ios-basic-localization/blob/master/BROADCASTING_AS_BEACON.md

I wish to know if there is any way we can determine the actual service UUID being advertised from the data in 'overflow' area. iOS documentation states that when an app is advertising as BLE peripheral in background, another iOS app can find it by explicitly specifying the service UUIDs to scan for. So, there must be a way to figure out the actual UUID from overflow data.

Any pointers on this would be helpful.

1
iosbackgroundcore-bluetoothcbperipheralmanagerbluetooth-peripheral

1 Answers

0
votes

No. The data in the overflow area is hashed (sending several 128-bit UUIDs would be much too large for an advertising packet). I don't believe the hash is documented, but I strongly suspect that it's based on a Bloom filter, so that Apple can probabilistically pack a unlimited number of UUIDs into the very limited space of an advertising packet.

The upside of all of this is that it means the data isn't there in the advertising packet (and really can't be). You will need to connect to the device to discover its services.