currently(sdk_12.1.0_0d23e2a, s132_nrf52_3.0.0_softdevice), nrf52832 can't pairing with windows 10.1607(build 14393.479), if we set lesc bit in ble_gap_sec_params_t.
windows' bluetooth stack does not support BLE4.2, it interprets the AuthReq byte in pairing request pdu as a whole byte, assuming that the upper 5bits are all 0s, means that the max valid value for AuthReq is 5, windows uses IOCaps and this byte instead of the MIMT bit to select pairing method (popup a dialog to let user input passkey or display a passkey to user). so if we set LESC bit, the AuthReq would be 0x0d(with MIMT and BONDING), windows would interpret it as an invalid value, and select the default pairing method 'Just Works', and pairing failed.
yes, it is a bug, m$ should fix it.
but we can zero out LESC and KEYPRESS fields in PAIRING REQUEST PDU in the first place if peer's BLE version is not 4.2, we knows peer's version in LL_VERSION_IND pdu, 0x08 means BLE4.2
