Using encryption between central and peripheral.

Question

Hi there, 
 I am working with softdevice v5.0.0, and trying to have central and peripheral do encryption. 
 The peripheral has a r/w characteristic, and another one with read with notify (cccd r/w), but no write. 
 When I enable BOND, LESC and the usual encryption options in peer manager, it seems to work with permisions ENC_NO_MITM or NO_ACCESS on the characteristics read or write. But if I set the cccd write with ENC_NO_MITM, that seems to break the notifications. Setting the cccd read with ENC_NO_MITM makes the SD complain with invalid params. 
 I have seen those permissions in some examples, and the code I have comes from an old SD v4.0.2 I belive. 
 Is there anything obvious I should be looking at, or any constrains I am breaking? 
 Regards

Vidar Berg · Accepted Answer

Hi, 
 On the central side, is the notification being enabled after the link is secured? Otherwise the CCCD write request will return BLE_GATT_STATUS_ATTERR_INSUF_AUTHENTICATION and notification will not get enabled ( MSC write ).

David Fernandez · Answer

That was it! 
 Moving the notification enable to the PM event for conn sec succeeded makes it work. 
 --- 
 I wonder if there might be other things that I should move to the PM events, rather than leave them in the existing events, for example, all the gatt local and remote databases stored by PM, should the discovery be done differently, e.g. after the conn sec succeeded or the db applied events? Currently I am doing it on BLE_CONNECTED, which might not be the right thing to do.

Using encryption between central and peripheral.

Top Replies