Pairing & Bonding happens even when the client's iocap is no_io_caps

Hi Joseph, 

Q1:there is a LESC module in the nRF5x SDK v15.2.0 that handles the LESC events for you and is integrated in the PM manager. I recommend taking a look at at the Experimental: LE Secure Connections Multirole Example in the SDK. 

Add nRF5_SDK_15.2.0_9412b96\components\ble\peer_manager\nrf_ble_lesc.c to your project and include #include "nrf_ble_lesc.h" in main.c

You also need to set PM_LESC_ENABLED to 1 in sdk_config.h. If this isnt present in you sdk_config file, then simply add the following snippet to the Peer Manager section

// <q> PM_LESC_ENABLED  - Enable/disable LESC support in Peer Manager.
 

// <i> If set to true, you need to call nrf_ble_lesc_request_handler() in the main loop to respond to LESC-related BLE events. If LESC support is not required, set this to false to save code space.

#ifndef PM_LESC_ENABLED
#define PM_LESC_ENABLED 1
#endif

You also need to add nrf_ble_lesc_request_handler to the idle_state_handler() function in main.c

static void idle_state_handle(void)
{
    ret_code_t err_code;
    
    err_code = nrf_ble_lesc_request_handler();
    APP_ERROR_CHECK(err_code);
    
    if (NRF_LOG_PROCESS() == false)
    {
        nrf_pwr_mgmt_run();
    }
}

Q2: Could you attach the trace of the communication between your iPhone and the NRF52832? I would like to see if the pairing request sent from the iPhone sets the Secure Connection Flag. As stated previously both sides must state that they support LESC, otherwise the paring will be performed with the common denominator in terms of supported features. 

Hi Joseph, 

Q1:there is a LESC module in the nRF5x SDK v15.2.0 that handles the LESC events for you and is integrated in the PM manager. I recommend taking a look at at the Experimental: LE Secure Connections Multirole Example in the SDK. 

Add nRF5_SDK_15.2.0_9412b96\components\ble\peer_manager\nrf_ble_lesc.c to your project and include #include "nrf_ble_lesc.h" in main.c

You also need to set PM_LESC_ENABLED to 1 in sdk_config.h. If this isnt present in you sdk_config file, then simply add the following snippet to the Peer Manager section

// <q> PM_LESC_ENABLED  - Enable/disable LESC support in Peer Manager.
 

// <i> If set to true, you need to call nrf_ble_lesc_request_handler() in the main loop to respond to LESC-related BLE events. If LESC support is not required, set this to false to save code space.

#ifndef PM_LESC_ENABLED
#define PM_LESC_ENABLED 1
#endif

You also need to add nrf_ble_lesc_request_handler to the idle_state_handler() function in main.c

static void idle_state_handle(void)
{
    ret_code_t err_code;
    
    err_code = nrf_ble_lesc_request_handler();
    APP_ERROR_CHECK(err_code);
    
    if (NRF_LOG_PROCESS() == false)
    {
        nrf_pwr_mgmt_run();
    }
}

Q2: Could you attach the trace of the communication between your iPhone and the NRF52832? I would like to see if the pairing request sent from the iPhone sets the Secure Connection Flag. As stated previously both sides must state that they support LESC, otherwise the paring will be performed with the common denominator in terms of supported features. 

IT IS WORKING!!!  The following is what I did:

I already had PM_LESC_ENABLED set before.  The extra few lines in idle_state_handle() fixes it.  I am so glad that I do not have to deal with the key request myself.

The extra code for BLE_GAP_EVT_CONN_PARAM_UPDATE_REQUEST & BLE_GAP_EVT_CONN_PARAM_UPDATE is unnecessary, as I believe the peer manager should already handle these.

For the initial pairing/bonding, it took over 10 seconds.  Is that normal?   Once bonded, connecting is fast.

Again, thanks for your amazing knowledge and patience.  Nordic’s customer support is always exceptional.

I have attached the iPhone trace for your reference.   I am not sure if it is really connecting using LE secure connection.  It’s not something I care about anyway.

Here's the trace file.

iphone_BLE_SC_Connect.pcapng