Hi there,
I've been unable to find a good example of what settings are required specifically to ensure that a characteristic's value can only be read and notified in an encrypted manner. With the following declarations, can I be sure that a characteristic's data is always transmitted to a central device with encryption?
When establishing my characteristic, noting that I don't wish it to be written to, I declare:
BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&attr_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_NO_ACCESS(&attr_md.write_perm);
...and this appears to work i.e. nRF Connect on iOS prompts that a pairing is required when attempting to read the characteristic.
For ensuring that a notification is also encrypted, I declare the above's corresponding cccd as follows:
BLE_GAP_CONN_SEC_MODE_SET_OPEN(&cccd_md.read_perm); BLE_GAP_CONN_SEC_MODE_SET_ENC_NO_MITM(&cccd_md.write_perm);
Now, if nRF Connect attempts to subscribe to notifications on the characteristic, then pairing is also required.
I'm using the nRF52 SDK with an s140 software device.
Thanks for any confirmation that I'm doing things correctly.
Kind regards,
Christopher