I am not saying that I need to generate a pair of LTK by myself, I mean whether I can manually change the LTK in a pair of bonded devices.
For example, there is a situation where I need to connect with a peripheral that only supports Legacy Pairing, but I still don't want others to decipher my Bluetooth encryption link. Therefore, I tried to change the LTK exchanged in Legacy Pairing through some interactive information and proprietary algorithms, so that even if a third party could sniff my Legacy Pairing interaction, it would not be able to decrypt future links.
In other words, I established my own set of authentication protocols through a certain method, and changed the LTK of both parties, so that in subsequent connections, I can use AES-CCM to encrypt the transmitted data like normal Secure Connection.
I want to know if this is feasible for nrf52? If so, how should I change the LTK that has been stored?
If you have control on both sides of the link (central + peripheral) you can update LTK and use it when they connect. Just like what happens here on the central and here on the peripheral.
The LTK generation is taken care of by the SoftDevice. LTK can be accessed when you receive the BLE_GAP_EVT_AUTH_STATUS event from the SoftDevice.
Any keys generated and/or distributed as a result of the ongoing security procedure will be stored into the memory referenced by the pointers inside the p_sec_keyset used in sd_ble_gap_sec_params_reply(). The keys will be stored and available to the application upon reception of a BLE_GAP_EVT_AUTH_STATUS event. The Peer Manager( security_dispatcher.c) handles this and will store the keys for you when you bond with a device.
