This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Deny Connection if Unencrypted

How do I deny a connection if the connection is unencrypted? I'm currently trying to do it with the peer_manager using

case PM_EVT_CONN_SEC_FAILED:
    {
        /** In some cases, when securing fails, it can be restarted directly. Sometimes it can
         *  be restarted, but only after changing some Security Parameters. Sometimes, it cannot
         *  be restarted until the link is disconnected and reconnected. Sometimes it is
         *  impossible, to secure the link, or the peer device does not support it. How to
         *  handle this error is highly application dependent. */
        switch (p_evt->params.conn_sec_failed.error)
        {
            case PM_CONN_SEC_ERROR_PIN_OR_KEY_MISSING:
                  /* Completely deny the connection */
                  err_code = sd_ble_gap_disconnect(p_evt->conn_handle, 
                                                   BLE_HCI_LOCAL_HOST_TERMINATED_CONNECTION); 
                  APP_ERROR_CHECK(err_code);
                break;

            default:
                break;
        }
    }break;//PM_EVT_CONN_SEC_FAILED
    case PM_EVT_CONN_SEC_CONFIG_REQ:
    {
        pm_conn_sec_config_t conn_sec_config = {.allow_repairing = false};
        pm_conn_sec_config_reply(p_evt->conn_handle, &conn_sec_config);
    }break;//PM_EVT_CONN_SEC_CONFIG_REQ

But it doesn't seem to be denying instantly denying the connection. What is the best way to prevent unencrypted connections from accessing the device? I want to be able to do this with either pairing or bonding. It is my understanding that characteristic encryption requires bonding.

Related