diff --git a/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c b/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c index 37b6bb7..41929b9 100644 --- a/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c +++ b/project/ble_peripheral/ble_app_bladder_patch/system/security/ble_quick_security.c @@ -7,6 +7,7 @@ #include "ble_quick_security.h" #include "peer_manager_handler.h" +#include "nrf_ble_lesc.h" #include "app_error.h" #include @@ -34,6 +35,10 @@ void ble_security_quick_init(bool development_mode) // Initialize Peer Manager FIRST err_code = pm_init(); APP_ERROR_CHECK(err_code); + + // Initialize LESC module (ECDH P-256 key pair generation) + err_code = nrf_ble_lesc_init(); + APP_ERROR_CHECK(err_code); // Configure security parameters memset(&sec_params, 0, sizeof(ble_gap_sec_params_t)); @@ -61,7 +66,7 @@ void ble_security_quick_init(bool development_mode) // ===== PRODUCTION MODE: Full security ===== sec_params.bond = 1; // Enable bonding sec_params.mitm = 1; // Enable MITM - sec_params.lesc = 0; // Standard pairing + sec_params.lesc = 1; // LE Secure Connections (ECDH P-256) sec_params.keypress = 0; sec_params.io_caps = BLE_GAP_IO_CAPS_DISPLAY_ONLY; // Show passkey sec_params.oob = 0; @@ -113,7 +118,13 @@ void ble_security_quick_pm_handler(pm_evt_t const *p_evt) if (m_state.dev_mode) { DBG_PRINTF("DEV: Connected (no security)\r\n"); } else { - DBG_PRINTF("PROD: Link secured (bonded)\r\n"); + pm_conn_sec_status_t status; + if (pm_conn_sec_status_get(p_evt->conn_handle, &status) == NRF_SUCCESS) { + DBG_PRINTF("PROD: Link secured - LESC=%d MITM=%d bonded=%d\r\n", + status.lesc, status.mitm_protected, status.bonded); + } else { + DBG_PRINTF("PROD: Link secured (bonded)\r\n"); + } } break;