Accessing characteristics depends on the way they are protected via the security level.
Assuming we have a characteristic created with properties READ and WRITE, then it is easy to access them if they are not protected after the discovery of services and characteristics
When the security permission is set to 'need encryption', ENCR_READ and ENCR_WRITE, an error (ACI_GATT_ERROR_RESP_EVENT) with error_code=0x0F (insufficient encryption) is returned if a client tries to read or write this characteristic.
Devices need to be paired and encryption started to enable a proper read and write access.
When the Security permission is set to 'need authentication', then this security level is more restrictive than 'need encryption'.
In this case, the MITM_Mode parameter of the aci_gap_set_authentication_requirement function has te be set to 0x01: MITM protection required and a new pairing is required to be able to read/write the characteristic with 'need authentication'
Note that there is no need to set this MITM parameter and restart pairing to be able to read/write the characteristic with 'need encryption' only.
The usual way to use characteristic with 'need authorization' is:
- After the connection_complete_event, the server sends the command aci_gap_set_authorization_requirement (for current connection handle).
- The master initiates the pairing. When the pairing is complete, ACI_GAP_AUTHORIZATION_REQ_EVENT is generated on server side which sends aci_gap_authorization_resp(conn_handle, authorize).
- Then the client can read/write the characteristic.
