From fe632b6ae06f3eed3a7869ee82093baa9d74ce5f Mon Sep 17 00:00:00 2001
From: Martin Tverdal <martin.tverdal@nordicsemi.no>
Date: Thu, 7 Sep 2023 12:05:04 +0200
Subject: [PATCH] samples: bluetooth: encrypt throgputsample

And conenct with 7.5ms interval to speed up encryption.

Signed-off-by: Martin Tverdal <martin.tverdal@nordicsemi.no>
---
 .../releases/release-notes-changelog.rst      |  5 +++
 samples/bluetooth/throughput/src/main.c       | 36 ++++++++++++++++---
 2 files changed, 37 insertions(+), 4 deletions(-)

diff --git a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
index cfba162c1f29..a3749a2a1ae9 100644
--- a/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
+++ b/doc/nrf/releases_and_maturity/releases/release-notes-changelog.rst
@@ -288,6 +288,11 @@ Bluetooth samples
 
   * Updated by disabling the :kconfig:option:`CONFIG_BT_SETTINGS_CCC_LAZY_LOADING` Kconfig option as a workaround fix for the `Zephyr issue #61033`_.
 
+* :ref:`ble_throughput` sample:
+
+  * Enabled encryption in the sample.
+    The measured throughput is calculated over the encrypted data, which is how most of the Bluetooth products use this protocol.
+
 Bluetooth mesh samples
 ----------------------
 
diff --git a/samples/bluetooth/throughput/src/main.c b/samples/bluetooth/throughput/src/main.c
index 9abce988a897..00c6a9fdec70 100644
--- a/samples/bluetooth/throughput/src/main.c
+++ b/samples/bluetooth/throughput/src/main.c
@@ -29,8 +29,8 @@
 
 #define DEVICE_NAME	CONFIG_BT_DEVICE_NAME
 #define DEVICE_NAME_LEN (sizeof(DEVICE_NAME) - 1)
-#define INTERVAL_MIN	0x140	/* 320 units, 400 ms */
-#define INTERVAL_MAX	0x140	/* 320 units, 400 ms */
+#define INTERVAL_MIN	0x6	/* 6 units, 7.5 ms, only used to setup connection */
+#define INTERVAL_MAX	0x6	/* 6 units, 7.5 ms, only used to setup connection */
 
 #define THROUGHPUT_CONFIG_TIMEOUT K_SECONDS(20)
 
@@ -205,12 +205,34 @@ static void connected(struct bt_conn *conn, uint8_t hci_err)
 	       info.role == BT_CONN_ROLE_CENTRAL ? "central" : "peripheral");
 	printk("Conn. interval is %u units\n", info.le.interval);
 
+	if (info.role == BT_CONN_ROLE_PERIPHERAL) {
+		err = bt_conn_set_security(conn, BT_SECURITY_L2);
+		if (err) {
+			printk("Failed to set security: %d\n", err);
+		}
+	}
+}
+
+void security_changed(struct bt_conn *conn, bt_security_t level,
+				 enum bt_security_err security_err)
+{
+	printk("Security changed: level %i, err: %i\n", level, security_err);
+
+	if (security_err != 0) {
+		printk("Failed to encrypt link\n");
+		bt_conn_disconnect(conn, BT_HCI_ERR_PAIRING_NOT_SUPPORTED);
+		return;
+	}
+
+	struct bt_conn_info info = {0};
+	int err;
+
+	err = bt_conn_get_info(default_conn, &info);
 	if (info.role == BT_CONN_ROLE_CENTRAL) {
 		err = bt_gatt_dm_start(default_conn,
 				       BT_UUID_THROUGHPUT,
 				       &discovery_cb,
 				       &throughput);
-
 		if (err) {
 			printk("Discover failed (err %d)\n", err);
 		}
@@ -297,6 +319,11 @@ static void disconnected(struct bt_conn *conn, uint8_t reason)
 		return;
 	}
 
+	err = bt_unpair(info.id, info.le.remote);
+	if (err) {
+		printk("Cannot unpair peer (err %d)", err);
+	}
+
 	/* Re-connect using same roles */
 	if (info.role == BT_CONN_ROLE_CENTRAL) {
 		scan_start();
@@ -627,7 +654,8 @@ BT_CONN_CB_DEFINE(conn_callbacks) = {
 	.le_param_req = le_param_req,
 	.le_param_updated = le_param_updated,
 	.le_phy_updated = le_phy_updated,
-	.le_data_len_updated = le_data_length_updated
+	.le_data_len_updated = le_data_length_updated,
+	.security_changed = security_changed
 };
 
 int main(void)