How do I pair and/or bond to BLE on iOS using Swift code and an HM-10 so data sent is encrypted?

Question

Background

I've built a simple circuit which includes an Arduino Nano and a HM-10 BLE serial module.
You can see that circuit at the following Electrical Engineering SE question: https://electronics.stackexchange.com/questions/412525/when-i-write-data-to-a-ble-characteristic-ffe1-to-send-data-over-bluetooth-is

I also have an Xcode project written in Swift that successfully sends bytes to the FFE1 characteristic. It all works great and I can see the data coming from my iPad via Arduino Serial monitor.

However, from the research I did (see previous link) I believe I've determined that the data I send using Core Bluetooth writeValue() is not encrypted.

What I'm Trying To Do

Now that I've successfully sent and received bytes I would like to cause my iPad to bond with the BLE device (HM-10) so I can insure the data I send is encrypted via the provided BLE channel.

What I've Tried

• Read through the Core Bluetooth docs at Apple, but I cannot find how to pair or bond to the device so that the data sent over the channel will then be encrypted.
• Read every SO question I could find, but can't find any iOS code that shows me how to bond and send data securely.
• I did find some very basic info that to get the devices to bond I need to try to write to a characteristic of the BLE device that has the property CBCharacteristicPropertyNotifyEncryptionRequired but the documentation on that at Apple is a ridiculous one-liner.
• I wrote code that iterated through the characteristics of the HM-10 and read the properties and I didn't seem to find that property. But the docs on the HM-10 seem to indicate that it does support a authentication and encryption and I know that is a part of BLE.

Questions

1. Can you point me to Swift code that gives me an example of what I will do to bond and send encrypted data? Is there some property I need to set on CBPeriperhal or some param I need to send into writeValue()?
2. Am I misunderstanding? Does the HM-10 not support sending encrypted data?

Answer 1

After posting my question I searched for pairing / bonding again.

I was taken to a link to a datasheet for the HM-10 which I've read numerous times. This time however, I searched for the word "bond" inside the document.

When I did that I read the following chart in the document:

This started me thinking and guessing. I believe the issue is that the HM-10 is sent out as TYPE 0 so that hobbyist users can get it set up without pairing.
This is quite different from the HC-05 modules (classic Bluetooth) that I've used numerous times in other projects and which require pairing.

Possible Solution

I believe all I need to do is set the AT_TYPE to 2 and then my iOS (iPad) device will then allow me to pair using the PIN.

I'm guessing that it will then force every user to use the PIN to pair their device and then data will only be able to be written (using writeValue) via the secure BLE channel.

Extra Information

This is interesting to me also because when I use the default Bluetooth iOS scanning the OS never sees the HM-10-- the name doesn't appear under Bluetooth section. I am guessing that is because the HM-10 is not broadcasting that it can pair via pin and iOS ignores it.
That was always interesting to me because even though iOS couldn't see the HM-10, I could connect to it and send data to it via my Swift code. Wow, this may all be coming together finally.

I will test this tonight and post back to confirm if setting the TYPE solves it.

One More Thing

None of the extensive reading that I've done on the HM-10 (see Martyn Curry's fantastic, detailed articles) have ever mentioned this option and I've not seen it discussed anywhere.

I also see that some sites indicate that AT+TYPE is for setting whether the device is a Master/Slave (Central/Periperhal) which I don't believe is correct documentation for that item. This has all made it additionally difficult to determine how to get this working.

Update Note

I was reading yet another datasheet for HM-10 and this one shows that the default setting for AT+TYPE is in fact 0 (PIN code not needed), shown at the bottom of the chart. Not sure why the other datasheet didn't have this same info since it looks like the same chart.

Update 2 - This is the answer. I powered up the HM-10 and ran the Arduino code that allows me to send AT commands and sent AT+TYPE3<ENTER> and then sent AT+RESET to insure the HM-10 would restart itself.

After that, there is nothing else you need to do. I used my iOS app running on my iPad to send data to the FFE1 characteristic. When I attempted to do so, iOS popped up the default BLE pair/bond dialog and asked or the PIN (default is 000000 on these HM-10 components).

Note One thing I found was that one of my HM-10 is faulty. It allows data to be written even if I cancel the pairing or fail pairing (by sending incorrect PIN). That manufacturer's component is no longer available so I'm assuming that it is in error. The other HM-10 I have works exactly as expected. If you don't pair or fail to pair then the app fails to write the data. I will mark this as answer as soon as I can.