Merge "Remove flags for b#314331379" into main

    bug: "333634398"

}

flag {

    name: "bluffs_mitigation"

    namespace: "bluetooth"

    description: "Cache security values to mitigate BLUFFS"

    bug: "314331379"

}

flag {

    name: "fix_le_pairing_passkey_entry_bypass"

    namespace: "bluetooth"

    return;

  }

  if (com::android::bluetooth::flags::bluffs_mitigation()) {

  if (btm_sec_is_session_key_size_downgrade(handle, key_size)) {

    log::error(

        "encryption key size lower than cached value, disconnecting. "

  }

  btm_sec_update_session_key_size(handle, key_size);

  }

  // good key size - succeed

  btm_acl_encrypt_change(handle, static_cast<tHCI_STATUS>(status),

 ******************************************************************************/

void btm_sec_encryption_change_evt(uint16_t handle, tHCI_STATUS status,

                                   uint8_t encr_enable) {

  if (com::android::bluetooth::flags::bluffs_mitigation()) {

  if (status != HCI_SUCCESS || encr_enable == 0 ||

      BTM_IsBleConnection(handle) ||

      !bluetooth::shim::GetController()->IsSupported(

  } else {

    btsnd_hcic_read_encryption_key_size(

        handle,

          base::Bind(

              &read_encryption_key_size_complete_after_encryption_change));

    }

  } else {

    // This block added to ensure matching code flow with the bluffs_mitigation

    // flag off.  The entire block should be removed when the flag is.

    if (status != HCI_SUCCESS || encr_enable == 0 ||

        BTM_IsBleConnection(handle) ||

        !bluetooth::shim::GetController()->IsSupported(

            bluetooth::hci::OpCode::READ_ENCRYPTION_KEY_SIZE) ||

        // Skip encryption key size check when using set_min_encryption_key_size

        (bluetooth::common::init_flags::set_min_encryption_is_enabled() &&

         bluetooth::shim::GetController()->IsSupported(

             bluetooth::hci::OpCode::SET_MIN_ENCRYPTION_KEY_SIZE))) {

      if (status == HCI_ERR_CONNECTION_TOUT) {

        smp_cancel_start_encryption_attempt();

        return;

      }

      btm_acl_encrypt_change(handle, static_cast<tHCI_STATUS>(status),

                             encr_enable);

      btm_sec_encrypt_change(handle, static_cast<tHCI_STATUS>(status),

                             encr_enable);

    } else {

      btsnd_hcic_read_encryption_key_size(

          handle,

          base::Bind(

              &read_encryption_key_size_complete_after_encryption_change));

    }

        base::Bind(&read_encryption_key_size_complete_after_encryption_change));

  }

}

/*******************************************************************************

    }

  }

  if (com::android::bluetooth::flags::bluffs_mitigation() &&

      p_dev_rec->sec_rec.is_bond_type_persistent() &&

  if (p_dev_rec->sec_rec.is_bond_type_persistent() &&

      (p_dev_rec->is_device_type_br_edr() ||

       p_dev_rec->is_device_type_dual_mode())) {

    btm_sec_store_device_sc_support(p_dev_rec->get_br_edr_hci_handle(),

  tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev_by_handle(hci_handle);

  if (p_dev_rec == nullptr) return;

  if (com::android::bluetooth::flags::bluffs_mitigation()) {

  // Drop the connection here if the remote attempts to downgrade from Secure

  // Connections mode.

  if (btm_sec_is_device_sc_downgrade(hci_handle, sc_supported)) {

        "attempted to downgrade from Secure Connections mode");

    return;

  }

  }

  p_dev_rec->remote_feature_received = true;

  p_dev_rec->remote_supports_hci_role_switch = hci_role_switch_supported;