Common Criteria mode: Rename Common Criteria mode from NIAP mode (2/2)

/*******************************************************************************

 *

 * Function         is_niap_mode_

 * Function         is_common_criteria_mode

 *

 * Description      Checks if BT was enabled in single user mode. In this

 *                  mode, use of keystore for key attestation of LTK is limitee

 *                  to this mode defined by UserManager.

 * Description      Check if BT is enabled in common criteria mode. In this

 *                  mode, will use the LTK from the keystore to authenticate.

 *

 * Returns          bool

 *

 ******************************************************************************/

bool is_niap_mode(void);

bool is_common_criteria_mode(void);

/*******************************************************************************

 *

 * Function         get_niap_config_compare_result

 * Function         get_common_criteria_config_compare_result

 *

 * Description      Get the niap config compare result for confirming the config

 *                  checksum compare result. When the niap mode doesn't enable,

 *                  it should be all pass (0b11).

 * Description      Get the common criteria config compare result for confirming

 *                  the config checksum compare result. When the common criteria

 *                  mode doesn't enable, it should be all pass (0b11).

 *                  Bit define:

 *                    CONFIG_FILE_COMPARE_PASS = 0b01

 *                    CONFIG_BACKUP_COMPARE_PASS = 0b10

 * Returns          int

 *

 ******************************************************************************/

int get_niap_config_compare_result(void);

int get_common_criteria_config_compare_result(void);

/*******************************************************************************

 *

static bt_callbacks_t* bt_hal_cbacks = NULL;

bool restricted_mode = false;

bool niap_mode = false;

bool common_criteria_mode = false;

const int CONFIG_COMPARE_ALL_PASS = 0b11;

int niap_config_compare_result = CONFIG_COMPARE_ALL_PASS;

int common_criteria_config_compare_result = CONFIG_COMPARE_ALL_PASS;

bool is_local_device_atv = false;

/*******************************************************************************

 ****************************************************************************/

static int init(bt_callbacks_t* callbacks, bool start_restricted,

                bool is_niap_mode, int config_compare_result,

                bool is_common_criteria_mode, int config_compare_result,

                const char** init_flags, bool is_atv) {

  LOG_INFO("%s: start restricted = %d ; niap = %d, config compare result = %d",

           __func__, start_restricted, is_niap_mode, config_compare_result);

  LOG_INFO(

      "%s: start restricted = %d ; common criteria mode = %d, config compare "

      "result = %d",

      __func__, start_restricted, is_common_criteria_mode,

      config_compare_result);

  bluetooth::common::InitFlags::Load(init_flags);

  bt_hal_cbacks = callbacks;

  restricted_mode = start_restricted;

  niap_mode = is_niap_mode;

  niap_config_compare_result = config_compare_result;

  common_criteria_mode = is_common_criteria_mode;

  common_criteria_config_compare_result = config_compare_result;

  is_local_device_atv = is_atv;

  stack_manager_get_interface()->init_stack();

static void cleanup(void) { stack_manager_get_interface()->clean_up_stack(); }

bool is_restricted_mode() { return restricted_mode; }

bool is_niap_mode() { return niap_mode; }

// if niap mode disable, will always return CONFIG_COMPARE_ALL_PASS(0b11)

// indicate don't check config checksum.

int get_niap_config_compare_result() {

  return niap_mode ? niap_config_compare_result : CONFIG_COMPARE_ALL_PASS;

bool is_common_criteria_mode() { return common_criteria_mode; }

// if common criteria mode disable, will always return

// CONFIG_COMPARE_ALL_PASS(0b11) indicate don't check config checksum.

int get_common_criteria_config_compare_result() {

  return common_criteria_mode ? common_criteria_config_compare_result

                              : CONFIG_COMPARE_ALL_PASS;

}

bool is_atv_device() { return is_local_device_atv; }

// Key attestation

static bool config_checksum_pass(int check_bit) {

  return ((get_niap_config_compare_result() & check_bit) == check_bit);

  return ((get_common_criteria_config_compare_result() & check_bit) ==

          check_bit);

}

static bool btif_is_common_criteria_mode() {

  return is_bluetooth_uid() && is_common_criteria_mode();

}

static bool btif_is_niap_mode() { return is_bluetooth_uid() && is_niap_mode(); }

static bool btif_in_encrypt_key_name_list(std::string key);

static const int CONFIG_FILE_COMPARE_PASS = 1;

    sscanf(ptr, "%02hhx", &value[*length]);

  }

  if (btif_is_niap_mode()) {

  if (btif_is_common_criteria_mode()) {

    if (!value_str_from_config->empty() && in_encrypt_key_name_list &&

        !is_key_encrypted) {

      get_bluetooth_keystore_interface()->set_encrypt_key_or_remove_key(

  }

  std::string value_str;

  if ((length > 0) && btif_is_niap_mode() &&

  if ((length > 0) && btif_is_common_criteria_mode() &&

      btif_in_encrypt_key_name_list(key)) {

    get_bluetooth_keystore_interface()->set_encrypt_key_or_remove_key(

        section + "-" + key, str);

    CHECK(bluetooth::shim::is_gd_stack_started_up());

    return bluetooth::shim::BtifConfigInterface::RemoveProperty(section, key);

  }

  if (is_niap_mode() && btif_in_encrypt_key_name_list(key)) {

  if (is_common_criteria_mode() && btif_in_encrypt_key_name_list(key)) {

    get_bluetooth_keystore_interface()->set_encrypt_key_or_remove_key(

        section + "-" + key, "");

  }

  std::unique_lock<std::recursive_mutex> lock(config_lock);

  rename(CONFIG_FILE_PATH, CONFIG_BACKUP_PATH);

  config_save(btif_config_cache.PersistentSectionCopy(), CONFIG_FILE_PATH);

  if (btif_is_niap_mode()) {

  if (btif_is_common_criteria_mode()) {

    get_bluetooth_keystore_interface()->set_encrypt_key_or_remove_key(

        CONFIG_FILE_PREFIX, CONFIG_FILE_HASH);

  }

   * The |start_restricted| flag inits the adapter in restricted mode. In

   * restricted mode, bonds that are created are marked as restricted in the

   * config file. These devices are deleted upon leaving restricted mode.

   * The |is_niap_mode| flag inits the adapter in NIAP mode.

   * The |config_compare_result| flag show the config checksum check result if

   * is in NIAP mode.

   * The |init_flags| are config flags that cannot change during run.

   * The |is_atv| flag indicates whether the local device is an Android TV

   */

  int (*init)(bt_callbacks_t* callbacks, bool guest_mode, bool is_niap_mode,

              int config_compare_result, const char** init_flags, bool is_atv);

   * The |is_common_criteria_mode| flag inits the adapter in commom criteria

   * mode. The |config_compare_result| flag show the config checksum check

   * result if is in common criteria mode. The |init_flags| are config flags

   * that cannot change during run. The |is_atv| flag indicates whether the

   * local device is an Android TV

   */

  int (*init)(bt_callbacks_t* callbacks, bool guest_mode,

              bool is_common_criteria_mode, int config_compare_result,

              const char** init_flags, bool is_atv);

  /** Enable Bluetooth. */

  int (*enable)();