Merge "Class enum-ify stack::sec::tSECURITY_STATE" into main

#include "btif/include/btif_storage.h"

#include "btif/include/btif_storage.h"

#include "crypto_toolbox/crypto_toolbox.h"

#include "crypto_toolbox/crypto_toolbox.h"

#include "device/include/interop.h"

#include "device/include/interop.h"

#include "device/include/interop_config.h"

#include "hci/controller_interface.h"

#include "hci/controller_interface.h"

#include "main/shim/entry.h"

#include "main/shim/entry.h"

#include "osi/include/allocator.h"

#include "osi/include/allocator.h"

  }

  }

  if (p_dev_rec->sec_rec.is_security_state_encrypting() ||

  if (p_dev_rec->sec_rec.is_security_state_encrypting() ||

      p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING) {

      p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

    /* race condition: discard the security request while central is encrypting

    /* race condition: discard the security request while central is encrypting

     * the link */

     * the link */

    *p_sec_req_act = BTM_BLE_SEC_REQ_ACT_DISCARD;

    *p_sec_req_act = BTM_BLE_SEC_REQ_ACT_DISCARD;

      if (SMP_Pair(bd_addr) == SMP_STARTED) {

      if (SMP_Pair(bd_addr) == SMP_STARTED) {

        cmd = BTM_CMD_STARTED;

        cmd = BTM_CMD_STARTED;

        p_rec->sec_rec.sec_state = BTM_SEC_STATE_AUTHENTICATING;

        p_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING;

      }

      }

      break;

      break;

    return BTM_ERR_KEY_MISSING;

    return BTM_ERR_KEY_MISSING;

  }

  }

  if (p_rec->sec_rec.sec_state == BTM_SEC_STATE_IDLE)

  if (p_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_IDLE) {

    p_rec->sec_rec.sec_state = BTM_SEC_STATE_LE_ENCRYPTING;

    p_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_LE_ENCRYPTING;

  }

  return BTM_CMD_STARTED;

  return BTM_CMD_STARTED;

}

}

  if (encr_enable && p_dev_rec->sec_rec.enc_key_size == 0)

  if (encr_enable && p_dev_rec->sec_rec.enc_key_size == 0)

    p_dev_rec->sec_rec.enc_key_size = p_dev_rec->sec_rec.ble_keys.key_size;

    p_dev_rec->sec_rec.enc_key_size = p_dev_rec->sec_rec.ble_keys.key_size;

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  if (p_dev_rec->sec_rec.p_callback && enc_cback) {

  if (p_dev_rec->sec_rec.p_callback && enc_cback) {

    if (encr_enable) btm_sec_dev_rec_cback_event(p_dev_rec, BTM_SUCCESS, true);

    if (encr_enable) btm_sec_dev_rec_cback_event(p_dev_rec, BTM_SUCCESS, true);

    /* LTK missing on peripheral */

    /* LTK missing on peripheral */

        }

        }

        btm_sec_cb.pairing_bda = bd_addr;

        btm_sec_cb.pairing_bda = bd_addr;

        if (event != SMP_CONSENT_REQ_EVT) {

        if (event != SMP_CONSENT_REQ_EVT) {

          p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_AUTHENTICATING;

          p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING;

        }

        }

        btm_sec_cb.pairing_flags |= BTM_PAIR_FLAGS_LE_ACTIVE;

        btm_sec_cb.pairing_flags |= BTM_PAIR_FLAGS_LE_ACTIVE;

        FALLTHROUGH_INTENDED; /* FALLTHROUGH */

        FALLTHROUGH_INTENDED; /* FALLTHROUGH */

          }

          }

          if (res == BTM_SUCCESS) {

          if (res == BTM_SUCCESS) {

            p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

            p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

            if (p_dev_rec->sec_rec.bond_type != BOND_TYPE_TEMPORARY) {

            if (p_dev_rec->sec_rec.bond_type != BOND_TYPE_TEMPORARY) {

              // Add all bonded device into resolving list if IRK is available.

              // Add all bonded device into resolving list if IRK is available.

  if (p_dev_rec == NULL) return;

  if (p_dev_rec == NULL) return;

  p_dev_rec->sec_rec.sec_flags = 0;

  p_dev_rec->sec_rec.sec_flags = 0;

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  p_dev_rec->sm4 = BTM_SM4_UNKNOWN;

  p_dev_rec->sm4 = BTM_SM4_UNKNOWN;

}

}

static bool set_sec_state_idle(void* data, void* /* context */) {

static bool set_sec_state_idle(void* data, void* /* context */) {

  tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);

  tBTM_SEC_DEV_REC* p_dev_rec = static_cast<tBTM_SEC_DEV_REC*>(data);

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  return true;

  return true;

}

}

    if (SMP_Pair(bd_addr, addr_type) == SMP_STARTED) {

    if (SMP_Pair(bd_addr, addr_type) == SMP_STARTED) {

      btm_sec_cb.pairing_flags |= BTM_PAIR_FLAGS_LE_ACTIVE;

      btm_sec_cb.pairing_flags |= BTM_PAIR_FLAGS_LE_ACTIVE;

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_AUTHENTICATING;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING;

      btm_sec_cb.change_pairing_state(BTM_PAIR_STATE_WAIT_AUTH_COMPLETE);

      btm_sec_cb.change_pairing_state(BTM_PAIR_STATE_WAIT_AUTH_COMPLETE);

      return BTM_CMD_STARTED;

      return BTM_CMD_STARTED;

    }

    }

  }

  }

  if (btm_sec_cb.pairing_flags & BTM_PAIR_FLAGS_LE_ACTIVE) {

  if (btm_sec_cb.pairing_flags & BTM_PAIR_FLAGS_LE_ACTIVE) {

    if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING) {

    if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

      log::verbose("Cancel LE pairing");

      log::verbose("Cancel LE pairing");

      if (SMP_PairCancel(bd_addr)) {

      if (SMP_PairCancel(bd_addr)) {

        return BTM_CMD_STARTED;

        return BTM_CMD_STARTED;

    /* If the HCI link is up */

    /* If the HCI link is up */

    if (p_dev_rec->hci_handle != HCI_INVALID_HANDLE) {

    if (p_dev_rec->hci_handle != HCI_INVALID_HANDLE) {

      /* If some other thread disconnecting, we do not send second command */

      /* If some other thread disconnecting, we do not send second command */

      if ((p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_DISCONNECTING) ||

      if ((p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING) ||

          (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_DISCONNECTING_BOTH))

          (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH)) {

        return (BTM_CMD_STARTED);

        return (BTM_CMD_STARTED);

      }

      /* If the HCI link was set up by Bonding process */

      /* If the HCI link was set up by Bonding process */

      if (btm_sec_cb.pairing_flags & BTM_PAIR_FLAGS_DISC_WHEN_DONE)

      if (btm_sec_cb.pairing_flags & BTM_PAIR_FLAGS_DISC_WHEN_DONE)

  if (bluetooth::common::init_flags::encryption_in_busy_state_is_enabled()) {

  if (bluetooth::common::init_flags::encryption_in_busy_state_is_enabled()) {

    bool enqueue = false;

    bool enqueue = false;

    switch (p_dev_rec->sec_rec.sec_state) {

    switch (p_dev_rec->sec_rec.sec_state) {

      case BTM_SEC_STATE_AUTHENTICATING:

      case tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING:

      case BTM_SEC_STATE_DISCONNECTING_BOTH:

      case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH:

        /* Applicable for both transports */

        /* Applicable for both transports */

        enqueue = true;

        enqueue = true;

        break;

        break;

      case BTM_SEC_STATE_ENCRYPTING:

      case tSECURITY_STATE::BTM_SEC_STATE_ENCRYPTING:

      case BTM_SEC_STATE_DISCONNECTING:

      case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING:

        if (transport == BT_TRANSPORT_BR_EDR) {

        if (transport == BT_TRANSPORT_BR_EDR) {

          enqueue = true;

          enqueue = true;

        }

        }

        break;

        break;

      case BTM_SEC_STATE_LE_ENCRYPTING:

      case tSECURITY_STATE::BTM_SEC_STATE_LE_ENCRYPTING:

      case BTM_SEC_STATE_DISCONNECTING_BLE:

      case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BLE:

        if (transport == BT_TRANSPORT_LE) {

        if (transport == BT_TRANSPORT_LE) {

          enqueue = true;

          enqueue = true;

        }

        }

    }

    }

  } else {

  } else {

    if (p_dev_rec->sec_rec.p_callback ||

    if (p_dev_rec->sec_rec.p_callback ||

        (p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_IDLE)) {

        (p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_IDLE)) {

      log::warn("Security Manager: BTM_SetEncryption busy, enqueue request");

      log::warn("Security Manager: BTM_SetEncryption busy, enqueue request");

      btm_sec_queue_encrypt_request(bd_addr, transport, p_callback, p_ref_data,

      btm_sec_queue_encrypt_request(bd_addr, transport, p_callback, p_ref_data,

                                    sec_act);

                                    sec_act);

  tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);

  tBTM_SEC_DEV_REC* p_dev_rec = btm_find_dev(bd_addr);

  return p_dev_rec &&

  return p_dev_rec &&

         (p_dev_rec->sec_rec.is_security_state_encrypting() ||

         (p_dev_rec->sec_rec.is_security_state_encrypting() ||

          p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING);

          p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING);

}

}

/*******************************************************************************

/*******************************************************************************

  /* send HCI_Disconnect on a transport only once */

  /* send HCI_Disconnect on a transport only once */

  switch (old_state) {

  switch (old_state) {

    case BTM_SEC_STATE_DISCONNECTING:

    case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING:

      if (conn_handle == p_dev_rec->hci_handle) {

      if (conn_handle == p_dev_rec->hci_handle) {

        // Already sent classic disconnect

        // Already sent classic disconnect

        return status;

        return status;

      }

      }

      // Prepare to send disconnect on le transport

      // Prepare to send disconnect on le transport

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_DISCONNECTING_BOTH;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH;

      break;

      break;

    case BTM_SEC_STATE_DISCONNECTING_BLE:

    case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BLE:

      if (conn_handle == p_dev_rec->ble_hci_handle) {

      if (conn_handle == p_dev_rec->ble_hci_handle) {

        // Already sent ble disconnect

        // Already sent ble disconnect

        return status;

        return status;

      }

      }

      // Prepare to send disconnect on classic transport

      // Prepare to send disconnect on classic transport

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_DISCONNECTING_BOTH;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH;

      break;

      break;

    case BTM_SEC_STATE_DISCONNECTING_BOTH:

    case tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH:

      // Already sent disconnect on both transports

      // Already sent disconnect on both transports

      return status;

      return status;

    default:

    default:

      p_dev_rec->sec_rec.sec_state = (conn_handle == p_dev_rec->hci_handle)

      p_dev_rec->sec_rec.sec_state = (conn_handle == p_dev_rec->hci_handle)

                                         ? BTM_SEC_STATE_DISCONNECTING

                                             ? tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING

                                         : BTM_SEC_STATE_DISCONNECTING_BLE;

                                             : tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BLE;

      break;

      break;

  }

  }

      log::info(

      log::info(

          "peer should have initiated security process by now (SM4 to SM4)");

          "peer should have initiated security process by now (SM4 to SM4)");

      p_dev_rec->sec_rec.p_callback = p_callback;

      p_dev_rec->sec_rec.p_callback = p_callback;

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_DELAY_FOR_ENC;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_DELAY_FOR_ENC;

      (*p_callback)(bd_addr, transport, p_ref_data, rc);

      (*p_callback)(bd_addr, transport, p_ref_data, rc);

      return BTM_SUCCESS;

      return BTM_SUCCESS;

    }

    }

    /* the new security request */

    /* the new security request */

    if (p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_IDLE) {

    if (p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_IDLE) {

      log::debug("A pending security procedure in progress");

      log::debug("A pending security procedure in progress");

      rc = BTM_CMD_STARTED;

      rc = BTM_CMD_STARTED;

    }

    }

  if (!p_dev_rec) return;

  if (!p_dev_rec) return;

  if ((p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_AUTHORIZING) &&

  if ((p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_AUTHORIZING) &&

      (p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_AUTHENTICATING))

      (p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING)) {

    return;

    return;

  }

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  log::verbose("clearing callback. p_dev_rec={}, p_callback={}",

  log::verbose("clearing callback. p_dev_rec={}, p_callback={}",

               fmt::ptr(p_dev_rec), fmt::ptr(p_dev_rec->sec_rec.p_callback));

               fmt::ptr(p_dev_rec), fmt::ptr(p_dev_rec->sec_rec.p_callback));

    log::info(

    log::info(

        "Remote read request complete with no address so searching device "

        "Remote read request complete with no address so searching device "

        "database");

        "database");

    p_dev_rec = btm_sec_find_dev_by_sec_state(BTM_SEC_STATE_GETTING_NAME);

    p_dev_rec = btm_sec_find_dev_by_sec_state(tSECURITY_STATE::BTM_SEC_STATE_GETTING_NAME);

    if (p_dev_rec) {

    if (p_dev_rec) {

      p_bd_addr = &p_dev_rec->bd_addr;

      p_bd_addr = &p_dev_rec->bd_addr;

    }

    }

  // Security procedure resumes

  // Security procedure resumes

  tSECURITY_STATE old_sec_state = p_dev_rec->sec_rec.sec_state;

  tSECURITY_STATE old_sec_state = p_dev_rec->sec_rec.sec_state;

  if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_GETTING_NAME)

  if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_GETTING_NAME) {

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  }

  /* If we were delaying asking UI for a PIN because name was not resolved,

  /* If we were delaying asking UI for a PIN because name was not resolved,

   * ask now */

   * ask now */

    return;

    return;

  }

  }

  if (old_sec_state != BTM_SEC_STATE_GETTING_NAME) return;

  if (old_sec_state != tSECURITY_STATE::BTM_SEC_STATE_GETTING_NAME) {

    return;

  }

  /* If get name failed, notify the waiting layer */

  /* If get name failed, notify the waiting layer */

  if (status != HCI_SUCCESS) {

  if (status != HCI_SUCCESS) {

    /* stop the timer */

    /* stop the timer */

    alarm_cancel(btm_sec_cb.pairing_timer);

    alarm_cancel(btm_sec_cb.pairing_timer);

    if (p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_AUTHENTICATING) {

    if (p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

      /* the initiating side: will receive auth complete event. disconnect ACL

      /* the initiating side: will receive auth complete event. disconnect ACL

       * at that time */

       * at that time */

      disc = true;

      disc = true;

  if ((bluetooth::common::time_get_os_boottime_ms() -

  if ((bluetooth::common::time_get_os_boottime_ms() -

       btm_sec_cb.collision_start_time) < BTM_SEC_MAX_COLLISION_DELAY) {

       btm_sec_cb.collision_start_time) < BTM_SEC_MAX_COLLISION_DELAY) {

    if (handle == HCI_INVALID_HANDLE) {

    if (handle == HCI_INVALID_HANDLE) {

      p_dev_rec = btm_sec_find_dev_by_sec_state(BTM_SEC_STATE_AUTHENTICATING);

      p_dev_rec = btm_sec_find_dev_by_sec_state(tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING);

      if (p_dev_rec == NULL)

      if (p_dev_rec == NULL)

        p_dev_rec = btm_sec_find_dev_by_sec_state(BTM_SEC_STATE_ENCRYPTING);

        p_dev_rec = btm_sec_find_dev_by_sec_state(tSECURITY_STATE::BTM_SEC_STATE_ENCRYPTING);

    } else

    } else

      p_dev_rec = btm_find_dev_by_handle(handle);

      p_dev_rec = btm_find_dev_by_handle(handle);

      log::verbose("btm_sec_auth_collision: state {} (retrying in a moment...)",

      log::verbose("btm_sec_auth_collision: state {} (retrying in a moment...)",

                   p_dev_rec->sec_rec.sec_state);

                   p_dev_rec->sec_rec.sec_state);

      /* We will restart authentication after timeout */

      /* We will restart authentication after timeout */

      if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING ||

      if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING ||

          p_dev_rec->sec_rec.is_security_state_bredr_encrypting())

          p_dev_rec->sec_rec.is_security_state_bredr_encrypting()) {

        p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

        p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

      }

      btm_sec_cb.p_collided_dev_rec = p_dev_rec;

      btm_sec_cb.p_collided_dev_rec = p_dev_rec;

      alarm_set_on_mloop(btm_sec_cb.sec_collision_timer, BT_1SEC_TIMEOUT_MS,

      alarm_set_on_mloop(btm_sec_cb.sec_collision_timer, BT_1SEC_TIMEOUT_MS,

       controller.

       controller.

       If the stack may sit on top of other controller, we may need this

       If the stack may sit on top of other controller, we may need this

       BTM_DeleteStoredLinkKey (bd_addr, NULL); */

       BTM_DeleteStoredLinkKey (bd_addr, NULL); */

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

    btm_sec_execute_procedure(p_dev_rec);

    btm_sec_execute_procedure(p_dev_rec);

    return true;

    return true;

  }

  }

  if (!p_dev_rec) return;

  if (!p_dev_rec) return;

  if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING) {

  if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

    was_authenticating = true;

    was_authenticating = true;

    /* There can be a race condition, when we are starting authentication

    /* There can be a race condition, when we are starting authentication

     * and the peer device is doing encryption.

     * and the peer device is doing encryption.

  /* If this encryption was started by peer do not need to do anything */

  /* If this encryption was started by peer do not need to do anything */

  if (!p_dev_rec->sec_rec.is_security_state_bredr_encrypting()) {

  if (!p_dev_rec->sec_rec.is_security_state_bredr_encrypting()) {

    if (BTM_SEC_STATE_DELAY_FOR_ENC == p_dev_rec->sec_rec.sec_state) {

    if (tSECURITY_STATE::BTM_SEC_STATE_DELAY_FOR_ENC == p_dev_rec->sec_rec.sec_state) {

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

      log::verbose("clearing callback. p_dev_rec={}, p_callback={}",

      log::verbose("clearing callback. p_dev_rec={}, p_callback={}",

                   fmt::ptr(p_dev_rec),

                   fmt::ptr(p_dev_rec),

                   fmt::ptr(p_dev_rec->sec_rec.p_callback));

                   fmt::ptr(p_dev_rec->sec_rec.p_callback));

      l2cu_resubmit_pending_sec_req(&p_dev_rec->bd_addr);

      l2cu_resubmit_pending_sec_req(&p_dev_rec->bd_addr);

      return;

      return;

    } else if (!concurrentPeerAuthIsEnabled() &&

    } else if (!concurrentPeerAuthIsEnabled() &&

               p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING) {

               p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

      p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

      p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

      return;

      return;

    }

    }

    if (!handleUnexpectedEncryptionChange()) {

    if (!handleUnexpectedEncryptionChange()) {

    }

    }

  }

  }

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  /* If encryption setup failed, notify the waiting layer */

  /* If encryption setup failed, notify the waiting layer */

  if (status != HCI_SUCCESS) {

  if (status != HCI_SUCCESS) {

    btm_sec_dev_rec_cback_event(p_dev_rec, BTM_ERR_PROCESSING, false);

    btm_sec_dev_rec_cback_event(p_dev_rec, BTM_ERR_PROCESSING, false);

    return;

    return;

  }

  }

  if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_DISCONNECTING_BOTH) {

  if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BOTH) {

    log::debug("Waiting for other transport to disconnect current:{}",

    log::debug("Waiting for other transport to disconnect current:{}",

               bt_transport_text(transport));

               bt_transport_text(transport));

    p_dev_rec->sec_rec.sec_state = (transport == BT_TRANSPORT_LE)

    p_dev_rec->sec_rec.sec_state = (transport == BT_TRANSPORT_LE)

                                       ? BTM_SEC_STATE_DISCONNECTING

                                           ? tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING

                                       : BTM_SEC_STATE_DISCONNECTING_BLE;

                                           : tSECURITY_STATE::BTM_SEC_STATE_DISCONNECTING_BLE;

    return;

    return;

  }

  }

      return;

      return;

    }

    }

    if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_LE_ENCRYPTING &&

    if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_LE_ENCRYPTING &&

        transport != BT_TRANSPORT_LE) {

        transport != BT_TRANSPORT_LE) {

      log::debug("Disconnection on the other transport while encrypting LE");

      log::debug("Disconnection on the other transport while encrypting LE");

      return;

      return;

    }

    }

    if ((p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING ||

    if ((p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING ||

         p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_ENCRYPTING) &&

         p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_ENCRYPTING) &&

        transport != BT_TRANSPORT_BR_EDR) {

        transport != BT_TRANSPORT_BR_EDR) {

      log::debug(

      log::debug(

          "Disconnection on the other transport while encrypting BR/EDR");

          "Disconnection on the other transport while encrypting BR/EDR");

    }

    }

  }

  }

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_IDLE;

  p_dev_rec->sec_rec.security_required = BTM_SEC_NONE;

  p_dev_rec->sec_rec.security_required = BTM_SEC_NONE;

  if (p_dev_rec->sec_rec.p_callback != nullptr) {

  if (p_dev_rec->sec_rec.p_callback != nullptr) {

  log::verbose("bda: {}", bda);

  log::verbose("bda: {}", bda);

  if (!concurrentPeerAuthIsEnabled()) {

  if (!concurrentPeerAuthIsEnabled()) {

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_AUTHENTICATING;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING;

  }

  }

  if ((btm_sec_cb.pairing_state == BTM_PAIR_STATE_WAIT_PIN_REQ) &&

  if ((btm_sec_cb.pairing_state == BTM_PAIR_STATE_WAIT_PIN_REQ) &&

          static_cast<tSECURITY_STATE>(p_dev_rec->sec_rec.sec_state)),

          static_cast<tSECURITY_STATE>(p_dev_rec->sec_rec.sec_state)),

      p_dev_rec->sec_rec.sec_state);

      p_dev_rec->sec_rec.sec_state);

  if (p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_IDLE &&

  if (p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_IDLE &&

      p_dev_rec->sec_rec.sec_state != BTM_SEC_STATE_LE_ENCRYPTING) {

      p_dev_rec->sec_rec.sec_state != tSECURITY_STATE::BTM_SEC_STATE_LE_ENCRYPTING) {

    log::info("No immediate action taken in busy state: {}",

    log::info("No immediate action taken in busy state: {}",

              security_state_text(p_dev_rec->sec_rec.sec_state));

              security_state_text(p_dev_rec->sec_rec.sec_state));

    return (BTM_CMD_STARTED);

    return (BTM_CMD_STARTED);

    log::verbose("Security Manager: Start encryption");

    log::verbose("Security Manager: Start encryption");

    btsnd_hcic_set_conn_encrypt(p_dev_rec->hci_handle, true);

    btsnd_hcic_set_conn_encrypt(p_dev_rec->hci_handle, true);

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_ENCRYPTING;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_ENCRYPTING;

    return (BTM_CMD_STARTED);

    return (BTM_CMD_STARTED);

  } else {

  } else {

    log::debug("Encryption not required");

    log::debug("Encryption not required");

    return false;

    return false;

  }

  }

  p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_GETTING_NAME;

  p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_GETTING_NAME;

  /* 0 and NULL are as timeout and callback params because they are not used in

  /* 0 and NULL are as timeout and callback params because they are not used in

   * security get name case */

   * security get name case */

                                       p_dev_rec->sec_rec.p_ref_data,

                                       p_dev_rec->sec_rec.p_ref_data,

                                       BTM_SUCCESS);

                                       BTM_SUCCESS);

    }

    }

  } else if (p_dev_rec->sec_rec.sec_state == BTM_SEC_STATE_AUTHENTICATING) {

  } else if (p_dev_rec->sec_rec.sec_state == tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING) {

    log::info("device is in the process of authenticating");

    log::info("device is in the process of authenticating");

  } else {

  } else {

    log::info("starting authentication");

    log::info("starting authentication");

    p_dev_rec->sec_rec.sec_state = BTM_SEC_STATE_AUTHENTICATING;

    p_dev_rec->sec_rec.sec_state = tSECURITY_STATE::BTM_SEC_STATE_AUTHENTICATING;

    btsnd_hcic_auth_request(p_dev_rec->hci_handle);

    btsnd_hcic_auth_request(p_dev_rec->hci_handle);

  }

  }

}

}

  BTM_SEC_16_DIGIT_PIN_AUTHED = 0x4000,

  BTM_SEC_16_DIGIT_PIN_AUTHED = 0x4000,

};

};

typedef enum : uint8_t {

enum class tSECURITY_STATE : uint8_t {

  BTM_SEC_STATE_IDLE = 0,

  BTM_SEC_STATE_IDLE = 0,

  BTM_SEC_STATE_AUTHENTICATING = 1,

  BTM_SEC_STATE_AUTHENTICATING = 1,

  BTM_SEC_STATE_ENCRYPTING = 2,