More security flag hidings

 ******************************************************************************/

void bta_hh_start_security(tBTA_HH_DEV_CB* p_cb,

                           UNUSED_ATTR tBTA_HH_DATA* p_buf) {

  uint8_t sec_flag = 0;

  if (BTM_SecIsSecurityPending(p_cb->addr)) {

    /* if security collision happened, wait for encryption done */

    p_cb->security_pending = true;

    return;

  }

  /* verify bond */

  BTM_GetSecurityFlagsByTransport(p_cb->addr, &sec_flag, BT_TRANSPORT_LE);

  /* if link has been encrypted */

  if (sec_flag & BTM_SEC_FLAG_ENCRYPTED) {

  if (BTM_IsEncrypted(p_cb->addr, BT_TRANSPORT_LE)) {

    p_cb->status = BTA_HH_OK;

    bta_hh_sm_execute(p_cb, BTA_HH_ENC_CMPL_EVT, NULL);

  }

  /* if bonded and link not encrypted */

  else if (sec_flag & BTM_SEC_FLAG_LKEY_KNOWN) {

    sec_flag = BTM_BLE_SEC_ENCRYPT;

  else if (BTM_IsLinkKeyKnown(p_cb->addr, BT_TRANSPORT_LE)) {

    p_cb->status = BTA_HH_ERR_AUTH_FAILED;

    BTM_SetEncryption(p_cb->addr, BT_TRANSPORT_LE, bta_hh_le_encrypt_cback,

                      NULL, sec_flag);

                      NULL, BTM_BLE_SEC_ENCRYPT);

  }

  /* unbonded device, report security error here */

  else if (p_cb->sec_mask != BTA_SEC_NONE) {

    sec_flag = BTM_BLE_SEC_ENCRYPT_NO_MITM;

    p_cb->status = BTA_HH_ERR_AUTH_FAILED;

    bta_hh_clear_service_cache(p_cb);

    BTM_SetEncryption(p_cb->addr, BT_TRANSPORT_LE, bta_hh_le_encrypt_cback,

                      NULL, sec_flag);

                      NULL, BTM_BLE_SEC_ENCRYPT_NO_MITM);

  }

  /* otherwise let it go through */

  else {

 *

 ******************************************************************************/

static void bta_hh_le_add_dev_bg_conn(tBTA_HH_DEV_CB* p_cb, bool check_bond) {

  uint8_t sec_flag = 0;

  bool to_add = true;

  if (check_bond) {

    /* start reconnection if remote is a bonded device */

    /* verify bond */

    BTM_GetSecurityFlagsByTransport(p_cb->addr, &sec_flag, BT_TRANSPORT_LE);

    if ((sec_flag & BTM_SEC_FLAG_LKEY_KNOWN) == 0) to_add = false;

    if (!BTM_IsLinkKeyKnown(p_cb->addr, BT_TRANSPORT_LE)) to_add = false;

  }

  if (/*p_cb->dscp_info.flag & BTA_HH_LE_NORMAL_CONN &&*/

      !p_cb->in_bg_conn && to_add) {

  if (!p_cb->in_bg_conn && to_add) {

    /* add device into BG connection to accept remote initiated connection */

    BTA_GATTC_Open(bta_hh_cb.gatt_if, p_cb->addr, false, BT_TRANSPORT_LE,

                   false);

    (*p_callback)(&bd_addr, BT_TRANSPORT_LE, p_ref_data, BTM_MODE_UNSUPPORTED);

    return L2CAP_LE_RESULT_NO_PSM;

  }

  uint8_t sec_flag = 0;

  BTM_GetSecurityFlagsByTransport(bd_addr, &sec_flag, BT_TRANSPORT_LE);

  bool is_encrypted = BTM_IsEncrypted(bd_addr, BT_TRANSPORT_LE);

  bool is_link_key_authed = BTM_IsLinkKeyAuthed(bd_addr, BT_TRANSPORT_LE);

  bool is_authenticated = BTM_IsAuthenticated(bd_addr, BT_TRANSPORT_LE);

  if (!is_originator) {

    if ((p_serv_rec->security_flags & BTM_SEC_IN_ENCRYPT) &&

        !(sec_flag & BTM_SEC_ENCRYPTED)) {

    if ((p_serv_rec->security_flags & BTM_SEC_IN_ENCRYPT) && !is_encrypted) {

      BTM_TRACE_ERROR(

          "%s: L2CAP_LE_RESULT_INSUFFICIENT_ENCRYP. service "

          "security_flags=0x%x, "

          "sec_flag=0x%x",

          __func__, p_serv_rec->security_flags, sec_flag);

          "security_flags=0x%x, ",

          __func__, p_serv_rec->security_flags);

      return L2CAP_LE_RESULT_INSUFFICIENT_ENCRYP;

    } else if ((p_serv_rec->security_flags & BTM_SEC_IN_AUTHENTICATE) &&

               !(sec_flag &

                 (BTM_SEC_LINK_KEY_AUTHED | BTM_SEC_AUTHENTICATED))) {

               !(is_link_key_authed || is_authenticated)) {

      BTM_TRACE_ERROR(

          "%s: L2CAP_LE_RESULT_INSUFFICIENT_AUTHENTICATION. service "

          "security_flags=0x%x, "

          "sec_flag=0x%x",

          __func__, p_serv_rec->security_flags, sec_flag);

          "security_flags=0x%x, ",

          __func__, p_serv_rec->security_flags);

      return L2CAP_LE_RESULT_INSUFFICIENT_AUTHENTICATION;

    }

    /* TODO: When security is required, then must check that the key size of our

  return (flags & BTM_SEC_FLAG_LKEY_KNOWN) != 0;

}

bool BTM_IsAuthenticated(const RawAddress& bd_addr, tBT_TRANSPORT transport) {

  uint8_t flags = 0;

  BTM_GetSecurityFlagsByTransport(bd_addr, &flags, transport);

  return (flags & BTM_SEC_AUTHENTICATED) != 0;

}

/*******************************************************************************

 *

 * Function         BTM_GetSecurityFlagsByTransport

bool BTM_IsEncrypted(const RawAddress& bd_addr, tBT_TRANSPORT transport);

bool BTM_IsLinkKeyAuthed(const RawAddress& bd_addr, tBT_TRANSPORT transport);

bool BTM_IsLinkKeyKnown(const RawAddress& bd_addr, tBT_TRANSPORT transport);

bool BTM_IsAuthenticated(const RawAddress& bd_addr, tBT_TRANSPORT transport);

/*******************************************************************************

 *

  bool status = false;

  if (result == BTM_SUCCESS) {

    if (gatt_get_sec_act(p_tcb) == GATT_SEC_ENCRYPT_MITM) {

      uint8_t sec_flag = 0;

      BTM_GetSecurityFlagsByTransport(*bd_addr, &sec_flag, transport);

      if (sec_flag & BTM_SEC_FLAG_LKEY_AUTHED) {

        status = true;

      }

      status = BTM_IsLinkKeyAuthed(*bd_addr, transport);

    } else {

      status = true;

    }

 */

tGATT_SEC_ACTION gatt_determine_sec_act(tGATT_CLCB* p_clcb) {

  tGATT_SEC_ACTION act = GATT_SEC_OK;

  uint8_t sec_flag;

  tGATT_TCB* p_tcb = p_clcb->p_tcb;

  tGATT_AUTH_REQ auth_req = p_clcb->auth_req;

  bool is_link_encrypted = false;

  if (auth_req == GATT_AUTH_REQ_NONE) return act;

  BTM_GetSecurityFlagsByTransport(p_tcb->peer_bda, &sec_flag,

                                  p_clcb->p_tcb->transport);

  btm_ble_link_sec_check(p_tcb->peer_bda, auth_req, &sec_act);

  /* if a encryption is pending, need to wait */

  if (sec_act == BTM_BLE_SEC_REQ_ACT_DISCARD && auth_req != GATT_AUTH_REQ_NONE)

    return GATT_SEC_ENC_PENDING;

  if (sec_flag & (BTM_SEC_FLAG_ENCRYPTED | BTM_SEC_FLAG_LKEY_KNOWN)) {

    if (sec_flag & BTM_SEC_FLAG_ENCRYPTED) is_link_encrypted = true;

    is_link_key_known = true;

    if (sec_flag & BTM_SEC_FLAG_LKEY_AUTHED) is_key_mitm = true;

  }

  is_link_key_known =

      BTM_IsLinkKeyKnown(p_tcb->peer_bda, p_clcb->p_tcb->transport);

  is_link_encrypted =

      BTM_IsEncrypted(p_tcb->peer_bda, p_clcb->p_tcb->transport);

  is_key_mitm = BTM_IsLinkKeyAuthed(p_tcb->peer_bda, p_clcb->p_tcb->transport);

  /* first check link key upgrade required or not */

  switch (auth_req) {

 ******************************************************************************/

tGATT_STATUS gatt_get_link_encrypt_status(tGATT_TCB& tcb) {

  tGATT_STATUS encrypt_status = GATT_NOT_ENCRYPTED;

  uint8_t sec_flag = 0;

  BTM_GetSecurityFlagsByTransport(tcb.peer_bda, &sec_flag, tcb.transport);

  bool encrypted = BTM_IsEncrypted(tcb.peer_bda, tcb.transport);

  bool link_key_known = BTM_IsLinkKeyKnown(tcb.peer_bda, tcb.transport);

  bool link_key_authed = BTM_IsLinkKeyAuthed(tcb.peer_bda, tcb.transport);

  if ((sec_flag & BTM_SEC_FLAG_ENCRYPTED) &&

      (sec_flag & BTM_SEC_FLAG_LKEY_KNOWN)) {

  if (encrypted && link_key_known) {

    encrypt_status = GATT_ENCRYPED_NO_MITM;

    if (sec_flag & BTM_SEC_FLAG_LKEY_AUTHED)

    if (link_key_authed) {

      encrypt_status = GATT_ENCRYPED_MITM;

    }

  }

  VLOG(1) << StringPrintf("gatt_get_link_encrypt_status status=0x%x",

                          encrypt_status);