Bluetooth: Allow to set required security for connection

This adds bt_conn_security function that can be used to elevate
security on connection. If device is not paired it will trigger
pairing first.

For now only JustWorks pairing is supported so full security level
tracking is not needed as only medium level is supported.

Change-Id: I6d344f55286a79bd989bd18f852a6859dc8ea96a
Signed-off-by: Szymon Janc <szymon.janc@tieto.com>

include/bluetooth/conn.h

@@ -93,4 +93,15 @@ struct bt_conn_cb {
  */
 void bt_conn_cb_register(struct bt_conn_cb *cb);
 
+
+typedef enum {
+	BT_CONN_SEC_NONE,
+	BT_CONN_SEC_LOW,
+	BT_CONN_SEC_MEDIUM,
+	BT_CONN_SEC_HIGH,
+	BT_CONN_SEC_FIPS,
+} bt_conn_security_t;
+
+int bt_conn_security(struct bt_conn *conn, bt_conn_security_t sec);
+
 #endif /* __BT_CONN_H */

net/bluetooth/conn.c

@@ -46,6 +46,8 @@
 #include "hci_core.h"
 #include "conn_internal.h"
 #include "l2cap.h"
+#include "keys.h"
+#include "smp.h"
 
 #if !defined(CONFIG_BLUETOOTH_DEBUG_CONN)
 #undef BT_DBG
@@ -383,3 +385,28 @@ const bt_addr_le_t *bt_conn_get_dst(const struct bt_conn *conn)
 {
 	return &conn->dst;
 }
+
+int bt_conn_security(struct bt_conn *conn, bt_conn_security_t sec)
+{
+	if (conn->state != BT_CONN_CONNECTED) {
+		return -ENOTCONN;
+	}
+
+	/* for now we only support JustWorks */
+	if (sec > BT_CONN_SEC_MEDIUM) {
+		return -EINVAL;
+	}
+
+	if (conn->role == BT_HCI_ROLE_SLAVE) {
+		/* TODO Add Security Request support */
+		return -ENOTSUP;
+	}
+
+	if (conn->encrypt) {
+		return 0;
+	}
+
+	/* TODO check for master LTK */
+
+	return smp_send_pairing_req(conn);
+}