feat(ble): Add security related tests.

* Add security related tests to verify behavior when trying to read
  a GATT characteristic from our peripheral with and without client
  auto security request/retry.

app/tests/ble/central/src/main.c

@@ -40,6 +40,10 @@ LOG_MODULE_REGISTER(ble_central, 4);
 static bool disconnect_and_reconnect = false;
 static bool clear_bond_on_disconnect = false;
 static bool halt_after_bonding = false;
+static bool read_hid_report_on_connect = false;
+static bool skip_set_security_on_connect = false;
+static bool skip_discovery_on_connect = false;
+static bool read_directly_on_discovery = false;
 static int32_t wait_on_start = 0;
 
 static void ble_central_native_posix_options(void) {
@@ -59,6 +63,26 @@ static void ble_central_native_posix_options(void) {
          .type = 'b',
          .dest = (void *)&clear_bond_on_disconnect,
          .descript = "Clear bonds on disconnect and reconnect"},
+        {.is_switch = true,
+         .option = "skip_set_security_on_connect",
+         .type = 'b',
+         .dest = (void *)&skip_set_security_on_connect,
+         .descript = "Skip set security level after connecting"},
+        {.is_switch = true,
+         .option = "read_hid_report_on_connect",
+         .type = 'b',
+         .dest = (void *)&read_hid_report_on_connect,
+         .descript = "Read the peripheral HID report after connecting"},
+        {.is_switch = true,
+         .option = "skip_discovery_on_connect",
+         .type = 'b',
+         .dest = (void *)&skip_discovery_on_connect,
+         .descript = "Skip GATT characteristic discovery after connecting"},
+        {.is_switch = true,
+         .option = "read_directly_on_discovery",
+         .type = 'b',
+         .dest = (void *)&read_directly_on_discovery,
+         .descript = "Read HIDS report after GATT characteristic discovery"},
         {.option = "wait_on_start",
          .name = "milliseconds",
          .type = 'u',
@@ -94,6 +118,16 @@ static uint8_t notify_func(struct bt_conn *conn, struct bt_gatt_subscribe_params
     return BT_GATT_ITER_CONTINUE;
 }
 
+static struct bt_gatt_read_params read_params;
+static const struct bt_uuid_16 hids_uuid = BT_UUID_INIT_16(BT_UUID_HIDS_REPORT_VAL);
+
+static uint8_t read_cb(struct bt_conn *conn, uint8_t err, struct bt_gatt_read_params *params,
+                       const void *data, uint16_t length) {
+    LOG_DBG("Read err: %d, length %d", err, length);
+
+    return BT_GATT_ITER_CONTINUE;
+}
+
 static uint8_t discover_func(struct bt_conn *conn, const struct bt_gatt_attr *attr,
                              struct bt_gatt_discover_params *params) {
     int err;
@@ -117,15 +151,24 @@ static uint8_t discover_func(struct bt_conn *conn, const struct bt_gatt_attr *at
             LOG_DBG("[Discover failed] (err %d)", err);
         }
     } else if (!bt_uuid_cmp(discover_params.uuid, BT_UUID_HIDS_REPORT)) {
-        memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(uuid));
-        discover_params.uuid = &uuid.uuid;
-        discover_params.start_handle = attr->handle + 2;
-        discover_params.type = BT_GATT_DISCOVER_DESCRIPTOR;
-        subscribe_params.value_handle = bt_gatt_attr_value_handle(attr);
+        if (read_directly_on_discovery) {
+            read_params.single.handle = bt_gatt_attr_value_handle(attr);
+            read_params.single.offset = 0;
+            read_params.handle_count = 1;
+            read_params.func = read_cb;
 
-        err = bt_gatt_discover(conn, &discover_params);
-        if (err) {
-            LOG_DBG("[Discover failed] (err %d)", err);
+            bt_gatt_read(conn, &read_params);
+        } else {
+            memcpy(&uuid, BT_UUID_GATT_CCC, sizeof(uuid));
+            discover_params.uuid = &uuid.uuid;
+            discover_params.start_handle = attr->handle + 2;
+            discover_params.type = BT_GATT_DISCOVER_DESCRIPTOR;
+            subscribe_params.value_handle = bt_gatt_attr_value_handle(attr);
+
+            err = bt_gatt_discover(conn, &discover_params);
+            if (err) {
+                LOG_DBG("[Discover failed] (err %d)", err);
+            }
         }
     } else {
         subscribe_params.notify = notify_func;
@@ -278,12 +321,23 @@ static void connected(struct bt_conn *conn, uint8_t conn_err) {
     LOG_DBG("[Connected]: %s", addr);
 
     if (conn == default_conn) {
-        if (bt_conn_get_security(conn) >= BT_SECURITY_L2) {
+        if (bt_conn_get_security(conn) >= BT_SECURITY_L2 && !skip_discovery_on_connect) {
+            LOG_DBG("[Discovering characteristics for the connection]");
             discover_conn(conn);
-        } else {
+        } else if (!skip_set_security_on_connect) {
             LOG_DBG("[Setting the security for the connection]");
             bt_conn_set_security(conn, BT_SECURITY_L2);
         }
+
+        if (read_hid_report_on_connect) {
+            read_params.func = read_cb;
+            read_params.handle_count = 0;
+            read_params.by_uuid.start_handle = 0x0001;
+            read_params.by_uuid.end_handle = 0xFFFF;
+            read_params.by_uuid.uuid = &hids_uuid.uuid;
+
+            bt_gatt_read(conn, &read_params);
+        }
     }
 }
 
@@ -313,7 +367,7 @@ static void security_changed(struct bt_conn *conn, bt_security_t level, enum bt_
     first_connect = false;
     if (do_disconnect) {
         k_work_reschedule(&disconnect_work, K_MSEC(500));
-    } else {
+    } else if (!skip_discovery_on_connect) {
         discover_conn(conn);
     }
 }