lib/bt/test_apps/main/test_smp.c


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126

/*
 * SPDX-FileCopyrightText: 2021-2023 Espressif Systems (Shanghai) CO LTD
 *
 * SPDX-License-Identifier: Unlicense OR CC0-1.0
 */

/*
 * Tests for the BLE SMP implementation
 */

#include <string.h>

#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "unity.h"
#include "esp_random.h"

#include "esp_bt_main.h"
#include "esp_bt_device.h"
#include "esp_gap_ble_api.h"

#define KEY_LENGTH_DWORDS_P256 8

typedef unsigned long  DWORD;
typedef uint32_t UINT32;

typedef struct {
    DWORD x[KEY_LENGTH_DWORDS_P256];
    DWORD y[KEY_LENGTH_DWORDS_P256];
    DWORD z[KEY_LENGTH_DWORDS_P256];
} Point;

typedef struct {
    // curve's coefficients
    DWORD a[KEY_LENGTH_DWORDS_P256];
    DWORD b[KEY_LENGTH_DWORDS_P256];

    //whether a is -3
    int a_minus3;

    // prime modulus
    DWORD p[KEY_LENGTH_DWORDS_P256];

    // Omega, p = 2^m -omega
    DWORD omega[KEY_LENGTH_DWORDS_P256];

    // base point, a point on E of order r
    Point G;

} elliptic_curve_t;

extern void ECC_PointMult_Bin_NAF(Point *q, Point *p, DWORD *n, uint32_t keyLength);
extern bool ECC_CheckPointIsInElliCur_P256(Point *p);
extern void p_256_init_curve(UINT32 keyLength);
extern elliptic_curve_t curve_p256;

static void bt_rand(void *buf, size_t len)
{
    if (!len) {
        return;
    }
    // Reset the buf value to the fixed value.
    memset(buf, 0x55, len);

    for (int i = 0; i < (int)(len / sizeof(uint32_t)); i++) {
        uint32_t rand = esp_random();
        memcpy(buf + i * sizeof(uint32_t), &rand, sizeof(uint32_t));
    }

    return;
}

TEST_CASE("ble_smp_public_key_check", "[ble_smp]")
{
    /* We wait init finish 200ms here */
    vTaskDelay(200 / portTICK_PERIOD_MS);
    Point public_key;
    DWORD private_key[KEY_LENGTH_DWORDS_P256] = {[0 ... (KEY_LENGTH_DWORDS_P256 - 1)] = 0x12345678};
    p_256_init_curve(KEY_LENGTH_DWORDS_P256);
    ECC_PointMult_Bin_NAF(&public_key, &(curve_p256.G), private_key, KEY_LENGTH_DWORDS_P256);
    /* Check Is the public key generated by the system on the given elliptic curve */
    TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&public_key));
    /* We simulate the attacker and set the y coordinate of the public key to 0. */
    for (int i = 0; i < KEY_LENGTH_DWORDS_P256; i++) {
        public_key.y[i] = 0x0;
    }
    /* At this point the public key should not be on the given elliptic curve. */
    TEST_ASSERT(!ECC_CheckPointIsInElliCur_P256(&public_key));
    /* Test whether the G point on the protocol is on a given elliptic curve */
    TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&(curve_p256.G)));
    /* test 100 times when the private key is generated by the random number. */
    for (int j = 0; j < 100; j++) {
        bt_rand(private_key, sizeof(DWORD)*KEY_LENGTH_DWORDS_P256);
        ECC_PointMult_Bin_NAF(&public_key, &(curve_p256.G), private_key, KEY_LENGTH_DWORDS_P256);
        /* Check Is the public key generated by the system on the given elliptic curve */
        TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&public_key));
    }
}

TEST_CASE("ble_smp_set_clear_static_passkey", "[ble_smp]")
{
    /* We wait init finish 200ms here */
    vTaskDelay(200 / portTICK_PERIOD_MS);
    esp_ble_auth_req_t auth_req = ESP_LE_AUTH_BOND;
    uint32_t passkey = 123456;
    /* test len = 0 when type != ESP_BLE_SM_CLEAR_STATIC_PASSKEY */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_AUTHEN_REQ_MODE, &auth_req, 0) == ESP_ERR_INVALID_ARG);
    /* test function */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_AUTHEN_REQ_MODE, &auth_req, sizeof(esp_ble_auth_req_t)) != ESP_ERR_INVALID_ARG);
    /* test type >= ESP_BLE_SM_MAX_PARAM */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_MAX_PARAM, &passkey, sizeof(uint32_t)) == ESP_ERR_INVALID_ARG);
    /* test len < sizeof(uint32_t) when type is ESP_BLE_SM_SET_STATIC_PASSKEY */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, &passkey, sizeof(uint8_t)) != ESP_ERR_INVALID_ARG);
    /* test value is NULL when type != ESP_BLE_SM_CLEAR_STATIC_PASSKEY */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, NULL, sizeof(uint8_t)) == ESP_ERR_INVALID_ARG);
    /* test value is NULL and len is 0 when type != ESP_BLE_SM_CLEAR_STATIC_PASSKEY */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, NULL, 0) == ESP_ERR_INVALID_ARG);
    /* test function */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_SET_STATIC_PASSKEY, &passkey, sizeof(uint32_t)) != ESP_ERR_INVALID_ARG);
    /* test function */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_CLEAR_STATIC_PASSKEY, &passkey, sizeof(uint32_t)) != ESP_ERR_INVALID_ARG);
    /* test function */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_CLEAR_STATIC_PASSKEY, NULL, sizeof(uint32_t)) != ESP_ERR_INVALID_ARG);
    /* test function */
    TEST_ASSERT(esp_ble_gap_set_security_param(ESP_BLE_SM_CLEAR_STATIC_PASSKEY, NULL, 0) != ESP_ERR_INVALID_ARG);
}