1% Scapy Bluetooth layer tests 2 3+ HCI Commands 4= LE Create Connection Cancel 5 6expected_cmd_raw_data = hex_bytes("010e2000") 7cmd_raw_data = raw(HCI_Hdr() / HCI_Command_Hdr() / HCI_Cmd_LE_Create_Connection_Cancel()) 8assert(expected_cmd_raw_data == cmd_raw_data) 9 10= Disconnect 11expected_cmd_raw_data = hex_bytes("01060403341213") 12cmd_raw_data = raw(HCI_Hdr() / HCI_Command_Hdr() / HCI_Cmd_Disconnect(handle=0x1234)) 13assert(expected_cmd_raw_data == cmd_raw_data) 14 15= LE Connection Update Command 16expected_cmd_raw_data = hex_bytes("0113200e47000a00140001003c000100ffff") 17cmd_raw_data = raw( 18 HCI_Hdr() / HCI_Command_Hdr() / HCI_Cmd_LE_Connection_Update( 19 handle=0x47, min_interval=10, max_interval=20, latency=1, timeout=60, 20 min_ce=1, max_ce=0xffff)) 21assert(expected_cmd_raw_data == cmd_raw_data) 22 23 24+ HCI Events 25= LE Connection Update Event 26evt_raw_data = hex_bytes("043e0a03004800140001003c00") 27evt_pkt = HCI_Hdr(evt_raw_data) 28assert(evt_pkt[HCI_LE_Meta_Connection_Update_Complete].handle == 0x48) 29assert(evt_pkt[HCI_LE_Meta_Connection_Update_Complete].interval == 20) 30assert(evt_pkt[HCI_LE_Meta_Connection_Update_Complete].latency == 1) 31assert(evt_pkt[HCI_LE_Meta_Connection_Update_Complete].timeout == 60) 32 33 34+ Bluetooth LE Advertising / Scan Response Data Parsing 35= Parse EIR_Flags, EIR_CompleteList16BitServiceUUIDs, EIR_CompleteLocalName and EIR_TX_Power_Level 36 37ad_report_raw_data = \ 38 hex_bytes("043e2b020100016522c00181781f0201020303d9fe1409" \ 39 "506562626c652054696d65204c452037314536020a0cde") 40scapy_packet = HCI_Hdr(ad_report_raw_data) 41 42assert(scapy_packet[EIR_Flags].flags == 0x02) 43assert(scapy_packet[EIR_CompleteList16BitServiceUUIDs].svc_uuids == [0xfed9]) 44assert(scapy_packet[EIR_CompleteLocalName].local_name == b'Pebble Time LE 71E6') 45assert(scapy_packet[EIR_TX_Power_Level].level == 12) 46 47= Parse EIR_Manufacturer_Specific_Data 48 49scan_resp_raw_data = \ 50 hex_bytes("043e2302010401be5e0eb9f04f1716ff5401005f423331" \ 51 "3134374432343631fc00030c0000de") 52scapy_packet = HCI_Hdr(scan_resp_raw_data) 53 54assert(scapy_packet[EIR_Manufacturer_Specific_Data].data == b'\x00_B31147D2461\xfc\x00\x03\x0c\x00\x00') 55assert(scapy_packet[EIR_Manufacturer_Specific_Data].company_id == 0x154) 56 57= Basic L2CAP dissect 58a = L2CAP_Hdr(b'\x08\x00\x06\x00\t\x00\xf6\xe5\xd4\xc3\xb2\xa1') 59assert a[SM_Identity_Address_Information].address == 'a1:b2:c3:d4:e5:f6' 60assert a[SM_Identity_Address_Information].atype == 0 61a.show() 62 63= Basic HCI_ACL_Hdr build & dissect 64a = HCI_Hdr()/HCI_ACL_Hdr(handle=0xf4c, PB=2, BC=2, len=20)/L2CAP_Hdr(len=16)/L2CAP_CmdHdr(code=8, len=12)/Raw("A"*12) 65assert raw(a) == b'\x02L\xaf\x14\x00\x10\x00\x05\x00\x08\x00\x0c\x00AAAAAAAAAAAA' 66b = HCI_Hdr(raw(a)) 67assert a == b 68 69= Complex HCI - L2CAP build 70a = HCI_Hdr()/HCI_ACL_Hdr()/L2CAP_Hdr()/L2CAP_CmdHdr()/L2CAP_ConnReq(scid=1) 71assert raw(a) == b'\x02\x00\x00\x0c\x00\x08\x00\x05\x00\x02\x00\x04\x00\x00\x00\x01\x00' 72a.show() 73 74= Complex HCI - L2CAP dissect 75a = HCI_Hdr(b'\x02\x00\x00\x11\x00\r\x00\x05\x00\x0b\x00\t\x00\x01\x00\x00\x00debug') 76assert a[L2CAP_InfoResp].result == 0 77assert a[L2CAP_InfoResp].data == b"debug" 78 79= Answers 80a = HCI_Hdr(b'\x02\x00\x00\x0c\x00\x08\x00\x05\x00\x02\x00\x04\x00\x00\x00\x9a;') 81b = HCI_Hdr(b'\x02\x00\x00\x10\x00\x0c\x00\x05\x00\x03\x00\x08\x00\x9a;\x00\x00\x00\x00\x01\x00') 82assert b.answers(a) 83assert not a.answers(b) 84 85a = HCI_Hdr(b'\x02\x00\x00\x0c\x00\x08\x00\x05\x00\x04\x00\x04\x00\x15\x00\x00\x00') 86b = HCI_Hdr(b'\x02\x00\x00\x0e\x00\n\x00\x05\x00\x05\x00\x06\x00\x15\x00\x00\x00\x02\x00') 87assert b.answers(a) 88assert not a.answers(b) 89 90= EIR_Hdr - misc 91a = HCI_Hdr()/HCI_Event_Hdr()/HCI_Event_LE_Meta()/HCI_LE_Meta_Advertising_Report(addr = "a1:b2:c3:d4:e5:f6", data=EIR_Hdr()/EIR_CompleteLocalName(local_name="scapy")) 92assert raw(a) == b'\x04>\x00\x02\x00\x00\x00\xf6\xe5\xd4\xc3\xb2\xa1\x07\x06\tscapy\x00' 93b = HCI_Hdr(raw(a)) 94assert b.data[0][EIR_CompleteLocalName].local_name == b"scapy" 95assert b[HCI_LE_Meta_Advertising_Report].addr == "a1:b2:c3:d4:e5:f6" 96 97assert a.summary() == "HCI Event / HCI_Event_Hdr / HCI_Event_LE_Meta / HCI_LE_Meta_Advertising_Report" 98 99= ATT_Hdr - misc 100a = HCI_Hdr()/HCI_ACL_Hdr()/L2CAP_Hdr()/ATT_Hdr()/ATT_Read_By_Type_Request_128bit(uuid1=0xa14, uuid2=0xa24) 101a = HCI_Hdr(raw(a)) 102a.show() 103a.mysummary() 104assert ATT_Read_By_Type_Request_128bit in a 105assert not Raw in a 106 107b = HCI_Hdr()/HCI_ACL_Hdr()/L2CAP_Hdr()/ATT_Hdr()/ATT_Read_By_Type_Request(uuid=0xa14) 108b = HCI_Hdr(raw(b)) 109b.show() 110b.mysummary() 111assert ATT_Read_By_Type_Request in b 112assert not Raw in b 113