1 /******************************************************************************
2 *
3 * Copyright 2016 The Android Open Source Project
4 *
5 * Licensed under the Apache License, Version 2.0 (the "License");
6 * you may not use this file except in compliance with the License.
7 * You may obtain a copy of the License at:
8 *
9 * http://www.apache.org/licenses/LICENSE-2.0
10 *
11 * Unless required by applicable law or agreed to in writing, software
12 * distributed under the License is distributed on an "AS IS" BASIS,
13 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 * See the License for the specific language governing permissions and
15 * limitations under the License.
16 *
17 ******************************************************************************/
18 #include <stdarg.h>
19
20 #include <gmock/gmock.h>
21 #include <gtest/gtest.h>
22
23 #include "bt_trace.h"
24 #include "hcidefs.h"
25 #include "stack/include/smp_api.h"
26 #include "stack/smp/p_256_ecc_pp.h"
27 #include "stack/smp/smp_int.h"
28
29 /*
30 * This test verifies various key distribution methods in SMP works using the
31 * following parameter set:
32 *
33 * When testing target as Master (Initiator is local, Responder is remote)
34 *
35 * Initiator's Pairing Request: 0x070710000001(01)
36 * Responder's Pairing Response: 0x050008000003(02)
37 * Initiator's Bluetooth Address: 0xA1A2A3A4A5A6
38 * Initiator's Bluetooth Address Type: 0x01
39 * Responder's Bluetooth Address: 0xB1B2B3B4B5B6
40 * Responder's Bluetooth Address Type: 0x00
41 * Initiator's Random Number: 0x5783D52156AD6F0E6388274EC6702EE0
42 * TK Encryption Key: 0x0
43 *
44 * Correct values:
45 *
46 * p1: 0x05000800000302070710000001010001
47 * p1 XOR r: 0x5283dd2156ae6d096498274ec7712ee1
48 * p1 prime: 0x02c7aa2a9857ac866ff91232df0e3c95
49 * p2: 0x00000000a1a2a3a4a5a6b1b2b3b4b5b6
50 * MConfirm (c1): 0x1e1e3fef878988ead2a74dc5bef13b86
51 *
52 * NOTE: All these values are presented in mathematical reasonable canonical
53 * form that has MSB on the left and LSB on the right. In Bluetooth packets,
54 * they are mostly reversed to be Little Endian which have LSB on the left and
55 * MSB on the right.
56 */
57
58 // Set remote bda to 0xB1B2B3B4B5B6
BTM_ReadRemoteConnectionAddr(const RawAddress & pseudo_addr,RawAddress & conn_addr,tBLE_ADDR_TYPE * p_addr_type)59 bool BTM_ReadRemoteConnectionAddr(const RawAddress& pseudo_addr,
60 RawAddress& conn_addr,
61 tBLE_ADDR_TYPE* p_addr_type) {
62 conn_addr = RawAddress({0xB1, 0xB2, 0xB3, 0xB4, 0xB5, 0xB6});
63 *p_addr_type = 0x00;
64 return true;
65 }
66
67 // Set local_bda to 0xA1A2A3A4A5A6
BTM_ReadConnectionAddr(const RawAddress & remote_bda,RawAddress & local_conn_addr,tBLE_ADDR_TYPE * p_addr_type)68 void BTM_ReadConnectionAddr(const RawAddress& remote_bda,
69 RawAddress& local_conn_addr,
70 tBLE_ADDR_TYPE* p_addr_type) {
71 local_conn_addr = RawAddress({0xA1, 0xA2, 0xA3, 0xA4, 0xA5, 0xA6});
72 *p_addr_type = 0x01;
73 }
74
75 // Require bte_logmsg.cc to run, here is just to fake it as we don't care about
76 // trace in unit test
LogMsg(uint32_t trace_set_mask,const char * fmt_str,...)77 void LogMsg(uint32_t trace_set_mask, const char* fmt_str, ...) {
78 va_list args;
79 va_start(args, fmt_str);
80 vprintf(fmt_str, args);
81 va_end(args);
82 }
83
84 extern void smp_gen_p1_4_confirm(tSMP_CB* p_cb,
85 tBLE_ADDR_TYPE remote_bd_addr_type,
86 BT_OCTET16 p1);
87
88 extern void smp_gen_p2_4_confirm(tSMP_CB* p_cb, const RawAddress& remote_bda,
89 BT_OCTET16 p2);
90
91 extern tSMP_STATUS smp_calculate_comfirm(tSMP_CB* p_cb, BT_OCTET16 rand,
92 tSMP_ENC* output);
93
94 namespace testing {
95
dump_uint128(BT_OCTET16 a,char * buffer)96 void dump_uint128(BT_OCTET16 a, char* buffer) {
97 for (unsigned int i = 0; i < sizeof(BT_OCTET16); ++i) {
98 snprintf(buffer, 3, "%02x", a[i]);
99 buffer += 2;
100 }
101 *buffer = '\0';
102 }
103
dump_uint128_reverse(BT_OCTET16 a,char * buffer)104 void dump_uint128_reverse(BT_OCTET16 a, char* buffer) {
105 for (int i = (int)(sizeof(BT_OCTET16) - 1); i >= 0; --i) {
106 snprintf(buffer, 3, "%02x", a[i]);
107 buffer += 2;
108 }
109 *buffer = '\0';
110 }
111
print_uint128(BT_OCTET16 a)112 void print_uint128(BT_OCTET16 a) {
113 for (unsigned int i = 0; i < sizeof(BT_OCTET16); ++i) {
114 printf("%02x", a[i]);
115 }
116 printf("\n");
117 }
118
parse_uint128(const char * input,BT_OCTET16 output)119 void parse_uint128(const char* input, BT_OCTET16 output) {
120 memset(output, 0, sizeof(BT_OCTET16));
121 for (unsigned int count = 0; count < sizeof(BT_OCTET16); count++) {
122 sscanf(input, "%2hhx", &output[count]);
123 input += 2;
124 }
125 }
126
reverse_array_inplace(BT_OCTET16 a)127 void reverse_array_inplace(BT_OCTET16 a) {
128 uint8_t tmp;
129 uint8_t* a_end = a + sizeof(BT_OCTET16) - 1;
130 while (a_end > a) {
131 tmp = *a_end;
132 *a_end = *a;
133 *a = tmp;
134 ++a;
135 --a_end;
136 }
137 }
138
139 class SmpCalculateConfirmTest : public Test {
140 protected:
141 tSMP_CB p_cb_;
142 // Set random to 0x5783D52156AD6F0E6388274EC6702EE0
143 BT_OCTET16 rand_ = {0x57, 0x83, 0xD5, 0x21, 0x56, 0xAD, 0x6F, 0x0E,
144 0x63, 0x88, 0x27, 0x4E, 0xC6, 0x70, 0x2E, 0xE0};
145
SetUp()146 void SetUp() {
147 memset(p_cb_.tk, 0, sizeof(p_cb_.tk));
148 // Set pairing request packet to 0x070710000001(01)
149 p_cb_.local_io_capability = 0x01;
150 p_cb_.loc_oob_flag = 0x00;
151 p_cb_.loc_auth_req = 0x00;
152 p_cb_.loc_enc_size = 0x10;
153 p_cb_.local_i_key = 0x07;
154 p_cb_.local_r_key = 0x07;
155 // Set pairing response packet to 0x050008000003(02)
156 p_cb_.peer_io_caps = 0x03;
157 p_cb_.peer_oob_flag = 0x00;
158 p_cb_.peer_auth_req = 0x00;
159 p_cb_.peer_enc_size = 0x08;
160 p_cb_.peer_i_key = 0x00;
161 p_cb_.peer_r_key = 0x05;
162 // Set role to master
163 p_cb_.role = HCI_ROLE_MASTER;
164 reverse_array_inplace(rand_);
165 }
TearDown()166 void TearDown() {}
167
168 public:
169 };
170
171 // Test smp_gen_p2_4_confirm function implementation
TEST_F(SmpCalculateConfirmTest,test_smp_gen_p2_4_confirm_as_master)172 TEST_F(SmpCalculateConfirmTest, test_smp_gen_p2_4_confirm_as_master) {
173 BT_OCTET16 p2;
174 RawAddress remote_bda;
175 tBLE_ADDR_TYPE remote_bd_addr_type = 0;
176 BTM_ReadRemoteConnectionAddr(p_cb_.pairing_bda, remote_bda,
177 &remote_bd_addr_type);
178 BTM_ReadConnectionAddr(p_cb_.pairing_bda, p_cb_.local_bda, &p_cb_.addr_type);
179 smp_gen_p2_4_confirm(&p_cb_, remote_bda, p2);
180 // Correct p2 is 0x00000000a1a2a3a4a5a6b1b2b3b4b5b6
181 const char expected_p2_str[] = "00000000a1a2a3a4a5a6b1b2b3b4b5b6";
182 char p2_str[2 * sizeof(BT_OCTET16) + 1];
183 dump_uint128_reverse(p2, p2_str);
184 ASSERT_THAT(p2_str, StrEq(expected_p2_str));
185 }
186
187 // Test smp_gen_p1_4_confirm and SMP_Encrypt function implementation
TEST_F(SmpCalculateConfirmTest,test_SMP_Encrypt_as_master)188 TEST_F(SmpCalculateConfirmTest, test_SMP_Encrypt_as_master) {
189 BT_OCTET16 p1;
190 RawAddress remote_bda;
191 tBLE_ADDR_TYPE remote_bd_addr_type = 0;
192 BTM_ReadRemoteConnectionAddr(p_cb_.pairing_bda, remote_bda,
193 &remote_bd_addr_type);
194 BTM_ReadConnectionAddr(p_cb_.pairing_bda, p_cb_.local_bda, &p_cb_.addr_type);
195 smp_gen_p1_4_confirm(&p_cb_, remote_bd_addr_type, p1);
196 // Correct p1 is 0x05000800000302070710000001010001
197 const char expected_p1_str[] = "05000800000302070710000001010001";
198 char p1_str[2 * sizeof(BT_OCTET16) + 1];
199 dump_uint128_reverse(p1, p1_str);
200 ASSERT_THAT(p1_str, StrEq(expected_p1_str));
201 smp_xor_128(p1, rand_);
202 // Correct p1 xor r is 0x5283dd2156ae6d096498274ec7712ee1
203 const char expected_p1_xor_r_str[] = "5283dd2156ae6d096498274ec7712ee1";
204 char p1_xor_r_str[2 * sizeof(BT_OCTET16) + 1];
205 dump_uint128_reverse(p1, p1_xor_r_str);
206 ASSERT_THAT(p1_xor_r_str, StrEq(expected_p1_xor_r_str));
207 tSMP_ENC output;
208 memset(&output, 0, sizeof(tSMP_ENC));
209 ASSERT_TRUE(
210 SMP_Encrypt(p_cb_.tk, BT_OCTET16_LEN, p1, BT_OCTET16_LEN, &output));
211 const char expected_p1_prime_str[] = "02c7aa2a9857ac866ff91232df0e3c95";
212 char p1_prime_str[2 * sizeof(BT_OCTET16) + 1];
213 dump_uint128_reverse(output.param_buf, p1_prime_str);
214 ASSERT_THAT(p1_prime_str, StrEq(expected_p1_prime_str));
215 }
216
217 // Test smp_calculate_comfirm function implementation
TEST_F(SmpCalculateConfirmTest,test_smp_calculate_comfirm_as_master)218 TEST_F(SmpCalculateConfirmTest, test_smp_calculate_comfirm_as_master) {
219 tSMP_ENC output;
220 tSMP_STATUS status = smp_calculate_comfirm(&p_cb_, rand_, &output);
221 EXPECT_EQ(status, SMP_SUCCESS);
222 // Correct MConfirm is 0x1e1e3fef878988ead2a74dc5bef13b86
223 const char expected_confirm_str[] = "1e1e3fef878988ead2a74dc5bef13b86";
224 char confirm_str[2 * sizeof(BT_OCTET16) + 1];
225 dump_uint128_reverse(output.param_buf, confirm_str);
226 ASSERT_THAT(confirm_str, StrEq(expected_confirm_str));
227 }
228
229 // Test ECC point validation
TEST(SmpEccValidationTest,test_valid_points)230 TEST(SmpEccValidationTest, test_valid_points) {
231 Point p;
232
233 // Test data from Bluetooth Core Specification
234 // Version 5.0 | Vol 2, Part G | 7.1.2
235
236 // Sample 1
237 p.x[7] = 0x20b003d2;
238 p.x[6] = 0xf297be2c;
239 p.x[5] = 0x5e2c83a7;
240 p.x[4] = 0xe9f9a5b9;
241 p.x[3] = 0xeff49111;
242 p.x[2] = 0xacf4fddb;
243 p.x[1] = 0xcc030148;
244 p.x[0] = 0x0e359de6;
245
246 p.y[7] = 0xdc809c49;
247 p.y[6] = 0x652aeb6d;
248 p.y[5] = 0x63329abf;
249 p.y[4] = 0x5a52155c;
250 p.y[3] = 0x766345c2;
251 p.y[2] = 0x8fed3024;
252 p.y[1] = 0x741c8ed0;
253 p.y[0] = 0x1589d28b;
254
255 EXPECT_TRUE(ECC_ValidatePoint(p));
256
257 // Sample 2
258 p.x[7] = 0x2c31a47b;
259 p.x[6] = 0x5779809e;
260 p.x[5] = 0xf44cb5ea;
261 p.x[4] = 0xaf5c3e43;
262 p.x[3] = 0xd5f8faad;
263 p.x[2] = 0x4a8794cb;
264 p.x[1] = 0x987e9b03;
265 p.x[0] = 0x745c78dd;
266
267 p.y[7] = 0x91951218;
268 p.y[6] = 0x3898dfbe;
269 p.y[5] = 0xcd52e240;
270 p.y[4] = 0x8e43871f;
271 p.y[3] = 0xd0211091;
272 p.y[2] = 0x17bd3ed4;
273 p.y[1] = 0xeaf84377;
274 p.y[0] = 0x43715d4f;
275
276 EXPECT_TRUE(ECC_ValidatePoint(p));
277 }
278
TEST(SmpEccValidationTest,test_invalid_points)279 TEST(SmpEccValidationTest, test_invalid_points) {
280 Point p;
281 multiprecision_init(p.x, 8);
282 multiprecision_init(p.y, 8);
283
284 EXPECT_FALSE(ECC_ValidatePoint(p));
285
286 // Sample 1
287 p.x[7] = 0x20b003d2;
288 p.x[6] = 0xf297be2c;
289 p.x[5] = 0x5e2c83a7;
290 p.x[4] = 0xe9f9a5b9;
291 p.x[3] = 0xeff49111;
292 p.x[2] = 0xacf4fddb;
293 p.x[1] = 0xcc030148;
294 p.x[0] = 0x0e359de6;
295
296 EXPECT_FALSE(ECC_ValidatePoint(p));
297
298 p.y[7] = 0xdc809c49;
299 p.y[6] = 0x652aeb6d;
300 p.y[5] = 0x63329abf;
301 p.y[4] = 0x5a52155c;
302 p.y[3] = 0x766345c2;
303 p.y[2] = 0x8fed3024;
304 p.y[1] = 0x741c8ed0;
305 p.y[0] = 0x1589d28b;
306
307 p.y[0]--;
308
309 EXPECT_FALSE(ECC_ValidatePoint(p));
310 }
311 } // namespace testing
312