esp-idf/components/bt/test/test_smp.c
yulong fa8dc32800 component/bt: Fixed the vulnerability released by Bluetooth org when using public key not check in the process of ECDH encryption.
1. Add the 100 times test when the private key is generated by the random number;
2. Add the bt components to the unit-test-app/config directory.
3. Added the bt unit test case to CI.
2018-08-13 19:47:02 +08:00

108 lines
3.1 KiB
C

/*
Tests for the BLE SMP implementation
*/
#include <esp_types.h>
#include <stdio.h>
#include <stdlib.h>
#include <malloc.h>
#include <string.h>
#include <string.h>
#include "freertos/FreeRTOS.h"
#include "freertos/task.h"
#include "freertos/semphr.h"
#include "freertos/queue.h"
#include "freertos/xtensa_api.h"
#include "unity.h"
#include "esp_heap_caps.h"
#include "esp_log.h"
#include "freertos/ringbuf.h"
#include "esp_system.h"
#include "nvs_flash.h"
#include "esp_bt.h"
#include "esp_bt_main.h"
#include "esp_bt_device.h"
#include "esp_gap_ble_api.h"
#define TAG "ble_smp_test"
#define KEY_LENGTH_DWORDS_P256 8
typedef unsigned long DWORD;
typedef uint32_t UINT32;
typedef struct {
DWORD x[KEY_LENGTH_DWORDS_P256];
DWORD y[KEY_LENGTH_DWORDS_P256];
DWORD z[KEY_LENGTH_DWORDS_P256];
} Point;
typedef struct {
// curve's coefficients
DWORD a[KEY_LENGTH_DWORDS_P256];
DWORD b[KEY_LENGTH_DWORDS_P256];
//whether a is -3
int a_minus3;
// prime modulus
DWORD p[KEY_LENGTH_DWORDS_P256];
// Omega, p = 2^m -omega
DWORD omega[KEY_LENGTH_DWORDS_P256];
// base point, a point on E of order r
Point G;
} elliptic_curve_t;
extern void ECC_PointMult_Bin_NAF(Point *q, Point *p, DWORD *n, uint32_t keyLength);
extern bool ECC_CheckPointIsInElliCur_P256(Point *p);
extern void p_256_init_curve(UINT32 keyLength);
extern elliptic_curve_t curve_p256;
static void bt_rand(void *buf, size_t len)
{
if (!len) {
return;
}
// Reset the buf value to the fixed value.
memset(buf, 0x55, len);
for (int i = 0; i < (int)(len / sizeof(uint32_t)); i++) {
uint32_t rand = esp_random();
memcpy(buf + i*sizeof(uint32_t), &rand, sizeof(uint32_t));
}
return;
}
TEST_CASE("ble_smp_public_key_check", "[ble_smp]")
{
/* We wait init finish 200ms here */
vTaskDelay(200 / portTICK_PERIOD_MS);
Point public_key;
DWORD private_key[KEY_LENGTH_DWORDS_P256] = {[0 ... (KEY_LENGTH_DWORDS_P256 - 1)] = 0x12345678};
p_256_init_curve(KEY_LENGTH_DWORDS_P256);
ECC_PointMult_Bin_NAF(&public_key, &(curve_p256.G), private_key, KEY_LENGTH_DWORDS_P256);
/* Check Is the public key generated by the system on the given elliptic curve */
TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&public_key));
/* We simulate the attacker and set the y coordinate of the public key to 0. */
for (int i = 0; i < KEY_LENGTH_DWORDS_P256; i++) {
public_key.y[i] = 0x0;
}
/* At this point the public key should not be on the given elliptic curve. */
TEST_ASSERT(!ECC_CheckPointIsInElliCur_P256(&public_key));
/* Test whether the G point on the protocol is on a given elliptic curve */
TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&(curve_p256.G)));
/* test 100 times when the private key is generated by the random number. */
for (int j = 0; j < 100; j++) {
bt_rand(private_key, sizeof(DWORD)*KEY_LENGTH_DWORDS_P256);
ECC_PointMult_Bin_NAF(&public_key, &(curve_p256.G), private_key, KEY_LENGTH_DWORDS_P256);
/* Check Is the public key generated by the system on the given elliptic curve */
TEST_ASSERT(ECC_CheckPointIsInElliCur_P256(&public_key));
}
}