TEST(SecurityManager, CMACTest){ mock_init(); mock_simulate_hci_state_working(); // expect le encrypt commmand CHECK_HCI_COMMAND(test_command_packet_01); aes128_report_result(); // expect le encrypt commmand CHECK_HCI_COMMAND(test_command_packet_02); aes128_report_result(); mock_clear_packet_buffer(); // additional test: cmac signing // aes cmac tests sm_key_t key; parse_hex(key, key_string); uint8_t message [] = "hallo"; cmac_hash_received = 0; sm_cmac_signed_write_start(key, 0x11, 0x1234, sizeof(message), message, 1, &cmac_done); while (!cmac_hash_received){ aes128_report_result(); } uint8_t expected_hash[] = { 0x40, 0x4E, 0xDC, 0x0F, 0x6E, 0x0F, 0xF9, 0x5C}; CHECK_EQUAL_ARRAY(expected_hash, cmac_hash, 8); // generic aes cmac tests VALIDATE_MESSAGE(m0); VALIDATE_MESSAGE(m16); VALIDATE_MESSAGE(m40); VALIDATE_MESSAGE(m64); }
static void att_run_for_context(att_server_t * att_server){ switch (att_server->state){ case ATT_SERVER_REQUEST_RECEIVED: // wait until pairing is complete if (att_server->pairing_active) break; #ifdef ENABLE_LE_SIGNED_WRITE if (att_server->request_buffer[0] == ATT_SIGNED_WRITE_COMMAND){ log_info("ATT Signed Write!"); if (!sm_cmac_ready()) { log_info("ATT Signed Write, sm_cmac engine not ready. Abort"); att_server->state = ATT_SERVER_IDLE; return; } if (att_server->request_size < (3 + 12)) { log_info("ATT Signed Write, request to short. Abort."); att_server->state = ATT_SERVER_IDLE; return; } if (att_server->ir_lookup_active){ return; } if (att_server->ir_le_device_db_index < 0){ log_info("ATT Signed Write, CSRK not available"); att_server->state = ATT_SERVER_IDLE; return; } // check counter uint32_t counter_packet = little_endian_read_32(att_server->request_buffer, att_server->request_size-12); uint32_t counter_db = le_device_db_remote_counter_get(att_server->ir_le_device_db_index); log_info("ATT Signed Write, DB counter %"PRIu32", packet counter %"PRIu32, counter_db, counter_packet); if (counter_packet < counter_db){ log_info("ATT Signed Write, db reports higher counter, abort"); att_server->state = ATT_SERVER_IDLE; return; } // signature is { sequence counter, secure hash } sm_key_t csrk; le_device_db_remote_csrk_get(att_server->ir_le_device_db_index, csrk); att_server->state = ATT_SERVER_W4_SIGNED_WRITE_VALIDATION; log_info("Orig Signature: "); log_info_hexdump( &att_server->request_buffer[att_server->request_size-8], 8); uint16_t attribute_handle = little_endian_read_16(att_server->request_buffer, 1); sm_cmac_signed_write_start(csrk, att_server->request_buffer[0], attribute_handle, att_server->request_size - 15, &att_server->request_buffer[3], counter_packet, att_signed_write_handle_cmac_result); return; } #endif // move on att_server->state = ATT_SERVER_REQUEST_RECEIVED_AND_VALIDATED; att_dispatch_server_request_can_send_now_event(att_server->connection.con_handle); break; default: break; } }