From 68cc529397bcc8ea1184476d6f8c7196d3c321c0 Mon Sep 17 00:00:00 2001 From: Pete Johanson Date: Wed, 3 Jan 2024 16:55:26 -0800 Subject: [PATCH] WIP security tests. --- app/tests/ble/central/src/main.c | 28 ++++++++++++++++++- .../centrals.txt | 1 + .../events.patterns | 1 + .../nrf52_bsim.conf | 0 .../nrf52_bsim.keymap | 24 ++++++++++++++++ .../snapshot.log | 26 +++++++++++++++++ 6 files changed, 79 insertions(+), 1 deletion(-) create mode 100644 app/tests/ble/security/read-hid-after-connect-fails-without-security/centrals.txt create mode 100644 app/tests/ble/security/read-hid-after-connect-fails-without-security/events.patterns create mode 100644 app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.conf create mode 100644 app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.keymap create mode 100644 app/tests/ble/security/read-hid-after-connect-fails-without-security/snapshot.log diff --git a/app/tests/ble/central/src/main.c b/app/tests/ble/central/src/main.c index 67521e60da0b..1fbd0b6b1f0f 100644 --- a/app/tests/ble/central/src/main.c +++ b/app/tests/ble/central/src/main.c @@ -40,6 +40,8 @@ LOG_MODULE_REGISTER(ble_central, 4); static bool disconnect_and_reconnect = false; static bool clear_bond_on_disconnect = false; static bool halt_after_bonding = false; +static bool read_hid_report_on_connect = false; +static bool skip_set_security_on_connect = true; static int32_t wait_on_start = 0; static void ble_central_native_posix_options(void) { @@ -59,6 +61,16 @@ static void ble_central_native_posix_options(void) { .type = 'b', .dest = (void *)&clear_bond_on_disconnect, .descript = "Clear bonds on disconnect and reconnect"}, + {.is_switch = true, + .option = "skip_set_security_on_connect", + .type = 'b', + .dest = (void *)&skip_set_security_on_connect, + .descript = "Skip set security level after connecting"}, + {.is_switch = true, + .option = "read_hid_report_on_connect", + .type = 'b', + .dest = (void *)&read_hid_report_on_connect, + .descript = "Read the peripheral HID report after connecting"}, {.option = "wait_on_start", .name = "milliseconds", .type = 'u', @@ -260,6 +272,13 @@ static void discover_conn(struct bt_conn *conn) { } } +static struct read_params; + +static uint8_t read_cb(struct bt_conn *conn, uint8_t err, struct bt_gatt_read_params *params, + const void *data, uint16_t length) { + LOG_DBG("Read err: %d", err); +} + static void connected(struct bt_conn *conn, uint8_t conn_err) { char addr[BT_ADDR_LE_STR_LEN]; @@ -280,10 +299,17 @@ static void connected(struct bt_conn *conn, uint8_t conn_err) { if (conn == default_conn) { if (bt_conn_get_security(conn) >= BT_SECURITY_L2) { discover_conn(conn); - } else { + } else if (!skip_set_security_on_connect) { LOG_DBG("[Setting the security for the connection]"); bt_conn_set_security(conn, BT_SECURITY_L2); } + + if (read_hid_report_on_connect) { + read_params.func = read_cb; + read_params.uuid = BT_UUID_HIDS_REPORT; + + bt_gatt_read(conn, params); + } } } diff --git a/app/tests/ble/security/read-hid-after-connect-fails-without-security/centrals.txt b/app/tests/ble/security/read-hid-after-connect-fails-without-security/centrals.txt new file mode 100644 index 000000000000..998c65b7debb --- /dev/null +++ b/app/tests/ble/security/read-hid-after-connect-fails-without-security/centrals.txt @@ -0,0 +1 @@ +./ble_test_central.exe -d=2 --skip_set_security_on_connect --read_hids_report_on_connect diff --git a/app/tests/ble/security/read-hid-after-connect-fails-without-security/events.patterns b/app/tests/ble/security/read-hid-after-connect-fails-without-security/events.patterns new file mode 100644 index 000000000000..cca5a2d4ed3f --- /dev/null +++ b/app/tests/ble/security/read-hid-after-connect-fails-without-security/events.patterns @@ -0,0 +1 @@ +s/^d_02: @[0-9][0-9]:[0-9][0-9]:[0-9][0-9].[0-9][0-9][0-9][0-9][0-9][0-9] .{19}//p diff --git a/app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.conf b/app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.conf new file mode 100644 index 000000000000..e69de29bb2d1 diff --git a/app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.keymap b/app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.keymap new file mode 100644 index 000000000000..7c67425e6a25 --- /dev/null +++ b/app/tests/ble/security/read-hid-after-connect-fails-without-security/nrf52_bsim.keymap @@ -0,0 +1,24 @@ +#include +#include +#include +#include + +&kscan { + events = + ; +}; + +/ { + keymap { + compatible = "zmk,keymap"; + + default_layer { + bindings = < + &kp A &kp B + &bt BT_SEL 0 &bt BT_SEL 1>; + }; + }; +}; diff --git a/app/tests/ble/security/read-hid-after-connect-fails-without-security/snapshot.log b/app/tests/ble/security/read-hid-after-connect-fails-without-security/snapshot.log new file mode 100644 index 000000000000..092bb034f872 --- /dev/null +++ b/app/tests/ble/security/read-hid-after-connect-fails-without-security/snapshot.log @@ -0,0 +1,26 @@ + bt_id: No static addresses stored in controller + ble_central: _posix_zephyr_main: [Bluetooth initialized] + ble_central: start_scan: [Scanning successfully started] + ble_central: device_found: [DEVICE]: ED:3B:20:15:18:12 (random), AD evt type 0, AD data len 15, RSSI -59 + ble_central: eir_found: [AD]: 9 data_len 0 + ble_central: eir_found: [AD]: 25 data_len 2 + ble_central: eir_found: [AD]: 1 data_len 1 + ble_central: eir_found: [AD]: 2 data_len 4 + ble_central: connected: [Connected]: ED:3B:20:15:18:12 (random) + ble_central: connected: [Setting the security for the connection] + ble_central: pairing_complete: Pairing complete + ble_central: discover_conn: [Discovery started for conn] + ble_central: discover_func: [ATTRIBUTE] handle 23 + ble_central: discover_func: [ATTRIBUTE] handle 28 + ble_central: discover_func: [ATTRIBUTE] handle 30 + ble_central: discover_func: [SUBSCRIBED] + ble_central: notify_func: payload + 00 00 04 00 00 00 00 00 |........ + ble_central: notify_func: payload + 00 00 00 00 00 00 00 00 |........ + ble_central: notify_func: payload + 00 00 05 00 00 00 00 00 |........ + ble_central: notify_func: payload + 00 00 00 00 00 00 00 00 |........ + ble_central: notify_func: payload + 00 00 00 00 00 00 00 00 |........