From 9c63028e8ee59cb6e2812835108aef372826e74a Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Tue, 24 Sep 2024 22:28:42 -0500 Subject: [PATCH 1/3] Add a second delay() to get the unit tests running on Rak4631 --- test/test_crypto/test_main.cpp | 1 + 1 file changed, 1 insertion(+) diff --git a/test/test_crypto/test_main.cpp b/test/test_crypto/test_main.cpp index 129c882839..0c820178ac 100644 --- a/test/test_crypto/test_main.cpp +++ b/test/test_crypto/test_main.cpp @@ -129,6 +129,7 @@ void setup() { // NOTE!!! Wait for >2 secs // if board doesn't support software reset via Serial.DTR/RTS + delay(10); delay(2000); UNITY_BEGIN(); // IMPORTANT LINE! From 4ccd2041722496e10c4d8134acea5ec487f52394 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Thu, 26 Sep 2024 16:42:34 -0500 Subject: [PATCH 2/3] Add test_PKC_Decrypt --- src/mesh/CryptoEngine.cpp | 2 ++ test/test_crypto/test_main.cpp | 51 ++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+) diff --git a/src/mesh/CryptoEngine.cpp b/src/mesh/CryptoEngine.cpp index 79666b3210..8802f97215 100644 --- a/src/mesh/CryptoEngine.cpp +++ b/src/mesh/CryptoEngine.cpp @@ -104,6 +104,7 @@ bool CryptoEngine::decryptCurve25519(uint32_t fromNode, uint64_t packetNum, size auth = bytes + numBytes - 12; extraNonce = (uint32_t *)(auth + 8); LOG_INFO("Random nonce value: %d\n", *extraNonce); +#ifndef PIO_UNIT_TESTING meshtastic_NodeInfoLite *node = nodeDB->getMeshNode(fromNode); if (node == nullptr || node->num < 1 || node->user.public_key.size == 0) { @@ -115,6 +116,7 @@ bool CryptoEngine::decryptCurve25519(uint32_t fromNode, uint64_t packetNum, size if (!crypto->setDHKey(fromNode)) { return false; } +#endif initNonce(fromNode, packetNum, *extraNonce); printBytes("Attempting decrypt using nonce: ", nonce, 13); printBytes("Attempting decrypt using shared_key starting with: ", shared_key, 8); diff --git a/test/test_crypto/test_main.cpp b/test/test_crypto/test_main.cpp index 0c820178ac..ade01692c7 100644 --- a/test/test_crypto/test_main.cpp +++ b/test/test_crypto/test_main.cpp @@ -98,7 +98,57 @@ void test_DH25519(void) HexToBytes(private_key, "18630f93598637c35da623a74559cf944374a559114c7937811041fc8605564a"); crypto->setDHPrivateKey(private_key); TEST_ASSERT(!crypto->setDHPublicKey(public_key)); // Weak public key results in 0 shared key + + HexToBytes(public_key, "f7e13a1a067d2f4e1061bf9936fde5be6b0c2494a8f809cbac7f290ef719e91c"); + HexToBytes(private_key, "10300724f3bea134eb1575245ef26ff9b8ccd59849cd98ce1a59002fe1d5986c"); + HexToBytes(expected_shared, "24becd5dfed9e9289ba2e15b82b0d54f8e9aacb72f5e4248c58d8d74b451ce76"); + crypto->setDHPrivateKey(private_key); + TEST_ASSERT(crypto->setDHPublicKey(public_key)); + crypto->hash(crypto->shared_key, 32); + TEST_ASSERT_EQUAL_MEMORY(expected_shared, crypto->shared_key, 32); } + +void test_PKC_Decrypt(void) +{ + uint8_t private_key[32]; + uint8_t public_key[32]; + uint8_t expected_shared[32]; + uint8_t expected_decrypted[32]; + + uint8_t radioBytes[128] __attribute__((__aligned__)); + ; + uint8_t decrypted[128] __attribute__((__aligned__)); + ; + uint8_t expected_nonce[16]; + + uint32_t fromNode; + HexToBytes(public_key, "db18fc50eea47f00251cb784819a3cf5fc361882597f589f0d7ff820e8064457"); + HexToBytes(private_key, "a00330633e63522f8a4d81ec6d9d1e6617f6c8ffd3a4c698229537d44e522277"); + HexToBytes(expected_shared, "777b1545c9d6f9a2"); + HexToBytes(expected_decrypted, "08011204746573744800"); + HexToBytes(radioBytes, "8c646d7a2909000062d6b2136b00000040df24abfcc30a17a3d9046726099e796a1c036a792b"); + HexToBytes(expected_nonce, "62d6b213036a792b2909000000"); + fromNode = 0x0929; + crypto->setDHPrivateKey(private_key); + TEST_ASSERT(crypto->setDHPublicKey(public_key)); + crypto->hash(crypto->shared_key, 32); + TEST_ASSERT_EQUAL_MEMORY(expected_shared, crypto->shared_key, 8); + + crypto->decryptCurve25519(fromNode, 0x13b2d662, 22, radioBytes + 16, decrypted); + TEST_ASSERT_EQUAL_MEMORY(expected_shared, crypto->shared_key, 8); + TEST_ASSERT_EQUAL_MEMORY(expected_nonce, crypto->nonce, 13); + + TEST_ASSERT_EQUAL_MEMORY(expected_decrypted, decrypted, 10); +} + +// Test PKC Decrypt +// Pick a device, modify it to output the raw bytes before and after decrypt +// Use the Pi 5. with -e, and generate new +// send various messages from other devices +// regenerate keys and repeat +// load the local private key, the remote public key, and the packet bytes +// use the new setDHPublicKey and setDHPrivateKey +// may need to create new encrypt/decryptCurve25519 function to take a key rather than a fromNode void test_AES_CTR(void) { uint8_t expected[32]; @@ -137,6 +187,7 @@ void setup() RUN_TEST(test_ECB_AES256); RUN_TEST(test_DH25519); RUN_TEST(test_AES_CTR); + RUN_TEST(test_PKC_Decrypt); } void loop() From 01b3f55c5a61ef5e5433a3f2969e690203674292 Mon Sep 17 00:00:00 2001 From: Jonathan Bennett Date: Thu, 26 Sep 2024 16:59:48 -0500 Subject: [PATCH 3/3] Remove cruft from test case --- test/test_crypto/test_main.cpp | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/test/test_crypto/test_main.cpp b/test/test_crypto/test_main.cpp index ade01692c7..cbe3660486 100644 --- a/test/test_crypto/test_main.cpp +++ b/test/test_crypto/test_main.cpp @@ -114,11 +114,8 @@ void test_PKC_Decrypt(void) uint8_t public_key[32]; uint8_t expected_shared[32]; uint8_t expected_decrypted[32]; - uint8_t radioBytes[128] __attribute__((__aligned__)); - ; uint8_t decrypted[128] __attribute__((__aligned__)); - ; uint8_t expected_nonce[16]; uint32_t fromNode; @@ -132,8 +129,6 @@ void test_PKC_Decrypt(void) crypto->setDHPrivateKey(private_key); TEST_ASSERT(crypto->setDHPublicKey(public_key)); crypto->hash(crypto->shared_key, 32); - TEST_ASSERT_EQUAL_MEMORY(expected_shared, crypto->shared_key, 8); - crypto->decryptCurve25519(fromNode, 0x13b2d662, 22, radioBytes + 16, decrypted); TEST_ASSERT_EQUAL_MEMORY(expected_shared, crypto->shared_key, 8); TEST_ASSERT_EQUAL_MEMORY(expected_nonce, crypto->nonce, 13); @@ -141,14 +136,6 @@ void test_PKC_Decrypt(void) TEST_ASSERT_EQUAL_MEMORY(expected_decrypted, decrypted, 10); } -// Test PKC Decrypt -// Pick a device, modify it to output the raw bytes before and after decrypt -// Use the Pi 5. with -e, and generate new -// send various messages from other devices -// regenerate keys and repeat -// load the local private key, the remote public key, and the packet bytes -// use the new setDHPublicKey and setDHPrivateKey -// may need to create new encrypt/decryptCurve25519 function to take a key rather than a fromNode void test_AES_CTR(void) { uint8_t expected[32];