mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-17 18:34:03 -05:00
tests: SAE and bignum failures
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
f73b167c69
commit
51761ba297
@ -13,7 +13,7 @@ logger = logging.getLogger()
|
|||||||
|
|
||||||
import hwsim_utils
|
import hwsim_utils
|
||||||
import hostapd
|
import hostapd
|
||||||
from utils import HwsimSkip, alloc_fail, fail_test
|
from utils import HwsimSkip, alloc_fail, fail_test, wait_fail_trigger
|
||||||
from test_ap_psk import find_wpas_process, read_process_memory, verify_not_present, get_key_locations
|
from test_ap_psk import find_wpas_process, read_process_memory, verify_not_present, get_key_locations
|
||||||
|
|
||||||
def test_sae(dev, apdev):
|
def test_sae(dev, apdev):
|
||||||
@ -728,6 +728,11 @@ def test_sae_pwe_failure(dev, apdev):
|
|||||||
scan_freq="2412")
|
scan_freq="2412")
|
||||||
dev[0].request("REMOVE_NETWORK all")
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
dev[0].wait_disconnected()
|
dev[0].wait_disconnected()
|
||||||
|
with fail_test(dev[0], 1, "sae_test_pwd_seed_ecc"):
|
||||||
|
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
|
||||||
|
scan_freq="2412")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
dev[0].wait_disconnected()
|
||||||
|
|
||||||
dev[0].request("SET sae_groups 5")
|
dev[0].request("SET sae_groups 5")
|
||||||
with fail_test(dev[0], 1, "hmac_sha256_vector;sae_derive_pwe_ffc"):
|
with fail_test(dev[0], 1, "hmac_sha256_vector;sae_derive_pwe_ffc"):
|
||||||
@ -747,3 +752,84 @@ def test_sae_pwe_failure(dev, apdev):
|
|||||||
scan_freq="2412")
|
scan_freq="2412")
|
||||||
dev[0].request("REMOVE_NETWORK all")
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
dev[0].wait_disconnected()
|
dev[0].wait_disconnected()
|
||||||
|
|
||||||
|
def test_sae_bignum_failure(dev, apdev):
|
||||||
|
"""SAE and bignum failure"""
|
||||||
|
if "SAE" not in dev[0].get_capability("auth_alg"):
|
||||||
|
raise HwsimSkip("SAE not supported")
|
||||||
|
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
|
||||||
|
params['wpa_key_mgmt'] = 'SAE'
|
||||||
|
params['sae_groups'] = '19 5 22'
|
||||||
|
hapd = hostapd.add_ap(apdev[0]['ifname'], params)
|
||||||
|
|
||||||
|
dev[0].request("SET sae_groups 19")
|
||||||
|
tests = [ (1, "crypto_bignum_init_set;get_rand_1_to_p_1"),
|
||||||
|
(1, "crypto_bignum_init;is_quadratic_residue_blind"),
|
||||||
|
(1, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
|
||||||
|
(2, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
|
||||||
|
(3, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
|
||||||
|
(1, "crypto_bignum_legendre;is_quadratic_residue_blind"),
|
||||||
|
(1, "crypto_bignum_init_set;sae_test_pwd_seed_ecc"),
|
||||||
|
(1, "crypto_ec_point_compute_y_sqr;sae_test_pwd_seed_ecc"),
|
||||||
|
(1, "crypto_bignum_init_set;get_random_qr_qnr"),
|
||||||
|
(1, "crypto_bignum_to_bin;sae_derive_pwe_ecc"),
|
||||||
|
(1, "crypto_ec_point_init;sae_derive_pwe_ecc"),
|
||||||
|
(1, "crypto_ec_point_solve_y_coord;sae_derive_pwe_ecc"),
|
||||||
|
(1, "crypto_ec_point_init;sae_derive_commit_element_ecc"),
|
||||||
|
(1, "crypto_ec_point_mul;sae_derive_commit_element_ecc"),
|
||||||
|
(1, "crypto_ec_point_invert;sae_derive_commit_element_ecc"),
|
||||||
|
(1, "crypto_bignum_init;=sae_derive_commit"),
|
||||||
|
(1, "crypto_ec_point_init;sae_derive_k_ecc"),
|
||||||
|
(1, "crypto_ec_point_mul;sae_derive_k_ecc"),
|
||||||
|
(1, "crypto_ec_point_add;sae_derive_k_ecc"),
|
||||||
|
(2, "crypto_ec_point_mul;sae_derive_k_ecc"),
|
||||||
|
(1, "crypto_ec_point_to_bin;sae_derive_k_ecc"),
|
||||||
|
(1, "crypto_bignum_legendre;get_random_qr_qnr"),
|
||||||
|
(1, "sha256_prf;sae_derive_keys"),
|
||||||
|
(1, "crypto_bignum_init;sae_derive_keys"),
|
||||||
|
(1, "crypto_bignum_init_set;sae_parse_commit_scalar"),
|
||||||
|
(1, "crypto_bignum_to_bin;sae_parse_commit_element_ecc"),
|
||||||
|
(1, "crypto_ec_point_from_bin;sae_parse_commit_element_ecc") ]
|
||||||
|
for count, func in tests:
|
||||||
|
with fail_test(dev[0], count, func):
|
||||||
|
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
wait_fail_trigger(dev[0], "GET_FAIL")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
|
||||||
|
dev[0].request("SET sae_groups 5")
|
||||||
|
tests = [ (1, "crypto_bignum_init_set;sae_set_group"),
|
||||||
|
(2, "crypto_bignum_init_set;sae_set_group"),
|
||||||
|
(1, "crypto_bignum_init_set;sae_get_rand"),
|
||||||
|
(1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
|
||||||
|
(1, "crypto_bignum_exptmod;sae_test_pwd_seed_ffc"),
|
||||||
|
(1, "crypto_bignum_init;sae_derive_pwe_ffc"),
|
||||||
|
(1, "crypto_bignum_init;sae_derive_commit_element_ffc"),
|
||||||
|
(1, "crypto_bignum_exptmod;sae_derive_commit_element_ffc"),
|
||||||
|
(1, "crypto_bignum_inverse;sae_derive_commit_element_ffc"),
|
||||||
|
(1, "crypto_bignum_init;sae_derive_k_ffc"),
|
||||||
|
(1, "crypto_bignum_exptmod;sae_derive_k_ffc"),
|
||||||
|
(1, "crypto_bignum_mulmod;sae_derive_k_ffc"),
|
||||||
|
(2, "crypto_bignum_exptmod;sae_derive_k_ffc"),
|
||||||
|
(1, "crypto_bignum_to_bin;sae_derive_k_ffc"),
|
||||||
|
(1, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
|
||||||
|
(1, "crypto_bignum_init;sae_parse_commit_element_ffc"),
|
||||||
|
(2, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
|
||||||
|
(1, "crypto_bignum_exptmod;sae_parse_commit_element_ffc") ]
|
||||||
|
for count, func in tests:
|
||||||
|
with fail_test(dev[0], count, func):
|
||||||
|
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
wait_fail_trigger(dev[0], "GET_FAIL")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
|
||||||
|
dev[0].request("SET sae_groups 22")
|
||||||
|
tests = [ (1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
|
||||||
|
(1, "crypto_bignum_sub;sae_test_pwd_seed_ffc"),
|
||||||
|
(1, "crypto_bignum_div;sae_test_pwd_seed_ffc") ]
|
||||||
|
for count, func in tests:
|
||||||
|
with fail_test(dev[0], count, func):
|
||||||
|
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
wait_fail_trigger(dev[0], "GET_FAIL")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
Loading…
Reference in New Issue
Block a user