mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-29 02:38:22 -05:00
DPP: Extend protocol testing to cover missing attributes in PKEX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
b3e4cc5cbb
commit
61f9f27f80
@ -5522,11 +5522,22 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex)
|
||||
if (!msg)
|
||||
goto fail;
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Finite Cyclic Group");
|
||||
goto skip_finite_cyclic_group;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* Finite Cyclic Group attribute */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_FINITE_CYCLIC_GROUP);
|
||||
wpabuf_put_le16(msg, 2);
|
||||
wpabuf_put_le16(msg, curve->ike_group);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_finite_cyclic_group:
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* Code Identifier attribute */
|
||||
if (pkex->identifier) {
|
||||
wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER);
|
||||
@ -5534,6 +5545,13 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex)
|
||||
wpabuf_put_str(msg, pkex->identifier);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key");
|
||||
goto out;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* M in Encrypted Key attribute */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
|
||||
wpabuf_put_le16(msg, 2 * curve->prime_len);
|
||||
@ -5634,11 +5652,22 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
|
||||
if (!msg)
|
||||
goto fail;
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Status");
|
||||
goto skip_status;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* DPP Status */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_STATUS);
|
||||
wpabuf_put_le16(msg, 1);
|
||||
wpabuf_put_u8(msg, DPP_STATUS_OK);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_status:
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* Code Identifier attribute */
|
||||
if (pkex->identifier) {
|
||||
wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER);
|
||||
@ -5646,6 +5675,13 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
|
||||
wpabuf_put_str(msg, pkex->identifier);
|
||||
}
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key");
|
||||
goto skip_encrypted_key;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* N in Encrypted Key attribute */
|
||||
wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
|
||||
wpabuf_put_le16(msg, 2 * curve->prime_len);
|
||||
@ -5672,6 +5708,9 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
|
||||
os_memset(wpabuf_put(msg, offset), 0, offset);
|
||||
BN_bn2bin(Ny, wpabuf_put(msg, num_bytes));
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_encrypted_key:
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
return msg;
|
||||
fail:
|
||||
wpabuf_free(msg);
|
||||
@ -5930,16 +5969,39 @@ dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex,
|
||||
if (!clear || !msg)
|
||||
goto fail;
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key");
|
||||
goto skip_bootstrap_key;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* A in Bootstrap Key attribute */
|
||||
wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
|
||||
wpabuf_put_le16(clear, wpabuf_len(A_pub));
|
||||
wpabuf_put_buf(clear, A_pub);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_bootstrap_key:
|
||||
if (dpp_test == DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no I-Auth tag");
|
||||
goto skip_i_auth_tag;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* u in I-Auth tag attribute */
|
||||
wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
|
||||
wpabuf_put_le16(clear, curve->hash_len);
|
||||
wpabuf_put_data(clear, u, curve->hash_len);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_i_auth_tag:
|
||||
if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
|
||||
goto skip_wrapped_data;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
addr[0] = wpabuf_head_u8(msg) + 2;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 0;
|
||||
@ -5966,6 +6028,7 @@ dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex,
|
||||
wpabuf_put_le16(msg, DPP_ATTR_TESTING);
|
||||
wpabuf_put_le16(msg, 0);
|
||||
}
|
||||
skip_wrapped_data:
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
out:
|
||||
@ -6180,16 +6243,39 @@ dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex,
|
||||
if (!clear || !msg)
|
||||
goto fail;
|
||||
|
||||
/* A in Bootstrap Key attribute */
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key");
|
||||
goto skip_bootstrap_key;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* B in Bootstrap Key attribute */
|
||||
wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
|
||||
wpabuf_put_le16(clear, wpabuf_len(B_pub));
|
||||
wpabuf_put_buf(clear, B_pub);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_bootstrap_key:
|
||||
if (dpp_test == DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth tag");
|
||||
goto skip_r_auth_tag;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
/* v in R-Auth tag attribute */
|
||||
wpabuf_put_le16(clear, DPP_ATTR_R_AUTH_TAG);
|
||||
wpabuf_put_le16(clear, curve->hash_len);
|
||||
wpabuf_put_data(clear, v, curve->hash_len);
|
||||
|
||||
#ifdef CONFIG_TESTING_OPTIONS
|
||||
skip_r_auth_tag:
|
||||
if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP) {
|
||||
wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
|
||||
goto skip_wrapped_data;
|
||||
}
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
addr[0] = wpabuf_head_u8(msg) + 2;
|
||||
len[0] = DPP_HDR_LEN;
|
||||
octet = 1;
|
||||
@ -6216,6 +6302,7 @@ dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex,
|
||||
wpabuf_put_le16(msg, DPP_ATTR_TESTING);
|
||||
wpabuf_put_le16(msg, 0);
|
||||
}
|
||||
skip_wrapped_data:
|
||||
#endif /* CONFIG_TESTING_OPTIONS */
|
||||
|
||||
out:
|
||||
|
@ -246,6 +246,16 @@ enum dpp_test_behavior {
|
||||
DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31,
|
||||
DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32,
|
||||
DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33,
|
||||
DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34,
|
||||
DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35,
|
||||
DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36,
|
||||
DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37,
|
||||
DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38,
|
||||
DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39,
|
||||
DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40,
|
||||
DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41,
|
||||
DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42,
|
||||
DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43,
|
||||
};
|
||||
|
||||
extern enum dpp_test_behavior dpp_test;
|
||||
|
Loading…
Reference in New Issue
Block a user