mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 00:38:24 -05:00
Fix the notes on EAPOL-Key testing procedures
The extra sanity check for replay protection in these procedures ended up breaking the tests. RESET_PN cannot be used before RESEND_* commands since that would prevent the DUT from accepting the retransmitted EAPOL-Key frames. Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
3d0fb95583
commit
6e3027a57e
@ -236,19 +236,10 @@ the following hostapd_cli commands:
|
|||||||
|
|
||||||
Test broadcast connectivity; should work
|
Test broadcast connectivity; should work
|
||||||
|
|
||||||
> raw RESET_PN ff:ff:ff:ff:ff:ff
|
|
||||||
OK
|
|
||||||
|
|
||||||
Test broadcast connectivity; should not work; if it does, replay
|
|
||||||
protection is completely broken and the following step cannot be
|
|
||||||
executed reliably. The following command needs to be run before there
|
|
||||||
has been large enough number of new frames to increment the PN on the
|
|
||||||
test tool. It would also be possible to execute "raw RESET_PN
|
|
||||||
ff:ff:ff:ff:ff:ff" again after the initial sanity testing to get back to
|
|
||||||
PN 0 for the next step.
|
|
||||||
|
|
||||||
> raw RESEND_GROUP_M1 <DUT MAC address>
|
> raw RESEND_GROUP_M1 <DUT MAC address>
|
||||||
OK
|
OK
|
||||||
|
> raw RESET_PN ff:ff:ff:ff:ff:ff
|
||||||
|
OK
|
||||||
|
|
||||||
Test broadcast connectivity; should not work; if it does, the device
|
Test broadcast connectivity; should not work; if it does, the device
|
||||||
does not implement protection for delayed retransmission of Group Key
|
does not implement protection for delayed retransmission of Group Key
|
||||||
@ -263,19 +254,10 @@ broadcast traffic, but with the following hostapd_cli commands:
|
|||||||
|
|
||||||
Test broadcast connectivity; should work
|
Test broadcast connectivity; should work
|
||||||
|
|
||||||
> raw RESET_PN ff:ff:ff:ff:ff:ff
|
|
||||||
OK
|
|
||||||
|
|
||||||
Test broadcast connectivity; should not work; if it does, replay
|
|
||||||
protection is completely broken and the following step cannot be
|
|
||||||
executed reliably. The following command needs to be run before there
|
|
||||||
has been large enough number of new frames to increment the PN on the
|
|
||||||
test tool. It would also be possible to execute "raw RESET_PN
|
|
||||||
ff:ff:ff:ff:ff:ff" again after the initial sanity testing to get back to
|
|
||||||
PN 0 for the next step.
|
|
||||||
|
|
||||||
> raw RESEND_M3 <DUT MAC address>
|
> raw RESEND_M3 <DUT MAC address>
|
||||||
OK
|
OK
|
||||||
|
> raw RESET_PN ff:ff:ff:ff:ff:ff
|
||||||
|
OK
|
||||||
|
|
||||||
Test broadcast connectivity; should not work; if it does, the device
|
Test broadcast connectivity; should not work; if it does, the device
|
||||||
does not implement protection for delayed retransmission of 4-way
|
does not implement protection for delayed retransmission of 4-way
|
||||||
@ -310,19 +292,10 @@ unicast traffic, but with the following hostapd_cli commands:
|
|||||||
|
|
||||||
Test unicast connectivity; should work
|
Test unicast connectivity; should work
|
||||||
|
|
||||||
> raw RESET_PN <DUT MAC address>
|
|
||||||
OK
|
|
||||||
|
|
||||||
Test unicast connectivity; should not work; if it does, replay
|
|
||||||
protection is completely broken and the following step cannot be
|
|
||||||
executed reliably. The following command needs to be run before there
|
|
||||||
has been large enough number of new frames to increment the PN on the
|
|
||||||
test tool. It would also be possible to execute "raw RESET_PN <DUT MAC
|
|
||||||
address>" again after the initial sanity testing to get back to PN 0 for
|
|
||||||
the next step.
|
|
||||||
|
|
||||||
> raw RESEND_M3 <DUT MAC address>
|
> raw RESEND_M3 <DUT MAC address>
|
||||||
OK
|
OK
|
||||||
|
> raw RESET_PN <DUT MAC address>
|
||||||
|
OK
|
||||||
|
|
||||||
Test unicast connectivity; should not work; if it does, the device
|
Test unicast connectivity; should not work; if it does, the device
|
||||||
does not implement protection for delayed retransmission of 4-way
|
does not implement protection for delayed retransmission of 4-way
|
||||||
|
Loading…
Reference in New Issue
Block a user