mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2025-01-19 03:14:05 -05:00
tests: OWE invalid Association Response frame contents
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
parent
5a52d8da95
commit
d45a241933
@ -4,10 +4,12 @@
|
|||||||
# This software may be distributed under the terms of the BSD license.
|
# This software may be distributed under the terms of the BSD license.
|
||||||
# See README for more details.
|
# See README for more details.
|
||||||
|
|
||||||
|
import binascii
|
||||||
import logging
|
import logging
|
||||||
logger = logging.getLogger()
|
logger = logging.getLogger()
|
||||||
import time
|
import time
|
||||||
import os
|
import os
|
||||||
|
import struct
|
||||||
|
|
||||||
import hostapd
|
import hostapd
|
||||||
from wpasupplicant import WpaSupplicant
|
from wpasupplicant import WpaSupplicant
|
||||||
@ -539,3 +541,89 @@ def test_owe_local_errors(dev, apdev):
|
|||||||
time.sleep(0.5)
|
time.sleep(0.5)
|
||||||
dev[0].request("REMOVE_NETWORK all")
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
dev[0].dump_monitor()
|
dev[0].dump_monitor()
|
||||||
|
|
||||||
|
def hapd_auth(hapd):
|
||||||
|
for i in range(0, 10):
|
||||||
|
req = hapd.mgmt_rx()
|
||||||
|
if req is None:
|
||||||
|
raise Exception("MGMT RX wait timed out")
|
||||||
|
if req['subtype'] == 11:
|
||||||
|
break
|
||||||
|
req = None
|
||||||
|
if not req:
|
||||||
|
raise Exception("Authentication frame not received")
|
||||||
|
|
||||||
|
resp = {}
|
||||||
|
resp['fc'] = req['fc']
|
||||||
|
resp['da'] = req['sa']
|
||||||
|
resp['sa'] = req['da']
|
||||||
|
resp['bssid'] = req['bssid']
|
||||||
|
resp['payload'] = struct.pack('<HHH', 0, 2, 0)
|
||||||
|
hapd.mgmt_tx(resp)
|
||||||
|
|
||||||
|
def hapd_assoc(hapd, extra):
|
||||||
|
for i in range(0, 10):
|
||||||
|
req = hapd.mgmt_rx()
|
||||||
|
if req is None:
|
||||||
|
raise Exception("MGMT RX wait timed out")
|
||||||
|
if req['subtype'] == 0:
|
||||||
|
break
|
||||||
|
req = None
|
||||||
|
if not req:
|
||||||
|
raise Exception("Association Request frame not received")
|
||||||
|
|
||||||
|
resp = {}
|
||||||
|
resp['fc'] = 0x0010
|
||||||
|
resp['da'] = req['sa']
|
||||||
|
resp['sa'] = req['da']
|
||||||
|
resp['bssid'] = req['bssid']
|
||||||
|
payload = struct.pack('<HHH', 0x0411, 0, 0xc001)
|
||||||
|
payload += binascii.unhexlify("010882848b960c121824")
|
||||||
|
resp['payload'] = payload + extra
|
||||||
|
hapd.mgmt_tx(resp)
|
||||||
|
|
||||||
|
def test_owe_invalid_assoc_resp(dev, apdev):
|
||||||
|
"""Opportunistic Wireless Encryption - invalid Association Response frame"""
|
||||||
|
if "OWE" not in dev[0].get_capability("key_mgmt"):
|
||||||
|
raise HwsimSkip("OWE not supported")
|
||||||
|
params = {"ssid": "owe",
|
||||||
|
"wpa": "2",
|
||||||
|
"ieee80211w": "2",
|
||||||
|
"wpa_key_mgmt": "OWE",
|
||||||
|
"rsn_pairwise": "CCMP"}
|
||||||
|
hapd = hostapd.add_ap(apdev[0], params)
|
||||||
|
bssid = hapd.own_addr()
|
||||||
|
|
||||||
|
dev[0].scan_for_bss(bssid, freq="2412")
|
||||||
|
|
||||||
|
hapd.set("ext_mgmt_frame_handling", "1")
|
||||||
|
# OWE: No Diffie-Hellman Parameter element found in Association Response frame
|
||||||
|
tests = [b'']
|
||||||
|
# No room for group --> no DH Params
|
||||||
|
tests += [binascii.unhexlify('ff0120')]
|
||||||
|
# OWE: Unexpected Diffie-Hellman group in response: 18
|
||||||
|
tests += [binascii.unhexlify('ff03201200')]
|
||||||
|
# OWE: Invalid peer DH public key
|
||||||
|
tests += [binascii.unhexlify('ff23201300' + 31*'00' + '01')]
|
||||||
|
# OWE: Invalid peer DH public key
|
||||||
|
tests += [binascii.unhexlify('ff24201300' + 33*'ee')]
|
||||||
|
for extra in tests:
|
||||||
|
dev[0].connect("owe", key_mgmt="OWE", owe_group="19", ieee80211w="2",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
hapd_auth(hapd)
|
||||||
|
hapd_assoc(hapd, extra)
|
||||||
|
dev[0].wait_disconnected()
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
dev[0].dump_monitor()
|
||||||
|
|
||||||
|
# OWE: Empty public key (this ends up getting padded to a valid point)
|
||||||
|
dev[0].connect("owe", key_mgmt="OWE", owe_group="19", ieee80211w="2",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
hapd_auth(hapd)
|
||||||
|
hapd_assoc(hapd, binascii.unhexlify('ff03201300'))
|
||||||
|
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED", "PMKSA-CACHE-ADDED"],
|
||||||
|
timeout=5)
|
||||||
|
if ev is None:
|
||||||
|
raise Exception("No result reported for empty public key")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
dev[0].dump_monitor()
|
||||||
|
Loading…
Reference in New Issue
Block a user