mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-12-01 11:48:23 -05:00
ea8d18a061
Signed-off-by: Jouni Malinen <j@w1.fi>
200 lines
7.5 KiB
Python
200 lines
7.5 KiB
Python
# PeerKey tests
|
|
# Copyright (c) 2013-2016, Jouni Malinen <j@w1.fi>
|
|
#
|
|
# This software may be distributed under the terms of the BSD license.
|
|
# See README for more details.
|
|
|
|
from remotehost import remote_compatible
|
|
import logging
|
|
logger = logging.getLogger()
|
|
import os
|
|
import time
|
|
|
|
import hwsim_utils
|
|
import hostapd
|
|
from utils import skip_with_fips
|
|
from wlantest import Wlantest
|
|
from tshark import run_tshark
|
|
|
|
@remote_compatible
|
|
def test_peerkey(dev, apdev):
|
|
"""RSN AP and PeerKey between two STAs"""
|
|
ssid = "test-peerkey"
|
|
passphrase = "12345678"
|
|
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
|
|
params['peerkey'] = "1"
|
|
hostapd.add_ap(apdev[0], params)
|
|
|
|
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
|
|
|
|
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
|
|
time.sleep(0.5)
|
|
# NOTE: Actual use of the direct link (DLS) is not supported in
|
|
# mac80211_hwsim, so this operation fails at setting the keys after
|
|
# successfully completed 4-way handshake. This test case does allow the
|
|
# key negotiation part to be tested for coverage, though.
|
|
|
|
def test_peerkey_sniffer_check(dev, apdev, params):
|
|
"""RSN AP and PeerKey between two STAs with sniffer check"""
|
|
ssid = "test-peerkey"
|
|
passphrase = "12345678"
|
|
hparams = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
|
|
hparams['peerkey'] = "1"
|
|
hapd = hostapd.add_ap(apdev[0], hparams)
|
|
|
|
Wlantest.setup(hapd)
|
|
wt = Wlantest()
|
|
wt.flush()
|
|
wt.add_passphrase("12345678")
|
|
|
|
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
|
|
|
|
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
|
|
time.sleep(1)
|
|
# NOTE: Actual use of the direct link (DLS) is not supported in
|
|
# mac80211_hwsim, so this operation fails at setting the keys after
|
|
# successfully completed 4-way handshake. This test case does allow the
|
|
# key negotiation part to be tested for coverage, though. Use sniffer to
|
|
# verify that all the SMK and STK handshake messages were transmitted.
|
|
|
|
bssid = hapd.own_addr()
|
|
addr0 = dev[0].own_addr()
|
|
addr1 = dev[1].own_addr()
|
|
|
|
# Wireshark renamed the EAPOL-Key key_info field, so need to try both the
|
|
# new and the old name to work with both versions.
|
|
try_other = False
|
|
try:
|
|
out = run_tshark(os.path.join(params['logdir'], "hwsim0.pcapng"),
|
|
"eapol.type == 3",
|
|
display=["wlan.sa", "wlan.da",
|
|
"wlan_rsna_eapol.keydes.key_info"])
|
|
except Exception, e:
|
|
if "Unknown tshark field" in str(e):
|
|
try_other = True
|
|
pass
|
|
else:
|
|
raise
|
|
if not try_other:
|
|
found = False
|
|
for pkt in out.splitlines():
|
|
sa, da, key_info = pkt.split('\t')
|
|
if key_info != '':
|
|
found = True
|
|
break
|
|
if not found:
|
|
try_other = True
|
|
if try_other:
|
|
out = run_tshark(os.path.join(params['logdir'], "hwsim0.pcapng"),
|
|
"eapol.type == 3",
|
|
display=["wlan.sa", "wlan.da",
|
|
"eapol.keydes.key_info"],
|
|
wait=False)
|
|
|
|
smk = [ False, False, False, False, False ]
|
|
stk = [ False, False, False, False ]
|
|
|
|
for pkt in out.splitlines():
|
|
sa, da, key_info = pkt.split('\t')
|
|
key_info = int(key_info, 16)
|
|
if sa == addr0 and da == bssid and key_info == 0x2b02:
|
|
# Initiator -> AP: MIC+Secure+Request+SMK = SMK 1
|
|
smk[0] = True
|
|
elif sa == bssid and da == addr1 and key_info == 0x2382:
|
|
# AP -> Responder: ACK+MIC+Secure+SMK = SMK 2
|
|
smk[1] = True
|
|
elif sa == addr1 and da == bssid and key_info == 0x2302:
|
|
# Responder -> AP: MIC+Secure+SMK = SMK 3
|
|
smk[2] = True
|
|
elif sa == bssid and da == addr1 and key_info == 0x3342:
|
|
# AP -> Responder: Install+MIC+Secure+EncrKeyData+SMK = SMK 4
|
|
smk[3] = True
|
|
elif sa == bssid and da == addr0 and key_info == 0x3302:
|
|
# AP -> Initiator: MIC+Secure+EncrKeyData+SMK = SMK 5
|
|
smk[4] = True
|
|
elif sa == addr0 and da == addr1 and key_info == 0x008a:
|
|
# Initiator -> Responder: Pairwise+ACK = STK 1
|
|
stk[0] = True
|
|
elif sa == addr1 and da == addr0 and key_info == 0x010a:
|
|
# Responder -> Initiator: Pairwise+MIC = STK 2
|
|
stk[1] = True
|
|
elif sa == addr0 and da == addr1 and key_info == 0x038a:
|
|
# Initiator -> Responder: Pairwise+ACK+MIC+Secure = STK 3
|
|
stk[2] = True
|
|
elif sa == addr1 and da == addr0 and key_info == 0x030a:
|
|
# Responder -> Initiator: Pairwise+MIC+Secure = STK 4
|
|
stk[3] = True
|
|
|
|
logger.info("Seen SMK messages: " + str(smk))
|
|
logger.info("Seen STK messages: " + str(stk))
|
|
if False in smk:
|
|
raise Exception("Missing SMK message: " + str(smk))
|
|
if False in stk:
|
|
raise Exception("Missing STK message: " + str(stk))
|
|
|
|
def test_peerkey_unknown_peer(dev, apdev):
|
|
"""RSN AP and PeerKey attempt with unknown peer"""
|
|
ssid = "test-peerkey"
|
|
passphrase = "12345678"
|
|
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
|
|
params['peerkey'] = "1"
|
|
hostapd.add_ap(apdev[0], params)
|
|
|
|
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
|
|
|
|
dev[0].request("STKSTART " + dev[2].p2p_interface_addr())
|
|
time.sleep(0.5)
|
|
|
|
@remote_compatible
|
|
def test_peerkey_pairwise_mismatch(dev, apdev):
|
|
"""RSN TKIP+CCMP AP and PeerKey between two STAs using different ciphers"""
|
|
skip_with_fips(dev[0])
|
|
ssid = "test-peerkey"
|
|
passphrase = "12345678"
|
|
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
|
|
params['peerkey'] = "1"
|
|
params['rsn_pairwise'] = "TKIP CCMP"
|
|
hapd = hostapd.add_ap(apdev[0], params)
|
|
|
|
Wlantest.setup(hapd)
|
|
wt = Wlantest()
|
|
wt.flush()
|
|
wt.add_passphrase("12345678")
|
|
|
|
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True,
|
|
pairwise="CCMP")
|
|
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True,
|
|
pairwise="TKIP")
|
|
hwsim_utils.test_connectivity_sta(dev[0], dev[1])
|
|
|
|
dev[0].request("STKSTART " + dev[1].p2p_interface_addr())
|
|
time.sleep(0.5)
|
|
dev[1].request("STKSTART " + dev[0].p2p_interface_addr())
|
|
time.sleep(0.5)
|
|
|
|
def test_peerkey_deinit_during_neg(dev, apdev):
|
|
"""RSN AP deinit during PeerKey negotiation"""
|
|
ssid = "test-peerkey"
|
|
passphrase = "12345678"
|
|
params = hostapd.wpa2_params(ssid=ssid, passphrase=passphrase)
|
|
params['peerkey'] = "1"
|
|
hapd = hostapd.add_ap(apdev[0], params)
|
|
|
|
dev[0].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
dev[1].connect(ssid, psk=passphrase, scan_freq="2412", peerkey=True)
|
|
|
|
dev[1].request("SET ext_eapol_frame_io 1")
|
|
dev[0].request("STKSTART " + dev[1].own_addr())
|
|
ev = dev[1].wait_event(["EAPOL-TX"], timeout=5)
|
|
if ev is None:
|
|
raise Exception("No PeerKey response from dev1")
|
|
hapd.request("DISABLE")
|
|
dev[0].request("REMOVE_NETWORK all")
|
|
dev[1].request("REMOVE_NETWORK all")
|