jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

DPP: Testing capability to generate invalid PKEX encrypted key (M and N)

Browse source 
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-11-03 00:42:54 +02:00 committed by Jouni Malinen
parent d5f89062a8
commit 1cfcbd32ac
2 changed files with 91 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

89
src/common/dpp.c
View file

@ -5468,6 +5468,77 @@ fail:
} }
#ifdef CONFIG_TESTING_OPTIONS
static int dpp_test_gen_invalid_key(struct wpabuf *msg,
const struct dpp_curve_params *curve)
{
BN_CTX *ctx;
BIGNUM *x, *y;
int num_bytes, offset;
int ret = -1;
EC_GROUP *group;
EC_POINT *point;
group = EC_GROUP_new_by_curve_name(OBJ_txt2nid(curve->name));
if (!group)
return NULL;
ctx = BN_CTX_new();
point = EC_POINT_new(group);
x = BN_new();
y = BN_new();
if (!ctx || !point || !x || !y)
goto fail;
if (BN_rand(x, curve->prime_len * 8, 0, 0) != 1)
goto fail;
/* Generate a random y coordinate that results in a point that is not
* on the curve. */
for (;;) {
if (BN_rand(y, curve->prime_len * 8, 0, 0) != 1)
goto fail;
if (EC_POINT_set_affine_coordinates_GFp(group, point, x, y,
ctx) != 1)
goto fail;
if (!EC_POINT_is_on_curve(group, point, ctx))
break;
}
num_bytes = BN_num_bytes(x);
if ((size_t) num_bytes > curve->prime_len)
goto fail;
if (curve->prime_len > (size_t) num_bytes)
offset = curve->prime_len - num_bytes;
else
offset = 0;
os_memset(wpabuf_put(msg, offset), 0, offset);
BN_bn2bin(x, wpabuf_put(msg, num_bytes));
num_bytes = BN_num_bytes(y);
if ((size_t) num_bytes > curve->prime_len)
goto fail;
if (curve->prime_len > (size_t) num_bytes)
offset = curve->prime_len - num_bytes;
else
offset = 0;
os_memset(wpabuf_put(msg, offset), 0, offset);
BN_bn2bin(y, wpabuf_put(msg, num_bytes));
ret = 0;
fail:
BN_free(x);
BN_free(y);
EC_POINT_free(point);
BN_CTX_free(ctx);
return ret;
}
#endif /* CONFIG_TESTING_OPTIONS */
static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex) static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex)
{ {
EC_KEY *X_ec = NULL; EC_KEY *X_ec = NULL;
@ -5556,6 +5627,15 @@ skip_finite_cyclic_group:
wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY); wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
wpabuf_put_le16(msg, 2 * curve->prime_len); wpabuf_put_le16(msg, 2 * curve->prime_len);
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ) {
wpa_printf(MSG_INFO, "DPP: TESTING - invalid Encrypted Key");
if (dpp_test_gen_invalid_key(msg, curve) < 0)
goto fail;
goto out;
}
#endif /* CONFIG_TESTING_OPTIONS */
num_bytes = BN_num_bytes(Mx); num_bytes = BN_num_bytes(Mx);
if ((size_t) num_bytes > curve->prime_len) if ((size_t) num_bytes > curve->prime_len)
goto fail; goto fail;
@ -5686,6 +5766,15 @@ skip_status:
wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY); wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
wpabuf_put_le16(msg, 2 * curve->prime_len); wpabuf_put_le16(msg, 2 * curve->prime_len);
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP) {
wpa_printf(MSG_INFO, "DPP: TESTING - invalid Encrypted Key");
if (dpp_test_gen_invalid_key(msg, curve) < 0)
goto fail;
goto skip_encrypted_key;
}
#endif /* CONFIG_TESTING_OPTIONS */
num_bytes = BN_num_bytes(Nx); num_bytes = BN_num_bytes(Nx);
if ((size_t) num_bytes > curve->prime_len) if ((size_t) num_bytes > curve->prime_len)
goto fail; goto fail;

2
src/common/dpp.h
View file

@ -256,6 +256,8 @@ enum dpp_test_behavior {
DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41, DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41,
DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42, DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42,
DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43, DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43,
DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 44,
DPP_TEST_INVALID_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 45,
}; };
extern enum dpp_test_behavior dpp_test; extern enum dpp_test_behavior dpp_test;