DPP: Extend protocol testing to allow exchange termination

This extends dpp_test functionality to allow DPP exchanges to be stopped
when receiving a specified message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
Jouni Malinen 2017-12-02 01:04:42 +02:00 committed by Jouni Malinen
parent ed2c493e9e
commit 34603767b8
2 changed files with 64 additions and 0 deletions

View file

@ -2830,6 +2830,14 @@ dpp_auth_req_rx(void *msg_ctx, u8 dpp_allowed_roles, int qr_mutual,
i_bootstrap_len, channel_len; i_bootstrap_len, channel_len;
struct dpp_authentication *auth = NULL; struct dpp_authentication *auth = NULL;
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_AUTH_REQ) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at Authentication Request");
return NULL;
}
#endif /* CONFIG_TESTING_OPTIONS */
wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA, wrapped_data = dpp_get_attr(attr_start, attr_len, DPP_ATTR_WRAPPED_DATA,
&wrapped_data_len); &wrapped_data_len);
if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) { if (!wrapped_data || wrapped_data_len < AES_BLOCK_SIZE) {
@ -3378,6 +3386,14 @@ dpp_auth_resp_rx(struct dpp_authentication *auth, const u8 *hdr,
u8 r_auth2[DPP_MAX_HASH_LEN]; u8 r_auth2[DPP_MAX_HASH_LEN];
u8 role; u8 role;
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_AUTH_RESP) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at Authentication Response");
return NULL;
}
#endif /* CONFIG_TESTING_OPTIONS */
if (!auth->initiator) { if (!auth->initiator) {
dpp_auth_fail(auth, "Unexpected Authentication Response"); dpp_auth_fail(auth, "Unexpected Authentication Response");
return NULL; return NULL;
@ -3755,6 +3771,14 @@ int dpp_auth_conf_rx(struct dpp_authentication *auth, const u8 *hdr,
size_t unwrapped_len = 0; size_t unwrapped_len = 0;
u8 i_auth2[DPP_MAX_HASH_LEN]; u8 i_auth2[DPP_MAX_HASH_LEN];
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_AUTH_CONF) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at Authentication Confirm");
return -1;
}
#endif /* CONFIG_TESTING_OPTIONS */
if (auth->initiator) { if (auth->initiator) {
dpp_auth_fail(auth, "Unexpected Authentication Confirm"); dpp_auth_fail(auth, "Unexpected Authentication Confirm");
return -1; return -1;
@ -4404,6 +4428,14 @@ dpp_conf_req_rx(struct dpp_authentication *auth, const u8 *attr_start,
struct json_token *root = NULL, *token; struct json_token *root = NULL, *token;
int ap; int ap;
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_CONF_REQ) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at Config Request");
return NULL;
}
#endif /* CONFIG_TESTING_OPTIONS */
if (dpp_check_attrs(attr_start, attr_len) < 0) { if (dpp_check_attrs(attr_start, attr_len) < 0) {
dpp_auth_fail(auth, "Invalid attribute in config request"); dpp_auth_fail(auth, "Invalid attribute in config request");
return NULL; return NULL;
@ -6843,6 +6875,13 @@ struct wpabuf * dpp_pkex_rx_exchange_resp(struct dpp_pkex *pkex,
return NULL; return NULL;
#ifdef CONFIG_TESTING_OPTIONS #ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at PKEX Exchange Response");
pkex->failed = 1;
return NULL;
}
if (!is_zero_ether_addr(dpp_pkex_peer_mac_override)) { if (!is_zero_ether_addr(dpp_pkex_peer_mac_override)) {
wpa_printf(MSG_INFO, "DPP: TESTING - peer_mac override " MACSTR, wpa_printf(MSG_INFO, "DPP: TESTING - peer_mac override " MACSTR,
MAC2STR(dpp_pkex_peer_mac_override)); MAC2STR(dpp_pkex_peer_mac_override));
@ -7159,6 +7198,15 @@ struct wpabuf * dpp_pkex_rx_commit_reveal_req(struct dpp_pkex *pkex,
struct wpabuf *B_pub = NULL; struct wpabuf *B_pub = NULL;
u8 u[DPP_MAX_HASH_LEN], v[DPP_MAX_HASH_LEN]; u8 u[DPP_MAX_HASH_LEN], v[DPP_MAX_HASH_LEN];
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_PKEX_CR_REQ) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at PKEX CR Request");
pkex->failed = 1;
return NULL;
}
#endif /* CONFIG_TESTING_OPTIONS */
if (!pkex->exchange_done || pkex->failed || if (!pkex->exchange_done || pkex->failed ||
pkex->t >= PKEX_COUNTER_T_LIMIT || pkex->initiator) pkex->t >= PKEX_COUNTER_T_LIMIT || pkex->initiator)
goto fail; goto fail;
@ -7336,6 +7384,15 @@ int dpp_pkex_rx_commit_reveal_resp(struct dpp_pkex *pkex, const u8 *hdr,
EVP_PKEY_CTX *ctx = NULL; EVP_PKEY_CTX *ctx = NULL;
struct wpabuf *B_pub = NULL, *X_pub = NULL, *Y_pub = NULL; struct wpabuf *B_pub = NULL, *X_pub = NULL, *Y_pub = NULL;
#ifdef CONFIG_TESTING_OPTIONS
if (dpp_test == DPP_TEST_STOP_AT_PKEX_CR_RESP) {
wpa_printf(MSG_INFO,
"DPP: TESTING - stop at PKEX CR Response");
pkex->failed = 1;
goto fail;
}
#endif /* CONFIG_TESTING_OPTIONS */
if (!pkex->exchange_done || pkex->failed || if (!pkex->exchange_done || pkex->failed ||
pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator) pkex->t >= PKEX_COUNTER_T_LIMIT || !pkex->initiator)
goto fail; goto fail;

View file

@ -325,6 +325,13 @@ enum dpp_test_behavior {
DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81, DPP_TEST_INVALID_I_NONCE_AUTH_REQ = 81,
DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82, DPP_TEST_INVALID_TRANSACTION_ID_PEER_DISC_REQ = 82,
DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83, DPP_TEST_INVALID_E_NONCE_CONF_REQ = 83,
DPP_TEST_STOP_AT_PKEX_EXCHANGE_RESP = 84,
DPP_TEST_STOP_AT_PKEX_CR_REQ = 85,
DPP_TEST_STOP_AT_PKEX_CR_RESP = 86,
DPP_TEST_STOP_AT_AUTH_REQ = 87,
DPP_TEST_STOP_AT_AUTH_RESP = 88,
DPP_TEST_STOP_AT_AUTH_CONF = 89,
DPP_TEST_STOP_AT_CONF_REQ = 90,
}; };
extern enum dpp_test_behavior dpp_test; extern enum dpp_test_behavior dpp_test;