HS 2.0: OSU server test functionality for incorrect behavior (policy)

Extend test=<value> special incorrect behavior testing capabilities in
the OSU server to include the fingerprint of the policy update trust
root: test=corrupt_polupd_hash.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

hs20/server/spp_server.c

@@ -1266,7 +1266,7 @@ static xml_node_t * build_pps(struct hs20_svc *ctx,
 			      const char *pw, const char *cert,
 			      int machine_managed, const char *test)
 {
-	xml_node_t *pps, *c, *trust, *aaa, *aaa1, *upd, *homesp;
+	xml_node_t *pps, *c, *trust, *aaa, *aaa1, *upd, *homesp, *p;
 	xml_node_t *cred, *eap, *userpw;
 
 	pps = xml_node_create_root(ctx->xml, NULL, NULL, NULL,
@@ -1295,6 +1295,23 @@ static xml_node_t * build_pps(struct hs20_svc *ctx,
 				   "aaa_trust_root_cert_fingerprint");
 	}
 
+	if (test && os_strcmp(test, "corrupt_polupd_hash") == 0) {
+		debug_print(ctx, 1,
+			    "TEST: Corrupt PPS/Cred*/Policy/PolicyUpdate/Trustroot/CertSHA256FingerPrint");
+		p = xml_node_create(ctx->xml, c, NULL, "Policy");
+		upd = xml_node_create(ctx->xml, p, NULL, "PolicyUpdate");
+		add_text_node(ctx, upd, "UpdateInterval", "30");
+		add_text_node(ctx, upd, "UpdateMethod", "SPP-ClientInitiated");
+		add_text_node(ctx, upd, "Restriction", "Unrestricted");
+		add_text_node_conf(ctx, realm, upd, "URI", "policy_url");
+		trust = xml_node_create(ctx->xml, upd, NULL, "TrustRoot");
+		add_text_node_conf(ctx, realm, trust, "CertURL",
+				   "policy_trust_root_cert_url");
+		add_text_node_conf_corrupt(ctx, realm, trust,
+					   "CertSHA256Fingerprint",
+					   "policy_trust_root_cert_fingerprint");
+	}
+
 	upd = xml_node_create(ctx->xml, c, NULL, "SubscriptionUpdate");
 	add_text_node(ctx, upd, "UpdateInterval", "4294967295");
 	add_text_node(ctx, upd, "UpdateMethod", "ClientInitiated");