hostapd: Add Key MIC in group EAPOL-Key frames corruption test option

For some testing it can be useful to force the Key MIC in group
EAPOL-Key frames to be corrupt. Add an option to allow setting a
probability for corrupting the Key MIC and use it in the WPA code,
increasing the first byte of the MIC by one to corrupt it if desired.

Signed-hostap: Johannes Berg <johannes.berg@intel.com>
This commit is contained in:
Johannes Berg 2013-05-04 11:45:03 +03:00 committed by Jouni Malinen
parent 409cd147b7
commit 7af092a015
7 changed files with 26 additions and 2 deletions

View file

@ -2893,6 +2893,7 @@ static int hostapd_config_fill(struct hostapd_config *conf,
PARSE_TEST_PROBABILITY(ignore_auth_probability) PARSE_TEST_PROBABILITY(ignore_auth_probability)
PARSE_TEST_PROBABILITY(ignore_assoc_probability) PARSE_TEST_PROBABILITY(ignore_assoc_probability)
PARSE_TEST_PROBABILITY(ignore_reassoc_probability) PARSE_TEST_PROBABILITY(ignore_reassoc_probability)
PARSE_TEST_PROBABILITY(corrupt_gtk_rekey_mic_probability)
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcmp(buf, "vendor_elements") == 0) { } else if (os_strcmp(buf, "vendor_elements") == 0) {
struct wpabuf *elems; struct wpabuf *elems;

View file

@ -1540,6 +1540,9 @@ own_ip_addr=127.0.0.1
# #
# Ignore reassociation requests with the given probability # Ignore reassociation requests with the given probability
#ignore_reassoc_probability=0.0 #ignore_reassoc_probability=0.0
#
# Corrupt Key MIC in GTK rekey EAPOL-Key frames with the given probability
#corrupt_gtk_rekey_mic_probability=0.0
##### Multiple BSSID support ################################################## ##### Multiple BSSID support ##################################################
# #

View file

@ -168,6 +168,7 @@ struct hostapd_config * hostapd_config_defaults(void)
conf->ignore_auth_probability = 0.0d; conf->ignore_auth_probability = 0.0d;
conf->ignore_assoc_probability = 0.0d; conf->ignore_assoc_probability = 0.0d;
conf->ignore_reassoc_probability = 0.0d; conf->ignore_reassoc_probability = 0.0d;
conf->corrupt_gtk_rekey_mic_probability = 0.0d;
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
return conf; return conf;

View file

@ -526,6 +526,7 @@ struct hostapd_config {
double ignore_auth_probability; double ignore_auth_probability;
double ignore_assoc_probability; double ignore_assoc_probability;
double ignore_reassoc_probability; double ignore_reassoc_probability;
double corrupt_gtk_rekey_mic_probability;
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
}; };

View file

@ -1347,6 +1347,16 @@ void __wpa_send_eapol(struct wpa_authenticator *wpa_auth,
} }
wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len, wpa_eapol_key_mic(sm->PTK.kck, version, (u8 *) hdr, len,
key->key_mic); key->key_mic);
#ifdef CONFIG_TESTING_OPTIONS
if (!pairwise &&
wpa_auth->conf.corrupt_gtk_rekey_mic_probability > 0.0d &&
drand48() <
wpa_auth->conf.corrupt_gtk_rekey_mic_probability) {
wpa_auth_logger(wpa_auth, sm->addr, LOGGER_INFO,
"Corrupting group EAPOL-Key Key MIC");
key->key_mic[0]++;
}
#endif /* CONFIG_TESTING_OPTIONS */
} }
wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx, wpa_auth_set_eapol(sm->wpa_auth, sm->addr, WPA_EAPOL_inc_EapolFramesTx,

View file

@ -160,6 +160,9 @@ struct wpa_auth_config {
#endif /* CONFIG_IEEE80211R */ #endif /* CONFIG_IEEE80211R */
int disable_gtk; int disable_gtk;
int ap_mlme; int ap_mlme;
#ifdef CONFIG_TESTING_OPTIONS
double corrupt_gtk_rekey_mic_probability;
#endif /* CONFIG_TESTING_OPTIONS */
}; };
typedef enum { typedef enum {

View file

@ -28,6 +28,7 @@
static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf, static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
struct hostapd_config *iconf,
struct wpa_auth_config *wconf) struct wpa_auth_config *wconf)
{ {
os_memset(wconf, 0, sizeof(*wconf)); os_memset(wconf, 0, sizeof(*wconf));
@ -74,6 +75,10 @@ static void hostapd_wpa_auth_conf(struct hostapd_bss_config *conf,
#ifdef CONFIG_HS20 #ifdef CONFIG_HS20
wconf->disable_gtk = conf->disable_dgaf; wconf->disable_gtk = conf->disable_dgaf;
#endif /* CONFIG_HS20 */ #endif /* CONFIG_HS20 */
#ifdef CONFIG_TESTING_OPTIONS
wconf->corrupt_gtk_rekey_mic_probability =
iconf->corrupt_gtk_rekey_mic_probability;
#endif /* CONFIG_TESTING_OPTIONS */
} }
@ -509,7 +514,7 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
const u8 *wpa_ie; const u8 *wpa_ie;
size_t wpa_ie_len; size_t wpa_ie_len;
hostapd_wpa_auth_conf(hapd->conf, &_conf); hostapd_wpa_auth_conf(hapd->conf, hapd->iconf, &_conf);
if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_EAPOL_TX_STATUS) if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_EAPOL_TX_STATUS)
_conf.tx_status = 1; _conf.tx_status = 1;
if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_MLME) if (hapd->iface->drv_flags & WPA_DRIVER_FLAGS_AP_MLME)
@ -583,7 +588,7 @@ int hostapd_setup_wpa(struct hostapd_data *hapd)
void hostapd_reconfig_wpa(struct hostapd_data *hapd) void hostapd_reconfig_wpa(struct hostapd_data *hapd)
{ {
struct wpa_auth_config wpa_auth_conf; struct wpa_auth_config wpa_auth_conf;
hostapd_wpa_auth_conf(hapd->conf, &wpa_auth_conf); hostapd_wpa_auth_conf(hapd->conf, hapd->iconf, &wpa_auth_conf);
wpa_reconfig(hapd->wpa_auth, &wpa_auth_conf); wpa_reconfig(hapd->wpa_auth, &wpa_auth_conf);
} }