tests: SAE reflection attack

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-06-23 22:31:39 +03:00
parent 6a58444d27
commit 939527b59d

View file

@ -526,3 +526,52 @@ def test_sae_no_ffc_by_default(dev, apdev):
if ev is None:
raise Exception("Did not try to authenticate (2)")
dev[0].request("REMOVE_NETWORK all")
def sae_reflection_attack(apdev, dev, group):
if "SAE" not in dev.get_capability("auth_alg"):
raise HwsimSkip("SAE not supported")
params = hostapd.wpa2_params(ssid="test-sae",
passphrase="no-knowledge-of-passphrase")
params['wpa_key_mgmt'] = 'SAE'
hapd = hostapd.add_ap(apdev['ifname'], params)
bssid = apdev['bssid']
dev.scan_for_bss(bssid, freq=2412)
hapd.set("ext_mgmt_frame_handling", "1")
dev.request("SET sae_groups %d" % group)
dev.connect("test-sae", psk="reflection-attack", key_mgmt="SAE",
scan_freq="2412", wait_connect=False)
# Commit
for i in range(0, 10):
req = hapd.mgmt_rx()
if req is None:
raise Exception("MGMT RX wait timed out")
if req['subtype'] == 11:
break
req = None
if not req:
raise Exception("Authentication frame not received")
resp = {}
resp['fc'] = req['fc']
resp['da'] = req['sa']
resp['sa'] = req['da']
resp['bssid'] = req['bssid']
resp['payload'] = req['payload']
hapd.mgmt_tx(resp)
# Confirm
req = hapd.mgmt_rx(timeout=0.5)
if req is not None:
if req['subtype'] == 11:
raise Exception("Unexpected Authentication frame seen")
def test_sae_reflection_attack_ecc(dev, apdev):
"""SAE reflection attack (ECC)"""
sae_reflection_attack(apdev[0], dev[0], 19)
def test_sae_reflection_attack_ffc(dev, apdev):
"""SAE reflection attack (FFC)"""
sae_reflection_attack(apdev[0], dev[0], 5)