tests: EAP-GPSK server local errors and protocol testing

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 17:09:09 +03:00 · 2019-04-19 17:09:09 +03:00 · 9ddc773d1a
commit 9ddc773d1a
parent a3be79a142
1 changed files with 295 additions and 0 deletions
--- a/tests/hwsim/test_eap_proto.py
+++ b/tests/hwsim/test_eap_proto.py
@ -2138,6 +2138,301 @@ def test_eap_proto_gpsk(dev, apdev):
    finally:
        stop_radius_server(srv)

+def run_eap_gpsk_connect(dev):
+    dev.connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
+                eap="GPSK", identity="gpsk user",
+                password="abcdefghijklmnop0123456789abcdef",
+                wait_connect=False)
+    ev = dev.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
+                         "CTRL-EVENT-DISCONNECTED"],
+                        timeout=1)
+    dev.request("REMOVE_NETWORK all")
+    if not ev or "CTRL-EVENT-DISCONNECTED" not in ev:
+        dev.wait_disconnected()
+    dev.dump_monitor()
+
+def test_eap_proto_gpsk_errors_server(dev, apdev):
+    """EAP-GPSK local error cases on server"""
+    check_eap_capa(dev[0], "GPSK")
+    params = int_eap_server_params()
+    params['erp_domain'] = 'example.com'
+    params['eap_server_erp'] = '1'
+    hapd = hostapd.add_ap(apdev[0], params)
+    dev[0].scan_for_bss(hapd.own_addr(), freq=2412)
+
+    tests = [(1, "eap_gpsk_init"),
+             (1, "eap_msg_alloc;eap_gpsk_build_gpsk_1"),
+             (1, "eap_msg_alloc;eap_gpsk_build_gpsk_3"),
+             (1, "eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_derive_keys;eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_derive_session_id;eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_getKey"),
+             (1, "eap_gpsk_get_emsk"),
+             (1, "eap_gpsk_get_session_id")]
+    for count, func in tests:
+        with alloc_fail(hapd, count, func):
+            run_eap_gpsk_connect(dev[0])
+
+    tests = [(1, "os_get_random;eap_gpsk_build_gpsk_1"),
+             (1, "eap_gpsk_compute_mic;eap_gpsk_build_gpsk_3"),
+             (1, "eap_gpsk_derive_keys;eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_derive_session_id;eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_compute_mic;eap_gpsk_process_gpsk_2"),
+             (1, "eap_gpsk_compute_mic;eap_gpsk_process_gpsk_4")]
+    for count, func in tests:
+        with fail_test(hapd, count, func):
+            run_eap_gpsk_connect(dev[0])
+
+def start_gpsk_assoc(dev, hapd):
+    dev.connect("test-wpa2-eap", key_mgmt="WPA-EAP", scan_freq="2412",
+                eap="GPSK", identity="gpsk user",
+                password="abcdefghijklmnop0123456789abcdef",
+                wait_connect=False)
+    proxy_msg(hapd, dev) # EAP-Identity/Request
+    proxy_msg(dev, hapd) # EAP-Identity/Response
+    proxy_msg(hapd, dev) # GPSK-1
+
+def stop_gpsk_assoc(dev, hapd):
+    dev.request("REMOVE_NETWORK all")
+    dev.wait_disconnected()
+    dev.dump_monitor()
+    hapd.dump_monitor()
+
+def test_eap_proto_gpsk_server(dev, apdev):
+    """EAP-GPSK protocol testing for the server"""
+    check_eap_capa(dev[0], "GPSK")
+    params = int_eap_server_params()
+    params['erp_domain'] = 'example.com'
+    params['eap_server_erp'] = '1'
+    hapd = hostapd.add_ap(apdev[0], params)
+    dev[0].scan_for_bss(hapd.own_addr(), freq=2412)
+    hapd.request("SET ext_eapol_frame_io 1")
+    dev[0].request("SET ext_eapol_frame_io 1")
+
+    # Successful exchange to verify proxying mechanism
+    start_gpsk_assoc(dev[0], hapd)
+    proxy_msg(dev[0], hapd) # GPSK-2
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    proxy_msg(dev[0], hapd) # GPSK-4
+    proxy_msg(hapd, dev[0]) # EAP-Success
+    proxy_msg(hapd, dev[0]) # EAPOL-Key msg 1/4
+    proxy_msg(dev[0], hapd) # EAPOL-Key msg 2/4
+    proxy_msg(hapd, dev[0]) # EAPOL-Key msg 3/4
+    proxy_msg(dev[0], hapd) # EAPOL-Key msg 4/4
+    dev[0].wait_connected()
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short EAP-GPSK header (no OP-Code)
+    # --> EAP-GPSK: Invalid frame
+    msg = resp[0:4] + "0005" + resp[8:12] + "0005" + "33"
+    tx_msg(dev[0], hapd, msg)
+    # Unknown OP-Code
+    # --> EAP-GPSK: Unexpected opcode=7 in state=0
+    msg = resp[0:4] + "0006" + resp[8:12] + "0006" + "3307"
+    tx_msg(dev[0], hapd, msg)
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for ID_Peer length
+    msg = resp[0:4] + "0006" + resp[8:12] + "0006" + "3302"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for ID_Peer
+    msg = resp[0:4] + "0008" + resp[8:12] + "0008" + "33020001"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for ID_Server length
+    msg = resp[0:4] + "0008" + resp[8:12] + "0008" + "33020000"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for ID_Server
+    msg = resp[0:4] + "000a" + resp[8:12] + "000a" + "330200000001"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # ID_Server mismatch
+    # --> EAP-GPSK: ID_Server in GPSK-1 and GPSK-2 did not match
+    msg = resp[0:4] + "000a" + resp[8:12] + "000a" + "330200000000"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for RAND_Peer
+    msg = resp[0:4] + "0011" + resp[8:12] + "0011" + "330200000007" + binascii.hexlify(b"hostapd").decode()
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for RAND_Server
+    msg = resp[0:4] + "0031" + resp[8:12] + "0031" + "330200000007" + binascii.hexlify(b"hostapd").decode() + 32*"00"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # RAND_Server mismatch
+    # --> EAP-GPSK: RAND_Server in GPSK-1 and GPSK-2 did not match
+    msg = resp[0:4] + "0051" + resp[8:12] + "0051" + "330200000007" + binascii.hexlify(b"hostapd").decode() + 32*"00" + 32*"00"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for CSuite_List length
+    msg = resp[0:4] + "005a" + resp[8:12] + "005a" + resp[16:188]
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for CSuite_List
+    msg = resp[0:4] + "005c" + resp[8:12] + "005c" + resp[16:192]
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: CSuite_List in GPSK-1 and GPSK-2 did not match
+    msg = resp[0:4] + "005c" + resp[8:12] + "005c" + resp[16:188] + "0000"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for CSuite_Sel
+    msg = resp[0:4] + "0068" + resp[8:12] + "0068" + resp[16:216]
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Unsupported CSuite_Sel
+    # --> EAP-GPSK: Peer selected unsupported ciphersuite 0:255
+    msg = resp[0:4] + "006e" + resp[8:12] + "006e" + resp[16:226] + "ff"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for PD_Payload_1 length
+    msg = resp[0:4] + "006e" + resp[8:12] + "006e" + resp[16:228]
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Too short message for PD_Payload_1
+    msg = resp[0:4] + "0070" + resp[8:12] + "0070" + resp[16:230] + "ff"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Too short GPSK-2
+    # --> EAP-GPSK: Message too short for MIC (left=0 miclen=16)
+    msg = resp[0:4] + "0070" + resp[8:12] + "0070" + resp[16:232]
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd)
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    resp = rx_msg(dev[0])
+    # Extra data in the end of GPSK-2
+    # --> EAP-GPSK: Ignored 1 bytes of extra data in the end of GPSK-2
+    msg = resp[0:4] + "0081" + resp[8:12] + "0081" + resp[16:264] + "00"
+    tx_msg(dev[0], hapd, msg)
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    resp = rx_msg(dev[0])
+    # Too short GPSK-4
+    # --> EAP-GPSK: Too short message for PD_Payload_1 length
+    msg = resp[0:4] + "0006" + resp[8:12] + "0006" + "3304"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd) # EAP-Failure
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    proxy_msg(dev[0], hapd) # GPSK-2
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    resp = rx_msg(dev[0])
+    # Too short GPSK-4
+    # --> EAP-GPSK: Too short message for PD_Payload_1
+    msg = resp[0:4] + "0008" + resp[8:12] + "0008" + "33040001"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd) # EAP-Failure
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    proxy_msg(dev[0], hapd) # GPSK-2
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    resp = rx_msg(dev[0])
+    # Too short GPSK-4
+    # --> EAP-GPSK: Message too short for MIC (left=0 miclen=16)
+    msg = resp[0:4] + "0008" + resp[8:12] + "0008" + "33040000"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd) # EAP-Failure
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    proxy_msg(dev[0], hapd) # GPSK-2
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    resp = rx_msg(dev[0])
+    # Incorrect MIC in GPSK-4
+    # --> EAP-GPSK: Incorrect MIC in GPSK-4
+    msg = resp[0:4] + "0018" + resp[8:12] + "0018" + "33040000" + 16*"00"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd) # EAP-Failure
+    stop_gpsk_assoc(dev[0], hapd)
+
+    start_gpsk_assoc(dev[0], hapd)
+    proxy_msg(dev[0], hapd) # GPSK-2
+    proxy_msg(hapd, dev[0]) # GPSK-3
+    resp = rx_msg(dev[0])
+    # Incorrect MIC in GPSK-4
+    # --> EAP-GPSK: Ignored 1 bytes of extra data in the end of GPSK-4
+    msg = resp[0:4] + "0019" + resp[8:12] + "0019" + resp[16:] + "00"
+    tx_msg(dev[0], hapd, msg)
+    rx_msg(hapd) # EAP-Success
+    stop_gpsk_assoc(dev[0], hapd)
+
 EAP_EKE_ID = 1
 EAP_EKE_COMMIT = 2
 EAP_EKE_CONFIRM = 3