jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

PASN: For testing purposes allow to corrupt MIC

Browse source 
For testing purposes, add support for corrupting the MIC in PASN
Authentication frames for both wpa_supplicant and hostapd.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
This commit is contained in:
Ilan Peer 2021-03-15 14:57:03 +02:00 committed by Jouni Malinen
parent 2264a29890
commit b866786338
6 changed files with 24 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
hostapd/config_file.c
View file

@ -4664,6 +4664,8 @@ static int hostapd_config_fill(struct hostapd_config *conf,
#ifdef CONFIG_TESTING_OPTIONS #ifdef CONFIG_TESTING_OPTIONS
} else if (os_strcmp(buf, "force_kdk_derivation") == 0) { } else if (os_strcmp(buf, "force_kdk_derivation") == 0) {
bss->force_kdk_derivation = atoi(pos); bss->force_kdk_derivation = atoi(pos);
} else if (os_strcmp(buf, "pasn_corrupt_mic") == 0) {
bss->pasn_corrupt_mic = atoi(pos);
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
} else if (os_strcmp(buf, "pasn_groups") == 0) { } else if (os_strcmp(buf, "pasn_groups") == 0) {
if (hostapd_parse_intlist(&bss->pasn_groups, pos)) { if (hostapd_parse_intlist(&bss->pasn_groups, pos)) {

3
src/ap/ap_config.h
View file

@ -874,6 +874,9 @@ struct hostapd_bss_config {
* secure LTF. Allow forcing KDK derivation for testing purposes. * secure LTF. Allow forcing KDK derivation for testing purposes.
*/ */
int force_kdk_derivation; int force_kdk_derivation;
/* If set, corrupt the MIC in the 2nd Authentication frame of PASN */
int pasn_corrupt_mic;
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
int *pasn_groups; int *pasn_groups;

7
src/ap/ieee802_11.c
View file

@ -2995,6 +2995,13 @@ static int handle_auth_pasn_resp(struct hostapd_data *hapd,
goto fail; goto fail;
} }
#ifdef CONFIG_TESTING_OPTIONS
if (hapd->conf->pasn_corrupt_mic) {
wpa_printf(MSG_DEBUG, "PASN: frame 2: Corrupt MIC");
mic[0] = ~mic[0];
}
#endif /* CONFIG_TESTING_OPTIONS */
os_memcpy(ptr, mic, mic_len); os_memcpy(ptr, mic, mic_len);
done: done:

1
wpa_supplicant/config.c
View file

@ -5208,6 +5208,7 @@ static const struct global_parse_data global_fields[] = {
#ifdef CONFIG_PASN #ifdef CONFIG_PASN
#ifdef CONFIG_TESTING_OPTIONS #ifdef CONFIG_TESTING_OPTIONS
{ INT_RANGE(force_kdk_derivation, 0, 1), 0 }, { INT_RANGE(force_kdk_derivation, 0, 1), 0 },
{ INT_RANGE(pasn_corrupt_mic, 0, 1), 0 },
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_PASN */ #endif /* CONFIG_PASN */
}; };

4
wpa_supplicant/config.h
View file

@ -1648,6 +1648,10 @@ struct wpa_config {
* secure LTF. Allow forcing KDK derivation for testing purposes. * secure LTF. Allow forcing KDK derivation for testing purposes.
*/ */
int force_kdk_derivation; int force_kdk_derivation;
/* If set, corrupt the MIC in the 3rd Authentication frame of PASN */
int pasn_corrupt_mic;
#endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_TESTING_OPTIONS */
#endif /* CONFIG_PASN*/ #endif /* CONFIG_PASN*/
}; };

7
wpa_supplicant/pasn_supplicant.c
View file

@ -779,6 +779,13 @@ static struct wpabuf * wpas_pasn_build_auth_3(struct wpa_supplicant *wpa_s)
goto fail; goto fail;
} }
#ifdef CONFIG_TESTING_OPTIONS
if (wpa_s->conf->pasn_corrupt_mic) {
wpa_printf(MSG_DEBUG, "PASN: frame 3: Corrupt MIC");
mic[0] = ~mic[0];
}
#endif /* CONFIG_TESTING_OPTIONS */
os_memcpy(ptr, mic, mic_len); os_memcpy(ptr, mic, mic_len);
pasn->trans_seq++; pasn->trans_seq++;