Commit graph

16988 commits

Author SHA1 Message Date
Jouni Malinen
daa0a22e45 tests: Fix eap_proto_eke_errors with gcc-10
gcc-10 seems to be inlining eap_eke_prf() and eap_eke_prfplus() which
breaks this test case due to a different backtrace being generated for
triggering the local failures. Point to the functions called by those
instead of these two functions to get this working with both gcc-9 and
gcc-10.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-17 23:38:26 +02:00
Jouni Malinen
eaf925df00 tests: Speed up tshark operations
Hide /usr/share/wireshark from hostfs to prevent tshark from loading all
the data from there since that can take significant amount of time and
is not really needed for the test cases. In addition, set HOME to point
to local tmpfs to avoid unnecessary references through hostfs.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-17 23:36:52 +02:00
Ilan Peer
9d9b423065 tests: Add coverage for PASN deauthentication
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 22:50:10 +02:00
Ilan Peer
eaeec4da2d PASN: Add support for deauthentication flow in station
The new wpa_supplicant control interface command "PASN_DEAUTH
bssid=<BSSID>" can now be used to flush the local PTKSA cache for the
specified BSS and to notify the AP to request it to drop its PTKSA as
well.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 22:49:28 +02:00
Ilan Peer
4f436d5378 nl80211: Allow sending Deauthentication frame with off channel for PASN
To allow for a PASN station to deauthenticate from an AP to clear any
PTKSA cache entry for it, extend the nl80211 interface to allow sending
a Deauthentication frame with off channel enabled.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 22:43:08 +02:00
Ilan Peer
1ca1c3cfee AP: Handle deauthentication frame from PASN station
When a Deauthentication frame is received, clear the corresponding PTKSA
cache entry for the given station, to invalidate previous PTK
information.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 22:41:02 +02:00
Ilan Peer
166e357e63 AP: Enable anti clogging handling code in PASN builds without SAE
The anti-clogging code was under CONFIG_SAE. Change this so it can be
used both with CONFIG_SAE and CONFIG_PASN.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 17:58:10 +02:00
Ilan Peer
6fe0d56e88 AP: Rename SAE anti clogging variables and functions
PASN authentication mandates support for comeback flow, which
among others can be used for anti-clogging purposes.

As the SAE support for anti clogging can also be used for PASN,
start modifying the source code so the anti clogging support
can be used for both SAE and PASN.

As a start, rename some variables/functions etc. so that they would not
be SAE specific. The configuration variable is also renamed, but the old
version remains available for backwards compatibility.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 17:44:24 +02:00
Ilan Peer
b42b6c4d53 tests: Add test coverage for PASN with MIC errors
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 17:22:23 +02:00
Ilan Peer
b866786338 PASN: For testing purposes allow to corrupt MIC
For testing purposes, add support for corrupting the MIC in PASN
Authentication frames for both wpa_supplicant and hostapd.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 17:19:12 +02:00
Ilan Peer
2264a29890 tests: PASN: configure the nid before sending the command
Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 17:15:55 +02:00
Ilan Peer
2efa60344e PASN: Encode the public key properly
When a public key is included in the PASN Parameters element, it should
be encoded using the RFC 5480 conventions, and thus the first octet of
the Ephemeral Public Key field should indicate whether the public key is
compressed and the actual key part starts from the second octet.

Fix the implementation to properly adhere to the convention
requirements for both wpa_supplicant and hostapd.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 12:31:31 +02:00
Ilan Peer
cd0813763a PASN: Include PMKID in RSNE in PASN response from AP
As defined in IEEE P802.11az/D3.0, 12.12.3.2 for the second PASN frame.
This was previously covered only for the case when the explicit PMKSA
was provided to the helper function. Extend that to cover the PMKID from
SAE/FILS authentication cases.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 11:45:12 +02:00
Ilan Peer
da3ac98099 PASN: Fix setting frame and data lengths in AP mode PASN response
Frame length and data length can exceed 256 so need to use size_t
instead of u8.

Signed-off-by: Ilan Peer <ilan.peer@intel.com>
2021-03-16 11:38:51 +02:00
Jouni Malinen
c733664be9 EAP peer: Make EAP-Success handling more robust against race conditions
When ERP initialization was moved from the METHOD state to the SUCCESS
state, the conditions for checking against EAP state being cleared was
missed. The METHOD state verified that sm->m is not NULL while the
SUCCESS state did not have such a check. This opened a window for a race
condition where processing of deauthentication event and EAPOL RX events
could end up delivering an EAP-Success to the EAP peer state machine
after the state had been cleared. This issue has now been worked around
in another manner, but the root cause for this regression should be
fixed as well.

Check that the EAP state machine is properly configured before trying to
initialize ERP in the SUCCESS state.

Fixes: 2a71673e27 ("ERP: Derive ERP key only after successful EAP authentication")
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-15 00:45:20 +02:00
Jouni Malinen
19a11f629f tests: Enable HE overrides in wpa_supplicant build
This is needed for the recently added he_disabled_on_sta test case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 19:12:07 +02:00
Jouni Malinen
6e3fed1d98 tests: DPP Authentication Confirm timeout in hostapd
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:52:54 +02:00
Jouni Malinen
72a17937ca DPP: Add init/respond retries parameter configuration to hostapd
These parameters were already defined in struct hostapd_data, but there
was no way of setting them. Add these to hostapd control interface
similarly to the wpa_supplicant implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:51:43 +02:00
Jouni Malinen
f18b5542ad tests: OCV without PMF
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:27:47 +02:00
Jouni Malinen
a288775851 tests: WEP and HE
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:21:47 +02:00
Jouni Malinen
2cc7f6dfe5 tests: HE AP and 6 GHz security parameter validation
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:17:33 +02:00
Jouni Malinen
98ce8ae328 tests: Automatic channel selection for VHT 80+80
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 18:07:19 +02:00
Jouni Malinen
7d251654db tests: RADIUS Accounting and interim updates failing
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 17:59:52 +02:00
Jouni Malinen
49de30404e tests: Fix ap_wpa2_eap_tls_ocsp_multi_revoked
The index-revoked.txt file had not been updated when the server
certificate was updated.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:46:03 +02:00
Jouni Malinen
6ed0c212e4 TLS: Fix highest TLS version disabling with internal TLS client
The highest supported TLS version for pre_master_secret needs to be
limited based on the local configuration for the case where the highest
version number is being explicitly disabled. Without this, the server
would likely detect a downgrade attack.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
9a9b461fee tests: Check SAE capability for couple of forgotten sigma_dut cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
87429fc687 tests: Check DPP capability in couple of forgotten cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
4bfe80f297 tests: Skip ap_cipher_wpa_sae without SAE support
Even though the STA in this test case does not actually use SAE, it
needs to recognize the "SAE H2E only "BSS membership selector.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
577abde952 tests: Fix check_sae_pk_capab() with non-SAE builds
dev.get_capability() returns None in such a case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
57550cb27a DPP2: Use ASN.1 helper functions
Simplify ASN.1 parser operations by using the shared helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
626035bec7 TLS: Use ASN.1 helper functions
Simplify ASN.1 parser operations by using the shared helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 13:08:04 +02:00
Jouni Malinen
d4e1d76dbf X509: Use ASN.1 helper functions
Simplify ASN.1 parser operations by using the shared helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 12:23:41 +02:00
Jouni Malinen
173e7eedef RSA: Use ASN.1 helper functions
Simplify ASN.1 parser operations by using the shared helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
72b0217ab1 PKCS: Use ASN.1 helper functions
Simplify ASN.1 parser operations by using the shared helper functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
a0541334a6 ASN.1: Validate DigestAlgorithmIdentifier parameters
The supported hash algorithms do not use AlgorithmIdentifier parameters.
However, there are implementations that include NULL parameters in
addition to ones that omit the parameters. Previous implementation did
not check the parameters value at all which supported both these cases,
but did not reject any other unexpected information.

Use strict validation of digest algorithm parameters and reject any
unexpected value when validating a signature. This is needed to prevent
potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
94beb8e367 ASN.1: Fix AlgorithmInfo parsing for signatures
Digest is within the DigestInfo SEQUENCE and as such, parsing for it
should use the end of that data instead of the end of the decrypted
signature as the end point. Fix this in the PKCS #1 and X.509
implementations to avoid accepting invalid digest data that is
constructed to get the hash value from after the actual DigestInfo
container.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
ee76493bbd ASN.1: Reject invalid definite long form length values in DER encoding
The definite long form for the length is allowed only for cases where
the definite short form cannot be used, i.e., if the length is 128 or
greater. This was not previously enforced and as such, multiple
different encoding options for the same length could have been accepted.

Perform more strict checks to reject invalid cases for the definite long
form for the length. This is needed for a compliant implementation and
this is especially important for the case of verifying DER encoded
signatures to prevent potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
3af75f23b0 ASN.1: Reject invalid extended tags in DER encoding
The extended tag case is allowed only for tag values that are 31 or
larger (i.e., the ones that would not fit in the single octet identifier
case with five bits). Extended tag format was previously accepted even
for the values 0..31 and this would enable multiple different encodings
for the same tag value. That is not allowed for DER.

Perform more strict checks to reject invalid extended tag values. This
is needed for a compliant implementation and this is especially
important for the case of verifying DER encoded signatures to prevent
potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
d6831a0e93 ASN.1: Explicitly validate constructed bit while parsing DER
The identifier octet in DER encoding includes three components. Only two
of these (Class and Tag) were checked in most cases when looking for a
specific data type. Also check the Primitive/Constructed bit to avoid
accepting invalid encoding.

This is needed for correct behavior in DER parsing and especially
important for the case of verifying DER encoded signatures to prevent
potential forging attacks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
b421a7cf2a ASN.1: Use the helper functions for recognizing tags and debug prints
Simplify the core ASN.1 parser implementation by using the helper
functions.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
9a990e8c4e ASN.1: Add helper functions for recognizing tag values
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-14 11:37:58 +02:00
Jouni Malinen
9bf4c0539b ASN.1: Verify that NULL value has zero length
This value is required to contain no octets, so verify that its length
octet agrees with that.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-13 23:15:55 +02:00
Jouni Malinen
f629bfe225 ASN.1: Add helper functions for debug printing identifier/length info
These can be helpful in cleaning up implementation of more or less
identical debug printing operations.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-13 23:15:55 +02:00
Jouni Malinen
429f725d9b ASN.1: Define tag value for TIME
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-13 23:15:55 +02:00
Jouni Malinen
4481b03ee3 ASN.1: Fix a typo in a not-used tag name
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-13 23:15:55 +02:00
Jouni Malinen
4ca8ef3df1 tests: Allow test-rsa-sig-ver data files to be set on command line
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-12 23:24:29 +02:00
Jouni Malinen
2b4db417d5 tests: Work around race conditions in OWE test cases
Need to explicitly wait for hostapd to report STA connection before
starting the traffic test to avoid the potential race condition when
testing with UML and time travel mode.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-12 19:59:52 +02:00
Jouni Malinen
f164dd87b9 tests: Make INTERWORKING_SELECT test cases more reliable
These could fail if a scan entry from a previous test case was still
present in the BSS table, e.g., by wpa_supplicant selecting the SSID
from that old entry instead of the new SSID. Try to avoid that by
explicitly flushing the scan results before starting these tests.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-12 11:46:22 +02:00
Peter Åstrand
2f2a570755 nl80211: Restore station mode on deinit only if station when started
With the earlier code, a mesh interface was changed to station after
deinit.

Signed-off-by: Peter Astrand <peter.astrand@etteplan.com>
2021-03-12 11:00:15 +02:00
Jouni Malinen
5013897532 tests: TWT_SETUP with the control argument
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-03-12 10:54:14 +02:00