]>
Commit | Line | Data |
---|---|---|
6fc6879b JM |
1 | /* |
2 | * WPA Supplicant - test code | |
b6077964 | 3 | * Copyright (c) 2003-2013, Jouni Malinen <j@w1.fi> |
6fc6879b | 4 | * |
0f3d578e JM |
5 | * This software may be distributed under the terms of the BSD license. |
6 | * See README for more details. | |
6fc6879b JM |
7 | * |
8 | * IEEE 802.1X Supplicant test code (to be used in place of wpa_supplicant.c. | |
9 | * Not used in production version. | |
10 | */ | |
11 | ||
12 | #include "includes.h" | |
13 | #include <assert.h> | |
14 | ||
15 | #include "common.h" | |
306ae225 | 16 | #include "utils/ext_password.h" |
6fc6879b JM |
17 | #include "config.h" |
18 | #include "eapol_supp/eapol_supp_sm.h" | |
19 | #include "eap_peer/eap.h" | |
eacc12bf | 20 | #include "eap_server/eap_methods.h" |
6fc6879b | 21 | #include "eloop.h" |
1b414f59 | 22 | #include "utils/base64.h" |
3acb5005 | 23 | #include "rsn_supp/wpa.h" |
6fc6879b JM |
24 | #include "wpa_supplicant_i.h" |
25 | #include "radius/radius.h" | |
26 | #include "radius/radius_client.h" | |
4f525d8e | 27 | #include "common/wpa_ctrl.h" |
6fc6879b JM |
28 | #include "ctrl_iface.h" |
29 | #include "pcsc_funcs.h" | |
b6077964 | 30 | #include "wpas_glue.h" |
6fc6879b JM |
31 | |
32 | ||
c5121837 | 33 | struct wpa_driver_ops *wpa_drivers[] = { NULL }; |
6fc6879b JM |
34 | |
35 | ||
db803a36 TW |
36 | struct extra_radius_attr { |
37 | u8 type; | |
38 | char syntax; | |
39 | char *data; | |
40 | struct extra_radius_attr *next; | |
41 | }; | |
42 | ||
6fc6879b JM |
43 | struct eapol_test_data { |
44 | struct wpa_supplicant *wpa_s; | |
45 | ||
46 | int eapol_test_num_reauths; | |
47 | int no_mppe_keys; | |
48 | int num_mppe_ok, num_mppe_mismatch; | |
cfdb32e8 | 49 | int req_eap_key_name; |
6fc6879b JM |
50 | |
51 | u8 radius_identifier; | |
52 | struct radius_msg *last_recv_radius; | |
53 | struct in_addr own_ip_addr; | |
54 | struct radius_client_data *radius; | |
55 | struct hostapd_radius_servers *radius_conf; | |
56 | ||
e100828b JM |
57 | /* last received EAP Response from Authentication Server */ |
58 | struct wpabuf *last_eap_radius; | |
6fc6879b JM |
59 | |
60 | u8 authenticator_pmk[PMK_LEN]; | |
61 | size_t authenticator_pmk_len; | |
cfdb32e8 JM |
62 | u8 authenticator_eap_key_name[256]; |
63 | size_t authenticator_eap_key_name_len; | |
6fc6879b JM |
64 | int radius_access_accept_received; |
65 | int radius_access_reject_received; | |
66 | int auth_timed_out; | |
67 | ||
68 | u8 *eap_identity; | |
69 | size_t eap_identity_len; | |
70 | ||
71 | char *connect_info; | |
72 | u8 own_addr[ETH_ALEN]; | |
db803a36 | 73 | struct extra_radius_attr *extra_attrs; |
1b414f59 JM |
74 | |
75 | FILE *server_cert_file; | |
e9852462 JM |
76 | |
77 | const char *pcsc_reader; | |
78 | const char *pcsc_pin; | |
6fc6879b JM |
79 | }; |
80 | ||
81 | static struct eapol_test_data eapol_test; | |
82 | ||
83 | ||
84 | static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx); | |
85 | ||
86 | ||
87 | static void hostapd_logger_cb(void *ctx, const u8 *addr, unsigned int module, | |
88 | int level, const char *txt, size_t len) | |
89 | { | |
90 | if (addr) | |
91 | wpa_printf(MSG_DEBUG, "STA " MACSTR ": %s\n", | |
92 | MAC2STR(addr), txt); | |
93 | else | |
94 | wpa_printf(MSG_DEBUG, "%s", txt); | |
95 | } | |
96 | ||
97 | ||
db803a36 TW |
98 | static int add_extra_attr(struct radius_msg *msg, |
99 | struct extra_radius_attr *attr) | |
100 | { | |
101 | size_t len; | |
102 | char *pos; | |
103 | u32 val; | |
d03f1e5d | 104 | char buf[RADIUS_MAX_ATTR_LEN + 1]; |
db803a36 TW |
105 | |
106 | switch (attr->syntax) { | |
107 | case 's': | |
108 | os_snprintf(buf, sizeof(buf), "%s", attr->data); | |
109 | len = os_strlen(buf); | |
110 | break; | |
111 | case 'n': | |
112 | buf[0] = '\0'; | |
113 | len = 1; | |
114 | break; | |
115 | case 'x': | |
116 | pos = attr->data; | |
117 | if (pos[0] == '0' && pos[1] == 'x') | |
118 | pos += 2; | |
119 | len = os_strlen(pos); | |
d03f1e5d | 120 | if ((len & 1) || (len / 2) > RADIUS_MAX_ATTR_LEN) { |
db803a36 TW |
121 | printf("Invalid extra attribute hexstring\n"); |
122 | return -1; | |
123 | } | |
124 | len /= 2; | |
125 | if (hexstr2bin(pos, (u8 *) buf, len) < 0) { | |
126 | printf("Invalid extra attribute hexstring\n"); | |
127 | return -1; | |
128 | } | |
129 | break; | |
130 | case 'd': | |
131 | val = htonl(atoi(attr->data)); | |
132 | os_memcpy(buf, &val, 4); | |
133 | len = 4; | |
134 | break; | |
135 | default: | |
136 | printf("Incorrect extra attribute syntax specification\n"); | |
137 | return -1; | |
138 | } | |
139 | ||
140 | if (!radius_msg_add_attr(msg, attr->type, (u8 *) buf, len)) { | |
141 | printf("Could not add attribute %d\n", attr->type); | |
142 | return -1; | |
143 | } | |
144 | ||
145 | return 0; | |
146 | } | |
147 | ||
148 | ||
149 | static int add_extra_attrs(struct radius_msg *msg, | |
150 | struct extra_radius_attr *attrs) | |
151 | { | |
152 | struct extra_radius_attr *p; | |
153 | for (p = attrs; p; p = p->next) { | |
154 | if (add_extra_attr(msg, p) < 0) | |
155 | return -1; | |
156 | } | |
157 | return 0; | |
158 | } | |
159 | ||
160 | ||
676ea341 JM |
161 | static struct extra_radius_attr * |
162 | find_extra_attr(struct extra_radius_attr *attrs, u8 type) | |
163 | { | |
164 | struct extra_radius_attr *p; | |
165 | for (p = attrs; p; p = p->next) { | |
166 | if (p->type == type) | |
167 | return p; | |
168 | } | |
169 | return NULL; | |
170 | } | |
171 | ||
172 | ||
6fc6879b JM |
173 | static void ieee802_1x_encapsulate_radius(struct eapol_test_data *e, |
174 | const u8 *eap, size_t len) | |
175 | { | |
176 | struct radius_msg *msg; | |
d03f1e5d | 177 | char buf[RADIUS_MAX_ATTR_LEN + 1]; |
6fc6879b JM |
178 | const struct eap_hdr *hdr; |
179 | const u8 *pos; | |
180 | ||
181 | wpa_printf(MSG_DEBUG, "Encapsulating EAP message into a RADIUS " | |
182 | "packet"); | |
183 | ||
184 | e->radius_identifier = radius_client_get_id(e->radius); | |
185 | msg = radius_msg_new(RADIUS_CODE_ACCESS_REQUEST, | |
186 | e->radius_identifier); | |
187 | if (msg == NULL) { | |
188 | printf("Could not create net RADIUS packet\n"); | |
189 | return; | |
190 | } | |
191 | ||
192 | radius_msg_make_authenticator(msg, (u8 *) e, sizeof(*e)); | |
193 | ||
194 | hdr = (const struct eap_hdr *) eap; | |
195 | pos = (const u8 *) (hdr + 1); | |
196 | if (len > sizeof(*hdr) && hdr->code == EAP_CODE_RESPONSE && | |
197 | pos[0] == EAP_TYPE_IDENTITY) { | |
198 | pos++; | |
199 | os_free(e->eap_identity); | |
200 | e->eap_identity_len = len - sizeof(*hdr) - 1; | |
201 | e->eap_identity = os_malloc(e->eap_identity_len); | |
202 | if (e->eap_identity) { | |
203 | os_memcpy(e->eap_identity, pos, e->eap_identity_len); | |
204 | wpa_hexdump(MSG_DEBUG, "Learned identity from " | |
205 | "EAP-Response-Identity", | |
206 | e->eap_identity, e->eap_identity_len); | |
207 | } | |
208 | } | |
209 | ||
210 | if (e->eap_identity && | |
211 | !radius_msg_add_attr(msg, RADIUS_ATTR_USER_NAME, | |
212 | e->eap_identity, e->eap_identity_len)) { | |
213 | printf("Could not add User-Name\n"); | |
214 | goto fail; | |
215 | } | |
216 | ||
cfdb32e8 JM |
217 | if (e->req_eap_key_name && |
218 | !radius_msg_add_attr(msg, RADIUS_ATTR_EAP_KEY_NAME, (u8 *) "\0", | |
219 | 1)) { | |
220 | printf("Could not add EAP-Key-Name\n"); | |
221 | goto fail; | |
222 | } | |
223 | ||
676ea341 JM |
224 | if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_NAS_IP_ADDRESS) && |
225 | !radius_msg_add_attr(msg, RADIUS_ATTR_NAS_IP_ADDRESS, | |
6fc6879b JM |
226 | (u8 *) &e->own_ip_addr, 4)) { |
227 | printf("Could not add NAS-IP-Address\n"); | |
228 | goto fail; | |
229 | } | |
230 | ||
231 | os_snprintf(buf, sizeof(buf), RADIUS_802_1X_ADDR_FORMAT, | |
232 | MAC2STR(e->wpa_s->own_addr)); | |
676ea341 JM |
233 | if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_CALLING_STATION_ID) |
234 | && | |
235 | !radius_msg_add_attr(msg, RADIUS_ATTR_CALLING_STATION_ID, | |
6fc6879b JM |
236 | (u8 *) buf, os_strlen(buf))) { |
237 | printf("Could not add Calling-Station-Id\n"); | |
238 | goto fail; | |
239 | } | |
240 | ||
241 | /* TODO: should probably check MTU from driver config; 2304 is max for | |
242 | * IEEE 802.11, but use 1400 to avoid problems with too large packets | |
243 | */ | |
676ea341 JM |
244 | if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_FRAMED_MTU) && |
245 | !radius_msg_add_attr_int32(msg, RADIUS_ATTR_FRAMED_MTU, 1400)) { | |
6fc6879b JM |
246 | printf("Could not add Framed-MTU\n"); |
247 | goto fail; | |
248 | } | |
249 | ||
676ea341 JM |
250 | if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_NAS_PORT_TYPE) && |
251 | !radius_msg_add_attr_int32(msg, RADIUS_ATTR_NAS_PORT_TYPE, | |
6fc6879b JM |
252 | RADIUS_NAS_PORT_TYPE_IEEE_802_11)) { |
253 | printf("Could not add NAS-Port-Type\n"); | |
254 | goto fail; | |
255 | } | |
256 | ||
257 | os_snprintf(buf, sizeof(buf), "%s", e->connect_info); | |
676ea341 JM |
258 | if (!find_extra_attr(e->extra_attrs, RADIUS_ATTR_CONNECT_INFO) && |
259 | !radius_msg_add_attr(msg, RADIUS_ATTR_CONNECT_INFO, | |
6fc6879b JM |
260 | (u8 *) buf, os_strlen(buf))) { |
261 | printf("Could not add Connect-Info\n"); | |
262 | goto fail; | |
263 | } | |
264 | ||
db803a36 TW |
265 | if (add_extra_attrs(msg, e->extra_attrs) < 0) |
266 | goto fail; | |
1e4b9da1 | 267 | |
6fc6879b JM |
268 | if (eap && !radius_msg_add_eap(msg, eap, len)) { |
269 | printf("Could not add EAP-Message\n"); | |
270 | goto fail; | |
271 | } | |
272 | ||
273 | /* State attribute must be copied if and only if this packet is | |
274 | * Access-Request reply to the previous Access-Challenge */ | |
f5d4a8ea JM |
275 | if (e->last_recv_radius && |
276 | radius_msg_get_hdr(e->last_recv_radius)->code == | |
6fc6879b JM |
277 | RADIUS_CODE_ACCESS_CHALLENGE) { |
278 | int res = radius_msg_copy_attr(msg, e->last_recv_radius, | |
279 | RADIUS_ATTR_STATE); | |
280 | if (res < 0) { | |
281 | printf("Could not copy State attribute from previous " | |
282 | "Access-Challenge\n"); | |
283 | goto fail; | |
284 | } | |
285 | if (res > 0) { | |
286 | wpa_printf(MSG_DEBUG, " Copied RADIUS State " | |
287 | "Attribute"); | |
288 | } | |
289 | } | |
290 | ||
ca8e039f JM |
291 | if (radius_client_send(e->radius, msg, RADIUS_AUTH, e->wpa_s->own_addr) |
292 | < 0) | |
293 | goto fail; | |
6fc6879b JM |
294 | return; |
295 | ||
296 | fail: | |
297 | radius_msg_free(msg); | |
6fc6879b JM |
298 | } |
299 | ||
300 | ||
301 | static int eapol_test_eapol_send(void *ctx, int type, const u8 *buf, | |
302 | size_t len) | |
303 | { | |
6fc6879b JM |
304 | printf("WPA: eapol_test_eapol_send(type=%d len=%lu)\n", |
305 | type, (unsigned long) len); | |
306 | if (type == IEEE802_1X_TYPE_EAP_PACKET) { | |
307 | wpa_hexdump(MSG_DEBUG, "TX EAP -> RADIUS", buf, len); | |
308 | ieee802_1x_encapsulate_radius(&eapol_test, buf, len); | |
309 | } | |
310 | return 0; | |
311 | } | |
312 | ||
313 | ||
314 | static void eapol_test_set_config_blob(void *ctx, | |
315 | struct wpa_config_blob *blob) | |
316 | { | |
1b414f59 JM |
317 | struct eapol_test_data *e = ctx; |
318 | wpa_config_set_blob(e->wpa_s->conf, blob); | |
6fc6879b JM |
319 | } |
320 | ||
321 | ||
322 | static const struct wpa_config_blob * | |
323 | eapol_test_get_config_blob(void *ctx, const char *name) | |
324 | { | |
1b414f59 JM |
325 | struct eapol_test_data *e = ctx; |
326 | return wpa_config_get_blob(e->wpa_s->conf, name); | |
6fc6879b JM |
327 | } |
328 | ||
329 | ||
330 | static void eapol_test_eapol_done_cb(void *ctx) | |
331 | { | |
332 | printf("WPA: EAPOL processing complete\n"); | |
333 | } | |
334 | ||
335 | ||
336 | static void eapol_sm_reauth(void *eloop_ctx, void *timeout_ctx) | |
337 | { | |
338 | struct eapol_test_data *e = eloop_ctx; | |
339 | printf("\n\n\n\n\neapol_test: Triggering EAP reauthentication\n\n"); | |
340 | e->radius_access_accept_received = 0; | |
341 | send_eap_request_identity(e->wpa_s, NULL); | |
342 | } | |
343 | ||
344 | ||
345 | static int eapol_test_compare_pmk(struct eapol_test_data *e) | |
346 | { | |
347 | u8 pmk[PMK_LEN]; | |
348 | int ret = 1; | |
cfdb32e8 JM |
349 | const u8 *sess_id; |
350 | size_t sess_id_len; | |
6fc6879b JM |
351 | |
352 | if (eapol_sm_get_key(e->wpa_s->eapol, pmk, PMK_LEN) == 0) { | |
353 | wpa_hexdump(MSG_DEBUG, "PMK from EAPOL", pmk, PMK_LEN); | |
354 | if (os_memcmp(pmk, e->authenticator_pmk, PMK_LEN) != 0) { | |
355 | printf("WARNING: PMK mismatch\n"); | |
356 | wpa_hexdump(MSG_DEBUG, "PMK from AS", | |
357 | e->authenticator_pmk, PMK_LEN); | |
358 | } else if (e->radius_access_accept_received) | |
359 | ret = 0; | |
360 | } else if (e->authenticator_pmk_len == 16 && | |
361 | eapol_sm_get_key(e->wpa_s->eapol, pmk, 16) == 0) { | |
362 | wpa_hexdump(MSG_DEBUG, "LEAP PMK from EAPOL", pmk, 16); | |
363 | if (os_memcmp(pmk, e->authenticator_pmk, 16) != 0) { | |
364 | printf("WARNING: PMK mismatch\n"); | |
365 | wpa_hexdump(MSG_DEBUG, "PMK from AS", | |
366 | e->authenticator_pmk, 16); | |
367 | } else if (e->radius_access_accept_received) | |
368 | ret = 0; | |
369 | } else if (e->radius_access_accept_received && e->no_mppe_keys) { | |
370 | /* No keying material expected */ | |
371 | ret = 0; | |
372 | } | |
373 | ||
374 | if (ret && !e->no_mppe_keys) | |
375 | e->num_mppe_mismatch++; | |
376 | else if (!e->no_mppe_keys) | |
377 | e->num_mppe_ok++; | |
378 | ||
cfdb32e8 JM |
379 | sess_id = eapol_sm_get_session_id(e->wpa_s->eapol, &sess_id_len); |
380 | if (!sess_id) | |
381 | return ret; | |
382 | if (e->authenticator_eap_key_name_len == 0) { | |
383 | wpa_printf(MSG_INFO, "No EAP-Key-Name received from server"); | |
384 | return ret; | |
385 | } | |
386 | ||
387 | if (e->authenticator_eap_key_name_len != sess_id_len || | |
388 | os_memcmp(e->authenticator_eap_key_name, sess_id, sess_id_len) != 0) | |
389 | { | |
390 | wpa_printf(MSG_INFO, | |
391 | "Locally derived EAP Session-Id does not match EAP-Key-Name from server"); | |
392 | wpa_hexdump(MSG_DEBUG, "EAP Session-Id", sess_id, sess_id_len); | |
393 | wpa_hexdump(MSG_DEBUG, "EAP-Key-Name from server", | |
394 | e->authenticator_eap_key_name, | |
395 | e->authenticator_eap_key_name_len); | |
396 | } else { | |
397 | wpa_printf(MSG_INFO, | |
398 | "Locally derived EAP Session-Id matches EAP-Key-Name from server"); | |
399 | } | |
400 | ||
6fc6879b JM |
401 | return ret; |
402 | } | |
403 | ||
404 | ||
c60ba9f7 JM |
405 | static void eapol_sm_cb(struct eapol_sm *eapol, enum eapol_supp_result result, |
406 | void *ctx) | |
6fc6879b JM |
407 | { |
408 | struct eapol_test_data *e = ctx; | |
c60ba9f7 | 409 | printf("eapol_sm_cb: result=%d\n", result); |
6fc6879b JM |
410 | e->eapol_test_num_reauths--; |
411 | if (e->eapol_test_num_reauths < 0) | |
412 | eloop_terminate(); | |
413 | else { | |
414 | eapol_test_compare_pmk(e); | |
415 | eloop_register_timeout(0, 100000, eapol_sm_reauth, e, NULL); | |
416 | } | |
417 | } | |
418 | ||
419 | ||
1b414f59 JM |
420 | static void eapol_test_write_cert(FILE *f, const char *subject, |
421 | const struct wpabuf *cert) | |
422 | { | |
423 | unsigned char *encoded; | |
424 | ||
425 | encoded = base64_encode(wpabuf_head(cert), wpabuf_len(cert), NULL); | |
426 | if (encoded == NULL) | |
427 | return; | |
428 | fprintf(f, "%s\n-----BEGIN CERTIFICATE-----\n%s" | |
429 | "-----END CERTIFICATE-----\n\n", subject, encoded); | |
430 | os_free(encoded); | |
431 | } | |
432 | ||
433 | ||
b6077964 JM |
434 | #if defined(CONFIG_CTRL_IFACE) || !defined(CONFIG_NO_STDOUT_DEBUG) |
435 | static void eapol_test_eap_param_needed(void *ctx, enum wpa_ctrl_req_type field, | |
436 | const char *default_txt) | |
437 | { | |
438 | struct eapol_test_data *e = ctx; | |
439 | struct wpa_supplicant *wpa_s = e->wpa_s; | |
440 | struct wpa_ssid *ssid = wpa_s->current_ssid; | |
441 | const char *field_name, *txt = NULL; | |
442 | char *buf; | |
443 | size_t buflen; | |
444 | int len; | |
445 | ||
446 | if (ssid == NULL) | |
447 | return; | |
448 | ||
449 | field_name = wpa_supplicant_ctrl_req_to_string(field, default_txt, | |
450 | &txt); | |
451 | if (field_name == NULL) { | |
452 | wpa_printf(MSG_WARNING, "Unhandled EAP param %d needed", | |
453 | field); | |
454 | return; | |
455 | } | |
456 | ||
457 | buflen = 100 + os_strlen(txt) + ssid->ssid_len; | |
458 | buf = os_malloc(buflen); | |
459 | if (buf == NULL) | |
460 | return; | |
461 | len = os_snprintf(buf, buflen, | |
462 | WPA_CTRL_REQ "%s-%d:%s needed for SSID ", | |
463 | field_name, ssid->id, txt); | |
d85e1fc8 | 464 | if (os_snprintf_error(buflen, len)) { |
b6077964 JM |
465 | os_free(buf); |
466 | return; | |
467 | } | |
468 | if (ssid->ssid && buflen > len + ssid->ssid_len) { | |
469 | os_memcpy(buf + len, ssid->ssid, ssid->ssid_len); | |
470 | len += ssid->ssid_len; | |
471 | buf[len] = '\0'; | |
472 | } | |
473 | buf[buflen - 1] = '\0'; | |
474 | wpa_msg(wpa_s, MSG_INFO, "%s", buf); | |
475 | os_free(buf); | |
476 | } | |
477 | #else /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ | |
478 | #define eapol_test_eap_param_needed NULL | |
479 | #endif /* CONFIG_CTRL_IFACE || !CONFIG_NO_STDOUT_DEBUG */ | |
480 | ||
481 | ||
4f525d8e JM |
482 | static void eapol_test_cert_cb(void *ctx, int depth, const char *subject, |
483 | const char *cert_hash, | |
484 | const struct wpabuf *cert) | |
485 | { | |
486 | struct eapol_test_data *e = ctx; | |
487 | ||
488 | wpa_msg(e->wpa_s, MSG_INFO, WPA_EVENT_EAP_PEER_CERT | |
489 | "depth=%d subject='%s'%s%s", | |
490 | depth, subject, | |
491 | cert_hash ? " hash=" : "", | |
492 | cert_hash ? cert_hash : ""); | |
493 | ||
494 | if (cert) { | |
495 | char *cert_hex; | |
496 | size_t len = wpabuf_len(cert) * 2 + 1; | |
497 | cert_hex = os_malloc(len); | |
498 | if (cert_hex) { | |
499 | wpa_snprintf_hex(cert_hex, len, wpabuf_head(cert), | |
500 | wpabuf_len(cert)); | |
501 | wpa_msg_ctrl(e->wpa_s, MSG_INFO, | |
502 | WPA_EVENT_EAP_PEER_CERT | |
503 | "depth=%d subject='%s' cert=%s", | |
504 | depth, subject, cert_hex); | |
505 | os_free(cert_hex); | |
506 | } | |
1b414f59 JM |
507 | |
508 | if (e->server_cert_file) | |
509 | eapol_test_write_cert(e->server_cert_file, | |
510 | subject, cert); | |
4f525d8e JM |
511 | } |
512 | } | |
513 | ||
514 | ||
e026159a JM |
515 | static void eapol_test_set_anon_id(void *ctx, const u8 *id, size_t len) |
516 | { | |
517 | struct eapol_test_data *e = ctx; | |
518 | struct wpa_supplicant *wpa_s = e->wpa_s; | |
519 | char *str; | |
520 | int res; | |
521 | ||
522 | wpa_hexdump_ascii(MSG_DEBUG, "EAP method updated anonymous_identity", | |
523 | id, len); | |
524 | ||
525 | if (wpa_s->current_ssid == NULL) | |
526 | return; | |
527 | ||
528 | if (id == NULL) { | |
529 | if (wpa_config_set(wpa_s->current_ssid, "anonymous_identity", | |
530 | "NULL", 0) < 0) | |
531 | return; | |
532 | } else { | |
533 | str = os_malloc(len * 2 + 1); | |
534 | if (str == NULL) | |
535 | return; | |
536 | wpa_snprintf_hex(str, len * 2 + 1, id, len); | |
537 | res = wpa_config_set(wpa_s->current_ssid, "anonymous_identity", | |
538 | str, 0); | |
539 | os_free(str); | |
540 | if (res < 0) | |
541 | return; | |
542 | } | |
543 | } | |
544 | ||
545 | ||
6fc6879b JM |
546 | static int test_eapol(struct eapol_test_data *e, struct wpa_supplicant *wpa_s, |
547 | struct wpa_ssid *ssid) | |
548 | { | |
549 | struct eapol_config eapol_conf; | |
550 | struct eapol_ctx *ctx; | |
551 | ||
552 | ctx = os_zalloc(sizeof(*ctx)); | |
553 | if (ctx == NULL) { | |
554 | printf("Failed to allocate EAPOL context.\n"); | |
555 | return -1; | |
556 | } | |
1b414f59 | 557 | ctx->ctx = e; |
6fc6879b JM |
558 | ctx->msg_ctx = wpa_s; |
559 | ctx->scard_ctx = wpa_s->scard; | |
560 | ctx->cb = eapol_sm_cb; | |
561 | ctx->cb_ctx = e; | |
562 | ctx->eapol_send_ctx = wpa_s; | |
563 | ctx->preauth = 0; | |
564 | ctx->eapol_done_cb = eapol_test_eapol_done_cb; | |
565 | ctx->eapol_send = eapol_test_eapol_send; | |
566 | ctx->set_config_blob = eapol_test_set_config_blob; | |
567 | ctx->get_config_blob = eapol_test_get_config_blob; | |
6fc6879b JM |
568 | ctx->opensc_engine_path = wpa_s->conf->opensc_engine_path; |
569 | ctx->pkcs11_engine_path = wpa_s->conf->pkcs11_engine_path; | |
570 | ctx->pkcs11_module_path = wpa_s->conf->pkcs11_module_path; | |
07e2de31 | 571 | ctx->openssl_ciphers = wpa_s->conf->openssl_ciphers; |
b6077964 | 572 | ctx->eap_param_needed = eapol_test_eap_param_needed; |
4f525d8e | 573 | ctx->cert_cb = eapol_test_cert_cb; |
1b414f59 | 574 | ctx->cert_in_cb = 1; |
e026159a | 575 | ctx->set_anon_id = eapol_test_set_anon_id; |
6fc6879b JM |
576 | |
577 | wpa_s->eapol = eapol_sm_init(ctx); | |
578 | if (wpa_s->eapol == NULL) { | |
579 | os_free(ctx); | |
580 | printf("Failed to initialize EAPOL state machines.\n"); | |
581 | return -1; | |
582 | } | |
583 | ||
584 | wpa_s->current_ssid = ssid; | |
585 | os_memset(&eapol_conf, 0, sizeof(eapol_conf)); | |
586 | eapol_conf.accept_802_1x_keys = 1; | |
587 | eapol_conf.required_keys = 0; | |
588 | eapol_conf.fast_reauth = wpa_s->conf->fast_reauth; | |
589 | eapol_conf.workaround = ssid->eap_workaround; | |
a5d44ac0 | 590 | eapol_conf.external_sim = wpa_s->conf->external_sim; |
6fc6879b JM |
591 | eapol_sm_notify_config(wpa_s->eapol, &ssid->eap, &eapol_conf); |
592 | eapol_sm_register_scard_ctx(wpa_s->eapol, wpa_s->scard); | |
593 | ||
594 | ||
595 | eapol_sm_notify_portValid(wpa_s->eapol, FALSE); | |
596 | /* 802.1X::portControl = Auto */ | |
597 | eapol_sm_notify_portEnabled(wpa_s->eapol, TRUE); | |
598 | ||
599 | return 0; | |
600 | } | |
601 | ||
602 | ||
603 | static void test_eapol_clean(struct eapol_test_data *e, | |
604 | struct wpa_supplicant *wpa_s) | |
605 | { | |
db803a36 TW |
606 | struct extra_radius_attr *p, *prev; |
607 | ||
6fc6879b | 608 | radius_client_deinit(e->radius); |
e100828b | 609 | wpabuf_free(e->last_eap_radius); |
9e7245bd JM |
610 | radius_msg_free(e->last_recv_radius); |
611 | e->last_recv_radius = NULL; | |
6fc6879b JM |
612 | os_free(e->eap_identity); |
613 | e->eap_identity = NULL; | |
614 | eapol_sm_deinit(wpa_s->eapol); | |
615 | wpa_s->eapol = NULL; | |
616 | if (e->radius_conf && e->radius_conf->auth_server) { | |
617 | os_free(e->radius_conf->auth_server->shared_secret); | |
618 | os_free(e->radius_conf->auth_server); | |
619 | } | |
620 | os_free(e->radius_conf); | |
621 | e->radius_conf = NULL; | |
622 | scard_deinit(wpa_s->scard); | |
623 | if (wpa_s->ctrl_iface) { | |
624 | wpa_supplicant_ctrl_iface_deinit(wpa_s->ctrl_iface); | |
625 | wpa_s->ctrl_iface = NULL; | |
626 | } | |
306ae225 JM |
627 | |
628 | ext_password_deinit(wpa_s->ext_pw); | |
629 | wpa_s->ext_pw = NULL; | |
630 | ||
6fc6879b | 631 | wpa_config_free(wpa_s->conf); |
db803a36 TW |
632 | |
633 | p = e->extra_attrs; | |
634 | while (p) { | |
635 | prev = p; | |
636 | p = p->next; | |
637 | os_free(prev); | |
638 | } | |
6fc6879b JM |
639 | } |
640 | ||
641 | ||
642 | static void send_eap_request_identity(void *eloop_ctx, void *timeout_ctx) | |
643 | { | |
644 | struct wpa_supplicant *wpa_s = eloop_ctx; | |
645 | u8 buf[100], *pos; | |
646 | struct ieee802_1x_hdr *hdr; | |
647 | struct eap_hdr *eap; | |
648 | ||
649 | hdr = (struct ieee802_1x_hdr *) buf; | |
650 | hdr->version = EAPOL_VERSION; | |
651 | hdr->type = IEEE802_1X_TYPE_EAP_PACKET; | |
652 | hdr->length = htons(5); | |
653 | ||
654 | eap = (struct eap_hdr *) (hdr + 1); | |
655 | eap->code = EAP_CODE_REQUEST; | |
656 | eap->identifier = 0; | |
657 | eap->length = htons(5); | |
658 | pos = (u8 *) (eap + 1); | |
659 | *pos = EAP_TYPE_IDENTITY; | |
660 | ||
661 | printf("Sending fake EAP-Request-Identity\n"); | |
662 | eapol_sm_rx_eapol(wpa_s->eapol, wpa_s->bssid, buf, | |
663 | sizeof(*hdr) + 5); | |
664 | } | |
665 | ||
666 | ||
667 | static void eapol_test_timeout(void *eloop_ctx, void *timeout_ctx) | |
668 | { | |
669 | struct eapol_test_data *e = eloop_ctx; | |
670 | printf("EAPOL test timed out\n"); | |
671 | e->auth_timed_out = 1; | |
672 | eloop_terminate(); | |
673 | } | |
674 | ||
675 | ||
676 | static char *eap_type_text(u8 type) | |
677 | { | |
678 | switch (type) { | |
679 | case EAP_TYPE_IDENTITY: return "Identity"; | |
680 | case EAP_TYPE_NOTIFICATION: return "Notification"; | |
681 | case EAP_TYPE_NAK: return "Nak"; | |
682 | case EAP_TYPE_TLS: return "TLS"; | |
683 | case EAP_TYPE_TTLS: return "TTLS"; | |
684 | case EAP_TYPE_PEAP: return "PEAP"; | |
685 | case EAP_TYPE_SIM: return "SIM"; | |
686 | case EAP_TYPE_GTC: return "GTC"; | |
687 | case EAP_TYPE_MD5: return "MD5"; | |
688 | case EAP_TYPE_OTP: return "OTP"; | |
689 | case EAP_TYPE_FAST: return "FAST"; | |
690 | case EAP_TYPE_SAKE: return "SAKE"; | |
691 | case EAP_TYPE_PSK: return "PSK"; | |
692 | default: return "Unknown"; | |
693 | } | |
694 | } | |
695 | ||
696 | ||
697 | static void ieee802_1x_decapsulate_radius(struct eapol_test_data *e) | |
698 | { | |
e100828b JM |
699 | struct wpabuf *eap; |
700 | const struct eap_hdr *hdr; | |
6fc6879b JM |
701 | int eap_type = -1; |
702 | char buf[64]; | |
703 | struct radius_msg *msg; | |
704 | ||
705 | if (e->last_recv_radius == NULL) | |
706 | return; | |
707 | ||
708 | msg = e->last_recv_radius; | |
709 | ||
e100828b | 710 | eap = radius_msg_get_eap(msg); |
6fc6879b JM |
711 | if (eap == NULL) { |
712 | /* draft-aboba-radius-rfc2869bis-20.txt, Chap. 2.6.3: | |
713 | * RADIUS server SHOULD NOT send Access-Reject/no EAP-Message | |
714 | * attribute */ | |
715 | wpa_printf(MSG_DEBUG, "could not extract " | |
716 | "EAP-Message from RADIUS message"); | |
e100828b | 717 | wpabuf_free(e->last_eap_radius); |
6fc6879b | 718 | e->last_eap_radius = NULL; |
6fc6879b JM |
719 | return; |
720 | } | |
721 | ||
e100828b | 722 | if (wpabuf_len(eap) < sizeof(*hdr)) { |
6fc6879b JM |
723 | wpa_printf(MSG_DEBUG, "too short EAP packet " |
724 | "received from authentication server"); | |
e100828b | 725 | wpabuf_free(eap); |
6fc6879b JM |
726 | return; |
727 | } | |
728 | ||
e100828b JM |
729 | if (wpabuf_len(eap) > sizeof(*hdr)) |
730 | eap_type = (wpabuf_head_u8(eap))[sizeof(*hdr)]; | |
6fc6879b | 731 | |
e100828b | 732 | hdr = wpabuf_head(eap); |
6fc6879b JM |
733 | switch (hdr->code) { |
734 | case EAP_CODE_REQUEST: | |
735 | os_snprintf(buf, sizeof(buf), "EAP-Request-%s (%d)", | |
736 | eap_type >= 0 ? eap_type_text(eap_type) : "??", | |
737 | eap_type); | |
738 | break; | |
739 | case EAP_CODE_RESPONSE: | |
740 | os_snprintf(buf, sizeof(buf), "EAP Response-%s (%d)", | |
741 | eap_type >= 0 ? eap_type_text(eap_type) : "??", | |
742 | eap_type); | |
743 | break; | |
744 | case EAP_CODE_SUCCESS: | |
745 | os_strlcpy(buf, "EAP Success", sizeof(buf)); | |
746 | /* LEAP uses EAP Success within an authentication, so must not | |
747 | * stop here with eloop_terminate(); */ | |
748 | break; | |
749 | case EAP_CODE_FAILURE: | |
750 | os_strlcpy(buf, "EAP Failure", sizeof(buf)); | |
751 | eloop_terminate(); | |
752 | break; | |
753 | default: | |
754 | os_strlcpy(buf, "unknown EAP code", sizeof(buf)); | |
e100828b | 755 | wpa_hexdump_buf(MSG_DEBUG, "Decapsulated EAP packet", eap); |
6fc6879b JM |
756 | break; |
757 | } | |
758 | wpa_printf(MSG_DEBUG, "decapsulated EAP packet (code=%d " | |
759 | "id=%d len=%d) from RADIUS server: %s", | |
760 | hdr->code, hdr->identifier, ntohs(hdr->length), buf); | |
761 | ||
762 | /* sta->eapol_sm->be_auth.idFromServer = hdr->identifier; */ | |
763 | ||
e100828b | 764 | wpabuf_free(e->last_eap_radius); |
6fc6879b | 765 | e->last_eap_radius = eap; |
6fc6879b JM |
766 | |
767 | { | |
768 | struct ieee802_1x_hdr *dot1x; | |
e100828b | 769 | dot1x = os_malloc(sizeof(*dot1x) + wpabuf_len(eap)); |
6fc6879b JM |
770 | assert(dot1x != NULL); |
771 | dot1x->version = EAPOL_VERSION; | |
772 | dot1x->type = IEEE802_1X_TYPE_EAP_PACKET; | |
e100828b JM |
773 | dot1x->length = htons(wpabuf_len(eap)); |
774 | os_memcpy((u8 *) (dot1x + 1), wpabuf_head(eap), | |
775 | wpabuf_len(eap)); | |
6fc6879b | 776 | eapol_sm_rx_eapol(e->wpa_s->eapol, e->wpa_s->bssid, |
e100828b JM |
777 | (u8 *) dot1x, |
778 | sizeof(*dot1x) + wpabuf_len(eap)); | |
6fc6879b JM |
779 | os_free(dot1x); |
780 | } | |
781 | } | |
782 | ||
783 | ||
784 | static void ieee802_1x_get_keys(struct eapol_test_data *e, | |
785 | struct radius_msg *msg, struct radius_msg *req, | |
8383da80 JM |
786 | const u8 *shared_secret, |
787 | size_t shared_secret_len) | |
6fc6879b JM |
788 | { |
789 | struct radius_ms_mppe_keys *keys; | |
cfdb32e8 JM |
790 | u8 *buf; |
791 | size_t len; | |
6fc6879b JM |
792 | |
793 | keys = radius_msg_get_ms_keys(msg, req, shared_secret, | |
794 | shared_secret_len); | |
795 | if (keys && keys->send == NULL && keys->recv == NULL) { | |
796 | os_free(keys); | |
797 | keys = radius_msg_get_cisco_keys(msg, req, shared_secret, | |
798 | shared_secret_len); | |
799 | } | |
800 | ||
801 | if (keys) { | |
802 | if (keys->send) { | |
803 | wpa_hexdump(MSG_DEBUG, "MS-MPPE-Send-Key (sign)", | |
804 | keys->send, keys->send_len); | |
805 | } | |
806 | if (keys->recv) { | |
807 | wpa_hexdump(MSG_DEBUG, "MS-MPPE-Recv-Key (crypt)", | |
808 | keys->recv, keys->recv_len); | |
809 | e->authenticator_pmk_len = | |
810 | keys->recv_len > PMK_LEN ? PMK_LEN : | |
811 | keys->recv_len; | |
812 | os_memcpy(e->authenticator_pmk, keys->recv, | |
813 | e->authenticator_pmk_len); | |
000a1de7 JM |
814 | if (e->authenticator_pmk_len == 16 && keys->send && |
815 | keys->send_len == 16) { | |
816 | /* MS-CHAP-v2 derives 16 octet keys */ | |
817 | wpa_printf(MSG_DEBUG, "Use MS-MPPE-Send-Key " | |
818 | "to extend PMK to 32 octets"); | |
819 | os_memcpy(e->authenticator_pmk + | |
820 | e->authenticator_pmk_len, | |
821 | keys->send, keys->send_len); | |
822 | e->authenticator_pmk_len += keys->send_len; | |
823 | } | |
6fc6879b JM |
824 | } |
825 | ||
826 | os_free(keys->send); | |
827 | os_free(keys->recv); | |
828 | os_free(keys); | |
829 | } | |
cfdb32e8 JM |
830 | |
831 | if (radius_msg_get_attr_ptr(msg, RADIUS_ATTR_EAP_KEY_NAME, &buf, &len, | |
832 | NULL) == 0) { | |
833 | os_memcpy(e->authenticator_eap_key_name, buf, len); | |
834 | e->authenticator_eap_key_name_len = len; | |
835 | } else { | |
836 | e->authenticator_eap_key_name_len = 0; | |
837 | } | |
6fc6879b JM |
838 | } |
839 | ||
840 | ||
841 | /* Process the RADIUS frames from Authentication Server */ | |
842 | static RadiusRxResult | |
843 | ieee802_1x_receive_auth(struct radius_msg *msg, struct radius_msg *req, | |
8383da80 | 844 | const u8 *shared_secret, size_t shared_secret_len, |
6fc6879b JM |
845 | void *data) |
846 | { | |
847 | struct eapol_test_data *e = data; | |
f5d4a8ea | 848 | struct radius_hdr *hdr = radius_msg_get_hdr(msg); |
6fc6879b JM |
849 | |
850 | /* RFC 2869, Ch. 5.13: valid Message-Authenticator attribute MUST be | |
851 | * present when packet contains an EAP-Message attribute */ | |
f5d4a8ea | 852 | if (hdr->code == RADIUS_CODE_ACCESS_REJECT && |
6fc6879b JM |
853 | radius_msg_get_attr(msg, RADIUS_ATTR_MESSAGE_AUTHENTICATOR, NULL, |
854 | 0) < 0 && | |
855 | radius_msg_get_attr(msg, RADIUS_ATTR_EAP_MESSAGE, NULL, 0) < 0) { | |
856 | wpa_printf(MSG_DEBUG, "Allowing RADIUS " | |
857 | "Access-Reject without Message-Authenticator " | |
858 | "since it does not include EAP-Message\n"); | |
859 | } else if (radius_msg_verify(msg, shared_secret, shared_secret_len, | |
860 | req, 1)) { | |
861 | printf("Incoming RADIUS packet did not have correct " | |
862 | "Message-Authenticator - dropped\n"); | |
863 | return RADIUS_RX_UNKNOWN; | |
864 | } | |
865 | ||
f5d4a8ea JM |
866 | if (hdr->code != RADIUS_CODE_ACCESS_ACCEPT && |
867 | hdr->code != RADIUS_CODE_ACCESS_REJECT && | |
868 | hdr->code != RADIUS_CODE_ACCESS_CHALLENGE) { | |
6fc6879b JM |
869 | printf("Unknown RADIUS message code\n"); |
870 | return RADIUS_RX_UNKNOWN; | |
871 | } | |
872 | ||
873 | e->radius_identifier = -1; | |
874 | wpa_printf(MSG_DEBUG, "RADIUS packet matching with station"); | |
875 | ||
9e7245bd | 876 | radius_msg_free(e->last_recv_radius); |
6fc6879b JM |
877 | e->last_recv_radius = msg; |
878 | ||
f5d4a8ea | 879 | switch (hdr->code) { |
6fc6879b JM |
880 | case RADIUS_CODE_ACCESS_ACCEPT: |
881 | e->radius_access_accept_received = 1; | |
882 | ieee802_1x_get_keys(e, msg, req, shared_secret, | |
883 | shared_secret_len); | |
884 | break; | |
885 | case RADIUS_CODE_ACCESS_REJECT: | |
886 | e->radius_access_reject_received = 1; | |
887 | break; | |
888 | } | |
889 | ||
890 | ieee802_1x_decapsulate_radius(e); | |
891 | ||
f5d4a8ea | 892 | if ((hdr->code == RADIUS_CODE_ACCESS_ACCEPT && |
6fc6879b | 893 | e->eapol_test_num_reauths < 0) || |
f5d4a8ea | 894 | hdr->code == RADIUS_CODE_ACCESS_REJECT) { |
6fc6879b JM |
895 | eloop_terminate(); |
896 | } | |
897 | ||
898 | return RADIUS_RX_QUEUED; | |
899 | } | |
900 | ||
901 | ||
902 | static void wpa_init_conf(struct eapol_test_data *e, | |
903 | struct wpa_supplicant *wpa_s, const char *authsrv, | |
c454f573 TW |
904 | int port, const char *secret, |
905 | const char *cli_addr) | |
6fc6879b JM |
906 | { |
907 | struct hostapd_radius_server *as; | |
908 | int res; | |
909 | ||
910 | wpa_s->bssid[5] = 1; | |
911 | os_memcpy(wpa_s->own_addr, e->own_addr, ETH_ALEN); | |
912 | e->own_ip_addr.s_addr = htonl((127 << 24) | 1); | |
913 | os_strlcpy(wpa_s->ifname, "test", sizeof(wpa_s->ifname)); | |
914 | ||
915 | e->radius_conf = os_zalloc(sizeof(struct hostapd_radius_servers)); | |
916 | assert(e->radius_conf != NULL); | |
917 | e->radius_conf->num_auth_servers = 1; | |
918 | as = os_zalloc(sizeof(struct hostapd_radius_server)); | |
919 | assert(as != NULL); | |
920 | #if defined(CONFIG_NATIVE_WINDOWS) || defined(CONFIG_ANSI_C_EXTRA) | |
921 | { | |
922 | int a[4]; | |
923 | u8 *pos; | |
924 | sscanf(authsrv, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]); | |
925 | pos = (u8 *) &as->addr.u.v4; | |
926 | *pos++ = a[0]; | |
927 | *pos++ = a[1]; | |
928 | *pos++ = a[2]; | |
929 | *pos++ = a[3]; | |
930 | } | |
931 | #else /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ | |
e3a45111 JM |
932 | if (inet_aton(authsrv, &as->addr.u.v4) < 0) { |
933 | wpa_printf(MSG_ERROR, "Invalid IP address '%s'", | |
934 | authsrv); | |
935 | assert(0); | |
936 | } | |
6fc6879b JM |
937 | #endif /* CONFIG_NATIVE_WINDOWS or CONFIG_ANSI_C_EXTRA */ |
938 | as->addr.af = AF_INET; | |
939 | as->port = port; | |
940 | as->shared_secret = (u8 *) os_strdup(secret); | |
941 | as->shared_secret_len = os_strlen(secret); | |
942 | e->radius_conf->auth_server = as; | |
943 | e->radius_conf->auth_servers = as; | |
944 | e->radius_conf->msg_dumps = 1; | |
c454f573 TW |
945 | if (cli_addr) { |
946 | if (hostapd_parse_ip_addr(cli_addr, | |
947 | &e->radius_conf->client_addr) == 0) | |
948 | e->radius_conf->force_client_addr = 1; | |
949 | else { | |
950 | wpa_printf(MSG_ERROR, "Invalid IP address '%s'", | |
951 | cli_addr); | |
952 | assert(0); | |
953 | } | |
954 | } | |
6fc6879b JM |
955 | |
956 | e->radius = radius_client_init(wpa_s, e->radius_conf); | |
957 | assert(e->radius != NULL); | |
958 | ||
959 | res = radius_client_register(e->radius, RADIUS_AUTH, | |
960 | ieee802_1x_receive_auth, e); | |
961 | assert(res == 0); | |
962 | } | |
963 | ||
964 | ||
e9852462 | 965 | static int scard_test(struct eapol_test_data *e) |
6fc6879b JM |
966 | { |
967 | struct scard_data *scard; | |
968 | size_t len; | |
969 | char imsi[20]; | |
970 | unsigned char _rand[16]; | |
971 | #ifdef PCSC_FUNCS | |
972 | unsigned char sres[4]; | |
973 | unsigned char kc[8]; | |
974 | #endif /* PCSC_FUNCS */ | |
975 | #define num_triplets 5 | |
976 | unsigned char rand_[num_triplets][16]; | |
977 | unsigned char sres_[num_triplets][4]; | |
978 | unsigned char kc_[num_triplets][8]; | |
979 | int i, res; | |
980 | size_t j; | |
981 | ||
982 | #define AKA_RAND_LEN 16 | |
983 | #define AKA_AUTN_LEN 16 | |
984 | #define AKA_AUTS_LEN 14 | |
985 | #define RES_MAX_LEN 16 | |
986 | #define IK_LEN 16 | |
987 | #define CK_LEN 16 | |
988 | unsigned char aka_rand[AKA_RAND_LEN]; | |
989 | unsigned char aka_autn[AKA_AUTN_LEN]; | |
990 | unsigned char aka_auts[AKA_AUTS_LEN]; | |
991 | unsigned char aka_res[RES_MAX_LEN]; | |
992 | size_t aka_res_len; | |
993 | unsigned char aka_ik[IK_LEN]; | |
994 | unsigned char aka_ck[CK_LEN]; | |
995 | ||
e9852462 | 996 | scard = scard_init(e->pcsc_reader); |
6fc6879b JM |
997 | if (scard == NULL) |
998 | return -1; | |
e9852462 | 999 | if (scard_set_pin(scard, e->pcsc_pin)) { |
6fc6879b JM |
1000 | wpa_printf(MSG_WARNING, "PIN validation failed"); |
1001 | scard_deinit(scard); | |
1002 | return -1; | |
1003 | } | |
1004 | ||
1005 | len = sizeof(imsi); | |
1006 | if (scard_get_imsi(scard, imsi, &len)) | |
1007 | goto failed; | |
1008 | wpa_hexdump_ascii(MSG_DEBUG, "SCARD: IMSI", (u8 *) imsi, len); | |
1009 | /* NOTE: Permanent Username: 1 | IMSI */ | |
1010 | ||
beec9c3a JM |
1011 | wpa_printf(MSG_DEBUG, "SCARD: MNC length %d", |
1012 | scard_get_mnc_len(scard)); | |
1013 | ||
6fc6879b JM |
1014 | os_memset(_rand, 0, sizeof(_rand)); |
1015 | if (scard_gsm_auth(scard, _rand, sres, kc)) | |
1016 | goto failed; | |
1017 | ||
1018 | os_memset(_rand, 0xff, sizeof(_rand)); | |
1019 | if (scard_gsm_auth(scard, _rand, sres, kc)) | |
1020 | goto failed; | |
1021 | ||
1022 | for (i = 0; i < num_triplets; i++) { | |
1023 | os_memset(rand_[i], i, sizeof(rand_[i])); | |
1024 | if (scard_gsm_auth(scard, rand_[i], sres_[i], kc_[i])) | |
1025 | goto failed; | |
1026 | } | |
1027 | ||
1028 | for (i = 0; i < num_triplets; i++) { | |
1029 | printf("1"); | |
1030 | for (j = 0; j < len; j++) | |
1031 | printf("%c", imsi[j]); | |
1032 | printf(","); | |
1033 | for (j = 0; j < 16; j++) | |
1034 | printf("%02X", rand_[i][j]); | |
1035 | printf(","); | |
1036 | for (j = 0; j < 4; j++) | |
1037 | printf("%02X", sres_[i][j]); | |
1038 | printf(","); | |
1039 | for (j = 0; j < 8; j++) | |
1040 | printf("%02X", kc_[i][j]); | |
1041 | printf("\n"); | |
1042 | } | |
1043 | ||
1044 | wpa_printf(MSG_DEBUG, "Trying to use UMTS authentication"); | |
1045 | ||
1046 | /* seq 39 (0x28) */ | |
1047 | os_memset(aka_rand, 0xaa, 16); | |
1048 | os_memcpy(aka_autn, "\x86\x71\x31\xcb\xa2\xfc\x61\xdf" | |
1049 | "\xa3\xb3\x97\x9d\x07\x32\xa2\x12", 16); | |
1050 | ||
1051 | res = scard_umts_auth(scard, aka_rand, aka_autn, aka_res, &aka_res_len, | |
1052 | aka_ik, aka_ck, aka_auts); | |
1053 | if (res == 0) { | |
1054 | wpa_printf(MSG_DEBUG, "UMTS auth completed successfully"); | |
1055 | wpa_hexdump(MSG_DEBUG, "RES", aka_res, aka_res_len); | |
1056 | wpa_hexdump(MSG_DEBUG, "IK", aka_ik, IK_LEN); | |
1057 | wpa_hexdump(MSG_DEBUG, "CK", aka_ck, CK_LEN); | |
1058 | } else if (res == -2) { | |
1059 | wpa_printf(MSG_DEBUG, "UMTS auth resulted in synchronization " | |
1060 | "failure"); | |
1061 | wpa_hexdump(MSG_DEBUG, "AUTS", aka_auts, AKA_AUTS_LEN); | |
1062 | } else { | |
1063 | wpa_printf(MSG_DEBUG, "UMTS auth failed"); | |
1064 | } | |
1065 | ||
1066 | failed: | |
1067 | scard_deinit(scard); | |
1068 | ||
1069 | return 0; | |
1070 | #undef num_triplets | |
1071 | } | |
1072 | ||
1073 | ||
e9852462 | 1074 | static int scard_get_triplets(struct eapol_test_data *e, int argc, char *argv[]) |
6fc6879b JM |
1075 | { |
1076 | struct scard_data *scard; | |
1077 | size_t len; | |
1078 | char imsi[20]; | |
1079 | unsigned char _rand[16]; | |
1080 | unsigned char sres[4]; | |
1081 | unsigned char kc[8]; | |
1082 | int num_triplets; | |
1083 | int i; | |
1084 | size_t j; | |
1085 | ||
1086 | if (argc < 2 || ((num_triplets = atoi(argv[1])) <= 0)) { | |
1087 | printf("invalid parameters for sim command\n"); | |
1088 | return -1; | |
1089 | } | |
1090 | ||
1091 | if (argc <= 2 || os_strcmp(argv[2], "debug") != 0) { | |
1092 | /* disable debug output */ | |
1093 | wpa_debug_level = 99; | |
1094 | } | |
1095 | ||
e9852462 | 1096 | scard = scard_init(e->pcsc_reader); |
6fc6879b JM |
1097 | if (scard == NULL) { |
1098 | printf("Failed to open smartcard connection\n"); | |
1099 | return -1; | |
1100 | } | |
1101 | if (scard_set_pin(scard, argv[0])) { | |
1102 | wpa_printf(MSG_WARNING, "PIN validation failed"); | |
1103 | scard_deinit(scard); | |
1104 | return -1; | |
1105 | } | |
1106 | ||
1107 | len = sizeof(imsi); | |
1108 | if (scard_get_imsi(scard, imsi, &len)) { | |
1109 | scard_deinit(scard); | |
1110 | return -1; | |
1111 | } | |
1112 | ||
1113 | for (i = 0; i < num_triplets; i++) { | |
1114 | os_memset(_rand, i, sizeof(_rand)); | |
1115 | if (scard_gsm_auth(scard, _rand, sres, kc)) | |
1116 | break; | |
1117 | ||
1118 | /* IMSI:Kc:SRES:RAND */ | |
1119 | for (j = 0; j < len; j++) | |
1120 | printf("%c", imsi[j]); | |
1121 | printf(":"); | |
1122 | for (j = 0; j < 8; j++) | |
1123 | printf("%02X", kc[j]); | |
1124 | printf(":"); | |
1125 | for (j = 0; j < 4; j++) | |
1126 | printf("%02X", sres[j]); | |
1127 | printf(":"); | |
1128 | for (j = 0; j < 16; j++) | |
1129 | printf("%02X", _rand[j]); | |
1130 | printf("\n"); | |
1131 | } | |
1132 | ||
1133 | scard_deinit(scard); | |
1134 | ||
1135 | return 0; | |
1136 | } | |
1137 | ||
1138 | ||
0456ea16 | 1139 | static void eapol_test_terminate(int sig, void *signal_ctx) |
6fc6879b | 1140 | { |
0456ea16 | 1141 | struct wpa_supplicant *wpa_s = signal_ctx; |
6fc6879b JM |
1142 | wpa_msg(wpa_s, MSG_INFO, "Signal %d received - terminating", sig); |
1143 | eloop_terminate(); | |
1144 | } | |
1145 | ||
1146 | ||
1147 | static void usage(void) | |
1148 | { | |
1149 | printf("usage:\n" | |
cfdb32e8 | 1150 | "eapol_test [-enWS] -c<conf> [-a<AS IP>] [-p<AS port>] " |
c454f573 | 1151 | "[-s<AS secret>]\\\n" |
6fc6879b | 1152 | " [-r<count>] [-t<timeout>] [-C<Connect-Info>] \\\n" |
1b414f59 | 1153 | " [-M<client MAC address>] [-o<server cert file] \\\n" |
e9852462 JM |
1154 | " [-N<attr spec>] [-R<PC/SC reader>] " |
1155 | "[-P<PC/SC PIN>] \\\n" | |
db803a36 | 1156 | " [-A<client IP>]\n" |
6fc6879b JM |
1157 | "eapol_test scard\n" |
1158 | "eapol_test sim <PIN> <num triplets> [debug]\n" | |
1159 | "\n"); | |
1160 | printf("options:\n" | |
1161 | " -c<conf> = configuration file\n" | |
1162 | " -a<AS IP> = IP address of the authentication server, " | |
1163 | "default 127.0.0.1\n" | |
1164 | " -p<AS port> = UDP port of the authentication server, " | |
1165 | "default 1812\n" | |
1166 | " -s<AS secret> = shared secret with the authentication " | |
1167 | "server, default 'radius'\n" | |
c454f573 TW |
1168 | " -A<client IP> = IP address of the client, default: select " |
1169 | "automatically\n" | |
6fc6879b | 1170 | " -r<count> = number of re-authentications\n" |
cfdb32e8 | 1171 | " -e = Request EAP-Key-Name\n" |
6fc6879b | 1172 | " -W = wait for a control interface monitor before starting\n" |
2c04820d | 1173 | " -S = save configuration after authentication\n" |
6fc6879b JM |
1174 | " -n = no MPPE keys expected\n" |
1175 | " -t<timeout> = sets timeout in seconds (default: 30 s)\n" | |
1176 | " -C<Connect-Info> = RADIUS Connect-Info (default: " | |
1177 | "CONNECT 11Mbps 802.11b)\n" | |
1178 | " -M<client MAC address> = Set own MAC address " | |
1179 | "(Calling-Station-Id,\n" | |
1e4b9da1 | 1180 | " default: 02:00:00:00:00:01)\n" |
1b414f59 JM |
1181 | " -o<server cert file> = Write received server certificate\n" |
1182 | " chain to the specified file\n" | |
db803a36 TW |
1183 | " -N<attr spec> = send arbitrary attribute specified by:\n" |
1184 | " attr_id:syntax:value or attr_id\n" | |
1185 | " attr_id - number id of the attribute\n" | |
1186 | " syntax - one of: s, d, x\n" | |
1187 | " s = string\n" | |
1188 | " d = integer\n" | |
1189 | " x = octet string\n" | |
1190 | " value - attribute value.\n" | |
1191 | " When only attr_id is specified, NULL will be used as " | |
1192 | "value.\n" | |
1193 | " Multiple attributes can be specified by using the " | |
1194 | "option several times.\n"); | |
6fc6879b JM |
1195 | } |
1196 | ||
1197 | ||
1198 | int main(int argc, char *argv[]) | |
1199 | { | |
94de082b | 1200 | struct wpa_global global; |
6fc6879b JM |
1201 | struct wpa_supplicant wpa_s; |
1202 | int c, ret = 1, wait_for_monitor = 0, save_config = 0; | |
1203 | char *as_addr = "127.0.0.1"; | |
1204 | int as_port = 1812; | |
1205 | char *as_secret = "radius"; | |
c454f573 | 1206 | char *cli_addr = NULL; |
6fc6879b JM |
1207 | char *conf = NULL; |
1208 | int timeout = 30; | |
db803a36 TW |
1209 | char *pos; |
1210 | struct extra_radius_attr *p = NULL, *p1; | |
6fc6879b JM |
1211 | |
1212 | if (os_program_init()) | |
1213 | return -1; | |
1214 | ||
1215 | hostapd_logger_register_cb(hostapd_logger_cb); | |
1216 | ||
1217 | os_memset(&eapol_test, 0, sizeof(eapol_test)); | |
1218 | eapol_test.connect_info = "CONNECT 11Mbps 802.11b"; | |
1219 | os_memcpy(eapol_test.own_addr, "\x02\x00\x00\x00\x00\x01", ETH_ALEN); | |
e9852462 | 1220 | eapol_test.pcsc_pin = "1234"; |
6fc6879b JM |
1221 | |
1222 | wpa_debug_level = 0; | |
1223 | wpa_debug_show_keys = 1; | |
1224 | ||
1225 | for (;;) { | |
e9852462 | 1226 | c = getopt(argc, argv, "a:A:c:C:eM:nN:o:p:P:r:R:s:St:W"); |
6fc6879b JM |
1227 | if (c < 0) |
1228 | break; | |
1229 | switch (c) { | |
1230 | case 'a': | |
1231 | as_addr = optarg; | |
1232 | break; | |
c454f573 TW |
1233 | case 'A': |
1234 | cli_addr = optarg; | |
1235 | break; | |
6fc6879b JM |
1236 | case 'c': |
1237 | conf = optarg; | |
1238 | break; | |
1239 | case 'C': | |
1240 | eapol_test.connect_info = optarg; | |
1241 | break; | |
cfdb32e8 JM |
1242 | case 'e': |
1243 | eapol_test.req_eap_key_name = 1; | |
1244 | break; | |
6fc6879b JM |
1245 | case 'M': |
1246 | if (hwaddr_aton(optarg, eapol_test.own_addr)) { | |
1247 | usage(); | |
1248 | return -1; | |
1249 | } | |
1250 | break; | |
1251 | case 'n': | |
1252 | eapol_test.no_mppe_keys++; | |
1253 | break; | |
1b414f59 JM |
1254 | case 'o': |
1255 | if (eapol_test.server_cert_file) | |
1256 | fclose(eapol_test.server_cert_file); | |
1257 | eapol_test.server_cert_file = fopen(optarg, "w"); | |
1258 | if (eapol_test.server_cert_file == NULL) { | |
1259 | printf("Could not open '%s' for writing\n", | |
1260 | optarg); | |
1261 | return -1; | |
1262 | } | |
1263 | break; | |
6fc6879b JM |
1264 | case 'p': |
1265 | as_port = atoi(optarg); | |
1266 | break; | |
e9852462 JM |
1267 | case 'P': |
1268 | eapol_test.pcsc_pin = optarg; | |
1269 | break; | |
6fc6879b JM |
1270 | case 'r': |
1271 | eapol_test.eapol_test_num_reauths = atoi(optarg); | |
1272 | break; | |
e9852462 JM |
1273 | case 'R': |
1274 | eapol_test.pcsc_reader = optarg; | |
1de809e1 | 1275 | break; |
6fc6879b JM |
1276 | case 's': |
1277 | as_secret = optarg; | |
1278 | break; | |
1279 | case 'S': | |
1280 | save_config++; | |
1281 | break; | |
1282 | case 't': | |
1283 | timeout = atoi(optarg); | |
1284 | break; | |
1285 | case 'W': | |
1286 | wait_for_monitor++; | |
1287 | break; | |
db803a36 | 1288 | case 'N': |
42ad7202 | 1289 | p1 = os_zalloc(sizeof(*p1)); |
db803a36 TW |
1290 | if (p1 == NULL) |
1291 | break; | |
1292 | if (!p) | |
1293 | eapol_test.extra_attrs = p1; | |
1294 | else | |
1295 | p->next = p1; | |
1296 | p = p1; | |
1297 | ||
1298 | p->type = atoi(optarg); | |
1299 | pos = os_strchr(optarg, ':'); | |
1300 | if (pos == NULL) { | |
1301 | p->syntax = 'n'; | |
1302 | p->data = NULL; | |
1303 | break; | |
1304 | } | |
1305 | ||
1306 | pos++; | |
1307 | if (pos[0] == '\0' || pos[1] != ':') { | |
1308 | printf("Incorrect format of attribute " | |
1309 | "specification\n"); | |
1310 | break; | |
1311 | } | |
1312 | ||
1313 | p->syntax = pos[0]; | |
1314 | p->data = pos + 2; | |
1315 | break; | |
6fc6879b JM |
1316 | default: |
1317 | usage(); | |
1318 | return -1; | |
1319 | } | |
1320 | } | |
1321 | ||
1322 | if (argc > optind && os_strcmp(argv[optind], "scard") == 0) { | |
e9852462 | 1323 | return scard_test(&eapol_test); |
6fc6879b JM |
1324 | } |
1325 | ||
1326 | if (argc > optind && os_strcmp(argv[optind], "sim") == 0) { | |
e9852462 | 1327 | return scard_get_triplets(&eapol_test, argc - optind - 1, |
6fc6879b JM |
1328 | &argv[optind + 1]); |
1329 | } | |
1330 | ||
1331 | if (conf == NULL) { | |
1332 | usage(); | |
1333 | printf("Configuration file is required.\n"); | |
1334 | return -1; | |
1335 | } | |
1336 | ||
12760815 | 1337 | if (eap_register_methods()) { |
6fc6879b JM |
1338 | wpa_printf(MSG_ERROR, "Failed to register EAP methods"); |
1339 | return -1; | |
1340 | } | |
1341 | ||
0456ea16 | 1342 | if (eloop_init()) { |
6fc6879b JM |
1343 | wpa_printf(MSG_ERROR, "Failed to initialize event loop"); |
1344 | return -1; | |
1345 | } | |
1346 | ||
94de082b | 1347 | os_memset(&global, 0, sizeof(global)); |
6fc6879b | 1348 | os_memset(&wpa_s, 0, sizeof(wpa_s)); |
94de082b | 1349 | wpa_s.global = &global; |
6fc6879b | 1350 | eapol_test.wpa_s = &wpa_s; |
7e8bc7d6 JM |
1351 | dl_list_init(&wpa_s.bss); |
1352 | dl_list_init(&wpa_s.bss_id); | |
e6304cad | 1353 | wpa_s.conf = wpa_config_read(conf, NULL); |
6fc6879b JM |
1354 | if (wpa_s.conf == NULL) { |
1355 | printf("Failed to parse configuration file '%s'.\n", conf); | |
1356 | return -1; | |
1357 | } | |
1358 | if (wpa_s.conf->ssid == NULL) { | |
1359 | printf("No networks defined.\n"); | |
1360 | return -1; | |
1361 | } | |
1362 | ||
e9852462 JM |
1363 | if (eapol_test.pcsc_reader) { |
1364 | os_free(wpa_s.conf->pcsc_reader); | |
1365 | wpa_s.conf->pcsc_reader = os_strdup(eapol_test.pcsc_reader); | |
1366 | } | |
1367 | ||
c454f573 TW |
1368 | wpa_init_conf(&eapol_test, &wpa_s, as_addr, as_port, as_secret, |
1369 | cli_addr); | |
6fc6879b JM |
1370 | wpa_s.ctrl_iface = wpa_supplicant_ctrl_iface_init(&wpa_s); |
1371 | if (wpa_s.ctrl_iface == NULL) { | |
1372 | printf("Failed to initialize control interface '%s'.\n" | |
1373 | "You may have another eapol_test process already " | |
1374 | "running or the file was\n" | |
1375 | "left by an unclean termination of eapol_test in " | |
1376 | "which case you will need\n" | |
1377 | "to manually remove this file before starting " | |
1378 | "eapol_test again.\n", | |
1379 | wpa_s.conf->ctrl_interface); | |
1380 | return -1; | |
1381 | } | |
1382 | if (wpa_supplicant_scard_init(&wpa_s, wpa_s.conf->ssid)) | |
1383 | return -1; | |
1384 | ||
1385 | if (test_eapol(&eapol_test, &wpa_s, wpa_s.conf->ssid)) | |
1386 | return -1; | |
1387 | ||
306ae225 JM |
1388 | if (wpas_init_ext_pw(&wpa_s) < 0) |
1389 | return -1; | |
1390 | ||
6fc6879b JM |
1391 | if (wait_for_monitor) |
1392 | wpa_supplicant_ctrl_iface_wait(wpa_s.ctrl_iface); | |
1393 | ||
1394 | eloop_register_timeout(timeout, 0, eapol_test_timeout, &eapol_test, | |
1395 | NULL); | |
1396 | eloop_register_timeout(0, 0, send_eap_request_identity, &wpa_s, NULL); | |
0456ea16 JM |
1397 | eloop_register_signal_terminate(eapol_test_terminate, &wpa_s); |
1398 | eloop_register_signal_reconfig(eapol_test_terminate, &wpa_s); | |
6fc6879b JM |
1399 | eloop_run(); |
1400 | ||
1401 | eloop_cancel_timeout(eapol_test_timeout, &eapol_test, NULL); | |
1402 | eloop_cancel_timeout(eapol_sm_reauth, &eapol_test, NULL); | |
1403 | ||
1404 | if (eapol_test_compare_pmk(&eapol_test) == 0 || | |
1405 | eapol_test.no_mppe_keys) | |
1406 | ret = 0; | |
1407 | if (eapol_test.auth_timed_out) | |
1408 | ret = -2; | |
1409 | if (eapol_test.radius_access_reject_received) | |
1410 | ret = -3; | |
1411 | ||
1412 | if (save_config) | |
1413 | wpa_config_write(conf, wpa_s.conf); | |
1414 | ||
1415 | test_eapol_clean(&eapol_test, &wpa_s); | |
1416 | ||
1417 | eap_peer_unregister_methods(); | |
eacc12bf JM |
1418 | #ifdef CONFIG_AP |
1419 | eap_server_unregister_methods(); | |
1420 | #endif /* CONFIG_AP */ | |
6fc6879b JM |
1421 | |
1422 | eloop_destroy(); | |
1423 | ||
1b414f59 JM |
1424 | if (eapol_test.server_cert_file) |
1425 | fclose(eapol_test.server_cert_file); | |
1426 | ||
6fc6879b JM |
1427 | printf("MPPE keys OK: %d mismatch: %d\n", |
1428 | eapol_test.num_mppe_ok, eapol_test.num_mppe_mismatch); | |
1429 | if (eapol_test.num_mppe_mismatch) | |
1430 | ret = -4; | |
1431 | if (ret) | |
1432 | printf("FAILURE\n"); | |
1433 | else | |
1434 | printf("SUCCESS\n"); | |
1435 | ||
1436 | os_program_deinit(); | |
1437 | ||
1438 | return ret; | |
1439 | } |