DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash

Extend dpp_test to cover cases where Initiator/Responder Bootstrap Key
Hash value in DPP Authentication frames is invalid (flip one bit).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 8ca91d4a328df5631d4a9dc05e0c8f51e54699b3..3848524c939bf4f4eb5a680ad0e6ecc41ccc178e 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -1956,6 +1956,9 @@ struct dpp_authentication * dpp_auth_init(void *msg_ctx,
        struct wpabuf *pi = NULL;
        u8 zero[SHA256_MAC_LEN];
        const u8 *r_pubkey_hash, *i_pubkey_hash;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        auth = os_zalloc(sizeof(*auth));
        if (!auth)
@@ -2024,9 +2027,21 @@ struct dpp_authentication * dpp_auth_init(void *msg_ctx,
        if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_REQ) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash");
                r_pubkey_hash = NULL;
+       } else if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               r_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_REQ) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash");
                i_pubkey_hash = NULL;
+       } else if (dpp_test == DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid I-Bootstrap Key Hash");
+               os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               i_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_I_PROTO_KEY_AUTH_REQ) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no I-Proto Key");
                wpabuf_free(pi);
@@ -2468,6 +2483,9 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth)
        int ret = -1;
        const u8 *r_pubkey_hash, *i_pubkey_hash, *r_nonce, *i_nonce;
        enum dpp_status_error status = DPP_STATUS_OK;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        wpa_printf(MSG_DEBUG, "DPP: Build Authentication Response");
        if (!auth->own_bi)
@@ -2553,9 +2571,26 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth)
        if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash");
                r_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               r_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash");
                i_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid I-Bootstrap Key Hash");
+               if (i_pubkey_hash)
+                       os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN);
+               else
+                       os_memset(test_hash, 0, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               i_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_R_PROTO_KEY_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Proto Key");
                wpabuf_free(pr);
@@ -2603,6 +2638,9 @@ static int dpp_auth_build_resp_status(struct dpp_authentication *auth,
 {
        struct wpabuf *msg;
        const u8 *r_pubkey_hash, *i_pubkey_hash, *i_nonce;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        if (!auth->own_bi)
                return -1;
@@ -2620,9 +2658,26 @@ static int dpp_auth_build_resp_status(struct dpp_authentication *auth,
        if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash");
                r_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               r_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash");
                i_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid I-Bootstrap Key Hash");
+               if (i_pubkey_hash)
+                       os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN);
+               else
+                       os_memset(test_hash, 0, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               i_pubkey_hash = test_hash;
        } else if (dpp_test == DPP_TEST_NO_STATUS_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no Status");
                status = -1;
@@ -2929,6 +2984,10 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth,
        u8 *wrapped_i_auth;
        u8 *wrapped_r_nonce;
        u8 *attr_start, *attr_end;
+       const u8 *r_pubkey_hash, *i_pubkey_hash;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        wpa_printf(MSG_DEBUG, "DPP: Build Authentication Confirmation");
 
@@ -2947,6 +3006,12 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth,
 
        attr_start = wpabuf_put(msg, 0);
 
+       r_pubkey_hash = auth->peer_bi->pubkey_hash;
+       if (auth->own_bi)
+               i_pubkey_hash = auth->own_bi->pubkey_hash;
+       else
+               i_pubkey_hash = NULL;
+
 #ifdef CONFIG_TESTING_OPTIONS
        if (dpp_test == DPP_TEST_NO_STATUS_AUTH_CONF)
                goto skip_status;
@@ -2959,31 +3024,48 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth,
 
 #ifdef CONFIG_TESTING_OPTIONS
 skip_status:
-       if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF)
-               goto skip_r_bootstrap_key;
+       if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no R-Bootstrap Key Hash");
+               r_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, r_pubkey_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               r_pubkey_hash = test_hash;
+       } else if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no I-Bootstrap Key Hash");
+               i_pubkey_hash = NULL;
+       } else if (dpp_test ==
+                  DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid I-Bootstrap Key Hash");
+               if (i_pubkey_hash)
+                       os_memcpy(test_hash, i_pubkey_hash, SHA256_MAC_LEN);
+               else
+                       os_memset(test_hash, 0, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               i_pubkey_hash = test_hash;
+       }
 #endif /* CONFIG_TESTING_OPTIONS */
 
        /* Responder Bootstrapping Key Hash */
-       wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH);
-       wpabuf_put_le16(msg, SHA256_MAC_LEN);
-       wpabuf_put_data(msg, auth->peer_bi->pubkey_hash, SHA256_MAC_LEN);
-
-#ifdef CONFIG_TESTING_OPTIONS
-skip_r_bootstrap_key:
-       if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF)
-               goto skip_i_bootstrap_key;
-#endif /* CONFIG_TESTING_OPTIONS */
+       if (r_pubkey_hash) {
+               wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH);
+               wpabuf_put_le16(msg, SHA256_MAC_LEN);
+               wpabuf_put_data(msg, r_pubkey_hash, SHA256_MAC_LEN);
+       }
 
-       if (auth->own_bi) {
+       if (i_pubkey_hash) {
                /* Mutual authentication */
                /* Initiator Bootstrapping Key Hash */
                wpabuf_put_le16(msg, DPP_ATTR_I_BOOTSTRAP_KEY_HASH);
                wpabuf_put_le16(msg, SHA256_MAC_LEN);
-               wpabuf_put_data(msg, auth->own_bi->pubkey_hash, SHA256_MAC_LEN);
+               wpabuf_put_data(msg, i_pubkey_hash, SHA256_MAC_LEN);
        }
 
 #ifdef CONFIG_TESTING_OPTIONS
-skip_i_bootstrap_key:
        if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF)
                goto skip_wrapped_data;
        if (dpp_test == DPP_TEST_NO_I_AUTH_AUTH_CONF)

diff --git a/src/common/dpp.h b/src/common/dpp.h
index 5cb9fce90423a31232c3957db115787719b1b634..25c38a60eca43c1e44355efb3b1b3765d541e82b 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -295,6 +295,12 @@ enum dpp_test_behavior {
        DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65,
        DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66,
        DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67,
+       DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_REQ = 68,
+       DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_REQ = 69,
+       DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_RESP = 70,
+       DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_RESP = 71,
+       DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 72,
+       DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 73,
 };
 
 extern enum dpp_test_behavior dpp_test;