DPP: Protocol testing capability to generate invalid Protocol Key

This extends dpp_test to allow invalid Initiator/Responder Protocol Key
to be written into the Authentication Request/Response frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index cc8f31720f5c5eecc57a536c97e02d16db676520..8ca91d4a328df5631d4a9dc05e0c8f51e54699b3 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -30,6 +30,9 @@
 
 #ifdef CONFIG_TESTING_OPTIONS
 enum dpp_test_behavior dpp_test = DPP_TEST_DISABLED;
+
+static int dpp_test_gen_invalid_key(struct wpabuf *msg,
+                                   const struct dpp_curve_params *curve);
 #endif /* CONFIG_TESTING_OPTIONS */
 
 #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(OPENSSL_IS_BORINGSSL)
@@ -2028,6 +2031,12 @@ struct dpp_authentication * dpp_auth_init(void *msg_ctx,
                wpa_printf(MSG_INFO, "DPP: TESTING - no I-Proto Key");
                wpabuf_free(pi);
                pi = NULL;
+       } else if (dpp_test == DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - invalid I-Proto Key");
+               wpabuf_free(pi);
+               pi = wpabuf_alloc(2 * auth->curve->prime_len);
+               if (!pi || dpp_test_gen_invalid_key(pi, auth->curve) < 0)
+                       goto fail;
        }
 #endif /* CONFIG_TESTING_OPTIONS */
 
@@ -2551,6 +2560,12 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth)
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Proto Key");
                wpabuf_free(pr);
                pr = NULL;
+       } else if (dpp_test == DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - invalid R-Proto Key");
+               wpabuf_free(pr);
+               pr = wpabuf_alloc(2 * auth->curve->prime_len);
+               if (!pr || dpp_test_gen_invalid_key(pr, auth->curve) < 0)
+                       goto fail;
        } else if (dpp_test == DPP_TEST_NO_R_AUTH_AUTH_RESP) {
                wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth");
                w_r_auth = NULL;

diff --git a/src/common/dpp.h b/src/common/dpp.h
index c288a50214f4ce8bce09bc1b4b70f3de371461ff..5cb9fce90423a31232c3957db115787719b1b634 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -293,6 +293,8 @@ enum dpp_test_behavior {
        DPP_TEST_NO_STATUS_PEER_DISC_RESP = 63,
        DPP_TEST_NO_CONNECTOR_PEER_DISC_RESP = 64,
        DPP_TEST_AUTH_RESP_IN_PLACE_OF_CONF = 65,
+       DPP_TEST_INVALID_I_PROTO_KEY_AUTH_REQ = 66,
+       DPP_TEST_INVALID_R_PROTO_KEY_AUTH_RESP = 67,
 };
 
 extern enum dpp_test_behavior dpp_test;