2 # Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
11 logger
= logging
.getLogger()
19 from utils
import HwsimSkip
, alloc_fail
, fail_test
, wait_fail_trigger
20 from test_ap_eap
import check_eap_capa
, check_hlr_auc_gw_support
, int_eap_server_params
21 from test_erp
import check_erp_capa
25 openssl_imported
= True
27 openssl_imported
= False
37 EAP_TYPE_NOTIFICATION
= 2
48 EAP_TYPE_MSCHAPV2
= 26
56 EAP_TYPE_AKA_PRIME
= 50
60 EAP_TYPE_EXPANDED
= 254
62 # Type field in EAP-Initiate and EAP-Finish messages
63 EAP_ERP_TYPE_REAUTH_START
= 1
64 EAP_ERP_TYPE_REAUTH
= 2
66 EAP_ERP_TLV_KEYNAME_NAI
= 1
67 EAP_ERP_TV_RRK_LIFETIME
= 2
68 EAP_ERP_TV_RMSK_LIFETIME
= 3
69 EAP_ERP_TLV_DOMAIN_NAME
= 4
70 EAP_ERP_TLV_CRYPTOSUITES
= 5
71 EAP_ERP_TLV_AUTHORIZATION_INDICATION
= 6
72 EAP_ERP_TLV_CALLED_STATION_ID
= 128
73 EAP_ERP_TLV_CALLING_STATION_ID
= 129
74 EAP_ERP_TLV_NAS_IDENTIFIER
= 130
75 EAP_ERP_TLV_NAS_IP_ADDRESS
= 131
76 EAP_ERP_TLV_NAS_IPV6_ADDRESS
= 132
78 def run_pyrad_server(srv
, t_stop
, eap_handler
):
79 srv
.RunWithStop(t_stop
, eap_handler
)
81 def start_radius_server(eap_handler
):
85 import pyrad
.dictionary
87 raise HwsimSkip("No pyrad modules available")
89 class TestServer(pyrad
.server
.Server
):
90 def _HandleAuthPacket(self
, pkt
):
91 pyrad
.server
.Server
._HandleAuthPacket
(self
, pkt
)
95 eap_req
= self
.eap_handler(self
.ctx
, eap
)
96 reply
= self
.CreateReplyPacket(pkt
)
99 if len(eap_req
) > 253:
100 reply
.AddAttribute("EAP-Message", eap_req
[0:253])
101 eap_req
= eap_req
[253:]
103 reply
.AddAttribute("EAP-Message", eap_req
)
106 logger
.info("No EAP request available")
107 reply
.code
= pyrad
.packet
.AccessChallenge
109 hmac_obj
= hmac
.new(reply
.secret
)
110 hmac_obj
.update(struct
.pack("B", reply
.code
))
111 hmac_obj
.update(struct
.pack("B", reply
.id))
114 reply
.AddAttribute("Message-Authenticator", 16*b
'\x00')
115 attrs
= reply
._PktEncodeAttributes
()
118 flen
= 4 + 16 + len(attrs
)
119 hmac_obj
.update(struct
.pack(">H", flen
))
120 hmac_obj
.update(pkt
.authenticator
)
121 hmac_obj
.update(attrs
)
123 reply
.AddAttribute("Message-Authenticator", hmac_obj
.digest())
125 self
.SendReplyPacket(pkt
.fd
, reply
)
127 def RunWithStop(self
, t_stop
, eap_handler
):
128 self
._poll
= select
.poll()
130 self
._PrepareSockets
()
132 self
.eap_handler
= eap_handler
135 while not t_stop
.is_set():
136 for (fd
, event
) in self
._poll
.poll(200):
137 if event
== select
.POLLIN
:
139 fdo
= self
._fdmap
[fd
]
140 self
._ProcessInput
(fdo
)
141 except pyrad
.server
.ServerPacketError
as err
:
142 logger
.info("pyrad server dropping packet: " + str(err
))
143 except pyrad
.packet
.PacketError
as err
:
144 logger
.info("pyrad server received invalid packet: " + str(err
))
146 logger
.error("Unexpected event in pyrad server main loop")
148 srv
= TestServer(dict=pyrad
.dictionary
.Dictionary("dictionary.radius"),
149 authport
=18138, acctport
=18139)
150 srv
.hosts
["127.0.0.1"] = pyrad
.server
.RemoteHost("127.0.0.1",
153 srv
.BindToAddress("")
154 t_stop
= threading
.Event()
155 t
= threading
.Thread(target
=run_pyrad_server
, args
=(srv
, t_stop
, eap_handler
))
158 return {'srv': srv
, 'stop': t_stop
, 'thread': t
}
160 def stop_radius_server(srv
):
165 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
166 params
['auth_server_port'] = "18138"
167 hapd
= hostapd
.add_ap(ap
, params
)
170 def test_eap_proto(dev
, apdev
):
171 """EAP protocol tests"""
172 check_eap_capa(dev
[0], "MD5")
173 def eap_handler(ctx
, req
):
174 logger
.info("eap_handler - RX " + binascii
.hexlify(req
).decode())
177 ctx
['num'] = ctx
['num'] + 1
180 ctx
['id'] = (ctx
['id'] + 1) % 256
184 if ctx
['num'] == idx
:
185 logger
.info("Test: MD5 challenge")
186 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
191 if ctx
['num'] == idx
:
192 logger
.info("Test: EAP-Success - id off by 2")
193 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] + 1, 4)
196 if ctx
['num'] == idx
:
197 logger
.info("Test: MD5 challenge")
198 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
203 if ctx
['num'] == idx
:
204 logger
.info("Test: EAP-Success - id off by 3")
205 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] + 2, 4)
208 if ctx
['num'] == idx
:
209 logger
.info("Test: MD5 challenge")
210 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
215 if ctx
['num'] == idx
:
216 logger
.info("Test: EAP-Notification/Request")
217 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
219 EAP_TYPE_NOTIFICATION
,
222 if ctx
['num'] == idx
:
223 logger
.info("Test: EAP-Success")
224 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] - 1, 4)
227 if ctx
['num'] == idx
:
228 logger
.info("Test: EAP-Notification/Request")
229 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
231 EAP_TYPE_NOTIFICATION
,
234 if ctx
['num'] == idx
:
235 logger
.info("Test: MD5 challenge")
236 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
241 if ctx
['num'] == idx
:
242 logger
.info("Test: EAP-Success")
243 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] - 1, 4)
246 if ctx
['num'] == idx
:
247 logger
.info("Test: EAP-Notification/Request")
248 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
250 EAP_TYPE_NOTIFICATION
,
253 if ctx
['num'] == idx
:
254 logger
.info("Test: MD5 challenge")
255 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
260 if ctx
['num'] == idx
:
261 logger
.info("Test: EAP-Notification/Request")
262 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
264 EAP_TYPE_NOTIFICATION
,
267 if ctx
['num'] == idx
:
268 logger
.info("Test: EAP-Success")
269 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] - 1, 4)
272 if ctx
['num'] == idx
:
273 logger
.info("Test: EAP-Notification/Request")
274 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
276 EAP_TYPE_NOTIFICATION
,
279 if ctx
['num'] == idx
:
280 logger
.info("Test: EAP-Notification/Request (same id)")
281 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'] - 1,
283 EAP_TYPE_NOTIFICATION
,
286 if ctx
['num'] == idx
:
287 logger
.info("Test: Unexpected EAP-Success")
288 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'] - 2, 4)
292 srv
= start_radius_server(eap_handler
)
295 hapd
= start_ap(apdev
[0])
296 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
298 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
299 eap
="MD5", identity
="user", password
="password",
301 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
303 raise Exception("Timeout on EAP start")
304 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=15)
306 raise Exception("Timeout on EAP success")
307 dev
[0].request("REMOVE_NETWORK all")
309 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
310 eap
="MD5", identity
="user", password
="password",
312 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
314 raise Exception("Timeout on EAP start")
315 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=1)
317 raise Exception("Unexpected EAP success")
318 dev
[0].request("REMOVE_NETWORK all")
320 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
321 eap
="MD5", identity
="user", password
="password",
323 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
325 raise Exception("Timeout on EAP start")
326 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
328 raise Exception("Timeout on EAP notification")
329 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION A":
330 raise Exception("Unexpected notification contents: " + ev
)
331 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=15)
333 raise Exception("Timeout on EAP success")
334 dev
[0].request("REMOVE_NETWORK all")
336 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
337 eap
="MD5", identity
="user", password
="password",
339 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
341 raise Exception("Timeout on EAP notification")
342 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION B":
343 raise Exception("Unexpected notification contents: " + ev
)
344 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
346 raise Exception("Timeout on EAP start")
347 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=15)
349 raise Exception("Timeout on EAP success")
350 dev
[0].request("REMOVE_NETWORK all")
352 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
353 eap
="MD5", identity
="user", password
="password",
355 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
357 raise Exception("Timeout on EAP notification")
358 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION C":
359 raise Exception("Unexpected notification contents: " + ev
)
360 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
362 raise Exception("Timeout on EAP start")
363 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
365 raise Exception("Timeout on EAP notification")
366 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION D":
367 raise Exception("Unexpected notification contents: " + ev
)
368 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=15)
370 raise Exception("Timeout on EAP success")
371 dev
[0].request("REMOVE_NETWORK all")
373 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
374 eap
="MD5", identity
="user", password
="password",
376 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
378 raise Exception("Timeout on EAP notification")
379 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION E":
380 raise Exception("Unexpected notification contents: " + ev
)
381 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-NOTIFICATION"], timeout
=10)
383 raise Exception("Timeout on EAP notification")
384 if ev
!= "<3>CTRL-EVENT-EAP-NOTIFICATION F":
385 raise Exception("Unexpected notification contents: " + ev
)
386 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=15)
388 raise Exception("Timeout on EAP failure")
389 dev
[0].request("REMOVE_NETWORK all")
391 stop_radius_server(srv
)
393 def test_eap_proto_notification_errors(dev
, apdev
):
394 """EAP Notification errors"""
395 def eap_handler(ctx
, req
):
396 logger
.info("eap_handler - RX " + binascii
.hexlify(req
).decode())
399 ctx
['num'] = ctx
['num'] + 1
402 ctx
['id'] = (ctx
['id'] + 1) % 256
406 if ctx
['num'] == idx
:
407 logger
.info("Test: MD5 challenge")
408 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
413 if ctx
['num'] == idx
:
414 logger
.info("Test: EAP-Notification/Request")
415 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
417 EAP_TYPE_NOTIFICATION
,
421 if ctx
['num'] == idx
:
422 logger
.info("Test: MD5 challenge")
423 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
428 if ctx
['num'] == idx
:
429 logger
.info("Test: EAP-Notification/Request")
430 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
432 EAP_TYPE_NOTIFICATION
,
437 srv
= start_radius_server(eap_handler
)
440 hapd
= start_ap(apdev
[0])
441 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
443 with
alloc_fail(dev
[0], 1, "eap_sm_processNotify"):
444 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
445 eap
="MD5", identity
="user", password
="password",
447 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
448 dev
[0].request("REMOVE_NETWORK all")
449 dev
[0].wait_disconnected()
451 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;sm_EAP_NOTIFICATION_Enter"):
452 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
453 eap
="MD5", identity
="user", password
="password",
455 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
456 dev
[0].request("REMOVE_NETWORK all")
457 dev
[0].wait_disconnected()
459 stop_radius_server(srv
)
463 EAP_SAKE_SUBTYPE_CHALLENGE
= 1
464 EAP_SAKE_SUBTYPE_CONFIRM
= 2
465 EAP_SAKE_SUBTYPE_AUTH_REJECT
= 3
466 EAP_SAKE_SUBTYPE_IDENTITY
= 4
468 EAP_SAKE_AT_RAND_S
= 1
469 EAP_SAKE_AT_RAND_P
= 2
470 EAP_SAKE_AT_MIC_S
= 3
471 EAP_SAKE_AT_MIC_P
= 4
472 EAP_SAKE_AT_SERVERID
= 5
473 EAP_SAKE_AT_PEERID
= 6
474 EAP_SAKE_AT_SPI_S
= 7
475 EAP_SAKE_AT_SPI_P
= 8
476 EAP_SAKE_AT_ANY_ID_REQ
= 9
477 EAP_SAKE_AT_PERM_ID_REQ
= 10
478 EAP_SAKE_AT_ENCR_DATA
= 128
480 EAP_SAKE_AT_PADDING
= 130
481 EAP_SAKE_AT_NEXT_TMPID
= 131
482 EAP_SAKE_AT_MSK_LIFE
= 132
484 def test_eap_proto_sake(dev
, apdev
):
485 """EAP-SAKE protocol tests"""
486 global eap_proto_sake_test_done
487 eap_proto_sake_test_done
= False
489 def sake_challenge(ctx
):
490 logger
.info("Test: Challenge subtype")
491 return struct
.pack(">BBHBBBBBBLLLL", EAP_CODE_REQUEST
, ctx
['id'],
494 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CHALLENGE
,
495 EAP_SAKE_AT_RAND_S
, 18, 0, 0, 0, 0)
497 def sake_handler(ctx
, req
):
498 logger
.info("sake_handler - RX " + binascii
.hexlify(req
).decode())
504 ctx
['id'] = (ctx
['id'] + 1) % 256
508 if ctx
['num'] == idx
:
509 logger
.info("Test: Missing payload")
510 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'], 4 + 1,
514 if ctx
['num'] == idx
:
515 logger
.info("Test: Identity subtype without any attributes")
516 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
519 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
)
522 if ctx
['num'] == idx
:
523 logger
.info("Test: Identity subtype")
524 return struct
.pack(">BBHBBBBBBH", EAP_CODE_REQUEST
, ctx
['id'],
527 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
,
528 EAP_SAKE_AT_ANY_ID_REQ
, 4, 0)
530 if ctx
['num'] == idx
:
531 logger
.info("Test: Identity subtype (different session id)")
532 return struct
.pack(">BBHBBBBBBH", EAP_CODE_REQUEST
, ctx
['id'],
535 EAP_SAKE_VERSION
, 1, EAP_SAKE_SUBTYPE_IDENTITY
,
536 EAP_SAKE_AT_PERM_ID_REQ
, 4, 0)
539 if ctx
['num'] == idx
:
540 logger
.info("Test: Identity subtype with too short attribute")
541 return struct
.pack(">BBHBBBBBB", EAP_CODE_REQUEST
, ctx
['id'],
544 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
,
545 EAP_SAKE_AT_ANY_ID_REQ
, 2)
548 if ctx
['num'] == idx
:
549 logger
.info("Test: Identity subtype with truncated attribute")
550 return struct
.pack(">BBHBBBBBB", EAP_CODE_REQUEST
, ctx
['id'],
553 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
,
554 EAP_SAKE_AT_ANY_ID_REQ
, 4)
557 if ctx
['num'] == idx
:
558 logger
.info("Test: Identity subtype with too short attribute header")
559 payload
= struct
.pack("B", EAP_SAKE_AT_ANY_ID_REQ
)
560 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
561 4 + 1 + 3 + len(payload
),
562 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
563 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
566 if ctx
['num'] == idx
:
567 logger
.info("Test: Identity subtype with AT_IV but not AT_ENCR_DATA")
568 payload
= struct
.pack("BB", EAP_SAKE_AT_IV
, 2)
569 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
570 4 + 1 + 3 + len(payload
),
571 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
572 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
575 if ctx
['num'] == idx
:
576 logger
.info("Test: Identity subtype with skippable and non-skippable unknown attribute")
577 payload
= struct
.pack("BBBB", 255, 2, 127, 2)
578 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
579 4 + 1 + 3 + len(payload
),
580 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
581 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
584 if ctx
['num'] == idx
:
585 logger
.info("Test: Identity subtype: AT_RAND_P with invalid payload length")
586 payload
= struct
.pack("BB", EAP_SAKE_AT_RAND_P
, 2)
587 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
588 4 + 1 + 3 + len(payload
),
589 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
590 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
593 if ctx
['num'] == idx
:
594 logger
.info("Test: Identity subtype: AT_MIC_P with invalid payload length")
595 payload
= struct
.pack("BB", EAP_SAKE_AT_MIC_P
, 2)
596 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
597 4 + 1 + 3 + len(payload
),
598 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
599 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
602 if ctx
['num'] == idx
:
603 logger
.info("Test: Identity subtype: AT_PERM_ID_REQ with invalid payload length")
604 payload
= struct
.pack("BBBBBBBBBBBBBB",
605 EAP_SAKE_AT_SPI_S
, 2,
606 EAP_SAKE_AT_SPI_P
, 2,
607 EAP_SAKE_AT_ENCR_DATA
, 2,
608 EAP_SAKE_AT_NEXT_TMPID
, 2,
609 EAP_SAKE_AT_PERM_ID_REQ
, 4, 0, 0,
610 EAP_SAKE_AT_PERM_ID_REQ
, 2)
611 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
612 4 + 1 + 3 + len(payload
),
613 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
614 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
617 if ctx
['num'] == idx
:
618 logger
.info("Test: Identity subtype: AT_PADDING")
619 payload
= struct
.pack("BBBBBB",
620 EAP_SAKE_AT_PADDING
, 3, 0,
621 EAP_SAKE_AT_PADDING
, 3, 1)
622 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
623 4 + 1 + 3 + len(payload
),
624 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
625 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
628 if ctx
['num'] == idx
:
629 logger
.info("Test: Identity subtype: AT_MSK_LIFE")
630 payload
= struct
.pack(">BBLBBH",
631 EAP_SAKE_AT_MSK_LIFE
, 6, 0,
632 EAP_SAKE_AT_MSK_LIFE
, 4, 0)
633 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
634 4 + 1 + 3 + len(payload
),
635 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
636 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
639 if ctx
['num'] == idx
:
640 logger
.info("Test: Identity subtype with invalid attribute length")
641 payload
= struct
.pack("BB", EAP_SAKE_AT_ANY_ID_REQ
, 0)
642 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
643 4 + 1 + 3 + len(payload
),
644 EAP_TYPE_SAKE
, EAP_SAKE_VERSION
, 0,
645 EAP_SAKE_SUBTYPE_IDENTITY
) + payload
648 if ctx
['num'] == idx
:
649 logger
.info("Test: Unknown subtype")
650 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
653 EAP_SAKE_VERSION
, 0, 123)
656 if ctx
['num'] == idx
:
657 logger
.info("Test: Challenge subtype without any attributes")
658 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
661 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CHALLENGE
)
664 if ctx
['num'] == idx
:
665 logger
.info("Test: Challenge subtype with too short AT_RAND_S")
666 return struct
.pack(">BBHBBBBBB", EAP_CODE_REQUEST
, ctx
['id'],
669 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CHALLENGE
,
670 EAP_SAKE_AT_RAND_S
, 2)
673 if ctx
['num'] == idx
:
674 return sake_challenge(ctx
)
676 if ctx
['num'] == idx
:
677 logger
.info("Test: Unexpected Identity subtype")
678 return struct
.pack(">BBHBBBBBBH", EAP_CODE_REQUEST
, ctx
['id'],
681 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
,
682 EAP_SAKE_AT_ANY_ID_REQ
, 4, 0)
685 if ctx
['num'] == idx
:
686 return sake_challenge(ctx
)
688 if ctx
['num'] == idx
:
689 logger
.info("Test: Unexpected Challenge subtype")
690 return struct
.pack(">BBHBBBBBBLLLL", EAP_CODE_REQUEST
, ctx
['id'],
693 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CHALLENGE
,
694 EAP_SAKE_AT_RAND_S
, 18, 0, 0, 0, 0)
697 if ctx
['num'] == idx
:
698 return sake_challenge(ctx
)
700 if ctx
['num'] == idx
:
701 logger
.info("Test: Confirm subtype without any attributes")
702 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
705 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CONFIRM
)
708 if ctx
['num'] == idx
:
709 return sake_challenge(ctx
)
711 if ctx
['num'] == idx
:
712 logger
.info("Test: Confirm subtype with too short AT_MIC_S")
713 return struct
.pack(">BBHBBBBBB", EAP_CODE_REQUEST
, ctx
['id'],
716 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CONFIRM
,
717 EAP_SAKE_AT_MIC_S
, 2)
720 if ctx
['num'] == idx
:
721 logger
.info("Test: Unexpected Confirm subtype")
722 return struct
.pack(">BBHBBBBBBLLLL", EAP_CODE_REQUEST
, ctx
['id'],
725 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CONFIRM
,
726 EAP_SAKE_AT_MIC_S
, 18, 0, 0, 0, 0)
729 if ctx
['num'] == idx
:
730 return sake_challenge(ctx
)
732 if ctx
['num'] == idx
:
733 logger
.info("Test: Confirm subtype with incorrect AT_MIC_S")
734 return struct
.pack(">BBHBBBBBBLLLL", EAP_CODE_REQUEST
, ctx
['id'],
737 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_CONFIRM
,
738 EAP_SAKE_AT_MIC_S
, 18, 0, 0, 0, 0)
740 global eap_proto_sake_test_done
741 if eap_proto_sake_test_done
:
742 return sake_challenge(ctx
)
744 logger
.info("No more test responses available - test case completed")
745 eap_proto_sake_test_done
= True
746 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
748 srv
= start_radius_server(sake_handler
)
751 hapd
= start_ap(apdev
[0])
752 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
754 while not eap_proto_sake_test_done
:
755 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
756 eap
="SAKE", identity
="sake user",
757 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
759 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
761 raise Exception("Timeout on EAP start")
763 dev
[0].request("REMOVE_NETWORK all")
765 logger
.info("Too short password")
766 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
767 eap
="SAKE", identity
="sake user",
768 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcd",
770 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
772 raise Exception("Timeout on EAP start")
775 stop_radius_server(srv
)
777 def test_eap_proto_sake_errors(dev
, apdev
):
778 """EAP-SAKE local error cases"""
779 check_eap_capa(dev
[0], "SAKE")
780 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
781 hapd
= hostapd
.add_ap(apdev
[0], params
)
782 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
784 for i
in range(1, 3):
785 with
alloc_fail(dev
[0], i
, "eap_sake_init"):
786 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
787 eap
="SAKE", identity
="sake user",
788 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
790 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
793 raise Exception("Timeout on EAP start")
794 dev
[0].request("REMOVE_NETWORK all")
795 dev
[0].wait_disconnected()
796 dev
[0].dump_monitor()
798 tests
= [(1, "eap_msg_alloc;eap_sake_build_msg;eap_sake_process_challenge"),
799 (1, "=eap_sake_process_challenge"),
800 (1, "eap_sake_compute_mic;eap_sake_process_challenge"),
801 (1, "eap_sake_build_msg;eap_sake_process_confirm"),
802 (1, "eap_sake_compute_mic;eap_sake_process_confirm"),
803 (2, "eap_sake_compute_mic;=eap_sake_process_confirm"),
804 (1, "eap_sake_getKey"),
805 (1, "eap_sake_get_emsk"),
806 (1, "eap_sake_get_session_id")]
807 for count
, func
in tests
:
808 with
alloc_fail(dev
[0], count
, func
):
809 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
810 eap
="SAKE", identity
="sake user@domain",
811 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
814 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
817 raise Exception("Timeout on EAP start")
818 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
819 dev
[0].request("REMOVE_NETWORK all")
820 dev
[0].wait_disconnected()
821 dev
[0].dump_monitor()
823 tests
= [(1, "os_get_random;eap_sake_process_challenge"),
824 (1, "eap_sake_derive_keys;eap_sake_process_challenge")]
825 for count
, func
in tests
:
826 with
fail_test(dev
[0], count
, func
):
827 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
828 eap
="SAKE", identity
="sake user",
829 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
831 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
833 raise Exception("Timeout on EAP start")
834 wait_fail_trigger(dev
[0], "GET_FAIL")
835 dev
[0].request("REMOVE_NETWORK all")
836 dev
[0].wait_disconnected()
837 dev
[0].dump_monitor()
839 def test_eap_proto_sake_errors2(dev
, apdev
):
840 """EAP-SAKE protocol tests (2)"""
841 def sake_handler(ctx
, req
):
842 logger
.info("sake_handler - RX " + binascii
.hexlify(req
).decode())
848 ctx
['id'] = (ctx
['id'] + 1) % 256
852 if ctx
['num'] == idx
:
853 logger
.info("Test: Identity subtype")
854 return struct
.pack(">BBHBBBBBBH", EAP_CODE_REQUEST
, ctx
['id'],
857 EAP_SAKE_VERSION
, 0, EAP_SAKE_SUBTYPE_IDENTITY
,
858 EAP_SAKE_AT_ANY_ID_REQ
, 4, 0)
860 srv
= start_radius_server(sake_handler
)
863 hapd
= start_ap(apdev
[0])
864 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
866 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sake_build_msg;eap_sake_process_identity"):
867 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
868 eap
="SAKE", identity
="sake user",
869 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
871 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
874 raise Exception("Timeout on EAP start")
875 dev
[0].request("REMOVE_NETWORK all")
876 dev
[0].wait_disconnected()
879 stop_radius_server(srv
)
881 def run_eap_sake_connect(dev
):
882 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
883 eap
="SAKE", identity
="sake user",
884 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
886 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
887 "CTRL-EVENT-DISCONNECTED"],
889 dev
.request("REMOVE_NETWORK all")
890 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
891 dev
.wait_disconnected()
894 def test_eap_proto_sake_errors_server(dev
, apdev
):
895 """EAP-SAKE local error cases on server"""
896 check_eap_capa(dev
[0], "SAKE")
897 params
= int_eap_server_params()
898 params
['erp_domain'] = 'example.com'
899 params
['eap_server_erp'] = '1'
900 hapd
= hostapd
.add_ap(apdev
[0], params
)
901 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
903 tests
= [(1, "eap_sake_init"),
904 (1, "eap_sake_build_msg;eap_sake_build_challenge"),
905 (1, "eap_sake_build_msg;eap_sake_build_confirm"),
906 (1, "eap_sake_compute_mic;eap_sake_build_confirm"),
907 (1, "eap_sake_process_challenge"),
908 (1, "eap_sake_getKey"),
909 (1, "eap_sake_get_emsk"),
910 (1, "eap_sake_get_session_id")]
911 for count
, func
in tests
:
912 with
alloc_fail(hapd
, count
, func
):
913 run_eap_sake_connect(dev
[0])
915 tests
= [(1, "eap_sake_init"),
916 (1, "eap_sake_build_challenge"),
917 (1, "eap_sake_build_confirm"),
918 (1, "eap_sake_derive_keys;eap_sake_process_challenge"),
919 (1, "eap_sake_compute_mic;eap_sake_process_challenge"),
920 (1, "eap_sake_compute_mic;eap_sake_process_confirm"),
921 (1, "eap_sake_compute_mic;eap_sake_build_confirm"),
922 (1, "eap_sake_process_confirm")]
923 for count
, func
in tests
:
924 with
fail_test(hapd
, count
, func
):
925 run_eap_sake_connect(dev
[0])
927 def start_sake_assoc(dev
, hapd
):
928 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
929 eap
="SAKE", identity
="sake user",
930 password_hex
="0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
932 proxy_msg(hapd
, dev
) # EAP-Identity/Request
933 proxy_msg(dev
, hapd
) # EAP-Identity/Response
934 proxy_msg(hapd
, dev
) # SAKE/Challenge/Request
936 def stop_sake_assoc(dev
, hapd
):
937 dev
.request("REMOVE_NETWORK all")
938 dev
.wait_disconnected()
942 def test_eap_proto_sake_server(dev
, apdev
):
943 """EAP-SAKE protocol testing for the server"""
944 check_eap_capa(dev
[0], "SAKE")
945 params
= int_eap_server_params()
946 params
['erp_domain'] = 'example.com'
947 params
['eap_server_erp'] = '1'
948 hapd
= hostapd
.add_ap(apdev
[0], params
)
949 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
950 hapd
.request("SET ext_eapol_frame_io 1")
951 dev
[0].request("SET ext_eapol_frame_io 1")
953 # Successful exchange to verify proxying mechanism
954 start_sake_assoc(dev
[0], hapd
)
955 proxy_msg(dev
[0], hapd
) # SAKE/Challenge/Response
956 proxy_msg(hapd
, dev
[0]) # SAKE/Confirm/Request
957 proxy_msg(dev
[0], hapd
) # SAKE/Confirm/Response
958 proxy_msg(hapd
, dev
[0]) # EAP-Success
959 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 1/4
960 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 2/4
961 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 3/4
962 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 4/4
963 dev
[0].wait_connected()
964 stop_sake_assoc(dev
[0], hapd
)
966 start_sake_assoc(dev
[0], hapd
)
967 resp
= rx_msg(dev
[0])
968 # Too short EAP-SAKE header
969 # --> EAP-SAKE: Invalid frame
970 msg
= resp
[0:4] + "0007" + resp
[8:12] + "0007" + "300200"
971 tx_msg(dev
[0], hapd
, msg
)
973 # --> EAP-SAKE: Unknown version 1
974 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "30010000"
975 tx_msg(dev
[0], hapd
, msg
)
977 # --> EAP-SAKE: Session ID mismatch
978 sess
, = struct
.unpack('B', binascii
.unhexlify(resp
[20:22]))
979 sess
= binascii
.hexlify(struct
.pack('B', sess
+ 1)).decode()
980 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "3002" + sess
+ "00"
981 tx_msg(dev
[0], hapd
, msg
)
983 # --> EAP-SAKE: Unexpected subtype=5 in state=1
984 msg
= resp
[0:22] + "05" + resp
[24:]
985 tx_msg(dev
[0], hapd
, msg
)
987 # --> EAP-SAKE: Response/Challenge did not include AT_RAND_P or AT_MIC_P
988 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + resp
[16:24]
989 tx_msg(dev
[0], hapd
, msg
)
991 stop_sake_assoc(dev
[0], hapd
)
993 start_sake_assoc(dev
[0], hapd
)
994 resp
= rx_msg(dev
[0])
995 # Invalid attribute in challenge
996 # --> EAP-SAKE: Too short attribute
997 msg
= resp
[0:4] + "0009" + resp
[8:12] + "0009" + resp
[16:26]
998 tx_msg(dev
[0], hapd
, msg
)
1000 stop_sake_assoc(dev
[0], hapd
)
1002 start_sake_assoc(dev
[0], hapd
)
1003 proxy_msg(dev
[0], hapd
) # SAKE/Challenge/Response
1004 proxy_msg(hapd
, dev
[0]) # SAKE/Confirm/Request
1005 resp
= rx_msg(dev
[0])
1007 # --> EAP-SAKE: Response/Confirm did not include AT_MIC_P
1008 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + resp
[16:26]
1009 tx_msg(dev
[0], hapd
, msg
)
1011 stop_sake_assoc(dev
[0], hapd
)
1013 start_sake_assoc(dev
[0], hapd
)
1014 proxy_msg(dev
[0], hapd
) # SAKE/Challenge/Response
1015 proxy_msg(hapd
, dev
[0]) # SAKE/Confirm/Request
1016 resp
= rx_msg(dev
[0])
1017 # Invalid attribute in confirm
1018 # --> EAP-SAKE: Too short attribute
1019 msg
= resp
[0:4] + "0009" + resp
[8:12] + "0009" + resp
[16:26]
1020 tx_msg(dev
[0], hapd
, msg
)
1022 stop_sake_assoc(dev
[0], hapd
)
1024 start_sake_assoc(dev
[0], hapd
)
1025 proxy_msg(dev
[0], hapd
) # SAKE/Challenge/Response
1026 proxy_msg(hapd
, dev
[0]) # SAKE/Confirm/Request
1027 resp
= rx_msg(dev
[0])
1028 # Corrupted AT_MIC_P value
1029 # --> EAP-SAKE: Incorrect AT_MIC_P
1030 msg
= resp
[0:30] + "000000000000" + resp
[42:]
1031 tx_msg(dev
[0], hapd
, msg
)
1033 stop_sake_assoc(dev
[0], hapd
)
1035 def test_eap_proto_leap(dev
, apdev
):
1036 """EAP-LEAP protocol tests"""
1037 check_eap_capa(dev
[0], "LEAP")
1038 def leap_handler(ctx
, req
):
1039 logger
.info("leap_handler - RX " + binascii
.hexlify(req
).decode())
1040 if 'num' not in ctx
:
1042 ctx
['num'] = ctx
['num'] + 1
1045 ctx
['id'] = (ctx
['id'] + 1) % 256
1048 logger
.info("Test: Missing payload")
1049 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
1054 logger
.info("Test: Unexpected version")
1055 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
1061 logger
.info("Test: Invalid challenge length")
1062 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
1068 logger
.info("Test: Truncated challenge")
1069 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
1075 logger
.info("Test: Valid challenge")
1076 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1081 logger
.info("Test: Missing payload in Response")
1082 return struct
.pack(">BBHB", EAP_CODE_RESPONSE
, ctx
['id'],
1087 logger
.info("Test: Valid challenge")
1088 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1093 logger
.info("Test: Unexpected version in Response")
1094 return struct
.pack(">BBHBBBB", EAP_CODE_RESPONSE
, ctx
['id'],
1100 logger
.info("Test: Valid challenge")
1101 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1105 if ctx
['num'] == 10:
1106 logger
.info("Test: Invalid challenge length in Response")
1107 return struct
.pack(">BBHBBBB", EAP_CODE_RESPONSE
, ctx
['id'],
1112 if ctx
['num'] == 11:
1113 logger
.info("Test: Valid challenge")
1114 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1118 if ctx
['num'] == 12:
1119 logger
.info("Test: Truncated challenge in Response")
1120 return struct
.pack(">BBHBBBB", EAP_CODE_RESPONSE
, ctx
['id'],
1125 if ctx
['num'] == 13:
1126 logger
.info("Test: Valid challenge")
1127 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1131 if ctx
['num'] == 14:
1132 logger
.info("Test: Invalid challange value in Response")
1133 return struct
.pack(">BBHBBBB6L", EAP_CODE_RESPONSE
, ctx
['id'],
1139 if ctx
['num'] == 15:
1140 logger
.info("Test: Valid challenge")
1141 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1145 if ctx
['num'] == 16:
1146 logger
.info("Test: Valid challange value in Response")
1147 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1151 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1152 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1153 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1155 if ctx
['num'] == 17:
1156 logger
.info("Test: Valid challenge")
1157 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1161 if ctx
['num'] == 18:
1162 logger
.info("Test: Success")
1163 return struct
.pack(">BBHB", EAP_CODE_SUCCESS
, ctx
['id'],
1166 # hostapd will drop the next frame in the sequence
1168 if ctx
['num'] == 19:
1169 logger
.info("Test: Valid challenge")
1170 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1174 if ctx
['num'] == 20:
1175 logger
.info("Test: Failure")
1176 return struct
.pack(">BBHB", EAP_CODE_FAILURE
, ctx
['id'],
1182 srv
= start_radius_server(leap_handler
)
1185 hapd
= start_ap(apdev
[0])
1186 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1188 for i
in range(0, 12):
1189 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1190 eap
="LEAP", identity
="user", password
="password",
1192 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
1194 raise Exception("Timeout on EAP start")
1197 logger
.info("Wait for additional roundtrip")
1199 dev
[0].request("REMOVE_NETWORK all")
1201 stop_radius_server(srv
)
1203 def test_eap_proto_leap_errors(dev
, apdev
):
1204 """EAP-LEAP protocol tests (error paths)"""
1205 check_eap_capa(dev
[0], "LEAP")
1207 def leap_handler2(ctx
, req
):
1208 logger
.info("leap_handler2 - RX " + binascii
.hexlify(req
).decode())
1209 if 'num' not in ctx
:
1211 ctx
['num'] = ctx
['num'] + 1
1214 ctx
['id'] = (ctx
['id'] + 1) % 256
1218 if ctx
['num'] == idx
:
1219 logger
.info("Test: Valid challenge")
1220 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1225 if ctx
['num'] == idx
:
1226 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
1229 if ctx
['num'] == idx
:
1230 logger
.info("Test: Valid challenge")
1231 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1237 if ctx
['num'] == idx
:
1238 logger
.info("Test: Valid challenge")
1239 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1244 if ctx
['num'] == idx
:
1245 logger
.info("Test: Success")
1246 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
1249 if ctx
['num'] == idx
:
1250 logger
.info("Test: Valid challenge")
1251 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1256 if ctx
['num'] == idx
:
1257 logger
.info("Test: Success")
1258 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
1261 if ctx
['num'] == idx
:
1262 logger
.info("Test: Valid challenge")
1263 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1268 if ctx
['num'] == idx
:
1269 logger
.info("Test: Valid challange value in Response")
1270 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1274 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1275 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1276 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1279 if ctx
['num'] == idx
:
1280 logger
.info("Test: Valid challenge")
1281 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1286 if ctx
['num'] == idx
:
1287 logger
.info("Test: Valid challange value in Response")
1288 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1292 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1293 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1294 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1297 if ctx
['num'] == idx
:
1298 logger
.info("Test: Valid challenge")
1299 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1304 if ctx
['num'] == idx
:
1305 logger
.info("Test: Valid challange value in Response")
1306 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1310 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1311 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1312 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1315 if ctx
['num'] == idx
:
1316 logger
.info("Test: Valid challenge")
1317 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1322 if ctx
['num'] == idx
:
1323 logger
.info("Test: Valid challange value in Response")
1324 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1328 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1329 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1330 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1333 if ctx
['num'] == idx
:
1334 logger
.info("Test: Valid challenge")
1335 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1340 if ctx
['num'] == idx
:
1341 logger
.info("Test: Valid challange value in Response")
1342 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1346 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1347 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1348 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1351 if ctx
['num'] == idx
:
1352 logger
.info("Test: Valid challenge")
1353 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1358 if ctx
['num'] == idx
:
1359 logger
.info("Test: Valid challange value in Response")
1360 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1364 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1365 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1366 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1369 if ctx
['num'] == idx
:
1370 logger
.info("Test: Valid challenge")
1371 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1376 if ctx
['num'] == idx
:
1377 logger
.info("Test: Valid challange value in Response")
1378 return struct
.pack(">BBHBBBB24B", EAP_CODE_RESPONSE
, ctx
['id'],
1382 0x48, 0x4e, 0x46, 0xe3, 0x88, 0x49, 0x46, 0xbd,
1383 0x28, 0x48, 0xf8, 0x53, 0x82, 0x50, 0x00, 0x04,
1384 0x93, 0x50, 0x30, 0xd7, 0x25, 0xea, 0x5f, 0x66)
1387 if ctx
['num'] == idx
:
1388 logger
.info("Test: Valid challenge")
1389 return struct
.pack(">BBHBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
1394 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
1396 srv
= start_radius_server(leap_handler2
)
1399 hapd
= start_ap(apdev
[0])
1400 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1402 with
alloc_fail(dev
[0], 1, "eap_leap_init"):
1403 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1404 eap
="LEAP", identity
="user", password
="password",
1406 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
1407 dev
[0].request("REMOVE_NETWORK all")
1408 dev
[0].wait_disconnected()
1410 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_leap_process_request"):
1411 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1412 eap
="LEAP", identity
="user",
1413 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
1415 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
1416 dev
[0].request("REMOVE_NETWORK all")
1417 dev
[0].wait_disconnected()
1419 with
alloc_fail(dev
[0], 1, "eap_leap_process_success"):
1420 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1421 eap
="LEAP", identity
="user", password
="password",
1423 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
1424 dev
[0].request("REMOVE_NETWORK all")
1425 dev
[0].wait_disconnected()
1427 with
fail_test(dev
[0], 1, "os_get_random;eap_leap_process_success"):
1428 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1429 eap
="LEAP", identity
="user", password
="password",
1431 wait_fail_trigger(dev
[0], "GET_FAIL")
1432 dev
[0].request("REMOVE_NETWORK all")
1433 dev
[0].wait_disconnected()
1435 with
fail_test(dev
[0], 1, "eap_leap_process_response"):
1436 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1437 eap
="LEAP", identity
="user",
1438 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
1440 wait_fail_trigger(dev
[0], "GET_FAIL")
1441 dev
[0].request("REMOVE_NETWORK all")
1442 dev
[0].wait_disconnected()
1444 with
fail_test(dev
[0], 1, "nt_password_hash;eap_leap_process_response"):
1445 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1446 eap
="LEAP", identity
="user", password
="password",
1448 wait_fail_trigger(dev
[0], "GET_FAIL")
1449 dev
[0].request("REMOVE_NETWORK all")
1450 dev
[0].wait_disconnected()
1452 with
fail_test(dev
[0], 1, "hash_nt_password_hash;eap_leap_process_response"):
1453 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1454 eap
="LEAP", identity
="user", password
="password",
1456 wait_fail_trigger(dev
[0], "GET_FAIL")
1457 dev
[0].request("REMOVE_NETWORK all")
1458 dev
[0].wait_disconnected()
1460 with
alloc_fail(dev
[0], 1, "eap_leap_getKey"):
1461 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1462 eap
="LEAP", identity
="user",
1463 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
1465 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
1466 dev
[0].request("REMOVE_NETWORK all")
1467 dev
[0].wait_disconnected()
1469 with
fail_test(dev
[0], 1, "eap_leap_getKey"):
1470 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1471 eap
="LEAP", identity
="user",
1472 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
1474 wait_fail_trigger(dev
[0], "GET_FAIL")
1475 dev
[0].request("REMOVE_NETWORK all")
1476 dev
[0].wait_disconnected()
1478 with
fail_test(dev
[0], 1, "nt_password_hash;eap_leap_getKey"):
1479 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1480 eap
="LEAP", identity
="user", password
="password",
1482 wait_fail_trigger(dev
[0], "GET_FAIL")
1483 dev
[0].request("REMOVE_NETWORK all")
1484 dev
[0].wait_disconnected()
1486 with
fail_test(dev
[0], 1, "hash_nt_password_hash;eap_leap_getKey"):
1487 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1488 eap
="LEAP", identity
="user", password
="password",
1490 wait_fail_trigger(dev
[0], "GET_FAIL")
1491 dev
[0].request("REMOVE_NETWORK all")
1492 dev
[0].wait_disconnected()
1494 with
fail_test(dev
[0], 1,
1495 "nt_challenge_response;eap_leap_process_request"):
1496 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1497 eap
="LEAP", identity
="user", password
="password",
1499 wait_fail_trigger(dev
[0], "GET_FAIL")
1500 dev
[0].request("REMOVE_NETWORK all")
1501 dev
[0].wait_disconnected()
1503 stop_radius_server(srv
)
1505 def test_eap_proto_md5(dev
, apdev
):
1506 """EAP-MD5 protocol tests"""
1507 check_eap_capa(dev
[0], "MD5")
1509 def md5_handler(ctx
, req
):
1510 logger
.info("md5_handler - RX " + binascii
.hexlify(req
).decode())
1511 if 'num' not in ctx
:
1513 ctx
['num'] = ctx
['num'] + 1
1516 ctx
['id'] = (ctx
['id'] + 1) % 256
1519 logger
.info("Test: Missing payload")
1520 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
1525 logger
.info("Test: Zero-length challenge")
1526 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1532 logger
.info("Test: Truncated challenge")
1533 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1539 logger
.info("Test: Shortest possible challenge and name")
1540 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
1547 srv
= start_radius_server(md5_handler
)
1550 hapd
= start_ap(apdev
[0])
1551 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1553 for i
in range(0, 4):
1554 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1555 eap
="MD5", identity
="user", password
="password",
1557 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
1559 raise Exception("Timeout on EAP start")
1561 dev
[0].request("REMOVE_NETWORK all")
1563 stop_radius_server(srv
)
1565 def test_eap_proto_md5_errors(dev
, apdev
):
1566 """EAP-MD5 local error cases"""
1567 check_eap_capa(dev
[0], "MD5")
1568 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
1569 hapd
= hostapd
.add_ap(apdev
[0], params
)
1570 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1572 with
fail_test(dev
[0], 1, "chap_md5"):
1573 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1574 eap
="MD5", identity
="phase1-user", password
="password",
1576 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
1578 raise Exception("Timeout on EAP start")
1579 dev
[0].request("REMOVE_NETWORK all")
1580 dev
[0].wait_disconnected()
1582 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_md5_process"):
1583 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1584 eap
="MD5", identity
="phase1-user", password
="password",
1586 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=15)
1588 raise Exception("Timeout on EAP start")
1590 dev
[0].request("REMOVE_NETWORK all")
1592 def run_eap_md5_connect(dev
):
1593 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
1594 eap
="MD5", identity
="phase1-user", password
="password",
1596 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
1597 "CTRL-EVENT-DISCONNECTED"],
1599 dev
.request("REMOVE_NETWORK all")
1600 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
1601 dev
.wait_disconnected()
1604 def test_eap_proto_md5_errors_server(dev
, apdev
):
1605 """EAP-MD5 local error cases on server"""
1606 check_eap_capa(dev
[0], "MD5")
1607 params
= int_eap_server_params()
1608 params
['erp_domain'] = 'example.com'
1609 params
['eap_server_erp'] = '1'
1610 hapd
= hostapd
.add_ap(apdev
[0], params
)
1611 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1613 tests
= [(1, "eap_md5_init")]
1614 for count
, func
in tests
:
1615 with
alloc_fail(hapd
, count
, func
):
1616 run_eap_md5_connect(dev
[0])
1618 tests
= [(1, "os_get_random;eap_md5_buildReq"),
1619 (1, "chap_md5;eap_md5_process")]
1620 for count
, func
in tests
:
1621 with
fail_test(hapd
, count
, func
):
1622 run_eap_md5_connect(dev
[0])
1624 def start_md5_assoc(dev
, hapd
):
1625 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
1626 eap
="MD5", identity
="phase1-user", password
="password",
1628 proxy_msg(hapd
, dev
) # EAP-Identity/Request
1629 proxy_msg(dev
, hapd
) # EAP-Identity/Response
1630 proxy_msg(hapd
, dev
) # MSCHAPV2/Request
1631 proxy_msg(dev
, hapd
) # NAK
1632 proxy_msg(hapd
, dev
) # MD5 Request
1634 def stop_md5_assoc(dev
, hapd
):
1635 dev
.request("REMOVE_NETWORK all")
1636 dev
.wait_disconnected()
1640 def test_eap_proto_md5_server(dev
, apdev
):
1641 """EAP-MD5 protocol testing for the server"""
1642 check_eap_capa(dev
[0], "MD5")
1643 params
= int_eap_server_params()
1644 params
['erp_domain'] = 'example.com'
1645 params
['eap_server_erp'] = '1'
1646 hapd
= hostapd
.add_ap(apdev
[0], params
)
1647 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1648 hapd
.request("SET ext_eapol_frame_io 1")
1649 dev
[0].request("SET ext_eapol_frame_io 1")
1651 # Successful exchange to verify proxying mechanism
1652 start_md5_assoc(dev
[0], hapd
)
1653 proxy_msg(dev
[0], hapd
) # MD5 Response
1654 proxy_msg(hapd
, dev
[0]) # EAP-Success
1655 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=5)
1657 raise Exception("No EAP-Success reported")
1658 stop_md5_assoc(dev
[0], hapd
)
1660 start_md5_assoc(dev
[0], hapd
)
1661 resp
= rx_msg(dev
[0])
1662 # Too short EAP-MD5 header (no length field)
1663 hapd
.note("EAP-MD5: Invalid frame")
1664 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "04"
1665 tx_msg(dev
[0], hapd
, msg
)
1666 # Too short EAP-MD5 header (no length field)
1667 hapd
.note("EAP-MD5: Invalid response (response_len=0 payload_len=1")
1668 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "0400"
1669 tx_msg(dev
[0], hapd
, msg
)
1670 stop_md5_assoc(dev
[0], hapd
)
1672 def test_eap_proto_otp(dev
, apdev
):
1673 """EAP-OTP protocol tests"""
1674 def otp_handler(ctx
, req
):
1675 logger
.info("otp_handler - RX " + binascii
.hexlify(req
).decode())
1676 if 'num' not in ctx
:
1678 ctx
['num'] = ctx
['num'] + 1
1681 ctx
['id'] = (ctx
['id'] + 1) % 256
1684 logger
.info("Test: Empty payload")
1685 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
1689 logger
.info("Test: Success")
1690 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'],
1694 logger
.info("Test: Challenge included")
1695 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1700 logger
.info("Test: Success")
1701 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'],
1706 srv
= start_radius_server(otp_handler
)
1709 hapd
= start_ap(apdev
[0])
1710 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1712 for i
in range(0, 1):
1713 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1714 eap
="OTP", identity
="user", password
="password",
1716 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
1719 raise Exception("Timeout on EAP start")
1721 dev
[0].request("REMOVE_NETWORK all")
1723 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1724 eap
="OTP", identity
="user", wait_connect
=False)
1725 ev
= dev
[0].wait_event(["CTRL-REQ-OTP"])
1727 raise Exception("Request for password timed out")
1728 id = ev
.split(':')[0].split('-')[-1]
1729 dev
[0].request("CTRL-RSP-OTP-" + id + ":password")
1730 ev
= dev
[0].wait_event("CTRL-EVENT-EAP-SUCCESS")
1732 raise Exception("Success not reported")
1734 stop_radius_server(srv
)
1736 def test_eap_proto_otp_errors(dev
, apdev
):
1737 """EAP-OTP local error cases"""
1738 def otp_handler2(ctx
, req
):
1739 logger
.info("otp_handler2 - RX " + binascii
.hexlify(req
).decode())
1740 if 'num' not in ctx
:
1742 ctx
['num'] = ctx
['num'] + 1
1745 ctx
['id'] = (ctx
['id'] + 1) % 256
1749 if ctx
['num'] == idx
:
1750 logger
.info("Test: Challenge included")
1751 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1756 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
1758 srv
= start_radius_server(otp_handler2
)
1761 hapd
= start_ap(apdev
[0])
1762 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
1764 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_otp_process"):
1765 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
1766 eap
="OTP", identity
="user", password
="password",
1768 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
1769 dev
[0].request("REMOVE_NETWORK all")
1770 dev
[0].wait_disconnected()
1772 stop_radius_server(srv
)
1774 EAP_GPSK_OPCODE_GPSK_1
= 1
1775 EAP_GPSK_OPCODE_GPSK_2
= 2
1776 EAP_GPSK_OPCODE_GPSK_3
= 3
1777 EAP_GPSK_OPCODE_GPSK_4
= 4
1778 EAP_GPSK_OPCODE_FAIL
= 5
1779 EAP_GPSK_OPCODE_PROTECTED_FAIL
= 6
1781 def test_eap_proto_gpsk(dev
, apdev
):
1782 """EAP-GPSK protocol tests"""
1783 def gpsk_handler(ctx
, req
):
1784 logger
.info("gpsk_handler - RX " + binascii
.hexlify(req
).decode())
1785 if 'num' not in ctx
:
1787 ctx
['num'] = ctx
['num'] + 1
1790 ctx
['id'] = (ctx
['id'] + 1) % 256
1795 if ctx
['num'] == idx
:
1796 logger
.info("Test: Missing payload")
1797 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
1802 if ctx
['num'] == idx
:
1803 logger
.info("Test: Unknown opcode")
1804 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1810 if ctx
['num'] == idx
:
1811 logger
.info("Test: Unexpected GPSK-3")
1812 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1815 EAP_GPSK_OPCODE_GPSK_3
)
1818 if ctx
['num'] == idx
:
1819 logger
.info("Test: GPSK-1 Too short GPSK-1")
1820 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1823 EAP_GPSK_OPCODE_GPSK_1
)
1826 if ctx
['num'] == idx
:
1827 logger
.info("Test: GPSK-1 Truncated ID_Server")
1828 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
1831 EAP_GPSK_OPCODE_GPSK_1
, 1)
1834 if ctx
['num'] == idx
:
1835 logger
.info("Test: GPSK-1 Missing RAND_Server")
1836 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
1839 EAP_GPSK_OPCODE_GPSK_1
, 0)
1842 if ctx
['num'] == idx
:
1843 logger
.info("Test: GPSK-1 Missing CSuite_List")
1844 return struct
.pack(">BBHBBH8L", EAP_CODE_REQUEST
, ctx
['id'],
1847 EAP_GPSK_OPCODE_GPSK_1
, 0,
1848 0, 0, 0, 0, 0, 0, 0, 0)
1851 if ctx
['num'] == idx
:
1852 logger
.info("Test: GPSK-1 Truncated CSuite_List")
1853 return struct
.pack(">BBHBBH8LH", EAP_CODE_REQUEST
, ctx
['id'],
1854 4 + 1 + 1 + 2 + 32 + 2,
1856 EAP_GPSK_OPCODE_GPSK_1
, 0,
1857 0, 0, 0, 0, 0, 0, 0, 0,
1861 if ctx
['num'] == idx
:
1862 logger
.info("Test: GPSK-1 Empty CSuite_List")
1863 return struct
.pack(">BBHBBH8LH", EAP_CODE_REQUEST
, ctx
['id'],
1864 4 + 1 + 1 + 2 + 32 + 2,
1866 EAP_GPSK_OPCODE_GPSK_1
, 0,
1867 0, 0, 0, 0, 0, 0, 0, 0,
1871 if ctx
['num'] == idx
:
1872 logger
.info("Test: GPSK-1 Invalid CSuite_List")
1873 return struct
.pack(">BBHBBH8LHB", EAP_CODE_REQUEST
, ctx
['id'],
1874 4 + 1 + 1 + 2 + 32 + 2 + 1,
1876 EAP_GPSK_OPCODE_GPSK_1
, 0,
1877 0, 0, 0, 0, 0, 0, 0, 0,
1881 if ctx
['num'] == idx
:
1882 logger
.info("Test: GPSK-1 No supported CSuite")
1883 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1884 4 + 1 + 1 + 2 + 32 + 2 + 6,
1886 EAP_GPSK_OPCODE_GPSK_1
, 0,
1887 0, 0, 0, 0, 0, 0, 0, 0,
1891 if ctx
['num'] == idx
:
1892 logger
.info("Test: GPSK-1 Supported CSuite")
1893 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1894 4 + 1 + 1 + 2 + 32 + 2 + 6,
1896 EAP_GPSK_OPCODE_GPSK_1
, 0,
1897 0, 0, 0, 0, 0, 0, 0, 0,
1900 if ctx
['num'] == idx
:
1901 logger
.info("Test: Unexpected GPSK-1")
1902 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1903 4 + 1 + 1 + 2 + 32 + 2 + 6,
1905 EAP_GPSK_OPCODE_GPSK_1
, 0,
1906 0, 0, 0, 0, 0, 0, 0, 0,
1910 if ctx
['num'] == idx
:
1911 logger
.info("Test: GPSK-1 Supported CSuite but too short key")
1912 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1913 4 + 1 + 1 + 2 + 32 + 2 + 6,
1915 EAP_GPSK_OPCODE_GPSK_1
, 0,
1916 0, 0, 0, 0, 0, 0, 0, 0,
1920 if ctx
['num'] == idx
:
1921 logger
.info("Test: GPSK-1 Supported CSuite")
1922 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1923 4 + 1 + 1 + 2 + 32 + 2 + 6,
1925 EAP_GPSK_OPCODE_GPSK_1
, 0,
1926 0, 0, 0, 0, 0, 0, 0, 0,
1929 if ctx
['num'] == idx
:
1930 logger
.info("Test: Too short GPSK-3")
1931 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1934 EAP_GPSK_OPCODE_GPSK_3
)
1937 if ctx
['num'] == idx
:
1938 logger
.info("Test: GPSK-1 Supported CSuite")
1939 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1940 4 + 1 + 1 + 2 + 32 + 2 + 6,
1942 EAP_GPSK_OPCODE_GPSK_1
, 0,
1943 0, 0, 0, 0, 0, 0, 0, 0,
1946 if ctx
['num'] == idx
:
1947 logger
.info("Test: GPSK-3 Mismatch in RAND_Peer")
1948 return struct
.pack(">BBHBB8L", EAP_CODE_REQUEST
, ctx
['id'],
1951 EAP_GPSK_OPCODE_GPSK_3
,
1952 0, 0, 0, 0, 0, 0, 0, 0)
1955 if ctx
['num'] == idx
:
1956 logger
.info("Test: GPSK-1 Supported CSuite")
1957 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1958 4 + 1 + 1 + 2 + 32 + 2 + 6,
1960 EAP_GPSK_OPCODE_GPSK_1
, 0,
1961 0, 0, 0, 0, 0, 0, 0, 0,
1964 if ctx
['num'] == idx
:
1965 logger
.info("Test: GPSK-3 Missing RAND_Server")
1966 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1969 EAP_GPSK_OPCODE_GPSK_3
)
1974 if ctx
['num'] == idx
:
1975 logger
.info("Test: GPSK-1 Supported CSuite")
1976 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1977 4 + 1 + 1 + 2 + 32 + 2 + 6,
1979 EAP_GPSK_OPCODE_GPSK_1
, 0,
1980 0, 0, 0, 0, 0, 0, 0, 0,
1983 if ctx
['num'] == idx
:
1984 logger
.info("Test: GPSK-3 Mismatch in RAND_Server")
1985 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
1986 4 + 1 + 1 + 32 + 32,
1988 EAP_GPSK_OPCODE_GPSK_3
)
1990 msg
+= struct
.pack(">8L", 1, 1, 1, 1, 1, 1, 1, 1)
1994 if ctx
['num'] == idx
:
1995 logger
.info("Test: GPSK-1 Supported CSuite")
1996 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
1997 4 + 1 + 1 + 2 + 32 + 2 + 6,
1999 EAP_GPSK_OPCODE_GPSK_1
, 0,
2000 0, 0, 0, 0, 0, 0, 0, 0,
2003 if ctx
['num'] == idx
:
2004 logger
.info("Test: GPSK-3 Missing ID_Server")
2005 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2006 4 + 1 + 1 + 32 + 32,
2008 EAP_GPSK_OPCODE_GPSK_3
)
2010 msg
+= struct
.pack(">8L", 0, 0, 0, 0, 0, 0, 0, 0)
2014 if ctx
['num'] == idx
:
2015 logger
.info("Test: GPSK-1 Supported CSuite")
2016 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2017 4 + 1 + 1 + 2 + 32 + 2 + 6,
2019 EAP_GPSK_OPCODE_GPSK_1
, 0,
2020 0, 0, 0, 0, 0, 0, 0, 0,
2023 if ctx
['num'] == idx
:
2024 logger
.info("Test: GPSK-3 Truncated ID_Server")
2025 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2026 4 + 1 + 1 + 32 + 32 + 2,
2028 EAP_GPSK_OPCODE_GPSK_3
)
2030 msg
+= struct
.pack(">8LH", 0, 0, 0, 0, 0, 0, 0, 0, 1)
2034 if ctx
['num'] == idx
:
2035 logger
.info("Test: GPSK-1 Supported CSuite")
2036 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2037 4 + 1 + 1 + 2 + 32 + 2 + 6,
2039 EAP_GPSK_OPCODE_GPSK_1
, 0,
2040 0, 0, 0, 0, 0, 0, 0, 0,
2043 if ctx
['num'] == idx
:
2044 logger
.info("Test: GPSK-3 Mismatch in ID_Server")
2045 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2046 4 + 1 + 1 + 32 + 32 + 3,
2048 EAP_GPSK_OPCODE_GPSK_3
)
2050 msg
+= struct
.pack(">8LHB", 0, 0, 0, 0, 0, 0, 0, 0, 1, ord('B'))
2054 if ctx
['num'] == idx
:
2055 logger
.info("Test: GPSK-1 Supported CSuite")
2056 return struct
.pack(">BBHBBHB8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2057 4 + 1 + 1 + 3 + 32 + 2 + 6,
2059 EAP_GPSK_OPCODE_GPSK_1
, 1, ord('A'),
2060 0, 0, 0, 0, 0, 0, 0, 0,
2063 if ctx
['num'] == idx
:
2064 logger
.info("Test: GPSK-3 Mismatch in ID_Server (same length)")
2065 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2066 4 + 1 + 1 + 32 + 32 + 3,
2068 EAP_GPSK_OPCODE_GPSK_3
)
2070 msg
+= struct
.pack(">8LHB", 0, 0, 0, 0, 0, 0, 0, 0, 1, ord('B'))
2074 if ctx
['num'] == idx
:
2075 logger
.info("Test: GPSK-1 Supported CSuite")
2076 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2077 4 + 1 + 1 + 2 + 32 + 2 + 6,
2079 EAP_GPSK_OPCODE_GPSK_1
, 0,
2080 0, 0, 0, 0, 0, 0, 0, 0,
2083 if ctx
['num'] == idx
:
2084 logger
.info("Test: GPSK-3 Missing CSuite_Sel")
2085 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2086 4 + 1 + 1 + 32 + 32 + 2,
2088 EAP_GPSK_OPCODE_GPSK_3
)
2090 msg
+= struct
.pack(">8LH", 0, 0, 0, 0, 0, 0, 0, 0, 0)
2094 if ctx
['num'] == idx
:
2095 logger
.info("Test: GPSK-1 Supported CSuite")
2096 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2097 4 + 1 + 1 + 2 + 32 + 2 + 6,
2099 EAP_GPSK_OPCODE_GPSK_1
, 0,
2100 0, 0, 0, 0, 0, 0, 0, 0,
2103 if ctx
['num'] == idx
:
2104 logger
.info("Test: GPSK-3 Mismatch in CSuite_Sel")
2105 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2106 4 + 1 + 1 + 32 + 32 + 2 + 6,
2108 EAP_GPSK_OPCODE_GPSK_3
)
2110 msg
+= struct
.pack(">8LHLH", 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 2)
2114 if ctx
['num'] == idx
:
2115 logger
.info("Test: GPSK-1 Supported CSuite")
2116 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2117 4 + 1 + 1 + 2 + 32 + 2 + 6,
2119 EAP_GPSK_OPCODE_GPSK_1
, 0,
2120 0, 0, 0, 0, 0, 0, 0, 0,
2123 if ctx
['num'] == idx
:
2124 logger
.info("Test: GPSK-3 Missing len(PD_Payload_Block)")
2125 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2126 4 + 1 + 1 + 32 + 32 + 2 + 6,
2128 EAP_GPSK_OPCODE_GPSK_3
)
2130 msg
+= struct
.pack(">8LHLH", 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1)
2134 if ctx
['num'] == idx
:
2135 logger
.info("Test: GPSK-1 Supported CSuite")
2136 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2137 4 + 1 + 1 + 2 + 32 + 2 + 6,
2139 EAP_GPSK_OPCODE_GPSK_1
, 0,
2140 0, 0, 0, 0, 0, 0, 0, 0,
2143 if ctx
['num'] == idx
:
2144 logger
.info("Test: GPSK-3 Truncated PD_Payload_Block")
2145 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2146 4 + 1 + 1 + 32 + 32 + 2 + 6 + 2,
2148 EAP_GPSK_OPCODE_GPSK_3
)
2150 msg
+= struct
.pack(">8LHLHH", 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1)
2154 if ctx
['num'] == idx
:
2155 logger
.info("Test: GPSK-1 Supported CSuite")
2156 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2157 4 + 1 + 1 + 2 + 32 + 2 + 6,
2159 EAP_GPSK_OPCODE_GPSK_1
, 0,
2160 0, 0, 0, 0, 0, 0, 0, 0,
2163 if ctx
['num'] == idx
:
2164 logger
.info("Test: GPSK-3 Missing MAC")
2165 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2166 4 + 1 + 1 + 32 + 32 + 2 + 6 + 3,
2168 EAP_GPSK_OPCODE_GPSK_3
)
2170 msg
+= struct
.pack(">8LHLHHB",
2171 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 123)
2175 if ctx
['num'] == idx
:
2176 logger
.info("Test: GPSK-1 Supported CSuite")
2177 return struct
.pack(">BBHBBH8LHLH", EAP_CODE_REQUEST
, ctx
['id'],
2178 4 + 1 + 1 + 2 + 32 + 2 + 6,
2180 EAP_GPSK_OPCODE_GPSK_1
, 0,
2181 0, 0, 0, 0, 0, 0, 0, 0,
2184 if ctx
['num'] == idx
:
2185 logger
.info("Test: GPSK-3 Incorrect MAC")
2186 msg
= struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2187 4 + 1 + 1 + 32 + 32 + 2 + 6 + 3 + 16,
2189 EAP_GPSK_OPCODE_GPSK_3
)
2191 msg
+= struct
.pack(">8LHLHHB4L",
2192 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 123,
2198 srv
= start_radius_server(gpsk_handler
)
2201 hapd
= start_ap(apdev
[0])
2202 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
2204 for i
in range(0, 27):
2208 pw
= "abcdefghijklmnop0123456789abcdef"
2209 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
2210 eap
="GPSK", identity
="user", password
=pw
,
2212 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
2215 raise Exception("Timeout on EAP start")
2217 dev
[0].request("REMOVE_NETWORK all")
2219 stop_radius_server(srv
)
2221 def run_eap_gpsk_connect(dev
):
2222 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
2223 eap
="GPSK", identity
="gpsk user",
2224 password
="abcdefghijklmnop0123456789abcdef",
2226 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
2227 "CTRL-EVENT-DISCONNECTED"],
2229 dev
.request("REMOVE_NETWORK all")
2230 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
2231 dev
.wait_disconnected()
2234 def test_eap_proto_gpsk_errors_server(dev
, apdev
):
2235 """EAP-GPSK local error cases on server"""
2236 check_eap_capa(dev
[0], "GPSK")
2237 params
= int_eap_server_params()
2238 params
['erp_domain'] = 'example.com'
2239 params
['eap_server_erp'] = '1'
2240 hapd
= hostapd
.add_ap(apdev
[0], params
)
2241 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
2243 tests
= [(1, "eap_gpsk_init"),
2244 (1, "eap_msg_alloc;eap_gpsk_build_gpsk_1"),
2245 (1, "eap_msg_alloc;eap_gpsk_build_gpsk_3"),
2246 (1, "eap_gpsk_process_gpsk_2"),
2247 (1, "eap_gpsk_derive_keys;eap_gpsk_process_gpsk_2"),
2248 (1, "eap_gpsk_derive_session_id;eap_gpsk_process_gpsk_2"),
2249 (1, "eap_gpsk_getKey"),
2250 (1, "eap_gpsk_get_emsk"),
2251 (1, "eap_gpsk_get_session_id")]
2252 for count
, func
in tests
:
2253 with
alloc_fail(hapd
, count
, func
):
2254 run_eap_gpsk_connect(dev
[0])
2256 tests
= [(1, "os_get_random;eap_gpsk_build_gpsk_1"),
2257 (1, "eap_gpsk_compute_mic;eap_gpsk_build_gpsk_3"),
2258 (1, "eap_gpsk_derive_keys;eap_gpsk_process_gpsk_2"),
2259 (1, "eap_gpsk_derive_session_id;eap_gpsk_process_gpsk_2"),
2260 (1, "eap_gpsk_compute_mic;eap_gpsk_process_gpsk_2"),
2261 (1, "eap_gpsk_compute_mic;eap_gpsk_process_gpsk_4")]
2262 for count
, func
in tests
:
2263 with
fail_test(hapd
, count
, func
):
2264 run_eap_gpsk_connect(dev
[0])
2266 def start_gpsk_assoc(dev
, hapd
):
2267 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
2268 eap
="GPSK", identity
="gpsk user",
2269 password
="abcdefghijklmnop0123456789abcdef",
2271 proxy_msg(hapd
, dev
) # EAP-Identity/Request
2272 proxy_msg(dev
, hapd
) # EAP-Identity/Response
2273 proxy_msg(hapd
, dev
) # GPSK-1
2275 def stop_gpsk_assoc(dev
, hapd
):
2276 dev
.request("REMOVE_NETWORK all")
2277 dev
.wait_disconnected()
2281 def test_eap_proto_gpsk_server(dev
, apdev
):
2282 """EAP-GPSK protocol testing for the server"""
2283 check_eap_capa(dev
[0], "GPSK")
2284 params
= int_eap_server_params()
2285 params
['erp_domain'] = 'example.com'
2286 params
['eap_server_erp'] = '1'
2287 hapd
= hostapd
.add_ap(apdev
[0], params
)
2288 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
2289 hapd
.request("SET ext_eapol_frame_io 1")
2290 dev
[0].request("SET ext_eapol_frame_io 1")
2292 # Successful exchange to verify proxying mechanism
2293 start_gpsk_assoc(dev
[0], hapd
)
2294 proxy_msg(dev
[0], hapd
) # GPSK-2
2295 proxy_msg(hapd
, dev
[0]) # GPSK-3
2296 proxy_msg(dev
[0], hapd
) # GPSK-4
2297 proxy_msg(hapd
, dev
[0]) # EAP-Success
2298 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 1/4
2299 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 2/4
2300 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 3/4
2301 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 4/4
2302 dev
[0].wait_connected()
2303 stop_gpsk_assoc(dev
[0], hapd
)
2305 start_gpsk_assoc(dev
[0], hapd
)
2306 resp
= rx_msg(dev
[0])
2307 # Too short EAP-GPSK header (no OP-Code)
2308 # --> EAP-GPSK: Invalid frame
2309 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "33"
2310 tx_msg(dev
[0], hapd
, msg
)
2312 # --> EAP-GPSK: Unexpected opcode=7 in state=0
2313 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "3307"
2314 tx_msg(dev
[0], hapd
, msg
)
2316 # --> EAP-GPSK: Too short message for ID_Peer length
2317 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "3302"
2318 tx_msg(dev
[0], hapd
, msg
)
2320 stop_gpsk_assoc(dev
[0], hapd
)
2322 start_gpsk_assoc(dev
[0], hapd
)
2323 resp
= rx_msg(dev
[0])
2325 # --> EAP-GPSK: Too short message for ID_Peer
2326 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "33020001"
2327 tx_msg(dev
[0], hapd
, msg
)
2329 stop_gpsk_assoc(dev
[0], hapd
)
2331 start_gpsk_assoc(dev
[0], hapd
)
2332 resp
= rx_msg(dev
[0])
2334 # --> EAP-GPSK: Too short message for ID_Server length
2335 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "33020000"
2336 tx_msg(dev
[0], hapd
, msg
)
2338 stop_gpsk_assoc(dev
[0], hapd
)
2340 start_gpsk_assoc(dev
[0], hapd
)
2341 resp
= rx_msg(dev
[0])
2343 # --> EAP-GPSK: Too short message for ID_Server
2344 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "330200000001"
2345 tx_msg(dev
[0], hapd
, msg
)
2347 stop_gpsk_assoc(dev
[0], hapd
)
2349 start_gpsk_assoc(dev
[0], hapd
)
2350 resp
= rx_msg(dev
[0])
2351 # ID_Server mismatch
2352 # --> EAP-GPSK: ID_Server in GPSK-1 and GPSK-2 did not match
2353 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "330200000000"
2354 tx_msg(dev
[0], hapd
, msg
)
2356 stop_gpsk_assoc(dev
[0], hapd
)
2358 start_gpsk_assoc(dev
[0], hapd
)
2359 resp
= rx_msg(dev
[0])
2361 # --> EAP-GPSK: Too short message for RAND_Peer
2362 msg
= resp
[0:4] + "0011" + resp
[8:12] + "0011" + "330200000007" + binascii
.hexlify(b
"hostapd").decode()
2363 tx_msg(dev
[0], hapd
, msg
)
2365 stop_gpsk_assoc(dev
[0], hapd
)
2367 start_gpsk_assoc(dev
[0], hapd
)
2368 resp
= rx_msg(dev
[0])
2370 # --> EAP-GPSK: Too short message for RAND_Server
2371 msg
= resp
[0:4] + "0031" + resp
[8:12] + "0031" + "330200000007" + binascii
.hexlify(b
"hostapd").decode() + 32*"00"
2372 tx_msg(dev
[0], hapd
, msg
)
2374 stop_gpsk_assoc(dev
[0], hapd
)
2376 start_gpsk_assoc(dev
[0], hapd
)
2377 resp
= rx_msg(dev
[0])
2378 # RAND_Server mismatch
2379 # --> EAP-GPSK: RAND_Server in GPSK-1 and GPSK-2 did not match
2380 msg
= resp
[0:4] + "0051" + resp
[8:12] + "0051" + "330200000007" + binascii
.hexlify(b
"hostapd").decode() + 32*"00" + 32*"00"
2381 tx_msg(dev
[0], hapd
, msg
)
2383 stop_gpsk_assoc(dev
[0], hapd
)
2385 start_gpsk_assoc(dev
[0], hapd
)
2386 resp
= rx_msg(dev
[0])
2388 # --> EAP-GPSK: Too short message for CSuite_List length
2389 msg
= resp
[0:4] + "005a" + resp
[8:12] + "005a" + resp
[16:188]
2390 tx_msg(dev
[0], hapd
, msg
)
2392 stop_gpsk_assoc(dev
[0], hapd
)
2394 start_gpsk_assoc(dev
[0], hapd
)
2395 resp
= rx_msg(dev
[0])
2397 # --> EAP-GPSK: Too short message for CSuite_List
2398 msg
= resp
[0:4] + "005c" + resp
[8:12] + "005c" + resp
[16:192]
2399 tx_msg(dev
[0], hapd
, msg
)
2401 stop_gpsk_assoc(dev
[0], hapd
)
2403 start_gpsk_assoc(dev
[0], hapd
)
2404 resp
= rx_msg(dev
[0])
2406 # --> EAP-GPSK: CSuite_List in GPSK-1 and GPSK-2 did not match
2407 msg
= resp
[0:4] + "005c" + resp
[8:12] + "005c" + resp
[16:188] + "0000"
2408 tx_msg(dev
[0], hapd
, msg
)
2410 stop_gpsk_assoc(dev
[0], hapd
)
2412 start_gpsk_assoc(dev
[0], hapd
)
2413 resp
= rx_msg(dev
[0])
2415 # --> EAP-GPSK: Too short message for CSuite_Sel
2416 msg
= resp
[0:4] + "0068" + resp
[8:12] + "0068" + resp
[16:216]
2417 tx_msg(dev
[0], hapd
, msg
)
2419 stop_gpsk_assoc(dev
[0], hapd
)
2421 start_gpsk_assoc(dev
[0], hapd
)
2422 resp
= rx_msg(dev
[0])
2423 # Unsupported CSuite_Sel
2424 # --> EAP-GPSK: Peer selected unsupported ciphersuite 0:255
2425 msg
= resp
[0:4] + "006e" + resp
[8:12] + "006e" + resp
[16:226] + "ff"
2426 tx_msg(dev
[0], hapd
, msg
)
2428 stop_gpsk_assoc(dev
[0], hapd
)
2430 start_gpsk_assoc(dev
[0], hapd
)
2431 resp
= rx_msg(dev
[0])
2433 # --> EAP-GPSK: Too short message for PD_Payload_1 length
2434 msg
= resp
[0:4] + "006e" + resp
[8:12] + "006e" + resp
[16:228]
2435 tx_msg(dev
[0], hapd
, msg
)
2437 stop_gpsk_assoc(dev
[0], hapd
)
2439 start_gpsk_assoc(dev
[0], hapd
)
2440 resp
= rx_msg(dev
[0])
2442 # --> EAP-GPSK: Too short message for PD_Payload_1
2443 msg
= resp
[0:4] + "0070" + resp
[8:12] + "0070" + resp
[16:230] + "ff"
2444 tx_msg(dev
[0], hapd
, msg
)
2446 stop_gpsk_assoc(dev
[0], hapd
)
2448 start_gpsk_assoc(dev
[0], hapd
)
2449 resp
= rx_msg(dev
[0])
2451 # --> EAP-GPSK: Message too short for MIC (left=0 miclen=16)
2452 msg
= resp
[0:4] + "0070" + resp
[8:12] + "0070" + resp
[16:232]
2453 tx_msg(dev
[0], hapd
, msg
)
2455 stop_gpsk_assoc(dev
[0], hapd
)
2457 start_gpsk_assoc(dev
[0], hapd
)
2458 resp
= rx_msg(dev
[0])
2459 # Extra data in the end of GPSK-2
2460 # --> EAP-GPSK: Ignored 1 bytes of extra data in the end of GPSK-2
2461 msg
= resp
[0:4] + "0081" + resp
[8:12] + "0081" + resp
[16:264] + "00"
2462 tx_msg(dev
[0], hapd
, msg
)
2463 proxy_msg(hapd
, dev
[0]) # GPSK-3
2464 resp
= rx_msg(dev
[0])
2466 # --> EAP-GPSK: Too short message for PD_Payload_1 length
2467 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "3304"
2468 tx_msg(dev
[0], hapd
, msg
)
2469 rx_msg(hapd
) # EAP-Failure
2470 stop_gpsk_assoc(dev
[0], hapd
)
2472 start_gpsk_assoc(dev
[0], hapd
)
2473 proxy_msg(dev
[0], hapd
) # GPSK-2
2474 proxy_msg(hapd
, dev
[0]) # GPSK-3
2475 resp
= rx_msg(dev
[0])
2477 # --> EAP-GPSK: Too short message for PD_Payload_1
2478 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "33040001"
2479 tx_msg(dev
[0], hapd
, msg
)
2480 rx_msg(hapd
) # EAP-Failure
2481 stop_gpsk_assoc(dev
[0], hapd
)
2483 start_gpsk_assoc(dev
[0], hapd
)
2484 proxy_msg(dev
[0], hapd
) # GPSK-2
2485 proxy_msg(hapd
, dev
[0]) # GPSK-3
2486 resp
= rx_msg(dev
[0])
2488 # --> EAP-GPSK: Message too short for MIC (left=0 miclen=16)
2489 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "33040000"
2490 tx_msg(dev
[0], hapd
, msg
)
2491 rx_msg(hapd
) # EAP-Failure
2492 stop_gpsk_assoc(dev
[0], hapd
)
2494 start_gpsk_assoc(dev
[0], hapd
)
2495 proxy_msg(dev
[0], hapd
) # GPSK-2
2496 proxy_msg(hapd
, dev
[0]) # GPSK-3
2497 resp
= rx_msg(dev
[0])
2498 # Incorrect MIC in GPSK-4
2499 # --> EAP-GPSK: Incorrect MIC in GPSK-4
2500 msg
= resp
[0:4] + "0018" + resp
[8:12] + "0018" + "33040000" + 16*"00"
2501 tx_msg(dev
[0], hapd
, msg
)
2502 rx_msg(hapd
) # EAP-Failure
2503 stop_gpsk_assoc(dev
[0], hapd
)
2505 start_gpsk_assoc(dev
[0], hapd
)
2506 proxy_msg(dev
[0], hapd
) # GPSK-2
2507 proxy_msg(hapd
, dev
[0]) # GPSK-3
2508 resp
= rx_msg(dev
[0])
2509 # Incorrect MIC in GPSK-4
2510 # --> EAP-GPSK: Ignored 1 bytes of extra data in the end of GPSK-4
2511 msg
= resp
[0:4] + "0019" + resp
[8:12] + "0019" + resp
[16:] + "00"
2512 tx_msg(dev
[0], hapd
, msg
)
2513 rx_msg(hapd
) # EAP-Success
2514 stop_gpsk_assoc(dev
[0], hapd
)
2521 def test_eap_proto_eke(dev
, apdev
):
2522 """EAP-EKE protocol tests"""
2523 def eke_handler(ctx
, req
):
2524 logger
.info("eke_handler - RX " + binascii
.hexlify(req
).decode())
2525 if 'num' not in ctx
:
2527 ctx
['num'] = ctx
['num'] + 1
2530 ctx
['id'] = (ctx
['id'] + 1) % 256
2535 if ctx
['num'] == idx
:
2536 logger
.info("Test: Missing payload")
2537 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
2542 if ctx
['num'] == idx
:
2543 logger
.info("Test: Unknown exchange")
2544 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2550 if ctx
['num'] == idx
:
2551 logger
.info("Test: No NumProposals in EAP-EKE-ID/Request")
2552 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
2557 if ctx
['num'] == idx
:
2558 logger
.info("Test: EAP-Failure")
2559 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2562 if ctx
['num'] == idx
:
2563 logger
.info("Test: NumProposals=0 in EAP-EKE-ID/Request")
2564 return struct
.pack(">BBHBBB", EAP_CODE_REQUEST
, ctx
['id'],
2570 if ctx
['num'] == idx
:
2571 logger
.info("Test: EAP-Failure")
2572 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2575 if ctx
['num'] == idx
:
2576 logger
.info("Test: Truncated Proposals list in EAP-EKE-ID/Request")
2577 return struct
.pack(">BBHBBBB4B", EAP_CODE_REQUEST
, ctx
['id'],
2583 if ctx
['num'] == idx
:
2584 logger
.info("Test: EAP-Failure")
2585 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2588 if ctx
['num'] == idx
:
2589 logger
.info("Test: Unsupported proposals in EAP-EKE-ID/Request")
2590 return struct
.pack(">BBHBBBB4B4B4B4B", EAP_CODE_REQUEST
, ctx
['id'],
2591 4 + 1 + 1 + 2 + 4 * 4,
2600 if ctx
['num'] == idx
:
2601 logger
.info("Test: EAP-Failure")
2602 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2605 if ctx
['num'] == idx
:
2606 logger
.info("Test: Missing IDType/Identity in EAP-EKE-ID/Request")
2607 return struct
.pack(">BBHBBBB4B4B4B4B4B",
2608 EAP_CODE_REQUEST
, ctx
['id'],
2609 4 + 1 + 1 + 2 + 5 * 4,
2619 if ctx
['num'] == idx
:
2620 logger
.info("Test: EAP-Failure")
2621 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2624 if ctx
['num'] == idx
:
2625 logger
.info("Test: Valid EAP-EKE-ID/Request")
2626 return struct
.pack(">BBHBBBB4BB",
2627 EAP_CODE_REQUEST
, ctx
['id'],
2628 4 + 1 + 1 + 2 + 4 + 1,
2635 if ctx
['num'] == idx
:
2636 logger
.info("Test: Unexpected EAP-EKE-ID/Request")
2637 return struct
.pack(">BBHBBBB4BB",
2638 EAP_CODE_REQUEST
, ctx
['id'],
2639 4 + 1 + 1 + 2 + 4 + 1,
2646 if ctx
['num'] == idx
:
2647 logger
.info("Test: EAP-Failure")
2648 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2651 if ctx
['num'] == idx
:
2652 logger
.info("Test: Valid EAP-EKE-ID/Request")
2653 return struct
.pack(">BBHBBBB4BB",
2654 EAP_CODE_REQUEST
, ctx
['id'],
2655 4 + 1 + 1 + 2 + 4 + 1,
2662 if ctx
['num'] == idx
:
2663 logger
.info("Test: Unexpected EAP-EKE-Confirm/Request")
2664 return struct
.pack(">BBHBB",
2665 EAP_CODE_REQUEST
, ctx
['id'],
2670 if ctx
['num'] == idx
:
2671 logger
.info("Test: EAP-Failure")
2672 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2675 if ctx
['num'] == idx
:
2676 logger
.info("Test: Too short EAP-EKE-Failure/Request")
2677 return struct
.pack(">BBHBB",
2678 EAP_CODE_REQUEST
, ctx
['id'],
2683 if ctx
['num'] == idx
:
2684 logger
.info("Test: EAP-Failure")
2685 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2688 if ctx
['num'] == idx
:
2689 logger
.info("Test: Unexpected EAP-EKE-Commit/Request")
2690 return struct
.pack(">BBHBB",
2691 EAP_CODE_REQUEST
, ctx
['id'],
2696 if ctx
['num'] == idx
:
2697 logger
.info("Test: EAP-Failure")
2698 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2701 if ctx
['num'] == idx
:
2702 logger
.info("Test: Valid EAP-EKE-ID/Request")
2703 return struct
.pack(">BBHBBBB4BB",
2704 EAP_CODE_REQUEST
, ctx
['id'],
2705 4 + 1 + 1 + 2 + 4 + 1,
2712 if ctx
['num'] == idx
:
2713 logger
.info("Test: Too short EAP-EKE-Commit/Request")
2714 return struct
.pack(">BBHBB",
2715 EAP_CODE_REQUEST
, ctx
['id'],
2720 if ctx
['num'] == idx
:
2721 logger
.info("Test: EAP-Failure")
2722 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2725 if ctx
['num'] == idx
:
2726 logger
.info("Test: Valid EAP-EKE-ID/Request")
2727 return struct
.pack(">BBHBBBB4BB",
2728 EAP_CODE_REQUEST
, ctx
['id'],
2729 4 + 1 + 1 + 2 + 4 + 1,
2736 if ctx
['num'] == idx
:
2737 logger
.info("Test: All zeroes DHComponent_S and empty CBvalue in EAP-EKE-Commit/Request")
2738 return struct
.pack(">BBHBB4L32L",
2739 EAP_CODE_REQUEST
, ctx
['id'],
2740 4 + 1 + 1 + 16 + 128,
2744 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
2745 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)
2747 if ctx
['num'] == idx
:
2748 logger
.info("Test: Too short EAP-EKE-Confirm/Request")
2749 return struct
.pack(">BBHBB",
2750 EAP_CODE_REQUEST
, ctx
['id'],
2755 if ctx
['num'] == idx
:
2756 logger
.info("Test: EAP-Failure")
2757 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2760 if ctx
['num'] == idx
:
2761 logger
.info("Test: Valid EAP-EKE-ID/Request")
2762 return struct
.pack(">BBHBBBB4BB",
2763 EAP_CODE_REQUEST
, ctx
['id'],
2764 4 + 1 + 1 + 2 + 4 + 1,
2771 if ctx
['num'] == idx
:
2772 logger
.info("Test: All zeroes DHComponent_S and empty CBvalue in EAP-EKE-Commit/Request")
2773 return struct
.pack(">BBHBB4L32L",
2774 EAP_CODE_REQUEST
, ctx
['id'],
2775 4 + 1 + 1 + 16 + 128,
2779 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
2780 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0)
2782 if ctx
['num'] == idx
:
2783 logger
.info("Test: Invalid PNonce_PS and Auth_S values in EAP-EKE-Confirm/Request")
2784 return struct
.pack(">BBHBB4L8L5L5L",
2785 EAP_CODE_REQUEST
, ctx
['id'],
2786 4 + 1 + 1 + 16 + 2 * 16 + 20 + 20,
2790 0, 0, 0, 0, 0, 0, 0, 0,
2794 if ctx
['num'] == idx
:
2795 logger
.info("Test: EAP-Failure")
2796 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
2800 srv
= start_radius_server(eke_handler
)
2803 hapd
= start_ap(apdev
[0])
2804 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
2806 for i
in range(0, 14):
2807 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
2808 eap
="EKE", identity
="user", password
="password",
2810 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
2813 raise Exception("Timeout on EAP start")
2814 if i
in [2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13]:
2815 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
2818 raise Exception("Timeout on EAP failure")
2821 dev
[0].request("REMOVE_NETWORK all")
2822 dev
[0].dump_monitor()
2824 stop_radius_server(srv
)
2826 def eap_eke_test_fail(dev
, phase1
=None, success
=False):
2827 dev
.connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
2828 eap
="EKE", identity
="eke user@domain", password
="hello",
2829 phase1
=phase1
, erp
="1", wait_connect
=False)
2830 ev
= dev
.wait_event(["CTRL-EVENT-EAP-FAILURE",
2831 "CTRL-EVENT-EAP-SUCCESS"], timeout
=5)
2833 raise Exception("Timeout on EAP failure")
2834 if not success
and "CTRL-EVENT-EAP-FAILURE" not in ev
:
2835 raise Exception("EAP did not fail during failure test")
2836 dev
.request("REMOVE_NETWORK all")
2837 dev
.wait_disconnected()
2839 def test_eap_proto_eke_errors(dev
, apdev
):
2840 """EAP-EKE local error cases"""
2841 check_eap_capa(dev
[0], "EKE")
2842 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
2843 hapd
= hostapd
.add_ap(apdev
[0], params
)
2844 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
2846 for i
in range(1, 3):
2847 with
alloc_fail(dev
[0], i
, "eap_eke_init"):
2848 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
2849 eap
="EKE", identity
="eke user", password
="hello",
2851 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
2854 raise Exception("Timeout on EAP start")
2855 dev
[0].request("REMOVE_NETWORK all")
2856 dev
[0].wait_disconnected()
2858 tests
= [(1, "eap_eke_dh_init", None),
2859 (1, "eap_eke_prf_hmac_sha1", "dhgroup=3 encr=1 prf=1 mac=1"),
2860 (1, "eap_eke_prf_hmac_sha256", "dhgroup=5 encr=1 prf=2 mac=2"),
2861 (1, "eap_eke_prf", None),
2862 (1, "os_get_random;eap_eke_dhcomp", None),
2863 (1, "aes_128_cbc_encrypt;eap_eke_dhcomp", None),
2864 (1, "aes_128_cbc_decrypt;eap_eke_shared_secret", None),
2865 (1, "eap_eke_prf;eap_eke_shared_secret", None),
2866 (1, "eap_eke_prfplus;eap_eke_derive_ke_ki", None),
2867 (1, "eap_eke_prfplus;eap_eke_derive_ka", None),
2868 (1, "eap_eke_prfplus;eap_eke_derive_msk", None),
2869 (1, "os_get_random;eap_eke_prot", None),
2870 (1, "aes_128_cbc_decrypt;eap_eke_decrypt_prot", None),
2871 (1, "eap_eke_derive_key;eap_eke_process_commit", None),
2872 (1, "eap_eke_dh_init;eap_eke_process_commit", None),
2873 (1, "eap_eke_shared_secret;eap_eke_process_commit", None),
2874 (1, "eap_eke_derive_ke_ki;eap_eke_process_commit", None),
2875 (1, "eap_eke_dhcomp;eap_eke_process_commit", None),
2876 (1, "os_get_random;eap_eke_process_commit", None),
2877 (1, "os_get_random;=eap_eke_process_commit", None),
2878 (1, "eap_eke_prot;eap_eke_process_commit", None),
2879 (1, "eap_eke_decrypt_prot;eap_eke_process_confirm", None),
2880 (1, "eap_eke_derive_ka;eap_eke_process_confirm", None),
2881 (1, "eap_eke_auth;eap_eke_process_confirm", None),
2882 (2, "eap_eke_auth;eap_eke_process_confirm", None),
2883 (1, "eap_eke_prot;eap_eke_process_confirm", None),
2884 (1, "eap_eke_derive_msk;eap_eke_process_confirm", None)]
2885 for count
, func
, phase1
in tests
:
2886 with
fail_test(dev
[0], count
, func
):
2887 eap_eke_test_fail(dev
[0], phase1
)
2889 tests
= [(1, "=eap_eke_derive_ke_ki", None),
2890 (1, "=eap_eke_derive_ka", None),
2891 (1, "=eap_eke_derive_msk", None),
2892 (1, "eap_eke_build_msg;eap_eke_process_id", None),
2893 (1, "wpabuf_alloc;eap_eke_process_id", None),
2894 (1, "=eap_eke_process_id", None),
2895 (1, "wpabuf_alloc;=eap_eke_process_id", None),
2896 (1, "wpabuf_alloc;eap_eke_process_id", None),
2897 (1, "eap_eke_build_msg;eap_eke_process_commit", None),
2898 (1, "wpabuf_resize;eap_eke_process_commit", None),
2899 (1, "eap_eke_build_msg;eap_eke_process_confirm", None)]
2900 for count
, func
, phase1
in tests
:
2901 with
alloc_fail(dev
[0], count
, func
):
2902 eap_eke_test_fail(dev
[0], phase1
)
2904 tests
= [(1, "eap_eke_getKey", None),
2905 (1, "eap_eke_get_emsk", None),
2906 (1, "eap_eke_get_session_id", None)]
2907 for count
, func
, phase1
in tests
:
2908 with
alloc_fail(dev
[0], count
, func
):
2909 eap_eke_test_fail(dev
[0], phase1
, success
=True)
2911 EAP_PAX_OP_STD_1
= 0x01
2912 EAP_PAX_OP_STD_2
= 0x02
2913 EAP_PAX_OP_STD_3
= 0x03
2914 EAP_PAX_OP_SEC_1
= 0x11
2915 EAP_PAX_OP_SEC_2
= 0x12
2916 EAP_PAX_OP_SEC_3
= 0x13
2917 EAP_PAX_OP_SEC_4
= 0x14
2918 EAP_PAX_OP_SEC_5
= 0x15
2919 EAP_PAX_OP_ACK
= 0x21
2921 EAP_PAX_FLAGS_MF
= 0x01
2922 EAP_PAX_FLAGS_CE
= 0x02
2923 EAP_PAX_FLAGS_AI
= 0x04
2925 EAP_PAX_MAC_HMAC_SHA1_128
= 0x01
2926 EAP_PAX_HMAC_SHA256_128
= 0x02
2928 EAP_PAX_DH_GROUP_NONE
= 0x00
2929 EAP_PAX_DH_GROUP_2048_MODP
= 0x01
2930 EAP_PAX_DH_GROUP_3072_MODP
= 0x02
2931 EAP_PAX_DH_GROUP_NIST_ECC_P_256
= 0x03
2933 EAP_PAX_PUBLIC_KEY_NONE
= 0x00
2934 EAP_PAX_PUBLIC_KEY_RSAES_OAEP
= 0x01
2935 EAP_PAX_PUBLIC_KEY_RSA_PKCS1_V1_5
= 0x02
2936 EAP_PAX_PUBLIC_KEY_EL_GAMAL_NIST_ECC
= 0x03
2938 EAP_PAX_ADE_VENDOR_SPECIFIC
= 0x01
2939 EAP_PAX_ADE_CLIENT_CHANNEL_BINDING
= 0x02
2940 EAP_PAX_ADE_SERVER_CHANNEL_BINDING
= 0x03
2942 def test_eap_proto_pax(dev
, apdev
):
2943 """EAP-PAX protocol tests"""
2945 logger
.info("Test: STD-1")
2947 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
2948 4 + 1 + 5 + 2 + 32 + 16,
2950 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
2951 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
2952 32, 0, 0, 0, 0, 0, 0, 0, 0,
2953 0x16, 0xc9, 0x08, 0x9d, 0x98, 0xa5, 0x6e, 0x1f,
2954 0xf0, 0xac, 0xcf, 0xc4, 0x66, 0xcd, 0x2d, 0xbf)
2956 def pax_handler(ctx
, req
):
2957 logger
.info("pax_handler - RX " + binascii
.hexlify(req
).decode())
2958 if 'num' not in ctx
:
2960 ctx
['num'] = ctx
['num'] + 1
2963 ctx
['id'] = (ctx
['id'] + 1) % 256
2968 if ctx
['num'] == idx
:
2969 logger
.info("Test: Missing payload")
2970 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
2975 if ctx
['num'] == idx
:
2976 logger
.info("Test: Minimum length payload")
2977 return struct
.pack(">BBHB4L", EAP_CODE_REQUEST
, ctx
['id'],
2983 if ctx
['num'] == idx
:
2984 logger
.info("Test: Unsupported MAC ID")
2985 return struct
.pack(">BBHBBBBBB4L", EAP_CODE_REQUEST
, ctx
['id'],
2988 EAP_PAX_OP_STD_1
, 0, 255, EAP_PAX_DH_GROUP_NONE
,
2989 EAP_PAX_PUBLIC_KEY_NONE
,
2993 if ctx
['num'] == idx
:
2994 logger
.info("Test: Unsupported DH Group ID")
2995 return struct
.pack(">BBHBBBBBB4L", EAP_CODE_REQUEST
, ctx
['id'],
2998 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
2999 255, EAP_PAX_PUBLIC_KEY_NONE
,
3003 if ctx
['num'] == idx
:
3004 logger
.info("Test: Unsupported Public Key ID")
3005 return struct
.pack(">BBHBBBBBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3008 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3009 EAP_PAX_DH_GROUP_NONE
, 255,
3013 if ctx
['num'] == idx
:
3014 logger
.info("Test: More fragments")
3015 return struct
.pack(">BBHBBBBBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3018 EAP_PAX_OP_STD_1
, EAP_PAX_FLAGS_MF
,
3019 EAP_PAX_MAC_HMAC_SHA1_128
,
3020 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3024 if ctx
['num'] == idx
:
3025 logger
.info("Test: Invalid ICV")
3026 return struct
.pack(">BBHBBBBBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3029 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3030 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3034 if ctx
['num'] == idx
:
3035 logger
.info("Test: Invalid ICV in short frame")
3036 return struct
.pack(">BBHBBBBBB3L", EAP_CODE_REQUEST
, ctx
['id'],
3039 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3040 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3044 if ctx
['num'] == idx
:
3045 logger
.info("Test: Correct ICV - unsupported op_code")
3047 return struct
.pack(">BBHBBBBBB16B", EAP_CODE_REQUEST
, ctx
['id'],
3050 255, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3051 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3052 0x90, 0x78, 0x97, 0x38, 0x29, 0x94, 0x32, 0xd4,
3053 0x81, 0x27, 0xe0, 0xf6, 0x3b, 0x0d, 0xb2, 0xb2)
3056 if ctx
['num'] == idx
:
3057 logger
.info("Test: Correct ICV - CE flag in STD-1")
3059 return struct
.pack(">BBHBBBBBB16B", EAP_CODE_REQUEST
, ctx
['id'],
3062 EAP_PAX_OP_STD_1
, EAP_PAX_FLAGS_CE
,
3063 EAP_PAX_MAC_HMAC_SHA1_128
,
3064 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3065 0x9c, 0x98, 0xb4, 0x0b, 0x94, 0x90, 0xde, 0x88,
3066 0xb7, 0x72, 0x63, 0x44, 0x1d, 0xe3, 0x7c, 0x5c)
3069 if ctx
['num'] == idx
:
3070 logger
.info("Test: Correct ICV - too short STD-1 payload")
3072 return struct
.pack(">BBHBBBBBB16B", EAP_CODE_REQUEST
, ctx
['id'],
3075 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3076 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3077 0xda, 0xab, 0x2c, 0xe7, 0x84, 0x41, 0xb5, 0x5c,
3078 0xee, 0xcf, 0x62, 0x03, 0xc5, 0x69, 0xcb, 0xf4)
3081 if ctx
['num'] == idx
:
3082 logger
.info("Test: Correct ICV - incorrect A length in STD-1")
3084 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3085 4 + 1 + 5 + 2 + 32 + 16,
3087 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3088 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3089 0, 0, 0, 0, 0, 0, 0, 0, 0,
3090 0xc4, 0xb0, 0x81, 0xe4, 0x6c, 0x8c, 0x20, 0x23,
3091 0x60, 0x46, 0x89, 0xea, 0x94, 0x60, 0xf3, 0x2a)
3094 if ctx
['num'] == idx
:
3095 logger
.info("Test: Correct ICV - extra data in STD-1")
3097 return struct
.pack(">BBHBBBBBBH8LB16B", EAP_CODE_REQUEST
, ctx
['id'],
3098 4 + 1 + 5 + 2 + 32 + 1 + 16,
3100 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3101 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3102 32, 0, 0, 0, 0, 0, 0, 0, 0,
3104 0x61, 0x49, 0x65, 0x37, 0x21, 0xe8, 0xd8, 0xbf,
3105 0xf3, 0x02, 0x01, 0xe5, 0x42, 0x51, 0xd3, 0x34)
3107 if ctx
['num'] == idx
:
3108 logger
.info("Test: Unexpected STD-1")
3109 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3110 4 + 1 + 5 + 2 + 32 + 16,
3112 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3113 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3114 32, 0, 0, 0, 0, 0, 0, 0, 0,
3115 0xe5, 0x1d, 0xbf, 0xb8, 0x70, 0x20, 0x5c, 0xba,
3116 0x41, 0xbb, 0x34, 0xda, 0x1a, 0x08, 0xe6, 0x8d)
3119 if ctx
['num'] == idx
:
3120 return pax_std_1(ctx
)
3122 if ctx
['num'] == idx
:
3123 logger
.info("Test: MAC ID changed during session")
3124 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3125 4 + 1 + 5 + 2 + 32 + 16,
3127 EAP_PAX_OP_STD_1
, 0, EAP_PAX_HMAC_SHA256_128
,
3128 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3129 32, 0, 0, 0, 0, 0, 0, 0, 0,
3130 0xee, 0x00, 0xbf, 0xb8, 0x70, 0x20, 0x5c, 0xba,
3131 0x41, 0xbb, 0x34, 0xda, 0x1a, 0x08, 0xe6, 0x8d)
3134 if ctx
['num'] == idx
:
3135 return pax_std_1(ctx
)
3137 if ctx
['num'] == idx
:
3138 logger
.info("Test: DH Group ID changed during session")
3139 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3140 4 + 1 + 5 + 2 + 32 + 16,
3142 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3143 EAP_PAX_DH_GROUP_2048_MODP
,
3144 EAP_PAX_PUBLIC_KEY_NONE
,
3145 32, 0, 0, 0, 0, 0, 0, 0, 0,
3146 0xee, 0x01, 0xbf, 0xb8, 0x70, 0x20, 0x5c, 0xba,
3147 0x41, 0xbb, 0x34, 0xda, 0x1a, 0x08, 0xe6, 0x8d)
3150 if ctx
['num'] == idx
:
3151 return pax_std_1(ctx
)
3153 if ctx
['num'] == idx
:
3154 logger
.info("Test: Public Key ID changed during session")
3155 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3156 4 + 1 + 5 + 2 + 32 + 16,
3158 EAP_PAX_OP_STD_1
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3159 EAP_PAX_DH_GROUP_NONE
,
3160 EAP_PAX_PUBLIC_KEY_RSAES_OAEP
,
3161 32, 0, 0, 0, 0, 0, 0, 0, 0,
3162 0xee, 0x02, 0xbf, 0xb8, 0x70, 0x20, 0x5c, 0xba,
3163 0x41, 0xbb, 0x34, 0xda, 0x1a, 0x08, 0xe6, 0x8d)
3166 if ctx
['num'] == idx
:
3167 logger
.info("Test: Unexpected STD-3")
3169 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3170 4 + 1 + 5 + 2 + 32 + 16,
3172 EAP_PAX_OP_STD_3
, 0, EAP_PAX_MAC_HMAC_SHA1_128
,
3173 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3174 32, 0, 0, 0, 0, 0, 0, 0, 0,
3175 0x47, 0xbb, 0xc0, 0xf9, 0xb9, 0x69, 0xf5, 0xcb,
3176 0x3a, 0xe8, 0xe7, 0xd6, 0x80, 0x28, 0xf2, 0x59)
3179 if ctx
['num'] == idx
:
3180 return pax_std_1(ctx
)
3182 if ctx
['num'] == idx
:
3183 # TODO: MAC calculation; for now, this gets dropped due to incorrect
3185 logger
.info("Test: STD-3 with CE flag")
3186 return struct
.pack(">BBHBBBBBBH8L16B", EAP_CODE_REQUEST
, ctx
['id'],
3187 4 + 1 + 5 + 2 + 32 + 16,
3189 EAP_PAX_OP_STD_3
, EAP_PAX_FLAGS_CE
,
3190 EAP_PAX_MAC_HMAC_SHA1_128
,
3191 EAP_PAX_DH_GROUP_NONE
, EAP_PAX_PUBLIC_KEY_NONE
,
3192 32, 0, 0, 0, 0, 0, 0, 0, 0,
3193 0x8a, 0xc2, 0xf9, 0xf4, 0x8b, 0x75, 0x72, 0xa2,
3194 0x4d, 0xd3, 0x1e, 0x54, 0x77, 0x04, 0x05, 0xe2)
3197 if ctx
['num'] & 0x1 == idx
& 0x1:
3198 logger
.info("Test: Default request")
3199 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
3203 logger
.info("Test: Default EAP-Failure")
3204 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3206 srv
= start_radius_server(pax_handler
)
3209 hapd
= start_ap(apdev
[0])
3210 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3212 for i
in range(0, 18):
3213 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3214 eap
="PAX", identity
="user",
3215 password_hex
="0123456789abcdef0123456789abcdef",
3217 logger
.info("Waiting for EAP method to start")
3218 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
3221 raise Exception("Timeout on EAP start")
3223 dev
[0].request("REMOVE_NETWORK all")
3224 dev
[0].dump_monitor()
3226 logger
.info("Too short password")
3227 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3228 eap
="PAX", identity
="user",
3229 password_hex
="0123456789abcdef0123456789abcd",
3231 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
3233 raise Exception("Timeout on EAP start")
3235 dev
[0].request("REMOVE_NETWORK all")
3236 dev
[0].dump_monitor()
3238 logger
.info("No password")
3239 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3240 eap
="PAX", identity
="user",
3242 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
3244 raise Exception("Timeout on EAP start")
3246 dev
[0].request("REMOVE_NETWORK all")
3247 dev
[0].dump_monitor()
3249 stop_radius_server(srv
)
3251 def test_eap_proto_pax_errors(dev
, apdev
):
3252 """EAP-PAX local error cases"""
3253 check_eap_capa(dev
[0], "PAX")
3254 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
3255 hapd
= hostapd
.add_ap(apdev
[0], params
)
3256 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3258 for i
in range(1, 3):
3259 with
alloc_fail(dev
[0], i
, "eap_pax_init"):
3260 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3261 eap
="PAX", identity
="pax.user@example.com",
3262 password_hex
="0123456789abcdef0123456789abcdef",
3264 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
3267 raise Exception("Timeout on EAP start")
3268 dev
[0].request("REMOVE_NETWORK all")
3269 dev
[0].wait_disconnected()
3271 tests
= ["eap_msg_alloc;eap_pax_alloc_resp;eap_pax_process_std_1",
3272 "eap_msg_alloc;eap_pax_alloc_resp;eap_pax_process_std_3",
3275 "eap_pax_get_session_id"]
3277 with
alloc_fail(dev
[0], 1, func
):
3278 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3279 eap
="PAX", identity
="pax.user@example.com",
3280 password_hex
="0123456789abcdef0123456789abcdef",
3281 erp
="1", wait_connect
=False)
3282 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
3283 dev
[0].request("REMOVE_NETWORK all")
3284 dev
[0].wait_disconnected()
3286 tests
= [(1, "os_get_random;eap_pax_process_std_1"),
3287 (1, "eap_pax_initial_key_derivation"),
3288 (1, "eap_pax_mac;eap_pax_process_std_3"),
3289 (2, "eap_pax_mac;eap_pax_process_std_3"),
3290 (1, "eap_pax_kdf;eap_pax_getKey"),
3291 (1, "eap_pax_kdf;eap_pax_get_emsk")]
3292 for count
, func
in tests
:
3293 with
fail_test(dev
[0], count
, func
):
3294 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3295 eap
="PAX", identity
="pax.user@example.com",
3296 password_hex
="0123456789abcdef0123456789abcdef",
3297 erp
="1", wait_connect
=False)
3298 wait_fail_trigger(dev
[0], "GET_FAIL")
3299 dev
[0].request("REMOVE_NETWORK all")
3300 dev
[0].wait_disconnected()
3302 def run_eap_pax_connect(dev
):
3303 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
3304 eap
="PAX", identity
="pax.user@example.com",
3305 password_hex
="0123456789abcdef0123456789abcdef",
3307 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
3308 "CTRL-EVENT-DISCONNECTED"],
3310 dev
.request("REMOVE_NETWORK all")
3311 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
3312 dev
.wait_disconnected()
3315 def test_eap_proto_pax_errors_server(dev
, apdev
):
3316 """EAP-PAX local error cases on server"""
3317 check_eap_capa(dev
[0], "PAX")
3318 params
= int_eap_server_params()
3319 params
['erp_domain'] = 'example.com'
3320 params
['eap_server_erp'] = '1'
3321 hapd
= hostapd
.add_ap(apdev
[0], params
)
3322 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3324 tests
= [(1, "eap_pax_init"),
3325 (1, "eap_msg_alloc;eap_pax_build_std_1"),
3326 (1, "eap_msg_alloc;eap_pax_build_std_3"),
3327 (1, "=eap_pax_process_std_2"),
3328 (1, "eap_pax_getKey"),
3329 (1, "eap_pax_get_emsk"),
3330 (1, "eap_pax_get_session_id")]
3331 for count
, func
in tests
:
3332 with
alloc_fail(hapd
, count
, func
):
3333 run_eap_pax_connect(dev
[0])
3335 tests
= [(1, "os_get_random;eap_pax_build_std_1"),
3336 (1, "eap_pax_mac;eap_pax_build_std_1"),
3337 (1, "eap_pax_mac;eap_pax_build_std_3"),
3338 (2, "eap_pax_mac;=eap_pax_build_std_3"),
3339 (1, "eap_pax_initial_key_derivation;eap_pax_process_std_2"),
3340 (1, "eap_pax_mac;eap_pax_process_std_2"),
3341 (2, "eap_pax_mac;=eap_pax_process_std_2"),
3342 (1, "eap_pax_mac;eap_pax_check")]
3343 for count
, func
in tests
:
3344 with
fail_test(hapd
, count
, func
):
3345 run_eap_pax_connect(dev
[0])
3347 def start_pax_assoc(dev
, hapd
):
3348 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
3349 eap
="PAX", identity
="pax.user@example.com",
3350 password_hex
="0123456789abcdef0123456789abcdef",
3352 proxy_msg(hapd
, dev
) # EAP-Identity/Request
3353 proxy_msg(dev
, hapd
) # EAP-Identity/Response
3354 proxy_msg(hapd
, dev
) # PAX_STD-1
3356 def stop_pax_assoc(dev
, hapd
):
3357 dev
.request("REMOVE_NETWORK all")
3358 dev
.wait_disconnected()
3362 def test_eap_proto_pax_server(dev
, apdev
):
3363 """EAP-PAX protocol testing for the server"""
3364 check_eap_capa(dev
[0], "PAX")
3365 params
= int_eap_server_params()
3366 params
['erp_domain'] = 'example.com'
3367 params
['eap_server_erp'] = '1'
3368 hapd
= hostapd
.add_ap(apdev
[0], params
)
3369 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3370 hapd
.request("SET ext_eapol_frame_io 1")
3371 dev
[0].request("SET ext_eapol_frame_io 1")
3373 # Successful exchange to verify proxying mechanism
3374 start_pax_assoc(dev
[0], hapd
)
3375 proxy_msg(dev
[0], hapd
) # PAX_STD-2
3376 proxy_msg(hapd
, dev
[0]) # PAX_STD-3
3377 proxy_msg(dev
[0], hapd
) # PAX-ACK
3378 proxy_msg(hapd
, dev
[0]) # EAP-Success
3379 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 1/4
3380 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 2/4
3381 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 3/4
3382 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 4/4
3383 dev
[0].wait_connected()
3384 stop_pax_assoc(dev
[0], hapd
)
3386 start_pax_assoc(dev
[0], hapd
)
3387 resp
= rx_msg(dev
[0])
3388 # Too short EAP-PAX header (no OP-Code)
3389 hapd
.note("EAP-PAX: Invalid frame")
3390 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "2e"
3391 tx_msg(dev
[0], hapd
, msg
)
3392 # Too short EAP-PAX message (no payload)
3393 hapd
.note("EAP-PAX: Invalid frame")
3394 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "2e1100000000"
3395 tx_msg(dev
[0], hapd
, msg
)
3396 # Unexpected PAX_SEC-2
3397 hapd
.note("EAP-PAX: Expected PAX_STD-2 - ignore op 17")
3398 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e1100000000" + 16*"00"
3399 tx_msg(dev
[0], hapd
, msg
)
3401 hapd
.note("EAP-PAX: Expected MAC ID 0x1, received 0xff")
3402 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e0200ff0000" + 16*"00"
3403 tx_msg(dev
[0], hapd
, msg
)
3404 # Unexpected DH Group ID
3405 hapd
.note("EAP-PAX: Expected DH Group ID 0x0, received 0xff")
3406 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e020001ff00" + 16*"00"
3407 tx_msg(dev
[0], hapd
, msg
)
3408 # Unexpected Public Key ID
3409 hapd
.note("EAP-PAX: Expected Public Key ID 0x0, received 0xff")
3410 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e02000100ff" + 16*"00"
3411 tx_msg(dev
[0], hapd
, msg
)
3412 # Unsupported Flags - MF
3413 hapd
.note("EAP-PAX: fragmentation not supported")
3414 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e0201010000" + 16*"00"
3415 tx_msg(dev
[0], hapd
, msg
)
3416 # Unsupported Flags - CE
3417 hapd
.note("EAP-PAX: Unexpected CE flag")
3418 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e0202010000" + 16*"00"
3419 tx_msg(dev
[0], hapd
, msg
)
3420 # Too short Payload in PAX_STD-2
3421 hapd
.note("EAP-PAX: Too short PAX_STD-2 (B)")
3422 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e0200010000" + 16*"00"
3423 tx_msg(dev
[0], hapd
, msg
)
3425 stop_pax_assoc(dev
[0], hapd
)
3427 start_pax_assoc(dev
[0], hapd
)
3428 resp
= rx_msg(dev
[0])
3429 # Too short Payload in PAX_STD-2
3430 hapd
.note("EAP-PAX: Too short PAX_STD-2 (CID)")
3431 msg
= resp
[0:4] + "002c" + resp
[8:12] + "002c" + "2e0200010000" + "0020" + 32*"00"
3432 tx_msg(dev
[0], hapd
, msg
)
3434 stop_pax_assoc(dev
[0], hapd
)
3436 start_pax_assoc(dev
[0], hapd
)
3437 resp
= rx_msg(dev
[0])
3438 # Too short Payload in PAX_STD-2
3439 hapd
.note("EAP-PAX: Too short PAX_STD-2 (CID)")
3440 msg
= resp
[0:4] + "002e" + resp
[8:12] + "002e" + "2e0200010000" + "0020" + 32*"00" + "ffff"
3441 tx_msg(dev
[0], hapd
, msg
)
3443 stop_pax_assoc(dev
[0], hapd
)
3445 start_pax_assoc(dev
[0], hapd
)
3446 resp
= rx_msg(dev
[0])
3447 # Too long CID in PAX_STD-2
3448 hapd
.note("EAP-PAX: Too long CID")
3449 msg
= resp
[0:4] + "062e" + resp
[8:12] + "062e" + "2e0200010000" + "0020" + 32*"00" + "0600" + 1536*"00"
3450 tx_msg(dev
[0], hapd
, msg
)
3452 stop_pax_assoc(dev
[0], hapd
)
3454 start_pax_assoc(dev
[0], hapd
)
3455 resp
= rx_msg(dev
[0])
3456 # Too short Payload in PAX_STD-2
3457 hapd
.note("EAP-PAX: Too short PAX_STD-2 (MAC_CK)")
3458 msg
= resp
[0:4] + "003c" + resp
[8:12] + "003c" + "2e0200010000" + "0020" + 32*"00" + 16*"00"
3459 tx_msg(dev
[0], hapd
, msg
)
3461 stop_pax_assoc(dev
[0], hapd
)
3463 start_pax_assoc(dev
[0], hapd
)
3464 resp
= rx_msg(dev
[0])
3465 # Unknown CID for PAX
3466 hapd
.note("EAP-PAX: EAP-PAX not enabled for CID")
3467 msg
= resp
[0:4] + "0041" + resp
[8:12] + "0041" + "2e0200010000" + "0020" + 32*"00" + "0001" + "00" + "0010" + 16*"00"
3468 tx_msg(dev
[0], hapd
, msg
)
3470 stop_pax_assoc(dev
[0], hapd
)
3472 start_pax_assoc(dev
[0], hapd
)
3473 resp
= rx_msg(dev
[0])
3475 hapd
.note("EAP-PAX: Too short ICV (15) in PAX_STD-2")
3476 msg
= resp
[0:4] + "0063" + resp
[8:12] + "0063" + resp
[16:206]
3477 tx_msg(dev
[0], hapd
, msg
)
3479 stop_pax_assoc(dev
[0], hapd
)
3481 start_pax_assoc(dev
[0], hapd
)
3482 proxy_msg(dev
[0], hapd
) # PAX_STD-2
3483 proxy_msg(hapd
, dev
[0]) # PAX_STD-3
3484 resp
= rx_msg(dev
[0])
3485 # Unexpected PAX_STD-2
3486 hapd
.note("EAP-PAX: Expected PAX-ACK - ignore op 1")
3487 msg
= resp
[0:4] + "001a" + resp
[8:12] + "001a" + "2e0100000000" + 16*"00"
3488 tx_msg(dev
[0], hapd
, msg
)
3489 stop_pax_assoc(dev
[0], hapd
)
3491 def test_eap_proto_psk(dev
, apdev
):
3492 """EAP-PSK protocol tests"""
3493 def psk_handler(ctx
, req
):
3494 logger
.info("psk_handler - RX " + binascii
.hexlify(req
).decode())
3495 if 'num' not in ctx
:
3497 ctx
['num'] = ctx
['num'] + 1
3500 ctx
['id'] = (ctx
['id'] + 1) % 256
3505 if ctx
['num'] == idx
:
3506 logger
.info("Test: Missing payload")
3507 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
3512 if ctx
['num'] == idx
:
3513 logger
.info("Test: Non-zero T in first message")
3514 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3516 EAP_TYPE_PSK
, 0xc0, 0, 0, 0, 0)
3519 if ctx
['num'] == idx
:
3520 logger
.info("Test: Valid first message")
3521 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3523 EAP_TYPE_PSK
, 0, 0, 0, 0, 0)
3525 if ctx
['num'] == idx
:
3526 logger
.info("Test: Too short third message")
3527 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
3532 if ctx
['num'] == idx
:
3533 logger
.info("Test: Valid first message")
3534 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3536 EAP_TYPE_PSK
, 0, 0, 0, 0, 0)
3538 if ctx
['num'] == idx
:
3539 logger
.info("Test: Incorrect T in third message")
3540 return struct
.pack(">BBHBB4L4L", EAP_CODE_REQUEST
, ctx
['id'],
3541 4 + 1 + 1 + 16 + 16,
3542 EAP_TYPE_PSK
, 0, 0, 0, 0, 0, 0, 0, 0, 0)
3545 if ctx
['num'] == idx
:
3546 logger
.info("Test: Valid first message")
3547 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3549 EAP_TYPE_PSK
, 0, 0, 0, 0, 0)
3551 if ctx
['num'] == idx
:
3552 logger
.info("Test: Missing PCHANNEL in third message")
3553 return struct
.pack(">BBHBB4L4L", EAP_CODE_REQUEST
, ctx
['id'],
3554 4 + 1 + 1 + 16 + 16,
3555 EAP_TYPE_PSK
, 0x80, 0, 0, 0, 0, 0, 0, 0, 0)
3558 if ctx
['num'] == idx
:
3559 logger
.info("Test: Valid first message")
3560 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3562 EAP_TYPE_PSK
, 0, 0, 0, 0, 0)
3564 if ctx
['num'] == idx
:
3565 logger
.info("Test: Invalic MAC_S in third message")
3566 return struct
.pack(">BBHBB4L4L5LB", EAP_CODE_REQUEST
, ctx
['id'],
3567 4 + 1 + 1 + 16 + 16 + 21,
3568 EAP_TYPE_PSK
, 0x80, 0, 0, 0, 0, 0, 0, 0, 0,
3572 if ctx
['num'] == idx
:
3573 logger
.info("Test: Valid first message")
3574 return struct
.pack(">BBHBB4L", EAP_CODE_REQUEST
, ctx
['id'],
3576 EAP_TYPE_PSK
, 0, 0, 0, 0, 0)
3578 if ctx
['num'] == idx
:
3579 logger
.info("Test: EAP-Failure")
3580 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3584 srv
= start_radius_server(psk_handler
)
3587 hapd
= start_ap(apdev
[0])
3588 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3590 for i
in range(0, 6):
3591 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3592 eap
="PSK", identity
="user",
3593 password_hex
="0123456789abcdef0123456789abcdef",
3595 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
3598 raise Exception("Timeout on EAP start")
3600 dev
[0].request("REMOVE_NETWORK all")
3602 logger
.info("Test: Invalid PSK length")
3603 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3604 eap
="PSK", identity
="user",
3605 password_hex
="0123456789abcdef0123456789abcd",
3607 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
3610 raise Exception("Timeout on EAP start")
3612 dev
[0].request("REMOVE_NETWORK all")
3614 stop_radius_server(srv
)
3616 def test_eap_proto_psk_errors(dev
, apdev
):
3617 """EAP-PSK local error cases"""
3618 check_eap_capa(dev
[0], "PSK")
3619 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
3620 hapd
= hostapd
.add_ap(apdev
[0], params
)
3621 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3623 for i
in range(1, 3):
3624 with
alloc_fail(dev
[0], i
, "eap_psk_init"):
3625 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3626 eap
="PSK", identity
="psk.user@example.com",
3627 password_hex
="0123456789abcdef0123456789abcdef",
3629 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
3632 raise Exception("Timeout on EAP start")
3633 dev
[0].request("REMOVE_NETWORK all")
3634 dev
[0].wait_disconnected()
3636 for i
in range(1, 4):
3637 with
fail_test(dev
[0], i
, "eap_psk_key_setup;eap_psk_init"):
3638 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3639 eap
="PSK", identity
="psk.user@example.com",
3640 password_hex
="0123456789abcdef0123456789abcdef",
3642 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
3645 raise Exception("Timeout on EAP start")
3646 dev
[0].request("REMOVE_NETWORK all")
3647 dev
[0].wait_disconnected()
3649 tests
= [(1, "=eap_psk_process_1"),
3650 (2, "=eap_psk_process_1"),
3651 (1, "eap_msg_alloc;eap_psk_process_1"),
3652 (1, "=eap_psk_process_3"),
3653 (2, "=eap_psk_process_3"),
3654 (1, "eap_msg_alloc;eap_psk_process_3"),
3655 (1, "eap_psk_getKey"),
3656 (1, "eap_psk_get_session_id"),
3657 (1, "eap_psk_get_emsk")]
3658 for count
, func
in tests
:
3659 with
alloc_fail(dev
[0], count
, func
):
3660 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3661 eap
="PSK", identity
="psk.user@example.com",
3662 password_hex
="0123456789abcdef0123456789abcdef",
3663 erp
="1", wait_connect
=False)
3664 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
3667 raise Exception("Timeout on EAP start")
3668 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL",
3669 note
="No allocation failure seen for %d:%s" % (count
, func
))
3670 dev
[0].request("REMOVE_NETWORK all")
3671 dev
[0].wait_disconnected()
3673 tests
= [(1, "os_get_random;eap_psk_process_1"),
3674 (1, "omac1_aes_128;eap_psk_process_3"),
3675 (1, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_encrypt"),
3676 (2, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_encrypt"),
3677 (3, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_encrypt"),
3678 (1, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_decrypt"),
3679 (2, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_decrypt"),
3680 (3, "=omac1_aes_vector;omac1_aes_128;aes_128_eax_decrypt"),
3681 (1, "aes_128_eax_decrypt;eap_psk_process_3"),
3682 (2, "aes_128_eax_decrypt;eap_psk_process_3"),
3683 (3, "aes_128_eax_decrypt;eap_psk_process_3"),
3684 (1, "aes_128_eax_encrypt;eap_psk_process_3"),
3685 (2, "aes_128_eax_encrypt;eap_psk_process_3"),
3686 (3, "aes_128_eax_encrypt;eap_psk_process_3"),
3687 (1, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3688 (2, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3689 (3, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3690 (4, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3691 (5, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3692 (6, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3693 (7, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3694 (8, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3695 (9, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3696 (10, "aes_128_encrypt_block;eap_psk_derive_keys;eap_psk_process_3"),
3697 (1, "aes_ctr_encrypt;aes_128_eax_decrypt;eap_psk_process_3"),
3698 (1, "aes_ctr_encrypt;aes_128_eax_encrypt;eap_psk_process_3")]
3699 for count
, func
in tests
:
3700 with
fail_test(dev
[0], count
, func
):
3701 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
3702 eap
="PSK", identity
="psk.user@example.com",
3703 password_hex
="0123456789abcdef0123456789abcdef",
3705 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
3708 raise Exception("Timeout on EAP start")
3709 wait_fail_trigger(dev
[0], "GET_FAIL",
3710 note
="No failure seen for %d:%s" % (count
, func
))
3711 dev
[0].request("REMOVE_NETWORK all")
3712 dev
[0].wait_disconnected()
3713 dev
[0].dump_monitor()
3715 def run_eap_psk_connect(dev
):
3716 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
3717 eap
="PSK", identity
="psk.user@example.com",
3718 password_hex
="0123456789abcdef0123456789abcdef",
3720 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
3721 "CTRL-EVENT-DISCONNECTED"],
3723 dev
.request("REMOVE_NETWORK all")
3724 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
3725 dev
.wait_disconnected()
3728 def test_eap_proto_psk_errors_server(dev
, apdev
):
3729 """EAP-PSK local error cases on server"""
3730 check_eap_capa(dev
[0], "PSK")
3731 params
= int_eap_server_params()
3732 params
['erp_domain'] = 'example.com'
3733 params
['eap_server_erp'] = '1'
3734 hapd
= hostapd
.add_ap(apdev
[0], params
)
3735 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3737 tests
= [(1, "eap_psk_init"),
3738 (1, "eap_msg_alloc;eap_psk_build_1"),
3739 (1, "eap_msg_alloc;eap_psk_build_3"),
3740 (1, "=eap_psk_build_3"),
3741 (1, "=eap_psk_process_2"),
3742 (2, "=eap_psk_process_2"),
3743 (1, "=eap_psk_process_4"),
3744 (1, "aes_128_eax_decrypt;eap_psk_process_4"),
3745 (1, "eap_psk_getKey"),
3746 (1, "eap_psk_get_emsk"),
3747 (1, "eap_psk_get_session_id")]
3748 for count
, func
in tests
:
3749 with
alloc_fail(hapd
, count
, func
):
3750 run_eap_psk_connect(dev
[0])
3752 tests
= [(1, "os_get_random;eap_psk_build_1"),
3753 (1, "omac1_aes_128;eap_psk_build_3"),
3754 (1, "eap_psk_derive_keys;eap_psk_build_3"),
3755 (1, "aes_128_eax_encrypt;eap_psk_build_3"),
3756 (1, "eap_psk_key_setup;eap_psk_process_2"),
3757 (1, "omac1_aes_128;eap_psk_process_2"),
3758 (1, "aes_128_eax_decrypt;eap_psk_process_4")]
3759 for count
, func
in tests
:
3760 with
fail_test(hapd
, count
, func
):
3761 run_eap_psk_connect(dev
[0])
3763 def start_psk_assoc(dev
, hapd
):
3764 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
3765 eap
="PSK", identity
="psk.user@example.com",
3766 password_hex
="0123456789abcdef0123456789abcdef",
3768 proxy_msg(hapd
, dev
) # EAP-Identity/Request
3769 proxy_msg(dev
, hapd
) # EAP-Identity/Response
3770 proxy_msg(hapd
, dev
) # PSK-1
3772 def stop_psk_assoc(dev
, hapd
):
3773 dev
.request("REMOVE_NETWORK all")
3774 dev
.wait_disconnected()
3778 def test_eap_proto_psk_server(dev
, apdev
):
3779 """EAP-PSK protocol testing for the server"""
3780 check_eap_capa(dev
[0], "PSK")
3781 params
= int_eap_server_params()
3782 params
['erp_domain'] = 'example.com'
3783 params
['eap_server_erp'] = '1'
3784 hapd
= hostapd
.add_ap(apdev
[0], params
)
3785 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
3786 hapd
.request("SET ext_eapol_frame_io 1")
3787 dev
[0].request("SET ext_eapol_frame_io 1")
3789 # Successful exchange to verify proxying mechanism
3790 start_psk_assoc(dev
[0], hapd
)
3791 proxy_msg(dev
[0], hapd
) # PSK-2
3792 proxy_msg(hapd
, dev
[0]) # PSK-3
3793 proxy_msg(dev
[0], hapd
) # PSK-4
3794 proxy_msg(hapd
, dev
[0]) # EAP-Success
3795 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 1/4
3796 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 2/4
3797 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 3/4
3798 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 4/4
3799 dev
[0].wait_connected()
3800 stop_psk_assoc(dev
[0], hapd
)
3802 start_psk_assoc(dev
[0], hapd
)
3803 resp
= rx_msg(dev
[0])
3804 # Too short EAP-PSK header (no Flags)
3805 hapd
.note("EAP-PSK: Invalid frame")
3806 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "2f"
3807 tx_msg(dev
[0], hapd
, msg
)
3809 hapd
.note("EAP-PSK: Expected PSK-2 - ignore T=0")
3810 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "2f00"
3811 tx_msg(dev
[0], hapd
, msg
)
3813 hapd
.note("EAP-PSK: Too short frame")
3814 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "2f40"
3815 tx_msg(dev
[0], hapd
, msg
)
3816 # PSK-2 with unknown ID_P
3817 hapd
.note("EAP-PSK: EAP-PSK not enabled for ID_P")
3818 msg
= resp
[0:4] + "004a" + resp
[8:12] + "004a" + "2f40" + 3*16*"00" + 20*"00"
3819 tx_msg(dev
[0], hapd
, msg
)
3820 rx_msg(hapd
) # EAP-Failure
3821 stop_psk_assoc(dev
[0], hapd
)
3823 start_psk_assoc(dev
[0], hapd
)
3824 proxy_msg(dev
[0], hapd
) # PSK-2
3825 proxy_msg(hapd
, dev
[0]) # PSK-3
3826 resp
= rx_msg(dev
[0])
3828 hapd
.note("EAP-PSK: Expected PSK-4 - ignore T=1")
3829 msg
= resp
[0:4] + "0016" + resp
[8:12] + "0016" + "2f40" + 16*"00"
3830 tx_msg(dev
[0], hapd
, msg
)
3831 # Too short PSK-4 (no PCHANNEL)
3832 hapd
.note("EAP-PSK: Too short PCHANNEL data in PSK-4 (len=0, expected 21)")
3833 msg
= resp
[0:4] + "0016" + resp
[8:12] + "0016" + "2fc0" + 16*"00"
3834 tx_msg(dev
[0], hapd
, msg
)
3835 rx_msg(hapd
) # PSK-3 retry
3836 stop_psk_assoc(dev
[0], hapd
)
3838 start_psk_assoc(dev
[0], hapd
)
3839 proxy_msg(dev
[0], hapd
) # PSK-2
3840 proxy_msg(hapd
, dev
[0]) # PSK-3
3841 resp
= rx_msg(dev
[0])
3842 # PCHANNEL Nonce did not increase
3843 hapd
.note("EAP-PSK: Nonce did not increase")
3844 msg
= resp
[0:4] + "002b" + resp
[8:12] + "002b" + "2fc0" + 16*"00" + 21*"00"
3845 tx_msg(dev
[0], hapd
, msg
)
3846 rx_msg(hapd
) # PSK-3 retry
3847 stop_psk_assoc(dev
[0], hapd
)
3849 start_psk_assoc(dev
[0], hapd
)
3850 proxy_msg(dev
[0], hapd
) # PSK-2
3851 proxy_msg(hapd
, dev
[0]) # PSK-3
3852 resp
= rx_msg(dev
[0])
3853 # Invalid PCHANNEL encryption
3854 hapd
.note("EAP-PSK: PCHANNEL decryption failed")
3855 msg
= resp
[0:4] + "002b" + resp
[8:12] + "002b" + "2fc0" + 16*"00" + 21*"11"
3856 tx_msg(dev
[0], hapd
, msg
)
3857 rx_msg(hapd
) # PSK-3 retry
3858 stop_psk_assoc(dev
[0], hapd
)
3860 EAP_SIM_SUBTYPE_START
= 10
3861 EAP_SIM_SUBTYPE_CHALLENGE
= 11
3862 EAP_SIM_SUBTYPE_NOTIFICATION
= 12
3863 EAP_SIM_SUBTYPE_REAUTHENTICATION
= 13
3864 EAP_SIM_SUBTYPE_CLIENT_ERROR
= 14
3866 EAP_AKA_SUBTYPE_CHALLENGE
= 1
3867 EAP_AKA_SUBTYPE_AUTHENTICATION_REJECT
= 2
3868 EAP_AKA_SUBTYPE_SYNCHRONIZATION_FAILURE
= 4
3869 EAP_AKA_SUBTYPE_IDENTITY
= 5
3870 EAP_AKA_SUBTYPE_NOTIFICATION
= 12
3871 EAP_AKA_SUBTYPE_REAUTHENTICATION
= 13
3872 EAP_AKA_SUBTYPE_CLIENT_ERROR
= 14
3878 EAP_SIM_AT_PADDING
= 6
3879 EAP_SIM_AT_NONCE_MT
= 7
3880 EAP_SIM_AT_PERMANENT_ID_REQ
= 10
3882 EAP_SIM_AT_NOTIFICATION
= 12
3883 EAP_SIM_AT_ANY_ID_REQ
= 13
3884 EAP_SIM_AT_IDENTITY
= 14
3885 EAP_SIM_AT_VERSION_LIST
= 15
3886 EAP_SIM_AT_SELECTED_VERSION
= 16
3887 EAP_SIM_AT_FULLAUTH_ID_REQ
= 17
3888 EAP_SIM_AT_COUNTER
= 19
3889 EAP_SIM_AT_COUNTER_TOO_SMALL
= 20
3890 EAP_SIM_AT_NONCE_S
= 21
3891 EAP_SIM_AT_CLIENT_ERROR_CODE
= 22
3892 EAP_SIM_AT_KDF_INPUT
= 23
3895 EAP_SIM_AT_ENCR_DATA
= 130
3896 EAP_SIM_AT_NEXT_PSEUDONYM
= 132
3897 EAP_SIM_AT_NEXT_REAUTH_ID
= 133
3898 EAP_SIM_AT_CHECKCODE
= 134
3899 EAP_SIM_AT_RESULT_IND
= 135
3900 EAP_SIM_AT_BIDDING
= 136
3902 def test_eap_proto_aka(dev
, apdev
):
3903 """EAP-AKA protocol tests"""
3904 def aka_handler(ctx
, req
):
3905 logger
.info("aka_handler - RX " + binascii
.hexlify(req
).decode())
3906 if 'num' not in ctx
:
3908 ctx
['num'] = ctx
['num'] + 1
3911 ctx
['id'] = (ctx
['id'] + 1) % 256
3916 if ctx
['num'] == idx
:
3917 logger
.info("Test: Missing payload")
3918 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
3923 if ctx
['num'] == idx
:
3924 logger
.info("Test: Unknown subtype")
3925 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
3927 EAP_TYPE_AKA
, 255, 0)
3929 if ctx
['num'] == idx
:
3930 logger
.info("Test: EAP-Failure")
3931 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3934 if ctx
['num'] == idx
:
3935 logger
.info("Test: Client Error")
3936 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
3938 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CLIENT_ERROR
, 0)
3940 if ctx
['num'] == idx
:
3941 logger
.info("Test: EAP-Failure")
3942 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3945 if ctx
['num'] == idx
:
3946 logger
.info("Test: Too short attribute header")
3947 return struct
.pack(">BBHBBHB", EAP_CODE_REQUEST
, ctx
['id'],
3949 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0, 255)
3951 if ctx
['num'] == idx
:
3952 logger
.info("Test: EAP-Failure")
3953 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3956 if ctx
['num'] == idx
:
3957 logger
.info("Test: Truncated attribute")
3958 return struct
.pack(">BBHBBHBB", EAP_CODE_REQUEST
, ctx
['id'],
3960 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0, 255,
3963 if ctx
['num'] == idx
:
3964 logger
.info("Test: EAP-Failure")
3965 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3968 if ctx
['num'] == idx
:
3969 logger
.info("Test: Too short attribute data")
3970 return struct
.pack(">BBHBBHBB", EAP_CODE_REQUEST
, ctx
['id'],
3972 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0, 255,
3975 if ctx
['num'] == idx
:
3976 logger
.info("Test: EAP-Failure")
3977 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3980 if ctx
['num'] == idx
:
3981 logger
.info("Test: Skippable/non-skippable unrecognzized attribute")
3982 return struct
.pack(">BBHBBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
3984 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
3985 255, 1, 0, 127, 1, 0)
3987 if ctx
['num'] == idx
:
3988 logger
.info("Test: EAP-Failure")
3989 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
3992 if ctx
['num'] == idx
:
3993 logger
.info("Test: Identity request without ID type")
3994 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
3996 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0)
3998 if ctx
['num'] == idx
:
3999 logger
.info("Test: Identity request ANY_ID")
4000 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4002 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4003 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4005 if ctx
['num'] == idx
:
4006 logger
.info("Test: Identity request ANY_ID (duplicate)")
4007 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4009 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4010 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4012 if ctx
['num'] == idx
:
4013 logger
.info("Test: EAP-Failure")
4014 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4017 if ctx
['num'] == idx
:
4018 logger
.info("Test: Identity request ANY_ID")
4019 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4021 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4022 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4024 if ctx
['num'] == idx
:
4025 logger
.info("Test: Identity request FULLAUTH_ID")
4026 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4028 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4029 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
4031 if ctx
['num'] == idx
:
4032 logger
.info("Test: Identity request FULLAUTH_ID (duplicate)")
4033 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4035 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4036 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
4038 if ctx
['num'] == idx
:
4039 logger
.info("Test: EAP-Failure")
4040 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4043 if ctx
['num'] == idx
:
4044 logger
.info("Test: Identity request ANY_ID")
4045 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4047 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4048 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4050 if ctx
['num'] == idx
:
4051 logger
.info("Test: Identity request FULLAUTH_ID")
4052 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4054 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4055 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
4057 if ctx
['num'] == idx
:
4058 logger
.info("Test: Identity request PERMANENT_ID")
4059 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4061 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4062 EAP_SIM_AT_PERMANENT_ID_REQ
, 1, 0)
4064 if ctx
['num'] == idx
:
4065 logger
.info("Test: Identity request PERMANENT_ID (duplicate)")
4066 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4068 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4069 EAP_SIM_AT_PERMANENT_ID_REQ
, 1, 0)
4071 if ctx
['num'] == idx
:
4072 logger
.info("Test: EAP-Failure")
4073 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4076 if ctx
['num'] == idx
:
4077 logger
.info("Test: Challenge with no attributes")
4078 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4080 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CHALLENGE
, 0)
4082 if ctx
['num'] == idx
:
4083 logger
.info("Test: EAP-Failure")
4084 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4087 if ctx
['num'] == idx
:
4088 logger
.info("Test: AKA Challenge with BIDDING")
4089 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4091 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4092 EAP_SIM_AT_BIDDING
, 1, 0x8000)
4094 if ctx
['num'] == idx
:
4095 logger
.info("Test: EAP-Failure")
4096 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4099 if ctx
['num'] == idx
:
4100 logger
.info("Test: Notification with no attributes")
4101 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4103 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0)
4105 if ctx
['num'] == idx
:
4106 logger
.info("Test: EAP-Failure")
4107 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4110 if ctx
['num'] == idx
:
4111 logger
.info("Test: Notification indicating success, but no MAC")
4112 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4114 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4115 EAP_SIM_AT_NOTIFICATION
, 1, 32768)
4117 if ctx
['num'] == idx
:
4118 logger
.info("Test: EAP-Failure")
4119 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4122 if ctx
['num'] == idx
:
4123 logger
.info("Test: Notification indicating success, but invalid MAC value")
4124 return struct
.pack(">BBHBBHBBHBBH4L", EAP_CODE_REQUEST
, ctx
['id'],
4126 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4127 EAP_SIM_AT_NOTIFICATION
, 1, 32768,
4128 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
4130 if ctx
['num'] == idx
:
4131 logger
.info("Test: EAP-Failure")
4132 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4135 if ctx
['num'] == idx
:
4136 logger
.info("Test: Notification indicating success with zero-key MAC")
4137 return struct
.pack(">BBHBBHBBHBBH16B", EAP_CODE_REQUEST
,
4140 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4141 EAP_SIM_AT_NOTIFICATION
, 1, 32768,
4142 EAP_SIM_AT_MAC
, 5, 0,
4143 0xbe, 0x2e, 0xbb, 0xa9, 0xfa, 0x2e, 0x82, 0x36,
4144 0x37, 0x8c, 0x32, 0x41, 0xb7, 0xc7, 0x58, 0xa3)
4146 if ctx
['num'] == idx
:
4147 logger
.info("Test: EAP-Success")
4148 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
4151 if ctx
['num'] == idx
:
4152 logger
.info("Test: Notification before auth")
4153 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4155 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4156 EAP_SIM_AT_NOTIFICATION
, 1, 16384)
4158 if ctx
['num'] == idx
:
4159 logger
.info("Test: EAP-Failure")
4160 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4163 if ctx
['num'] == idx
:
4164 logger
.info("Test: Notification before auth")
4165 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4167 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4168 EAP_SIM_AT_NOTIFICATION
, 1, 16385)
4170 if ctx
['num'] == idx
:
4171 logger
.info("Test: EAP-Failure")
4172 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4175 if ctx
['num'] == idx
:
4176 logger
.info("Test: Notification with unrecognized non-failure")
4177 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4179 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4180 EAP_SIM_AT_NOTIFICATION
, 1, 0xc000)
4182 if ctx
['num'] == idx
:
4183 logger
.info("Test: Notification before auth (duplicate)")
4184 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4186 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_NOTIFICATION
, 0,
4187 EAP_SIM_AT_NOTIFICATION
, 1, 0xc000)
4189 if ctx
['num'] == idx
:
4190 logger
.info("Test: EAP-Failure")
4191 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4194 if ctx
['num'] == idx
:
4195 logger
.info("Test: Re-authentication (unexpected) with no attributes")
4196 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4198 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_REAUTHENTICATION
,
4201 if ctx
['num'] == idx
:
4202 logger
.info("Test: EAP-Failure")
4203 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4206 if ctx
['num'] == idx
:
4207 logger
.info("Test: AKA Challenge with Checkcode claiming identity round was used")
4208 return struct
.pack(">BBHBBHBBH5L", EAP_CODE_REQUEST
, ctx
['id'],
4210 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4211 EAP_SIM_AT_CHECKCODE
, 6, 0, 0, 0, 0, 0, 0)
4213 if ctx
['num'] == idx
:
4214 logger
.info("Test: EAP-Failure")
4215 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4218 if ctx
['num'] == idx
:
4219 logger
.info("Test: Identity request ANY_ID")
4220 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4222 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4223 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4225 if ctx
['num'] == idx
:
4226 logger
.info("Test: AKA Challenge with Checkcode claiming no identity round was used")
4227 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4229 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4230 EAP_SIM_AT_CHECKCODE
, 1, 0)
4232 if ctx
['num'] == idx
:
4233 logger
.info("Test: EAP-Failure")
4234 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4237 if ctx
['num'] == idx
:
4238 logger
.info("Test: Identity request ANY_ID")
4239 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4241 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4242 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
4244 if ctx
['num'] == idx
:
4245 logger
.info("Test: AKA Challenge with mismatching Checkcode value")
4246 return struct
.pack(">BBHBBHBBH5L", EAP_CODE_REQUEST
, ctx
['id'],
4248 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4249 EAP_SIM_AT_CHECKCODE
, 6, 0, 0, 0, 0, 0, 0)
4251 if ctx
['num'] == idx
:
4252 logger
.info("Test: EAP-Failure")
4253 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4256 if ctx
['num'] == idx
:
4257 logger
.info("Test: Re-authentication (unexpected) with Checkcode claimin identity round was used")
4258 return struct
.pack(">BBHBBHBBH5L", EAP_CODE_REQUEST
, ctx
['id'],
4260 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_REAUTHENTICATION
,
4262 EAP_SIM_AT_CHECKCODE
, 6, 0, 0, 0, 0, 0, 0)
4264 if ctx
['num'] == idx
:
4265 logger
.info("Test: EAP-Failure")
4266 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4269 if ctx
['num'] == idx
:
4270 logger
.info("Test: Invalid AT_RAND length")
4271 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4273 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4274 EAP_SIM_AT_RAND
, 1, 0)
4276 if ctx
['num'] == idx
:
4277 logger
.info("Test: EAP-Failure")
4278 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4281 if ctx
['num'] == idx
:
4282 logger
.info("Test: Invalid AT_AUTN length")
4283 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4285 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4286 EAP_SIM_AT_AUTN
, 1, 0)
4288 if ctx
['num'] == idx
:
4289 logger
.info("Test: EAP-Failure")
4290 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4293 if ctx
['num'] == idx
:
4294 logger
.info("Test: Unencrypted AT_PADDING")
4295 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4297 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4298 EAP_SIM_AT_PADDING
, 1, 0)
4300 if ctx
['num'] == idx
:
4301 logger
.info("Test: EAP-Failure")
4302 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4305 if ctx
['num'] == idx
:
4306 logger
.info("Test: Invalid AT_NONCE_MT length")
4307 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4309 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4310 EAP_SIM_AT_NONCE_MT
, 1, 0)
4312 if ctx
['num'] == idx
:
4313 logger
.info("Test: EAP-Failure")
4314 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4317 if ctx
['num'] == idx
:
4318 logger
.info("Test: Invalid AT_MAC length")
4319 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4321 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4322 EAP_SIM_AT_MAC
, 1, 0)
4324 if ctx
['num'] == idx
:
4325 logger
.info("Test: EAP-Failure")
4326 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4329 if ctx
['num'] == idx
:
4330 logger
.info("Test: Invalid AT_NOTIFICATION length")
4331 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4333 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4334 EAP_SIM_AT_NOTIFICATION
, 2, 0, 0)
4336 if ctx
['num'] == idx
:
4337 logger
.info("Test: EAP-Failure")
4338 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4341 if ctx
['num'] == idx
:
4342 logger
.info("Test: AT_IDENTITY overflow")
4343 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4345 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4346 EAP_SIM_AT_IDENTITY
, 1, 0xffff)
4348 if ctx
['num'] == idx
:
4349 logger
.info("Test: EAP-Failure")
4350 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4353 if ctx
['num'] == idx
:
4354 logger
.info("Test: Unexpected AT_VERSION_LIST")
4355 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4357 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4358 EAP_SIM_AT_VERSION_LIST
, 1, 0)
4360 if ctx
['num'] == idx
:
4361 logger
.info("Test: EAP-Failure")
4362 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4365 if ctx
['num'] == idx
:
4366 logger
.info("Test: Invalid AT_SELECTED_VERSION length")
4367 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4369 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4370 EAP_SIM_AT_SELECTED_VERSION
, 2, 0, 0)
4372 if ctx
['num'] == idx
:
4373 logger
.info("Test: EAP-Failure")
4374 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4377 if ctx
['num'] == idx
:
4378 logger
.info("Test: Unencrypted AT_COUNTER")
4379 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4381 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4382 EAP_SIM_AT_COUNTER
, 1, 0)
4384 if ctx
['num'] == idx
:
4385 logger
.info("Test: EAP-Failure")
4386 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4389 if ctx
['num'] == idx
:
4390 logger
.info("Test: Unencrypted AT_COUNTER_TOO_SMALL")
4391 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4393 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4394 EAP_SIM_AT_COUNTER_TOO_SMALL
, 1, 0)
4396 if ctx
['num'] == idx
:
4397 logger
.info("Test: EAP-Failure")
4398 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4401 if ctx
['num'] == idx
:
4402 logger
.info("Test: Unencrypted AT_NONCE_S")
4403 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4405 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4406 EAP_SIM_AT_NONCE_S
, 1, 0)
4408 if ctx
['num'] == idx
:
4409 logger
.info("Test: EAP-Failure")
4410 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4413 if ctx
['num'] == idx
:
4414 logger
.info("Test: Invalid AT_CLIENT_ERROR_CODE length")
4415 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4417 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4418 EAP_SIM_AT_CLIENT_ERROR_CODE
, 2, 0, 0)
4420 if ctx
['num'] == idx
:
4421 logger
.info("Test: EAP-Failure")
4422 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4425 if ctx
['num'] == idx
:
4426 logger
.info("Test: Invalid AT_IV length")
4427 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4429 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4430 EAP_SIM_AT_IV
, 1, 0)
4432 if ctx
['num'] == idx
:
4433 logger
.info("Test: EAP-Failure")
4434 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4437 if ctx
['num'] == idx
:
4438 logger
.info("Test: Invalid AT_ENCR_DATA length")
4439 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4441 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4442 EAP_SIM_AT_ENCR_DATA
, 2, 0, 0)
4444 if ctx
['num'] == idx
:
4445 logger
.info("Test: EAP-Failure")
4446 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4449 if ctx
['num'] == idx
:
4450 logger
.info("Test: Unencrypted AT_NEXT_PSEUDONYM")
4451 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4453 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4454 EAP_SIM_AT_NEXT_PSEUDONYM
, 1, 0)
4456 if ctx
['num'] == idx
:
4457 logger
.info("Test: EAP-Failure")
4458 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4461 if ctx
['num'] == idx
:
4462 logger
.info("Test: Unencrypted AT_NEXT_REAUTH_ID")
4463 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4465 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4466 EAP_SIM_AT_NEXT_REAUTH_ID
, 1, 0)
4468 if ctx
['num'] == idx
:
4469 logger
.info("Test: EAP-Failure")
4470 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4473 if ctx
['num'] == idx
:
4474 logger
.info("Test: Invalid AT_RES length")
4475 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4477 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4478 EAP_SIM_AT_RES
, 1, 0)
4480 if ctx
['num'] == idx
:
4481 logger
.info("Test: EAP-Failure")
4482 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4485 if ctx
['num'] == idx
:
4486 logger
.info("Test: Invalid AT_RES length")
4487 return struct
.pack(">BBHBBHBBH5L", EAP_CODE_REQUEST
, ctx
['id'],
4489 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4490 EAP_SIM_AT_RES
, 6, 0xffff, 0, 0, 0, 0, 0)
4492 if ctx
['num'] == idx
:
4493 logger
.info("Test: EAP-Failure")
4494 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4497 if ctx
['num'] == idx
:
4498 logger
.info("Test: Invalid AT_AUTS length")
4499 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4501 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4502 EAP_SIM_AT_AUTS
, 2, 0, 0)
4504 if ctx
['num'] == idx
:
4505 logger
.info("Test: EAP-Failure")
4506 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4509 if ctx
['num'] == idx
:
4510 logger
.info("Test: Invalid AT_CHECKCODE length")
4511 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4513 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4514 EAP_SIM_AT_CHECKCODE
, 2, 0, 0)
4516 if ctx
['num'] == idx
:
4517 logger
.info("Test: EAP-Failure")
4518 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4521 if ctx
['num'] == idx
:
4522 logger
.info("Test: Invalid AT_RESULT_IND length")
4523 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4525 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4526 EAP_SIM_AT_RESULT_IND
, 2, 0, 0)
4528 if ctx
['num'] == idx
:
4529 logger
.info("Test: EAP-Failure")
4530 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4533 if ctx
['num'] == idx
:
4534 logger
.info("Test: Unexpected AT_KDF_INPUT")
4535 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4537 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4538 EAP_SIM_AT_KDF_INPUT
, 2, 0, 0)
4540 if ctx
['num'] == idx
:
4541 logger
.info("Test: EAP-Failure")
4542 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4545 if ctx
['num'] == idx
:
4546 logger
.info("Test: Unexpected AT_KDF")
4547 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4549 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4550 EAP_SIM_AT_KDF
, 2, 0, 0)
4552 if ctx
['num'] == idx
:
4553 logger
.info("Test: EAP-Failure")
4554 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4557 if ctx
['num'] == idx
:
4558 logger
.info("Test: Invalid AT_BIDDING length")
4559 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4561 EAP_TYPE_AKA
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4562 EAP_SIM_AT_BIDDING
, 2, 0, 0)
4564 if ctx
['num'] == idx
:
4565 logger
.info("Test: EAP-Failure")
4566 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4570 srv
= start_radius_server(aka_handler
)
4573 hapd
= start_ap(apdev
[0])
4574 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
4576 for i
in range(0, 49):
4577 eap
= "AKA AKA'" if i
== 11 else "AKA"
4578 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
4579 eap
=eap
, identity
="0232010000000000",
4580 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
4582 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
4585 raise Exception("Timeout on EAP start")
4589 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
4592 raise Exception("Timeout on EAP failure")
4593 dev
[0].request("REMOVE_NETWORK all")
4594 dev
[0].dump_monitor()
4596 stop_radius_server(srv
)
4598 def test_eap_proto_aka_prime(dev
, apdev
):
4599 """EAP-AKA' protocol tests"""
4600 def aka_prime_handler(ctx
, req
):
4601 logger
.info("aka_prime_handler - RX " + binascii
.hexlify(req
).decode())
4602 if 'num' not in ctx
:
4604 ctx
['num'] = ctx
['num'] + 1
4607 ctx
['id'] = (ctx
['id'] + 1) % 256
4612 if ctx
['num'] == idx
:
4613 logger
.info("Test: Missing payload")
4614 dev
[0].note("Missing payload")
4615 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
4620 if ctx
['num'] == idx
:
4621 logger
.info("Test: Challenge with no attributes")
4622 dev
[0].note("Challenge with no attributes")
4623 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4625 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0)
4627 if ctx
['num'] == idx
:
4628 logger
.info("Test: EAP-Failure")
4629 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4632 if ctx
['num'] == idx
:
4633 logger
.info("Test: Challenge with empty AT_KDF_INPUT")
4634 dev
[0].note("Challenge with empty AT_KDF_INPUT")
4635 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
4637 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4638 EAP_SIM_AT_KDF_INPUT
, 1, 0)
4640 if ctx
['num'] == idx
:
4641 logger
.info("Test: EAP-Failure")
4642 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4645 if ctx
['num'] == idx
:
4646 logger
.info("Test: Challenge with AT_KDF_INPUT")
4647 dev
[0].note("Test: Challenge with AT_KDF_INPUT")
4648 return struct
.pack(">BBHBBHBBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
4650 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4651 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4654 if ctx
['num'] == idx
:
4655 logger
.info("Test: EAP-Failure")
4656 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4659 if ctx
['num'] == idx
:
4660 logger
.info("Test: Challenge with duplicated KDF")
4661 dev
[0].note("Challenge with duplicated KDF")
4662 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4663 EAP_CODE_REQUEST
, ctx
['id'],
4664 4 + 1 + 3 + 8 + 3 * 4,
4665 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4666 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4668 EAP_SIM_AT_KDF
, 1, 1,
4669 EAP_SIM_AT_KDF
, 1, 2,
4670 EAP_SIM_AT_KDF
, 1, 1)
4672 if ctx
['num'] == idx
:
4673 logger
.info("Test: EAP-Failure")
4674 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4677 if ctx
['num'] == idx
:
4678 logger
.info("Test: Challenge with multiple KDF proposals")
4679 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4680 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4681 EAP_CODE_REQUEST
, ctx
['id'],
4682 4 + 1 + 3 + 8 + 3 * 4,
4683 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4684 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4686 EAP_SIM_AT_KDF
, 1, 255,
4687 EAP_SIM_AT_KDF
, 1, 254,
4688 EAP_SIM_AT_KDF
, 1, 1)
4690 if ctx
['num'] == idx
:
4691 logger
.info("Test: Challenge with incorrect KDF selected")
4692 dev
[0].note("Challenge with incorrect KDF selected")
4693 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBHBBH",
4694 EAP_CODE_REQUEST
, ctx
['id'],
4695 4 + 1 + 3 + 8 + 4 * 4,
4696 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4697 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4699 EAP_SIM_AT_KDF
, 1, 255,
4700 EAP_SIM_AT_KDF
, 1, 255,
4701 EAP_SIM_AT_KDF
, 1, 254,
4702 EAP_SIM_AT_KDF
, 1, 1)
4704 if ctx
['num'] == idx
:
4705 logger
.info("Test: EAP-Failure")
4706 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4709 if ctx
['num'] == idx
:
4710 logger
.info("Test: Challenge with multiple KDF proposals")
4711 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4712 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4713 EAP_CODE_REQUEST
, ctx
['id'],
4714 4 + 1 + 3 + 8 + 3 * 4,
4715 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4716 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4718 EAP_SIM_AT_KDF
, 1, 255,
4719 EAP_SIM_AT_KDF
, 1, 254,
4720 EAP_SIM_AT_KDF
, 1, 1)
4722 if ctx
['num'] == idx
:
4723 logger
.info("Test: Challenge with selected KDF not duplicated")
4724 dev
[0].note("Challenge with selected KDF not duplicated")
4725 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4726 EAP_CODE_REQUEST
, ctx
['id'],
4727 4 + 1 + 3 + 8 + 3 * 4,
4728 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4729 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4731 EAP_SIM_AT_KDF
, 1, 1,
4732 EAP_SIM_AT_KDF
, 1, 255,
4733 EAP_SIM_AT_KDF
, 1, 254)
4735 if ctx
['num'] == idx
:
4736 logger
.info("Test: EAP-Failure")
4737 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4740 if ctx
['num'] == idx
:
4741 logger
.info("Test: Challenge with multiple KDF proposals")
4742 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4743 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4744 EAP_CODE_REQUEST
, ctx
['id'],
4745 4 + 1 + 3 + 8 + 3 * 4,
4746 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4747 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4749 EAP_SIM_AT_KDF
, 1, 255,
4750 EAP_SIM_AT_KDF
, 1, 254,
4751 EAP_SIM_AT_KDF
, 1, 1)
4753 if ctx
['num'] == idx
:
4754 logger
.info("Test: Challenge with selected KDF duplicated (missing MAC, RAND, AUTN)")
4755 dev
[0].note("Challenge with selected KDF duplicated (missing MAC, RAND, AUTN)")
4756 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBHBBH",
4757 EAP_CODE_REQUEST
, ctx
['id'],
4758 4 + 1 + 3 + 8 + 4 * 4,
4759 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4760 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4762 EAP_SIM_AT_KDF
, 1, 1,
4763 EAP_SIM_AT_KDF
, 1, 255,
4764 EAP_SIM_AT_KDF
, 1, 254,
4765 EAP_SIM_AT_KDF
, 1, 1)
4767 if ctx
['num'] == idx
:
4768 logger
.info("Test: EAP-Failure")
4769 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4772 if ctx
['num'] == idx
:
4773 logger
.info("Test: Challenge with multiple unsupported KDF proposals")
4774 dev
[0].note("Challenge with multiple unsupported KDF proposals")
4775 return struct
.pack(">BBHBBHBBHBBBBBBHBBH",
4776 EAP_CODE_REQUEST
, ctx
['id'],
4777 4 + 1 + 3 + 8 + 2 * 4,
4778 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4779 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4781 EAP_SIM_AT_KDF
, 1, 255,
4782 EAP_SIM_AT_KDF
, 1, 254)
4784 if ctx
['num'] == idx
:
4785 logger
.info("Test: EAP-Failure")
4786 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4789 if ctx
['num'] == idx
:
4790 logger
.info("Test: Challenge with multiple KDF proposals")
4791 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4792 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4793 EAP_CODE_REQUEST
, ctx
['id'],
4794 4 + 1 + 3 + 8 + 3 * 4,
4795 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4796 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4798 EAP_SIM_AT_KDF
, 1, 255,
4799 EAP_SIM_AT_KDF
, 1, 254,
4800 EAP_SIM_AT_KDF
, 1, 1)
4802 if ctx
['num'] == idx
:
4803 logger
.info("Test: Challenge with invalid MAC, RAND, AUTN values)")
4804 dev
[0].note("Challenge with invalid MAC, RAND, AUTN values)")
4805 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBHBBHBBH4LBBH4LBBH4L",
4806 EAP_CODE_REQUEST
, ctx
['id'],
4807 4 + 1 + 3 + 8 + 4 * 4 + 20 + 20 + 20,
4808 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4809 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4811 EAP_SIM_AT_KDF
, 1, 1,
4812 EAP_SIM_AT_KDF
, 1, 255,
4813 EAP_SIM_AT_KDF
, 1, 254,
4814 EAP_SIM_AT_KDF
, 1, 1,
4815 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0,
4816 EAP_SIM_AT_RAND
, 5, 0, 0, 0, 0, 0,
4817 EAP_SIM_AT_AUTN
, 5, 0, 0, 0, 0, 0)
4819 if ctx
['num'] == idx
:
4820 logger
.info("Test: EAP-Failure")
4821 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4824 if ctx
['num'] == idx
:
4825 logger
.info("Test: Challenge - AMF separation bit not set)")
4826 dev
[0].note("Challenge - AMF separation bit not set)")
4827 return struct
.pack(">BBHBBHBBHBBBBBBHBBH4LBBH4LBBH4L",
4828 EAP_CODE_REQUEST
, ctx
['id'],
4829 4 + 1 + 3 + 8 + 4 + 20 + 20 + 20,
4830 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4831 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4833 EAP_SIM_AT_KDF
, 1, 1,
4834 EAP_SIM_AT_MAC
, 5, 0, 1, 2, 3, 4,
4835 EAP_SIM_AT_RAND
, 5, 0, 5, 6, 7, 8,
4836 EAP_SIM_AT_AUTN
, 5, 0, 9, 10,
4837 0x2fda8ef7, 0xbba518cc)
4839 if ctx
['num'] == idx
:
4840 logger
.info("Test: EAP-Failure")
4841 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4844 if ctx
['num'] == idx
:
4845 logger
.info("Test: Challenge - Invalid MAC")
4846 dev
[0].note("Challenge - Invalid MAC")
4847 return struct
.pack(">BBHBBHBBHBBBBBBHBBH4LBBH4LBBH4L",
4848 EAP_CODE_REQUEST
, ctx
['id'],
4849 4 + 1 + 3 + 8 + 4 + 20 + 20 + 20,
4850 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4851 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4853 EAP_SIM_AT_KDF
, 1, 1,
4854 EAP_SIM_AT_MAC
, 5, 0, 1, 2, 3, 4,
4855 EAP_SIM_AT_RAND
, 5, 0, 5, 6, 7, 8,
4856 EAP_SIM_AT_AUTN
, 5, 0, 0xffffffff, 0xffffffff,
4857 0xd1f90322, 0x40514cb4)
4859 if ctx
['num'] == idx
:
4860 logger
.info("Test: EAP-Failure")
4861 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4864 if ctx
['num'] == idx
:
4865 logger
.info("Test: Challenge - Valid MAC")
4866 dev
[0].note("Challenge - Valid MAC")
4867 return struct
.pack(">BBHBBHBBHBBBBBBHBBH4LBBH4LBBH4L",
4868 EAP_CODE_REQUEST
, ctx
['id'],
4869 4 + 1 + 3 + 8 + 4 + 20 + 20 + 20,
4870 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4871 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4873 EAP_SIM_AT_KDF
, 1, 1,
4874 EAP_SIM_AT_MAC
, 5, 0,
4875 0xf4a3c1d3, 0x7c901401, 0x34bd8b01, 0x6f7fa32f,
4876 EAP_SIM_AT_RAND
, 5, 0, 5, 6, 7, 8,
4877 EAP_SIM_AT_AUTN
, 5, 0, 0xffffffff, 0xffffffff,
4878 0xd1f90322, 0x40514cb4)
4880 if ctx
['num'] == idx
:
4881 logger
.info("Test: EAP-Failure")
4882 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4885 if ctx
['num'] == idx
:
4886 logger
.info("Test: Invalid AT_KDF_INPUT length")
4887 dev
[0].note("Invalid AT_KDF_INPUT length")
4888 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4890 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4891 EAP_SIM_AT_KDF_INPUT
, 2, 0xffff, 0)
4893 if ctx
['num'] == idx
:
4894 logger
.info("Test: EAP-Failure")
4895 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4898 if ctx
['num'] == idx
:
4899 logger
.info("Test: Invalid AT_KDF length")
4900 dev
[0].note("Invalid AT_KDF length")
4901 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
4903 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_IDENTITY
, 0,
4904 EAP_SIM_AT_KDF
, 2, 0, 0)
4906 if ctx
['num'] == idx
:
4907 logger
.info("Test: EAP-Failure")
4908 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4911 if ctx
['num'] == idx
:
4912 logger
.info("Test: Challenge with large number of KDF proposals")
4913 dev
[0].note("Challenge with large number of KDF proposals")
4914 return struct
.pack(">BBHBBHBBHBBHBBHBBHBBHBBHBBHBBHBBHBBHBBHBBH",
4915 EAP_CODE_REQUEST
, ctx
['id'],
4917 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4918 EAP_SIM_AT_KDF
, 1, 255,
4919 EAP_SIM_AT_KDF
, 1, 254,
4920 EAP_SIM_AT_KDF
, 1, 253,
4921 EAP_SIM_AT_KDF
, 1, 252,
4922 EAP_SIM_AT_KDF
, 1, 251,
4923 EAP_SIM_AT_KDF
, 1, 250,
4924 EAP_SIM_AT_KDF
, 1, 249,
4925 EAP_SIM_AT_KDF
, 1, 248,
4926 EAP_SIM_AT_KDF
, 1, 247,
4927 EAP_SIM_AT_KDF
, 1, 246,
4928 EAP_SIM_AT_KDF
, 1, 245,
4929 EAP_SIM_AT_KDF
, 1, 244)
4931 if ctx
['num'] == idx
:
4932 logger
.info("Test: EAP-Failure")
4933 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4936 if ctx
['num'] == idx
:
4937 logger
.info("Test: Challenge with multiple KDF proposals")
4938 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4939 return struct
.pack(">BBHBBHBBHBBBBBBHBBH",
4940 EAP_CODE_REQUEST
, ctx
['id'],
4941 4 + 1 + 3 + 8 + 2 * 4,
4942 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4943 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4945 EAP_SIM_AT_KDF
, 1, 2,
4946 EAP_SIM_AT_KDF
, 1, 1)
4948 if ctx
['num'] == idx
:
4949 logger
.info("Test: Challenge with an extra KDF appended")
4950 dev
[0].note("Challenge with an extra KDF appended")
4951 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBHBBH",
4952 EAP_CODE_REQUEST
, ctx
['id'],
4953 4 + 1 + 3 + 8 + 4 * 4,
4954 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4955 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4957 EAP_SIM_AT_KDF
, 1, 1,
4958 EAP_SIM_AT_KDF
, 1, 2,
4959 EAP_SIM_AT_KDF
, 1, 1,
4960 EAP_SIM_AT_KDF
, 1, 0)
4962 if ctx
['num'] == idx
:
4963 logger
.info("Test: EAP-Failure")
4964 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4967 if ctx
['num'] == idx
:
4968 logger
.info("Test: Challenge with multiple KDF proposals")
4969 dev
[0].note("Challenge with multiple KDF proposals (preparation)")
4970 return struct
.pack(">BBHBBHBBHBBBBBBHBBH",
4971 EAP_CODE_REQUEST
, ctx
['id'],
4972 4 + 1 + 3 + 8 + 2 * 4,
4973 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4974 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4976 EAP_SIM_AT_KDF
, 1, 2,
4977 EAP_SIM_AT_KDF
, 1, 1)
4979 if ctx
['num'] == idx
:
4980 logger
.info("Test: Challenge with a modified KDF")
4981 dev
[0].note("Challenge with a modified KDF")
4982 return struct
.pack(">BBHBBHBBHBBBBBBHBBHBBH",
4983 EAP_CODE_REQUEST
, ctx
['id'],
4984 4 + 1 + 3 + 8 + 3 * 4,
4985 EAP_TYPE_AKA_PRIME
, EAP_AKA_SUBTYPE_CHALLENGE
, 0,
4986 EAP_SIM_AT_KDF_INPUT
, 2, 1, ord('a'), ord('b'),
4988 EAP_SIM_AT_KDF
, 1, 1,
4989 EAP_SIM_AT_KDF
, 1, 0,
4990 EAP_SIM_AT_KDF
, 1, 1)
4992 if ctx
['num'] == idx
:
4993 logger
.info("Test: EAP-Failure")
4994 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
4998 srv
= start_radius_server(aka_prime_handler
)
5001 hapd
= start_ap(apdev
[0])
5002 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
5004 for i
in range(0, 18):
5005 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5006 eap
="AKA'", identity
="6555444333222111",
5007 password
="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
5009 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
5012 raise Exception("Timeout on EAP start")
5016 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
5019 raise Exception("Timeout on EAP failure")
5020 dev
[0].request("REMOVE_NETWORK all")
5021 dev
[0].dump_monitor()
5023 stop_radius_server(srv
)
5025 def test_eap_proto_sim(dev
, apdev
):
5026 """EAP-SIM protocol tests"""
5027 def sim_handler(ctx
, req
):
5028 logger
.info("sim_handler - RX " + binascii
.hexlify(req
).decode())
5029 if 'num' not in ctx
:
5031 ctx
['num'] = ctx
['num'] + 1
5034 ctx
['id'] = (ctx
['id'] + 1) % 256
5039 if ctx
['num'] == idx
:
5040 logger
.info("Test: Missing payload")
5041 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
5046 if ctx
['num'] == idx
:
5047 logger
.info("Test: Unexpected AT_AUTN")
5048 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
5050 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5051 EAP_SIM_AT_AUTN
, 2, 0, 0)
5053 if ctx
['num'] == idx
:
5054 logger
.info("Test: EAP-Failure")
5055 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5058 if ctx
['num'] == idx
:
5059 logger
.info("Test: Too short AT_VERSION_LIST")
5060 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5062 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5063 EAP_SIM_AT_VERSION_LIST
, 1, 0)
5065 if ctx
['num'] == idx
:
5066 logger
.info("Test: EAP-Failure")
5067 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5070 if ctx
['num'] == idx
:
5071 logger
.info("Test: AT_VERSION_LIST overflow")
5072 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5074 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5075 EAP_SIM_AT_VERSION_LIST
, 1, 0xffff)
5077 if ctx
['num'] == idx
:
5078 logger
.info("Test: EAP-Failure")
5079 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5082 if ctx
['num'] == idx
:
5083 logger
.info("Test: Unexpected AT_AUTS")
5084 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
5086 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5087 EAP_SIM_AT_AUTS
, 2, 0, 0)
5089 if ctx
['num'] == idx
:
5090 logger
.info("Test: EAP-Failure")
5091 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5094 if ctx
['num'] == idx
:
5095 logger
.info("Test: Unexpected AT_CHECKCODE")
5096 return struct
.pack(">BBHBBHBBHL", EAP_CODE_REQUEST
, ctx
['id'],
5098 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5099 EAP_SIM_AT_CHECKCODE
, 2, 0, 0)
5101 if ctx
['num'] == idx
:
5102 logger
.info("Test: EAP-Failure")
5103 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5106 if ctx
['num'] == idx
:
5107 logger
.info("Test: No AT_VERSION_LIST in Start")
5108 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5110 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0)
5112 if ctx
['num'] == idx
:
5113 logger
.info("Test: EAP-Failure")
5114 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5117 if ctx
['num'] == idx
:
5118 logger
.info("Test: No support version in AT_VERSION_LIST")
5119 return struct
.pack(">BBHBBHBBH4B", EAP_CODE_REQUEST
, ctx
['id'],
5121 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5122 EAP_SIM_AT_VERSION_LIST
, 2, 3, 2, 3, 4, 5)
5124 if ctx
['num'] == idx
:
5125 logger
.info("Test: EAP-Failure")
5126 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5130 if ctx
['num'] == idx
:
5131 logger
.info("Test: Identity request without ID type")
5132 return struct
.pack(">BBHBBHBBH2H", EAP_CODE_REQUEST
, ctx
['id'],
5134 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5135 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0)
5137 if ctx
['num'] == idx
:
5138 logger
.info("Test: Identity request ANY_ID")
5139 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5141 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5142 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5143 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
5145 if ctx
['num'] == idx
:
5146 logger
.info("Test: Identity request ANY_ID (duplicate)")
5147 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5149 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5150 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5151 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
5153 if ctx
['num'] == idx
:
5154 logger
.info("Test: EAP-Failure")
5155 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5158 if ctx
['num'] == idx
:
5159 logger
.info("Test: Identity request ANY_ID")
5160 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5162 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5163 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5164 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
5166 if ctx
['num'] == idx
:
5167 logger
.info("Test: Identity request FULLAUTH_ID")
5168 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5170 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5171 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5172 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
5174 if ctx
['num'] == idx
:
5175 logger
.info("Test: Identity request FULLAUTH_ID (duplicate)")
5176 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5178 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5179 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5180 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
5182 if ctx
['num'] == idx
:
5183 logger
.info("Test: EAP-Failure")
5184 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5187 if ctx
['num'] == idx
:
5188 logger
.info("Test: Identity request ANY_ID")
5189 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5191 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5192 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5193 EAP_SIM_AT_ANY_ID_REQ
, 1, 0)
5195 if ctx
['num'] == idx
:
5196 logger
.info("Test: Identity request FULLAUTH_ID")
5197 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5199 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5200 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5201 EAP_SIM_AT_FULLAUTH_ID_REQ
, 1, 0)
5203 if ctx
['num'] == idx
:
5204 logger
.info("Test: Identity request PERMANENT_ID")
5205 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5207 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5208 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5209 EAP_SIM_AT_PERMANENT_ID_REQ
, 1, 0)
5211 if ctx
['num'] == idx
:
5212 logger
.info("Test: Identity request PERMANENT_ID (duplicate)")
5213 return struct
.pack(">BBHBBHBBH2HBBH", EAP_CODE_REQUEST
, ctx
['id'],
5215 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_START
, 0,
5216 EAP_SIM_AT_VERSION_LIST
, 2, 2, 1, 0,
5217 EAP_SIM_AT_PERMANENT_ID_REQ
, 1, 0)
5219 if ctx
['num'] == idx
:
5220 logger
.info("Test: EAP-Failure")
5221 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5224 if ctx
['num'] == idx
:
5225 logger
.info("Test: No AT_MAC and AT_RAND in Challenge")
5226 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5228 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CHALLENGE
, 0)
5230 if ctx
['num'] == idx
:
5231 logger
.info("Test: EAP-Failure")
5232 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5235 if ctx
['num'] == idx
:
5236 logger
.info("Test: No AT_RAND in Challenge")
5237 return struct
.pack(">BBHBBHBBH4L", EAP_CODE_REQUEST
, ctx
['id'],
5239 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CHALLENGE
, 0,
5240 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
5242 if ctx
['num'] == idx
:
5243 logger
.info("Test: EAP-Failure")
5244 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5247 if ctx
['num'] == idx
:
5248 logger
.info("Test: Insufficient number of challenges in Challenge")
5249 return struct
.pack(">BBHBBHBBH4LBBH4L", EAP_CODE_REQUEST
, ctx
['id'],
5250 4 + 1 + 3 + 20 + 20,
5251 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CHALLENGE
, 0,
5252 EAP_SIM_AT_RAND
, 5, 0, 0, 0, 0, 0,
5253 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
5255 if ctx
['num'] == idx
:
5256 logger
.info("Test: EAP-Failure")
5257 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5260 if ctx
['num'] == idx
:
5261 logger
.info("Test: Too many challenges in Challenge")
5262 return struct
.pack(">BBHBBHBBH4L4L4L4LBBH4L", EAP_CODE_REQUEST
,
5264 4 + 1 + 3 + 4 + 4 * 16 + 20,
5265 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CHALLENGE
, 0,
5266 EAP_SIM_AT_RAND
, 17, 0, 0, 0, 0, 0, 0, 0, 0, 0,
5267 0, 0, 0, 0, 0, 0, 0, 0,
5268 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
5270 if ctx
['num'] == idx
:
5271 logger
.info("Test: EAP-Failure")
5272 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5275 if ctx
['num'] == idx
:
5276 logger
.info("Test: Same RAND multiple times in Challenge")
5277 return struct
.pack(">BBHBBHBBH4L4L4LBBH4L", EAP_CODE_REQUEST
,
5279 4 + 1 + 3 + 4 + 3 * 16 + 20,
5280 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CHALLENGE
, 0,
5281 EAP_SIM_AT_RAND
, 13, 0, 0, 0, 0, 0, 0, 0, 0, 1,
5283 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
5285 if ctx
['num'] == idx
:
5286 logger
.info("Test: EAP-Failure")
5287 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5290 if ctx
['num'] == idx
:
5291 logger
.info("Test: Notification with no attributes")
5292 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5294 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0)
5296 if ctx
['num'] == idx
:
5297 logger
.info("Test: EAP-Failure")
5298 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5301 if ctx
['num'] == idx
:
5302 logger
.info("Test: Notification indicating success, but no MAC")
5303 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5305 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5306 EAP_SIM_AT_NOTIFICATION
, 1, 32768)
5308 if ctx
['num'] == idx
:
5309 logger
.info("Test: EAP-Failure")
5310 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5313 if ctx
['num'] == idx
:
5314 logger
.info("Test: Notification indicating success, but invalid MAC value")
5315 return struct
.pack(">BBHBBHBBHBBH4L", EAP_CODE_REQUEST
, ctx
['id'],
5317 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5318 EAP_SIM_AT_NOTIFICATION
, 1, 32768,
5319 EAP_SIM_AT_MAC
, 5, 0, 0, 0, 0, 0)
5321 if ctx
['num'] == idx
:
5322 logger
.info("Test: EAP-Failure")
5323 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5326 if ctx
['num'] == idx
:
5327 logger
.info("Test: Notification before auth")
5328 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5330 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5331 EAP_SIM_AT_NOTIFICATION
, 1, 16384)
5333 if ctx
['num'] == idx
:
5334 logger
.info("Test: EAP-Failure")
5335 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5338 if ctx
['num'] == idx
:
5339 logger
.info("Test: Notification before auth")
5340 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5342 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5343 EAP_SIM_AT_NOTIFICATION
, 1, 16385)
5345 if ctx
['num'] == idx
:
5346 logger
.info("Test: EAP-Failure")
5347 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5350 if ctx
['num'] == idx
:
5351 logger
.info("Test: Notification with unrecognized non-failure")
5352 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5354 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5355 EAP_SIM_AT_NOTIFICATION
, 1, 0xc000)
5357 if ctx
['num'] == idx
:
5358 logger
.info("Test: Notification before auth (duplicate)")
5359 return struct
.pack(">BBHBBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5361 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_NOTIFICATION
, 0,
5362 EAP_SIM_AT_NOTIFICATION
, 1, 0xc000)
5364 if ctx
['num'] == idx
:
5365 logger
.info("Test: EAP-Failure")
5366 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5369 if ctx
['num'] == idx
:
5370 logger
.info("Test: Re-authentication (unexpected) with no attributes")
5371 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5373 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_REAUTHENTICATION
,
5376 if ctx
['num'] == idx
:
5377 logger
.info("Test: EAP-Failure")
5378 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5381 if ctx
['num'] == idx
:
5382 logger
.info("Test: Client Error")
5383 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5385 EAP_TYPE_SIM
, EAP_SIM_SUBTYPE_CLIENT_ERROR
, 0)
5387 if ctx
['num'] == idx
:
5388 logger
.info("Test: EAP-Failure")
5389 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5392 if ctx
['num'] == idx
:
5393 logger
.info("Test: Unknown subtype")
5394 return struct
.pack(">BBHBBH", EAP_CODE_REQUEST
, ctx
['id'],
5396 EAP_TYPE_SIM
, 255, 0)
5398 if ctx
['num'] == idx
:
5399 logger
.info("Test: EAP-Failure")
5400 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
5404 srv
= start_radius_server(sim_handler
)
5407 hapd
= start_ap(apdev
[0])
5408 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
5410 for i
in range(0, 25):
5411 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5412 eap
="SIM", identity
="1232010000000000",
5413 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5415 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
5418 raise Exception("Timeout on EAP start")
5422 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
5425 raise Exception("Timeout on EAP failure")
5426 dev
[0].request("REMOVE_NETWORK all")
5427 dev
[0].dump_monitor()
5429 stop_radius_server(srv
)
5431 def test_eap_proto_sim_errors(dev
, apdev
):
5432 """EAP-SIM protocol tests (error paths)"""
5433 check_hlr_auc_gw_support()
5434 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
5435 hapd
= hostapd
.add_ap(apdev
[0], params
)
5436 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
5438 with
alloc_fail(dev
[0], 1, "eap_sim_init"):
5439 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5440 eap
="SIM", identity
="1232010000000000",
5441 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5443 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
5446 raise Exception("Timeout on EAP start")
5447 dev
[0].request("REMOVE_NETWORK all")
5448 dev
[0].wait_disconnected()
5450 with
fail_test(dev
[0], 1, "os_get_random;eap_sim_init"):
5451 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5452 eap
="SIM", identity
="1232010000000000",
5453 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5455 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
5458 raise Exception("Timeout on EAP start")
5459 dev
[0].request("REMOVE_NETWORK all")
5460 dev
[0].wait_disconnected()
5462 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5463 eap
="SIM", identity
="1232010000000000",
5464 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5466 with
fail_test(dev
[0], 1, "aes_128_cbc_encrypt;eap_sim_response_reauth"):
5467 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5468 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5470 raise Exception("EAP re-authentication did not start")
5471 wait_fail_trigger(dev
[0], "GET_FAIL")
5472 dev
[0].request("REMOVE_NETWORK all")
5473 dev
[0].dump_monitor()
5475 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5476 eap
="SIM", identity
="1232010000000000",
5477 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5479 with
fail_test(dev
[0], 1, "os_get_random;eap_sim_msg_add_encr_start"):
5480 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5481 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5483 raise Exception("EAP re-authentication did not start")
5484 wait_fail_trigger(dev
[0], "GET_FAIL")
5485 dev
[0].request("REMOVE_NETWORK all")
5486 dev
[0].dump_monitor()
5488 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5489 eap
="SIM", identity
="1232010000000000",
5490 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5492 with
fail_test(dev
[0], 1, "os_get_random;eap_sim_init_for_reauth"):
5493 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5494 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5496 raise Exception("EAP re-authentication did not start")
5497 wait_fail_trigger(dev
[0], "GET_FAIL")
5498 dev
[0].request("REMOVE_NETWORK all")
5499 dev
[0].dump_monitor()
5501 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5502 eap
="SIM", identity
="1232010000000000",
5503 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5505 with
alloc_fail(dev
[0], 1, "eap_sim_parse_encr;eap_sim_process_reauthentication"):
5506 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5507 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5509 raise Exception("EAP re-authentication did not start")
5510 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5511 dev
[0].request("REMOVE_NETWORK all")
5512 dev
[0].dump_monitor()
5514 tests
= [(1, "eap_sim_verify_mac;eap_sim_process_challenge"),
5515 (1, "eap_sim_parse_encr;eap_sim_process_challenge"),
5516 (1, "eap_sim_msg_init;eap_sim_response_start"),
5517 (1, "wpabuf_alloc;eap_sim_msg_init;eap_sim_response_start"),
5518 (1, "=eap_sim_learn_ids"),
5519 (2, "=eap_sim_learn_ids"),
5520 (2, "eap_sim_learn_ids"),
5521 (3, "eap_sim_learn_ids"),
5522 (1, "eap_sim_process_start"),
5523 (1, "eap_sim_getKey"),
5524 (1, "eap_sim_get_emsk"),
5525 (1, "eap_sim_get_session_id")]
5526 for count
, func
in tests
:
5527 with
alloc_fail(dev
[0], count
, func
):
5528 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5529 eap
="SIM", identity
="1232010000000000@domain",
5530 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5531 erp
="1", wait_connect
=False)
5532 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5533 dev
[0].request("REMOVE_NETWORK all")
5534 dev
[0].dump_monitor()
5536 tests
= [(1, "aes_128_cbc_decrypt;eap_sim_parse_encr")]
5537 for count
, func
in tests
:
5538 with
fail_test(dev
[0], count
, func
):
5539 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5540 eap
="SIM", identity
="1232010000000000",
5541 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5543 wait_fail_trigger(dev
[0], "GET_FAIL")
5544 dev
[0].request("REMOVE_NETWORK all")
5545 dev
[0].dump_monitor()
5547 params
= int_eap_server_params()
5548 params
['eap_sim_db'] = "unix:/tmp/hlr_auc_gw.sock"
5549 params
['eap_sim_aka_result_ind'] = "1"
5550 hapd2
= hostapd
.add_ap(apdev
[1], params
)
5551 dev
[0].scan_for_bss(hapd2
.own_addr(), freq
=2412)
5553 with
alloc_fail(dev
[0], 1,
5554 "eap_sim_msg_init;eap_sim_response_notification"):
5555 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5557 eap
="SIM", identity
="1232010000000000",
5558 phase1
="result_ind=1",
5559 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581",
5561 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5562 dev
[0].request("REMOVE_NETWORK all")
5563 dev
[0].dump_monitor()
5565 tests
= ["eap_sim_msg_add_encr_start;eap_sim_response_notification",
5566 "aes_128_cbc_encrypt;eap_sim_response_notification"]
5568 with
fail_test(dev
[0], 1, func
):
5569 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5571 eap
="SIM", identity
="1232010000000000",
5572 phase1
="result_ind=1",
5573 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5574 dev
[0].request("REAUTHENTICATE")
5575 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
5577 raise Exception("EAP method not started on reauthentication")
5579 wait_fail_trigger(dev
[0], "GET_FAIL")
5580 dev
[0].request("REMOVE_NETWORK all")
5581 dev
[0].dump_monitor()
5583 tests
= ["eap_sim_parse_encr;eap_sim_process_notification_reauth"]
5585 with
alloc_fail(dev
[0], 1, func
):
5586 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5588 eap
="SIM", identity
="1232010000000000",
5589 phase1
="result_ind=1",
5590 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
5591 dev
[0].request("REAUTHENTICATE")
5592 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
5594 raise Exception("EAP method not started on reauthentication")
5596 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5597 dev
[0].request("REMOVE_NETWORK all")
5598 dev
[0].dump_monitor()
5600 def test_eap_proto_aka_errors(dev
, apdev
):
5601 """EAP-AKA protocol tests (error paths)"""
5602 check_hlr_auc_gw_support()
5603 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
5604 hapd
= hostapd
.add_ap(apdev
[0], params
)
5605 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
5607 with
alloc_fail(dev
[0], 1, "eap_aka_init"):
5608 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5609 eap
="AKA", identity
="0232010000000000",
5610 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
5612 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
5615 raise Exception("Timeout on EAP start")
5616 dev
[0].request("REMOVE_NETWORK all")
5617 dev
[0].wait_disconnected()
5619 tests
= [(1, "=eap_aka_learn_ids"),
5620 (2, "=eap_aka_learn_ids"),
5621 (1, "eap_sim_parse_encr;eap_aka_process_challenge"),
5622 (1, "wpabuf_dup;eap_aka_add_id_msg"),
5623 (1, "wpabuf_resize;eap_aka_add_id_msg"),
5624 (1, "eap_aka_getKey"),
5625 (1, "eap_aka_get_emsk"),
5626 (1, "eap_aka_get_session_id")]
5627 for count
, func
in tests
:
5628 with
alloc_fail(dev
[0], count
, func
):
5629 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5630 eap
="AKA", identity
="0232010000000000@domain",
5631 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
5632 erp
="1", wait_connect
=False)
5633 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5634 dev
[0].request("REMOVE_NETWORK all")
5635 dev
[0].dump_monitor()
5637 params
= int_eap_server_params()
5638 params
['eap_sim_db'] = "unix:/tmp/hlr_auc_gw.sock"
5639 params
['eap_sim_aka_result_ind'] = "1"
5640 hapd2
= hostapd
.add_ap(apdev
[1], params
)
5641 dev
[0].scan_for_bss(hapd2
.own_addr(), freq
=2412)
5643 with
alloc_fail(dev
[0], 1,
5644 "eap_sim_msg_init;eap_aka_response_notification"):
5645 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
5646 eap
="AKA", identity
="0232010000000000",
5647 phase1
="result_ind=1",
5648 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123",
5650 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5651 dev
[0].request("REMOVE_NETWORK all")
5652 dev
[0].dump_monitor()
5654 tests
= [(1, "aes_128_encrypt_block;milenage_f1;milenage_check", None),
5655 (2, "aes_128_encrypt_block;milenage_f1;milenage_check", None),
5656 (1, "milenage_f2345;milenage_check", None),
5657 (7, "aes_128_encrypt_block;milenage_f2345;milenage_check",
5659 (1, "aes_128_encrypt_block;milenage_f1;milenage_check",
5661 for count
, func
, seq
in tests
:
5663 seq
= "000000000123"
5664 with
fail_test(dev
[0], count
, func
):
5665 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5667 eap
="AKA", identity
="0232010000000000",
5668 phase1
="result_ind=1",
5669 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:" + seq
,
5671 wait_fail_trigger(dev
[0], "GET_FAIL")
5672 dev
[0].request("REMOVE_NETWORK all")
5673 dev
[0].wait_disconnected()
5674 dev
[0].dump_monitor()
5676 tests
= ["eap_sim_msg_add_encr_start;eap_aka_response_notification",
5677 "aes_128_cbc_encrypt;eap_aka_response_notification"]
5679 with
fail_test(dev
[0], 1, func
):
5680 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5682 eap
="AKA", identity
="0232010000000000",
5683 phase1
="result_ind=1",
5684 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123")
5685 dev
[0].request("REAUTHENTICATE")
5686 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
5688 raise Exception("EAP method not started on reauthentication")
5690 wait_fail_trigger(dev
[0], "GET_FAIL")
5691 dev
[0].request("REMOVE_NETWORK all")
5692 dev
[0].dump_monitor()
5694 tests
= ["eap_sim_parse_encr;eap_aka_process_notification_reauth"]
5696 with
alloc_fail(dev
[0], 1, func
):
5697 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
5699 eap
="AKA", identity
="0232010000000000",
5700 phase1
="result_ind=1",
5701 password
="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123")
5702 dev
[0].request("REAUTHENTICATE")
5703 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
5705 raise Exception("EAP method not started on reauthentication")
5707 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5708 dev
[0].request("REMOVE_NETWORK all")
5709 dev
[0].dump_monitor()
5711 def test_eap_proto_aka_prime_errors(dev
, apdev
):
5712 """EAP-AKA' protocol tests (error paths)"""
5713 check_hlr_auc_gw_support()
5714 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
5715 hapd
= hostapd
.add_ap(apdev
[0], params
)
5716 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
5718 with
alloc_fail(dev
[0], 1, "eap_aka_init"):
5719 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5720 eap
="AKA'", identity
="6555444333222111",
5721 password
="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
5723 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
5726 raise Exception("Timeout on EAP start")
5727 dev
[0].request("REMOVE_NETWORK all")
5728 dev
[0].wait_disconnected()
5730 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5731 eap
="AKA'", identity
="6555444333222111",
5732 password
="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123")
5734 with
fail_test(dev
[0], 1, "aes_128_cbc_encrypt;eap_aka_response_reauth"):
5735 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5736 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5738 raise Exception("EAP re-authentication did not start")
5739 wait_fail_trigger(dev
[0], "GET_FAIL")
5740 dev
[0].request("REMOVE_NETWORK all")
5741 dev
[0].dump_monitor()
5743 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5744 eap
="AKA'", identity
="6555444333222111",
5745 password
="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123")
5747 with
alloc_fail(dev
[0], 1, "eap_sim_parse_encr;eap_aka_process_reauthentication"):
5748 hapd
.request("EAPOL_REAUTH " + dev
[0].own_addr())
5749 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
5751 raise Exception("EAP re-authentication did not start")
5752 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5753 dev
[0].request("REMOVE_NETWORK all")
5754 dev
[0].dump_monitor()
5756 tests
= [(1, "eap_sim_verify_mac_sha256"),
5757 (1, "=eap_aka_process_challenge")]
5758 for count
, func
in tests
:
5759 with
alloc_fail(dev
[0], count
, func
):
5760 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
5761 eap
="AKA'", identity
="6555444333222111",
5762 password
="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123",
5763 erp
="1", wait_connect
=False)
5764 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
5765 dev
[0].request("REMOVE_NETWORK all")
5766 dev
[0].dump_monitor()
5768 def test_eap_proto_ikev2(dev
, apdev
):
5769 """EAP-IKEv2 protocol tests"""
5770 check_eap_capa(dev
[0], "IKEV2")
5772 global eap_proto_ikev2_test_done
5773 eap_proto_ikev2_test_done
= False
5775 def ikev2_handler(ctx
, req
):
5776 logger
.info("ikev2_handler - RX " + binascii
.hexlify(req
).decode())
5777 if 'num' not in ctx
:
5779 ctx
['num'] = ctx
['num'] + 1
5782 ctx
['id'] = (ctx
['id'] + 1) % 256
5787 if ctx
['num'] == idx
:
5788 logger
.info("Test: Missing payload")
5789 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
5794 if ctx
['num'] == idx
:
5795 logger
.info("Test: Truncated Message Length field")
5796 return struct
.pack(">BBHBB3B", EAP_CODE_REQUEST
, ctx
['id'],
5798 EAP_TYPE_IKEV2
, 0x80, 0, 0, 0)
5801 if ctx
['num'] == idx
:
5802 logger
.info("Test: Too short Message Length value")
5803 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
5805 EAP_TYPE_IKEV2
, 0x80, 0, 1)
5808 if ctx
['num'] == idx
:
5809 logger
.info("Test: Truncated message")
5810 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
5812 EAP_TYPE_IKEV2
, 0x80, 1)
5815 if ctx
['num'] == idx
:
5816 logger
.info("Test: Truncated message(2)")
5817 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
5819 EAP_TYPE_IKEV2
, 0x80, 0xffffffff)
5822 if ctx
['num'] == idx
:
5823 logger
.info("Test: Truncated message(3)")
5824 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
5826 EAP_TYPE_IKEV2
, 0xc0, 0xffffffff)
5829 if ctx
['num'] == idx
:
5830 logger
.info("Test: Truncated message(4)")
5831 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
5833 EAP_TYPE_IKEV2
, 0xc0, 10000000)
5836 if ctx
['num'] == idx
:
5837 logger
.info("Test: Too long fragments (first fragment)")
5838 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
5840 EAP_TYPE_IKEV2
, 0xc0, 2, 1)
5843 if ctx
['num'] == idx
:
5844 logger
.info("Test: Too long fragments (second fragment)")
5845 return struct
.pack(">BBHBB2B", EAP_CODE_REQUEST
, ctx
['id'],
5847 EAP_TYPE_IKEV2
, 0x00, 2, 3)
5850 if ctx
['num'] == idx
:
5851 logger
.info("Test: No Message Length field in first fragment")
5852 return struct
.pack(">BBHBBB", EAP_CODE_REQUEST
, ctx
['id'],
5854 EAP_TYPE_IKEV2
, 0x40, 1)
5857 if ctx
['num'] == idx
:
5858 logger
.info("Test: ICV before keys")
5859 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
5861 EAP_TYPE_IKEV2
, 0x20)
5864 if ctx
['num'] == idx
:
5865 logger
.info("Test: Unsupported IKEv2 header version")
5866 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5868 EAP_TYPE_IKEV2
, 0x00,
5873 if ctx
['num'] == idx
:
5874 logger
.info("Test: Incorrect IKEv2 header Length")
5875 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5877 EAP_TYPE_IKEV2
, 0x00,
5879 0, 0x20, 0, 0, 0, 0)
5882 if ctx
['num'] == idx
:
5883 logger
.info("Test: Unexpected IKEv2 Exchange Type in SA_INIT state")
5884 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5886 EAP_TYPE_IKEV2
, 0x00,
5888 0, 0x20, 0, 0, 0, 28)
5891 if ctx
['num'] == idx
:
5892 logger
.info("Test: Unexpected IKEv2 Message ID in SA_INIT state")
5893 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5895 EAP_TYPE_IKEV2
, 0x00,
5897 0, 0x20, 34, 0, 1, 28)
5900 if ctx
['num'] == idx
:
5901 logger
.info("Test: Unexpected IKEv2 Flags value")
5902 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5904 EAP_TYPE_IKEV2
, 0x00,
5906 0, 0x20, 34, 0, 0, 28)
5909 if ctx
['num'] == idx
:
5910 logger
.info("Test: Unexpected IKEv2 Flags value(2)")
5911 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5913 EAP_TYPE_IKEV2
, 0x00,
5915 0, 0x20, 34, 0x20, 0, 28)
5918 if ctx
['num'] == idx
:
5919 logger
.info("Test: No SAi1 in SA_INIT")
5920 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, ctx
['id'],
5922 EAP_TYPE_IKEV2
, 0x00,
5924 0, 0x20, 34, 0x08, 0, 28)
5926 def build_ike(id, next
=0, exch_type
=34, flags
=0x00, ike
=b
''):
5927 return struct
.pack(">BBHBB2L2LBBBBLL", EAP_CODE_REQUEST
, id,
5928 4 + 1 + 1 + 28 + len(ike
),
5929 EAP_TYPE_IKEV2
, flags
,
5931 next
, 0x20, exch_type
, 0x08, 0,
5932 28 + len(ike
)) + ike
5935 if ctx
['num'] == idx
:
5936 logger
.info("Test: Unexpected extra data after payloads")
5937 return build_ike(ctx
['id'], ike
=struct
.pack(">B", 1))
5940 if ctx
['num'] == idx
:
5941 logger
.info("Test: Truncated payload header")
5942 return build_ike(ctx
['id'], next
=128, ike
=struct
.pack(">B", 1))
5945 if ctx
['num'] == idx
:
5946 logger
.info("Test: Too small payload header length")
5947 ike
= struct
.pack(">BBH", 0, 0, 3)
5948 return build_ike(ctx
['id'], next
=128, ike
=ike
)
5951 if ctx
['num'] == idx
:
5952 logger
.info("Test: Too large payload header length")
5953 ike
= struct
.pack(">BBH", 0, 0, 5)
5954 return build_ike(ctx
['id'], next
=128, ike
=ike
)
5957 if ctx
['num'] == idx
:
5958 logger
.info("Test: Unsupported payload (non-critical and critical)")
5959 ike
= struct
.pack(">BBHBBH", 129, 0, 4, 0, 0x01, 4)
5960 return build_ike(ctx
['id'], next
=128, ike
=ike
)
5963 if ctx
['num'] == idx
:
5964 logger
.info("Test: Certificate and empty SAi1")
5965 ike
= struct
.pack(">BBHBBH", 33, 0, 4, 0, 0, 4)
5966 return build_ike(ctx
['id'], next
=37, ike
=ike
)
5969 if ctx
['num'] == idx
:
5970 logger
.info("Test: Too short proposal")
5971 ike
= struct
.pack(">BBHBBHBBB", 0, 0, 4 + 7,
5973 return build_ike(ctx
['id'], next
=33, ike
=ike
)
5976 if ctx
['num'] == idx
:
5977 logger
.info("Test: Too small proposal length in SAi1")
5978 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
5979 0, 0, 7, 0, 0, 0, 0)
5980 return build_ike(ctx
['id'], next
=33, ike
=ike
)
5983 if ctx
['num'] == idx
:
5984 logger
.info("Test: Too large proposal length in SAi1")
5985 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
5986 0, 0, 9, 0, 0, 0, 0)
5987 return build_ike(ctx
['id'], next
=33, ike
=ike
)
5990 if ctx
['num'] == idx
:
5991 logger
.info("Test: Unexpected proposal type in SAi1")
5992 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
5993 1, 0, 8, 0, 0, 0, 0)
5994 return build_ike(ctx
['id'], next
=33, ike
=ike
)
5997 if ctx
['num'] == idx
:
5998 logger
.info("Test: Unexpected Protocol ID in SAi1")
5999 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
6000 0, 0, 8, 0, 0, 0, 0)
6001 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6004 if ctx
['num'] == idx
:
6005 logger
.info("Test: Unexpected proposal number in SAi1")
6006 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
6007 0, 0, 8, 0, 1, 0, 0)
6008 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6011 if ctx
['num'] == idx
:
6012 logger
.info("Test: Not enough room for SPI in SAi1")
6013 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
6014 0, 0, 8, 1, 1, 1, 0)
6015 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6018 if ctx
['num'] == idx
:
6019 logger
.info("Test: Unexpected SPI in SAi1")
6020 ike
= struct
.pack(">BBHBBHBBBBB", 0, 0, 4 + 9,
6021 0, 0, 9, 1, 1, 1, 0, 1)
6022 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6025 if ctx
['num'] == idx
:
6026 logger
.info("Test: No transforms in SAi1")
6027 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
6028 0, 0, 8, 1, 1, 0, 0)
6029 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6032 if ctx
['num'] == idx
:
6033 logger
.info("Test: Too short transform in SAi1")
6034 ike
= struct
.pack(">BBHBBHBBBB", 0, 0, 4 + 8,
6035 0, 0, 8, 1, 1, 0, 1)
6036 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6039 if ctx
['num'] == idx
:
6040 logger
.info("Test: Too small transform length in SAi1")
6041 ike
= struct
.pack(">BBHBBHBBBBBBHBBH", 0, 0, 4 + 8 + 8,
6042 0, 0, 8 + 8, 1, 1, 0, 1,
6044 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6047 if ctx
['num'] == idx
:
6048 logger
.info("Test: Too large transform length in SAi1")
6049 ike
= struct
.pack(">BBHBBHBBBBBBHBBH", 0, 0, 4 + 8 + 8,
6050 0, 0, 8 + 8, 1, 1, 0, 1,
6052 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6055 if ctx
['num'] == idx
:
6056 logger
.info("Test: Unexpected Transform type in SAi1")
6057 ike
= struct
.pack(">BBHBBHBBBBBBHBBH", 0, 0, 4 + 8 + 8,
6058 0, 0, 8 + 8, 1, 1, 0, 1,
6060 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6063 if ctx
['num'] == idx
:
6064 logger
.info("Test: No transform attributes in SAi1")
6065 ike
= struct
.pack(">BBHBBHBBBBBBHBBH", 0, 0, 4 + 8 + 8,
6066 0, 0, 8 + 8, 1, 1, 0, 1,
6068 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6071 if ctx
['num'] == idx
:
6072 logger
.info("Test: No transform attr for AES and unexpected data after transforms in SAi1")
6076 tlen
= tlen1
+ tlen2
+ tlen3
6077 ike
= struct
.pack(">BBHBBHBBBBBBHBBH3BBBHBBHHHBBHBBHHHB",
6078 0, 0, 4 + 8 + tlen
+ 1,
6079 0, 0, 8 + tlen
+ 1, 1, 1, 0, 3,
6080 3, 0, tlen1
, 1, 0, 12, 1, 2, 3,
6081 3, 0, tlen2
, 1, 0, 12, 0, 128,
6082 0, 0, tlen3
, 1, 0, 12, 0x8000 |
14, 127,
6084 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6086 def build_sa(next
=0):
6088 return struct
.pack(">BBHBBHBBBBBBHBBHBBHBBHBBHBBHBBHBBHBBHBBH",
6089 next
, 0, 4 + 8 + tlen
,
6090 0, 0, 8 + tlen
, 1, 1, 0, 5,
6098 if ctx
['num'] == idx
:
6099 logger
.info("Test: Valid proposal, but no KEi in SAi1")
6101 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6104 if ctx
['num'] == idx
:
6105 logger
.info("Test: Empty KEi in SAi1")
6106 ike
= build_sa(next
=34) + struct
.pack(">BBH", 0, 0, 4)
6107 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6110 if ctx
['num'] == idx
:
6111 logger
.info("Test: Mismatch in DH Group in SAi1")
6112 ike
= build_sa(next
=34)
6113 ike
+= struct
.pack(">BBHHH", 0, 0, 4 + 4 + 96, 12345, 0)
6115 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6117 if ctx
['num'] == idx
:
6118 logger
.info("Test: EAP-Failure")
6119 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6122 if ctx
['num'] == idx
:
6123 logger
.info("Test: Invalid DH public value length in SAi1")
6124 ike
= build_sa(next
=34)
6125 ike
+= struct
.pack(">BBHHH", 0, 0, 4 + 4 + 96, 5, 0)
6127 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6129 def build_ke(next
=0):
6130 ke
= struct
.pack(">BBHHH", next
, 0, 4 + 4 + 192, 5, 0)
6131 ke
+= 191*b
'\x00'+b
'\x02'
6135 if ctx
['num'] == idx
:
6136 logger
.info("Test: Valid proposal and KEi, but no Ni in SAi1")
6137 ike
= build_sa(next
=34)
6139 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6142 if ctx
['num'] == idx
:
6143 logger
.info("Test: Too short Ni in SAi1")
6144 ike
= build_sa(next
=34)
6145 ike
+= build_ke(next
=40)
6146 ike
+= struct
.pack(">BBH", 0, 0, 4)
6147 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6150 if ctx
['num'] == idx
:
6151 logger
.info("Test: Too long Ni in SAi1")
6152 ike
= build_sa(next
=34)
6153 ike
+= build_ke(next
=40)
6154 ike
+= struct
.pack(">BBH", 0, 0, 4 + 257) + 257*b
'\x00'
6155 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6157 def build_ni(next
=0):
6158 return struct
.pack(">BBH", next
, 0, 4 + 256) + 256*b
'\x00'
6161 ike
= build_sa(next
=34)
6162 ike
+= build_ke(next
=40)
6164 return build_ike(ctx
['id'], next
=33, ike
=ike
)
6167 if ctx
['num'] == idx
:
6168 logger
.info("Test: Valid proposal, KEi, and Ni in SAi1")
6169 return build_sai1(ctx
['id'])
6171 if ctx
['num'] == idx
:
6172 logger
.info("Test: EAP-Failure")
6173 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6176 if ctx
['num'] == idx
:
6177 logger
.info("Test: Valid proposal, KEi, and Ni in SAi1")
6178 return build_sai1(ctx
['id'])
6180 if ctx
['num'] == idx
:
6181 logger
.info("Test: No integrity checksum")
6183 return build_ike(ctx
['id'], next
=37, ike
=ike
)
6186 if ctx
['num'] == idx
:
6187 logger
.info("Test: Valid proposal, KEi, and Ni in SAi1")
6188 return build_sai1(ctx
['id'])
6190 if ctx
['num'] == idx
:
6191 logger
.info("Test: Truncated integrity checksum")
6192 return struct
.pack(">BBHBB",
6193 EAP_CODE_REQUEST
, ctx
['id'],
6195 EAP_TYPE_IKEV2
, 0x20)
6198 if ctx
['num'] == idx
:
6199 logger
.info("Test: Valid proposal, KEi, and Ni in SAi1")
6200 return build_sai1(ctx
['id'])
6202 if ctx
['num'] == idx
:
6203 logger
.info("Test: Invalid integrity checksum")
6205 return build_ike(ctx
['id'], next
=37, flags
=0x20, ike
=ike
)
6208 if ctx
['num'] == idx
:
6209 logger
.info("No more test responses available - test case completed")
6210 global eap_proto_ikev2_test_done
6211 eap_proto_ikev2_test_done
= True
6212 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
6215 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6217 srv
= start_radius_server(ikev2_handler
)
6220 hapd
= start_ap(apdev
[0])
6221 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
6224 while not eap_proto_ikev2_test_done
:
6226 logger
.info("Running connection iteration %d" % i
)
6227 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6228 eap
="IKEV2", identity
="user",
6229 password
="password",
6231 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=15)
6233 raise Exception("Timeout on EAP start")
6234 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
6237 raise Exception("Timeout on EAP method start")
6239 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
6242 raise Exception("Timeout on EAP failure")
6245 dev
[0].request("REMOVE_NETWORK all")
6246 dev
[0].wait_disconnected()
6247 dev
[0].dump_monitor()
6248 dev
[1].dump_monitor()
6249 dev
[2].dump_monitor()
6251 stop_radius_server(srv
)
6253 def NtPasswordHash(password
):
6254 pw
= password
.encode('utf_16_le')
6255 return hashlib
.new('md4', pw
).digest()
6257 def HashNtPasswordHash(password_hash
):
6258 return hashlib
.new('md4', password_hash
).digest()
6260 def ChallengeHash(peer_challenge
, auth_challenge
, username
):
6261 data
= peer_challenge
+ auth_challenge
+ username
6262 return hashlib
.sha1(data
).digest()[0:8]
6264 def GenerateAuthenticatorResponse(password
, nt_response
, peer_challenge
,
6265 auth_challenge
, username
):
6266 magic1
= binascii
.unhexlify("4D616769632073657276657220746F20636C69656E74207369676E696E6720636F6E7374616E74")
6267 magic2
= binascii
.unhexlify("50616420746F206D616B6520697420646F206D6F7265207468616E206F6E6520697465726174696F6E")
6269 password_hash
= NtPasswordHash(password
)
6270 password_hash_hash
= HashNtPasswordHash(password_hash
)
6271 data
= password_hash_hash
+ nt_response
+ magic1
6272 digest
= hashlib
.sha1(data
).digest()
6274 challenge
= ChallengeHash(peer_challenge
, auth_challenge
, username
.encode())
6276 data
= digest
+ challenge
+ magic2
6277 resp
= hashlib
.sha1(data
).digest()
6280 def test_eap_proto_ikev2_errors(dev
, apdev
):
6281 """EAP-IKEv2 local error cases"""
6282 check_eap_capa(dev
[0], "IKEV2")
6283 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
6284 hapd
= hostapd
.add_ap(apdev
[0], params
)
6285 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
6287 for i
in range(1, 5):
6288 with
alloc_fail(dev
[0], i
, "eap_ikev2_init"):
6289 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6290 eap
="IKEV2", identity
="ikev2 user",
6291 password
="ike password",
6293 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
6296 raise Exception("Timeout on EAP start")
6297 dev
[0].request("REMOVE_NETWORK all")
6298 dev
[0].wait_disconnected()
6300 tests
= [(1, "ikev2_encr_encrypt"),
6301 (1, "ikev2_encr_decrypt"),
6302 (1, "ikev2_derive_auth_data"),
6303 (2, "ikev2_derive_auth_data"),
6304 (1, "=ikev2_decrypt_payload"),
6305 (1, "ikev2_encr_decrypt;ikev2_decrypt_payload"),
6306 (1, "ikev2_encr_encrypt;ikev2_build_encrypted"),
6307 (1, "ikev2_derive_sk_keys"),
6308 (2, "ikev2_derive_sk_keys"),
6309 (3, "ikev2_derive_sk_keys"),
6310 (4, "ikev2_derive_sk_keys"),
6311 (5, "ikev2_derive_sk_keys"),
6312 (6, "ikev2_derive_sk_keys"),
6313 (7, "ikev2_derive_sk_keys"),
6314 (8, "ikev2_derive_sk_keys"),
6315 (1, "eap_ikev2_derive_keymat;eap_ikev2_peer_keymat"),
6316 (1, "eap_msg_alloc;eap_ikev2_build_msg"),
6317 (1, "eap_ikev2_getKey"),
6318 (1, "eap_ikev2_get_emsk"),
6319 (1, "eap_ikev2_get_session_id"),
6320 (1, "=ikev2_derive_keys"),
6321 (2, "=ikev2_derive_keys"),
6322 (1, "wpabuf_alloc;ikev2_process_kei"),
6323 (1, "=ikev2_process_idi"),
6324 (1, "ikev2_derive_auth_data;ikev2_build_auth"),
6325 (1, "wpabuf_alloc;ikev2_build_sa_init"),
6326 (2, "wpabuf_alloc;ikev2_build_sa_init"),
6327 (3, "wpabuf_alloc;ikev2_build_sa_init"),
6328 (4, "wpabuf_alloc;ikev2_build_sa_init"),
6329 (5, "wpabuf_alloc;ikev2_build_sa_init"),
6330 (6, "wpabuf_alloc;ikev2_build_sa_init"),
6331 (1, "wpabuf_alloc;ikev2_build_sa_auth"),
6332 (2, "wpabuf_alloc;ikev2_build_sa_auth"),
6333 (1, "ikev2_build_auth;ikev2_build_sa_auth")]
6334 for count
, func
in tests
:
6335 with
alloc_fail(dev
[0], count
, func
):
6336 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6337 eap
="IKEV2", identity
="ikev2 user@domain",
6338 password
="ike password", erp
="1", wait_connect
=False)
6339 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
6342 raise Exception("Timeout on EAP start")
6345 state
= dev
[0].request('GET_ALLOC_FAIL')
6346 if state
.startswith('0:'):
6351 raise Exception("No allocation failure seen for %d:%s" % (count
, func
))
6352 dev
[0].request("REMOVE_NETWORK all")
6353 dev
[0].wait_disconnected()
6355 tests
= [(1, "wpabuf_alloc;ikev2_build_notify"),
6356 (2, "wpabuf_alloc;ikev2_build_notify"),
6357 (1, "ikev2_build_encrypted;ikev2_build_notify")]
6358 for count
, func
in tests
:
6359 with
alloc_fail(dev
[0], count
, func
):
6360 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6361 eap
="IKEV2", identity
="ikev2 user",
6362 password
="wrong password", erp
="1",
6364 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
6367 raise Exception("Timeout on EAP start")
6370 state
= dev
[0].request('GET_ALLOC_FAIL')
6371 if state
.startswith('0:'):
6376 raise Exception("No allocation failure seen for %d:%s" % (count
, func
))
6377 dev
[0].request("REMOVE_NETWORK all")
6378 dev
[0].wait_disconnected()
6380 tests
= [(1, "ikev2_integ_hash"),
6381 (1, "ikev2_integ_hash;ikev2_decrypt_payload"),
6382 (1, "os_get_random;ikev2_build_encrypted"),
6383 (1, "ikev2_prf_plus;ikev2_derive_sk_keys"),
6384 (1, "eap_ikev2_derive_keymat;eap_ikev2_peer_keymat"),
6385 (1, "os_get_random;ikev2_build_sa_init"),
6386 (2, "os_get_random;ikev2_build_sa_init"),
6387 (1, "ikev2_integ_hash;eap_ikev2_validate_icv"),
6388 (1, "hmac_sha1_vector;?ikev2_prf_hash;ikev2_derive_keys"),
6389 (1, "hmac_sha1_vector;?ikev2_prf_hash;ikev2_derive_auth_data"),
6390 (2, "hmac_sha1_vector;?ikev2_prf_hash;ikev2_derive_auth_data"),
6391 (3, "hmac_sha1_vector;?ikev2_prf_hash;ikev2_derive_auth_data")]
6392 for count
, func
in tests
:
6393 with
fail_test(dev
[0], count
, func
):
6394 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6395 eap
="IKEV2", identity
="ikev2 user",
6396 password
="ike password", wait_connect
=False)
6397 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
6400 raise Exception("Timeout on EAP start")
6403 state
= dev
[0].request('GET_FAIL')
6404 if state
.startswith('0:'):
6409 raise Exception("No failure seen for %d:%s" % (count
, func
))
6410 dev
[0].request("REMOVE_NETWORK all")
6411 dev
[0].wait_disconnected()
6413 params
= {"ssid": "eap-test2", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
6414 "rsn_pairwise": "CCMP", "ieee8021x": "1",
6415 "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf",
6416 "fragment_size": "50"}
6417 hapd2
= hostapd
.add_ap(apdev
[1], params
)
6418 dev
[0].scan_for_bss(hapd2
.own_addr(), freq
=2412)
6420 tests
= [(1, "eap_ikev2_build_frag_ack"),
6421 (1, "wpabuf_alloc;eap_ikev2_process_fragment")]
6422 for count
, func
in tests
:
6423 with
alloc_fail(dev
[0], count
, func
):
6424 dev
[0].connect("eap-test2", key_mgmt
="WPA-EAP", scan_freq
="2412",
6425 eap
="IKEV2", identity
="ikev2 user",
6426 password
="ike password", erp
="1", wait_connect
=False)
6427 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
6430 raise Exception("Timeout on EAP start")
6433 state
= dev
[0].request('GET_ALLOC_FAIL')
6434 if state
.startswith('0:'):
6439 raise Exception("No allocation failure seen for %d:%s" % (count
, func
))
6440 dev
[0].request("REMOVE_NETWORK all")
6441 dev
[0].wait_disconnected()
6443 def run_eap_ikev2_connect(dev
):
6444 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
6445 eap
="IKEV2", identity
="ikev2 user",
6446 password
="ike password",
6447 fragment_size
="30", wait_connect
=False)
6448 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
6449 "CTRL-EVENT-DISCONNECTED"],
6451 dev
.request("REMOVE_NETWORK all")
6452 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
6453 dev
.wait_disconnected()
6456 def test_eap_proto_ikev2_errors_server(dev
, apdev
):
6457 """EAP-IKEV2 local error cases on server"""
6458 check_eap_capa(dev
[0], "IKEV2")
6459 params
= int_eap_server_params()
6460 params
['erp_domain'] = 'example.com'
6461 params
['eap_server_erp'] = '1'
6462 hapd
= hostapd
.add_ap(apdev
[0], params
)
6463 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
6465 tests
= [(1, "eap_ikev2_init"),
6466 (2, "=eap_ikev2_init"),
6467 (3, "=eap_ikev2_init"),
6468 (1, "eap_msg_alloc;eap_ikev2_build_msg"),
6469 (1, "ikev2_initiator_build;eap_ikev2_buildReq"),
6470 (1, "eap_ikev2_process_fragment"),
6471 (1, "wpabuf_alloc_copy;ikev2_process_ker"),
6472 (1, "ikev2_process_idr"),
6473 (1, "ikev2_derive_auth_data;ikev2_process_auth_secret"),
6474 (1, "ikev2_decrypt_payload;ikev2_process_sa_auth"),
6475 (1, "ikev2_process_sa_auth_decrypted;ikev2_process_sa_auth"),
6476 (1, "dh_init;ikev2_build_kei"),
6477 (1, "ikev2_build_auth"),
6478 (1, "wpabuf_alloc;ikev2_build_sa_init"),
6479 (1, "ikev2_build_sa_auth"),
6480 (1, "=ikev2_build_sa_auth"),
6481 (2, "=ikev2_derive_auth_data"),
6482 (1, "wpabuf_alloc;ikev2_build_sa_auth"),
6483 (2, "wpabuf_alloc;=ikev2_build_sa_auth"),
6484 (1, "ikev2_decrypt_payload;ikev2_process_sa_init_encr"),
6485 (1, "dh_derive_shared;ikev2_derive_keys"),
6486 (1, "=ikev2_derive_keys"),
6487 (2, "=ikev2_derive_keys"),
6488 (1, "eap_ikev2_getKey"),
6489 (1, "eap_ikev2_get_emsk"),
6490 (1, "eap_ikev2_get_session_id")]
6491 for count
, func
in tests
:
6492 with
alloc_fail(hapd
, count
, func
):
6493 run_eap_ikev2_connect(dev
[0])
6495 tests
= [(1, "eap_ikev2_validate_icv;eap_ikev2_process_icv"),
6496 (1, "eap_ikev2_server_keymat"),
6497 (1, "ikev2_build_auth"),
6498 (1, "os_get_random;ikev2_build_sa_init"),
6499 (2, "os_get_random;ikev2_build_sa_init"),
6500 (1, "ikev2_derive_keys"),
6501 (2, "ikev2_derive_keys"),
6502 (3, "ikev2_derive_keys"),
6503 (4, "ikev2_derive_keys"),
6504 (5, "ikev2_derive_keys"),
6505 (6, "ikev2_derive_keys"),
6506 (7, "ikev2_derive_keys"),
6507 (8, "ikev2_derive_keys"),
6508 (1, "ikev2_decrypt_payload;ikev2_process_sa_auth"),
6509 (1, "eap_ikev2_process_icv;eap_ikev2_process")]
6510 for count
, func
in tests
:
6511 with
fail_test(hapd
, count
, func
):
6512 run_eap_ikev2_connect(dev
[0])
6514 def start_ikev2_assoc(dev
, hapd
):
6515 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
6516 eap
="IKEV2", identity
="ikev2 user",
6517 password
="ike password", wait_connect
=False)
6518 proxy_msg(hapd
, dev
) # EAP-Identity/Request
6519 proxy_msg(dev
, hapd
) # EAP-Identity/Response
6520 proxy_msg(hapd
, dev
) # IKEV2 1
6522 def stop_ikev2_assoc(dev
, hapd
):
6523 dev
.request("REMOVE_NETWORK all")
6524 dev
.wait_disconnected()
6528 def test_eap_proto_ikev2_server(dev
, apdev
):
6529 """EAP-IKEV2 protocol testing for the server"""
6530 check_eap_capa(dev
[0], "IKEV2")
6531 params
= int_eap_server_params()
6532 params
['erp_domain'] = 'example.com'
6533 params
['eap_server_erp'] = '1'
6534 hapd
= hostapd
.add_ap(apdev
[0], params
)
6535 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
6536 hapd
.request("SET ext_eapol_frame_io 1")
6537 dev
[0].request("SET ext_eapol_frame_io 1")
6539 # Successful exchange to verify proxying mechanism
6540 start_ikev2_assoc(dev
[0], hapd
)
6541 proxy_msg(dev
[0], hapd
) # IKEV2 2
6542 proxy_msg(hapd
, dev
[0]) # IKEV2 3
6543 proxy_msg(dev
[0], hapd
) # IKEV2 4
6544 proxy_msg(hapd
, dev
[0]) # EAP-Success
6545 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 1/4
6546 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 2/4
6547 proxy_msg(hapd
, dev
[0]) # EAPOL-Key msg 3/4
6548 proxy_msg(dev
[0], hapd
) # EAPOL-Key msg 4/4
6549 dev
[0].wait_connected()
6550 stop_ikev2_assoc(dev
[0], hapd
)
6552 start_ikev2_assoc(dev
[0], hapd
)
6553 resp
= rx_msg(dev
[0])
6554 # Too short EAP-IKEV2 header
6555 hapd
.note("IKEV2: Too short frame to include HDR")
6556 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "31"
6557 tx_msg(dev
[0], hapd
, msg
)
6559 stop_ikev2_assoc(dev
[0], hapd
)
6561 start_ikev2_assoc(dev
[0], hapd
)
6562 resp
= rx_msg(dev
[0])
6563 # Too short EAP-IKEV2 header - missing Message Length field
6564 hapd
.note("EAP-IKEV2: Message underflow")
6565 msg
= resp
[0:4] + "0006" + resp
[8:12] + "0006" + "3180"
6566 tx_msg(dev
[0], hapd
, msg
)
6568 stop_ikev2_assoc(dev
[0], hapd
)
6570 start_ikev2_assoc(dev
[0], hapd
)
6571 resp
= rx_msg(dev
[0])
6572 # Too short EAP-IKEV2 header - too small Message Length
6573 hapd
.note("EAP-IKEV2: Invalid Message Length (0; 1 remaining in this msg)")
6574 msg
= resp
[0:4] + "000b" + resp
[8:12] + "000b" + "318000000000ff"
6575 tx_msg(dev
[0], hapd
, msg
)
6577 stop_ikev2_assoc(dev
[0], hapd
)
6579 start_ikev2_assoc(dev
[0], hapd
)
6580 resp
= rx_msg(dev
[0])
6581 # Too short EAP-IKEV2 header - too large Message Length
6582 hapd
.note("EAP-IKEV2: Ignore too long message")
6583 msg
= resp
[0:4] + "000b" + resp
[8:12] + "000b" + "31c0bbccddeeff"
6584 tx_msg(dev
[0], hapd
, msg
)
6586 stop_ikev2_assoc(dev
[0], hapd
)
6588 start_ikev2_assoc(dev
[0], hapd
)
6589 resp
= rx_msg(dev
[0])
6590 # No Message Length in first fragment
6591 hapd
.note("EAP-IKEV2: No Message Length field in a fragmented packet")
6592 msg
= resp
[0:4] + "0007" + resp
[8:12] + "0007" + "3140ff"
6593 tx_msg(dev
[0], hapd
, msg
)
6595 stop_ikev2_assoc(dev
[0], hapd
)
6597 start_ikev2_assoc(dev
[0], hapd
)
6598 resp
= rx_msg(dev
[0])
6599 # First fragment (valid)
6600 hapd
.note("EAP-IKEV2: Received 1 bytes in first fragment, waiting for 255 bytes more")
6601 msg
= resp
[0:4] + "000b" + resp
[8:12] + "000b" + "31c000000100ff"
6602 tx_msg(dev
[0], hapd
, msg
)
6604 id, = struct
.unpack('B', binascii
.unhexlify(req
)[5:6])
6605 hapd
.note("EAP-IKEV2: Received 1 bytes in first fragment, waiting for 254 bytes more")
6606 payload
= struct
.pack('BBB', 49, 0x40, 0)
6607 msg
= struct
.pack('>BBHBBH', 1, 0, 4 + len(payload
), 2, id, 4 + len(payload
)) + payload
6608 tx_msg(dev
[0], hapd
, binascii
.hexlify(msg
).decode())
6610 id, = struct
.unpack('B', binascii
.unhexlify(req
)[5:6])
6611 hapd
.note("EAP-IKEV2: Fragment overflow")
6612 payload
= struct
.pack('BB', 49, 0x40) + 255*b
'\x00'
6613 msg
= struct
.pack('>BBHBBH', 1, 0, 4 + len(payload
), 2, id, 4 + len(payload
)) + payload
6614 tx_msg(dev
[0], hapd
, binascii
.hexlify(msg
).decode())
6616 stop_ikev2_assoc(dev
[0], hapd
)
6618 start_ikev2_assoc(dev
[0], hapd
)
6619 proxy_msg(dev
[0], hapd
) # IKEV2 2
6620 req
= proxy_msg(hapd
, dev
[0]) # IKEV2 3
6621 id, = struct
.unpack('B', binascii
.unhexlify(req
)[5:6])
6623 hapd
.note("EAP-IKEV2: The message should have included integrity checksum")
6624 payload
= struct
.pack('BB', 49, 0) + b
'\x00'
6625 msg
= struct
.pack('>BBHBBH', 1, 0, 4 + len(payload
), 2, id, 4 + len(payload
)) + payload
6626 tx_msg(dev
[0], hapd
, binascii
.hexlify(msg
).decode())
6628 stop_ikev2_assoc(dev
[0], hapd
)
6630 tests
= [("Unsupported HDR version 0x0 (expected 0x20)",
6631 struct
.pack('BB', 49, 0) + 16*b
'\x00' +
6632 struct
.pack('>BBBBLL', 0, 0, 0, 0, 0, 0)),
6633 ("IKEV2: Invalid length (HDR: 0 != RX: 28)",
6634 struct
.pack('BB', 49, 0) + 16*b
'\x00' +
6635 struct
.pack('>BBBBLL', 0, 0x20, 0, 0, 0, 0)),
6636 ("IKEV2: Unexpected Exchange Type 0 in SA_INIT state",
6637 struct
.pack('BB', 49, 0) + 16*b
'\x00' +
6638 struct
.pack('>BBBBLL', 0, 0x20, 0, 0, 0, 28)),
6639 ("IKEV2: Unexpected Flags value 0x0",
6640 struct
.pack('BB', 49, 0) + 16*b
'\x00' +
6641 struct
.pack('>BBBBLL', 0, 0x20, 34, 0, 0, 28)),
6642 ("IKEV2: SAr1 not received",
6643 struct
.pack('BB', 49, 0) + 16*b
'\x00' +
6644 struct
.pack('>BBBBLL', 0, 0x20, 34, 0x20, 0, 28))]
6645 for txt
, payload
in tests
:
6646 start_ikev2_assoc(dev
[0], hapd
)
6647 resp
= rx_msg(dev
[0])
6648 id, = struct
.unpack('B', binascii
.unhexlify(resp
)[5:6])
6650 msg
= struct
.pack('>BBHBBH', 1, 0, 4 + len(payload
), 2, id, 4 + len(payload
)) + payload
6651 tx_msg(dev
[0], hapd
, binascii
.hexlify(msg
).decode())
6653 stop_ikev2_assoc(dev
[0], hapd
)
6655 def test_eap_proto_mschapv2(dev
, apdev
):
6656 """EAP-MSCHAPv2 protocol tests"""
6657 check_eap_capa(dev
[0], "MSCHAPV2")
6659 def mschapv2_handler(ctx
, req
):
6660 logger
.info("mschapv2_handler - RX " + binascii
.hexlify(req
).decode())
6661 if 'num' not in ctx
:
6663 ctx
['num'] = ctx
['num'] + 1
6666 ctx
['id'] = (ctx
['id'] + 1) % 256
6670 if ctx
['num'] == idx
:
6671 logger
.info("Test: Missing payload")
6672 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
6677 if ctx
['num'] == idx
:
6678 logger
.info("Test: Unknown MSCHAPv2 op_code")
6679 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6685 if ctx
['num'] == idx
:
6686 logger
.info("Test: Invalid ms_len and unknown MSCHAPv2 op_code")
6687 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6693 if ctx
['num'] == idx
:
6694 logger
.info("Test: Success before challenge")
6695 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6701 if ctx
['num'] == idx
:
6702 logger
.info("Test: Failure before challenge - required challenge field not present")
6703 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6708 if ctx
['num'] == idx
:
6709 logger
.info("Test: Failure")
6710 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6713 if ctx
['num'] == idx
:
6714 logger
.info("Test: Failure before challenge - invalid failure challenge len")
6716 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6717 4 + 1 + 4 + len(payload
),
6719 4, 0, 4 + len(payload
)) + payload
6721 if ctx
['num'] == idx
:
6722 logger
.info("Test: Failure")
6723 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6726 if ctx
['num'] == idx
:
6727 logger
.info("Test: Failure before challenge - invalid failure challenge len")
6728 payload
= b
'C=12 V=3'
6729 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6730 4 + 1 + 4 + len(payload
),
6732 4, 0, 4 + len(payload
)) + payload
6734 if ctx
['num'] == idx
:
6735 logger
.info("Test: Failure")
6736 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6739 if ctx
['num'] == idx
:
6740 logger
.info("Test: Failure before challenge - invalid failure challenge")
6741 payload
= b
'C=00112233445566778899aabbccddeefQ '
6742 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6743 4 + 1 + 4 + len(payload
),
6745 4, 0, 4 + len(payload
)) + payload
6747 if ctx
['num'] == idx
:
6748 logger
.info("Test: Failure")
6749 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6752 if ctx
['num'] == idx
:
6753 logger
.info("Test: Failure before challenge - password expired")
6754 payload
= b
'E=648 R=1 C=00112233445566778899aabbccddeeff V=3 M=Password expired'
6755 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6756 4 + 1 + 4 + len(payload
),
6758 4, 0, 4 + len(payload
)) + payload
6760 if ctx
['num'] == idx
:
6761 logger
.info("Test: Success after password change")
6762 payload
= b
"S=1122334455667788990011223344556677889900"
6763 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6764 4 + 1 + 4 + len(payload
),
6766 3, 0, 4 + len(payload
)) + payload
6769 if ctx
['num'] == idx
:
6770 logger
.info("Test: Invalid challenge length")
6771 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6777 if ctx
['num'] == idx
:
6778 logger
.info("Test: Too short challenge packet")
6779 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6785 if ctx
['num'] == idx
:
6786 logger
.info("Test: Challenge")
6787 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6788 4 + 1 + 4 + 1 + 16 + 6,
6790 1, 0, 4 + 1 + 16 + 6, 16) + 16*b
'A' + b
'foobar'
6792 if ctx
['num'] == idx
:
6793 logger
.info("Test: Failure - password expired")
6794 payload
= b
'E=648 R=1 C=00112233445566778899aabbccddeeff V=3 M=Password expired'
6795 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6796 4 + 1 + 4 + len(payload
),
6798 4, 0, 4 + len(payload
)) + payload
6800 if ctx
['num'] == idx
:
6801 logger
.info("Test: Success after password change")
6803 logger
.info("Unexpected Change-Password packet length: %s" % len(req
))
6806 enc_pw
= data
[0:516]
6808 enc_hash
= data
[0:16]
6810 peer_challenge
= data
[0:16]
6814 nt_response
= data
[0:24]
6817 logger
.info("enc_hash: " + binascii
.hexlify(enc_hash
).decode())
6818 logger
.info("peer_challenge: " + binascii
.hexlify(peer_challenge
).decode())
6819 logger
.info("nt_response: " + binascii
.hexlify(nt_response
).decode())
6820 logger
.info("flags: " + binascii
.hexlify(flags
).decode())
6822 auth_challenge
= binascii
.unhexlify("00112233445566778899aabbccddeeff")
6823 logger
.info("auth_challenge: " + binascii
.hexlify(auth_challenge
).decode())
6825 auth_resp
= GenerateAuthenticatorResponse("new-pw", nt_response
,
6827 auth_challenge
, "user")
6828 payload
= b
"S=" + binascii
.hexlify(auth_resp
).decode().upper().encode()
6829 logger
.info("Success message payload: " + payload
.decode())
6830 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6831 4 + 1 + 4 + len(payload
),
6833 3, 0, 4 + len(payload
)) + payload
6835 if ctx
['num'] == idx
:
6836 logger
.info("Test: EAP-Success")
6837 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
6840 if ctx
['num'] == idx
:
6841 logger
.info("Test: Failure - password expired")
6842 payload
= b
'E=648 R=1 C=00112233445566778899aabbccddeeff V=3 M=Password expired'
6843 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6844 4 + 1 + 4 + len(payload
),
6846 4, 0, 4 + len(payload
)) + payload
6848 if ctx
['num'] == idx
:
6849 logger
.info("Test: Success after password change")
6851 logger
.info("Unexpected Change-Password packet length: %s" % len(req
))
6854 enc_pw
= data
[0:516]
6856 enc_hash
= data
[0:16]
6858 peer_challenge
= data
[0:16]
6862 nt_response
= data
[0:24]
6865 logger
.info("enc_hash: " + binascii
.hexlify(enc_hash
).decode())
6866 logger
.info("peer_challenge: " + binascii
.hexlify(peer_challenge
).decode())
6867 logger
.info("nt_response: " + binascii
.hexlify(nt_response
).decode())
6868 logger
.info("flags: " + binascii
.hexlify(flags
).decode())
6870 auth_challenge
= binascii
.unhexlify("00112233445566778899aabbccddeeff")
6871 logger
.info("auth_challenge: " + binascii
.hexlify(auth_challenge
).decode())
6873 auth_resp
= GenerateAuthenticatorResponse("new-pw", nt_response
,
6875 auth_challenge
, "user")
6876 payload
= b
"S=" + binascii
.hexlify(auth_resp
).decode().upper().encode()
6877 logger
.info("Success message payload: " + payload
.decode())
6878 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6879 4 + 1 + 4 + len(payload
),
6881 3, 0, 4 + len(payload
)) + payload
6883 if ctx
['num'] == idx
:
6884 logger
.info("Test: EAP-Success")
6885 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
6888 if ctx
['num'] == idx
:
6889 logger
.info("Test: Challenge")
6890 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6891 4 + 1 + 4 + 1 + 16 + 6,
6893 1, 0, 4 + 1 + 16 + 6, 16) + 16*b
'A' + b
'foobar'
6895 if ctx
['num'] == idx
:
6896 logger
.info("Test: Failure - authentication failure")
6897 payload
= b
'E=691 R=1 C=00112233445566778899aabbccddeeff V=3 M=Authentication failed'
6898 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6899 4 + 1 + 4 + len(payload
),
6901 4, 0, 4 + len(payload
)) + payload
6904 if ctx
['num'] == idx
:
6905 logger
.info("Test: Challenge")
6906 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6907 4 + 1 + 4 + 1 + 16 + 6,
6909 1, 0, 4 + 1 + 16 + 6, 16) + 16*b
'A' + b
'foobar'
6911 if ctx
['num'] == idx
:
6912 logger
.info("Test: Failure - authentication failure")
6913 payload
= b
'E=691 R=1 C=00112233445566778899aabbccddeeff V=3 M=Authentication failed (2)'
6914 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
6915 4 + 1 + 4 + len(payload
),
6917 4, 0, 4 + len(payload
)) + payload
6919 if ctx
['num'] == idx
:
6920 logger
.info("Test: Failure")
6921 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
6924 if ctx
['num'] == idx
:
6925 logger
.info("Test: Challenge - invalid ms_len and workaround disabled")
6926 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
6927 4 + 1 + 4 + 1 + 16 + 6,
6929 1, 0, 4 + 1 + 16 + 6 + 1, 16) + 16*b
'A' + b
'foobar'
6933 srv
= start_radius_server(mschapv2_handler
)
6936 hapd
= start_ap(apdev
[0])
6937 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
6939 for i
in range(0, 16):
6940 logger
.info("RUN: %d" % i
)
6942 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6943 eap
="MSCHAPV2", identity
="user",
6944 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
6947 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6948 eap
="MSCHAPV2", identity
="user",
6949 phase2
="mschapv2_retry=0",
6950 password
="password", wait_connect
=False)
6952 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6953 eap
="MSCHAPV2", identity
="user",
6955 password
="password", wait_connect
=False)
6957 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
6958 eap
="MSCHAPV2", identity
="user",
6959 password
="password", wait_connect
=False)
6960 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=15)
6962 raise Exception("Timeout on EAP start")
6964 if i
in [8, 11, 12]:
6965 ev
= dev
[0].wait_event(["CTRL-REQ-NEW_PASSWORD"],
6968 raise Exception("Timeout on new password request")
6969 id = ev
.split(':')[0].split('-')[-1]
6970 dev
[0].request("CTRL-RSP-NEW_PASSWORD-" + id + ":new-pw")
6972 ev
= dev
[0].wait_event(["CTRL-EVENT-PASSWORD-CHANGED"],
6975 raise Exception("Timeout on password change")
6976 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"],
6979 raise Exception("Timeout on EAP success")
6981 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
6984 raise Exception("Timeout on EAP failure")
6987 ev
= dev
[0].wait_event(["CTRL-REQ-IDENTITY"],
6990 raise Exception("Timeout on identity request")
6991 id = ev
.split(':')[0].split('-')[-1]
6992 dev
[0].request("CTRL-RSP-IDENTITY-" + id + ":user")
6994 ev
= dev
[0].wait_event(["CTRL-REQ-PASSWORD"],
6997 raise Exception("Timeout on password request")
6998 id = ev
.split(':')[0].split('-')[-1]
6999 dev
[0].request("CTRL-RSP-PASSWORD-" + id + ":password")
7001 # TODO: Does this work correctly?
7003 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
7006 raise Exception("Timeout on EAP failure")
7008 if i
in [4, 5, 6, 7, 14]:
7009 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"],
7012 raise Exception("Timeout on EAP failure")
7015 dev
[0].request("REMOVE_NETWORK all")
7016 dev
[0].wait_disconnected(timeout
=1)
7018 stop_radius_server(srv
)
7020 def test_eap_proto_mschapv2_errors(dev
, apdev
):
7021 """EAP-MSCHAPv2 protocol tests (error paths)"""
7022 check_eap_capa(dev
[0], "MSCHAPV2")
7024 def mschapv2_fail_password_expired(ctx
):
7025 logger
.info("Test: Failure before challenge - password expired")
7026 payload
= b
'E=648 R=1 C=00112233445566778899aabbccddeeff V=3 M=Password expired'
7027 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
7028 4 + 1 + 4 + len(payload
),
7030 4, 0, 4 + len(payload
)) + payload
7032 def mschapv2_success_after_password_change(ctx
, req
=None):
7033 logger
.info("Test: Success after password change")
7034 if req
is None or len(req
) != 591:
7035 payload
= b
"S=1122334455667788990011223344556677889900"
7038 enc_pw
= data
[0:516]
7040 enc_hash
= data
[0:16]
7042 peer_challenge
= data
[0:16]
7046 nt_response
= data
[0:24]
7049 logger
.info("enc_hash: " + binascii
.hexlify(enc_hash
).decode())
7050 logger
.info("peer_challenge: " + binascii
.hexlify(peer_challenge
).decode())
7051 logger
.info("nt_response: " + binascii
.hexlify(nt_response
).decode())
7052 logger
.info("flags: " + binascii
.hexlify(flags
).decode())
7054 auth_challenge
= binascii
.unhexlify("00112233445566778899aabbccddeeff")
7055 logger
.info("auth_challenge: " + binascii
.hexlify(auth_challenge
).decode())
7057 auth_resp
= GenerateAuthenticatorResponse("new-pw", nt_response
,
7059 auth_challenge
, "user")
7060 payload
= b
"S=" + binascii
.hexlify(auth_resp
).decode().upper().encode()
7061 return struct
.pack(">BBHBBBH", EAP_CODE_REQUEST
, ctx
['id'],
7062 4 + 1 + 4 + len(payload
),
7064 3, 0, 4 + len(payload
)) + payload
7066 def mschapv2_handler(ctx
, req
):
7067 logger
.info("mschapv2_handler - RX " + binascii
.hexlify(req
).decode())
7068 if 'num' not in ctx
:
7070 ctx
['num'] = ctx
['num'] + 1
7073 ctx
['id'] = (ctx
['id'] + 1) % 256
7077 if ctx
['num'] == idx
:
7078 return mschapv2_fail_password_expired(ctx
)
7080 if ctx
['num'] == idx
:
7081 return mschapv2_success_after_password_change(ctx
, req
)
7083 if ctx
['num'] == idx
:
7084 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7087 if ctx
['num'] == idx
:
7088 return mschapv2_fail_password_expired(ctx
)
7090 if ctx
['num'] == idx
:
7091 return mschapv2_success_after_password_change(ctx
, req
)
7093 if ctx
['num'] == idx
:
7094 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7097 if ctx
['num'] == idx
:
7098 return mschapv2_fail_password_expired(ctx
)
7100 if ctx
['num'] == idx
:
7101 return mschapv2_success_after_password_change(ctx
, req
)
7103 if ctx
['num'] == idx
:
7104 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7107 if ctx
['num'] == idx
:
7108 return mschapv2_fail_password_expired(ctx
)
7110 if ctx
['num'] == idx
:
7111 return mschapv2_success_after_password_change(ctx
, req
)
7113 if ctx
['num'] == idx
:
7114 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7117 if ctx
['num'] == idx
:
7118 return mschapv2_fail_password_expired(ctx
)
7120 if ctx
['num'] == idx
:
7121 return mschapv2_success_after_password_change(ctx
, req
)
7123 if ctx
['num'] == idx
:
7124 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7127 if ctx
['num'] == idx
:
7128 return mschapv2_fail_password_expired(ctx
)
7130 if ctx
['num'] == idx
:
7131 return mschapv2_success_after_password_change(ctx
, req
)
7133 if ctx
['num'] == idx
:
7134 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7137 if ctx
['num'] == idx
:
7138 return mschapv2_fail_password_expired(ctx
)
7140 if ctx
['num'] == idx
:
7141 return mschapv2_success_after_password_change(ctx
, req
)
7143 if ctx
['num'] == idx
:
7144 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7147 if ctx
['num'] == idx
:
7148 return mschapv2_fail_password_expired(ctx
)
7150 if ctx
['num'] == idx
:
7151 return mschapv2_success_after_password_change(ctx
, req
)
7153 if ctx
['num'] == idx
:
7154 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7157 if ctx
['num'] == idx
:
7158 return mschapv2_fail_password_expired(ctx
)
7160 if ctx
['num'] == idx
:
7161 return mschapv2_success_after_password_change(ctx
, req
)
7163 if ctx
['num'] == idx
:
7164 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7168 srv
= start_radius_server(mschapv2_handler
)
7171 hapd
= start_ap(apdev
[0])
7172 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
7174 tests
= ["os_get_random;eap_mschapv2_change_password",
7175 "generate_nt_response;eap_mschapv2_change_password",
7176 "get_master_key;eap_mschapv2_change_password",
7177 "nt_password_hash;eap_mschapv2_change_password",
7178 "old_nt_password_hash_encrypted_with_new_nt_password_hash"]
7180 with
fail_test(dev
[0], 1, func
):
7181 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7182 eap
="MSCHAPV2", identity
="user",
7183 password
="password", wait_connect
=False)
7184 ev
= dev
[0].wait_event(["CTRL-REQ-NEW_PASSWORD"], timeout
=10)
7186 raise Exception("Timeout on new password request")
7187 id = ev
.split(':')[0].split('-')[-1]
7188 dev
[0].request("CTRL-RSP-NEW_PASSWORD-" + id + ":new-pw")
7190 wait_fail_trigger(dev
[0], "GET_FAIL")
7191 dev
[0].request("REMOVE_NETWORK all")
7192 dev
[0].wait_disconnected(timeout
=1)
7194 tests
= ["encrypt_pw_block_with_password_hash;eap_mschapv2_change_password",
7195 "nt_password_hash;eap_mschapv2_change_password",
7196 "nt_password_hash;eap_mschapv2_success"]
7198 with
fail_test(dev
[0], 1, func
):
7199 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7200 eap
="MSCHAPV2", identity
="user",
7201 password_hex
="hash:8846f7eaee8fb117ad06bdd830b7586c",
7203 ev
= dev
[0].wait_event(["CTRL-REQ-NEW_PASSWORD"], timeout
=10)
7205 raise Exception("Timeout on new password request")
7206 id = ev
.split(':')[0].split('-')[-1]
7207 dev
[0].request("CTRL-RSP-NEW_PASSWORD-" + id + ":new-pw")
7209 wait_fail_trigger(dev
[0], "GET_FAIL")
7210 dev
[0].request("REMOVE_NETWORK all")
7211 dev
[0].wait_disconnected(timeout
=1)
7213 tests
= ["eap_msg_alloc;eap_mschapv2_change_password"]
7215 with
alloc_fail(dev
[0], 1, func
):
7216 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7217 eap
="MSCHAPV2", identity
="user",
7218 password
="password", wait_connect
=False)
7219 ev
= dev
[0].wait_event(["CTRL-REQ-NEW_PASSWORD"], timeout
=10)
7221 raise Exception("Timeout on new password request")
7222 id = ev
.split(':')[0].split('-')[-1]
7223 dev
[0].request("CTRL-RSP-NEW_PASSWORD-" + id + ":new-pw")
7225 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
7226 dev
[0].request("REMOVE_NETWORK all")
7227 dev
[0].wait_disconnected(timeout
=1)
7229 stop_radius_server(srv
)
7231 def test_eap_proto_pwd(dev
, apdev
):
7232 """EAP-pwd protocol tests"""
7233 check_eap_capa(dev
[0], "PWD")
7235 global eap_proto_pwd_test_done
, eap_proto_pwd_test_wait
7236 eap_proto_pwd_test_done
= False
7237 eap_proto_pwd_test_wait
= False
7239 def pwd_handler(ctx
, req
):
7240 logger
.info("pwd_handler - RX " + binascii
.hexlify(req
).decode())
7241 if 'num' not in ctx
:
7243 ctx
['num'] = ctx
['num'] + 1
7246 ctx
['id'] = (ctx
['id'] + 1) % 256
7249 global eap_proto_pwd_test_wait
7250 eap_proto_pwd_test_wait
= False
7253 if ctx
['num'] == idx
:
7254 logger
.info("Test: Missing payload")
7255 # EAP-pwd: Got a frame but pos is not NULL and len is 0
7256 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'], 4 + 1,
7260 if ctx
['num'] == idx
:
7261 logger
.info("Test: Missing Total-Length field")
7262 # EAP-pwd: Frame too short to contain Total-Length field
7263 payload
= struct
.pack("B", 0x80)
7264 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7265 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7268 if ctx
['num'] == idx
:
7269 logger
.info("Test: Too large Total-Length")
7270 # EAP-pwd: Incoming fragments whose total length = 65535
7271 payload
= struct
.pack(">BH", 0x80, 65535)
7272 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7273 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7276 if ctx
['num'] == idx
:
7277 eap_proto_pwd_test_wait
= True
7278 logger
.info("Test: First fragment")
7279 # EAP-pwd: Incoming fragments whose total length = 10
7280 # EAP-pwd: ACKing a 0 byte fragment
7281 payload
= struct
.pack(">BH", 0xc0, 10)
7282 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7283 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7285 if ctx
['num'] == idx
:
7286 logger
.info("Test: Unexpected Total-Length value in the second fragment")
7287 # EAP-pwd: Incoming fragments whose total length = 0
7288 # EAP-pwd: Unexpected new fragment start when previous fragment is still in use
7289 payload
= struct
.pack(">BH", 0x80, 0)
7290 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7291 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7294 if ctx
['num'] == idx
:
7295 logger
.info("Test: First and only fragment")
7296 # EAP-pwd: Incoming fragments whose total length = 0
7297 # EAP-pwd: processing frame: exch 0, len 0
7298 # EAP-pwd: Ignoring message with unknown opcode 128
7299 payload
= struct
.pack(">BH", 0x80, 0)
7300 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7301 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7304 if ctx
['num'] == idx
:
7305 logger
.info("Test: First and only fragment with extra data")
7306 # EAP-pwd: Incoming fragments whose total length = 0
7307 # EAP-pwd: processing frame: exch 0, len 1
7308 # EAP-pwd: Ignoring message with unknown opcode 128
7309 payload
= struct
.pack(">BHB", 0x80, 0, 0)
7310 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7311 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7314 if ctx
['num'] == idx
:
7315 eap_proto_pwd_test_wait
= True
7316 logger
.info("Test: First fragment")
7317 # EAP-pwd: Incoming fragments whose total length = 2
7318 # EAP-pwd: ACKing a 1 byte fragment
7319 payload
= struct
.pack(">BHB", 0xc0, 2, 1)
7320 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7321 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7323 if ctx
['num'] == idx
:
7324 logger
.info("Test: Extra data in the second fragment")
7325 # EAP-pwd: Buffer overflow attack detected (3 vs. 1)!
7326 payload
= struct
.pack(">BBB", 0x0, 2, 3)
7327 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7328 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7331 if ctx
['num'] == idx
:
7332 logger
.info("Test: Too short id exchange")
7333 # EAP-pwd: processing frame: exch 1, len 0
7334 # EAP-PWD: PWD-ID-Req -> FAILURE
7335 payload
= struct
.pack(">B", 0x01)
7336 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7337 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7340 if ctx
['num'] == idx
:
7341 logger
.info("Test: Unsupported rand func in id exchange")
7342 # EAP-PWD: Server EAP-pwd-ID proposal: group=0 random=0 prf=0 prep=0
7343 # EAP-PWD: PWD-ID-Req -> FAILURE
7344 payload
= struct
.pack(">BHBBLB", 0x01, 0, 0, 0, 0, 0)
7345 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7346 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7349 if ctx
['num'] == idx
:
7350 logger
.info("Test: Unsupported prf in id exchange")
7351 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=0 prep=0
7352 # EAP-PWD: PWD-ID-Req -> FAILURE
7353 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 0, 0, 0)
7354 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7355 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7358 if ctx
['num'] == idx
:
7359 logger
.info("Test: Unsupported password pre-processing technique in id exchange")
7360 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=255
7361 # EAP-PWD: Unsupported password pre-processing technique (Prep=255)
7362 # EAP-PWD: PWD-ID-Req -> FAILURE
7363 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 255)
7364 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7365 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7368 if ctx
['num'] == idx
:
7369 eap_proto_pwd_test_wait
= True
7370 logger
.info("Test: Valid id exchange")
7371 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=0
7372 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7373 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7374 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7376 if ctx
['num'] == idx
:
7377 logger
.info("Test: Unexpected id exchange")
7378 # EAP-pwd: processing frame: exch 1, len 9
7379 # EAP-PWD: PWD-Commit-Req -> FAILURE
7380 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7381 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7382 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7385 if ctx
['num'] == idx
:
7386 logger
.info("Test: Unexpected commit exchange")
7387 # EAP-pwd: processing frame: exch 2, len 0
7388 # EAP-PWD: PWD-ID-Req -> FAILURE
7389 payload
= struct
.pack(">B", 0x02)
7390 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7391 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7394 if ctx
['num'] == idx
:
7395 eap_proto_pwd_test_wait
= True
7396 logger
.info("Test: Valid id exchange")
7397 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=0
7398 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7399 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7400 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7402 if ctx
['num'] == idx
:
7403 logger
.info("Test: Unexpected Commit payload length (prep=None)")
7404 # EAP-pwd commit request, password prep is NONE
7405 # EAP-pwd: Unexpected Commit payload length 0 (expected 96)
7406 payload
= struct
.pack(">B", 0x02)
7407 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7408 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7411 if ctx
['num'] == idx
:
7412 eap_proto_pwd_test_wait
= True
7413 logger
.info("Test: Valid id exchange")
7414 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=0
7415 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7416 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7417 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7419 if ctx
['num'] == idx
:
7420 logger
.info("Test: Commit payload with all zeros values --> Shared key at infinity")
7421 # EAP-pwd: Invalid coordinate in element
7422 payload
= struct
.pack(">B", 0x02) + 96*b
'\0'
7423 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7424 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7427 if ctx
['num'] == idx
:
7428 eap_proto_pwd_test_wait
= True
7429 logger
.info("Test: Valid id exchange")
7430 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=0
7431 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7432 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7433 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7435 if ctx
['num'] == idx
:
7436 eap_proto_pwd_test_wait
= True
7437 logger
.info("Test: Commit payload with valid values")
7438 # EAP-pwd commit request, password prep is NONE
7439 element
= binascii
.unhexlify("8dcab2862c5396839a6bac0c689ff03d962863108e7c275bbf1d6eedf634ee832a214db99f0d0a1a6317733eecdd97f0fc4cda19f57e1bb9bb9c8dcf8c60ba6f")
7440 scalar
= binascii
.unhexlify("450f31e058cf2ac2636a5d6e2b3c70b1fcc301957f0716e77f13aa69f9a2e5bd")
7441 payload
= struct
.pack(">B", 0x02) + element
+ scalar
7442 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7443 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7445 if ctx
['num'] == idx
:
7446 logger
.info("Test: Unexpected Confirm payload length 0")
7447 # EAP-pwd: Unexpected Confirm payload length 0 (expected 32)
7448 payload
= struct
.pack(">B", 0x03)
7449 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7450 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7453 if ctx
['num'] == idx
:
7454 eap_proto_pwd_test_wait
= True
7455 logger
.info("Test: Valid id exchange")
7456 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=0
7457 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7458 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7459 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7461 if ctx
['num'] == idx
:
7462 eap_proto_pwd_test_wait
= True
7463 logger
.info("Test: Commit payload with valid values")
7464 # EAP-pwd commit request, password prep is NONE
7465 element
= binascii
.unhexlify("8dcab2862c5396839a6bac0c689ff03d962863108e7c275bbf1d6eedf634ee832a214db99f0d0a1a6317733eecdd97f0fc4cda19f57e1bb9bb9c8dcf8c60ba6f")
7466 scalar
= binascii
.unhexlify("450f31e058cf2ac2636a5d6e2b3c70b1fcc301957f0716e77f13aa69f9a2e5bd")
7467 payload
= struct
.pack(">B", 0x02) + element
+ scalar
7468 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7469 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7471 if ctx
['num'] == idx
:
7472 logger
.info("Test: Confirm payload with incorrect value")
7473 # EAP-PWD (peer): confirm did not verify
7474 payload
= struct
.pack(">B", 0x03) + 32*b
'\0'
7475 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7476 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7479 if ctx
['num'] == idx
:
7480 logger
.info("Test: Unexpected confirm exchange")
7481 # EAP-pwd: processing frame: exch 3, len 0
7482 # EAP-PWD: PWD-ID-Req -> FAILURE
7483 payload
= struct
.pack(">B", 0x03)
7484 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7485 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7488 if ctx
['num'] == idx
:
7489 logger
.info("Test: Unsupported password pre-processing technique SASLprep in id exchange")
7490 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=2
7491 # EAP-PWD: Unsupported password pre-processing technique (Prep=2)
7492 # EAP-PWD: PWD-ID-Req -> FAILURE
7493 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 2)
7494 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7495 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7498 if ctx
['num'] == idx
:
7499 eap_proto_pwd_test_wait
= True
7500 logger
.info("Test: Valid id exchange")
7501 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=1
7502 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 1)
7503 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7504 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7506 if ctx
['num'] == idx
:
7507 logger
.info("Test: Unexpected Commit payload length (prep=MS)")
7508 # EAP-pwd commit request, password prep is MS
7509 # EAP-pwd: Unexpected Commit payload length 0 (expected 96)
7510 payload
= struct
.pack(">B", 0x02)
7511 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7512 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7515 if ctx
['num'] == idx
:
7516 eap_proto_pwd_test_wait
= True
7517 logger
.info("Test: Valid id exchange")
7518 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=3
7519 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 3)
7520 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7521 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7523 if ctx
['num'] == idx
:
7524 logger
.info("Test: Unexpected Commit payload length (prep=ssha1)")
7525 # EAP-pwd commit request, password prep is salted sha1
7526 # EAP-pwd: Invalid Salt-len
7527 payload
= struct
.pack(">B", 0x02)
7528 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7529 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7532 if ctx
['num'] == idx
:
7533 eap_proto_pwd_test_wait
= True
7534 logger
.info("Test: Valid id exchange")
7535 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=3
7536 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 3)
7537 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7538 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7540 if ctx
['num'] == idx
:
7541 logger
.info("Test: Unexpected Commit payload length (prep=ssha1)")
7542 # EAP-pwd commit request, password prep is salted sha1
7543 # EAP-pwd: Invalid Salt-len
7544 payload
= struct
.pack(">BB", 0x02, 0)
7545 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7546 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7549 if ctx
['num'] == idx
:
7550 eap_proto_pwd_test_wait
= True
7551 logger
.info("Test: Valid id exchange")
7552 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=3
7553 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 3)
7554 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7555 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7557 if ctx
['num'] == idx
:
7558 logger
.info("Test: Unexpected Commit payload length (prep=ssha1)")
7559 # EAP-pwd commit request, password prep is salted sha1
7560 # EAP-pwd: Unexpected Commit payload length 1 (expected 98)
7561 payload
= struct
.pack(">BB", 0x02, 1)
7562 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7563 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7566 if ctx
['num'] == idx
:
7567 eap_proto_pwd_test_wait
= True
7568 logger
.info("Test: Valid id exchange")
7569 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=4
7570 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 4)
7571 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7572 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7574 if ctx
['num'] == idx
:
7575 logger
.info("Test: Unexpected Commit payload length (prep=ssha256)")
7576 # EAP-pwd commit request, password prep is salted sha256
7577 # EAP-pwd: Invalid Salt-len
7578 payload
= struct
.pack(">B", 0x02)
7579 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7580 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7583 if ctx
['num'] == idx
:
7584 eap_proto_pwd_test_wait
= True
7585 logger
.info("Test: Valid id exchange")
7586 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=4
7587 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 4)
7588 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7589 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7591 if ctx
['num'] == idx
:
7592 logger
.info("Test: Unexpected Commit payload length (prep=ssha256)")
7593 # EAP-pwd commit request, password prep is salted sha256
7594 # EAP-pwd: Invalid Salt-len
7595 payload
= struct
.pack(">BB", 0x02, 0)
7596 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7597 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7600 if ctx
['num'] == idx
:
7601 eap_proto_pwd_test_wait
= True
7602 logger
.info("Test: Valid id exchange")
7603 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=4
7604 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 4)
7605 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7606 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7608 if ctx
['num'] == idx
:
7609 logger
.info("Test: Unexpected Commit payload length (prep=ssha256)")
7610 # EAP-pwd commit request, password prep is salted sha256
7611 # EAP-pwd: Unexpected Commit payload length 1 (expected 98)
7612 payload
= struct
.pack(">BB", 0x02, 1)
7613 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7614 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7617 if ctx
['num'] == idx
:
7618 eap_proto_pwd_test_wait
= True
7619 logger
.info("Test: Valid id exchange")
7620 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=5
7621 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 5)
7622 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7623 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7625 if ctx
['num'] == idx
:
7626 logger
.info("Test: Unexpected Commit payload length (prep=ssha512)")
7627 # EAP-pwd commit request, password prep is salted sha512
7628 # EAP-pwd: Invalid Salt-len
7629 payload
= struct
.pack(">B", 0x02)
7630 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7631 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7634 if ctx
['num'] == idx
:
7635 eap_proto_pwd_test_wait
= True
7636 logger
.info("Test: Valid id exchange")
7637 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=5
7638 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 5)
7639 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7640 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7642 if ctx
['num'] == idx
:
7643 logger
.info("Test: Unexpected Commit payload length (prep=ssha512)")
7644 # EAP-pwd commit request, password prep is salted sha512
7645 # EAP-pwd: Invalid Salt-len
7646 payload
= struct
.pack(">BB", 0x02, 0)
7647 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7648 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7651 if ctx
['num'] == idx
:
7652 eap_proto_pwd_test_wait
= True
7653 logger
.info("Test: Valid id exchange")
7654 # EAP-PWD: Server EAP-pwd-ID proposal: group=19 random=1 prf=1 prep=5
7655 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 5)
7656 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7657 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7659 if ctx
['num'] == idx
:
7660 logger
.info("Test: Unexpected Commit payload length (prep=ssha512)")
7661 # EAP-pwd commit request, password prep is salted sha512
7662 # EAP-pwd: Unexpected Commit payload length 1 (expected 98)
7663 payload
= struct
.pack(">BB", 0x02, 1)
7664 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7665 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7667 logger
.info("No more test responses available - test case completed")
7668 global eap_proto_pwd_test_done
7669 eap_proto_pwd_test_done
= True
7670 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7672 srv
= start_radius_server(pwd_handler
)
7675 hapd
= start_ap(apdev
[0])
7676 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
7679 while not eap_proto_pwd_test_done
:
7681 logger
.info("Running connection iteration %d" % i
)
7682 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7683 eap
="PWD", identity
="pwd user",
7684 password
="secret password",
7688 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STATUS",
7689 "CTRL-EVENT-EAP-PROPOSED-METHOD"],
7692 raise Exception("Timeout on EAP start")
7693 if "CTRL-EVENT-EAP-PROPOSED-METHOD" in ev
:
7696 if "CTRL-EVENT-EAP-STATUS" in ev
and "status='completion' parameter='failure'" in ev
:
7700 raise Exception("Expected EAP event not seen")
7701 if eap_proto_pwd_test_wait
:
7704 if not eap_proto_pwd_test_wait
:
7706 if eap_proto_pwd_test_wait
:
7707 raise Exception("eap_proto_pwd_test_wait not cleared")
7708 dev
[0].request("REMOVE_NETWORK all")
7709 dev
[0].wait_disconnected(timeout
=1)
7710 dev
[0].dump_monitor()
7712 stop_radius_server(srv
)
7714 def test_eap_proto_pwd_invalid_scalar(dev
, apdev
):
7715 """EAP-pwd protocol tests - invalid server scalar"""
7716 check_eap_capa(dev
[0], "PWD")
7717 run_eap_proto_pwd_invalid_scalar(dev
, apdev
, 32*b
'\0')
7718 run_eap_proto_pwd_invalid_scalar(dev
, apdev
, 31*b
'\0' + b
'\x01')
7720 val
= binascii
.unhexlify("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551")
7721 run_eap_proto_pwd_invalid_scalar(dev
, apdev
, val
)
7723 val
= binascii
.unhexlify("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632550")
7724 run_eap_proto_pwd_invalid_scalar(dev
, apdev
, val
, valid_scalar
=True)
7726 def run_eap_proto_pwd_invalid_scalar(dev
, apdev
, scalar
, valid_scalar
=False):
7727 global eap_proto_pwd_invalid_scalar_fail
7728 eap_proto_pwd_invalid_scalar_fail
= False
7730 def pwd_handler(ctx
, req
):
7731 logger
.info("pwd_handler - RX " + binascii
.hexlify(req
).decode())
7732 if 'num' not in ctx
:
7734 ctx
['num'] = ctx
['num'] + 1
7737 ctx
['id'] = (ctx
['id'] + 1) % 256
7741 if ctx
['num'] == idx
:
7742 logger
.info("Test: Valid id exchange")
7743 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7744 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7745 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7747 if ctx
['num'] == idx
:
7748 logger
.info("Test: Commit payload with invalid scalar")
7749 payload
= struct
.pack(">B", 0x02) + binascii
.unhexlify("67feb2b46d59e6dd3af3a429ec9c04a949337564615d3a2c19bdf6826eb6f5efa303aed86af3a072ed819d518d620adb2659f0e84c4f8b739629db8c93088cfc") + scalar
7750 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7751 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7753 if ctx
['num'] == idx
:
7754 logger
.info("Confirm message next - should not get here")
7755 global eap_proto_pwd_invalid_scalar_fail
7756 eap_proto_pwd_invalid_scalar_fail
= True
7757 payload
= struct
.pack(">B", 0x03) + 32*b
'\0'
7758 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7759 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7761 logger
.info("No more test responses available - test case completed")
7762 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7764 srv
= start_radius_server(pwd_handler
)
7767 hapd
= start_ap(apdev
[0])
7768 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
7770 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7771 eap
="PWD", identity
="pwd user",
7772 password
="secret password",
7774 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
7776 raise Exception("EAP failure not reported")
7777 dev
[0].request("REMOVE_NETWORK all")
7778 dev
[0].wait_disconnected(timeout
=1)
7779 dev
[0].dump_monitor()
7781 stop_radius_server(srv
)
7783 if valid_scalar
and not eap_proto_pwd_invalid_scalar_fail
:
7784 raise Exception("Peer did not accept valid EAP-pwd-Commit scalar")
7785 if not valid_scalar
and eap_proto_pwd_invalid_scalar_fail
:
7786 raise Exception("Peer did not stop after invalid EAP-pwd-Commit scalar")
7788 def test_eap_proto_pwd_invalid_element(dev
, apdev
):
7789 """EAP-pwd protocol tests - invalid server element"""
7790 check_eap_capa(dev
[0], "PWD")
7791 # Invalid x,y coordinates
7792 run_eap_proto_pwd_invalid_element(dev
, apdev
, 64*b
'\x00')
7793 run_eap_proto_pwd_invalid_element(dev
, apdev
, 32*b
'\x00' + 32*b
'\x01')
7794 run_eap_proto_pwd_invalid_element(dev
, apdev
, 32*b
'\x01' + 32*b
'\x00')
7795 run_eap_proto_pwd_invalid_element(dev
, apdev
, 32*b
'\xff' + 32*b
'\x01')
7796 run_eap_proto_pwd_invalid_element(dev
, apdev
, 32*b
'\x01' + 32*b
'\xff')
7797 run_eap_proto_pwd_invalid_element(dev
, apdev
, 64*b
'\xff')
7799 run_eap_proto_pwd_invalid_element(dev
, apdev
, 64*b
'\x01')
7801 def run_eap_proto_pwd_invalid_element(dev
, apdev
, element
):
7802 global eap_proto_pwd_invalid_element_fail
7803 eap_proto_pwd_invalid_element_fail
= False
7805 def pwd_handler(ctx
, req
):
7806 logger
.info("pwd_handler - RX " + binascii
.hexlify(req
).decode())
7807 if 'num' not in ctx
:
7809 ctx
['num'] = ctx
['num'] + 1
7812 ctx
['id'] = (ctx
['id'] + 1) % 256
7816 if ctx
['num'] == idx
:
7817 logger
.info("Test: Valid id exchange")
7818 payload
= struct
.pack(">BHBBLB", 0x01, 19, 1, 1, 0, 0)
7819 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7820 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7822 if ctx
['num'] == idx
:
7823 logger
.info("Test: Commit payload with invalid element")
7824 payload
= struct
.pack(">B", 0x02) + element
+ 31*b
'\0' + b
'\x02'
7825 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7826 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7828 if ctx
['num'] == idx
:
7829 logger
.info("Confirm message next - should not get here")
7830 global eap_proto_pwd_invalid_element_fail
7831 eap_proto_pwd_invalid_element_fail
= True
7832 payload
= struct
.pack(">B", 0x03) + 32*b
'\0'
7833 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
7834 4 + 1 + len(payload
), EAP_TYPE_PWD
) + payload
7836 logger
.info("No more test responses available - test case completed")
7837 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
7839 srv
= start_radius_server(pwd_handler
)
7842 hapd
= start_ap(apdev
[0])
7843 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
7845 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
7846 eap
="PWD", identity
="pwd user",
7847 password
="secret password",
7849 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
7851 raise Exception("EAP failure not reported")
7852 dev
[0].request("REMOVE_NETWORK all")
7853 dev
[0].wait_disconnected(timeout
=1)
7854 dev
[0].dump_monitor()
7856 stop_radius_server(srv
)
7858 if eap_proto_pwd_invalid_element_fail
:
7859 raise Exception("Peer did not stop after invalid EAP-pwd-Commit element")
7862 ev
= src
.wait_event(["EAPOL-TX"], timeout
=5)
7864 raise Exception("No EAPOL-TX")
7865 return ev
.split(' ')[2]
7867 def tx_msg(src
, dst
, msg
):
7868 dst
.request("EAPOL_RX " + src
.own_addr() + " " + msg
)
7870 def proxy_msg(src
, dst
):
7872 tx_msg(src
, dst
, msg
)
7875 def start_pwd_exchange(dev
, ap
):
7876 check_eap_capa(dev
, "PWD")
7877 params
= hostapd
.wpa2_eap_params(ssid
="test-wpa2-eap")
7878 hapd
= hostapd
.add_ap(ap
, params
)
7879 hapd
.request("SET ext_eapol_frame_io 1")
7880 dev
.request("SET ext_eapol_frame_io 1")
7881 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
7882 eap
="PWD", identity
="pwd user", password
="secret password",
7883 wait_connect
=False, scan_freq
="2412")
7884 proxy_msg(hapd
, dev
) # EAP-Identity/Request
7885 proxy_msg(dev
, hapd
) # EAP-Identity/Response
7886 proxy_msg(hapd
, dev
) # EAP-pwd-ID/Request
7887 proxy_msg(dev
, hapd
) # EAP-pwd-ID/Response
7890 def test_eap_proto_pwd_unexpected_fragment(dev
, apdev
):
7891 """EAP-pwd protocol tests - unexpected more-fragment frame"""
7892 hapd
= start_pwd_exchange(dev
[0], apdev
[0])
7894 # EAP-pwd-Commit/Request
7896 if req
[18:20] != "02":
7897 raise Exception("Unexpected EAP-pwd-Commit/Request flag")
7898 msg
= req
[0:18] + "42" + req
[20:]
7899 tx_msg(hapd
, dev
[0], msg
)
7901 def test_eap_proto_pwd_reflection_attack(dev
, apdev
):
7902 """EAP-pwd protocol tests - reflection attack on the server"""
7903 hapd
= start_pwd_exchange(dev
[0], apdev
[0])
7905 # EAP-pwd-Commit/Request
7906 req
= proxy_msg(hapd
, dev
[0])
7908 raise Exception("Unexpected EAP-pwd-Commit/Response length")
7910 # EAP-pwd-Commit/Response
7911 resp
= rx_msg(dev
[0])
7912 # Reflect same Element/Scalar back to the server
7913 msg
= resp
[0:20] + req
[20:]
7914 tx_msg(dev
[0], hapd
, msg
)
7916 # EAP-pwd-Commit/Response or EAP-Failure
7918 if req
[8:10] != "04":
7919 # reflect EAP-pwd-Confirm/Request
7920 msg
= req
[0:8] + "02" + req
[10:]
7921 tx_msg(dev
[0], hapd
, msg
)
7923 if req
[8:10] == "03":
7924 raise Exception("EAP-Success after reflected Element/Scalar")
7925 raise Exception("No EAP-Failure to reject invalid EAP-pwd-Commit/Response")
7927 def test_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
):
7928 """EAP-pwd protocol tests - invalid peer scalar"""
7929 run_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
, 32*"00")
7930 run_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
, 31*"00" + "01")
7932 run_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
,
7933 "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551")
7935 run_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
,
7936 "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632550",
7939 def run_eap_proto_pwd_invalid_scalar_peer(dev
, apdev
, scalar
,
7940 valid_scalar
=False):
7941 hapd
= start_pwd_exchange(dev
[0], apdev
[0])
7942 proxy_msg(hapd
, dev
[0]) # EAP-pwd-Commit/Request
7944 # EAP-pwd-Commit/Response
7945 resp
= rx_msg(dev
[0])
7946 # Replace scalar with an invalid value
7947 msg
= resp
[0:20] + resp
[20:148] + scalar
7948 tx_msg(dev
[0], hapd
, msg
)
7950 # EAP-pwd-Commit/Response or EAP-Failure
7952 if valid_scalar
and req
[8:10] == "04":
7953 raise Exception("Unexpected EAP-Failure with valid scalar")
7954 if not valid_scalar
and req
[8:10] != "04":
7955 raise Exception("No EAP-Failure to reject invalid scalar")
7956 dev
[0].request("REMOVE_NETWORK all")
7957 dev
[0].wait_disconnected(timeout
=1)
7960 def test_eap_proto_pwd_invalid_element_peer(dev
, apdev
):
7961 """EAP-pwd protocol tests - invalid peer element"""
7962 # Invalid x,y coordinates
7963 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 64*'00')
7964 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 32*'00' + 32*'01')
7965 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 32*'01' + 32*'00')
7966 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 32*'ff' + 32*'01')
7967 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 32*'01' + 32*'ff')
7968 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 64*'ff')
7970 run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, 64*'01')
7972 def run_eap_proto_pwd_invalid_element_peer(dev
, apdev
, element
):
7973 hapd
= start_pwd_exchange(dev
[0], apdev
[0])
7974 proxy_msg(hapd
, dev
[0]) # EAP-pwd-Commit/Request
7976 # EAP-pwd-Commit/Response
7977 resp
= rx_msg(dev
[0])
7978 # Replace element with an invalid value
7979 msg
= resp
[0:20] + element
+ resp
[148:]
7980 tx_msg(dev
[0], hapd
, msg
)
7982 # EAP-pwd-Commit/Response or EAP-Failure
7984 if req
[8:10] != "04":
7985 raise Exception("No EAP-Failure to reject invalid element")
7986 dev
[0].request("REMOVE_NETWORK all")
7987 dev
[0].wait_disconnected(timeout
=1)
7990 def test_eap_proto_pwd_errors(dev
, apdev
):
7991 """EAP-pwd local error cases"""
7992 check_eap_capa(dev
[0], "PWD")
7993 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
7994 hapd
= hostapd
.add_ap(apdev
[0], params
)
7995 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
7997 for i
in range(1, 4):
7998 with
alloc_fail(dev
[0], i
, "eap_pwd_init"):
7999 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8000 eap
="PWD", identity
="pwd user",
8001 password
="secret password",
8003 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
8006 raise Exception("Timeout on EAP start")
8007 dev
[0].request("REMOVE_NETWORK all")
8008 dev
[0].wait_disconnected()
8010 with
alloc_fail(dev
[0], 1, "eap_pwd_get_session_id"):
8011 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8012 eap
="PWD", identity
="pwd user",
8014 password
="secret password")
8015 dev
[0].request("REMOVE_NETWORK all")
8016 dev
[0].wait_disconnected()
8018 funcs
= ["eap_pwd_getkey", "eap_pwd_get_emsk",
8019 "=wpabuf_alloc;eap_pwd_perform_commit_exchange",
8020 "=wpabuf_alloc;eap_pwd_perform_confirm_exchange"]
8022 with
alloc_fail(dev
[0], 1, func
):
8023 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8024 eap
="PWD", identity
="pwd user@domain",
8025 password
="secret password", erp
="1",
8027 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8028 dev
[0].request("REMOVE_NETWORK all")
8029 dev
[0].wait_disconnected()
8031 for i
in range(1, 5):
8032 with
alloc_fail(dev
[0], i
, "eap_pwd_perform_id_exchange"):
8033 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8034 eap
="PWD", identity
="pwd user",
8035 password
="secret password",
8037 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8040 raise Exception("Timeout on EAP start")
8043 state
= dev
[0].request('GET_ALLOC_FAIL')
8044 if state
.startswith('0:'):
8049 raise Exception("No allocation failure seen")
8050 dev
[0].request("REMOVE_NETWORK all")
8051 dev
[0].wait_disconnected()
8053 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;eap_pwd_perform_id_exchange"):
8054 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8055 eap
="PWD", identity
="pwd user",
8056 password
="secret password",
8058 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8061 raise Exception("Timeout on EAP start")
8062 dev
[0].request("REMOVE_NETWORK all")
8063 dev
[0].wait_disconnected()
8065 for i
in range(1, 9):
8066 with
alloc_fail(dev
[0], i
, "eap_pwd_perform_commit_exchange"):
8067 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8068 eap
="PWD", identity
="pwd user",
8069 password
="secret password",
8071 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8074 raise Exception("Timeout on EAP start")
8077 state
= dev
[0].request('GET_ALLOC_FAIL')
8078 if state
.startswith('0:'):
8083 raise Exception("No allocation failure seen")
8084 dev
[0].request("REMOVE_NETWORK all")
8085 dev
[0].wait_disconnected()
8087 for i
in range(1, 12):
8088 with
alloc_fail(dev
[0], i
, "eap_pwd_perform_confirm_exchange"):
8089 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8090 eap
="PWD", identity
="pwd user",
8091 password
="secret password",
8093 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8096 raise Exception("Timeout on EAP start")
8099 state
= dev
[0].request('GET_ALLOC_FAIL')
8100 if state
.startswith('0:'):
8105 raise Exception("No allocation failure seen")
8106 dev
[0].request("REMOVE_NETWORK all")
8107 dev
[0].wait_disconnected()
8109 for i
in range(1, 5):
8110 with
alloc_fail(dev
[0], i
, "eap_msg_alloc;=eap_pwd_process"):
8111 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8112 eap
="PWD", identity
="pwd user",
8113 password
="secret password", fragment_size
="50",
8115 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8118 raise Exception("Timeout on EAP start")
8119 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8120 dev
[0].request("REMOVE_NETWORK all")
8121 dev
[0].wait_disconnected()
8123 # No password configured
8124 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8125 eap
="PWD", identity
="pwd user",
8127 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD vendor=0 method=52"],
8130 raise Exception("EAP-pwd not started")
8131 dev
[0].request("REMOVE_NETWORK all")
8132 dev
[0].wait_disconnected()
8134 funcs
= [(1, "hash_nt_password_hash;eap_pwd_perform_commit_exchange"),
8135 (1, "=crypto_bignum_init;eap_pwd_perform_commit_exchange"),
8136 (1, "=crypto_ec_point_init;eap_pwd_perform_commit_exchange"),
8137 (2, "=crypto_ec_point_init;eap_pwd_perform_commit_exchange"),
8138 (1, "=crypto_ec_point_mul;eap_pwd_perform_commit_exchange"),
8139 (2, "=crypto_ec_point_mul;eap_pwd_perform_commit_exchange"),
8140 (3, "=crypto_ec_point_mul;eap_pwd_perform_commit_exchange"),
8141 (1, "=crypto_ec_point_add;eap_pwd_perform_commit_exchange"),
8142 (1, "=crypto_ec_point_invert;eap_pwd_perform_commit_exchange"),
8143 (1, "=crypto_ec_point_to_bin;eap_pwd_perform_commit_exchange"),
8144 (1, "crypto_hash_finish;eap_pwd_kdf"),
8145 (1, "crypto_ec_point_from_bin;eap_pwd_get_element"),
8146 (3, "crypto_bignum_init;compute_password_element"),
8147 (4, "crypto_bignum_init;compute_password_element"),
8148 (1, "crypto_bignum_init_set;compute_password_element"),
8149 (2, "crypto_bignum_init_set;compute_password_element"),
8150 (3, "crypto_bignum_init_set;compute_password_element"),
8151 (1, "crypto_bignum_to_bin;compute_password_element"),
8152 (1, "crypto_ec_point_compute_y_sqr;compute_password_element"),
8153 (1, "crypto_ec_point_solve_y_coord;compute_password_element"),
8154 (1, "crypto_bignum_rand;compute_password_element"),
8155 (1, "crypto_bignum_sub;compute_password_element")]
8156 for count
, func
in funcs
:
8157 with
fail_test(dev
[0], count
, func
):
8158 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8159 eap
="PWD", identity
="pwd-hash",
8160 password_hex
="hash:e3718ece8ab74792cbbfffd316d2d19a",
8162 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
8164 raise Exception("No EAP-Failure reported")
8165 dev
[0].request("REMOVE_NETWORK all")
8166 dev
[0].wait_disconnected()
8168 params
= {"ssid": "eap-test2", "wpa": "2", "wpa_key_mgmt": "WPA-EAP",
8169 "rsn_pairwise": "CCMP", "ieee8021x": "1",
8170 "eap_server": "1", "eap_user_file": "auth_serv/eap_user.conf",
8171 "pwd_group": "19", "fragment_size": "40"}
8172 hapd2
= hostapd
.add_ap(apdev
[1], params
)
8173 dev
[0].scan_for_bss(hapd2
.own_addr(), freq
=2412)
8175 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;=eap_pwd_process"):
8176 dev
[0].connect("eap-test2", key_mgmt
="WPA-EAP", scan_freq
="2412",
8177 eap
="PWD", identity
="pwd user",
8178 password
="secret password",
8180 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8181 dev
[0].request("REMOVE_NETWORK all")
8182 dev
[0].wait_disconnected()
8184 for i
in range(1, 5):
8185 with
fail_test(dev
[0], i
,
8186 "=crypto_ec_point_to_bin;eap_pwd_perform_confirm_exchange"):
8187 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8188 eap
="PWD", identity
="pwd-hash",
8189 password_hex
="hash:e3718ece8ab74792cbbfffd316d2d19a",
8191 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
8193 raise Exception("No EAP-Failure reported")
8194 dev
[0].request("REMOVE_NETWORK all")
8195 dev
[0].wait_disconnected()
8196 dev
[0].dump_monitor()
8198 def run_eap_pwd_connect(dev
, hash=True, fragment
=2000):
8200 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
8201 fragment_size
=str(fragment
),
8202 eap
="PWD", identity
="pwd-hash",
8203 password_hex
="hash:e3718ece8ab74792cbbfffd316d2d19a",
8204 scan_freq
="2412", wait_connect
=False)
8206 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
8207 fragment_size
=str(fragment
),
8208 eap
="PWD", identity
="pwd-hash-sha1",
8209 password
="secret password",
8210 scan_freq
="2412", wait_connect
=False)
8211 ev
= dev
.wait_event(["CTRL-EVENT-EAP-SUCCESS", "CTRL-EVENT-EAP-FAILURE",
8212 "CTRL-EVENT-DISCONNECTED"],
8214 dev
.request("REMOVE_NETWORK all")
8215 if not ev
or "CTRL-EVENT-DISCONNECTED" not in ev
:
8216 dev
.wait_disconnected()
8219 def test_eap_proto_pwd_errors_server(dev
, apdev
):
8220 """EAP-pwd local error cases on server"""
8221 check_eap_capa(dev
[0], "PWD")
8222 params
= int_eap_server_params()
8223 params
['erp_domain'] = 'example.com'
8224 params
['eap_server_erp'] = '1'
8225 hapd
= hostapd
.add_ap(apdev
[0], params
)
8226 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8228 tests
= [(1, "eap_pwd_init"),
8229 (2, "eap_pwd_init"),
8230 (3, "eap_pwd_init"),
8231 (1, "eap_pwd_build_id_req"),
8232 (1, "eap_pwd_build_commit_req"),
8233 (1, "eap_pwd_build_confirm_req"),
8234 (1, "eap_pwd_h_init;eap_pwd_build_confirm_req"),
8235 (1, "wpabuf_alloc;eap_pwd_build_confirm_req"),
8236 (1, "eap_msg_alloc;eap_pwd_build_req"),
8237 (1, "eap_pwd_process_id_resp"),
8238 (1, "get_eap_pwd_group;eap_pwd_process_id_resp"),
8239 (1, "eap_pwd_process_confirm_resp"),
8240 (1, "eap_pwd_h_init;eap_pwd_process_confirm_resp"),
8241 (1, "compute_keys;eap_pwd_process_confirm_resp"),
8242 (1, "eap_pwd_getkey"),
8243 (1, "eap_pwd_get_emsk"),
8244 (1, "eap_pwd_get_session_id")]
8245 for count
, func
in tests
:
8246 with
alloc_fail(hapd
, count
, func
):
8247 run_eap_pwd_connect(dev
[0], hash=True)
8249 tests
= [(1, "eap_msg_alloc;eap_pwd_build_req"),
8250 (2, "eap_msg_alloc;eap_pwd_build_req"),
8251 (1, "wpabuf_alloc;eap_pwd_process")]
8252 for count
, func
in tests
:
8253 with
alloc_fail(hapd
, count
, func
):
8254 run_eap_pwd_connect(dev
[0], hash=True, fragment
=13)
8256 tests
= [(4, "eap_pwd_init")]
8257 for count
, func
in tests
:
8258 with
alloc_fail(hapd
, count
, func
):
8259 run_eap_pwd_connect(dev
[0], hash=False)
8261 tests
= [(1, "eap_pwd_build_id_req"),
8262 (1, "eap_pwd_build_commit_req"),
8263 (1, "crypto_ec_point_mul;eap_pwd_build_commit_req"),
8264 (1, "crypto_ec_point_invert;eap_pwd_build_commit_req"),
8265 (1, "crypto_ec_point_to_bin;eap_pwd_build_commit_req"),
8266 (1, "crypto_ec_point_to_bin;eap_pwd_build_confirm_req"),
8267 (2, "=crypto_ec_point_to_bin;eap_pwd_build_confirm_req"),
8268 (1, "hash_nt_password_hash;eap_pwd_process_id_resp"),
8269 (1, "compute_password_element;eap_pwd_process_id_resp"),
8270 (1, "crypto_bignum_init;eap_pwd_process_commit_resp"),
8271 (1, "crypto_ec_point_mul;eap_pwd_process_commit_resp"),
8272 (2, "crypto_ec_point_mul;eap_pwd_process_commit_resp"),
8273 (1, "crypto_ec_point_add;eap_pwd_process_commit_resp"),
8274 (1, "crypto_ec_point_to_bin;eap_pwd_process_confirm_resp"),
8275 (2, "=crypto_ec_point_to_bin;eap_pwd_process_confirm_resp")]
8276 for count
, func
in tests
:
8277 with
fail_test(hapd
, count
, func
):
8278 run_eap_pwd_connect(dev
[0], hash=True)
8280 def start_pwd_assoc(dev
, hapd
):
8281 dev
.connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
8282 eap
="PWD", identity
="pwd user", password
="secret password",
8283 wait_connect
=False, scan_freq
="2412")
8284 proxy_msg(hapd
, dev
) # EAP-Identity/Request
8285 proxy_msg(dev
, hapd
) # EAP-Identity/Response
8286 proxy_msg(hapd
, dev
) # EAP-pwd-Identity/Request
8288 def stop_pwd_assoc(dev
, hapd
):
8289 dev
.request("REMOVE_NETWORK all")
8290 dev
.wait_disconnected()
8294 def test_eap_proto_pwd_server(dev
, apdev
):
8295 """EAP-pwd protocol testing for the server"""
8296 check_eap_capa(dev
[0], "PWD")
8297 params
= int_eap_server_params()
8298 hapd
= hostapd
.add_ap(apdev
[0], params
)
8299 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8300 hapd
.request("SET ext_eapol_frame_io 1")
8301 dev
[0].request("SET ext_eapol_frame_io 1")
8303 start_pwd_assoc(dev
[0], hapd
)
8304 resp
= rx_msg(dev
[0])
8305 # Replace exch field with unexpected value
8306 # --> EAP-pwd: Unexpected opcode=4 in state=0
8307 msg
= resp
[0:18] + "04" + resp
[20:]
8308 tx_msg(dev
[0], hapd
, msg
)
8310 # Too short EAP-pwd header (no flags/exch field)
8311 # --> EAP-pwd: Invalid frame
8312 msg
= resp
[0:4] + "0005" + resp
[8:12] + "0005" + "34"
8313 tx_msg(dev
[0], hapd
, msg
)
8315 # Too short EAP-pwd header (L=1 but only one octet of total length field)
8316 # --> EAP-pwd: Frame too short to contain Total-Length field
8317 msg
= resp
[0:4] + "0007" + resp
[8:12] + "0007" + "34" + "81ff"
8318 tx_msg(dev
[0], hapd
, msg
)
8319 # server continues exchange, so start from scratch for the next step
8321 stop_pwd_assoc(dev
[0], hapd
)
8323 start_pwd_assoc(dev
[0], hapd
)
8324 resp
= rx_msg(dev
[0])
8325 # Too large total length
8326 msg
= resp
[0:4] + "0008" + resp
[8:12] + "0008" + "34" + "c1ffff"
8327 tx_msg(dev
[0], hapd
, msg
)
8328 # server continues exchange, so start from scratch for the next step
8330 stop_pwd_assoc(dev
[0], hapd
)
8332 start_pwd_assoc(dev
[0], hapd
)
8333 resp
= rx_msg(dev
[0])
8335 msg
= resp
[0:4] + "0009" + resp
[8:12] + "0009" + "34" + "c100ff" + "aa"
8336 tx_msg(dev
[0], hapd
, msg
)
8339 # Unexpected first fragment
8340 # --> EAP-pwd: Unexpected new fragment start when previous fragment is still in use
8341 msg
= resp
[0:4] + "0009" + resp
[8:10] + req
[10:12] + "0009" + "34" + "c100ee" + "bb"
8342 tx_msg(dev
[0], hapd
, msg
)
8343 # server continues exchange, so start from scratch for the next step
8345 stop_pwd_assoc(dev
[0], hapd
)
8347 start_pwd_assoc(dev
[0], hapd
)
8348 resp
= rx_msg(dev
[0])
8349 # Too much data in first fragment
8350 # --> EAP-pwd: Buffer overflow attack detected! (0+2 > 1)
8351 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "34" + "c10001" + "aabb"
8352 tx_msg(dev
[0], hapd
, msg
)
8355 stop_pwd_assoc(dev
[0], hapd
)
8357 start_pwd_assoc(dev
[0], hapd
)
8358 resp
= rx_msg(dev
[0])
8360 # --> EAP-pwd: peer changed parameters
8361 msg
= resp
[0:20] + "ff" + resp
[22:]
8362 tx_msg(dev
[0], hapd
, msg
)
8365 stop_pwd_assoc(dev
[0], hapd
)
8367 start_pwd_assoc(dev
[0], hapd
)
8368 resp
= rx_msg(dev
[0])
8369 # Too short ID response
8370 # --> EAP-pwd: Invalid ID response
8371 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "34" + "01ffeeddcc"
8372 tx_msg(dev
[0], hapd
, msg
)
8373 # server continues exchange, so start from scratch for the next step
8375 stop_pwd_assoc(dev
[0], hapd
)
8377 start_pwd_assoc(dev
[0], hapd
)
8378 # EAP-pwd-Identity/Response
8379 resp
= rx_msg(dev
[0])
8380 tx_msg(dev
[0], hapd
, resp
)
8381 # EAP-pwd-Commit/Request
8383 # Unexpected EAP-pwd-Identity/Response
8384 # --> EAP-pwd: Unexpected opcode=1 in state=1
8385 msg
= resp
[0:10] + req
[10:12] + resp
[12:]
8386 tx_msg(dev
[0], hapd
, msg
)
8387 # server continues exchange, so start from scratch for the next step
8389 stop_pwd_assoc(dev
[0], hapd
)
8391 start_pwd_assoc(dev
[0], hapd
)
8392 proxy_msg(dev
[0], hapd
) # EAP-pwd-Identity/Response
8393 proxy_msg(hapd
, dev
[0]) # EAP-pwd-Commit/Request
8394 # EAP-pwd-Commit/Response
8395 resp
= rx_msg(dev
[0])
8396 # Too short Commit response
8397 # --> EAP-pwd: Unexpected Commit payload length 4 (expected 96)
8398 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "34" + "02ffeeddcc"
8399 tx_msg(dev
[0], hapd
, msg
)
8402 stop_pwd_assoc(dev
[0], hapd
)
8404 start_pwd_assoc(dev
[0], hapd
)
8405 proxy_msg(dev
[0], hapd
) # EAP-pwd-Identity/Response
8406 proxy_msg(hapd
, dev
[0]) # EAP-pwd-Commit/Request
8407 proxy_msg(dev
[0], hapd
) # EAP-pwd-Commit/Response
8408 proxy_msg(hapd
, dev
[0]) # EAP-pwd-Confirm/Request
8409 # EAP-pwd-Confirm/Response
8410 resp
= rx_msg(dev
[0])
8411 # Too short Confirm response
8412 # --> EAP-pwd: Unexpected Confirm payload length 4 (expected 32)
8413 msg
= resp
[0:4] + "000a" + resp
[8:12] + "000a" + "34" + "03ffeeddcc"
8414 tx_msg(dev
[0], hapd
, msg
)
8417 stop_pwd_assoc(dev
[0], hapd
)
8419 start_pwd_assoc(dev
[0], hapd
)
8420 resp
= rx_msg(dev
[0])
8422 # --> EAP-pwd: No buffer for reassembly
8423 msg
= resp
[0:18] + "41" + resp
[20:]
8424 tx_msg(dev
[0], hapd
, msg
)
8427 stop_pwd_assoc(dev
[0], hapd
)
8429 def test_eap_proto_erp(dev
, apdev
):
8430 """ERP protocol tests"""
8431 check_erp_capa(dev
[0])
8433 global eap_proto_erp_test_done
8434 eap_proto_erp_test_done
= False
8436 def erp_handler(ctx
, req
):
8437 logger
.info("erp_handler - RX " + binascii
.hexlify(req
).decode())
8438 if 'num' not in ctx
:
8443 ctx
['id'] = (ctx
['id'] + 1) % 256
8447 if ctx
['num'] == idx
:
8448 logger
.info("Test: Missing type")
8449 return struct
.pack(">BBH", EAP_CODE_INITIATE
, ctx
['id'], 4)
8452 if ctx
['num'] == idx
:
8453 logger
.info("Test: Unexpected type")
8454 return struct
.pack(">BBHB", EAP_CODE_INITIATE
, ctx
['id'], 4 + 1,
8458 if ctx
['num'] == idx
:
8459 logger
.info("Test: Missing Reserved field")
8460 return struct
.pack(">BBHB", EAP_CODE_INITIATE
, ctx
['id'], 4 + 1,
8461 EAP_ERP_TYPE_REAUTH_START
)
8464 if ctx
['num'] == idx
:
8465 logger
.info("Test: Zero-length TVs/TLVs")
8467 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8468 4 + 1 + 1 + len(payload
),
8469 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8472 if ctx
['num'] == idx
:
8473 logger
.info("Test: Too short TLV")
8474 payload
= struct
.pack("B", 191)
8475 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8476 4 + 1 + 1 + len(payload
),
8477 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8480 if ctx
['num'] == idx
:
8481 logger
.info("Test: Truncated TLV")
8482 payload
= struct
.pack("BB", 191, 1)
8483 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8484 4 + 1 + 1 + len(payload
),
8485 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8488 if ctx
['num'] == idx
:
8489 logger
.info("Test: Ignored unknown TLV and unknown TV/TLV terminating parsing")
8490 payload
= struct
.pack("BBB", 191, 0, 192)
8491 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8492 4 + 1 + 1 + len(payload
),
8493 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8496 if ctx
['num'] == idx
:
8497 logger
.info("Test: More than one keyName-NAI")
8498 payload
= struct
.pack("BBBB", EAP_ERP_TLV_KEYNAME_NAI
, 0,
8499 EAP_ERP_TLV_KEYNAME_NAI
, 0)
8500 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8501 4 + 1 + 1 + len(payload
),
8502 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8505 if ctx
['num'] == idx
:
8506 logger
.info("Test: Too short TLV keyName-NAI")
8507 payload
= struct
.pack("B", EAP_ERP_TLV_KEYNAME_NAI
)
8508 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8509 4 + 1 + 1 + len(payload
),
8510 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8513 if ctx
['num'] == idx
:
8514 logger
.info("Test: Truncated TLV keyName-NAI")
8515 payload
= struct
.pack("BB", EAP_ERP_TLV_KEYNAME_NAI
, 1)
8516 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8517 4 + 1 + 1 + len(payload
),
8518 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8521 if ctx
['num'] == idx
:
8522 logger
.info("Test: Valid rRK lifetime TV followed by too short rMSK lifetime TV")
8523 payload
= struct
.pack(">BLBH", EAP_ERP_TV_RRK_LIFETIME
, 0,
8524 EAP_ERP_TV_RMSK_LIFETIME
, 0)
8525 return struct
.pack(">BBHBB", EAP_CODE_INITIATE
, ctx
['id'],
8526 4 + 1 + 1 + len(payload
),
8527 EAP_ERP_TYPE_REAUTH_START
, 0) + payload
8530 if ctx
['num'] == idx
:
8531 logger
.info("Test: Missing type (Finish)")
8532 return struct
.pack(">BBH", EAP_CODE_FINISH
, ctx
['id'], 4)
8535 if ctx
['num'] == idx
:
8536 logger
.info("Test: Unexpected type (Finish)")
8537 return struct
.pack(">BBHB", EAP_CODE_FINISH
, ctx
['id'], 4 + 1,
8541 if ctx
['num'] == idx
:
8542 logger
.info("Test: Missing fields (Finish)")
8543 return struct
.pack(">BBHB", EAP_CODE_FINISH
, ctx
['id'], 4 + 1,
8544 EAP_ERP_TYPE_REAUTH
)
8547 if ctx
['num'] == idx
:
8548 logger
.info("Test: Unexpected SEQ (Finish)")
8549 return struct
.pack(">BBHBBHB", EAP_CODE_FINISH
, ctx
['id'],
8551 EAP_ERP_TYPE_REAUTH
, 0, 0xffff, 0)
8553 logger
.info("No more test responses available - test case completed")
8554 global eap_proto_erp_test_done
8555 eap_proto_erp_test_done
= True
8556 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
8558 srv
= start_radius_server(erp_handler
)
8561 hapd
= start_ap(apdev
[0])
8562 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8565 while not eap_proto_erp_test_done
:
8567 logger
.info("Running connection iteration %d" % i
)
8568 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8569 eap
="PAX", identity
="pax.user@example.com",
8570 password_hex
="0123456789abcdef0123456789abcdef",
8572 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
8574 raise Exception("Timeout on EAP start")
8576 dev
[0].request("REMOVE_NETWORK all")
8577 dev
[0].wait_disconnected(timeout
=1)
8578 dev
[0].dump_monitor()
8580 stop_radius_server(srv
)
8582 def test_eap_proto_fast_errors(dev
, apdev
):
8583 """EAP-FAST local error cases"""
8584 check_eap_capa(dev
[0], "FAST")
8585 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
8586 hapd
= hostapd
.add_ap(apdev
[0], params
)
8587 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8589 for i
in range(1, 5):
8590 with
alloc_fail(dev
[0], i
, "eap_fast_init"):
8591 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8592 eap
="FAST", anonymous_identity
="FAST",
8593 identity
="user", password
="password",
8594 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8595 phase1
="fast_provisioning=2",
8596 pac_file
="blob://fast_pac_auth",
8598 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
8601 raise Exception("Timeout on EAP start")
8602 dev
[0].request("REMOVE_NETWORK all")
8603 dev
[0].wait_disconnected()
8605 tests
= [(1, "wpabuf_alloc;eap_fast_tlv_eap_payload"),
8606 (1, "eap_fast_derive_key;eap_fast_derive_key_auth"),
8607 (1, "eap_msg_alloc;eap_peer_tls_phase2_nak"),
8608 (1, "wpabuf_alloc;eap_fast_tlv_result"),
8609 (1, "wpabuf_alloc;eap_fast_tlv_pac_ack"),
8610 (1, "=eap_peer_tls_derive_session_id;eap_fast_process_crypto_binding"),
8611 (1, "eap_peer_tls_decrypt;eap_fast_decrypt"),
8612 (1, "eap_fast_getKey"),
8613 (1, "eap_fast_get_session_id"),
8614 (1, "eap_fast_get_emsk")]
8615 for count
, func
in tests
:
8616 dev
[0].request("SET blob fast_pac_auth_errors ")
8617 with
alloc_fail(dev
[0], count
, func
):
8618 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8619 eap
="FAST", anonymous_identity
="FAST",
8620 identity
="user@example.com", password
="password",
8621 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8622 phase1
="fast_provisioning=2",
8623 pac_file
="blob://fast_pac_auth_errors",
8626 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8629 raise Exception("Timeout on EAP start")
8630 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8631 dev
[0].request("REMOVE_NETWORK all")
8632 dev
[0].wait_disconnected()
8634 tests
= [(1, "eap_fast_derive_key;eap_fast_derive_key_provisioning"),
8635 (1, "eap_mschapv2_getKey;eap_fast_get_phase2_key"),
8636 (1, "=eap_fast_use_pac_opaque"),
8637 (1, "eap_fast_copy_buf"),
8638 (1, "=eap_fast_add_pac"),
8639 (1, "=eap_fast_init_pac_data"),
8640 (1, "=eap_fast_write_pac"),
8641 (2, "=eap_fast_write_pac")]
8642 for count
, func
in tests
:
8643 dev
[0].request("SET blob fast_pac_errors ")
8644 with
alloc_fail(dev
[0], count
, func
):
8645 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8646 eap
="FAST", anonymous_identity
="FAST",
8647 identity
="user", password
="password",
8648 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8649 phase1
="fast_provisioning=1",
8650 pac_file
="blob://fast_pac_errors",
8653 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8656 raise Exception("Timeout on EAP start")
8657 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8658 dev
[0].request("REMOVE_NETWORK all")
8659 dev
[0].wait_disconnected()
8661 tests
= [(1, "eap_fast_get_cmk;eap_fast_process_crypto_binding"),
8662 (1, "eap_fast_derive_eap_msk;eap_fast_process_crypto_binding"),
8663 (1, "eap_fast_derive_eap_emsk;eap_fast_process_crypto_binding")]
8664 for count
, func
in tests
:
8665 dev
[0].request("SET blob fast_pac_auth_errors ")
8666 with
fail_test(dev
[0], count
, func
):
8667 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8668 eap
="FAST", anonymous_identity
="FAST",
8669 identity
="user", password
="password",
8670 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8671 phase1
="fast_provisioning=2",
8672 pac_file
="blob://fast_pac_auth_errors",
8675 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8678 raise Exception("Timeout on EAP start")
8679 wait_fail_trigger(dev
[0], "GET_FAIL")
8680 dev
[0].request("REMOVE_NETWORK all")
8681 dev
[0].wait_disconnected()
8683 dev
[0].request("SET blob fast_pac_errors ")
8684 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8685 eap
="FAST", anonymous_identity
="FAST",
8686 identity
="user", password
="password",
8687 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8688 phase1
="fast_provisioning=1",
8689 pac_file
="blob://fast_pac_errors",
8691 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
8693 raise Exception("Timeout on EAP start")
8694 # EAP-FAST: Only EAP-MSCHAPv2 is allowed during unauthenticated
8695 # provisioning; reject phase2 type 6
8696 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8698 raise Exception("Timeout on EAP failure")
8699 dev
[0].request("REMOVE_NETWORK all")
8700 dev
[0].wait_disconnected()
8702 logger
.info("Wrong password in Phase 2")
8703 dev
[0].request("SET blob fast_pac_errors ")
8704 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8705 eap
="FAST", anonymous_identity
="FAST",
8706 identity
="user", password
="wrong password",
8707 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8708 phase1
="fast_provisioning=1",
8709 pac_file
="blob://fast_pac_errors",
8711 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
8713 raise Exception("Timeout on EAP start")
8714 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8716 raise Exception("Timeout on EAP failure")
8717 dev
[0].request("REMOVE_NETWORK all")
8718 dev
[0].wait_disconnected()
8720 tests
= ["FOOBAR\n",
8721 "wpa_supplicant EAP-FAST PAC file - version 1\nFOOBAR\n",
8722 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\n",
8723 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nSTART\n",
8724 "wpa_supplicant EAP-FAST PAC file - version 1\nEND\n",
8725 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nPAC-Type=12345\nEND\n"
8726 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nPAC-Key=12\nEND\n",
8727 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nPAC-Key=1\nEND\n",
8728 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nPAC-Key=1q\nEND\n",
8729 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nPAC-Opaque=1\nEND\n",
8730 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nA-ID=1\nEND\n",
8731 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nI-ID=1\nEND\n",
8732 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nA-ID-Info=1\nEND\n"]
8734 blob
= binascii
.hexlify(pac
.encode()).decode()
8735 dev
[0].request("SET blob fast_pac_errors " + blob
)
8736 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8737 eap
="FAST", anonymous_identity
="FAST",
8738 identity
="user", password
="password",
8739 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8740 phase1
="fast_provisioning=2",
8741 pac_file
="blob://fast_pac_errors",
8743 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
8746 raise Exception("Timeout on EAP start")
8747 dev
[0].request("REMOVE_NETWORK all")
8748 dev
[0].wait_disconnected()
8750 tests
= ["wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nEND\n",
8751 "wpa_supplicant EAP-FAST PAC file - version 1\nSTART\nEND\nSTART\nEND\nSTART\nEND\n"]
8753 blob
= binascii
.hexlify(pac
.encode()).decode()
8754 dev
[0].request("SET blob fast_pac_errors " + blob
)
8755 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8756 eap
="FAST", anonymous_identity
="FAST",
8757 identity
="user", password
="password",
8758 ca_cert
="auth_serv/ca.pem", phase2
="auth=GTC",
8759 phase1
="fast_provisioning=2",
8760 pac_file
="blob://fast_pac_errors")
8761 dev
[0].request("REMOVE_NETWORK all")
8762 dev
[0].wait_disconnected()
8764 dev
[0].request("SET blob fast_pac_errors ")
8766 def test_eap_proto_peap_errors_server(dev
, apdev
):
8767 """EAP-PEAP local error cases on server"""
8768 params
= int_eap_server_params()
8769 hapd
= hostapd
.add_ap(apdev
[0], params
)
8770 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8772 tests
= [(1, "get_asymetric_start_key;eap_mschapv2_getKey"),
8773 (1, "generate_authenticator_response_pwhash;eap_mschapv2_process_response"),
8774 (1, "hash_nt_password_hash;eap_mschapv2_process_response"),
8775 (1, "get_master_key;eap_mschapv2_process_response")]
8776 for count
, func
in tests
:
8777 with
fail_test(hapd
, count
, func
):
8778 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP",
8780 eap
="PEAP", anonymous_identity
="peap",
8781 identity
="user", password
="password",
8782 phase1
="peapver=0 crypto_binding=2",
8783 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8784 erp
="1", wait_connect
=False)
8785 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
8787 raise Exception("EAP-Failure not reported")
8788 dev
[0].request("REMOVE_NETWORK all")
8789 dev
[0].wait_disconnected()
8791 def test_eap_proto_peap_errors(dev
, apdev
):
8792 """EAP-PEAP local error cases"""
8793 check_eap_capa(dev
[0], "PEAP")
8794 check_eap_capa(dev
[0], "MSCHAPV2")
8795 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
8796 hapd
= hostapd
.add_ap(apdev
[0], params
)
8797 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8799 for i
in range(1, 5):
8800 with
alloc_fail(dev
[0], i
, "eap_peap_init"):
8801 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8802 eap
="PEAP", anonymous_identity
="peap",
8803 identity
="user", password
="password",
8804 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8806 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
8809 raise Exception("Timeout on EAP start")
8810 dev
[0].request("REMOVE_NETWORK all")
8811 dev
[0].wait_disconnected()
8813 tests
= [(1, "eap_mschapv2_getKey;eap_peap_get_isk;eap_peap_derive_cmk"),
8814 (1, "eap_msg_alloc;eap_tlv_build_result"),
8815 (1, "eap_mschapv2_init;eap_peap_phase2_request"),
8816 (1, "eap_peer_tls_decrypt;eap_peap_decrypt"),
8817 (1, "wpabuf_alloc;=eap_peap_decrypt"),
8818 (1, "eap_peer_tls_encrypt;eap_peap_decrypt"),
8819 (1, "eap_peer_tls_process_helper;eap_peap_process"),
8820 (1, "eap_peer_tls_derive_key;eap_peap_process"),
8821 (1, "eap_peer_tls_derive_session_id;eap_peap_process"),
8822 (1, "eap_peap_getKey"),
8823 (1, "eap_peap_get_session_id")]
8824 for count
, func
in tests
:
8825 with
alloc_fail(dev
[0], count
, func
):
8826 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8827 eap
="PEAP", anonymous_identity
="peap",
8828 identity
="user", password
="password",
8829 phase1
="peapver=0 crypto_binding=2",
8830 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8831 erp
="1", wait_connect
=False)
8832 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8835 raise Exception("Timeout on EAP start")
8836 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8837 dev
[0].request("REMOVE_NETWORK all")
8838 dev
[0].wait_disconnected()
8840 tests
= [(1, "peap_prfplus;eap_peap_derive_cmk"),
8841 (1, "eap_tlv_add_cryptobinding;eap_tlv_build_result"),
8842 (1, "peap_prfplus;eap_peap_getKey"),
8843 (1, "get_asymetric_start_key;eap_mschapv2_getKey")]
8844 for count
, func
in tests
:
8845 with
fail_test(dev
[0], count
, func
):
8846 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8847 eap
="PEAP", anonymous_identity
="peap",
8848 identity
="user", password
="password",
8849 phase1
="peapver=0 crypto_binding=2",
8850 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8851 erp
="1", wait_connect
=False)
8852 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8855 raise Exception("Timeout on EAP start")
8856 wait_fail_trigger(dev
[0], "GET_FAIL")
8857 dev
[0].request("REMOVE_NETWORK all")
8858 dev
[0].wait_disconnected()
8860 with
alloc_fail(dev
[0], 1,
8861 "eap_peer_tls_phase2_nak;eap_peap_phase2_request"):
8862 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8863 eap
="PEAP", anonymous_identity
="peap",
8864 identity
="cert user", password
="password",
8865 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8867 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
8868 dev
[0].request("REMOVE_NETWORK all")
8869 dev
[0].wait_disconnected()
8871 def test_eap_proto_ttls_errors(dev
, apdev
):
8872 """EAP-TTLS local error cases"""
8873 check_eap_capa(dev
[0], "TTLS")
8874 check_eap_capa(dev
[0], "MSCHAPV2")
8875 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
8876 hapd
= hostapd
.add_ap(apdev
[0], params
)
8877 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
8879 for i
in range(1, 5):
8880 with
alloc_fail(dev
[0], i
, "eap_ttls_init"):
8881 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8882 eap
="TTLS", anonymous_identity
="ttls",
8883 identity
="user", password
="password",
8884 ca_cert
="auth_serv/ca.pem",
8885 phase2
="autheap=MSCHAPV2",
8887 ev
= dev
[0].wait_event(["EAP: Failed to initialize EAP method"],
8890 raise Exception("Timeout on EAP start")
8891 dev
[0].request("REMOVE_NETWORK all")
8892 dev
[0].wait_disconnected()
8894 tests
= [(1, "eap_peer_tls_derive_key;eap_ttls_v0_derive_key",
8895 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8896 (1, "eap_peer_tls_derive_session_id;eap_ttls_v0_derive_key",
8897 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8898 (1, "wpabuf_alloc;eap_ttls_phase2_request_mschapv2",
8899 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8900 (1, "eap_peer_tls_derive_key;eap_ttls_phase2_request_mschapv2",
8901 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8902 (1, "eap_peer_tls_encrypt;eap_ttls_encrypt_response;eap_ttls_implicit_identity_request",
8903 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8904 (1, "eap_peer_tls_decrypt;eap_ttls_decrypt",
8905 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8906 (1, "eap_ttls_getKey",
8907 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8908 (1, "eap_ttls_get_session_id",
8909 "DOMAIN\mschapv2 user", "auth=MSCHAPV2"),
8910 (1, "eap_ttls_get_emsk",
8911 "mschapv2 user@domain", "auth=MSCHAPV2"),
8912 (1, "wpabuf_alloc;eap_ttls_phase2_request_mschap",
8913 "mschap user", "auth=MSCHAP"),
8914 (1, "eap_peer_tls_derive_key;eap_ttls_phase2_request_mschap",
8915 "mschap user", "auth=MSCHAP"),
8916 (1, "wpabuf_alloc;eap_ttls_phase2_request_chap",
8917 "chap user", "auth=CHAP"),
8918 (1, "eap_peer_tls_derive_key;eap_ttls_phase2_request_chap",
8919 "chap user", "auth=CHAP"),
8920 (1, "wpabuf_alloc;eap_ttls_phase2_request_pap",
8921 "pap user", "auth=PAP"),
8922 (1, "wpabuf_alloc;eap_ttls_avp_encapsulate",
8923 "user", "autheap=MSCHAPV2"),
8924 (1, "eap_mschapv2_init;eap_ttls_phase2_request_eap_method",
8925 "user", "autheap=MSCHAPV2"),
8926 (1, "eap_sm_buildIdentity;eap_ttls_phase2_request_eap",
8927 "user", "autheap=MSCHAPV2"),
8928 (1, "eap_ttls_avp_encapsulate;eap_ttls_phase2_request_eap",
8929 "user", "autheap=MSCHAPV2"),
8930 (1, "eap_ttls_parse_attr_eap",
8931 "user", "autheap=MSCHAPV2"),
8932 (1, "eap_peer_tls_encrypt;eap_ttls_encrypt_response;eap_ttls_process_decrypted",
8933 "user", "autheap=MSCHAPV2"),
8934 (1, "eap_ttls_fake_identity_request",
8935 "user", "autheap=MSCHAPV2"),
8936 (1, "eap_msg_alloc;eap_tls_process_output",
8937 "user", "autheap=MSCHAPV2"),
8938 (1, "eap_msg_alloc;eap_peer_tls_build_ack",
8939 "user", "autheap=MSCHAPV2"),
8940 (1, "tls_connection_decrypt;eap_peer_tls_decrypt",
8941 "user", "autheap=MSCHAPV2"),
8942 (1, "eap_peer_tls_phase2_nak;eap_ttls_phase2_request_eap_method",
8943 "cert user", "autheap=MSCHAPV2")]
8944 for count
, func
, identity
, phase2
in tests
:
8945 with
alloc_fail(dev
[0], count
, func
):
8946 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8947 eap
="TTLS", anonymous_identity
="ttls",
8948 identity
=identity
, password
="password",
8949 ca_cert
="auth_serv/ca.pem", phase2
=phase2
,
8950 erp
="1", wait_connect
=False)
8951 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8954 raise Exception("Timeout on EAP start")
8955 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL",
8956 note
="Allocation failure not triggered for: %d:%s" % (count
, func
))
8957 dev
[0].request("REMOVE_NETWORK all")
8958 dev
[0].wait_disconnected()
8960 tests
= [(1, "os_get_random;eap_ttls_phase2_request_mschapv2"),
8961 (1, "mschapv2_derive_response;eap_ttls_phase2_request_mschapv2")]
8962 for count
, func
in tests
:
8963 with
fail_test(dev
[0], count
, func
):
8964 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8965 eap
="TTLS", anonymous_identity
="ttls",
8966 identity
="DOMAIN\mschapv2 user", password
="password",
8967 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
8968 erp
="1", wait_connect
=False)
8969 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8972 raise Exception("Timeout on EAP start")
8973 wait_fail_trigger(dev
[0], "GET_FAIL",
8974 note
="Test failure not triggered for: %d:%s" % (count
, func
))
8975 dev
[0].request("REMOVE_NETWORK all")
8976 dev
[0].wait_disconnected()
8978 tests
= [(1, "nt_challenge_response;eap_ttls_phase2_request_mschap")]
8979 for count
, func
in tests
:
8980 with
fail_test(dev
[0], count
, func
):
8981 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
8982 eap
="TTLS", anonymous_identity
="ttls",
8983 identity
="mschap user", password
="password",
8984 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAP",
8985 erp
="1", wait_connect
=False)
8986 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
8989 raise Exception("Timeout on EAP start")
8990 wait_fail_trigger(dev
[0], "GET_FAIL",
8991 note
="Test failure not triggered for: %d:%s" % (count
, func
))
8992 dev
[0].request("REMOVE_NETWORK all")
8993 dev
[0].wait_disconnected()
8995 def test_eap_proto_expanded(dev
, apdev
):
8996 """EAP protocol tests with expanded header"""
8997 global eap_proto_expanded_test_done
8998 eap_proto_expanded_test_done
= False
9000 def expanded_handler(ctx
, req
):
9001 logger
.info("expanded_handler - RX " + binascii
.hexlify(req
).decode())
9002 if 'num' not in ctx
:
9007 ctx
['id'] = (ctx
['id'] + 1) % 256
9011 if ctx
['num'] == idx
:
9012 logger
.info("Test: MD5 challenge in expanded header")
9013 return struct
.pack(">BBHB3BLBBB", EAP_CODE_REQUEST
, ctx
['id'],
9015 EAP_TYPE_EXPANDED
, 0, 0, 0, EAP_TYPE_MD5
,
9018 if ctx
['num'] == idx
:
9019 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9022 if ctx
['num'] == idx
:
9023 logger
.info("Test: Invalid expanded EAP length")
9024 return struct
.pack(">BBHB3BH", EAP_CODE_REQUEST
, ctx
['id'],
9026 EAP_TYPE_EXPANDED
, 0, 0, 0, EAP_TYPE_MD5
)
9028 if ctx
['num'] == idx
:
9029 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9032 if ctx
['num'] == idx
:
9033 logger
.info("Test: Invalid expanded frame type")
9034 return struct
.pack(">BBHB3BL", EAP_CODE_REQUEST
, ctx
['id'],
9036 EAP_TYPE_EXPANDED
, 0, 0, 1, EAP_TYPE_MD5
)
9038 if ctx
['num'] == idx
:
9039 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9042 if ctx
['num'] == idx
:
9043 logger
.info("Test: MSCHAPv2 Challenge")
9044 return struct
.pack(">BBHBBBHB", EAP_CODE_REQUEST
, ctx
['id'],
9045 4 + 1 + 4 + 1 + 16 + 6,
9047 1, 0, 4 + 1 + 16 + 6, 16) + 16*b
'A' + b
'foobar'
9049 if ctx
['num'] == idx
:
9050 logger
.info("Test: Invalid expanded frame type")
9051 return struct
.pack(">BBHB3BL", EAP_CODE_REQUEST
, ctx
['id'],
9053 EAP_TYPE_EXPANDED
, 0, 0, 1, EAP_TYPE_MSCHAPV2
)
9055 logger
.info("No more test responses available - test case completed")
9056 global eap_proto_expanded_test_done
9057 eap_proto_expanded_test_done
= True
9058 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9060 srv
= start_radius_server(expanded_handler
)
9063 hapd
= start_ap(apdev
[0])
9064 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9067 while not eap_proto_expanded_test_done
:
9069 logger
.info("Running connection iteration %d" % i
)
9071 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9072 eap
="MSCHAPV2", identity
="user",
9073 password
="password",
9076 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9077 eap
="MD5", identity
="user", password
="password",
9079 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
9081 raise Exception("Timeout on EAP start")
9083 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
9085 raise Exception("Timeout on EAP method start")
9086 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9088 raise Exception("Timeout on EAP failure")
9090 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"],
9093 raise Exception("Timeout on EAP proposed method")
9094 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9096 raise Exception("Timeout on EAP failure")
9099 dev
[0].request("REMOVE_NETWORK all")
9100 dev
[0].wait_disconnected(timeout
=1)
9101 dev
[0].dump_monitor()
9103 stop_radius_server(srv
)
9105 def test_eap_proto_tls(dev
, apdev
):
9106 """EAP-TLS protocol tests"""
9107 check_eap_capa(dev
[0], "TLS")
9108 global eap_proto_tls_test_done
, eap_proto_tls_test_wait
9109 eap_proto_tls_test_done
= False
9110 eap_proto_tls_test_wait
= False
9112 def tls_handler(ctx
, req
):
9113 logger
.info("tls_handler - RX " + binascii
.hexlify(req
).decode())
9114 if 'num' not in ctx
:
9119 ctx
['id'] = (ctx
['id'] + 1) % 256
9122 global eap_proto_tls_test_wait
9125 if ctx
['num'] == idx
:
9126 logger
.info("Test: Too much payload in TLS/Start: TLS Message Length (0 bytes) smaller than this fragment (1 bytes)")
9127 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9129 EAP_TYPE_TLS
, 0xa0, 0, 1)
9132 if ctx
['num'] == idx
:
9133 logger
.info("Test: Fragmented TLS/Start")
9134 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9136 EAP_TYPE_TLS
, 0xe0, 2, 1)
9138 if ctx
['num'] == idx
:
9139 logger
.info("Test: Too long fragment of TLS/Start: Invalid reassembly state: tls_in_left=2 tls_in_len=0 in_len=0")
9140 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
9142 EAP_TYPE_TLS
, 0x00, 2, 3)
9144 if ctx
['num'] == idx
:
9145 logger
.info("Test: EAP-Failure")
9146 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9149 if ctx
['num'] == idx
:
9150 logger
.info("Test: TLS/Start")
9151 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9155 if ctx
['num'] == idx
:
9156 logger
.info("Test: Fragmented TLS message")
9157 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9159 EAP_TYPE_TLS
, 0xc0, 2, 1)
9161 if ctx
['num'] == idx
:
9162 logger
.info("Test: Invalid TLS message: no Flags octet included + workaround")
9163 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
9167 if ctx
['num'] == idx
:
9168 logger
.info("Test: Too long fragment of TLS message: more data than TLS message length indicated")
9169 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
9171 EAP_TYPE_TLS
, 0x00, 2, 3)
9173 if ctx
['num'] == idx
:
9174 logger
.info("Test: EAP-Failure")
9175 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9178 if ctx
['num'] == idx
:
9179 logger
.info("Test: Fragmented TLS/Start and truncated Message Length field")
9180 return struct
.pack(">BBHBB3B", EAP_CODE_REQUEST
, ctx
['id'],
9182 EAP_TYPE_TLS
, 0xe0, 1, 2, 3)
9185 if ctx
['num'] == idx
:
9186 logger
.info("Test: TLS/Start")
9187 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9191 if ctx
['num'] == idx
:
9192 logger
.info("Test: Fragmented TLS message")
9193 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9195 EAP_TYPE_TLS
, 0xc0, 2, 1)
9197 if ctx
['num'] == idx
:
9198 logger
.info("Test: Invalid TLS message: no Flags octet included + workaround disabled")
9199 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
9204 if ctx
['num'] == idx
:
9205 logger
.info("Test: TLS/Start")
9206 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9210 if ctx
['num'] == idx
:
9211 logger
.info("Test: Fragmented TLS message (long; first)")
9213 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
9214 4 + 1 + 1 + 4 + len(payload
),
9215 EAP_TYPE_TLS
, 0xc0, 65536) + payload
9216 # "Too long TLS fragment (size over 64 kB)" on the last one
9219 if ctx
['num'] == idx
:
9220 logger
.info("Test: Fragmented TLS message (long; cont %d)" % i
)
9221 eap_proto_tls_test_wait
= True
9223 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9224 4 + 1 + 1 + len(payload
),
9225 EAP_TYPE_TLS
, 0x40) + payload
9226 eap_proto_tls_test_wait
= False
9228 if ctx
['num'] == idx
:
9229 logger
.info("Test: EAP-Failure")
9230 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9233 if ctx
['num'] == idx
:
9234 logger
.info("Test: TLS/Start")
9235 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9239 if ctx
['num'] == idx
:
9240 logger
.info("Test: Non-ACK to more-fragment message")
9241 return struct
.pack(">BBHBBB", EAP_CODE_REQUEST
, ctx
['id'],
9243 EAP_TYPE_TLS
, 0x00, 255)
9245 if ctx
['num'] == idx
:
9246 logger
.info("Test: EAP-Failure")
9247 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9249 logger
.info("No more test responses available - test case completed")
9250 global eap_proto_tls_test_done
9251 eap_proto_tls_test_done
= True
9252 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9254 srv
= start_radius_server(tls_handler
)
9257 hapd
= start_ap(apdev
[0])
9258 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9261 while not eap_proto_tls_test_done
:
9263 logger
.info("Running connection iteration %d" % i
)
9264 workaround
= "0" if i
== 6 else "1"
9265 fragment_size
= "100" if i
== 8 else "1400"
9266 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9267 eap
="TLS", identity
="tls user",
9268 ca_cert
="auth_serv/ca.pem",
9269 client_cert
="auth_serv/user.pem",
9270 private_key
="auth_serv/user.key",
9271 eap_workaround
=workaround
,
9272 fragment_size
=fragment_size
,
9274 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
9276 raise Exception("Timeout on EAP start")
9277 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD",
9278 "CTRL-EVENT-EAP-STATUS"], timeout
=5)
9280 raise Exception("Timeout on EAP method start")
9282 start
= os
.times()[4]
9283 while eap_proto_tls_test_wait
:
9285 if now
- start
> 10:
9288 dev
[0].request("REMOVE_NETWORK all")
9289 dev
[0].wait_disconnected(timeout
=1)
9290 dev
[0].dump_monitor()
9292 stop_radius_server(srv
)
9294 def test_eap_proto_tnc(dev
, apdev
):
9295 """EAP-TNC protocol tests"""
9296 check_eap_capa(dev
[0], "TNC")
9297 global eap_proto_tnc_test_done
9298 eap_proto_tnc_test_done
= False
9300 def tnc_handler(ctx
, req
):
9301 logger
.info("tnc_handler - RX " + binascii
.hexlify(req
).decode())
9302 if 'num' not in ctx
:
9307 ctx
['id'] = (ctx
['id'] + 1) % 256
9311 if ctx
['num'] == idx
:
9312 logger
.info("Test: TNC start with unsupported version")
9313 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9318 if ctx
['num'] == idx
:
9319 logger
.info("Test: TNC without Flags field")
9320 return struct
.pack(">BBHB", EAP_CODE_REQUEST
, ctx
['id'],
9325 if ctx
['num'] == idx
:
9326 logger
.info("Test: Message underflow due to missing Message Length")
9327 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9332 if ctx
['num'] == idx
:
9333 logger
.info("Test: Invalid Message Length")
9334 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9336 EAP_TYPE_TNC
, 0xa1, 0, 0)
9339 if ctx
['num'] == idx
:
9340 logger
.info("Test: Invalid Message Length")
9341 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
9343 EAP_TYPE_TNC
, 0xe1, 75001)
9346 if ctx
['num'] == idx
:
9347 logger
.info("Test: Start with Message Length")
9348 return struct
.pack(">BBHBBL", EAP_CODE_REQUEST
, ctx
['id'],
9350 EAP_TYPE_TNC
, 0xa1, 1)
9352 if ctx
['num'] == idx
:
9353 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9356 if ctx
['num'] == idx
:
9357 logger
.info("Test: Server used start flag again")
9358 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9362 if ctx
['num'] == idx
:
9363 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9368 if ctx
['num'] == idx
:
9369 logger
.info("Test: Fragmentation and unexpected payload in ack")
9370 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9374 if ctx
['num'] == idx
:
9375 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9379 if ctx
['num'] == idx
:
9380 return struct
.pack(">BBHBBB", EAP_CODE_REQUEST
, ctx
['id'],
9382 EAP_TYPE_TNC
, 0x01, 0)
9385 if ctx
['num'] == idx
:
9386 logger
.info("Test: Server fragmenting and fragment overflow")
9387 return struct
.pack(">BBHBBLB", EAP_CODE_REQUEST
, ctx
['id'],
9389 EAP_TYPE_TNC
, 0xe1, 2, 1)
9391 if ctx
['num'] == idx
:
9392 return struct
.pack(">BBHBBBB", EAP_CODE_REQUEST
, ctx
['id'],
9394 EAP_TYPE_TNC
, 0x01, 2, 3)
9397 if ctx
['num'] == idx
:
9398 logger
.info("Test: Server fragmenting and no message length in a fragment")
9399 return struct
.pack(">BBHBBB", EAP_CODE_REQUEST
, ctx
['id'],
9401 EAP_TYPE_TNC
, 0x61, 2)
9404 if ctx
['num'] == idx
:
9405 logger
.info("Test: TNC start followed by invalid TNCCS-Batch")
9406 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9410 if ctx
['num'] == idx
:
9411 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9413 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9414 4 + 1 + 1 + len(resp
),
9415 EAP_TYPE_TNC
, 0x01) + resp
9418 if ctx
['num'] == idx
:
9419 logger
.info("Test: TNC start followed by invalid TNCCS-Batch (2)")
9420 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9424 if ctx
['num'] == idx
:
9425 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9426 resp
= b
"</TNCCS-Batch><TNCCS-Batch>"
9427 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9428 4 + 1 + 1 + len(resp
),
9429 EAP_TYPE_TNC
, 0x01) + resp
9432 if ctx
['num'] == idx
:
9433 logger
.info("Test: TNCCS-Batch missing BatchId attribute")
9434 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9438 if ctx
['num'] == idx
:
9439 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9440 resp
= b
"<TNCCS-Batch foo=3></TNCCS-Batch>"
9441 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9442 4 + 1 + 1 + len(resp
),
9443 EAP_TYPE_TNC
, 0x01) + resp
9446 if ctx
['num'] == idx
:
9447 logger
.info("Test: Unexpected IF-TNCCS BatchId")
9448 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9452 if ctx
['num'] == idx
:
9453 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9454 resp
= b
"<TNCCS-Batch BatchId=123456789></TNCCS-Batch>"
9455 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9456 4 + 1 + 1 + len(resp
),
9457 EAP_TYPE_TNC
, 0x01) + resp
9460 if ctx
['num'] == idx
:
9461 logger
.info("Test: Missing IMC-IMV-Message and TNCC-TNCS-Message end tags")
9462 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9466 if ctx
['num'] == idx
:
9467 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9468 resp
= b
"<TNCCS-Batch BatchId=2><IMC-IMV-Message><TNCC-TNCS-Message></TNCCS-Batch>"
9469 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9470 4 + 1 + 1 + len(resp
),
9471 EAP_TYPE_TNC
, 0x01) + resp
9473 if ctx
['num'] == idx
:
9474 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9477 if ctx
['num'] == idx
:
9478 logger
.info("Test: Missing IMC-IMV-Message and TNCC-TNCS-Message Type")
9479 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9483 if ctx
['num'] == idx
:
9484 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9485 resp
= b
"<TNCCS-Batch BatchId=2><IMC-IMV-Message></IMC-IMV-Message><TNCC-TNCS-Message></TNCC-TNCS-Message></TNCCS-Batch>"
9486 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9487 4 + 1 + 1 + len(resp
),
9488 EAP_TYPE_TNC
, 0x01) + resp
9490 if ctx
['num'] == idx
:
9491 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9494 if ctx
['num'] == idx
:
9495 logger
.info("Test: Missing TNCC-TNCS-Message XML end tag")
9496 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9500 if ctx
['num'] == idx
:
9501 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9502 resp
= b
"<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><XML></TNCC-TNCS-Message></TNCCS-Batch>"
9503 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9504 4 + 1 + 1 + len(resp
),
9505 EAP_TYPE_TNC
, 0x01) + resp
9507 if ctx
['num'] == idx
:
9508 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9511 if ctx
['num'] == idx
:
9512 logger
.info("Test: Missing TNCC-TNCS-Message Base64 start tag")
9513 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9517 if ctx
['num'] == idx
:
9518 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9519 resp
= b
"<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type></TNCC-TNCS-Message></TNCCS-Batch>"
9520 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9521 4 + 1 + 1 + len(resp
),
9522 EAP_TYPE_TNC
, 0x01) + resp
9524 if ctx
['num'] == idx
:
9525 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9528 if ctx
['num'] == idx
:
9529 logger
.info("Test: Missing TNCC-TNCS-Message Base64 end tag")
9530 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9534 if ctx
['num'] == idx
:
9535 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9536 resp
= b
"<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><Base64>abc</TNCC-TNCS-Message></TNCCS-Batch>"
9537 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9538 4 + 1 + 1 + len(resp
),
9539 EAP_TYPE_TNC
, 0x01) + resp
9541 if ctx
['num'] == idx
:
9542 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9545 if ctx
['num'] == idx
:
9546 logger
.info("Test: TNCC-TNCS-Message Base64 message")
9547 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9551 if ctx
['num'] == idx
:
9552 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9553 resp
= b
"<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><Base64>aGVsbG8=</Base64></TNCC-TNCS-Message></TNCCS-Batch>"
9554 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9555 4 + 1 + 1 + len(resp
),
9556 EAP_TYPE_TNC
, 0x01) + resp
9558 if ctx
['num'] == idx
:
9559 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9562 if ctx
['num'] == idx
:
9563 logger
.info("Test: Invalid TNCC-TNCS-Message XML message")
9564 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9568 if ctx
['num'] == idx
:
9569 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9570 resp
= b
"<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><XML>hello</XML></TNCC-TNCS-Message></TNCCS-Batch>"
9571 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9572 4 + 1 + 1 + len(resp
),
9573 EAP_TYPE_TNC
, 0x01) + resp
9575 if ctx
['num'] == idx
:
9576 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9579 if ctx
['num'] == idx
:
9580 logger
.info("Test: Missing TNCCS-Recommendation type")
9581 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9585 if ctx
['num'] == idx
:
9586 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9587 resp
= b
'<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><XML><TNCCS-Recommendation foo=1></TNCCS-Recommendation></XML></TNCC-TNCS-Message></TNCCS-Batch>'
9588 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9589 4 + 1 + 1 + len(resp
),
9590 EAP_TYPE_TNC
, 0x01) + resp
9592 if ctx
['num'] == idx
:
9593 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9596 if ctx
['num'] == idx
:
9597 logger
.info("Test: TNCCS-Recommendation type=none")
9598 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9602 if ctx
['num'] == idx
:
9603 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9604 resp
= b
'<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><XML><TNCCS-Recommendation type="none"></TNCCS-Recommendation></XML></TNCC-TNCS-Message></TNCCS-Batch>'
9605 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9606 4 + 1 + 1 + len(resp
),
9607 EAP_TYPE_TNC
, 0x01) + resp
9609 if ctx
['num'] == idx
:
9610 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9613 if ctx
['num'] == idx
:
9614 logger
.info("Test: TNCCS-Recommendation type=isolate")
9615 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9619 if ctx
['num'] == idx
:
9620 logger
.info("Received TNCCS-Batch: " + binascii
.hexlify(req
[6:]).decode())
9621 resp
= b
'<TNCCS-Batch BatchId=2><TNCC-TNCS-Message><Type>00000001</Type><XML><TNCCS-Recommendation type="isolate"></TNCCS-Recommendation></XML></TNCC-TNCS-Message></TNCCS-Batch>'
9622 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
9623 4 + 1 + 1 + len(resp
),
9624 EAP_TYPE_TNC
, 0x01) + resp
9626 if ctx
['num'] == idx
:
9627 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9629 logger
.info("No more test responses available - test case completed")
9630 global eap_proto_tnc_test_done
9631 eap_proto_tnc_test_done
= True
9632 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9634 srv
= start_radius_server(tnc_handler
)
9637 hapd
= start_ap(apdev
[0])
9638 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9641 while not eap_proto_tnc_test_done
:
9643 logger
.info("Running connection iteration %d" % i
)
9647 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9648 eap
="TNC", identity
="tnc", fragment_size
=str(frag
),
9650 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
9652 raise Exception("Timeout on EAP start")
9653 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD",
9654 "CTRL-EVENT-EAP-STATUS"], timeout
=5)
9656 raise Exception("Timeout on EAP method start")
9658 dev
[0].request("REMOVE_NETWORK all")
9659 dev
[0].wait_disconnected(timeout
=1)
9660 dev
[0].dump_monitor()
9662 stop_radius_server(srv
)
9664 def test_eap_canned_success_after_identity(dev
, apdev
):
9665 """EAP protocol tests for canned EAP-Success after identity"""
9666 check_eap_capa(dev
[0], "MD5")
9667 def eap_canned_success_handler(ctx
, req
):
9668 logger
.info("eap_canned_success_handler - RX " + binascii
.hexlify(req
).decode())
9669 if 'num' not in ctx
:
9671 ctx
['num'] = ctx
['num'] + 1
9674 ctx
['id'] = (ctx
['id'] + 1) % 256
9678 if ctx
['num'] == idx
:
9679 logger
.info("Test: EAP-Success")
9680 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
9683 if ctx
['num'] == idx
:
9684 logger
.info("Test: EAP-Success")
9685 return struct
.pack(">BBH", EAP_CODE_SUCCESS
, ctx
['id'], 4)
9689 srv
= start_radius_server(eap_canned_success_handler
)
9692 hapd
= start_ap(apdev
[0])
9693 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9695 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9696 phase1
="allow_canned_success=1",
9697 eap
="MD5", identity
="user", password
="password",
9699 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=15)
9701 raise Exception("Timeout on EAP success")
9702 dev
[0].request("REMOVE_NETWORK all")
9703 dev
[0].wait_disconnected()
9705 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9706 eap
="MD5", identity
="user", password
="password",
9708 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
9710 raise Exception("Timeout on EAP start")
9711 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=0.1)
9713 raise Exception("Unexpected EAP success")
9714 dev
[0].request("REMOVE_NETWORK all")
9715 dev
[0].wait_disconnected()
9717 stop_radius_server(srv
)
9719 def test_eap_proto_wsc(dev
, apdev
):
9720 """EAP-WSC protocol tests"""
9721 global eap_proto_wsc_test_done
, eap_proto_wsc_wait_failure
9722 eap_proto_wsc_test_done
= False
9724 def wsc_handler(ctx
, req
):
9725 logger
.info("wsc_handler - RX " + binascii
.hexlify(req
).decode())
9726 if 'num' not in ctx
:
9731 ctx
['id'] = (ctx
['id'] + 1) % 256
9734 global eap_proto_wsc_wait_failure
9735 eap_proto_wsc_wait_failure
= False
9738 if ctx
['num'] == idx
:
9739 logger
.info("Test: Missing Flags field")
9740 return struct
.pack(">BBHB3BLB", EAP_CODE_REQUEST
, ctx
['id'],
9742 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9746 if ctx
['num'] == idx
:
9747 logger
.info("Test: Message underflow (missing Message Length field)")
9748 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9750 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9754 if ctx
['num'] == idx
:
9755 logger
.info("Test: Invalid Message Length (> 50000)")
9756 return struct
.pack(">BBHB3BLBBH", EAP_CODE_REQUEST
, ctx
['id'],
9758 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9762 if ctx
['num'] == idx
:
9763 logger
.info("Test: Invalid Message Length (< current payload)")
9764 return struct
.pack(">BBHB3BLBBHB", EAP_CODE_REQUEST
, ctx
['id'],
9766 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9770 if ctx
['num'] == idx
:
9771 logger
.info("Test: Unexpected Op-Code 5 in WAIT_START state")
9772 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9774 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9778 if ctx
['num'] == idx
:
9779 logger
.info("Test: Valid WSC Start to start the sequence")
9780 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9782 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9785 if ctx
['num'] == idx
:
9786 logger
.info("Test: No Message Length field in a fragmented packet")
9787 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9789 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9793 if ctx
['num'] == idx
:
9794 logger
.info("Test: Valid WSC Start to start the sequence")
9795 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9797 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9800 if ctx
['num'] == idx
:
9801 logger
.info("Test: Valid first fragmented packet")
9802 return struct
.pack(">BBHB3BLBBHB", EAP_CODE_REQUEST
, ctx
['id'],
9804 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9807 if ctx
['num'] == idx
:
9808 logger
.info("Test: Unexpected Op-Code 5 in fragment (expected 4)")
9809 return struct
.pack(">BBHB3BLBBB", EAP_CODE_REQUEST
, ctx
['id'],
9811 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9815 if ctx
['num'] == idx
:
9816 logger
.info("Test: Valid WSC Start to start the sequence")
9817 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9819 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9822 if ctx
['num'] == idx
:
9823 logger
.info("Test: Valid first fragmented packet")
9824 return struct
.pack(">BBHB3BLBBHB", EAP_CODE_REQUEST
, ctx
['id'],
9826 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9829 if ctx
['num'] == idx
:
9830 logger
.info("Test: Fragment overflow")
9831 return struct
.pack(">BBHB3BLBBBB", EAP_CODE_REQUEST
, ctx
['id'],
9833 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9837 if ctx
['num'] == idx
:
9838 logger
.info("Test: Valid WSC Start to start the sequence")
9839 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9841 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9844 if ctx
['num'] == idx
:
9845 logger
.info("Test: Unexpected Op-Code 5 in WAIT_FRAG_ACK state")
9846 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9848 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9852 if ctx
['num'] == idx
:
9853 logger
.info("Test: Valid WSC Start")
9854 return struct
.pack(">BBHB3BLBB", EAP_CODE_REQUEST
, ctx
['id'],
9856 EAP_TYPE_EXPANDED
, 0x00, 0x37, 0x2a, 1,
9859 if ctx
['num'] == idx
:
9860 logger
.info("No more test responses available - test case completed")
9861 global eap_proto_wsc_test_done
9862 eap_proto_wsc_test_done
= True
9863 eap_proto_wsc_wait_failure
= True
9864 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9866 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
9868 srv
= start_radius_server(wsc_handler
)
9871 hapd
= start_ap(apdev
[0])
9872 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9875 while not eap_proto_wsc_test_done
:
9877 logger
.info("Running connection iteration %d" % i
)
9878 fragment_size
= 1398 if i
!= 9 else 50
9879 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", eap
="WSC",
9880 fragment_size
=str(fragment_size
),
9881 identity
="WFA-SimpleConfig-Enrollee-1-0",
9882 phase1
="pin=12345670",
9883 scan_freq
="2412", wait_connect
=False)
9884 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
9886 raise Exception("Timeout on EAP method start")
9887 if eap_proto_wsc_wait_failure
:
9888 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9890 raise Exception("Timeout on EAP failure")
9893 dev
[0].request("REMOVE_NETWORK all")
9894 dev
[0].wait_disconnected(timeout
=1)
9895 dev
[0].dump_monitor()
9897 stop_radius_server(srv
)
9899 def test_eap_canned_success_before_method(dev
, apdev
):
9900 """EAP protocol tests for canned EAP-Success before any method"""
9901 params
= int_eap_server_params()
9902 hapd
= hostapd
.add_ap(apdev
[0], params
)
9903 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9904 bssid
= apdev
[0]['bssid']
9905 hapd
.request("SET ext_eapol_frame_io 1")
9907 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9908 phase1
="allow_canned_success=1",
9909 eap
="MD5", identity
="user", password
="password",
9912 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
9914 raise Exception("Timeout on EAPOL-TX from hostapd")
9916 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 0200000403020004")
9918 raise Exception("EAPOL_RX to wpa_supplicant failed")
9920 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout
=5)
9922 raise Exception("Timeout on EAP success")
9923 dev
[0].request("REMOVE_NETWORK all")
9924 dev
[0].wait_disconnected()
9926 def test_eap_canned_failure_before_method(dev
, apdev
):
9927 """EAP protocol tests for canned EAP-Failure before any method"""
9928 params
= int_eap_server_params()
9929 hapd
= hostapd
.add_ap(apdev
[0], params
)
9930 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9931 bssid
= apdev
[0]['bssid']
9932 hapd
.request("SET ext_eapol_frame_io 1")
9933 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9934 phase1
="allow_canned_success=1",
9935 eap
="MD5", identity
="user", password
="password",
9938 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
9940 raise Exception("Timeout on EAPOL-TX from hostapd")
9942 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 0200000404020004")
9944 raise Exception("EAPOL_RX to wpa_supplicant failed")
9946 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9948 raise Exception("Timeout on EAP failure")
9949 dev
[0].request("REMOVE_NETWORK all")
9950 dev
[0].wait_disconnected()
9952 def test_eap_nak_oom(dev
, apdev
):
9954 check_eap_capa(dev
[0], "MD5")
9955 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
9956 hapd
= hostapd
.add_ap(apdev
[0], params
)
9957 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9958 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sm_buildNak"):
9959 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9960 eap
="MD5", identity
="sake user", password
="password",
9962 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9963 dev
[0].request("REMOVE_NETWORK all")
9964 dev
[0].wait_disconnected()
9966 def test_eap_nak_expanded(dev
, apdev
):
9967 """EAP-Nak with expanded method"""
9968 check_eap_capa(dev
[0], "MD5")
9969 check_eap_capa(dev
[0], "VENDOR-TEST")
9970 params
= hostapd
.wpa2_eap_params(ssid
="eap-test")
9971 hapd
= hostapd
.add_ap(apdev
[0], params
)
9972 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
9973 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
9974 eap
="VENDOR-TEST WSC",
9975 identity
="sake user", password
="password",
9977 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=10)
9978 if ev
is None or "NAK" not in ev
:
9979 raise Exception("No NAK event seen")
9981 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
9983 raise Exception("No EAP-Failure seen")
9985 dev
[0].request("REMOVE_NETWORK all")
9986 dev
[0].wait_disconnected()
9988 EAP_TLV_RESULT_TLV
= 3
9990 EAP_TLV_ERROR_CODE_TLV
= 5
9991 EAP_TLV_CONNECTION_BINDING_TLV
= 6
9992 EAP_TLV_VENDOR_SPECIFIC_TLV
= 7
9994 EAP_TLV_EAP_PAYLOAD_TLV
= 9
9995 EAP_TLV_INTERMEDIATE_RESULT_TLV
= 10
9996 EAP_TLV_PAC_TLV
= 11
9997 EAP_TLV_CRYPTO_BINDING_TLV
= 12
9998 EAP_TLV_CALLING_STATION_ID_TLV
= 13
9999 EAP_TLV_CALLED_STATION_ID_TLV
= 14
10000 EAP_TLV_NAS_PORT_TYPE_TLV
= 15
10001 EAP_TLV_SERVER_IDENTIFIER_TLV
= 16
10002 EAP_TLV_IDENTITY_TYPE_TLV
= 17
10003 EAP_TLV_SERVER_TRUSTED_ROOT_TLV
= 18
10004 EAP_TLV_REQUEST_ACTION_TLV
= 19
10005 EAP_TLV_PKCS7_TLV
= 20
10007 EAP_TLV_RESULT_SUCCESS
= 1
10008 EAP_TLV_RESULT_FAILURE
= 2
10010 EAP_TLV_TYPE_MANDATORY
= 0x8000
10011 EAP_TLV_TYPE_MASK
= 0x3fff
10013 PAC_TYPE_PAC_KEY
= 1
10014 PAC_TYPE_PAC_OPAQUE
= 2
10015 PAC_TYPE_CRED_LIFETIME
= 3
10018 PAC_TYPE_A_ID_INFO
= 7
10019 PAC_TYPE_PAC_ACKNOWLEDGEMENT
= 8
10020 PAC_TYPE_PAC_INFO
= 9
10021 PAC_TYPE_PAC_TYPE
= 10
10023 def eap_fast_start(ctx
):
10024 logger
.info("Send EAP-FAST/Start")
10025 return struct
.pack(">BBHBBHH", EAP_CODE_REQUEST
, ctx
['id'],
10026 4 + 1 + 1 + 4 + 16,
10027 EAP_TYPE_FAST
, 0x21, 4, 16) + 16*b
'A'
10029 def test_eap_fast_proto(dev
, apdev
):
10030 """EAP-FAST Phase protocol testing"""
10031 check_eap_capa(dev
[0], "FAST")
10032 global eap_fast_proto_ctx
10033 eap_fast_proto_ctx
= None
10035 def eap_handler(ctx
, req
):
10036 logger
.info("eap_handler - RX " + binascii
.hexlify(req
).decode())
10037 if 'num' not in ctx
:
10039 ctx
['num'] = ctx
['num'] + 1
10040 if 'id' not in ctx
:
10042 ctx
['id'] = (ctx
['id'] + 1) % 256
10045 global eap_fast_proto_ctx
10046 eap_fast_proto_ctx
= ctx
10047 ctx
['test_done'] = False
10050 if ctx
['num'] == idx
:
10051 return eap_fast_start(ctx
)
10053 if ctx
['num'] == idx
:
10054 logger
.info("EAP-FAST: TLS processing failed")
10055 data
= b
'ABCDEFGHIK'
10056 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
10057 4 + 1 + 1 + len(data
),
10058 EAP_TYPE_FAST
, 0x01) + data
10060 if ctx
['num'] == idx
:
10061 ctx
['test_done'] = True
10062 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
10064 logger
.info("Past last test case")
10065 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
10067 srv
= start_radius_server(eap_handler
)
10069 hapd
= start_ap(apdev
[0])
10070 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
10071 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
10072 eap
="FAST", anonymous_identity
="FAST",
10073 identity
="user", password
="password",
10074 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
10075 phase1
="fast_provisioning=1",
10076 pac_file
="blob://fast_pac_proto",
10077 wait_connect
=False)
10078 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
10080 raise Exception("Could not start EAP-FAST")
10082 for i
in range(100):
10083 if eap_fast_proto_ctx
:
10084 if eap_fast_proto_ctx
['test_done']:
10088 dev
[0].request("REMOVE_NETWORK all")
10089 dev
[0].wait_disconnected()
10091 stop_radius_server(srv
)
10093 def run_eap_fast_phase2(dev
, test_payload
, test_failure
=True):
10094 global eap_fast_proto_ctx
10095 eap_fast_proto_ctx
= None
10097 def ssl_info_callback(conn
, where
, ret
):
10098 logger
.debug("SSL: info where=%d ret=%d" % (where
, ret
))
10100 def log_conn_state(conn
):
10102 state
= conn
.state_string()
10103 except AttributeError:
10104 state
= conn
.get_state_string()
10106 logger
.info("State: " + str(state
))
10108 def process_clienthello(ctx
, payload
):
10109 logger
.info("Process ClientHello")
10110 ctx
['sslctx'] = OpenSSL
.SSL
.Context(OpenSSL
.SSL
.TLSv1_METHOD
)
10111 ctx
['sslctx'].set_info_callback(ssl_info_callback
)
10112 ctx
['sslctx'].load_tmp_dh("auth_serv/dh.conf")
10113 ctx
['sslctx'].set_cipher_list("ADH-AES128-SHA")
10114 ctx
['conn'] = OpenSSL
.SSL
.Connection(ctx
['sslctx'], None)
10115 ctx
['conn'].set_accept_state()
10116 log_conn_state(ctx
['conn'])
10117 ctx
['conn'].bio_write(payload
)
10119 ctx
['conn'].do_handshake()
10120 except OpenSSL
.SSL
.WantReadError
:
10122 log_conn_state(ctx
['conn'])
10123 data
= ctx
['conn'].bio_read(4096)
10124 log_conn_state(ctx
['conn'])
10125 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
10126 4 + 1 + 1 + len(data
),
10127 EAP_TYPE_FAST
, 0x01) + data
10129 def process_clientkeyexchange(ctx
, payload
, appl_data
):
10130 logger
.info("Process ClientKeyExchange")
10131 log_conn_state(ctx
['conn'])
10132 ctx
['conn'].bio_write(payload
)
10134 ctx
['conn'].do_handshake()
10135 except OpenSSL
.SSL
.WantReadError
:
10137 ctx
['conn'].send(appl_data
)
10138 log_conn_state(ctx
['conn'])
10139 data
= ctx
['conn'].bio_read(4096)
10140 log_conn_state(ctx
['conn'])
10141 return struct
.pack(">BBHBB", EAP_CODE_REQUEST
, ctx
['id'],
10142 4 + 1 + 1 + len(data
),
10143 EAP_TYPE_FAST
, 0x01) + data
10145 def eap_handler(ctx
, req
):
10146 logger
.info("eap_handler - RX " + binascii
.hexlify(req
).decode())
10147 if 'num' not in ctx
:
10149 ctx
['num'] = ctx
['num'] + 1
10150 if 'id' not in ctx
:
10152 ctx
['id'] = (ctx
['id'] + 1) % 256
10155 global eap_fast_proto_ctx
10156 eap_fast_proto_ctx
= ctx
10157 ctx
['test_done'] = False
10158 logger
.debug("ctx['num']=%d" % ctx
['num'])
10161 if ctx
['num'] == idx
:
10162 return eap_fast_start(ctx
)
10164 if ctx
['num'] == idx
:
10165 return process_clienthello(ctx
, req
[6:])
10167 if ctx
['num'] == idx
:
10168 if not test_failure
:
10169 ctx
['test_done'] = True
10170 return process_clientkeyexchange(ctx
, req
[6:], test_payload
)
10172 if ctx
['num'] == idx
:
10173 ctx
['test_done'] = True
10174 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
10176 logger
.info("Past last test case")
10177 return struct
.pack(">BBH", EAP_CODE_FAILURE
, ctx
['id'], 4)
10179 srv
= start_radius_server(eap_handler
)
10181 dev
[0].connect("eap-test", key_mgmt
="WPA-EAP", scan_freq
="2412",
10182 eap
="FAST", anonymous_identity
="FAST",
10183 identity
="user", password
="password",
10184 ca_cert
="auth_serv/ca.pem", phase2
="auth=MSCHAPV2",
10185 phase1
="fast_provisioning=1",
10186 pac_file
="blob://fast_pac_proto",
10187 wait_connect
=False)
10188 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-METHOD"], timeout
=5)
10190 raise Exception("Could not start EAP-FAST")
10191 dev
[0].dump_monitor()
10193 for i
in range(100):
10194 if eap_fast_proto_ctx
:
10195 if eap_fast_proto_ctx
['test_done']:
10200 dev
[0].request("REMOVE_NETWORK all")
10201 dev
[0].wait_disconnected()
10203 raise Exception("EAP-FAST TLS exchange did not complete")
10205 dev
[i
].dump_monitor()
10207 stop_radius_server(srv
)
10209 def test_eap_fast_proto_phase2(dev
, apdev
):
10210 """EAP-FAST Phase 2 protocol testing"""
10211 if not openssl_imported
:
10212 raise HwsimSkip("OpenSSL python method not available")
10213 check_eap_capa(dev
[0], "FAST")
10214 hapd
= start_ap(apdev
[0])
10215 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
10217 tests
= [("Too short Phase 2 TLV frame (len=3)",
10220 ("EAP-FAST: TLV overflow",
10221 struct
.pack(">HHB", 0, 2, 0xff),
10223 ("EAP-FAST: Unknown TLV (optional and mandatory)",
10224 struct
.pack(">HHB", 0, 1, 0xff) +
10225 struct
.pack(">HHB", EAP_TLV_TYPE_MANDATORY
, 1, 0xff),
10227 ("EAP-FAST: More than one EAP-Payload TLV in the message",
10228 struct
.pack(">HHBHHB",
10229 EAP_TLV_EAP_PAYLOAD_TLV
, 1, 0xff,
10230 EAP_TLV_EAP_PAYLOAD_TLV
, 1, 0xff),
10232 ("EAP-FAST: Unknown Result 255 and More than one Result TLV in the message",
10233 struct
.pack(">HHHHHH",
10234 EAP_TLV_RESULT_TLV
, 2, 0xff,
10235 EAP_TLV_RESULT_TLV
, 2, 0xff),
10237 ("EAP-FAST: Too short Result TLV",
10238 struct
.pack(">HHB", EAP_TLV_RESULT_TLV
, 1, 0xff),
10240 ("EAP-FAST: Unknown Intermediate Result 255 and More than one Intermediate-Result TLV in the message",
10241 struct
.pack(">HHHHHH",
10242 EAP_TLV_INTERMEDIATE_RESULT_TLV
, 2, 0xff,
10243 EAP_TLV_INTERMEDIATE_RESULT_TLV
, 2, 0xff),
10245 ("EAP-FAST: Too short Intermediate-Result TLV",
10246 struct
.pack(">HHB", EAP_TLV_INTERMEDIATE_RESULT_TLV
, 1, 0xff),
10248 ("EAP-FAST: More than one Crypto-Binding TLV in the message",
10249 struct
.pack(">HH", EAP_TLV_CRYPTO_BINDING_TLV
, 60) + 60*b
'A' +
10250 struct
.pack(">HH", EAP_TLV_CRYPTO_BINDING_TLV
, 60) + 60*b
'A',
10252 ("EAP-FAST: Too short Crypto-Binding TLV",
10253 struct
.pack(">HHB", EAP_TLV_CRYPTO_BINDING_TLV
, 1, 0xff),
10255 ("EAP-FAST: More than one Request-Action TLV in the message",
10256 struct
.pack(">HHBBHHBB",
10257 EAP_TLV_REQUEST_ACTION_TLV
, 2, 0xff, 0xff,
10258 EAP_TLV_REQUEST_ACTION_TLV
, 2, 0xff, 0xff),
10260 ("EAP-FAST: Too short Request-Action TLV",
10261 struct
.pack(">HHB", EAP_TLV_REQUEST_ACTION_TLV
, 1, 0xff),
10263 ("EAP-FAST: More than one PAC TLV in the message",
10264 struct
.pack(">HHBHHB",
10265 EAP_TLV_PAC_TLV
, 1, 0xff,
10266 EAP_TLV_PAC_TLV
, 1, 0xff),
10268 ("EAP-FAST: Too short EAP Payload TLV (Len=3)",
10269 struct
.pack(">HH3B",
10270 EAP_TLV_EAP_PAYLOAD_TLV
, 3, 0, 0, 0),
10272 ("EAP-FAST: Too short Phase 2 request (Len=0)",
10273 struct
.pack(">HHBBH",
10274 EAP_TLV_EAP_PAYLOAD_TLV
, 4,
10275 EAP_CODE_REQUEST
, 0, 0),
10277 ("EAP-FAST: EAP packet overflow in EAP Payload TLV",
10278 struct
.pack(">HHBBH",
10279 EAP_TLV_EAP_PAYLOAD_TLV
, 4,
10280 EAP_CODE_REQUEST
, 0, 4 + 1),
10282 ("EAP-FAST: Unexpected code=0 in Phase 2 EAP header",
10283 struct
.pack(">HHBBH",
10284 EAP_TLV_EAP_PAYLOAD_TLV
, 4,
10287 ("EAP-FAST: PAC TLV without Result TLV acknowledging success",
10288 struct
.pack(">HHB", EAP_TLV_PAC_TLV
, 1, 0xff),
10290 ("EAP-FAST: PAC TLV does not include all the required fields",
10291 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10292 EAP_TLV_RESULT_SUCCESS
) +
10293 struct
.pack(">HHB", EAP_TLV_PAC_TLV
, 1, 0xff),
10295 ("EAP-FAST: Invalid PAC-Key length 0, Ignored unknown PAC type 0, and PAC TLV overrun (type=0 len=2 left=1)",
10296 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10297 EAP_TLV_RESULT_SUCCESS
) +
10298 struct
.pack(">HHHHHHHHB", EAP_TLV_PAC_TLV
, 4 + 4 + 5,
10299 PAC_TYPE_PAC_KEY
, 0, 0, 0, 0, 2, 0),
10301 ("EAP-FAST: PAC-Info does not include all the required fields",
10302 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10303 EAP_TLV_RESULT_SUCCESS
) +
10304 struct
.pack(">HHHHHHHH", EAP_TLV_PAC_TLV
, 4 + 4 + 4 + 32,
10305 PAC_TYPE_PAC_OPAQUE
, 0,
10306 PAC_TYPE_PAC_INFO
, 0,
10307 PAC_TYPE_PAC_KEY
, 32) + 32*b
'A',
10309 ("EAP-FAST: Invalid CRED_LIFETIME length, Ignored unknown PAC-Info type 0, and Invalid PAC-Type length 1",
10310 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10311 EAP_TLV_RESULT_SUCCESS
) +
10312 struct
.pack(">HHHHHHHHHHHHBHH", EAP_TLV_PAC_TLV
, 4 + 4 + 13 + 4 + 32,
10313 PAC_TYPE_PAC_OPAQUE
, 0,
10314 PAC_TYPE_PAC_INFO
, 13, PAC_TYPE_CRED_LIFETIME
, 0,
10315 0, 0, PAC_TYPE_PAC_TYPE
, 1, 0,
10316 PAC_TYPE_PAC_KEY
, 32) + 32*b
'A',
10318 ("EAP-FAST: Unsupported PAC-Type 0",
10319 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10320 EAP_TLV_RESULT_SUCCESS
) +
10321 struct
.pack(">HHHHHHHHHHH", EAP_TLV_PAC_TLV
, 4 + 4 + 6 + 4 + 32,
10322 PAC_TYPE_PAC_OPAQUE
, 0,
10323 PAC_TYPE_PAC_INFO
, 6, PAC_TYPE_PAC_TYPE
, 2, 0,
10324 PAC_TYPE_PAC_KEY
, 32) + 32*b
'A',
10326 ("EAP-FAST: PAC-Info overrun (type=0 len=2 left=1)",
10327 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10328 EAP_TLV_RESULT_SUCCESS
) +
10329 struct
.pack(">HHHHHHHHBHH", EAP_TLV_PAC_TLV
, 4 + 4 + 5 + 4 + 32,
10330 PAC_TYPE_PAC_OPAQUE
, 0,
10331 PAC_TYPE_PAC_INFO
, 5, 0, 2, 1,
10332 PAC_TYPE_PAC_KEY
, 32) + 32*b
'A',
10334 ("EAP-FAST: Valid PAC",
10335 struct
.pack(">HHH", EAP_TLV_RESULT_TLV
, 2,
10336 EAP_TLV_RESULT_SUCCESS
) +
10337 struct
.pack(">HHHHHHHHBHHBHH", EAP_TLV_PAC_TLV
,
10338 4 + 4 + 10 + 4 + 32,
10339 PAC_TYPE_PAC_OPAQUE
, 0,
10340 PAC_TYPE_PAC_INFO
, 10, PAC_TYPE_A_ID
, 1, 0x41,
10341 PAC_TYPE_A_ID_INFO
, 1, 0x42,
10342 PAC_TYPE_PAC_KEY
, 32) + 32*b
'A',
10344 ("EAP-FAST: Invalid version/subtype in Crypto-Binding TLV",
10345 struct
.pack(">HH", EAP_TLV_CRYPTO_BINDING_TLV
, 60) + 60*b
'A',
10347 for title
, payload
, failure
in tests
:
10348 logger
.info("Phase 2 test: " + title
)
10349 run_eap_fast_phase2(dev
, payload
, failure
)
10351 def test_eap_fast_tlv_nak_oom(dev
, apdev
):
10352 """EAP-FAST Phase 2 TLV NAK OOM"""
10353 if not openssl_imported
:
10354 raise HwsimSkip("OpenSSL python method not available")
10355 check_eap_capa(dev
[0], "FAST")
10356 hapd
= start_ap(apdev
[0])
10357 dev
[0].scan_for_bss(hapd
.own_addr(), freq
=2412)
10359 with
alloc_fail(dev
[0], 1, "eap_fast_tlv_nak"):
10360 run_eap_fast_phase2(dev
, struct
.pack(">HHB", EAP_TLV_TYPE_MANDATORY
,