import time
import logging
logger = logging.getLogger()
+import socket
+import struct
+import subprocess
import hwsim_utils
import hostapd
-from utils import HwsimSkip, alloc_fail, fail_test, wait_fail_trigger
+from wpasupplicant import WpaSupplicant
+from utils import HwsimSkip, alloc_fail, fail_test, wait_fail_trigger, start_monitor, stop_monitor, radiotap_build
from test_ap_psk import find_wpas_process, read_process_memory, verify_not_present, get_key_locations
@remote_compatible
params = hostapd.wpa2_params(ssid="test-sae",
passphrase="12345678")
params['wpa_key_mgmt'] = 'SAE'
- params['sae_groups'] = '22'
+ params['sae_groups'] = '15'
hapd = hostapd.add_ap(apdev[0], params)
- dev[0].request("SET sae_groups 22")
+ dev[0].request("SET sae_groups 15")
for i in range(10):
password = "12345678-" + str(i)
dev[0].request("SET sae_groups ")
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
- ev = hapd.wait_event([ "AP-STA-CONNECTED" ], timeout=5)
+ ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=5)
if ev is None:
raise Exception("No connection event received from hostapd")
dev[0].request("DISCONNECT")
dev[0].request("SET sae_groups ")
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
- ev = hapd.wait_event([ "AP-STA-CONNECTED" ], timeout=5)
+ ev = hapd.wait_event(["AP-STA-CONNECTED"], timeout=5)
if ev is None:
raise Exception("No connection event received from hostapd")
dev[0].request("DISCONNECT")
# MODP) and group 21 (521-bit random ECP group) are a bit too slow on some
# VMs and can result in hitting the mac80211 authentication timeout, so
# allow them to fail and just report such failures in the debug log.
- sae_groups = [ 19, 25, 26, 20, 21, 2, 5, 14, 15, 16, 22, 23, 24 ]
+ sae_groups = [19, 25, 26, 20, 21, 1, 2, 5, 14, 15, 16, 22, 23, 24]
tls = dev[0].request("GET tls_library")
- if tls.startswith("OpenSSL") and "build=OpenSSL 1.0.2" in tls and "run=OpenSSL 1.0.2" in tls:
+ if tls.startswith("OpenSSL") and "run=OpenSSL 1." in tls:
logger.info("Add Brainpool EC groups since OpenSSL is new enough")
- sae_groups += [ 27, 28, 29, 30 ]
- heavy_groups = [ 14, 15, 16 ]
+ sae_groups += [27, 28, 29, 30]
+ heavy_groups = [14, 15, 16]
+ suitable_groups = [15, 16, 17, 18, 19, 20, 21, 28, 29, 30]
groups = [str(g) for g in sae_groups]
params = hostapd.wpa2_params(ssid="test-sae-groups",
passphrase="12345678")
else:
ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=10)
if ev is None:
- if "BoringSSL" in tls and int(g) in [ 25 ]:
+ if "BoringSSL" in tls and int(g) in [25]:
logger.info("Ignore connection failure with group " + g + " with BoringSSL")
dev[0].remove_network(id)
dev[0].dump_monitor()
continue
+ if int(g) not in suitable_groups:
+ logger.info("Ignore connection failure with unsuitable group " + g)
+ dev[0].remove_network(id)
+ dev[0].dump_monitor()
+ continue
raise Exception("Connection timed out with group " + g)
if dev[0].get_status_field('sae_group') != g:
raise Exception("Expected SAE group not used")
if dev[0].get_status_field('sae_group') != '19':
raise Exception("Expected SAE group not used")
+def test_sae_group_nego_no_match(dev, apdev):
+ """SAE group negotiation (no match)"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae-group-nego",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ # None-existing SAE group to force all attempts to be rejected
+ params['sae_groups'] = '0'
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae-group-nego", psk="12345678", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-SSID-TEMP-DISABLED"], timeout=10)
+ dev[0].request("REMOVE_NETWORK all")
+ if ev is None:
+ raise Exception("Network profile disabling not reported")
+
@remote_compatible
def test_sae_anti_clogging(dev, apdev):
"""SAE anti clogging"""
dev[i].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
+def test_sae_and_psk(dev, apdev):
+ """SAE and PSK enabled in network profile"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE WPA-PSK",
+ scan_freq="2412")
+
+def test_sae_and_psk2(dev, apdev):
+ """SAE and PSK enabled in network profile (use PSK)"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-psk", passphrase="12345678")
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-psk", psk="12345678", key_mgmt="SAE WPA-PSK",
+ scan_freq="2412")
+
+def test_sae_mixed_mfp(dev, apdev):
+ """Mixed SAE and non-SAE network and MFP required with SAE"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE WPA-PSK'
+ params["ieee80211w"] = "1"
+ params['sae_require_mfp'] = '1'
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE", ieee80211w="2",
+ scan_freq="2412")
+ dev[0].dump_monitor()
+
+ dev[1].request("SET sae_groups ")
+ dev[1].connect("test-sae", psk="12345678", key_mgmt="SAE", ieee80211w="0",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED",
+ "CTRL-EVENT-ASSOC-REJECT"], timeout=10)
+ if ev is None:
+ raise Exception("No connection result reported")
+ if "CTRL-EVENT-ASSOC-REJECT" not in ev:
+ raise Exception("SAE connection without MFP was not rejected")
+ if "status_code=31" not in ev:
+ raise Exception("Unexpected status code in rejection: " + ev)
+ dev[1].request("DISCONNECT")
+ dev[1].dump_monitor()
+
+ dev[2].connect("test-sae", psk="12345678", ieee80211w="0", scan_freq="2412")
+ dev[2].dump_monitor()
+
+def test_sae_mfp(dev, apdev):
+ """SAE and MFP enabled without sae_require_mfp"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params["ieee80211w"] = "1"
+ hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE", ieee80211w="2",
+ scan_freq="2412")
+
+ dev[1].request("SET sae_groups ")
+ dev[1].connect("test-sae", psk="12345678", key_mgmt="SAE", ieee80211w="0",
+ scan_freq="2412")
+
@remote_compatible
def test_sae_missing_password(dev, apdev):
"""SAE and missing password"""
# eloop before reading process memory.
time.sleep(1)
dev[0].ping()
+ password = password.encode()
buf = read_process_memory(pid, password)
dev[0].request("DISCONNECT")
raise Exception("KCK not found while associated")
if kek not in buf:
raise Exception("KEK not found while associated")
- if tk in buf:
- raise Exception("TK found from memory")
- if gtk in buf:
- get_key_locations(buf, gtk, "GTK")
- raise Exception("GTK found from memory")
+ #if tk in buf:
+ # raise Exception("TK found from memory")
verify_not_present(buf, sae_k, fname, "SAE(k)")
verify_not_present(buf, sae_keyseed, fname, "SAE(keyseed)")
verify_not_present(buf, sae_kck, fname, "SAE(KCK)")
verify_not_present(buf, kck, fname, "KCK")
verify_not_present(buf, kek, fname, "KEK")
verify_not_present(buf, tk, fname, "TK")
+ if gtk in buf:
+ get_key_locations(buf, gtk, "GTK")
verify_not_present(buf, gtk, fname, "GTK")
verify_not_present(buf, sae_k, fname, "SAE(k)")
verify_not_present(buf, sae_keyseed, fname, "SAE(keyseed)")
params = hostapd.wpa2_params(ssid="test-sae",
passphrase="12345678")
params['wpa_key_mgmt'] = 'SAE'
+ params['sae_groups'] = '19 25 26 20'
hapd = hostapd.add_ap(apdev[0], params)
- dev[0].request("SET sae_groups 25")
- tls = dev[0].request("GET tls_library")
- if "BoringSSL" in tls:
- dev[0].request("SET sae_groups 26")
+ dev[0].request("SET sae_groups 20")
with alloc_fail(dev[0], 1, "sae_set_group"):
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
dev[0].request("SET sae_groups 19")
- tests = [ ("Confirm mismatch",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc4240"),
- ("Commit without even full cyclic group field",
- "13",
- None),
- ("Too short commit",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02",
- None),
- ("Invalid commit scalar (0)",
- "1300" + "0000000000000000000000000000000000000000000000000000000000000000" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- None),
- ("Invalid commit scalar (1)",
- "1300" + "0000000000000000000000000000000000000000000000000000000000000001" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- None),
- ("Invalid commit scalar (> r)",
- "1300" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- None),
- ("Commit element not on curve",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728d0000000000000000000000000000000000000000000000000000000000000000",
- None),
- ("Invalid commit element (y coordinate > P)",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
- None),
- ("Invalid commit element (x coordinate > P)",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- None),
- ("Different group in commit",
- "1400" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- None),
- ("Too short confirm",
- "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
- "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc42")]
+ tests = [("Confirm mismatch",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc4240"),
+ ("Commit without even full cyclic group field",
+ "13",
+ None),
+ ("Too short commit",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02",
+ None),
+ ("Invalid commit scalar (0)",
+ "1300" + "0000000000000000000000000000000000000000000000000000000000000000" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ None),
+ ("Invalid commit scalar (1)",
+ "1300" + "0000000000000000000000000000000000000000000000000000000000000001" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ None),
+ ("Invalid commit scalar (> r)",
+ "1300" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ None),
+ ("Commit element not on curve",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728d0000000000000000000000000000000000000000000000000000000000000000",
+ None),
+ ("Invalid commit element (y coordinate > P)",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ None),
+ ("Invalid commit element (x coordinate > P)",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ None),
+ ("Different group in commit",
+ "1400" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ None),
+ ("Too short confirm",
+ "1300" + "033d3635b39666ed427fd4a3e7d37acec2810afeaf1687f746a14163ff0e6d03" + "559cb8928db4ce4e3cbd6555e837591995e5ebe503ef36b503d9ca519d63728dd3c7c676b8e8081831b6bc3a64bdf136061a7de175e17d1965bfa41983ed02f8",
+ "0000800edebc3f260dc1fe7e0b20888af2b8a3316252ec37388a8504e25b73dc42")]
for (note, commit, confirm) in tests:
logger.info(note)
dev[0].scan_for_bss(bssid, freq=2412)
dev[0].request("SET sae_groups 2")
- tests = [ ("Confirm mismatch",
- "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a17486",
- "0000f3116a9731f1259622e3eb55d4b3b50ba16f8c5f5565b28e609b180c51460251"),
- ("Too short commit",
- "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a174",
- None),
- ("Invalid element (0) in commit",
- "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
- None),
- ("Invalid element (1) in commit",
- "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
- None),
- ("Invalid element (> P) in commit",
- "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
- None) ]
+ tests = [("Confirm mismatch",
+ "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a17486",
+ "0000f3116a9731f1259622e3eb55d4b3b50ba16f8c5f5565b28e609b180c51460251"),
+ ("Too short commit",
+ "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "a8c00117493cdffa5dd671e934bc9cb1a69f39e25e9dd9cd9afd3aea2441a0f5491211c7ba50a753563f9ce943b043557cb71193b28e86ed9544f4289c471bf91b70af5c018cf4663e004165b0fd0bc1d8f3f78adf42eee92bcbc55246fd3ee9f107ab965dc7d4986f23eb71d616ebfe6bfe0a6c1ac5dc1718acee17c9a174",
+ None),
+ ("Invalid element (0) in commit",
+ "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000",
+ None),
+ ("Invalid element (1) in commit",
+ "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001",
+ None),
+ ("Invalid element (> P) in commit",
+ "0200" + "0c70519d874e3e4930a917cc5e17ea7a26028211159f217bab28b8d6c56691805e49f03249b2c6e22c7c9f86b30e04ccad2deedd5e5108ae07b737c00001c59cd0eb08b1dfc7f1b06a1542e2b6601a963c066e0c65940983a03917ae57a101ce84b5cbbc76ff33ebb990aac2e54aa0f0ab6ec0a58113d927683502b2cb2347d2" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff",
+ None)]
for (note, commit, confirm) in tests:
logger.info(note)
dev[0].scan_for_bss(bssid, freq=2412)
hapd.set("ext_mgmt_frame_handling", "0")
hapd.dump_monitor()
+def test_sae_proto_confirm_replay(dev, apdev):
+ """SAE protocol testing - Confirm replay"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ hapd = hostapd.add_ap(apdev[0], params)
+ bssid = apdev[0]['bssid']
+
+ dev[0].request("SET sae_groups 19")
+
+ dev[0].scan_for_bss(bssid, freq=2412)
+ hapd.set("ext_mgmt_frame_handling", "1")
+ dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+
+ logger.info("Commit")
+ for i in range(0, 10):
+ req = hapd.mgmt_rx()
+ if req is None:
+ raise Exception("MGMT RX wait timed out (commit)")
+ if req['subtype'] == 11:
+ break
+ req = None
+ if not req:
+ raise Exception("Authentication frame (commit) not received")
+
+ bssid = hapd.own_addr().replace(':', '')
+ addr = dev[0].own_addr().replace(':', '')
+ hdr = "b0003a01" + bssid + addr + bssid + "1000"
+
+ hapd.dump_monitor()
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii.hexlify(req['frame']).decode())
+
+ logger.info("Confirm")
+ for i in range(0, 10):
+ req = hapd.mgmt_rx()
+ if req is None:
+ raise Exception("MGMT RX wait timed out (confirm)")
+ if req['subtype'] == 11:
+ break
+ req = None
+ if not req:
+ raise Exception("Authentication frame (confirm) not received")
+
+ hapd.dump_monitor()
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii.hexlify(req['frame']).decode())
+
+ logger.info("Replay Confirm")
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii.hexlify(req['frame']).decode())
+
+ logger.info("Association Request")
+ for i in range(0, 10):
+ req = hapd.mgmt_rx()
+ if req is None:
+ raise Exception("MGMT RX wait timed out (AssocReq)")
+ if req['subtype'] == 0:
+ break
+ req = None
+ if not req:
+ raise Exception("Association Request frame not received")
+
+ hapd.dump_monitor()
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + binascii.hexlify(req['frame']).decode())
+ ev = hapd.wait_event(["MGMT-TX-STATUS"], timeout=5)
+ if ev is None:
+ raise Exception("Management frame TX status not reported (1)")
+ if "stype=1 ok=1" not in ev:
+ raise Exception("Unexpected management frame TX status (1): " + ev)
+ cmd = "MGMT_TX_STATUS_PROCESS %s" % (" ".join(ev.split(' ')[1:4]))
+ if "OK" not in hapd.request(cmd):
+ raise Exception("MGMT_TX_STATUS_PROCESS failed")
+
+ hapd.set("ext_mgmt_frame_handling", "0")
+
+ dev[0].wait_connected()
+
def test_sae_proto_hostapd(dev, apdev):
"""SAE protocol testing with hostapd"""
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
# "SAE: Unsupported Finite Cyclic Group 65535"
hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr2 + "030001000000" + "ffff" + scalar[:-2])
+def test_sae_proto_hostapd_ecc(dev, apdev):
+ """SAE protocol testing with hostapd (ECC)"""
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="foofoofoo")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_groups'] = "19"
+ hapd = hostapd.add_ap(apdev[0], params)
+ hapd.set("ext_mgmt_frame_handling", "1")
+ bssid = hapd.own_addr().replace(':', '')
+ addr = "020000000000"
+ addr2 = "020000000001"
+ hdr = "b0003a01" + bssid + addr + bssid + "1000"
+ hdr2 = "b0003a01" + bssid + addr2 + bssid + "1000"
+ group = "1300"
+ scalar = "9e9a959bf2dda875a4a29ce9b2afef46f2d83060930124cd9e39ddce798cd69a"
+ element_x = "dfc55fd8622b91d362f4d1fc9646474d7fba0ff7cce6ca58b8e96a931e070220"
+ element_y = "dac8a4e80724f167c1349cc9e1f9dd82a7c77b29d49789b63b72b4c849301a28"
+ # sae_parse_commit_element_ecc() failure to parse peer element
+ # (depending on crypto library, either crypto_ec_point_from_bin() failure
+ # or crypto_ec_point_is_on_curve() returning 0)
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr + "030001000000" + group + scalar + element_x + element_y)
+ # Unexpected continuation of the connection attempt with confirm
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr + "030002000000" + "0000" + "fd7b081ff4e8676f03612a4140eedcd3c179ab3a13b93863c6f7ca451340b9ae")
+
+def test_sae_proto_hostapd_ffc(dev, apdev):
+ """SAE protocol testing with hostapd (FFC)"""
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="foofoofoo")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_groups'] = "22"
+ hapd = hostapd.add_ap(apdev[0], params)
+ hapd.set("ext_mgmt_frame_handling", "1")
+ bssid = hapd.own_addr().replace(':', '')
+ addr = "020000000000"
+ addr2 = "020000000001"
+ hdr = "b0003a01" + bssid + addr + bssid + "1000"
+ hdr2 = "b0003a01" + bssid + addr2 + bssid + "1000"
+ group = "1600"
+ scalar = "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000044cc46a73c07ef479dc66ec1f5e8ccf25131fa40"
+ element = "0f1d67025e12fc874cf718c35b19d1ab2db858215623f1ce661cbd1d7b1d7a09ceda7dba46866cf37044259b5cac4db15e7feb778edc8098854b93a84347c1850c02ee4d7dac46db79c477c731085d5b39f56803cda1eeac4a2fbbccb9a546379e258c00ebe93dfdd0a34cf8ce5c55cf905a89564a590b7e159fb89198e9d5cd"
+ # sae_parse_commit_element_ffc() failure to parse peer element
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr + "030001000000" + group + scalar + element)
+ # Unexpected continuation of the connection attempt with confirm
+ hapd.request("MGMT_RX_PROCESS freq=2412 datarate=0 ssi_signal=-30 frame=" + hdr + "030002000000" + "0000" + "fd7b081ff4e8676f03612a4140eedcd3c179ab3a13b93863c6f7ca451340b9ae")
+
@remote_compatible
def test_sae_no_ffc_by_default(dev, apdev):
"""SAE and default groups rejecting FFC"""
params['wpa_key_mgmt'] = 'SAE'
hapd = hostapd.add_ap(apdev[0], params)
- dev[0].request("SET sae_groups 5")
+ dev[0].request("SET sae_groups 15")
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE", scan_freq="2412",
wait_connect=False)
ev = dev[0].wait_event(["SME: Trying to authenticate"], timeout=3)
@remote_compatible
def test_sae_reflection_attack_ffc(dev, apdev):
"""SAE reflection attack (FFC)"""
- sae_reflection_attack(apdev[0], dev[0], 5)
+ sae_reflection_attack(apdev[0], dev[0], 15)
def sae_reflection_attack_internal(apdev, dev, group):
if "SAE" not in dev.get_capability("auth_alg"):
dev.request("SET sae_groups %d" % group)
dev.connect("test-sae", psk="reflection-attack", key_mgmt="SAE",
scan_freq="2412", wait_connect=False)
+ ev = dev.wait_event(["SME: Trying to authenticate"], timeout=10)
+ if ev is None:
+ raise Exception("No authentication attempt seen")
ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
if ev is not None:
raise Exception("Unexpected connection")
@remote_compatible
def test_sae_reflection_attack_ffc_internal(dev, apdev):
"""SAE reflection attack (FFC) - internal"""
- sae_reflection_attack_internal(apdev[0], dev[0], 5)
+ sae_reflection_attack_internal(apdev[0], dev[0], 15)
@remote_compatible
def test_sae_commit_override(dev, apdev):
if ev is not None:
raise Exception("Unexpected connection")
+def test_sae_commit_invalid_scalar_element_ap(dev, apdev):
+ """SAE commit invalid scalar/element from AP"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_commit_override'] = '1300' + 96*'00'
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", psk="test-sae", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
+ if ev is not None:
+ raise Exception("Unexpected connection")
+
+def test_sae_commit_invalid_element_ap(dev, apdev):
+ """SAE commit invalid element from AP"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_commit_override'] = '1300' + 31*'00' + '02' + 64*'00'
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", psk="test-sae", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
+ if ev is not None:
+ raise Exception("Unexpected connection")
+
+def test_sae_commit_invalid_scalar_element_sta(dev, apdev):
+ """SAE commit invalid scalar/element from STA"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].request("SET sae_groups ")
+ dev[0].set('sae_commit_override', '1300' + 96*'00')
+ dev[0].connect("test-sae", psk="test-sae", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
+ if ev is not None:
+ raise Exception("Unexpected connection")
+
+def test_sae_commit_invalid_element_sta(dev, apdev):
+ """SAE commit invalid element from STA"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ hapd = hostapd.add_ap(apdev[0], params)
+ dev[0].request("SET sae_groups ")
+ dev[0].set('sae_commit_override', '1300' + 31*'00' + '02' + 64*'00')
+ dev[0].connect("test-sae", psk="test-sae", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=1)
+ if ev is not None:
+ raise Exception("Unexpected connection")
+
@remote_compatible
def test_sae_anti_clogging_proto(dev, apdev):
"""SAE anti clogging protocol testing"""
hapd = hostapd.add_ap(apdev[0], params)
dev[0].request("SET sae_groups ")
- tests = [ (1, "os_get_random;sae_get_rand"),
- (1, "os_get_random;get_rand_1_to_p_1"),
- (1, "os_get_random;get_random_qr_qnr"),
- (1, "os_get_random;sae_derive_pwe_ecc") ]
+ tests = [(1, "os_get_random;sae_get_rand"),
+ (1, "os_get_random;get_rand_1_to_p_1"),
+ (1, "os_get_random;get_random_qr_qnr"),
+ (1, "os_get_random;sae_derive_pwe_ecc")]
for count, func in tests:
with fail_test(dev[0], count, func):
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
raise HwsimSkip("SAE not supported")
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
params['wpa_key_mgmt'] = 'SAE'
- params['sae_groups'] = '19 5'
+ params['sae_groups'] = '19 15'
hapd = hostapd.add_ap(apdev[0], params)
dev[0].request("SET sae_groups 19")
dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected()
- dev[0].request("SET sae_groups 5")
+ dev[0].request("SET sae_groups 15")
with fail_test(dev[0], 1, "hmac_sha256_vector;sae_derive_pwe_ffc"):
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
dev[0].request("REMOVE_NETWORK all")
dev[0].wait_disconnected()
- dev[0].request("SET sae_groups 5")
+ dev[0].request("SET sae_groups 15")
with fail_test(dev[0], 1, "sae_test_pwd_seed_ffc"):
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412")
raise HwsimSkip("SAE not supported")
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
params['wpa_key_mgmt'] = 'SAE'
- params['sae_groups'] = '19 5 22'
+ params['sae_groups'] = '19 15 22'
hapd = hostapd.add_ap(apdev[0], params)
dev[0].request("SET sae_groups 19")
- tests = [ (1, "crypto_bignum_init_set;get_rand_1_to_p_1"),
- (1, "crypto_bignum_init;is_quadratic_residue_blind"),
- (1, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
- (2, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
- (3, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
- (1, "crypto_bignum_legendre;is_quadratic_residue_blind"),
- (1, "crypto_bignum_init_set;sae_test_pwd_seed_ecc"),
- (1, "crypto_ec_point_compute_y_sqr;sae_test_pwd_seed_ecc"),
- (1, "crypto_bignum_init_set;get_random_qr_qnr"),
- (1, "crypto_bignum_to_bin;sae_derive_pwe_ecc"),
- (1, "crypto_ec_point_init;sae_derive_pwe_ecc"),
- (1, "crypto_ec_point_solve_y_coord;sae_derive_pwe_ecc"),
- (1, "crypto_ec_point_init;sae_derive_commit_element_ecc"),
- (1, "crypto_ec_point_mul;sae_derive_commit_element_ecc"),
- (1, "crypto_ec_point_invert;sae_derive_commit_element_ecc"),
- (1, "crypto_bignum_init;=sae_derive_commit"),
- (1, "crypto_ec_point_init;sae_derive_k_ecc"),
- (1, "crypto_ec_point_mul;sae_derive_k_ecc"),
- (1, "crypto_ec_point_add;sae_derive_k_ecc"),
- (2, "crypto_ec_point_mul;sae_derive_k_ecc"),
- (1, "crypto_ec_point_to_bin;sae_derive_k_ecc"),
- (1, "crypto_bignum_legendre;get_random_qr_qnr"),
- (1, "sha256_prf;sae_derive_keys"),
- (1, "crypto_bignum_init;sae_derive_keys"),
- (1, "crypto_bignum_init_set;sae_parse_commit_scalar"),
- (1, "crypto_bignum_to_bin;sae_parse_commit_element_ecc"),
- (1, "crypto_ec_point_from_bin;sae_parse_commit_element_ecc") ]
+ tests = [(1, "crypto_bignum_init_set;get_rand_1_to_p_1"),
+ (1, "crypto_bignum_init;is_quadratic_residue_blind"),
+ (1, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
+ (2, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
+ (3, "crypto_bignum_mulmod;is_quadratic_residue_blind"),
+ (1, "crypto_bignum_legendre;is_quadratic_residue_blind"),
+ (1, "crypto_bignum_init_set;sae_test_pwd_seed_ecc"),
+ (1, "crypto_ec_point_compute_y_sqr;sae_test_pwd_seed_ecc"),
+ (1, "crypto_bignum_init_set;get_random_qr_qnr"),
+ (1, "crypto_bignum_to_bin;sae_derive_pwe_ecc"),
+ (1, "crypto_ec_point_init;sae_derive_pwe_ecc"),
+ (1, "crypto_ec_point_solve_y_coord;sae_derive_pwe_ecc"),
+ (1, "crypto_ec_point_init;sae_derive_commit_element_ecc"),
+ (1, "crypto_ec_point_mul;sae_derive_commit_element_ecc"),
+ (1, "crypto_ec_point_invert;sae_derive_commit_element_ecc"),
+ (1, "crypto_bignum_init;=sae_derive_commit"),
+ (1, "crypto_ec_point_init;sae_derive_k_ecc"),
+ (1, "crypto_ec_point_mul;sae_derive_k_ecc"),
+ (1, "crypto_ec_point_add;sae_derive_k_ecc"),
+ (2, "crypto_ec_point_mul;sae_derive_k_ecc"),
+ (1, "crypto_ec_point_to_bin;sae_derive_k_ecc"),
+ (1, "crypto_bignum_legendre;get_random_qr_qnr"),
+ (1, "sha256_prf;sae_derive_keys"),
+ (1, "crypto_bignum_init;sae_derive_keys"),
+ (1, "crypto_bignum_init_set;sae_parse_commit_scalar"),
+ (1, "crypto_bignum_to_bin;sae_parse_commit_element_ecc"),
+ (1, "crypto_ec_point_from_bin;sae_parse_commit_element_ecc")]
for count, func in tests:
with fail_test(dev[0], count, func):
+ hapd.request("NOTE STA failure testing %d:%s" % (count, func))
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412", wait_connect=False)
wait_fail_trigger(dev[0], "GET_FAIL")
dev[0].request("REMOVE_NETWORK all")
+ dev[0].dump_monitor()
+ hapd.dump_monitor()
- dev[0].request("SET sae_groups 5")
- tests = [ (1, "crypto_bignum_init_set;sae_set_group"),
- (2, "crypto_bignum_init_set;sae_set_group"),
- (1, "crypto_bignum_init_set;sae_get_rand"),
- (1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
- (1, "crypto_bignum_exptmod;sae_test_pwd_seed_ffc"),
- (1, "crypto_bignum_init;sae_derive_pwe_ffc"),
- (1, "crypto_bignum_init;sae_derive_commit_element_ffc"),
- (1, "crypto_bignum_exptmod;sae_derive_commit_element_ffc"),
- (1, "crypto_bignum_inverse;sae_derive_commit_element_ffc"),
- (1, "crypto_bignum_init;sae_derive_k_ffc"),
- (1, "crypto_bignum_exptmod;sae_derive_k_ffc"),
- (1, "crypto_bignum_mulmod;sae_derive_k_ffc"),
- (2, "crypto_bignum_exptmod;sae_derive_k_ffc"),
- (1, "crypto_bignum_to_bin;sae_derive_k_ffc"),
- (1, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
- (1, "crypto_bignum_init;sae_parse_commit_element_ffc"),
- (2, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
- (1, "crypto_bignum_exptmod;sae_parse_commit_element_ffc") ]
+ dev[0].request("SET sae_groups 15")
+ tests = [(1, "crypto_bignum_init_set;sae_set_group"),
+ (2, "crypto_bignum_init_set;sae_set_group"),
+ (1, "crypto_bignum_init_set;sae_get_rand"),
+ (1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
+ (1, "crypto_bignum_exptmod;sae_test_pwd_seed_ffc"),
+ (1, "crypto_bignum_init;sae_derive_pwe_ffc"),
+ (1, "crypto_bignum_init;sae_derive_commit_element_ffc"),
+ (1, "crypto_bignum_exptmod;sae_derive_commit_element_ffc"),
+ (1, "crypto_bignum_inverse;sae_derive_commit_element_ffc"),
+ (1, "crypto_bignum_init;sae_derive_k_ffc"),
+ (1, "crypto_bignum_exptmod;sae_derive_k_ffc"),
+ (1, "crypto_bignum_mulmod;sae_derive_k_ffc"),
+ (2, "crypto_bignum_exptmod;sae_derive_k_ffc"),
+ (1, "crypto_bignum_to_bin;sae_derive_k_ffc"),
+ (1, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
+ (1, "crypto_bignum_init;sae_parse_commit_element_ffc"),
+ (2, "crypto_bignum_init_set;sae_parse_commit_element_ffc"),
+ (1, "crypto_bignum_exptmod;sae_parse_commit_element_ffc")]
for count, func in tests:
with fail_test(dev[0], count, func):
+ hapd.request("NOTE STA failure testing %d:%s" % (count, func))
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412", wait_connect=False)
wait_fail_trigger(dev[0], "GET_FAIL")
dev[0].request("REMOVE_NETWORK all")
+ dev[0].dump_monitor()
+ hapd.dump_monitor()
+
+def test_sae_bignum_failure_unsafe_group(dev, apdev):
+ """SAE and bignum failure unsafe group"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_groups'] = '22'
+ hapd = hostapd.add_ap(apdev[0], params)
dev[0].request("SET sae_groups 22")
- tests = [ (1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
- (1, "crypto_bignum_sub;sae_test_pwd_seed_ffc"),
- (1, "crypto_bignum_div;sae_test_pwd_seed_ffc") ]
+ tests = [(1, "crypto_bignum_init_set;sae_test_pwd_seed_ffc"),
+ (1, "crypto_bignum_sub;sae_test_pwd_seed_ffc"),
+ (1, "crypto_bignum_div;sae_test_pwd_seed_ffc")]
for count, func in tests:
with fail_test(dev[0], count, func):
+ hapd.request("NOTE STA failure testing %d:%s" % (count, func))
dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
scan_freq="2412", wait_connect=False)
wait_fail_trigger(dev[0], "GET_FAIL")
dev[0].request("REMOVE_NETWORK all")
+ dev[0].dump_monitor()
+ hapd.dump_monitor()
def test_sae_invalid_anti_clogging_token_req(dev, apdev):
"""SAE and invalid anti-clogging token request"""
raise HwsimSkip("SAE not supported")
params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
params['wpa_key_mgmt'] = 'SAE'
+ # Beacon more frequently since Probe Request frames are practically ignored
+ # in this test setup (ext_mgmt_frame_handled=1 on hostapd side) and
+ # wpa_supplicant scans may end up getting ignored if no new results are
+ # available due to the missing Probe Response frames.
+ params['beacon_int'] = '20'
hapd = hostapd.add_ap(apdev[0], params)
bssid = apdev[0]['bssid']
scan_freq="2412", wait_connect=False)
ev = dev[0].wait_event(["SME: Trying to authenticate"])
if ev is None:
- raise Exception("No authentication attempt seen")
+ raise Exception("No authentication attempt seen (1)")
dev[0].dump_monitor()
for i in range(0, 10):
resp['bssid'] = req['bssid']
resp['payload'] = binascii.unhexlify("030001004c0013")
hapd.mgmt_tx(resp)
+ ev = hapd.wait_event(["MGMT-TX-STATUS"], timeout=5)
+ if ev is None:
+ raise Exception("Management frame TX status not reported (1)")
+ if "stype=11 ok=1" not in ev:
+ raise Exception("Unexpected management frame TX status (1): " + ev)
ev = dev[0].wait_event(["SME: Trying to authenticate"])
if ev is None:
- raise Exception("No authentication attempt seen")
+ raise Exception("No authentication attempt seen (2)")
dev[0].dump_monitor()
for i in range(0, 10):
resp['bssid'] = req['bssid']
resp['payload'] = binascii.unhexlify("030001000100")
hapd.mgmt_tx(resp)
+ ev = hapd.wait_event(["MGMT-TX-STATUS"], timeout=5)
+ if ev is None:
+ raise Exception("Management frame TX status not reported (1)")
+ if "stype=11 ok=1" not in ev:
+ raise Exception("Unexpected management frame TX status (1): " + ev)
ev = dev[0].wait_event(["SME: Trying to authenticate"])
if ev is None:
- raise Exception("No authentication attempt seen")
+ raise Exception("No authentication attempt seen (3)")
dev[0].dump_monitor()
dev[0].request("DISCONNECT")
dev[0].request("SET sae_groups ")
dev[0].connect("test-sae", sae_password=100*"A", key_mgmt="SAE",
scan_freq="2412")
+
+def test_sae_connect_cmd(dev, apdev):
+ """SAE with connect command"""
+ wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
+ wpas.interface_add("wlan5", drv_params="force_connect_cmd=1")
+ if "SAE" not in wpas.get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ wpas.request("SET sae_groups ")
+ wpas.connect("test-sae", psk="12345678", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ # mac80211_hwsim does not support SAE offload, so accept both a successful
+ # connection and association rejection.
+ ev = wpas.wait_event(["CTRL-EVENT-CONNECTED", "CTRL-EVENT-ASSOC-REJECT",
+ "Association request to the driver failed"],
+ timeout=15)
+ if ev is None:
+ raise Exception("No connection result reported")
+
+def run_sae_password_id(dev, apdev, groups=None):
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae")
+ params['wpa_key_mgmt'] = 'SAE'
+ if groups:
+ params['sae_groups'] = groups
+ else:
+ groups = ""
+ params['sae_password'] = ['secret|mac=ff:ff:ff:ff:ff:ff|id=pw id',
+ 'foo|mac=02:02:02:02:02:02',
+ 'another secret|mac=ff:ff:ff:ff:ff:ff|id=' + 29*'A']
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups " + groups)
+ dev[0].connect("test-sae", sae_password="secret", sae_password_id="pw id",
+ key_mgmt="SAE", scan_freq="2412")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ # SAE Password Identifier element with the exact same length as the
+ # optional Anti-Clogging Token field
+ dev[0].connect("test-sae", sae_password="another secret",
+ sae_password_id=29*'A',
+ key_mgmt="SAE", scan_freq="2412")
+ dev[0].request("REMOVE_NETWORK all")
+ dev[0].wait_disconnected()
+
+ dev[0].connect("test-sae", sae_password="secret", sae_password_id="unknown",
+ key_mgmt="SAE", scan_freq="2412", wait_connect=False)
+
+ ev = dev[0].wait_event(["CTRL-EVENT-SAE-UNKNOWN-PASSWORD-IDENTIFIER"],
+ timeout=10)
+ if ev is None:
+ raise Exception("Unknown password identifier not reported")
+ dev[0].request("REMOVE_NETWORK all")
+
+def test_sae_password_id(dev, apdev):
+ """SAE and password identifier"""
+ run_sae_password_id(dev, apdev, "")
+
+def test_sae_password_id_ecc(dev, apdev):
+ """SAE and password identifier (ECC)"""
+ run_sae_password_id(dev, apdev, "19")
+
+def test_sae_password_id_ffc(dev, apdev):
+ """SAE and password identifier (FFC)"""
+ run_sae_password_id(dev, apdev, "15")
+
+def test_sae_password_id_only(dev, apdev):
+ """SAE and password identifier (exclusively)"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_password'] = 'secret|id=pw id'
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ dev[0].connect("test-sae", sae_password="secret", sae_password_id="pw id",
+ key_mgmt="SAE", scan_freq="2412")
+
+def test_sae_forced_anti_clogging_pw_id(dev, apdev):
+ """SAE anti clogging (forced and Password Identifier)"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_anti_clogging_threshold'] = '0'
+ params['sae_password'] = 'secret|id=' + 29*'A'
+ hostapd.add_ap(apdev[0], params)
+ for i in range(0, 2):
+ dev[i].request("SET sae_groups ")
+ dev[i].connect("test-sae", sae_password="secret",
+ sae_password_id=29*'A', key_mgmt="SAE", scan_freq="2412")
+
+def test_sae_reauth(dev, apdev):
+ """SAE reauthentication"""
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae",
+ passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params["ieee80211w"] = "2"
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ dev[0].request("SET sae_groups ")
+ id = dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
+ ieee80211w="2", scan_freq="2412")
+
+ hapd.set("ext_mgmt_frame_handling", "1")
+ dev[0].request("DISCONNECT")
+ dev[0].wait_disconnected(timeout=10)
+ hapd.set("ext_mgmt_frame_handling", "0")
+ dev[0].request("PMKSA_FLUSH")
+ dev[0].request("REASSOCIATE")
+ dev[0].wait_connected(timeout=10, error="Timeout on re-connection")
+
+def test_sae_anti_clogging_during_attack(dev, apdev):
+ """SAE anti clogging during an attack"""
+ try:
+ run_sae_anti_clogging_during_attack(dev, apdev)
+ finally:
+ stop_monitor(apdev[1]["ifname"])
+
+def build_sae_commit(bssid, addr, group=21, token=None):
+ if group == 19:
+ scalar = binascii.unhexlify("7332d3ebff24804005ccd8c56141e3ed8d84f40638aa31cd2fac11d4d2e89e7b")
+ element = binascii.unhexlify("954d0f4457066bff3168376a1d7174f4e66620d1792406f613055b98513a7f03a538c13dfbaf2029e2adc6aa96aa0ddcf08ac44887b02f004b7f29b9dbf4b7d9")
+ elif group == 21:
+ scalar = binascii.unhexlify("001eec673111b902f5c8a61c8cb4c1c4793031aeea8c8c319410903bc64bcbaea134ab01c4e016d51436f5b5426f7e2af635759a3033fb4031ea79f89a62a3e2f828")
+ element = binascii.unhexlify("00580eb4b448ea600ea277d5e66e4ed37db82bb04ac90442e9c3727489f366ba4b82f0a472d02caf4cdd142e96baea5915d71374660ee23acbaca38cf3fe8c5fb94b01abbc5278121635d7c06911c5dad8f18d516e1fbe296c179b7c87a1dddfab393337d3d215ed333dd396da6d8f20f798c60d054f1093c24d9c2d98e15c030cc375f0")
+ pass
+ frame = binascii.unhexlify("b0003a01")
+ frame += bssid + addr + bssid
+ frame += binascii.unhexlify("1000")
+ auth_alg = 3
+ transact = 1
+ status = 0
+ frame += struct.pack("<HHHH", auth_alg, transact, status, group)
+ if token:
+ frame += token
+ frame += scalar + element
+ return frame
+
+def sae_rx_commit_token_req(sock, radiotap, send_two=False):
+ msg = sock.recv(1500)
+ ver, pad, len, present = struct.unpack('<BBHL', msg[0:8])
+ frame = msg[len:]
+ fc, duration = struct.unpack('<HH', frame[0:4])
+ if fc != 0xb0:
+ return False
+ frame = frame[4:]
+ da = frame[0:6]
+ if da[0] != 0xf2:
+ return False
+ sa = frame[6:12]
+ bssid = frame[12:18]
+ body = frame[20:]
+
+ alg, seq, status, group = struct.unpack('<HHHH', body[0:8])
+ if alg != 3 or seq != 1 or status != 76:
+ return False
+ token = body[8:]
+
+ frame = build_sae_commit(bssid, da, token=token)
+ sock.send(radiotap + frame)
+ if send_two:
+ sock.send(radiotap + frame)
+ return True
+
+def run_sae_anti_clogging_during_attack(dev, apdev):
+ if "SAE" not in dev[0].get_capability("auth_alg"):
+ raise HwsimSkip("SAE not supported")
+ params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
+ params['wpa_key_mgmt'] = 'SAE'
+ params['sae_groups'] = '21'
+ hapd = hostapd.add_ap(apdev[0], params)
+
+ dev[0].scan_for_bss(hapd.own_addr(), freq=2412)
+ dev[0].request("SET sae_groups 21")
+ dev[1].scan_for_bss(hapd.own_addr(), freq=2412)
+ dev[1].request("SET sae_groups 21")
+
+ sock = start_monitor(apdev[1]["ifname"])
+ radiotap = radiotap_build()
+
+ bssid = binascii.unhexlify(hapd.own_addr().replace(':', ''))
+ for i in range(16):
+ addr = binascii.unhexlify("f2%010x" % i)
+ frame = build_sae_commit(bssid, addr)
+ sock.send(radiotap + frame)
+ sock.send(radiotap + frame)
+
+ count = 0
+ for i in range(150):
+ if sae_rx_commit_token_req(sock, radiotap, send_two=True):
+ count += 1
+ logger.info("Number of token responses sent: %d" % count)
+ if count < 10:
+ raise Exception("Too few token responses seen: %d" % count)
+
+ for i in range(16):
+ addr = binascii.unhexlify("f201%08x" % i)
+ frame = build_sae_commit(bssid, addr)
+ sock.send(radiotap + frame)
+
+ count = 0
+ for i in range(150):
+ if sae_rx_commit_token_req(sock, radiotap):
+ count += 1
+ if count == 10:
+ break
+ if count < 5:
+ raise Exception("Too few token responses in second round: %d" % count)
+
+ dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+ dev[1].connect("test-sae", psk="12345678", key_mgmt="SAE",
+ scan_freq="2412", wait_connect=False)
+
+ count = 0
+ connected0 = False
+ connected1 = False
+ for i in range(1000):
+ if sae_rx_commit_token_req(sock, radiotap):
+ count += 1
+ addr = binascii.unhexlify("f202%08x" % i)
+ frame = build_sae_commit(bssid, addr)
+ sock.send(radiotap + frame)
+ while dev[0].mon.pending():
+ ev = dev[0].mon.recv()
+ logger.debug("EV0: " + ev)
+ if "CTRL-EVENT-CONNECTED" in ev:
+ connected0 = True
+ while dev[1].mon.pending():
+ ev = dev[1].mon.recv()
+ logger.debug("EV1: " + ev)
+ if "CTRL-EVENT-CONNECTED" in ev:
+ connected1 = True
+ if connected0 and connected1:
+ break
+ if not connected0:
+ raise Exception("Real station(0) did not get connected")
+ if not connected1:
+ raise Exception("Real station(1) did not get connected")
+ if count < 1:
+ raise Exception("Too few token responses in third round: %d" % count)
projects / thirdparty / hostap.git / blobdiff