DPP: Extend protocol testing to cover missing attributes in PKEX

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 5aededd038803bf3b34e5e2aa3b71a8da097e2d2..206793a7bacd1cc3076e724ddc501939534501f0 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -5522,11 +5522,22 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex)
        if (!msg)
                goto fail;
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Finite Cyclic Group");
+               goto skip_finite_cyclic_group;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Finite Cyclic Group attribute */
        wpabuf_put_le16(msg, DPP_ATTR_FINITE_CYCLIC_GROUP);
        wpabuf_put_le16(msg, 2);
        wpabuf_put_le16(msg, curve->ike_group);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_finite_cyclic_group:
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Code Identifier attribute */
        if (pkex->identifier) {
                wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER);
@@ -5534,6 +5545,13 @@ static struct wpabuf * dpp_pkex_build_exchange_req(struct dpp_pkex *pkex)
                wpabuf_put_str(msg, pkex->identifier);
        }
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key");
+               goto out;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* M in Encrypted Key attribute */
        wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
        wpabuf_put_le16(msg, 2 * curve->prime_len);
@@ -5634,11 +5652,22 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
        if (!msg)
                goto fail;
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Status");
+               goto skip_status;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* DPP Status */
        wpabuf_put_le16(msg, DPP_ATTR_STATUS);
        wpabuf_put_le16(msg, 1);
        wpabuf_put_u8(msg, DPP_STATUS_OK);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_status:
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Code Identifier attribute */
        if (pkex->identifier) {
                wpabuf_put_le16(msg, DPP_ATTR_CODE_IDENTIFIER);
@@ -5646,6 +5675,13 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
                wpabuf_put_str(msg, pkex->identifier);
        }
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Encrypted Key");
+               goto skip_encrypted_key;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* N in Encrypted Key attribute */
        wpabuf_put_le16(msg, DPP_ATTR_ENCRYPTED_KEY);
        wpabuf_put_le16(msg, 2 * curve->prime_len);
@@ -5672,6 +5708,9 @@ static struct wpabuf * dpp_pkex_build_exchange_resp(struct dpp_pkex *pkex,
        os_memset(wpabuf_put(msg, offset), 0, offset);
        BN_bn2bin(Ny, wpabuf_put(msg, num_bytes));
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_encrypted_key:
+#endif /* CONFIG_TESTING_OPTIONS */
        return msg;
 fail:
        wpabuf_free(msg);
@@ -5930,16 +5969,39 @@ dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex,
        if (!clear || !msg)
                goto fail;
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key");
+               goto skip_bootstrap_key;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* A in Bootstrap Key attribute */
        wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
        wpabuf_put_le16(clear, wpabuf_len(A_pub));
        wpabuf_put_buf(clear, A_pub);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_bootstrap_key:
+       if (dpp_test == DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no I-Auth tag");
+               goto skip_i_auth_tag;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* u in I-Auth tag attribute */
        wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
        wpabuf_put_le16(clear, curve->hash_len);
        wpabuf_put_data(clear, u, curve->hash_len);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_i_auth_tag:
+       if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
+               goto skip_wrapped_data;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        addr[0] = wpabuf_head_u8(msg) + 2;
        len[0] = DPP_HDR_LEN;
        octet = 0;
@@ -5966,6 +6028,7 @@ dpp_pkex_build_commit_reveal_req(struct dpp_pkex *pkex,
                wpabuf_put_le16(msg, DPP_ATTR_TESTING);
                wpabuf_put_le16(msg, 0);
        }
+skip_wrapped_data:
 #endif /* CONFIG_TESTING_OPTIONS */
 
 out:
@@ -6180,16 +6243,39 @@ dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex,
        if (!clear || !msg)
                goto fail;
 
-       /* A in Bootstrap Key attribute */
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Bootstrap Key");
+               goto skip_bootstrap_key;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
+       /* B in Bootstrap Key attribute */
        wpabuf_put_le16(clear, DPP_ATTR_BOOTSTRAP_KEY);
        wpabuf_put_le16(clear, wpabuf_len(B_pub));
        wpabuf_put_buf(clear, B_pub);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_bootstrap_key:
+       if (dpp_test == DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth tag");
+               goto skip_r_auth_tag;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* v in R-Auth tag attribute */
        wpabuf_put_le16(clear, DPP_ATTR_R_AUTH_TAG);
        wpabuf_put_le16(clear, curve->hash_len);
        wpabuf_put_data(clear, v, curve->hash_len);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_r_auth_tag:
+       if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP) {
+               wpa_printf(MSG_INFO, "DPP: TESTING - no Wrapped Data");
+               goto skip_wrapped_data;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        addr[0] = wpabuf_head_u8(msg) + 2;
        len[0] = DPP_HDR_LEN;
        octet = 1;
@@ -6216,6 +6302,7 @@ dpp_pkex_build_commit_reveal_resp(struct dpp_pkex *pkex,
                wpabuf_put_le16(msg, DPP_ATTR_TESTING);
                wpabuf_put_le16(msg, 0);
        }
+skip_wrapped_data:
 #endif /* CONFIG_TESTING_OPTIONS */
 
 out:

diff --git a/src/common/dpp.h b/src/common/dpp.h
index 7d073db5ab04574f6255e5161cdf5d734d8cfbec..f50948b9e3f3e0d1e999d34711cd979d42a129e5 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -246,6 +246,16 @@ enum dpp_test_behavior {
        DPP_TEST_INCOMPATIBLE_R_CAPAB_AUTH_RESP = 31,
        DPP_TEST_R_AUTH_MISMATCH_AUTH_RESP = 32,
        DPP_TEST_I_AUTH_MISMATCH_AUTH_CONF = 33,
+       DPP_TEST_NO_FINITE_CYCLIC_GROUP_PKEX_EXCHANGE_REQ = 34,
+       DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_REQ = 35,
+       DPP_TEST_NO_STATUS_PKEX_EXCHANGE_RESP = 36,
+       DPP_TEST_NO_ENCRYPTED_KEY_PKEX_EXCHANGE_RESP = 37,
+       DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_REQ = 38,
+       DPP_TEST_NO_I_AUTH_TAG_PKEX_CR_REQ = 39,
+       DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_REQ = 40,
+       DPP_TEST_NO_BOOTSTRAP_KEY_PKEX_CR_RESP = 41,
+       DPP_TEST_NO_R_AUTH_TAG_PKEX_CR_RESP = 42,
+       DPP_TEST_NO_WRAPPED_DATA_PKEX_CR_RESP = 43,
 };
 
 extern enum dpp_test_behavior dpp_test;