DPP3: Testing functionality for push button announcements

Allow the Responder/Initiator hash values to be corrupted in Push Button
Presence Announcement messages for testing purposes.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 9bbe71868c051fca1ba93e36301e9ae90ad23c4c..489e061e3c11f5dc9fad644bd460b3ff31e0575a 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -4957,6 +4957,10 @@ void dpp_notify_chirp_received(void *msg_ctx, int id, const u8 *src,
 struct wpabuf * dpp_build_pb_announcement(struct dpp_bootstrap_info *bi)
 {
        struct wpabuf *msg;
+       const u8 *r_hash = bi->pubkey_hash_chirp;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        wpa_printf(MSG_DEBUG,
                   "DPP: Build Push Button Presence Announcement frame");
@@ -4966,8 +4970,18 @@ struct wpabuf * dpp_build_pb_announcement(struct dpp_bootstrap_info *bi)
        if (!msg)
                return NULL;
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_REQ) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, r_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               r_hash = test_hash;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Responder Bootstrapping Key Hash */
-       dpp_build_attr_r_bootstrap_key_hash(msg, bi->pubkey_hash_chirp);
+       dpp_build_attr_r_bootstrap_key_hash(msg, r_hash);
        wpa_hexdump_buf(MSG_DEBUG,
                        "DPP: Push Button Presence Announcement frame attributes",
                        msg);
@@ -4981,6 +4995,10 @@ struct wpabuf * dpp_build_pb_announcement_resp(struct dpp_bootstrap_info *bi,
                                               size_t c_nonce_len)
 {
        struct wpabuf *msg;
+       const u8 *i_hash = bi->pubkey_hash_chirp;
+#ifdef CONFIG_TESTING_OPTIONS
+       u8 test_hash[SHA256_MAC_LEN];
+#endif /* CONFIG_TESTING_OPTIONS */
 
        wpa_printf(MSG_DEBUG,
                   "DPP: Build Push Button Presence Announcement Response frame");
@@ -4990,11 +5008,27 @@ struct wpabuf * dpp_build_pb_announcement_resp(struct dpp_bootstrap_info *bi,
        if (!msg)
                return NULL;
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_PB_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid I-Bootstrap Key Hash");
+               os_memcpy(test_hash, i_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               i_hash = test_hash;
+       } else if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_RESP) {
+               wpa_printf(MSG_INFO,
+                          "DPP: TESTING - invalid R-Bootstrap Key Hash");
+               os_memcpy(test_hash, e_hash, SHA256_MAC_LEN);
+               test_hash[SHA256_MAC_LEN - 1] ^= 0x01;
+               e_hash = test_hash;
+       }
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Initiator Bootstrapping Key Hash */
        wpa_printf(MSG_DEBUG, "DPP: I-Bootstrap Key Hash");
        wpabuf_put_le16(msg, DPP_ATTR_I_BOOTSTRAP_KEY_HASH);
        wpabuf_put_le16(msg, SHA256_MAC_LEN);
-       wpabuf_put_data(msg, bi->pubkey_hash_chirp, SHA256_MAC_LEN);
+       wpabuf_put_data(msg, i_hash, SHA256_MAC_LEN);
 
        /* Responder Bootstrapping Key Hash */
        dpp_build_attr_r_bootstrap_key_hash(msg, e_hash);

diff --git a/src/common/dpp.h b/src/common/dpp.h
index c2cf0c2ef7af25b01cedc913ffeee4125140beb6..edeb34c47a900c3b9aa8babe1aa86417ba5cfba9 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -537,6 +537,9 @@ enum dpp_test_behavior {
        DPP_TEST_INVALID_PROTOCOL_VERSION_PEER_DISC_RESP = 95,
        DPP_TEST_INVALID_PROTOCOL_VERSION_RECONFIG_AUTH_REQ = 96,
        DPP_TEST_NO_PROTOCOL_VERSION_RECONFIG_AUTH_REQ = 97,
+       DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_REQ = 98,
+       DPP_TEST_INVALID_I_BOOTSTRAP_KEY_HASH_PB_RESP = 99,
+       DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_RESP = 100,
 };
 
 extern enum dpp_test_behavior dpp_test;

diff --git a/wpa_supplicant/dpp_supplicant.c b/wpa_supplicant/dpp_supplicant.c
index 88986af6c7bf8eda98b06cee17f6af01317ebdd1..a248ca2dda4d30d7323d370dbed5a0d43d5f8055 100644 (file)
--- a/wpa_supplicant/dpp_supplicant.c
+++ b/wpa_supplicant/dpp_supplicant.c
@@ -3203,12 +3203,21 @@ wpas_dpp_rx_pb_presence_announcement_resp(struct wpa_supplicant *wpa_s,
        wpa_hexdump(MSG_MSGDUMP, "DPP: Configurator Nonce",
                    c_nonce, c_nonce_len);
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_INVALID_R_BOOTSTRAP_KEY_HASH_PB_REQ &&
+           os_memcmp(r_hash, wpa_s->dpp_pb_bi->pubkey_hash_chirp,
+                     SHA256_MAC_LEN - 1) == 0)
+               goto skip_hash_check;
+#endif /* CONFIG_TESTING_OPTIONS */
        if (os_memcmp(r_hash, wpa_s->dpp_pb_bi->pubkey_hash_chirp,
                      SHA256_MAC_LEN) != 0) {
                wpa_printf(MSG_INFO,
                           "DPP: Unexpected push button Responder hash - abort");
                overlap = true;
        }
+#ifdef CONFIG_TESTING_OPTIONS
+skip_hash_check:
+#endif /* CONFIG_TESTING_OPTIONS */
 
        if (wpa_s->dpp_pb_resp_freq &&
            os_memcmp(i_hash, wpa_s->dpp_pb_init_hash, SHA256_MAC_LEN) != 0) {