DPP: Omission of Auth Conf attributes for protocol testing

This extends the dpp_test mechanism to allow each of the required
attributes in Authentication Confirm to be omitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

diff --git a/src/common/dpp.c b/src/common/dpp.c
index 13eae91bf87e0e447b4666e4a547ae0e6141abb1..f83cb50da54665673f2fd1e4d6e18725cdfa268a 100644 (file)
--- a/src/common/dpp.c
+++ b/src/common/dpp.c
@@ -2574,16 +2574,33 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth)
 
        attr_start = wpabuf_put(msg, 0);
 
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_STATUS_AUTH_CONF)
+               goto skip_status;
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* DPP Status */
        wpabuf_put_le16(msg, DPP_ATTR_STATUS);
        wpabuf_put_le16(msg, 1);
        wpabuf_put_u8(msg, DPP_STATUS_OK);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_status:
+       if (dpp_test == DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF)
+               goto skip_r_bootstrap_key;
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* Responder Bootstrapping Key Hash */
        wpabuf_put_le16(msg, DPP_ATTR_R_BOOTSTRAP_KEY_HASH);
        wpabuf_put_le16(msg, SHA256_MAC_LEN);
        wpabuf_put_data(msg, auth->peer_bi->pubkey_hash, SHA256_MAC_LEN);
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_r_bootstrap_key:
+       if (dpp_test == DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF)
+               goto skip_i_bootstrap_key;
+#endif /* CONFIG_TESTING_OPTIONS */
+
        if (auth->own_bi) {
                /* Mutual authentication */
                /* Initiator Bootstrapping Key Hash */
@@ -2592,6 +2609,14 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth)
                wpabuf_put_data(msg, auth->own_bi->pubkey_hash, SHA256_MAC_LEN);
        }
 
+#ifdef CONFIG_TESTING_OPTIONS
+skip_i_bootstrap_key:
+       if (dpp_test == DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF)
+               goto skip_wrapped_data;
+       if (dpp_test == DPP_TEST_NO_I_AUTH_AUTH_CONF)
+               i_auth_len = 0;
+#endif /* CONFIG_TESTING_OPTIONS */
+
        attr_end = wpabuf_put(msg, 0);
 
        /* OUI, OUI type, Crypto Suite, DPP frame type */
@@ -2607,11 +2632,22 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth)
        wpabuf_put_le16(msg, DPP_ATTR_WRAPPED_DATA);
        wpabuf_put_le16(msg, i_auth_len + AES_BLOCK_SIZE);
        wrapped_i_auth = wpabuf_put(msg, i_auth_len + AES_BLOCK_SIZE);
+
+#ifdef CONFIG_TESTING_OPTIONS
+       if (dpp_test == DPP_TEST_NO_I_AUTH_AUTH_CONF)
+               goto skip_i_auth;
+#endif /* CONFIG_TESTING_OPTIONS */
+
        /* I-auth = H(R-nonce | I-nonce | PR.x | PI.x | BR.x | [BI.x |] 1) */
        WPA_PUT_LE16(i_auth, DPP_ATTR_I_AUTH_TAG);
        WPA_PUT_LE16(&i_auth[2], auth->curve->hash_len);
-       if (dpp_gen_i_auth(auth, i_auth + 4) < 0 ||
-           aes_siv_encrypt(auth->ke, auth->curve->hash_len,
+       if (dpp_gen_i_auth(auth, i_auth + 4) < 0)
+               goto fail;
+
+#ifdef CONFIG_TESTING_OPTIONS
+skip_i_auth:
+#endif /* CONFIG_TESTING_OPTIONS */
+       if (aes_siv_encrypt(auth->ke, auth->curve->hash_len,
                            i_auth, i_auth_len,
                            2, addr, len, wrapped_i_auth) < 0)
                goto fail;
@@ -2624,6 +2660,7 @@ static struct wpabuf * dpp_auth_build_conf(struct dpp_authentication *auth)
                wpabuf_put_le16(msg, DPP_ATTR_TESTING);
                wpabuf_put_le16(msg, 0);
        }
+skip_wrapped_data:
 #endif /* CONFIG_TESTING_OPTIONS */
 
        wpa_hexdump_buf(MSG_DEBUG,

diff --git a/src/common/dpp.h b/src/common/dpp.h
index 048068ed27035368c3c795340c4775619344c972..2d3a0a0cfc5b9e31789ca00680c4da2a6aee15f8 100644 (file)
--- a/src/common/dpp.h
+++ b/src/common/dpp.h
@@ -231,6 +231,11 @@ enum dpp_test_behavior {
        DPP_TEST_NO_R_CAPAB_AUTH_RESP = 22,
        DPP_TEST_NO_R_AUTH_AUTH_RESP = 23,
        DPP_TEST_NO_WRAPPED_DATA_AUTH_RESP = 24,
+       DPP_TEST_NO_STATUS_AUTH_CONF = 25,
+       DPP_TEST_NO_R_BOOTSTRAP_KEY_HASH_AUTH_CONF = 26,
+       DPP_TEST_NO_I_BOOTSTRAP_KEY_HASH_AUTH_CONF = 27,
+       DPP_TEST_NO_I_AUTH_AUTH_CONF = 28,
+       DPP_TEST_NO_WRAPPED_DATA_AUTH_CONF = 29,
 };
 
 extern enum dpp_test_behavior dpp_test;