WPS: Add testing option to corrupt public key hash
If CONFIG_WPS_TESTING=y is enabled in build configuration, the new wps_corrupt_pkhash parameter (similar to wps_testing_dummy_cred) can be used to request public key hash to be corrupted in all generated OOB Device Password attributes. This can be used for testing purposes to validate public key hash validation steps. Signed-hostap: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
73127764fe
commit
91226e0d12
5 changed files with 31 additions and 0 deletions
|
@ -965,6 +965,10 @@ static int hostapd_ctrl_iface_set(struct hostapd_data *hapd, char *cmd)
|
||||||
wps_testing_dummy_cred = atoi(value);
|
wps_testing_dummy_cred = atoi(value);
|
||||||
wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
|
wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
|
||||||
wps_testing_dummy_cred);
|
wps_testing_dummy_cred);
|
||||||
|
} else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
|
||||||
|
wps_corrupt_pkhash = atoi(value);
|
||||||
|
wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
|
||||||
|
wps_corrupt_pkhash);
|
||||||
#endif /* CONFIG_WPS_TESTING */
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
#ifdef CONFIG_INTERWORKING
|
#ifdef CONFIG_INTERWORKING
|
||||||
} else if (os_strcasecmp(cmd, "gas_frag_limit") == 0) {
|
} else if (os_strcasecmp(cmd, "gas_frag_limit") == 0) {
|
||||||
|
@ -1599,6 +1603,16 @@ static int hostapd_ctrl_iface_remove(struct hapd_interfaces *interfaces,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
static void hostapd_ctrl_iface_flush(struct hapd_interfaces *interfaces)
|
||||||
|
{
|
||||||
|
#ifdef CONFIG_WPS_TESTING
|
||||||
|
wps_version_number = 0x20;
|
||||||
|
wps_testing_dummy_cred = 0;
|
||||||
|
wps_corrupt_pkhash = 0;
|
||||||
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
|
static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||||
void *sock_ctx)
|
void *sock_ctx)
|
||||||
{
|
{
|
||||||
|
@ -1628,6 +1642,8 @@ static void hostapd_global_ctrl_iface_receive(int sock, void *eloop_ctx,
|
||||||
} else if (os_strncmp(buf, "RELOG", 5) == 0) {
|
} else if (os_strncmp(buf, "RELOG", 5) == 0) {
|
||||||
if (wpa_debug_reopen_file() < 0)
|
if (wpa_debug_reopen_file() < 0)
|
||||||
reply_len = -1;
|
reply_len = -1;
|
||||||
|
} else if (os_strcmp(buf, "FLUSH") == 0) {
|
||||||
|
hostapd_ctrl_iface_flush(interfaces);
|
||||||
} else if (os_strncmp(buf, "ADD ", 4) == 0) {
|
} else if (os_strncmp(buf, "ADD ", 4) == 0) {
|
||||||
if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
|
if (hostapd_ctrl_iface_add(interfaces, buf + 4) < 0)
|
||||||
reply_len = -1;
|
reply_len = -1;
|
||||||
|
|
|
@ -18,6 +18,7 @@
|
||||||
#ifdef CONFIG_WPS_TESTING
|
#ifdef CONFIG_WPS_TESTING
|
||||||
int wps_version_number = 0x20;
|
int wps_version_number = 0x20;
|
||||||
int wps_testing_dummy_cred = 0;
|
int wps_testing_dummy_cred = 0;
|
||||||
|
int wps_corrupt_pkhash = 0;
|
||||||
#endif /* CONFIG_WPS_TESTING */
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
|
|
||||||
|
|
||||||
|
|
|
@ -399,6 +399,14 @@ int wps_build_oob_dev_pw(struct wpabuf *msg, u16 dev_pw_id,
|
||||||
addr[0] = wpabuf_head(pubkey);
|
addr[0] = wpabuf_head(pubkey);
|
||||||
hash_len = wpabuf_len(pubkey);
|
hash_len = wpabuf_len(pubkey);
|
||||||
sha256_vector(1, addr, &hash_len, pubkey_hash);
|
sha256_vector(1, addr, &hash_len, pubkey_hash);
|
||||||
|
#ifdef CONFIG_WPS_TESTING
|
||||||
|
if (wps_corrupt_pkhash) {
|
||||||
|
wpa_hexdump(MSG_DEBUG, "WPS: Real Public Key Hash",
|
||||||
|
pubkey_hash, WPS_OOB_PUBKEY_HASH_LEN);
|
||||||
|
wpa_printf(MSG_INFO, "WPS: Testing - corrupt public key hash");
|
||||||
|
pubkey_hash[WPS_OOB_PUBKEY_HASH_LEN - 2]++;
|
||||||
|
}
|
||||||
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
|
|
||||||
wpabuf_put_be16(msg, ATTR_OOB_DEVICE_PASSWORD);
|
wpabuf_put_be16(msg, ATTR_OOB_DEVICE_PASSWORD);
|
||||||
wpabuf_put_be16(msg, WPS_OOB_PUBKEY_HASH_LEN + 2 + dev_pw_len);
|
wpabuf_put_be16(msg, WPS_OOB_PUBKEY_HASH_LEN + 2 + dev_pw_len);
|
||||||
|
|
|
@ -13,6 +13,7 @@
|
||||||
|
|
||||||
extern int wps_version_number;
|
extern int wps_version_number;
|
||||||
extern int wps_testing_dummy_cred;
|
extern int wps_testing_dummy_cred;
|
||||||
|
extern int wps_corrupt_pkhash;
|
||||||
#define WPS_VERSION wps_version_number
|
#define WPS_VERSION wps_version_number
|
||||||
|
|
||||||
#else /* CONFIG_WPS_TESTING */
|
#else /* CONFIG_WPS_TESTING */
|
||||||
|
|
|
@ -364,6 +364,10 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s,
|
||||||
wps_testing_dummy_cred = atoi(value);
|
wps_testing_dummy_cred = atoi(value);
|
||||||
wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
|
wpa_printf(MSG_DEBUG, "WPS: Testing - dummy_cred=%d",
|
||||||
wps_testing_dummy_cred);
|
wps_testing_dummy_cred);
|
||||||
|
} else if (os_strcasecmp(cmd, "wps_corrupt_pkhash") == 0) {
|
||||||
|
wps_corrupt_pkhash = atoi(value);
|
||||||
|
wpa_printf(MSG_DEBUG, "WPS: Testing - wps_corrupt_pkhash=%d",
|
||||||
|
wps_corrupt_pkhash);
|
||||||
#endif /* CONFIG_WPS_TESTING */
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
} else if (os_strcasecmp(cmd, "ampdu") == 0) {
|
} else if (os_strcasecmp(cmd, "ampdu") == 0) {
|
||||||
if (wpa_drv_ampdu(wpa_s, atoi(value)) < 0)
|
if (wpa_drv_ampdu(wpa_s, atoi(value)) < 0)
|
||||||
|
@ -5388,6 +5392,7 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s)
|
||||||
#ifdef CONFIG_WPS_TESTING
|
#ifdef CONFIG_WPS_TESTING
|
||||||
wps_version_number = 0x20;
|
wps_version_number = 0x20;
|
||||||
wps_testing_dummy_cred = 0;
|
wps_testing_dummy_cred = 0;
|
||||||
|
wps_corrupt_pkhash = 0;
|
||||||
#endif /* CONFIG_WPS_TESTING */
|
#endif /* CONFIG_WPS_TESTING */
|
||||||
#ifdef CONFIG_WPS
|
#ifdef CONFIG_WPS
|
||||||
wpa_s->wps_fragment_size = 0;
|
wpa_s->wps_fragment_size = 0;
|
||||||
|
|
Loading…
Reference in a new issue