From f55269753c2bbdcc8a003350fdec5f0283863d7f Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Tue, 5 Dec 2017 23:49:55 +0200 Subject: [PATCH] DPP: Allow protocol key to be overridden for testing purposes This can be used for various testing needs. Signed-off-by: Jouni Malinen --- src/common/dpp.c | 30 ++++++++++++++++++++++++++++++ src/common/dpp.h | 2 ++ wpa_supplicant/ctrl_iface.c | 11 +++++++++++ 3 files changed, 43 insertions(+) diff --git a/src/common/dpp.c b/src/common/dpp.c index 09400a0d9..ac9ce3452 100644 --- a/src/common/dpp.c +++ b/src/common/dpp.c @@ -34,6 +34,8 @@ u8 dpp_pkex_own_mac_override[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; u8 dpp_pkex_peer_mac_override[ETH_ALEN] = { 0, 0, 0, 0, 0, 0 }; u8 dpp_pkex_ephemeral_key_override[600]; size_t dpp_pkex_ephemeral_key_override_len = 0; +u8 dpp_protocol_key_override[600]; +size_t dpp_protocol_key_override_len = 0; static int dpp_test_gen_invalid_key(struct wpabuf *msg, const struct dpp_curve_params *curve); @@ -2091,7 +2093,21 @@ struct dpp_authentication * dpp_auth_init(void *msg_ctx, } wpa_hexdump(MSG_DEBUG, "DPP: I-nonce", auth->i_nonce, nonce_len); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_protocol_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override protocol key"); + auth->own_protocol_key = dpp_set_keypair( + &tmp_curve, dpp_protocol_key_override, + dpp_protocol_key_override_len); + } else { + auth->own_protocol_key = dpp_gen_keypair(auth->curve); + } +#else /* CONFIG_TESTING_OPTIONS */ auth->own_protocol_key = dpp_gen_keypair(auth->curve); +#endif /* CONFIG_TESTING_OPTIONS */ if (!auth->own_protocol_key) goto fail; @@ -2607,7 +2623,21 @@ static int dpp_auth_build_resp_ok(struct dpp_authentication *auth) } wpa_hexdump(MSG_DEBUG, "DPP: R-nonce", auth->r_nonce, nonce_len); +#ifdef CONFIG_TESTING_OPTIONS + if (dpp_protocol_key_override_len) { + const struct dpp_curve_params *tmp_curve; + + wpa_printf(MSG_INFO, + "DPP: TESTING - override protocol key"); + auth->own_protocol_key = dpp_set_keypair( + &tmp_curve, dpp_protocol_key_override, + dpp_protocol_key_override_len); + } else { + auth->own_protocol_key = dpp_gen_keypair(auth->curve); + } +#else /* CONFIG_TESTING_OPTIONS */ auth->own_protocol_key = dpp_gen_keypair(auth->curve); +#endif /* CONFIG_TESTING_OPTIONS */ if (!auth->own_protocol_key) goto fail; diff --git a/src/common/dpp.h b/src/common/dpp.h index a23f3db3f..659cb5f63 100644 --- a/src/common/dpp.h +++ b/src/common/dpp.h @@ -339,6 +339,8 @@ extern u8 dpp_pkex_own_mac_override[ETH_ALEN]; extern u8 dpp_pkex_peer_mac_override[ETH_ALEN]; extern u8 dpp_pkex_ephemeral_key_override[600]; extern size_t dpp_pkex_ephemeral_key_override_len; +extern u8 dpp_protocol_key_override[600]; +extern size_t dpp_protocol_key_override_len; #endif /* CONFIG_TESTING_OPTIONS */ void dpp_bootstrap_info_free(struct dpp_bootstrap_info *info); diff --git a/wpa_supplicant/ctrl_iface.c b/wpa_supplicant/ctrl_iface.c index a6d41e422..2069be5d7 100644 --- a/wpa_supplicant/ctrl_iface.c +++ b/wpa_supplicant/ctrl_iface.c @@ -633,6 +633,16 @@ static int wpa_supplicant_ctrl_iface_set(struct wpa_supplicant *wpa_s, ret = -1; else dpp_pkex_ephemeral_key_override_len = hex_len / 2; + } else if (os_strcasecmp(cmd, "dpp_protocol_key_override") == 0) { + size_t hex_len = os_strlen(value); + + if (hex_len > 2 * sizeof(dpp_protocol_key_override)) + ret = -1; + else if (hexstr2bin(value, dpp_protocol_key_override, + hex_len / 2)) + ret = -1; + else + dpp_protocol_key_override_len = hex_len / 2; #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_DPP */ #ifdef CONFIG_TESTING_OPTIONS @@ -7784,6 +7794,7 @@ static void wpa_supplicant_ctrl_iface_flush(struct wpa_supplicant *wpa_s) os_memset(dpp_pkex_own_mac_override, 0, ETH_ALEN); os_memset(dpp_pkex_peer_mac_override, 0, ETH_ALEN); dpp_pkex_ephemeral_key_override_len = 0; + dpp_protocol_key_override_len = 0; #endif /* CONFIG_TESTING_OPTIONS */ #endif /* CONFIG_DPP */