Commit graph

13128 commits

Author SHA1 Message Date
Jouni Malinen
918a2ac40f DPP: Work around missing EVP_PKEY_CTX_set_ec_param_enc()
This allows compilation with older OpenSSL 1.0.1.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:31:12 +02:00
Jouni Malinen
3ca4be1eaa DPP: Remove compiler warnings about signed/unsigned comparisons
These timestamp comparisons did not use matching signedness.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:31:12 +02:00
Jouni Malinen
116454f460 DPP: Fix error return value in dpp_auth_conf_rx()
Commit 03abb6b541 ('DPP: Reject unexpected
Req/Resp message based on Auth/PKEX role') used incorrect type of error
value (NULL vs. -1). Fix that.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:20:39 +02:00
Hu Wang
63dc0f9c4d hostapd: Disassoc STA without WPA/RSN IE if AP proto is WPA/RSN
With the AP proto configured being WPA/RSN and SME in the
driver, the previous implementation in hostapd is to not
process hostapd_notif_assoc() due to "No WPA/RSN IE from STA",
if the (Re)Association Request frame is without the WPA/RSN IEs.

Enhance that to disassociate such station provided the AP is not using
WPS.

Signed-off-by: Hu Wang <huw@codeaurora.org>
2017-11-23 20:12:34 +02:00
Jouni Malinen
9f85f0edd3 tests: Probe Request frame RX events from hostapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
bhagavathi perumal s
cc79e06f00 hostapd: Add wpa_msg_ctrl() to report Probe Request frames from STA
This allows external applications to get event indication for Probe
Request frames. Extend ctrl iface cmd "ATTACH" to enable this event on
per-request basis. For example, user has to send ctrl iface cmd "ATTACH
probe_rx_events=1" to enable the Probe Request frame events.

Signed-off-by: bhagavathi perumal s <bperumal@qti.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
92fe5f567c tests: Fix dpp_auth_req_retries* check for DPP capability
Need to do this before trying to set the DPP test parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
8968acda9b tests: DPP Auth Req retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 13:15:40 +02:00
Jouni Malinen
0db637ca80 DPP: Fix number of Authentication Request retry cases
Previous implementation did not handle number of sequences correctly.
Make sure the iteration continues in both unicast and broadcast cases
until the five attempts have been made. In addition, improve timing by
checking 10 second time from the beginning of each iteration round and
not the last channel on which the Auth Req frame has been transmitted.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 13:08:45 +02:00
Jouni Malinen
921f5acd17 DPP: Take response wait time into account for init retries
Previously, the Authentication Request frame was retried after 2+10 = 12
seconds since the wait for the response was not accounted for. Substract
that wait from the 10 second wait time to start the retries more quickly
based on the 10 second timer described in the tech spec.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 00:42:20 +02:00
Jouni Malinen
248264c622 DPP: Stop Authentication Request attempts if no response after ACK
If unicast Authentication Request frame is used and the peer ACKs such a
frame, but does not reply within the two second limit, there is no need
to continue trying to retransmit the request frames since the peer was
found, but not responsive.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 00:22:13 +02:00
Jouni Malinen
fce412d3ef tests: DPP with SAE
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:24:08 +02:00
Jouni Malinen
e3a5882b3e DPP: Add SAE credential support to Configurator
The new conf={sta,ap}-{sae,psk-sae} parameter values can now be used to
specify that the legacy configuration object is for SAE.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:24:08 +02:00
Jouni Malinen
5dd745b738 DPP: Add akm=sae and akm=psk+sae support in Enrollee role
This allows DPP to be used for enrolling credentials for SAE networks in
addition to the legacy PSK (WPA-PSK) case. In addition, enable FT-PSK
and FT-SAE cases automatically.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:23:51 +02:00
Jouni Malinen
af872d9d88 tests: DPP protocol testing - invalid I-nonce in Auth Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 17:34:05 +02:00
Jouni Malinen
a444673957 DPP: Protocol testing capability to send invalid I-Nonce in Auth Req
Extend dpp_test to cover one more invalid behavior.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 16:23:42 +02:00
Jouni Malinen
169e341e34 tests: DPP and PKEX retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 15:55:51 +02:00
Jouni Malinen
00d2d13db2 DPP: Retry PKEX Exchange Request frame up to five times
Retransmit the PKEX Exchange Request frame if no response from a peer is
received. This makes the exchange more robust since this frame is sent
to a broadcast address and has no link layer retries.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 15:54:35 +02:00
Jouni Malinen
cb6b22325f tests: sigma_dut DPP/QR initiator as Configurator (neg_freq)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:12:58 +02:00
Jouni Malinen
0e664e0c12 tests: sigma_dut DPP/QR initiator as Configurator or Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:02:37 +02:00
Jouni Malinen
951fc8df34 tests: Double TPK M2 during TDLS setup initiation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 00:49:17 +02:00
Jouni Malinen
ab0375508d TDLS: Add testing capability to send TPK M2 twice
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 00:48:52 +02:00
Jouni Malinen
7b111c04d0 tests: Open AP and STA reassociating back without auth exchange
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-20 21:31:36 +02:00
Jouni Malinen
de731ec25c tests: Additional DPP protocol testing for Peer Discovery Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 17:15:48 +02:00
Jouni Malinen
4b8de0c929 DPP: Protocol testing for invalid Peer Discovery Req/Resp values
Extend dpp_test to allow more invalid attribute values to be written
into Peer Discovery Request/Response frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 17:15:02 +02:00
Jouni Malinen
18b8c35b41 tests: Fix ap_cipher_tkip_countermeasures_sta2
hostapd implementation was changed to use a valid Status Code when
rejecting the connection. This test case was forgotten at the time, but
it needs a matching change to allow the new value (1 instead of 14).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-19 16:02:07 +02:00
Jouni Malinen
b0fda6b715 tests: DPP protocol testing - invalid Config Attr Obj in Conf Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
f9cf7d03f1 DPP: Protocol testing for invalid Config Attrib Object value
Extend dpp_test to cover a case where Config Attrib Object value is
invalid in Configuration Request frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
655e82b1bb tests: DPP protocol testing - invalid Status in Auth Resp/Conf
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
3f35ec2dc3 DPP: Protocol testing for invalid DPP Status value
Extend dpp_test to cover cases where DPP Status value is invalid in
Authentication Response/Confirm frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:16 +02:00
Jouni Malinen
9efa531499 DPP: Use helper functions to build Bootstrap Key Hash attributes
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:41:57 +02:00
Jouni Malinen
acdf703d50 DPP: Replace custom undefined attr with DPP Status in after-wrapped data
This has the same impact and is needed for some testing needs.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:32:00 +02:00
Jouni Malinen
56f24d1da0 DPP: Use a helper function to build DPP Status attribute
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:27:14 +02:00
Jouni Malinen
e486e5fdcb tests: sigma_dut DPP/QR (mutual) initiator (response pending)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:07:07 +02:00
Jouni Malinen
47183df78a tests: DPP protocol testing for invalid I/R-bootstrap key hash
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 11:33:22 +02:00
Jouni Malinen
65ecce87fd DPP: Protocol testing for writing invalid I/R Bootstrap Key Hash
Extend dpp_test to cover cases where Initiator/Responder Bootstrap Key
Hash value in DPP Authentication frames is invalid (flip one bit).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 11:32:02 +02:00
Jouni Malinen
dc515328a2 tests: DPP protocol testing - invalid I/R-proto key in Auth Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 00:12:37 +02:00
Jouni Malinen
b6b4226bdd DPP: Protocol testing capability to generate invalid Protocol Key
This extends dpp_test to allow invalid Initiator/Responder Protocol Key
to be written into the Authentication Request/Response frame.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 00:11:44 +02:00
Jouni Malinen
20c18348e0 tests: sigma_dut controlled AP and PSKHEX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:09 +02:00
Jouni Malinen
c6eb3e34b6 Stronger GTK derivation routine
If the build include SHA384, use that to derive GTK from GMK. In
addition, add more random bytes bytes to the PRF-X() context data for
longer GTK to reduce dependency on the randomness of the GMK.

GMK is 256 bits of random data and it was used with SHA256, so the
previous design was likely sufficient for all needs even with 128 bits
of additional randomness in GTK derivation. Anyway, adding up to 256
bits of new randomness and using SHA384 can be helpful extra protection
particularly for the cases using GCMP-256 or CCMP-256 as the group
cipher.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:09 +02:00
Jouni Malinen
a680f4ef39 tests: Use group 26 instead of 25 in mesh test cases
This allows mesh_sae_groups_invalid and
wpas_mesh_secure_sae_group_negotiation to be run with BoringSSL (group
25 not available anymore).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
8f08315737 tests: Skip fils_sk_pfs_25 with BoringSSL
It looks like BoringSSL has dropped support for group 25 (192-bit Random
ECP Group).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
9626bfbb8d tests: Skip ap_wpa2_eap_fast_eap_sim if no EAP-FAST support
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
94619905c8 DPP: Fix dpp_test_gen_invalid_key() with BoringSSL
Unlike OpenSSL, BoringSSL returns an error from
EC_POINT_set_affine_coordinates_GFp() is not on the curve. As such, need
to behave differently here depending on which library is used.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:08 +02:00
Jouni Malinen
d584946ec1 tests: Skip DPP tests with Brainpool curves when using BoringSSL
BoringSSL does not include these EC curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:08 +02:00
Jouni Malinen
746c1792ac DPP: Build bootstrapping key DER encoding using custom routine
While the OpenSSL version of i2d_EC_PUBKEY() seemed to be able to use
the POINT_CONVERSION_COMPRESSED setting on the EC key, that did not seem
to work with BoringSSL. Since this is not exactly robust design, replace
use of i2d_EC_PUBKEY() with a custom routine that enforces the DPP rules
on SubjectPublicKeyInfo (compressed format of the public key,
ecPublicKey OID, parameters present and indicating the curve by OID).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:02 +02:00
Jouni Malinen
f2d27ef94c DPP: Use a helper function to DER encode bootstrapping key
This routine was previously implemented twice using i2d_EC_PUBKEY().
There is no need to duplicate that implementation and especially since
it looks like this implementation needs to be replaced for BoringSSL,
start by using a shared helper function for both locations so that there
is only a single place that uses i2d_EC_PUBKEY() to build the special
DPP bootstrapping key DER encoding.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 12:14:21 +02:00
Jouni Malinen
c1564149a6 BoringSSL: Add AES support with 192-bit keys
BoringSSL restored the previously removed AES-192 ECB support in ("Add
AES-192 ECB.") commit. Since this is needed for DPP with the P-384
curve, restore support for this through EVP_aes_192_ecb().

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 21:03:04 +02:00
Jouni Malinen
edd72f55f8 OpenSSL: Debug message if requested AES key length is not supported
This makes it clearer why some AES operations fail especially with
BoringSSL where the 192-bit case is not supported.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:59:25 +02:00
Jouni Malinen
5548453a2d BoringSSL: Add DPP special cases regardless of claimed version number
It looks like BoringSSL claims to have OPENSSL_VERSION_NUMBER for a
1.1.0 version, but it does not provide ECDSA_SIG_set0() or
ECDSA_SIG_get0(). For now, add the helper functions regardless of the
version BoringSSL claims to be. Similarly, include the X509_ALGOR_get0()
workaround unconditionally for BoringSSL.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 20:44:42 +02:00