Google Git
Sign in
kernel / pub / scm / network / wireless / iwd / 250568025c2fdebfc9b5e457f77cf24a6b898f8b / . / unit / test-eapol.c
blob: 6433e5cc000779b75d714d725b4cdce449a44e0e [file] [log] [blame]
/*
*
* Wireless daemon for Linux
*
* Copyright (C) 2013-2014 Intel Corporation. All rights reserved.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <string.h>
#include <assert.h>
#include <linux/if_ether.h>
#include <ell/ell.h>
#include <ell/tls-private.h>
#include <ell/key-private.h>
#include "src/eapol.h"
#include "src/crypto.h"
#include "src/ie.h"
#include "src/eap.h"
#include "src/handshake.h"
/* Our nonce to use + its size */
static const uint8_t *snonce;
/* Whether step2 was called with the right info */
static bool verify_step2_called;
/* PTK Handshake 2-of-4 frame we are expected to generate + its size */
static const uint8_t *expected_step2_frame;
static size_t expected_step2_frame_size;
/* Whether step4 was called with the right info */
static bool verify_step4_called;
/* Whether install_tk was called with the right info */
static bool verify_install_tk_called;
static bool verify_install_gtk_called;
/* PTK Handshake 4-of-4 frame we are expected to generate + its size */
static const uint8_t *expected_step4_frame;
static size_t expected_step4_frame_size;
/* Whether GTK step2 was called with the right info */
static bool verify_gtk_step2_called;
/* GTK Handshake 2-of-2 frame we are expected to generate + its size */
static const uint8_t *expected_gtk_step2_frame;
static size_t expected_gtk_step2_frame_size;
/* Authenticator Address */
static const uint8_t *aa;
/* Supplicant Address */
static const uint8_t *spa;
struct eapol_key_data {
const unsigned char *frame;
size_t frame_len;
enum eapol_protocol_version protocol_version;
uint16_t packet_len;
enum eapol_descriptor_type descriptor_type;
enum eapol_key_descriptor_version key_descriptor_version;
bool key_type:1;
uint8_t wpa_key_id:2;
bool install:1;
bool key_ack:1;
bool key_mic:1;
bool secure:1;
bool error:1;
bool request:1;
bool encrypted_key_data:1;
bool smk_message:1;
uint16_t key_length;
uint64_t key_replay_counter;
uint8_t key_nonce[32];
uint8_t eapol_key_iv[16];
uint8_t key_rsc[8];
uint8_t key_mic_data[16];
uint16_t key_data_len;
};
/* Random WPA EAPoL frame, using 2001 protocol */
static const unsigned char eapol_key_data_1[] = {
0x01, 0x03, 0x00, 0x5f, 0xfe, 0x00, 0x89, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0xd5, 0xe2, 0x13, 0x9b, 0x1b, 0x1c, 0x1e,
0xcb, 0xf4, 0xc7, 0x9d, 0xb3, 0x70, 0xcd, 0x1c, 0xea, 0x07, 0xf1, 0x61,
0x76, 0xed, 0xa6, 0x78, 0x8a, 0xc6, 0x8c, 0x2c, 0xf4, 0xd7, 0x6f, 0x2b,
0xf7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_1 = {
.frame = eapol_key_data_1,
.frame_len = sizeof(eapol_key_data_1),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 1,
.key_nonce = { 0xd5, 0xe2, 0x13, 0x9b, 0x1b, 0x1c, 0x1e, 0xcb, 0xf4,
0xc7, 0x9d, 0xb3, 0x70, 0xcd, 0x1c, 0xea, 0x07, 0xf1,
0x61, 0x76, 0xed, 0xa6, 0x78, 0x8a, 0xc6, 0x8c, 0x2c,
0xf4, 0xd7, 0x6f, 0x2b, 0xf7 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* Random WPA2 EAPoL frame, using 2004 protocol */
static const unsigned char eapol_key_data_2[] = {
0x02, 0x03, 0x00, 0x75, 0x02, 0x00, 0x8a, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x6a, 0xce, 0x64, 0xc1, 0xa6, 0x44,
0xd2, 0x7b, 0x84, 0xe0, 0x39, 0x26, 0x3b, 0x63, 0x3b, 0xc3, 0x74, 0xe3,
0x29, 0x9d, 0x7d, 0x45, 0xe1, 0xc4, 0x25, 0x44, 0x05, 0x48, 0x05, 0xbf,
0xe5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x16, 0xdd, 0x14, 0x00, 0x0f, 0xac, 0x04, 0x05, 0xb1, 0xb6,
0x8b, 0x5a, 0x91, 0xfc, 0x04, 0x06, 0x83, 0x84, 0x06, 0xe8, 0xd1, 0x5f,
0xdb,
};
static struct eapol_key_data eapol_key_test_2 = {
.frame = eapol_key_data_2,
.frame_len = sizeof(eapol_key_data_2),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 117,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 0,
.key_nonce = { 0x12, 0x6a, 0xce, 0x64, 0xc1, 0xa6, 0x44, 0xd2, 0x7b,
0x84, 0xe0, 0x39, 0x26, 0x3b, 0x63, 0x3b, 0xc3, 0x74,
0xe3, 0x29, 0x9d, 0x7d, 0x45, 0xe1, 0xc4, 0x25, 0x44,
0x05, 0x48, 0x05, 0xbf, 0xe5 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 22,
};
/* WPA2 frame, 1 of 4. For parameters see eapol_4way_test */
static const unsigned char eapol_key_data_3[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x00, 0x8a, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0xc2, 0xbb, 0x57, 0xab, 0x58, 0x8f, 0x92,
0xeb, 0xbd, 0x44, 0xe8, 0x11, 0x09, 0x4f, 0x60, 0x1c, 0x08, 0x79, 0x86,
0x03, 0x0c, 0x3a, 0xc7, 0x49, 0xcc, 0x61, 0xd6, 0x3e, 0x33, 0x83, 0x2e,
0x50, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_3 = {
.frame = eapol_key_data_3,
.frame_len = sizeof(eapol_key_data_3),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 0,
.key_nonce = { 0xc2, 0xbb, 0x57, 0xab, 0x58, 0x8f, 0x92, 0xeb, 0xbd,
0x44, 0xe8, 0x11, 0x09, 0x4f, 0x60, 0x1c, 0x08, 0x79,
0x86, 0x03, 0x0c, 0x3a, 0xc7, 0x49, 0xcc, 0x61, 0xd6,
0x3e, 0x33, 0x83, 0x2e, 0x50, },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* WPA2 frame, 2 of 4. For parameters see eapol_4way_test */
static const unsigned char eapol_key_data_4[] = {
0x01, 0x03, 0x00, 0x75, 0x02, 0x01, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x32, 0x89, 0xe9, 0x15, 0x65, 0x09, 0x4f,
0x32, 0x9a, 0x9c, 0xd5, 0x4a, 0x4a, 0x09, 0x0d, 0x2c, 0xf4, 0x34, 0x46,
0x83, 0xbf, 0x50, 0xef, 0xee, 0x36, 0x08, 0xb6, 0x48, 0x56, 0x80, 0x0e,
0x84, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xc3, 0x1b,
0x82, 0xff, 0x62, 0xa3, 0x79, 0xb0, 0x8d, 0xd1, 0xfc, 0x82, 0xc2, 0xf7,
0x68, 0x00, 0x16, 0x30, 0x14, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01,
0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02, 0x00,
0x00
};
static struct eapol_key_data eapol_key_test_4 = {
.frame = eapol_key_data_4,
.frame_len = sizeof(eapol_key_data_4),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 117,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 0,
.key_nonce = { 0x32, 0x89, 0xe9, 0x15, 0x65, 0x09, 0x4f, 0x32, 0x9a,
0x9c, 0xd5, 0x4a, 0x4a, 0x09, 0x0d, 0x2c, 0xf4, 0x34,
0x46, 0x83, 0xbf, 0x50, 0xef, 0xee, 0x36, 0x08, 0xb6,
0x48, 0x56, 0x80, 0x0e, 0x84, },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x01, 0xc3, 0x1b, 0x82, 0xff, 0x62, 0xa3, 0x79, 0xb0,
0x8d, 0xd1, 0xfc, 0x82, 0xc2, 0xf7, 0x68 },
.key_data_len = 22,
};
/* WPA2 frame, 3 of 4. For parameters see eapol_4way_test */
static const unsigned char eapol_key_data_5[] = {
0x02, 0x03, 0x00, 0x97, 0x02, 0x13, 0xca, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0xc2, 0xbb, 0x57, 0xab, 0x58, 0x8f, 0x92,
0xeb, 0xbd, 0x44, 0xe8, 0x11, 0x09, 0x4f, 0x60, 0x1c, 0x08, 0x79, 0x86,
0x03, 0x0c, 0x3a, 0xc7, 0x49, 0xcc, 0x61, 0xd6, 0x3e, 0x33, 0x83, 0x2e,
0x50, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf5, 0x35, 0xd9,
0x18, 0x09, 0x73, 0x1a, 0x1d, 0x29, 0x08, 0x94, 0x70, 0x5e, 0x91, 0x9c,
0x8e, 0x00, 0x38, 0x19, 0x18, 0xdf, 0x1e, 0xf0, 0xe7, 0x69, 0x66, 0x52,
0xe2, 0x57, 0x93, 0x80, 0x34, 0xe1, 0x70, 0x38, 0xb9, 0x8b, 0x4c, 0x45,
0xa9, 0x23, 0xb7, 0xb6, 0xfa, 0x8c, 0x33, 0xe3, 0x7b, 0xdc, 0xd4, 0x7f,
0xea, 0xb1, 0x1c, 0x22, 0x6a, 0x2c, 0x5e, 0x38, 0xd5, 0xad, 0x79, 0x94,
0x05, 0xd6, 0x10, 0xa6, 0x95, 0x51, 0xd6, 0x0b, 0xe6, 0x0a, 0x5b,
};
static struct eapol_key_data eapol_key_test_5 = {
.frame = eapol_key_data_5,
.frame_len = sizeof(eapol_key_data_5),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 151,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = true,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 1,
.key_nonce = { 0xc2, 0xbb, 0x57, 0xab, 0x58, 0x8f, 0x92, 0xeb, 0xbd,
0x44, 0xe8, 0x11, 0x09, 0x4f, 0x60, 0x1c, 0x08, 0x79,
0x86, 0x03, 0x0c, 0x3a, 0xc7, 0x49, 0xcc, 0x61, 0xd6,
0x3e, 0x33, 0x83, 0x2e, 0x50, },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xf5, 0x35, 0xd9, 0x18, 0x09, 0x73, 0x1a, 0x1d, 0x29,
0x08, 0x94, 0x70, 0x5e, 0x91, 0x9c, 0x8e },
.key_data_len = 56,
};
/* WPA2 frame, 4 of 4. For parameters see eapol_4way_test */
static const unsigned char eapol_key_data_6[] = {
0x01, 0x03, 0x00, 0x5f, 0x02, 0x03, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x9e, 0x57, 0xa4,
0xc0, 0x9b, 0xaf, 0xb3, 0x37, 0x5e, 0x46, 0xd3, 0x86, 0xcf, 0x87, 0x27,
0x53, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_6 = {
.frame = eapol_key_data_6,
.frame_len = sizeof(eapol_key_data_6),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x9e, 0x57, 0xa4, 0xc0, 0x9b, 0xaf, 0xb3, 0x37, 0x5e,
0x46, 0xd3, 0x86, 0xcf, 0x87, 0x27, 0x53, },
.key_data_len = 0,
};
/* WPA2 frame, 1 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_7[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x00, 0x8a, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x2b, 0x58, 0x52, 0xb8, 0x8e, 0x4c, 0xa3,
0x4d, 0xc5, 0x99, 0xed, 0x20, 0x2c, 0x63, 0x95, 0x7c, 0x53, 0x5e, 0x3e,
0xfa, 0x92, 0x89, 0x87, 0x34, 0x11, 0x12, 0x7c, 0xba, 0xf3, 0x58, 0x84,
0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_7 = {
.frame = eapol_key_data_7,
.frame_len = sizeof(eapol_key_data_7),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 1,
.key_nonce = { 0x2b, 0x58, 0x52, 0xb8, 0x8e, 0x4c, 0xa3, 0x4d, 0xc5,
0x99, 0xed, 0x20, 0x2c, 0x63, 0x95, 0x7c, 0x53, 0x5e,
0x3e, 0xfa, 0x92, 0x89, 0x87, 0x34, 0x11, 0x12, 0x7c,
0xba, 0xf3, 0x58, 0x84, 0x25 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* WPA2 frame, 2 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_8[] = {
0x02, 0x03, 0x00, 0x73, 0x02, 0x01, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x72, 0x7c, 0x65, 0x6c, 0x5e, 0xd6, 0x42,
0xd7, 0xf4, 0x7f, 0x48, 0x43, 0x51, 0xd8, 0x08, 0x94, 0x51, 0x18, 0xda,
0x6a, 0x49, 0x33, 0xac, 0x7e, 0x29, 0x3f, 0x2f, 0x2a, 0xc0, 0x88, 0x34,
0x8c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x7d, 0x7c, 0x45,
0x98, 0x9f, 0x49, 0x2b, 0x4a, 0x36, 0x58, 0x35, 0x29, 0x28, 0x2d, 0x8f,
0xed, 0x00, 0x14, 0x30, 0x12, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01,
0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02
};
static struct eapol_key_data eapol_key_test_8 = {
.frame = eapol_key_data_8,
.frame_len = sizeof(eapol_key_data_8),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 115,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0x72, 0x7c, 0x65, 0x6c, 0x5e, 0xd6, 0x42, 0xd7, 0xf4,
0x7f, 0x48, 0x43, 0x51, 0xd8, 0x08, 0x94, 0x51, 0x18,
0xda, 0x6a, 0x49, 0x33, 0xac, 0x7e, 0x29, 0x3f, 0x2f,
0x2a, 0xc0, 0x88, 0x34, 0x8c },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x7d, 0x7c, 0x45, 0x98, 0x9f, 0x49, 0x2b, 0x4a,
0x36, 0x58, 0x35, 0x29, 0x28, 0x2d, 0x8f, 0xed },
.key_data_len = 20,
};
/* WPA2 frame, 3 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_9[] = {
0x02, 0x03, 0x00, 0x97, 0x02, 0x13, 0xca, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x2b, 0x58, 0x52, 0xb8, 0x8e, 0x4c, 0xa3,
0x4d, 0xc5, 0x99, 0xed, 0x20, 0x2c, 0x63, 0x95, 0x7c, 0x53, 0x5e, 0x3e,
0xfa, 0x92, 0x89, 0x87, 0x34, 0x11, 0x12, 0x7c, 0xba, 0xf3, 0x58, 0x84,
0x25, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xf8, 0x62, 0x6a,
0x57, 0x76, 0xc7, 0x33, 0xbf, 0xc0, 0x71, 0xde, 0x62, 0xeb, 0xf7, 0xa7,
0xc5, 0x00, 0x38, 0x14, 0xdd, 0x52, 0x80, 0x3d, 0xc8, 0x3d, 0xf7, 0xba,
0x7e, 0xb6, 0x48, 0x29, 0x6d, 0x65, 0x0e, 0x88, 0xcc, 0xc8, 0xdd, 0x67,
0x62, 0x04, 0xa2, 0xc7, 0xc1, 0xf2, 0x65, 0x0b, 0xca, 0xf9, 0x6b, 0x66,
0xf5, 0xb4, 0x3d, 0x99, 0x26, 0xad, 0xc5, 0xce, 0x18, 0xc0, 0xa9, 0x9b,
0xe5, 0x0e, 0x50, 0x85, 0x84, 0xb1, 0x57, 0xe3, 0x7a, 0x5e, 0x0f
};
static struct eapol_key_data eapol_key_test_9 = {
.frame = eapol_key_data_9,
.frame_len = sizeof(eapol_key_data_9),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 151,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.wpa_key_id = 0,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = true,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 2,
.key_nonce = { 0x2b, 0x58, 0x52, 0xb8, 0x8e, 0x4c, 0xa3, 0x4d, 0xc5,
0x99, 0xed, 0x20, 0x2c, 0x63, 0x95, 0x7c, 0x53, 0x5e,
0x3e, 0xfa, 0x92, 0x89, 0x87, 0x34, 0x11, 0x12, 0x7c,
0xba, 0xf3, 0x58, 0x84, 0x25 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xf8, 0x62, 0x6a, 0x57, 0x76, 0xc7, 0x33, 0xbf,
0xc0, 0x71, 0xde, 0x62, 0xeb, 0xf7, 0xa7, 0xc5 },
.key_data_len = 56,
};
/* WPA2 frame, 4 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_10[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x03, 0x0a, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x8b, 0x0f, 0x34,
0x23, 0x49, 0xf0, 0x85, 0x03, 0xe5, 0xfc, 0x54, 0xb7, 0x2c, 0xb5, 0x32,
0x66, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_10 = {
.frame = eapol_key_data_10,
.frame_len = sizeof(eapol_key_data_10),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 2,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x8b, 0x0f, 0x34, 0x23, 0x49, 0xf0, 0x85, 0x03,
0xe5, 0xfc, 0x54, 0xb7, 0x2c, 0xb5, 0x32, 0x66 },
.key_data_len = 0,
};
/* WPA2 frame, 1 of 2. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_11[] = {
0x02, 0x03, 0x00, 0x7f, 0x02, 0x13, 0x82, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x03, 0xef, 0x6d, 0xc2, 0x0c, 0x57, 0x27, 0xe8,
0x25, 0x07, 0x75, 0x1e, 0x67, 0x36, 0x9d, 0xc9, 0x1e, 0xf1, 0x71, 0x8e,
0xb1, 0x35, 0xb2, 0x12, 0xdf, 0x9f, 0xcb, 0x0a, 0x65, 0xa2, 0xd5, 0x67,
0x1d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0f, 0x6a, 0xb0,
0x75, 0xbc, 0x8e, 0xd1, 0x92, 0x11, 0xcd, 0xc3, 0xb0, 0xe2, 0xd6, 0x7e,
0xcf, 0x00, 0x20, 0xe9, 0x96, 0x5b, 0x46, 0x85, 0xd5, 0x8b, 0x88, 0xbd,
0x57, 0x48, 0x57, 0xe4, 0xf0, 0xdf, 0xdd, 0xf7, 0x2a, 0x7a, 0xa8, 0xeb,
0x68, 0xa9, 0xef, 0x44, 0x04, 0xa6, 0x6f, 0xaa, 0x48, 0x51, 0x1b
};
static struct eapol_key_data eapol_key_test_11 = {
.frame = eapol_key_data_11,
.frame_len = sizeof(eapol_key_data_11),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 127,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = false,
.wpa_key_id = 0,
.install = false,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = true,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 3,
.key_nonce = { 0xef, 0x6d, 0xc2, 0x0c, 0x57, 0x27, 0xe8, 0x25,
0x07, 0x75, 0x1e, 0x67, 0x36, 0x9d, 0xc9, 0x1e,
0xf1, 0x71, 0x8e, 0xb1, 0x35, 0xb2, 0x12, 0xdf,
0x9f, 0xcb, 0x0a, 0x65, 0xa2, 0xd5, 0x67, 0x1d },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x0f, 0x6a, 0xb0, 0x75, 0xbc, 0x8e, 0xd1, 0x92,
0x11, 0xcd, 0xc3, 0xb0, 0xe2, 0xd6, 0x7e, 0xcf },
.key_data_len = 32,
};
/* WPA2 frame, 2 of 2. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_12[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x03, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xc9, 0xbd, 0x17,
0xf1, 0x54, 0xb7, 0x32, 0xcf, 0xbc, 0x01, 0xdb, 0x0c, 0x37, 0xe6, 0x33,
0x9f, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_12 = {
.frame = eapol_key_data_12,
.frame_len = sizeof(eapol_key_data_12),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.key_type = false,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 3,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xc9, 0xbd, 0x17, 0xf1, 0x54, 0xb7, 0x32, 0xcf,
0xbc, 0x01, 0xdb, 0x0c, 0x37, 0xe6, 0x33, 0x9f },
.key_data_len = 0,
};
/* WPA frame, 1 of 4. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_13[] = {
0x02, 0x03, 0x00, 0x5f, 0xfe, 0x00, 0x89, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x66, 0xbe, 0x99, 0x48, 0x44, 0xe0, 0xf5,
0x40, 0x78, 0x13, 0x91, 0x37, 0x6f, 0x47, 0x99, 0x56, 0xa3, 0xec, 0x36,
0x32, 0xe4, 0x12, 0x13, 0x64, 0xec, 0x7e, 0x75, 0x37, 0xef, 0xf6, 0x2a,
0xc5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_13 = {
.frame = eapol_key_data_13,
.frame_len = sizeof(eapol_key_data_13),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 1,
.key_nonce = { 0x66, 0xbe, 0x99, 0x48, 0x44, 0xe0, 0xf5, 0x40,
0x78, 0x13, 0x91, 0x37, 0x6f, 0x47, 0x99, 0x56,
0xa3, 0xec, 0x36, 0x32, 0xe4, 0x12, 0x13, 0x64,
0xec, 0x7e, 0x75, 0x37, 0xef, 0xf6, 0x2a, 0xc5 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* WPA frame, 2 of 4. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_14[] = {
0x02, 0x03, 0x00, 0x77, 0xfe, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x3b, 0x7f, 0x85, 0x0a, 0x03, 0x9c, 0xa4,
0x71, 0x42, 0x9d, 0x0f, 0xc3, 0xce, 0x9f, 0xff, 0x48, 0xdb, 0x89, 0x2e,
0xf7, 0xa7, 0xff, 0x80, 0xf6, 0x22, 0xc4, 0x6e, 0x32, 0x97, 0x05, 0xc3,
0x7d, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0xe6, 0x82,
0x94, 0xdc, 0x88, 0x07, 0x18, 0xa7, 0xd3, 0x08, 0xfa, 0xb4, 0x39, 0x95,
0x36, 0x00, 0x18, 0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02
};
static struct eapol_key_data eapol_key_test_14 = {
.frame = eapol_key_data_14,
.frame_len = sizeof(eapol_key_data_14),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 119,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0x3b, 0x7f, 0x85, 0x0a, 0x03, 0x9c, 0xa4, 0x71,
0x42, 0x9d, 0x0f, 0xc3, 0xce, 0x9f, 0xff, 0x48,
0xdb, 0x89, 0x2e, 0xf7, 0xa7, 0xff, 0x80, 0xf6,
0x22, 0xc4, 0x6e, 0x32, 0x97, 0x05, 0xc3, 0x7d },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x01, 0xe6, 0x82, 0x94, 0xdc, 0x88, 0x07, 0x18,
0xa7, 0xd3, 0x08, 0xfa, 0xb4, 0x39, 0x95, 0x36 },
.key_data_len = 24,
};
/* WPA frame, 3 of 4. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_15[] = {
0x02, 0x03, 0x00, 0x77, 0xfe, 0x01, 0xc9, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x66, 0xbe, 0x99, 0x48, 0x44, 0xe0, 0xf5,
0x40, 0x78, 0x13, 0x91, 0x37, 0x6f, 0x47, 0x99, 0x56, 0xa3, 0xec, 0x36,
0x32, 0xe4, 0x12, 0x13, 0x64, 0xec, 0x7e, 0x75, 0x37, 0xef, 0xf6, 0x2a,
0xc5, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x96, 0xc2, 0x97,
0xf6, 0xc1, 0x93, 0x72, 0x19, 0x3e, 0x40, 0xd9, 0xc8, 0xb9, 0xaa, 0x7c,
0x94, 0x00, 0x18, 0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02
};
static struct eapol_key_data eapol_key_test_15 = {
.frame = eapol_key_data_15,
.frame_len = sizeof(eapol_key_data_15),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 119,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 2,
.key_nonce = { 0x66, 0xbe, 0x99, 0x48, 0x44, 0xe0, 0xf5, 0x40,
0x78, 0x13, 0x91, 0x37, 0x6f, 0x47, 0x99, 0x56,
0xa3, 0xec, 0x36, 0x32, 0xe4, 0x12, 0x13, 0x64,
0xec, 0x7e, 0x75, 0x37, 0xef, 0xf6, 0x2a, 0xc5 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x96, 0xc2, 0x97, 0xf6, 0xc1, 0x93, 0x72, 0x19,
0x3e, 0x40, 0xd9, 0xc8, 0xb9, 0xaa, 0x7c, 0x94 },
.key_data_len = 24,
};
/* WPA frame, 4 of 4. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_16[] = {
0x02, 0x03, 0x00, 0x5f, 0xfe, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe0, 0x65, 0xf3,
0x33, 0xa3, 0x5b, 0x4f, 0xda, 0xc3, 0x66, 0xb3, 0x1a, 0x43, 0xb5, 0x31,
0x95, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_16 = {
.frame = eapol_key_data_16,
.frame_len = sizeof(eapol_key_data_16),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 2,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xe0, 0x65, 0xf3, 0x33, 0xa3, 0x5b, 0x4f, 0xda,
0xc3, 0x66, 0xb3, 0x1a, 0x43, 0xb5, 0x31, 0x95 },
.key_data_len = 0,
};
/* WPA frame, 1 of 2. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_17[] = {
0x02, 0x03, 0x00, 0x7f, 0xfe, 0x03, 0xa1, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x03, 0xc3, 0xa7, 0xe0, 0x14, 0x10, 0xea, 0xe6,
0xe5, 0xfb, 0x79, 0xfc, 0xf5, 0xe5, 0x55, 0x08, 0x44, 0xd9, 0xbd, 0xd2,
0x80, 0x5d, 0x81, 0x1c, 0x0a, 0x9c, 0x48, 0x0a, 0xe9, 0x86, 0xca, 0x87,
0xa1, 0xd9, 0xbd, 0xd2, 0x80, 0x5d, 0x81, 0x1c, 0x0a, 0x9c, 0x48, 0x0a,
0xe9, 0x86, 0xca, 0x87, 0xa2, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfb, 0x78, 0xf8,
0xf3, 0xff, 0x1f, 0xec, 0x97, 0x98, 0x67, 0xe8, 0x25, 0x0a, 0xf2, 0x9d,
0x61, 0x00, 0x20, 0x9f, 0x46, 0x72, 0x04, 0x83, 0xd7, 0xf6, 0xa3, 0x5b,
0xbd, 0xa6, 0x80, 0x32, 0xe0, 0x44, 0x92, 0x5e, 0x90, 0xe5, 0x7f, 0xd8,
0x5d, 0xfc, 0xd0, 0xdb, 0xcd, 0x7f, 0xf7, 0x48, 0xdf, 0x33, 0x75
};
static struct eapol_key_data eapol_key_test_17 = {
.frame = eapol_key_data_17,
.frame_len = sizeof(eapol_key_data_17),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 127,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = false,
.wpa_key_id = 2,
.install = false,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 3,
.key_nonce = { 0xc3, 0xa7, 0xe0, 0x14, 0x10, 0xea, 0xe6, 0xe5,
0xfb, 0x79, 0xfc, 0xf5, 0xe5, 0x55, 0x08, 0x44,
0xd9, 0xbd, 0xd2, 0x80, 0x5d, 0x81, 0x1c, 0x0a,
0x9c, 0x48, 0x0a, 0xe9, 0x86, 0xca, 0x87, 0xa1 },
.eapol_key_iv = { 0xd9, 0xbd, 0xd2, 0x80, 0x5d, 0x81, 0x1c, 0x0a,
0x9c, 0x48, 0x0a, 0xe9, 0x86, 0xca, 0x87, 0xa2 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xfb, 0x78, 0xf8, 0xf3, 0xff, 0x1f, 0xec, 0x97,
0x98, 0x67, 0xe8, 0x25, 0x0a, 0xf2, 0x9d, 0x61 },
.key_data_len = 32,
};
/* WPA frame, 2 of 2. For parameters see eapol_wpa_handshake_test */
static const unsigned char eapol_key_data_18[] = {
0x02, 0x03, 0x00, 0x5f, 0xfe, 0x03, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe9, 0x92, 0xb9,
0x33, 0x25, 0xa9, 0xdc, 0x46, 0xe3, 0xb2, 0xa1, 0x5c, 0xf7, 0x2f, 0x82,
0x52, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_18 = {
.frame = eapol_key_data_18,
.frame_len = sizeof(eapol_key_data_18),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = false,
.wpa_key_id = 2,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 3,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xe9, 0x92, 0xb9, 0x33, 0x25, 0xa9, 0xdc, 0x46, 0xe3,
0xb2, 0xa1, 0x5c, 0xf7, 0x2f, 0x82, 0x52 },
.key_data_len = 0,
};
/* WPA frame, 1 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_19[] = {
0x01, 0x03, 0x00, 0x5f, 0xfe, 0x00, 0x89, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x26, 0x56, 0x9b, 0x2a, 0x6e, 0x90, 0xad,
0x21, 0x91, 0x86, 0x6d, 0x86, 0xe9, 0xfd, 0xf8, 0xb7, 0x9a, 0x12, 0xcb,
0xab, 0x1a, 0xc3, 0xe0, 0x2d, 0xa6, 0xa1, 0x22, 0x43, 0x4e, 0x76, 0x9d,
0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_19 = {
.frame = eapol_key_data_19,
.frame_len = sizeof(eapol_key_data_19),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 0,
.key_nonce = { 0x26, 0x56, 0x9b, 0x2a, 0x6e, 0x90, 0xad, 0x21, 0x91,
0x86, 0x6d, 0x86, 0xe9, 0xfd, 0xf8, 0xb7, 0x9a, 0x12,
0xcb, 0xab, 0x1a, 0xc3, 0xe0, 0x2d, 0xa6, 0xa1, 0x22,
0x43, 0x4e, 0x76, 0x9d, 0x75 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* WPA frame, 2 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_20[] = {
0x01, 0x03, 0x00, 0x77, 0xfe, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x88, 0xe2, 0x61, 0x2d, 0xf3, 0xe3,
0x66, 0x3d, 0x35, 0xf7, 0xd3, 0x70, 0x17, 0x87, 0x92, 0x92, 0x4a, 0x35,
0xc8, 0x2d, 0x67, 0x45, 0x56, 0xe6, 0x98, 0x9e, 0x75, 0x79, 0x9e, 0x25,
0x6b, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x32, 0x5c, 0x17,
0xb7, 0xbc, 0x6d, 0x2c, 0x0f, 0x7c, 0xc0, 0x32, 0xec, 0xa6, 0x31, 0xbd,
0x8d, 0x00, 0x18, 0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02,
};
static struct eapol_key_data eapol_key_test_20 = {
.frame = eapol_key_data_20,
.frame_len = sizeof(eapol_key_data_20),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 119,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 0,
.key_nonce = { 0x04, 0x88, 0xe2, 0x61, 0x2d, 0xf3, 0xe3, 0x66, 0x3d,
0x35, 0xf7, 0xd3, 0x70, 0x17, 0x87, 0x92, 0x92, 0x4a,
0x35, 0xc8, 0x2d, 0x67, 0x45, 0x56, 0xe6, 0x98, 0x9e,
0x75, 0x79, 0x9e, 0x25, 0x6b },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x32, 0x5c, 0x17, 0xb7, 0xbc, 0x6d, 0x2c, 0x0f, 0x7c,
0xc0, 0x32, 0xec, 0xa6, 0x31, 0xbd, 0x8d },
.key_data_len = 24,
};
/* WPA frame, 3 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_21[] = {
0x01, 0x03, 0x00, 0x77, 0xfe, 0x01, 0xc9, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x26, 0x56, 0x9b, 0x2a, 0x6e, 0x90, 0xad,
0x21, 0x91, 0x86, 0x6d, 0x86, 0xe9, 0xfd, 0xf8, 0xb7, 0x9a, 0x12, 0xcb,
0xab, 0x1a, 0xc3, 0xe0, 0x2d, 0xa6, 0xa1, 0x22, 0x43, 0x4e, 0x76, 0x9d,
0x75, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xcd, 0x76, 0x63,
0x43, 0xe1, 0xc7, 0x6b, 0x59, 0x34, 0xa4, 0x23, 0x42, 0xc0, 0xb9, 0x98,
0x02, 0x00, 0x18, 0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00,
0x50, 0xf2, 0x02,
};
static struct eapol_key_data eapol_key_test_21 = {
.frame = eapol_key_data_21,
.frame_len = sizeof(eapol_key_data_21),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 119,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 1,
.key_nonce = { 0x26, 0x56, 0x9b, 0x2a, 0x6e, 0x90, 0xad, 0x21, 0x91,
0x86, 0x6d, 0x86, 0xe9, 0xfd, 0xf8, 0xb7, 0x9a, 0x12,
0xcb, 0xab, 0x1a, 0xc3, 0xe0, 0x2d, 0xa6, 0xa1, 0x22,
0x43, 0x4e, 0x76, 0x9d, 0x75 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xcd, 0x76, 0x63, 0x43, 0xe1, 0xc7, 0x6b, 0x59, 0x34,
0xa4, 0x23, 0x42, 0xc0, 0xb9, 0x98, 0x02 },
.key_data_len = 24,
};
/* WPA frame, 4 of 4. For parameters see eapol_wpa2_handshake_test */
static const unsigned char eapol_key_data_22[] = {
0x01, 0x03, 0x00, 0x5f, 0xfe, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x37, 0xbc, 0x08,
0x98, 0x99, 0x33, 0x1a, 0x70, 0xed, 0xa5, 0xb5, 0xb7, 0x54, 0xf5, 0x5f,
0x06, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_22 = {
.frame = eapol_key_data_22,
.frame_len = sizeof(eapol_key_data_22),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.wpa_key_id = 0,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x37, 0xbc, 0x08, 0x98, 0x99, 0x33, 0x1a, 0x70, 0xed,
0xa5, 0xb5, 0xb7, 0x54, 0xf5, 0x5f, 0x06 },
.key_data_len = 0,
};
/*
* WPA Group Handshake frame, 1 of 2. For parameters
* see eapol_wpa2_handshake_test
*/
static const unsigned char eapol_key_data_23[] = {
0x01, 0x03, 0x00, 0x7f, 0xfe, 0x03, 0xa1, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x6a, 0x65, 0xcf, 0x21, 0x0d, 0x51, 0xeb,
0xd6, 0xca, 0x3e, 0xc9, 0xee, 0xc9, 0xd9, 0xad, 0x2f, 0x14, 0x13, 0x8d,
0xb9, 0x33, 0xa1, 0xbb, 0xed, 0x94, 0x26, 0xa1, 0x73, 0x48, 0xc8, 0x4d,
0x4a, 0x0d, 0x8c, 0xe1, 0x3f, 0x1c, 0x0c, 0x52, 0x55, 0x00, 0xe5, 0x04,
0xe5, 0xbd, 0x46, 0x94, 0xdb, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xe5, 0xa3, 0x27,
0x7c, 0x85, 0x47, 0xd5, 0x3f, 0x35, 0xaf, 0x86, 0xc2, 0x2c, 0xcb, 0xb3,
0x87, 0x00, 0x20, 0xc8, 0xb3, 0x61, 0xc0, 0x71, 0x5d, 0x2e, 0x9a, 0x6a,
0x78, 0xdf, 0xfe, 0x0d, 0x64, 0x11, 0x23, 0xd9, 0xcc, 0xc6, 0x44, 0x65,
0x76, 0xba, 0x82, 0xd5, 0x08, 0x4b, 0x4e, 0x51, 0xc2, 0x6a, 0x3f,
};
static struct eapol_key_data eapol_key_test_23 = {
.frame = eapol_key_data_23,
.frame_len = sizeof(eapol_key_data_23),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 127,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = false,
.wpa_key_id = 2,
.install = false,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 2,
.key_nonce = { 0x6a, 0x65, 0xcf, 0x21, 0x0d, 0x51, 0xeb, 0xd6, 0xca,
0x3e, 0xc9, 0xee, 0xc9, 0xd9, 0xad, 0x2f, 0x14, 0x13,
0x8d, 0xb9, 0x33, 0xa1, 0xbb, 0xed, 0x94, 0x26, 0xa1,
0x73, 0x48, 0xc8, 0x4d, 0x4a },
.eapol_key_iv = { 0x0d, 0x8c, 0xe1, 0x3f, 0x1c, 0x0c, 0x52, 0x55, 0x00,
0xe5, 0x04, 0xe5, 0xbd, 0x46, 0x94, 0xdb },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0xe5, 0xa3, 0x27, 0x7c, 0x85, 0x47, 0xd5, 0x3f, 0x35,
0xaf, 0x86, 0xc2, 0x2c, 0xcb, 0xb3, 0x87 },
.key_data_len = 32,
};
/*
* WPA Group Handshake frame, 2 of 2. For parameters
* see eapol_wpa2_handshake_test
*/
static const unsigned char eapol_key_data_24[] = {
0x01, 0x03, 0x00, 0x5f, 0xfe, 0x03, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4f, 0x06, 0x47,
0x53, 0x9a, 0x1d, 0x3f, 0x9c, 0x02, 0x50, 0xb5, 0xc0, 0x40, 0x6b, 0x97,
0xf8, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_24 = {
.frame = eapol_key_data_24,
.frame_len = sizeof(eapol_key_data_24),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_WPA,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = false,
.wpa_key_id = 2,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 2,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x4f, 0x06, 0x47, 0x53, 0x9a, 0x1d, 0x3f, 0x9c, 0x02,
0x50, 0xb5, 0xc0, 0x40, 0x6b, 0x97, 0xf8 },
.key_data_len = 0,
};
/* FT frame, 1 of 4. For parameters see eapol_ft_handshake_test */
static const unsigned char eapol_key_data_25[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x00, 0x8b, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x33, 0xb2, 0x74, 0xa0, 0xae, 0xc9, 0xe8,
0x5d, 0x61, 0x11, 0x8f, 0x1b, 0x6b, 0x97, 0x77, 0x4e, 0x5b, 0x75, 0x08,
0x37, 0x45, 0x77, 0xdc, 0x14, 0x08, 0xa5, 0xf1, 0x80, 0xc5, 0xd2, 0xe9,
0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_25 = {
.frame = eapol_key_data_25,
.frame_len = sizeof(eapol_key_data_25),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES,
.key_type = true,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 1,
.key_nonce = { 0x33, 0xb2, 0x74, 0xa0, 0xae, 0xc9, 0xe8, 0x5d, 0x61,
0x11, 0x8f, 0x1b, 0x6b, 0x97, 0x77, 0x4e, 0x5b, 0x75,
0x08, 0x37, 0x45, 0x77, 0xdc, 0x14, 0x08, 0xa5, 0xf1,
0x80, 0xc5, 0xd2, 0xe9, 0xfd },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_data_len = 0,
};
/* FT frame, 2 of 4. For parameters see eapol_ft_handshake_test */
static const unsigned char eapol_key_data_26[] = {
0x02, 0x03, 0x00, 0xf0, 0x02, 0x01, 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0xac, 0x1e, 0xb2, 0xc7, 0x0b, 0x20, 0x8c,
0xe6, 0x0a, 0xe2, 0x07, 0xb2, 0x38, 0x9e, 0x44, 0x1f, 0xff, 0x39, 0x86,
0x3d, 0x44, 0x9f, 0x81, 0x24, 0x6f, 0xe3, 0x6e, 0xde, 0x0f, 0x1f, 0x56,
0xce, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x79, 0xa1, 0x95,
0x19, 0xe8, 0x5f, 0xcf, 0x2e, 0x60, 0x7d, 0x6f, 0xfb, 0xd9, 0xe8, 0x04,
0xb0, 0x00, 0x91, 0x30, 0x26, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01,
0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x00,
0x00, 0x01, 0x00, 0xde, 0xce, 0x50, 0xa0, 0x9e, 0xf0, 0x8c, 0x4e, 0xbe,
0xf2, 0xf1, 0xdb, 0xe9, 0x67, 0xb4, 0xd4, 0x36, 0x03, 0x12, 0x34, 0x01,
0x37, 0x62, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x06, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x06, 0x64, 0x75,
0x6d, 0x6d, 0x79, 0x30,
};
static struct eapol_key_data eapol_key_test_26 = {
.frame = eapol_key_data_26,
.frame_len = sizeof(eapol_key_data_26),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 240,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0xac, 0x1e, 0xb2, 0xc7, 0x0b, 0x20, 0x8c, 0xe6, 0x0a,
0xe2, 0x07, 0xb2, 0x38, 0x9e, 0x44, 0x1f, 0xff, 0x39,
0x86, 0x3d, 0x44, 0x9f, 0x81, 0x24, 0x6f, 0xe3, 0x6e,
0xde, 0x0f, 0x1f, 0x56, 0xce },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x79, 0xa1, 0x95, 0x19, 0xe8, 0x5f, 0xcf, 0x2e, 0x60,
0x7d, 0x6f, 0xfb, 0xd9, 0xe8, 0x04, 0xb0 },
.key_data_len = 145,
};
/* FT frame, 3 of 4. For parameters see eapol_ft_handshake_test */
static const unsigned char eapol_key_data_27[] = {
0x02, 0x03, 0x01, 0x1f, 0x02, 0x13, 0xcb, 0x00, 0x10, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x33, 0xb2, 0x74, 0xa0, 0xae, 0xc9, 0xe8,
0x5d, 0x61, 0x11, 0x8f, 0x1b, 0x6b, 0x97, 0x77, 0x4e, 0x5b, 0x75, 0x08,
0x37, 0x45, 0x77, 0xdc, 0x14, 0x08, 0xa5, 0xf1, 0x80, 0xc5, 0xd2, 0xe9,
0xfd, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0xe3, 0x6d,
0xef, 0x96, 0x5b, 0x07, 0xaa, 0x58, 0xce, 0xed, 0xb1, 0x57, 0x83, 0x51,
0x7e, 0x00, 0xc0, 0x1d, 0x41, 0x1c, 0xf6, 0x35, 0x4e, 0x5c, 0x0f, 0x4d,
0x03, 0x08, 0xe7, 0x3b, 0x33, 0x04, 0xde, 0x5e, 0x01, 0x77, 0x1c, 0xb8,
0x91, 0xef, 0x4f, 0x24, 0x64, 0x84, 0xaa, 0x94, 0x42, 0xc3, 0xcb, 0x63,
0x2d, 0xed, 0x5e, 0x5f, 0xcb, 0x1a, 0xff, 0x53, 0x58, 0x45, 0xd5, 0xc2,
0x11, 0x52, 0x40, 0x06, 0x08, 0x70, 0xd8, 0xd1, 0xf7, 0x79, 0xfe, 0x37,
0xb8, 0x6d, 0xd6, 0x27, 0x45, 0xbc, 0x11, 0x2a, 0x69, 0x05, 0x2c, 0x40,
0x3a, 0x06, 0x24, 0x5a, 0x7a, 0xa6, 0x79, 0x4b, 0x18, 0xc8, 0xbf, 0x21,
0x10, 0xa0, 0x7d, 0x80, 0x89, 0x77, 0x85, 0x27, 0x88, 0x74, 0x07, 0x00,
0x14, 0xe0, 0x91, 0xa2, 0xe0, 0xa2, 0x25, 0x3c, 0x26, 0xce, 0xd6, 0x9f,
0x33, 0x20, 0x99, 0xc6, 0xc0, 0x46, 0x91, 0x8a, 0x68, 0x5b, 0xa0, 0xa1,
0x30, 0xcd, 0x76, 0x58, 0x26, 0x81, 0x03, 0xe6, 0x79, 0x3b, 0xf6, 0x4b,
0x2f, 0x1d, 0x73, 0x8f, 0x62, 0xda, 0x22, 0xa9, 0xb4, 0xac, 0x77, 0xcc,
0xd4, 0xd4, 0x6f, 0x80, 0x31, 0xfb, 0x3d, 0x21, 0xde, 0x41, 0x09, 0x70,
0xcc, 0x18, 0xa6, 0xa5, 0x3e, 0xda, 0x1b, 0x6b, 0x30, 0xce, 0xd4, 0xde,
0xd4, 0x86, 0x7e, 0x71, 0xd0, 0x97, 0x85, 0xcc, 0xa2, 0xd3, 0x4c, 0x56,
0xcf, 0x1a, 0xd3, 0xff, 0xf8, 0x18, 0xfd, 0x52, 0x77, 0x21, 0xe9, 0x87,
0x3f, 0x14, 0x30,
};
static struct eapol_key_data eapol_key_test_27 = {
.frame = eapol_key_data_27,
.frame_len = sizeof(eapol_key_data_27),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 287,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES,
.key_type = true,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = true,
.smk_message = false,
.key_length = 16,
.key_replay_counter = 2,
.key_nonce = { 0x33, 0xb2, 0x74, 0xa0, 0xae, 0xc9, 0xe8, 0x5d, 0x61,
0x11, 0x8f, 0x1b, 0x6b, 0x97, 0x77, 0x4e, 0x5b, 0x75,
0x08, 0x37, 0x45, 0x77, 0xdc, 0x14, 0x08, 0xa5, 0xf1,
0x80, 0xc5, 0xd2, 0xe9, 0xfd },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x12, 0xe3, 0x6d, 0xef, 0x96, 0x5b, 0x07, 0xaa, 0x58,
0xce, 0xed, 0xb1, 0x57, 0x83, 0x51, 0x7e },
.key_data_len = 192,
};
/* FT frame, 4 of 4. For parameters see eapol_ft_handshake_test */
static const unsigned char eapol_key_data_28[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x03, 0x0b, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x3e, 0x85, 0x3a,
0x3c, 0x83, 0x71, 0x4a, 0x94, 0xe4, 0x30, 0xdf, 0xb2, 0x06, 0x65, 0xa1,
0xd4, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_28 = {
.frame = eapol_key_data_28,
.frame_len = sizeof(eapol_key_data_28),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_AES_128_CMAC_AES,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 2,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x3e, 0x85, 0x3a, 0x3c, 0x83, 0x71, 0x4a, 0x94, 0xe4,
0x30, 0xdf, 0xb2, 0x06, 0x65, 0xa1, 0xd4 },
.key_data_len = 0,
};
/* WPA frame, 1 of 4. For parameters see eapol_sm_test_igtk */
static const unsigned char eapol_key_data_29[] = {
0x02, 0x03, 0x00, 0x5f, 0x02, 0x00, 0x89, 0x00, 0x20, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x30, 0x37, 0x86,
0x8d, 0x6c, 0xd2, 0x38, 0xb2, 0xfe, 0xb4, 0x5b, 0xd3, 0xc6,
0x4b, 0xa1, 0x3e, 0x26, 0xd9, 0xa4, 0x89, 0x8b, 0x43, 0xf6,
0x66, 0x51, 0x26, 0x99, 0x5e, 0x62, 0xce, 0x8e, 0x9d, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
static struct eapol_key_data eapol_key_test_29 = {
.frame = eapol_key_data_29,
.frame_len = sizeof(eapol_key_data_29),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.install = false,
.key_ack = true,
.key_mic = false,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 1,
.key_nonce = { 0x30, 0x37, 0x86, 0x8d, 0x6c, 0xd2, 0x38, 0xb2, 0xfe,
0xb4, 0x5b, 0xd3, 0xc6, 0x4b, 0xa1, 0x3e, 0x26, 0xd9,
0xa4, 0x89, 0x8b, 0x43, 0xf6, 0x66, 0x51, 0x26, 0x99,
0x5e, 0x62, 0xce, 0x8e, 0x9d},
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, },
.key_data_len = 0,
};
/* WPA frame, 2 of 4. For parameters see eapol_sm_test_igtk */
static const unsigned char eapol_key_data_30[] = {
0x01, 0x03, 0x00, 0x7b, 0x02, 0x01, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x3e, 0x5e, 0xb7, 0x47, 0x91, 0xf4, 0x2a,
0x39, 0x3a, 0x6a, 0xbc, 0xeb, 0x9c, 0x25, 0x27, 0x0f, 0x61, 0xb4, 0x24,
0x8c, 0xf2, 0x97, 0xdf, 0x22, 0xef, 0x67, 0x15, 0x87, 0xad, 0x22, 0xc3,
0xd8, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x92, 0x76, 0xec,
0x87, 0x1e, 0x42, 0x7a, 0x66, 0x3f, 0x45, 0xb2, 0x7f, 0x7c, 0xd7, 0xe3,
0xb9, 0x00, 0x1c, 0x30, 0x1a, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02, 0x01,
0x00, 0x00, 0x0f, 0xac, 0x02, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02, 0x80,
0x00, 0x00, 0x00, 0x00, 0x0f, 0xac, 0x06,
};
static struct eapol_key_data eapol_key_test_30 = {
.frame = eapol_key_data_30,
.frame_len = sizeof(eapol_key_data_30),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 123,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = false,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 1,
.key_nonce = { 0x3e, 0x5e, 0xb7, 0x47, 0x91, 0xf4, 0x2a, 0x39, 0x3a,
0x6a, 0xbc, 0xeb, 0x9c, 0x25, 0x27, 0x0f, 0x61, 0xb4,
0x24, 0x8c, 0xf2, 0x97, 0xdf, 0x22, 0xef, 0x67, 0x15,
0x87, 0xad, 0x22, 0xc3, 0xd8 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x92, 0x76, 0xec, 0x87, 0x1e, 0x42, 0x7a, 0x66, 0x3f,
0x45, 0xb2, 0x7f, 0x7c, 0xd7, 0xe3, 0xb9 },
.key_data_len = 28,
};
/* WPA frame, 3 of 4. For parameters see eapol_sm_test_igtk */
static const unsigned char eapol_key_data_31[] = {
0x02, 0x03, 0x00, 0xd3, 0x02, 0x13, 0xc9, 0x00, 0x20, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x30, 0x37, 0x86, 0x8d, 0x6c, 0xd2, 0x38,
0xb2, 0xfe, 0xb4, 0x5b, 0xd3, 0xc6, 0x4b, 0xa1, 0x3e, 0x26, 0xd9, 0xa4,
0x89, 0x8b, 0x43, 0xf6, 0x66, 0x51, 0x26, 0x99, 0x5e, 0x62, 0xce, 0x8e,
0x9d, 0x92, 0xcf, 0x64, 0xa6, 0xf5, 0xea, 0x95, 0xf7, 0xf9, 0xeb, 0x6a,
0x54, 0x8a, 0x85, 0x6c, 0x1c, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1f, 0x80, 0xb3,
0x14, 0x1f, 0xfa, 0x11, 0x47, 0xcd, 0x6d, 0xd0, 0x20, 0x7e, 0x9e, 0x68,
0x65, 0x00, 0x74, 0x39, 0xf4, 0xc9, 0x3a, 0xf3, 0xac, 0xf5, 0xd3, 0x98,
0xeb, 0xaf, 0x3c, 0x0f, 0xf1, 0xb5, 0x33, 0xff, 0xb2, 0x00, 0x1b, 0xe4,
0x2c, 0x61, 0xaf, 0xff, 0x1c, 0x22, 0x76, 0x07, 0x3b, 0xbc, 0x0d, 0x0c,
0xeb, 0x8a, 0xdc, 0xcd, 0x47, 0x01, 0xa5, 0x6e, 0x76, 0x77, 0x85, 0x6f,
0x09, 0x43, 0x83, 0xee, 0x50, 0x6e, 0x5e, 0xb1, 0x24, 0xe3, 0x47, 0xef,
0x20, 0x5e, 0x5c, 0x10, 0x7a, 0xe3, 0x61, 0x69, 0x7b, 0xb0, 0xf6, 0xdd,
0x42, 0x1a, 0xe1, 0xc9, 0x33, 0xd6, 0xd3, 0x88, 0x40, 0xcc, 0x72, 0x28,
0x86, 0xce, 0xec, 0xea, 0xc0, 0xea, 0xc9, 0xcf, 0xe1, 0x93, 0x8b, 0x15,
0x5e, 0xbb, 0x1f, 0xf9, 0x6f, 0x10, 0x34, 0xa5, 0xfc, 0x61, 0x78, 0x77,
0xa7, 0xb1, 0x4d, 0xc4, 0x36, 0xea, 0x2f, 0x1d, 0xda, 0x31, 0xa1,
};
static struct eapol_key_data eapol_key_test_31 = {
.frame = eapol_key_data_31,
.frame_len = sizeof(eapol_key_data_31),
.protocol_version = EAPOL_PROTOCOL_VERSION_2004,
.packet_len = 211,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.install = true,
.key_ack = true,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = true,
.smk_message = false,
.key_length = 32,
.key_replay_counter = 2,
.key_nonce = { 0x30, 0x37, 0x86, 0x8d, 0x6c, 0xd2, 0x38, 0xb2, 0xfe,
0xb4, 0x5b, 0xd3, 0xc6, 0x4b, 0xa1, 0x3e, 0x26, 0xd9,
0xa4, 0x89, 0x8b, 0x43, 0xf6, 0x66, 0x51, 0x26, 0x99,
0x5e, 0x62, 0xce, 0x8e, 0x9d },
.eapol_key_iv = { 0x92, 0xcf, 0x64, 0xa6, 0xf5, 0xea, 0x95, 0xf7, 0xf9,
0xeb, 0x6a, 0x54, 0x8a, 0x85, 0x6c, 0x1c},
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x1f, 0x80, 0xb3, 0x14, 0x1f, 0xfa, 0x11, 0x47, 0xcd,
0x6d, 0xd0, 0x20, 0x7e, 0x9e, 0x68, 0x65 },
.key_data_len = 116,
};
/* WPA frame, 4 of 4. For parameters see eapol_sm_test_igtk */
static const unsigned char eapol_key_data_32[] = {
0x01, 0x03, 0x00, 0x5f, 0x02, 0x03, 0x09, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x66, 0x2c, 0x07,
0x9b, 0x73, 0xb6, 0x94, 0xb9, 0x4b, 0x7f, 0xa1, 0x99, 0x2f, 0x7a, 0x92,
0xe2, 0x00, 0x00
};
static struct eapol_key_data eapol_key_test_32 = {
.frame = eapol_key_data_32,
.frame_len = sizeof(eapol_key_data_32),
.protocol_version = EAPOL_PROTOCOL_VERSION_2001,
.packet_len = 95,
.descriptor_type = EAPOL_DESCRIPTOR_TYPE_80211,
.key_descriptor_version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.key_type = true,
.install = false,
.key_ack = false,
.key_mic = true,
.secure = true,
.error = false,
.request = false,
.encrypted_key_data = false,
.smk_message = false,
.key_length = 0,
.key_replay_counter = 2,
.key_nonce = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.eapol_key_iv = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_rsc = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 },
.key_mic_data = { 0x66, 0x2c, 0x07, 0x9b, 0x73, 0xb6, 0x94, 0xb9,
0x4b, 0x7f, 0xa1, 0x99, 0x2f, 0x7a, 0x92, 0xe2 },
.key_data_len = 0,
};
static void eapol_key_test(const void *data)
{
const struct eapol_key_data *test = data;
const struct eapol_key *packet;
packet = eapol_key_validate(test->frame, test->frame_len);
assert(packet);
assert(packet->header.protocol_version == test->protocol_version);
assert(packet->header.packet_type == 0x03);
assert(L_BE16_TO_CPU(packet->header.packet_len) == test->packet_len);
assert(packet->descriptor_type == test->descriptor_type);
assert(packet->key_descriptor_version == test->key_descriptor_version);
assert(packet->key_type == test->key_type);
assert(packet->wpa_key_id == test->wpa_key_id);
assert(packet->install == test->install);
assert(packet->key_ack == test->key_ack);
assert(packet->key_mic == test->key_mic);
assert(packet->secure == test->secure);
assert(packet->error == test->error);
assert(packet->request == test->request);
assert(packet->encrypted_key_data == test->encrypted_key_data);
assert(packet->smk_message == test->smk_message);
assert(L_BE16_TO_CPU(packet->key_length) == test->key_length);
assert(L_BE64_TO_CPU(packet->key_replay_counter) ==
test->key_replay_counter);
assert(!memcmp(packet->key_nonce, test->key_nonce,
sizeof(packet->key_nonce)));
assert(!memcmp(packet->eapol_key_iv, test->eapol_key_iv,
sizeof(packet->eapol_key_iv)));
assert(!memcmp(packet->key_mic_data, test->key_mic_data,
sizeof(packet->key_mic_data)));
assert(!memcmp(packet->key_rsc, test->key_rsc,
sizeof(packet->key_rsc)));
assert(L_BE16_TO_CPU(packet->key_data_len) == test->key_data_len);
}
struct eapol_key_mic_test {
const uint8_t *frame;
size_t frame_len;
enum eapol_key_descriptor_version version;
const uint8_t *kck;
const uint8_t *mic;
};
static const uint8_t eapol_key_mic_data_1[] = {
0x01, 0x03, 0x00, 0x75, 0x02, 0x01, 0x0a, 0x00,
0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x59, 0x16, 0x8b, 0xc3, 0xa5, 0xdf, 0x18,
0xd7, 0x1e, 0xfb, 0x64, 0x23, 0xf3, 0x40, 0x08,
0x8d, 0xab, 0x9e, 0x1b, 0xa2, 0xbb, 0xc5, 0x86,
0x59, 0xe0, 0x7b, 0x37, 0x64, 0xb0, 0xde, 0x85,
0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x16, 0x30, 0x14, 0x01, 0x00, 0x00,
0x0f, 0xac, 0x04, 0x01, 0x00, 0x00, 0x0f, 0xac,
0x04, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02, 0x01,
0x00,
};
static const uint8_t eapol_key_mic_1[] = {
0x9c, 0xc3, 0xfa, 0xa0, 0xc6, 0x85, 0x96, 0x1d,
0x84, 0x06, 0xbb, 0x65, 0x77, 0x45, 0x13, 0x5d,
};
static unsigned char kck_data_1[] = {
0x9a, 0x75, 0xef, 0x0b, 0xde, 0x7c, 0x20, 0x9c,
0xca, 0xe1, 0x3f, 0x54, 0xb1, 0xb3, 0x3e, 0xa3,
};
static const struct eapol_key_mic_test eapol_key_mic_test_1 = {
.frame = eapol_key_mic_data_1,
.frame_len = sizeof(eapol_key_mic_data_1),
.version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
.kck = kck_data_1,
.mic = eapol_key_mic_1,
};
static const uint8_t eapol_key_mic_2[] = {
0x6f, 0x04, 0x89, 0xcf, 0x74, 0x06, 0xac, 0xf0,
0xae, 0x8f, 0xcb, 0x32, 0xbc, 0xe5, 0x7c, 0x37,
};
static const struct eapol_key_mic_test eapol_key_mic_test_2 = {
.frame = eapol_key_mic_data_1,
.frame_len = sizeof(eapol_key_mic_data_1),
.version = EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
.kck = kck_data_1,
.mic = eapol_key_mic_2,
};
static void eapol_key_mic_test(const void *data)
{
const struct eapol_key_mic_test *test = data;
uint8_t mic[16];
memset(mic, 0, sizeof(mic));
switch (test->version) {
case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4:
assert(hmac_md5(test->kck, 16, test->frame, test->frame_len,
mic, 16));
break;
case EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES:
assert(hmac_sha1(test->kck, 16, test->frame, test->frame_len,
mic, 16));
break;
default:
assert(false);
}
assert(!memcmp(test->mic, mic, sizeof(mic)));
}
struct eapol_calculate_mic_test {
const uint8_t *frame;
size_t frame_len;
const uint8_t *kck;
const uint8_t *mic;
};
static const struct eapol_calculate_mic_test eapol_calculate_mic_test_1 = {
.frame = eapol_key_mic_data_1,
.frame_len = sizeof(eapol_key_mic_data_1),
.kck = kck_data_1,
.mic = eapol_key_mic_2,
};
static void eapol_calculate_mic_test(const void *data)
{
const struct eapol_calculate_mic_test *test = data;
struct eapol_key *frame;
uint8_t mic[16];
bool ret;
memset(mic, 0, sizeof(mic));
frame = (struct eapol_key *) test->frame;
ret = eapol_calculate_mic(test->kck, frame, mic);
assert(ret);
assert(!memcmp(test->mic, mic, sizeof(mic)));
}
static void eapol_4way_test(const void *data)
{
uint8_t anonce[32];
uint8_t snonce[32];
uint8_t mic[16];
struct eapol_key *frame;
uint8_t aa[] = { 0x24, 0xa2, 0xe1, 0xec, 0x17, 0x04 };
uint8_t spa[] = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 };
const char *passphrase = "EasilyGuessedPassword";
const char *ssid = "TestWPA";
const unsigned char expected_psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
unsigned char psk[32];
struct crypto_ptk *ptk;
size_t ptk_len;
bool ret;
const struct eapol_key *step1;
const struct eapol_key *step2;
const struct eapol_key *step3;
const struct eapol_key *step4;
uint8_t *decrypted_key_data;
size_t decrypted_key_data_len;
step1 = eapol_key_validate(eapol_key_data_3,
sizeof(eapol_key_data_3));
assert(step1);
assert(eapol_verify_ptk_1_of_4(step1));
memcpy(anonce, step1->key_nonce, sizeof(step1->key_nonce));
step2 = eapol_key_validate(eapol_key_data_4,
sizeof(eapol_key_data_4));
assert(step2);
assert(eapol_verify_ptk_2_of_4(step2));
memcpy(snonce, step2->key_nonce, sizeof(step2->key_nonce));
assert(!crypto_psk_from_passphrase(passphrase, (uint8_t *) ssid,
strlen(ssid), psk));
assert(!memcmp(expected_psk, psk, sizeof(psk)));
ptk_len = sizeof(struct crypto_ptk) +
crypto_cipher_key_len(CRYPTO_CIPHER_CCMP);
ptk = l_malloc(ptk_len);
ret = crypto_derive_pairwise_ptk(psk, aa, spa, anonce, snonce,
ptk, ptk_len, false);
assert(ret);
frame = eapol_create_ptk_2_of_4(EAPOL_PROTOCOL_VERSION_2001,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
eapol_key_test_4.key_replay_counter,
snonce, eapol_key_test_4.key_data_len,
eapol_key_data_4 + sizeof(struct eapol_key),
false);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_4, sizeof(eapol_key_data_4)));
l_free(frame);
step3 = eapol_key_validate(eapol_key_data_5,
sizeof(eapol_key_data_5));
assert(step3);
assert(eapol_verify_ptk_3_of_4(step3, false));
assert(!memcmp(anonce, step3->key_nonce, sizeof(step3->key_nonce)));
assert(eapol_verify_mic(ptk->kck, step3));
decrypted_key_data = eapol_decrypt_key_data(ptk->kek, step3,
&decrypted_key_data_len);
assert(decrypted_key_data[0] == 48); // RSNE
l_free(decrypted_key_data);
step4 = eapol_key_validate(eapol_key_data_6,
sizeof(eapol_key_data_6));
assert(step4);
assert(eapol_verify_ptk_4_of_4(step4, false));
l_free(ptk);
}
static void eapol_wpa2_handshake_test(const void *data)
{
uint8_t anonce[32];
uint8_t snonce[32];
uint8_t mic[16];
struct eapol_key *frame;
uint8_t aa[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
uint8_t spa[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
const char *passphrase = "EasilyGuessedPassword";
const char *ssid = "TestWPA";
const unsigned char expected_psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
unsigned char psk[32];
struct crypto_ptk *ptk;
size_t ptk_len;
bool ret;
const struct eapol_key *ptk_step1;
const struct eapol_key *ptk_step2;
const struct eapol_key *ptk_step3;
const struct eapol_key *ptk_step4;
const struct eapol_key *gtk_step1;
const struct eapol_key *gtk_step2;
uint8_t *decrypted_key_data;
size_t decrypted_key_data_len;
ptk_step1 = eapol_key_validate(eapol_key_data_7,
sizeof(eapol_key_data_7));
assert(ptk_step1);
assert(eapol_verify_ptk_1_of_4(ptk_step1));
memcpy(anonce, ptk_step1->key_nonce, sizeof(ptk_step1->key_nonce));
ptk_step2 = eapol_key_validate(eapol_key_data_8,
sizeof(eapol_key_data_8));
assert(ptk_step2);
assert(eapol_verify_ptk_2_of_4(ptk_step2));
memcpy(snonce, ptk_step2->key_nonce, sizeof(ptk_step2->key_nonce));
assert(!crypto_psk_from_passphrase(passphrase, (uint8_t *) ssid,
strlen(ssid), psk));
assert(!memcmp(expected_psk, psk, sizeof(psk)));
ptk_len = sizeof(struct crypto_ptk) +
crypto_cipher_key_len(CRYPTO_CIPHER_CCMP);
ptk = l_malloc(ptk_len);
ret = crypto_derive_pairwise_ptk(psk, aa, spa, anonce, snonce,
ptk, ptk_len, false);
assert(ret);
frame = eapol_create_ptk_2_of_4(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
eapol_key_test_8.key_replay_counter,
snonce, eapol_key_test_8.key_data_len,
eapol_key_data_8 + sizeof(struct eapol_key),
false);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_8, sizeof(eapol_key_data_8)));
l_free(frame);
ptk_step3 = eapol_key_validate(eapol_key_data_9,
sizeof(eapol_key_data_9));
assert(ptk_step3);
assert(eapol_verify_ptk_3_of_4(ptk_step3, false));
assert(!memcmp(anonce, ptk_step3->key_nonce,
sizeof(ptk_step3->key_nonce)));
assert(eapol_verify_mic(ptk->kck, ptk_step3));
decrypted_key_data = eapol_decrypt_key_data(ptk->kek, ptk_step3,
&decrypted_key_data_len);
assert(decrypted_key_data[0] == 48); // RSNE
l_free(decrypted_key_data);
ptk_step4 = eapol_key_validate(eapol_key_data_10,
sizeof(eapol_key_data_10));
assert(ptk_step4);
assert(eapol_verify_ptk_4_of_4(ptk_step4, false));
frame = eapol_create_ptk_4_of_4(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
eapol_key_test_10.key_replay_counter, false);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_10, sizeof(eapol_key_data_10)));
l_free(frame);
gtk_step1 = eapol_key_validate(eapol_key_data_11,
sizeof(eapol_key_data_11));
assert(gtk_step1);
assert(eapol_verify_gtk_1_of_2(gtk_step1, false));
decrypted_key_data = eapol_decrypt_key_data(ptk->kek, gtk_step1,
&decrypted_key_data_len);
assert(decrypted_key_data[0] == 221); /* GTK KDE */
assert(decrypted_key_data[2] == 0x00);
assert(decrypted_key_data[3] == 0x0f);
assert(decrypted_key_data[4] == 0xac);
assert(decrypted_key_data[5] == 0x01);
l_free(decrypted_key_data);
gtk_step2 = eapol_key_validate(eapol_key_data_12,
sizeof(eapol_key_data_12));
assert(gtk_step2);
assert(eapol_verify_gtk_2_of_2(gtk_step2, false));
frame = eapol_create_gtk_2_of_2(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_SHA1_AES,
eapol_key_test_12.key_replay_counter, false, 0);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_12, sizeof(eapol_key_data_12)));
l_free(frame);
l_free(ptk);
}
static void eapol_wpa_handshake_test(const void *data)
{
uint8_t anonce[32];
uint8_t snonce[32];
uint8_t mic[16];
struct eapol_key *frame;
uint8_t aa[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
uint8_t spa[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
const char *passphrase = "EasilyGuessedPassword";
const char *ssid = "TestWPA";
const unsigned char expected_psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
unsigned char psk[32];
struct crypto_ptk *ptk;
size_t ptk_len;
bool ret;
const struct eapol_key *ptk_step1;
const struct eapol_key *ptk_step2;
const struct eapol_key *ptk_step3;
const struct eapol_key *ptk_step4;
const struct eapol_key *gtk_step1;
const struct eapol_key *gtk_step2;
uint8_t *decrypted_key_data;
size_t decrypted_key_data_len;
ptk_step1 = eapol_key_validate(eapol_key_data_13,
sizeof(eapol_key_data_13));
assert(ptk_step1);
assert(eapol_verify_ptk_1_of_4(ptk_step1));
memcpy(anonce, ptk_step1->key_nonce, sizeof(ptk_step1->key_nonce));
ptk_step2 = eapol_key_validate(eapol_key_data_14,
sizeof(eapol_key_data_14));
assert(ptk_step2);
assert(eapol_verify_ptk_2_of_4(ptk_step2));
memcpy(snonce, ptk_step2->key_nonce, sizeof(ptk_step2->key_nonce));
assert(!crypto_psk_from_passphrase(passphrase, (uint8_t *) ssid,
strlen(ssid), psk));
assert(!memcmp(expected_psk, psk, sizeof(psk)));
ptk_len = sizeof(struct crypto_ptk) +
crypto_cipher_key_len(CRYPTO_CIPHER_TKIP);
ptk = l_malloc(ptk_len);
ret = crypto_derive_pairwise_ptk(psk, aa, spa, anonce, snonce,
ptk, ptk_len, false);
assert(ret);
frame = eapol_create_ptk_2_of_4(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
eapol_key_test_14.key_replay_counter,
snonce, eapol_key_test_14.key_data_len,
eapol_key_data_14 + sizeof(struct eapol_key),
true);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_14, sizeof(eapol_key_data_14)));
l_free(frame);
ptk_step3 = eapol_key_validate(eapol_key_data_15,
sizeof(eapol_key_data_15));
assert(ptk_step3);
assert(eapol_verify_ptk_3_of_4(ptk_step3, true));
assert(!memcmp(anonce, ptk_step3->key_nonce,
sizeof(ptk_step3->key_nonce)));
assert(eapol_verify_mic(ptk->kck, ptk_step3));
assert(ptk_step3->key_data[0] == IE_TYPE_VENDOR_SPECIFIC);
assert(is_ie_wpa_ie(ptk_step3->key_data + 2,
ptk_step3->key_data_len - 2));
ptk_step4 = eapol_key_validate(eapol_key_data_16,
sizeof(eapol_key_data_16));
assert(ptk_step4);
assert(eapol_verify_ptk_4_of_4(ptk_step4, true));
frame = eapol_create_ptk_4_of_4(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
eapol_key_test_16.key_replay_counter, true);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_16, sizeof(eapol_key_data_16)));
l_free(frame);
gtk_step1 = eapol_key_validate(eapol_key_data_17,
sizeof(eapol_key_data_17));
assert(gtk_step1);
assert(eapol_verify_gtk_1_of_2(gtk_step1, true));
decrypted_key_data = eapol_decrypt_key_data(ptk->kek, gtk_step1,
&decrypted_key_data_len);
assert(decrypted_key_data_len == 32);
l_free(decrypted_key_data);
gtk_step2 = eapol_key_validate(eapol_key_data_18,
sizeof(eapol_key_data_18));
assert(gtk_step2);
assert(eapol_verify_gtk_2_of_2(gtk_step2, true));
frame = eapol_create_gtk_2_of_2(EAPOL_PROTOCOL_VERSION_2004,
EAPOL_KEY_DESCRIPTOR_VERSION_HMAC_MD5_ARC4,
eapol_key_test_18.key_replay_counter, true,
gtk_step1->wpa_key_id);
assert(frame);
assert(eapol_calculate_mic(ptk->kck, frame, mic));
memcpy(frame->key_mic_data, mic, sizeof(mic));
assert(!memcmp(frame, eapol_key_data_18, sizeof(eapol_key_data_18)));
l_free(frame);
l_free(ptk);
}
static int verify_step2(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef, bool noencrypt,
void *user_data)
{
const struct eapol_key *ek = (const struct eapol_key *) ef;
size_t ek_len = sizeof(struct eapol_key) +
L_BE16_TO_CPU(ek->key_data_len);
assert(ifindex == 1);
assert(proto == ETH_P_PAE);
assert(!memcmp(aa_addr, aa, 6));
assert(ek_len == expected_step2_frame_size);
assert(!memcmp(ek, expected_step2_frame, expected_step2_frame_size));
verify_step2_called = true;
return 0;
}
static int verify_step4(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef, bool noencrypt,
void *user_data)
{
const struct eapol_key *ek = (const struct eapol_key *) ef;
size_t ek_len = sizeof(struct eapol_key) +
L_BE16_TO_CPU(ek->key_data_len);
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
assert(proto == ETH_P_PAE);
assert(ek_len == expected_step4_frame_size);
assert(!memcmp(ek, expected_step4_frame, expected_step4_frame_size));
verify_step4_called = true;
return 0;
}
static int verify_step2_gtk(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef, bool noencrypt,
void *user_data)
{
const struct eapol_key *ek = (const struct eapol_key *) ef;
size_t ek_len = sizeof(struct eapol_key) +
L_BE16_TO_CPU(ek->key_data_len);
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
assert(proto == ETH_P_PAE);
assert(ek_len == expected_gtk_step2_frame_size);
assert(!memcmp(ek, expected_gtk_step2_frame,
expected_gtk_step2_frame_size));
verify_gtk_step2_called = true;
return 0;
}
static bool test_nonce(uint8_t nonce[])
{
memcpy(nonce, snonce, 32);
return true;
}
static void eapol_sm_test_ptk(const void *data)
{
const unsigned char psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
const unsigned char ap_rsne[] = {
0x30, 0x14, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x02, 0x00, 0x00 };
static uint8_t ap_address[] = { 0x24, 0xa2, 0xe1, 0xec, 0x17, 0x04 };
static uint8_t sta_address[] = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_4.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_4;
expected_step2_frame_size = sizeof(eapol_key_data_4);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_6;
expected_step4_frame_size = sizeof(eapol_key_data_6);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
/* key_data_3 uses 2004 while key_data_3 uses 2001, so force 2001 */
eapol_sm_set_protocol_version(sm, EAPOL_PROTOCOL_VERSION_2001);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, aa);
handshake_state_set_supplicant_address(hs, spa);
r = handshake_state_set_own_rsn(hs,
eapol_key_data_4 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_rsn(hs, ap_rsne);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_3,
sizeof(eapol_key_data_3), false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_5,
sizeof(eapol_key_data_5), false);
assert(verify_step4_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static void eapol_sm_test_igtk(const void *data)
{
const unsigned char psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
const unsigned char ap_rsne[] = {
0x30, 0x1a, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x02, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x02,
0x80, 0x00, 0x00, 0x00, 0x00, 0x0f, 0xac, 0x06 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_30.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_30;
expected_step2_frame_size = sizeof(eapol_key_data_30);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_32;
expected_step4_frame_size = sizeof(eapol_key_data_32);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
/* key_data_29 uses 2004 while key_data_30 uses 2001, so force 2001 */
eapol_sm_set_protocol_version(sm, EAPOL_PROTOCOL_VERSION_2001);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, aa);
handshake_state_set_supplicant_address(hs, spa);
r = handshake_state_set_own_rsn(hs,
eapol_key_data_30 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_rsn(hs, ap_rsne);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_29,
sizeof(eapol_key_data_29), false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_31,
sizeof(eapol_key_data_31), false);
assert(verify_step4_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static void eapol_sm_test_wpa2_ptk_gtk(const void *data)
{
const unsigned char psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
const unsigned char ap_rsne[] = {
0x30, 0x12, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x02 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_8.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_8;
expected_step2_frame_size = sizeof(eapol_key_data_8);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_10;
expected_step4_frame_size = sizeof(eapol_key_data_10);
verify_gtk_step2_called = false;
expected_gtk_step2_frame = eapol_key_data_12;
expected_gtk_step2_frame_size = sizeof(eapol_key_data_12);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, aa);
handshake_state_set_supplicant_address(hs, spa);
r = handshake_state_set_own_rsn(hs,
eapol_key_data_8 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_rsn(hs, ap_rsne);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_7,
sizeof(eapol_key_data_7), false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_9,
sizeof(eapol_key_data_9), false);
assert(verify_step4_called);
__eapol_set_tx_packet_func(verify_step2_gtk);
__eapol_rx_packet(1, aa, ETH_P_PAE, eapol_key_data_11,
sizeof(eapol_key_data_11), false);
assert(verify_gtk_step2_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static void eapol_sm_test_wpa_ptk_gtk(const void *data)
{
const unsigned char psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
const unsigned char ap_wpa_ie[] = {
0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00,
0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50,
0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_14.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_14;
expected_step2_frame_size = sizeof(eapol_key_data_14);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_16;
expected_step4_frame_size = sizeof(eapol_key_data_16);
verify_gtk_step2_called = false;
expected_gtk_step2_frame = eapol_key_data_18;
expected_gtk_step2_frame_size = sizeof(eapol_key_data_18);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, ap_address);
handshake_state_set_supplicant_address(hs, sta_address);
r = handshake_state_set_own_wpa(hs,
eapol_key_data_14 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_wpa(hs, ap_wpa_ie);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_13,
sizeof(eapol_key_data_13), false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_15,
sizeof(eapol_key_data_15), false);
assert(verify_step4_called);
__eapol_set_tx_packet_func(verify_step2_gtk);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_17,
sizeof(eapol_key_data_17), false);
assert(verify_gtk_step2_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static void eapol_sm_test_wpa_ptk_gtk_2(const void *data)
{
const unsigned char psk[] = {
0xbf, 0x9a, 0xa3, 0x15, 0x53, 0x00, 0x12, 0x5e,
0x7a, 0x5e, 0xbb, 0x2a, 0x54, 0x9f, 0x8c, 0xd4,
0xed, 0xab, 0x8e, 0xe1, 0x2e, 0x94, 0xbf, 0xc2,
0x4b, 0x33, 0x57, 0xad, 0x04, 0x96, 0x65, 0xd9 };
const unsigned char ap_wpa_ie[] = {
0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00,
0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50,
0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02 };
static uint8_t ap_address[] = { 0x24, 0xa2, 0xe1, 0xec, 0x17, 0x04 };
static uint8_t sta_address[] = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_20.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_20;
expected_step2_frame_size = sizeof(eapol_key_data_20);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_22;
expected_step4_frame_size = sizeof(eapol_key_data_22);
verify_gtk_step2_called = false;
expected_gtk_step2_frame = eapol_key_data_24;
expected_gtk_step2_frame_size = sizeof(eapol_key_data_24);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, ap_address);
handshake_state_set_supplicant_address(hs, sta_address);
r = handshake_state_set_own_wpa(hs,
eapol_key_data_20 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_wpa(hs, ap_wpa_ie);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_19,
sizeof(eapol_key_data_19), false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_21,
sizeof(eapol_key_data_21), false);
assert(verify_step4_called);
__eapol_set_tx_packet_func(verify_step2_gtk);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eapol_key_data_23,
sizeof(eapol_key_data_23), false);
assert(verify_gtk_step2_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static void verify_install_tk(uint32_t ifindex, const uint8_t *aa_addr,
const uint8_t *tk, uint32_t cipher,
void *user_data)
{
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
if (user_data) {
assert(!memcmp(tk, user_data, 32));
assert(cipher == CRYPTO_CIPHER_TKIP);
}
verify_install_tk_called = true;
}
static void verify_install_gtk(uint32_t ifindex, uint8_t key_index,
const uint8_t *gtk, uint8_t gtk_len,
const uint8_t *rsc, uint8_t rsc_len,
uint32_t cipher, void *user_data)
{
assert(ifindex == 1);
verify_install_gtk_called = true;
}
static inline size_t EKL(const struct eapol_key *frame)
{
return sizeof(*frame) + L_BE16_TO_CPU(frame->key_data_len);
}
static struct eapol_key *UPDATED_REPLAY_COUNTER(const struct eapol_key *frame,
uint64_t replay_counter,
struct crypto_ptk *ptk)
{
struct eapol_key *ret = l_memdup(frame, EKL(frame));
uint8_t mic[16];
ret->key_replay_counter = L_CPU_TO_BE64(replay_counter);
memset(ret->key_mic_data, 0, sizeof(ret->key_mic_data));
eapol_calculate_mic(ptk->kck, ret, mic);
memcpy(ret->key_mic_data, mic, sizeof(mic));
return ret;
}
static void eapol_sm_wpa2_retransmit_test(const void *data)
{
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
const char *passphrase = "EasilyGuessedPassword";
const char *ssid = "TestWPA";
unsigned char psk[32];
const unsigned char ap_rsne[] = {
0x30, 0x12, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x02 };
uint8_t new_snonce[32];
struct crypto_ptk *ptk;
size_t ptk_len;
struct eapol_key *expect;
struct eapol_key *retransmit;
bool r;
const struct eapol_key *ptk_step1;
const struct eapol_key *ptk_step2;
const struct eapol_key *ptk_step3;
const struct eapol_key *ptk_step4;
const struct eapol_key *gtk_step1;
const struct eapol_key *gtk_step2;
struct handshake_state *hs;
struct eapol_sm *sm;
uint64_t replay_counter;
aa = ap_address;
spa = sta_address;
crypto_psk_from_passphrase(passphrase, (uint8_t *) ssid,
strlen(ssid), psk);
eapol_init();
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_pmk(hs, psk, 32);
handshake_state_set_authenticator_address(hs, ap_address);
handshake_state_set_supplicant_address(hs, sta_address);
r = handshake_state_set_own_rsn(hs,
eapol_key_data_8 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_rsn(hs, ap_rsne);
eapol_start(sm);
ptk_step1 = eapol_key_validate(eapol_key_data_7,
sizeof(eapol_key_data_7));
assert(ptk_step1);
ptk_step2 = eapol_key_validate(eapol_key_data_8,
sizeof(eapol_key_data_8));
assert(ptk_step2);
replay_counter = L_BE64_TO_CPU(ptk_step1->key_replay_counter);
snonce = ptk_step2->key_nonce;
__handshake_set_get_nonce_func(test_nonce);
__handshake_set_install_tk_func(verify_install_tk);
__handshake_set_install_gtk_func(verify_install_gtk);
ptk_len = sizeof(struct crypto_ptk) +
crypto_cipher_key_len(CRYPTO_CIPHER_CCMP);
ptk = l_malloc(ptk_len);
assert(crypto_derive_pairwise_ptk(psk, aa, spa,
ptk_step1->key_nonce,
ptk_step2->key_nonce,
ptk, ptk_len, false));
verify_step2_called = false;
expected_step2_frame = (const uint8_t *) ptk_step2;
expected_step2_frame_size = EKL(ptk_step2);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) ptk_step1, EKL(ptk_step1),
false);
assert(verify_step2_called);
/* Detect whether we generate a new snonce when we shouldn't */
memset(new_snonce, 0xff, sizeof(new_snonce));
snonce = new_snonce;
/*
* Now retransmit frame 1 again without updating the counter. This
* seems to be legal since the STA should not update the replay counter
* unless the packet has a MIC.
*/
verify_step2_called = false;
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) ptk_step1, EKL(ptk_step1),
false);
assert(verify_step2_called);
/* Now retransmit frame 1 with an updated counter */
replay_counter += 1;
retransmit = l_memdup(ptk_step1, EKL(ptk_step1));
retransmit->key_replay_counter = L_CPU_TO_BE64(replay_counter);
expect = UPDATED_REPLAY_COUNTER(ptk_step2, replay_counter, ptk);
verify_step2_called = false;
expected_step2_frame = (const uint8_t *) expect;
expected_step2_frame_size = EKL(expect);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) retransmit, EKL(retransmit),
false);
assert(verify_step2_called);
l_free(expect);
l_free(retransmit);
ptk_step3 = eapol_key_validate(eapol_key_data_9,
sizeof(eapol_key_data_9));
assert(ptk_step3);
ptk_step4 = eapol_key_validate(eapol_key_data_10,
sizeof(eapol_key_data_10));
assert(ptk_step4);
verify_install_tk_called = false;
verify_step4_called = false;
expected_step4_frame = (const uint8_t *) ptk_step4;
expected_step4_frame_size = EKL(ptk_step4);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) ptk_step3, EKL(ptk_step3),
false);
assert(verify_step4_called);
assert(verify_install_tk_called);
/*
* Now retransmit message 3. Make sure install_tk_called is false
* this time. This prevents KRACK style attacks.
*/
replay_counter += 1;
retransmit = UPDATED_REPLAY_COUNTER(ptk_step3, replay_counter, ptk);
expect = UPDATED_REPLAY_COUNTER(ptk_step4, replay_counter, ptk);
verify_install_tk_called = false;
verify_step4_called = false;
expected_step4_frame = (const uint8_t *) expect;
expected_step4_frame_size = EKL(expect);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) retransmit, EKL(retransmit),
false);
assert(verify_step4_called);
assert(!verify_install_tk_called);
l_free(expect);
l_free(retransmit);
gtk_step1 = eapol_key_validate(eapol_key_data_11,
sizeof(eapol_key_data_11));
assert(gtk_step1);
gtk_step2 = eapol_key_validate(eapol_key_data_12,
sizeof(eapol_key_data_12));
assert(gtk_step2);
/*
* Now run the GTK handshake. Since we retransmitted Step 3 above,
* update the replay counter and perform the initial transmission
*/
replay_counter += 1;
retransmit = UPDATED_REPLAY_COUNTER(gtk_step1, replay_counter, ptk);
expect = UPDATED_REPLAY_COUNTER(gtk_step2, replay_counter, ptk);
verify_install_gtk_called = false;
verify_gtk_step2_called = false;
expected_gtk_step2_frame = (const uint8_t *) expect;
expected_gtk_step2_frame_size = EKL(expect);
__eapol_set_tx_packet_func(verify_step2_gtk);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) retransmit, EKL(retransmit),
false);
assert(verify_gtk_step2_called);
assert(verify_install_gtk_called);
l_free(retransmit);
l_free(expect);
/* Now send a retransmit, make sure GTK isn't installed again */
replay_counter += 1;
retransmit = UPDATED_REPLAY_COUNTER(gtk_step1, replay_counter, ptk);
expect = UPDATED_REPLAY_COUNTER(gtk_step2, replay_counter, ptk);
verify_install_gtk_called = false;
verify_gtk_step2_called = false;
expected_gtk_step2_frame = (const uint8_t *) expect;
expected_gtk_step2_frame_size = EKL(expect);
__eapol_set_tx_packet_func(verify_step2_gtk);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
(const uint8_t *) retransmit, EKL(retransmit),
false);
assert(verify_gtk_step2_called);
assert(!verify_install_gtk_called);
l_free(retransmit);
l_free(expect);
l_free(ptk);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
static const uint8_t eap_identity_req[] = {
0x02, 0x00, 0x00, 0x05, 0x01, 0x01, 0x00, 0x05, 0x01
};
static const uint8_t eap_identity_resp[] = {
0x02, 0x00, 0x00, 0x14, 0x02, 0x01, 0x00, 0x14, 0x01, 0x61, 0x62, 0x63,
0x40, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65, 0x2e, 0x63, 0x6f, 0x6d
};
struct eapol_8021x_tls_test_state {
l_tls_write_cb_t app_data_cb;
l_tls_ready_cb_t ready_cb;
l_tls_disconnect_cb_t disconnect_cb;
uint8_t method;
struct l_tls *tls;
uint8_t last_id;
bool success;
bool pending_req;
bool tx_ack;
uint8_t tx_buf[16384];
unsigned int tx_buf_len, tx_buf_offset;
uint8_t pmk[32];
};
static int verify_8021x_identity_resp(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef,
bool noencrypt,
void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
size_t len = sizeof(struct eapol_header) +
L_BE16_TO_CPU(ef->header.packet_len);
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
assert(proto == ETH_P_PAE);
assert(len == sizeof(eap_identity_resp));
assert(!memcmp(ef, eap_identity_resp, sizeof(eap_identity_resp)));
assert(s->pending_req);
s->pending_req = 0;
return 0;
}
static int verify_8021x_tls_resp(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef,
bool noencrypt,
void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
size_t len = sizeof(struct eapol_header) +
L_BE16_TO_CPU(ef->header.packet_len);
size_t fragment_len, header_len;
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
assert(proto == ETH_P_PAE);
assert(len >= 10);
assert(ef->header.protocol_version == EAPOL_PROTOCOL_VERSION_2004);
assert(ef->header.packet_type == 0x00); /* EAPoL-EAP */
assert(ef->data[0] == EAP_CODE_RESPONSE);
assert(ef->data[1] == s->last_id);
assert(ef->data[4] == s->method);
assert((ef->data[5] & 0x3f) == 0); /* Flags */
/* Expecting an ACK? */
if (s->tx_buf_len || s->success) {
assert(ef->data[5] == 0);
assert(len == 10);
}
header_len = 6;
fragment_len = l_get_be16(ef->data + 2) - header_len;
if (ef->data[5] & 0x80) { /* L flag */
assert(len >= 14);
header_len += 4;
fragment_len -= 4;
assert(ef->data[5] & 0x40); /* M flag */
assert(l_get_be32(ef->data + 6) > fragment_len);
}
s->tx_ack = !!(ef->data[5] & 0x40); /* M flag */
assert(len == 4 + header_len + fragment_len);
assert(s->pending_req);
s->pending_req = 0;
if (fragment_len)
l_tls_handle_rx(s->tls, ef->data + header_len, fragment_len);
return 0;
}
static void eapol_sm_test_tls_new_data(const uint8_t *data, size_t len,
void *user_data)
{
assert(false);
}
static void eapol_sm_test_tls_test_write(const uint8_t *data, size_t len,
void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
assert(!s->tx_ack);
assert(!s->tx_buf_offset);
memcpy(s->tx_buf + s->tx_buf_len, data, len);
s->tx_buf_len += len;
}
static void eapol_sm_test_tls_test_ready(const char *peer_identity,
void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
uint8_t seed[64];
assert(!s->tx_ack);
/* TODO: require the right peer_identity */
s->success = true;
memcpy(seed + 0, s->tls->pending.client_random, 32);
memcpy(seed + 32, s->tls->pending.server_random, 32);
tls_prf_get_bytes(s->tls, L_CHECKSUM_SHA256, 32,
s->tls->pending.master_secret,
sizeof(s->tls->pending.master_secret),
"client EAP encryption", seed, 64, s->pmk, 32);
}
static void eapol_sm_test_tls_test_disconnected(enum l_tls_alert_desc reason,
bool remote, void *user_data)
{
assert(false);
}
static void verify_deauthenticate(uint32_t ifindex, const uint8_t *aa,
const uint8_t *spa,
uint16_t reason_code, void *user_data)
{
assert(false);
}
static void eapol_sm_test_tls(struct eapol_8021x_tls_test_state *s,
const char *config)
{
static const unsigned char ap_wpa_ie[] = {
0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00,
0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50,
0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
struct l_settings *settings;
uint8_t tx_buf[2000];
size_t header_len, data_len, tx_len;
bool start;
uint8_t step1_buf[256], step2_buf[256], step3_buf[256], step4_buf[256];
struct eapol_key *step1, *step2, *step3, *step4;
uint8_t ptk_buf[64];
struct crypto_ptk *ptk;
aa = ap_address;
spa = sta_address;
eap_init(0);
eapol_init();
__handshake_set_get_nonce_func(test_nonce);
__eapol_set_deauthenticate_func(verify_deauthenticate);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_authenticator_address(hs, ap_address);
handshake_state_set_supplicant_address(hs, sta_address);
__eapol_set_tx_user_data(s);
r = handshake_state_set_own_wpa(hs,
eapol_key_data_14 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_wpa(hs, ap_wpa_ie);
settings = l_settings_new();
l_settings_load_from_data(settings, config, strlen(config));
handshake_state_set_8021x_config(hs, settings);
eapol_start(sm);
l_settings_free(settings);
__eapol_set_tx_packet_func(verify_8021x_identity_resp);
s->pending_req = 1;
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_identity_req,
sizeof(eap_identity_req), false);
assert(!s->pending_req);
s->tls = l_tls_new(true, s->app_data_cb, eapol_sm_test_tls_test_write,
s->ready_cb, s->disconnect_cb, s);
assert(s->tls);
s->last_id = 1;
s->success = false;
s->tx_buf_len = 0;
s->tx_buf_offset = 0;
l_tls_set_auth_data(s->tls, "ell/unit/cert-server.pem",
"ell/unit/cert-server-key-pkcs8.pem", NULL);
l_tls_set_cacert(s->tls, "ell/unit/cert-ca.pem");
start = 1;
__eapol_set_tx_packet_func(verify_8021x_tls_resp);
while (!s->success || s->tx_buf_len) {
tx_len = 0;
data_len = 1024 < s->tx_buf_len ? 1024 : s->tx_buf_len;
header_len = 6;
if (data_len < s->tx_buf_len && !s->tx_buf_offset)
header_len += 4;
tx_buf[tx_len++] = EAPOL_PROTOCOL_VERSION_2004;
tx_buf[tx_len++] = 0x00; /* EAPoL-EAP */
tx_buf[tx_len++] = (data_len + header_len) >> 8;
tx_buf[tx_len++] = (data_len + header_len) >> 0;
tx_buf[tx_len++] = EAP_CODE_REQUEST;
tx_buf[tx_len++] = ++s->last_id;
tx_buf[tx_len++] = (data_len + header_len) >> 8;
tx_buf[tx_len++] = (data_len + header_len) >> 0;
tx_buf[tx_len++] = s->method;
tx_buf[tx_len++] = 0x00; /* Flags */
if (start) {
tx_buf[tx_len - 1] |= 0x20; /* S flag */
start = 0;
}
if (data_len < s->tx_buf_len)
tx_buf[tx_len - 1] |= 0x40; /* M flag */
if (data_len < s->tx_buf_len && !s->tx_buf_offset) {
tx_buf[tx_len - 1] |= 0x80; /* L flag */
tx_buf[tx_len++] = s->tx_buf_len >> 24;
tx_buf[tx_len++] = s->tx_buf_len >> 16;
tx_buf[tx_len++] = s->tx_buf_len >> 8;
tx_buf[tx_len++] = s->tx_buf_len >> 0;
}
memcpy(tx_buf + tx_len, s->tx_buf + s->tx_buf_offset, data_len);
tx_len += data_len;
s->tx_buf_offset += data_len;
s->tx_buf_len -= data_len;
if (!s->tx_buf_len)
s->tx_buf_offset = 0;
s->pending_req = 1;
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
tx_buf, tx_len, false);
assert(!s->pending_req);
while (s->tx_ack) {
tx_len = 0;
tx_buf[tx_len++] = EAPOL_PROTOCOL_VERSION_2004;
tx_buf[tx_len++] = 0x00; /* EAPoL-EAP */
tx_buf[tx_len++] = 0x00;
tx_buf[tx_len++] = 0x06; /* Length */
tx_buf[tx_len++] = EAP_CODE_REQUEST;
tx_buf[tx_len++] = ++s->last_id;
tx_buf[tx_len++] = 0x00;
tx_buf[tx_len++] = 0x06; /* Length */
tx_buf[tx_len++] = s->method;
tx_buf[tx_len++] = 0x00; /* Flags */
s->pending_req = 1;
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
tx_buf, tx_len, false);
assert(!s->pending_req);
}
}
l_tls_free(s->tls);
tx_len = 0;
tx_buf[tx_len++] = EAPOL_PROTOCOL_VERSION_2004;
tx_buf[tx_len++] = 0x00; /* EAPoL-EAP */
tx_buf[tx_len++] = 0x00;
tx_buf[tx_len++] = 0x04; /* Length */
tx_buf[tx_len++] = EAP_CODE_SUCCESS;
tx_buf[tx_len++] = s->last_id;
tx_buf[tx_len++] = 0x00;
tx_buf[tx_len++] = 0x04; /* Length */
__eapol_rx_packet(1, ap_address, ETH_P_PAE, tx_buf, tx_len, false);
memcpy(step1_buf, eapol_key_data_13, sizeof(eapol_key_data_13));
step1 = (struct eapol_key *)
eapol_key_validate(step1_buf, sizeof(eapol_key_data_13));
memcpy(step2_buf, eapol_key_data_14, sizeof(eapol_key_data_14));
step2 = (struct eapol_key *)
eapol_key_validate(step2_buf, sizeof(eapol_key_data_14));
memcpy(step3_buf, eapol_key_data_15, sizeof(eapol_key_data_15));
step3 = (struct eapol_key *)
eapol_key_validate(step3_buf, sizeof(eapol_key_data_15));
memcpy(step4_buf, eapol_key_data_16, sizeof(eapol_key_data_16));
step4 = (struct eapol_key *)
eapol_key_validate(step4_buf, sizeof(eapol_key_data_16));
ptk = (struct crypto_ptk *) ptk_buf;
crypto_derive_pairwise_ptk(s->pmk, sta_address, ap_address,
step1->key_nonce, step2->key_nonce,
ptk, 64, false);
memset(step2->key_mic_data, 0, 16);
assert(eapol_calculate_mic(ptk->kck, step2, step2->key_mic_data));
memset(step3->key_mic_data, 0, 16);
assert(eapol_calculate_mic(ptk->kck, step3, step3->key_mic_data));
memset(step4->key_mic_data, 0, 16);
assert(eapol_calculate_mic(ptk->kck, step4, step4->key_mic_data));
snonce = step2->key_nonce;
verify_step2_called = false;
expected_step2_frame = step2_buf;
expected_step2_frame_size = sizeof(eapol_key_data_14);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
step1_buf, sizeof(eapol_key_data_13), false);
assert(verify_step2_called);
verify_step4_called = false;
verify_install_tk_called = false;
expected_step4_frame = step4_buf;
expected_step4_frame_size = sizeof(eapol_key_data_16);
__eapol_set_tx_packet_func(verify_step4);
__handshake_set_install_tk_func(verify_install_tk);
handshake_state_set_user_data(hs, ptk->tk);
__eapol_rx_packet(1, ap_address, ETH_P_PAE,
step3_buf, sizeof(eapol_key_data_15), false);
assert(verify_step4_called);
assert(verify_install_tk_called);
__handshake_set_install_tk_func(NULL);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
eap_exit();
}
static void eapol_sm_test_eap_tls(const void *data)
{
static const char *eapol_8021x_config = "[Security]\n"
"EAP-Method=TLS\n"
"EAP-Identity=abc@example.com\n"
"EAP-TLS-CACert=ell/unit/cert-ca.pem\n"
"EAP-TLS-ClientCert=ell/unit/cert-client.pem\n"
"EAP-TLS-ClientKey=ell/unit/cert-client-key-pkcs8.pem";
struct eapol_8021x_tls_test_state s;
s.app_data_cb = eapol_sm_test_tls_new_data;
s.ready_cb = eapol_sm_test_tls_test_ready;
s.disconnect_cb = eapol_sm_test_tls_test_disconnected;
s.method = EAP_TYPE_TLS_EAP;
eapol_sm_test_tls(&s, eapol_8021x_config);
}
static const uint8_t eap_ttls_eap_identity_avp[] = {
0x00, 0x00, 0x00, 0x4f, 0x40, 0x00, 0x00, 0x1c, 0x02, 0x00, 0x00, 0x14,
0x01, 0x61, 0x62, 0x63, 0x40, 0x65, 0x78, 0x61, 0x6d, 0x70, 0x6c, 0x65,
0x2e, 0x63, 0x6f, 0x6d
};
static const uint8_t eap_ttls_eap_md5_challenge_avp[] = {
0x00, 0x00, 0x00, 0x4f, 0x40, 0x00, 0x00, 0x1e, 0x01, 0xbb, 0x00, 0x16,
0x04, 0x10, 0x3a, 0x34, 0x58, 0xc4, 0xf1, 0xa3, 0xdc, 0x45, 0xd0, 0xca,
0x96, 0x33, 0x9b, 0x95, 0xb8, 0xd6, 0x00, 0x00
};
static const uint8_t eap_ttls_eap_md5_response_avp[] = {
0x00, 0x00, 0x00, 0x4f, 0x40, 0x00, 0x00, 0x1e, 0x02, 0xbb, 0x00, 0x16,
0x04, 0x10, 0x10, 0xcc, 0x62, 0x4c, 0x98, 0x2b, 0x82, 0xbd, 0x13, 0x4a,
0x81, 0xcb, 0x70, 0x78, 0xcd, 0xc2, 0x00, 0x00
};
struct eapol_8021x_eap_ttls_test_state {
struct eapol_8021x_tls_test_state tls;
bool challenge_sent;
};
static void eapol_sm_test_eap_ttls_new_data(const uint8_t *data, size_t len,
void *user_data)
{
struct eapol_8021x_eap_ttls_test_state *s = user_data;
if (!s->challenge_sent) {
assert(len == sizeof(eap_ttls_eap_identity_avp));
assert(!memcmp(data, eap_ttls_eap_identity_avp, len));
l_tls_write(s->tls.tls, eap_ttls_eap_md5_challenge_avp,
sizeof(eap_ttls_eap_md5_challenge_avp));
s->challenge_sent = true;
} else {
assert(len == sizeof(eap_ttls_eap_md5_response_avp));
assert(!memcmp(data, eap_ttls_eap_md5_response_avp, len));
s->tls.success = true;
}
}
static void eapol_sm_test_eap_ttls_test_ready(const char *peer_identity,
void *user_data)
{
struct eapol_8021x_eap_ttls_test_state *s = user_data;
uint8_t seed[64];
assert(!s->tls.tx_ack);
/* TODO: require the right peer_identity */
memcpy(seed + 0, s->tls.tls->pending.client_random, 32);
memcpy(seed + 32, s->tls.tls->pending.server_random, 32);
tls_prf_get_bytes(s->tls.tls, L_CHECKSUM_SHA256, 32,
s->tls.tls->pending.master_secret,
sizeof(s->tls.tls->pending.master_secret),
"ttls keying material", seed, 64,
s->tls.pmk, 32);
s->challenge_sent = false;
}
static void eapol_sm_test_eap_ttls_md5(const void *data)
{
static const char *eapol_8021x_config = "[Security]\n"
"EAP-Method=TTLS\n"
"EAP-Identity=abc@example.com\n"
"EAP-TTLS-CACert=ell/unit/cert-ca.pem\n"
"EAP-TTLS-ClientCert=ell/unit/cert-client.pem\n"
"EAP-TTLS-ClientKey=ell/unit/cert-client-key-pkcs8.pem\n"
"EAP-TTLS-Phase2-Method=MD5\n"
"EAP-TTLS-Phase2-Identity=abc@example.com\n"
"EAP-TTLS-Phase2-MD5-Secret=testpasswd";
struct eapol_8021x_eap_ttls_test_state s;
s.tls.app_data_cb = eapol_sm_test_eap_ttls_new_data;
s.tls.ready_cb = eapol_sm_test_eap_ttls_test_ready;
s.tls.disconnect_cb = eapol_sm_test_tls_test_disconnected;
s.tls.method = EAP_TYPE_TTLS;
eapol_sm_test_tls(&s.tls, eapol_8021x_config);
}
static bool eap_nak_verify_deauthenticate_called;
static void eap_nak_verify_deauthenticate(uint32_t ifindex, const uint8_t *aa,
const uint8_t *spa,
uint16_t reason_code,
void *user_data)
{
assert(!eap_nak_verify_deauthenticate_called);
eap_nak_verify_deauthenticate_called = true;
}
static const uint8_t eap_ttls_start_req[] = {
0x02, 0x00, 0x00, 0x06, 0x01, 0x02, 0x00, 0x06, 0x15, 0x20
};
static const uint8_t eap_nak_tls[] = {
0x02, 0x00, 0x00, 0x06, 0x02, 0x02, 0x00, 0x06, 0x03, 0x0d
};
static const uint8_t eap_failure[] = {
0x02, 0x00, 0x00, 0x04, 0x04, 0x02, 0x00, 0x04
};
static int verify_8021x_eap_nak(uint32_t ifindex,
const uint8_t *aa_addr, uint16_t proto,
const struct eapol_frame *ef, bool noencrypt,
void *user_data)
{
struct eapol_8021x_tls_test_state *s = user_data;
size_t len = sizeof(struct eapol_header) +
L_BE16_TO_CPU(ef->header.packet_len);
assert(ifindex == 1);
assert(!memcmp(aa_addr, aa, 6));
assert(proto == ETH_P_PAE);
assert(len == sizeof(eap_nak_tls));
assert(!memcmp(ef, eap_nak_tls, sizeof(eap_nak_tls)));
assert(s->pending_req);
s->pending_req = 0;
return 0;
}
static void eapol_sm_test_eap_nak(const void *data)
{
static const char *eapol_8021x_config = "[Security]\n"
"EAP-Method=TLS\n"
"EAP-Identity=abc@example.com\n"
"EAP-TLS-CACert=ell/unit/cert-ca.pem\n"
"EAP-TLS-ClientCert=ell/unit/cert-client.pem\n"
"EAP-TLS-ClientKey=ell/unit/cert-client-key-pkcs8.pem";
static const unsigned char ap_wpa_ie[] = {
0xdd, 0x16, 0x00, 0x50, 0xf2, 0x01, 0x01, 0x00,
0x00, 0x50, 0xf2, 0x02, 0x01, 0x00, 0x00, 0x50,
0xf2, 0x02, 0x01, 0x00, 0x00, 0x50, 0xf2, 0x02 };
static uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
static uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x01, 0x00 };
bool r;
struct handshake_state *hs;
struct eapol_sm *sm;
struct l_settings *settings;
struct eapol_8021x_tls_test_state s;
aa = ap_address;
spa = sta_address;
eap_init(0);
eapol_init();
__handshake_set_get_nonce_func(test_nonce);
__eapol_set_deauthenticate_func(verify_deauthenticate);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_authenticator_address(hs, ap_address);
handshake_state_set_supplicant_address(hs, sta_address);
__eapol_set_tx_user_data(&s);
r = handshake_state_set_own_wpa(hs,
eapol_key_data_20 + sizeof(struct eapol_key));
assert(r);
handshake_state_set_ap_wpa(hs, ap_wpa_ie);
settings = l_settings_new();
l_settings_load_from_data(settings, eapol_8021x_config,
strlen(eapol_8021x_config));
handshake_state_set_8021x_config(hs, settings);
eapol_start(sm);
l_settings_free(settings);
__eapol_set_tx_packet_func(verify_8021x_identity_resp);
s.pending_req = 1;
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_identity_req,
sizeof(eap_identity_req), false);
assert(!s.pending_req);
s.pending_req = 1;
__eapol_set_tx_packet_func(verify_8021x_eap_nak);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_ttls_start_req,
sizeof(eap_ttls_start_req), false);
assert(!s.pending_req);
eap_nak_verify_deauthenticate_called = false;
__eapol_set_deauthenticate_func(eap_nak_verify_deauthenticate);
__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_failure,
sizeof(eap_failure), false);
assert(eap_nak_verify_deauthenticate_called);
handshake_state_free(hs);
eapol_exit();
eap_exit();
}
static void eapol_ft_handshake_test(const void *data)
{
const unsigned char psk[] = {
0xbc, 0xcd, 0x17, 0x98, 0xef, 0x6c, 0xb8, 0x7f,
0x2b, 0x54, 0x75, 0xfb, 0x98, 0x06, 0x57, 0xd2,
0xea, 0x02, 0x6c, 0xe3, 0x68, 0xef, 0x3f, 0xca,
0xda, 0x31, 0x48, 0x54, 0x3f, 0xee, 0x94, 0xf0 };
const unsigned char ap_rsne[] = {
0x30, 0x14, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x04, 0x81, 0x00 };
const unsigned char own_rsne[] = {
0x30, 0x12, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
0x00, 0x0f, 0xac, 0x04 };
const uint8_t mde[] = { 0x36, 0x03, 0x12, 0x34, 0x01 };
const uint8_t fte[] = {
0x37, 0x62, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x01, 0x06, 0x02, 0x00,
0x00, 0x00, 0x00, 0x00, 0x03, 0x06, 0x64, 0x75,
0x6d, 0x6d, 0x79, 0x30 };
const uint8_t r0khid[] = "dummy0";
const uint8_t r1khid[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
const uint8_t ap_address[] = { 0x02, 0x00, 0x00, 0x00, 0x00, 0x00 };
const uint8_t sta_address[] = { 0x02, 0x00, 0x00, 0x00, 0x02, 0x00 };
const char *ssid = "TestFT";
struct handshake_state *hs;
struct eapol_sm *sm;
eapol_init();
snonce = eapol_key_test_26.key_nonce;
__handshake_set_get_nonce_func(test_nonce);
aa = ap_address;
spa = sta_address;
verify_step2_called = false;
expected_step2_frame = eapol_key_data_26;
expected_step2_frame_size = sizeof(eapol_key_data_26);
verify_step4_called = false;
expected_step4_frame = eapol_key_data_28;
expected_step4_frame_size = sizeof(eapol_key_data_28);
hs = handshake_state_new(1);
sm = eapol_sm_new(hs);
eapol_register(sm);
handshake_state_set_pmk(hs, psk, sizeof(psk));
handshake_state_set_authenticator_address(hs, aa);
handshake_state_set_supplicant_address(hs, spa);
handshake_state_set_ssid(hs, (void *) ssid, strlen(ssid));
handshake_state_set_own_rsn(hs, own_rsne);
handshake_state_set_ap_rsn(hs, ap_rsne);
handshake_state_set_mde(hs, mde);
handshake_state_set_fte(hs, fte);
handshake_state_set_kh_ids(hs, r0khid, strlen((void *) r0khid), r1khid);
eapol_start(sm);
__eapol_set_tx_packet_func(verify_step2);
__eapol_rx_packet(1, aa, ETH_P_PAE,
eapol_key_data_25, sizeof(eapol_key_data_25),
false);
assert(verify_step2_called);
__eapol_set_tx_packet_func(verify_step4);
__eapol_rx_packet(1, aa, ETH_P_PAE,
eapol_key_data_27, sizeof(eapol_key_data_27),
false);
assert(verify_step4_called);
eapol_sm_free(sm);
handshake_state_free(hs);
eapol_exit();
}
int main(int argc, char *argv[])
{
l_test_init(&argc, &argv);
l_test_add("/EAPoL Key/Key Frame 1",
eapol_key_test, &eapol_key_test_1);
l_test_add("/EAPoL Key/Key Frame 2",
eapol_key_test, &eapol_key_test_2);
l_test_add("/EAPoL Key/Key Frame 3",
eapol_key_test, &eapol_key_test_3);
l_test_add("/EAPoL Key/Key Frame 4",
eapol_key_test, &eapol_key_test_4);
l_test_add("/EAPoL Key/Key Frame 5",
eapol_key_test, &eapol_key_test_5);
l_test_add("/EAPoL Key/Key Frame 6",
eapol_key_test, &eapol_key_test_6);
l_test_add("/EAPoL Key/Key Frame 7",
eapol_key_test, &eapol_key_test_7);
l_test_add("/EAPoL Key/Key Frame 8",
eapol_key_test, &eapol_key_test_8);
l_test_add("/EAPoL Key/Key Frame 9",
eapol_key_test, &eapol_key_test_9);
l_test_add("/EAPoL Key/Key Frame 10",
eapol_key_test, &eapol_key_test_10);
l_test_add("/EAPoL Key/Key Frame 11",
eapol_key_test, &eapol_key_test_11);
l_test_add("/EAPoL Key/Key Frame 12",
eapol_key_test, &eapol_key_test_12);
l_test_add("/EAPoL Key/Key Frame 13",
eapol_key_test, &eapol_key_test_13);
l_test_add("/EAPoL Key/Key Frame 14",
eapol_key_test, &eapol_key_test_14);
l_test_add("/EAPoL Key/Key Frame 15",
eapol_key_test, &eapol_key_test_15);
l_test_add("/EAPoL Key/Key Frame 16",
eapol_key_test, &eapol_key_test_16);
l_test_add("/EAPoL Key/Key Frame 17",
eapol_key_test, &eapol_key_test_17);
l_test_add("/EAPoL Key/Key Frame 18",
eapol_key_test, &eapol_key_test_18);
l_test_add("/EAPoL Key/Key Frame 19",
eapol_key_test, &eapol_key_test_19);
l_test_add("/EAPoL Key/Key Frame 20",
eapol_key_test, &eapol_key_test_20);
l_test_add("/EAPoL Key/Key Frame 21",
eapol_key_test, &eapol_key_test_21);
l_test_add("/EAPoL Key/Key Frame 22",
eapol_key_test, &eapol_key_test_22);
l_test_add("/EAPoL Key/Key Frame 23",
eapol_key_test, &eapol_key_test_23);
l_test_add("/EAPoL Key/Key Frame 24",
eapol_key_test, &eapol_key_test_24);
l_test_add("/EAPoL Key/Key Frame 25",
eapol_key_test, &eapol_key_test_25);
l_test_add("/EAPoL Key/Key Frame 26",
eapol_key_test, &eapol_key_test_26);
l_test_add("/EAPoL Key/Key Frame 27",
eapol_key_test, &eapol_key_test_27);
l_test_add("/EAPoL Key/Key Frame 28",
eapol_key_test, &eapol_key_test_28);
l_test_add("/EAPoL Key/Key Frame 29",
eapol_key_test, &eapol_key_test_29);
l_test_add("/EAPoL Key/Key Frame 30",
eapol_key_test, &eapol_key_test_30);
l_test_add("/EAPoL Key/Key Frame 31",
eapol_key_test, &eapol_key_test_31);
l_test_add("/EAPoL Key/Key Frame 32",
eapol_key_test, &eapol_key_test_32);
if (!l_checksum_is_supported(L_CHECKSUM_MD5, true) ||
!l_checksum_is_supported(L_CHECKSUM_SHA1, true))
goto done;
l_test_add("/EAPoL Key/MIC Test 1",
eapol_key_mic_test, &eapol_key_mic_test_1);
l_test_add("/EAPoL Key/MIC Test 2",
eapol_key_mic_test, &eapol_key_mic_test_2);
l_test_add("/EAPoL Key/Calculate MIC Test 1",
eapol_calculate_mic_test, &eapol_calculate_mic_test_1);
if (!l_cipher_is_supported(L_CIPHER_AES) ||
!l_cipher_is_supported(L_CIPHER_ARC4))
goto done;
l_test_add("EAPoL/WPA2 4-Way Handshake",
&eapol_4way_test, NULL);
l_test_add("EAPoL/WPA2 4-Way & GTK Handshake",
&eapol_wpa2_handshake_test, NULL);
l_test_add("EAPoL/WPA 4-Way & GTK Handshake",
&eapol_wpa_handshake_test, NULL);
l_test_add("EAPoL/WPA2 PTK State Machine", &eapol_sm_test_ptk, NULL);
l_test_add("EAPoL IGTK & 4-Way Handshake",
&eapol_sm_test_igtk, NULL);
l_test_add("EAPoL/WPA2 PTK & GTK State Machine",
&eapol_sm_test_wpa2_ptk_gtk, NULL);
l_test_add("EAPoL/WPA PTK & GTK State Machine Test 1",
&eapol_sm_test_wpa_ptk_gtk, NULL);
l_test_add("EAPoL/WPA PTK & GTK State Machine Test 2",
&eapol_sm_test_wpa_ptk_gtk_2, NULL);
l_test_add("EAPoL/WPA2 Retransmit Test",
&eapol_sm_wpa2_retransmit_test, NULL);
if (l_cipher_is_supported(L_CIPHER_DES3_EDE_CBC) &&
l_cipher_is_supported(L_CIPHER_AES_CBC) &&
l_key_is_supported(L_KEY_FEATURE_RESTRICT |
L_KEY_FEATURE_CRYPTO)) {
l_test_add("EAPoL/8021x EAP-TLS & 4-Way Handshake",
&eapol_sm_test_eap_tls, NULL);
l_test_add("EAPoL/8021x EAP-TTLS+EAP-MD5 & 4-Way Handshake",
&eapol_sm_test_eap_ttls_md5, NULL);
l_test_add("EAPoL/8021x EAP NAK",
&eapol_sm_test_eap_nak, NULL);
}
l_test_add("EAPoL/FT-Using-PSK 4-Way Handshake",
&eapol_ft_handshake_test, NULL);
done:
return l_test_run();
}