Ard Biesheuvel
1db8a85a60
crypto: incorporate C implementation of ARC4
...
Incorporate the LGPL v2.1 licensed implementation of ARC4, taken from
the Nettle project (https://git.lysator.liu.se/nettle/nettle.git ,
commit 3e7a480a1e351884), and tweak it a bit so we don't have to
operate on a skip buffer to fast forward the stream cipher, but can
simply invoke it with NULL dst or src arguments to achieve the same.
This removes the dependency [via libell] on the OS's implementation of
ecb(arc4), which may be going away, and which is not usually accelerated
in the first place.
2020-08-03 16:28:24 -05:00
Denis Kenzior
45824ff7eb
unit: Update to the new handshake API
2020-04-02 00:41:18 -05:00
Andrew Zaborowski
2d95b17c1d
unit: Update event handler in WSC, eapol tests
2019-10-30 14:26:14 -05:00
Marcel Holtmann
152b56a12a
treewide: Move the Intel copyright forward to 2019
2019-10-25 00:43:08 +02:00
Denis Kenzior
c8247c3754
unit: assert that l_settings creation/loading succeeds
2019-10-17 12:42:45 -05:00
James Prestwood
f71a28ce38
unit: update wsc/eapol with new eap_init
...
test-eapol was passing zero as the MTU, so this simply needed to be
updated to remove that parameter.
test-wsc was actually setting a MTU value so when building the
settings we now add the proper value so the MTU can be set with
__eap_set_config.
2019-10-11 15:45:26 -05:00
Marcel Holtmann
5508833bab
build: Hide the PKCS8 unit tests behind MAINTAINER_MODE for now
2019-10-11 08:57:38 +02:00
James Prestwood
fddf15f527
unit: add test for embedded certs to test-eapol
...
Refactored eapol_sm_test_tls to take a l_settings object rather than
a settings string. This lets the caller either load from data or
from file (the new test loads the build time generated tls-settings
file).
2019-10-07 14:41:15 -05:00
James Prestwood
f8de0a58f3
unit: update test-eapol to new ELL APIs
2019-10-02 10:37:39 -05:00
Andrew Zaborowski
969c1871c5
unit: Update values in EAP-TLS-ServerDomainMask tests
...
Use more realistic domain name mask strings to be matched against the
DNS Name values in the subjectAltName extension.
2019-08-26 11:12:07 -05:00
Andrew Zaborowski
9c4c9a71c5
unit: Test the EAP-TLS-ServerSubjectMatch config option
2019-08-23 09:31:59 -05:00
Denis Kenzior
483194ee91
unit: Update to the new handshake_state API
2019-07-15 21:45:32 -05:00
James Prestwood
6c372c6c19
unit: update test-eapol with new handshake APIs
2019-06-07 14:22:39 -05:00
Marcel Holtmann
cde9933124
build: Generate certificates for unit testing locally
2019-05-11 10:11:12 +02:00
James Prestwood
a70ef82432
unit: update test-{crypto,eapol} with PTK changes
...
Updated to use l_checksum_type instead of boolean
2019-04-26 12:31:04 -05:00
James Prestwood
e999aa02a1
unit: update test-eapol with _verify_ptk_3_of_4 change
2019-04-26 12:24:53 -05:00
James Prestwood
62e20ca285
eapol: pass mic_len in gtk 1/2 verify
...
FILS authentication does away with the MIC, so checking for key_mic
in the eapol key frame does not allow FILS to work. Now we pass in
the mic_len to eapol_verify_gtk_1_of_2, and if it is non-zero we can
check that the MIC is present in the frame.
2019-04-17 18:40:46 -05:00
Marcel Holtmann
ea074ffe67
build: Create ELL_UNIT_TEST_DATA define for certificate directory
2019-04-03 19:16:29 +02:00
Denis Kenzior
f8af73f2c7
unit: Use l_container_of
2019-04-03 11:49:36 -05:00
Tim Kourt
2a104185a0
unit: Rename EAP TLS type
2019-04-02 14:34:43 -05:00
Denis Kenzior
c638fd50c8
unit: Add IWD_TLS_DEBUG environment variable handling
2019-02-22 14:48:44 -06:00
Andrew Zaborowski
62851b9e47
unit: Fix usage of sizeof(struct eapol_key) in test-eapol
2019-01-22 11:40:47 -06:00
James Prestwood
f6013d8730
unit: update test-eapol to work with crypto/eapol changes
2019-01-17 15:20:28 -06:00
Andrew Zaborowski
1578a37ac2
unit: Call the new l_tls_start in eap-tls test
2018-12-19 10:05:38 -06:00
Andrew Zaborowski
8c333a585a
unit: Update for l_tls API changes
2018-11-19 13:04:30 -06:00
Tim Kourt
f369c9006e
unit: use new setting key name for EAP-MD5
2018-10-29 18:46:07 -05:00
Tim Kourt
949e672b75
unit: Fix TTLS test
...
Single AVP should not be padded with zeros as padding is only
used to separate AVPs in a sequence.
RFC 5281 Section 10.2. AVP Sequences
Data encapsulated within the TLS record layer must consist entirely
of a sequence of zero or more AVPs. Each AVP must begin on a four-
octet boundary relative to the first AVP in the sequence. If an AVP
is not a multiple of four octets, it must be padded with zeros to the
next four-octet boundary.
Note that the AVP Length does not include the padding.
2018-10-19 10:00:10 -05:00
Marcel Holtmann
8f8a214fbd
build: Use new l_tls_prf_get_bytes and remove ell/tls-private.h usage
2018-10-19 09:30:59 +02:00
Marcel Holtmann
467d3958b4
build: Use l_tls_prf_get_bytes instead of tls_prf_get_bytes
2018-10-19 08:46:57 +02:00
Marcel Holtmann
b27edce298
build: Use include "" instead of include <> for ell/tls-private.h
2018-10-19 08:24:57 +02:00
Denis Kenzior
d22e57c994
treewide: Remove use of key-private.h
2018-10-19 00:31:41 -05:00
Andrew Zaborowski
6405f487c6
unit: Update handshake_state WPA/RSN IE setter names
2018-08-27 11:46:38 -05:00
James Prestwood
c629d71427
unit: updated eapol test to reflect API changes
...
verify/calculate_mic and key decryption API's now take the AKM suite
2018-08-09 15:06:44 -05:00
Denis Kenzior
41361053b3
unit: Print tls_alert
2018-06-28 13:23:29 -05:00
Denis Kenzior
5446389d32
unit: Store handshake_failed in test_handshake_state
...
Instead of using a global variable
2018-06-27 17:01:22 -05:00
James Prestwood
5d31fc25d7
unit: updated unit test with eapol deauth removal
2018-06-27 16:45:53 -05:00
Denis Kenzior
7c0bc22b7c
unit: Update to the new API
2018-06-21 20:10:07 -05:00
Denis Kenzior
180a893c0c
unit: Update to the new EAP API
2018-06-14 20:01:22 -05:00
Denis Kenzior
736db5c27c
unit: update to the new API
2018-05-01 16:19:38 -05:00
Andrew Zaborowski
b1356680b7
unit: Update handshake_state_set_pmk parameters
2018-03-15 11:40:17 -05:00
Denis Kenzior
f91380c195
unit: Skip EAPoL tests when kernel features are missing
2018-01-23 15:50:35 -06:00
Denis Kenzior
a1f4a9901d
unit: Add EAPoL retransmission test
2017-10-19 16:47:35 -05:00
Denis Kenzior
23d9b4c089
unit: Only run tests if checksum is available
2017-06-01 16:30:14 -05:00
Andrew Zaborowski
e05bfc5f98
unit: Update tests to pass ETH_P_PAE to __eapol_rx_packet
2017-04-18 11:43:19 -05:00
Rahul Rahul
0453b4e52f
unit/test-eapol: fixed handshake frame in tls test
...
eapol_sm_test_tls was using an incorrect frame in
handshake_state_set_own_wpa.
2016-12-02 10:05:50 -06:00
Rahul Rahul
71932acd2d
unit/test-eapol: igtk test with mfp enabled
...
This is the first version of the test
2016-12-02 09:45:42 -06:00
Denis Kenzior
d26e224bfc
unit: Update to new eap_init API
2016-11-15 16:44:24 -06:00
Andrew Zaborowski
ea08bcd8fd
unit: Fix eapol TLS test after handshake_state changes
2016-11-14 11:20:20 -06:00
Andrew Zaborowski
f74e6f4261
unit: Update eapol test with eapol API changes
2016-11-03 10:24:12 -05:00
Andrew Zaborowski
955ba74d2d
unit: FT 4-Way Handshake eapol test
...
This also tests that the FT crypto functions work. For the record
these are the values of the intermediate keys in this test:
ANonce: 33 b2 74 a0 ae c9 e8 5d 61 11 8f 1b 6b 97 77 4e 5b 75 08 37 45
77 dc 14 08 a5 f1 80 c5 d2 e9 fd
SNonce: ac 1e b2 c7 0b 20 8c e6 0a e2 07 b2 38 9e 44 1f ff 39 86 3d 44
9f 81 24 6f e3 6e de 0f 1f 56 ce
PMK-R0: ad b8 81 bf 50 11 1c fd 0b 5c 87 23 42 bf 3b 54 3e 81 d6 3f 3e
18 cf 0a 8d 3d 85 4f d8 07 ad d5
PMKR0Name: cc 62 4a e8 6e 0c 85 25 06 02 22 15 f7 3d 0d 01
PMK-R1: 17 6a 37 92 25 28 72 9f 40 18 06 20 b4 2d 34 2a 7b 8d da 09 4c
a9 cf 84 bd 55 4a 39 bc 5d c1 61
PMKR1Name: de ce 50 a0 9e f0 8c 4e be f2 f1 db e9 67 b4 d4
KCK: e4 2d ee 98 f9 9d fb f8 32 9f 50 41 05 58 35 a2
KEK: 34 5e 22 4e 91 73 8a 97 dd c4 19 53 c5 c8 d7 29
TK: 7c ff bd 35 ce 11 c5 75 1d 4c c6 7a df c2 a2 78
PTKName: 31 e4 94 a6 96 a5 c3 7e 2f 33 9c 47 04 dc ae 05
2016-11-03 10:06:01 -05:00