/*
 *
 *  Wireless daemon for Linux
 *
 *  Copyright (C) 2015-2019  Intel Corporation. All rights reserved.
 *
 *  This library is free software; you can redistribute it and/or
 *  modify it under the terms of the GNU Lesser General Public
 *  License as published by the Free Software Foundation; either
 *  version 2.1 of the License, or (at your option) any later version.
 *
 *  This library is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 *  Lesser General Public License for more details.
 *
 *  You should have received a copy of the GNU Lesser General Public
 *  License along with this library; if not, write to the Free Software
 *  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA  02110-1301  USA
 *
 */

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif

#include <stdio.h>
#include <string.h>
#include <assert.h>
#include <stdlib.h>
#include <linux/if_ether.h>
#include <ell/ell.h>

#include "src/wscutil.h"
#include "src/eapol.h"
#include "src/eap.h"
#include "src/eap-wsc.h"
#include "src/crypto.h"
#include "src/util.h"
#include "src/mpdu.h"
#include "src/ie.h"
#include "src/handshake.h"

struct test_handshake_state {
	struct handshake_state super;
};

static void test_handshake_state_free(struct handshake_state *hs)
{
	struct test_handshake_state *ths =
			l_container_of(hs, struct test_handshake_state, super);

	l_free(ths);
}

static struct handshake_state *test_handshake_state_new(uint32_t ifindex)
{
	struct test_handshake_state *ths;

	ths = l_new(struct test_handshake_state, 1);

	ths->super.ifindex = ifindex;
	ths->super.free = test_handshake_state_free;

	return &ths->super;
}

static const unsigned char wsc_attrs1[] = {
	0x10, 0x4a, 0x00, 0x01, 0x10, 0x10, 0x44, 0x00, 0x01, 0x02, 0x10, 0x41,
	0x00, 0x01, 0x01, 0x10, 0x12, 0x00, 0x02, 0x00, 0x04, 0x10, 0x53, 0x00,
	0x02, 0x26, 0x88, 0x10, 0x3b, 0x00, 0x01, 0x03, 0x10, 0x47, 0x00, 0x10,
	0xc4, 0x4a, 0xad, 0x8d, 0x25, 0x2f, 0x52, 0xc6, 0xf9, 0x6b, 0x38, 0x5d,
	0xcb, 0x23, 0x31, 0xae, 0x10, 0x21, 0x00, 0x15, 0x41, 0x53, 0x55, 0x53,
	0x54, 0x65, 0x4b, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x75, 0x74, 0x65, 0x72,
	0x20, 0x49, 0x6e, 0x63, 0x2e, 0x10, 0x23, 0x00, 0x1c, 0x57, 0x69, 0x2d,
	0x46, 0x69, 0x20, 0x50, 0x72, 0x6f, 0x74, 0x65, 0x63, 0x74, 0x65, 0x64,
	0x20, 0x53, 0x65, 0x74, 0x75, 0x70, 0x20, 0x52, 0x6f, 0x75, 0x74, 0x65,
	0x72, 0x10, 0x24, 0x00, 0x08, 0x52, 0x54, 0x2d, 0x41, 0x43, 0x36, 0x38,
	0x55, 0x10, 0x42, 0x00, 0x11, 0x31, 0x30, 0x3a, 0x63, 0x33, 0x3a, 0x37,
	0x62, 0x3a, 0x35, 0x34, 0x3a, 0x37, 0x34, 0x3a, 0x64, 0x30, 0x10, 0x54,
	0x00, 0x08, 0x00, 0x06, 0x00, 0x50, 0xf2, 0x04, 0x00, 0x01, 0x10, 0x11,
	0x00, 0x08, 0x52, 0x54, 0x2d, 0x41, 0x43, 0x36, 0x38, 0x55, 0x10, 0x08,
	0x00, 0x02, 0x20, 0x08, 0x10, 0x3c, 0x00, 0x01, 0x03, 0x10, 0x49, 0x00,
	0x0e, 0x00, 0x37, 0x2a, 0x00, 0x01, 0x20, 0x01, 0x06, 0xff, 0xff, 0xff,
	0xff, 0xff, 0xff,
};

static void wsc_test_iter_sanity_check(const void *data)
{
	struct wsc_attr_iter iter;
	struct wsc_wfa_ext_iter wfa_iter;

	wsc_attr_iter_init(&iter, wsc_attrs1, sizeof(wsc_attrs1));

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_VERSION);
	assert(wsc_attr_iter_get_length(&iter) == 1);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_WSC_STATE);
	assert(wsc_attr_iter_get_length(&iter) == 1);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_SELECTED_REGISTRAR);
	assert(wsc_attr_iter_get_length(&iter) == 1);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_DEVICE_PASSWORD_ID);
	assert(wsc_attr_iter_get_length(&iter) == 2);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) ==
			WSC_ATTR_SELECTED_REGISTRAR_CONFIGURATION_METHODS);
	assert(wsc_attr_iter_get_length(&iter) == 2);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_RESPONSE_TYPE);
	assert(wsc_attr_iter_get_length(&iter) == 1);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_UUID_E);
	assert(wsc_attr_iter_get_length(&iter) == 16);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_MANUFACTURER);
	assert(wsc_attr_iter_get_length(&iter) == 21);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_MODEL_NAME);
	assert(wsc_attr_iter_get_length(&iter) == 28);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_MODEL_NUMBER);
	assert(wsc_attr_iter_get_length(&iter) == 8);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_SERIAL_NUMBER);
	assert(wsc_attr_iter_get_length(&iter) == 17);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_PRIMARY_DEVICE_TYPE);
	assert(wsc_attr_iter_get_length(&iter) == 8);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_DEVICE_NAME);
	assert(wsc_attr_iter_get_length(&iter) == 8);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_CONFIGURATION_METHODS);
	assert(wsc_attr_iter_get_length(&iter) == 2);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_RF_BANDS);
	assert(wsc_attr_iter_get_length(&iter) == 1);

	assert(wsc_attr_iter_next(&iter));
	assert(wsc_attr_iter_get_type(&iter) == WSC_ATTR_VENDOR_EXTENSION);
	assert(wsc_attr_iter_get_length(&iter) == 14);

	assert(wsc_attr_iter_recurse_wfa_ext(&iter, &wfa_iter));

	assert(wsc_wfa_ext_iter_next(&wfa_iter));
	assert(wsc_wfa_ext_iter_get_type(&wfa_iter) ==
			WSC_WFA_EXTENSION_VERSION2);
	assert(wsc_wfa_ext_iter_get_length(&wfa_iter) == 1);

	assert(wsc_wfa_ext_iter_next(&wfa_iter));
	assert(wsc_wfa_ext_iter_get_type(&wfa_iter) ==
			WSC_WFA_EXTENSION_AUTHORIZED_MACS);
	assert(wsc_wfa_ext_iter_get_length(&wfa_iter) == 6);

	assert(!wsc_attr_iter_next(&iter));
}


static const unsigned char beacon1[] = {
	0x10, 0x4a, 0x00, 0x01, 0x10, 0x10, 0x44, 0x00, 0x01, 0x02, 0x10, 0x49,
	0x00, 0x06, 0x00, 0x37, 0x2a, 0x00, 0x01, 0x20
};

struct beacon_data {
	struct wsc_beacon expected;
	const void *pdu;
	unsigned int len;
};

static const struct beacon_data beacon_data_1 = {
	.pdu = beacon1,
	.len = sizeof(beacon1),
	.expected = {
		.version2 = true,
		.state = WSC_STATE_CONFIGURED,
		.ap_setup_locked = false,
		.selected_registrar = false,
	},
};

static void wsc_test_parse_beacon(const void *data)
{
	const struct beacon_data *test = data;
	struct wsc_beacon beacon;
	const struct wsc_beacon *expected = &test->expected;
	int r;

	r = wsc_parse_beacon(test->pdu, test->len, &beacon);
	assert(r == 0);

	assert(expected->version2 == beacon.version2);
	assert(expected->state == beacon.state);
	assert(expected->ap_setup_locked == beacon.ap_setup_locked);
	assert(expected->selected_registrar == beacon.selected_registrar);
	assert(expected->device_password_id == beacon.device_password_id);
	assert(expected->selected_reg_config_methods ==
				beacon.selected_reg_config_methods);
	assert(!memcmp(expected->uuid_e, beacon.uuid_e, 16));
	assert(expected->rf_bands == beacon.rf_bands);

	assert(!memcmp(expected->authorized_macs,
				beacon.authorized_macs,
				sizeof(beacon.authorized_macs)));
	assert(expected->reg_config_methods ==
				beacon.reg_config_methods);
}

struct probe_response_data {
	struct wsc_probe_response expected;
	const void *pdu;
	unsigned int len;
};

static const struct probe_response_data probe_response_data_1 = {
	.pdu = wsc_attrs1,
	.len = sizeof(wsc_attrs1),
	.expected = {
		.version2 = true,
		.state = WSC_STATE_CONFIGURED,
		.ap_setup_locked = false,
		.selected_registrar = true,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.selected_reg_config_methods =
				WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_VIRTUAL_PUSH_BUTTON |
				WSC_CONFIGURATION_METHOD_PHYSICAL_PUSH_BUTTON,
		.response_type = WSC_RESPONSE_TYPE_AP,
		.uuid_e = { 0xc4, 0x4a, 0xad, 0x8d, 0x25, 0x2f, 0x52, 0xc6,
			0xf9, 0x6b, 0x38, 0x5d, 0xcb, 0x23, 0x31, 0xae },
		.manufacturer = "ASUSTeK Computer Inc.",
		.model_name = "Wi-Fi Protected Setup Router",
		.model_number = "RT-AC68U",
		.serial_number = "10:c3:7b:54:74:d0",
		.primary_device_type = {
			.category = 6,
			.oui = { 0x00, 0x50, 0xf2 },
			.oui_type = 0x04,
			.subcategory = 1, },
		.device_name = "RT-AC68U",
		.config_methods = WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN,
		.rf_bands = WSC_RF_BAND_2_4_GHZ | WSC_RF_BAND_5_0_GHZ,
		.authorized_macs = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, },
	},
};

static void wsc_test_parse_probe_response(const void *data)
{
	const struct probe_response_data *test = data;
	struct wsc_probe_response probe_response;
	const struct wsc_probe_response *expected = &test->expected;
	int r;

	r = wsc_parse_probe_response(test->pdu, test->len, &probe_response);
	assert(r == 0);

	assert(expected->version2 == probe_response.version2);
	assert(expected->state == probe_response.state);
	assert(expected->ap_setup_locked == probe_response.ap_setup_locked);
	assert(expected->selected_registrar ==
					probe_response.selected_registrar);
	assert(expected->device_password_id ==
					probe_response.device_password_id);
	assert(expected->selected_reg_config_methods ==
				probe_response.selected_reg_config_methods);
	assert(expected->response_type == probe_response.response_type);
	assert(!memcmp(expected->uuid_e, probe_response.uuid_e, 16));
	assert(!strcmp(expected->manufacturer, probe_response.manufacturer));
	assert(!strcmp(expected->model_name, probe_response.model_name));
	assert(!strcmp(expected->model_number, probe_response.model_number));
	assert(!strcmp(expected->serial_number, probe_response.serial_number));

	assert(expected->primary_device_type.category ==
				probe_response.primary_device_type.category);
	assert(!memcmp(expected->primary_device_type.oui,
				probe_response.primary_device_type.oui, 3));
	assert(expected->primary_device_type.oui_type ==
				probe_response.primary_device_type.oui_type);
	assert(expected->primary_device_type.subcategory ==
				probe_response.primary_device_type.subcategory);

	assert(!strcmp(expected->device_name, probe_response.device_name));
	assert(expected->config_methods == probe_response.config_methods);
	assert(expected->rf_bands == probe_response.rf_bands);

	assert(!memcmp(expected->authorized_macs,
				probe_response.authorized_macs,
				sizeof(probe_response.authorized_macs)));
	assert(expected->reg_config_methods ==
				probe_response.reg_config_methods);
}

static const unsigned char probe_request1[] = {
	0x10, 0x4a, 0x00, 0x01, 0x10, 0x10, 0x3a, 0x00, 0x01, 0x01, 0x10, 0x08,
	0x00, 0x02, 0x21, 0x48, 0x10, 0x47, 0x00, 0x10, 0x79, 0x0c, 0x1f, 0x80,
	0x4f, 0x2b, 0x52, 0xb7, 0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d,
	0x10, 0x54, 0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
	0x10, 0x3c, 0x00, 0x01, 0x03, 0x10, 0x02, 0x00, 0x02, 0x00, 0x00, 0x10,
	0x09, 0x00, 0x02, 0x00, 0x00, 0x10, 0x12, 0x00, 0x02, 0x00, 0x04, 0x10,
	0x21, 0x00, 0x01, 0x20, 0x10, 0x23, 0x00, 0x01, 0x20, 0x10, 0x24, 0x00,
	0x01, 0x20, 0x10, 0x11, 0x00, 0x01, 0x20, 0x10, 0x49, 0x00, 0x09, 0x00,
	0x37, 0x2a, 0x00, 0x01, 0x20, 0x03, 0x01, 0x01,
};

struct probe_request_data {
	struct wsc_probe_request expected;
	const void *pdu;
	unsigned int len;
};

static const struct probe_request_data probe_request_data_1 = {
	.pdu = probe_request1,
	.len = sizeof(probe_request1),
	.expected = {
		.version2 = true,
		.request_type = WSC_REQUEST_TYPE_ENROLLEE_OPEN_8021X,
		.config_methods =
				WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_NFC_INTERFACE |
				WSC_CONFIGURATION_METHOD_KEYPAD,
		.uuid_e = { 0x79, 0x0c, 0x1f, 0x80, 0x4f, 0x2b, 0x52, 0xb7,
			0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d },
		.primary_device_type = {
			.category = 0,
			.oui = { 0x00, 0x00, 0x00 },
			.oui_type = 0x00,
			.subcategory = 0, },
		.rf_bands = WSC_RF_BAND_2_4_GHZ | WSC_RF_BAND_5_0_GHZ,
		.association_state = WSC_ASSOCIATION_STATE_NOT_ASSOCIATED,
		.configuration_error = WSC_CONFIGURATION_ERROR_NO_ERROR,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.manufacturer = " ",
		.model_name = " ",
		.model_number = " ",
		.device_name = " ",
		.request_to_enroll = true,
	},
};

static void wsc_test_parse_probe_request(const void *data)
{
	const struct probe_request_data *test = data;
	struct wsc_probe_request probe_request;
	const struct wsc_probe_request *expected = &test->expected;
	int r;

	r = wsc_parse_probe_request(test->pdu, test->len, &probe_request);
	assert(r == 0);

	assert(expected->version2 == probe_request.version2);
	assert(expected->request_type == probe_request.request_type);

	assert(expected->config_methods == probe_request.config_methods);
	assert(!memcmp(expected->uuid_e, probe_request.uuid_e, 16));

	assert(expected->primary_device_type.category ==
				probe_request.primary_device_type.category);
	assert(!memcmp(expected->primary_device_type.oui,
				probe_request.primary_device_type.oui, 3));
	assert(expected->primary_device_type.oui_type ==
				probe_request.primary_device_type.oui_type);
	assert(expected->primary_device_type.subcategory ==
				probe_request.primary_device_type.subcategory);

	assert(expected->rf_bands == probe_request.rf_bands);
	assert(expected->association_state == probe_request.association_state);
	assert(expected->configuration_error ==
				probe_request.configuration_error);
	assert(expected->device_password_id ==
					probe_request.device_password_id);

	assert(!strcmp(expected->manufacturer, probe_request.manufacturer));
	assert(!strcmp(expected->model_name, probe_request.model_name));
	assert(!strcmp(expected->model_number, probe_request.model_number));
	assert(!strcmp(expected->device_name, probe_request.device_name));

	assert(expected->request_to_enroll == probe_request.request_to_enroll);

	assert(expected->requested_device_type.category ==
				probe_request.requested_device_type.category);
	assert(!memcmp(expected->requested_device_type.oui,
				probe_request.requested_device_type.oui, 3));
	assert(expected->requested_device_type.oui_type ==
				probe_request.requested_device_type.oui_type);
	assert(expected->requested_device_type.subcategory ==
			probe_request.requested_device_type.subcategory);
}

static void wsc_test_build_probe_request(const void *data)
{
	const struct probe_request_data *test = data;
	uint8_t *pr;
	size_t prlen;

	pr = wsc_build_probe_request(&test->expected, &prlen);
	assert(pr);

	assert(!memcmp(test->pdu, pr, test->len));

	l_free(pr);
}

struct uuid_from_addr_data {
	uint8_t addr[6];
	uint8_t expected_uuid[16];
};

static const struct uuid_from_addr_data uuid_from_addr_data_1 = {
	.addr = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 },
	.expected_uuid = { 0x79, 0x0c, 0x1f, 0x80, 0x4f, 0x2b, 0x52, 0xb7,
			0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d },
};

static void wsc_test_uuid_from_addr(const void *data)
{
	const struct uuid_from_addr_data *test = data;
	uint8_t uuid[16];

	assert(wsc_uuid_from_addr(test->addr, uuid));

	assert(!memcmp(test->expected_uuid, uuid, 16));
}

static const unsigned char dh_private_key_1[] = {
	0x4b, 0x5e, 0x01, 0xfa, 0x2b, 0xd4, 0x91, 0xac, 0x34, 0x04, 0x28, 0xfb,
	0xe2, 0x5d, 0x06, 0x2d, 0x1a, 0xe7, 0x6c, 0xd0, 0xa3, 0x9d, 0x4a, 0x27,
	0x24, 0x51, 0x79, 0xdc, 0xa7, 0x47, 0x24, 0x1d, 0x19, 0x26, 0x9e, 0xb8,
	0xa0, 0x6e, 0xd9, 0x7e, 0x07, 0x4e, 0x02, 0xe1, 0xb2, 0x4e, 0x31, 0x12,
	0xa2, 0xc1, 0x41, 0x73, 0x6a, 0x43, 0xe2, 0x0e, 0xc8, 0xec, 0xb7, 0x41,
	0xdc, 0x25, 0x4c, 0x30, 0xd0, 0x3f, 0xa7, 0x97, 0x9f, 0x2e, 0xdc, 0x59,
	0x0d, 0x7a, 0x24, 0xcb, 0x1b, 0xc2, 0x8d, 0x30, 0xc5, 0x04, 0xc3, 0x50,
	0x61, 0xa7, 0xd2, 0xbd, 0x79, 0xb3, 0xec, 0xd2, 0xf5, 0x10, 0x20, 0x32,
	0x0c, 0x7a, 0xfd, 0x0c, 0xde, 0x07, 0x22, 0x94, 0x2d, 0x42, 0x16, 0xc8,
	0xa7, 0x17, 0x70, 0x16, 0x46, 0x72, 0xaa, 0xb5, 0xa7, 0xdc, 0xc0, 0xee,
	0x7d, 0xe8, 0x36, 0x0b, 0xba, 0x04, 0xd5, 0x5c, 0x5d, 0x40, 0x65, 0x58,
	0xd8, 0xe8, 0x9a, 0x27, 0xd2, 0xb3, 0x39, 0x2a, 0xe7, 0xfc, 0x16, 0x59,
	0xc6, 0x6c, 0x2f, 0xad, 0x6f, 0xd2, 0x0d, 0xf4, 0xb0, 0x8b, 0xdf, 0x9a,
	0x88, 0x84, 0xf9, 0x2a, 0xc4, 0x64, 0xb7, 0xb5, 0xe0, 0xf7, 0x3a, 0x8a,
	0xeb, 0xd0, 0xde, 0xad, 0x1b, 0x0a, 0x44, 0xf2, 0x6f, 0xf5, 0xce, 0x8c,
	0x70, 0xd6, 0x67, 0x1b, 0xb2, 0xa5, 0x9f, 0xeb, 0x63, 0x7f, 0x21, 0xdc,
};

static const unsigned char dh_public_key_1[] = {
	0xb2, 0xfc, 0xd6, 0x4f, 0xf6, 0x71, 0x5a, 0x33, 0x84, 0x60, 0x4a, 0xe8,
	0x2c, 0x1e, 0x55, 0x4a, 0xdb, 0xd5, 0x18, 0x17, 0x91, 0xa6, 0xf5, 0x70,
	0xcd, 0x23, 0xd7, 0x12, 0x6e, 0x4c, 0xaf, 0x27, 0x9a, 0x4e, 0xf5, 0x37,
	0xea, 0x8f, 0x03, 0xc9, 0x0e, 0x79, 0xc5, 0x8d, 0x37, 0xf8, 0xfb, 0x11,
	0xa1, 0x39, 0x19, 0x9b, 0x5a, 0x3a, 0x66, 0x36, 0x6d, 0xfb, 0xae, 0xed,
	0xfc, 0xa5, 0x90, 0xcb, 0xb3, 0xe1, 0xd5, 0x92, 0x2e, 0xe9, 0x99, 0xbd,
	0x0b, 0x93, 0x82, 0x57, 0xe1, 0xbd, 0x70, 0x17, 0xa7, 0x78, 0x7a, 0x0a,
	0xff, 0x42, 0x06, 0x95, 0x2c, 0x0b, 0x6c, 0x1a, 0x6b, 0x2f, 0x6b, 0xed,
	0x42, 0xa5, 0x60, 0x8a, 0xb0, 0xb5, 0x79, 0x1b, 0xa9, 0xe6, 0x15, 0x17,
	0xa3, 0x6c, 0xe9, 0x84, 0xb3, 0x77, 0x48, 0x9b, 0x7a, 0x4d, 0x04, 0xf6,
	0xb8, 0x27, 0xe5, 0x0c, 0xcb, 0x76, 0xfc, 0x3c, 0x65, 0x49, 0xd7, 0x28,
	0x06, 0x8d, 0x99, 0x18, 0x0f, 0xa7, 0x35, 0xb2, 0x9d, 0x15, 0x35, 0x51,
	0xea, 0x83, 0xb6, 0x4d, 0x14, 0xb0, 0x21, 0xa4, 0x82, 0x1f, 0xb8, 0x73,
	0x2b, 0x15, 0x1d, 0x48, 0x99, 0x9f, 0x32, 0x2c, 0xe1, 0xe1, 0xab, 0x66,
	0x3f, 0xb4, 0x40, 0x79, 0xe8, 0x96, 0xe1, 0x9d, 0x54, 0x8b, 0xb6, 0x7f,
	0x1a, 0x5b, 0x5f, 0x09, 0x9f, 0x40, 0xa7, 0x8b, 0xc8, 0xf6, 0x27, 0x80,
};

static const unsigned char dh_private_key_2[] = {
	0x45, 0x2d, 0x9c, 0x56, 0x48, 0xe0, 0xe2, 0x35, 0x6b, 0x47, 0x04, 0x08,
	0x47, 0xf6, 0x3a, 0x8a, 0xa8, 0x65, 0xff, 0xf8, 0x7c, 0x55, 0x16, 0xf4,
	0xf6, 0x11, 0xcd, 0xb8, 0xc6, 0x2c, 0x5f, 0x94, 0x04, 0xdc, 0x69, 0x47,
	0xd0, 0x9c, 0x8d, 0x78, 0x18, 0xd9, 0xab, 0x51, 0xf6, 0xb4, 0x81, 0xec,
	0xd8, 0x4d, 0x61, 0xfe, 0xda, 0x78, 0x9c, 0x95, 0xa1, 0x91, 0xe3, 0x52,
	0x1d, 0x03, 0xdd, 0x70, 0x2f, 0x83, 0x3e, 0x9c, 0xc4, 0x7f, 0x1a, 0x6f,
	0x91, 0xeb, 0xc9, 0x2c, 0xbf, 0xfa, 0x4d, 0x1e, 0xb7, 0x5f, 0x70, 0x72,
	0x92, 0x73, 0xed, 0x28, 0xd5, 0xdc, 0x4b, 0x0d, 0xc2, 0xa6, 0x2b, 0xdf,
	0x2f, 0xdf, 0xf7, 0x16, 0xff, 0xf6, 0x68, 0x63, 0x68, 0xde, 0x72, 0x8a,
	0x9c, 0x67, 0x8e, 0xb7, 0xd9, 0xb1, 0xe9, 0x03, 0x6d, 0xb7, 0xcb, 0xcd,
	0x93, 0x0c, 0x7b, 0x59, 0x26, 0x62, 0xa1, 0x04, 0x41, 0x8d, 0xc7, 0xc3,
	0x02, 0xbf, 0x8c, 0xcf, 0x93, 0x7d, 0xd0, 0xd8, 0x26, 0x19, 0x41, 0x04,
	0x92, 0x4e, 0x4f, 0x11, 0x88, 0x72, 0x78, 0x8b, 0x6d, 0x22, 0x62, 0xdf,
	0x80, 0xd3, 0x79, 0xf5, 0xa5, 0xfa, 0xee, 0xc6, 0x9e, 0xee, 0x4b, 0x94,
	0xd2, 0x77, 0x1e, 0x71, 0xf6, 0xc2, 0x5f, 0xbb, 0xb7, 0xff, 0xcd, 0x49,
	0x1a, 0x80, 0xc3, 0xf8, 0x3f, 0xb4, 0x02, 0x38, 0x84, 0x06, 0xd1, 0xc0,
};

static const unsigned char dh_public_key_2[] = {
	0x42, 0x76, 0x1f, 0xac, 0x65, 0x7b, 0x25, 0xd3, 0x59, 0xe8, 0x5d, 0xde,
	0x22, 0xb1, 0x74, 0x39, 0x7d, 0x0d, 0x6c, 0x56, 0xc9, 0x4f, 0xfc, 0xf2,
	0x1f, 0xd0, 0x4f, 0x70, 0xe9, 0xd5, 0x5c, 0xb6, 0x79, 0x07, 0x54, 0xb6,
	0x8e, 0x67, 0xe1, 0xb5, 0x35, 0x18, 0xc0, 0xe3, 0x36, 0xf9, 0x58, 0x15,
	0x3f, 0x4e, 0xed, 0x74, 0xb5, 0x46, 0xd4, 0x2f, 0x30, 0x22, 0xb2, 0xe1,
	0xa9, 0x4d, 0xf6, 0x3a, 0x00, 0x22, 0x34, 0xf0, 0x14, 0xc5, 0xa3, 0x53,
	0x28, 0x78, 0x91, 0x46, 0x1e, 0x80, 0x3d, 0x7e, 0x41, 0x4a, 0x44, 0x3a,
	0xd0, 0x83, 0x7e, 0xcf, 0xa4, 0x31, 0x0e, 0x0c, 0xfc, 0xcd, 0x63, 0x37,
	0x05, 0x8b, 0x7f, 0x0d, 0x65, 0xef, 0x52, 0x58, 0xb9, 0x9e, 0xb2, 0xfc,
	0x77, 0x7b, 0xdb, 0x79, 0x17, 0x3d, 0xb2, 0x84, 0x4a, 0xaf, 0x09, 0x93,
	0x1c, 0x45, 0x9d, 0x0a, 0x9f, 0xb9, 0x64, 0xec, 0x6f, 0x66, 0x01, 0x49,
	0xb6, 0x00, 0xf7, 0xff, 0x85, 0x4d, 0xa8, 0x60, 0x07, 0xf6, 0x33, 0x1f,
	0xe6, 0x48, 0x9e, 0x71, 0x88, 0x60, 0x88, 0x02, 0xbb, 0x1d, 0x07, 0x68,
	0x7a, 0xa0, 0xfa, 0x4f, 0xfb, 0x42, 0xde, 0x6f, 0x8e, 0x4e, 0x4a, 0xa8,
	0xa7, 0xd3, 0x5d, 0xcb, 0x38, 0x47, 0x16, 0xb6, 0xea, 0x99, 0x9f, 0x7d,
	0xf6, 0xcd, 0xd4, 0xe4, 0x5f, 0x9f, 0xb5, 0xb6, 0x61, 0x9d, 0x42, 0x78,
};

struct dh_generate_pubkey_test {
	const uint8_t *private_key;
	uint32_t private_key_size;
	const uint8_t *public_key;
	uint32_t public_key_size;
};

static const struct dh_generate_pubkey_test dh_generate_pubkey_test_data_1 = {
	.private_key = dh_private_key_1,
	.private_key_size = sizeof(dh_private_key_1),
	.public_key = dh_public_key_1,
	.public_key_size = sizeof(dh_public_key_1),
};

static const struct dh_generate_pubkey_test dh_generate_pubkey_test_data_2 = {
	.private_key = dh_private_key_2,
	.private_key_size = sizeof(dh_private_key_2),
	.public_key = dh_public_key_2,
	.public_key_size = sizeof(dh_public_key_2),
};

static void wsc_test_dh_generate_pubkey(const void *data)
{
	const struct dh_generate_pubkey_test *test = data;
	struct l_key *private;
	struct l_key *generator;
	struct l_key *prime;
	uint8_t public_key[test->private_key_size];
	size_t len;

	memset(public_key, 0, sizeof(public_key));

	generator = l_key_new(L_KEY_RAW, crypto_dh5_generator,
						crypto_dh5_generator_size);
	assert(generator);

	prime = l_key_new(L_KEY_RAW, crypto_dh5_prime, crypto_dh5_prime_size);
	assert(prime);

	private = l_key_new(L_KEY_RAW, test->private_key,
						test->private_key_size);
	assert(private);

	len = test->private_key_size;
	assert(l_key_compute_dh_public(generator, private, prime,
							public_key, &len));
	assert(len == test->public_key_size);
	assert(!memcmp(public_key, test->public_key, test->public_key_size));

	l_key_free(prime);
	l_key_free(generator);
	l_key_free(private);
}

static const unsigned char eap_wsc_m1_1[] = {
	0x01, 0x00, 0x01, 0x78, 0x02, 0x01, 0x01, 0x78, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x04, 0x10, 0x47, 0x00, 0x10, 0x79, 0x0c, 0x1f, 0x80,
	0x4f, 0x2b, 0x52, 0xb7, 0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d,
	0x10, 0x20, 0x00, 0x06, 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9, 0x10, 0x1a,
	0x00, 0x10, 0xab, 0x84, 0x41, 0x2f, 0xe7, 0xc3, 0xc9, 0xc9, 0xd7, 0xf4,
	0xe8, 0xc1, 0x4f, 0x49, 0x2b, 0x79, 0x10, 0x32, 0x00, 0xc0, 0xb2, 0xfc,
	0xd6, 0x4f, 0xf6, 0x71, 0x5a, 0x33, 0x84, 0x60, 0x4a, 0xe8, 0x2c, 0x1e,
	0x55, 0x4a, 0xdb, 0xd5, 0x18, 0x17, 0x91, 0xa6, 0xf5, 0x70, 0xcd, 0x23,
	0xd7, 0x12, 0x6e, 0x4c, 0xaf, 0x27, 0x9a, 0x4e, 0xf5, 0x37, 0xea, 0x8f,
	0x03, 0xc9, 0x0e, 0x79, 0xc5, 0x8d, 0x37, 0xf8, 0xfb, 0x11, 0xa1, 0x39,
	0x19, 0x9b, 0x5a, 0x3a, 0x66, 0x36, 0x6d, 0xfb, 0xae, 0xed, 0xfc, 0xa5,
	0x90, 0xcb, 0xb3, 0xe1, 0xd5, 0x92, 0x2e, 0xe9, 0x99, 0xbd, 0x0b, 0x93,
	0x82, 0x57, 0xe1, 0xbd, 0x70, 0x17, 0xa7, 0x78, 0x7a, 0x0a, 0xff, 0x42,
	0x06, 0x95, 0x2c, 0x0b, 0x6c, 0x1a, 0x6b, 0x2f, 0x6b, 0xed, 0x42, 0xa5,
	0x60, 0x8a, 0xb0, 0xb5, 0x79, 0x1b, 0xa9, 0xe6, 0x15, 0x17, 0xa3, 0x6c,
	0xe9, 0x84, 0xb3, 0x77, 0x48, 0x9b, 0x7a, 0x4d, 0x04, 0xf6, 0xb8, 0x27,
	0xe5, 0x0c, 0xcb, 0x76, 0xfc, 0x3c, 0x65, 0x49, 0xd7, 0x28, 0x06, 0x8d,
	0x99, 0x18, 0x0f, 0xa7, 0x35, 0xb2, 0x9d, 0x15, 0x35, 0x51, 0xea, 0x83,
	0xb6, 0x4d, 0x14, 0xb0, 0x21, 0xa4, 0x82, 0x1f, 0xb8, 0x73, 0x2b, 0x15,
	0x1d, 0x48, 0x99, 0x9f, 0x32, 0x2c, 0xe1, 0xe1, 0xab, 0x66, 0x3f, 0xb4,
	0x40, 0x79, 0xe8, 0x96, 0xe1, 0x9d, 0x54, 0x8b, 0xb6, 0x7f, 0x1a, 0x5b,
	0x5f, 0x09, 0x9f, 0x40, 0xa7, 0x8b, 0xc8, 0xf6, 0x27, 0x80, 0x10, 0x04,
	0x00, 0x02, 0x00, 0x23, 0x10, 0x10, 0x00, 0x02, 0x00, 0x0d, 0x10, 0x0d,
	0x00, 0x01, 0x01, 0x10, 0x08, 0x00, 0x02, 0x21, 0x48, 0x10, 0x44, 0x00,
	0x01, 0x01, 0x10, 0x21, 0x00, 0x01, 0x20, 0x10, 0x23, 0x00, 0x01, 0x20,
	0x10, 0x24, 0x00, 0x01, 0x20, 0x10, 0x42, 0x00, 0x01, 0x20, 0x10, 0x54,
	0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11,
	0x00, 0x01, 0x20, 0x10, 0x3c, 0x00, 0x01, 0x02, 0x10, 0x02, 0x00, 0x02,
	0x00, 0x00, 0x10, 0x12, 0x00, 0x02, 0x00, 0x04, 0x10, 0x09, 0x00, 0x02,
	0x00, 0x00, 0x10, 0x2d, 0x00, 0x04, 0x80, 0x00, 0x00, 0x00, 0x10, 0x49,
	0x00, 0x06, 0x00, 0x37, 0x2a, 0x00, 0x01, 0x20,
};

static const unsigned char eap_wsc_m1_2[] = {
	0x01, 0x00, 0x01, 0x78, 0x02, 0x01, 0x01, 0x78, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x04, 0x10, 0x47, 0x00, 0x10, 0x79, 0x0c, 0x1f, 0x80,
	0x4f, 0x2b, 0x52, 0xb7, 0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d,
	0x10, 0x20, 0x00, 0x06, 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9, 0x10, 0x1a,
	0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07,
	0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43, 0x10, 0x32, 0x00, 0xc0, 0x42, 0x76,
	0x1f, 0xac, 0x65, 0x7b, 0x25, 0xd3, 0x59, 0xe8, 0x5d, 0xde, 0x22, 0xb1,
	0x74, 0x39, 0x7d, 0x0d, 0x6c, 0x56, 0xc9, 0x4f, 0xfc, 0xf2, 0x1f, 0xd0,
	0x4f, 0x70, 0xe9, 0xd5, 0x5c, 0xb6, 0x79, 0x07, 0x54, 0xb6, 0x8e, 0x67,
	0xe1, 0xb5, 0x35, 0x18, 0xc0, 0xe3, 0x36, 0xf9, 0x58, 0x15, 0x3f, 0x4e,
	0xed, 0x74, 0xb5, 0x46, 0xd4, 0x2f, 0x30, 0x22, 0xb2, 0xe1, 0xa9, 0x4d,
	0xf6, 0x3a, 0x00, 0x22, 0x34, 0xf0, 0x14, 0xc5, 0xa3, 0x53, 0x28, 0x78,
	0x91, 0x46, 0x1e, 0x80, 0x3d, 0x7e, 0x41, 0x4a, 0x44, 0x3a, 0xd0, 0x83,
	0x7e, 0xcf, 0xa4, 0x31, 0x0e, 0x0c, 0xfc, 0xcd, 0x63, 0x37, 0x05, 0x8b,
	0x7f, 0x0d, 0x65, 0xef, 0x52, 0x58, 0xb9, 0x9e, 0xb2, 0xfc, 0x77, 0x7b,
	0xdb, 0x79, 0x17, 0x3d, 0xb2, 0x84, 0x4a, 0xaf, 0x09, 0x93, 0x1c, 0x45,
	0x9d, 0x0a, 0x9f, 0xb9, 0x64, 0xec, 0x6f, 0x66, 0x01, 0x49, 0xb6, 0x00,
	0xf7, 0xff, 0x85, 0x4d, 0xa8, 0x60, 0x07, 0xf6, 0x33, 0x1f, 0xe6, 0x48,
	0x9e, 0x71, 0x88, 0x60, 0x88, 0x02, 0xbb, 0x1d, 0x07, 0x68, 0x7a, 0xa0,
	0xfa, 0x4f, 0xfb, 0x42, 0xde, 0x6f, 0x8e, 0x4e, 0x4a, 0xa8, 0xa7, 0xd3,
	0x5d, 0xcb, 0x38, 0x47, 0x16, 0xb6, 0xea, 0x99, 0x9f, 0x7d, 0xf6, 0xcd,
	0xd4, 0xe4, 0x5f, 0x9f, 0xb5, 0xb6, 0x61, 0x9d, 0x42, 0x78, 0x10, 0x04,
	0x00, 0x02, 0x00, 0x23, 0x10, 0x10, 0x00, 0x02, 0x00, 0x0d, 0x10, 0x0d,
	0x00, 0x01, 0x01, 0x10, 0x08, 0x00, 0x02, 0x21, 0x48, 0x10, 0x44, 0x00,
	0x01, 0x01, 0x10, 0x21, 0x00, 0x01, 0x20, 0x10, 0x23, 0x00, 0x01, 0x20,
	0x10, 0x24, 0x00, 0x01, 0x20, 0x10, 0x42, 0x00, 0x01, 0x20, 0x10, 0x54,
	0x00, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x11,
	0x00, 0x01, 0x20, 0x10, 0x3c, 0x00, 0x01, 0x01, 0x10, 0x02, 0x00, 0x02,
	0x00, 0x00, 0x10, 0x12, 0x00, 0x02, 0x00, 0x04, 0x10, 0x09, 0x00, 0x02,
	0x00, 0x00, 0x10, 0x2d, 0x00, 0x04, 0x80, 0x00, 0x00, 0x00, 0x10, 0x49,
	0x00, 0x06, 0x00, 0x37, 0x2a, 0x00, 0x01, 0x20,
};

struct m1_data {
	struct wsc_m1 expected;
	const void *pdu;
	unsigned int len;
	const uint8_t *private_key;
	uint32_t private_key_size;
	const uint8_t *public_key;
	uint32_t public_key_size;
};

static const struct m1_data m1_data_1 = {
	.pdu = eap_wsc_m1_1 + 18,
	.len = sizeof(eap_wsc_m1_1) - 18,
	.expected = {
		.version2 = true,
		.uuid_e = { 0x79, 0x0c, 0x1f, 0x80, 0x4f, 0x2b, 0x52, 0xb7,
			0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d },
		.addr = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 },
		.enrollee_nonce = { 0xab, 0x84, 0x41, 0x2f, 0xe7, 0xc3, 0xc9,
					0xc9, 0xd7, 0xf4, 0xe8, 0xc1, 0x4f,
					0x49, 0x2b, 0x79 },
		.public_key = { }, /* Tested elsewhere */
		.auth_type_flags =
			WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL |
			WSC_AUTHENTICATION_TYPE_WPA_PERSONAL |
			WSC_AUTHENTICATION_TYPE_OPEN,
		.encryption_type_flags = WSC_ENCRYPTION_TYPE_AES_TKIP |
						WSC_ENCRYPTION_TYPE_NONE,
		.connection_type_flags = WSC_CONNECTION_TYPE_ESS,
		.config_methods = WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_KEYPAD |
				WSC_CONFIGURATION_METHOD_DISPLAY |
				WSC_CONFIGURATION_METHOD_NFC_INTERFACE,
		.state = WSC_STATE_NOT_CONFIGURED,
		.manufacturer = " ",
		.model_name = " ",
		.model_number = " ",
		.serial_number = " ",
		.primary_device_type = {
			.category = 0,
			.oui = { 0x00, 0x00, 0x00 },
			.oui_type = 0x00,
			.subcategory = 0, },
		.device_name = " ",
		.rf_bands = WSC_RF_BAND_5_0_GHZ,
		.association_state = WSC_ASSOCIATION_STATE_NOT_ASSOCIATED,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.configuration_error = WSC_CONFIGURATION_ERROR_NO_ERROR,
		.os_version = 0,
		.request_to_enroll = false,
	},
	.private_key = dh_private_key_1,
	.private_key_size = sizeof(dh_private_key_1),
	.public_key = dh_public_key_1,
	.public_key_size = sizeof(dh_public_key_1),
};

static const struct m1_data m1_data_2 = {
	.pdu = eap_wsc_m1_2 + 18,
	.len = sizeof(eap_wsc_m1_2) - 18,
	.expected = {
		.version2 = true,
		.uuid_e = { 0x79, 0x0c, 0x1f, 0x80, 0x4f, 0x2b, 0x52, 0xb7,
			0xbe, 0x30, 0xc0, 0xe9, 0x72, 0x92, 0x08, 0x8d },
		.addr = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 },
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.public_key = { }, /* Tested elsewhere */
		.auth_type_flags =
			WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL |
			WSC_AUTHENTICATION_TYPE_WPA_PERSONAL |
			WSC_AUTHENTICATION_TYPE_OPEN,
		.encryption_type_flags = WSC_ENCRYPTION_TYPE_AES_TKIP |
						WSC_ENCRYPTION_TYPE_NONE,
		.connection_type_flags = WSC_CONNECTION_TYPE_ESS,
		.config_methods = WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_KEYPAD |
				WSC_CONFIGURATION_METHOD_DISPLAY |
				WSC_CONFIGURATION_METHOD_NFC_INTERFACE,
		.state = WSC_STATE_NOT_CONFIGURED,
		.manufacturer = " ",
		.model_name = " ",
		.model_number = " ",
		.serial_number = " ",
		.primary_device_type = {
			.category = 0,
			.oui = { 0x00, 0x00, 0x00 },
			.oui_type = 0x00,
			.subcategory = 0, },
		.device_name = " ",
		.rf_bands = WSC_RF_BAND_2_4_GHZ,
		.association_state = WSC_ASSOCIATION_STATE_NOT_ASSOCIATED,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.configuration_error = WSC_CONFIGURATION_ERROR_NO_ERROR,
		.os_version = 0,
		.request_to_enroll = false,
	},
	.private_key = dh_private_key_2,
	.private_key_size = sizeof(dh_private_key_2),
	.public_key = dh_public_key_2,
	.public_key_size = sizeof(dh_public_key_2),
};

static void wsc_test_parse_m1(const void *data)
{
	const struct m1_data *test = data;
	struct wsc_m1 m1;
	const struct wsc_m1 *expected = &test->expected;
	int r;

	r = wsc_parse_m1(test->pdu, test->len, &m1);
	assert(r == 0);

	assert(expected->version2 == m1.version2);
	assert(!memcmp(expected->uuid_e, m1.uuid_e, 16));
	assert(!memcmp(expected->addr, m1.addr, 6));
	assert(!memcmp(expected->enrollee_nonce, m1.enrollee_nonce, 16));

	/* Skip public_key testing */

	assert(expected->auth_type_flags == m1.auth_type_flags);
	assert(expected->encryption_type_flags == m1.encryption_type_flags);
	assert(expected->connection_type_flags == m1.connection_type_flags);
	assert(expected->config_methods == m1.config_methods);
	assert(expected->state == m1.state);

	assert(!strcmp(expected->manufacturer, m1.manufacturer));
	assert(!strcmp(expected->model_name, m1.model_name));
	assert(!strcmp(expected->model_number, m1.model_number));
	assert(!strcmp(expected->serial_number, m1.serial_number));

	assert(expected->primary_device_type.category ==
				m1.primary_device_type.category);
	assert(!memcmp(expected->primary_device_type.oui,
				m1.primary_device_type.oui, 3));
	assert(expected->primary_device_type.oui_type ==
				m1.primary_device_type.oui_type);
	assert(expected->primary_device_type.subcategory ==
				m1.primary_device_type.subcategory);

	assert(!strcmp(expected->device_name, m1.device_name));
	assert(expected->rf_bands == m1.rf_bands);
	assert(expected->association_state == m1.association_state);
	assert(expected->device_password_id == m1.device_password_id);
	assert(expected->configuration_error == m1.configuration_error);
	assert(expected->os_version == m1.os_version);
	assert(expected->request_to_enroll == m1.request_to_enroll);

	assert(!memcmp(test->public_key, m1.public_key, 192));
}

static void wsc_test_build_m1(const void *data)
{
	const struct m1_data *test = data;
	struct wsc_m1 m1;
	uint8_t *out;
	size_t out_len;

	memcpy(&m1, &test->expected, sizeof(m1));
	memcpy(m1.public_key, test->public_key, 192);

	out = wsc_build_m1(&m1, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static bool wsc_compute_authenticator(struct l_key *peer_public_key,
					struct l_key *private_key,
					struct l_key *prime,
					const uint8_t *enrollee_nonce,
					const uint8_t *enrollee_mac,
					const uint8_t *registrar_nonce,
					const uint8_t *prev_msg,
					size_t prev_msg_len,
					const uint8_t *cur_msg,
					size_t cur_msg_len,
					uint8_t *authenticator)
{
	uint8_t shared_secret[192];
	size_t shared_secret_len;
	struct l_checksum *sha256;
	uint8_t dhkey[32];
	struct l_checksum *hmac_sha256;
	uint8_t kdk[32];
	ssize_t digest_len;
	bool r;
	struct iovec iov[3];
	struct wsc_session_key session_key;

	/* Compute shared secret */
	shared_secret_len = sizeof(shared_secret);
	r = l_key_compute_dh_secret(peer_public_key, private_key, prime,
					shared_secret, &shared_secret_len);
	assert(r);

	sha256 = l_checksum_new(L_CHECKSUM_SHA256);
	assert(sha256);

	/* Compute DHKey */
	assert(l_checksum_update(sha256, shared_secret, shared_secret_len));
	digest_len = l_checksum_get_digest(sha256, dhkey, sizeof(dhkey));
	assert(digest_len == 32);
	l_checksum_free(sha256);

	hmac_sha256 = l_checksum_new_hmac(L_CHECKSUM_SHA256,
							dhkey, sizeof(dhkey));
	assert(hmac_sha256);

	iov[0].iov_base = (void *) enrollee_nonce;
	iov[0].iov_len = 16;
	iov[1].iov_base = (void *) enrollee_mac;
	iov[1].iov_len = 6;
	iov[2].iov_base = (void *) registrar_nonce;
	iov[2].iov_len = 16;

	assert(l_checksum_updatev(hmac_sha256, iov, 3));
	digest_len = l_checksum_get_digest(hmac_sha256, kdk, sizeof(kdk));
	assert(digest_len == 32);
	l_checksum_free(hmac_sha256);

	assert(wsc_kdf(kdk, &session_key, sizeof(session_key)));

	hmac_sha256 = l_checksum_new_hmac(L_CHECKSUM_SHA256,
						session_key.auth_key,
						sizeof(session_key.auth_key));
	iov[0].iov_base = (void *) prev_msg;
	iov[0].iov_len = prev_msg_len;
	iov[1].iov_base = (void *) cur_msg;
	iov[1].iov_len = cur_msg_len - 12;

	assert(l_checksum_updatev(hmac_sha256, iov, 2));
	digest_len = l_checksum_get_digest(hmac_sha256, authenticator, 8);
	assert(digest_len == 8);
	l_checksum_free(hmac_sha256);

	return true;
}

static const unsigned char eap_wsc_m2_1[] = {
	0x01, 0x00, 0x01, 0xd6, 0x01, 0x02, 0x01, 0xd6, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x05, 0x10, 0x1a, 0x00, 0x10, 0xab, 0x84, 0x41, 0x2f,
	0xe7, 0xc3, 0xc9, 0xc9, 0xd7, 0xf4, 0xe8, 0xc1, 0x4f, 0x49, 0x2b, 0x79,
	0x10, 0x39, 0x00, 0x10, 0x1a, 0xe1, 0xa2, 0xc1, 0x5a, 0xff, 0xa8, 0xb4,
	0x3a, 0x4a, 0xe1, 0xea, 0x71, 0x3f, 0xfb, 0x49, 0x10, 0x48, 0x00, 0x10,
	0xc4, 0x4a, 0xad, 0x8d, 0x25, 0x2f, 0x52, 0xc6, 0xf9, 0x6b, 0x38, 0x5d,
	0xcb, 0x23, 0x31, 0xae, 0x10, 0x32, 0x00, 0xc0, 0xe8, 0x23, 0x5b, 0x62,
	0x65, 0x41, 0x83, 0xfa, 0xc3, 0x23, 0x6f, 0x30, 0xc9, 0x4e, 0x32, 0x34,
	0x8c, 0xfa, 0xf0, 0xfb, 0xff, 0x09, 0xc1, 0x93, 0x13, 0x7a, 0x80, 0xe2,
	0xce, 0x5a, 0x5e, 0xed, 0x55, 0xcd, 0xdb, 0x87, 0x05, 0xbf, 0x06, 0x47,
	0xf9, 0x96, 0xdd, 0x96, 0x41, 0xdf, 0x56, 0x6e, 0xb1, 0x20, 0xee, 0xf7,
	0x97, 0xf7, 0x59, 0x9f, 0x94, 0x78, 0xe5, 0xff, 0xd7, 0xa0, 0x99, 0xcf,
	0x34, 0x00, 0xb4, 0xbd, 0xaf, 0xaf, 0x8f, 0xd9, 0x7d, 0x10, 0x2e, 0x4d,
	0x8c, 0xac, 0x0e, 0x8f, 0x19, 0xcf, 0x07, 0xc7, 0x24, 0x6c, 0xa8, 0xf4,
	0x18, 0x56, 0x04, 0xbf, 0x80, 0x34, 0x72, 0x18, 0x65, 0x09, 0x7a, 0x85,
	0x7b, 0xe2, 0xe0, 0xeb, 0x19, 0x15, 0x69, 0x7f, 0xef, 0x60, 0x78, 0x01,
	0x73, 0xb8, 0xd0, 0x33, 0x76, 0x18, 0xf2, 0xf8, 0x29, 0x39, 0x11, 0x1a,
	0xcd, 0x6c, 0x5c, 0x10, 0xf5, 0xbf, 0x4e, 0xf3, 0xda, 0x9a, 0x48, 0x46,
	0x5c, 0x93, 0x8e, 0x18, 0x03, 0xd0, 0x42, 0x8f, 0xef, 0x5a, 0xc7, 0x9c,
	0x1a, 0x10, 0x3a, 0xd3, 0x74, 0x6a, 0x3b, 0x23, 0x37, 0x7b, 0xcd, 0x4a,
	0x52, 0xfd, 0x11, 0x4d, 0x62, 0xf8, 0x2e, 0xac, 0xae, 0x2e, 0xcf, 0x25,
	0x5c, 0xce, 0xd4, 0xd9, 0x8b, 0x30, 0x06, 0x74, 0x87, 0xd1, 0xb8, 0x64,
	0x1a, 0xf5, 0xc6, 0x28, 0x89, 0x1f, 0x68, 0xd7, 0x10, 0x04, 0x00, 0x02,
	0x00, 0x23, 0x10, 0x10, 0x00, 0x02, 0x00, 0x0d, 0x10, 0x0d, 0x00, 0x01,
	0x01, 0x10, 0x08, 0x00, 0x02, 0x26, 0x88, 0x10, 0x21, 0x00, 0x15, 0x41,
	0x53, 0x55, 0x53, 0x54, 0x65, 0x4b, 0x20, 0x43, 0x6f, 0x6d, 0x70, 0x75,
	0x74, 0x65, 0x72, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x10, 0x23, 0x00, 0x1c,
	0x57, 0x69, 0x2d, 0x46, 0x69, 0x20, 0x50, 0x72, 0x6f, 0x74, 0x65, 0x63,
	0x74, 0x65, 0x64, 0x20, 0x53, 0x65, 0x74, 0x75, 0x70, 0x20, 0x52, 0x6f,
	0x75, 0x74, 0x65, 0x72, 0x10, 0x24, 0x00, 0x08, 0x52, 0x54, 0x2d, 0x41,
	0x43, 0x36, 0x38, 0x55, 0x10, 0x42, 0x00, 0x11, 0x31, 0x30, 0x3a, 0x63,
	0x33, 0x3a, 0x37, 0x62, 0x3a, 0x35, 0x34, 0x3a, 0x37, 0x34, 0x3a, 0x64,
	0x30, 0x10, 0x54, 0x00, 0x08, 0x00, 0x06, 0x00, 0x50, 0xf2, 0x04, 0x00,
	0x01, 0x10, 0x11, 0x00, 0x08, 0x52, 0x54, 0x2d, 0x41, 0x43, 0x36, 0x38,
	0x55, 0x10, 0x3c, 0x00, 0x01, 0x02, 0x10, 0x02, 0x00, 0x02, 0x00, 0x00,
	0x10, 0x09, 0x00, 0x02, 0x00, 0x00, 0x10, 0x12, 0x00, 0x02, 0x00, 0x04,
	0x10, 0x2d, 0x00, 0x04, 0x80, 0x00, 0x00, 0x00, 0x10, 0x49, 0x00, 0x06,
	0x00, 0x37, 0x2a, 0x00, 0x01, 0x20, 0x10, 0x05, 0x00, 0x08, 0xec, 0xb1,
	0x17, 0xac, 0xd9, 0x33, 0x84, 0x5f,
};

static const unsigned char eap_wsc_m2_2[] = {
	0x01, 0x00, 0x01, 0xd3, 0x01, 0x02, 0x01, 0xd3, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x05, 0x10, 0x1a, 0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25,
	0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43,
	0x10, 0x39, 0x00, 0x10, 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2, 0x21,
	0x48, 0x78, 0xc5, 0x70, 0x89, 0x9f, 0xf2, 0xa0, 0x10, 0x48, 0x00, 0x10,
	0x8e, 0xd8, 0x32, 0x02, 0xa3, 0x24, 0x52, 0xc0, 0xb0, 0x3e, 0x0c, 0x95,
	0x18, 0x27, 0xd6, 0xe7, 0x10, 0x32, 0x00, 0xc0, 0x29, 0xdd, 0x2e, 0x36,
	0x97, 0xa4, 0x25, 0x1c, 0x93, 0x56, 0xef, 0xdd, 0x8c, 0xf4, 0x9e, 0x1c,
	0xab, 0xbe, 0x42, 0xd1, 0xba, 0xc4, 0xb0, 0xa4, 0x2b, 0xaf, 0x9e, 0xcc,
	0xe0, 0xfb, 0x94, 0x0c, 0xf1, 0xdf, 0x5d, 0x71, 0x2b, 0xcb, 0x24, 0xd7,
	0x83, 0x9f, 0xf4, 0xa2, 0xa9, 0x88, 0x86, 0xa2, 0x7f, 0x4f, 0x42, 0xe2,
	0x76, 0x4a, 0xac, 0x4e, 0x5d, 0x45, 0x15, 0x01, 0x4f, 0x29, 0xbe, 0xa2,
	0x44, 0xdf, 0x36, 0xb9, 0xff, 0xe3, 0xdf, 0x14, 0x30, 0x21, 0xf2, 0x74,
	0x9d, 0x57, 0x5b, 0x08, 0xe9, 0x78, 0xad, 0x5c, 0x28, 0x2c, 0x15, 0xcb,
	0xa2, 0x0d, 0xdb, 0x8c, 0xc5, 0x0f, 0xda, 0x6f, 0x98, 0xd0, 0x84, 0x0b,
	0x4c, 0xab, 0x0b, 0x1c, 0xd9, 0xee, 0x78, 0xa4, 0xfe, 0x8e, 0x51, 0x8d,
	0xa1, 0xc5, 0xf1, 0xe1, 0x5e, 0xf1, 0x9b, 0xc4, 0x17, 0xa5, 0x41, 0xb1,
	0x46, 0x75, 0x9b, 0x03, 0x4e, 0x6c, 0x0b, 0x3a, 0xb9, 0x25, 0xb4, 0x76,
	0x79, 0x18, 0xdd, 0xba, 0x73, 0xca, 0x32, 0x33, 0x60, 0xd5, 0xb3, 0xef,
	0xfe, 0x13, 0x3f, 0xfc, 0x91, 0xf3, 0x31, 0xd6, 0x4a, 0xbf, 0xfa, 0x3e,
	0x89, 0x4d, 0xe6, 0xfa, 0x09, 0x71, 0x0f, 0x8a, 0xc8, 0x67, 0x1f, 0x7e,
	0xc0, 0xae, 0xb8, 0x15, 0x4d, 0xb9, 0x20, 0xec, 0x40, 0xd2, 0xdf, 0x73,
	0x09, 0x13, 0x5b, 0x06, 0xe0, 0xc1, 0xfa, 0xe8, 0x10, 0x04, 0x00, 0x02,
	0x00, 0x3f, 0x10, 0x10, 0x00, 0x02, 0x00, 0x0c, 0x10, 0x0d, 0x00, 0x01,
	0x01, 0x10, 0x08, 0x00, 0x02, 0x00, 0x00, 0x10, 0x21, 0x00, 0x0a, 0x41,
	0x70, 0x70, 0x6c, 0x65, 0x20, 0x49, 0x6e, 0x63, 0x2e, 0x10, 0x23, 0x00,
	0x04, 0x4a, 0x32, 0x38, 0x45, 0x10, 0x24, 0x00, 0x19, 0x41, 0x70, 0x70,
	0x6c, 0x65, 0x20, 0x42, 0x61, 0x73, 0x65, 0x20, 0x53, 0x74, 0x61, 0x74,
	0x69, 0x6f, 0x6e, 0x20, 0x56, 0x37, 0x2e, 0x37, 0x2e, 0x33, 0x10, 0x42,
	0x00, 0x0c, 0x43, 0x38, 0x36, 0x4d, 0x44, 0x38, 0x57, 0x48, 0x46, 0x4a,
	0x31, 0x52, 0x10, 0x54, 0x00, 0x08, 0x00, 0x06, 0x00, 0x50, 0xf2, 0x04,
	0x00, 0x01, 0x10, 0x11, 0x00, 0x17, 0x44, 0x65, 0x6e, 0x69, 0x73, 0x27,
	0x73, 0x20, 0x41, 0x69, 0x72, 0x50, 0x6f, 0x72, 0x74, 0x20, 0x45, 0x78,
	0x74, 0x72, 0x65, 0x6d, 0x65, 0x10, 0x3c, 0x00, 0x01, 0x01, 0x10, 0x02,
	0x00, 0x02, 0x00, 0x00, 0x10, 0x09, 0x00, 0x02, 0x00, 0x00, 0x10, 0x12,
	0x00, 0x02, 0x00, 0x04, 0x10, 0x2d, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00,
	0x10, 0x49, 0x00, 0x0b, 0x00, 0x00, 0x3f, 0x00, 0x04, 0x00, 0x04, 0x00,
	0x00, 0x00, 0x00, 0x10, 0x05, 0x00, 0x08, 0x45, 0x33, 0x07, 0x57, 0x77,
	0x40, 0x50, 0x37,
};

struct m2_data {
	struct wsc_m2 expected;
	const void *pdu;
	unsigned int len;
	const uint8_t *public_key;
	uint32_t public_key_size;
	const struct m1_data *m1;
};

static const struct m2_data m2_data_1 = {
	.pdu = eap_wsc_m2_1 + 18,
	.len = sizeof(eap_wsc_m2_1) - 18,
	.expected = {
		.version2 = true,
		.enrollee_nonce = { 0xab, 0x84, 0x41, 0x2f, 0xe7, 0xc3, 0xc9,
					0xc9, 0xd7, 0xf4, 0xe8, 0xc1, 0x4f,
					0x49, 0x2b, 0x79 },
		.registrar_nonce = { 0x1a, 0xe1, 0xa2, 0xc1, 0x5a, 0xff, 0xa8,
					0xb4, 0x3a, 0x4a, 0xe1, 0xea, 0x71,
					0x3f, 0xfb, 0x49 },
		.uuid_r = { 0xc4, 0x4a, 0xad, 0x8d, 0x25, 0x2f, 0x52, 0xc6,
			0xf9, 0x6b, 0x38, 0x5d, 0xcb, 0x23, 0x31, 0xae },
		.public_key = { }, /* Tested elsewhere */
		.auth_type_flags =
			WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL |
			WSC_AUTHENTICATION_TYPE_WPA_PERSONAL |
			WSC_AUTHENTICATION_TYPE_OPEN,
		.encryption_type_flags = WSC_ENCRYPTION_TYPE_AES_TKIP |
						WSC_ENCRYPTION_TYPE_NONE,
		.connection_type_flags = WSC_CONNECTION_TYPE_ESS,
		.config_methods = WSC_CONFIGURATION_METHOD_VIRTUAL_PUSH_BUTTON |
				WSC_CONFIGURATION_METHOD_PHYSICAL_PUSH_BUTTON |
				WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN,
		.manufacturer = "ASUSTeK Computer Inc.",
		.model_name = "Wi-Fi Protected Setup Router",
		.model_number = "RT-AC68U",
		.serial_number = "10:c3:7b:54:74:d0",
		.primary_device_type = {
			.category = 6,
			.oui = { 0x00, 0x50, 0xf2 },
			.oui_type = 0x04,
			.subcategory = 1, },
		.device_name = "RT-AC68U",
		.rf_bands = WSC_RF_BAND_5_0_GHZ,
		.association_state = WSC_ASSOCIATION_STATE_NOT_ASSOCIATED,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.configuration_error = WSC_CONFIGURATION_ERROR_NO_ERROR,
		.os_version = 0,
		.authenticator = { 0xec, 0xb1, 0x17, 0xac, 0xd9, 0x33, 0x84,
					0x5f },
	},
	.public_key = eap_wsc_m2_1 + 92,
	.public_key_size = 192,
	.m1 = &m1_data_1,
};

static const struct m2_data m2_data_2 = {
	.pdu = eap_wsc_m2_2 + 18,
	.len = sizeof(eap_wsc_m2_2) - 18,
	.expected = {
		.version2 = false,
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.registrar_nonce = { 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2,
					0x21, 0x48, 0x78, 0xc5, 0x70, 0x89,
					0x9f, 0xf2, 0xa0 },
		.uuid_r = { 0x8e, 0xd8, 0x32, 0x02, 0xa3, 0x24, 0x52, 0xc0,
			0xb0, 0x3e, 0x0c, 0x95, 0x18, 0x27, 0xd6, 0xe7, },
		.public_key = { }, /* Tested elsewhere */
		.auth_type_flags =
			WSC_AUTHENTICATION_TYPE_OPEN |
			WSC_AUTHENTICATION_TYPE_WPA_PERSONAL |
			WSC_AUTHENTICATION_TYPE_SHARED |
			WSC_AUTHENTICATION_TYPE_WPA_ENTERPRISE |
			WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL |
			WSC_AUTHENTICATION_TYPE_WPA2_ENTERPRISE,
		.encryption_type_flags = WSC_ENCRYPTION_TYPE_AES_TKIP,
		.connection_type_flags = WSC_CONNECTION_TYPE_ESS,
		.config_methods = 0,
		.manufacturer = "Apple Inc.",
		.model_name = "J28E",
		.model_number = "Apple Base Station V7.7.3",
		.serial_number = "C86MD8WHFJ1R",
		.primary_device_type = {
			.category = 6,
			.oui = { 0x00, 0x50, 0xf2 },
			.oui_type = 0x04,
			.subcategory = 1, },
		.device_name = "Denis's AirPort Extreme",
		.rf_bands = WSC_RF_BAND_2_4_GHZ,
		.association_state = WSC_ASSOCIATION_STATE_NOT_ASSOCIATED,
		.device_password_id = WSC_DEVICE_PASSWORD_ID_PUSH_BUTTON,
		.configuration_error = WSC_CONFIGURATION_ERROR_NO_ERROR,
		.os_version = 0,
		.authenticator = { 0x45, 0x33, 0x07, 0x57, 0x77, 0x40, 0x50,
						0x37 },
	},
	.public_key = eap_wsc_m2_2 + 92,
	.public_key_size = 192,
	.m1 = &m1_data_2,
};

static void wsc_test_parse_m2(const void *data)
{
	const struct m2_data *test = data;
	struct wsc_m2 m2;
	const struct wsc_m2 *expected = &test->expected;
	struct l_key *private;
	struct l_key *prime;
	struct l_key *peer_public;
	uint8_t authenticator[8];
	int r;

	r = wsc_parse_m2(test->pdu, test->len, &m2);
	assert(r == 0);

	assert(expected->version2 == m2.version2);
	assert(!memcmp(expected->uuid_r, m2.uuid_r, 16));
	assert(!memcmp(expected->enrollee_nonce, m2.enrollee_nonce, 16));
	assert(!memcmp(expected->registrar_nonce, m2.registrar_nonce, 16));

	/* Skip public_key testing */

	assert(expected->auth_type_flags == m2.auth_type_flags);
	assert(expected->encryption_type_flags == m2.encryption_type_flags);
	assert(expected->connection_type_flags == m2.connection_type_flags);
	assert(expected->config_methods == m2.config_methods);

	assert(!strcmp(expected->manufacturer, m2.manufacturer));
	assert(!strcmp(expected->model_name, m2.model_name));
	assert(!strcmp(expected->model_number, m2.model_number));
	assert(!strcmp(expected->serial_number, m2.serial_number));

	assert(expected->primary_device_type.category ==
				m2.primary_device_type.category);
	assert(!memcmp(expected->primary_device_type.oui,
				m2.primary_device_type.oui, 3));
	assert(expected->primary_device_type.oui_type ==
				m2.primary_device_type.oui_type);
	assert(expected->primary_device_type.subcategory ==
				m2.primary_device_type.subcategory);

	assert(!strcmp(expected->device_name, m2.device_name));
	assert(expected->rf_bands == m2.rf_bands);
	assert(expected->association_state == m2.association_state);
	assert(expected->device_password_id == m2.device_password_id);
	assert(expected->configuration_error == m2.configuration_error);
	assert(expected->os_version == m2.os_version);
	assert(!memcmp(expected->authenticator, m2.authenticator, 8));

	assert(!memcmp(test->public_key, m2.public_key, 192));

	prime = l_key_new(L_KEY_RAW, crypto_dh5_prime, crypto_dh5_prime_size);
	assert(prime);

	private = l_key_new(L_KEY_RAW, test->m1->private_key,
						test->m1->private_key_size);
	assert(private);

	peer_public = l_key_new(L_KEY_RAW, test->public_key,
						test->public_key_size);
	assert(peer_public);

	assert(wsc_compute_authenticator(peer_public, private, prime,
						m2.enrollee_nonce,
						test->m1->expected.addr,
						m2.registrar_nonce,
						test->m1->pdu,
						test->m1->len,
						test->pdu,
						test->len,
						authenticator));

	assert(!memcmp(m2.authenticator, authenticator, 8));

	l_key_free(prime);
	l_key_free(private);
	l_key_free(peer_public);
}

static void wsc_test_build_m2(const void *data)
{
	const struct m2_data *test = data;
	struct wsc_m2 m2;
	uint8_t *out;
	size_t out_len;

	memcpy(&m2, &test->expected, sizeof(m2));
	memcpy(m2.public_key, test->public_key, 192);

	out = wsc_build_m2(&m2, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m3[] = {
	0x01, 0x00, 0x00, 0x8a, 0x02, 0x02, 0x00, 0x8a, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x07, 0x10, 0x39, 0x00, 0x10, 0x67, 0xa5, 0x53, 0x61,
	0xee, 0x72, 0xc2, 0x21, 0x48, 0x78, 0xc5, 0x70, 0x89, 0x9f, 0xf2, 0xa0,
	0x10, 0x14, 0x00, 0x20, 0x70, 0x9b, 0x9a, 0x2d, 0x26, 0x98, 0x0d, 0x46,
	0x8e, 0x1c, 0xb8, 0x8a, 0xbf, 0xcb, 0x83, 0xb9, 0x65, 0xba, 0x0b, 0xd1,
	0x20, 0xd9, 0x36, 0x9e, 0xc3, 0xc7, 0xb8, 0x9b, 0xe9, 0x0a, 0xa5, 0x50,
	0x10, 0x15, 0x00, 0x20, 0xfd, 0x5f, 0xfa, 0xb0, 0xa1, 0x4b, 0x78, 0xf9,
	0xa4, 0x9c, 0x84, 0x72, 0x2b, 0x08, 0x2e, 0x73, 0x73, 0x4e, 0xfb, 0x4d,
	0xbf, 0x93, 0x08, 0xa9, 0x56, 0xa5, 0x52, 0x89, 0x4c, 0x74, 0x44, 0x8f,
	0x10, 0x49, 0x00, 0x06, 0x00, 0x37, 0x2a, 0x00, 0x01, 0x20, 0x10, 0x05,
	0x00, 0x08, 0xaf, 0x03, 0x0e, 0x95, 0xd6, 0xe6, 0x72, 0xaf,
};

struct m3_data {
	struct wsc_m3 expected;
	const void *pdu;
	unsigned int len;
};

static const struct m3_data m3_data_1 = {
	.pdu = eap_wsc_m3 + 18,
	.len = sizeof(eap_wsc_m3) - 18,
	.expected = {
		.version2 = true,
		.registrar_nonce = { 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2,
					0x21, 0x48, 0x78, 0xc5, 0x70, 0x89,
					0x9f, 0xf2, 0xa0 },
		.e_hash1 = { 0x70, 0x9b, 0x9a, 0x2d, 0x26, 0x98, 0x0d, 0x46,
			0x8e, 0x1c, 0xb8, 0x8a, 0xbf, 0xcb, 0x83, 0xb9, 0x65,
			0xba, 0x0b, 0xd1, 0x20, 0xd9, 0x36, 0x9e, 0xc3, 0xc7,
			0xb8, 0x9b, 0xe9, 0x0a, 0xa5, 0x50 },
		.e_hash2 = { 0xfd, 0x5f, 0xfa, 0xb0, 0xa1, 0x4b, 0x78, 0xf9,
			0xa4, 0x9c, 0x84, 0x72, 0x2b, 0x08, 0x2e, 0x73, 0x73,
			0x4e, 0xfb, 0x4d, 0xbf, 0x93, 0x08, 0xa9, 0x56, 0xa5,
			0x52, 0x89, 0x4c, 0x74, 0x44, 0x8f },
		.authenticator = { 0xaf, 0x03, 0x0e, 0x95, 0xd6, 0xe6,
					0x72, 0xaf },
	},
};

static void wsc_test_parse_m3(const void *data)
{
	const struct m3_data *test = data;
	struct wsc_m3 m3;
	const struct wsc_m3 *expected = &test->expected;
	int r;

	r = wsc_parse_m3(test->pdu, test->len, &m3);
	assert(r == 0);

	assert(expected->version2 == m3.version2);
	assert(!memcmp(expected->registrar_nonce, m3.registrar_nonce, 16));
	assert(!memcmp(expected->e_hash1, m3.e_hash1, 32));
	assert(!memcmp(expected->e_hash2, m3.e_hash2, 32));
	assert(!memcmp(expected->authenticator, m3.authenticator, 8));
}

static void wsc_test_build_m3(const void *data)
{
	const struct m3_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m3(&test->expected, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m4[] = {
	0x01, 0x00, 0x00, 0xc4, 0x01, 0x03, 0x00, 0xc4, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x08, 0x10, 0x1a, 0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25,
	0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43,
	0x10, 0x3d, 0x00, 0x20, 0x33, 0x81, 0x27, 0xf0, 0xb6, 0x75, 0x4c, 0x11,
	0x83, 0x05, 0x3f, 0xa6, 0x10, 0x4b, 0xb5, 0x55, 0x2d, 0x7e, 0x65, 0x29,
	0x48, 0x8c, 0xbd, 0xc4, 0x47, 0x49, 0xbd, 0xc9, 0x80, 0x67, 0x0e, 0x78,
	0x10, 0x3e, 0x00, 0x20, 0x3f, 0x7c, 0x94, 0x89, 0xf8, 0x10, 0x4e, 0x9b,
	0x37, 0xf6, 0x64, 0x28, 0xe1, 0x63, 0xdb, 0xca, 0x90, 0x42, 0xf4, 0x84,
	0x3f, 0x1f, 0x2a, 0x7a, 0x3e, 0x4b, 0x29, 0xc3, 0xd2, 0x93, 0x79, 0x37,
	0x10, 0x18, 0x00, 0x40, 0x8e, 0x02, 0xd6, 0x5f, 0xff, 0x43, 0xdf, 0x55,
	0x19, 0xe2, 0x48, 0x30, 0xce, 0x02, 0x7c, 0xd6, 0x73, 0x6e, 0x19, 0x61,
	0x38, 0x99, 0x5d, 0xb3, 0x63, 0x05, 0xba, 0xf2, 0xcc, 0xa4, 0xcf, 0x24,
	0x33, 0x26, 0xb3, 0x93, 0x92, 0xbc, 0xb6, 0x65, 0x9d, 0x94, 0xe3, 0xe4,
	0x39, 0xf3, 0xd0, 0xc5, 0x51, 0x79, 0x00, 0x67, 0xa2, 0x4e, 0xd6, 0x56,
	0xfa, 0xb3, 0x0e, 0x0d, 0xca, 0x45, 0x76, 0xdf, 0x10, 0x05, 0x00, 0x08,
	0x30, 0xf1, 0xf6, 0x4d, 0x5c, 0x55, 0x36, 0x3c,
};

struct m4_data {
	struct wsc_m4 expected;
	const uint8_t *expected_encrypted;
	size_t expected_encrypted_size;
	const void *pdu;
	unsigned int len;
};

static const struct m4_data m4_data_1 = {
	.pdu = eap_wsc_m4 + 18,
	.len = sizeof(eap_wsc_m4) - 18,
	.expected = {
		.version2 = false,
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.r_hash1 = { 0x33, 0x81, 0x27, 0xf0, 0xb6, 0x75, 0x4c, 0x11,
			0x83, 0x05, 0x3f, 0xa6, 0x10, 0x4b, 0xb5, 0x55, 0x2d,
			0x7e, 0x65, 0x29, 0x48, 0x8c, 0xbd, 0xc4, 0x47, 0x49,
			0xbd, 0xc9, 0x80, 0x67, 0x0e, 0x78 },
		.r_hash2 = { 0x3f, 0x7c, 0x94, 0x89, 0xf8, 0x10, 0x4e, 0x9b,
			0x37, 0xf6, 0x64, 0x28, 0xe1, 0x63, 0xdb, 0xca, 0x90,
			0x42, 0xf4, 0x84, 0x3f, 0x1f, 0x2a, 0x7a, 0x3e, 0x4b,
			0x29, 0xc3, 0xd2, 0x93, 0x79, 0x37 },
		.authenticator = { 0x30, 0xf1, 0xf6, 0x4d, 0x5c, 0x55,
					0x36, 0x3c },
	},
	.expected_encrypted = eap_wsc_m4 + 124,
	.expected_encrypted_size = 64,
};

static void wsc_test_parse_m4(const void *data)
{
	const struct m4_data *test = data;
	struct wsc_m4 m4;
	const struct wsc_m4 *expected = &test->expected;
	struct iovec encrypted;
	int r;

	r = wsc_parse_m4(test->pdu, test->len, &m4, &encrypted);
	assert(r == 0);

	assert(expected->version2 == m4.version2);
	assert(!memcmp(expected->enrollee_nonce, m4.enrollee_nonce, 16));
	assert(!memcmp(expected->r_hash1, m4.r_hash1, 32));
	assert(!memcmp(expected->r_hash2, m4.r_hash2, 32));
	assert(!memcmp(expected->authenticator, m4.authenticator, 8));

	assert(test->expected_encrypted_size == encrypted.iov_len);
	assert(!memcmp(test->expected_encrypted,
					encrypted.iov_base, encrypted.iov_len));
}

static void wsc_test_build_m4(const void *data)
{
	const struct m4_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m4(&test->expected, test->expected_encrypted,
				test->expected_encrypted_size, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char m4_encrypted_settings[] = {
	0x10, 0x3f, 0x00, 0x10, 0xaf, 0xbe, 0xbc, 0x19, 0x44, 0xdf, 0xf3, 0x40,
	0x3c, 0xdc, 0x70, 0xc0, 0x63, 0x63, 0xc7, 0x53, 0x10, 0x1e, 0x00, 0x08,
	0x47, 0x82, 0x81, 0xb3, 0x1e, 0xe0, 0xa4, 0xcb,
};

struct m4_encrypted_settings_data {
	struct wsc_m4_encrypted_settings expected;
	const void *pdu;
	unsigned int len;
};

static const struct m4_encrypted_settings_data m4_encrypted_settings_data_1 = {
	.pdu = m4_encrypted_settings,
	.len = sizeof(m4_encrypted_settings),
	.expected = {
		.r_snonce1 = { 0xaf, 0xbe, 0xbc, 0x19, 0x44, 0xdf, 0xf3, 0x40,
			0x3c, 0xdc, 0x70, 0xc0, 0x63, 0x63, 0xc7, 0x53 },
		.authenticator = { 0x47, 0x82, 0x81, 0xb3, 0x1e, 0xe0,
					0xa4, 0xcb },
	},
};

static void wsc_test_parse_m4_encrypted_settings(const void *data)
{
	const struct m4_encrypted_settings_data *test = data;
	struct wsc_m4_encrypted_settings m4es;
	const struct wsc_m4_encrypted_settings *expected = &test->expected;
	int r;

	r = wsc_parse_m4_encrypted_settings(test->pdu, test->len, &m4es);
	assert(r == 0);

	assert(!memcmp(expected->r_snonce1, m4es.r_snonce1, 16));
	assert(!memcmp(expected->authenticator, m4es.authenticator, 8));
}

static void wsc_test_build_m4_encrypted_settings(const void *data)
{
	const struct m4_encrypted_settings_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m4_encrypted_settings(&test->expected, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m5[] = {
	0x01, 0x00, 0x00, 0x86, 0x02, 0x03, 0x00, 0x86, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x09, 0x10, 0x39, 0x00, 0x10, 0x67, 0xa5, 0x53, 0x61,
	0xee, 0x72, 0xc2, 0x21, 0x48, 0x78, 0xc5, 0x70, 0x89, 0x9f, 0xf2, 0xa0,
	0x10, 0x18, 0x00, 0x40, 0x9a, 0x31, 0xf8, 0x4b, 0x46, 0x72, 0xf2, 0xcc,
	0xf6, 0x3c, 0x84, 0x5e, 0xed, 0x34, 0x64, 0xec, 0xe6, 0x04, 0xe5, 0xb1,
	0xac, 0xac, 0xa5, 0x5d, 0x50, 0x5f, 0xcc, 0x5c, 0x99, 0x13, 0x3f, 0xe7,
	0x24, 0xb8, 0x10, 0x41, 0x04, 0x94, 0x2a, 0x3c, 0x56, 0xe5, 0x14, 0xee,
	0x57, 0xda, 0xdf, 0x25, 0x57, 0xbe, 0x3e, 0x71, 0x8a, 0x10, 0x3a, 0x88,
	0xd9, 0x74, 0x42, 0x2d, 0x53, 0x6a, 0xa6, 0xe5, 0x10, 0x49, 0x00, 0x06,
	0x00, 0x37, 0x2a, 0x00, 0x01, 0x20, 0x10, 0x05, 0x00, 0x08, 0x6c, 0x80,
	0x5a, 0x2f, 0xac, 0x19, 0x7c, 0x35,
};

struct m5_data {
	struct wsc_m5 expected;
	const uint8_t *expected_encrypted;
	size_t expected_encrypted_size;
	const void *pdu;
	unsigned int len;
};

static const struct m5_data m5_data_1 = {
	.pdu = eap_wsc_m5 + 18,
	.len = sizeof(eap_wsc_m5) - 18,
	.expected = {
		.version2 = true,
		.registrar_nonce = { 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2,
					0x21, 0x48, 0x78, 0xc5, 0x70, 0x89,
					0x9f, 0xf2, 0xa0 },
		.authenticator = { 0x6c, 0x80, 0x5a, 0x2f, 0xac, 0x19,
						0x7c, 0x35 },
	},
	.expected_encrypted = eap_wsc_m5 + 52,
	.expected_encrypted_size = 64,
};

static void wsc_test_parse_m5(const void *data)
{
	const struct m5_data *test = data;
	struct wsc_m5 m5;
	const struct wsc_m5 *expected = &test->expected;
	struct iovec encrypted;
	int r;

	r = wsc_parse_m5(test->pdu, test->len, &m5, &encrypted);
	assert(r == 0);

	assert(expected->version2 == m5.version2);
	assert(!memcmp(expected->registrar_nonce, m5.registrar_nonce, 16));
	assert(!memcmp(expected->authenticator, m5.authenticator, 8));

	assert(test->expected_encrypted_size == encrypted.iov_len);
	assert(!memcmp(test->expected_encrypted,
					encrypted.iov_base, encrypted.iov_len));
}

static void wsc_test_build_m5(const void *data)
{
	const struct m5_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m5(&test->expected, test->expected_encrypted,
				test->expected_encrypted_size, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m6[] = {
	0x01, 0x00, 0x00, 0x7c, 0x01, 0xaa, 0x00, 0x7c, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x0a, 0x10, 0x1a, 0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25,
	0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43,
	0x10, 0x18, 0x00, 0x40, 0x62, 0xfe, 0xc7, 0xf5, 0x1d, 0xa1, 0x0e, 0x5b,
	0xe9, 0x2f, 0xcb, 0x4f, 0x30, 0x7b, 0x15, 0x17, 0x9c, 0xa1, 0x92, 0x1d,
	0xd4, 0x7f, 0x06, 0x2f, 0x14, 0xcd, 0x4b, 0x8f, 0xe6, 0x76, 0xe7, 0x6c,
	0x9a, 0xc1, 0xd0, 0x1f, 0xab, 0x5e, 0x0f, 0xf5, 0xa7, 0xa9, 0x9a, 0xca,
	0xf3, 0xcc, 0xbd, 0x5f, 0xfc, 0xfb, 0x6f, 0x5b, 0x01, 0xb7, 0x05, 0x39,
	0x11, 0xc3, 0xaa, 0x92, 0x5c, 0x06, 0xdb, 0x21, 0x10, 0x05, 0x00, 0x08,
	0xc4, 0x40, 0xd2, 0x39, 0xf1, 0x07, 0x72, 0xcb,
};

struct m6_data {
	struct wsc_m6 expected;
	const uint8_t *expected_encrypted;
	size_t expected_encrypted_size;
	const void *pdu;
	unsigned int len;
};

static const struct m6_data m6_data_1 = {
	.pdu = eap_wsc_m6 + 18,
	.len = sizeof(eap_wsc_m6) - 18,
	.expected = {
		.version2 = false,
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.authenticator = { 0xc4, 0x40, 0xd2, 0x39, 0xf1, 0x07,
								0x72, 0xcb },
	},
	.expected_encrypted = eap_wsc_m6 + 52,
	.expected_encrypted_size = 64,
};

static void wsc_test_parse_m6(const void *data)
{
	const struct m6_data *test = data;
	struct wsc_m6 m6;
	const struct wsc_m6 *expected = &test->expected;
	struct iovec encrypted;
	int r;

	r = wsc_parse_m6(test->pdu, test->len, &m6, &encrypted);
	assert(r == 0);

	assert(expected->version2 == m6.version2);
	assert(!memcmp(expected->enrollee_nonce, m6.enrollee_nonce, 16));
	assert(!memcmp(expected->authenticator, m6.authenticator, 8));

	assert(test->expected_encrypted_size == encrypted.iov_len);
	assert(!memcmp(test->expected_encrypted,
					encrypted.iov_base, encrypted.iov_len));
}

static void wsc_test_build_m6(const void *data)
{
	const struct m6_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m6(&test->expected, test->expected_encrypted,
				test->expected_encrypted_size, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char m6_encrypted_settings[] = {
	0x10, 0x40, 0x00, 0x10, 0x57, 0x29, 0x13, 0xb5, 0x89, 0xf1, 0x50, 0x7e,
	0x4d, 0x5c, 0x88, 0xda, 0x25, 0x9b, 0xce, 0xf0, 0x10, 0x1e, 0x00, 0x08,
	0x72, 0x8c, 0x3c, 0xf8, 0xd4, 0xd2, 0xb1, 0xa1,
};

struct m6_encrypted_settings_data {
	struct wsc_m6_encrypted_settings expected;
	const void *pdu;
	unsigned int len;
};

static const struct m6_encrypted_settings_data m6_encrypted_settings_data_1 = {
	.pdu = m6_encrypted_settings,
	.len = sizeof(m6_encrypted_settings),
	.expected = {
		.r_snonce2 = { 0x57, 0x29, 0x13, 0xb5, 0x89, 0xf1, 0x50, 0x7e,
			0x4d, 0x5c, 0x88, 0xda, 0x25, 0x9b, 0xce, 0xf0 },
		.authenticator = { 0x72, 0x8c, 0x3c, 0xf8, 0xd4, 0xd2,
					0xb1, 0xa1 },
	},
};

static void wsc_test_parse_m6_encrypted_settings(const void *data)
{
	const struct m6_encrypted_settings_data *test = data;
	struct wsc_m6_encrypted_settings m6es;
	const struct wsc_m6_encrypted_settings *expected = &test->expected;
	int r;

	r = wsc_parse_m6_encrypted_settings(test->pdu, test->len, &m6es);
	assert(r == 0);

	assert(!memcmp(expected->r_snonce2, m6es.r_snonce2, 16));
	assert(!memcmp(expected->authenticator, m6es.authenticator, 8));
}

static void wsc_test_build_m6_encrypted_settings(const void *data)
{
	const struct m6_encrypted_settings_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m6_encrypted_settings(&test->expected, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m7[] = {
	0x01, 0x00, 0x00, 0x86, 0x02, 0xaa, 0x00, 0x86, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x0b, 0x10, 0x39, 0x00, 0x10, 0x67, 0xa5, 0x53, 0x61,
	0xee, 0x72, 0xc2, 0x21, 0x48, 0x78, 0xc5, 0x70, 0x89, 0x9f, 0xf2, 0xa0,
	0x10, 0x18, 0x00, 0x40, 0x4e, 0x3a, 0x4c, 0xf0, 0x88, 0x17, 0x69, 0x89,
	0xe1, 0x48, 0xd4, 0xc1, 0x0b, 0x96, 0xe8, 0xfd, 0x1e, 0x9b, 0xf4, 0xc0,
	0x74, 0xcc, 0xa2, 0xeb, 0x87, 0x58, 0xc9, 0x42, 0xd1, 0xf3, 0x89, 0xe2,
	0x27, 0x13, 0xfe, 0x40, 0x10, 0x45, 0x51, 0xfd, 0xc2, 0x1f, 0xe6, 0x60,
	0x84, 0xc2, 0x8f, 0x9d, 0x43, 0xbc, 0x03, 0xf3, 0x0a, 0x64, 0x8f, 0x18,
	0xe9, 0x96, 0x0f, 0x9e, 0xeb, 0x52, 0x73, 0x70, 0x10, 0x49, 0x00, 0x06,
	0x00, 0x37, 0x2a, 0x00, 0x01, 0x20, 0x10, 0x05, 0x00, 0x08, 0x05, 0x05,
	0x2f, 0x5f, 0x3c, 0x42, 0xf8, 0xa6,
};

struct m7_data {
	struct wsc_m7 expected;
	const uint8_t *expected_encrypted;
	size_t expected_encrypted_size;
	const void *pdu;
	unsigned int len;
};

static const struct m7_data m7_data_1 = {
	.pdu = eap_wsc_m7 + 18,
	.len = sizeof(eap_wsc_m7) - 18,
	.expected = {
		.version2 = true,
		.registrar_nonce = { 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2,
					0x21, 0x48, 0x78, 0xc5, 0x70, 0x89,
					0x9f, 0xf2, 0xa0 },
		.authenticator = { 0x05, 0x05, 0x2f, 0x5f, 0x3c, 0x42,
					0xf8, 0xa6 },
	},
	.expected_encrypted = eap_wsc_m7 + 52,
	.expected_encrypted_size = 64,
};

static void wsc_test_parse_m7(const void *data)
{
	const struct m7_data *test = data;
	struct wsc_m7 m7;
	const struct wsc_m7 *expected = &test->expected;
	struct iovec encrypted;
	int r;

	r = wsc_parse_m7(test->pdu, test->len, &m7, &encrypted);
	assert(r == 0);

	assert(expected->version2 == m7.version2);
	assert(!memcmp(expected->registrar_nonce, m7.registrar_nonce, 16));
	assert(!memcmp(expected->authenticator, m7.authenticator, 8));

	assert(test->expected_encrypted_size == encrypted.iov_len);
	assert(!memcmp(test->expected_encrypted,
					encrypted.iov_base, encrypted.iov_len));
}

static void wsc_test_build_m7(const void *data)
{
	const struct m7_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m7(&test->expected, test->expected_encrypted,
				test->expected_encrypted_size, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_m8[] = {
	0x01, 0x00, 0x00, 0xcc, 0x01, 0xab, 0x00, 0xcc, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x04, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x0c, 0x10, 0x1a, 0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25,
	0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43,
	0x10, 0x18, 0x00, 0x90, 0x7e, 0x2f, 0x4a, 0xae, 0x60, 0x1e, 0x54, 0x75,
	0x3b, 0x6e, 0xfc, 0x0a, 0x84, 0xdb, 0xae, 0x62, 0x74, 0xf4, 0xe5, 0xe0,
	0xf2, 0xc5, 0xf1, 0x78, 0xc0, 0x76, 0x4d, 0xc4, 0x08, 0x6d, 0xd5, 0xb7,
	0xa2, 0x74, 0x18, 0x26, 0xee, 0x01, 0xe4, 0x3d, 0x5f, 0x44, 0xca, 0x93,
	0xad, 0x07, 0xc7, 0xa5, 0xcf, 0xf1, 0xb9, 0xb9, 0x68, 0xf1, 0x15, 0xa9,
	0xbc, 0x66, 0x7f, 0x03, 0xa1, 0x84, 0x80, 0x78, 0x71, 0x13, 0x09, 0xaa,
	0x74, 0x60, 0xa2, 0x0f, 0x49, 0x4a, 0x8b, 0x8f, 0xd9, 0xab, 0x07, 0x5f,
	0x79, 0xc1, 0xb2, 0x22, 0x16, 0xc7, 0x05, 0xf8, 0xe8, 0x3e, 0x46, 0x26,
	0x9a, 0xc5, 0x01, 0xfe, 0xa2, 0x15, 0x1c, 0xbe, 0x97, 0x87, 0xc8, 0x83,
	0xb9, 0xf2, 0x89, 0x82, 0xb8, 0xe0, 0x46, 0x08, 0xb1, 0xbd, 0x1d, 0xe8,
	0x9f, 0x1d, 0x50, 0xbd, 0x79, 0x2c, 0xa7, 0xf7, 0xe7, 0x34, 0xf4, 0x7c,
	0x28, 0xa4, 0x9a, 0x42, 0x6e, 0x94, 0x88, 0x78, 0x28, 0xfd, 0xea, 0xdf,
	0x13, 0x5c, 0x66, 0x79, 0x10, 0x05, 0x00, 0x08, 0xba, 0x2b, 0xfc, 0x68,
	0x49, 0x8e, 0x88, 0xfa,
};

struct m8_data {
	struct wsc_m8 expected;
	const uint8_t *expected_encrypted;
	size_t expected_encrypted_size;
	const void *pdu;
	unsigned int len;
};

static const struct m8_data m8_data_1 = {
	.pdu = eap_wsc_m8 + 18,
	.len = sizeof(eap_wsc_m8) - 18,
	.expected = {
		.version2 = false,
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.authenticator = { 0xba, 0x2b, 0xfc, 0x68, 0x49, 0x8e,
					0x88, 0xfa },

	},
	.expected_encrypted = eap_wsc_m8 + 52,
	.expected_encrypted_size = 144,
};

static void wsc_test_parse_m8(const void *data)
{
	const struct m8_data *test = data;
	struct wsc_m8 m8;
	const struct wsc_m8 *expected = &test->expected;
	struct iovec encrypted;
	int r;

	r = wsc_parse_m8(test->pdu, test->len, &m8, &encrypted);
	assert(r == 0);

	assert(expected->version2 == m8.version2);
	assert(!memcmp(expected->enrollee_nonce, m8.enrollee_nonce, 16));
	assert(!memcmp(expected->authenticator, m8.authenticator, 8));

	assert(test->expected_encrypted_size == encrypted.iov_len);
	assert(!memcmp(test->expected_encrypted,
					encrypted.iov_base, encrypted.iov_len));
}

static void wsc_test_build_m8(const void *data)
{
	const struct m8_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m8(&test->expected, test->expected_encrypted,
				test->expected_encrypted_size, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char m8_encrypted_settings[] = {
	0x10, 0x0e, 0x00, 0x6a, 0x10, 0x26, 0x00, 0x01, 0x01, 0x10, 0x45, 0x00,
	0x07, 0x54, 0x65, 0x73, 0x74, 0x57, 0x50, 0x41, 0x10, 0x03, 0x00, 0x02,
	0x00, 0x20, 0x10, 0x0f, 0x00, 0x02, 0x00, 0x08, 0x10, 0x27, 0x00, 0x40,
	0x34, 0x36, 0x30, 0x34, 0x44, 0x30, 0x31, 0x46, 0x46, 0x44, 0x42, 0x30,
	0x42, 0x32, 0x39, 0x32, 0x45, 0x33, 0x37, 0x37, 0x33, 0x32, 0x44, 0x44,
	0x34, 0x45, 0x31, 0x31, 0x43, 0x32, 0x34, 0x30, 0x31, 0x31, 0x35, 0x34,
	0x32, 0x38, 0x39, 0x41, 0x30, 0x39, 0x41, 0x33, 0x33, 0x41, 0x44, 0x37,
	0x30, 0x34, 0x31, 0x37, 0x37, 0x41, 0x42, 0x30, 0x44, 0x31, 0x42, 0x37,
	0x35, 0x38, 0x44, 0x30, 0x10, 0x20, 0x00, 0x06, 0xa0, 0xa8, 0xcd, 0x1c,
	0x7e, 0xc9, 0x10, 0x1e, 0x00, 0x08, 0xe8, 0x3b, 0x3b, 0xe7, 0x9e, 0x72,
	0x06, 0x46,
};

struct wsc_credential creds_1[1] = {
	{
		.ssid = "TestWPA",
		.ssid_len = 7,
		.auth_type = WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL,
		.encryption_type = WSC_ENCRYPTION_TYPE_AES,
		.network_key = { 0x34, 0x36, 0x30, 0x34, 0x44, 0x30, 0x31, 0x46,
			0x46, 0x44, 0x42, 0x30, 0x42, 0x32, 0x39, 0x32, 0x45,
			0x33, 0x37, 0x37, 0x33, 0x32, 0x44, 0x44, 0x34, 0x45,
			0x31, 0x31, 0x43, 0x32, 0x34, 0x30, 0x31, 0x31, 0x35,
			0x34, 0x32, 0x38, 0x39, 0x41, 0x30, 0x39, 0x41, 0x33,
			0x33, 0x41, 0x44, 0x37, 0x30, 0x34, 0x31, 0x37, 0x37,
			0x41, 0x42, 0x30, 0x44, 0x31, 0x42, 0x37, 0x35, 0x38,
			0x44, 0x30 },
		.network_key_len = 64,
		.addr = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 },
	},
};

struct m8_encrypted_settings_data {
	struct wsc_m8_encrypted_settings expected;
	struct wsc_credential *creds;
	unsigned int n_creds;
	const void *pdu;
	unsigned int len;
};

static const struct m8_encrypted_settings_data m8_encrypted_settings_data_1 = {
	.pdu = m8_encrypted_settings,
	.len = sizeof(m8_encrypted_settings),
	.creds = creds_1,
	.n_creds = 1,
	.expected = {
		.authenticator = { 0xe8, 0x3b, 0x3b, 0xe7, 0x9e, 0x72,
					0x06, 0x46 },
	},
};

static void wsc_test_parse_m8_encrypted_settings(const void *data)
{
	const struct m8_encrypted_settings_data *test = data;
	struct wsc_m8_encrypted_settings m8es;
	const struct wsc_m8_encrypted_settings *expected = &test->expected;
	struct iovec creds[10];
	size_t n_creds = 10;
	size_t i;
	int r;

	r = wsc_parse_m8_encrypted_settings(test->pdu, test->len, &m8es,
							creds, &n_creds);
	assert(r == 0);

	assert(expected->new_password_len == m8es.new_password_len);

	if (m8es.new_password_len > 0) {
		assert(!memcmp(expected->new_password, m8es.new_password,
					m8es.new_password_len));
		assert(expected->device_password_id == m8es.device_password_id);
	}

	assert(n_creds == test->n_creds);

	for (i = 0; i < n_creds; i++) {
		struct wsc_credential cred;

		assert(!wsc_parse_credential(creds[i].iov_base,
						creds[i].iov_len,
						&cred));

		assert(test->creds[i].ssid_len == cred.ssid_len);
		assert(!memcmp(test->creds[i].ssid, cred.ssid, cred.ssid_len));
		assert(test->creds[i].auth_type == cred.auth_type);
		assert(test->creds[i].encryption_type == cred.encryption_type);
		assert(test->creds[i].network_key_len == cred.network_key_len);
		assert(!memcmp(test->creds[i].network_key, cred.network_key,
							cred.network_key_len));
		assert(!memcmp(test->creds[i].addr, cred.addr, 6));
	}

	assert(!memcmp(expected->authenticator, m8es.authenticator, 8));
}

static void wsc_test_build_m8_encrypted_settings(const void *data)
{
	const struct m8_encrypted_settings_data *test = data;
	uint8_t *out;
	size_t out_len;

	out = wsc_build_m8_encrypted_settings(&test->expected, test->creds,
						test->n_creds, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const unsigned char eap_wsc_done[] = {
	0x01, 0x00, 0x00, 0x4a, 0x02, 0xab, 0x00, 0x4a, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x05, 0x00, 0x10, 0x4a, 0x00, 0x01, 0x10, 0x10,
	0x22, 0x00, 0x01, 0x0f, 0x10, 0x1a, 0x00, 0x10, 0x19, 0x8d, 0x0d, 0x25,
	0x91, 0x2c, 0x37, 0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1, 0x25, 0xd7, 0x43,
	0x10, 0x39, 0x00, 0x10, 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2, 0x21,
	0x48, 0x78, 0xc5, 0x70, 0x89, 0x9f, 0xf2, 0xa0, 0x10, 0x49, 0x00, 0x06,
	0x00, 0x37, 0x2a, 0x00, 0x01, 0x20,
};

struct wsc_done_data {
	struct wsc_done expected;
	const void *pdu;
	unsigned int len;
};

static const struct wsc_done_data wsc_done_data_1 = {
	.pdu = eap_wsc_done + 18,
	.len = sizeof(eap_wsc_done) - 18,
	.expected = {
		.version2 = true,
		.enrollee_nonce = { 0x19, 0x8d, 0x0d, 0x25, 0x91, 0x2c, 0x37,
					0x1c, 0xeb, 0x07, 0x89, 0x33, 0xe1,
					0x25, 0xd7, 0x43 },
		.registrar_nonce = { 0x67, 0xa5, 0x53, 0x61, 0xee, 0x72, 0xc2,
					0x21, 0x48, 0x78, 0xc5, 0x70, 0x89,
					0x9f, 0xf2, 0xa0 },
	},
};

static void wsc_test_parse_wsc_done(const void *data)
{
	const struct wsc_done_data *test = data;
	struct wsc_done done;
	const struct wsc_done *expected = &test->expected;
	int r;

	r = wsc_parse_wsc_done(test->pdu, test->len, &done);
	assert(r == 0);

	assert(expected->version2 == done.version2);
	assert(!memcmp(expected->enrollee_nonce, done.enrollee_nonce, 16));
	assert(!memcmp(expected->registrar_nonce, done.registrar_nonce, 16));
}

static void wsc_test_build_wsc_done(const void *data)
{
	const struct wsc_done_data *test = data;
	struct wsc_done done;
	uint8_t *out;
	size_t out_len;

	memcpy(&done, &test->expected, sizeof(done));

	out = wsc_build_wsc_done(&done, &out_len);
	assert(out);

	assert(out_len == test->len);
	assert(!memcmp(test->pdu, out, test->len));

	l_free(out);
}

static const uint8_t eap_identity_req[] = {
	0x01, 0x00, 0x00, 0x05, 0x01, 0x00, 0x00, 0x05, 0x01
};

static const uint8_t eap_identity_resp[] = {
	0x01, 0x00, 0x00, 0x22, 0x02, 0x00, 0x00, 0x22,
	0x01, 0x57, 0x46, 0x41, 0x2d, 0x53, 0x69, 0x6d,
	0x70, 0x6c, 0x65, 0x43, 0x6f, 0x6e, 0x66, 0x69,
	0x67, 0x2d, 0x45, 0x6e, 0x72, 0x6f, 0x6c, 0x6c,
	0x65, 0x65, 0x2d, 0x31, 0x2d, 0x30,
};

static const uint8_t eap_wsc_start[] = {
	0x01, 0x00, 0x00, 0x0e, 0x01, 0x01, 0x00, 0x0e, 0xfe, 0x00, 0x37, 0x2a,
	0x00, 0x00, 0x00, 0x01, 0x01, 0x00,
};

static const uint8_t eap_fail[] = {
	0x01, 0x00, 0x00, 0x04, 0x04, 0xab, 0x00, 0x04,
};

struct verify_data {
	bool response_sent;
	bool eapol_failed;
	const void *expected;
	size_t expected_len;
	struct wsc_credential *expected_creds;
	unsigned int n_creds;
	unsigned int cur_cred;
};

#define VERIFY_RESET(verify, e)				\
	verify.response_sent = false;			\
	verify.expected = e;				\
	verify.expected_len = sizeof(e)

static void verify_handshake_event(struct handshake_state *hs,
					enum handshake_event event,
					void *user_data, ...)
{
	struct verify_data *data = user_data;
	va_list args;

	va_start(args, user_data);

	switch (event) {
	case HANDSHAKE_EVENT_FAILED:
		assert(va_arg(args, int) == MMPDU_REASON_CODE_IEEE8021X_FAILED);
		data->eapol_failed = true;
		break;
	case HANDSHAKE_EVENT_EAP_NOTIFY:
	{
		const struct wsc_credential *cred;

		assert(va_arg(args, unsigned int) ==
			EAP_WSC_EVENT_CREDENTIAL_OBTAINED);

		cred = va_arg(args, const struct wsc_credential *);
		assert(!memcmp(cred, data->expected_creds + data->cur_cred,
						sizeof(struct wsc_credential)));

		data->cur_cred += 1;
		break;
	}
	default:
		break;
	}

	va_end(args);
}

static int verify_8021x(uint32_t ifindex,
			const uint8_t *aa_addr, uint16_t proto,
			const struct eapol_frame *ef, bool noencrypt,
			void *user_data)
{
	struct verify_data *data = user_data;
	size_t len = sizeof(struct eapol_header) +
		L_BE16_TO_CPU(ef->header.packet_len);

	assert(len == data->expected_len);
	assert(!memcmp(ef, data->expected, data->expected_len));

	data->response_sent = true;

	return 0;
}

static void wsc_test_pbc_handshake(const void *data)
{
	static uint8_t ap_address[] = { 0x24, 0xa2, 0xe1, 0xec, 0x17, 0x04 };
	static uint8_t sta_address[] = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 };
	struct verify_data verify;
	struct handshake_state *hs;
	struct eapol_sm *sm;
	struct l_settings *settings;

	eap_init();
	eapol_init();

	hs = test_handshake_state_new(1);
	sm = eapol_sm_new(hs);
	eapol_register(sm);

	handshake_state_set_authenticator_address(hs, ap_address);
	handshake_state_set_supplicant_address(hs, sta_address);
	handshake_state_set_event_func(hs, verify_handshake_event, &verify);

	__eapol_set_tx_packet_func(verify_8021x);
	__eapol_set_tx_user_data(&verify);

	settings = l_settings_new();
	l_settings_set_string(settings, "Security", "EAP-Identity",
					"WFA-SimpleConfig-Enrollee-1-0");
	l_settings_set_string(settings, "Security", "EAP-Method", "WSC");

	l_settings_set_uint(settings, "WSC", "RFBand", WSC_RF_BAND_2_4_GHZ);
	l_settings_set_uint(settings, "WSC", "ConfigurationMethods",
				WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_KEYPAD |
				WSC_CONFIGURATION_METHOD_DISPLAY |
				WSC_CONFIGURATION_METHOD_NFC_INTERFACE);
	l_settings_set_string(settings, "WSC", "PrimaryDeviceType",
					"0-00000000-0");
	l_settings_set_string(settings, "WSC", "EnrolleeMAC",
					util_address_to_string(sta_address));
	l_settings_set_bytes(settings, "WSC", "EnrolleeNonce",
				m1_data_2.expected.enrollee_nonce, 16);
	l_settings_set_bytes(settings, "WSC", "PrivateKey",
				m1_data_2.private_key,
				m1_data_2.private_key_size);
	l_settings_set_string(settings, "WSC", "E-SNonce1",
					"fdbb480ee6f572f3591cc3b364f2185b");
	l_settings_set_string(settings, "WSC", "E-SNonce2",
					"c12698739faf385920ba659d524c71c9");
	l_settings_set_string(settings, "WSC", "IV1",
					"9a31f84b4672f2ccf63c845eed3464ec");
	l_settings_set_string(settings, "WSC", "IV2",
					"4e3a4cf088176989e148d4c10b96e8fd");

	handshake_state_set_8021x_config(hs, settings);
	eapol_start(sm);

	l_settings_free(settings);

	VERIFY_RESET(verify, eap_identity_resp);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_identity_req,
					sizeof(eap_identity_req), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m1_2);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_start,
						sizeof(eap_wsc_start), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m3);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m2_2,
						sizeof(eap_wsc_m2_2), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m5);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m4,
						sizeof(eap_wsc_m4), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m7);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m6,
						sizeof(eap_wsc_m6), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_done);
	verify.expected_creds = creds_1;
	verify.n_creds = 1;
	verify.cur_cred = 0;
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m8,
						sizeof(eap_wsc_m8), false);
	assert(verify.response_sent);
	assert(verify.cur_cred == 1);

	__eapol_rx_packet(1, ap_address, ETH_P_PAE,
					eap_fail, sizeof(eap_fail), false);
	assert(verify.eapol_failed);

	handshake_state_free(hs);
	eapol_exit();
	eap_exit();
}

static void wsc_test_retransmission_no_fragmentation(const void *data)
{
	static uint8_t ap_address[] = { 0x24, 0xa2, 0xe1, 0xec, 0x17, 0x04 };
	static uint8_t sta_address[] = { 0xa0, 0xa8, 0xcd, 0x1c, 0x7e, 0xc9 };
	struct verify_data verify;
	struct handshake_state *hs;
	struct eapol_sm *sm;
	struct l_settings *settings;

	eap_init();
	eapol_init();

	hs = test_handshake_state_new(1);
	sm = eapol_sm_new(hs);
	eapol_register(sm);

	handshake_state_set_authenticator_address(hs, ap_address);
	handshake_state_set_supplicant_address(hs, sta_address);
	handshake_state_set_event_func(hs, verify_handshake_event, &verify);

	__eapol_set_tx_packet_func(verify_8021x);
	__eapol_set_tx_user_data(&verify);

	settings = l_settings_new();
	l_settings_set_string(settings, "Security", "EAP-Identity",
					"WFA-SimpleConfig-Enrollee-1-0");
	l_settings_set_string(settings, "Security", "EAP-Method", "WSC");

	l_settings_set_uint(settings, "WSC", "RFBand", WSC_RF_BAND_2_4_GHZ);
	l_settings_set_uint(settings, "WSC", "ConfigurationMethods",
				WSC_CONFIGURATION_METHOD_VIRTUAL_DISPLAY_PIN |
				WSC_CONFIGURATION_METHOD_KEYPAD |
				WSC_CONFIGURATION_METHOD_DISPLAY |
				WSC_CONFIGURATION_METHOD_NFC_INTERFACE);
	l_settings_set_string(settings, "WSC", "PrimaryDeviceType",
					"0-00000000-0");
	l_settings_set_string(settings, "WSC", "EnrolleeMAC",
					util_address_to_string(sta_address));
	l_settings_set_bytes(settings, "WSC", "EnrolleeNonce",
				m1_data_2.expected.enrollee_nonce, 16);
	l_settings_set_bytes(settings, "WSC", "PrivateKey",
				m1_data_2.private_key,
				m1_data_2.private_key_size);
	l_settings_set_string(settings, "WSC", "E-SNonce1",
					"fdbb480ee6f572f3591cc3b364f2185b");
	l_settings_set_string(settings, "WSC", "E-SNonce2",
					"c12698739faf385920ba659d524c71c9");
	l_settings_set_string(settings, "WSC", "IV1",
					"9a31f84b4672f2ccf63c845eed3464ec");
	l_settings_set_string(settings, "WSC", "IV2",
					"4e3a4cf088176989e148d4c10b96e8fd");

	handshake_state_set_8021x_config(hs, settings);
	eapol_start(sm);

	l_settings_free(settings);

	VERIFY_RESET(verify, eap_identity_resp);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_identity_req,
					sizeof(eap_identity_req), false);
	assert(verify.response_sent);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_identity_req,
					sizeof(eap_identity_req), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m1_2);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_start,
						sizeof(eap_wsc_start), false);
	assert(verify.response_sent);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_start,
						sizeof(eap_wsc_start), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m3);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m2_2,
						sizeof(eap_wsc_m2_2), false);
	assert(verify.response_sent);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m2_2,
						sizeof(eap_wsc_m2_2), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m3);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m2_2,
						sizeof(eap_wsc_m2_2), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m5);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m4,
						sizeof(eap_wsc_m4), false);
	assert(verify.response_sent);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m4,
						sizeof(eap_wsc_m4), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_m7);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m6,
						sizeof(eap_wsc_m6), false);
	assert(verify.response_sent);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m6,
						sizeof(eap_wsc_m6), false);
	assert(verify.response_sent);

	VERIFY_RESET(verify, eap_wsc_done);
	verify.expected_creds = creds_1;
	verify.n_creds = 1;
	verify.cur_cred = 0;
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_wsc_m8,
						sizeof(eap_wsc_m8), false);
	assert(verify.response_sent);
	assert(verify.cur_cred == 1);

	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_fail,
						sizeof(eap_fail), false);
	assert(verify.eapol_failed);
	__eapol_rx_packet(1, ap_address, ETH_P_PAE, eap_fail,
						sizeof(eap_fail), false);
	assert(verify.eapol_failed);

	handshake_state_free(hs);
	eapol_exit();
	eap_exit();
}

static void wsc_test_pin_valid(const void *data)
{
	assert(wsc_pin_is_valid("1234"));
	assert(wsc_pin_is_valid("12345678"));
	assert(!wsc_pin_is_valid(""));
	assert(!wsc_pin_is_valid("123456789"));
	assert(!wsc_pin_is_valid("abcdefgh"));
}

static void wsc_test_pin_checksum(const void *data)
{
	assert(!wsc_pin_is_checksum_valid("12345671"));
	assert(wsc_pin_is_checksum_valid("12345670"));
	assert(wsc_pin_is_checksum_valid("24681353"));
}

static void wsc_test_pin_generate(const void *data)
{
	int i;
	char pin[9];

	for (i = 0; i < 1000; i++) {
		assert(wsc_pin_generate(pin));
		assert(wsc_pin_is_valid(pin));
		assert(wsc_pin_is_checksum_valid(pin));
	}
}

struct test_ap_sta_data {
	struct handshake_state *ap_hs;
	struct handshake_state *sta_hs;
	const uint8_t ap_address[6];
	const uint8_t sta_address[6];

	uint8_t to_sta_data[1024];
	int to_sta_data_len;
	int to_sta_msg_cnt;
	int to_ap_msg_cnt;
	struct eapol_sm *ap_sm;
	struct eapol_sm *sta_sm;
};

static int test_ap_sta_eapol_tx(uint32_t ifindex,
					const uint8_t *dest, uint16_t proto,
					const struct eapol_frame *ef,
					bool noencrypt, void *user_data)
{
	struct test_ap_sta_data *s = user_data;
	size_t len = sizeof(struct eapol_header) +
		L_BE16_TO_CPU(ef->header.packet_len);

	assert(ifindex == s->ap_hs->ifindex || ifindex == s->sta_hs->ifindex);
	assert(proto == ETH_P_PAE && !noencrypt);

	if (ifindex == s->ap_hs->ifindex) {	/* From AP to STA */
		assert(!memcmp(dest, s->sta_address, 6));
		assert(len < sizeof(s->to_sta_data));
		memcpy(s->to_sta_data, ef, len);
		s->to_sta_data_len = len;
		s->to_sta_msg_cnt++;
		return 0;
	}

	/* From STA to AP */
	assert(!memcmp(dest, s->ap_address, 6));
	s->to_ap_msg_cnt++;
	__eapol_rx_packet(1, s->sta_address, proto, (const void *) ef, len,
				noencrypt);
	return 0;
}

static void test_ap_sta_run(struct test_ap_sta_data *s)
{
	eap_init();
	eapol_init();
	__eapol_set_tx_packet_func(test_ap_sta_eapol_tx);
	__eapol_set_tx_user_data(s);

	s->to_sta_msg_cnt = 0;
	s->to_ap_msg_cnt = 0;
	s->to_sta_data_len = 0;

	s->ap_sm = eapol_sm_new(s->ap_hs);
	eapol_register(s->ap_sm);

	s->sta_sm = eapol_sm_new(s->sta_hs);
	eapol_register(s->sta_sm);

	eapol_start(s->sta_sm);
	eapol_start(s->ap_sm);

	while (s->to_sta_data_len) {
		int len = s->to_sta_data_len;
		s->to_sta_data_len = 0;
		__eapol_rx_packet(s->sta_hs->ifindex, s->ap_address, ETH_P_PAE,
					s->to_sta_data, len, false);
	}

	eapol_exit();
	eap_exit();
}

struct test_ap_sta_hs {
	struct handshake_state super;
	struct test_ap_sta_data *s;
};

static struct handshake_state *test_ap_sta_hs_new(struct test_ap_sta_data *s,
							uint32_t ifindex)
{
	struct test_ap_sta_hs *ths = l_new(struct test_ap_sta_hs, 1);

	ths->super.ifindex = ifindex;
	ths->super.free = (void (*)(struct handshake_state *s)) l_free;
	ths->s = s;

	return &ths->super;
}

static bool random_nonce(uint8_t nonce[])
{
	return l_getrandom(nonce, 32);
}

static void test_ap_sta_install_tk(struct handshake_state *hs, uint8_t key_idx,
					const uint8_t *tk, uint32_t cipher)
{
	assert(false);
}

struct wsc_r_test_success_data {
	bool credentials_obtained;
	bool credentials_sent;
	bool ap_eap_failed;
	bool sta_eap_failed;
	struct test_ap_sta_data *s;
	struct wsc_credential expected_creds;
};

static void test_ap_sta_hs_event_ap(struct handshake_state *hs,
				enum handshake_event event,
				void *user_data, ...)
{
	struct wsc_r_test_success_data *data = user_data;
	va_list args;

	va_start(args, user_data);

	switch (event) {
	case HANDSHAKE_EVENT_EAP_NOTIFY:
		assert(va_arg(args, unsigned int) ==
			EAP_WSC_EVENT_CREDENTIAL_SENT);
		assert(!data->credentials_sent);
		assert(!data->ap_eap_failed);
		data->credentials_sent = true;
		break;
	case HANDSHAKE_EVENT_FAILED:
		assert(va_arg(args, int) ==
			MMPDU_REASON_CODE_IEEE8021X_FAILED);
		assert(!data->ap_eap_failed);
		data->ap_eap_failed = true;
		data->s->ap_sm = NULL;
		break;
	default:
		break;
	}

	va_end(args);
}

static void test_ap_sta_hs_event_sta(struct handshake_state *hs,
				enum handshake_event event,
				void *user_data, ...)
{
	struct wsc_r_test_success_data *data = user_data;
	va_list args;

	va_start(args, user_data);

	switch (event) {
	case HANDSHAKE_EVENT_EAP_NOTIFY:
	{
		unsigned int eap_event = va_arg(args, unsigned int);
		const struct wsc_credential *cred;

		assert(eap_event == EAP_WSC_EVENT_CREDENTIAL_OBTAINED);
		cred = va_arg(args, const struct wsc_credential *);
		assert(!memcmp(cred, &data->expected_creds, sizeof(*cred)));
		assert(!data->credentials_obtained);
		assert(!data->sta_eap_failed);
		data->credentials_obtained = true;
		break;
	}
	case HANDSHAKE_EVENT_FAILED:
		assert(va_arg(args, int) ==
			MMPDU_REASON_CODE_IEEE8021X_FAILED);
		assert(!data->sta_eap_failed);
		data->sta_eap_failed = true;
		data->s->sta_sm = NULL;
		break;
	default:
		break;
	}

	va_end(args);
}

static void wsc_r_test_pbc_handshake(const void *data)
{
	static const unsigned char ap_rsne[] = {
		0x30, 0x12, 0x01, 0x00, 0x00, 0x0f, 0xac, 0x04,
		0x01, 0x00, 0x00, 0x0f, 0xac, 0x04, 0x01, 0x00,
		0x00, 0x0f, 0xac, 0x02 };
	static const char *ssid = "TestWPA2EAP";
	static const char *ap_8021x_str = "[Security]\n"
		"EAP-Method=WSC-R\n"
		"[WSC]\n"
		"UUID-R=00112233445566778899aabbccddeeff\n"
		"RFBand=1\n"
		"ConfigurationMethods=0x680\n";
	static const char *sta_8021x_str = "[Security]\n"
		"EAP-Identity=WFA-SimpleConfig-Enrollee-1-0\n"
		"EAP-Method=WSC\n"
		"[WSC]\n"
		"RFBand=1\n"
		"ConfigurationMethods=0x680\n";
	struct l_settings *ap_8021x_settings = l_settings_new();
	struct l_settings *sta_8021x_settings = l_settings_new();
	struct test_ap_sta_data s = {
		.ap_hs = test_ap_sta_hs_new(&s, 1),
		.sta_hs = test_ap_sta_hs_new(&s, 2),
		.ap_address = { 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 },
		.sta_address = { 0x02, 0x03, 0x04, 0x05, 0x06, 0x08 },
	};
	const struct wsc_credential *expected_creds = data;
	struct wsc_r_test_success_data wsc_data = {
		.s = &s,
		.expected_creds = *expected_creds,
	};
	uint8_t uuid_e[16];
	char ssid_str[33];

	wsc_uuid_from_addr(s.sta_address, uuid_e);

	memcpy(wsc_data.expected_creds.addr, s.sta_address, 6);
	memset(wsc_data.expected_creds.ssid + expected_creds->ssid_len, 0,
		sizeof(expected_creds->ssid) - expected_creds->ssid_len);
	memset(wsc_data.expected_creds.network_key +
		expected_creds->network_key_len, 0,
		sizeof(expected_creds->network_key) -
		expected_creds->network_key_len);

	memcpy(ssid_str, expected_creds->ssid, expected_creds->ssid_len);
	ssid_str[expected_creds->ssid_len] = '\0';

	l_settings_load_from_data(ap_8021x_settings, ap_8021x_str,
					strlen(ap_8021x_str));
	l_settings_set_string(ap_8021x_settings, "WSC", "EnrolleeMAC",
				util_address_to_string(s.sta_address));
	l_settings_set_bytes(ap_8021x_settings, "WSC", "UUID-E", uuid_e, 16);

	if (expected_creds->auth_type == WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL) {
		l_settings_set_string(ap_8021x_settings, "WSC",
					"WPA2-SSID", ssid_str);

		if (expected_creds->network_key_len < 64)
			l_settings_set_string(ap_8021x_settings, "WSC",
					"WPA2-Passphrase", (char *)
					wsc_data.expected_creds.network_key);
		else {
			char psk_str[65];

			/*
			 * The PSK is 32-byte long but the setting value is
			 * a hexstring, same as what we expect to receive in
			 * the raw wsc_credential.network_key data.
			 */
			memcpy(psk_str, expected_creds->network_key, 64);
			psk_str[64] = '\0';
			l_settings_set_string(ap_8021x_settings, "WSC",
						"WPA2-PSK", psk_str);
		}
	} else
		l_settings_set_string(ap_8021x_settings, "WSC",
					"Open-SSID", ssid_str);

	__handshake_set_get_nonce_func(random_nonce);
	__handshake_set_install_tk_func(test_ap_sta_install_tk);
	__handshake_set_install_gtk_func(NULL);

	handshake_state_set_authenticator(s.ap_hs, true);
	handshake_state_set_event_func(s.ap_hs, test_ap_sta_hs_event_ap,
					&wsc_data);
	handshake_state_set_authenticator_address(s.ap_hs, s.ap_address);
	handshake_state_set_supplicant_address(s.ap_hs, s.sta_address);
	handshake_state_set_authenticator_ie(s.ap_hs, ap_rsne);
	handshake_state_set_ssid(s.ap_hs, (void *) ssid, strlen(ssid));
	handshake_state_set_8021x_config(s.ap_hs, ap_8021x_settings);

	handshake_state_set_authenticator(s.sta_hs, false);
	handshake_state_set_event_func(s.sta_hs, test_ap_sta_hs_event_sta,
					&wsc_data);
	handshake_state_set_authenticator_address(s.sta_hs, s.ap_address);
	handshake_state_set_supplicant_address(s.sta_hs, s.sta_address);
	handshake_state_set_authenticator_ie(s.sta_hs, ap_rsne);
	handshake_state_set_ssid(s.sta_hs, (void *) ssid, strlen(ssid));
	l_settings_load_from_data(sta_8021x_settings, sta_8021x_str,
					strlen(sta_8021x_str));
	l_settings_set_string(sta_8021x_settings, "WSC", "EnrolleeMAC",
				util_address_to_string(s.sta_address));
	handshake_state_set_8021x_config(s.sta_hs, sta_8021x_settings);

	test_ap_sta_run(&s);

	handshake_state_free(s.ap_hs);
	handshake_state_free(s.sta_hs);
	__handshake_set_install_tk_func(NULL);
	l_settings_free(ap_8021x_settings);
	l_settings_free(sta_8021x_settings);

	assert(wsc_data.sta_eap_failed && wsc_data.credentials_obtained);
	assert(wsc_data.ap_eap_failed && wsc_data.credentials_sent);
}

struct wsc_credential wsc_r_test_wpa2_cred_passphrase = {
	.ssid_len = 7,
	.ssid = "thessid",
	.auth_type = WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL,
	.network_key_len = 12,
	.network_key = "secretsecret",
	.encryption_type = WSC_ENCRYPTION_TYPE_AES_TKIP,
};

struct wsc_credential wsc_r_test_wpa2_cred_psk = {
	.ssid_len = 7,
	.ssid = "thessid",
	.auth_type = WSC_AUTHENTICATION_TYPE_WPA2_PERSONAL,
	.network_key_len = 64,
	.network_key = "2aacd631143bbc2d83fabf3febed3c45"
		"6ea9f7539a1692ffb416c41cfee0c96f",
	.encryption_type = WSC_ENCRYPTION_TYPE_AES_TKIP,
};

struct wsc_credential wsc_r_test_open_cred = {
	.ssid_len = 7,
	.ssid = "thessid",
	.auth_type = WSC_AUTHENTICATION_TYPE_OPEN,
	.network_key_len = 0,
	.encryption_type = WSC_ENCRYPTION_TYPE_NONE,
};

int main(int argc, char *argv[])
{
	l_test_init(&argc, &argv);

	l_test_add("/wsc/iter/sanity-check", wsc_test_iter_sanity_check, NULL);

	l_test_add("/wsc/parse/beacon 1", wsc_test_parse_beacon,
					&beacon_data_1);

	l_test_add("/wsc/parse/probe response 1", wsc_test_parse_probe_response,
					&probe_response_data_1);

	l_test_add("/wsc/parse/probe request 1", wsc_test_parse_probe_request,
					&probe_request_data_1);

	l_test_add("/wsc/build/probe request 1", wsc_test_build_probe_request,
					&probe_request_data_1);

	l_test_add("/wsc/pin/valid pin", wsc_test_pin_valid, NULL);
	l_test_add("/wsc/pin/valid checksum", wsc_test_pin_checksum, NULL);

	if (l_getrandom_is_supported())
		l_test_add("/wsc/pin/generate", wsc_test_pin_generate, NULL);

	l_test_add("/wsc/gen_uuid/1", wsc_test_uuid_from_addr,
					&uuid_from_addr_data_1);

	l_test_add("/wsc/parse/m1 1", wsc_test_parse_m1, &m1_data_1);
	l_test_add("/wsc/parse/m1 2", wsc_test_parse_m1, &m1_data_2);

	l_test_add("/wsc/build/m1 1", wsc_test_build_m1, &m1_data_1);
	l_test_add("/wsc/build/m1 2", wsc_test_build_m1, &m1_data_2);

	if (!l_checksum_is_supported(L_CHECKSUM_SHA256, true)) {
		printf("SHA256 support missing, skipping other tests...\n");
		goto done;
	}

	if (!l_key_is_supported(L_KEY_FEATURE_CRYPTO)) {
		printf("Key crypto not supported, skipping other tests...\n");
		goto done;
	}

	if (l_key_is_supported(L_KEY_FEATURE_DH)) {
		l_test_add("/wsc/parse/m2 1", wsc_test_parse_m2, &m2_data_1);
		l_test_add("/wsc/parse/m2 2", wsc_test_parse_m2, &m2_data_2);
	}

	l_test_add("/wsc/build/m2 1", wsc_test_build_m2, &m2_data_1);

	l_test_add("/wsc/parse/m3 1", wsc_test_parse_m3, &m3_data_1);
	l_test_add("/wsc/build/m3 1", wsc_test_build_m3, &m3_data_1);

	l_test_add("/wsc/parse/m4 1", wsc_test_parse_m4, &m4_data_1);
	l_test_add("/wsc/build/m4 1", wsc_test_build_m4, &m4_data_1);

	l_test_add("/wsc/parse/m4 encrypted settings 1",
			wsc_test_parse_m4_encrypted_settings,
			&m4_encrypted_settings_data_1);
	l_test_add("/wsc/build/m4 encrypted settings 1",
			wsc_test_build_m4_encrypted_settings,
			&m4_encrypted_settings_data_1);

	l_test_add("/wsc/parse/m5 1", wsc_test_parse_m5, &m5_data_1);
	l_test_add("/wsc/build/m5 1", wsc_test_build_m5, &m5_data_1);

	l_test_add("/wsc/parse/m6 1", wsc_test_parse_m6, &m6_data_1);
	l_test_add("/wsc/build/m6 1", wsc_test_build_m6, &m6_data_1);

	l_test_add("/wsc/parse/m6 encrypted settings 1",
			wsc_test_parse_m6_encrypted_settings,
			&m6_encrypted_settings_data_1);
	l_test_add("/wsc/build/m6 encrypted settings 1",
			wsc_test_build_m6_encrypted_settings,
			&m6_encrypted_settings_data_1);

	l_test_add("/wsc/parse/m7 1", wsc_test_parse_m7, &m7_data_1);
	l_test_add("/wsc/build/m7 1", wsc_test_build_m7, &m7_data_1);

	l_test_add("/wsc/parse/m8 1", wsc_test_parse_m8, &m8_data_1);
	l_test_add("/wsc/build/m8 1", wsc_test_build_m8, &m8_data_1);

	l_test_add("/wsc/parse/m8 encrypted settings 1",
			wsc_test_parse_m8_encrypted_settings,
			&m8_encrypted_settings_data_1);
	l_test_add("/wsc/build/m8 encrypted settings 1",
			wsc_test_build_m8_encrypted_settings,
			&m8_encrypted_settings_data_1);

	l_test_add("/wsc/parse/wsc_done 1", wsc_test_parse_wsc_done,
							&wsc_done_data_1);
	l_test_add("/wsc/build/wsc_done 1", wsc_test_build_wsc_done,
							&wsc_done_data_1);

	if (!l_key_is_supported(L_KEY_FEATURE_DH))
		goto done;

	l_test_add("/wsc/diffie-hellman/generate pubkey 1",
					wsc_test_dh_generate_pubkey,
					&dh_generate_pubkey_test_data_1);
	l_test_add("/wsc/diffie-hellman/generate pubkey 2",
					wsc_test_dh_generate_pubkey,
					&dh_generate_pubkey_test_data_2);

	if (!l_cipher_is_supported(L_CIPHER_AES_CBC))
		goto done;

	l_test_add("/wsc/handshake/PBC Handshake Test",
						wsc_test_pbc_handshake, NULL);

	l_test_add("/wsc/retransmission/no fragmentation",
				wsc_test_retransmission_no_fragmentation, NULL);

	l_test_add("/wsc-r/handshake/PBC Handshake WPA2 passphrase test",
				wsc_r_test_pbc_handshake,
				&wsc_r_test_wpa2_cred_passphrase);
	l_test_add("/wsc-r/handshake/PBC Handshake WPA2 PSK test",
				wsc_r_test_pbc_handshake,
				&wsc_r_test_wpa2_cred_psk);
	l_test_add("/wsc-r/handshake/PBC Handshake Open test",
				wsc_r_test_pbc_handshake,
				&wsc_r_test_open_cred);

done:
	return l_test_run();
}