Implement MSK generation for EAP MSCHAPv2.

AwaitingEapSuccessState will return an EapSuccess object when an EAP-Success message is received. However, this requires generating the MSK for the current session first. Utils are defined for generating the MSK as defined in RFC 3079. Only 128-bit (16B) keys are generated with this implementation. Bug: 141483998 Test: added tests for EapMsChapV2MethodStateMachineTest. Test: atest FrameworksIkeTests Change-Id: Ia472cc7260bb270ab5c5069c309b8cac89b2d719
author: Cody Kesting <ckesting@google.com> 2019-09-24 18:26:34 -0700
committer: Cody Kesting <ckesting@google.com> 2019-09-30 10:23:50 -0700
commit: 8871435e14ffab4516cf2b17252c11d7374f0dd3 (patch)
tree: 210a8c8759a50f04305fbe58e82906d5d3154416 /tests/iketests
parent: 69c4b535ea1fcd7bc41e6c3af0b9b49ba36f1d1a (diff)
download: ike-8871435e14ffab4516cf2b17252c11d7374f0dd3.tar.gz
2 files changed, 50 insertions, 1 deletions
diff --git a/tests/iketests/src/java/com/android/ike/eap/message/EapTestMessageDefinitions.java b/tests/iketests/src/java/com/android/ike/eap/message/EapTestMessageDefinitions.java
index a2a811a8..50e88a8f 100644
--- a/tests/iketests/src/java/com/android/ike/eap/message/EapTestMessageDefinitions.java
+++ b/tests/iketests/src/java/com/android/ike/eap/message/EapTestMessageDefinitions.java
@@ -236,7 +236,7 @@ public class EapTestMessageDefinitions {
     public static final byte[] EAP_REQUEST_MSCHAP_V2 =
             hexStringToByteArray("01" + ID + "00061A01");
 
-    // MSCHAPv2 Test vectors taken from RFC 2759#9.2
+    // MSCHAPv2 Test vectors taken from RFC 2759#9.2 and RFC 3079#3.5.3
     public static final String MSCHAP_V2_USERNAME = "User";
     public static final String MSCHAP_V2_USERNAME_HEX = "55736572";
     public static final byte[] MSCHAP_V2_USERNAME_ASCII_BYTES =
@@ -262,6 +262,20 @@ public class EapTestMessageDefinitions {
             hexStringToByteArray(MSCHAP_V2_NT_RESPONSE_STRING);
     public static final byte[] MSCHAP_V2_AUTHENTICATOR_RESPONSE =
             hexStringToByteArray("407A5589115FD0D6209F510FE9C04566932CDA56");
+    public static final byte[] MSCHAP_V2_MASTER_KEY =
+            hexStringToByteArray("FDECE3717A8C838CB388E527AE3CDD31");
+
+    // generated based on RFC 3079#3.5.3 params
+    public static final String SEND_KEY = "D5F0E9521E3EA9589645E86051C82226";
+    public static final byte[] MSCHAP_V2_SEND_START_KEY = hexStringToByteArray(SEND_KEY);
+
+    // This value is labeled 'send key' in RFC 3079#3.5.3. However, it's used as 'receive key' here,
+    // because send and receive keys are swapped for peers relative to authenticators.
+    public static final String RECEIVE_KEY = "8B7CDC149B993A1BA118CB153F56DCCB";
+    public static final byte[] MSCHAP_V2_RECEIVE_START_KEY = hexStringToByteArray(RECEIVE_KEY);
+
+    // MSK: MSCHAP_V2_SEND_START_KEY + MSCHAP_V2_RECEIVE_START_KEY
+    public static final byte[] MSCHAP_V2_MSK = hexStringToByteArray(SEND_KEY + RECEIVE_KEY);
 
     public static final String MSCHAP_V2_ID = "42";
     public static final int MSCHAP_V2_ID_INT = Integer.parseInt(MSCHAP_V2_ID, 16 /* radix */);
diff --git a/tests/iketests/src/java/com/android/ike/eap/statemachine/EapMsChapV2MethodStateMachineTest.java b/tests/iketests/src/java/com/android/ike/eap/statemachine/EapMsChapV2MethodStateMachineTest.java
index f671a423..4d57e43d 100644
--- a/tests/iketests/src/java/com/android/ike/eap/statemachine/EapMsChapV2MethodStateMachineTest.java
+++ b/tests/iketests/src/java/com/android/ike/eap/statemachine/EapMsChapV2MethodStateMachineTest.java
@@ -20,12 +20,16 @@ import static com.android.ike.eap.message.EapData.EAP_TYPE_MSCHAP_V2;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_AUTHENTICATOR_CHALLENGE;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_AUTHENTICATOR_RESPONSE;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_CHALLENGE;
+import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_MASTER_KEY;
+import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_MSK;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_NT_RESPONSE;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_PASSWORD;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_PASSWORD_HASH;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_PASSWORD_HASH_HASH;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_PASSWORD_UTF_BYTES;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_PEER_CHALLENGE;
+import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_RECEIVE_START_KEY;
+import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_SEND_START_KEY;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_USERNAME;
 import static com.android.ike.eap.message.EapTestMessageDefinitions.MSCHAP_V2_USERNAME_ASCII_BYTES;
 
@@ -35,6 +39,7 @@ import static org.junit.Assert.assertTrue;
 
 import com.android.ike.eap.EapSessionConfig.EapMsChapV2Config;
 import com.android.ike.eap.statemachine.EapMsChapV2MethodStateMachine.CreatedState;
+import com.android.ike.utils.Log;
 
 import org.junit.Before;
 import org.junit.Test;
@@ -143,4 +148,34 @@ public class EapMsChapV2MethodStateMachineTest {
                         MSCHAP_V2_USERNAME,
                         MSCHAP_V2_AUTHENTICATOR_RESPONSE));
     }
+
+    @Test
+    public void testGetMasterKey() throws Exception {
+        byte[] masterKey =
+                EapMsChapV2MethodStateMachine.getMasterKey(
+                        MSCHAP_V2_PASSWORD_HASH_HASH, MSCHAP_V2_NT_RESPONSE);
+        assertArrayEquals(MSCHAP_V2_MASTER_KEY, masterKey);
+    }
+
+    @Test
+    public void testGetAsymmetricStartKeySendKey() throws Exception {
+        byte[] startKey =
+                EapMsChapV2MethodStateMachine.getAsymmetricStartKey(MSCHAP_V2_MASTER_KEY, true);
+        assertArrayEquals(Log.byteArrayToHexString(startKey), MSCHAP_V2_SEND_START_KEY, startKey);
+    }
+
+    @Test
+    public void testGetAsymmetricStartKeyReceiveKey() throws Exception {
+        byte[] receiveKey =
+                EapMsChapV2MethodStateMachine.getAsymmetricStartKey(MSCHAP_V2_MASTER_KEY, false);
+        assertArrayEquals(MSCHAP_V2_RECEIVE_START_KEY, receiveKey);
+    }
+
+    @Test
+    public void testGenerateMsk() throws Exception {
+        byte[] msk =
+                EapMsChapV2MethodStateMachine.generateMsk(
+                        MSCHAP_V2_PASSWORD, MSCHAP_V2_NT_RESPONSE);
+        assertArrayEquals(MSCHAP_V2_MSK, msk);
+    }
 }
author	Cody Kesting <ckesting@google.com>	2019-09-24 18:26:34 -0700
committer	Cody Kesting <ckesting@google.com>	2019-09-30 10:23:50 -0700
commit	8871435e14ffab4516cf2b17252c11d7374f0dd3 (patch)
tree	210a8c8759a50f04305fbe58e82906d5d3154416 /tests/iketests
parent	69c4b535ea1fcd7bc41e6c3af0b9b49ba36f1d1a (diff)
download	ike-8871435e14ffab4516cf2b17252c11d7374f0dd3.tar.gz