1 Automatic regression and interoperability testing of wpa_supplicant's 2 IEEE 802.1X/EAPOL authentication 3 4 Test program: 5 - Linked some parts of IEEE 802.1X Authenticator implementation from 6 hostapd (RADIUS client and RADIUS processing, EAP<->RADIUS 7 encapsulation/decapsulation) into wpa_supplicant. 8 - Replaced wpa_supplicant.c and wpa.c with test code that trigger 9 IEEE 802.1X authentication automatically without need for wireless 10 client card or AP. 11 - For EAP methods that generate keying material, the key derived by the 12 Supplicant is verified to match with the one received by the (now 13 integrated) Authenticator. 14 15 The full automated test suite can now be run in couple of seconds, but 16 I'm more than willing to add new RADIUS authentication servers to make 17 this take a bit more time.. ;-) As an extra bonus, this can also be 18 seen as automatic regression/interoperability testing for the RADIUS 19 server, too. 20 21 In order for me to be able to use a new authentication server, the 22 server need to be available from Internet (at least from one static IP 23 address) and I will need to get suitable user name/password pairs, 24 certificates, and private keys for testing use. Other alternative 25 would be to get an evaluation version of the server so that I can 26 install it on my own test setup. If you are interested in providing 27 either server access or evaluation version, please contact me 28 (j (a] w1.fi). 29 30 31 Test matrix 32 33 +) tested successfully 34 F) failed 35 -) server did not support 36 ?) not tested 37 38 Cisco ACS ----------------------------------------------------------. 39 hostapd --------------------------------------------------------. | 40 Cisco Aironet 1200 AP (local RADIUS server) ----------------. | | 41 Periodik Labs Elektron ---------------------------------. | | | 42 Lucent NavisRadius ---------------------------------. | | | | 43 Interlink RAD-Series ---------------------------. | | | | | 44 Radiator -----------------------------------. | | | | | | 45 Meetinghouse Aegis ---------------------. | | | | | | | 46 Funk Steel-Belted ------------------. | | | | | | | | 47 Funk Odyssey -------------------. | | | | | | | | | 48 Microsoft IAS --------------. | | | | | | | | | | 49 FreeRADIUS -------------. | | | | | | | | | | | 50 | | | | | | | | | | | | 51 52 EAP-MD5 + - - + + + + + - - + + 53 EAP-GTC + - - ? + + + + - - + - 54 EAP-OTP - - - - - + - - - - - - 55 EAP-MSCHAPv2 + - - + + + + + - - + - 56 EAP-TLS + + + + + + + + - - + + 57 EAP-PEAPv0/MSCHAPv2 + + + + + + + + + - + + 58 EAP-PEAPv0/GTC + - + - + + + + - - + + 59 EAP-PEAPv0/OTP - - - - - + - - - - - - 60 EAP-PEAPv0/MD5 + - - + + + + + - - + - 61 EAP-PEAPv0/TLS - + - + + + F + - - - - 62 EAP-PEAPv1/MSCHAPv2 - - + + + +1 + +5 +8 - + + 63 EAP-PEAPv1/GTC - - + + + +1 + +5 +8 - + + 64 EAP-PEAPv1/OTP - - - - - +1 - - - - - - 65 EAP-PEAPv1/MD5 - - - + + +1 + +5 - - + - 66 EAP-PEAPv1/TLS - - - + + +1 F +5 - - - - 67 EAP-TTLS/CHAP + - +2 + + + + + + - + - 68 EAP-TTLS/MSCHAP + - + + + + + + + - + - 69 EAP-TTLS/MSCHAPv2 + - + + + + + + + - + - 70 EAP-TTLS/PAP + - + + + + + + + - + - 71 EAP-TTLS/EAP-MD5 + - +2 + + + + + + - + - 72 EAP-TTLS/EAP-GTC + - +2 ? + + + + - - + - 73 EAP-TTLS/EAP-OTP - - - - - + - - - - - - 74 EAP-TTLS/EAP-MSCHAPv2 + - +2 + + + + + + - + - 75 EAP-TTLS/EAP-TLS - - +2 + F + + + - - - - 76 EAP-SIM +3 - - ? - + - ? - - + - 77 EAP-AKA - - - - - + - - - - + - 78 EAP-PSK +7 - - - - - - - - - + - 79 EAP-PAX - - - - - - - - - - + - 80 EAP-SAKE - - - - - - - - - - + - 81 EAP-GPSK - - - - - - - - - - + - 82 EAP-FAST - - - + - - - - - + - + 83 LEAP + - + + + + F +6 - + - + 84 85 1) PEAPv1 required new label, "client PEAP encryption" instead of "client EAP 86 encryption", during key derivation (requires phase1="peaplabel=1" in the 87 network configuration in wpa_supplicant.conf) 88 2) used FreeRADIUS as inner auth server 89 3) required a patch to FreeRADIUS to fix EAP-SIM 90 5) PEAPv1 required termination of negotiation on tunneled EAP-Success and new 91 label in key deriviation 92 (phase1="peap_outer_success=0 peaplabel=1") (in "IETF Draft 5" mode) 93 6) Authenticator simulator required patching for handling Access-Accept within 94 negotiation (for the first EAP-Success of LEAP) 95 7) EAP-PSK is not included in FreeRADIUS distribution; used external 96 rlm_eap_psk implementation from 97 http://perso.rd.francetelecom.fr/bersani/EAP_PSK/ 98 EAP-PSKWindowsimplementations.html 99 8) PEAPv1 used non-standard version negotiation (client had to force v1 even 100 though server reported v0 as the highest supported version) 101 102 103 Automated tests: 104 105 FreeRADIUS (1.0pre and CVS snapshot) 106 - EAP-MD5-Challenge 107 - EAP-GTC 108 - EAP-MSCHAPv2 109 - EAP-TLS 110 - EAP-PEAPv0 / MSCHAPv2 111 - EAP-PEAPv0 / GTC 112 - EAP-PEAPv0 / MD5-Challenge 113 - EAP-TTLS / EAP-MD5-Challenge 114 - EAP-TTLS / EAP-GTC 115 - EAP-TTLS / EAP-MSCHAPv2 116 - EAP-TTLS / CHAP 117 - EAP-TTLS / PAP 118 - EAP-TTLS / MSCHAP 119 - EAP-TTLS / MSCHAPv2 120 - EAP-SIM 121 * not supported in FreeRADIUS 122 - EAP-PEAP / TLS (Unable to tunnel TLS inside of TLS) 123 - EAP-TTLS / EAP-TLS (Unable to tunnel TLS inside of TLS) 124 125 Microsoft Windows Server 2003 / IAS 126 - EAP-TLS 127 - EAP-PEAPv0 / MSCHAPv2 128 - EAP-PEAPv0 / TLS 129 - EAP-MD5 130 * IAS does not seem to support other EAP methods 131 132 Funk Odyssey 2.01.00.653 133 - EAP-TLS 134 - EAP-PEAPv0 / MSCHAPv2 135 - EAP-PEAPv0 / GTC 136 - EAP-PEAPv1 / MSCHAPv2 137 - EAP-PEAPv1 / GTC 138 Note: PEAPv1 requires TLS key derivation to use label "client EAP encryption" 139 - EAP-TTLS / CHAP (using FreeRADIUS as inner auth srv) 140 - EAP-TTLS / MSCHAP 141 - EAP-TTLS / MSCHAPv2 142 - EAP-TTLS / PAP 143 - EAP-TTLS / EAP-MD5-Challenge (using FreeRADIUS as inner auth srv) 144 - EAP-TTLS / EAP-GTC (using FreeRADIUS as inner auth srv) 145 - EAP-TTLS / EAP-MSCHAPv2 (using FreeRADIUS as inner auth srv) 146 - EAP-TTLS / EAP-TLS (using FreeRADIUS as inner auth srv) 147 * not supported in Odyssey: 148 - EAP-MD5-Challenge 149 - EAP-GTC 150 - EAP-MSCHAPv2 151 - EAP-PEAP / MD5-Challenge 152 - EAP-PEAP / TLS 153 154 Funk Steel-Belted Radius Enterprise Edition v4.71.739 155 - EAP-MD5-Challenge 156 - EAP-MSCHAPv2 157 - EAP-TLS 158 - EAP-PEAPv0 / MSCHAPv2 159 - EAP-PEAPv0 / MD5 160 - EAP-PEAPv0 / TLS 161 - EAP-PEAPv1 / MSCHAPv2 162 - EAP-PEAPv1 / MD5 163 - EAP-PEAPv1 / GTC 164 - EAP-PEAPv1 / TLS 165 Note: PEAPv1 requires TLS key derivation to use label "client EAP encryption" 166 - EAP-TTLS / CHAP 167 - EAP-TTLS / MSCHAP 168 - EAP-TTLS / MSCHAPv2 169 - EAP-TTLS / PAP 170 - EAP-TTLS / EAP-MD5-Challenge 171 - EAP-TTLS / EAP-MSCHAPv2 172 - EAP-TTLS / EAP-TLS 173 174 Meetinghouse Aegis 1.1.4 175 - EAP-MD5-Challenge 176 - EAP-GTC 177 - EAP-MSCHAPv2 178 - EAP-TLS 179 - EAP-PEAPv0 / MSCHAPv2 180 - EAP-PEAPv0 / TLS 181 - EAP-PEAPv0 / GTC 182 - EAP-PEAPv0 / MD5-Challenge 183 - EAP-PEAPv1 / MSCHAPv2 184 - EAP-PEAPv1 / TLS 185 - EAP-PEAPv1 / GTC 186 - EAP-PEAPv1 / MD5-Challenge 187 Note: PEAPv1 requires TLS key derivation to use label "client EAP encryption" 188 - EAP-TTLS / CHAP 189 - EAP-TTLS / MSCHAP 190 - EAP-TTLS / MSCHAPv2 191 - EAP-TTLS / PAP 192 - EAP-TTLS / EAP-MD5-Challenge 193 - EAP-TTLS / EAP-GTC 194 - EAP-TTLS / EAP-MSCHAPv2 195 * did not work 196 - EAP-TTLS / EAP-TLS 197 (Server rejects authentication without any reason in debug log. It 198 looks like the inner TLS negotiation starts properly and the last 199 packet from Supplicant looks like the one sent in the Phase 1. The 200 server generates a valid looking reply in the same way as in Phase 201 1, but then ends up sending Access-Reject. Maybe an issue with TTLS 202 fragmentation in the Aegis server(?) The packet seems to include 203 1328 bytes of EAP-Message and this may go beyond the fragmentation 204 limit with AVP encapsulation and TLS tunneling. Note: EAP-PEAP/TLS 205 did work, so this issue seems to be with something TTLS specific.) 206 207 Radiator 3.9 (eval, with all patches up to and including 2004-08-30) 208 - EAP-MD5-Challenge 209 - EAP-GTC 210 - EAP-OTP 211 - EAP-MSCHAPv2 212 - EAP-TLS 213 - EAP-PEAPv0 / MSCHAPv2 214 - EAP-PEAPv0 / GTC 215 - EAP-PEAPv0 / OTP 216 - EAP-PEAPv0 / MD5-Challenge 217 - EAP-PEAPv0 / TLS 218 Note: Needed to use unknown identity in outer auth and some times the server 219 seems to get confused and fails to send proper Phase 2 data. 220 - EAP-PEAPv1 / MSCHAPv2 221 - EAP-PEAPv1 / GTC 222 - EAP-PEAPv1 / OTP 223 - EAP-PEAPv1 / MD5-Challenge 224 - EAP-PEAPv1 / TLS 225 Note: This has some additional requirements for EAPTLS_MaxFragmentSize. 226 Using 1300 for outer auth and 500 for inner auth seemed to work. 227 Note: Needed to use unknown identity in outer auth and some times the server 228 seems to get confused and fails to send proper Phase 2 data. 229 - EAP-TTLS / CHAP 230 - EAP-TTLS / MSCHAP 231 - EAP-TTLS / MSCHAPv2 232 - EAP-TTLS / PAP 233 - EAP-TTLS / EAP-MD5-Challenge 234 - EAP-TTLS / EAP-GTC 235 - EAP-TTLS / EAP-OTP 236 - EAP-TTLS / EAP-MSCHAPv2 237 - EAP-TTLS / EAP-TLS 238 Note: This has some additional requirements for EAPTLS_MaxFragmentSize. 239 Using 1300 for outer auth and 500 for inner auth seemed to work. 240 - EAP-SIM 241 - EAP-AKA 242 243 Interlink Networks RAD-Series 6.1.2.7 244 - EAP-MD5-Challenge 245 - EAP-GTC 246 - EAP-MSCHAPv2 247 - EAP-TLS 248 - EAP-PEAPv0 / MSCHAPv2 249 - EAP-PEAPv0 / GTC 250 - EAP-PEAPv0 / MD5-Challenge 251 - EAP-PEAPv1 / MSCHAPv2 252 - EAP-PEAPv1 / GTC 253 - EAP-PEAPv1 / MD5-Challenge 254 Note: PEAPv1 requires TLS key derivation to use label "client EAP encryption" 255 - EAP-TTLS / CHAP 256 - EAP-TTLS / MSCHAP 257 - EAP-TTLS / MSCHAPv2 258 - EAP-TTLS / PAP 259 - EAP-TTLS / EAP-MD5-Challenge 260 - EAP-TTLS / EAP-GTC 261 - EAP-TTLS / EAP-MSCHAPv2 262 - EAP-TTLS / EAP-TLS 263 * did not work 264 - EAP-PEAPv0 / TLS 265 - EAP-PEAPv1 / TLS 266 (Failed to decrypt Phase 2 data) 267 268 Lucent NavisRadius 4.4.0 269 - EAP-MD5-Challenge 270 - EAP-GTC 271 - EAP-MSCHAPv2 272 - EAP-TLS 273 - EAP-PEAPv0 / MD5-Challenge 274 - EAP-PEAPv0 / MSCHAPv2 275 - EAP-PEAPv0 / GTC 276 - EAP-PEAPv0 / TLS 277 - EAP-PEAPv1 / MD5-Challenge 278 - EAP-PEAPv1 / MSCHAPv2 279 - EAP-PEAPv1 / GTC 280 - EAP-PEAPv1 / TLS 281 "IETF Draft 5" mode requires phase1="peap_outer_success=0 peaplabel=1" 282 'Cisco ACU 5.05' mode works without phase1 configuration 283 - EAP-TTLS / CHAP 284 - EAP-TTLS / MSCHAP 285 - EAP-TTLS / MSCHAPv2 286 - EAP-TTLS / PAP 287 - EAP-TTLS / EAP-MD5-Challenge 288 - EAP-TTLS / EAP-MSCHAPv2 289 - EAP-TTLS / EAP-GTC 290 - EAP-TTLS / EAP-TLS 291 292 Note: user certificate from NavisRadius had private key in a format 293 that wpa_supplicant could not use. Converting this to PKCS#12 and then 294 back to PEM allowed wpa_supplicant to use the key. 295 296 297 hostapd v0.3.3 298 - EAP-MD5-Challenge 299 - EAP-GTC 300 - EAP-MSCHAPv2 301 - EAP-TLS 302 - EAP-PEAPv0 / MSCHAPv2 303 - EAP-PEAPv0 / GTC 304 - EAP-PEAPv0 / MD5-Challenge 305 - EAP-PEAPv1 / MSCHAPv2 306 - EAP-PEAPv1 / GTC 307 - EAP-PEAPv1 / MD5-Challenge 308 - EAP-TTLS / CHAP 309 - EAP-TTLS / MSCHAP 310 - EAP-TTLS / MSCHAPv2 311 - EAP-TTLS / PAP 312 - EAP-TTLS / EAP-MD5-Challenge 313 - EAP-TTLS / EAP-GTC 314 - EAP-TTLS / EAP-MSCHAPv2 315 - EAP-SIM 316 - EAP-PAX 317 318 Cisco Secure ACS 3.3(1) for Windows Server 319 - PEAPv1/GTC worked, but PEAPv0/GTC failed in the end after password was 320 sent successfully; ACS is replying with empty PEAP packet (TLS ACK); 321 wpa_supplicant tries to decrypt this.. Replying with TLS ACK and and 322 marking the connection completed was enough to make this work. 323 324 325 PEAPv1: 326 327 Funk Odyssey 2.01.00.653: 328 - uses tunneled EAP-Success, expects reply in tunnel or TLS ACK, sends MPPE 329 keys with outer EAP-Success message after this 330 - uses label "client EAP encryption" 331 - (peap_outer_success 1 and 2 work) 332 333 Funk Steel-Belted Radius Enterprise Edition v4.71.739 334 - uses tunneled EAP-Success, expects reply in tunnel or TLS ACK, sends MPPE 335 keys with outer EAP-Success message after this 336 - uses label "client EAP encryption" 337 - (peap_outer_success 1 and 2 work) 338 339 Radiator 3.9: 340 - uses TLV Success and Reply, sends MPPE keys with outer EAP-Success message 341 after this 342 - uses label "client PEAP encryption" 343 344 Lucent NavisRadius 4.4.0 (in "IETF Draft 5" mode): 345 - sends tunneled EAP-Success with MPPE keys and expects the authentication to 346 terminate at this point (gets somewhat confused with reply to this) 347 - uses label "client PEAP encryption" 348 - phase1="peap_outer_success=0 peaplabel=1" 349 350 Lucent NavisRadius 4.4.0 (in "Cisco ACU 5.05" mode): 351 - sends tunneled EAP-Success with MPPE keys and expects to receive TLS ACK 352 as a reply 353 - uses label "client EAP encryption" 354 355 Meetinghouse Aegis 1.1.4 356 - uses tunneled EAP-Success, expects reply in tunnel or TLS ACK, sends MPPE 357 keys with outer EAP-Success message after this 358 - uses label "client EAP encryption" 359 - peap_outer_success 1 and 2 work 360