DPP: Protocol testing - invalid I/R-Auth value in PKEX Commit-Reveal

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>

src/common/dpp.c

@@ -6085,6 +6085,14 @@ skip_bootstrap_key:
 		wpa_printf(MSG_INFO, "DPP: TESTING - no I-Auth tag");
 		goto skip_i_auth_tag;
 	}
+	if (dpp_test == DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ) {
+		wpa_printf(MSG_INFO, "DPP: TESTING - I-Auth tag mismatch");
+		wpabuf_put_le16(clear, DPP_ATTR_I_AUTH_TAG);
+		wpabuf_put_le16(clear, curve->hash_len);
+		wpabuf_put_data(clear, u, curve->hash_len - 1);
+		wpabuf_put_u8(clear, u[curve->hash_len - 1] ^ 0x01);
+		goto skip_i_auth_tag;
+	}
 #endif /* CONFIG_TESTING_OPTIONS */
 
 	/* u in I-Auth tag attribute */
@@ -6386,6 +6394,14 @@ skip_bootstrap_key:
 		wpa_printf(MSG_INFO, "DPP: TESTING - no R-Auth tag");
 		goto skip_r_auth_tag;
 	}
+	if (dpp_test == DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP) {
+		wpa_printf(MSG_INFO, "DPP: TESTING - R-Auth tag mismatch");
+		wpabuf_put_le16(clear, DPP_ATTR_R_AUTH_TAG);
+		wpabuf_put_le16(clear, curve->hash_len);
+		wpabuf_put_data(clear, v, curve->hash_len - 1);
+		wpabuf_put_u8(clear, v[curve->hash_len - 1] ^ 0x01);
+		goto skip_r_auth_tag;
+	}
 #endif /* CONFIG_TESTING_OPTIONS */
 
 	/* v in R-Auth tag attribute */

src/common/dpp.h

@@ -267,6 +267,8 @@ enum dpp_test_behavior {
 	DPP_TEST_INVALID_STATUS_PKEX_EXCHANGE_RESP = 46,
 	DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_REQ = 47,
 	DPP_TEST_INVALID_BOOTSTRAP_KEY_PKEX_CR_RESP = 48,
+	DPP_TEST_I_AUTH_TAG_MISMATCH_PKEX_CR_REQ = 49,
+	DPP_TEST_R_AUTH_TAG_MISMATCH_PKEX_CR_RESP = 50,
 };
 
 extern enum dpp_test_behavior dpp_test;