def test_radius_access_request_packs(self): expected_packed_message = bytes.fromhex( "010e01dc688d6504db3c757243f995d5f0d32e50010b686f737431757365721e1434342d34342d34342d34342d34342d34343a3d06000000130606000000021f1330302d30302d30302d31312d31312d30314d17434f4e4e45435420304d627073203830322e3131622c12433634383030344139433930353537390c06000005784fff02250133150016030101280100012403032c36dbf8ee16b94b28efdb8c5603e07823f9b716557b5ef2624b026daea115760000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000051000b000403000102000a001c001a00170019001c001b0018001a004f3816000e000d000b000c0009000a000d0020001e060106020603050105020503040104020403030103020303020102020203000f0001011812cefe6083cfdb75dd64722c274ec353725012ab67ed568931f12d258f9ffda931159e" ) attr_list = list() attr_list.append(UserName.create("host1user")) attr_list.append(CalledStationId.create("44-44-44-44-44-44:")) attr_list.append(NASPortType.create(0x13)) attr_list.append(ServiceType.create(0x02)) attr_list.append(CallingStationId.create("00-00-00-11-11-01")) attr_list.append(ConnectInfo.create("CONNECT 0Mbps 802.11b")) attr_list.append(AcctSessionId.create("C648004A9C905579")) attr_list.append(FramedMTU.create(0x0578)) attr_list.append( EAPMessage.create( "02250133150016030101280100012403032c36dbf8ee16b94b28efdb8c5603e07823f9b716557b5ef2624b026daea115760000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000051000b000403000102000a001c001a00170019001c001b0018001a0016000e000d000b000c0009000a000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101" )) attr_list.append( State.create(bytes.fromhex("cefe6083cfdb75dd64722c274ec35372"))) attr_list.append( MessageAuthenticator.create( bytes.fromhex("00000000000000000000000000000000"))) attributes = RadiusAttributesList(attr_list) access_request = RadiusAccessRequest( 14, bytes.fromhex("688d6504db3c757243f995d5f0d32e50"), attributes) packed_message = access_request.build("SECRET") self.assertEqual(len(expected_packed_message), len(packed_message)) self.assertEqual(expected_packed_message, packed_message)
def radius_mab_pack(src_mac, radius_packet_id, request_authenticator, secret, nas_port): """""" attr_list = [] no_dots_mac = str(src_mac).replace(':', "") attr_list.append(UserName.create(no_dots_mac)) attr_list.append( CallingStationId.create(str(src_mac).replace(':', '-'))) if nas_port: attr_list.append(NASPort.create(nas_port)) ciphertext = UserPassword.encrypt(secret, request_authenticator, no_dots_mac) attr_list.append(UserPassword.create(ciphertext)) attr_list.append( MessageAuthenticator.create( bytes.fromhex("00000000000000000000000000000000"))) attributes = RadiusAttributesList(attr_list) access_request = RadiusAccessRequest(radius_packet_id, request_authenticator, attributes) return access_request.build(secret)
def radius_pack(eap_message, src_mac, username, radius_packet_id, request_authenticator, state, secret, nas_port=None, extra_attributes=None): """ Packs up a RADIUS message to send to a RADIUS Server. Args: eap_message (Message): e.g. IdentityMessage src_mac (MacAddress): supplicants mac address username (str): supplicants username radius_packet_id (int): request_authenticator (bytes): state (State): RADIUS State secret (str): RADIUS secret used between Chewie and RADIUS Server extra_attributes (list): list of extra RADIUS attributes to send along with the above. Returns: packed RADIUS packet (bytes) """ if not extra_attributes: extra_attributes = [] attr_list = [] attr_list.append(UserName.create(username)) attr_list.append(CallingStationId.create(str(src_mac))) if nas_port: attr_list.append(NASPort.create(nas_port)) attr_list.extend(extra_attributes) attr_list.append(EAPMessage.create(eap_message)) if state: attr_list.append(state) attr_list.append( MessageAuthenticator.create( bytes.fromhex("00000000000000000000000000000000"))) attributes = RadiusAttributesList(attr_list) access_request = RadiusAccessRequest(radius_packet_id, request_authenticator, attributes) return access_request.build(secret)
def test_radius_access_accept_packs(self): expected_packed_message = bytes.fromhex("02010046" "02970aff2ef0700780f70848e90d2410" "1a0f00003039010973747564656e74" "4f0603020004" "5012d7ec84e8864dd6cd00916c1d5a3cf41b" "010b686f73743175736572") attr_list = list() attr_list.append(VendorSpecific.create(bytes.fromhex("00003039010973747564656e74"))) attr_list.append(EAPMessage.create("03020004")) attr_list.append(MessageAuthenticator.create( bytes.fromhex("d7ec84e8864dd6cd00916c1d5a3cf41b"))) attr_list.append(UserName.create("host1user")) attributes = RadiusAttributesList(attr_list) access_accept = RadiusAccessAccept(1, bytes.fromhex("02970aff2ef0700780f70848e90d2410"), attributes) packed_message = access_accept.pack() self.assertEqual(len(expected_packed_message), len(packed_message)) self.assertEqual(expected_packed_message, packed_message)