def test_radius_access_request_packs(self):
expected_packed_message = bytes.fromhex(
"010e01dc688d6504db3c757243f995d5f0d32e50010b686f737431757365721e1434342d34342d34342d34342d34342d34343a3d06000000130606000000021f1330302d30302d30302d31312d31312d30314d17434f4e4e45435420304d627073203830322e3131622c12433634383030344139433930353537390c06000005784fff02250133150016030101280100012403032c36dbf8ee16b94b28efdb8c5603e07823f9b716557b5ef2624b026daea115760000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000051000b000403000102000a001c001a00170019001c001b0018001a004f3816000e000d000b000c0009000a000d0020001e060106020603050105020503040104020403030103020303020102020203000f0001011812cefe6083cfdb75dd64722c274ec353725012ab67ed568931f12d258f9ffda931159e"
)
attr_list = list()
attr_list.append(UserName.create("host1user"))
attr_list.append(CalledStationId.create("44-44-44-44-44-44:"))
attr_list.append(NASPortType.create(0x13))
attr_list.append(ServiceType.create(0x02))
attr_list.append(CallingStationId.create("00-00-00-11-11-01"))
attr_list.append(ConnectInfo.create("CONNECT 0Mbps 802.11b"))
attr_list.append(AcctSessionId.create("C648004A9C905579"))
attr_list.append(FramedMTU.create(0x0578))
attr_list.append(
EAPMessage.create(
"02250133150016030101280100012403032c36dbf8ee16b94b28efdb8c5603e07823f9b716557b5ef2624b026daea115760000aac030c02cc028c024c014c00a00a500a300a1009f006b006a0069006800390038003700360088008700860085c032c02ec02ac026c00fc005009d003d00350084c02fc02bc027c023c013c00900a400a200a0009e00670040003f003e0033003200310030009a0099009800970045004400430042c031c02dc029c025c00ec004009c003c002f00960041c011c007c00cc00200050004c012c008001600130010000dc00dc003000a00ff01000051000b000403000102000a001c001a00170019001c001b0018001a0016000e000d000b000c0009000a000d0020001e060106020603050105020503040104020403030103020303020102020203000f000101"
))
attr_list.append(
State.create(bytes.fromhex("cefe6083cfdb75dd64722c274ec35372")))
attr_list.append(
MessageAuthenticator.create(
bytes.fromhex("00000000000000000000000000000000")))
attributes = RadiusAttributesList(attr_list)
access_request = RadiusAccessRequest(
14, bytes.fromhex("688d6504db3c757243f995d5f0d32e50"), attributes)
packed_message = access_request.build("SECRET")
self.assertEqual(len(expected_packed_message), len(packed_message))
self.assertEqual(expected_packed_message, packed_message)
def radius_mab_pack(src_mac, radius_packet_id, request_authenticator,
secret, nas_port):
""""""
attr_list = []
no_dots_mac = str(src_mac).replace(':', "")
attr_list.append(UserName.create(no_dots_mac))
attr_list.append(
CallingStationId.create(str(src_mac).replace(':', '-')))
if nas_port:
attr_list.append(NASPort.create(nas_port))
ciphertext = UserPassword.encrypt(secret, request_authenticator,
no_dots_mac)
attr_list.append(UserPassword.create(ciphertext))
attr_list.append(
MessageAuthenticator.create(
bytes.fromhex("00000000000000000000000000000000")))
attributes = RadiusAttributesList(attr_list)
access_request = RadiusAccessRequest(radius_packet_id,
request_authenticator, attributes)
return access_request.build(secret)
def radius_pack(eap_message,
src_mac,
username,
radius_packet_id,
request_authenticator,
state,
secret,
nas_port=None,
extra_attributes=None):
"""
Packs up a RADIUS message to send to a RADIUS Server.
Args:
eap_message (Message): e.g. IdentityMessage
src_mac (MacAddress): supplicants mac address
username (str): supplicants username
radius_packet_id (int):
request_authenticator (bytes):
state (State): RADIUS State
secret (str): RADIUS secret used between Chewie and RADIUS Server
extra_attributes (list): list of extra RADIUS attributes to send along with the above.
Returns:
packed RADIUS packet (bytes)
"""
if not extra_attributes:
extra_attributes = []
attr_list = []
attr_list.append(UserName.create(username))
attr_list.append(CallingStationId.create(str(src_mac)))
if nas_port:
attr_list.append(NASPort.create(nas_port))
attr_list.extend(extra_attributes)
attr_list.append(EAPMessage.create(eap_message))
if state:
attr_list.append(state)
attr_list.append(
MessageAuthenticator.create(
bytes.fromhex("00000000000000000000000000000000")))
attributes = RadiusAttributesList(attr_list)
access_request = RadiusAccessRequest(radius_packet_id,
request_authenticator, attributes)
return access_request.build(secret)
def test_radius_access_accept_packs(self):
expected_packed_message = bytes.fromhex("02010046"
"02970aff2ef0700780f70848e90d2410"
"1a0f00003039010973747564656e74"
"4f0603020004"
"5012d7ec84e8864dd6cd00916c1d5a3cf41b"
"010b686f73743175736572")
attr_list = list()
attr_list.append(VendorSpecific.create(bytes.fromhex("00003039010973747564656e74")))
attr_list.append(EAPMessage.create("03020004"))
attr_list.append(MessageAuthenticator.create(
bytes.fromhex("d7ec84e8864dd6cd00916c1d5a3cf41b")))
attr_list.append(UserName.create("host1user"))
attributes = RadiusAttributesList(attr_list)
access_accept = RadiusAccessAccept(1, bytes.fromhex("02970aff2ef0700780f70848e90d2410"),
attributes)
packed_message = access_accept.pack()
self.assertEqual(len(expected_packed_message), len(packed_message))
self.assertEqual(expected_packed_message, packed_message)