[PATCH 28/40] tests: Add PASN tests with SAE

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Ilan Peer <ilan.peer@xxxxxxxxx>
---
 tests/hwsim/test_pasn.py | 86 +++++++++++++++++++++++++++++++++++++++-
 1 file changed, 85 insertions(+), 1 deletion(-)

diff --git a/tests/hwsim/test_pasn.py b/tests/hwsim/test_pasn.py
index 916f36485b..8e7b75c137 100644
--- a/tests/hwsim/test_pasn.py
+++ b/tests/hwsim/test_pasn.py
@@ -47,12 +47,15 @@ def check_pasn_ptk(dev, hapd, cipher):
         raise Exception("TK/HLTK mismatch")
 
 def check_pasn_akmp_cipher(dev, hapd, akmp="PASN", cipher="CCMP",
-                           group="19", status=0, fail=0):
+                           group="19", status=0, fail=0, nid=""):
     dev.scan(type="ONLY", freq=2412)
 
     cmd = "PASN_START bssid=%s akmp=%s cipher=%s group=%s" % (hapd.own_addr(), akmp, cipher, group)
 
     resp = dev.request(cmd)
+    if nid != "":
+        cmd += " nid=%s" % nid
+
     if fail:
         if "OK" in resp:
             raise Exception("Unexpected success to start PASN authentication")
@@ -314,3 +317,84 @@ def test_pasn_fils_sha256_hltk(dev, apdev, params):
 def test_pasn_fils_sha384_hltk(dev, apdev, params):
     """Station authentication with FILS-SHA384 with HLTK derivation during connection"""
     check_pasn_fils_hltk(dev, apdev, params, "FILS-SHA384")
+
+@remote_compatible
+def test_pasn_sae(dev, apdev):
+    """PASN authentication with SAE AP with PMK derivation + PMKSA caching"""
+    if "SAE" not in dev[0].get_capability("auth_alg"):
+        raise HwsimSkip("SAE not supported")
+
+    params = hostapd.wpa2_params(ssid="test-pasn-sae",
+                                 passphrase="12345678")
+    params['wpa_key_mgmt'] = 'SAE PASN'
+    hapd = hostapd.add_ap(apdev[0], params)
+
+    dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE", scan_freq="2412",
+                   only_add_network=True)
+
+    # first test with a valid PSK
+    check_pasn_akmp_cipher(dev[0], hapd, "SAE", "CCMP", nid="0")
+
+    # And now with PMKSA caching
+    check_pasn_akmp_cipher(dev[0], hapd, "SAE", "CCMP")
+
+    # And now with a wrong passphrase
+    if "FAIL" in dev[0].request("PMKSA_FLUSH"):
+        raise Exception("PMKSA_FLUSH failed")
+
+    dev[0].request('SET_NETWORK 0 psk "12345678787"')
+    check_pasn_akmp_cipher(dev[0], hapd, "SAE", "CCMP", status=1, nid="0")
+
+@remote_compatible
+def test_pasn_sae_while_connected_same_channel(dev, apdev):
+    """PASN SAE authentication while connected same channel"""
+    if "SAE" not in dev[0].get_capability("auth_alg"):
+        raise HwsimSkip("SAE not supported")
+
+    params = hostapd.wpa2_params(ssid="test-pasn-wpa2-psk",
+                                 passphrase="12345678")
+    hapd = hostapd.add_ap(apdev[0], params)
+
+    dev[0].connect("test-pasn-wpa2-psk", psk="12345678", scan_freq="2412")
+
+    params = hostapd.wpa2_params(ssid="test-pasn-sae",
+                                 passphrase="12345678")
+
+    params['wpa_key_mgmt'] = 'SAE PASN'
+    hapd = hostapd.add_ap(apdev[1], params)
+
+    dev[0].connect("test-pasn-sae", psk="12345678", key_mgmt="SAE",
+                   scan_freq="2412", only_add_network=True)
+
+    check_pasn_akmp_cipher(dev[0], hapd, "SAE", "CCMP", nid="1")
+
+@remote_compatible
+def test_pasn_sae_while_connected_diff_channel(dev, apdev):
+    """PASN SAE authentication while connected diff channel"""
+    if "SAE" not in dev[0].get_capability("auth_alg"):
+        raise HwsimSkip("SAE not supported")
+
+    with HWSimRadio(n_channels=2) as (radio, iface):
+        wpas = WpaSupplicant(global_iface='/tmp/wpas-wlan5')
+        wpas.interface_add(iface)
+
+        if wpas.get_mcc() < 2:
+            raise HwsimSkip("PASN: New radio does not support MCC")
+
+        params = hostapd.wpa2_params(ssid="test-pasn-wpa2-psk",
+                                     passphrase="12345678")
+        params['channel'] = "6"
+        hapd = hostapd.add_ap(apdev[0], params)
+
+        wpas.connect("test-pasn-wpa2-psk", psk="12345678", scan_freq="2437")
+
+        params = hostapd.wpa2_params(ssid="test-pasn-sae",
+                                     passphrase="12345678")
+
+        params['wpa_key_mgmt'] = 'SAE PASN'
+        hapd = hostapd.add_ap(apdev[1], params)
+
+        wpas.connect("test-pasn-sae", psk="12345678", key_mgmt="SAE",
+                       scan_freq="2412", only_add_network=True)
+
+        check_pasn_akmp_cipher(wpas, hapd, "SAE", "CCMP", nid="1")
-- 
2.17.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux