[PATCH v2 14/14] tests: Add PASN tests with FT key derivation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Ilan Peer <ilan.peer@xxxxxxxxx>
---
 tests/hwsim/test_pasn.py | 95 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 95 insertions(+)

diff --git a/tests/hwsim/test_pasn.py b/tests/hwsim/test_pasn.py
index e681ba190a..15f62ef830 100644
--- a/tests/hwsim/test_pasn.py
+++ b/tests/hwsim/test_pasn.py
@@ -22,6 +22,7 @@ from hwsim import HWSimRadio
 from test_erp import check_erp_capa, start_erp_as
 from test_fils import check_fils_capa
 import re
+from test_ap_ft import run_roams, ft_params1, ft_params2
 
 def check_pasn_capab(dev):
     if "PASN" not in dev.get_capability("auth_alg"):
@@ -575,3 +576,97 @@ def test_pasn_comeback(dev, apdev, params):
         raise Exception("PASN: unexpected status with comeback token")
 
     check_pasn_ptk(dev[0], hapd, "CCMP")
+
+def test_pasn_ft_psk(dev, apdev):
+    """PASN authentication with FT-PSK"""
+    check_pasn_capab(dev[0])
+
+    ssid = "test-pasn-ft-psk"
+    passphrase = "12345678"
+
+    params = ft_params1(ssid=ssid, passphrase=passphrase)
+    params['wpa_key_mgmt'] += " PASN"
+    hapd0 = hostapd.add_ap(apdev[0], params)
+    params = ft_params2(ssid=ssid, passphrase=passphrase)
+    params['wpa_key_mgmt'] += " PASN"
+    hapd1 = hostapd.add_ap(apdev[1], params)
+
+    run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase)
+
+    if dev[0].get_status_field('bssid') == apdev[0]['bssid']:
+        pasn_hapd = hapd1
+    else:
+        pasn_hapd = hapd0
+
+    check_pasn_akmp_cipher(dev[0], pasn_hapd, "FT-PSK", "CCMP")
+
+    run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, only_one_way=1)
+
+    if dev[0].get_status_field('bssid') == apdev[0]['bssid']:
+        pasn_hapd = hapd1
+    else:
+        pasn_hapd = hapd0
+
+    check_pasn_akmp_cipher(dev[0], pasn_hapd, "FT-PSK", "CCMP")
+
+def test_pasn_ft_eap(dev, apdev):
+    """PASN authentication with FT-EAP"""
+    check_pasn_capab(dev[0])
+
+    ssid = "test-pasn-ft-psk"
+    passphrase = "12345678"
+    identity = "gpsk user"
+
+    radius = hostapd.radius_params()
+    params = ft_params1(ssid=ssid, passphrase=passphrase)
+    params['wpa_key_mgmt'] = "FT-EAP PASN"
+    params["ieee8021x"] = "1"
+    params = dict(list(radius.items()) + list(params.items()))
+    hapd0 = hostapd.add_ap(apdev[0], params)
+
+    params = ft_params2(ssid=ssid, passphrase=passphrase)
+    params['wpa_key_mgmt'] = "FT-EAP PASN"
+    params["ieee8021x"] = "1"
+    params = dict(list(radius.items()) + list(params.items()))
+    hapd1 = hostapd.add_ap(apdev[1], params)
+
+    run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, eap=True, eap_identity=identity)
+
+    if dev[0].get_status_field('bssid') == apdev[0]['bssid']:
+        pasn_hapd = hapd1
+    else:
+        pasn_hapd = hapd0
+
+    check_pasn_akmp_cipher(dev[0], pasn_hapd, "FT-EAP", "CCMP")
+
+def test_pasn_ft_eap_sha384(dev, apdev):
+    """PASN authentication with FT-EAP-SHA-384"""
+    check_pasn_capab(dev[0])
+
+    ssid = "test-pasn-ft-psk"
+    passphrase = "12345678"
+    identity = "gpsk user"
+
+    radius = hostapd.radius_params()
+    params = ft_params1(ssid=ssid, passphrase=passphrase)
+    params["ieee80211w"] = "2"
+    params['wpa_key_mgmt'] = "FT-EAP-SHA384 PASN"
+    params["ieee8021x"] = "1"
+    params = dict(list(radius.items()) + list(params.items()))
+    hapd0 = hostapd.add_ap(apdev[0], params)
+
+    params = ft_params2(ssid=ssid, passphrase=passphrase)
+    params["ieee80211w"] = "2"
+    params['wpa_key_mgmt'] = "FT-EAP-SHA384 PASN"
+    params["ieee8021x"] = "1"
+    params = dict(list(radius.items()) + list(params.items()))
+    hapd1 = hostapd.add_ap(apdev[1], params)
+
+    run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, eap=True, sha384=True)
+
+    if dev[0].get_status_field('bssid') == apdev[0]['bssid']:
+        pasn_hapd = hapd1
+    else:
+        pasn_hapd = hapd0
+
+    check_pasn_akmp_cipher(dev[0], pasn_hapd, "FT-EAP-SHA384", "CCMP")
-- 
2.17.1


_______________________________________________
Hostap mailing list
Hostap@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/hostap



[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]

  Powered by Linux