tests: OCI validation in the AMPE handshake (OCV)

Signed-off-by: Mathy Vanhoef <Mathy.Vanhoef@cs.kuleuven.be>
This commit is contained in:
Mathy Vanhoef 2018-08-06 15:46:43 -04:00 committed by Jouni Malinen
parent 034388ac9c
commit 0059625b77

View file

@ -306,7 +306,7 @@ def _test_mesh_open_rssi_threshold(dev, apdev, value, expected):
": " + str(mesh_rssi_threshold)) ": " + str(mesh_rssi_threshold))
def add_mesh_secure_net(dev, psk=True, pmf=False, pairwise=None, group=None, def add_mesh_secure_net(dev, psk=True, pmf=False, pairwise=None, group=None,
sae_password=False, sae_password_id=None): sae_password=False, sae_password_id=None, ocv=False):
id = dev.add_network() id = dev.add_network()
dev.set_network(id, "mode", "5") dev.set_network(id, "mode", "5")
dev.set_network_quoted(id, "ssid", "wpas-mesh-sec") dev.set_network_quoted(id, "ssid", "wpas-mesh-sec")
@ -324,6 +324,13 @@ def add_mesh_secure_net(dev, psk=True, pmf=False, pairwise=None, group=None,
dev.set_network(id, "pairwise", pairwise) dev.set_network(id, "pairwise", pairwise)
if group: if group:
dev.set_network(id, "group", group) dev.set_network(id, "group", group)
if ocv:
try:
dev.set_network(id, "ocv", "1")
except Exception, e:
if "SET_NETWORK failed" in str(e):
raise HwsimSkip("OCV not supported")
raise
return id return id
def test_wpas_mesh_secure(dev, apdev): def test_wpas_mesh_secure(dev, apdev):
@ -438,6 +445,134 @@ def test_mesh_secure_pmf(dev, apdev):
# Test connectivity 0->1 and 1->0 # Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1]) hwsim_utils.test_connectivity(dev[0], dev[1])
def test_mesh_secure_ocv(dev, apdev):
"""Secure mesh network connectivity with OCV enabled"""
check_mesh_support(dev[0], secure=True)
dev[0].request("SET sae_groups ")
id = add_mesh_secure_net(dev[0], pmf=True, ocv=True)
dev[0].mesh_group_add(id)
dev[1].request("SET sae_groups ")
id = add_mesh_secure_net(dev[1], pmf=True, ocv=True)
dev[1].mesh_group_add(id)
# Check for mesh joined
check_mesh_group_added(dev[0])
check_mesh_group_added(dev[1])
# Check for peer connected
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[1])
# Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1])
def test_mesh_secure_ocv_compat(dev, apdev):
"""Secure mesh network where only one peer has OCV enabled"""
check_mesh_support(dev[0], secure=True)
dev[0].request("SET sae_groups ")
id = add_mesh_secure_net(dev[0], pmf=True, ocv=True)
dev[0].mesh_group_add(id)
dev[1].request("SET sae_groups ")
id = add_mesh_secure_net(dev[1], pmf=True, ocv=False)
dev[1].mesh_group_add(id)
# Check for mesh joined
check_mesh_group_added(dev[0])
check_mesh_group_added(dev[1])
# Check for peer connected
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[1])
# Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1])
def set_reg(dev, country):
subprocess.call(['iw', 'reg', 'set', country])
for i in range(2):
for j in range(5):
ev = dev[i].wait_event(["CTRL-EVENT-REGDOM-CHANGE"], timeout=5)
if ev is None:
raise Exception("No regdom change event")
if "alpha2=" + country in ev:
break
def clear_reg_setting(dev):
dev[0].request("MESH_GROUP_REMOVE " + dev[0].ifname)
dev[1].request("MESH_GROUP_REMOVE " + dev[1].ifname)
subprocess.call(['iw', 'reg', 'set', '00'])
dev[0].flush_scan_cache()
dev[1].flush_scan_cache()
def test_mesh_secure_ocv_mix_legacy(dev, apdev):
"""Mesh network with a VHT STA and a legacy STA under OCV"""
try:
run_mesh_secure_ocv_mix_legacy(dev, apdev)
finally:
clear_reg_setting(dev)
def run_mesh_secure_ocv_mix_legacy(dev, apdev):
check_mesh_support(dev[0], secure=True)
set_reg(dev, 'AZ')
dev[0].request("SET sae_groups ")
id = add_mesh_secure_net(dev[0], pmf=True, ocv=True)
dev[0].set_network(id, "frequency", "5200")
dev[0].set_network(id, "max_oper_chwidth", "2")
dev[0].mesh_group_add(id)
dev[1].request("SET sae_groups ")
id = add_mesh_secure_net(dev[1], pmf=True, ocv=True)
dev[1].set_network(id, "frequency", "5200")
dev[1].set_network(id, "disable_vht", "1")
dev[1].set_network(id, "disable_ht40", "1")
dev[1].mesh_group_add(id)
# Check for mesh joined
check_mesh_group_added(dev[0])
check_mesh_group_added(dev[1])
# Check for peer connected
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[1])
# Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1])
def test_mesh_secure_ocv_mix_ht(dev, apdev):
"""Mesh network with a VHT STA and a HT STA under OCV"""
try:
run_mesh_secure_ocv_mix_ht(dev, apdev)
finally:
clear_reg_setting(dev)
def run_mesh_secure_ocv_mix_ht(dev, apdev):
check_mesh_support(dev[0], secure=True)
set_reg(dev, 'AZ')
dev[0].request("SET sae_groups ")
id = add_mesh_secure_net(dev[0], pmf=True, ocv=True)
dev[0].set_network(id, "frequency", "5200")
dev[0].set_network(id, "max_oper_chwidth", "2")
dev[0].mesh_group_add(id)
dev[1].request("SET sae_groups ")
id = add_mesh_secure_net(dev[1], pmf=True, ocv=True)
dev[1].set_network(id, "frequency", "5200")
dev[1].set_network(id, "disable_vht", "1")
dev[1].mesh_group_add(id)
# Check for mesh joined
check_mesh_group_added(dev[0])
check_mesh_group_added(dev[1])
# Check for peer connected
check_mesh_peer_connected(dev[0])
check_mesh_peer_connected(dev[1])
# Test connectivity 0->1 and 1->0
hwsim_utils.test_connectivity(dev[0], dev[1])
def run_mesh_secure(dev, cipher): def run_mesh_secure(dev, cipher):
if cipher not in dev[0].get_capability("pairwise"): if cipher not in dev[0].get_capability("pairwise"):
raise HwsimSkip("Cipher %s not supported" % cipher) raise HwsimSkip("Cipher %s not supported" % cipher)