tests: EAP-TLSv1.3 and missing protected success indication

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2022-04-05 23:50:56 +03:00 · 2022-04-05 23:50:56 +03:00 · 202842b8b3
commit 202842b8b3
parent 7114e56060
1 changed files with 16 additions and 1 deletions
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@ -206,7 +206,7 @@ def eap_check_auth(dev, method, initial, rsn=True, sha256=False,
            return
        if not local_error_report:
            if "reason=23" not in ev:
-                raise Exception("Proper reason code for disconnection not reported")
+                raise Exception("Proper reason code for disconnection not reported: " + ev)
        return
    if report_failure:
        ev = dev.wait_event(["CTRL-EVENT-EAP-SUCCESS",
@ -5959,6 +5959,21 @@ def test_ap_wpa2_eap_tls_13(dev, apdev):
    dev[0].request("RECONNECT")
    dev[0].wait_connected()

+def test_ap_wpa2_eap_tls_13_missing_prot_success(dev, apdev):
+    """EAP-TLSv1.3 and missing protected success indication"""
+    params = int_eap_server_params()
+    params['tls_flags'] = '[ENABLE-TLSv1.3]'
+    params['eap_skip_prot_success'] = '1'
+    hapd = hostapd.add_ap(apdev[0], params)
+
+    check_tls13_support(dev[0])
+    id = eap_connect(dev[0], hapd, "TLS", "tls user",
+                     ca_cert="auth_serv/ca.pem",
+                     client_cert="auth_serv/user.pem",
+                     private_key="auth_serv/user.key",
+                     phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0",
+                     expect_failure=True, local_error_report=True)
+
 def test_ap_wpa2_eap_ttls_13(dev, apdev):
    """EAP-TTLS and TLS 1.3"""
    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")