tests: FILS and PTK rekeying

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
This commit is contained in:
Jouni Malinen 2019-04-17 22:54:23 +03:00 committed by Jouni Malinen
parent a40bd06e9b
commit 4731296759

View file

@ -1654,8 +1654,8 @@ def test_fils_sk_auth_mismatch(dev, apdev, params):
dev[0].wait_connected() dev[0].wait_connected()
hwsim_utils.test_connectivity(dev[0], hapd) hwsim_utils.test_connectivity(dev[0], hapd)
def test_fils_auth_gtk_rekey(dev, apdev, params): def setup_fils_rekey(dev, apdev, params, wpa_ptk_rekey=0, wpa_group_rekey=0,
"""GTK rekeying after FILS authentication""" pmksa_caching=True):
check_fils_capa(dev[0]) check_fils_capa(dev[0])
check_erp_capa(dev[0]) check_erp_capa(dev[0])
@ -1667,7 +1667,12 @@ def test_fils_auth_gtk_rekey(dev, apdev, params):
params['auth_server_port'] = "18128" params['auth_server_port'] = "18128"
params['erp_domain'] = 'example.com' params['erp_domain'] = 'example.com'
params['fils_realm'] = 'example.com' params['fils_realm'] = 'example.com'
params['wpa_group_rekey'] = '1' if wpa_ptk_rekey:
params['wpa_ptk_rekey'] = str(wpa_ptk_rekey)
if wpa_group_rekey:
params['wpa_group_rekey'] = str(wpa_group_rekey)
if not pmksa_caching:
params['disable_pmksa_caching'] = '1'
hapd = hostapd.add_ap(apdev[0]['ifname'], params) hapd = hostapd.add_ap(apdev[0]['ifname'], params)
dev[0].scan_for_bss(bssid, freq=2412) dev[0].scan_for_bss(bssid, freq=2412)
@ -1685,12 +1690,17 @@ def test_fils_auth_gtk_rekey(dev, apdev, params):
ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED", ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED",
"CTRL-EVENT-CONNECTED"], timeout=10) "CTRL-EVENT-CONNECTED"], timeout=10)
if ev is None: if ev is None:
raise Exception("Connection using PMKSA caching timed out") raise Exception("Connection using ERP or PMKSA caching timed out")
if "CTRL-EVENT-EAP-STARTED" in ev: if "CTRL-EVENT-EAP-STARTED" in ev:
raise Exception("Unexpected EAP exchange") raise Exception("Unexpected EAP exchange")
dev[0].dump_monitor() dev[0].dump_monitor()
hwsim_utils.test_connectivity(dev[0], hapd) hwsim_utils.test_connectivity(dev[0], hapd)
return hapd
def test_fils_auth_gtk_rekey(dev, apdev, params):
"""GTK rekeying after FILS authentication"""
hapd = setup_fils_rekey(dev, apdev, params, wpa_group_rekey=1)
ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2) ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
if ev is None: if ev is None:
raise Exception("GTK rekey timed out") raise Exception("GTK rekey timed out")
@ -1701,6 +1711,33 @@ def test_fils_auth_gtk_rekey(dev, apdev, params):
raise Exception("Rekeying failed - disconnected") raise Exception("Rekeying failed - disconnected")
hwsim_utils.test_connectivity(dev[0], hapd) hwsim_utils.test_connectivity(dev[0], hapd)
def test_fils_auth_ptk_rekey_ap(dev, apdev, params):
"""PTK rekeying after FILS authentication triggered by AP"""
hapd = setup_fils_rekey(dev, apdev, params, wpa_ptk_rekey=2)
ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=3)
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=1)
if ev is not None:
raise Exception("Rekeying failed - disconnected")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_fils_auth_ptk_rekey_ap_erp(dev, apdev, params):
"""PTK rekeying after FILS authentication triggered by AP (ERP)"""
hapd = setup_fils_rekey(dev, apdev, params, wpa_ptk_rekey=2,
pmksa_caching=False)
ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=3)
if ev is None:
raise Exception("PTK rekey timed out")
hwsim_utils.test_connectivity(dev[0], hapd)
ev = dev[0].wait_event(["CTRL-EVENT-DISCONNECTED"], timeout=1)
if ev is not None:
raise Exception("Rekeying failed - disconnected")
hwsim_utils.test_connectivity(dev[0], hapd)
def test_fils_and_ft(dev, apdev, params): def test_fils_and_ft(dev, apdev, params):
"""FILS SK using ERP and FT initial mobility domain association""" """FILS SK using ERP and FT initial mobility domain association"""
check_fils_capa(dev[0]) check_fils_capa(dev[0])