From 6480e5a9a08b0d5b09ae31443175efa6f9e9f6db Mon Sep 17 00:00:00 2001 From: Jouni Malinen Date: Wed, 17 Apr 2019 22:54:41 +0300 Subject: [PATCH] tests: PMKSA caching and PTK rekey triggered by AP Signed-off-by: Jouni Malinen --- tests/hwsim/test_pmksa_cache.py | 47 +++++++++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) diff --git a/tests/hwsim/test_pmksa_cache.py b/tests/hwsim/test_pmksa_cache.py index 83fec2ce9..a2c0e1975 100644 --- a/tests/hwsim/test_pmksa_cache.py +++ b/tests/hwsim/test_pmksa_cache.py @@ -132,6 +132,53 @@ def test_pmksa_cache_and_reauth(dev, apdev): if ev is None: raise Exception("EAP authentication did not succeed") +def test_pmksa_cache_and_ptk_rekey_ap(dev, apdev): + """PMKSA caching and PTK rekey triggered by AP""" + params = hostapd.wpa2_eap_params(ssid="test-pmksa-cache") + params['wpa_ptk_rekey'] = '2' + hapd = hostapd.add_ap(apdev[0], params) + bssid = apdev[0]['bssid'] + dev[0].connect("test-pmksa-cache", proto="RSN", key_mgmt="WPA-EAP", + eap="GPSK", identity="gpsk user", + password="abcdefghijklmnop0123456789abcdef", + scan_freq="2412") + + hostapd.add_ap(apdev[1], params) + bssid2 = apdev[1]['bssid'] + + dev[0].dump_monitor() + logger.info("Roam to AP2") + # It can take some time for the second AP to become ready to reply to Probe + # Request frames especially under heavy CPU load, so allow couple of rounds + # of scanning to avoid reporting errors incorrectly just because of scans + # not having seen the target AP. + for i in range(0, 10): + dev[0].scan(freq="2412") + if dev[0].get_bss(bssid2) is not None: + break + logger.info("Scan again to find target AP") + dev[0].request("ROAM " + bssid2) + ev = dev[0].wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=10) + if ev is None: + raise Exception("EAP success timed out") + dev[0].wait_connected(timeout=10, error="Roaming timed out") + + dev[0].dump_monitor() + logger.info("Roam back to AP1") + dev[0].scan(freq="2412") + dev[0].request("ROAM " + bssid) + ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED", + "CTRL-EVENT-CONNECTED"], timeout=10) + if ev is None: + raise Exception("Roaming with the AP timed out") + if "CTRL-EVENT-EAP-STARTED" in ev: + raise Exception("Unexpected EAP exchange") + + # Verify PTK rekeying after PMKSA caching + ev = dev[0].wait_event(["WPA: Key negotiation completed"], timeout=3) + if ev is None: + raise Exception("PTK rekey timed out") + def test_pmksa_cache_opportunistic_only_on_sta(dev, apdev): """Opportunistic PMKSA caching enabled only on station""" params = hostapd.wpa2_eap_params(ssid="test-pmksa-cache")