tests: Public key hash information in authentication and AP association
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This commit is contained in:
parent
e2d88f86ee
commit
ed68ac9301
2 changed files with 51 additions and 2 deletions
|
@ -282,6 +282,7 @@ class Hostapd:
|
||||||
raise Exception("AP did not report STA connection")
|
raise Exception("AP did not report STA connection")
|
||||||
if addr and addr not in ev:
|
if addr and addr not in ev:
|
||||||
raise Exception("Unexpected STA address in connection event: " + ev)
|
raise Exception("Unexpected STA address in connection event: " + ev)
|
||||||
|
return ev
|
||||||
|
|
||||||
def wait_ptkinitdone(self, addr, timeout=2):
|
def wait_ptkinitdone(self, addr, timeout=2):
|
||||||
while timeout > 0:
|
while timeout > 0:
|
||||||
|
|
|
@ -1632,6 +1632,7 @@ params1_ap_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVm
|
||||||
params1_ap_netaccesskey = "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
|
params1_ap_netaccesskey = "30770201010420f6531d17f29dfab655b7c9e923478d5a345164c489aadd44a3519c3e9dcc792da00a06082a8648ce3d030107a14403420004d3cab13525c6e15ce0056a5c506309839b37a2520d4d19444f98438ba0c972f751a85a5c0cc911940131786d4c1c9879893d9086fdf4fd3b43f32aa125154932"
|
||||||
params1_sta_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
|
params1_sta_connector = "eyJ0eXAiOiJkcHBDb24iLCJraWQiOiJzOEFrYjg5bTV4UGhoYk5UbTVmVVo0eVBzNU5VMkdxYXNRY3hXUWhtQVFRIiwiYWxnIjoiRVMyNTYifQ.eyJncm91cHMiOlt7Imdyb3VwSWQiOiIqIiwibmV0Um9sZSI6InN0YSJ9XSwibmV0QWNjZXNzS2V5Ijp7Imt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiZWMzR3NqQ3lQMzVBUUZOQUJJdEltQnN4WXVyMGJZX1dES1lfSE9zUGdjNCIsInkiOiJTRS1HVllkdWVnTFhLMU1TQXZNMEx2QWdLREpTNWoyQVhCbE9PMTdUSTRBIn19.PDK9zsGlK-e1pEOmNxVeJfCS8pNeay6ckIS1TXCQsR64AR-9wFPCNVjqOxWvVKltehyMFqVAtOcv0IrjtMJFqQ"
|
||||||
params1_sta_netaccesskey = "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
|
params1_sta_netaccesskey = "30770201010420bc33380c26fd2168b69cd8242ed1df07ba89aa4813f8d4e8523de6ca3f8dd28ba00a06082a8648ce3d030107a1440342000479cdc6b230b23f7e40405340048b48981b3162eaf46d8fd60ca63f1ceb0f81ce484f8655876e7a02d72b531202f3342ef020283252e63d805c194e3b5ed32380"
|
||||||
|
params1_sta_pk_hash = "38f1ba82b3b49ef1c9ab616e5e94a914c75af3a4d6e25b7f112741e530f3b8e6"
|
||||||
|
|
||||||
def test_dpp_network_introduction(dev, apdev):
|
def test_dpp_network_introduction(dev, apdev):
|
||||||
"""DPP network introduction"""
|
"""DPP network introduction"""
|
||||||
|
@ -1660,6 +1661,16 @@ def test_dpp_network_introduction(dev, apdev):
|
||||||
if val != "DPP":
|
if val != "DPP":
|
||||||
raise Exception("Unexpected key_mgmt: " + val)
|
raise Exception("Unexpected key_mgmt: " + val)
|
||||||
|
|
||||||
|
ev = hapd.wait_sta(dev[0].own_addr())
|
||||||
|
if "dpp_pkhash=" + params1_sta_pk_hash not in ev:
|
||||||
|
raise Exception("dpp_pkhash not reported correctly: " + ev)
|
||||||
|
|
||||||
|
sta = hapd.get_sta(dev[0].own_addr())
|
||||||
|
if 'dpp_pkhash' not in sta:
|
||||||
|
raise Exception("dpp_pkhash not included in STA info")
|
||||||
|
if sta['dpp_pkhash'] != params1_sta_pk_hash:
|
||||||
|
raise Exception("Incorrect dpp_pkhash in STA info: " + sta['dpp_pkhash'])
|
||||||
|
|
||||||
def test_dpp_network_introduction_expired(dev, apdev):
|
def test_dpp_network_introduction_expired(dev, apdev):
|
||||||
"""DPP network introduction with expired netaccesskey"""
|
"""DPP network introduction with expired netaccesskey"""
|
||||||
check_dpp_capab(dev[0])
|
check_dpp_capab(dev[0])
|
||||||
|
@ -1949,8 +1960,10 @@ def run_dpp_ap_config(dev, apdev, curve=None, conf_curve=None,
|
||||||
passphrase="secret SAE password")
|
passphrase="secret SAE password")
|
||||||
else:
|
else:
|
||||||
dev[0].dpp_auth_init(uri=uri1, conf="sta-dpp", configurator=conf_id)
|
dev[0].dpp_auth_init(uri=uri1, conf="sta-dpp", configurator=conf_id)
|
||||||
wait_auth_success(dev[1], dev[0], configurator=dev[0], enrollee=dev[1],
|
res = wait_auth_success(dev[1], dev[0],
|
||||||
stop_responder=True)
|
configurator=dev[0], enrollee=dev[1],
|
||||||
|
stop_responder=True)
|
||||||
|
sta_pk_hash = res['initiator-auth-success-pkhash']
|
||||||
|
|
||||||
ev = dev[1].wait_event(["DPP-CONFOBJ-SSID"], timeout=1)
|
ev = dev[1].wait_event(["DPP-CONFOBJ-SSID"], timeout=1)
|
||||||
if ev is None:
|
if ev is None:
|
||||||
|
@ -1997,6 +2010,31 @@ def run_dpp_ap_config(dev, apdev, curve=None, conf_curve=None,
|
||||||
dev[1].select_network(id, freq="2412")
|
dev[1].select_network(id, freq="2412")
|
||||||
dev[1].wait_connected()
|
dev[1].wait_connected()
|
||||||
|
|
||||||
|
if not sae:
|
||||||
|
ev = hapd.wait_sta(dev[1].own_addr())
|
||||||
|
if "dpp_pkhash=" + sta_pk_hash not in ev:
|
||||||
|
raise Exception("dpp_pkhash not reported correctly: " + ev)
|
||||||
|
|
||||||
|
sta = hapd.get_sta(dev[1].own_addr())
|
||||||
|
if 'dpp_pkhash' not in sta:
|
||||||
|
raise Exception("dpp_pkhash not included in STA info")
|
||||||
|
if sta['dpp_pkhash'] != sta_pk_hash:
|
||||||
|
raise Exception("Incorrect dpp_pkhash in STA info: " + sta['dpp_pkhash'])
|
||||||
|
|
||||||
|
dev[1].request("DISCONNECT")
|
||||||
|
dev[1].wait_disconnected()
|
||||||
|
dev[1].request("RECONNECT")
|
||||||
|
dev[1].wait_connected()
|
||||||
|
ev = hapd.wait_sta(dev[1].own_addr())
|
||||||
|
if "dpp_pkhash=" + sta_pk_hash not in ev:
|
||||||
|
raise Exception("dpp_pkhash not reported correctly(2): " + ev)
|
||||||
|
|
||||||
|
sta = hapd.get_sta(dev[1].own_addr())
|
||||||
|
if 'dpp_pkhash' not in sta:
|
||||||
|
raise Exception("dpp_pkhash not included in STA info(2)")
|
||||||
|
if sta['dpp_pkhash'] != sta_pk_hash:
|
||||||
|
raise Exception("Incorrect dpp_pkhash in STA info(2): " + sta['dpp_pkhash'])
|
||||||
|
|
||||||
def test_dpp_auto_connect_1(dev, apdev):
|
def test_dpp_auto_connect_1(dev, apdev):
|
||||||
"""DPP and auto connect (1)"""
|
"""DPP and auto connect (1)"""
|
||||||
try:
|
try:
|
||||||
|
@ -4685,9 +4723,19 @@ def wait_auth_success(responder, initiator, configurator=None, enrollee=None,
|
||||||
ev = responder.wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout=timeout)
|
ev = responder.wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout=timeout)
|
||||||
if ev is None or "DPP-AUTH-SUCCESS" not in ev:
|
if ev is None or "DPP-AUTH-SUCCESS" not in ev:
|
||||||
raise Exception("DPP authentication did not succeed (Responder)")
|
raise Exception("DPP authentication did not succeed (Responder)")
|
||||||
|
for i in ev.split(' '):
|
||||||
|
a = i.split('=')
|
||||||
|
if len(a) < 2:
|
||||||
|
continue
|
||||||
|
res['responder-auth-success-' + a[0]] = a[1]
|
||||||
ev = initiator.wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout=5)
|
ev = initiator.wait_event(["DPP-AUTH-SUCCESS", "DPP-FAIL"], timeout=5)
|
||||||
if ev is None or "DPP-AUTH-SUCCESS" not in ev:
|
if ev is None or "DPP-AUTH-SUCCESS" not in ev:
|
||||||
raise Exception("DPP authentication did not succeed (Initiator)")
|
raise Exception("DPP authentication did not succeed (Initiator)")
|
||||||
|
for i in ev.split(' '):
|
||||||
|
a = i.split('=')
|
||||||
|
if len(a) < 2:
|
||||||
|
continue
|
||||||
|
res['initiator-auth-success-' + a[0]] = a[1]
|
||||||
if configurator:
|
if configurator:
|
||||||
ev = configurator.wait_event(["DPP-CONF-SENT",
|
ev = configurator.wait_event(["DPP-CONF-SENT",
|
||||||
"DPP-CONF-FAILED"], timeout=5)
|
"DPP-CONF-FAILED"], timeout=5)
|
||||||
|
|
Loading…
Reference in a new issue