From f28853fbc4d40056af862f0cef51a567444199cf Mon Sep 17 00:00:00 2001
From: Jouni Malinen <jouni@codeaurora.org>
Date: Thu, 23 Jan 2020 23:04:47 +0200
Subject: [PATCH] tests: OWE PTK derivation workarounds

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
---
 tests/hwsim/test_owe.py      | 54 ++++++++++++++++++++++++++++++++++++
 tests/hwsim/wpasupplicant.py |  1 +
 2 files changed, 55 insertions(+)

diff --git a/tests/hwsim/test_owe.py b/tests/hwsim/test_owe.py
index 9250558d1..eb5e8a72b 100644
--- a/tests/hwsim/test_owe.py
+++ b/tests/hwsim/test_owe.py
@@ -658,3 +658,57 @@ def test_owe_invalid_assoc_resp(dev, apdev):
         raise Exception("No result reported for empty public key")
     dev[0].request("REMOVE_NETWORK all")
     dev[0].dump_monitor()
+
+def start_owe(dev, apdev, workaround=0):
+    if "OWE" not in dev[0].get_capability("key_mgmt"):
+        raise HwsimSkip("OWE not supported")
+    params = {"ssid": "owe",
+              "wpa": "2",
+              "ieee80211w": "2",
+              "wpa_key_mgmt": "OWE",
+              "owe_ptk_workaround": str(workaround),
+              "rsn_pairwise": "CCMP"}
+    hapd = hostapd.add_ap(apdev[0], params)
+    dev[0].scan_for_bss(hapd.own_addr(), freq="2412")
+    return hapd
+
+def owe_check_ok(dev, hapd, owe_group, owe_ptk_workaround):
+    dev.connect("owe", key_mgmt="OWE", ieee80211w="2",
+                owe_group=owe_group, owe_ptk_workaround=owe_ptk_workaround,
+                scan_freq="2412")
+    hapd.wait_sta()
+    dev.request("REMOVE_NETWORK all")
+    dev.wait_disconnected()
+    dev.dump_monitor()
+
+def test_owe_ptk_workaround_ap(dev, apdev):
+    """Opportunistic Wireless Encryption - AP using PTK workaround"""
+    hapd = start_owe(dev, apdev, workaround=1)
+    for group, workaround in [(19, 0), (20, 0), (21, 0),
+                              (19, 1), (20, 1), (21, 1)]:
+        owe_check_ok(dev[0], hapd, str(group), str(workaround))
+
+def test_owe_ptk_hash(dev, apdev):
+    """Opportunistic Wireless Encryption - PTK derivation hash alg"""
+    hapd = start_owe(dev, apdev)
+    for group, workaround in [(19, 0), (20, 0), (21, 0), (19, 1)]:
+        owe_check_ok(dev[0], hapd, str(group), str(workaround))
+
+    for group in [20, 21]:
+        dev[0].connect("owe", key_mgmt="OWE", ieee80211w="2",
+                       owe_group=str(group), owe_ptk_workaround="1",
+                       scan_freq="2412", wait_connect=False)
+        ev = dev[0].wait_event(["PMKSA-CACHE-ADDED"], timeout=10)
+        if ev is None:
+            raise Exception("Could not complete OWE association")
+        ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED",
+                                "CTRL-EVENT-DISCONNECTED"], timeout=5)
+        if ev is None:
+            raise Exception("Unknown connection result")
+        if "CTRL-EVENT-CONNECTED" in ev:
+            raise Exception("Unexpected connection")
+        dev[0].request("REMOVE_NETWORK all")
+        ev = dev[0].wait_event(["PMKSA-CACHE-REMOVED"], timeout=5)
+        if ev is None:
+            raise Exception("No PMKSA cache removal event seen")
+        dev[0].dump_monitor()
diff --git a/tests/hwsim/wpasupplicant.py b/tests/hwsim/wpasupplicant.py
index e98a85bb2..38ae0920f 100644
--- a/tests/hwsim/wpasupplicant.py
+++ b/tests/hwsim/wpasupplicant.py
@@ -1090,6 +1090,7 @@ class WpaSupplicant:
                       "dpp_csign", "dpp_csign_expiry",
                       "dpp_netaccesskey", "dpp_netaccesskey_expiry",
                       "group_mgmt", "owe_group", "owe_only",
+                      "owe_ptk_workaround",
                       "roaming_consortium_selection", "ocv",
                       "multi_ap_backhaul_sta", "rx_stbc", "tx_stbc",
                       "ft_eap_pmksa_caching"]