The DPP Enrollee might wait for up to 60 seconds for the configuration,
so use a longer timeout value to be able to cover this negative test
case where the Configurator never sends the response.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
This group should not be used with SAE and as such, it could cause
confusing test errors here. Use an acceptable group instead.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
At least for the time being PKEXv2 needs CONFIG_DPP3=y to work in a
testable manner. Couple of the test cases did not cover this correctly
and resulted in failures (instead of skipping the tests) when the
default build configuration was used. Fix that by checking for DPP
version 3.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
Before, we could loose some events because of pipe buffering. I saw this
problem when running "ubus listen" or "logread -f" and waiting some
specific events. After disabling buffering this works much better.
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
This parameter was added with the commit message indicating the valid
reason code values to be 1-5, but with the implementation allowed only
1. There are five defined reason code values for the Association
Disallowed attribute, so extend the allowed range to cover all those
values.
Fixes: fb9a1c3e28 ("hostapd: Add MBO IE to Beacon, Probe Response, Association Response")
Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
Add the "InterworkingSelect" method to the DBus API to trigger an
Interworking scan with ANQP fetches. When a BSS that matches a
configured credential is found, the result is emitted using the signal
"InterworkingAPAdded". Completion of the full InterworkingSelect
operation is indicated with the "InterworkingSelectDone" signal.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
Add "AddCred", "RemoveCred", and "RemoveAllCreds" methods to the D-Bus
API of the network interface to allow the caller to manipulate a set of
Interworking credentials similarly to the way this was enabled through
the control interface.
Signed-off-by: Damien Dejean <damiendejean@chromium.org>
CONFIG_DPP3=y can now be used to configure hostapd and wpa_supplicant
builds to include DPP version 3 functionality. This functionality is
still under design and the implementation is experimental and not
suitable to be enabled in production uses before the specification has
been finalized.
Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
When checking DPP capabilities the Brainpool flag was not always set
when needed, leading to run a test with the Brainpool curves not
supported by BoringSSL.
Use a short form for the DER length of EC privateKey with NIST P-521
curve. Indeed BoringSSL returns an error when parsing DER sequence 30 81
50 ... because the length 81 50 could have been encoded as 50 and
according comment in BoringSSL:
ITU-T X.690 section 10.1 (DER length forms) requires encoding the
length with the minimum number of octets.
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
As BoringSSL version of i2d_PUBKEY() doesn't respect the
POINT_CONVERSION_COMPRESSED flag redefine a specific
crypto_ec_key_get_subject_public_key() version for BoringSSL based on
dpp_bootstrap_key_der().
The only other user of crypto_ec_key_get_subject_public_key() is SAE-PK
for which the public key should also be formatted using compressed
format.
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Move code of dpp_get_pubkey_point() to a crypto library specific
function crypto_ec_key_get_pubkey_point().
Signed-off-by: Cedric Izoard <cedric.izoard@ceva-dsp.com>
Add a common well-known regulatory database to the test VMs during runs
to remove one thing to have correct in the host.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>
Replaced the word "sanity" with the inclusive word "validity". The
comment in acs_survey_interference_factor() was referring a function
that does not exist, so remove it instead of trying rename the function.
Signed-off-by: Arowa Suliman <arowa@chromium.org>
Using __del__ for any kind of cleanup is not a good idea
as it's not guaranteed to be called at any particular time,
it's only called whenever the next garbage collect cycle
kicks in.
Use a context manager instead, which basically removes the
need for the try/finally and fixes the reliance on __del__.
Signed-off-by: Johannes Berg <johannes.berg@intel.com>