Commit graph

160 commits

Author SHA1 Message Date
Jouni Malinen
96bf8fe104 tests: PKCS #8 private key with PKCS #5 v1.5 and v2.0 format
This verifies client private key use in encrypted PKCS #8 format with
PKCS #5 v1.5 format using pbeWithMD5AndDES-CBC and PKCS #5 v2.0 format
using PBES2 with des-ede3-cbc.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-12-05 20:27:27 +02:00
Jouni Malinen
d6ba709aa3 tests: EAP-TLS with SHA512/SHA384 signature
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-30 00:39:38 +02:00
Jouni Malinen
cc71035f6c tests: ap_wpa2_eap_fast_prf_oom with internal TLS implementation
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 23:57:39 +02:00
Jouni Malinen
404597e630 tests: Skip ap_wpa2_eap_ttls_dh_params_dsa with internal TLS
DH DSA parameters are not yet supported.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:09:44 +02:00
Jouni Malinen
686eee77d2 tests: Skip PKCS#12 tests with internal TLS client implementation
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 21:07:39 +02:00
Jouni Malinen
e78eb40442 tests: Skip domain_match and domain_suffix_match with internal TLS
The internal TLS client in wpa_supplicant does not yet support the
functionality needed for these test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:35:05 +02:00
Jouni Malinen
2286578fe0 tests: TLS v1.2 check in ap_wpa2_eap_tls_versions for internal TLS
The internal TLS implementation in wpa_supplicant supports TLS v1.2, so
verify that this version can be disabled.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 20:04:26 +02:00
Jouni Malinen
bb0a72ab46 tests: Skip OCSP test cases with the internal TLS implementation
The internal TLS client implementation does not yet support OCSP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 19:32:45 +02:00
Jouni Malinen
0fc1b583e2 tests: ap_wpa2_eap_ttls_server_cert_hash with internal TLS client
Since the internal TLS client implementation in wpa_supplicant now has
sufficient support for this functionality, allow the test case to be
executed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-29 19:02:04 +02:00
Jouni Malinen
f2d789f20b tests: EAP-pwd with Brainpool EC
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-11-01 11:30:48 +02:00
Jouni Malinen
d4c3c055d5 tests: EAP-SIM DB error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-31 16:28:33 +02:00
Jouni Malinen
bf0ec17a51 tests: EAP-GPSK error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-17 21:42:36 +03:00
Jouni Malinen
7c0d66cf7a tests: EAP-MSCHAPv2 error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-12 01:55:00 +03:00
Jouni Malinen
0d2a7bad0f tests: MSCHAP UTF-8 to UCS-2 conversion error cases
This triggers all three error cases in utf8_to_ucs2().

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-10 18:41:22 +03:00
Jouni Malinen
d79ce4a6ce tests: Additional OCSP coverage
Verify OCSP stapling response that is signed by the CA rather than a
separate OCSP responder. In addition, verify that invalid signer
certificate (missing OCSP delegation) gets rejected.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-10 17:32:53 +03:00
Jouni Malinen
0c6185fc73 tests: Run through OCSP tests with BoringSSL
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-10-09 23:48:30 +03:00
Jouni Malinen
a359c7bb23 tests: Read monitor messages more frequently
These test cases left at least one of the attached monitor sockets
blocking for excessive time: ap_wpa2_eap_aka_ext,
ap_hs20_req_conn_capab_and_roaming_partner_preference,
ap_hs20_min_bandwidth_and_roaming_partner_preference, ap_wpa_ie_parsing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-04 20:45:20 +03:00
Jouni Malinen
4b9d79b66e tests: Make it less likely to overflow wlan5 control iface socket
Number of test cases did not read all control interface socket events
from the dynamically added wlan5 interface. This could result in hitting
maximum socket TX queue length and failures in the following test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-04 01:42:42 +03:00
Jouni Malinen
403610d386 tests: Update server and user certificates (2015)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-10-01 01:37:47 +03:00
Jouni Malinen
f455998afe tests: WPA2-Enterprise interactive identity entry and ENABLE_NETWORK
This verifies that ENABLE_NETWORK does not trigger reconnection if
already connected. The previous commit fixed a case where it was
possible for that to happen.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-09-22 12:03:53 +03:00
Jouni Malinen
f9dd43eac2 tests: EAP-TLS/TTLS/PEAP session resumption
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-24 19:28:12 +03:00
Jouni Malinen
0dae8c9974 tests: Skip TLS OCSP stapling test cases with BoringSSL builds
BoringSSL removed the OpenSSL API used to implement OCSP stapling
support.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-18 20:21:44 +03:00
Jouni Malinen
5f2e454790 tests: Allow group 25 to fail in ap_wpa2_eap_pwd_groups with BoringSSL
It looks like NID_X9_62_prime192v1 is not available, so allow that group
to fail without failing the full ap_wpa2_eap_pwd_groups test case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2015-08-18 19:52:38 +03:00
Jouni Malinen
6da3b745f1 tests: Try users2.pkcs12 twice to add coverage
This allows manual verification of extra PKCS#12 certificate processing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-11 01:10:15 +03:00
Jouni Malinen
ecafa0cf47 tests: RSN element protocol testing for STA side
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-08 20:04:07 +03:00
Jouni Malinen
38934ed100 tests: Skip ap_wpa2_eap_psk_oom and ap_ft_oom in FIPS mode
omac1_aes_128() implementation within crypto_openssl.c is used in this
case and that cannot fail the memory allocation similarly to the
non-FIPS case and aes-omac1.c.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
06cdd1cd79 tests: Allow FIPS error case for openssl_cipher_suite_config_wpas
OpenSSL rejects the cipher string 'EXPORT' in FIPS mode in a way that
results in the locally generated error showing up before the EAP method
has been accepted.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
0392867b6b tests: Skip EAP-pwd NTHash test in FIPS build
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
c8e82c94da tests: Skip EAP-IKEV2 tests if not included in the build
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
e7ac04ceaf tests: Skip EAP-MD5 and EAP-MSCHAPV2 test cases in FIPS mode
These would require MD5 or MD4 which are not allowed in FIPS mode.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
ca158ea621 tests: Skip EAP-TTLS/CHAP, MSCHAP, MSCHAPV2 test cases in FIPS mode
In addition, replace some of the CHAP cases with PAP since that enables
more coverage without breaking the main test focus.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-08-02 16:52:56 +03:00
Jouni Malinen
9dd21d5183 tests: Allow local disconnect in openssl_cipher_suite_config_wpas
The openssl_ciphers="EXPORT" case may result in locally generated
disconnection event if the OpenSSL version used in the build rejects
export ciphers in default configuration (which is what OpenSSL 1.1.0
will likely do). Don't report a test case failure in such a case.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-28 21:00:18 +03:00
Jouni Malinen
6c4b5da46d tests: EAP-TLS and TLS version configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-08 19:52:14 +03:00
Jouni Malinen
85774b70a1 tests: EAP server and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-01 00:42:09 +03:00
Jouni Malinen
405c621cdb tests: WPA2-Enterprise connection using MAC ACL
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-07-01 00:34:27 +03:00
Jouni Malinen
df7ad0fa11 tests: EAP-TLS and unknown OCSP signer
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 22:05:37 +03:00
Jouni Malinen
d2a1047e67 tests: Invalid OCSP data (parsing failure)
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 22:01:05 +03:00
Jouni Malinen
7be5ec991d tests: Invalid openssl_ciphers value
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:55:59 +03:00
Jouni Malinen
6eddd5303c tests: EAP-FAST/MSCHAPv2 and server OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-30 21:36:12 +03:00
Jouni Malinen
b3ff3decf6 tests: DH parameter file DSA conversion and error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
0c83ae0469 tests: EAP-TLS with PKCS12 that includes additional certificates
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
b1fb42751a tests: EAP-TLS and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
b197a8194b tests: EAP-TLS and server checking CRL
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
486f4e3c83 tests: EAP-SIM and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
f1ab79c34c tests: WPA2-Enterprise connection using EAP-IKEv2 and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
8c4e4c01f6 tests: WPA2-Enterprise connection using EAP-PSK and OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-29 23:23:56 +03:00
Jouni Malinen
27f2fab021 tests: WPA2-Enterprise connection using EAP-FAST and OOM in PRF
This is a regression test case for a memory leak on a TLS PRF error
path. In addition, this provides more coverage for this error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2015-06-19 01:23:24 +03:00
Jouni Malinen
5e0bedc63c tests: EAP-EKE with server OOM
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-24 13:36:16 +03:00
Jouni Malinen
f7e3c17b68 tests: WPA2-Enterprise connection using EAP-EKE with serverid NAI
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-24 12:48:52 +03:00
Jouni Malinen
5748d1e5f8 tests: EAP-TTLS with server certificate valid beyond UNIX time 2^31
Signed-off-by: Jouni Malinen <j@w1.fi>
2015-05-24 11:24:35 +03:00