Commit graph

2818 commits

Author SHA1 Message Date
Jouni Malinen
5da4b2f386 tests: DPP and PKEX (P-256) test vector
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 01:43:23 +02:00
Jouni Malinen
9f85f0edd3 tests: Probe Request frame RX events from hostapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
92fe5f567c tests: Fix dpp_auth_req_retries* check for DPP capability
Need to do this before trying to set the DPP test parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
8968acda9b tests: DPP Auth Req retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 13:15:40 +02:00
Jouni Malinen
fce412d3ef tests: DPP with SAE
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:24:08 +02:00
Jouni Malinen
af872d9d88 tests: DPP protocol testing - invalid I-nonce in Auth Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 17:34:05 +02:00
Jouni Malinen
169e341e34 tests: DPP and PKEX retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 15:55:51 +02:00
Jouni Malinen
cb6b22325f tests: sigma_dut DPP/QR initiator as Configurator (neg_freq)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:12:58 +02:00
Jouni Malinen
0e664e0c12 tests: sigma_dut DPP/QR initiator as Configurator or Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:02:37 +02:00
Jouni Malinen
951fc8df34 tests: Double TPK M2 during TDLS setup initiation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 00:49:17 +02:00
Jouni Malinen
7b111c04d0 tests: Open AP and STA reassociating back without auth exchange
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-20 21:31:36 +02:00
Jouni Malinen
de731ec25c tests: Additional DPP protocol testing for Peer Discovery Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 17:15:48 +02:00
Jouni Malinen
18b8c35b41 tests: Fix ap_cipher_tkip_countermeasures_sta2
hostapd implementation was changed to use a valid Status Code when
rejecting the connection. This test case was forgotten at the time, but
it needs a matching change to allow the new value (1 instead of 14).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-19 16:02:07 +02:00
Jouni Malinen
b0fda6b715 tests: DPP protocol testing - invalid Config Attr Obj in Conf Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
655e82b1bb tests: DPP protocol testing - invalid Status in Auth Resp/Conf
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
e486e5fdcb tests: sigma_dut DPP/QR (mutual) initiator (response pending)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:07:07 +02:00
Jouni Malinen
47183df78a tests: DPP protocol testing for invalid I/R-bootstrap key hash
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 11:33:22 +02:00
Jouni Malinen
dc515328a2 tests: DPP protocol testing - invalid I/R-proto key in Auth Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 00:12:37 +02:00
Jouni Malinen
20c18348e0 tests: sigma_dut controlled AP and PSKHEX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:09 +02:00
Jouni Malinen
a680f4ef39 tests: Use group 26 instead of 25 in mesh test cases
This allows mesh_sae_groups_invalid and
wpas_mesh_secure_sae_group_negotiation to be run with BoringSSL (group
25 not available anymore).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
8f08315737 tests: Skip fils_sk_pfs_25 with BoringSSL
It looks like BoringSSL has dropped support for group 25 (192-bit Random
ECP Group).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
9626bfbb8d tests: Skip ap_wpa2_eap_fast_eap_sim if no EAP-FAST support
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
d584946ec1 tests: Skip DPP tests with Brainpool curves when using BoringSSL
BoringSSL does not include these EC curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:08 +02:00
Jouni Malinen
211b5d1ba1 tests: sigma_dut DPP Configurator and self-configuration
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 19:14:21 +02:00
Jouni Malinen
14f8e08128 tests: Fix spelling of sigma_dut DPPConfEnrolleeRole argument
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 19:13:50 +02:00
Sriram R
e053465835 tests: Fix ap_config_reload_on_sighup test
Use absolute path name for configuration file to ensure the file can be
succesfully reloaded and read on SIGHUP signal. This is needed when
running the test case on host (i.e., not using a VM).

Signed-off-by: Sriram R <srirrama@qti.qualcomm.com>
2017-11-17 19:13:10 +02:00
Jouni Malinen
21fd5576a5 tests: sigma_dut and group cipher override on AP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:44:50 +02:00
Jouni Malinen
6af3b5934b tests: sigma_dut and AP enabling two pairwise ciphers
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:33:54 +02:00
Jouni Malinen
5068af8536 tests: hostapd group_cipher override
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:33:54 +02:00
Jouni Malinen
71db91db96 tests: sigma_dut DPP/QR (mutual) responder (response pending sequence)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 19:16:35 +02:00
Jouni Malinen
b014624bd5 tests: sigma_dut DPP/QR responder (channel list override)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 18:44:24 +02:00
Jouni Malinen
3eae3ee2e3 tests: DPP protocol testing - Auth Conf replaced by Res
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:55:56 +02:00
Jouni Malinen
ba37ba419a tests: DPP Authentication Response retries
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:26 +02:00
Jouni Malinen
51fbcad457 tests: DPP with Initiator in either role
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:22 +02:00
Jouni Malinen
751f7f7c42 tests: DPP bootstrapping info channel list
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 11:45:05 +02:00
Jouni Malinen
a0604a4236 tests: sigma_dut DPP protocol testing - Peer Discovery Request
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 12:59:12 +02:00
Jouni Malinen
993eab91a4 tests: DPP protocol testing - network introduction
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 12:40:47 +02:00
Jouni Malinen
8c735316af tests: sigma_dut and DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 00:35:58 +02:00
Jouni Malinen
b900fb1a43 tests: sigma_dut controlled AP as DPP PKEX responder
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-04 12:33:03 +02:00
Jouni Malinen
efa77d0abf tests: hostapd as DPP Responder requiring mutual authentication
This verifies the qr=mutual case with STATUS_RESPONSE_PENDING.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-04 12:33:03 +02:00
Jouni Malinen
686cfce934 tests: DPP Protocol testing for invalid Config Resp attribute values
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:14:08 +02:00
Jouni Malinen
bdf987b737 tests: DPP Config Request/Response missing attributes
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:14:08 +02:00
Jouni Malinen
c20d3ca8f7 tests: DPP protocol - I/R-auth tag mismatch in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 20:18:52 +02:00
Jouni Malinen
fd4639aaa0 tests: DPP protocol - invalid Bootstrap Key in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
230028a371 tests: DPP protocol testing - invalid Status in PKEX Exchange Response
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
aa485b0e81 tests: DPP and PKEX with mismatching code limit
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
84d53c775c tests: DPP PKEX retry after incorrect PKEX code
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
dab5642089 tests: DPP and PKEX with mismatching curve
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
c45d45ba61 tests: WPA+WPA2-PSK/TKIP countermeasures (detected by mixed mode AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
dea2ab99d7 tests: DPP protocol testing - invalid Encrypted Key in PKEX Exchange
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
d5f89062a8 tests: Missing attributes in DPP PKEX messages
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
d592d13433 tests: DPP and PKEX with mismatching code
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:25:35 +02:00
Jouni Malinen
d84c0cf46c tests: sigma_dut DPP functionality
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:05:37 +02:00
Jouni Malinen
299196c4c7 tests: Require use of PMF with DPP AKM
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-01 17:24:18 +02:00
Jouni Malinen
3bee996c87 tests: New hostapd STATUS/STA values
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-31 17:10:17 +02:00
Jouni Malinen
41d5af5544 tests: ap_wpa2_eap_tls_versions to test TLSv1.2 with OpenSSL 1.1
Change the test condition from "is OpenSSL 1.0.2" to "is not OpenSSL
1.0.1", so that the TLSv1.2 test step gets executed with OpenSSL 1.0.2
and 1.1 (and newer).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-30 12:08:19 +02:00
Jouni Malinen
ce4e80ad0f tests: WNM Sleep Mode - RSN with PMF and GTK/IGTK workaround
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-29 17:19:07 +02:00
Jouni Malinen
257ad53c1d tests: WPA2-PSK AP and GTK rekey by AP request
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-29 17:00:50 +02:00
Johannes Berg
7d1ebdec18 tests: tshark: deal with "wlan_mgt" -> "wlan" rename
Recent versions of tshark/wireshark renamed these fields, deal
with that in the tshark wrapper code.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-29 16:48:05 +02:00
Jouni Malinen
13dc368aa9 tests: DPP authentication exchange with requested different channel
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 16:09:56 +02:00
Jouni Malinen
d045b7a182 tests: DPP network introduction mismatch cases
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 12:44:01 +02:00
Jouni Malinen
ba0840c9f8 tests: DPP protocol testing incorrect I-nonce, R-capab, R-auth, I-auth
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-28 17:44:14 +03:00
Jouni Malinen
f7380b47a1 tests: DPP fallback to non-mutual authentication on Initiator
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
b3a93f8fab tests: DPP protocol testing - Auth Conf attribute omission
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
a0e3e22263 tests: DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 22:50:19 +03:00
Jouni Malinen
77f52098a5 tests: Make sae_invalid_anti_clogging_token_req more robust
Beacon more frequently since Probe Request frames are practically ignored
in this test setup (ext_mgmt_frame_handled=1 on hostapd side) and
wpa_supplicant scans may end up getting ignored if no new results are
available due to the missing Probe Response frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-22 17:21:57 +03:00
Johannes Berg
18cdbb3c80 tests: Add a script to aid bisecting Linux kernel with hwsim VM
I find myself writing a version of this script every now and
then, but there's little point in that - just add one to the
tree so we can use it again.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-21 12:04:53 +03:00
Jouni Malinen
f81c1411f3 tests: WPA2-EAP-FT AP (pull PMK) - wildcard R0KH/R1KH
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 12:00:22 +03:00
Jouni Malinen
20a09e08cc tests: hostapd configuration reload modification from file on SIGHUP
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 11:29:45 +03:00
Jouni Malinen
60890ca4ee tests: Delayed PTK rekey exchange attack protection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:37 +03:00
Jouni Malinen
6e3027a57e Fix the notes on EAPOL-Key testing procedures
The extra sanity check for replay protection in these procedures ended
up breaking the tests. RESET_PN cannot be used before RESEND_* commands
since that would prevent the DUT from accepting the retransmitted
EAPOL-Key frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
d903716976 tests: Enable bss_transition in wnm_bss_tm_req_with_mbo_ie
This is needed once BSS TM processing is skipped if the functionality is
not enabled explicitly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
c9dc89968d tests: Skip new ap_ciphers tests cleanly for missing mac80211 debugfs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 23:32:26 +03:00
Jouni Malinen
1613e0121c Add notes on how to do cipher suite and key management testing
This describes how various wpa_supplicant/hostapd extensions can be used
to test IEEE 802.11 functionality in other devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
fd1b15aca3 tests: CCMP/TKIP/GCMP replay protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
862363babe tests: Plaintext EAPOL-Key frames when TK is configured
These test cases do not really verify any specific DUT behavior
automatically, i.e., these are here to generate sniffer captures for
manual analysis.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 18:32:16 +03:00
Jouni Malinen
4bb2272bab tests: Delayed M1+M3 retransmission and zero TK
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:28:55 +03:00
Jouni Malinen
59cbfa7c86 tests: Delayed 4-way handshake M1 and M3 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:27:38 +03:00
Jouni Malinen
724152a1ef tests: Delayed group M1 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:25:27 +03:00
Jouni Malinen
8e5931f0c7 tests: More robust owe_transition_mode* tests
Flush old scan results in these test cases to avoid checking incorrect
scan result entry.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-18 01:19:42 +03:00
Jouni Malinen
ec765bc797 tests: Disabling of EAPOL-Key retries
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:07:17 +03:00
Jouni Malinen
3bcc524733 tests: WPA2-PSK AP and PTK rekey enforced by station and ANonce change
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:48:25 +03:00
Jouni Malinen
b74f82a4f8 tests: Comment out during-association TK-in-memory checks
TK needs to be maintained in memory for additional testing
functionality, so for now, comment out these checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:43:10 +03:00
Jouni Malinen
f4528fbf51 tests: 4-way handshake msg 3/4 replay with extra msg 1/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
2956fcc401 tests: Remove peerkey testing
This is in preparation of complete removal of the PeerKey functionality.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
e22aa2f6ec tests: Fix wnm_action_proto_no_pmf to have active WNM_SLEEP operation
The previous designed worked since wpa_supplicant did not track pending
request state. With such tracking added, this test case needs to make
sure there is a pending operation when injecting the invalid response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
c29475a932 tests: Delayed EAPOL-Key msg 3/4 replaying attack
This hits the new wpa_supplicant code path that rejects reconfiguration
of the same GTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
5a79966f9e tests: Replayed FILS association request
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
6db556b21d tests: Allow wpa_supplicant to maintain GTK in memory during association
This is needed to allow GTK configuration triggers to verify whether the
key has changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
d7f0bef94e tests: WPA2-PSK-FT AP and replayed Reassociation Request frame
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
89c343e887 tests: sigma_dut ap_get_mac_address
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-12 00:02:10 +03:00
Jouni Malinen
6644069ca9 tests: sigma_dut SAE and long password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
606ef7d328 tests: SAE with sae_password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
7413c34d5e tests: Add the forgotten files for owe_transition_mode_multi_bss
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 12:16:19 +03:00
Jouni Malinen
86fd7d70e8 tests: sigma_dut controlled AP with OWE and transition mode
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 22:40:15 +03:00
Jouni Malinen
7f811be59e tests: sigma_dut controlled AP with OWE and ECGroupID
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
35a0713c75 tests: Opportunistic Wireless Encryption and limited group set
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
e30de6c250 tests: sigma_dut OWE with invalid DH Param element
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:35:19 +03:00
Jouni Malinen
25fdb2756c tests: Opportunistic Wireless Encryption and unsupported group
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:27:58 +03:00
Jouni Malinen
2e37b5fbe7 tests: Remove op_cl and ch_list from DPP
These were removed from the protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:34:49 +03:00