Commit graph

3089 commits

Author SHA1 Message Date
Jouni Malinen
23c024b9c1 tests: Do not fail if driver supports power saving
Couple of "invalid value" tests started to fail now that mac80211_hwsim
actually accepts power save configuration. Fix these by running the same
command for more code coverage, but in a way that ignores the result of
the operation (succeeds with older kernel versions and fails with
newer).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-04 23:56:32 +03:00
Jouni Malinen
f98fdc4e4b tests: wpa_supplicant STATUS output and ieee80211ac=1
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-05-04 20:19:17 +03:00
Jouni Malinen
585e728a5c tests: Skip OCSP tests with wolfSSL
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-02 13:32:51 +03:00
Sean Parkinson
f08362e9ce tests: Use same certificates as used for GnuTLS with wolfSSL
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:57 +03:00
Sean Parkinson
7d5df79f2d tests: Use a valid key exchange value in eap_proto_ikev2
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:38 +03:00
Jouni Malinen
832b736fb2 tests: Add TLS v1.3 into ap_wpa2_eap_tls_versions
When running with OpenSSL 1.1.1, verify that EAP-TLS can be used with
TLS v1.3.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
1150d0756a tests: Enable TLS v1.3 explicitly in the authentication server
For testing purposes, enable TLS v1.3 in the authentication server so
that the protocol version can be controlled from wpa_supplicant side
more easily.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
0d34c13a72 tests: Ignore openssl_cipher_suite_config_hapd failure (OpenSSL 1.1.1)
It looks like OpenSSL 1.1.1 accepted the openssl_ciphers=FOO test
configuration or well, at least does not reject it like previous
versions did. For now, ignore this failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 22:13:38 +03:00
Jouni Malinen
a61ee84d0c tests: Fix ap_wpa2_eap_fast_cipher_suites with OpenSSL 1.1.1
RC4-SHA cipher case ended up allowing the handshake to be started just
to fail with "no ciphers available" when trying to generate ClientHello.
Fix this by handling an EAP failure case for the RC4-SHA test step with
OpenSSL 1.1.*.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-01 13:23:25 +03:00
Jouni Malinen
edc4374ef5 tests: pending_tc table check for HS 2.0 Terms and Conditions
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-30 20:19:32 +03:00
Jouni Malinen
6444b08cea tests: Hotspot 2.0 Terms and Conditions using SQLite for user DB
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-26 17:56:22 +03:00
Jouni Malinen
045c7c6817 tests: Hotspot 2.0 Terms and Conditions signaling - CoA
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-25 12:57:46 +03:00
Jouni Malinen
0f7fc6b98d tests: Hotspot 2.0 Terms and Conditions signaling
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
c3d45e130a tests: WDS STA interface events and STA command output
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Jouni Malinen
24b5b786e6 tests: WPA2-PSK/GCMP/CCMP ciphers
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-24 00:35:47 +03:00
Andrei Otcheretianski
440e9f0bbe tests: Async. AP setup failure with wpa_supplicant
Verify that the AP initialization failure is reported back to
wpa_supplicant also when the initialization is complete in a callback.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2018-04-20 00:50:25 +03:00
Jouni Malinen
ad5704631a tests: roaming_consortium_selection
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-18 01:12:23 +03:00
Jouni Malinen
ce952ebda0 tests: Hotspot 2.0 connection based on roaming_consortiums match
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 17:26:56 +03:00
Jouni Malinen
53fa04e197 tests: wpa_supplicant cred roaming_consortiums parsing/writing
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
be5acc3884 tests: Hotspot 2.0 operator icons
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-17 16:40:47 +03:00
Jouni Malinen
f75ed521a5 tests: wpa_supplicant secure mesh using sae_password
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-13 12:09:33 +03:00
Jouni Malinen
e5b0b58bfa tests: DPP and SAE AKMs
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-12 21:14:33 +03:00
Jouni Malinen
3dfccf7c09 tests: sigma_dut DPP/QR initiator as Enrollee (SAE)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-10 21:41:58 +03:00
Jouni Malinen
fa617ee6a0 tests: SAE and PSK enabled in wpa_supplicant network profile
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-09 19:34:44 +03:00
Jouni Malinen
9a0c472feb tests: Extend hostapd reload config test to cover wmm_enabled behavior
This is a regression test for default behavior for wmm_enabled on the
config reload path.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-04-06 23:32:31 +03:00
Michael Braun
d269740a3e tests: FT with CUI
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:09:16 +03:00
Michael Braun
473e51762d tests: FT-PSK with VLAN
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
e03822913d tests: Add a small sleep in FT run_roams()
time.sleep() in run_roams() is required because the target AP sets the
key once the station was associated. There are races, when the station
processes the (Re)Association Response frame AND the test suite starts
FT_DS before the AP processes its local confirmation and thus
wpa_auth_sm_event(ASSOC_FT). Therefore, the ActionFrame will be lost, as
the AP driver is missing the key.

Since this is this speed is highly synthetic, wait a few milliseconds
before roaming back.

Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Michael Braun
9c50a6d3a3 tests: FT-EAP with VLAN
Signed-off-by: Michael Braun <michael-dev@fami-braun.de>
2018-04-06 19:01:16 +03:00
Jouni Malinen
20daa57b92 tests: RESEND_M3 and RESEND_GROUP_M1 with PMF in use
This covers an additional code path that has a bug in IGTK PN clearing.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-04-01 21:42:49 +03:00
Jouni Malinen
5a30fcf573 tests: EAP-ERROR-CODE
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-31 12:02:25 +03:00
Jouni Malinen
c9aba19bd3 tests: WPA2-Enterprise connection using EAP-PSK after MAC address change
This is a regression test for a sequence where wpa_supplicant interface
MAC address is changed externally and the ifdown-ifup sequence is
processed only after the interface has already been set UP.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-03-30 12:16:49 +03:00
Jouni Malinen
4ae39c121f tests: sigma_dut DPP protocol testing - Stop at TX on Initiator/Enrollee
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-30 10:44:38 +03:00
Jouni Malinen
f68caa35e3 tests: GAS/ANQP and Venue URL (hostapd venue_url)
Test the hostapd venue_url configuration parameter. In addition, fix the
previous defined gas_anqp_venue_url test case to use correct encoding of
the Venue URL ANQP-element payload (URLs were missing and Venue Number
was off-by-one).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 16:11:54 +03:00
Jouni Malinen
bf001e42bf tests: FILS SK using ERP and FT initial mobility domain association
Verify use of KCK2/KEK2 and new FTE MIC calculation with FT-FILS-SHA256.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-26 12:31:04 +03:00
Jouni Malinen
80da433507 tests: Overlapping BSS scan report handling no overlap
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-21 22:15:29 +02:00
Jouni Malinen
0c061630ad tests: DPP Configurator reconfiguration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-16 20:56:05 +02:00
Jouni Malinen
c63e69c379 tests: DPP protocol testing - stop when transmitting Auth Conf
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-03-13 01:04:03 +02:00
Sean Parkinson
d8003dcba2 tests: Add support for wolfSSL cryptographic library
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ff7affcc77 tests: Check PKCS#12 support in additional test cases
These test cases use PKCS#12, so skip them if the build does not include
support for it.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Sean Parkinson
ead550b9dd tests: Verify MSCHAPV2 support in eap_peap_session_resumption
This test case uses EAP-MSCHAPv2 within the PEAP tunnel, so verify that
the build includes support for that before running the test.

Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-03-03 11:52:40 +02:00
Jouni Malinen
adc5e37a02 tests: Suite B tests with BoringSSL
Enable appropriate Suite B test cases with BoringSSL. Currently, this
means enabling only the 192-bit level ECDSA and ECDHE-RSA since
BoringSSL has removed support for DHE and there is no need to support
128-bit level ECDSA anymore.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 17:38:40 +02:00
Jouni Malinen
007bf37e4b tests: Processing of truncated RSNE fields
Verify that truncated RSN Capabilities field and PMKIDCount field get
ignored.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-19 12:26:26 +02:00
Masashi Honma
ede4f68e0a tests: Fix Permission denied on Fedora
On Fedora 26, start.sh fails with these error messages.

Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
Failed to connect to wpa_supplicant global interface: /tmp/wpas-wlan0  error: Permission denied
...

This is because Fedora 26 uses "wheel" group as administrative group.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
2018-02-17 18:56:38 +02:00
Vasyl Vavrychuk
2494bcef24 tests: Add option --dbus for logging D-Bus messages
Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:21:47 +02:00
Vasyl Vavrychuk
2e4707a0a7 tests: Document building of hostapd_cli for hwsim builds
This is used in the tests, too, and was already covered by the build.sh
script, but not this README file.

Signed-off-by: Vasyl Vavrychuk <vvavrychuk@gmail.com>
2018-02-17 18:15:31 +02:00
Jouni Malinen
57dc90e386 tests: wpa_supplicant AP mode - open network with client isolation
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:57:45 +02:00
Jouni Malinen
e51e49fccc tests: Fix dbus_set_global_properties failure if run twice
Clear the model_name parameter back to the default (empty string) at the
beginning and the end of dbus_set_global_properties to avoid failures if
the test case is run multiple times.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:41:57 +02:00
Jouni Malinen
50d7cdedae tests: Make dbus_p2p_discovery more robust
Ignore any unexpected deviceLost event before the peer devices has been
discovered. This works around issues where the previous test case
terminates before the D-Bus events have been fully delivered. This could
happen, e.g., when running dbus_p2p_discovery twice in a row.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-17 17:21:05 +02:00
Jouni Malinen
a8ec0b8ccc tests: sigma_dut controlled STA as DPP PKEX responder and error case
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-13 00:24:50 +02:00
Jouni Malinen
8f7a50a63e tests: MAC ACL accept/deny management
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 19:45:32 +02:00
Jouni Malinen
27a8d93b07 tests: Make dpp_qr_code_curve_select more robust
Wait for the configuration exchange to complete before issuing the
DPP_STOP_LISTEN command to avoid confusing sequence of operation between
the ongoing and immediately following DPP exchanges.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 17:09:20 +02:00
Jouni Malinen
4370ffc0c4 tests: DPP and PKEX on 5 GHz
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-07 16:58:52 +02:00
Jouni Malinen
fc031b7ea7 tests: Make owe_transition_mode_multi_bss more robust
Fix bssid2 value to make scanning more reliable for the second OWE BSS.
In addition, reorder the STA status checks to happen before the data
connectivity check to get more accurate failure reason into the log if
the test case fails.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-07 13:45:48 +02:00
Jouni Malinen
e129e6bd27 tests: sigma_dut DPP roles incompatible
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
3e3d634fa7 tests: Enable PMF in sigma_dut DPP tests
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 22:08:21 +02:00
Jouni Malinen
2fec710ac5 tests: Use PMF in DPP with legacy PSK/SAE cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 20:52:44 +02:00
Jouni Malinen
05e5c0e554 tests: Run owe test with PMF required
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-06 18:55:18 +02:00
Jouni Malinen
0dc3c5f2ee tests: WPA2-PSK-FT AP with PSK from a file
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-02-04 12:40:03 +02:00
Adiel Aloni
946ed13c98 tests: Enable device PS before sending PS-Poll
Linux kernel commit c9491367b759 ("mac80211: always update the PM state
of a peer on MGMT / DATA frames") enforces the AP to check only
mgmt/data frames PM bit, and to update station's power save accordingly.
When sending only a PS-Poll (control frame) the AP will ignore the PM
bit. As the result, the partial virtual bitmap will not be updated, and
the test ap_open_disconnect_in_ps will fail on tshark check. Since the
test needs only the TIM to be updated, setting PS enabled will send NDP
that will signal that the station is sleeping. Sending PS-Poll to enable
power save is not correct, according to the following standard
statement: "A PS-Poll frame exchange does not necessarily result in an
Ack frame from the AP, so a non-AP STA cannot change power management
mode using a PS-Poll frame."

Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
2018-02-04 12:06:11 +02:00
Jouni Malinen
3382224082 tests: SAE with connect command
This does not really work with mac80211_hwsim due to missing offload
support, but at least some minimal extra code coverage can be achieved.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-02-02 20:21:46 +02:00
Jouni Malinen
8f9d2b171f tests: Update DPP PKEX test vector parameters to match new tech spec
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:28:24 +02:00
Jouni Malinen
2d7aa8d575 tests: Make dpp_pkex_test_vector parameters clearer
This makes it a bit clearer to see which parameters need to be modified
if the test vector needs to be recreated based on new values.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-30 18:21:37 +02:00
Jouni Malinen
35818d3e07 tests: DPP using externally generated bootstrapping keys
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-29 13:23:19 +02:00
Jouni Malinen
af0c6e09e6 tests: OWE with PMF required and with open network selection
Verify that PMF can be marked required OWE networks and verify that a
station in transition mode can connect to an open network.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-21 11:13:01 +02:00
Jouni Malinen
b70a3fc169 tests: Add the EC root CA private keys to repository
These were forgotten from the initial commit adding the EC PKI.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:42:23 +02:00
Jouni Malinen
7fd583d62c tests: Suite B 192-bit RSA validation with 2048-bit client cert
Verify that unexpected 2048-bit RSA client certificate gets rejected by
the RADIUS server if the server is configured to use Suite B at 192-bit
level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 22:40:55 +02:00
Jouni Malinen
9ec824b9c1 tests: Suite B 192-bit validation with p256 client cert
Verify that unexpected p256 client certificate gets rejected if the
server is configured to use Suite B at 192-bit level.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 20:30:07 +02:00
Jouni Malinen
80ad068001 tests: Update ap_wpa2_eap_assoc_rsn to match implementation change
This covers the new status code for group management cipher mismatch.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 02:08:39 +02:00
Jouni Malinen
6f90cfd780 tests: sigma_dut Suite B tests to not explicitly set PMF
PMF is supposed to be enabled automatically in sigma_dut, so remove
the explicit argument to do so from the commands.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
fe4af86c16 tests: WPA2-PSK AP and association request RSN IE with PMKID
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
6333cb812b tests: Use longer timeout in sigma_dut_dpp_proto_initiator
This is needed to be ready for a sigma_dut change to wait for an extra
frame RX event.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
7e526fa735 tests: sigma_dut sta_scan_bss
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c5238c483f tests: sigma_dut with alternative OWE transition mode configuration
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
23c45cd0ff tests: sigma_dut and new DPP config index values
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-12 00:50:45 +02:00
Jouni Malinen
c8b19de245 tests: DPP QR Code and hostapd as initiator (offchannel)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-08 05:21:49 +02:00
Jouni Malinen
7b498ecafb tests: Enable and require PMF in SAE and OWE test cases with sigma_dut
All SAE and OWE associations are expected to require PMF to be
negotiated, so enable or require PMF in AP and STA configurations
accordingly to match the new sigma_dut behavior.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-01-06 19:52:12 +02:00
Jouni Malinen
b4635f0a61 tests: GnuTLS configuration of intermediate CA certificate
GnuTLS seems to require the intermediate CA certificate to be included
both in the ca_cert and client_cert file for the cases of server and
client certificates using different intermediate CA certificates. Use
the user_and_ica.pem file with GnuTLS builds and reorder the
certificates in that file to make this work with GnuTLS.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-29 12:01:22 +02:00
Jouni Malinen
9acd0bebab tests: Enable Suite B test cases with GnuTLS
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
0039b972af tests: Speed up suite_b_192_rsa_insufficient_dh in failure case
Check for unexpected connection to avoid timeout on TLS alert event if
the implementation does not check DH key size at all.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
2d9ad634c8 tests: Skip eap_tls_pkcs8_pkcs5_v15 with GnuTLS
It looks like this private key format is not supported in GnuTLS (tested
with version 3.4.10).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
dc2a3cec66 tests: Fix wpas_config_file with non-mesh and non-SAE builds
Check wpa_supplicant capabilities before testing mesh and SAE
parameters.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
de5ca36e37 tests: Fix gas_anqp_overrides with non-FILS builds
Need to ignore missing RX-ANQP event for the FILS Realm Info if
wpa_supplicant build does not include FILS support.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 22:33:12 +02:00
Jouni Malinen
6e6651d02e tests: Skip sigma_dut tests for SAE/DPP based on build capabilities
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-28 00:16:53 +02:00
Jouni Malinen
adafbe9e2e tests: Opportunistic Wireless Encryption and group negotiation
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 21:07:05 +02:00
Jouni Malinen
cc15799f6d tests: Mixed mode BSS and MFP-enabled AP rejecting TKIP
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 18:39:20 +02:00
Jouni Malinen
5c8df74f18 tests: Mixed SAE and non-SAE network and MFP required with SAE
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 18:28:07 +02:00
Jouni Malinen
7a27e5e03e tests: Set PMK length in eapol-fuzzer
Commit b488a12948 ('Clear PMK length and
check for this when deriving PTK') started rejecting PTK derivation
based on PMK length. This reduced coverage from the eapol-fuzzer, so set
the default length when initializing the state machine in the fuzzer to
reach the previously used code paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:27:33 +02:00
Jouni Malinen
2d0a04a86c tests: SAE protocol testing - Confirm replay
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-27 12:19:08 +02:00
Jouni Malinen
8b5a497325 tests: Make dpp_pkex_test_fail and dpp_pkex_alloc_fail more robust
Wait for test/allocation failure for longer than the wait_fail_trigger()
default two seconds to allow DPP (in particular, PKEX) retransmission to
occur. This removes some issues where the previous wait was more or less
exactly the same duration as the retransmission interval and the first
Listen operation not always starting quickly enough to receive the first
frame.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-25 18:36:17 +02:00
leishaoting
481d88c060 tests: Fix "ocsp: Digest must be before -cert or -serial"
When executing ./start.sh with OpenSSL 1.1.0f, an OCSP operation fails.

Put "-sha256" ahead of "-serial" to fix this.

~# openssl version
OpenSSL 1.1.0f  25 May 2017
~# openssl ocsp -reqout /lkp/benchmarks/hwsim/tests/hwsim/logs/current/ocsp-req.der -issuer /lkp/benchmarks/hwsim/tests/hwsim/auth_serv/ca.pem -serial 0xD8D3E3A6CBE3CD12 -no_nonce -sha256
ocsp: Digest must be before -cert or -serial
ocsp: Use -help for summary.
~# openssl ocsp -reqout /lkp/benchmarks/hwsim/tests/hwsim/logs/current/ocsp-req.der -issuer /lkp/benchmarks/hwsim/tests/hwsim/auth_serv/ca.pem -sha256 -serial 0xD8D3E3A6CBE3CD12 -no_nonce

Signed-off-by: leishaoting <leist.fnst@cn.fujitsu.com>
2017-12-24 21:40:21 +02:00
Jouni Malinen
9a3acf43e8 tests: DPP P-521 test vector (mutual auth)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-13 16:25:13 +02:00
Jouni Malinen
a1f06d0d90 tests: chan_util_avg_period
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-12 00:48:27 +02:00
Jouni Malinen
d39e07f526 tests: OWE and unsupported group using cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-11 14:01:45 +02:00
Jouni Malinen
2ce88a1d2e tests: Suite B 192-bit with RSA and RADIUS
This tests use of RSA >3K keys and forcing ECDHE on both the server and
client side.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-10 21:18:06 +02:00
Jouni Malinen
c358bc4b5b Fix wnm-fuzzer build
Need to include couple more wpa_supplicant source code files into the
build.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:45:34 +02:00
Jouni Malinen
e9463b482b eapol-fuzzer: Resolve circular library references with --start-group
src/crypto/libcrypto.a and src/tls/libtls.a have circular references
and will need special handling with the linker at least for the time
being. This could be cleaned up eventually, but for now, provide a
mechanism to get the program linked.

This was already done in tests/Makefile, but tests/eapol-fuzzer/Makefile
needs the same.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-12-09 18:36:48 +02:00
Jouni Malinen
055cd39788 tests: DPP P-256 test vectors
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-07 13:35:19 +02:00
Jouni Malinen
33cddd7fe9 tests: sigma_dut and DPPAuthDirection,Mutual on Initiator
Do not include this argument in normal case, but add a test case to
cover the special extra check case.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 21:13:30 +02:00
Jouni Malinen
c79b9db066 tests: sigma_dut DPP protocol testing - Stop at RX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-05 20:22:07 +02:00
Jouni Malinen
1fb0c105a4 tests: WPS with other AES-based ciphers
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:14:55 +02:00
Jouni Malinen
59642ca956 tests: Make ap_wps_ap_scan_2 work with multiple AES-ciphers
This test case is not really realistic and the second connection attempt
would fail if additional AES-based ciphers get provisioned. Work this
around by dropping to CCMP only if other ciphers are present.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:14:55 +02:00
Jouni Malinen
70dcb4aa0e tests: Allow more ciphers in ap_wps_mixed_cred
This is needed to avoid false errors with GCMP-256 and CCMP-256 to be
added in the implementation.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:04:32 +02:00
Jouni Malinen
41dafe0c0a tests: DPP testing to check for mutual authentication on Initiator
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Jouni Malinen
c30517c6f7 tests: DPP exchange stopping unexpectedly
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-12-02 12:00:44 +02:00
Johannes Berg
702384f77e tests: nl80211.py: Fix attribute padding
The kernel started enforcing attribute lengths, and nl80211.py had been
doing it all wrong - the padding must be present, but not part of the
length.

Fix it to do it the right way.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-12-02 12:00:32 +02:00
Jouni Malinen
ce83008c79 tests: sigma_dut and WPS PBC Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 23:06:33 +02:00
Jouni Malinen
6923312dc6 tests: sigma_dut controlled connection using preconfigured profile
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:54:34 +02:00
Jouni Malinen
5f170c99a4 tests: DPP protocol testing - invalid E-nonce in Conf Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 22:03:07 +02:00
Jouni Malinen
087f494140 tests: DPP protocol testing - invalid Transaction ID in Peer Disc Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 21:56:55 +02:00
Jouni Malinen
edac8087e6 tests: Make dpp_auth_req_retries* more reliable
These test cases were failing when run immediately after
dpp_pkex_test_fail. It looks like timing of the TX status and the short
eloop wait were getting reordered in this cases. This ended up with some
of the DPP-TX-STATUS event messages missing. Instead of explicitly
checking for those message, simply count the number of DPP-TX messages
to verify that the correct number of retries are being sent.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 12:56:24 +02:00
Jouni Malinen
818e3c94b7 tests: DPP/PKEX and local failures
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-30 00:08:40 +02:00
Jouni Malinen
e6a6de2994 tests: Generate DPP Config Object for legacy network (PSK)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-29 12:12:31 +02:00
Jouni Malinen
8b4adc38aa tests: sigma_dut DPP AP Configurator using self-configuration
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 20:26:33 +02:00
Jouni Malinen
73a7feb311 tests: DPP configurator (AP) signing own connector
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-27 13:24:20 +02:00
Jouni Malinen
cdef4e91aa tests: DPP QR Code and mutual authentication with auto-generated key
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-26 17:43:43 +02:00
Janusz Dziedzic
b098542cd4 tests: Allow ap_ft for remote tests
Fix problem when running ap_ft test cases with real HW using remote
tests and hwsim wrapper by using the newer hostapd.app_ap() API.

Signed-off-by: Janusz Dziedzic <janusz.dziedzic@gmail.com>
2017-11-26 13:31:15 +02:00
Jouni Malinen
b9e8f920a8 tests: Split ap_vht160 into two test cases (ap_vht160 and ap_vht160b)
These VHT160 with DFS cases were in a single test case to optimize test
execution time with parallel wait for the 60 second CAC. However, this
design has become difficult to support with the kernel changes that
allow radar events to be shared between interfaces. To avoid need for
more workarounds here just for testing purposes, split this into two
test cases so that conflicting events from another interface do not
cause the test case to fail.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-26 13:27:25 +02:00
Jouni Malinen
32452fd2aa tests: Split dfs_radar into two test cases (dfs_radar1 and dfs_radar2)
These DFS radar detection cases were in a single test case to optimize
test execution time with parallel wait for the 60 second CAC. However,
this design has become difficult to support with the kernel changes that
allow radar events to be shared between interfaces. To avoid need for
more workarounds here just for testing purposes, split this into two
test cases so that conflicting events from another interface do not
cause the test case to fail.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-26 12:57:27 +02:00
Lubomir Rintel
c6ba02154e tests: Enable dynamic debugging for mac80211_hwsim
mac80211_hwsim module typically dumps a lot of details into the kernel
message buffer. While it's probably okay in a dedicated VM, it's way too
chatty in other setups.

The kernel allows fine-tuning logging via the dynamic debugging
facility. Let's enable all logging locations in the mac80211_hwsim
module so that we don't loose debugging output when the kernel adopts
the dynamic debug mechanism for the driver.

Signed-off-by: Lubomir Rintel <lkundrak@v3.sk>
2017-11-26 11:47:46 +02:00
Jouni Malinen
fb6d648819 tests: ap_ht40_scan to print STATUS and STA information to log
This can be used to check the supported rate information.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-25 13:26:13 +02:00
Jouni Malinen
5da4b2f386 tests: DPP and PKEX (P-256) test vector
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-24 01:43:23 +02:00
Jouni Malinen
9f85f0edd3 tests: Probe Request frame RX events from hostapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
92fe5f567c tests: Fix dpp_auth_req_retries* check for DPP capability
Need to do this before trying to set the DPP test parameters.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 20:12:34 +02:00
Jouni Malinen
8968acda9b tests: DPP Auth Req retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-23 13:15:40 +02:00
Jouni Malinen
fce412d3ef tests: DPP with SAE
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 21:24:08 +02:00
Jouni Malinen
af872d9d88 tests: DPP protocol testing - invalid I-nonce in Auth Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 17:34:05 +02:00
Jouni Malinen
169e341e34 tests: DPP and PKEX retry behavior
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-22 15:55:51 +02:00
Jouni Malinen
cb6b22325f tests: sigma_dut DPP/QR initiator as Configurator (neg_freq)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:12:58 +02:00
Jouni Malinen
0e664e0c12 tests: sigma_dut DPP/QR initiator as Configurator or Enrollee
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 01:02:37 +02:00
Jouni Malinen
951fc8df34 tests: Double TPK M2 during TDLS setup initiation
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-21 00:49:17 +02:00
Jouni Malinen
7b111c04d0 tests: Open AP and STA reassociating back without auth exchange
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-20 21:31:36 +02:00
Jouni Malinen
de731ec25c tests: Additional DPP protocol testing for Peer Discovery Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 17:15:48 +02:00
Jouni Malinen
18b8c35b41 tests: Fix ap_cipher_tkip_countermeasures_sta2
hostapd implementation was changed to use a valid Status Code when
rejecting the connection. This test case was forgotten at the time, but
it needs a matching change to allow the new value (1 instead of 14).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-19 16:02:07 +02:00
Jouni Malinen
b0fda6b715 tests: DPP protocol testing - invalid Config Attr Obj in Conf Req
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
655e82b1bb tests: DPP protocol testing - invalid Status in Auth Resp/Conf
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 14:13:20 +02:00
Jouni Malinen
e486e5fdcb tests: sigma_dut DPP/QR (mutual) initiator (response pending)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 12:07:07 +02:00
Jouni Malinen
47183df78a tests: DPP protocol testing for invalid I/R-bootstrap key hash
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 11:33:22 +02:00
Jouni Malinen
dc515328a2 tests: DPP protocol testing - invalid I/R-proto key in Auth Req/Resp
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-19 00:12:37 +02:00
Jouni Malinen
20c18348e0 tests: sigma_dut controlled AP and PSKHEX
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:09 +02:00
Jouni Malinen
a680f4ef39 tests: Use group 26 instead of 25 in mesh test cases
This allows mesh_sae_groups_invalid and
wpas_mesh_secure_sae_group_negotiation to be run with BoringSSL (group
25 not available anymore).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
8f08315737 tests: Skip fils_sk_pfs_25 with BoringSSL
It looks like BoringSSL has dropped support for group 25 (192-bit Random
ECP Group).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
9626bfbb8d tests: Skip ap_wpa2_eap_fast_eap_sim if no EAP-FAST support
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-11-18 17:50:08 +02:00
Jouni Malinen
d584946ec1 tests: Skip DPP tests with Brainpool curves when using BoringSSL
BoringSSL does not include these EC curves.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-18 17:50:08 +02:00
Jouni Malinen
211b5d1ba1 tests: sigma_dut DPP Configurator and self-configuration
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 19:14:21 +02:00
Jouni Malinen
14f8e08128 tests: Fix spelling of sigma_dut DPPConfEnrolleeRole argument
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 19:13:50 +02:00
Sriram R
e053465835 tests: Fix ap_config_reload_on_sighup test
Use absolute path name for configuration file to ensure the file can be
succesfully reloaded and read on SIGHUP signal. This is needed when
running the test case on host (i.e., not using a VM).

Signed-off-by: Sriram R <srirrama@qti.qualcomm.com>
2017-11-17 19:13:10 +02:00
Jouni Malinen
21fd5576a5 tests: sigma_dut and group cipher override on AP
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:44:50 +02:00
Jouni Malinen
6af3b5934b tests: sigma_dut and AP enabling two pairwise ciphers
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:33:54 +02:00
Jouni Malinen
5068af8536 tests: hostapd group_cipher override
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-17 12:33:54 +02:00
Jouni Malinen
71db91db96 tests: sigma_dut DPP/QR (mutual) responder (response pending sequence)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 19:16:35 +02:00
Jouni Malinen
b014624bd5 tests: sigma_dut DPP/QR responder (channel list override)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 18:44:24 +02:00
Jouni Malinen
3eae3ee2e3 tests: DPP protocol testing - Auth Conf replaced by Res
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:55:56 +02:00
Jouni Malinen
ba37ba419a tests: DPP Authentication Response retries
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:26 +02:00
Jouni Malinen
51fbcad457 tests: DPP with Initiator in either role
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 12:35:22 +02:00
Jouni Malinen
751f7f7c42 tests: DPP bootstrapping info channel list
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-13 11:45:05 +02:00
Jouni Malinen
a0604a4236 tests: sigma_dut DPP protocol testing - Peer Discovery Request
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 12:59:12 +02:00
Jouni Malinen
993eab91a4 tests: DPP protocol testing - network introduction
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 12:40:47 +02:00
Jouni Malinen
8c735316af tests: sigma_dut and DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-06 00:35:58 +02:00
Jouni Malinen
b900fb1a43 tests: sigma_dut controlled AP as DPP PKEX responder
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-04 12:33:03 +02:00
Jouni Malinen
efa77d0abf tests: hostapd as DPP Responder requiring mutual authentication
This verifies the qr=mutual case with STATUS_RESPONSE_PENDING.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-04 12:33:03 +02:00
Jouni Malinen
686cfce934 tests: DPP Protocol testing for invalid Config Resp attribute values
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:14:08 +02:00
Jouni Malinen
bdf987b737 tests: DPP Config Request/Response missing attributes
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 21:14:08 +02:00
Jouni Malinen
c20d3ca8f7 tests: DPP protocol - I/R-auth tag mismatch in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 20:18:52 +02:00
Jouni Malinen
fd4639aaa0 tests: DPP protocol - invalid Bootstrap Key in PKEX Commit-Reveal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
230028a371 tests: DPP protocol testing - invalid Status in PKEX Exchange Response
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:47 +02:00
Jouni Malinen
aa485b0e81 tests: DPP and PKEX with mismatching code limit
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
84d53c775c tests: DPP PKEX retry after incorrect PKEX code
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
dab5642089 tests: DPP and PKEX with mismatching curve
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
c45d45ba61 tests: WPA+WPA2-PSK/TKIP countermeasures (detected by mixed mode AP)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
dea2ab99d7 tests: DPP protocol testing - invalid Encrypted Key in PKEX Exchange
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
d5f89062a8 tests: Missing attributes in DPP PKEX messages
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-03 19:59:46 +02:00
Jouni Malinen
d592d13433 tests: DPP and PKEX with mismatching code
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:25:35 +02:00
Jouni Malinen
d84c0cf46c tests: sigma_dut DPP functionality
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-02 12:05:37 +02:00
Jouni Malinen
299196c4c7 tests: Require use of PMF with DPP AKM
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-11-01 17:24:18 +02:00
Jouni Malinen
3bee996c87 tests: New hostapd STATUS/STA values
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-31 17:10:17 +02:00
Jouni Malinen
41d5af5544 tests: ap_wpa2_eap_tls_versions to test TLSv1.2 with OpenSSL 1.1
Change the test condition from "is OpenSSL 1.0.2" to "is not OpenSSL
1.0.1", so that the TLSv1.2 test step gets executed with OpenSSL 1.0.2
and 1.1 (and newer).

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-30 12:08:19 +02:00
Jouni Malinen
ce4e80ad0f tests: WNM Sleep Mode - RSN with PMF and GTK/IGTK workaround
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-29 17:19:07 +02:00
Jouni Malinen
257ad53c1d tests: WPA2-PSK AP and GTK rekey by AP request
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-29 17:00:50 +02:00
Johannes Berg
7d1ebdec18 tests: tshark: deal with "wlan_mgt" -> "wlan" rename
Recent versions of tshark/wireshark renamed these fields, deal
with that in the tshark wrapper code.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-29 16:48:05 +02:00
Jouni Malinen
13dc368aa9 tests: DPP authentication exchange with requested different channel
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 16:09:56 +02:00
Jouni Malinen
d045b7a182 tests: DPP network introduction mismatch cases
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-29 12:44:01 +02:00
Jouni Malinen
ba0840c9f8 tests: DPP protocol testing incorrect I-nonce, R-capab, R-auth, I-auth
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-28 17:44:14 +03:00
Jouni Malinen
f7380b47a1 tests: DPP fallback to non-mutual authentication on Initiator
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
b3a93f8fab tests: DPP protocol testing - Auth Conf attribute omission
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
a0e3e22263 tests: DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 22:50:19 +03:00
Jouni Malinen
77f52098a5 tests: Make sae_invalid_anti_clogging_token_req more robust
Beacon more frequently since Probe Request frames are practically ignored
in this test setup (ext_mgmt_frame_handled=1 on hostapd side) and
wpa_supplicant scans may end up getting ignored if no new results are
available due to the missing Probe Response frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-22 17:21:57 +03:00
Johannes Berg
18cdbb3c80 tests: Add a script to aid bisecting Linux kernel with hwsim VM
I find myself writing a version of this script every now and
then, but there's little point in that - just add one to the
tree so we can use it again.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-21 12:04:53 +03:00
Jouni Malinen
f81c1411f3 tests: WPA2-EAP-FT AP (pull PMK) - wildcard R0KH/R1KH
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 12:00:22 +03:00
Jouni Malinen
20a09e08cc tests: hostapd configuration reload modification from file on SIGHUP
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 11:29:45 +03:00
Jouni Malinen
60890ca4ee tests: Delayed PTK rekey exchange attack protection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:37 +03:00
Jouni Malinen
6e3027a57e Fix the notes on EAPOL-Key testing procedures
The extra sanity check for replay protection in these procedures ended
up breaking the tests. RESET_PN cannot be used before RESEND_* commands
since that would prevent the DUT from accepting the retransmitted
EAPOL-Key frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
d903716976 tests: Enable bss_transition in wnm_bss_tm_req_with_mbo_ie
This is needed once BSS TM processing is skipped if the functionality is
not enabled explicitly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
c9dc89968d tests: Skip new ap_ciphers tests cleanly for missing mac80211 debugfs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 23:32:26 +03:00
Jouni Malinen
1613e0121c Add notes on how to do cipher suite and key management testing
This describes how various wpa_supplicant/hostapd extensions can be used
to test IEEE 802.11 functionality in other devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
fd1b15aca3 tests: CCMP/TKIP/GCMP replay protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
862363babe tests: Plaintext EAPOL-Key frames when TK is configured
These test cases do not really verify any specific DUT behavior
automatically, i.e., these are here to generate sniffer captures for
manual analysis.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 18:32:16 +03:00
Jouni Malinen
4bb2272bab tests: Delayed M1+M3 retransmission and zero TK
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:28:55 +03:00
Jouni Malinen
59cbfa7c86 tests: Delayed 4-way handshake M1 and M3 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:27:38 +03:00
Jouni Malinen
724152a1ef tests: Delayed group M1 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:25:27 +03:00
Jouni Malinen
8e5931f0c7 tests: More robust owe_transition_mode* tests
Flush old scan results in these test cases to avoid checking incorrect
scan result entry.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-18 01:19:42 +03:00
Jouni Malinen
ec765bc797 tests: Disabling of EAPOL-Key retries
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:07:17 +03:00
Jouni Malinen
3bcc524733 tests: WPA2-PSK AP and PTK rekey enforced by station and ANonce change
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:48:25 +03:00
Jouni Malinen
b74f82a4f8 tests: Comment out during-association TK-in-memory checks
TK needs to be maintained in memory for additional testing
functionality, so for now, comment out these checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:43:10 +03:00
Jouni Malinen
f4528fbf51 tests: 4-way handshake msg 3/4 replay with extra msg 1/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
2956fcc401 tests: Remove peerkey testing
This is in preparation of complete removal of the PeerKey functionality.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
e22aa2f6ec tests: Fix wnm_action_proto_no_pmf to have active WNM_SLEEP operation
The previous designed worked since wpa_supplicant did not track pending
request state. With such tracking added, this test case needs to make
sure there is a pending operation when injecting the invalid response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
c29475a932 tests: Delayed EAPOL-Key msg 3/4 replaying attack
This hits the new wpa_supplicant code path that rejects reconfiguration
of the same GTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
5a79966f9e tests: Replayed FILS association request
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
6db556b21d tests: Allow wpa_supplicant to maintain GTK in memory during association
This is needed to allow GTK configuration triggers to verify whether the
key has changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
d7f0bef94e tests: WPA2-PSK-FT AP and replayed Reassociation Request frame
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
89c343e887 tests: sigma_dut ap_get_mac_address
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-12 00:02:10 +03:00
Jouni Malinen
6644069ca9 tests: sigma_dut SAE and long password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
606ef7d328 tests: SAE with sae_password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
7413c34d5e tests: Add the forgotten files for owe_transition_mode_multi_bss
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 12:16:19 +03:00
Jouni Malinen
86fd7d70e8 tests: sigma_dut controlled AP with OWE and transition mode
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 22:40:15 +03:00
Jouni Malinen
7f811be59e tests: sigma_dut controlled AP with OWE and ECGroupID
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
35a0713c75 tests: Opportunistic Wireless Encryption and limited group set
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
e30de6c250 tests: sigma_dut OWE with invalid DH Param element
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:35:19 +03:00
Jouni Malinen
25fdb2756c tests: Opportunistic Wireless Encryption and unsupported group
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:27:58 +03:00
Jouni Malinen
2e37b5fbe7 tests: Remove op_cl and ch_list from DPP
These were removed from the protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:34:49 +03:00
Jouni Malinen
22a0147557 tests: Remove DPP C-sign-key expiry testing
This was removed from the protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:19:22 +03:00
Jouni Malinen
b9c0e1fa5c tests: sigma_dut with OWE
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 16:54:03 +03:00
Jouni Malinen
872d0f93cc tests: Opportunistic Wireless Encryption transition mode (multi BSS)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 13:39:23 +03:00
Jouni Malinen
89baf47104 tests: OWE using cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:39:14 +03:00
Jouni Malinen
26b96d050d tests: Opportunistic Wireless Encryption and PMKSA caching
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:12:54 +03:00
Jouni Malinen
8acde197c2 tests: OWE DH groups
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
4361ab0108 tests: OWE Transition Mode
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
e0e1fde8a8 tests: P2P GO with Interworking element
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-05 14:54:15 +03:00
Jouni Malinen
002b49ed07 tests: sigma_dut Suite B station with RSA certificate
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-03 18:16:51 +03:00
Jouni Malinen
0ba13e8613 tests: Update server and user certificates (2017)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. In addition, add a shell script (update.sh) and the
needed CA files to automate this full update process.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-01 18:47:02 +03:00
Jouni Malinen
8cfdca1266 tests: sigma_dut PMF group management cipher selection on STA
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:54:56 +03:00
Jouni Malinen
53041e75d2 tests: PMF group mgmt cipher constraints
Verify new wpa_supplicant group_mgmt parameter functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:40:02 +03:00
Jouni Malinen
61a56c1480 Add group_mgmt network parameter for PMF cipher selection
The new wpa_supplicant network parameter group_mgmt can be used to
specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128,
BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not
specified, the current behavior is maintained (i.e., follow what the AP
advertises). The parameter can list multiple space separate ciphers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:40:02 +03:00
Jouni Malinen
f41f04d04c tests: Make dbus_scan_abort more robust
There was a race condition on the sequence where iface.AbortScan() is
immediately followed by iface.Scan(). If the driver event
(NL80211_CMD_SCAN_ABORTED) arrived after the following new scan request,
the D-Bus operation failed. This is not what this test case is trying to
check, so wait for an indication of the previous scan having terminated
properly before issuing the next scan.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-20 15:37:58 +03:00
Jouni Malinen
78b6be046d tests: Suite B with RSA keys
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-18 12:12:48 +03:00
Jouni Malinen
2ef00a364b tests: sigma_dut with Suite B
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-15 00:38:21 +03:00
Jouni Malinen
53d7f351f4 tests: FILS SK with PFS and PMKSA caching
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-13 22:17:58 +03:00
Jouni Malinen
f4ad8412b4 tests: RSN pre-authentication based on pre-connection scan results
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-12 16:47:30 +03:00
Andrei Otcheretianski
ae503866b9 tests: Fix radius_acct_failure_sta_data test
The STA can get disconnected event before the AP processed the
deauthentication frame, resulting in GET_FAIL command being sent too
early. Fix this by waiting for AP-STA-DISCONNECTED on AP side, too.

Signed-off-by: Andrei Otcheretianski <andrei.otcheretianski@intel.com>
2017-09-10 22:05:33 +03:00
Aloni, Adiel
8031003fec tests: Use global control interface in autogo_m2d test
If dedicated P2P device is used, SET p2p_no_group_iface 0 should be
directed to the P2P device.

Signed-off-by: Adiel Aloni <adiel.aloni@intel.com>
2017-09-10 22:03:54 +03:00
Li Zhijian
783bf87144 tests: Fix missing function on some rrm test case error paths
Import vht_supported from test_ap_vht to fix the following issue:

rrm_beacon_req_table_vht run failed: global name 'vht_supported' is not defined

Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
2017-09-10 21:54:38 +03:00
Li Zhijian
b62d0544c5 tests: Enable D-Bus test on more platforms
Not all distro contains /var/run/dbus/pid, debian for example:
dbus-daemon start with nopidfile
root@debian9:/home/lizhijian/chroot_clean/tmp/build-hwsim/hostap/tests/hwsim# ps aux |grep dbus
message+   598  0.0  0.1  46068  4836 ?        Ss   15:46   0:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
Debian-+   656  0.0  0.0  45220  3924 ?        Ss   15:46   0:00 /usr/bin/dbus-daemon --session --address=systemd: --nofork --nopidfile --systemd-activation

Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Xiaodong Jia <jiaxd-fnst@cn.fujitsu.com>
2017-09-10 21:52:54 +03:00
Jouni Malinen
b99d62c735 tests: Remove forgotten print from ap_wpa2_eap_sim_zero_db_timeout
This was supposed to be used during development testing only.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-09-10 02:15:05 +03:00
Jouni Malinen
c25aada9ec tests: EAP-AKA' with external UMTS auth to hit Synchronization-Failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-09-10 01:39:37 +03:00
Jouni Malinen
504c7ffd69 tests: D-Bus mesh signals and properties
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-09-10 01:39:37 +03:00
Jouni Malinen
29087dec9f tests: Enable DPP in default configuration files
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-06 21:21:56 +03:00
Jouni Malinen
cc8330b88b tests: Write MSK dump files from authentication server
This makes it easier to post-process frame capture files if frames need
to be decrypted in test cases that do not configure wlantest with the
PMK directly (i.e., mainly the cases when a RADIUS server is used).

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-05 19:29:01 +03:00
Jouni Malinen
eea62048d8 tests: SAE commit message override on wpa_supplicant
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-04 13:32:04 +03:00
Jouni Malinen
cd06e2663b tests: SAE commit message override on hostapd
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-04 13:32:03 +03:00