Commit graph

107 commits

Author SHA1 Message Date
Jouni Malinen
e8706c109e tests: Work around pyrad issues with octet strings that start with "0x"
pyrad's tools.py EncodeOctets() uses a design that tries to
automatically determine when the octetstring is a hex string based on
the binary data starting with "0x". That is not really nice since it
will result in failing one out of 65536 possible random inputs with
"binascii.Error: Non-hexadecimal digit found" when trying to decode an
actual (non-hex) binary string as a hexstring.

Work around this by convering the special cases where the
Message-Authenticator binary value happens to start with b"0x" to a
hexstring.

Signed-off-by: Jouni Malinen <quic_jouni@quicinc.com>
2023-01-25 23:47:33 +02:00
Jouni Malinen
0b48cfe178 tests: Update eap_proto_pwd_errors to match implementation
A negative test was failing with the PWE derivation change in the
implementation.

Signed-off-by: Jouni Malinen <j@w1.fi>
2022-01-11 20:15:36 +02:00
Jouni Malinen
3cefdf0d4a tests: Fix eap_proto_sake_server with Session ID = 255
Need to wrap back to 0 when changing value 255 to avoid generating a too
large value to fit an octet field. This was resulting in errors due to a
python exception (likely for about every 256th run).

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-05-06 23:49:12 +03:00
Jouni Malinen
daa0a22e45 tests: Fix eap_proto_eke_errors with gcc-10
gcc-10 seems to be inlining eap_eke_prf() and eap_eke_prfplus() which
breaks this test case due to a different backtrace being generated for
triggering the local failures. Point to the functions called by those
instead of these two functions to get this working with both gcc-9 and
gcc-10.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2021-03-17 23:38:26 +02:00
Jouni Malinen
ecc46f2900 tests: Move ERP/FILS capability checks to utils.py
Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-28 23:50:50 +02:00
Jouni Malinen
bd8b170302 EAP-AKA: Check that ID message storing succeeds
This could fail in theory if running out of memory, so better check for
this explicitly instead of allowing the exchange to continue and fail
later due to checkcode mismatch.

Signed-off-by: Jouni Malinen <j@w1.fi>
2021-02-07 23:40:20 +02:00
Jouni Malinen
674758ed59 tests: Provide digestmod to hmac.new() for Python 3.8
Python 3.8 removed the previously used default of MD5 algorithm, so
provide the explicit digestmod=hashlib.md5 parameter to the couple of
places that were missing it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2020-05-03 11:58:54 +03:00
Jouni Malinen
f5b7b24912 tests: Fix eap_proto_ttls_errors with CONFIG_TLS=internal
Signed-off-by: Jouni Malinen <j@w1.fi>
2020-01-26 17:09:50 +02:00
Jouni Malinen
d371f0cbbf tests: Fix eap_proto_otp to use list of events with wait_event()
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 12:57:22 +03:00
Jouni Malinen
9b2b99c550 tests: Additional EAP-SAKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-07 00:10:26 +03:00
Jouni Malinen
83d5e334b1 tests: Additional EAP-EKE local error case coverage
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-08-06 23:59:06 +03:00
Jouni Malinen
752e7a33e8 tests: Close pyrad server sockets explicitly
This helps in avoiding issues with another test case trying to bind to
the same UDP port and failing due to the previous use by pyrad still
being open. This showed up with failures in radius_ipv6 when it followed
a test case like eap_proto_tls with suitable set of test cases between
them.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-08-05 00:10:32 +03:00
Jouni Malinen
fe40c679d2 tests: Fix EAP-FAST protocol testing with older OpenSSL library versions
Looks like the previous fix for a newer OpenSSL versions broke
functionality with older versions that did not seem to like @SECLEVEL=0
in the cipher list. Make that addition conditional on OpenSSL version to
work with both versions.

Fixes: e87e6f609b ("tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL")
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-06-03 20:27:43 +03:00
Jouni Malinen
e87e6f609b tests: Fix EAP-FAST protocol testing with newer OpenSSL and pyOpenSSL
Need to drop OpenSSL security level to 0 for ADH-AES128-SHA to work with
the latest library version.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-05-28 00:01:01 +03:00
Jouni Malinen
378bf90848 tests: EAP-IKEV2 server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 23:56:23 +03:00
Jouni Malinen
c862496d0d tests: EAP-MD5 server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 11:55:31 +03:00
Jouni Malinen
349ddab020 tests: EAP-PAX server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 11:55:31 +03:00
Jouni Malinen
431802df00 tests: EAP-PSK server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-20 00:27:15 +03:00
Jouni Malinen
9ddc773d1a tests: EAP-GPSK server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 18:59:39 +03:00
Jouni Malinen
94758682b7 tests: Additional EAP-SAKE peer error path coverage
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 16:57:50 +03:00
Jouni Malinen
92d2a99163 tests: EAP-SAKE server local errors and protocol testing
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-19 16:53:42 +03:00
Jouni Malinen
9f721917e7 tests: EAP-pwd protocol testing for the server
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 14:15:42 +03:00
Jouni Malinen
778ce8ae0b tests: EAP-pwd protocol tests - unexpected more-fragment frame
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 13:24:37 +03:00
Jouni Malinen
a143bdc0d1 tests: EAP-pwd local error cases on server
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-17 13:24:37 +03:00
Jouni Malinen
50b915f055 tests: Additional coverage for EAP-MSCHAPv2 local error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 21:25:27 +03:00
Jouni Malinen
d804155783 tests: Milenage local error cases
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 21:09:50 +03:00
Jouni Malinen
63215b32a8 tests: AES-EAX error cases that were previously missed in EAP-PSK
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-16 20:39:45 +03:00
Jouni Malinen
d7c98f9558 tests: eap_pwd_perform_confirm_exchange() local failure
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:35:47 +03:00
Jouni Malinen
b95d79e7bc tests: eap_pwd_perform_commit_exchange() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:34:38 +03:00
Jouni Malinen
c9065bd265 tests: EAP-pwd commit request error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:05 +03:00
Jouni Malinen
6fe3ee722d tests: EAP-pwd local failure in crypto_bignum_rand()
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:05 +03:00
Jouni Malinen
8ff2401d54 tests: EAP-pwd eap_pwd_get_element() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 18:28:03 +03:00
Jouni Malinen
4f183becf0 tests: EAP-pwd compute_password_element() local failures
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 16:58:38 +03:00
Jouni Malinen
52b1cb5d73 tests: crypto_hash_finish() failure in eap_pwd_kdf()
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-04-13 12:53:42 +03:00
Jouni Malinen
2e3849bcf5 tests: EAP-pwd protocol tests for invalid EAP-pwd-Commit
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-04-09 17:11:15 +03:00
Jouni Malinen
fab49f6145 tests: Python coding style cleanup (pylint3 bad-whitespace)
Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-16 18:52:09 +02:00
Jouni Malinen
9efd3447c7 tests: Make AP discovery more robust in eap_proto test cases
Number of these test cases start connection attempt in wpa_supplicant
and then expected a specific failure to happen relatively quickly. This
could result in timeouts if the first scanning round missed to find the
AP (e.g., due to CPU load pushing out the Probe Response frame long
enough for the station having left the channel) and wpa_supplicant then
waiting five seconds before starting a new scan.

Make this more robust by scanning explicitly for the specific BSSID
before starting the connection attempt.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2019-03-12 16:24:15 +02:00
Jouni Malinen
43e3114c5f tests: Fix EAP-FAST protocol testing with python3
This was hit on Ubuntu 18.04 (newer python3 and OpenSSL library versions
compared to earlier tests).

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-05 15:50:45 +02:00
Jouni Malinen
55845e190b tests: Clean up pyrad test cases for python3 compatibility
All other test cases seem to work, but radius_das_disconnect_time_window
is still failing due to incorrect authenticator or Message-Authenticator
in Disconnect-Request.

Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 20:03:29 +02:00
Masashi Honma
15dfcb69df tests: Use 'b' prefix to mark Bytes literals explicitly for python3
Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Masashi Honma
f94df3c0b0 tests: Explicitly encode str to bytes when needed for python3
Avoid implicit conversion errors when constructing bytes objects or
passing a str object to a function that needs a bytes object.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Masashi Honma
7ab74770e7 tests: Convert binascii.hexlify() output to a string object for python3
This is needed in cases the hexlify() output is used to concatenate with
a string or used in string comparisons.

Signed-off-by: Masashi Honma <masashi.honma@gmail.com>
Signed-off-by: Jouni Malinen <j@w1.fi>
2019-02-04 12:26:33 +02:00
Jouni Malinen
182a0b4dae tests: EAP-pwd local error case in eap_pwd_perform_confirm_exchange()
This is a regression test case for a memory leak on these error paths.

Signed-off-by: Jouni Malinen <j@w1.fi>
2018-10-16 12:22:58 +03:00
Jouni Malinen
0a3742950e tests: Extend eap_proto_aka_prime to cover additional AT_KDF cases
Verify that EAP-AKA' client rejects Challenge with an appended AT_KDF
and a modified AT_KDF value during KDF negotiation.

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
2018-08-02 15:36:24 +03:00
Jouni Malinen
b30639b77e tests: Adjust eap_proto_pwd_errors to match implementation changes
Signed-off-by: Jouni Malinen <j@w1.fi>
2018-05-28 22:09:20 +03:00
Sean Parkinson
7d5df79f2d tests: Use a valid key exchange value in eap_proto_ikev2
Signed-off-by: Sean Parkinson <sean@wolfssl.com>
2018-05-02 00:37:38 +03:00
Jouni Malinen
c1361765fd tests: Additional EAP-TTLS error path
This is a regression test for a memory leak on an error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-07-08 16:21:38 +03:00
Jouni Malinen
e4e99927bf tests: Additional LEAP error path
This is a regression test for a memory leak on an error path.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-07-08 16:14:03 +03:00
Jouni Malinen
0a0c4dc1d7 tests: Use a domain name in the identity for get_emsk OOM tests
These test cases depend on ERP processing to reach the get_emsk handler
function. Since ERP really needs the realm to derive a proper
keyName-NAI, modify these test cases to pass the realm part in the
identity to allow error checking to be introduced for rejecting ERP
cases where the realm is not available.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-05-22 13:51:07 +03:00
Jouni Malinen
33a6da6908 tests: Work around pyopenssl API change
OpenSSL.SSL.Connection.state_string() was replaced with
get_state_string() in pyopenssl. Add workaround code to be able to use
either of these names.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-03-01 00:20:29 +02:00