tests/hwsim/test_tnc.py

   1 # -*- coding: utf-8 -*-
   2 # TNC tests
   3 # Copyright (c) 2014, Jouni Malinen <j@w1.fi>
   4 #
   5 # This software may be distributed under the terms of the BSD license.
   6 # See README for more details.
   7
   8 import os.path
   9
  10 import hostapd
  11 from test_ap_eap import int_eap_server_params
  12
  13 def test_tnc_peap_soh(dev, apdev):
  14     """TNC PEAP-SoH"""
  15     params = int_eap_server_params()
  16     params["tnc"] = "1"
  17     hostapd.add_ap(apdev[0]['ifname'], params)
  18
  19     dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
  20                    eap="PEAP", identity="user", password="password",
  21                    ca_cert="auth_serv/ca.pem",
  22                    phase1="peapver=0 tnc=soh cryptobinding=0",
  23                    phase2="auth=MSCHAPV2",
  24                    wait_connect=False)
  25     dev[0].wait_connected(timeout=10)
  26
  27     dev[1].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
  28                    eap="PEAP", identity="user", password="password",
  29                    ca_cert="auth_serv/ca.pem",
  30                    phase1="peapver=0 tnc=soh1 cryptobinding=1",
  31                    phase2="auth=MSCHAPV2",
  32                    wait_connect=False)
  33     dev[1].wait_connected(timeout=10)
  34
  35     dev[2].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
  36                    eap="PEAP", identity="user", password="password",
  37                    ca_cert="auth_serv/ca.pem",
  38                    phase1="peapver=0 tnc=soh2 cryptobinding=2",
  39                    phase2="auth=MSCHAPV2",
  40                    wait_connect=False)
  41     dev[2].wait_connected(timeout=10)
  42
  43 def test_tnc_ttls(dev, apdev):
  44     """TNC TTLS"""
  45     params = int_eap_server_params()
  46     params["tnc"] = "1"
  47     hostapd.add_ap(apdev[0]['ifname'], params)
  48
  49     if not os.path.exists("tnc/libhostap_imc.so"):
  50         logger.info("No IMC installed - skip")
  51         return "skip"
  52
  53     dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
  54                    eap="TTLS", identity="DOMAIN\mschapv2 user",
  55                    anonymous_identity="ttls", password="password",
  56                    phase2="auth=MSCHAPV2",
  57                    ca_cert="auth_serv/ca.pem",
  58                    wait_connect=False)
  59     dev[0].wait_connected(timeout=10)
  60
  61 def test_tnc_fast(dev, apdev):
  62     """TNC FAST"""
  63     params = int_eap_server_params()
  64     params["tnc"] = "1"
  65     params["pac_opaque_encr_key"] ="000102030405060708090a0b0c0d0e00"
  66     params["eap_fast_a_id"] = "101112131415161718191a1b1c1d1e00"
  67     params["eap_fast_a_id_info"] = "test server2"
  68
  69     hostapd.add_ap(apdev[0]['ifname'], params)
  70
  71     if not os.path.exists("tnc/libhostap_imc.so"):
  72         logger.info("No IMC installed - skip")
  73         return "skip"
  74
  75     dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
  76                    eap="FAST", identity="user",
  77                    anonymous_identity="FAST", password="password",
  78                    phase2="auth=GTC",
  79                    phase1="fast_provisioning=2",
  80                    pac_file="blob://fast_pac_auth_tnc",
  81                    ca_cert="auth_serv/ca.pem",
  82                    wait_connect=False)
  83     dev[0].wait_connected(timeout=10)