tests: Invalid ca_cert hash:// value

Signed-off-by: Jouni Malinen <j@w1.fi>

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 73e8c1e503121eb04c9f2c12b4d0513a50ea918d..49376902c9d70b6a98407f412e11647ebf6f9da5 100644 (file)
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -658,6 +658,34 @@ def test_ap_wpa2_eap_ttls_server_cert_hash(dev, apdev):
                 ca_cert="hash://server/sha256/" + srv_cert_hash,
                 phase2="auth=MSCHAPV2")
 
+def test_ap_wpa2_eap_ttls_server_cert_hash_invalid(dev, apdev):
+    """WPA2-Enterprise connection using EAP-TTLS and server certificate hash (invalid config)"""
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hostapd.add_ap(apdev[0]['ifname'], params)
+    dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
+                   identity="DOMAIN\mschapv2 user", anonymous_identity="ttls",
+                   password="password", phase2="auth=MSCHAPV2",
+                   ca_cert="hash://server/md5/5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6a",
+                   wait_connect=False, scan_freq="2412")
+    dev[1].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
+                   identity="DOMAIN\mschapv2 user", anonymous_identity="ttls",
+                   password="password", phase2="auth=MSCHAPV2",
+                   ca_cert="hash://server/sha256/5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca",
+                   wait_connect=False, scan_freq="2412")
+    dev[2].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
+                   identity="DOMAIN\mschapv2 user", anonymous_identity="ttls",
+                   password="password", phase2="auth=MSCHAPV2",
+                   ca_cert="hash://server/sha256/5a1bc1296205e6fdbe3979728efe3920798885c1c4590b5f90f43222d239ca6Q",
+                   wait_connect=False, scan_freq="2412")
+    for i in range(0, 3):
+        ev = dev[i].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=10)
+        if ev is None:
+            raise Exception("Association and EAP start timed out")
+        timeout = 1 if i == 0 else 0.1
+        ev = dev[i].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=timeout)
+        if ev is not None:
+            raise Exception("Unexpected EAP start")
+
 def test_ap_wpa2_eap_pwd(dev, apdev):
     """WPA2-Enterprise connection using EAP-pwd"""
     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")