tests: MACsec with EAP-PSK

author Jouni Malinen <quic_jouni@quicinc.com>

Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)

committer Jouni Malinen <j@w1.fi>

Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)
author Jouni Malinen <quic_jouni@quicinc.com>
Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)
committer Jouni Malinen <j@w1.fi>
Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)
diff --git a/tests/hwsim/test_macsec.py b/tests/hwsim/test_macsec.py

index bf39936aa54e57649fd103aa9ec730a78c930629..46efd51c93b317bbe0cbbb6fdfcd3e3a22fabe66 100644 (file)
--- a/tests/hwsim/test_macsec.py
+++ b/tests/hwsim/test_macsec.py
@@ -151,7 +151,8 @@ def set_mka_psk_config(dev, mka_priority=None, integ_only=False, port=None,
  
      dev.select_network(id)
  
-def set_mka_eap_config(dev, mka_priority=None, integ_only=False, port=None):
+def set_mka_eap_config(dev, mka_priority=None, integ_only=False, port=None,
+                       eap_psk=False):
      dev.set("eapol_version", "3")
      dev.set("ap_scan", "0")
      dev.set("fast_reauth", "1")
@@ -168,12 +169,17 @@ def set_mka_eap_config(dev, mka_priority=None, integ_only=False, port=None):
          dev.set_network(id, "macsec_port", str(port))
  
      dev.set_network(id, "key_mgmt", "IEEE8021X")
-    dev.set_network(id, "eap", "TTLS")
-    dev.set_network_quoted(id, "ca_cert", "auth_serv/ca.pem")
-    dev.set_network_quoted(id, "phase2", "auth=MSCHAPV2")
-    dev.set_network_quoted(id, "anonymous_identity", "ttls")
-    dev.set_network_quoted(id, "identity", "DOMAIN\mschapv2 user")
-    dev.set_network_quoted(id, "password", "password")
+    if eap_psk:
+        dev.set_network(id, "eap", "PSK")
+        dev.set_network_quoted(id, "identity", "psk.user@example.com")
+        dev.set_network(id, "password", "0123456789abcdef0123456789abcdef")
+    else:
+        dev.set_network(id, "eap", "TTLS")
+        dev.set_network_quoted(id, "ca_cert", "auth_serv/ca.pem")
+        dev.set_network_quoted(id, "phase2", "auth=MSCHAPV2")
+        dev.set_network_quoted(id, "anonymous_identity", "ttls")
+        dev.set_network_quoted(id, "identity", "DOMAIN\mschapv2 user")
+        dev.set_network_quoted(id, "password", "password")
  
      dev.select_network(id)
  
@@ -824,8 +830,17 @@ def test_macsec_hostapd_eap(dev, apdev, params):
      finally:
          cleanup_macsec_hostapd()
  
+def test_macsec_hostapd_eap_psk(dev, apdev, params):
+    """MACsec EAP-PSK with hostapd"""
+    try:
+        run_macsec_hostapd_eap(dev, apdev, params, "macsec_hostapd_eap_psk",
+                               eap_psk=True)
+    finally:
+        cleanup_macsec_hostapd()
+
  def run_macsec_hostapd_eap(dev, apdev, params, prefix, integ_only=False,
-                           port0=None, port1=None, expect_failure=False):
+                           port0=None, port1=None, expect_failure=False,
+                           eap_psk=False):
      add_veth()
  
      cap_veth0 = os.path.join(params['logdir'], prefix + ".veth0.pcap")
@@ -844,7 +859,7 @@ def run_macsec_hostapd_eap(dev, apdev, params, prefix, integ_only=False,
      wpas0 = wpa[0]
  
      set_mka_eap_config(wpas0, integ_only=integ_only, port=port0,
-                       mka_priority=100)
+                       mka_priority=100, eap_psk=eap_psk)
  
      params = {"driver": "macsec_linux",
                "interface": "veth1",
author	Jouni Malinen <quic_jouni@quicinc.com>
	Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)
committer	Jouni Malinen <j@w1.fi>
	Fri, 10 Feb 2023 10:41:03 +0000 (12:41 +0200)