tests: PEAP/GTC key lifetime in memory

Signed-off-by: Jouni Malinen <jouni@codeaurora.org>

diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index b9fc701dc2a3dd9536b47b5473d19e8f1180bdca..c2c2cf500fc1fe1963eb425f0f35d9237b39fa9d 100644 (file)
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -136,6 +136,7 @@ radius_accept_attr=56:x:32000011
 "DOMAIN\user3" MSCHAPV2        "password"      [2]
 "user-no-passwd"       MSCHAPV2,MD5,GTC        [2]
 "cert user"    TLS     [2]
+"user-secret"  GTC     "63d2d21ac3c09ed567ee004a34490f1d16e7fa5835edf17ddba70a63f1a90a25"      [2]
 
 "hs20-deauth-test"     TTLS-MSCHAPV2   "password"      [2]
 radius_accept_attr=26:x:00009f680405016400

diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 542e860a7f1fcff821758dccf2578e7e6c5e75a3..df41d7c5be7c2c7d70dfddd652319878e6dced5a 100644 (file)
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -5074,10 +5074,24 @@ def test_wpa2_eap_ttls_pap_key_lifetime_in_memory(dev, apdev, params):
     p = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
     hapd = hostapd.add_ap(apdev[0], p)
     password = "63d2d21ac3c09ed567ee004a34490f1d16e7fa5835edf17ddba70a63f1a90a25"
-    pid = find_wpas_process(dev[0])
     id = eap_connect(dev[0], hapd, "TTLS", "pap-secret",
                      anonymous_identity="ttls", password=password,
                      ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
+    run_eap_key_lifetime_in_memory(dev, params, id, password)
+
+def test_wpa2_eap_peap_gtc_key_lifetime_in_memory(dev, apdev, params):
+    """Key lifetime in memory with WPA2-Enterprise using PEAP/GTC"""
+    p = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hapd = hostapd.add_ap(apdev[0], p)
+    password = "63d2d21ac3c09ed567ee004a34490f1d16e7fa5835edf17ddba70a63f1a90a25"
+    id = eap_connect(dev[0], hapd, "PEAP", "user-secret",
+                     anonymous_identity="peap", password=password,
+                     ca_cert="auth_serv/ca.pem", phase2="auth=GTC")
+    run_eap_key_lifetime_in_memory(dev, params, id, password)
+
+def run_eap_key_lifetime_in_memory(dev, params, id, password):
+    pid = find_wpas_process(dev[0])
+
     # The decrypted copy of GTK is freed only after the CTRL-EVENT-CONNECTED
     # event has been delivered, so verify that wpa_supplicant has returned to
     # eloop before reading process memory.
@@ -5097,10 +5111,12 @@ def test_wpa2_eap_ttls_pap_key_lifetime_in_memory(dev, apdev, params):
     gtk = None
     with open(os.path.join(params['logdir'], 'log0'), 'r') as f:
         for l in f.readlines():
-            if "EAP-TTLS: Derived key - hexdump" in l:
+            if "EAP-TTLS: Derived key - hexdump" in l or \
+               "EAP-PEAP: Derived key - hexdump" in l:
                 val = l.strip().split(':')[3].replace(' ', '')
                 msk = binascii.unhexlify(val)
-            if "EAP-TTLS: Derived EMSK - hexdump" in l:
+            if "EAP-TTLS: Derived EMSK - hexdump" in l or \
+               "EAP-PEAP: Derived EMSK - hexdump" in l:
                 val = l.strip().split(':')[3].replace(' ', '')
                 emsk = binascii.unhexlify(val)
             if "WPA: PMK - hexdump" in l: