]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_ft.py
1 # Fast BSS Transition tests
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
12 logger
= logging
.getLogger()
16 from wlantest
import Wlantest
17 from test_ap_psk
import check_mib
, find_wpas_process
, read_process_memory
, verify_not_present
, get_key_locations
20 params
= { "wpa": "2",
21 "wpa_key_mgmt": "FT-PSK",
22 "rsn_pairwise": "CCMP" }
26 params
= { "wpa": "3",
27 "wpa_key_mgmt": "WPA-PSK FT-PSK",
28 "wpa_pairwise": "TKIP",
29 "rsn_pairwise": "CCMP" }
32 def ft_params(rsn
=True, ssid
=None, passphrase
=None):
34 params
= ft_base_rsn()
36 params
= ft_base_mixed()
40 params
["wpa_passphrase"] = passphrase
42 params
["mobility_domain"] = "a1b2"
43 params
["r0_key_lifetime"] = "10000"
44 params
["pmk_r1_push"] = "1"
45 params
["reassociation_deadline"] = "1000"
48 def ft_params1(rsn
=True, ssid
=None, passphrase
=None):
49 params
= ft_params(rsn
, ssid
, passphrase
)
50 params
['nas_identifier'] = "nas1.w1.fi"
51 params
['r1_key_holder'] = "000102030405"
52 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
53 "02:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
54 params
['r1kh'] = "02:00:00:00:04:00 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
57 def ft_params2(rsn
=True, ssid
=None, passphrase
=None):
58 params
= ft_params(rsn
, ssid
, passphrase
)
59 params
['nas_identifier'] = "nas2.w1.fi"
60 params
['r1_key_holder'] = "000102030406"
61 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
62 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
63 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
66 def ft_params1_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
67 params
= ft_params(rsn
, ssid
, passphrase
)
68 params
['nas_identifier'] = "nas1.w1.fi"
69 params
['r1_key_holder'] = "000102030405"
70 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
71 "12:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
72 params
['r1kh'] = "12:00:00:00:04:00 10:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
75 def ft_params2_incorrect_rrb_key(rsn
=True, ssid
=None, passphrase
=None):
76 params
= ft_params(rsn
, ssid
, passphrase
)
77 params
['nas_identifier'] = "nas2.w1.fi"
78 params
['r1_key_holder'] = "000102030406"
79 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0ef1",
80 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0ef2" ]
81 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0ef3"
84 def ft_params2_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
85 params
= ft_params(rsn
, ssid
, passphrase
)
86 params
['nas_identifier'] = "nas2.w1.fi"
87 params
['r1_key_holder'] = "000102030406"
88 params
['r0kh'] = [ "12:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
89 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
90 params
['r1kh'] = "12:00:00:00:03:00 10:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
93 def run_roams(dev
, apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=False, sae
=False, eap
=False, fail_test
=False, roams
=1):
94 logger
.info("Connect to first AP")
96 dev
.connect(ssid
, key_mgmt
="FT-EAP", proto
="WPA2", ieee80211w
="1",
97 eap
="GPSK", identity
="gpsk user",
98 password
="abcdefghijklmnop0123456789abcdef",
105 dev
.connect(ssid
, psk
=passphrase
, key_mgmt
=key_mgmt
, proto
="WPA2",
106 ieee80211w
="1", scan_freq
="2412")
107 if dev
.get_status_field('bssid') == apdev
[0]['bssid']:
117 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
119 dev
.scan_for_bss(ap2
['bssid'], freq
="2412")
121 for i
in range(0, roams
):
122 logger
.info("Roam to the second AP")
124 dev
.roam_over_ds(ap2
['bssid'], fail_test
=fail_test
)
126 dev
.roam(ap2
['bssid'], fail_test
=fail_test
)
129 if dev
.get_status_field('bssid') != ap2
['bssid']:
130 raise Exception("Did not connect to correct AP")
131 if i
== 0 or i
== roams
- 1:
132 hwsim_utils
.test_connectivity(dev
, hapd2ap
)
134 logger
.info("Roam back to the first AP")
136 dev
.roam_over_ds(ap1
['bssid'])
138 dev
.roam(ap1
['bssid'])
139 if dev
.get_status_field('bssid') != ap1
['bssid']:
140 raise Exception("Did not connect to correct AP")
141 if i
== 0 or i
== roams
- 1:
142 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
144 def test_ap_ft(dev
, apdev
):
147 passphrase
="12345678"
149 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
150 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
151 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
152 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
154 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
155 if "[WPA2-FT/PSK-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
156 raise Exception("Scan results missing RSN element info")
158 def test_ap_ft_many(dev
, apdev
):
159 """WPA2-PSK-FT AP multiple times"""
161 passphrase
="12345678"
163 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
164 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
165 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
166 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
168 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, roams
=50)
170 def test_ap_ft_mixed(dev
, apdev
):
171 """WPA2-PSK-FT mixed-mode AP"""
172 ssid
= "test-ft-mixed"
173 passphrase
="12345678"
175 params
= ft_params1(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
176 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
177 key_mgmt
= hapd
.get_config()['key_mgmt']
178 vals
= key_mgmt
.split(' ')
179 if vals
[0] != "WPA-PSK" or vals
[1] != "FT-PSK":
180 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
181 params
= ft_params2(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
182 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
184 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
)
186 def test_ap_ft_pmf(dev
, apdev
):
187 """WPA2-PSK-FT AP with PMF"""
189 passphrase
="12345678"
191 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
192 params
["ieee80211w"] = "2";
193 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
194 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
195 params
["ieee80211w"] = "2";
196 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
198 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
200 def test_ap_ft_over_ds(dev
, apdev
):
201 """WPA2-PSK-FT AP over DS"""
203 passphrase
="12345678"
205 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
206 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
207 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
208 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
210 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
211 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"),
212 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ])
214 def test_ap_ft_over_ds_many(dev
, apdev
):
215 """WPA2-PSK-FT AP over DS multiple times"""
217 passphrase
="12345678"
219 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
220 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
221 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
222 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
224 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
227 def test_ap_ft_over_ds_unknown_target(dev
, apdev
):
230 passphrase
="12345678"
232 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
233 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
235 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
237 dev
[0].roam_over_ds("02:11:22:33:44:55", fail_test
=True)
239 def test_ap_ft_pmf_over_ds(dev
, apdev
):
240 """WPA2-PSK-FT AP over DS with PMF"""
242 passphrase
="12345678"
244 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
245 params
["ieee80211w"] = "2";
246 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
247 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
248 params
["ieee80211w"] = "2";
249 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
251 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
253 def test_ap_ft_over_ds_pull(dev
, apdev
):
254 """WPA2-PSK-FT AP over DS (pull PMK)"""
256 passphrase
="12345678"
258 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
259 params
["pmk_r1_push"] = "0"
260 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
261 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
262 params
["pmk_r1_push"] = "0"
263 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
265 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
267 def test_ap_ft_sae(dev
, apdev
):
268 """WPA2-PSK-FT-SAE AP"""
270 passphrase
="12345678"
272 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
273 params
['wpa_key_mgmt'] = "FT-SAE"
274 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
275 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
276 params
['wpa_key_mgmt'] = "FT-SAE"
277 hapd
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
278 key_mgmt
= hapd
.get_config()['key_mgmt']
279 if key_mgmt
.split(' ')[0] != "FT-SAE":
280 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
282 dev
[0].request("SET sae_groups ")
283 run_roams(dev
[0], apdev
, hapd0
, hapd
, ssid
, passphrase
, sae
=True)
285 def test_ap_ft_sae_over_ds(dev
, apdev
):
286 """WPA2-PSK-FT-SAE AP over DS"""
288 passphrase
="12345678"
290 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
291 params
['wpa_key_mgmt'] = "FT-SAE"
292 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
293 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
294 params
['wpa_key_mgmt'] = "FT-SAE"
295 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
297 dev
[0].request("SET sae_groups ")
298 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, sae
=True,
301 def test_ap_ft_eap(dev
, apdev
):
304 passphrase
="12345678"
306 radius
= hostapd
.radius_params()
307 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
308 params
['wpa_key_mgmt'] = "FT-EAP"
309 params
["ieee8021x"] = "1"
310 params
= dict(radius
.items() + params
.items())
311 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
312 key_mgmt
= hapd
.get_config()['key_mgmt']
313 if key_mgmt
.split(' ')[0] != "FT-EAP":
314 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
315 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
316 params
['wpa_key_mgmt'] = "FT-EAP"
317 params
["ieee8021x"] = "1"
318 params
= dict(radius
.items() + params
.items())
319 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
321 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
322 if "[WPA2-FT/EAP-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
323 raise Exception("Scan results missing RSN element info")
324 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"),
325 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-3") ])
327 def test_ap_ft_eap_pull(dev
, apdev
):
328 """WPA2-EAP-FT AP (pull PMK)"""
330 passphrase
="12345678"
332 radius
= hostapd
.radius_params()
333 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
334 params
['wpa_key_mgmt'] = "FT-EAP"
335 params
["ieee8021x"] = "1"
336 params
["pmk_r1_push"] = "0"
337 params
= dict(radius
.items() + params
.items())
338 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
339 key_mgmt
= hapd
.get_config()['key_mgmt']
340 if key_mgmt
.split(' ')[0] != "FT-EAP":
341 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
342 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
343 params
['wpa_key_mgmt'] = "FT-EAP"
344 params
["ieee8021x"] = "1"
345 params
["pmk_r1_push"] = "0"
346 params
= dict(radius
.items() + params
.items())
347 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
349 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
351 def test_ap_ft_mismatching_rrb_key_push(dev
, apdev
):
352 """WPA2-PSK-FT AP over DS with mismatching RRB key (push)"""
354 passphrase
="12345678"
356 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
357 params
["ieee80211w"] = "2";
358 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
359 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
360 params
["ieee80211w"] = "2";
361 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
363 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
366 def test_ap_ft_mismatching_rrb_key_pull(dev
, apdev
):
367 """WPA2-PSK-FT AP over DS with mismatching RRB key (pull)"""
369 passphrase
="12345678"
371 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
372 params
["pmk_r1_push"] = "0"
373 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
374 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
375 params
["pmk_r1_push"] = "0"
376 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
378 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
381 def test_ap_ft_mismatching_r0kh_id_pull(dev
, apdev
):
382 """WPA2-PSK-FT AP over DS with mismatching R0KH-ID (pull)"""
384 passphrase
="12345678"
386 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
387 params
["pmk_r1_push"] = "0"
388 params
["nas_identifier"] = "nas0.w1.fi"
389 hostapd
.add_ap(apdev
[0]['ifname'], params
)
390 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
393 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
394 params
["pmk_r1_push"] = "0"
395 hostapd
.add_ap(apdev
[1]['ifname'], params
)
397 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
398 dev
[0].roam_over_ds(apdev
[1]['bssid'], fail_test
=True)
400 def test_ap_ft_mismatching_rrb_r0kh_push(dev
, apdev
):
401 """WPA2-PSK-FT AP over DS with mismatching R0KH key (push)"""
403 passphrase
="12345678"
405 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
406 params
["ieee80211w"] = "2";
407 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
408 params
= ft_params2_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
409 params
["ieee80211w"] = "2";
410 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
412 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
415 def test_ap_ft_mismatching_rrb_r0kh_pull(dev
, apdev
):
416 """WPA2-PSK-FT AP over DS with mismatching R0KH key (pull)"""
418 passphrase
="12345678"
420 params
= ft_params1_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
421 params
["pmk_r1_push"] = "0"
422 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
423 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
424 params
["pmk_r1_push"] = "0"
425 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
427 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
430 def test_ap_ft_gtk_rekey(dev
, apdev
):
431 """WPA2-PSK-FT AP and GTK rekey"""
433 passphrase
="12345678"
435 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
436 params
['wpa_group_rekey'] = '1'
437 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
439 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
440 ieee80211w
="1", scan_freq
="2412")
442 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
444 raise Exception("GTK rekey timed out after initial association")
445 hwsim_utils
.test_connectivity(dev
[0], hapd
)
447 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
448 params
['wpa_group_rekey'] = '1'
449 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
451 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
452 dev
[0].roam(apdev
[1]['bssid'])
453 if dev
[0].get_status_field('bssid') != apdev
[1]['bssid']:
454 raise Exception("Did not connect to correct AP")
455 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
457 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
459 raise Exception("GTK rekey timed out after FT protocol")
460 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
462 def test_ft_psk_key_lifetime_in_memory(dev
, apdev
, params
):
463 """WPA2-PSK-FT and key lifetime in memory"""
465 passphrase
="04c2726b4b8d5f1b4db9c07aa4d9e9d8f765cb5d25ec817e6cc4fcdd5255db0"
466 psk
= '93c90846ff67af9037ed83fb72b63dbeddaa81d47f926c20909b5886f1d9358d'
467 pmk
= binascii
.unhexlify(psk
)
468 p
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
469 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], p
)
470 p
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
471 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], p
)
473 pid
= find_wpas_process(dev
[0])
475 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
479 buf
= read_process_memory(pid
, pmk
)
481 dev
[0].request("DISCONNECT")
482 dev
[0].wait_disconnected()
489 with
open(os
.path
.join(params
['logdir'], 'log0'), 'r') as f
:
490 for l
in f
.readlines():
491 if "FT: PMK-R0 - hexdump" in l
:
492 val
= l
.strip().split(':')[3].replace(' ', '')
493 pmkr0
= binascii
.unhexlify(val
)
494 if "FT: PMK-R1 - hexdump" in l
:
495 val
= l
.strip().split(':')[3].replace(' ', '')
496 pmkr1
= binascii
.unhexlify(val
)
497 if "FT: PTK - hexdump" in l
:
498 val
= l
.strip().split(':')[3].replace(' ', '')
499 ptk
= binascii
.unhexlify(val
)
500 if "WPA: Group Key - hexdump" in l
:
501 val
= l
.strip().split(':')[3].replace(' ', '')
502 gtk
= binascii
.unhexlify(val
)
503 if not pmkr0
or not pmkr1
or not ptk
or not gtk
:
504 raise Exception("Could not find keys from debug log")
506 raise Exception("Unexpected GTK length")
512 logger
.info("Checking keys in memory while associated")
513 get_key_locations(buf
, pmk
, "PMK")
514 get_key_locations(buf
, pmkr0
, "PMK-R0")
515 get_key_locations(buf
, pmkr1
, "PMK-R1")
517 print("PMK not found while associated")
520 print("PMK-R0 not found while associated")
523 print("PMK-R1 not found while associated")
526 raise Exception("KCK not found while associated")
528 raise Exception("KEK not found while associated")
530 raise Exception("TK found from memory")
532 raise Exception("GTK found from memory")
534 logger
.info("Checking keys in memory after disassociation")
535 buf
= read_process_memory(pid
, pmk
)
536 get_key_locations(buf
, pmk
, "PMK")
537 get_key_locations(buf
, pmkr0
, "PMK-R0")
538 get_key_locations(buf
, pmkr1
, "PMK-R1")
540 # Note: PMK/PSK is still present in network configuration
542 fname
= os
.path
.join(params
['logdir'],
543 'ft_psk_key_lifetime_in_memory.memctx-')
544 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
545 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
546 verify_not_present(buf
, kck
, fname
, "KCK")
547 verify_not_present(buf
, kek
, fname
, "KEK")
548 verify_not_present(buf
, tk
, fname
, "TK")
549 verify_not_present(buf
, gtk
, fname
, "GTK")
551 dev
[0].request("REMOVE_NETWORK all")
553 logger
.info("Checking keys in memory after network profile removal")
554 buf
= read_process_memory(pid
, pmk
)
555 get_key_locations(buf
, pmk
, "PMK")
556 get_key_locations(buf
, pmkr0
, "PMK-R0")
557 get_key_locations(buf
, pmkr1
, "PMK-R1")
559 verify_not_present(buf
, pmk
, fname
, "PMK")
560 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
561 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
562 verify_not_present(buf
, kck
, fname
, "KCK")
563 verify_not_present(buf
, kek
, fname
, "KEK")
564 verify_not_present(buf
, tk
, fname
, "TK")
565 verify_not_present(buf
, gtk
, fname
, "GTK")