]> git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_ft.py
projects / thirdparty / hostap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
tests: Convert test skipping to use exception
[thirdparty/hostap.git] / tests / hwsim / test_ap_ft.py
1 # Fast BSS Transition tests
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
3 #
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
6
7 import binascii
8 import os
9 import time
10 import subprocess
11 import logging
12 logger = logging.getLogger()
13
14 import hwsim_utils
15 import hostapd
16 from utils import HwsimSkip
17 from wlantest import Wlantest
18 from test_ap_psk import check_mib, find_wpas_process, read_process_memory, verify_not_present, get_key_locations
19
20 def ft_base_rsn():
21 params = { "wpa": "2",
22 "wpa_key_mgmt": "FT-PSK",
23 "rsn_pairwise": "CCMP" }
24 return params
25
26 def ft_base_mixed():
27 params = { "wpa": "3",
28 "wpa_key_mgmt": "WPA-PSK FT-PSK",
29 "wpa_pairwise": "TKIP",
30 "rsn_pairwise": "CCMP" }
31 return params
32
33 def ft_params(rsn=True, ssid=None, passphrase=None):
34 if rsn:
35 params = ft_base_rsn()
36 else:
37 params = ft_base_mixed()
38 if ssid:
39 params["ssid"] = ssid
40 if passphrase:
41 params["wpa_passphrase"] = passphrase
42
43 params["mobility_domain"] = "a1b2"
44 params["r0_key_lifetime"] = "10000"
45 params["pmk_r1_push"] = "1"
46 params["reassociation_deadline"] = "1000"
47 return params
48
49 def ft_params1(rsn=True, ssid=None, passphrase=None):
50 params = ft_params(rsn, ssid, passphrase)
51 params['nas_identifier'] = "nas1.w1.fi"
52 params['r1_key_holder'] = "000102030405"
53 params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
54 "02:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
55 params['r1kh'] = "02:00:00:00:04:00 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
56 return params
57
58 def ft_params2(rsn=True, ssid=None, passphrase=None):
59 params = ft_params(rsn, ssid, passphrase)
60 params['nas_identifier'] = "nas2.w1.fi"
61 params['r1_key_holder'] = "000102030406"
62 params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
63 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
64 params['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
65 return params
66
67 def ft_params1_r0kh_mismatch(rsn=True, ssid=None, passphrase=None):
68 params = ft_params(rsn, ssid, passphrase)
69 params['nas_identifier'] = "nas1.w1.fi"
70 params['r1_key_holder'] = "000102030405"
71 params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
72 "12:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
73 params['r1kh'] = "12:00:00:00:04:00 10:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
74 return params
75
76 def ft_params2_incorrect_rrb_key(rsn=True, ssid=None, passphrase=None):
77 params = ft_params(rsn, ssid, passphrase)
78 params['nas_identifier'] = "nas2.w1.fi"
79 params['r1_key_holder'] = "000102030406"
80 params['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0ef1",
81 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0ef2" ]
82 params['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0ef3"
83 return params
84
85 def ft_params2_r0kh_mismatch(rsn=True, ssid=None, passphrase=None):
86 params = ft_params(rsn, ssid, passphrase)
87 params['nas_identifier'] = "nas2.w1.fi"
88 params['r1_key_holder'] = "000102030406"
89 params['r0kh'] = [ "12:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
90 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
91 params['r1kh'] = "12:00:00:00:03:00 10:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
92 return params
93
94 def run_roams(dev, apdev, hapd0, hapd1, ssid, passphrase, over_ds=False, sae=False, eap=False, fail_test=False, roams=1):
95 logger.info("Connect to first AP")
96 if eap:
97 dev.connect(ssid, key_mgmt="FT-EAP", proto="WPA2", ieee80211w="1",
98 eap="GPSK", identity="gpsk user",
99 password="abcdefghijklmnop0123456789abcdef",
100 scan_freq="2412")
101 else:
102 if sae:
103 key_mgmt="FT-SAE"
104 else:
105 key_mgmt="FT-PSK"
106 dev.connect(ssid, psk=passphrase, key_mgmt=key_mgmt, proto="WPA2",
107 ieee80211w="1", scan_freq="2412")
108 if dev.get_status_field('bssid') == apdev[0]['bssid']:
109 ap1 = apdev[0]
110 ap2 = apdev[1]
111 hapd1ap = hapd0
112 hapd2ap = hapd1
113 else:
114 ap1 = apdev[1]
115 ap2 = apdev[0]
116 hapd1ap = hapd1
117 hapd2ap = hapd0
118 hwsim_utils.test_connectivity(dev, hapd1ap)
119
120 dev.scan_for_bss(ap2['bssid'], freq="2412")
121
122 for i in range(0, roams):
123 logger.info("Roam to the second AP")
124 if over_ds:
125 dev.roam_over_ds(ap2['bssid'], fail_test=fail_test)
126 else:
127 dev.roam(ap2['bssid'], fail_test=fail_test)
128 if fail_test:
129 return
130 if dev.get_status_field('bssid') != ap2['bssid']:
131 raise Exception("Did not connect to correct AP")
132 if i == 0 or i == roams - 1:
133 hwsim_utils.test_connectivity(dev, hapd2ap)
134
135 logger.info("Roam back to the first AP")
136 if over_ds:
137 dev.roam_over_ds(ap1['bssid'])
138 else:
139 dev.roam(ap1['bssid'])
140 if dev.get_status_field('bssid') != ap1['bssid']:
141 raise Exception("Did not connect to correct AP")
142 if i == 0 or i == roams - 1:
143 hwsim_utils.test_connectivity(dev, hapd1ap)
144
145 def test_ap_ft(dev, apdev):
146 """WPA2-PSK-FT AP"""
147 ssid = "test-ft"
148 passphrase="12345678"
149
150 params = ft_params1(ssid=ssid, passphrase=passphrase)
151 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
152 params = ft_params2(ssid=ssid, passphrase=passphrase)
153 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
154
155 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase)
156 if "[WPA2-FT/PSK-CCMP]" not in dev[0].request("SCAN_RESULTS"):
157 raise Exception("Scan results missing RSN element info")
158
159 def test_ap_ft_many(dev, apdev):
160 """WPA2-PSK-FT AP multiple times"""
161 ssid = "test-ft"
162 passphrase="12345678"
163
164 params = ft_params1(ssid=ssid, passphrase=passphrase)
165 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
166 params = ft_params2(ssid=ssid, passphrase=passphrase)
167 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
168
169 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, roams=50)
170
171 def test_ap_ft_mixed(dev, apdev):
172 """WPA2-PSK-FT mixed-mode AP"""
173 ssid = "test-ft-mixed"
174 passphrase="12345678"
175
176 params = ft_params1(rsn=False, ssid=ssid, passphrase=passphrase)
177 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
178 key_mgmt = hapd.get_config()['key_mgmt']
179 vals = key_mgmt.split(' ')
180 if vals[0] != "WPA-PSK" or vals[1] != "FT-PSK":
181 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
182 params = ft_params2(rsn=False, ssid=ssid, passphrase=passphrase)
183 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
184
185 run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase)
186
187 def test_ap_ft_pmf(dev, apdev):
188 """WPA2-PSK-FT AP with PMF"""
189 ssid = "test-ft"
190 passphrase="12345678"
191
192 params = ft_params1(ssid=ssid, passphrase=passphrase)
193 params["ieee80211w"] = "2";
194 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
195 params = ft_params2(ssid=ssid, passphrase=passphrase)
196 params["ieee80211w"] = "2";
197 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
198
199 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase)
200
201 def test_ap_ft_over_ds(dev, apdev):
202 """WPA2-PSK-FT AP over DS"""
203 ssid = "test-ft"
204 passphrase="12345678"
205
206 params = ft_params1(ssid=ssid, passphrase=passphrase)
207 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
208 params = ft_params2(ssid=ssid, passphrase=passphrase)
209 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
210
211 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True)
212 check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"),
213 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ])
214
215 def test_ap_ft_over_ds_many(dev, apdev):
216 """WPA2-PSK-FT AP over DS multiple times"""
217 ssid = "test-ft"
218 passphrase="12345678"
219
220 params = ft_params1(ssid=ssid, passphrase=passphrase)
221 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
222 params = ft_params2(ssid=ssid, passphrase=passphrase)
223 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
224
225 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
226 roams=50)
227
228 def test_ap_ft_over_ds_unknown_target(dev, apdev):
229 """WPA2-PSK-FT AP"""
230 ssid = "test-ft"
231 passphrase="12345678"
232
233 params = ft_params1(ssid=ssid, passphrase=passphrase)
234 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
235
236 dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2",
237 scan_freq="2412")
238 dev[0].roam_over_ds("02:11:22:33:44:55", fail_test=True)
239
240 def test_ap_ft_pmf_over_ds(dev, apdev):
241 """WPA2-PSK-FT AP over DS with PMF"""
242 ssid = "test-ft"
243 passphrase="12345678"
244
245 params = ft_params1(ssid=ssid, passphrase=passphrase)
246 params["ieee80211w"] = "2";
247 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
248 params = ft_params2(ssid=ssid, passphrase=passphrase)
249 params["ieee80211w"] = "2";
250 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
251
252 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True)
253
254 def test_ap_ft_over_ds_pull(dev, apdev):
255 """WPA2-PSK-FT AP over DS (pull PMK)"""
256 ssid = "test-ft"
257 passphrase="12345678"
258
259 params = ft_params1(ssid=ssid, passphrase=passphrase)
260 params["pmk_r1_push"] = "0"
261 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
262 params = ft_params2(ssid=ssid, passphrase=passphrase)
263 params["pmk_r1_push"] = "0"
264 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
265
266 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True)
267
268 def test_ap_ft_sae(dev, apdev):
269 """WPA2-PSK-FT-SAE AP"""
270 ssid = "test-ft"
271 passphrase="12345678"
272
273 params = ft_params1(ssid=ssid, passphrase=passphrase)
274 params['wpa_key_mgmt'] = "FT-SAE"
275 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
276 params = ft_params2(ssid=ssid, passphrase=passphrase)
277 params['wpa_key_mgmt'] = "FT-SAE"
278 hapd = hostapd.add_ap(apdev[1]['ifname'], params)
279 key_mgmt = hapd.get_config()['key_mgmt']
280 if key_mgmt.split(' ')[0] != "FT-SAE":
281 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
282
283 dev[0].request("SET sae_groups ")
284 run_roams(dev[0], apdev, hapd0, hapd, ssid, passphrase, sae=True)
285
286 def test_ap_ft_sae_over_ds(dev, apdev):
287 """WPA2-PSK-FT-SAE AP over DS"""
288 ssid = "test-ft"
289 passphrase="12345678"
290
291 params = ft_params1(ssid=ssid, passphrase=passphrase)
292 params['wpa_key_mgmt'] = "FT-SAE"
293 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
294 params = ft_params2(ssid=ssid, passphrase=passphrase)
295 params['wpa_key_mgmt'] = "FT-SAE"
296 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
297
298 dev[0].request("SET sae_groups ")
299 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, sae=True,
300 over_ds=True)
301
302 def test_ap_ft_eap(dev, apdev):
303 """WPA2-EAP-FT AP"""
304 ssid = "test-ft"
305 passphrase="12345678"
306
307 radius = hostapd.radius_params()
308 params = ft_params1(ssid=ssid, passphrase=passphrase)
309 params['wpa_key_mgmt'] = "FT-EAP"
310 params["ieee8021x"] = "1"
311 params = dict(radius.items() + params.items())
312 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
313 key_mgmt = hapd.get_config()['key_mgmt']
314 if key_mgmt.split(' ')[0] != "FT-EAP":
315 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
316 params = ft_params2(ssid=ssid, passphrase=passphrase)
317 params['wpa_key_mgmt'] = "FT-EAP"
318 params["ieee8021x"] = "1"
319 params = dict(radius.items() + params.items())
320 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
321
322 run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True)
323 if "[WPA2-FT/EAP-CCMP]" not in dev[0].request("SCAN_RESULTS"):
324 raise Exception("Scan results missing RSN element info")
325 check_mib(dev[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"),
326 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-3") ])
327
328 def test_ap_ft_eap_pull(dev, apdev):
329 """WPA2-EAP-FT AP (pull PMK)"""
330 ssid = "test-ft"
331 passphrase="12345678"
332
333 radius = hostapd.radius_params()
334 params = ft_params1(ssid=ssid, passphrase=passphrase)
335 params['wpa_key_mgmt'] = "FT-EAP"
336 params["ieee8021x"] = "1"
337 params["pmk_r1_push"] = "0"
338 params = dict(radius.items() + params.items())
339 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
340 key_mgmt = hapd.get_config()['key_mgmt']
341 if key_mgmt.split(' ')[0] != "FT-EAP":
342 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt)
343 params = ft_params2(ssid=ssid, passphrase=passphrase)
344 params['wpa_key_mgmt'] = "FT-EAP"
345 params["ieee8021x"] = "1"
346 params["pmk_r1_push"] = "0"
347 params = dict(radius.items() + params.items())
348 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
349
350 run_roams(dev[0], apdev, hapd, hapd1, ssid, passphrase, eap=True)
351
352 def test_ap_ft_mismatching_rrb_key_push(dev, apdev):
353 """WPA2-PSK-FT AP over DS with mismatching RRB key (push)"""
354 ssid = "test-ft"
355 passphrase="12345678"
356
357 params = ft_params1(ssid=ssid, passphrase=passphrase)
358 params["ieee80211w"] = "2";
359 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
360 params = ft_params2_incorrect_rrb_key(ssid=ssid, passphrase=passphrase)
361 params["ieee80211w"] = "2";
362 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
363
364 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
365 fail_test=True)
366
367 def test_ap_ft_mismatching_rrb_key_pull(dev, apdev):
368 """WPA2-PSK-FT AP over DS with mismatching RRB key (pull)"""
369 ssid = "test-ft"
370 passphrase="12345678"
371
372 params = ft_params1(ssid=ssid, passphrase=passphrase)
373 params["pmk_r1_push"] = "0"
374 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
375 params = ft_params2_incorrect_rrb_key(ssid=ssid, passphrase=passphrase)
376 params["pmk_r1_push"] = "0"
377 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
378
379 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
380 fail_test=True)
381
382 def test_ap_ft_mismatching_r0kh_id_pull(dev, apdev):
383 """WPA2-PSK-FT AP over DS with mismatching R0KH-ID (pull)"""
384 ssid = "test-ft"
385 passphrase="12345678"
386
387 params = ft_params1(ssid=ssid, passphrase=passphrase)
388 params["pmk_r1_push"] = "0"
389 params["nas_identifier"] = "nas0.w1.fi"
390 hostapd.add_ap(apdev[0]['ifname'], params)
391 dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2",
392 scan_freq="2412")
393
394 params = ft_params2(ssid=ssid, passphrase=passphrase)
395 params["pmk_r1_push"] = "0"
396 hostapd.add_ap(apdev[1]['ifname'], params)
397
398 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
399 dev[0].roam_over_ds(apdev[1]['bssid'], fail_test=True)
400
401 def test_ap_ft_mismatching_rrb_r0kh_push(dev, apdev):
402 """WPA2-PSK-FT AP over DS with mismatching R0KH key (push)"""
403 ssid = "test-ft"
404 passphrase="12345678"
405
406 params = ft_params1(ssid=ssid, passphrase=passphrase)
407 params["ieee80211w"] = "2";
408 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
409 params = ft_params2_r0kh_mismatch(ssid=ssid, passphrase=passphrase)
410 params["ieee80211w"] = "2";
411 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
412
413 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
414 fail_test=True)
415
416 def test_ap_ft_mismatching_rrb_r0kh_pull(dev, apdev):
417 """WPA2-PSK-FT AP over DS with mismatching R0KH key (pull)"""
418 ssid = "test-ft"
419 passphrase="12345678"
420
421 params = ft_params1_r0kh_mismatch(ssid=ssid, passphrase=passphrase)
422 params["pmk_r1_push"] = "0"
423 hapd0 = hostapd.add_ap(apdev[0]['ifname'], params)
424 params = ft_params2(ssid=ssid, passphrase=passphrase)
425 params["pmk_r1_push"] = "0"
426 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
427
428 run_roams(dev[0], apdev, hapd0, hapd1, ssid, passphrase, over_ds=True,
429 fail_test=True)
430
431 def test_ap_ft_gtk_rekey(dev, apdev):
432 """WPA2-PSK-FT AP and GTK rekey"""
433 ssid = "test-ft"
434 passphrase="12345678"
435
436 params = ft_params1(ssid=ssid, passphrase=passphrase)
437 params['wpa_group_rekey'] = '1'
438 hapd = hostapd.add_ap(apdev[0]['ifname'], params)
439
440 dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2",
441 ieee80211w="1", scan_freq="2412")
442
443 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
444 if ev is None:
445 raise Exception("GTK rekey timed out after initial association")
446 hwsim_utils.test_connectivity(dev[0], hapd)
447
448 params = ft_params2(ssid=ssid, passphrase=passphrase)
449 params['wpa_group_rekey'] = '1'
450 hapd1 = hostapd.add_ap(apdev[1]['ifname'], params)
451
452 dev[0].scan_for_bss(apdev[1]['bssid'], freq="2412")
453 dev[0].roam(apdev[1]['bssid'])
454 if dev[0].get_status_field('bssid') != apdev[1]['bssid']:
455 raise Exception("Did not connect to correct AP")
456 hwsim_utils.test_connectivity(dev[0], hapd1)
457
458 ev = dev[0].wait_event(["WPA: Group rekeying completed"], timeout=2)
459 if ev is None:
460 raise Exception("GTK rekey timed out after FT protocol")
461 hwsim_utils.test_connectivity(dev[0], hapd1)
462
463 def test_ft_psk_key_lifetime_in_memory(dev, apdev, params):
464 """WPA2-PSK-FT and key lifetime in memory"""
465 ssid = "test-ft"
466 passphrase="04c2726b4b8d5f1b4db9c07aa4d9e9d8f765cb5d25ec817e6cc4fcdd5255db0"
467 psk = '93c90846ff67af9037ed83fb72b63dbeddaa81d47f926c20909b5886f1d9358d'
468 pmk = binascii.unhexlify(psk)
469 p = ft_params1(ssid=ssid, passphrase=passphrase)
470 hapd0 = hostapd.add_ap(apdev[0]['ifname'], p)
471 p = ft_params2(ssid=ssid, passphrase=passphrase)
472 hapd1 = hostapd.add_ap(apdev[1]['ifname'], p)
473
474 pid = find_wpas_process(dev[0])
475
476 dev[0].connect(ssid, psk=passphrase, key_mgmt="FT-PSK", proto="WPA2",
477 scan_freq="2412")
478 time.sleep(0.1)
479
480 buf = read_process_memory(pid, pmk)
481
482 dev[0].request("DISCONNECT")
483 dev[0].wait_disconnected()
484
485 dev[0].relog()
486 pmkr0 = None
487 pmkr1 = None
488 ptk = None
489 gtk = None
490 with open(os.path.join(params['logdir'], 'log0'), 'r') as f:
491 for l in f.readlines():
492 if "FT: PMK-R0 - hexdump" in l:
493 val = l.strip().split(':')[3].replace(' ', '')
494 pmkr0 = binascii.unhexlify(val)
495 if "FT: PMK-R1 - hexdump" in l:
496 val = l.strip().split(':')[3].replace(' ', '')
497 pmkr1 = binascii.unhexlify(val)
498 if "FT: PTK - hexdump" in l:
499 val = l.strip().split(':')[3].replace(' ', '')
500 ptk = binascii.unhexlify(val)
501 if "WPA: Group Key - hexdump" in l:
502 val = l.strip().split(':')[3].replace(' ', '')
503 gtk = binascii.unhexlify(val)
504 if not pmkr0 or not pmkr1 or not ptk or not gtk:
505 raise Exception("Could not find keys from debug log")
506 if len(gtk) != 16:
507 raise Exception("Unexpected GTK length")
508
509 kck = ptk[0:16]
510 kek = ptk[16:32]
511 tk = ptk[32:48]
512
513 logger.info("Checking keys in memory while associated")
514 get_key_locations(buf, pmk, "PMK")
515 get_key_locations(buf, pmkr0, "PMK-R0")
516 get_key_locations(buf, pmkr1, "PMK-R1")
517 if pmk not in buf:
518 raise HwsimSkip("PMK not found while associated")
519 if pmkr0 not in buf:
520 raise HwsimSkip("PMK-R0 not found while associated")
521 if pmkr1 not in buf:
522 raise HwsimSkip("PMK-R1 not found while associated")
523 if kck not in buf:
524 raise Exception("KCK not found while associated")
525 if kek not in buf:
526 raise Exception("KEK not found while associated")
527 if tk in buf:
528 raise Exception("TK found from memory")
529 if gtk in buf:
530 raise Exception("GTK found from memory")
531
532 logger.info("Checking keys in memory after disassociation")
533 buf = read_process_memory(pid, pmk)
534 get_key_locations(buf, pmk, "PMK")
535 get_key_locations(buf, pmkr0, "PMK-R0")
536 get_key_locations(buf, pmkr1, "PMK-R1")
537
538 # Note: PMK/PSK is still present in network configuration
539
540 fname = os.path.join(params['logdir'],
541 'ft_psk_key_lifetime_in_memory.memctx-')
542 verify_not_present(buf, pmkr0, fname, "PMK-R0")
543 verify_not_present(buf, pmkr1, fname, "PMK-R1")
544 verify_not_present(buf, kck, fname, "KCK")
545 verify_not_present(buf, kek, fname, "KEK")
546 verify_not_present(buf, tk, fname, "TK")
547 verify_not_present(buf, gtk, fname, "GTK")
548
549 dev[0].request("REMOVE_NETWORK all")
550
551 logger.info("Checking keys in memory after network profile removal")
552 buf = read_process_memory(pid, pmk)
553 get_key_locations(buf, pmk, "PMK")
554 get_key_locations(buf, pmkr0, "PMK-R0")
555 get_key_locations(buf, pmkr1, "PMK-R1")
556
557 verify_not_present(buf, pmk, fname, "PMK")
558 verify_not_present(buf, pmkr0, fname, "PMK-R0")
559 verify_not_present(buf, pmkr1, fname, "PMK-R1")
560 verify_not_present(buf, kck, fname, "KCK")
561 verify_not_present(buf, kek, fname, "KEK")
562 verify_not_present(buf, tk, fname, "TK")
563 verify_not_present(buf, gtk, fname, "GTK")
Unnamed repository; edit this file 'description' to name the repository.