]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_ft.py
1 # Fast BSS Transition tests
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
12 logger
= logging
.getLogger()
16 from utils
import HwsimSkip
17 from wlantest
import Wlantest
18 from test_ap_psk
import check_mib
, find_wpas_process
, read_process_memory
, verify_not_present
, get_key_locations
21 params
= { "wpa": "2",
22 "wpa_key_mgmt": "FT-PSK",
23 "rsn_pairwise": "CCMP" }
27 params
= { "wpa": "3",
28 "wpa_key_mgmt": "WPA-PSK FT-PSK",
29 "wpa_pairwise": "TKIP",
30 "rsn_pairwise": "CCMP" }
33 def ft_params(rsn
=True, ssid
=None, passphrase
=None):
35 params
= ft_base_rsn()
37 params
= ft_base_mixed()
41 params
["wpa_passphrase"] = passphrase
43 params
["mobility_domain"] = "a1b2"
44 params
["r0_key_lifetime"] = "10000"
45 params
["pmk_r1_push"] = "1"
46 params
["reassociation_deadline"] = "1000"
49 def ft_params1(rsn
=True, ssid
=None, passphrase
=None):
50 params
= ft_params(rsn
, ssid
, passphrase
)
51 params
['nas_identifier'] = "nas1.w1.fi"
52 params
['r1_key_holder'] = "000102030405"
53 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
54 "02:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
55 params
['r1kh'] = "02:00:00:00:04:00 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
58 def ft_params2(rsn
=True, ssid
=None, passphrase
=None):
59 params
= ft_params(rsn
, ssid
, passphrase
)
60 params
['nas_identifier'] = "nas2.w1.fi"
61 params
['r1_key_holder'] = "000102030406"
62 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
63 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
64 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
67 def ft_params1_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
68 params
= ft_params(rsn
, ssid
, passphrase
)
69 params
['nas_identifier'] = "nas1.w1.fi"
70 params
['r1_key_holder'] = "000102030405"
71 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
72 "12:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
73 params
['r1kh'] = "12:00:00:00:04:00 10:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
76 def ft_params2_incorrect_rrb_key(rsn
=True, ssid
=None, passphrase
=None):
77 params
= ft_params(rsn
, ssid
, passphrase
)
78 params
['nas_identifier'] = "nas2.w1.fi"
79 params
['r1_key_holder'] = "000102030406"
80 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0ef1",
81 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0ef2" ]
82 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0ef3"
85 def ft_params2_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
86 params
= ft_params(rsn
, ssid
, passphrase
)
87 params
['nas_identifier'] = "nas2.w1.fi"
88 params
['r1_key_holder'] = "000102030406"
89 params
['r0kh'] = [ "12:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
90 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
91 params
['r1kh'] = "12:00:00:00:03:00 10:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
94 def run_roams(dev
, apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=False, sae
=False, eap
=False, fail_test
=False, roams
=1):
95 logger
.info("Connect to first AP")
97 dev
.connect(ssid
, key_mgmt
="FT-EAP", proto
="WPA2", ieee80211w
="1",
98 eap
="GPSK", identity
="gpsk user",
99 password
="abcdefghijklmnop0123456789abcdef",
106 dev
.connect(ssid
, psk
=passphrase
, key_mgmt
=key_mgmt
, proto
="WPA2",
107 ieee80211w
="1", scan_freq
="2412")
108 if dev
.get_status_field('bssid') == apdev
[0]['bssid']:
118 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
120 dev
.scan_for_bss(ap2
['bssid'], freq
="2412")
122 for i
in range(0, roams
):
123 logger
.info("Roam to the second AP")
125 dev
.roam_over_ds(ap2
['bssid'], fail_test
=fail_test
)
127 dev
.roam(ap2
['bssid'], fail_test
=fail_test
)
130 if dev
.get_status_field('bssid') != ap2
['bssid']:
131 raise Exception("Did not connect to correct AP")
132 if i
== 0 or i
== roams
- 1:
133 hwsim_utils
.test_connectivity(dev
, hapd2ap
)
135 logger
.info("Roam back to the first AP")
137 dev
.roam_over_ds(ap1
['bssid'])
139 dev
.roam(ap1
['bssid'])
140 if dev
.get_status_field('bssid') != ap1
['bssid']:
141 raise Exception("Did not connect to correct AP")
142 if i
== 0 or i
== roams
- 1:
143 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
145 def test_ap_ft(dev
, apdev
):
148 passphrase
="12345678"
150 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
151 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
152 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
153 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
155 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
156 if "[WPA2-FT/PSK-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
157 raise Exception("Scan results missing RSN element info")
159 def test_ap_ft_many(dev
, apdev
):
160 """WPA2-PSK-FT AP multiple times"""
162 passphrase
="12345678"
164 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
165 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
166 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
167 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
169 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, roams
=50)
171 def test_ap_ft_mixed(dev
, apdev
):
172 """WPA2-PSK-FT mixed-mode AP"""
173 ssid
= "test-ft-mixed"
174 passphrase
="12345678"
176 params
= ft_params1(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
177 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
178 key_mgmt
= hapd
.get_config()['key_mgmt']
179 vals
= key_mgmt
.split(' ')
180 if vals
[0] != "WPA-PSK" or vals
[1] != "FT-PSK":
181 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
182 params
= ft_params2(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
183 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
185 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
)
187 def test_ap_ft_pmf(dev
, apdev
):
188 """WPA2-PSK-FT AP with PMF"""
190 passphrase
="12345678"
192 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
193 params
["ieee80211w"] = "2";
194 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
195 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
196 params
["ieee80211w"] = "2";
197 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
199 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
201 def test_ap_ft_over_ds(dev
, apdev
):
202 """WPA2-PSK-FT AP over DS"""
204 passphrase
="12345678"
206 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
207 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
208 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
209 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
211 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
212 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"),
213 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ])
215 def test_ap_ft_over_ds_many(dev
, apdev
):
216 """WPA2-PSK-FT AP over DS multiple times"""
218 passphrase
="12345678"
220 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
221 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
222 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
223 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
225 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
228 def test_ap_ft_over_ds_unknown_target(dev
, apdev
):
231 passphrase
="12345678"
233 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
234 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
236 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
238 dev
[0].roam_over_ds("02:11:22:33:44:55", fail_test
=True)
240 def test_ap_ft_pmf_over_ds(dev
, apdev
):
241 """WPA2-PSK-FT AP over DS with PMF"""
243 passphrase
="12345678"
245 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
246 params
["ieee80211w"] = "2";
247 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
248 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
249 params
["ieee80211w"] = "2";
250 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
252 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
254 def test_ap_ft_over_ds_pull(dev
, apdev
):
255 """WPA2-PSK-FT AP over DS (pull PMK)"""
257 passphrase
="12345678"
259 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
260 params
["pmk_r1_push"] = "0"
261 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
262 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
263 params
["pmk_r1_push"] = "0"
264 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
266 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
268 def test_ap_ft_sae(dev
, apdev
):
269 """WPA2-PSK-FT-SAE AP"""
271 passphrase
="12345678"
273 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
274 params
['wpa_key_mgmt'] = "FT-SAE"
275 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
276 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
277 params
['wpa_key_mgmt'] = "FT-SAE"
278 hapd
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
279 key_mgmt
= hapd
.get_config()['key_mgmt']
280 if key_mgmt
.split(' ')[0] != "FT-SAE":
281 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
283 dev
[0].request("SET sae_groups ")
284 run_roams(dev
[0], apdev
, hapd0
, hapd
, ssid
, passphrase
, sae
=True)
286 def test_ap_ft_sae_over_ds(dev
, apdev
):
287 """WPA2-PSK-FT-SAE AP over DS"""
289 passphrase
="12345678"
291 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
292 params
['wpa_key_mgmt'] = "FT-SAE"
293 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
294 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
295 params
['wpa_key_mgmt'] = "FT-SAE"
296 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
298 dev
[0].request("SET sae_groups ")
299 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, sae
=True,
302 def test_ap_ft_eap(dev
, apdev
):
305 passphrase
="12345678"
307 radius
= hostapd
.radius_params()
308 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
309 params
['wpa_key_mgmt'] = "FT-EAP"
310 params
["ieee8021x"] = "1"
311 params
= dict(radius
.items() + params
.items())
312 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
313 key_mgmt
= hapd
.get_config()['key_mgmt']
314 if key_mgmt
.split(' ')[0] != "FT-EAP":
315 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
316 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
317 params
['wpa_key_mgmt'] = "FT-EAP"
318 params
["ieee8021x"] = "1"
319 params
= dict(radius
.items() + params
.items())
320 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
322 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
323 if "[WPA2-FT/EAP-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
324 raise Exception("Scan results missing RSN element info")
325 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"),
326 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-3") ])
328 def test_ap_ft_eap_pull(dev
, apdev
):
329 """WPA2-EAP-FT AP (pull PMK)"""
331 passphrase
="12345678"
333 radius
= hostapd
.radius_params()
334 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
335 params
['wpa_key_mgmt'] = "FT-EAP"
336 params
["ieee8021x"] = "1"
337 params
["pmk_r1_push"] = "0"
338 params
= dict(radius
.items() + params
.items())
339 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
340 key_mgmt
= hapd
.get_config()['key_mgmt']
341 if key_mgmt
.split(' ')[0] != "FT-EAP":
342 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
343 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
344 params
['wpa_key_mgmt'] = "FT-EAP"
345 params
["ieee8021x"] = "1"
346 params
["pmk_r1_push"] = "0"
347 params
= dict(radius
.items() + params
.items())
348 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
350 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
352 def test_ap_ft_mismatching_rrb_key_push(dev
, apdev
):
353 """WPA2-PSK-FT AP over DS with mismatching RRB key (push)"""
355 passphrase
="12345678"
357 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
358 params
["ieee80211w"] = "2";
359 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
360 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
361 params
["ieee80211w"] = "2";
362 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
364 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
367 def test_ap_ft_mismatching_rrb_key_pull(dev
, apdev
):
368 """WPA2-PSK-FT AP over DS with mismatching RRB key (pull)"""
370 passphrase
="12345678"
372 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
373 params
["pmk_r1_push"] = "0"
374 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
375 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
376 params
["pmk_r1_push"] = "0"
377 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
379 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
382 def test_ap_ft_mismatching_r0kh_id_pull(dev
, apdev
):
383 """WPA2-PSK-FT AP over DS with mismatching R0KH-ID (pull)"""
385 passphrase
="12345678"
387 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
388 params
["pmk_r1_push"] = "0"
389 params
["nas_identifier"] = "nas0.w1.fi"
390 hostapd
.add_ap(apdev
[0]['ifname'], params
)
391 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
394 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
395 params
["pmk_r1_push"] = "0"
396 hostapd
.add_ap(apdev
[1]['ifname'], params
)
398 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
399 dev
[0].roam_over_ds(apdev
[1]['bssid'], fail_test
=True)
401 def test_ap_ft_mismatching_rrb_r0kh_push(dev
, apdev
):
402 """WPA2-PSK-FT AP over DS with mismatching R0KH key (push)"""
404 passphrase
="12345678"
406 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
407 params
["ieee80211w"] = "2";
408 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
409 params
= ft_params2_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
410 params
["ieee80211w"] = "2";
411 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
413 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
416 def test_ap_ft_mismatching_rrb_r0kh_pull(dev
, apdev
):
417 """WPA2-PSK-FT AP over DS with mismatching R0KH key (pull)"""
419 passphrase
="12345678"
421 params
= ft_params1_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
422 params
["pmk_r1_push"] = "0"
423 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
424 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
425 params
["pmk_r1_push"] = "0"
426 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
428 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
431 def test_ap_ft_gtk_rekey(dev
, apdev
):
432 """WPA2-PSK-FT AP and GTK rekey"""
434 passphrase
="12345678"
436 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
437 params
['wpa_group_rekey'] = '1'
438 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
440 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
441 ieee80211w
="1", scan_freq
="2412")
443 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
445 raise Exception("GTK rekey timed out after initial association")
446 hwsim_utils
.test_connectivity(dev
[0], hapd
)
448 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
449 params
['wpa_group_rekey'] = '1'
450 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
452 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
453 dev
[0].roam(apdev
[1]['bssid'])
454 if dev
[0].get_status_field('bssid') != apdev
[1]['bssid']:
455 raise Exception("Did not connect to correct AP")
456 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
458 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
460 raise Exception("GTK rekey timed out after FT protocol")
461 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
463 def test_ft_psk_key_lifetime_in_memory(dev
, apdev
, params
):
464 """WPA2-PSK-FT and key lifetime in memory"""
466 passphrase
="04c2726b4b8d5f1b4db9c07aa4d9e9d8f765cb5d25ec817e6cc4fcdd5255db0"
467 psk
= '93c90846ff67af9037ed83fb72b63dbeddaa81d47f926c20909b5886f1d9358d'
468 pmk
= binascii
.unhexlify(psk
)
469 p
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
470 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], p
)
471 p
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
472 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], p
)
474 pid
= find_wpas_process(dev
[0])
476 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
480 buf
= read_process_memory(pid
, pmk
)
482 dev
[0].request("DISCONNECT")
483 dev
[0].wait_disconnected()
490 with
open(os
.path
.join(params
['logdir'], 'log0'), 'r') as f
:
491 for l
in f
.readlines():
492 if "FT: PMK-R0 - hexdump" in l
:
493 val
= l
.strip().split(':')[3].replace(' ', '')
494 pmkr0
= binascii
.unhexlify(val
)
495 if "FT: PMK-R1 - hexdump" in l
:
496 val
= l
.strip().split(':')[3].replace(' ', '')
497 pmkr1
= binascii
.unhexlify(val
)
498 if "FT: PTK - hexdump" in l
:
499 val
= l
.strip().split(':')[3].replace(' ', '')
500 ptk
= binascii
.unhexlify(val
)
501 if "WPA: Group Key - hexdump" in l
:
502 val
= l
.strip().split(':')[3].replace(' ', '')
503 gtk
= binascii
.unhexlify(val
)
504 if not pmkr0
or not pmkr1
or not ptk
or not gtk
:
505 raise Exception("Could not find keys from debug log")
507 raise Exception("Unexpected GTK length")
513 logger
.info("Checking keys in memory while associated")
514 get_key_locations(buf
, pmk
, "PMK")
515 get_key_locations(buf
, pmkr0
, "PMK-R0")
516 get_key_locations(buf
, pmkr1
, "PMK-R1")
518 raise HwsimSkip("PMK not found while associated")
520 raise HwsimSkip("PMK-R0 not found while associated")
522 raise HwsimSkip("PMK-R1 not found while associated")
524 raise Exception("KCK not found while associated")
526 raise Exception("KEK not found while associated")
528 raise Exception("TK found from memory")
530 raise Exception("GTK found from memory")
532 logger
.info("Checking keys in memory after disassociation")
533 buf
= read_process_memory(pid
, pmk
)
534 get_key_locations(buf
, pmk
, "PMK")
535 get_key_locations(buf
, pmkr0
, "PMK-R0")
536 get_key_locations(buf
, pmkr1
, "PMK-R1")
538 # Note: PMK/PSK is still present in network configuration
540 fname
= os
.path
.join(params
['logdir'],
541 'ft_psk_key_lifetime_in_memory.memctx-')
542 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
543 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
544 verify_not_present(buf
, kck
, fname
, "KCK")
545 verify_not_present(buf
, kek
, fname
, "KEK")
546 verify_not_present(buf
, tk
, fname
, "TK")
547 verify_not_present(buf
, gtk
, fname
, "GTK")
549 dev
[0].request("REMOVE_NETWORK all")
551 logger
.info("Checking keys in memory after network profile removal")
552 buf
= read_process_memory(pid
, pmk
)
553 get_key_locations(buf
, pmk
, "PMK")
554 get_key_locations(buf
, pmkr0
, "PMK-R0")
555 get_key_locations(buf
, pmkr1
, "PMK-R1")
557 verify_not_present(buf
, pmk
, fname
, "PMK")
558 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
559 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
560 verify_not_present(buf
, kck
, fname
, "KCK")
561 verify_not_present(buf
, kek
, fname
, "KEK")
562 verify_not_present(buf
, tk
, fname
, "TK")
563 verify_not_present(buf
, gtk
, fname
, "GTK")