]>
git.ipfire.org Git - thirdparty/hostap.git/blob - tests/hwsim/test_ap_ft.py
1 # Fast BSS Transition tests
2 # Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
12 logger
= logging
.getLogger()
16 from utils
import HwsimSkip
17 from wlantest
import Wlantest
18 from test_ap_psk
import check_mib
, find_wpas_process
, read_process_memory
, verify_not_present
, get_key_locations
21 params
= { "wpa": "2",
22 "wpa_key_mgmt": "FT-PSK",
23 "rsn_pairwise": "CCMP" }
27 params
= { "wpa": "3",
28 "wpa_key_mgmt": "WPA-PSK FT-PSK",
29 "wpa_pairwise": "TKIP",
30 "rsn_pairwise": "CCMP" }
33 def ft_params(rsn
=True, ssid
=None, passphrase
=None):
35 params
= ft_base_rsn()
37 params
= ft_base_mixed()
41 params
["wpa_passphrase"] = passphrase
43 params
["mobility_domain"] = "a1b2"
44 params
["r0_key_lifetime"] = "10000"
45 params
["pmk_r1_push"] = "1"
46 params
["reassociation_deadline"] = "1000"
49 def ft_params1(rsn
=True, ssid
=None, passphrase
=None):
50 params
= ft_params(rsn
, ssid
, passphrase
)
51 params
['nas_identifier'] = "nas1.w1.fi"
52 params
['r1_key_holder'] = "000102030405"
53 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
54 "02:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
55 params
['r1kh'] = "02:00:00:00:04:00 00:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
58 def ft_params2(rsn
=True, ssid
=None, passphrase
=None):
59 params
= ft_params(rsn
, ssid
, passphrase
)
60 params
['nas_identifier'] = "nas2.w1.fi"
61 params
['r1_key_holder'] = "000102030406"
62 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
63 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
64 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
67 def ft_params1_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
68 params
= ft_params(rsn
, ssid
, passphrase
)
69 params
['nas_identifier'] = "nas1.w1.fi"
70 params
['r1_key_holder'] = "000102030405"
71 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 100102030405060708090a0b0c0d0e0f",
72 "12:00:00:00:04:00 nas2.w1.fi 300102030405060708090a0b0c0d0e0f" ]
73 params
['r1kh'] = "12:00:00:00:04:00 10:01:02:03:04:06 200102030405060708090a0b0c0d0e0f"
76 def ft_params2_incorrect_rrb_key(rsn
=True, ssid
=None, passphrase
=None):
77 params
= ft_params(rsn
, ssid
, passphrase
)
78 params
['nas_identifier'] = "nas2.w1.fi"
79 params
['r1_key_holder'] = "000102030406"
80 params
['r0kh'] = [ "02:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0ef1",
81 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0ef2" ]
82 params
['r1kh'] = "02:00:00:00:03:00 00:01:02:03:04:05 300102030405060708090a0b0c0d0ef3"
85 def ft_params2_r0kh_mismatch(rsn
=True, ssid
=None, passphrase
=None):
86 params
= ft_params(rsn
, ssid
, passphrase
)
87 params
['nas_identifier'] = "nas2.w1.fi"
88 params
['r1_key_holder'] = "000102030406"
89 params
['r0kh'] = [ "12:00:00:00:03:00 nas1.w1.fi 200102030405060708090a0b0c0d0e0f",
90 "02:00:00:00:04:00 nas2.w1.fi 000102030405060708090a0b0c0d0e0f" ]
91 params
['r1kh'] = "12:00:00:00:03:00 10:01:02:03:04:05 300102030405060708090a0b0c0d0e0f"
94 def run_roams(dev
, apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=False, sae
=False, eap
=False, fail_test
=False, roams
=1):
95 logger
.info("Connect to first AP")
97 dev
.connect(ssid
, key_mgmt
="FT-EAP", proto
="WPA2", ieee80211w
="1",
98 eap
="GPSK", identity
="gpsk user",
99 password
="abcdefghijklmnop0123456789abcdef",
106 dev
.connect(ssid
, psk
=passphrase
, key_mgmt
=key_mgmt
, proto
="WPA2",
107 ieee80211w
="1", scan_freq
="2412")
108 if dev
.get_status_field('bssid') == apdev
[0]['bssid']:
118 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
120 dev
.scan_for_bss(ap2
['bssid'], freq
="2412")
122 for i
in range(0, roams
):
123 logger
.info("Roam to the second AP")
125 dev
.roam_over_ds(ap2
['bssid'], fail_test
=fail_test
)
127 dev
.roam(ap2
['bssid'], fail_test
=fail_test
)
130 if dev
.get_status_field('bssid') != ap2
['bssid']:
131 raise Exception("Did not connect to correct AP")
132 if i
== 0 or i
== roams
- 1:
133 hwsim_utils
.test_connectivity(dev
, hapd2ap
)
135 logger
.info("Roam back to the first AP")
137 dev
.roam_over_ds(ap1
['bssid'])
139 dev
.roam(ap1
['bssid'])
140 if dev
.get_status_field('bssid') != ap1
['bssid']:
141 raise Exception("Did not connect to correct AP")
142 if i
== 0 or i
== roams
- 1:
143 hwsim_utils
.test_connectivity(dev
, hapd1ap
)
145 def test_ap_ft(dev
, apdev
):
148 passphrase
="12345678"
150 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
151 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
152 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
153 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
155 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
156 if "[WPA2-FT/PSK-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
157 raise Exception("Scan results missing RSN element info")
159 def test_ap_ft_many(dev
, apdev
):
160 """WPA2-PSK-FT AP multiple times"""
162 passphrase
="12345678"
164 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
165 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
166 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
167 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
169 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, roams
=50)
171 def test_ap_ft_mixed(dev
, apdev
):
172 """WPA2-PSK-FT mixed-mode AP"""
173 ssid
= "test-ft-mixed"
174 passphrase
="12345678"
176 params
= ft_params1(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
177 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
178 key_mgmt
= hapd
.get_config()['key_mgmt']
179 vals
= key_mgmt
.split(' ')
180 if vals
[0] != "WPA-PSK" or vals
[1] != "FT-PSK":
181 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
182 params
= ft_params2(rsn
=False, ssid
=ssid
, passphrase
=passphrase
)
183 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
185 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
)
187 def test_ap_ft_pmf(dev
, apdev
):
188 """WPA2-PSK-FT AP with PMF"""
190 passphrase
="12345678"
192 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
193 params
["ieee80211w"] = "2";
194 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
195 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
196 params
["ieee80211w"] = "2";
197 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
199 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
)
201 def test_ap_ft_over_ds(dev
, apdev
):
202 """WPA2-PSK-FT AP over DS"""
204 passphrase
="12345678"
206 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
207 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
208 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
209 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
211 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
212 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-4"),
213 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-4") ])
215 def test_ap_ft_over_ds_many(dev
, apdev
):
216 """WPA2-PSK-FT AP over DS multiple times"""
218 passphrase
="12345678"
220 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
221 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
222 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
223 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
225 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
228 def test_ap_ft_over_ds_unknown_target(dev
, apdev
):
231 passphrase
="12345678"
233 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
234 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
236 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
238 dev
[0].roam_over_ds("02:11:22:33:44:55", fail_test
=True)
240 def test_ap_ft_pmf_over_ds(dev
, apdev
):
241 """WPA2-PSK-FT AP over DS with PMF"""
243 passphrase
="12345678"
245 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
246 params
["ieee80211w"] = "2";
247 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
248 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
249 params
["ieee80211w"] = "2";
250 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
252 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
254 def test_ap_ft_over_ds_pull(dev
, apdev
):
255 """WPA2-PSK-FT AP over DS (pull PMK)"""
257 passphrase
="12345678"
259 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
260 params
["pmk_r1_push"] = "0"
261 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
262 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
263 params
["pmk_r1_push"] = "0"
264 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
266 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True)
268 def test_ap_ft_sae(dev
, apdev
):
269 """WPA2-PSK-FT-SAE AP"""
270 if "SAE" not in dev
[0].get_capability("auth_alg"):
271 raise HwsimSkip("SAE not supported")
273 passphrase
="12345678"
275 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
276 params
['wpa_key_mgmt'] = "FT-SAE"
277 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
278 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
279 params
['wpa_key_mgmt'] = "FT-SAE"
280 hapd
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
281 key_mgmt
= hapd
.get_config()['key_mgmt']
282 if key_mgmt
.split(' ')[0] != "FT-SAE":
283 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
285 dev
[0].request("SET sae_groups ")
286 run_roams(dev
[0], apdev
, hapd0
, hapd
, ssid
, passphrase
, sae
=True)
288 def test_ap_ft_sae_over_ds(dev
, apdev
):
289 """WPA2-PSK-FT-SAE AP over DS"""
290 if "SAE" not in dev
[0].get_capability("auth_alg"):
291 raise HwsimSkip("SAE not supported")
293 passphrase
="12345678"
295 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
296 params
['wpa_key_mgmt'] = "FT-SAE"
297 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
298 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
299 params
['wpa_key_mgmt'] = "FT-SAE"
300 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
302 dev
[0].request("SET sae_groups ")
303 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, sae
=True,
306 def test_ap_ft_eap(dev
, apdev
):
309 passphrase
="12345678"
311 radius
= hostapd
.radius_params()
312 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
313 params
['wpa_key_mgmt'] = "FT-EAP"
314 params
["ieee8021x"] = "1"
315 params
= dict(radius
.items() + params
.items())
316 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
317 key_mgmt
= hapd
.get_config()['key_mgmt']
318 if key_mgmt
.split(' ')[0] != "FT-EAP":
319 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
320 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
321 params
['wpa_key_mgmt'] = "FT-EAP"
322 params
["ieee8021x"] = "1"
323 params
= dict(radius
.items() + params
.items())
324 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
326 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
327 if "[WPA2-FT/EAP-CCMP]" not in dev
[0].request("SCAN_RESULTS"):
328 raise Exception("Scan results missing RSN element info")
329 check_mib(dev
[0], [ ("dot11RSNAAuthenticationSuiteRequested", "00-0f-ac-3"),
330 ("dot11RSNAAuthenticationSuiteSelected", "00-0f-ac-3") ])
332 def test_ap_ft_eap_pull(dev
, apdev
):
333 """WPA2-EAP-FT AP (pull PMK)"""
335 passphrase
="12345678"
337 radius
= hostapd
.radius_params()
338 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
339 params
['wpa_key_mgmt'] = "FT-EAP"
340 params
["ieee8021x"] = "1"
341 params
["pmk_r1_push"] = "0"
342 params
= dict(radius
.items() + params
.items())
343 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
344 key_mgmt
= hapd
.get_config()['key_mgmt']
345 if key_mgmt
.split(' ')[0] != "FT-EAP":
346 raise Exception("Unexpected GET_CONFIG(key_mgmt): " + key_mgmt
)
347 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
348 params
['wpa_key_mgmt'] = "FT-EAP"
349 params
["ieee8021x"] = "1"
350 params
["pmk_r1_push"] = "0"
351 params
= dict(radius
.items() + params
.items())
352 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
354 run_roams(dev
[0], apdev
, hapd
, hapd1
, ssid
, passphrase
, eap
=True)
356 def test_ap_ft_mismatching_rrb_key_push(dev
, apdev
):
357 """WPA2-PSK-FT AP over DS with mismatching RRB key (push)"""
359 passphrase
="12345678"
361 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
362 params
["ieee80211w"] = "2";
363 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
364 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
365 params
["ieee80211w"] = "2";
366 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
368 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
371 def test_ap_ft_mismatching_rrb_key_pull(dev
, apdev
):
372 """WPA2-PSK-FT AP over DS with mismatching RRB key (pull)"""
374 passphrase
="12345678"
376 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
377 params
["pmk_r1_push"] = "0"
378 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
379 params
= ft_params2_incorrect_rrb_key(ssid
=ssid
, passphrase
=passphrase
)
380 params
["pmk_r1_push"] = "0"
381 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
383 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
386 def test_ap_ft_mismatching_r0kh_id_pull(dev
, apdev
):
387 """WPA2-PSK-FT AP over DS with mismatching R0KH-ID (pull)"""
389 passphrase
="12345678"
391 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
392 params
["pmk_r1_push"] = "0"
393 params
["nas_identifier"] = "nas0.w1.fi"
394 hostapd
.add_ap(apdev
[0]['ifname'], params
)
395 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
398 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
399 params
["pmk_r1_push"] = "0"
400 hostapd
.add_ap(apdev
[1]['ifname'], params
)
402 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
403 dev
[0].roam_over_ds(apdev
[1]['bssid'], fail_test
=True)
405 def test_ap_ft_mismatching_rrb_r0kh_push(dev
, apdev
):
406 """WPA2-PSK-FT AP over DS with mismatching R0KH key (push)"""
408 passphrase
="12345678"
410 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
411 params
["ieee80211w"] = "2";
412 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
413 params
= ft_params2_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
414 params
["ieee80211w"] = "2";
415 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
417 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
420 def test_ap_ft_mismatching_rrb_r0kh_pull(dev
, apdev
):
421 """WPA2-PSK-FT AP over DS with mismatching R0KH key (pull)"""
423 passphrase
="12345678"
425 params
= ft_params1_r0kh_mismatch(ssid
=ssid
, passphrase
=passphrase
)
426 params
["pmk_r1_push"] = "0"
427 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
428 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
429 params
["pmk_r1_push"] = "0"
430 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
432 run_roams(dev
[0], apdev
, hapd0
, hapd1
, ssid
, passphrase
, over_ds
=True,
435 def test_ap_ft_gtk_rekey(dev
, apdev
):
436 """WPA2-PSK-FT AP and GTK rekey"""
438 passphrase
="12345678"
440 params
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
441 params
['wpa_group_rekey'] = '1'
442 hapd
= hostapd
.add_ap(apdev
[0]['ifname'], params
)
444 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
445 ieee80211w
="1", scan_freq
="2412")
447 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
449 raise Exception("GTK rekey timed out after initial association")
450 hwsim_utils
.test_connectivity(dev
[0], hapd
)
452 params
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
453 params
['wpa_group_rekey'] = '1'
454 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], params
)
456 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
457 dev
[0].roam(apdev
[1]['bssid'])
458 if dev
[0].get_status_field('bssid') != apdev
[1]['bssid']:
459 raise Exception("Did not connect to correct AP")
460 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
462 ev
= dev
[0].wait_event(["WPA: Group rekeying completed"], timeout
=2)
464 raise Exception("GTK rekey timed out after FT protocol")
465 hwsim_utils
.test_connectivity(dev
[0], hapd1
)
467 def test_ft_psk_key_lifetime_in_memory(dev
, apdev
, params
):
468 """WPA2-PSK-FT and key lifetime in memory"""
470 passphrase
="04c2726b4b8d5f1b4db9c07aa4d9e9d8f765cb5d25ec817e6cc4fcdd5255db0"
471 psk
= '93c90846ff67af9037ed83fb72b63dbeddaa81d47f926c20909b5886f1d9358d'
472 pmk
= binascii
.unhexlify(psk
)
473 p
= ft_params1(ssid
=ssid
, passphrase
=passphrase
)
474 hapd0
= hostapd
.add_ap(apdev
[0]['ifname'], p
)
475 p
= ft_params2(ssid
=ssid
, passphrase
=passphrase
)
476 hapd1
= hostapd
.add_ap(apdev
[1]['ifname'], p
)
478 pid
= find_wpas_process(dev
[0])
480 dev
[0].connect(ssid
, psk
=passphrase
, key_mgmt
="FT-PSK", proto
="WPA2",
484 buf
= read_process_memory(pid
, pmk
)
486 dev
[0].request("DISCONNECT")
487 dev
[0].wait_disconnected()
494 with
open(os
.path
.join(params
['logdir'], 'log0'), 'r') as f
:
495 for l
in f
.readlines():
496 if "FT: PMK-R0 - hexdump" in l
:
497 val
= l
.strip().split(':')[3].replace(' ', '')
498 pmkr0
= binascii
.unhexlify(val
)
499 if "FT: PMK-R1 - hexdump" in l
:
500 val
= l
.strip().split(':')[3].replace(' ', '')
501 pmkr1
= binascii
.unhexlify(val
)
502 if "FT: KCK - hexdump" in l
:
503 val
= l
.strip().split(':')[3].replace(' ', '')
504 kck
= binascii
.unhexlify(val
)
505 if "FT: KEK - hexdump" in l
:
506 val
= l
.strip().split(':')[3].replace(' ', '')
507 kek
= binascii
.unhexlify(val
)
508 if "FT: TK - hexdump" in l
:
509 val
= l
.strip().split(':')[3].replace(' ', '')
510 tk
= binascii
.unhexlify(val
)
511 if "WPA: Group Key - hexdump" in l
:
512 val
= l
.strip().split(':')[3].replace(' ', '')
513 gtk
= binascii
.unhexlify(val
)
514 if not pmkr0
or not pmkr1
or not kck
or not kek
or not tk
or not gtk
:
515 raise Exception("Could not find keys from debug log")
517 raise Exception("Unexpected GTK length")
519 logger
.info("Checking keys in memory while associated")
520 get_key_locations(buf
, pmk
, "PMK")
521 get_key_locations(buf
, pmkr0
, "PMK-R0")
522 get_key_locations(buf
, pmkr1
, "PMK-R1")
524 raise HwsimSkip("PMK not found while associated")
526 raise HwsimSkip("PMK-R0 not found while associated")
528 raise HwsimSkip("PMK-R1 not found while associated")
530 raise Exception("KCK not found while associated")
532 raise Exception("KEK not found while associated")
534 raise Exception("TK found from memory")
536 raise Exception("GTK found from memory")
538 logger
.info("Checking keys in memory after disassociation")
539 buf
= read_process_memory(pid
, pmk
)
540 get_key_locations(buf
, pmk
, "PMK")
541 get_key_locations(buf
, pmkr0
, "PMK-R0")
542 get_key_locations(buf
, pmkr1
, "PMK-R1")
544 # Note: PMK/PSK is still present in network configuration
546 fname
= os
.path
.join(params
['logdir'],
547 'ft_psk_key_lifetime_in_memory.memctx-')
548 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
549 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
550 verify_not_present(buf
, kck
, fname
, "KCK")
551 verify_not_present(buf
, kek
, fname
, "KEK")
552 verify_not_present(buf
, tk
, fname
, "TK")
553 verify_not_present(buf
, gtk
, fname
, "GTK")
555 dev
[0].request("REMOVE_NETWORK all")
557 logger
.info("Checking keys in memory after network profile removal")
558 buf
= read_process_memory(pid
, pmk
)
559 get_key_locations(buf
, pmk
, "PMK")
560 get_key_locations(buf
, pmkr0
, "PMK-R0")
561 get_key_locations(buf
, pmkr1
, "PMK-R1")
563 verify_not_present(buf
, pmk
, fname
, "PMK")
564 verify_not_present(buf
, pmkr0
, fname
, "PMK-R0")
565 verify_not_present(buf
, pmkr1
, fname
, "PMK-R1")
566 verify_not_present(buf
, kck
, fname
, "KCK")
567 verify_not_present(buf
, kek
, fname
, "KEK")
568 verify_not_present(buf
, tk
, fname
, "TK")
569 verify_not_present(buf
, gtk
, fname
, "GTK")