tests/hwsim/test_sae.py

   1 #!/usr/bin/python
   2 #
   3 # Test cases for SAE
   4 # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
   5 #
   6 # This software may be distributed under the terms of the BSD license.
   7 # See README for more details.
   8
   9 import time
  10 import subprocess
  11 import logging
  12 logger = logging.getLogger()
  13
  14 import hwsim_utils
  15 import hostapd
  16
  17 def test_sae(dev, apdev):
  18     """SAE with default group"""
  19     params = hostapd.wpa2_params(ssid="test-sae",
  20                                  passphrase="12345678")
  21     params['wpa_key_mgmt'] = 'SAE'
  22     hostapd.add_ap(apdev[0]['ifname'], params)
  23
  24     dev[0].request("SET sae_groups ")
  25     id = dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE",
  26                         scan_freq="2412")
  27     if dev[0].get_status_field('sae_group') != '19':
  28             raise Exception("Expected default SAE group not used")
  29
  30 def test_sae_groups(dev, apdev):
  31     """SAE with all supported groups"""
  32     # This would be the full list of supported groups, but groups 14-16
  33     # (2048-4096 bit MODP) are a bit too slow on some VMs and can result in
  34     # hitting mac80211 authentication timeout, so skip them for now.
  35     #sae_groups = [ 19, 25, 26, 20, 21, 2, 5, 14, 15, 16, 22, 23, 24 ]
  36     sae_groups = [ 19, 25, 26, 20, 21, 2, 5, 22, 23, 24 ]
  37     groups = [str(g) for g in sae_groups]
  38     params = hostapd.wpa2_params(ssid="test-sae-groups",
  39                                  passphrase="12345678")
  40     params['wpa_key_mgmt'] = 'SAE'
  41     params['sae_groups'] = ' '.join(groups)
  42     hostapd.add_ap(apdev[0]['ifname'], params)
  43
  44     for g in groups:
  45         logger.info("Testing SAE group " + g)
  46         dev[0].request("SET sae_groups " + g)
  47         id = dev[0].connect("test-sae-groups", psk="12345678", key_mgmt="SAE",
  48                             scan_freq="2412")
  49         if dev[0].get_status_field('sae_group') != g:
  50             raise Exception("Expected SAE group not used")
  51         dev[0].remove_network(id)
  52
  53 def test_sae_group_nego(dev, apdev):
  54     """SAE group negotiation"""
  55     params = hostapd.wpa2_params(ssid="test-sae-group-nego",
  56                                  passphrase="12345678")
  57     params['wpa_key_mgmt'] = 'SAE'
  58     params['sae_groups'] = '19'
  59     hostapd.add_ap(apdev[0]['ifname'], params)
  60
  61     dev[0].request("SET sae_groups 25 26 20 19")
  62     dev[0].connect("test-sae-group-nego", psk="12345678", key_mgmt="SAE",
  63                    scan_freq="2412")
  64     if dev[0].get_status_field('sae_group') != '19':
  65         raise Exception("Expected SAE group not used")
  66
  67 def test_sae_anti_clogging(dev, apdev):
  68     """SAE anti clogging"""
  69     params = hostapd.wpa2_params(ssid="test-sae", passphrase="12345678")
  70     params['wpa_key_mgmt'] = 'SAE'
  71     params['sae_anti_clogging_threshold'] = '1'
  72     hostapd.add_ap(apdev[0]['ifname'], params)
  73
  74     dev[0].request("SET sae_groups ")
  75     dev[1].request("SET sae_groups ")
  76     id = {}
  77     for i in range(0, 2):
  78         dev[i].scan(freq="2412")
  79         id[i] = dev[i].connect("test-sae", psk="12345678", key_mgmt="SAE",
  80                                scan_freq="2412", only_add_network=True)
  81     for i in range(0, 2):
  82         dev[i].select_network(id[i])
  83     for i in range(0, 2):
  84         ev = dev[i].wait_event(["CTRL-EVENT-CONNECTED"], timeout=10)
  85         if ev is None:
  86             raise Exception("Association with the AP timed out")