tests: EAP-TLSv1.3 with OCSP stapling

author Jouni Malinen <quic_jouni@quicinc.com>

Wed, 6 Apr 2022 17:22:45 +0000 (20:22 +0300)

committer Jouni Malinen <j@w1.fi>

Wed, 6 Apr 2022 21:47:31 +0000 (00:47 +0300)
author Jouni Malinen <quic_jouni@quicinc.com>
Wed, 6 Apr 2022 17:22:45 +0000 (20:22 +0300)
committer Jouni Malinen <j@w1.fi>
Wed, 6 Apr 2022 21:47:31 +0000 (00:47 +0300)
diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py

index 6ef91a7838d4428c08e8d2277301dc38d0be407e..810287830a60a430d4bc0948cc0c571f29621487 100644 (file)
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -5939,15 +5939,25 @@ def test_ap_wpa2_eap_tls_versions_server(dev, apdev):
  
  def test_ap_wpa2_eap_tls_13(dev, apdev):
      """EAP-TLS and TLS 1.3"""
+    run_ap_wpa2_eap_tls_13(dev, apdev)
+
+def test_ap_wpa2_eap_tls_13_ocsp(dev, apdev):
+    """EAP-TLS and TLS 1.3 with OCSP stapling"""
+    run_ap_wpa2_eap_tls_13(dev, apdev, ocsp=True)
+
+def run_ap_wpa2_eap_tls_13(dev, apdev, ocsp=False):
      params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
      hapd = hostapd.add_ap(apdev[0], params)
  
      check_tls13_support(dev[0])
+    if ocsp:
+        check_ocsp_support(dev[0])
      id = eap_connect(dev[0], hapd, "TLS", "tls user",
                       ca_cert="auth_serv/ca.pem",
                       client_cert="auth_serv/user.pem",
                       private_key="auth_serv/user.key",
-                     phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0")
+                     phase1="tls_disable_tlsv1_0=1 tls_disable_tlsv1_1=1 tls_disable_tlsv1_2=1 tls_disable_tlsv1_3=0",
+                     ocsp=2 if ocsp else 0)
      ver = dev[0].get_status_field("eap_tls_version")
      if ver != "TLSv1.3":
          raise Exception("Unexpected TLS version")
author	Jouni Malinen <quic_jouni@quicinc.com>
	Wed, 6 Apr 2022 17:22:45 +0000 (20:22 +0300)
committer	Jouni Malinen <j@w1.fi>
	Wed, 6 Apr 2022 21:47:31 +0000 (00:47 +0300)