tests: sigma_dut controlled AP using SAE-PK misbehavior

author Jouni Malinen <jouni@codeaurora.org>

Mon, 8 Jun 2020 16:17:53 +0000 (19:17 +0300)

committer Jouni Malinen <j@w1.fi>

Mon, 8 Jun 2020 17:00:14 +0000 (20:00 +0300)
author Jouni Malinen <jouni@codeaurora.org>
Mon, 8 Jun 2020 16:17:53 +0000 (19:17 +0300)
committer Jouni Malinen <j@w1.fi>
Mon, 8 Jun 2020 17:00:14 +0000 (20:00 +0300)
diff --git a/tests/hwsim/test_sigma_dut.py b/tests/hwsim/test_sigma_dut.py

index 11e31fdcb53931dd262a3a6f6eb9a5eda41c9486..03caaa4fc77e4880e01d69ea53890356c383541b 100644 (file)
--- a/tests/hwsim/test_sigma_dut.py
+++ b/tests/hwsim/test_sigma_dut.py
@@ -4806,10 +4806,20 @@ def test_sigma_dut_sae_pk(dev, apdev):
      finally:
          stop_sigma_dut(sigma)
  
-def run_sigma_dut_ap_sae_pk(conffile, dev, ssid, pw, keypair, m, failure):
+def run_sigma_dut_ap_sae_pk(conffile, dev, ssid, pw, keypair, m, failure,
+                            status=None, omit=False, immediate=False, sig=None):
      sigma_dut_cmd_check("ap_reset_default")
      sigma_dut_cmd_check("ap_set_wireless,NAME,AP,CHANNEL,1,SSID,%s,MODE,11ng" % ssid)
-    sigma_dut_cmd_check("ap_set_security,NAME,AP,AKMSuiteType,8,PairwiseCipher,AES-CCMP-128,GroupCipher,AES-CCMP-128,GroupMgntCipher,BIP-CMAC-128,PMF,Required,PSK,%s,sae_pk,1,Transition_Disable,1,Transition_Disable_Index,0,SAE_PK_KeyPair,%s,SAE_PK_Modifier,%s" % (pw, keypair, m))
+    cmd = "ap_set_security,NAME,AP,AKMSuiteType,8,PairwiseCipher,AES-CCMP-128,GroupCipher,AES-CCMP-128,GroupMgntCipher,BIP-CMAC-128,PMF,Required,PSK,%s,sae_pk,1,Transition_Disable,1,Transition_Disable_Index,0,SAE_PK_KeyPair,%s,SAE_PK_Modifier,%s" % (pw, keypair, m)
+    if status is not None:
+        cmd += ",SAE_Commit_StatusCode,%d" % status
+    if omit:
+        cmd += ",SAE_PK_Omit,1"
+    if immediate:
+        cmd += ",SAE_Confirm_Immediate,1"
+    if sig:
+        cmd += ",SAE_PK_KeyPairSigOverride," + sig
+    sigma_dut_cmd_check(cmd)
      sigma_dut_cmd_check("ap_config_commit,NAME,AP")
      bssid = sigma_dut_cmd_check("ap_get_mac_address,NAME,AP")
      bssid = bssid.split(',')[3]
@@ -4882,3 +4892,28 @@ def test_sigma_dut_ap_sae_pk(dev, apdev, params):
                                          failure)
          finally:
              stop_sigma_dut(sigma)
+
+def test_sigma_dut_ap_sae_pk_misbehavior(dev, apdev, params):
+    """sigma_dut controlled AP using SAE-PK misbehavior"""
+    logdir = params['prefix'] + ".sigma-hostapd"
+    conffile = params['prefix'] + ".sigma-conf"
+    if "SAE" not in dev[0].get_capability("auth_alg"):
+        raise HwsimSkip("SAE not supported")
+    ssid = "SAEPK-4.7.1"
+    pw = "fb4c-zpqh-bhdc"
+    keypair = "saepk.pem"
+    m = "2ec1f37b47b402252e9dc5001e81fd1c"
+
+    with HWSimRadio() as (radio, iface):
+        sigma = start_sigma_dut(iface, hostapd_logdir=logdir)
+        try:
+            run_sigma_dut_ap_sae_pk(conffile, dev[0], ssid, pw, keypair, m,
+                                    True, status=126)
+            run_sigma_dut_ap_sae_pk(conffile, dev[0], ssid, pw, keypair, m,
+                                    True, omit=True)
+            run_sigma_dut_ap_sae_pk(conffile, dev[0], ssid, pw, keypair, m,
+                                    True, status=126, omit=True, immediate=True)
+            run_sigma_dut_ap_sae_pk(conffile, dev[0], ssid, pw, keypair, m,
+                                    True, sig="saepk8_sig.pem")
+        finally:
+            stop_sigma_dut(sigma)
author	Jouni Malinen <jouni@codeaurora.org>
	Mon, 8 Jun 2020 16:17:53 +0000 (19:17 +0300)
committer	Jouni Malinen <j@w1.fi>
	Mon, 8 Jun 2020 17:00:14 +0000 (20:00 +0300)