tests: SAE-EXT-KEY AKM support for PASN authentication

Add a test case for PASN authentication with SAE-EXT-KEY AKM,
verifying PMK derivation, PMKSA caching, and failure with
incorrect passphrase.

Signed-off-by: Ainy Kumari <ainy.kumari@oss.qualcomm.com>

diff --git a/tests/hwsim/test_pasn.py b/tests/hwsim/test_pasn.py
index 07d42c038d1d7b5d8504b6df2bed2e0d86a8bb70..c64e5b566c28d84c7967e05c5a4f841b3945d775 100644 (file)
--- a/tests/hwsim/test_pasn.py
+++ b/tests/hwsim/test_pasn.py
@@ -490,6 +490,38 @@ def test_pasn_sae(dev, apdev):
     finally:
         dev[0].set("sae_pwe", "0")
 
+@remote_compatible
+def test_pasn_sae_ext_key(dev, apdev):
+    """PASN authentication with SAE-EXT-KEY AP with PMK derivation + PMKSA caching"""
+    check_pasn_capab(dev[0])
+    check_sae_capab(dev[0])
+
+    params = hostapd.wpa2_params(ssid="test-pasn-sae",
+                                 passphrase="12345678")
+    params['wpa_key_mgmt'] = 'SAE SAE-EXT-KEY PASN'
+    params['sae_pwe'] = "2"
+    hapd = start_pasn_ap(apdev[0], params)
+
+    try:
+        dev[0].set("sae_pwe", "2")
+        dev[0].connect("test-pasn-sae", psk="12345678", key_mgmt="SAE-EXT-KEY",
+                       scan_freq="2412", only_add_network=True)
+
+        # first test with a valid PSK
+        check_pasn_akmp_cipher(dev[0], hapd, "SAE-EXT-KEY", "CCMP", nid="0")
+
+        # And now with PMKSA caching
+        check_pasn_akmp_cipher(dev[0], hapd, "SAE-EXT-KEY", "CCMP")
+
+        # And now with a wrong passphrase
+        if "FAIL" in dev[0].request("PMKSA_FLUSH"):
+            raise Exception("PMKSA_FLUSH failed")
+
+        dev[0].set_network_quoted(0, "psk", "12345678787")
+        check_pasn_akmp_cipher(dev[0], hapd, "SAE-EXT-KEY", "CCMP", status=1, nid="0")
+    finally:
+        dev[0].set("sae_pwe", "0")
+
 @remote_compatible
 def test_pasn_sae_while_connected_same_channel(dev, apdev):
     """PASN SAE authentication while connected same channel"""