From 5e597ed9f03d33fd8c8e260f28d015657cbaa16a Mon Sep 17 00:00:00 2001
From: Jouni Malinen <j@w1.fi>
Date: Mon, 28 May 2018 17:14:37 +0300
Subject: [PATCH] tests: EAP-pwd with salted passwords

Signed-off-by: Jouni Malinen <j@w1.fi>
---
 tests/hwsim/auth_serv/eap_user.conf |  3 +++
 tests/hwsim/test_ap_eap.py          | 24 ++++++++++++++++++++++++
 2 files changed, 27 insertions(+)

diff --git a/tests/hwsim/auth_serv/eap_user.conf b/tests/hwsim/auth_serv/eap_user.conf
index 9627503b6..574af193c 100644
--- a/tests/hwsim/auth_serv/eap_user.conf
+++ b/tests/hwsim/auth_serv/eap_user.conf
@@ -1,6 +1,9 @@
 "pwd user"	PWD	"secret password"
 "pwd user@domain"	PWD	"secret password"
 "pwd-hash"	PWD	hash:e3718ece8ab74792cbbfffd316d2d19a
+"pwd-hash-sha1"	PWD	ssha1:046239e0660a59015231082a071c803e9f5848ae42eaccb4c08c97ae397bc879c4b071b9088ee715
+"pwd-hash-sha256"	PWD	ssha256:eb0fc747d940308ee5ddcb88d4998a39fa9fcad3044872cf35a1b54b8d351dadc05f525ec27be0d35eca52a328c582ebc7
+"pwd-hash-sha512"	PWD	ssha512:368d96e5acb41b164fe5ce038ab7c3552a82f88fae2e8481da525cc2c68c53b19390a91ccc61a1a04595b620b92e47c39bae353108035c49aaeb23859ad6d22dc08d2057cdd9f0831636a47cbac8d23ed7de8575a197b6320d5627e8f9768bd2109471bc7dff566f7a5e0e9990c285dc1d42e02ed06d6f9490323053ab252d88
 "pwd.user@test123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890.example.com"	PWD	"secret password"
 "gpsk user"	GPSK	"abcdefghijklmnop0123456789abcdef"
 "gpsk user@domain"	GPSK	"abcdefghijklmnop0123456789abcdef"
diff --git a/tests/hwsim/test_ap_eap.py b/tests/hwsim/test_ap_eap.py
index 5f06e2b05..6337c54a1 100644
--- a/tests/hwsim/test_ap_eap.py
+++ b/tests/hwsim/test_ap_eap.py
@@ -2628,6 +2628,30 @@ def test_ap_wpa2_eap_pwd_nthash(dev, apdev):
                 password_hex="hash:e3718ece8ab74792cbbfffd316d2d19a",
                 expect_failure=True, local_error_report=True)
 
+def test_ap_wpa2_eap_pwd_salt_sha1(dev, apdev):
+    """WPA2-Enterprise connection using EAP-pwd and salted password SHA-1"""
+    check_eap_capa(dev[0], "PWD")
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hapd = hostapd.add_ap(apdev[0], params)
+    eap_connect(dev[0], hapd, "PWD", "pwd-hash-sha1",
+                password="secret password")
+
+def test_ap_wpa2_eap_pwd_salt_sha256(dev, apdev):
+    """WPA2-Enterprise connection using EAP-pwd and salted password SHA256"""
+    check_eap_capa(dev[0], "PWD")
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hapd = hostapd.add_ap(apdev[0], params)
+    eap_connect(dev[0], hapd, "PWD", "pwd-hash-sha256",
+                password="secret password")
+
+def test_ap_wpa2_eap_pwd_salt_sha512(dev, apdev):
+    """WPA2-Enterprise connection using EAP-pwd and salted password SHA512"""
+    check_eap_capa(dev[0], "PWD")
+    params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
+    hapd = hostapd.add_ap(apdev[0], params)
+    eap_connect(dev[0], hapd, "PWD", "pwd-hash-sha512",
+                password="secret password")
+
 def test_ap_wpa2_eap_pwd_groups(dev, apdev):
     """WPA2-Enterprise connection using various EAP-pwd groups"""
     check_eap_capa(dev[0], "PWD")