jeltz/hostap
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

tests: Skip WPA(V1) test cases in FIPS mode

Browse source 
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-01 22:54:07 +03:00
parent 4fc53159b9
commit a1eabc74b8
9 changed files with 29 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
tests/hwsim/test_ap_acs.py
View file

@ -1,5 +1,5 @@
# Test cases for automatic channel selection with hostapd # Test cases for automatic channel selection with hostapd
# Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi> # Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
# #
# This software may be distributed under the terms of the BSD license. # This software may be distributed under the terms of the BSD license.
# See README for more details. # See README for more details.
@ -10,6 +10,7 @@ import subprocess
import time import time
import hostapd import hostapd
from utils import skip_with_fips
from test_ap_ht import clear_scan_cache from test_ap_ht import clear_scan_cache
def force_prev_ap_on_24g(ap): def force_prev_ap_on_24g(ap):
@ -89,6 +90,7 @@ def test_ap_acs_chanlist(dev, apdev):
def test_ap_multi_bss_acs(dev, apdev): def test_ap_multi_bss_acs(dev, apdev):
"""hostapd start with a multi-BSS configuration file using ACS""" """hostapd start with a multi-BSS configuration file using ACS"""
skip_with_fips(dev[0])
ifname = apdev[0]['ifname'] ifname = apdev[0]['ifname']
force_prev_ap_on_24g(apdev[0]) force_prev_ap_on_24g(apdev[0])

8
tests/hwsim/test_ap_ciphers.py
View file

@ -1,5 +1,5 @@
# Cipher suite tests # Cipher suite tests
# Copyright (c) 2013, Jouni Malinen <j@w1.fi> # Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
# #
# This software may be distributed under the terms of the BSD license. # This software may be distributed under the terms of the BSD license.
# See README for more details. # See README for more details.
@ -11,7 +11,7 @@ import os.path
import hwsim_utils import hwsim_utils
import hostapd import hostapd
from utils import HwsimSkip from utils import HwsimSkip, skip_with_fips
from wlantest import Wlantest from wlantest import Wlantest
def check_cipher(dev, ap, cipher): def check_cipher(dev, ap, cipher):
@ -63,10 +63,12 @@ def check_group_mgmt_cipher(dev, ap, cipher):
def test_ap_cipher_tkip(dev, apdev): def test_ap_cipher_tkip(dev, apdev):
"""WPA2-PSK/TKIP connection""" """WPA2-PSK/TKIP connection"""
skip_with_fips(dev[0])
check_cipher(dev[0], apdev[0], "TKIP") check_cipher(dev[0], apdev[0], "TKIP")
def test_ap_cipher_tkip_countermeasures_ap(dev, apdev): def test_ap_cipher_tkip_countermeasures_ap(dev, apdev):
"""WPA-PSK/TKIP countermeasures (detected by AP)""" """WPA-PSK/TKIP countermeasures (detected by AP)"""
skip_with_fips(dev[0])
testfile = "/sys/kernel/debug/ieee80211/%s/netdev:%s/tkip_mic_test" % (dev[0].get_driver_status_field("phyname"), dev[0].ifname) testfile = "/sys/kernel/debug/ieee80211/%s/netdev:%s/tkip_mic_test" % (dev[0].get_driver_status_field("phyname"), dev[0].ifname)
if not os.path.exists(testfile): if not os.path.exists(testfile):
raise HwsimSkip("tkip_mic_test not supported in mac80211") raise HwsimSkip("tkip_mic_test not supported in mac80211")
@ -100,6 +102,7 @@ def test_ap_cipher_tkip_countermeasures_ap(dev, apdev):
def test_ap_cipher_tkip_countermeasures_sta(dev, apdev): def test_ap_cipher_tkip_countermeasures_sta(dev, apdev):
"""WPA-PSK/TKIP countermeasures (detected by STA)""" """WPA-PSK/TKIP countermeasures (detected by STA)"""
skip_with_fips(dev[0])
params = { "ssid": "tkip-countermeasures", params = { "ssid": "tkip-countermeasures",
"wpa_passphrase": "12345678", "wpa_passphrase": "12345678",
"wpa": "1", "wpa": "1",
@ -149,6 +152,7 @@ def test_ap_cipher_gcmp_256(dev, apdev):
def test_ap_cipher_mixed_wpa_wpa2(dev, apdev): def test_ap_cipher_mixed_wpa_wpa2(dev, apdev):
"""WPA2-PSK/CCMP/ and WPA-PSK/TKIP mixed configuration""" """WPA2-PSK/CCMP/ and WPA-PSK/TKIP mixed configuration"""
skip_with_fips(dev[0])
ssid = "test-wpa-wpa2-psk" ssid = "test-wpa-wpa2-psk"
passphrase = "12345678" passphrase = "12345678"
params = { "ssid": ssid, params = { "ssid": ssid,

2
tests/hwsim/test_ap_mixed.py
View file

@ -9,9 +9,11 @@ logger = logging.getLogger()
import hostapd import hostapd
import hwsim_utils import hwsim_utils
from utils import skip_with_fips
def test_ap_mixed_security(dev, apdev): def test_ap_mixed_security(dev, apdev):
"""WPA/WPA2 with PSK, EAP, SAE, FT in a single BSS""" """WPA/WPA2 with PSK, EAP, SAE, FT in a single BSS"""
skip_with_fips(dev[0])
dev[0].flush_scan_cache() dev[0].flush_scan_cache()
sae = "SAE" in dev[0].get_capability("auth_alg") sae = "SAE" in dev[0].get_capability("auth_alg")
ssid = "test-mixed" ssid = "test-mixed"

6
tests/hwsim/test_ap_psk.py
View file

@ -17,7 +17,7 @@ import subprocess
import time import time
import hostapd import hostapd
from utils import HwsimSkip, fail_test from utils import HwsimSkip, fail_test, skip_with_fips
import hwsim_utils import hwsim_utils
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
@ -162,6 +162,7 @@ def test_ap_wpa2_sha256_ptk_rekey_ap(dev, apdev):
def test_ap_wpa_ptk_rekey(dev, apdev): def test_ap_wpa_ptk_rekey(dev, apdev):
"""WPA-PSK/TKIP AP and PTK rekey enforced by station""" """WPA-PSK/TKIP AP and PTK rekey enforced by station"""
skip_with_fips(dev[0])
ssid = "test-wpa-psk" ssid = "test-wpa-psk"
passphrase = 'qwertyuiop' passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase) params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
@ -176,6 +177,7 @@ def test_ap_wpa_ptk_rekey(dev, apdev):
def test_ap_wpa_ptk_rekey_ap(dev, apdev): def test_ap_wpa_ptk_rekey_ap(dev, apdev):
"""WPA-PSK/TKIP AP and PTK rekey enforced by AP""" """WPA-PSK/TKIP AP and PTK rekey enforced by AP"""
skip_with_fips(dev[0])
ssid = "test-wpa-psk" ssid = "test-wpa-psk"
passphrase = 'qwertyuiop' passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase) params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
@ -294,6 +296,7 @@ def test_ap_wpa2_gtk_rekey(dev, apdev):
def test_ap_wpa_gtk_rekey(dev, apdev): def test_ap_wpa_gtk_rekey(dev, apdev):
"""WPA-PSK/TKIP AP and GTK rekey enforced by AP""" """WPA-PSK/TKIP AP and GTK rekey enforced by AP"""
skip_with_fips(dev[0])
ssid = "test-wpa-psk" ssid = "test-wpa-psk"
passphrase = 'qwertyuiop' passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase) params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)
@ -1917,6 +1920,7 @@ def test_ap_wpa2_psk_incorrect_passphrase(dev, apdev):
def test_ap_wpa_ie_parsing(dev, apdev): def test_ap_wpa_ie_parsing(dev, apdev):
"""WPA IE parsing""" """WPA IE parsing"""
skip_with_fips(dev[0])
ssid = "test-wpa-psk" ssid = "test-wpa-psk"
passphrase = 'qwertyuiop' passphrase = 'qwertyuiop'
params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase) params = hostapd.wpa_params(ssid=ssid, passphrase=passphrase)

4
tests/hwsim/test_ap_tdls.py
View file

@ -13,7 +13,7 @@ import hwsim_utils
from hostapd import HostapdGlobal from hostapd import HostapdGlobal
from hostapd import Hostapd from hostapd import Hostapd
import hostapd import hostapd
from utils import HwsimSkip from utils import HwsimSkip, skip_with_fips
from wlantest import Wlantest from wlantest import Wlantest
def start_ap_wpa2_psk(ifname): def start_ap_wpa2_psk(ifname):
@ -271,6 +271,7 @@ def test_ap_wpa2_tdls_wrong_tpk_m3_mic(dev, apdev):
def test_ap_wpa_tdls(dev, apdev): def test_ap_wpa_tdls(dev, apdev):
"""WPA-PSK AP and two stations using TDLS""" """WPA-PSK AP and two stations using TDLS"""
skip_with_fips(dev[0])
hapd = hostapd.add_ap(apdev[0]['ifname'], hapd = hostapd.add_ap(apdev[0]['ifname'],
hostapd.wpa_params(ssid="test-wpa-psk", hostapd.wpa_params(ssid="test-wpa-psk",
passphrase="12345678")) passphrase="12345678"))
@ -282,6 +283,7 @@ def test_ap_wpa_tdls(dev, apdev):
def test_ap_wpa_mixed_tdls(dev, apdev): def test_ap_wpa_mixed_tdls(dev, apdev):
"""WPA+WPA2-PSK AP and two stations using TDLS""" """WPA+WPA2-PSK AP and two stations using TDLS"""
skip_with_fips(dev[0])
hapd = hostapd.add_ap(apdev[0]['ifname'], hapd = hostapd.add_ap(apdev[0]['ifname'],
hostapd.wpa_mixed_params(ssid="test-wpa-mixed-psk", hostapd.wpa_mixed_params(ssid="test-wpa-mixed-psk",
passphrase="12345678")) passphrase="12345678"))

5
tests/hwsim/test_ap_wps.py
View file

@ -1,5 +1,5 @@
# WPS tests # WPS tests
# Copyright (c) 2013-2014, Jouni Malinen <j@w1.fi> # Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
# #
# This software may be distributed under the terms of the BSD license. # This software may be distributed under the terms of the BSD license.
# See README for more details. # See README for more details.
@ -21,7 +21,7 @@ import StringIO
import hwsim_utils import hwsim_utils
import hostapd import hostapd
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from utils import HwsimSkip, alloc_fail from utils import HwsimSkip, alloc_fail, skip_with_fips
def test_ap_wps_init(dev, apdev): def test_ap_wps_init(dev, apdev):
"""Initial AP configuration with first WPS Enrollee""" """Initial AP configuration with first WPS Enrollee"""
@ -609,6 +609,7 @@ def test_ap_wps_reg_config_ext_processing(dev, apdev):
def test_ap_wps_reg_config_tkip(dev, apdev): def test_ap_wps_reg_config_tkip(dev, apdev):
"""WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP""" """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
skip_with_fips(dev[0])
ssid = "test-wps-init-ap" ssid = "test-wps-init-ap"
appin = "12345670" appin = "12345670"
hostapd.add_ap(apdev[0]['ifname'], hostapd.add_ap(apdev[0]['ifname'],

2
tests/hwsim/test_hapd_ctrl.py
View file

@ -5,6 +5,7 @@
# See README for more details. # See README for more details.
import hostapd import hostapd
from utils import skip_with_fips
def test_hapd_ctrl_status(dev, apdev): def test_hapd_ctrl_status(dev, apdev):
"""hostapd ctrl_iface STATUS commands""" """hostapd ctrl_iface STATUS commands"""
@ -485,6 +486,7 @@ def test_hapd_dup_network_global_wpa2(dev, apdev):
def test_hapd_dup_network_global_wpa(dev, apdev): def test_hapd_dup_network_global_wpa(dev, apdev):
"""hostapd and DUP_NETWORK command (WPA)""" """hostapd and DUP_NETWORK command (WPA)"""
skip_with_fips(dev[0])
psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6' psk = '602e323e077bc63bd80307ef4745b754b0ae0a925c2638ecd13a794b9527b9e6'
src_ssid = "hapd-ctrl-src" src_ssid = "hapd-ctrl-src"
dst_ssid = "hapd-ctrl-dst" dst_ssid = "hapd-ctrl-dst"

4
tests/hwsim/test_peerkey.py
View file

@ -1,5 +1,5 @@
# PeerKey tests # PeerKey tests
# Copyright (c) 2013, Jouni Malinen <j@w1.fi> # Copyright (c) 2013-2015, Jouni Malinen <j@w1.fi>
# #
# This software may be distributed under the terms of the BSD license. # This software may be distributed under the terms of the BSD license.
# See README for more details. # See README for more details.
@ -10,6 +10,7 @@ import time
import hwsim_utils import hwsim_utils
import hostapd import hostapd
from utils import skip_with_fips
from wlantest import Wlantest from wlantest import Wlantest
def test_peerkey(dev, apdev): def test_peerkey(dev, apdev):
@ -48,6 +49,7 @@ def test_peerkey_unknown_peer(dev, apdev):
def test_peerkey_pairwise_mismatch(dev, apdev): def test_peerkey_pairwise_mismatch(dev, apdev):
"""RSN TKIP+CCMP AP and PeerKey between two STAs using different ciphers""" """RSN TKIP+CCMP AP and PeerKey between two STAs using different ciphers"""
skip_with_fips(dev[0])
wt = Wlantest() wt = Wlantest()
wt.flush() wt.flush()
wt.add_passphrase("12345678") wt.add_passphrase("12345678")

3
tests/hwsim/test_wext.py
View file

@ -11,7 +11,7 @@ import os
import hostapd import hostapd
import hwsim_utils import hwsim_utils
from wpasupplicant import WpaSupplicant from wpasupplicant import WpaSupplicant
from utils import HwsimSkip from utils import HwsimSkip, skip_with_fips
from test_rfkill import get_rfkill from test_rfkill import get_rfkill
def get_wext_interface(): def get_wext_interface():
@ -54,6 +54,7 @@ def test_wext_wpa2_psk(dev, apdev):
def test_wext_wpa_psk(dev, apdev): def test_wext_wpa_psk(dev, apdev):
"""WEXT driver interface with WPA-PSK""" """WEXT driver interface with WPA-PSK"""
skip_with_fips(dev[0])
wpas = get_wext_interface() wpas = get_wext_interface()
params = hostapd.wpa_params(ssid="wext-wpa-psk", passphrase="12345678") params = hostapd.wpa_params(ssid="wext-wpa-psk", passphrase="12345678")