tests: DH parameter file DSA conversion and error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
parent
0c83ae0469
commit
b3ff3decf6
2 changed files with 75 additions and 0 deletions
11
tests/hwsim/auth_serv/dsaparam.pem
Normal file
11
tests/hwsim/auth_serv/dsaparam.pem
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
-----BEGIN DSA PARAMETERS-----
|
||||||
|
MIIBngKBwQCKGwQSQa8/VqJBvFDwpbJTEgQ2myTzbDCZqZof9EBBO5KlbUfgFZfY
|
||||||
|
szSaZAWPok0mG9BRGoJgtajJruLU6lvoZ94FgGPhRrOZWd0wT6kiySRz4nv9kEMK
|
||||||
|
Ch83zLQ+i1IdRFozP4k+9YHlAVL354zU+O5USxNMuhPVab4MPsl9I7gZmEQmisHA
|
||||||
|
fwQOLppTrILuqNtVOqpRogKhVnvQITqV3VsRYV0JVersx48olOqtPGQKKewiJFJp
|
||||||
|
n7fwGC208/sCFQD4vIUetIr4LGLwm3D/Y5HxNMyFFwKBwC7b0nT/lb1+z86vKg3v
|
||||||
|
Cyy40D03ezYgmlwV+xObadfMmciwxK98DX763dFsY9omd6csFho1xGfSFRj8Bkv6
|
||||||
|
rbumVtoZGurdRxU4ADJf4SF5MuK2rJ9jg4Wz6F1BhHEKtoubINlk3fyZWPx0sjkm
|
||||||
|
t2IJlFY4rfbTI8ETrPrE+zb53tiaundB72cUWmZY/gRuaXh7lRzpMVr71+OedLU6
|
||||||
|
VkIHXOG/nnb48hZfGohKvWTAp/wkb2w/dCdeGKgVZn3FzA==
|
||||||
|
-----END DSA PARAMETERS-----
|
|
@ -2663,6 +2663,45 @@ def test_ap_wpa2_eap_ttls_dh_params(dev, apdev):
|
||||||
ca_cert="auth_serv/ca.der", phase2="auth=CHAP",
|
ca_cert="auth_serv/ca.der", phase2="auth=CHAP",
|
||||||
dh_file="auth_serv/dh.conf")
|
dh_file="auth_serv/dh.conf")
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_dsa(dev, apdev):
|
||||||
|
"""WPA2-Enterprise connection using EAP-TTLS and setting DH params (DSA)"""
|
||||||
|
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||||
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||||
|
eap_connect(dev[0], apdev[0], "TTLS", "chap user",
|
||||||
|
anonymous_identity="ttls", password="password",
|
||||||
|
ca_cert="auth_serv/ca.der", phase2="auth=CHAP",
|
||||||
|
dh_file="auth_serv/dsaparam.pem")
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_not_found(dev, apdev):
|
||||||
|
"""EAP-TTLS and DH params file not found"""
|
||||||
|
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||||
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||||
|
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
|
||||||
|
identity="mschap user", password="password",
|
||||||
|
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAP",
|
||||||
|
dh_file="auth_serv/dh-no-such-file.conf",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"])
|
||||||
|
if ev is None:
|
||||||
|
raise Exception("EAP failure timed out")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
dev[0].wait_disconnected()
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_invalid(dev, apdev):
|
||||||
|
"""EAP-TTLS and invalid DH params file"""
|
||||||
|
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||||
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||||
|
dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap="TTLS",
|
||||||
|
identity="mschap user", password="password",
|
||||||
|
ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAP",
|
||||||
|
dh_file="auth_serv/ca.pem",
|
||||||
|
scan_freq="2412", wait_connect=False)
|
||||||
|
ev = dev[0].wait_event(["CTRL-EVENT-EAP-FAILURE"])
|
||||||
|
if ev is None:
|
||||||
|
raise Exception("EAP failure timed out")
|
||||||
|
dev[0].request("REMOVE_NETWORK all")
|
||||||
|
dev[0].wait_disconnected()
|
||||||
|
|
||||||
def test_ap_wpa2_eap_ttls_dh_params_blob(dev, apdev):
|
def test_ap_wpa2_eap_ttls_dh_params_blob(dev, apdev):
|
||||||
"""WPA2-Enterprise connection using EAP-TTLS/CHAP and setting DH params from blob"""
|
"""WPA2-Enterprise connection using EAP-TTLS/CHAP and setting DH params from blob"""
|
||||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||||
|
@ -2684,6 +2723,31 @@ def test_ap_wpa2_eap_ttls_dh_params_server(dev, apdev):
|
||||||
anonymous_identity="ttls", password="password",
|
anonymous_identity="ttls", password="password",
|
||||||
ca_cert="auth_serv/ca.der", phase2="auth=CHAP")
|
ca_cert="auth_serv/ca.der", phase2="auth=CHAP")
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_dsa_server(dev, apdev):
|
||||||
|
"""WPA2-Enterprise using EAP-TTLS and alternative server dhparams (DSA)"""
|
||||||
|
params = int_eap_server_params()
|
||||||
|
params["dh_file"] = "auth_serv/dsaparam.pem"
|
||||||
|
hostapd.add_ap(apdev[0]['ifname'], params)
|
||||||
|
eap_connect(dev[0], apdev[0], "TTLS", "chap user",
|
||||||
|
anonymous_identity="ttls", password="password",
|
||||||
|
ca_cert="auth_serv/ca.der", phase2="auth=CHAP")
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_not_found(dev, apdev):
|
||||||
|
"""EAP-TLS server and dhparams file not found"""
|
||||||
|
params = int_eap_server_params()
|
||||||
|
params["dh_file"] = "auth_serv/dh-no-such-file.conf"
|
||||||
|
hapd = hostapd.add_ap(apdev[0]['ifname'], params, no_enable=True)
|
||||||
|
if "FAIL" not in hapd.request("ENABLE"):
|
||||||
|
raise Exception("Invalid configuration accepted")
|
||||||
|
|
||||||
|
def test_ap_wpa2_eap_ttls_dh_params_invalid(dev, apdev):
|
||||||
|
"""EAP-TLS server and invalid dhparams file"""
|
||||||
|
params = int_eap_server_params()
|
||||||
|
params["dh_file"] = "auth_serv/ca.pem"
|
||||||
|
hapd = hostapd.add_ap(apdev[0]['ifname'], params, no_enable=True)
|
||||||
|
if "FAIL" not in hapd.request("ENABLE"):
|
||||||
|
raise Exception("Invalid configuration accepted")
|
||||||
|
|
||||||
def test_ap_wpa2_eap_reauth(dev, apdev):
|
def test_ap_wpa2_eap_reauth(dev, apdev):
|
||||||
"""WPA2-Enterprise and Authenticator forcing reauthentication"""
|
"""WPA2-Enterprise and Authenticator forcing reauthentication"""
|
||||||
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
|
||||||
|
|
Loading…
Reference in a new issue