diff --git a/tests/hwsim/test_fils.py b/tests/hwsim/test_fils.py index 9998299d8..4d4ddc39a 100644 --- a/tests/hwsim/test_fils.py +++ b/tests/hwsim/test_fils.py @@ -2409,3 +2409,52 @@ def run_fils_offload_to_driver(dev, apdev, params): raise Exception("DRIVER_EVENT ASSOC did not succeed") dev.wait_connected() + +def test_fils_sk_okc(dev, apdev, params): + """FILS SK and opportunistic key caching""" + check_fils_capa(dev[0]) + check_erp_capa(dev[0]) + + start_erp_as(msk_dump=os.path.join(params['logdir'], "msk.lst")) + + bssid = apdev[0]['bssid'] + params = hostapd.wpa2_eap_params(ssid="fils") + params['wpa_key_mgmt'] = "FILS-SHA256" + params['okc'] = '1' + params['auth_server_port'] = "18128" + params['erp_domain'] = 'example.com' + params['fils_realm'] = 'example.com' + hapd = hostapd.add_ap(apdev[0]['ifname'], params) + + dev[0].scan_for_bss(bssid, freq=2412) + dev[0].request("ERP_FLUSH") + id = dev[0].connect("fils", key_mgmt="FILS-SHA256", + eap="PSK", identity="psk.user@example.com", + password_hex="0123456789abcdef0123456789abcdef", + erp="1", okc=True, scan_freq="2412") + pmksa = dev[0].get_pmksa(bssid) + if pmksa is None: + raise Exception("No PMKSA cache entry created") + hapd.wait_sta() + + hapd2 = hostapd.add_ap(apdev[1], params) + bssid2 = hapd2.own_addr() + + dev[0].scan_for_bss(bssid2, freq=2412) + if "OK" not in dev[0].request("ROAM " + bssid2): + raise Exception("ROAM failed") + ev = dev[0].wait_event(["CTRL-EVENT-EAP-STARTED", + "CTRL-EVENT-CONNECTED"], timeout=10) + if ev is None: + raise Exception("Connection using OKC/PMKSA caching timed out") + if "CTRL-EVENT-EAP-STARTED" in ev: + raise Exception("Unexpected EAP exchange") + hapd2.wait_sta() + hwsim_utils.test_connectivity(dev[0], hapd2) + pmksa2 = dev[0].get_pmksa(bssid2) + if pmksa2 is None: + raise Exception("No PMKSA cache entry found") + if 'opportunistic' not in pmksa2 or pmksa2['opportunistic'] != '1': + raise Exception("OKC not indicated in PMKSA entry") + if pmksa['pmkid'] != pmksa2['pmkid']: + raise Exception("Unexpected PMKID change")