Commit graph

867 commits

Author SHA1 Message Date
Jouni Malinen
b1f4015cf5 test-aes: Allow NIST key wrap test vectors to be verified
This allows the aes_wrap() and aes_unwrap() implementation to be
verified against KW_{AE,AD}_{128,192,256}.txt test vectors from
http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip

For example:
./test-aes NIST-KW-AE kwtestvectors/KW_AE_128.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_192.txt
./test-aes NIST-KW-AE kwtestvectors/KW_AE_256.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_128.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_192.txt
./test-aes NIST-KW-AD kwtestvectors/KW_AD_256.txt

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:10 +03:00
Jouni Malinen
eefec1e40b AES: Extend key wrap design to support longer AES keys
This adds kek_len argument to aes_wrap() and aes_unwrap() functions and
allows AES to be initialized with 192 and 256 bit KEK in addition to
the previously supported 128 bit KEK.

The test vectors in test-aes.c are extended to cover all the test
vectors from RFC 3394.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 14:57:06 +03:00
Jouni Malinen
b9dee18ffe tests: VENDOR_ELEM_REMOVE of the second IE
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-07 00:43:50 +03:00
Jouni Malinen
5b7aeddcd7 tests: OKC with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
35a7646bb1 tests: PMKSA cache with multiple stations
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
2cde175a93 tests: PMKSA cache entry timeout based on Session-Timeout
This verifies that hostapd uses Session-Timeout value from Access-Accept
as the lifetime for the PMKSA cache entries and expires entries both
while the station is disconnected and during an association.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
8e1fc78e1f tests: PMKSA caching disabled on AP
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 23:01:08 +03:00
Jouni Malinen
393869c551 tests: External MAC address change
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-04 16:41:33 +03:00
Jouni Malinen
c4a8c173b8 Revert "tests: Skip ap_wpa2_tdls_concurrent_init on failure"
This reverts commit bf700cc3d2. The
concurrent initialization test case is now expected to work again with
the STA entry added early enough to avoid the recently added mac80211
validation step failure.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-10-03 11:53:38 +03:00
Arik Nemtsov
77835ae9dd tests: Verify TDLS responder teardown in encrypted network
Older mac80211 implementations did not set the link identifier
appropriately, resulting in an incorrect teardown packet being sent the
peer. wpa_supplicant adds the FTE containing the MIC field calculated
using the correct link-identifier. This causes a MIC failure on the
other side and the teardown is discarded. Verify this case is fixed by
newer kernel and wpa_supplicant code.

Signed-off-by: Arik Nemtsov <arikx.nemtsov@intel.com>
2014-10-03 11:53:31 +03:00
Jouni Malinen
b5db69197a tests: Random MAC addresses while maintaining OUI
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
c1d1b6998d tests: Update server and user certificates
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-30 00:40:23 +03:00
Jouni Malinen
d1fc5736cc tests: FDB entry addition/removal
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-29 14:03:15 +03:00
Jouni Malinen
7c33a65671 tests: P2P_PROV_DISC auto
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:56:06 +03:00
Jouni Malinen
746327ca86 tests: P2P service discovery no protocol/match cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:44:24 +03:00
Jouni Malinen
06f94fd0e1 tests: Increase P2P persistent group with per-STA PSK coverage
Remove and re-start the persistent group manually to increase test
coverage to include the case of re-configuring the PSK list entries from
a stored persistent group.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 18:09:53 +03:00
Jouni Malinen
4a7d73d161 tests: Make ap_hs20_random_mac_addr more robust
If the previuous test case used a non-RSN AP and that was left in
cfg80211 scan results, it was possible for ap_hs20_random_mac_addr to
pick that old AP from the previous test and reject to connect through
Hotspot 2.0 mechanisms. Work around this test issue by requesting new
set of scan result at the beginning of the test.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 17:51:09 +03:00
Jouni Malinen
e5a79e3f93 tests: WPS while connected
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-28 11:03:48 +03:00
Jouni Malinen
816e3df972 tests: Random MAC address use
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 20:07:55 +03:00
Jouni Malinen
321c7f6034 tests: Make ap_wps_er_add_enrollee more robust under load
The scan for WPS-AUTH validation may miss a Probe Response frame if the
hostapd process gets blocked under load, e.g., when testing with
parallel-vm.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:17:17 +03:00
Jouni Malinen
377babb205 tests: Fix autogo_bridge to clear autoscan setting
Previously, periodic autoscan could have been left running and that
could result in the following test cases failing in some cases.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
852cb016d2 tests: Make ap_hs20 test cases more robust
Some of the test cases where using INTERWORKING_SELECT internally
without using scan_for_bss like the helper functions did. Add explicit
scan_for_bss calls to make the test cases less likely to fail due to
missing BSSes in scan results. This could cause false failure reports
when runnign under heavy load with parallel-vm.sh.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
bbf20ca265 tests: Use TYPE=ONLY scan for scan_for_bss
This avoids unexpected connection attempts in cases a matching network
is enabled and there is no existing connection (e.g., when testing with
ENABLE_NETWORK no-connect option).

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 16:12:41 +03:00
Jouni Malinen
bf700cc3d2 tests: Skip ap_wpa2_tdls_concurrent_init on failure
A mac80211 TDLS validation change ended up breaking test functionality
that was needed for this test case. Instead of reporting this known
issue as a FAIL every time, mark the test as SKIP since the issues is
known and there are no plans of "fixing" it.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 11:30:56 +03:00
Jouni Malinen
36e7fbce34 tests: PMKSA_FLUSH
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-09-27 10:50:19 +03:00
Jouni Malinen
a567aae4a1 tests: Roaming policy change with the bssid parameter
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-11 15:59:42 +03:00
Jouni Malinen
d885a0ba7c tests: P2P GO netdev in a bridge
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-09-01 16:27:27 +03:00
Jouni Malinen
a0fd2ae643 tests: WPS mixed-WPA/WPA2 credential merging
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-29 20:25:18 +03:00
Jouni Malinen
d6df0d7e62 tests: Verify that sec_dev_type gets reported for P2P peer
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-27 16:22:53 +03:00
Jouni Malinen
4b15c3f256 tests: P2P GO channel preference and regulatory rule mismatch
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-08-26 17:57:26 +03:00
Jouni Malinen
9a5cfd7007 tests: No EAP fast session resumption between network blocks
Verify that EAP fast session resumption is skipped if the connection
uses a different network configuration than the last EAP connection.

Signed-off-by: Jouni Malinen <j@w1.fi>
2014-07-26 20:23:08 +03:00
Jouni Malinen
1f41a20c92 tests: P2P vendor specific extensions
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-08 15:57:30 +03:00
Jouni Malinen
f1a36a53a5 tests: update_identifier in network block
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 15:51:20 +03:00
Jouni Malinen
8094a0077a tests: Fix wpas_ctrl_country to match the fixed event data
This test case for enforcing the incorrect init=DRIVER instead of
init=CORE for the event due to bug in the event message.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 13:34:34 +03:00
Jouni Malinen
e8e571d7ce tests: SCAN scan_id
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-07-02 12:52:08 +03:00
Jouni Malinen
31424fa732 tests: P2P passphrase length configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-22 00:17:18 +03:00
Jouni Malinen
6c080dfab2 tests: EAP-SIM/AKA/AKA' protocol tests
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 20:34:25 +03:00
Jouni Malinen
72cbc6847b tests: EAP-SIM external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 19:43:11 +03:00
Jouni Malinen
d8e02214ea tests: EAP-AKA external_sim error cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-21 11:30:57 +03:00
Jouni Malinen
32747a3eee tests: EAP-SIM/AKA invalid Milenage key configuration
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-20 10:59:08 +03:00
Jouni Malinen
e4719179cb tests: SA Query rate limiting on burst of unprotected Deauth
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-19 20:59:46 +03:00
Jouni Malinen
e0534ecf90 tests: EAP-PSK protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-18 00:13:56 +03:00
Jouni Malinen
7eb33a8f99 tests: Make concurrent_grpform_while_connecting2 more robust
It was possible for this test case to fail due to PBC overlap that was
detected based on previous test case having used PBC. Make that false
positive less likely to happen by explicitly clearing the scan cache on
dev[1].

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2014-06-16 17:07:25 +03:00
Jouni Malinen
2eae05f780 tests: EAP protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-15 19:01:59 +03:00
Jouni Malinen
0954431621 tests: EAP-PAX protocol test cases
Signed-off-by: Jouni Malinen <j@w1.fi>
2014-06-15 17:36:53 +03:00
Avraham Stern
62fbc0a784 tests: GO configured preferred channels are disallowed
Verify that when all configured preferred channels are disallowed,
the GO is instantiated on a random channel.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-15 00:46:15 +03:00
Avraham Stern
eb383fc48e tests: Autonomous GO random channel selection
Verify that a standalone GO selects a random channel from the social
channels in case no other preference is set.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
8d74469e61 tests: P2P GO negotiation when two peers force different freq
Verify that when trying to form a P2P group but each peer forces a
different frequency, the group formation fails.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
744a214bdb tests: Frequency set as no GO
Verify that when setting frequency as no_go_freq and setting up
autonomous GO, the GO is instantiated on a different frequency, but
when forming a P2P group and becoming a client this frequency can be
used.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00
Avraham Stern
87e5dd0af1 tests: GO with preferred channel and station on a disallowed channel
Verify that when setting up autonomous GO with configured preferred
channel and a station interface is connected on a channel that is
disallowed for P2P, the GO is instantiated on the preferred channel.

Requires MCC.

Signed-off-by: Avraham Stern <avraham.stern@intel.com>
2014-06-14 23:12:33 +03:00