Commit graph

2705 commits

Author SHA1 Message Date
Jouni Malinen
b3a93f8fab tests: DPP protocol testing - Auth Conf attribute omission
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-27 16:09:51 +03:00
Jouni Malinen
a0e3e22263 tests: DPP protocol testing
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-22 22:50:19 +03:00
Jouni Malinen
77f52098a5 tests: Make sae_invalid_anti_clogging_token_req more robust
Beacon more frequently since Probe Request frames are practically ignored
in this test setup (ext_mgmt_frame_handled=1 on hostapd side) and
wpa_supplicant scans may end up getting ignored if no new results are
available due to the missing Probe Response frames.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-22 17:21:57 +03:00
Johannes Berg
18cdbb3c80 tests: Add a script to aid bisecting Linux kernel with hwsim VM
I find myself writing a version of this script every now and
then, but there's little point in that - just add one to the
tree so we can use it again.

Signed-off-by: Johannes Berg <johannes.berg@intel.com>
2017-10-21 12:04:53 +03:00
Jouni Malinen
f81c1411f3 tests: WPA2-EAP-FT AP (pull PMK) - wildcard R0KH/R1KH
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 12:00:22 +03:00
Jouni Malinen
20a09e08cc tests: hostapd configuration reload modification from file on SIGHUP
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-21 11:29:45 +03:00
Jouni Malinen
60890ca4ee tests: Delayed PTK rekey exchange attack protection
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:37 +03:00
Jouni Malinen
6e3027a57e Fix the notes on EAPOL-Key testing procedures
The extra sanity check for replay protection in these procedures ended
up breaking the tests. RESET_PN cannot be used before RESEND_* commands
since that would prevent the DUT from accepting the retransmitted
EAPOL-Key frames.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
d903716976 tests: Enable bss_transition in wnm_bss_tm_req_with_mbo_ie
This is needed once BSS TM processing is skipped if the functionality is
not enabled explicitly.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-20 20:32:36 +03:00
Jouni Malinen
c9dc89968d tests: Skip new ap_ciphers tests cleanly for missing mac80211 debugfs
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 23:32:26 +03:00
Jouni Malinen
1613e0121c Add notes on how to do cipher suite and key management testing
This describes how various wpa_supplicant/hostapd extensions can be used
to test IEEE 802.11 functionality in other devices.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
fd1b15aca3 tests: CCMP/TKIP/GCMP replay protection
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-19 20:47:44 +03:00
Jouni Malinen
862363babe tests: Plaintext EAPOL-Key frames when TK is configured
These test cases do not really verify any specific DUT behavior
automatically, i.e., these are here to generate sniffer captures for
manual analysis.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-19 18:32:16 +03:00
Jouni Malinen
4bb2272bab tests: Delayed M1+M3 retransmission and zero TK
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:28:55 +03:00
Jouni Malinen
59cbfa7c86 tests: Delayed 4-way handshake M1 and M3 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:27:38 +03:00
Jouni Malinen
724152a1ef tests: Delayed group M1 retransmission
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-18 11:25:27 +03:00
Jouni Malinen
8e5931f0c7 tests: More robust owe_transition_mode* tests
Flush old scan results in these test cases to avoid checking incorrect
scan result entry.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-18 01:19:42 +03:00
Jouni Malinen
ec765bc797 tests: Disabling of EAPOL-Key retries
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-17 00:07:17 +03:00
Jouni Malinen
3bcc524733 tests: WPA2-PSK AP and PTK rekey enforced by station and ANonce change
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:48:25 +03:00
Jouni Malinen
b74f82a4f8 tests: Comment out during-association TK-in-memory checks
TK needs to be maintained in memory for additional testing
functionality, so for now, comment out these checks.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 17:43:10 +03:00
Jouni Malinen
f4528fbf51 tests: 4-way handshake msg 3/4 replay with extra msg 1/4
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
2956fcc401 tests: Remove peerkey testing
This is in preparation of complete removal of the PeerKey functionality.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
e22aa2f6ec tests: Fix wnm_action_proto_no_pmf to have active WNM_SLEEP operation
The previous designed worked since wpa_supplicant did not track pending
request state. With such tracking added, this test case needs to make
sure there is a pending operation when injecting the invalid response.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
c29475a932 tests: Delayed EAPOL-Key msg 3/4 replaying attack
This hits the new wpa_supplicant code path that rejects reconfiguration
of the same GTK.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
5a79966f9e tests: Replayed FILS association request
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
6db556b21d tests: Allow wpa_supplicant to maintain GTK in memory during association
This is needed to allow GTK configuration triggers to verify whether the
key has changed.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
d7f0bef94e tests: WPA2-PSK-FT AP and replayed Reassociation Request frame
Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-16 02:03:47 +03:00
Jouni Malinen
89c343e887 tests: sigma_dut ap_get_mac_address
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-12 00:02:10 +03:00
Jouni Malinen
6644069ca9 tests: sigma_dut SAE and long password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
606ef7d328 tests: SAE with sae_password
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 23:24:19 +03:00
Jouni Malinen
7413c34d5e tests: Add the forgotten files for owe_transition_mode_multi_bss
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-11 12:16:19 +03:00
Jouni Malinen
86fd7d70e8 tests: sigma_dut controlled AP with OWE and transition mode
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 22:40:15 +03:00
Jouni Malinen
7f811be59e tests: sigma_dut controlled AP with OWE and ECGroupID
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
35a0713c75 tests: Opportunistic Wireless Encryption and limited group set
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 21:04:00 +03:00
Jouni Malinen
e30de6c250 tests: sigma_dut OWE with invalid DH Param element
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:35:19 +03:00
Jouni Malinen
25fdb2756c tests: Opportunistic Wireless Encryption and unsupported group
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 18:27:58 +03:00
Jouni Malinen
2e37b5fbe7 tests: Remove op_cl and ch_list from DPP
These were removed from the protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:34:49 +03:00
Jouni Malinen
22a0147557 tests: Remove DPP C-sign-key expiry testing
This was removed from the protocol.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-10 01:19:22 +03:00
Jouni Malinen
b9c0e1fa5c tests: sigma_dut with OWE
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 16:54:03 +03:00
Jouni Malinen
872d0f93cc tests: Opportunistic Wireless Encryption transition mode (multi BSS)
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 13:39:23 +03:00
Jouni Malinen
89baf47104 tests: OWE using cfg80211 connect command
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:39:14 +03:00
Jouni Malinen
26b96d050d tests: Opportunistic Wireless Encryption and PMKSA caching
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-09 12:12:54 +03:00
Jouni Malinen
8acde197c2 tests: OWE DH groups
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
4361ab0108 tests: OWE Transition Mode
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-08 17:12:35 +03:00
Jouni Malinen
e0e1fde8a8 tests: P2P GO with Interworking element
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-05 14:54:15 +03:00
Jouni Malinen
002b49ed07 tests: sigma_dut Suite B station with RSA certificate
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-10-03 18:16:51 +03:00
Jouni Malinen
0ba13e8613 tests: Update server and user certificates (2017)
The previous versions expired, so need to re-sign these to fix number of
the EAP test cases. In addition, add a shell script (update.sh) and the
needed CA files to automate this full update process.

Signed-off-by: Jouni Malinen <j@w1.fi>
2017-10-01 18:47:02 +03:00
Jouni Malinen
8cfdca1266 tests: sigma_dut PMF group management cipher selection on STA
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:54:56 +03:00
Jouni Malinen
53041e75d2 tests: PMF group mgmt cipher constraints
Verify new wpa_supplicant group_mgmt parameter functionality.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:40:02 +03:00
Jouni Malinen
61a56c1480 Add group_mgmt network parameter for PMF cipher selection
The new wpa_supplicant network parameter group_mgmt can be used to
specify which group management ciphers (AES-128-CMAC, BIP-GMAC-128,
BIP-GMAC-256, BIP-CMAC-256) are allowed for the network. If not
specified, the current behavior is maintained (i.e., follow what the AP
advertises). The parameter can list multiple space separate ciphers.

Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
2017-09-26 17:40:02 +03:00