From patchwork Tue Mar 16 09:43:23 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ilan Peer X-Patchwork-Id: 1453773 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.infradead.org (client-ip=2001:8b0:10b:1:d65d:64ff:fe57:4e05; helo=desiato.infradead.org; envelope-from=hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=desiato.20200630 header.b=GAeMK7yV; dkim-atps=neutral Received: from desiato.infradead.org (desiato.infradead.org [IPv6:2001:8b0:10b:1:d65d:64ff:fe57:4e05]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4F07fN6SMMz9sRf for ; Tue, 16 Mar 2021 20:44:12 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=desiato.20200630; h=Sender:Content-Transfer-Encoding :Content-Type:MIME-Version:List-Subscribe:List-Help:List-Post:List-Archive: List-Unsubscribe:List-Id:Message-Id:Date:Subject:Cc:To:From:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:References:List-Owner; bh=iZKqWvsVHyxpC/9k0B77mSAZb84NxgXhiQLWsAkAUx0=; b=GAeMK7yV73MxSmCl+m0KUVOPHb tZVsOAqWLF+qjOGLmCuMfjY1bKQJEDUSA/kD1/vW8qBBrJk0atsG20ytv+EXxjeHZfGa1JJDNuAvH L4PNGnYoI4y5AWkbzDSeBjaBOCDJ6CygOXWhs/n3i+iUi6kWfKGTQnDIklweEkBbBnLqbJuE1DiGq hVYSLUq2tMGhcTLzPR9FXP5fP/rKUfGwHgOwjHdk2PeGA094nhUECffAw+GkUVCk8YxE6Dz3HLH3b hmpSnm3ayFURx1drBVFUtqzMlafw/euHeZhj/u/fArRDJ/KLr61BCh+xptdBxg4lxLHi0B3jGQmpQ Fb210Lkg==; Received: from localhost ([::1] helo=desiato.infradead.org) by desiato.infradead.org with esmtp (Exim 4.94 #2 (Red Hat Linux)) id 1lM6El-000JLA-56; Tue, 16 Mar 2021 09:43:39 +0000 Received: from mga03.intel.com ([134.134.136.65]) by desiato.infradead.org with esmtps (Exim 4.94 #2 (Red Hat Linux)) id 1lM6Ef-000JK7-GN for hostap@lists.infradead.org; Tue, 16 Mar 2021 09:43:36 +0000 IronPort-SDR: 1yEI89ccCq3CHTO2aAaMjU13xHveHatVq/g2kTKNXG9SnXLDUs23g74/BRkz/fAs0wmPRzroIc aFrYh2VWPC5g== X-IronPort-AV: E=McAfee;i="6000,8403,9924"; a="189280241" X-IronPort-AV: E=Sophos;i="5.81,251,1610438400"; d="scan'208";a="189280241" Received: from fmsmga007.fm.intel.com ([10.253.24.52]) by orsmga103.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 16 Mar 2021 02:43:30 -0700 IronPort-SDR: tBFmxGMdBznQg1Fe3DZ3vKbIhzEZol9FNQdb3zAmUBwm61702i5fq26G7xNk1mYn9oJK6YwrES MD7FwTpprbsw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.81,251,1610438400"; d="scan'208";a="378813488" Received: from jed01615.jer.intel.com ([10.12.217.51]) by fmsmga007.fm.intel.com with ESMTP; 16 Mar 2021 02:43:29 -0700 From: Ilan Peer To: hostap@lists.infradead.org Cc: Ilan Peer Subject: [PATCH v2 15/15] tests: Add coverage for PASN deauthentication Date: Tue, 16 Mar 2021 11:43:23 +0200 Message-Id: <20210316094323.16229-1-ilan.peer@intel.com> X-Mailer: git-send-email 2.17.1 X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20210316_094334_063680_2FA8466F X-CRM114-Status: UNSURE ( 8.51 ) X-CRM114-Notice: Please train this message. X-Spam-Score: -2.3 (--) X-Spam-Report: Spam detection software, running on the system "desiato.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Ilan Peer --- tests/hwsim/test_pasn.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/tests/hwsim/test_pasn.py b/tests/hwsim/test_pasn.py index ee6e6c8016..f7bc72e59d 100644 --- a/tests/hwsim/test_pasn.py +++ b/tests/hwsim/test_pasn.py @@ -47, 9 +47,10 @@ def start_pasn_ap( [...] Content analysis details: (-2.3 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -2.3 RCVD_IN_DNSWL_MED RBL: Sender listed at https://www.dnswl.org/, medium trust [134.134.136.65 listed in list.dnswl.org] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-BeenThere: hostap@lists.infradead.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: "Hostap" Errors-To: hostap-bounces+incoming=patchwork.ozlabs.org@lists.infradead.org Signed-off-by: Ilan Peer --- tests/hwsim/test_pasn.py | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/tests/hwsim/test_pasn.py b/tests/hwsim/test_pasn.py index ee6e6c8016..f7bc72e59d 100644 --- a/tests/hwsim/test_pasn.py +++ b/tests/hwsim/test_pasn.py @@ -47,9 +47,10 @@ def start_pasn_ap(apdev, params): raise HwsimSkip("PASN not supported") raise -def check_pasn_ptk(dev, hapd, cipher, fail_ptk=0): +def check_pasn_ptk(dev, hapd, cipher, fail_ptk=0, clear_keys=1): sta_ptksa = dev.get_ptksa(hapd.own_addr(), cipher) ap_ptksa = hapd.get_ptksa(dev.own_addr(), cipher) + if not (sta_ptksa and ap_ptksa): if fail_ptk == 1: return @@ -62,6 +63,17 @@ def check_pasn_ptk(dev, hapd, cipher, fail_ptk=0): raise Exception("TK/KDK mismatch") elif fail_ptk == 1: raise Exception("TK/KDK match although key derivation should have failed") + elif clear_keys == 1: + cmd = "PASN_DEAUTH bssid=%s" % hapd.own_addr() + dev.request(cmd) + + # Wait a little to let the AP process the deauth + time.sleep(0.2) + + sta_ptksa = dev.get_ptksa(hapd.own_addr(), cipher) + ap_ptksa = hapd.get_ptksa(dev.own_addr(), cipher) + if sta_ptksa or ap_ptksa: + raise Exception("TK/KDK not deleted as expected") def check_pasn_akmp_cipher(dev, hapd, akmp="PASN", cipher="CCMP", group="19", status=0, fail=0, nid="", fail_ptk=0): @@ -293,7 +305,7 @@ def test_pasn_sae_kdk(dev, apdev): dev[0].connect("test-sae", psk="12345678", key_mgmt="SAE", scan_freq="2412") - check_pasn_ptk(dev[0], hapd, "CCMP") + check_pasn_ptk(dev[0], hapd, "CCMP", clear_keys=0) finally: dev[0].set("force_kdk_derivation", "0") @@ -328,7 +340,7 @@ def check_pasn_fils_kdk(dev, apdev, params, key_mgmt): hapd.wait_sta() hwsim_utils.test_connectivity(dev[0], hapd) - check_pasn_ptk(dev[0], hapd, "CCMP") + check_pasn_ptk(dev[0], hapd, "CCMP", clear_keys=0) dev[0].request("DISCONNECT") dev[0].wait_disconnected() @@ -348,7 +360,7 @@ def check_pasn_fils_kdk(dev, apdev, params, key_mgmt): hapd.wait_sta() hwsim_utils.test_connectivity(dev[0], hapd) - check_pasn_ptk(dev[0], hapd, "CCMP") + check_pasn_ptk(dev[0], hapd, "CCMP", clear_keys=0) finally: dev[0].set("force_kdk_derivation", "0")