mirror of
https://github.com/vanhoefm/fragattacks.git
synced 2024-11-25 08:48:31 -05:00
tests: sigma_dut Suite B station with RSA certificate
Signed-off-by: Jouni Malinen <jouni@qca.qualcomm.com>
This commit is contained in:
parent
e37cea308e
commit
002b49ed07
@ -14,7 +14,7 @@ import time
|
||||
import hostapd
|
||||
from utils import HwsimSkip
|
||||
from hwsim import HWSimRadio
|
||||
from test_suite_b import check_suite_b_192_capa, suite_b_as_params
|
||||
from test_suite_b import check_suite_b_192_capa, suite_b_as_params, suite_b_192_rsa_ap_params
|
||||
|
||||
def check_sigma_dut():
|
||||
if not os.path.exists("./sigma_dut"):
|
||||
@ -374,7 +374,7 @@ def test_sigma_dut_suite_b(dev, apdev, params):
|
||||
|
||||
sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
|
||||
sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
|
||||
sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,PMF,Required,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem" % (ifname, "test-suite-b"))
|
||||
sigma_dut_cmd_check("sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,PMF,Required,clientCertificate,suite_b.pem,trustedRootCA,suite_b_ca.pem,CertType,ECC" % (ifname, "test-suite-b"))
|
||||
sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
|
||||
sigma_dut_wait_connected(ifname)
|
||||
sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
|
||||
@ -383,6 +383,45 @@ def test_sigma_dut_suite_b(dev, apdev, params):
|
||||
|
||||
stop_sigma_dut(sigma)
|
||||
|
||||
def test_sigma_dut_suite_b_rsa(dev, apdev, params):
|
||||
"""sigma_dut controlled STA Suite B (RSA)"""
|
||||
check_suite_b_192_capa(dev)
|
||||
logdir = params['logdir']
|
||||
|
||||
with open("auth_serv/rsa3072-ca.pem", "r") as f:
|
||||
with open(os.path.join(logdir, "suite_b_ca_rsa.pem"), "w") as f2:
|
||||
f2.write(f.read())
|
||||
|
||||
with open("auth_serv/rsa3072-user.pem", "r") as f:
|
||||
with open("auth_serv/rsa3072-user.key", "r") as f2:
|
||||
with open(os.path.join(logdir, "suite_b_rsa.pem"), "w") as f3:
|
||||
f3.write(f.read())
|
||||
f3.write(f2.read())
|
||||
|
||||
dev[0].flush_scan_cache()
|
||||
params = suite_b_192_rsa_ap_params()
|
||||
hapd = hostapd.add_ap(apdev[0], params)
|
||||
|
||||
ifname = dev[0].ifname
|
||||
sigma = start_sigma_dut(ifname, cert_path=logdir)
|
||||
|
||||
cmd = "sta_set_security,type,eaptls,interface,%s,ssid,%s,PairwiseCipher,AES-GCMP-256,GroupCipher,AES-GCMP-256,GroupMgntCipher,BIP-GMAC-256,keymgmttype,SuiteB,PMF,Required,clientCertificate,suite_b_rsa.pem,trustedRootCA,suite_b_ca_rsa.pem,CertType,RSA" % (ifname, "test-suite-b")
|
||||
|
||||
tests = [ "",
|
||||
",TLSCipher,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
|
||||
",TLSCipher,TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" ]
|
||||
for extra in tests:
|
||||
sigma_dut_cmd_check("sta_reset_default,interface,%s,prog,PMF" % ifname)
|
||||
sigma_dut_cmd_check("sta_set_ip_config,interface,%s,dhcp,0,ip,127.0.0.11,mask,255.255.255.0" % ifname)
|
||||
sigma_dut_cmd_check(cmd + extra)
|
||||
sigma_dut_cmd_check("sta_associate,interface,%s,ssid,%s,channel,1" % (ifname, "test-suite-b"))
|
||||
sigma_dut_wait_connected(ifname)
|
||||
sigma_dut_cmd_check("sta_get_ip_config,interface," + ifname)
|
||||
sigma_dut_cmd_check("sta_disconnect,interface," + ifname)
|
||||
sigma_dut_cmd_check("sta_reset_default,interface," + ifname)
|
||||
|
||||
stop_sigma_dut(sigma)
|
||||
|
||||
def test_sigma_dut_ap_suite_b(dev, apdev, params):
|
||||
"""sigma_dut controlled AP Suite B"""
|
||||
check_suite_b_192_capa(dev)
|
||||
|
Loading…
Reference in New Issue
Block a user