Home Explore Help
Register Sign In
wareck
/
krackattacks
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: bb50ae4396
Branches Tags
krackattacks
/
tests
/
hwsim
/
test_ap_eap.py

test_ap_eap.py 6.6 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143 
  1. #!/usr/bin/python
    2. 

  2. #
    3. 

  3. # WPA2-Enterprise tests
    4. 

  4. # Copyright (c) 2013, Jouni Malinen <j@w1.fi>
    5. 

  5. #
    6. 

  6. # This software may be distributed under the terms of the BSD license.
    7. 

  7. # See README for more details.
    8. 

  8. 

  9. import time
    10. 

  10. import subprocess
    11. 

  11. import logging
    12. 

  12. logger = logging.getLogger(__name__)
    13. 

  13. 

  14. import hwsim_utils
    15. 

  15. import hostapd
    16. 

  16. 

  17. def eap_connect(dev, method, identity, anonymous_identity=None, password=None,
    18. 

  18.                 phase1=None, phase2=None, ca_cert=None):
    19. 

  19.     dev.connect("test-wpa2-eap", key_mgmt="WPA-EAP", eap=method,
    20. 

  20.                 identity=identity, anonymous_identity=anonymous_identity,
    21. 

  21.                 password=password, phase1=phase1, phase2=phase2,
    22. 

  22.                 ca_cert=ca_cert,
    23. 

  23.                 wait_connect=False)
    24. 

  24.     ev = dev.wait_event(["CTRL-EVENT-EAP-STARTED"], timeout=10)
    25. 

  25.     if ev is None:
    26. 

  26.         raise Exception("Association and EAP start timed out")
    27. 

  27.     ev = dev.wait_event(["CTRL-EVENT-EAP-METHOD"], timeout=10)
    28. 

  28.     if ev is None:
    29. 

  29.         raise Exception("EAP method selection timed out")
    30. 

  30.     if method not in ev:
    31. 

  31.         raise Exception("Unexpected EAP method")
    32. 

  32.     ev = dev.wait_event(["CTRL-EVENT-EAP-SUCCESS"], timeout=10)
    33. 

  33.     if ev is None:
    34. 

  34.         raise Exception("EAP success timed out")
    35. 

  35.     ev = dev.wait_event(["CTRL-EVENT-CONNECTED"], timeout=10)
    36. 

  36.     if ev is None:
    37. 

  37.         raise Exception("Association with the AP timed out")
    38. 

  38. 

  39.     status = dev.get_status()
    40. 

  40.     if status["wpa_state"] != "COMPLETED":
    41. 

  41.         raise Exception("Connection not completed")
    42. 

  42.     if status["suppPortStatus"] != "Authorized":
    43. 

  43.         raise Exception("Port not authorized")
    44. 

  44.     if method not in status["selectedMethod"]:
    45. 

  45.         raise Exception("Incorrect EAP method status")
    46. 

  46.     if status["key_mgmt"] != "WPA2/IEEE 802.1X/EAP":
    47. 

  47.         raise Exception("Unexpected key_mgmt status")
    48. 

  48. 

  49. def test_ap_wpa2_eap_sim(dev, apdev):
    50. 

  50.     """WPA2-Enterprise connection using EAP-SIM"""
    51. 

  51.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    52. 

  52.     hostapd.add_ap(apdev[0]['ifname'], params)
    53. 

  53.     eap_connect(dev[0], "SIM", "1232010000000000",
    54. 

  54.                 password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581")
    55. 

  55.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    56. 

  56. 

  57. def test_ap_wpa2_eap_aka(dev, apdev):
    58. 

  58.     """WPA2-Enterprise connection using EAP-AKA"""
    59. 

  59.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    60. 

  60.     hostapd.add_ap(apdev[0]['ifname'], params)
    61. 

  61.     eap_connect(dev[0], "AKA", "0232010000000000",
    62. 

  62.                 password="90dca4eda45b53cf0f12d7c9c3bc6a89:cb9cccc4b9258e6dca4760379fb82581:000000000123")
    63. 

  63.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    64. 

  64. 

  65. def test_ap_wpa2_eap_aka_prime(dev, apdev):
    66. 

  66.     """WPA2-Enterprise connection using EAP-AKA'"""
    67. 

  67.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    68. 

  68.     hostapd.add_ap(apdev[0]['ifname'], params)
    69. 

  69.     eap_connect(dev[0], "AKA'", "6555444333222111",
    70. 

  70.                 password="5122250214c33e723a5dd523fc145fc0:981d464c7c52eb6e5036234984ad0bcf:000000000123")
    71. 

  71.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    72. 

  72. 

  73. def test_ap_wpa2_eap_ttls_pap(dev, apdev):
    74. 

  74.     """WPA2-Enterprise connection using EAP-TTLS/PAP"""
    75. 

  75.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    76. 

  76.     hostapd.add_ap(apdev[0]['ifname'], params)
    77. 

  77.     eap_connect(dev[0], "TTLS", "pap user",
    78. 

  78.                 anonymous_identity="ttls", password="password",
    79. 

  79.                 ca_cert="auth_serv/ca.pem", phase2="auth=PAP")
    80. 

  80.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    81. 

  81. 

  82. def test_ap_wpa2_eap_ttls_chap(dev, apdev):
    83. 

  83.     """WPA2-Enterprise connection using EAP-TTLS/CHAP"""
    84. 

  84.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    85. 

  85.     hostapd.add_ap(apdev[0]['ifname'], params)
    86. 

  86.     eap_connect(dev[0], "TTLS", "chap user",
    87. 

  87.                 anonymous_identity="ttls", password="password",
    88. 

  88.                 ca_cert="auth_serv/ca.pem", phase2="auth=CHAP")
    89. 

  89.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    90. 

  90. 

  91. def test_ap_wpa2_eap_ttls_mschap(dev, apdev):
    92. 

  92.     """WPA2-Enterprise connection using EAP-TTLS/MSCHAP"""
    93. 

  93.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    94. 

  94.     hostapd.add_ap(apdev[0]['ifname'], params)
    95. 

  95.     eap_connect(dev[0], "TTLS", "mschap user",
    96. 

  96.                 anonymous_identity="ttls", password="password",
    97. 

  97.                 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAP")
    98. 

  98.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    99. 

  99. 

  100. def test_ap_wpa2_eap_ttls_mschapv2(dev, apdev):
    101. 

  101.     """WPA2-Enterprise connection using EAP-TTLS/MSCHAPv2"""
    102. 

  102.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    103. 

  103.     hostapd.add_ap(apdev[0]['ifname'], params)
    104. 

  104.     eap_connect(dev[0], "TTLS", "DOMAIN\mschapv2 user",
    105. 

  105.                 anonymous_identity="ttls", password="password",
    106. 

  106.                 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2")
    107. 

  107.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    108. 

  108. 

  109. def test_ap_wpa2_eap_ttls_eap_gtc(dev, apdev):
    110. 

  110.     """WPA2-Enterprise connection using EAP-TTLS/EAP-GTC"""
    111. 

  111.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    112. 

  112.     hostapd.add_ap(apdev[0]['ifname'], params)
    113. 

  113.     eap_connect(dev[0], "TTLS", "user",
    114. 

  114.                 anonymous_identity="ttls", password="password",
    115. 

  115.                 ca_cert="auth_serv/ca.pem", phase2="autheap=GTC")
    116. 

  116.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    117. 

  117. 

  118. def test_ap_wpa2_eap_ttls_eap_md5(dev, apdev):
    119. 

  119.     """WPA2-Enterprise connection using EAP-TTLS/EAP-MD5"""
    120. 

  120.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    121. 

  121.     hostapd.add_ap(apdev[0]['ifname'], params)
    122. 

  122.     eap_connect(dev[0], "TTLS", "user",
    123. 

  123.                 anonymous_identity="ttls", password="password",
    124. 

  124.                 ca_cert="auth_serv/ca.pem", phase2="autheap=MD5")
    125. 

  125.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    126. 

  126. 

  127. def test_ap_wpa2_eap_ttls_eap_mschapv2(dev, apdev):
    128. 

  128.     """WPA2-Enterprise connection using EAP-TTLS/EAP-MSCHAPv2"""
    129. 

  129.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    130. 

  130.     hostapd.add_ap(apdev[0]['ifname'], params)
    131. 

  131.     eap_connect(dev[0], "TTLS", "user",
    132. 

  132.                 anonymous_identity="ttls", password="password",
    133. 

  133.                 ca_cert="auth_serv/ca.pem", phase2="autheap=MSCHAPV2")
    134. 

  134.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    135. 

  135. 

  136. def test_ap_wpa2_eap_peap_eap_mschapv2(dev, apdev):
    137. 

  137.     """WPA2-Enterprise connection using EAP-PEAP/EAP-MSCHAPv2"""
    138. 

  138.     params = hostapd.wpa2_eap_params(ssid="test-wpa2-eap")
    139. 

  139.     hostapd.add_ap(apdev[0]['ifname'], params)
    140. 

  140.     eap_connect(dev[0], "PEAP", "user",
    141. 

  141.                 anonymous_identity="ttls", password="password",
    142. 

  142.                 ca_cert="auth_serv/ca.pem", phase2="auth=MSCHAPV2")
    143. 

  143.     hwsim_utils.test_connectivity(dev[0].ifname, apdev[0]['ifname'])
    144.