1 # -*- coding: utf-8 -*-
3 # Copyright (c) 2014-2015, Jouni Malinen <j@w1.fi>
5 # This software may be distributed under the terms of the BSD license.
6 # See README for more details.
11 from utils import HwsimSkip
12 from test_ap_eap import int_eap_server_params, check_eap_capa
14 def test_tnc_peap_soh(dev, apdev):
16 params = int_eap_server_params()
18 hostapd.add_ap(apdev[0]['ifname'], params)
20 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
21 eap="PEAP", identity="user", password="password",
22 ca_cert="auth_serv/ca.pem",
23 phase1="peapver=0 tnc=soh cryptobinding=0",
24 phase2="auth=MSCHAPV2",
26 dev[0].wait_connected(timeout=10)
28 dev[1].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
29 eap="PEAP", identity="user", password="password",
30 ca_cert="auth_serv/ca.pem",
31 phase1="peapver=0 tnc=soh1 cryptobinding=1",
32 phase2="auth=MSCHAPV2",
34 dev[1].wait_connected(timeout=10)
36 dev[2].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
37 eap="PEAP", identity="user", password="password",
38 ca_cert="auth_serv/ca.pem",
39 phase1="peapver=0 tnc=soh2 cryptobinding=2",
40 phase2="auth=MSCHAPV2",
42 dev[2].wait_connected(timeout=10)
44 def test_tnc_ttls(dev, apdev):
46 check_eap_capa(dev[0], "MSCHAPV2")
47 params = int_eap_server_params()
49 hostapd.add_ap(apdev[0]['ifname'], params)
51 if not os.path.exists("tnc/libhostap_imc.so"):
52 raise HwsimSkip("No IMC installed")
54 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
55 eap="TTLS", identity="DOMAIN\mschapv2 user",
56 anonymous_identity="ttls", password="password",
57 phase2="auth=MSCHAPV2",
58 ca_cert="auth_serv/ca.pem",
60 dev[0].wait_connected(timeout=10)
62 def test_tnc_ttls_fragmentation(dev, apdev):
63 """TNC TTLS with fragmentation"""
64 check_eap_capa(dev[0], "MSCHAPV2")
65 params = int_eap_server_params()
67 params["fragment_size"] = "150"
68 hostapd.add_ap(apdev[0]['ifname'], params)
70 if not os.path.exists("tnc/libhostap_imc.so"):
71 raise HwsimSkip("No IMC installed")
73 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
74 eap="TTLS", identity="DOMAIN\mschapv2 user",
75 anonymous_identity="ttls", password="password",
76 phase2="auth=MSCHAPV2",
77 ca_cert="auth_serv/ca.pem",
80 dev[0].wait_connected(timeout=10)
82 def test_tnc_fast(dev, apdev):
84 check_eap_capa(dev[0], "FAST")
85 params = int_eap_server_params()
87 params["pac_opaque_encr_key"] ="000102030405060708090a0b0c0d0e00"
88 params["eap_fast_a_id"] = "101112131415161718191a1b1c1d1e00"
89 params["eap_fast_a_id_info"] = "test server2"
91 hostapd.add_ap(apdev[0]['ifname'], params)
93 if not os.path.exists("tnc/libhostap_imc.so"):
94 raise HwsimSkip("No IMC installed")
96 dev[0].connect("test-wpa2-eap", key_mgmt="WPA-EAP",
97 eap="FAST", identity="user",
98 anonymous_identity="FAST", password="password",
100 phase1="fast_provisioning=2",
101 pac_file="blob://fast_pac_auth_tnc",
102 ca_cert="auth_serv/ca.pem",
104 dev[0].wait_connected(timeout=10)