Index: server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES |
diff --git a/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES b/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES |
index 3bb13ae69a61b76b222470e63c63bf71aeb1f5ae..42aabab280a022d6c867c47dc28a5b93336b34a6 100644 |
--- a/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES |
+++ b/server/site_tests/network_WiFiSecMat/019CheckWPA_1x_AES |
@@ -11,33 +11,64 @@ |
{ "name":"Check1x_AES", |
"steps":[ # Channel [any] |
[ "create", { "type":"hostap" } ], |
+ [ "install_files", { "system" : "router", |
+ "files" : |
+ { "/tmp/hostapd_ca_cert" : |
+ site_eap_certs.ca_cert_1, |
+ "/tmp/hostapd_server_cert" : |
+ site_eap_certs.server_cert_1, |
+ "/tmp/hostapd_private_key" : |
+ site_eap_certs.server_private_key_1, |
+ "/tmp/hostapd_eap_user_file" : |
+ "* TLS"} } ], |
[ "config", { "channel":"2412", "mode":"11g", |
"wpa":"1", "wpa_key_mgmt":"WPA-EAP", |
"wpa_pairwise":"CCMP", "ieee8021x":"1", |
- "eap-tls":"cert1" } ], |
- [ "connect", { "security":"802_1x", "eap-tls":"cert1" } ], |
+ "eap_server" : "1", |
+ "ca_cert" : "/tmp/hostapd_ca_cert", |
+ "server_cert" : "/tmp/hostapd_server_cert", |
+ "private_key" : "/tmp/hostapd_private_key", |
+ "eap_user_file" : "/tmp/hostapd_eap_user_file"} ], |
+ [ "install_files", { "system" : "client", |
+ "files" : |
+ { "/tmp/pkg-client.pem" : |
+ site_eap_certs.client_cert_1 + "\n" + |
+ site_eap_certs.client_private_key_1, |
+ "/tmp/pkg-client-other.pem" : |
+ site_eap_certs.client_cert_2 + "\n" + |
+ site_eap_certs.client_private_key_2, |
+ "/tmp/ca-cert.pem" : |
+ site_eap_certs.ca_cert_1, |
+ "/tmp/ca-cert-other.pem" : |
+ site_eap_certs.ca_cert_2} } ], |
+ [ "connect", { "security":"802_1x", |
+ "psk" : "EAP-TLS:chromeos:/tmp/pkg-client.pem"} ], |
+ |
[ "client_ping", { "count":"10" } ], |
[ "disconnect" ], |
[ "restart_supplicant" ], |
[ "config", { "ssid_suffix":"t1" } ], |
- [ "connect", { "security":"802_1x", "eap-tls":"cert1", |
- "server-auth":"cert1" } ], |
+ [ "connect", { "security":"802_1x", |
+ "psk" : "EAP-TLS:chromeos:" |
+ "/tmp/pkg-client.pem:/tmp/ca-cert.pem"} ], |
[ "client_ping", { "count":"10" } ], |
[ "disconnect" ], |
# Ensure authentication fails if server's cert doesn't match our CA cert |
[ "restart_supplicant" ], |
[ "config", { "ssid_suffix":"t2" } ], |
- [ "!connect", { "security":"802_1x", "eap-tls":"cert1", |
- "server-auth":"cert2" }, |
+ [ "!connect", { "security":"802_1x", |
+ "psk" : "EAP-TLS:chromeos:" |
+ "/tmp/pkg-client.pem:/tmp/ca-cert-other.pem"}, |
"TLS: Certificate verification failed"], |
# Try authenticating using the wrong client certiificate |
[ "restart_supplicant" ], |
[ "config", { "ssid_suffix":"t3" } ], |
- [ "!connect", { "security":"802_1x", "eap-tls":"cert2", |
- "server-auth":"cert1" }, |
+ [ "!connect", { "security":"802_1x", |
+ "psk" : "EAP-TLS:chromeos:" |
+ "/tmp/pkg-client-other.pem:/tmp/ca-cert.pem"}, |
"SSL: SSL3 alert: read " |
"\(remote end reported an error\):fatal:unknown CA" ], |
[ "disconnect" ], |