From 9d4c34dc7a60200e61894f87c6897e9d4c77814e Mon Sep 17 00:00:00 2001
From: James Prestwood <prestwoj@gmail.com>
Date: Tue, 27 Feb 2024 10:34:04 -0800
Subject: [PATCH] auto-t: Add test for new SAE default group behavior

Tests the 3 possible options to UseDefaultEccGroup behave as
expected:
 - When not provided use the "auto" behavior.
 - When false, always use higher order groups
 - When true, always use default group
---
 autotests/testSAE/default_group_test.py       | 96 +++++++++++++++++++
 autotests/testSAE/hw.conf                     |  3 +-
 .../profiles/ssidSAE.psk.default_group        |  5 +
 .../testSAE/profiles/ssidSAE.psk.most_secure  |  5 +
 autotests/testSAE/ssidSAE-default-group.conf  | 12 +++
 5 files changed, 120 insertions(+), 1 deletion(-)
 create mode 100644 autotests/testSAE/default_group_test.py
 create mode 100644 autotests/testSAE/profiles/ssidSAE.psk.default_group
 create mode 100644 autotests/testSAE/profiles/ssidSAE.psk.most_secure
 create mode 100644 autotests/testSAE/ssidSAE-default-group.conf

diff --git a/autotests/testSAE/default_group_test.py b/autotests/testSAE/default_group_test.py
new file mode 100644
index 00000000..d72c96ca
--- /dev/null
+++ b/autotests/testSAE/default_group_test.py
@@ -0,0 +1,96 @@
+#!/usr/bin/python3
+
+import unittest
+import sys
+import os
+sys.path.append('../util')
+import iwd
+from iwd import IWD
+from iwd import PSKAgent
+from iwd import NetworkType
+from hostapd import HostapdCLI
+import testutil
+
+class Test(unittest.TestCase):
+
+    def validate_connection(self, wd, rejected=False):
+        devices = wd.list_devices(1)
+        self.assertIsNotNone(devices)
+        device = devices[0]
+
+        device.autoconnect = True
+
+        if rejected:
+            device.wait_for_event("ecc-group-rejected", timeout=60)
+
+        condition = 'obj.state == DeviceState.connected'
+        wd.wait_for_object_condition(device, condition)
+
+        wd.wait(2)
+
+        testutil.test_iface_operstate(intf=device.name)
+        testutil.test_ifaces_connected(if0=device.name, if1=self.hostapd.ifname)
+
+        if not rejected:
+            self.assertEqual(device.event_ocurred("ecc-group-rejected"), False)
+
+        print(self.hostapd._get_status())
+
+        sta_status = self.hostapd.sta_status(device.address)
+
+        print(sta_status)
+
+        self.assertEqual(int(sta_status["sae_group"]), 19)
+
+        device.disconnect()
+
+    # IWD should:
+    #   - Connect, fail with group 20
+    #   - Retry, succeed with group 19
+    #   - Disconnect
+    #   - Connect, try only group 19
+    def test_auto_selection(self):
+        IWD.copy_to_storage("profiles/ssidSAE.psk.default", name="ssidSAE.psk")
+        self.validate_connection(self.wd, rejected=True)
+
+        self.validate_connection(self.wd, rejected=False)
+
+    # Try group 19 first
+    def test_default_group_enabled(self):
+        IWD.copy_to_storage("profiles/ssidSAE.psk.default_group", name="ssidSAE.psk")
+        self.validate_connection(self.wd)
+
+    # Same as auto-selection but won't retain the default group setting
+    def test_default_group_disabled(self):
+        IWD.copy_to_storage("profiles/ssidSAE.psk.most_secure", name="ssidSAE.psk")
+        self.validate_connection(self.wd, rejected=True)
+
+        # IWD should then retry but use only group 19
+        self.validate_connection(self.wd, rejected=True)
+
+    def setUp(self):
+        self.hostapd.default()
+        self.hostapd.set_value('sae_groups', '19')
+        self.hostapd.set_value('sae_pwe', '0')
+        self.hostapd.reload()
+        self.hostapd.wait_for_event("AP-ENABLED")
+        self.wd = IWD(True)
+
+        self.wd.clear_storage()
+        os.system("ls /tmp/iwd")
+
+    def tearDown(self):
+        self.wd.clear_storage()
+        self.wd = None
+
+    @classmethod
+    def setUpClass(cls):
+        cls.hostapd = HostapdCLI(config='ssidSAE.conf')
+        cls.hostapd.default()
+
+    @classmethod
+    def tearDownClass(cls):
+        pass
+
+if __name__ == '__main__':
+    unittest.main(exit=True)
diff --git a/autotests/testSAE/hw.conf b/autotests/testSAE/hw.conf
index cc0836b7..127bbb31 100644
--- a/autotests/testSAE/hw.conf
+++ b/autotests/testSAE/hw.conf
@@ -1,8 +1,9 @@
 [SETUP]
-num_radios=3
+num_radios=4
 start_iwd=0
 hwsim_medium=yes
 
 [HOSTAPD]
 rad0=ssidSAE.conf
 rad1=ssidSAE-H2E.conf
+rad2=ssidSAE-default-group.conf
diff --git a/autotests/testSAE/profiles/ssidSAE.psk.default_group b/autotests/testSAE/profiles/ssidSAE.psk.default_group
new file mode 100644
index 00000000..2a016107
--- /dev/null
+++ b/autotests/testSAE/profiles/ssidSAE.psk.default_group
@@ -0,0 +1,5 @@
+[Security]
+Passphrase=secret123
+
+[Settings]
+UseDefaultEccGroup=true
diff --git a/autotests/testSAE/profiles/ssidSAE.psk.most_secure b/autotests/testSAE/profiles/ssidSAE.psk.most_secure
new file mode 100644
index 00000000..3a511991
--- /dev/null
+++ b/autotests/testSAE/profiles/ssidSAE.psk.most_secure
@@ -0,0 +1,5 @@
+[Security]
+Passphrase=secret123
+
+[Settings]
+UseDefaultEccGroup=false
\ No newline at end of file
diff --git a/autotests/testSAE/ssidSAE-default-group.conf b/autotests/testSAE/ssidSAE-default-group.conf
new file mode 100644
index 00000000..752e9c7b
--- /dev/null
+++ b/autotests/testSAE/ssidSAE-default-group.conf
@@ -0,0 +1,12 @@
+hw_mode=g
+channel=1
+ssid=ssidSAE-default-group
+
+wpa=2
+wpa_key_mgmt=SAE
+wpa_pairwise=CCMP
+sae_password=secret123
+sae_groups=19
+ieee80211w=2
+sae_pwe=0
+vendor_elements=dd0cf4f5e8050500000000000000