From f82ea9202f11cfea0520b78b4bb9de3f6ebc0427 Mon Sep 17 00:00:00 2001 From: bhargavi-ct Date: Mon, 3 Feb 2025 20:10:06 +0530 Subject: [PATCH] Added new test cases for WPA3 Enterprise for 6GHz (#1025) * Added new test cases for WPA3 Enterprise for 6GHz Signed-off-by: bhargavi-mamidipaka * Corrected SSID index referencce in WPA3 Enterprise profile data * Add logger statements to print applied ssid info * Update sub-suite name from 'EAP TLS' to 'EAP TTLS' * Remove ow_regression_lf marker for dvlan tesetcases --------- Signed-off-by: bhargavi-mamidipaka --- libs/tip_2x/tip_2x.py | 5 +- .../test_enterprise_tls.py | 73 ++++++++++- .../test_enterprise_ttls.py | 68 +++++++++- .../wpa3_enterprise/sixg/__init__.py | 0 .../sixg/test_dynamic_over_ssid_sixg_wpa3.py | 118 ++++++++++++++++++ .../sixg/test_dynamic_vlan_sixg_wpa3.py | 117 +++++++++++++++++ 6 files changed, 378 insertions(+), 3 deletions(-) create mode 100644 tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/__init__.py create mode 100644 tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_over_ssid_sixg_wpa3.py create mode 100644 tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_vlan_sixg_wpa3.py diff --git a/libs/tip_2x/tip_2x.py b/libs/tip_2x/tip_2x.py index c0caf94cd..ec86f251e 100644 --- a/libs/tip_2x/tip_2x.py +++ b/libs/tip_2x/tip_2x.py @@ -493,7 +493,7 @@ class tip_2x: ret_val[self.device_under_tests_info[i]["identifier"]] = self.get_applied_ssid_info(idx=i, profile_object=profile_object) - + logging.info(f"ret_val:{ret_val}") temp_data = ret_val.copy() for dut in temp_data: ret_val[dut] = dict.fromkeys(["ssid_data", "radio_data"]) @@ -512,6 +512,7 @@ class tip_2x: a["bssid"] = temp_data[dut][j][4] ret_val[dut]["ssid_data"][j] = a temp = ret_val[dut]["radio_data"].copy() + logging.info(f"temp:{temp}") for j in temp: a = dict.fromkeys(["channel", "bandwidth", "frequency"]) if temp[j] != None: @@ -646,8 +647,10 @@ class tip_2x: logging.error("Profile object is None, Unable to fetch ssid info from AP") return None ssid_info_sdk = profile_object.get_ssid_info() + logging.info(f"ssid_info_sdk:{ssid_info_sdk}") ap_wifi_data = self.dut_library_object.get_iwinfo(idx=idx) channel_info = self.get_dut_channel_data(idx=idx) + logging.info(f"channel_info:{channel_info}") o = ap_wifi_data.split() iwinfo_bssid_data = {} print(o) diff --git a/tests/e2e/basic/validation_of_operating_modes/bridge_mode/client_connectivity/test_enterprise_tls.py b/tests/e2e/basic/validation_of_operating_modes/bridge_mode/client_connectivity/test_enterprise_tls.py index cf696e97a..5ae8f8b71 100644 --- a/tests/e2e/basic/validation_of_operating_modes/bridge_mode/client_connectivity/test_enterprise_tls.py +++ b/tests/e2e/basic/validation_of_operating_modes/bridge_mode/client_connectivity/test_enterprise_tls.py @@ -15,7 +15,8 @@ setup_params_enterprise = { {"ssid_name": "tls_ssid_wpa2_eap_5g", "appliedRadios": ["5G"], "security_key": "something"}], "wpa3_enterprise": [ {"ssid_name": "tls_ssid_wpa3_eap_2g", "appliedRadios": ["2G"], "security_key": "something"}, - {"ssid_name": "tls_ssid_wpa3_eap_5g", "appliedRadios": ["5G"], "security_key": "something"}]}, + {"ssid_name": "tls_ssid_wpa3_eap_5g", "appliedRadios": ["5G"], "security_key": "something"}, + {"ssid_name": "tls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"], "security_key": "something"}]}, "rf": {}, "radius": True @@ -399,3 +400,73 @@ class TestBridgeModeEnterpriseTLSSuiteTwo(object): dut_data=setup_configuration) assert passes == "PASS", result + + + +setup_params_enterprise_6G = { + "mode": "BRIDGE", + "ssid_modes": { + "wpa3_enterprise": [ + {"ssid_name": "tls_ssid_wpa3_eap_2g", "appliedRadios": ["2G"], "security_key": "something"}, + {"ssid_name": "tls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"], "security_key": "something"} + ] + }, + "rf": { + "6G": { + "band": "6G", + "channel-mode": "EHT", + "channel-width": 80, + } + }, + "radius": True +} +@allure.parent_suite("Client Connectivity Tests") +@allure.feature("Client Connectivity") +@allure.suite(suite_name="BRIDGE Mode") +@allure.sub_suite(sub_suite_name="EAP TLS Client Connectivity : Suite-B") +@pytest.mark.parametrize( + 'setup_configuration', + [setup_params_enterprise_6G], + indirect=True, + scope="class" +) +@pytest.mark.uc_sanity +@pytest.mark.usefixtures("setup_configuration") +@pytest.mark.wpa3_enterprise +@pytest.mark.twog +class TestBridgeModeEnterpriseTLSSuiteC(object): + """ SuiteB Enterprise Test Cases + pytest -m "client_connectivity_tests and bridge and enterprise and tls" + """ + + @pytest.mark.wpa3_enterprise + @pytest.mark.sixg + @allure.title("Bridge Mode Client Connectivity Test with WPA3-Enterprise-TLS in 6GHz Band") + @allure.testcase(url="https://telecominfraproject.atlassian.net/browse/WIFI-14369", name="WIFI-14369") + def test_tls_wpa3_enterprise_6g(self, get_test_library, get_dut_logs_per_test_case, + get_test_device_logs, + get_target_object, + num_stations, setup_configuration, check_connectivity, radius_info): + """ + To verify that a client created on 6G radio connects to AP in Bridge mode with WPA3 enterprise TLS security + Unique Marker: pytest -m "client_connectivity_tests and enterprise and wpa3_enterprise and ow_sanity_lf and tls and bridge and sixg" + """ + + profile_data = {"ssid_name": "tls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"], "security_key": "something"} + ssid_name = profile_data["ssid_name"] + security = "wpa3" + mode = "BRIDGE" + band = "sixg" + tls_passwd = radius_info["password"] + eap = "TLS" + key_mgmt = "WPA-EAP-SHA256" + identity = radius_info['user'] + pk_passwd = radius_info['pk_password'] + passes, result = get_test_library.enterprise_client_connectivity_test(ssid=ssid_name, security=security, + mode=mode, band=band, eap=eap, + ttls_passwd=tls_passwd, + identity=identity, num_sta=num_stations, + key_mgmt=key_mgmt, pk_passwd=pk_passwd, + dut_data=setup_configuration) + + assert passes == "PASS", result diff --git a/tests/e2e/basic/validation_of_operating_modes/nat_mode/client_connectivity/test_enterprise_ttls.py b/tests/e2e/basic/validation_of_operating_modes/nat_mode/client_connectivity/test_enterprise_ttls.py index 3f331a323..ec81b7b41 100644 --- a/tests/e2e/basic/validation_of_operating_modes/nat_mode/client_connectivity/test_enterprise_ttls.py +++ b/tests/e2e/basic/validation_of_operating_modes/nat_mode/client_connectivity/test_enterprise_ttls.py @@ -21,7 +21,8 @@ setup_params_enterprise = { {"ssid_name": "ssid_wpa2_eap_5g", "appliedRadios": ["5G"]}], "wpa3_enterprise": [ {"ssid_name": "ssid_wpa3_eap_2g", "appliedRadios": ["2G"]}, - {"ssid_name": "ssid_wpa3_eap_5g", "appliedRadios": ["5G"]}]}, + {"ssid_name": "ssid_wpa3_eap_5g", "appliedRadios": ["5G"]}, + {"ssid_name": "ttls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"]}]}, "rf": {}, "radius": True @@ -345,3 +346,68 @@ class TestNATModeEnterpriseTTLSSuiteTwo(object): dut_data=setup_configuration) assert passes == "PASS", result + + + +setup_params_enterprise_6G = { + "mode": "NAT", + "ssid_modes": { + "wpa3_enterprise": [ + {"ssid_name": "ssid_wpa3_eap_2g", "appliedRadios": ["2G"]}, + {"ssid_name": "ttls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"]} + ] + }, + "rf": { + "6G": { + "band": "6G", + "channel-mode": "EHT", + "channel-width": 80, + } + }, + "radius": True +} +@allure.parent_suite("Client Connectivity Tests") +@allure.feature("Client Connectivity") +@allure.suite(suite_name="NAT Mode") +@allure.sub_suite(sub_suite_name="EAP TTLS Client Connectivity : Suite-B") +@pytest.mark.parametrize( + 'setup_configuration', + [setup_params_enterprise_6G], + indirect=True, + scope="class" +) +@pytest.mark.usefixtures("setup_configuration") +@pytest.mark.wpa3_enterprise +@pytest.mark.twog +class TestNATModeEnterpriseTTLSSuiteC(object): + """ SuiteC Enterprise Test Cases + pytest -m "client_connectivity_tests and nat and enterprise and ttls and suiteC" + """ + + @pytest.mark.wpa3_enterprise + @pytest.mark.sixg + @allure.title("Test for wpa3 enterprise 6 GHz") + @allure.testcase(url="https://telecominfraproject.atlassian.net/browse/WIFI-14370", name="WIFI-14370") + def test_wpa3_enterprise_6g(self, get_test_library, get_dut_logs_per_test_case, + get_test_device_logs, + get_target_object, + num_stations, setup_configuration, check_connectivity, radius_info): + """ wpa3 enterprise 6g + pytest -m "client_connectivity_tests and nat and enterprise and ttls and wpa3_enterprise and sixg" + """ + profile_data = {"ssid_name": "ttls_ssid_wpa3_eap_6g", "appliedRadios": ["6G"]} + ssid_name = profile_data["ssid_name"] + security = "wpa3" + mode = "NAT-WAN" + band = "sixg" + ttls_passwd = radius_info["password"] + eap = "TTLS" + identity = radius_info['user'] + passes, result = get_test_library.enterprise_client_connectivity_test(ssid=ssid_name, security=security, + mode=mode, band=band, eap=eap, + ttls_passwd=ttls_passwd, + identity=identity, num_sta=num_stations, + dut_data=setup_configuration, + key_mgmt="WPA-EAP-SHA256") + + assert passes == "PASS", result diff --git a/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/__init__.py b/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_over_ssid_sixg_wpa3.py b/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_over_ssid_sixg_wpa3.py new file mode 100644 index 000000000..d9b1df37d --- /dev/null +++ b/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_over_ssid_sixg_wpa3.py @@ -0,0 +1,118 @@ +""" + + Dynamic_Vlan: VLAN Mode + pytest -m "dynamic_vlan_tests and wpa3_enterprise and vlan" + +""" + +import allure +import pytest +import importlib +import logging + +lf_library = importlib.import_module("configuration") +DYNAMIC_VLAN_RADIUS_SERVER_DATA = lf_library.DYNAMIC_VLAN_RADIUS_SERVER_DATA +DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA = lf_library.DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA + +pytestmark = [pytest.mark.dynamic_vlan_tests, + pytest.mark.vlan] + +setup_params_general = { + "mode": "VLAN", + "ssid_modes": { + "wpa3_enterprise": [ + {"ssid_name": "ssid_wpa3e_2g", "appliedRadios": ["2G"], + "security_key": "something", + "radius_auth_data": DYNAMIC_VLAN_RADIUS_SERVER_DATA, + "radius_acc_data": DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA, + "vlan": 100 + }, + {"ssid_name": "ssid_wpa3e_6g", "appliedRadios": ["6G"], + "security_key": "something", + "radius_auth_data": DYNAMIC_VLAN_RADIUS_SERVER_DATA, + "radius_acc_data": DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA, + "vlan": 100 + }]}, + "rf": { + "6G": { + "band": "6G", + "channel-mode": "EHT", + "channel-width": 80, + } + }, + "radius": True +} + + +@allure.parent_suite("Dynamic VLAN Test") +@allure.suite("WPA3 Enterprise Security") +@allure.sub_suite("6 GHz Band") +@allure.feature("Dynamic VLAN Test") +@pytest.mark.parametrize( + 'setup_configuration', + [setup_params_general], + indirect=True, + scope="class" +) +@pytest.mark.usefixtures("setup_configuration") +@pytest.mark.wpa3_enterprise +@pytest.mark.twog +class TestDynamicVlanOverSsid6GWpa3(object): + + @pytest.mark.dynamic_precedence_over_ssid + @pytest.mark.wpa3_enterprise + @pytest.mark.sixg + @allure.testcase(name="test_dynamic_precedence_over_ssid_vlan", + url="https://telecominfraproject.atlassian.net/browse/WIFI-14367") + @allure.title("Test for dynamic precedence over ssid") + def test_dynamic_precedence_over_ssid_vlan_6g_wpa3(self, get_test_library, get_dut_logs_per_test_case, + get_test_device_logs, num_stations, setup_configuration, check_connectivity): + """ + pytest -m "dynamic_precedence_over_ssid and wpa3_enterprise and vlan and sixg" + """ + + profile_data = setup_params_general["ssid_modes"]["wpa3_enterprise"] + ssid_name = profile_data[1]["ssid_name"] + security = "wpa3" + extra_secu = [] + mode = "VLAN" + band = "sixg" + vlan = [100,200] + ttls_passwd = "passwordB" + eap = "TTLS" + identity = "userB" + val = "" + port_resources = list(get_test_library.lanforge_data['wan_ports'].keys())[0].split('.') + + passes, result = get_test_library.enterprise_client_connectivity_test(ssid=ssid_name, security=security, + extra_securities=extra_secu, vlan_id=vlan, + mode=mode, band=band, eap=eap, + ttls_passwd=ttls_passwd, ieee80211w=0, + identity=identity, num_sta=1, key_mgmt="WPA-EAP-SHA256", + dut_data=setup_configuration, d_vlan=True) + station_ip = get_test_library.station_data[list(get_test_library.station_data.keys())[0]]['ip'] + eth_ssid_vlan_ip = get_test_library.json_get("/port/" + port_resources[0] + "/" + port_resources[1] + + "/" + port_resources[2] + "." + str(vlan[0]))["interface"]["ip"] + eth_radius_vlan_ip = get_test_library.json_get("/port/" + port_resources[0] + "/" + port_resources[1] + + "/" + port_resources[2] + "." + str(vlan[1]))["interface"]["ip"] + eth_ip = get_test_library.json_get("/port/" + port_resources[0] + "/" + port_resources[1] + + "/" + port_resources[2])["interface"]["ip"] + + sta_ip_1 = station_ip.split('.') + eth_vlan_ip_1 = eth_radius_vlan_ip.split('.') + logging.info(f"station ip...{sta_ip_1}\neth.{vlan[0]}...{eth_ssid_vlan_ip}\neth.{vlan[1]}...{eth_radius_vlan_ip}" + f"\neth_upstream_ip...{eth_ip}") + if sta_ip_1[0] == "0": + assert False, result + elif eth_vlan_ip_1[0] == "0": + assert False, result + for i, j in zip(sta_ip_1[0:2], eth_vlan_ip_1[0:2]): + if i != j: + val = False + else: + val = True + if val: + assert True, result + elif not val: + assert False, result + assert passes == "PASS", result diff --git a/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_vlan_sixg_wpa3.py b/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_vlan_sixg_wpa3.py new file mode 100644 index 000000000..fbb13bffc --- /dev/null +++ b/tests/e2e/basic/validation_of_operating_modes/vlan_mode/dynamic_vlan/wpa3_enterprise/sixg/test_dynamic_vlan_sixg_wpa3.py @@ -0,0 +1,117 @@ +""" + + Dynamic_Vlan: VLAN Mode + pytest -m "dynamic_vlan_tests and wpa3_enterprise and vlan" + +""" + +import allure +import pytest +import time +import importlib +import logging + +lf_library = importlib.import_module("configuration") +DYNAMIC_VLAN_RADIUS_SERVER_DATA = lf_library.DYNAMIC_VLAN_RADIUS_SERVER_DATA +DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA = lf_library.DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA + +pytestmark = [pytest.mark.dynamic_vlan_tests, + pytest.mark.vlan] + +setup_params_general = { + "mode": "VLAN", + "ssid_modes": { + "wpa3_enterprise": [ + {"ssid_name": "ssid_wpa3e_2g", "appliedRadios": ["2G"], + "security_key": "something", + "radius_auth_data": DYNAMIC_VLAN_RADIUS_SERVER_DATA, + "radius_acc_data": DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA, + "vlan": 100 + }, + {"ssid_name": "ssid_wpa3e_6g", "appliedRadios": ["6G"], + "security_key": "something", + "radius_auth_data": DYNAMIC_VLAN_RADIUS_SERVER_DATA, + "radius_acc_data": DYNAMIC_VLAN_RADIUS_ACCOUNTING_DATA, + "vlan": 100 + }]}, + "rf": { + "6G": { + "band": "6G", + "channel-mode": "EHT", + "channel-width": 80, + } + }, + "radius": True +} + +@allure.parent_suite("Dynamic VLAN Test") +@allure.suite("WPA3 Enterprise Security") +@allure.sub_suite("6 GHz Band") +@allure.feature("Dynamic VLAN Test") +@pytest.mark.parametrize( + 'setup_configuration', + [setup_params_general], + indirect=True, + scope="class" +) +@pytest.mark.usefixtures("setup_configuration") +@pytest.mark.wpa3_enterprise +@pytest.mark.twog +class TestDynamicVlan6GWpa3(object): + @pytest.mark.absence_of_radius_vlan_identifier + @pytest.mark.wpa3_enterprise + @pytest.mark.sixg + @allure.testcase(name="test_ssid_vlan_in_the_absence_of_radius_vlan_identifier", + url="https://telecominfraproject.atlassian.net/browse/WIFI-14368") + @allure.title("Test for ssid vlan in the absence of radius vlan identifier") + def test_ssid_vlan_in_the_absence_of_radius_vlan_identifier_6g_wpa3(self, get_test_library, + get_dut_logs_per_test_case, + get_test_device_logs, num_stations, + setup_configuration, check_connectivity): + """ + pytest -m "absence_of_radius_vlan_identifier and wpa3_enterprise and vlan and sixg" + """ + + profile_data = setup_params_general["ssid_modes"]["wpa3_enterprise"] + ssid_name = profile_data[1]["ssid_name"] + security = "wpa3" + extra_secu = [] + band = "sixg" + mode = "VLAN" + vlan = [100] + ttls_passwd = "passwordvlannotsentuser" + eap = "TTLS" + identity = "vlannotsentuser" + val = "" + port_resources = list(get_test_library.lanforge_data['wan_ports'].keys())[0].split('.') + + passes, result = get_test_library.enterprise_client_connectivity_test(ssid=ssid_name, security=security, + extra_securities=extra_secu, vlan_id=vlan, + mode=mode, band=band, eap=eap, + ttls_passwd=ttls_passwd, ieee80211w=0, + identity=identity, num_sta=1, + key_mgmt="WPA-EAP-SHA256", + dut_data=setup_configuration) + station_ip = get_test_library.station_data[list(get_test_library.station_data.keys())[0]]['ip'] + eth_vlan_ip = get_test_library.json_get("/port/" + port_resources[0] + "/" + port_resources[1] + + "/" + port_resources[2] + "." + str(vlan[0]))["interface"]["ip"] + + eth_ip = get_test_library.json_get("/port/" + port_resources[0] + "/" + port_resources[1] + + "/" + port_resources[2])["interface"]["ip"] + + sta_ip_1 = station_ip.split('.') + eth_vlan_ip_1 = eth_vlan_ip.split('.') + logging.info(f"station ip...{sta_ip_1}\neth.{vlan[0]}...{eth_vlan_ip}\neth_upstream_ip...{eth_ip}") + if sta_ip_1[0] == "0": + assert False, result + elif eth_vlan_ip[0] == "0": + assert False, result + for i, j in zip(sta_ip_1[0:2], eth_vlan_ip_1[0:2]): + if i != j: + val = False + elif i == j: + val = True + if val: + assert True, result + elif not val: + assert False, result \ No newline at end of file