[PATCH 0/9] Support FT-8021X-SHA384

[PATCH 0/9] Support FT-8021X-SHA384

[James Prestwood]

When investigating PMKID derivation issues with older hostapd versions
it looked like SHA384 was never supported for deriving the PMKID. This
was easy enough to add, but in order to test it some AKM needed to be
used that required SHA384 and still used the normal PMKID derivation
APIs (i.e. not FILS). To do this support for the FT-8021X-SHA384 AKM
has been added.

James Prestwood (9):
  crypto: modify crypto_derive_pmkid to take the hash/key length
  handshake: include additional sha256 AKMs for PMKID generation
  crypto: add hmac_sha384 support for PMKID derivation
  eapol: add support for FT-8021X-SHA384
  handshake: support FT-8021X-SHA384
  handshake: remove hardcoded kek_len for FTE decode
  common: add FT-8021X-SHA384 to AKM_IS_8021X
  wiphy: add FT-8021X-SHA384 to supported AKMs
  auto-t: update testFT-8021x-roam with SHA384 test

 .../testFT-8021x-roam/connection_test.py      | 18 ++++++-
 src/common.c                                  |  1 +
 src/crypto.c                                  | 20 +++++---
 src/crypto.h                                  |  5 +-
 src/eapol.c                                   | 13 ++++-
 src/handshake.c                               | 49 ++++++++++++++-----
 src/wiphy.c                                   |  6 +++
 7 files changed, 89 insertions(+), 23 deletions(-)

-- 
2.25.1

[PATCH 1/9] crypto: modify crypto_derive_pmkid to take the hash/key length

[James Prestwood]

The existing API was limited to SHA1 or SHA256 and assumed a key
length of 32 bytes. Since other AKMs plan to be added update
this to take the checksum/length directly for better flexibility.
---
 src/crypto.c    | 18 ++++++++++++------
 src/crypto.h    |  5 +++--
 src/eapol.c     |  4 ++--
 src/handshake.c | 11 ++++++-----
 4 files changed, 23 insertions(+), 15 deletions(-)

diff --git a/src/crypto.c b/src/crypto.c
index 840d9ee4..f8aba7d8 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -1116,9 +1116,10 @@ exit:
 }
 
 /* Defined in 802.11-2012, Section 11.6.1.3 Pairwise Key Hierarchy */
-bool crypto_derive_pmkid(const uint8_t *pmk,
+bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
 				const uint8_t *addr1, const uint8_t *addr2,
-				uint8_t *out_pmkid, bool use_sha256)
+				uint8_t *out_pmkid,
+				enum l_checksum_type checksum)
 {
 	uint8_t data[20];
 
@@ -1126,10 +1127,15 @@ bool crypto_derive_pmkid(const uint8_t *pmk,
 	memcpy(data + 8, addr2, 6);
 	memcpy(data + 14, addr1, 6);
 
-	if (use_sha256)
-		return hmac_sha256(pmk, 32, data, 20, out_pmkid, 16);
-	else
-		return hmac_sha1(pmk, 32, data, 20, out_pmkid, 16);
+	switch (checksum) {
+	case L_CHECKSUM_SHA1:
+		return hmac_sha1(pmk, key_len, data, 20, out_pmkid, 16);
+	case L_CHECKSUM_SHA256:
+		return hmac_sha256(pmk, key_len, data, 20, out_pmkid, 16);
+	default:
+		l_error("Checksum type %u is not valid", checksum);
+		return false;
+	}
 }
 
 enum l_checksum_type crypto_sae_hash_from_ecc_prime_len(enum crypto_sae type,
diff --git a/src/crypto.h b/src/crypto.h
index ed430abb..d2a96655 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -154,9 +154,10 @@ bool crypto_derive_ft_ptk(const uint8_t *pmk_r1, const uint8_t *pmk_r1_name,
 				bool sha384, uint8_t *out_ptk, size_t ptk_len,
 				uint8_t *out_ptk_name);
 
-bool crypto_derive_pmkid(const uint8_t *pmk,
+bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
 				const uint8_t *addr1, const uint8_t *addr2,
-				uint8_t *out_pmkid, bool use_sha256);
+				uint8_t *out_pmkid,
+				enum l_checksum_type checksum);
 
 enum crypto_sae {
 	CRYPTO_SAE_LOOPING,
diff --git a/src/eapol.c b/src/eapol.c
index 9471d13e..9e8f7c34 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -1103,8 +1103,8 @@ static void eapol_send_ptk_1_of_4(struct eapol_sm *sm)
 	memcpy(ek->key_nonce, sm->handshake->anonce, sizeof(ek->key_nonce));
 
 	/* Write the PMKID KDE into Key Data field unencrypted */
-	crypto_derive_pmkid(sm->handshake->pmk, sm->handshake->spa, aa,
-			pmkid, false);
+	crypto_derive_pmkid(sm->handshake->pmk, 32, sm->handshake->spa, aa,
+			pmkid, L_CHECKSUM_SHA1);
 
 	eapol_key_data_append(ek, sm->mic_len, HANDSHAKE_KDE_PMKID, pmkid, 16);
 
diff --git a/src/handshake.c b/src/handshake.c
index 734e997c..39a650c5 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -736,7 +736,8 @@ void handshake_state_set_pmkid(struct handshake_state *s, const uint8_t *pmkid)
 
 bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 {
-	bool use_sha256;
+	enum l_checksum_type sha;
+	size_t key_len = 32;
 
 	/* SAE exports pmkid */
 	if (s->have_pmkid) {
@@ -757,12 +758,12 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 
 	if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
 			IE_RSN_AKM_SUITE_PSK_SHA256))
-		use_sha256 = true;
+		sha = L_CHECKSUM_SHA256;
 	else
-		use_sha256 = false;
+		sha = L_CHECKSUM_SHA1;
 
-	return crypto_derive_pmkid(s->pmk, s->spa, s->aa, out_pmkid,
-					use_sha256);
+	return crypto_derive_pmkid(s->pmk, key_len, s->spa, s->aa, out_pmkid,
+					sha);
 }
 
 void handshake_state_set_gtk(struct handshake_state *s, const uint8_t *key,
-- 
2.25.1

Re: [PATCH 1/9] crypto: modify crypto_derive_pmkid to take the hash/key length

[Denis Kenzior]

Hi James,

On 4/10/23 17:01, James Prestwood wrote:
> The existing API was limited to SHA1 or SHA256 and assumed a key
> length of 32 bytes. Since other AKMs plan to be added update
> this to take the checksum/length directly for better flexibility.
> ---
>   src/crypto.c    | 18 ++++++++++++------
>   src/crypto.h    |  5 +++--
>   src/eapol.c     |  4 ++--
>   src/handshake.c | 11 ++++++-----
>   4 files changed, 23 insertions(+), 15 deletions(-)
> 

<snip>

> @@ -1126,10 +1127,15 @@ bool crypto_derive_pmkid(const uint8_t *pmk,
>   	memcpy(data + 8, addr2, 6);
>   	memcpy(data + 14, addr1, 6);
>   
> -	if (use_sha256)
> -		return hmac_sha256(pmk, 32, data, 20, out_pmkid, 16);
> -	else
> -		return hmac_sha1(pmk, 32, data, 20, out_pmkid, 16);
> +	switch (checksum) {
> +	case L_CHECKSUM_SHA1:
> +		return hmac_sha1(pmk, key_len, data, 20, out_pmkid, 16);
> +	case L_CHECKSUM_SHA256:
> +		return hmac_sha256(pmk, key_len, data, 20, out_pmkid, 16);
> +	default:
> +		l_error("Checksum type %u is not valid", checksum);
> +		return false;
> +	}

Just use l_checksum_new_hmac directly and avoid the switch/case.  That way patch 
3 is unnecessary.

Regards,
-Denis

[PATCH 2/9] handshake: include additional sha256 AKMs for PMKID generation

[James Prestwood]

The 802.11 spec defines what AKMs should use sha256 to derive the
PMKID. Hostapd commit b6d3fd05e3 changed the PMKID derivation in
accordance with 802.11-2020 which then breaks PMKID validation in
IWD. This breaks FT-PSK/8021x AKMs in IWD if the AP uses this
hostapd version.

Updating IWD to use sha256 in these cases will now break backwards
compatibility with *older* APs, but this will be worked around in
future commits.
---
 src/handshake.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

diff --git a/src/handshake.c b/src/handshake.c
index 39a650c5..82e0c1c2 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -754,10 +754,23 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 	 * preauthentication, the AKM has not yet been negotiated. In this
 	 * case, the HMAC-SHA1-128 based derivation is used for the PMKID
 	 * calculation."
+	 *
+	 * 802.11-2020 Table 9-151 defines the hashing algorithm to use
+	 * for various AKM's. SHA256 should be used for the following
+	 * AKM's (for this API context):
+	 *
+	 * 00-0F-AC:3 (FT-8021X)
+	 * 00-0F-AC:4 (FT-PSK)
+	 * 00-0F-AC:5 (8021X-SHA256)
+	 * 00-0F-AC:6 (PSK-SHA256)
+	 *
+	 * (Note SAE/FILS were left out as they generate their own PMKID)
 	 */
 
 	if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
-			IE_RSN_AKM_SUITE_PSK_SHA256))
+			IE_RSN_AKM_SUITE_PSK_SHA256 |
+			IE_RSN_AKM_SUITE_FT_OVER_8021X |
+			IE_RSN_AKM_SUITE_FT_USING_PSK))
 		sha = L_CHECKSUM_SHA256;
 	else
 		sha = L_CHECKSUM_SHA1;
-- 
2.25.1

[PATCH 3/9] crypto: add hmac_sha384 support for PMKID derivation

[James Prestwood]

SHA384 is required by several AKMs
---
 src/crypto.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/crypto.c b/src/crypto.c
index f8aba7d8..6b8a7b1e 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -1132,6 +1132,8 @@ bool crypto_derive_pmkid(const uint8_t *pmk, size_t key_len,
 		return hmac_sha1(pmk, key_len, data, 20, out_pmkid, 16);
 	case L_CHECKSUM_SHA256:
 		return hmac_sha256(pmk, key_len, data, 20, out_pmkid, 16);
+	case L_CHECKSUM_SHA384:
+		return hmac_sha384(pmk, key_len, data, 20, out_pmkid, 16);
 	default:
 		l_error("Checksum type %u is not valid", checksum);
 		return false;
-- 
2.25.1

[PATCH 4/9] eapol: add support for FT-8021X-SHA384

[James Prestwood]

The SHA384 variant was not being checked for in any of the
MIC calculations/verifications or for EAPoL decryption.
---
 src/eapol.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/eapol.c b/src/eapol.c
index 9e8f7c34..f290f40a 100644
--- a/src/eapol.c
+++ b/src/eapol.c
@@ -110,6 +110,9 @@ bool eapol_calculate_mic(enum ie_rsn_akm_suite akm, const uint8_t *kck,
 		case IE_RSN_AKM_SUITE_OSEN:
 			return cmac_aes(kck, 16, frame, frame_len,
 						mic, mic_len);
+		case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
+			return hmac_sha384(kck, 24, frame, frame_len,
+						mic, mic_len);
 		case IE_RSN_AKM_SUITE_OWE:
 			switch (mic_len) {
 			case 16:
@@ -164,6 +167,10 @@ bool eapol_verify_mic(enum ie_rsn_akm_suite akm, const uint8_t *kck,
 		case IE_RSN_AKM_SUITE_OSEN:
 			checksum = l_checksum_new_cmac_aes(kck, 16);
 			break;
+		case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
+			checksum = l_checksum_new_hmac(L_CHECKSUM_SHA384,
+							kck, 24);
+			break;
 		case IE_RSN_AKM_SUITE_OWE:
 			switch (mic_len) {
 			case 16:
@@ -270,6 +277,7 @@ uint8_t *eapol_decrypt_key_data(enum ie_rsn_akm_suite akm, const uint8_t *kek,
 		case IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256:
 		case IE_RSN_AKM_SUITE_OWE:
 		case IE_RSN_AKM_SUITE_OSEN:
+		case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
 			if (key_data_len < 24 || key_data_len % 8)
 				return NULL;
 
@@ -315,6 +323,7 @@ uint8_t *eapol_decrypt_key_data(enum ie_rsn_akm_suite akm, const uint8_t *kek,
 	case EAPOL_KEY_DESCRIPTOR_VERSION_AKM_DEFINED:
 		switch (akm) {
 		case IE_RSN_AKM_SUITE_OWE:
+		case IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384:
 			switch (mic_len) {
 			case 16:
 				kek_len = 16;
-- 
2.25.1

[PATCH 5/9] handshake: support FT-8021X-SHA384

[James Prestwood]

This adds the AKM to various places in handshake.c when deriving
keys to support this AKM.
---
 src/handshake.c | 27 ++++++++++++++++++++++-----
 1 file changed, 22 insertions(+), 5 deletions(-)

diff --git a/src/handshake.c b/src/handshake.c
index 82e0c1c2..362ff58a 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -505,6 +505,7 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 			return false;
 
 	if ((s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_8021X |
+				IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384 |
 				IE_RSN_AKM_SUITE_FT_USING_PSK |
 				IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256 |
 				IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
@@ -524,7 +525,8 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 		else
 			return false;
 	} else if (s->akm_suite & (IE_RSN_AKM_SUITE_FILS_SHA384 |
-			IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384))
+			IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384 |
+			IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384))
 		type = L_CHECKSUM_SHA384;
 	else if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
 			IE_RSN_AKM_SUITE_PSK_SHA256 |
@@ -540,6 +542,7 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 	ptk_size = handshake_state_get_ptk_size(s);
 
 	if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_8021X |
+				IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384 |
 				IE_RSN_AKM_SUITE_FT_USING_PSK |
 				IE_RSN_AKM_SUITE_FT_OVER_SAE_SHA256 |
 				IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
@@ -549,7 +552,8 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 		const uint8_t *xxkey = s->pmk;
 		size_t xxkey_len = 32;
 		bool sha384 = (s->akm_suite &
-					IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384);
+					(IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384 |
+					IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384));
 
 		/*
 		 * In a Fast Transition initial mobility domain association
@@ -562,7 +566,10 @@ bool handshake_state_derive_ptk(struct handshake_state *s)
 		 */
 		if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_8021X)
 			xxkey = s->pmk + 32;
-		else if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
+		else if (s->akm_suite == IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384) {
+			xxkey = s->pmk;
+			xxkey_len = s->pmk_len;
+		} else if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
 				IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)) {
 			xxkey = s->fils_ft;
 			xxkey_len = s->fils_ft_len;
@@ -626,7 +633,8 @@ const uint8_t *handshake_state_get_kck(struct handshake_state *s)
 
 size_t handshake_state_get_kck_len(struct handshake_state *s)
 {
-	if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384)
+	if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA384 |
+			IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384))
 		return 24;
 
 	return 16;
@@ -767,7 +775,16 @@ bool handshake_state_get_pmkid(struct handshake_state *s, uint8_t *out_pmkid)
 	 * (Note SAE/FILS were left out as they generate their own PMKID)
 	 */
 
-	if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
+	if (s->akm_suite & IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384) {
+		sha = L_CHECKSUM_SHA384;
+		/*
+		 * According to 12.7.1.6.3 the key length should be:
+		 * "the first 384 bits of the MSK". Unfortunately hostapd uses
+		 * the PMK length directly which can vary depending on the EAP
+		 * method...
+		 */
+		key_len = s->pmk_len;
+	} else if (s->akm_suite & (IE_RSN_AKM_SUITE_8021X_SHA256 |
 			IE_RSN_AKM_SUITE_PSK_SHA256 |
 			IE_RSN_AKM_SUITE_FT_OVER_8021X |
 			IE_RSN_AKM_SUITE_FT_USING_PSK))
-- 
2.25.1

[PATCH 6/9] handshake: remove hardcoded kek_len for FTE decode

[James Prestwood]

The KEK length should be obtained with the getter to ensure the
AKM is taken into account
---
 src/handshake.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/handshake.c b/src/handshake.c
index 362ff58a..70aeda37 100644
--- a/src/handshake.c
+++ b/src/handshake.c
@@ -1035,7 +1035,7 @@ bool handshake_decode_fte_key(struct handshake_state *s, const uint8_t *wrapped,
 				size_t key_len, uint8_t *key_out)
 {
 	const uint8_t *kek;
-	size_t kek_len = 16;
+	size_t kek_len = handshake_state_get_kek_len(s);
 	size_t padded_len = key_len < 16 ? 16 : align_len(key_len, 8);
 
 	if (s->akm_suite & (IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |
-- 
2.25.1

Re: [PATCH 6/9] handshake: remove hardcoded kek_len for FTE decode

[Denis Kenzior]

Hi James,

On 4/10/23 17:01, James Prestwood wrote:
> The KEK length should be obtained with the getter to ensure the
> AKM is taken into account
> ---
>   src/handshake.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 

Applied, thanks.

Regards,
-Denis

[PATCH 7/9] common: add FT-8021X-SHA384 to AKM_IS_8021X

[James Prestwood]

Without this the AKM shows up as WEP.
---
 src/common.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/common.c b/src/common.c
index ea7b0ca0..91979423 100644
--- a/src/common.c
+++ b/src/common.c
@@ -78,6 +78,7 @@ bool security_from_str(const char *str, enum security *security)
 	akm & (IE_RSN_AKM_SUITE_8021X |					\
 		IE_RSN_AKM_SUITE_8021X_SHA256 |				\
 		IE_RSN_AKM_SUITE_FT_OVER_8021X |			\
+		IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384 |			\
 		IE_RSN_AKM_SUITE_FILS_SHA256 |				\
 		IE_RSN_AKM_SUITE_FILS_SHA384 |				\
 		IE_RSN_AKM_SUITE_FT_OVER_FILS_SHA256 |			\
-- 
2.25.1

Re: [PATCH 7/9] common: add FT-8021X-SHA384 to AKM_IS_8021X

[Denis Kenzior]

Hi James,

On 4/10/23 17:01, James Prestwood wrote:
> Without this the AKM shows up as WEP.
> ---
>   src/common.c | 1 +
>   1 file changed, 1 insertion(+)
> 

Applied, thanks.

Regards,
-Denis

[PATCH 8/9] wiphy: add FT-8021X-SHA384 to supported AKMs

[James Prestwood]

This AKM is now possible to choose from the list.
---
 src/wiphy.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/wiphy.c b/src/wiphy.c
index 2db2d2cd..40ab0a0b 100644
--- a/src/wiphy.c
+++ b/src/wiphy.c
@@ -281,6 +281,12 @@ enum ie_rsn_akm_suite wiphy_select_akm(struct wiphy *wiphy,
 				return IE_RSN_AKM_SUITE_FILS_SHA256;
 		}
 
+		if ((info->akm_suites &
+				IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384) &&
+				bss->rsne && bss->mde_present &&
+				wiphy->support_cmds_auth_assoc)
+			return IE_RSN_AKM_SUITE_FT_OVER_8021X_SHA384;
+
 		if ((info->akm_suites & IE_RSN_AKM_SUITE_FT_OVER_8021X) &&
 				bss->rsne && bss->mde_present &&
 				wiphy->support_cmds_auth_assoc)
-- 
2.25.1

[PATCH 9/9] auto-t: update testFT-8021x-roam with SHA384 test

[James Prestwood]

---
 autotests/testFT-8021x-roam/connection_test.py | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/autotests/testFT-8021x-roam/connection_test.py b/autotests/testFT-8021x-roam/connection_test.py
index 356a9af2..2a4fe9e1 100644
--- a/autotests/testFT-8021x-roam/connection_test.py
+++ b/autotests/testFT-8021x-roam/connection_test.py
@@ -10,7 +10,7 @@ from hostapd import HostapdCLI
 import testutil
 
 class Test(unittest.TestCase):
-    def test_roam_success(self):
+    def validate(self):
         wd = IWD(True)
 
         device = wd.list_devices(1)[0]
@@ -50,6 +50,22 @@ class Test(unittest.TestCase):
         self.assertRaises(Exception, testutil.test_ifaces_connected,
                           (self.bss_hostapd[0].ifname, device.name, True, True))
 
+    def test_ft_8021x_sha256(self):
+        self.bss_hostapd[0].set_value('wpa_key_mgmt', 'FT-EAP')
+        self.bss_hostapd[0].reload()
+        self.bss_hostapd[1].set_value('wpa_key_mgmt', 'FT-EAP')
+        self.bss_hostapd[1].reload()
+
+        self.validate()
+
+    def test_ft_8021x_sha3846(self):
+        self.bss_hostapd[0].set_value('wpa_key_mgmt', 'FT-EAP-SHA384')
+        self.bss_hostapd[0].reload()
+        self.bss_hostapd[1].set_value('wpa_key_mgmt', 'FT-EAP-SHA384')
+        self.bss_hostapd[1].reload()
+
+        self.validate()
+
     def tearDown(self):
         os.system('ip link set "' + self.bss_hostapd[0].ifname + '" down')
         os.system('ip link set "' + self.bss_hostapd[1].ifname + '" down')
-- 
2.25.1