[thirdparty/hostap.git] / tests / hwsim / test_ap_wps.py

#!/usr/bin/python
#
# WPS tests
# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
#
# This software may be distributed under the terms of the BSD license.
# See README for more details.

import time
import subprocess
import logging
logger = logging.getLogger()

import hwsim_utils
import hostapd

def test_ap_wps_init(dev, apdev):
    """Initial AP configuration with first WPS Enrollee"""
    ssid = "test-wps"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "1" })
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

def test_ap_wps_conf(dev, apdev):
    """WPS PBC provisioning with configured AP"""
    ssid = "test-wps-conf"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].dump_monitor()
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED':
        raise Exception("Not fully connected")
    if status['bssid'] != apdev[0]['bssid']:
        raise Exception("Unexpected BSSID")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

def test_ap_wps_twice(dev, apdev):
    """WPS provisioning with twice to change passphrase"""
    ssid = "test-wps-twice"
    params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
               "wpa_passphrase": "12345678", "wpa": "2",
               "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
    hostapd.add_ap(apdev[0]['ifname'], params)
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    dev[0].request("DISCONNECT")

    logger.info("Restart AP with different passphrase and re-run WPS")
    hapd_global = hostapd.HostapdGlobal()
    hapd_global.remove(apdev[0]['ifname'])
    params['wpa_passphrase'] = 'another passphrase'
    hostapd.add_ap(apdev[0]['ifname'], params)
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].dump_monitor()
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    networks = dev[0].list_networks()
    if len(networks) > 1:
        raise Exception("Unexpected duplicated network block present")

def test_ap_wps_conf_pin(dev, apdev):
    """WPS PIN provisioning with configured AP"""
    ssid = "test-wps-conf-pin"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    pin = dev[0].wps_read_pin()
    hapd.request("WPS_PIN any " + pin)
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[0].request("WPS_PIN any " + pin)
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

def test_ap_wps_reg_connect(dev, apdev):
    """WPS registrar using AP PIN to connect"""
    ssid = "test-wps-reg-ap-pin"
    appin = "12345670"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
                     "ap_pin": appin})
    logger.info("WPS provisioning step")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[0].wps_reg(apdev[0]['bssid'], appin)
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

def test_ap_wps_reg_config(dev, apdev):
    """WPS registrar configuring and AP using AP PIN"""
    ssid = "test-wps-init-ap-pin"
    appin = "12345670"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "ap_pin": appin})
    logger.info("WPS configuration step")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    new_ssid = "wps-new-ssid"
    new_passphrase = "1234567890"
    dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
                   new_passphrase)
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")
    if status['ssid'] != new_ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

def test_ap_wps_pbc_overlap_2ap(dev, apdev):
    """WPS PBC session overlap with two active APs"""
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": "wps1", "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
                     "wps_independent": "1"})
    hostapd.add_ap(apdev[1]['ifname'],
                   { "ssid": "wps2", "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "123456789", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
                     "wps_independent": "1"})
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    hapd.request("WPS_PBC")
    hapd2 = hostapd.Hostapd(apdev[1]['ifname'])
    hapd2.request("WPS_PBC")
    logger.info("WPS provisioning step")
    dev[0].dump_monitor()
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
    if ev is None:
        raise Exception("PBC session overlap not detected")

def test_ap_wps_pbc_overlap_2sta(dev, apdev):
    """WPS PBC session overlap with two active STAs"""
    ssid = "test-wps-pbc-overlap"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[1].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[1].dump_monitor()
    dev[0].request("WPS_PBC")
    dev[1].request("WPS_PBC")
    ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
    if ev is None:
        raise Exception("PBC session overlap not detected (dev0)")
    if "config_error=12" not in ev:
        raise Exception("PBC session overlap not correctly reported (dev0)")
    ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
    if ev is None:
        raise Exception("PBC session overlap not detected (dev1)")
    if "config_error=12" not in ev:
        raise Exception("PBC session overlap not correctly reported (dev1)")

def test_ap_wps_er_add_enrollee(dev, apdev):
    """WPS ER configuring AP and adding a new enrollee using PIN"""
    ssid = "wps-er-add-enrollee"
    ap_pin = "12345670"
    ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "1",
                     "device_name": "Wireless AP", "manufacturer": "Company",
                     "model_name": "WAP", "model_number": "123",
                     "serial_number": "12345", "device_type": "6-0050F204-1",
                     "os_version": "01020300",
                     "config_methods": "label push_button",
                     "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
    logger.info("WPS configuration step")
    new_passphrase = "1234567890"
    dev[0].dump_monitor()
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
                   new_passphrase)
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")
    if status['ssid'] != ssid:
        raise Exception("Unexpected SSID")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")

    logger.info("Start ER")
    dev[0].request("WPS_ER_START ifname=lo")
    ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
    if ev is None:
        raise Exception("AP discovery timed out")
    if ap_uuid not in ev:
        raise Exception("Expected AP UUID not found")

    logger.info("Learn AP configuration through UPnP")
    dev[0].dump_monitor()
    dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
    ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
    if ev is None:
        raise Exception("AP learn timed out")
    if ap_uuid not in ev:
        raise Exception("Expected AP UUID not in settings")
    if "ssid=" + ssid not in ev:
        raise Exception("Expected SSID not in settings")
    if "key=" + new_passphrase not in ev:
        raise Exception("Expected passphrase not in settings")

    logger.info("Add Enrollee using ER")
    pin = dev[1].wps_read_pin()
    dev[0].dump_monitor()
    dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
    dev[1].request("SET ignore_old_scan_res 1")
    dev[1].dump_monitor()
    dev[1].request("WPS_PIN any " + pin)
    ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
    if ev is None:
        raise Exception("Enrollee did not report success")
    ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
    if ev is None:
        raise Exception("Association with the AP timed out")
    ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
    if ev is None:
        raise Exception("WPS ER did not report success")
    hwsim_utils.test_connectivity_sta(dev[0], dev[1])

def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
    """WPS ER connected to AP and adding a new enrollee using PBC"""
    ssid = "wps-er-add-enrollee-pbc"
    ap_pin = "12345670"
    ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "2",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
                     "device_name": "Wireless AP", "manufacturer": "Company",
                     "model_name": "WAP", "model_number": "123",
                     "serial_number": "12345", "device_type": "6-0050F204-1",
                     "os_version": "01020300",
                     "config_methods": "label push_button",
                     "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
    logger.info("Learn AP configuration")
    dev[0].dump_monitor()
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
        raise Exception("Not fully connected")

    logger.info("Start ER")
    dev[0].request("WPS_ER_START ifname=lo")
    ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
    if ev is None:
        raise Exception("AP discovery timed out")
    if ap_uuid not in ev:
        raise Exception("Expected AP UUID not found")

    logger.info("Use learned network configuration on ER")
    dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")

    logger.info("Add Enrollee using ER and PBC")
    dev[0].dump_monitor()
    enrollee = dev[1].p2p_interface_addr()
    dev[1].request("SET ignore_old_scan_res 1")
    dev[1].dump_monitor()
    dev[1].request("WPS_PBC")

    ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
    if ev is None:
        raise Exception("Enrollee discovery timed out")
    if enrollee not in ev:
        raise Exception("Expected Enrollee not found")
    dev[0].request("WPS_ER_PBC " + enrollee)

    ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
    if ev is None:
        raise Exception("Enrollee did not report success")
    ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
    if ev is None:
        raise Exception("Association with the AP timed out")
    ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
    if ev is None:
        raise Exception("WPS ER did not report success")
    hwsim_utils.test_connectivity_sta(dev[0], dev[1])

def test_ap_wps_fragmentation(dev, apdev):
    """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
    ssid = "test-wps-fragmentation"
    hostapd.add_ap(apdev[0]['ifname'],
                   { "ssid": ssid, "eap_server": "1", "wps_state": "2",
                     "wpa_passphrase": "12345678", "wpa": "3",
                     "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
                     "wpa_pairwise": "TKIP",
                     "fragment_size": "50" })
    hapd = hostapd.Hostapd(apdev[0]['ifname'])
    logger.info("WPS provisioning step")
    hapd.request("WPS_PBC")
    dev[0].request("SET ignore_old_scan_res 1")
    dev[0].dump_monitor()
    dev[0].request("SET wps_fragment_size 50")
    dev[0].request("WPS_PBC")
    ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
    if ev is None:
        raise Exception("Association with the AP timed out")
    status = dev[0].get_status()
    if status['wpa_state'] != 'COMPLETED':
        raise Exception("Not fully connected")
    if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
        raise Exception("Unexpected encryption configuration")
    if status['key_mgmt'] != 'WPA2-PSK':
        raise Exception("Unexpected key_mgmt")
Commit	Line	Data
302b7a1b JM	1	#!/usr/bin/python
	2	#
	3	# WPS tests
	4	# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
	5	#
	6	# This software may be distributed under the terms of the BSD license.
	7	# See README for more details.
	8
	9	import time
	10	import subprocess
	11	import logging
c9aa4308	12	logger = logging.getLogger()
302b7a1b JM	13
	14	import hwsim_utils
	15	import hostapd
	16
ae3ad328	17	def test_ap_wps_init(dev, apdev):
302b7a1b JM	18	"""Initial AP configuration with first WPS Enrollee"""
302b7a1b JM	19	ssid = "test-wps"
ae3ad328	20	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b	21	{ "ssid": ssid, "eap_server": "1", "wps_state": "1" })
ae3ad328	22	hapd = hostapd.Hostapd(apdev[0]['ifname'])
302b7a1b JM	23	logger.info("WPS provisioning step")
302b7a1b JM	24	hapd.request("WPS_PBC")
6dacb8e9	25	dev[0].request("SET ignore_old_scan_res 1")
302b7a1b JM	26	dev[0].dump_monitor()
302b7a1b JM	27	dev[0].request("WPS_PBC")
853b49a0	28	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
302b7a1b JM	29	if ev is None:
	30	raise Exception("Association with the AP timed out")
	31	status = dev[0].get_status()
ae3ad328	32	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
302b7a1b JM	33	raise Exception("Not fully connected")
	34	if status['ssid'] != ssid:
	35	raise Exception("Unexpected SSID")
	36	if status['pairwise_cipher'] != 'CCMP':
	37	raise Exception("Unexpected encryption configuration")
	38	if status['key_mgmt'] != 'WPA2-PSK':
	39	raise Exception("Unexpected key_mgmt")
	40
ae3ad328	41	def test_ap_wps_conf(dev, apdev):
302b7a1b JM	42	"""WPS PBC provisioning with configured AP"""
302b7a1b JM	43	ssid = "test-wps-conf"
ae3ad328	44	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	45	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	46	"wpa_passphrase": "12345678", "wpa": "2",
	47	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
ae3ad328	48	hapd = hostapd.Hostapd(apdev[0]['ifname'])
302b7a1b JM	49	logger.info("WPS provisioning step")
	50	hapd.request("WPS_PBC")
	51	dev[0].dump_monitor()
	52	dev[0].request("WPS_PBC")
7e3f110b	53	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
302b7a1b JM	54	if ev is None:
	55	raise Exception("Association with the AP timed out")
	56	status = dev[0].get_status()
ae3ad328	57	if status['wpa_state'] != 'COMPLETED':
302b7a1b	58	raise Exception("Not fully connected")
ae3ad328 JM	59	if status['bssid'] != apdev[0]['bssid']:
ae3ad328 JM	60	raise Exception("Unexpected BSSID")
302b7a1b JM	61	if status['ssid'] != ssid:
	62	raise Exception("Unexpected SSID")
	63	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
	64	raise Exception("Unexpected encryption configuration")
	65	if status['key_mgmt'] != 'WPA2-PSK':
	66	raise Exception("Unexpected key_mgmt")
	67
04e62788 JM	68	def test_ap_wps_twice(dev, apdev):
	69	"""WPS provisioning with twice to change passphrase"""
	70	ssid = "test-wps-twice"
	71	params = { "ssid": ssid, "eap_server": "1", "wps_state": "2",
	72	"wpa_passphrase": "12345678", "wpa": "2",
	73	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP" }
	74	hostapd.add_ap(apdev[0]['ifname'], params)
	75	hapd = hostapd.Hostapd(apdev[0]['ifname'])
	76	logger.info("WPS provisioning step")
	77	hapd.request("WPS_PBC")
	78	dev[0].request("SET ignore_old_scan_res 1")
	79	dev[0].dump_monitor()
	80	dev[0].request("WPS_PBC")
	81	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
	82	if ev is None:
	83	raise Exception("Association with the AP timed out")
	84	dev[0].request("DISCONNECT")
	85
	86	logger.info("Restart AP with different passphrase and re-run WPS")
	87	hapd_global = hostapd.HostapdGlobal()
	88	hapd_global.remove(apdev[0]['ifname'])
	89	params['wpa_passphrase'] = 'another passphrase'
	90	hostapd.add_ap(apdev[0]['ifname'], params)
	91	hapd = hostapd.Hostapd(apdev[0]['ifname'])
	92	logger.info("WPS provisioning step")
	93	hapd.request("WPS_PBC")
	94	dev[0].dump_monitor()
	95	dev[0].request("WPS_PBC")
	96	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
	97	if ev is None:
	98	raise Exception("Association with the AP timed out")
	99	networks = dev[0].list_networks()
	100	if len(networks) > 1:
	101	raise Exception("Unexpected duplicated network block present")
	102
ae3ad328	103	def test_ap_wps_conf_pin(dev, apdev):
302b7a1b JM	104	"""WPS PIN provisioning with configured AP"""
302b7a1b JM	105	ssid = "test-wps-conf-pin"
ae3ad328	106	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	107	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	108	"wpa_passphrase": "12345678", "wpa": "2",
	109	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
ae3ad328	110	hapd = hostapd.Hostapd(apdev[0]['ifname'])
302b7a1b JM	111	logger.info("WPS provisioning step")
	112	pin = dev[0].wps_read_pin()
	113	hapd.request("WPS_PIN any " + pin)
6dacb8e9	114	dev[0].request("SET ignore_old_scan_res 1")
302b7a1b JM	115	dev[0].dump_monitor()
302b7a1b JM	116	dev[0].request("WPS_PIN any " + pin)
7e3f110b	117	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
302b7a1b JM	118	if ev is None:
	119	raise Exception("Association with the AP timed out")
	120	status = dev[0].get_status()
ae3ad328	121	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
302b7a1b JM	122	raise Exception("Not fully connected")
	123	if status['ssid'] != ssid:
	124	raise Exception("Unexpected SSID")
	125	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
	126	raise Exception("Unexpected encryption configuration")
	127	if status['key_mgmt'] != 'WPA2-PSK':
	128	raise Exception("Unexpected key_mgmt")
	129
ae3ad328	130	def test_ap_wps_reg_connect(dev, apdev):
302b7a1b	131	"""WPS registrar using AP PIN to connect"""
803edd1c	132	ssid = "test-wps-reg-ap-pin"
302b7a1b	133	appin = "12345670"
ae3ad328	134	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	135	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	136	"wpa_passphrase": "12345678", "wpa": "2",
	137	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
	138	"ap_pin": appin})
	139	logger.info("WPS provisioning step")
803edd1c	140	dev[0].request("SET ignore_old_scan_res 1")
302b7a1b	141	dev[0].dump_monitor()
6edaee9c	142	dev[0].wps_reg(apdev[0]['bssid'], appin)
302b7a1b	143	status = dev[0].get_status()
ae3ad328	144	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
302b7a1b JM	145	raise Exception("Not fully connected")
	146	if status['ssid'] != ssid:
	147	raise Exception("Unexpected SSID")
	148	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
	149	raise Exception("Unexpected encryption configuration")
	150	if status['key_mgmt'] != 'WPA2-PSK':
	151	raise Exception("Unexpected key_mgmt")
	152
ae3ad328	153	def test_ap_wps_reg_config(dev, apdev):
302b7a1b JM	154	"""WPS registrar configuring and AP using AP PIN"""
	155	ssid = "test-wps-init-ap-pin"
	156	appin = "12345670"
ae3ad328	157	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	158	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	159	"ap_pin": appin})
	160	logger.info("WPS configuration step")
803edd1c	161	dev[0].request("SET ignore_old_scan_res 1")
302b7a1b JM	162	dev[0].dump_monitor()
	163	new_ssid = "wps-new-ssid"
	164	new_passphrase = "1234567890"
6edaee9c JM	165	dev[0].wps_reg(apdev[0]['bssid'], appin, new_ssid, "WPA2PSK", "CCMP",
6edaee9c JM	166	new_passphrase)
302b7a1b	167	status = dev[0].get_status()
ae3ad328	168	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
302b7a1b JM	169	raise Exception("Not fully connected")
	170	if status['ssid'] != new_ssid:
	171	raise Exception("Unexpected SSID")
	172	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
	173	raise Exception("Unexpected encryption configuration")
	174	if status['key_mgmt'] != 'WPA2-PSK':
	175	raise Exception("Unexpected key_mgmt")
	176
ae3ad328	177	def test_ap_wps_pbc_overlap_2ap(dev, apdev):
302b7a1b	178	"""WPS PBC session overlap with two active APs"""
ae3ad328	179	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	180	{ "ssid": "wps1", "eap_server": "1", "wps_state": "2",
	181	"wpa_passphrase": "12345678", "wpa": "2",
	182	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
	183	"wps_independent": "1"})
ae3ad328	184	hostapd.add_ap(apdev[1]['ifname'],
302b7a1b JM	185	{ "ssid": "wps2", "eap_server": "1", "wps_state": "2",
	186	"wpa_passphrase": "123456789", "wpa": "2",
	187	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
	188	"wps_independent": "1"})
ae3ad328	189	hapd = hostapd.Hostapd(apdev[0]['ifname'])
302b7a1b	190	hapd.request("WPS_PBC")
ae3ad328	191	hapd2 = hostapd.Hostapd(apdev[1]['ifname'])
302b7a1b JM	192	hapd2.request("WPS_PBC")
	193	logger.info("WPS provisioning step")
	194	dev[0].dump_monitor()
	195	dev[0].request("WPS_PBC")
	196	ev = dev[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout=15)
	197	if ev is None:
	198	raise Exception("PBC session overlap not detected")
	199
ae3ad328	200	def test_ap_wps_pbc_overlap_2sta(dev, apdev):
302b7a1b JM	201	"""WPS PBC session overlap with two active STAs"""
302b7a1b JM	202	ssid = "test-wps-pbc-overlap"
ae3ad328	203	hostapd.add_ap(apdev[0]['ifname'],
302b7a1b JM	204	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	205	"wpa_passphrase": "12345678", "wpa": "2",
	206	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
ae3ad328	207	hapd = hostapd.Hostapd(apdev[0]['ifname'])
302b7a1b JM	208	logger.info("WPS provisioning step")
302b7a1b JM	209	hapd.request("WPS_PBC")
803edd1c	210	dev[0].request("SET ignore_old_scan_res 1")
803edd1c	211	dev[1].request("SET ignore_old_scan_res 1")
302b7a1b JM	212	dev[0].dump_monitor()
	213	dev[1].dump_monitor()
	214	dev[0].request("WPS_PBC")
	215	dev[1].request("WPS_PBC")
	216	ev = dev[0].wait_event(["WPS-M2D"], timeout=15)
	217	if ev is None:
	218	raise Exception("PBC session overlap not detected (dev0)")
	219	if "config_error=12" not in ev:
	220	raise Exception("PBC session overlap not correctly reported (dev0)")
	221	ev = dev[1].wait_event(["WPS-M2D"], timeout=15)
	222	if ev is None:
	223	raise Exception("PBC session overlap not detected (dev1)")
	224	if "config_error=12" not in ev:
	225	raise Exception("PBC session overlap not correctly reported (dev1)")
6edaee9c JM	226
	227	def test_ap_wps_er_add_enrollee(dev, apdev):
	228	"""WPS ER configuring AP and adding a new enrollee using PIN"""
	229	ssid = "wps-er-add-enrollee"
	230	ap_pin = "12345670"
	231	ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
	232	hostapd.add_ap(apdev[0]['ifname'],
	233	{ "ssid": ssid, "eap_server": "1", "wps_state": "1",
	234	"device_name": "Wireless AP", "manufacturer": "Company",
	235	"model_name": "WAP", "model_number": "123",
	236	"serial_number": "12345", "device_type": "6-0050F204-1",
	237	"os_version": "01020300",
	238	"config_methods": "label push_button",
	239	"ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
	240	logger.info("WPS configuration step")
	241	new_passphrase = "1234567890"
	242	dev[0].dump_monitor()
	243	dev[0].request("SET ignore_old_scan_res 1")
	244	dev[0].wps_reg(apdev[0]['bssid'], ap_pin, ssid, "WPA2PSK", "CCMP",
	245	new_passphrase)
	246	status = dev[0].get_status()
	247	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
	248	raise Exception("Not fully connected")
	249	if status['ssid'] != ssid:
	250	raise Exception("Unexpected SSID")
	251	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'CCMP':
	252	raise Exception("Unexpected encryption configuration")
	253	if status['key_mgmt'] != 'WPA2-PSK':
	254	raise Exception("Unexpected key_mgmt")
	255
	256	logger.info("Start ER")
	257	dev[0].request("WPS_ER_START ifname=lo")
	258	ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
	259	if ev is None:
	260	raise Exception("AP discovery timed out")
	261	if ap_uuid not in ev:
	262	raise Exception("Expected AP UUID not found")
	263
	264	logger.info("Learn AP configuration through UPnP")
	265	dev[0].dump_monitor()
	266	dev[0].request("WPS_ER_LEARN " + ap_uuid + " " + ap_pin)
	267	ev = dev[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout=15)
	268	if ev is None:
	269	raise Exception("AP learn timed out")
	270	if ap_uuid not in ev:
	271	raise Exception("Expected AP UUID not in settings")
	272	if "ssid=" + ssid not in ev:
	273	raise Exception("Expected SSID not in settings")
	274	if "key=" + new_passphrase not in ev:
	275	raise Exception("Expected passphrase not in settings")
	276
	277	logger.info("Add Enrollee using ER")
	278	pin = dev[1].wps_read_pin()
	279	dev[0].dump_monitor()
	280	dev[0].request("WPS_ER_PIN any " + pin + " " + dev[1].p2p_interface_addr())
	281	dev[1].request("SET ignore_old_scan_res 1")
	282	dev[1].dump_monitor()
	283	dev[1].request("WPS_PIN any " + pin)
846be889	284	ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=30)
6edaee9c JM	285	if ev is None:
	286	raise Exception("Enrollee did not report success")
	287	ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
	288	if ev is None:
	289	raise Exception("Association with the AP timed out")
	290	ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
	291	if ev is None:
	292	raise Exception("WPS ER did not report success")
	293	hwsim_utils.test_connectivity_sta(dev[0], dev[1])
	294
	295	def test_ap_wps_er_add_enrollee_pbc(dev, apdev):
	296	"""WPS ER connected to AP and adding a new enrollee using PBC"""
	297	ssid = "wps-er-add-enrollee-pbc"
	298	ap_pin = "12345670"
	299	ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
	300	hostapd.add_ap(apdev[0]['ifname'],
	301	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	302	"wpa_passphrase": "12345678", "wpa": "2",
	303	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
	304	"device_name": "Wireless AP", "manufacturer": "Company",
	305	"model_name": "WAP", "model_number": "123",
	306	"serial_number": "12345", "device_type": "6-0050F204-1",
	307	"os_version": "01020300",
	308	"config_methods": "label push_button",
	309	"ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"})
	310	logger.info("Learn AP configuration")
	311	dev[0].dump_monitor()
	312	dev[0].request("SET ignore_old_scan_res 1")
	313	dev[0].wps_reg(apdev[0]['bssid'], ap_pin)
	314	status = dev[0].get_status()
	315	if status['wpa_state'] != 'COMPLETED' or status['bssid'] != apdev[0]['bssid']:
	316	raise Exception("Not fully connected")
	317
	318	logger.info("Start ER")
	319	dev[0].request("WPS_ER_START ifname=lo")
	320	ev = dev[0].wait_event(["WPS-ER-AP-ADD"], timeout=15)
	321	if ev is None:
	322	raise Exception("AP discovery timed out")
	323	if ap_uuid not in ev:
	324	raise Exception("Expected AP UUID not found")
	325
	326	logger.info("Use learned network configuration on ER")
	327	dev[0].request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
	328
	329	logger.info("Add Enrollee using ER and PBC")
	330	dev[0].dump_monitor()
	331	enrollee = dev[1].p2p_interface_addr()
	332	dev[1].request("SET ignore_old_scan_res 1")
	333	dev[1].dump_monitor()
	334	dev[1].request("WPS_PBC")
	335
	336	ev = dev[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout=15)
	337	if ev is None:
	338	raise Exception("Enrollee discovery timed out")
	339	if enrollee not in ev:
	340	raise Exception("Expected Enrollee not found")
	341	dev[0].request("WPS_ER_PBC " + enrollee)
	342
	343	ev = dev[1].wait_event(["WPS-SUCCESS"], timeout=15)
	344	if ev is None:
	345	raise Exception("Enrollee did not report success")
	346	ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED"], timeout=15)
	347	if ev is None:
	348	raise Exception("Association with the AP timed out")
349	ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
350	if ev is None:
351	raise Exception("WPS ER did not report success")
352	hwsim_utils.test_connectivity_sta(dev[0], dev[1])
bff3ac5b JM	353
	354	def test_ap_wps_fragmentation(dev, apdev):
	355	"""WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
	356	ssid = "test-wps-fragmentation"
	357	hostapd.add_ap(apdev[0]['ifname'],
	358	{ "ssid": ssid, "eap_server": "1", "wps_state": "2",
	359	"wpa_passphrase": "12345678", "wpa": "3",
	360	"wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
	361	"wpa_pairwise": "TKIP",
	362	"fragment_size": "50" })
	363	hapd = hostapd.Hostapd(apdev[0]['ifname'])
	364	logger.info("WPS provisioning step")
	365	hapd.request("WPS_PBC")
	366	dev[0].request("SET ignore_old_scan_res 1")
	367	dev[0].dump_monitor()
	368	dev[0].request("SET wps_fragment_size 50")
	369	dev[0].request("WPS_PBC")
	370	ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED"], timeout=30)
	371	if ev is None:
	372	raise Exception("Association with the AP timed out")
	373	status = dev[0].get_status()
	374	if status['wpa_state'] != 'COMPLETED':
	375	raise Exception("Not fully connected")
	376	if status['pairwise_cipher'] != 'CCMP' or status['group_cipher'] != 'TKIP':
	377	raise Exception("Unexpected encryption configuration")
	378	if status['key_mgmt'] != 'WPA2-PSK':
	379	raise Exception("Unexpected key_mgmt")