]> git.ipfire.org Git - thirdparty/hostap.git/blame - tests/hwsim/test_nfc_wps.py
projects / thirdparty / hostap.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
tests: Fix ap_ft_reassoc_replay for case where wlantest has the PSK
[thirdparty/hostap.git] / tests / hwsim / test_nfc_wps.py
CommitLineData
ea295abc
JM		 1# WPS+NFC tests
2# Copyright (c) 2013, Jouni Malinen <j@w1.fi>
3#
4# This software may be distributed under the terms of the BSD license.
5# See README for more details.
6
9fd6804d 7from remotehost import remote_compatible
54c58f29 8import binascii
ea295abc
JM		 9import time
10import subprocess
11import logging
c9aa4308 12logger = logging.getLogger()
ea295abc
JM		 13
14import hwsim_utils
15import hostapd
1ae044f7 16from utils import alloc_fail, fail_test, clear_regdom
ea295abc 17
a8375c94 18def check_wpa2_connection(sta, ap, hapd, ssid, mixed=False):
ea295abc
JM		 19 status = sta.get_status()
20 if status['wpa_state'] != 'COMPLETED':
21 raise Exception("Not fully connected")
22 if status['bssid'] != ap['bssid']:
23 raise Exception("Unexpected BSSID")
24 if status['ssid'] != ssid:
25 raise Exception("Unexpected SSID")
26 if status['pairwise_cipher'] != 'CCMP':
27 raise Exception("Unexpected encryption configuration")
28 if status['group_cipher'] != 'CCMP' and not mixed:
29 raise Exception("Unexpected encryption configuration")
30 if status['key_mgmt'] != 'WPA2-PSK':
31 raise Exception("Unexpected key_mgmt")
a8375c94 32 hwsim_utils.test_connectivity(sta, hapd)
ea295abc
JM		 33
34def ap_wps_params(ssid):
fab49f61
JM		 35 return {"ssid": ssid, "eap_server": "1", "wps_state": "2",
36 "wpa_passphrase": "12345678", "wpa": "2",
37 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
ea295abc 38
9fd6804d 39@remote_compatible
ea295abc
JM		 40def test_nfc_wps_password_token_sta(dev, apdev):
41 """NFC tag with password token on the station/Enrollee"""
42 ssid = "test-wps-nfc-pw-token-conf"
43 params = ap_wps_params(ssid)
6f334bf7 44 hapd = hostapd.add_ap(apdev[0], params)
ea295abc 45 logger.info("WPS provisioning step using password token from station")
1490eff5
JM		 46 wps = dev[0].request("WPS_NFC_TOKEN WPS").rstrip()
47 if "FAIL" in wps:
48 raise Exception("Failed to generate password token (WPS only)")
ea295abc
JM		 49 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
50 if "FAIL" in pw:
51 raise Exception("Failed to generate password token")
52 res = hapd.request("WPS_NFC_TAG_READ " + pw)
53 if "FAIL" in res:
54 raise Exception("Failed to provide NFC tag contents to hostapd")
55 dev[0].dump_monitor()
56 res = dev[0].request("WPS_NFC")
57 if "FAIL" in res:
58 raise Exception("Failed to start Enrollee using NFC password token")
5f35a5e2 59 dev[0].wait_connected(timeout=30)
a8375c94 60 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
ea295abc 61
82358a2a
JM		 62 if "FAIL" not in hapd.request("WPS_NFC_TAG_READ 0"):
63 raise Exception("Invalid WPS_NFC_TAG_READ accepted")
64 if "FAIL" not in hapd.request("WPS_NFC_TAG_READ 0q"):
65 raise Exception("Invalid WPS_NFC_TAG_READ accepted")
66 with alloc_fail(hapd, 1,
67 "wpabuf_alloc;hostapd_ctrl_iface_wps_nfc_tag_read"):
68 if "FAIL" not in hapd.request("WPS_NFC_TAG_READ 00"):
69 raise Exception("WPS_NFC_TAG_READ accepted during OOM")
70
ea295abc
JM		 71def test_nfc_wps_config_token(dev, apdev):
72 """NFC tag with configuration token from AP"""
73 ssid = "test-wps-nfc-conf-token"
74 params = ap_wps_params(ssid)
6f334bf7 75 hapd = hostapd.add_ap(apdev[0], params)
ea295abc
JM		 76 logger.info("NFC configuration token from AP to station")
77 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
78 if "FAIL" in conf:
79 raise Exception("Failed to generate configuration token")
82358a2a 80 ndef_conf = conf
ea295abc
JM		 81 dev[0].dump_monitor()
82 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
83 if "FAIL" in res:
84 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
5f35a5e2 85 dev[0].wait_connected(timeout=15)
a8375c94 86 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
ea295abc 87
24b7f282
JM		 88 with alloc_fail(hapd, 1, "wps_get_oob_cred"):
89 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
90 if "FAIL" not in conf:
91 raise Exception("Unexpected configuration token received during OOM")
92
82358a2a
JM		 93 wps_conf = hapd.request("WPS_NFC_CONFIG_TOKEN WPS").rstrip()
94 if "FAIL" in wps_conf:
95 raise Exception("Failed to generate configuration token (WPS)")
96 if wps_conf not in ndef_conf:
97 raise Exception("WPS config token not within NDEF encapsulated one")
98
99 conf = hapd.request("WPS_NFC_CONFIG_TOKEN FOO").rstrip()
100 if "FAIL" not in conf:
101 raise Exception("Invalid WPS_NFC_CONFIG_TOKEN accepted")
102
590160d5
JM		 103def test_nfc_wps_config_token_init(dev, apdev):
104 """NFC tag with configuration token from AP with auto configuration"""
590160d5 105 ssid = "test-wps-nfc-conf-token-init"
6f334bf7 106 hapd = hostapd.add_ap(apdev[0],
fab49f61 107 {"ssid": ssid, "eap_server": "1", "wps_state": "1"})
590160d5
JM		 108 logger.info("NFC configuration token from AP to station")
109 conf = hapd.request("WPS_NFC_CONFIG_TOKEN NDEF").rstrip()
110 if "FAIL" in conf:
111 raise Exception("Failed to generate configuration token")
112 dev[0].dump_monitor()
113 res = dev[0].request("WPS_NFC_TAG_READ " + conf)
114 if "FAIL" in res:
115 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
5f35a5e2 116 dev[0].wait_connected(timeout=15)
a8375c94 117 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
590160d5 118
9fd6804d 119@remote_compatible
ea295abc
JM		 120def test_nfc_wps_password_token_sta_init(dev, apdev):
121 """Initial AP configuration with first WPS NFC Enrollee"""
122 ssid = "test-wps-nfc-pw-token-init"
6f334bf7 123 hapd = hostapd.add_ap(apdev[0],
fab49f61 124 {"ssid": ssid, "eap_server": "1", "wps_state": "1"})
ea295abc
JM		 125 logger.info("WPS provisioning step using password token from station")
126 pw = dev[0].request("WPS_NFC_TOKEN NDEF").rstrip()
127 if "FAIL" in pw:
128 raise Exception("Failed to generate password token")
129 res = hapd.request("WPS_NFC_TAG_READ " + pw)
130 if "FAIL" in res:
131 raise Exception("Failed to provide NFC tag contents to hostapd")
132 dev[0].dump_monitor()
133 res = dev[0].request("WPS_NFC")
134 if "FAIL" in res:
135 raise Exception("Failed to start Enrollee using NFC password token")
5f35a5e2 136 dev[0].wait_connected(timeout=30)
a8375c94 137 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
ea295abc 138
9fd6804d 139@remote_compatible
ea295abc
JM		 140def test_nfc_wps_password_token_ap(dev, apdev):
141 """WPS registrar configuring an AP using AP password token"""
ea295abc 142 ssid = "test-wps-nfc-pw-token-init"
6f334bf7 143 hapd = hostapd.add_ap(apdev[0],
fab49f61 144 {"ssid": ssid, "eap_server": "1", "wps_state": "1"})
ea295abc
JM		 145 logger.info("WPS configuration step")
146 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
147 if "FAIL" in pw:
148 raise Exception("Failed to generate password token")
149 res = hapd.request("WPS_NFC_TOKEN enable")
63a792a7 150 if "FAIL" in res:
ea295abc
JM		 151 raise Exception("Failed to enable AP password token")
152 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
153 if "FAIL" in res:
154 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
155 dev[0].dump_monitor()
156 new_ssid = "test-wps-nfc-pw-token-new-ssid"
157 new_passphrase = "1234567890"
54c58f29
MH		 158 res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " +
159 binascii.hexlify(new_ssid.encode()).decode() +
160 " WPA2PSK CCMP " +
161 binascii.hexlify(new_passphrase.encode()).decode())
ea295abc
JM		 162 if "FAIL" in res:
163 raise Exception("Failed to start Registrar using NFC password token")
5f35a5e2 164 dev[0].wait_connected(timeout=30)
a8375c94 165 check_wpa2_connection(dev[0], apdev[0], hapd, new_ssid, mixed=True)
36a860b4
JM		 166 if "FAIL" in hapd.request("WPS_NFC_TOKEN disable"):
167 raise Exception("Failed to disable AP password token")
168 if "FAIL" in hapd.request("WPS_NFC_TOKEN WPS"):
169 raise Exception("Unexpected WPS_NFC_TOKEN WPS failure")
ea295abc 170
24b7f282
JM		 171 with fail_test(hapd, 1, "os_get_random;wps_nfc_token_gen"):
172 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
173 raise Exception("Unexpected WPS_NFC_TOKEN success")
174 with fail_test(hapd, 2, "os_get_random;wps_nfc_token_gen"):
175 if "FAIL" not in hapd.request("WPS_NFC_TOKEN WPS"):
176 raise Exception("Unexpected WPS_NFC_TOKEN success")
177
82358a2a
JM		 178 if "FAIL" not in hapd.request("WPS_NFC_TOKEN foo"):
179 raise Exception("Invalid WPS_NFC_TOKEN accepted")
180
63a792a7
JM		 181def test_nfc_wps_password_token_ap_preconf(dev, apdev):
182 """WPS registrar configuring an AP using preconfigured AP password token"""
183 ssid = "test-wps-nfc-pw-token-init"
184 params = {"ssid": ssid, "eap_server": "1",
185 "wps_state": "1",
186 "wps_nfc_dev_pw_id": "49067",
187 "wps_nfc_dh_pubkey": "991B7F54406226505D56C6C701ED2C725E4F4866611357CA1C4D92219B2E91CFC9E4172EB0899421657534DB396A6A11361663ACDC48417541DB8610428773BC18AAA00387775F14EEE49335B574165EF915D055F818B82F99CEF4C5F176E0C5D9055CBAF055A5B20B73B26D74816BA42C1A911FF0B8EDF77C7CEA76F9F6EABBFBF12742AA3E67BE7597FB7321C3B258C57B9EA045B0A7472558F9AA8E810E2E0462FFD9001A7E21C38006529B9FEDAAF47612D3817922F2335A5D541BAA9B7F",
188 "wps_nfc_dh_privkey": "06F35FDA777F6EFF1F7F008AD68C49572C5F2913B1DC96E0AC3AB67D75329D40EEE850C79D83EEA82CE35FADCCB1F2AF08560268B9E9B67BE66C9B7B3E6F462CF91647830CB0A40184CCF8AA74261E0308AB8973FB799C9EA46011C70215AEA83293E0C89AA4EB6CA753A9E689FA3A0A3FB40D0A8D9AD258F3E4DA1625F63C4B347660D17504B25856DE9D18EB76C239EDFF090A0A1779BE848C0F23C20CF83022C91EA56B0375DED0A62DF0B8B91348F667F5A7EAD23F0F033E071DCE11B786",
189 "wps_nfc_dev_pw": "CB7FE7A25053F8F5BF822660C21E66D8A58D3393BB78494E239031D6AABCB90C"}
190 hapd = hostapd.add_ap(apdev[0], params)
191 logger.info("WPS configuration step")
192 res = hapd.request("WPS_NFC_TOKEN enable")
193 if "FAIL" in res:
194 raise Exception("Failed to enable AP password token")
195 pw = "D217446170706C69636174696F6E2F766E642E7766612E777363102C0036691F6C35AC5FF23180FFBF899BF3E563D047AA68BFABCB7FE7A25053F8F5BF822660C21E66D8A58D3393BB78494E239031D6AABCB90C1049000600372A000120"
196 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
197 if "FAIL" in res:
198 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
199 dev[0].dump_monitor()
200 new_ssid = "test-wps-nfc-pw-token-new-ssid"
201 new_passphrase = "1234567890"
202 res = dev[0].request("WPS_REG " + apdev[0]['bssid'] + " nfc-pw " +
203 binascii.hexlify(new_ssid.encode()).decode() +
204 " WPA2PSK CCMP " +
205 binascii.hexlify(new_passphrase.encode()).decode())
206 if "FAIL" in res:
207 raise Exception("Failed to start Registrar using NFC password token")
208 dev[0].wait_connected(timeout=30)
209 check_wpa2_connection(dev[0], apdev[0], hapd, new_ssid, mixed=True)
210
2108ae1e
JM		 211def test_nfc_wps_handover_init(dev, apdev):
212 """Connect to WPS AP with NFC connection handover and move to configured state"""
b90b3eab
JM		 213 try:
214 _test_nfc_wps_handover_init(dev, apdev)
215 finally:
216 dev[0].request("SET ignore_old_scan_res 0")
217
218def _test_nfc_wps_handover_init(dev, apdev):
2108ae1e
JM		 219 dev[0].request("SET ignore_old_scan_res 1")
220 ssid = "test-wps-nfc-handover-init"
6f334bf7 221 hapd = hostapd.add_ap(apdev[0],
fab49f61 222 {"ssid": ssid, "eap_server": "1", "wps_state": "1"})
2108ae1e
JM		 223 logger.info("NFC connection handover")
224 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
225 if "FAIL" in req:
226 raise Exception("Failed to generate NFC connection handover request")
227 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
228 if "FAIL" in sel:
229 raise Exception("Failed to generate NFC connection handover select")
230 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
231 if "FAIL" in res:
232 raise Exception("Failed to report NFC connection handover to to hostapd")
233 dev[0].dump_monitor()
234 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
235 if "FAIL" in res:
236 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 237 dev[0].wait_connected(timeout=15)
a8375c94 238 check_wpa2_connection(dev[0], apdev[0], hapd, ssid, mixed=True)
2108ae1e 239
24b7f282
JM		 240 with alloc_fail(hapd, 1, "wps_build_nfc_handover_sel"):
241 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR"):
242 raise Exception("Unexpected NFC_GET_HANDOVER_SEL success during OOM")
243
82358a2a
JM		 244 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL NDEF").rstrip():
245 raise Exception("Invalid NFC_GET_HANDOVER_SEL accepted")
246 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL foo foo").rstrip():
247 raise Exception("Invalid NFC_GET_HANDOVER_SEL accepted")
248 if "FAIL" not in hapd.request("NFC_GET_HANDOVER_SEL NDEF foo").rstrip():
249 raise Exception("Invalid NFC_GET_HANDOVER_SEL accepted")
250 res_ndef = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
251 res_wps = hapd.request("NFC_GET_HANDOVER_SEL WPS WPS-CR").rstrip()
252 if res_wps not in res_ndef:
253 raise Exception("WPS handover select not in NDEF encapsulated version")
254
9fd6804d 255@remote_compatible
36a860b4
JM		 256def test_nfc_wps_handover_errors(dev, apdev):
257 """WPS AP NFC handover report error cases"""
258 ssid = "test-wps-nfc-handover"
6f334bf7 259 hapd = hostapd.add_ap(apdev[0],
fab49f61 260 {"ssid": ssid, "eap_server": "1", "wps_state": "1"})
36a860b4
JM		 261 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
262 if "FAIL" in sel:
263 raise Exception("Failed to generate NFC connection handover select")
264 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER "):
265 raise Exception("Unexpected handover report success")
266 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP"):
267 raise Exception("Unexpected handover report success")
268 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS"):
269 raise Exception("Unexpected handover report success")
270 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122"):
271 raise Exception("Unexpected handover report success")
272 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 00"):
273 raise Exception("Unexpected handover report success")
274 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 0 00"):
275 raise Exception("Unexpected handover report success")
276 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 0"):
277 raise Exception("Unexpected handover report success")
278 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 00q122 001122"):
279 raise Exception("Unexpected handover report success")
280 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 001q22"):
281 raise Exception("Unexpected handover report success")
282 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP FOO 001122 00"):
283 raise Exception("Unexpected handover report success")
82358a2a
JM		 284 for i in range(1, 3):
285 with alloc_fail(hapd, i,
286 "wpabuf_alloc;hostapd_ctrl_iface_nfc_report_handover"):
287 if "FAIL" not in hapd.request("NFC_REPORT_HANDOVER RESP WPS 001122 001122"):
288 raise Exception("NFC_REPORT_HANDOVER RESP succeeded during OOM")
36a860b4 289
ea295abc
JM		 290def test_nfc_wps_handover(dev, apdev):
291 """Connect to WPS AP with NFC connection handover"""
292 ssid = "test-wps-nfc-handover"
293 params = ap_wps_params(ssid)
6f334bf7 294 hapd = hostapd.add_ap(apdev[0], params)
ea295abc
JM		 295 logger.info("NFC connection handover")
296 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
297 if "FAIL" in req:
298 raise Exception("Failed to generate NFC connection handover request")
299 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
300 if "FAIL" in sel:
301 raise Exception("Failed to generate NFC connection handover select")
302 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
303 if "FAIL" in res:
304 raise Exception("Failed to report NFC connection handover to to hostapd")
305 dev[0].dump_monitor()
306 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
307 if "FAIL" in res:
308 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 309 dev[0].wait_connected(timeout=30)
a8375c94 310 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
fa697bb8 311
daad14cc
JM		 312def test_nfc_wps_handover_5ghz(dev, apdev):
313 """Connect to WPS AP with NFC connection handover on 5 GHz band"""
f8b9e61e 314 hapd = None
daad14cc
JM		 315 try:
316 ssid = "test-wps-nfc-handover"
317 params = ap_wps_params(ssid)
318 params["country_code"] = "FI"
319 params["hw_mode"] = "a"
320 params["channel"] = "36"
8b8a1864 321 hapd = hostapd.add_ap(apdev[0], params)
daad14cc
JM		 322 logger.info("NFC connection handover")
323 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
324 if "FAIL" in req:
325 raise Exception("Failed to generate NFC connection handover request")
326 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
327 if "FAIL" in sel:
328 raise Exception("Failed to generate NFC connection handover select")
329 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
330 if "FAIL" in res:
331 raise Exception("Failed to report NFC connection handover to to hostapd")
332 dev[0].dump_monitor()
333 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
334 if "FAIL" in res:
335 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 336 dev[0].wait_connected(timeout=30)
a8375c94 337 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
daad14cc 338 finally:
1ae044f7 339 clear_regdom(hapd, dev)
daad14cc
JM		 340
341def test_nfc_wps_handover_chan14(dev, apdev):
342 """Connect to WPS AP with NFC connection handover on channel 14"""
f8b9e61e 343 hapd = None
daad14cc
JM		 344 try:
345 ssid = "test-wps-nfc-handover"
346 params = ap_wps_params(ssid)
347 params["country_code"] = "JP"
348 params["hw_mode"] = "b"
349 params["channel"] = "14"
8b8a1864 350 hapd = hostapd.add_ap(apdev[0], params)
daad14cc
JM		 351 logger.info("NFC connection handover")
352 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
353 if "FAIL" in req:
354 raise Exception("Failed to generate NFC connection handover request")
355 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
356 if "FAIL" in sel:
357 raise Exception("Failed to generate NFC connection handover select")
358 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
359 if "FAIL" in res:
360 raise Exception("Failed to report NFC connection handover to to hostapd")
361 dev[0].dump_monitor()
362 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
363 if "FAIL" in res:
364 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 365 dev[0].wait_connected(timeout=30)
a8375c94 366 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
daad14cc 367 finally:
9d7fdac5 368 dev[0].request("DISCONNECT")
e0eb6e53 369 clear_regdom(hapd, dev)
daad14cc 370
8f96dadc
JM		 371def test_nfc_wps_handover_with_pw_token_set(dev, apdev):
372 """Connect to WPS AP with NFC connection handover (wps_nfc_* set)"""
373 ssid = "test-wps-nfc-handover2"
374 params = ap_wps_params(ssid)
6f334bf7 375 hapd = hostapd.add_ap(apdev[0], params)
8f96dadc
JM		 376 # enable a password token (which won't be used in this test case)
377 pw = hapd.request("WPS_NFC_TOKEN NDEF").rstrip()
378 if "FAIL" in pw:
379 raise Exception("Failed to generate password token")
380 res = hapd.request("WPS_NFC_TOKEN enable")
381 if "FAIL" in pw:
382 raise Exception("Failed to enable AP password token")
383 logger.info("NFC connection handover")
384 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
385 if "FAIL" in req:
386 raise Exception("Failed to generate NFC connection handover request")
387 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
388 if "FAIL" in sel:
389 raise Exception("Failed to generate NFC connection handover select")
390 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
391 if "FAIL" in res:
392 raise Exception("Failed to report NFC connection handover to to hostapd")
393 dev[0].dump_monitor()
394 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
395 if "FAIL" in res:
396 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 397 dev[0].wait_connected(timeout=15)
a8375c94 398 check_wpa2_connection(dev[0], apdev[0], hapd, ssid)
8f96dadc 399
fa697bb8
JM		 400def test_nfc_wps_handover_pk_hash_mismatch_sta(dev, apdev):
401 """WPS NFC connection handover with invalid pkhash from station (negative)"""
402 ssid = "wps-nfc-handover-pkhash-sta"
403 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
404 raise Exception("Could not enable wps_corrupt_pkhash")
405 params = ap_wps_params(ssid)
6f334bf7 406 hapd = hostapd.add_ap(apdev[0], params)
fa697bb8
JM		 407 logger.info("NFC connection handover")
408 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
409 if "FAIL" in req:
410 raise Exception("Failed to generate NFC connection handover request")
411 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
412 if "FAIL" in sel:
413 raise Exception("Failed to generate NFC connection handover select")
414 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
415 if "FAIL" in res:
416 raise Exception("Failed to report NFC connection handover to to hostapd")
417 dev[0].dump_monitor()
418 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
419 if "FAIL" in res:
420 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
421 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
422 if ev is None:
423 raise Exception("Timed out")
424 if "WPS-FAIL" not in ev:
425 raise Exception("Public key hash mismatch not detected")
426
427def test_nfc_wps_handover_pk_hash_mismatch_ap(dev, apdev):
428 """WPS NFC connection handover with invalid pkhash from AP (negative)"""
429 ssid = "wps-nfc-handover-pkhash-ap"
430 params = ap_wps_params(ssid)
6f334bf7 431 hapd = hostapd.add_ap(apdev[0], params)
fa697bb8
JM		 432 if "FAIL" in hapd.request("SET wps_corrupt_pkhash 1"):
433 raise Exception("Could not enable wps_corrupt_pkhash")
434 logger.info("NFC connection handover")
435 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
436 if "FAIL" in req:
437 raise Exception("Failed to generate NFC connection handover request")
438 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
439 if "FAIL" in sel:
440 raise Exception("Failed to generate NFC connection handover select")
441 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
442 if "FAIL" in res:
443 raise Exception("Failed to report NFC connection handover to to hostapd")
444 dev[0].dump_monitor()
445 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
446 if "FAIL" in res:
447 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
448 ev = dev[0].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
449 if ev is None:
450 raise Exception("Timed out")
451 if "WPS-FAIL" not in ev:
452 raise Exception("Public key hash mismatch not detected")
014f60d0
JM		 453
454def start_ap_er(er, ap, ssid):
455 ap_pin = "12345670"
456 ap_uuid = "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
fab49f61
JM		 457 params = {"ssid": ssid, "eap_server": "1", "wps_state": "2",
458 "wpa_passphrase": "12345678", "wpa": "2",
459 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
460 "device_name": "Wireless AP", "manufacturer": "Company",
461 "model_name": "WAP", "model_number": "123",
462 "serial_number": "12345", "device_type": "6-0050F204-1",
463 "os_version": "01020300",
464 "config_methods": "label push_button",
465 "ap_pin": ap_pin, "uuid": ap_uuid, "upnp_iface": "lo"}
40635905 466 hapd = hostapd.add_ap(ap, params)
014f60d0
JM		 467 logger.info("Learn AP configuration")
468 er.dump_monitor()
b90b3eab
JM		 469 try:
470 er.request("SET ignore_old_scan_res 1")
471 er.wps_reg(ap['bssid'], ap_pin)
472 finally:
473 er.request("SET ignore_old_scan_res 0")
014f60d0
JM		 474
475 logger.info("Start ER")
476 er.request("WPS_ER_STOP")
477 time.sleep(1)
478 er.request("WPS_ER_START ifname=lo")
479 ev = er.wait_event(["WPS-ER-AP-ADD"], timeout=15)
480 if ev is None:
481 raise Exception("AP discovery timed out")
482 if ap_uuid not in ev:
483 raise Exception("Expected AP UUID not found")
484
485 logger.info("Use learned network configuration on ER")
486 er.request("WPS_ER_SET_CONFIG " + ap_uuid + " 0")
40635905 487 return hapd
014f60d0 488
9fd6804d 489@remote_compatible
014f60d0
JM		 490def test_nfc_wps_er_pw_token(dev, apdev):
491 """WPS NFC password token from Enrollee to ER"""
be9f1562
JM		 492 try:
493 _test_nfc_wps_er_pw_token(dev, apdev)
494 finally:
495 dev[0].request("WPS_ER_STOP")
b90b3eab 496 dev[1].request("SET ignore_old_scan_res 0")
be9f1562
JM		 497
498def _test_nfc_wps_er_pw_token(dev, apdev):
014f60d0 499 ssid = "wps-nfc-er-pw-token"
40635905 500 hapd = start_ap_er(dev[0], apdev[0], ssid)
014f60d0
JM		 501 logger.info("WPS provisioning step using password token from station")
502 dev[1].request("SET ignore_old_scan_res 1")
503 pw = dev[1].request("WPS_NFC_TOKEN NDEF").rstrip()
504 if "FAIL" in pw:
505 raise Exception("Failed to generate password token")
506 res = dev[0].request("WPS_NFC_TAG_READ " + pw)
507 if "FAIL" in res:
508 raise Exception("Failed to provide NFC tag contents to WPS ER")
509 dev[0].dump_monitor()
510 res = dev[1].request("WPS_NFC")
511 if "FAIL" in res:
512 raise Exception("Failed to start Enrollee using NFC password token")
513 ev = dev[0].wait_event(["WPS-SUCCESS"], timeout=15)
514 if ev is None:
515 raise Exception("WPS ER did not report success")
5f35a5e2 516 dev[1].wait_connected(timeout=15)
a8375c94 517 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
014f60d0 518
9fd6804d 519@remote_compatible
014f60d0
JM		 520def test_nfc_wps_er_config_token(dev, apdev):
521 """WPS NFC configuration token from ER to Enrollee"""
be9f1562
JM		 522 try:
523 _test_nfc_wps_er_config_token(dev, apdev)
524 finally:
525 dev[0].request("WPS_ER_STOP")
b90b3eab 526 dev[1].request("SET ignore_old_scan_res 0")
be9f1562
JM		 527
528def _test_nfc_wps_er_config_token(dev, apdev):
014f60d0 529 ssid = "wps-nfc-er-config-token"
40635905 530 hapd = start_ap_er(dev[0], apdev[0], ssid)
014f60d0 531 logger.info("WPS provisioning step using configuration token from ER")
1490eff5
JM		 532 wps = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN WPS " + apdev[0]['bssid']).rstrip()
533 if "FAIL" in wps:
534 raise Exception("Failed to generate configuration token (WPS format)")
014f60d0
JM		 535 conf = dev[0].request("WPS_ER_NFC_CONFIG_TOKEN NDEF " + apdev[0]['bssid']).rstrip()
536 if "FAIL" in conf:
e946c8e6 537 raise Exception("Failed to generate configuration token")
014f60d0
JM		 538 dev[1].request("SET ignore_old_scan_res 1")
539 res = dev[1].request("WPS_NFC_TAG_READ " + conf)
540 if "FAIL" in res:
541 raise Exception("Failed to provide NFC tag contents to wpa_supplicant")
5f35a5e2 542 dev[1].wait_connected(timeout=15)
a8375c94 543 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
014f60d0
JM		 544
545def test_nfc_wps_er_handover(dev, apdev):
546 """WPS NFC connection handover between Enrollee and ER"""
be9f1562
JM		 547 try:
548 _test_nfc_wps_er_handover(dev, apdev)
549 finally:
550 dev[0].request("WPS_ER_STOP")
551
552def _test_nfc_wps_er_handover(dev, apdev):
014f60d0 553 ssid = "wps-nfc-er-handover"
40635905 554 hapd = start_ap_er(dev[0], apdev[0], ssid)
014f60d0
JM		 555 logger.info("WPS provisioning step using connection handover")
556 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
557 if "FAIL" in req:
558 raise Exception("Failed to generate NFC connection handover request")
559 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
560 if "FAIL" in sel:
561 raise Exception("Failed to generate NFC connection handover select")
562 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
563 if "FAIL" in res:
564 raise Exception("Failed to report NFC connection handover to to hostapd")
565 dev[1].dump_monitor()
566 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
567 if "FAIL" in res:
568 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
5f35a5e2 569 dev[1].wait_connected(timeout=15)
a8375c94 570 check_wpa2_connection(dev[1], apdev[0], hapd, ssid)
014f60d0
JM		 571
572def test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
573 """WPS NFC connection handover with invalid pkhash from station to ER (negative)"""
be9f1562
JM		 574 try:
575 _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev)
576 finally:
577 dev[0].request("WPS_ER_STOP")
b90b3eab 578 dev[1].request("SET ignore_old_scan_res 0")
be9f1562
JM		 579
580def _test_nfc_wps_er_handover_pk_hash_mismatch_sta(dev, apdev):
014f60d0 581 ssid = "wps-nfc-er-handover-pkhash-sta"
40635905 582 hapd = start_ap_er(dev[0], apdev[0], ssid)
014f60d0
JM		 583 logger.info("WPS provisioning step using connection handover")
584 if "FAIL" in dev[1].request("SET wps_corrupt_pkhash 1"):
585 raise Exception("Could not enable wps_corrupt_pkhash")
586 dev[1].request("SET ignore_old_scan_res 1")
587 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
588 if "FAIL" in req:
589 raise Exception("Failed to generate NFC connection handover request")
590 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
591 if "FAIL" in sel:
592 raise Exception("Failed to generate NFC connection handover select")
593 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
594 if "FAIL" in res:
595 raise Exception("Failed to report NFC connection handover to to hostapd")
596 dev[1].dump_monitor()
597 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
598 if "FAIL" in res:
599 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
600 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
601 if ev is None:
602 raise Exception("Timed out")
603 if "WPS-FAIL" not in ev:
604 raise Exception("Public key hash mismatch not detected")
605
606def test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
607 """WPS NFC connection handover with invalid pkhash from ER to station (negative)"""
be9f1562
JM		 608 try:
609 _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev)
610 finally:
611 dev[0].request("WPS_ER_STOP")
b90b3eab 612 dev[1].request("SET ignore_old_scan_res 0")
be9f1562
JM		 613
614def _test_nfc_wps_er_handover_pk_hash_mismatch_er(dev, apdev):
014f60d0 615 ssid = "wps-nfc-er-handover-pkhash-er"
40635905 616 hapd = start_ap_er(dev[0], apdev[0], ssid)
014f60d0
JM		 617 logger.info("WPS provisioning step using connection handover")
618 if "FAIL" in dev[0].request("SET wps_corrupt_pkhash 1"):
619 raise Exception("Could not enable wps_corrupt_pkhash")
620 dev[1].request("SET ignore_old_scan_res 1")
621 req = dev[1].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
622 if "FAIL" in req:
623 raise Exception("Failed to generate NFC connection handover request")
624 sel = dev[0].request("NFC_GET_HANDOVER_SEL NDEF WPS-CR " + apdev[0]['bssid']).rstrip()
625 if "FAIL" in sel:
626 raise Exception("Failed to generate NFC connection handover select")
627 res = dev[0].request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
628 if "FAIL" in res:
629 raise Exception("Failed to report NFC connection handover to to hostapd")
630 dev[1].dump_monitor()
631 res = dev[1].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
632 if "FAIL" in res:
633 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
634 ev = dev[1].wait_event(["CTRL-EVENT-CONNECTED", "WPS-FAIL"], timeout=15)
635 if ev is None:
636 raise Exception("Timed out")
637 if "WPS-FAIL" not in ev:
638 raise Exception("Public key hash mismatch not detected")
19879b45 639
9fd6804d 640@remote_compatible
19879b45
JM		 641def test_nfc_invalid_ndef_record(dev, apdev):
642 """Invalid NFC NDEF record handling"""
fab49f61
JM		 643 tests = ["11223344",
644 "00112233",
645 "0000112233445566",
646 "0800112233445566",
647 "080011223344",
648 "18000000",
649 "18010000",
650 "90000050",
651 "9000005000",
652 "9001013344",
653 "98010101334455",
654 "0017ffffffe3",
655 "0017ffffffe4",
656 "0017ffffffe9",
657 "0000fffffffa",
658 "0017ffffffe46170706c69636174696f6e2f766e642e7766612e777363",
659 "0017ffffffff6170706c69636174696f6e2f766e642e7766612e777363",
660 "0017000000006170706c69636174696f6e2f766e642e7766612e7773ff",
661 "080000000000"]
19879b45
JM		 662 for test in tests:
663 if "FAIL" not in dev[0].request("WPS_NFC_TAG_READ " + test):
664 raise Exception("Invalid tag accepted: " + test)
4b1ae279
JM		 665
666def test_nfc_wps_handover_failure(dev, apdev):
667 """Connect to WPS AP with NFC connection handover (local failure)"""
668 ssid = "test-wps-nfc-handover"
669 params = ap_wps_params(ssid)
670 hapd = hostapd.add_ap(apdev[0], params)
671 logger.info("NFC connection handover")
672 req = dev[0].request("NFC_GET_HANDOVER_REQ NDEF WPS-CR").rstrip()
673 if "FAIL" in req:
674 raise Exception("Failed to generate NFC connection handover request")
675 sel = hapd.request("NFC_GET_HANDOVER_SEL NDEF WPS-CR").rstrip()
676 if "FAIL" in sel:
677 raise Exception("Failed to generate NFC connection handover select")
678 res = hapd.request("NFC_REPORT_HANDOVER RESP WPS " + req + " " + sel)
679 if "FAIL" in res:
680 raise Exception("Failed to report NFC connection handover to to hostapd")
681 dev[0].dump_monitor()
682
683 with alloc_fail(hapd, 1, "wpabuf_dup;wps_build_public_key"):
684 res = dev[0].request("NFC_REPORT_HANDOVER INIT WPS " + req + " " + sel)
685 if "FAIL" in res:
686 raise Exception("Failed to report NFC connection handover to to wpa_supplicant")
687 ev = dev[0].wait_event(["WPS-FAIL"], timeout=10)
688 if ev is None:
689 raise Exception("WPS failure not reported")
Unnamed repository; edit this file 'description' to name the repository.