2 # Copyright (c) 2013-2017, Jouni Malinen <j@w1.fi>
4 # This software may be distributed under the terms of the BSD license.
5 # See README for more details.
7 from remotehost
import remote_compatible
8 from tshark
import run_tshark
11 from Crypto
.Cipher
import AES
20 logger
= logging
.getLogger()
25 from http
.client
import HTTPConnection
26 from urllib
.request
import urlopen
27 from urllib
.parse
import urlparse
, urljoin
28 from urllib
.error
import HTTPError
29 from io
import StringIO
30 from socketserver
import StreamRequestHandler
, TCPServer
32 from httplib
import HTTPConnection
33 from urllib
import urlopen
34 from urlparse
import urlparse
, urljoin
35 from urllib2
import build_opener
, ProxyHandler
, HTTPError
36 from StringIO
import StringIO
37 from SocketServer
import StreamRequestHandler
, TCPServer
39 import xml
.etree
.ElementTree
as ET
43 from wpasupplicant
import WpaSupplicant
44 from utils
import HwsimSkip
, alloc_fail
, fail_test
, skip_with_fips
45 from utils
import wait_fail_trigger
, clear_regdom
46 from test_ap_eap
import int_eap_server_params
48 def wps_start_ap(apdev
, ssid
="test-wps-conf"):
49 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
50 "wpa_passphrase": "12345678", "wpa": "2",
51 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
52 return hostapd
.add_ap(apdev
, params
)
55 def test_ap_wps_init(dev
, apdev
):
56 """Initial AP configuration with first WPS Enrollee"""
58 hapd
= hostapd
.add_ap(apdev
[0],
59 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
60 logger
.info("WPS provisioning step")
61 hapd
.request("WPS_PBC")
62 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
63 raise Exception("PBC status not shown correctly")
65 id = dev
[0].add_network()
66 dev
[0].set_network_quoted(id, "ssid", "home")
67 dev
[0].set_network_quoted(id, "psk", "12345678")
68 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
70 id = dev
[0].add_network()
71 dev
[0].set_network_quoted(id, "ssid", "home2")
72 dev
[0].set_network(id, "bssid", "00:11:22:33:44:55")
73 dev
[0].set_network(id, "key_mgmt", "NONE")
74 dev
[0].request("ENABLE_NETWORK %s no-connect" % id)
76 dev
[0].request("WPS_PBC")
77 dev
[0].wait_connected(timeout
=30)
78 status
= dev
[0].get_status()
79 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
80 raise Exception("Not fully connected")
81 if status
['ssid'] != ssid
:
82 raise Exception("Unexpected SSID")
83 if status
['pairwise_cipher'] != 'CCMP':
84 raise Exception("Unexpected encryption configuration")
85 if status
['key_mgmt'] != 'WPA2-PSK':
86 raise Exception("Unexpected key_mgmt")
88 status
= hapd
.request("WPS_GET_STATUS")
89 if "PBC Status: Disabled" not in status
:
90 raise Exception("PBC status not shown correctly")
91 if "Last WPS result: Success" not in status
:
92 raise Exception("Last WPS result not shown correctly")
93 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
94 raise Exception("Peer address not shown correctly")
95 conf
= hapd
.request("GET_CONFIG")
96 if "wps_state=configured" not in conf
:
97 raise Exception("AP not in WPS configured state")
98 if "wpa=3" not in conf
:
99 raise Exception("AP not in WPA+WPA2 configuration")
100 if "rsn_pairwise_cipher=CCMP TKIP" not in conf
:
101 raise Exception("Unexpected rsn_pairwise_cipher")
102 if "wpa_pairwise_cipher=CCMP TKIP" not in conf
:
103 raise Exception("Unexpected wpa_pairwise_cipher")
104 if "group_cipher=TKIP" not in conf
:
105 raise Exception("Unexpected group_cipher")
107 if len(dev
[0].list_networks()) != 3:
108 raise Exception("Unexpected number of network blocks")
110 def test_ap_wps_init_2ap_pbc(dev
, apdev
):
111 """Initial two-radio AP configuration with first WPS PBC Enrollee"""
113 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
114 hapd
= hostapd
.add_ap(apdev
[0], params
)
115 hostapd
.add_ap(apdev
[1], params
)
116 logger
.info("WPS provisioning step")
117 hapd
.request("WPS_PBC")
118 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
119 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
120 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
121 if "[WPS-PBC]" not in bss
['flags']:
122 raise Exception("WPS-PBC flag missing from AP1")
123 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
124 if "[WPS-PBC]" not in bss
['flags']:
125 raise Exception("WPS-PBC flag missing from AP2")
126 dev
[0].dump_monitor()
127 dev
[0].request("SET wps_cred_processing 2")
128 dev
[0].request("WPS_PBC")
129 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=30)
130 dev
[0].request("SET wps_cred_processing 0")
132 raise Exception("WPS cred event not seen")
134 raise Exception("WPS attributes not included in the cred event")
135 dev
[0].wait_connected(timeout
=30)
137 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
138 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
139 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
140 if "[WPS-PBC]" in bss
['flags']:
141 raise Exception("WPS-PBC flag not cleared from AP1")
142 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
143 if "[WPS-PBC]" in bss
['flags']:
144 raise Exception("WPS-PBC flag not cleared from AP2")
146 def test_ap_wps_init_2ap_pin(dev
, apdev
):
147 """Initial two-radio AP configuration with first WPS PIN Enrollee"""
149 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
150 hapd
= hostapd
.add_ap(apdev
[0], params
)
151 hostapd
.add_ap(apdev
[1], params
)
152 logger
.info("WPS provisioning step")
153 pin
= dev
[0].wps_read_pin()
154 hapd
.request("WPS_PIN any " + pin
)
155 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
156 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
157 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
158 if "[WPS-AUTH]" not in bss
['flags']:
159 raise Exception("WPS-AUTH flag missing from AP1")
160 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
161 if "[WPS-AUTH]" not in bss
['flags']:
162 raise Exception("WPS-AUTH flag missing from AP2")
163 dev
[0].dump_monitor()
164 dev
[0].request("WPS_PIN any " + pin
)
165 dev
[0].wait_connected(timeout
=30)
167 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
168 dev
[1].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
169 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
170 if "[WPS-AUTH]" in bss
['flags']:
171 raise Exception("WPS-AUTH flag not cleared from AP1")
172 bss
= dev
[1].get_bss(apdev
[1]['bssid'])
173 if "[WPS-AUTH]" in bss
['flags']:
174 raise Exception("WPS-AUTH flag not cleared from AP2")
177 def test_ap_wps_init_through_wps_config(dev
, apdev
):
178 """Initial AP configuration using wps_config command"""
179 ssid
= "test-wps-init-config"
180 hapd
= hostapd
.add_ap(apdev
[0],
181 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
182 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
183 raise Exception("WPS_CONFIG command failed")
184 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
186 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
187 # It takes some time for the AP to update Beacon and Probe Response frames,
188 # so wait here before requesting the scan to be started to avoid adding
189 # extra five second wait to the test due to fetching obsolete scan results.
192 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
193 pairwise
="CCMP", group
="CCMP")
195 if "FAIL" not in hapd
.request("WPS_CONFIG foo"):
196 raise Exception("Invalid WPS_CONFIG accepted")
199 def test_ap_wps_init_through_wps_config_2(dev
, apdev
):
200 """AP configuration using wps_config and wps_cred_processing=2"""
201 ssid
= "test-wps-init-config"
202 hapd
= hostapd
.add_ap(apdev
[0],
203 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
204 "wps_cred_processing": "2"})
205 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"12345678").decode()):
206 raise Exception("WPS_CONFIG command failed")
207 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
209 raise Exception("Timeout on WPS-NEW-AP-SETTINGS events")
211 raise Exception("WPS-NEW-AP-SETTINGS did not include Credential")
214 def test_ap_wps_invalid_wps_config_passphrase(dev
, apdev
):
215 """AP configuration using wps_config command with invalid passphrase"""
216 ssid
= "test-wps-init-config"
217 hapd
= hostapd
.add_ap(apdev
[0],
218 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
219 if "FAIL" not in hapd
.request("WPS_CONFIG " + binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(b
"1234567").decode()):
220 raise Exception("Invalid WPS_CONFIG command accepted")
222 def test_ap_wps_conf(dev
, apdev
):
223 """WPS PBC provisioning with configured AP"""
224 ssid
= "test-wps-conf"
225 hapd
= hostapd
.add_ap(apdev
[0],
226 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
227 "wpa_passphrase": "12345678", "wpa": "2",
228 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
229 logger
.info("WPS provisioning step")
230 hapd
.request("WPS_PBC")
231 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
232 dev
[0].dump_monitor()
233 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
234 dev
[0].wait_connected(timeout
=30)
235 status
= dev
[0].get_status()
236 if status
['wpa_state'] != 'COMPLETED':
237 raise Exception("Not fully connected")
238 if status
['bssid'] != apdev
[0]['bssid']:
239 raise Exception("Unexpected BSSID")
240 if status
['ssid'] != ssid
:
241 raise Exception("Unexpected SSID")
242 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
243 raise Exception("Unexpected encryption configuration")
244 if status
['key_mgmt'] != 'WPA2-PSK':
245 raise Exception("Unexpected key_mgmt")
247 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
248 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
249 raise Exception("Device name not available in STA command")
251 def test_ap_wps_conf_5ghz(dev
, apdev
):
252 """WPS PBC provisioning with configured AP on 5 GHz band"""
255 ssid
= "test-wps-conf"
256 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
257 "wpa_passphrase": "12345678", "wpa": "2",
258 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
259 "country_code": "FI", "hw_mode": "a", "channel": "36"}
260 hapd
= hostapd
.add_ap(apdev
[0], params
)
261 logger
.info("WPS provisioning step")
262 hapd
.request("WPS_PBC")
263 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="5180")
264 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
265 dev
[0].wait_connected(timeout
=30)
267 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
268 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
269 raise Exception("Device name not available in STA command")
271 dev
[0].request("DISCONNECT")
272 clear_regdom(hapd
, dev
)
274 def test_ap_wps_conf_chan14(dev
, apdev
):
275 """WPS PBC provisioning with configured AP on channel 14"""
278 ssid
= "test-wps-conf"
279 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
280 "wpa_passphrase": "12345678", "wpa": "2",
281 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
282 "country_code": "JP", "hw_mode": "b", "channel": "14"}
283 hapd
= hostapd
.add_ap(apdev
[0], params
)
284 logger
.info("WPS provisioning step")
285 hapd
.request("WPS_PBC")
286 dev
[0].request("WPS_PBC")
287 dev
[0].wait_connected(timeout
=30)
289 sta
= hapd
.get_sta(dev
[0].p2p_interface_addr())
290 if 'wpsDeviceName' not in sta
or sta
['wpsDeviceName'] != "Device A":
291 raise Exception("Device name not available in STA command")
293 dev
[0].request("DISCONNECT")
294 clear_regdom(hapd
, dev
)
297 def test_ap_wps_twice(dev
, apdev
):
298 """WPS provisioning with twice to change passphrase"""
299 ssid
= "test-wps-twice"
300 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
301 "wpa_passphrase": "12345678", "wpa": "2",
302 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
303 hapd
= hostapd
.add_ap(apdev
[0], params
)
304 logger
.info("WPS provisioning step")
305 hapd
.request("WPS_PBC")
306 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
307 dev
[0].dump_monitor()
308 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
309 dev
[0].wait_connected(timeout
=30)
310 dev
[0].request("DISCONNECT")
312 logger
.info("Restart AP with different passphrase and re-run WPS")
313 hostapd
.remove_bss(apdev
[0])
314 params
['wpa_passphrase'] = 'another passphrase'
315 hapd
= hostapd
.add_ap(apdev
[0], params
)
316 logger
.info("WPS provisioning step")
317 hapd
.request("WPS_PBC")
318 dev
[0].dump_monitor()
319 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
320 dev
[0].wait_connected(timeout
=30)
321 networks
= dev
[0].list_networks()
322 if len(networks
) > 1:
323 raise Exception("Unexpected duplicated network block present")
326 def test_ap_wps_incorrect_pin(dev
, apdev
):
327 """WPS PIN provisioning with incorrect PIN"""
328 ssid
= "test-wps-incorrect-pin"
329 hapd
= hostapd
.add_ap(apdev
[0],
330 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
331 "wpa_passphrase": "12345678", "wpa": "2",
332 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
334 logger
.info("WPS provisioning attempt 1")
335 hapd
.request("WPS_PIN any 12345670")
336 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
337 dev
[0].dump_monitor()
338 dev
[0].request("WPS_PIN %s 55554444" % apdev
[0]['bssid'])
339 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
341 raise Exception("WPS operation timed out")
342 if "config_error=18" not in ev
:
343 raise Exception("Incorrect config_error reported")
344 if "msg=8" not in ev
:
345 raise Exception("PIN error detected on incorrect message")
346 dev
[0].wait_disconnected(timeout
=10)
347 dev
[0].request("WPS_CANCEL")
348 # if a scan was in progress, wait for it to complete before trying WPS again
349 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
351 status
= hapd
.request("WPS_GET_STATUS")
352 if "Last WPS result: Failed" not in status
:
353 raise Exception("WPS failure result not shown correctly")
355 logger
.info("WPS provisioning attempt 2")
356 hapd
.request("WPS_PIN any 12345670")
357 dev
[0].dump_monitor()
358 dev
[0].request("WPS_PIN %s 12344444" % apdev
[0]['bssid'])
359 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=30)
361 raise Exception("WPS operation timed out")
362 if "config_error=18" not in ev
:
363 raise Exception("Incorrect config_error reported")
364 if "msg=10" not in ev
:
365 raise Exception("PIN error detected on incorrect message")
366 dev
[0].wait_disconnected(timeout
=10)
369 def test_ap_wps_conf_pin(dev
, apdev
):
370 """WPS PIN provisioning with configured AP"""
371 ssid
= "test-wps-conf-pin"
372 hapd
= hostapd
.add_ap(apdev
[0],
373 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
374 "wpa_passphrase": "12345678", "wpa": "2",
375 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
376 logger
.info("WPS provisioning step")
377 pin
= dev
[0].wps_read_pin()
378 hapd
.request("WPS_PIN any " + pin
)
379 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
380 dev
[0].dump_monitor()
381 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
382 dev
[0].wait_connected(timeout
=30)
383 status
= dev
[0].get_status()
384 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
385 raise Exception("Not fully connected")
386 if status
['ssid'] != ssid
:
387 raise Exception("Unexpected SSID")
388 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
389 raise Exception("Unexpected encryption configuration")
390 if status
['key_mgmt'] != 'WPA2-PSK':
391 raise Exception("Unexpected key_mgmt")
393 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
394 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
395 if "[WPS-AUTH]" in bss
['flags']:
396 raise Exception("WPS-AUTH flag not cleared")
397 logger
.info("Try to connect from another station using the same PIN")
398 pin
= dev
[1].request("WPS_PIN " + apdev
[0]['bssid'])
399 ev
= dev
[1].wait_event(["WPS-M2D", "CTRL-EVENT-CONNECTED"], timeout
=30)
401 raise Exception("Operation timed out")
402 if "WPS-M2D" not in ev
:
403 raise Exception("Unexpected WPS operation started")
404 hapd
.request("WPS_PIN any " + pin
)
405 dev
[1].wait_connected(timeout
=30)
407 def test_ap_wps_conf_pin_mixed_mode(dev
, apdev
):
408 """WPS PIN provisioning with configured AP (WPA+WPA2)"""
409 ssid
= "test-wps-conf-pin-mixed"
410 hapd
= hostapd
.add_ap(apdev
[0],
411 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
412 "wpa_passphrase": "12345678", "wpa": "3",
413 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
414 "wpa_pairwise": "TKIP"})
416 logger
.info("WPS provisioning step")
417 pin
= dev
[0].wps_read_pin()
418 hapd
.request("WPS_PIN any " + pin
)
419 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
420 dev
[0].dump_monitor()
421 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
422 dev
[0].wait_connected(timeout
=30)
423 status
= dev
[0].get_status()
424 dev
[0].request("REMOVE_NETWORK all")
425 dev
[0].wait_disconnected()
426 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
427 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
429 logger
.info("WPS provisioning step (auth_types=0x1b)")
430 if "OK" not in dev
[0].request("SET wps_force_auth_types 0x1b"):
431 raise Exception("Failed to set wps_force_auth_types 0x1b")
432 pin
= dev
[0].wps_read_pin()
433 hapd
.request("WPS_PIN any " + pin
)
434 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
435 dev
[0].dump_monitor()
436 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
437 dev
[0].wait_connected(timeout
=30)
438 status
= dev
[0].get_status()
439 dev
[0].request("REMOVE_NETWORK all")
440 dev
[0].wait_disconnected()
441 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
442 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
444 logger
.info("WPS provisioning step (auth_types=0 encr_types=0)")
445 if "OK" not in dev
[0].request("SET wps_force_auth_types 0"):
446 raise Exception("Failed to set wps_force_auth_types 0")
447 if "OK" not in dev
[0].request("SET wps_force_encr_types 0"):
448 raise Exception("Failed to set wps_force_encr_types 0")
449 pin
= dev
[0].wps_read_pin()
450 hapd
.request("WPS_PIN any " + pin
)
451 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
452 dev
[0].dump_monitor()
453 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
454 dev
[0].wait_connected(timeout
=30)
455 status
= dev
[0].get_status()
456 dev
[0].request("REMOVE_NETWORK all")
457 dev
[0].wait_disconnected()
458 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP' or status
['key_mgmt'] != 'WPA2-PSK':
459 raise Exception("Unexpected encryption/key_mgmt configuration: pairwise=%s group=%s key_mgmt=%s" % (status
['pairwise_cipher'], status
['group_cipher'], status
['key_mgmt']))
461 dev
[0].request("SET wps_force_auth_types ")
462 dev
[0].request("SET wps_force_encr_types ")
465 def test_ap_wps_conf_pin_v1(dev
, apdev
):
466 """WPS PIN provisioning with configured WPS v1.0 AP"""
467 ssid
= "test-wps-conf-pin-v1"
468 hapd
= hostapd
.add_ap(apdev
[0],
469 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
470 "wpa_passphrase": "12345678", "wpa": "2",
471 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
472 logger
.info("WPS provisioning step")
473 pin
= dev
[0].wps_read_pin()
474 hapd
.request("SET wps_version_number 0x10")
475 hapd
.request("WPS_PIN any " + pin
)
477 for i
in range(0, 10):
478 dev
[0].scan(freq
="2412")
479 if "[WPS-PIN]" in dev
[0].request("SCAN_RESULTS"):
483 hapd
.request("SET wps_version_number 0x20")
484 raise Exception("WPS-PIN flag not seen in scan results")
485 dev
[0].dump_monitor()
486 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
487 dev
[0].wait_connected(timeout
=30)
488 hapd
.request("SET wps_version_number 0x20")
491 def test_ap_wps_conf_pin_2sta(dev
, apdev
):
492 """Two stations trying to use WPS PIN at the same time"""
493 ssid
= "test-wps-conf-pin2"
494 hapd
= hostapd
.add_ap(apdev
[0],
495 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
496 "wpa_passphrase": "12345678", "wpa": "2",
497 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
498 logger
.info("WPS provisioning step")
501 hapd
.request("WPS_PIN " + dev
[0].get_status_field("uuid") + " " + pin
)
502 hapd
.request("WPS_PIN " + dev
[1].get_status_field("uuid") + " " + pin
)
503 dev
[0].dump_monitor()
504 dev
[1].dump_monitor()
505 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
506 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
507 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
508 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
509 dev
[0].wait_connected(timeout
=30)
510 dev
[1].wait_connected(timeout
=30)
513 def test_ap_wps_conf_pin_timeout(dev
, apdev
):
514 """WPS PIN provisioning with configured AP timing out PIN"""
515 ssid
= "test-wps-conf-pin"
516 hapd
= hostapd
.add_ap(apdev
[0],
517 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
518 "wpa_passphrase": "12345678", "wpa": "2",
519 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
520 addr
= dev
[0].p2p_interface_addr()
521 pin
= dev
[0].wps_read_pin()
522 if "FAIL" not in hapd
.request("WPS_PIN "):
523 raise Exception("Unexpected success on invalid WPS_PIN")
524 hapd
.request("WPS_PIN any " + pin
+ " 1")
525 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
527 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
528 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=20)
530 raise Exception("WPS-PIN-NEEDED event timed out")
531 ev
= dev
[0].wait_event(["WPS-M2D"])
533 raise Exception("M2D not reported")
534 dev
[0].request("WPS_CANCEL")
536 hapd
.request("WPS_PIN any " + pin
+ " 20 " + addr
)
537 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
538 dev
[0].wait_connected(timeout
=30)
540 def test_ap_wps_reg_connect(dev
, apdev
):
541 """WPS registrar using AP PIN to connect"""
542 ssid
= "test-wps-reg-ap-pin"
544 hostapd
.add_ap(apdev
[0],
545 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
546 "wpa_passphrase": "12345678", "wpa": "2",
547 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
549 logger
.info("WPS provisioning step")
550 dev
[0].dump_monitor()
551 dev
[0].flush_scan_cache()
552 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
553 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
554 status
= dev
[0].get_status()
555 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
556 raise Exception("Not fully connected")
557 if status
['ssid'] != ssid
:
558 raise Exception("Unexpected SSID")
559 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
560 raise Exception("Unexpected encryption configuration")
561 if status
['key_mgmt'] != 'WPA2-PSK':
562 raise Exception("Unexpected key_mgmt")
564 def test_ap_wps_reg_connect_zero_len_ap_pin(dev
, apdev
):
565 """hostapd with zero length ap_pin parameter"""
566 ssid
= "test-wps-reg-ap-pin"
568 hostapd
.add_ap(apdev
[0],
569 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
570 "wpa_passphrase": "12345678", "wpa": "2",
571 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
573 logger
.info("WPS provisioning step")
574 dev
[0].dump_monitor()
575 dev
[0].flush_scan_cache()
576 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
577 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, no_wait
=True)
578 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
580 raise Exception("No WPS-FAIL reported")
581 if "msg=5 config_error=15" not in ev
:
582 raise Exception("Unexpected WPS-FAIL: " + ev
)
584 def test_ap_wps_reg_connect_mixed_mode(dev
, apdev
):
585 """WPS registrar using AP PIN to connect (WPA+WPA2)"""
586 ssid
= "test-wps-reg-ap-pin"
588 hostapd
.add_ap(apdev
[0],
589 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
590 "wpa_passphrase": "12345678", "wpa": "3",
591 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
592 "wpa_pairwise": "TKIP", "ap_pin": appin
})
593 dev
[0].flush_scan_cache()
594 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
595 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
596 status
= dev
[0].get_status()
597 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
598 raise Exception("Not fully connected")
599 if status
['ssid'] != ssid
:
600 raise Exception("Unexpected SSID")
601 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
602 raise Exception("Unexpected encryption configuration")
603 if status
['key_mgmt'] != 'WPA2-PSK':
604 raise Exception("Unexpected key_mgmt")
606 def test_ap_wps_reg_override_ap_settings(dev
, apdev
):
607 """WPS registrar and ap_settings override"""
608 ap_settings
= "/tmp/ap_wps_reg_override_ap_settings"
610 os
.remove(ap_settings
)
613 # Override AP Settings with values that point to another AP
614 data
= build_wsc_attr(ATTR_NETWORK_INDEX
, b
'\x01')
615 data
+= build_wsc_attr(ATTR_SSID
, b
"test")
616 data
+= build_wsc_attr(ATTR_AUTH_TYPE
, b
'\x00\x01')
617 data
+= build_wsc_attr(ATTR_ENCR_TYPE
, b
'\x00\x01')
618 data
+= build_wsc_attr(ATTR_NETWORK_KEY
, b
'')
619 data
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[1]['bssid'].replace(':', '')))
620 with
open(ap_settings
, "wb") as f
:
622 ssid
= "test-wps-reg-ap-pin"
624 hostapd
.add_ap(apdev
[0],
625 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
626 "wpa_passphrase": "12345678", "wpa": "2",
627 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
628 "ap_pin": appin
, "ap_settings": ap_settings
})
629 hapd2
= hostapd
.add_ap(apdev
[1], {"ssid": "test"})
630 dev
[0].flush_scan_cache()
631 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
632 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
=2412)
633 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
634 ev
= hapd2
.wait_event(['AP-STA-CONNECTED'], timeout
=10)
635 os
.remove(ap_settings
)
637 raise Exception("No connection with the other AP")
639 def check_wps_reg_failure(dev
, ap
, appin
):
640 dev
.request("WPS_REG " + ap
['bssid'] + " " + appin
)
641 ev
= dev
.wait_event(["WPS-SUCCESS", "WPS-FAIL"], timeout
=15)
643 raise Exception("WPS operation timed out")
644 if "WPS-SUCCESS" in ev
:
645 raise Exception("WPS operation succeeded unexpectedly")
646 if "config_error=15" not in ev
:
647 raise Exception("WPS setup locked state was not reported correctly")
649 def test_ap_wps_random_ap_pin(dev
, apdev
):
650 """WPS registrar using random AP PIN"""
651 ssid
= "test-wps-reg-random-ap-pin"
652 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
653 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
654 "wpa_passphrase": "12345678", "wpa": "2",
655 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
656 "device_name": "Wireless AP", "manufacturer": "Company",
657 "model_name": "WAP", "model_number": "123",
658 "serial_number": "12345", "device_type": "6-0050F204-1",
659 "os_version": "01020300",
660 "config_methods": "label push_button",
661 "uuid": ap_uuid
, "upnp_iface": "lo"}
662 hapd
= hostapd
.add_ap(apdev
[0], params
)
663 appin
= hapd
.request("WPS_AP_PIN random")
665 raise Exception("Could not generate random AP PIN")
666 if appin
not in hapd
.request("WPS_AP_PIN get"):
667 raise Exception("Could not fetch current AP PIN")
668 logger
.info("WPS provisioning step")
669 dev
[0].flush_scan_cache()
670 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
671 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
673 hapd
.request("WPS_AP_PIN disable")
674 logger
.info("WPS provisioning step with AP PIN disabled")
675 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
676 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
678 logger
.info("WPS provisioning step with AP PIN reset")
680 hapd
.request("WPS_AP_PIN set " + appin
)
681 dev
[1].wps_reg(apdev
[0]['bssid'], appin
)
682 dev
[0].request("REMOVE_NETWORK all")
683 dev
[1].request("REMOVE_NETWORK all")
684 dev
[0].wait_disconnected(timeout
=10)
685 dev
[1].wait_disconnected(timeout
=10)
687 logger
.info("WPS provisioning step after AP PIN timeout")
688 hapd
.request("WPS_AP_PIN disable")
689 appin
= hapd
.request("WPS_AP_PIN random 1")
691 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
692 raise Exception("AP PIN unexpectedly still enabled")
693 check_wps_reg_failure(dev
[0], apdev
[0], appin
)
695 logger
.info("WPS provisioning step after AP PIN timeout(2)")
696 hapd
.request("WPS_AP_PIN disable")
698 hapd
.request("WPS_AP_PIN set " + appin
+ " 1")
700 if "FAIL" not in hapd
.request("WPS_AP_PIN get"):
701 raise Exception("AP PIN unexpectedly still enabled")
702 check_wps_reg_failure(dev
[1], apdev
[0], appin
)
704 with
fail_test(hapd
, 1, "os_get_random;wps_generate_pin"):
705 hapd
.request("WPS_AP_PIN random 1")
706 hapd
.request("WPS_AP_PIN disable")
708 with
alloc_fail(hapd
, 1, "upnp_wps_set_ap_pin"):
709 hapd
.request("WPS_AP_PIN set 12345670")
710 hapd
.request("WPS_AP_PIN disable")
712 if "FAIL" not in hapd
.request("WPS_AP_PIN set"):
713 raise Exception("Invalid WPS_AP_PIN accepted")
714 if "FAIL" not in hapd
.request("WPS_AP_PIN foo"):
715 raise Exception("Invalid WPS_AP_PIN accepted")
717 def test_ap_wps_reg_config(dev
, apdev
):
718 """WPS registrar configuring an AP using AP PIN"""
719 ssid
= "test-wps-init-ap-pin"
721 hostapd
.add_ap(apdev
[0],
722 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
724 logger
.info("WPS configuration step")
725 dev
[0].flush_scan_cache()
726 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
727 dev
[0].dump_monitor()
728 new_ssid
= "wps-new-ssid"
729 new_passphrase
= "1234567890"
730 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
732 status
= dev
[0].get_status()
733 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
734 raise Exception("Not fully connected")
735 if status
['ssid'] != new_ssid
:
736 raise Exception("Unexpected SSID")
737 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
738 raise Exception("Unexpected encryption configuration")
739 if status
['key_mgmt'] != 'WPA2-PSK':
740 raise Exception("Unexpected key_mgmt")
742 logger
.info("Re-configure back to open")
743 dev
[0].request("REMOVE_NETWORK all")
744 dev
[0].flush_scan_cache()
745 dev
[0].dump_monitor()
746 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-open", "OPEN", "NONE", "")
747 status
= dev
[0].get_status()
748 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
749 raise Exception("Not fully connected")
750 if status
['ssid'] != "wps-open":
751 raise Exception("Unexpected SSID")
752 if status
['key_mgmt'] != 'NONE':
753 raise Exception("Unexpected key_mgmt")
755 def test_ap_wps_reg_config_ext_processing(dev
, apdev
):
756 """WPS registrar configuring an AP with external config processing"""
757 ssid
= "test-wps-init-ap-pin"
759 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
760 "wps_cred_processing": "1", "ap_pin": appin
}
761 hapd
= hostapd
.add_ap(apdev
[0], params
)
762 dev
[0].flush_scan_cache()
763 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
764 new_ssid
= "wps-new-ssid"
765 new_passphrase
= "1234567890"
766 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
767 new_passphrase
, no_wait
=True)
768 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
770 raise Exception("WPS registrar operation timed out")
771 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=15)
773 raise Exception("WPS configuration timed out")
775 raise Exception("AP Settings missing from event")
776 hapd
.request("SET wps_cred_processing 0")
777 if "FAIL" in hapd
.request("WPS_CONFIG " + binascii
.hexlify(new_ssid
.encode()).decode() + " WPA2PSK CCMP " + binascii
.hexlify(new_passphrase
.encode()).decode()):
778 raise Exception("WPS_CONFIG command failed")
779 dev
[0].wait_connected(timeout
=15)
781 def test_ap_wps_reg_config_tkip(dev
, apdev
):
782 """WPS registrar configuring AP to use TKIP and AP upgrading to TKIP+CCMP"""
783 skip_with_fips(dev
[0])
784 ssid
= "test-wps-init-ap"
786 hostapd
.add_ap(apdev
[0],
787 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
789 logger
.info("WPS configuration step")
790 dev
[0].flush_scan_cache()
791 dev
[0].request("SET wps_version_number 0x10")
792 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
793 dev
[0].dump_monitor()
794 new_ssid
= "wps-new-ssid-with-tkip"
795 new_passphrase
= "1234567890"
796 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPAPSK", "TKIP",
798 logger
.info("Re-connect to verify WPA2 mixed mode")
799 dev
[0].request("DISCONNECT")
801 dev
[0].set_network(id, "pairwise", "CCMP")
802 dev
[0].set_network(id, "proto", "RSN")
803 dev
[0].connect_network(id)
804 status
= dev
[0].get_status()
805 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
806 raise Exception("Not fully connected: wpa_state={} bssid={}".format(status
['wpa_state'], status
['bssid']))
807 if status
['ssid'] != new_ssid
:
808 raise Exception("Unexpected SSID")
809 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
810 raise Exception("Unexpected encryption configuration")
811 if status
['key_mgmt'] != 'WPA2-PSK':
812 raise Exception("Unexpected key_mgmt")
814 def test_ap_wps_setup_locked(dev
, apdev
):
815 """WPS registrar locking up AP setup on AP PIN failures"""
816 ssid
= "test-wps-incorrect-ap-pin"
818 hapd
= hostapd
.add_ap(apdev
[0],
819 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
820 "wpa_passphrase": "12345678", "wpa": "2",
821 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
823 new_ssid
= "wps-new-ssid-test"
824 new_passphrase
= "1234567890"
826 dev
[0].flush_scan_cache()
827 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
828 ap_setup_locked
= False
829 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
830 dev
[0].dump_monitor()
831 logger
.info("Try incorrect AP PIN - attempt " + pin
)
832 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
833 "CCMP", new_passphrase
, no_wait
=True)
834 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
836 raise Exception("Timeout on receiving WPS operation failure event")
837 if "CTRL-EVENT-CONNECTED" in ev
:
838 raise Exception("Unexpected connection")
839 if "config_error=15" in ev
:
840 logger
.info("AP Setup Locked")
841 ap_setup_locked
= True
842 elif "config_error=18" not in ev
:
843 raise Exception("config_error=18 not reported")
844 dev
[0].wait_disconnected(timeout
=10)
846 if not ap_setup_locked
:
847 raise Exception("AP setup was not locked")
848 dev
[0].request("WPS_CANCEL")
849 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True,
851 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
852 if 'wps_ap_setup_locked' not in bss
or bss
['wps_ap_setup_locked'] != '1':
853 logger
.info("BSS: " + str(bss
))
854 raise Exception("AP Setup Locked not indicated in scan results")
856 status
= hapd
.request("WPS_GET_STATUS")
857 if "Last WPS result: Failed" not in status
:
858 raise Exception("WPS failure result not shown correctly")
859 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
860 raise Exception("Peer address not shown correctly")
863 dev
[0].dump_monitor()
864 logger
.info("WPS provisioning step")
865 pin
= dev
[0].wps_read_pin()
866 hapd
.request("WPS_PIN any " + pin
)
867 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
868 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
870 raise Exception("WPS success was not reported")
871 dev
[0].wait_connected(timeout
=30)
873 appin
= hapd
.request("WPS_AP_PIN random")
875 raise Exception("Could not generate random AP PIN")
876 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=10)
878 raise Exception("Failed to unlock AP PIN")
880 def test_ap_wps_setup_locked_timeout(dev
, apdev
):
881 """WPS re-enabling AP PIN after timeout"""
882 ssid
= "test-wps-incorrect-ap-pin"
884 hapd
= hostapd
.add_ap(apdev
[0],
885 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
886 "wpa_passphrase": "12345678", "wpa": "2",
887 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
889 new_ssid
= "wps-new-ssid-test"
890 new_passphrase
= "1234567890"
892 dev
[0].flush_scan_cache()
893 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
894 ap_setup_locked
= False
895 for pin
in ["55554444", "1234", "12345678", "00000000", "11111111"]:
896 dev
[0].dump_monitor()
897 logger
.info("Try incorrect AP PIN - attempt " + pin
)
898 dev
[0].wps_reg(apdev
[0]['bssid'], pin
, new_ssid
, "WPA2PSK",
899 "CCMP", new_passphrase
, no_wait
=True)
900 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"], timeout
=15)
902 raise Exception("Timeout on receiving WPS operation failure event")
903 if "CTRL-EVENT-CONNECTED" in ev
:
904 raise Exception("Unexpected connection")
905 if "config_error=15" in ev
:
906 logger
.info("AP Setup Locked")
907 ap_setup_locked
= True
909 elif "config_error=18" not in ev
:
910 raise Exception("config_error=18 not reported")
911 dev
[0].wait_disconnected(timeout
=10)
913 if not ap_setup_locked
:
914 raise Exception("AP setup was not locked")
915 ev
= hapd
.wait_event(["WPS-AP-SETUP-UNLOCKED"], timeout
=80)
917 raise Exception("AP PIN did not get unlocked on 60 second timeout")
919 def test_ap_wps_setup_locked_2(dev
, apdev
):
920 """WPS AP configured for special ap_setup_locked=2 mode"""
921 ssid
= "test-wps-ap-pin"
923 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
924 "wpa_passphrase": "12345678", "wpa": "2",
925 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
926 "ap_pin": appin
, "ap_setup_locked": "2"}
927 hapd
= hostapd
.add_ap(apdev
[0], params
)
928 new_ssid
= "wps-new-ssid-test"
929 new_passphrase
= "1234567890"
931 dev
[0].flush_scan_cache()
932 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
933 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
934 dev
[0].request("REMOVE_NETWORK all")
935 dev
[0].wait_disconnected()
938 dev
[0].dump_monitor()
939 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK",
940 "CCMP", new_passphrase
, no_wait
=True)
942 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
944 raise Exception("hostapd did not report WPS failure")
945 if "msg=12 config_error=15" not in ev
:
946 raise Exception("Unexpected failure reason (AP): " + ev
)
948 ev
= dev
[0].wait_event(["WPS-FAIL", "CTRL-EVENT-CONNECTED"])
950 raise Exception("Timeout on receiving WPS operation failure event")
951 if "CTRL-EVENT-CONNECTED" in ev
:
952 raise Exception("Unexpected connection")
953 if "config_error=15" not in ev
:
954 raise Exception("Unexpected failure reason (STA): " + ev
)
955 dev
[0].request("WPS_CANCEL")
956 dev
[0].wait_disconnected()
959 def test_ap_wps_pbc_overlap_2ap(dev
, apdev
):
960 """WPS PBC session overlap with two active APs"""
961 params
= {"ssid": "wps1", "eap_server": "1", "wps_state": "2",
962 "wpa_passphrase": "12345678", "wpa": "2",
963 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
964 "wps_independent": "1"}
965 hapd
= hostapd
.add_ap(apdev
[0], params
)
966 params
= {"ssid": "wps2", "eap_server": "1", "wps_state": "2",
967 "wpa_passphrase": "123456789", "wpa": "2",
968 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
969 "wps_independent": "1"}
970 hapd2
= hostapd
.add_ap(apdev
[1], params
)
971 hapd
.request("WPS_PBC")
972 hapd2
.request("WPS_PBC")
973 logger
.info("WPS provisioning step")
974 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
975 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
976 dev
[0].request("WPS_PBC")
977 ev
= dev
[0].wait_event(["WPS-OVERLAP-DETECTED"], timeout
=15)
979 raise Exception("PBC session overlap not detected")
980 hapd
.request("DISABLE")
981 hapd2
.request("DISABLE")
982 dev
[0].flush_scan_cache()
985 def test_ap_wps_pbc_overlap_2sta(dev
, apdev
):
986 """WPS PBC session overlap with two active STAs"""
987 ssid
= "test-wps-pbc-overlap"
988 hapd
= hostapd
.add_ap(apdev
[0],
989 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
990 "wpa_passphrase": "12345678", "wpa": "2",
991 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
992 logger
.info("WPS provisioning step")
993 hapd
.request("WPS_PBC")
994 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
995 dev
[0].dump_monitor()
996 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
997 dev
[1].dump_monitor()
998 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
999 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1000 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=15)
1002 raise Exception("PBC session overlap not detected (dev0)")
1003 if "config_error=12" not in ev
:
1004 raise Exception("PBC session overlap not correctly reported (dev0)")
1005 dev
[0].request("WPS_CANCEL")
1006 dev
[0].request("DISCONNECT")
1007 ev
= dev
[1].wait_event(["WPS-M2D"], timeout
=15)
1009 raise Exception("PBC session overlap not detected (dev1)")
1010 if "config_error=12" not in ev
:
1011 raise Exception("PBC session overlap not correctly reported (dev1)")
1012 dev
[1].request("WPS_CANCEL")
1013 dev
[1].request("DISCONNECT")
1014 hapd
.request("WPS_CANCEL")
1015 ret
= hapd
.request("WPS_PBC")
1016 if "FAIL" not in ret
:
1017 raise Exception("PBC mode allowed to be started while PBC overlap still active")
1018 hapd
.request("DISABLE")
1019 dev
[0].flush_scan_cache()
1020 dev
[1].flush_scan_cache()
1023 def test_ap_wps_cancel(dev
, apdev
):
1024 """WPS AP cancelling enabled config method"""
1025 ssid
= "test-wps-ap-cancel"
1026 hapd
= hostapd
.add_ap(apdev
[0],
1027 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1028 "wpa_passphrase": "12345678", "wpa": "2",
1029 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
1030 bssid
= apdev
[0]['bssid']
1032 logger
.info("Verify PBC enable/cancel")
1033 hapd
.request("WPS_PBC")
1034 dev
[0].scan(freq
="2412")
1035 dev
[0].scan(freq
="2412")
1036 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1037 if "[WPS-PBC]" not in bss
['flags']:
1038 raise Exception("WPS-PBC flag missing")
1039 if "FAIL" in hapd
.request("WPS_CANCEL"):
1040 raise Exception("WPS_CANCEL failed")
1041 dev
[0].scan(freq
="2412")
1042 dev
[0].scan(freq
="2412")
1043 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1044 if "[WPS-PBC]" in bss
['flags']:
1045 raise Exception("WPS-PBC flag not cleared")
1047 logger
.info("Verify PIN enable/cancel")
1048 hapd
.request("WPS_PIN any 12345670")
1049 dev
[0].scan(freq
="2412")
1050 dev
[0].scan(freq
="2412")
1051 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1052 if "[WPS-AUTH]" not in bss
['flags']:
1053 raise Exception("WPS-AUTH flag missing")
1054 if "FAIL" in hapd
.request("WPS_CANCEL"):
1055 raise Exception("WPS_CANCEL failed")
1056 dev
[0].scan(freq
="2412")
1057 dev
[0].scan(freq
="2412")
1058 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
1059 if "[WPS-AUTH]" in bss
['flags']:
1060 raise Exception("WPS-AUTH flag not cleared")
1062 def test_ap_wps_er_add_enrollee(dev
, apdev
):
1063 """WPS ER configuring AP and adding a new enrollee using PIN"""
1065 _test_ap_wps_er_add_enrollee(dev
, apdev
)
1067 dev
[0].request("WPS_ER_STOP")
1069 def _test_ap_wps_er_add_enrollee(dev
, apdev
):
1070 ssid
= "wps-er-add-enrollee"
1072 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1073 hostapd
.add_ap(apdev
[0],
1074 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
1075 "device_name": "Wireless AP", "manufacturer": "Company",
1076 "model_name": "WAP", "model_number": "123",
1077 "serial_number": "12345", "device_type": "6-0050F204-1",
1078 "os_version": "01020300",
1079 'friendly_name': "WPS AP - <>&'\" - TEST",
1080 "config_methods": "label push_button",
1081 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1082 logger
.info("WPS configuration step")
1083 new_passphrase
= "1234567890"
1084 dev
[0].dump_monitor()
1085 dev
[0].flush_scan_cache()
1086 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1087 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
, ssid
, "WPA2PSK", "CCMP",
1089 status
= dev
[0].get_status()
1090 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1091 raise Exception("Not fully connected")
1092 if status
['ssid'] != ssid
:
1093 raise Exception("Unexpected SSID")
1094 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'CCMP':
1095 raise Exception("Unexpected encryption configuration")
1096 if status
['key_mgmt'] != 'WPA2-PSK':
1097 raise Exception("Unexpected key_mgmt")
1099 logger
.info("Start ER")
1100 dev
[0].request("WPS_ER_START ifname=lo")
1101 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1103 raise Exception("AP discovery timed out")
1104 if ap_uuid
not in ev
:
1105 raise Exception("Expected AP UUID not found")
1106 if "|WPS AP - <>&'" - TEST|Company|" not in ev
:
1107 raise Exception("Expected friendly name not found")
1109 logger
.info("Learn AP configuration through UPnP")
1110 dev
[0].dump_monitor()
1111 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1112 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1114 raise Exception("AP learn timed out")
1115 if ap_uuid
not in ev
:
1116 raise Exception("Expected AP UUID not in settings")
1117 if "ssid=" + ssid
not in ev
:
1118 raise Exception("Expected SSID not in settings")
1119 if "key=" + new_passphrase
not in ev
:
1120 raise Exception("Expected passphrase not in settings")
1121 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1123 raise Exception("WPS-FAIL after AP learn timed out")
1126 logger
.info("Add Enrollee using ER")
1127 pin
= dev
[1].wps_read_pin()
1128 dev
[0].dump_monitor()
1129 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1130 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1131 dev
[1].dump_monitor()
1132 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1133 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1135 raise Exception("Enrollee did not report success")
1136 dev
[1].wait_connected(timeout
=15)
1137 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1139 raise Exception("WPS ER did not report success")
1140 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1142 logger
.info("Add a specific Enrollee using ER")
1143 pin
= dev
[2].wps_read_pin()
1144 addr2
= dev
[2].p2p_interface_addr()
1145 dev
[0].dump_monitor()
1146 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1147 dev
[2].dump_monitor()
1148 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1149 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1151 raise Exception("Enrollee not seen")
1153 raise Exception("Unexpected Enrollee MAC address")
1154 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
1155 dev
[2].wait_connected(timeout
=30)
1156 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1158 raise Exception("WPS ER did not report success")
1160 logger
.info("Verify registrar selection behavior")
1161 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1162 dev
[1].request("DISCONNECT")
1163 dev
[1].wait_disconnected(timeout
=10)
1164 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1165 dev
[1].scan(freq
="2412")
1166 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1167 if "[WPS-AUTH]" not in bss
['flags']:
1168 # It is possible for scan to miss an update especially when running
1169 # tests under load with multiple VMs, so allow another attempt.
1170 dev
[1].scan(freq
="2412")
1171 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1172 if "[WPS-AUTH]" not in bss
['flags']:
1173 raise Exception("WPS-AUTH flag missing")
1175 logger
.info("Stop ER")
1176 dev
[0].dump_monitor()
1177 dev
[0].request("WPS_ER_STOP")
1178 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"])
1180 raise Exception("WPS ER unsubscription timed out")
1181 # It takes some time for the UPnP UNSUBSCRIBE command to go through, so wait
1182 # a bit before verifying that the scan results have changed.
1185 for i
in range(0, 10):
1186 dev
[1].request("BSS_FLUSH 0")
1187 dev
[1].scan(freq
="2412", only_new
=True)
1188 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
1189 if bss
and 'flags' in bss
and "[WPS-AUTH]" not in bss
['flags']:
1191 logger
.debug("WPS-AUTH flag was still in place - wait a bit longer")
1193 if "[WPS-AUTH]" in bss
['flags']:
1194 raise Exception("WPS-AUTH flag not removed")
1196 def test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1197 """WPS ER adding a new enrollee identified by UUID"""
1199 _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
)
1201 dev
[0].request("WPS_ER_STOP")
1203 def _test_ap_wps_er_add_enrollee_uuid(dev
, apdev
):
1204 ssid
= "wps-er-add-enrollee"
1206 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1207 hostapd
.add_ap(apdev
[0],
1208 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1209 "wpa_passphrase": "12345678", "wpa": "2",
1210 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1211 "device_name": "Wireless AP", "manufacturer": "Company",
1212 "model_name": "WAP", "model_number": "123",
1213 "serial_number": "12345", "device_type": "6-0050F204-1",
1214 "os_version": "01020300",
1215 "config_methods": "label push_button",
1216 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1217 logger
.info("WPS configuration step")
1218 dev
[0].flush_scan_cache()
1219 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1220 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1222 logger
.info("Start ER")
1223 dev
[0].request("WPS_ER_START ifname=lo")
1224 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1226 raise Exception("AP discovery timed out")
1227 if ap_uuid
not in ev
:
1228 raise Exception("Expected AP UUID not found")
1230 logger
.info("Learn AP configuration through UPnP")
1231 dev
[0].dump_monitor()
1232 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1233 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1235 raise Exception("AP learn timed out")
1236 if ap_uuid
not in ev
:
1237 raise Exception("Expected AP UUID not in settings")
1238 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1240 raise Exception("WPS-FAIL after AP learn timed out")
1243 logger
.info("Add a specific Enrollee using ER (PBC/UUID)")
1244 addr1
= dev
[1].p2p_interface_addr()
1245 dev
[0].dump_monitor()
1246 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1247 dev
[1].dump_monitor()
1248 dev
[1].request("WPS_PBC %s" % apdev
[0]['bssid'])
1249 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1251 raise Exception("Enrollee not seen")
1253 raise Exception("Unexpected Enrollee MAC address")
1254 uuid
= ev
.split(' ')[1]
1255 dev
[0].request("WPS_ER_PBC " + uuid
)
1256 dev
[1].wait_connected(timeout
=30)
1257 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1259 raise Exception("WPS ER did not report success")
1261 logger
.info("Add a specific Enrollee using ER (PIN/UUID)")
1262 pin
= dev
[2].wps_read_pin()
1263 addr2
= dev
[2].p2p_interface_addr()
1264 dev
[0].dump_monitor()
1265 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1266 dev
[2].dump_monitor()
1267 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1268 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
1270 raise Exception("Enrollee not seen")
1272 raise Exception("Unexpected Enrollee MAC address")
1273 uuid
= ev
.split(' ')[1]
1274 dev
[0].request("WPS_ER_PIN " + uuid
+ " " + pin
)
1275 dev
[2].wait_connected(timeout
=30)
1276 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1278 raise Exception("WPS ER did not report success")
1280 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-REMOVE"], timeout
=15)
1282 raise Exception("No Enrollee STA entry timeout seen")
1284 logger
.info("Stop ER")
1285 dev
[0].dump_monitor()
1286 dev
[0].request("WPS_ER_STOP")
1288 def test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1289 """Multiple WPS ERs adding a new enrollee using PIN"""
1291 _test_ap_wps_er_multi_add_enrollee(dev
, apdev
)
1294 dev
[i
].request("WPS_ER_STOP")
1296 def _test_ap_wps_er_multi_add_enrollee(dev
, apdev
):
1297 ssid
= "wps-er-add-enrollee"
1299 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1300 hostapd
.add_ap(apdev
[0],
1301 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1302 "wpa_passphrase": "12345678", "wpa": "2",
1303 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1304 "device_name": "Wireless AP", "manufacturer": "Company",
1305 "model_name": "WAP", "model_number": "123",
1306 "serial_number": "12345", "device_type": "6-0050F204-1",
1307 "os_version": "01020300",
1308 'friendly_name': "WPS AP",
1309 "config_methods": "label push_button",
1310 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1313 dev
[i
].flush_scan_cache()
1314 dev
[i
].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1315 dev
[i
].wps_reg(apdev
[0]['bssid'], ap_pin
)
1317 dev
[i
].request("WPS_ER_START ifname=lo")
1319 ev
= dev
[i
].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1321 raise Exception("AP discovery timed out")
1322 dev
[i
].dump_monitor()
1324 dev
[i
].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1326 ev
= dev
[i
].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1328 raise Exception("AP learn timed out")
1329 ev
= dev
[i
].wait_event(["WPS-FAIL"], timeout
=15)
1331 raise Exception("WPS-FAIL after AP learn timed out")
1335 pin
= dev
[2].wps_read_pin()
1336 addr
= dev
[2].own_addr()
1337 dev
[0].dump_monitor()
1338 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1339 dev
[1].dump_monitor()
1340 dev
[1].request("WPS_ER_PIN any " + pin
+ " " + addr
)
1342 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1343 dev
[2].dump_monitor()
1344 dev
[2].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1345 ev
= dev
[2].wait_event(["WPS-SUCCESS"], timeout
=30)
1347 raise Exception("Enrollee did not report success")
1348 dev
[2].wait_connected(timeout
=15)
1350 def test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1351 """WPS ER connected to AP and adding a new enrollee using PBC"""
1353 _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
)
1355 dev
[0].request("WPS_ER_STOP")
1357 def _test_ap_wps_er_add_enrollee_pbc(dev
, apdev
):
1358 ssid
= "wps-er-add-enrollee-pbc"
1360 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1361 hostapd
.add_ap(apdev
[0],
1362 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1363 "wpa_passphrase": "12345678", "wpa": "2",
1364 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1365 "device_name": "Wireless AP", "manufacturer": "Company",
1366 "model_name": "WAP", "model_number": "123",
1367 "serial_number": "12345", "device_type": "6-0050F204-1",
1368 "os_version": "01020300",
1369 "config_methods": "label push_button",
1370 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1371 logger
.info("Learn AP configuration")
1372 dev
[0].flush_scan_cache()
1373 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1374 dev
[0].dump_monitor()
1375 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1376 status
= dev
[0].get_status()
1377 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1378 raise Exception("Not fully connected")
1380 logger
.info("Start ER")
1381 dev
[0].request("WPS_ER_START ifname=lo")
1382 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1384 raise Exception("AP discovery timed out")
1385 if ap_uuid
not in ev
:
1386 raise Exception("Expected AP UUID not found")
1388 enrollee
= dev
[1].p2p_interface_addr()
1390 if "FAIL-UNKNOWN-UUID" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1391 raise Exception("Unknown UUID not reported")
1393 logger
.info("Add Enrollee using ER and PBC")
1394 dev
[0].dump_monitor()
1395 dev
[1].dump_monitor()
1396 dev
[1].request("WPS_PBC")
1398 for i
in range(0, 2):
1399 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1401 raise Exception("Enrollee discovery timed out")
1405 raise Exception("Expected Enrollee not found")
1406 if "FAIL-NO-AP-SETTINGS" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1407 raise Exception("Unknown UUID not reported")
1408 logger
.info("Use learned network configuration on ER")
1409 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1410 if "OK" not in dev
[0].request("WPS_ER_PBC " + enrollee
):
1411 raise Exception("WPS_ER_PBC failed")
1413 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=15)
1415 raise Exception("Enrollee did not report success")
1416 dev
[1].wait_connected(timeout
=15)
1417 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1419 raise Exception("WPS ER did not report success")
1420 hwsim_utils
.test_connectivity_sta(dev
[0], dev
[1])
1422 def test_ap_wps_er_pbc_overlap(dev
, apdev
):
1423 """WPS ER connected to AP and PBC session overlap"""
1425 _test_ap_wps_er_pbc_overlap(dev
, apdev
)
1427 dev
[0].request("WPS_ER_STOP")
1429 def _test_ap_wps_er_pbc_overlap(dev
, apdev
):
1430 ssid
= "wps-er-add-enrollee-pbc"
1432 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1433 hostapd
.add_ap(apdev
[0],
1434 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1435 "wpa_passphrase": "12345678", "wpa": "2",
1436 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1437 "device_name": "Wireless AP", "manufacturer": "Company",
1438 "model_name": "WAP", "model_number": "123",
1439 "serial_number": "12345", "device_type": "6-0050F204-1",
1440 "os_version": "01020300",
1441 "config_methods": "label push_button",
1442 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1443 dev
[0].flush_scan_cache()
1444 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1445 dev
[0].dump_monitor()
1446 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1448 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1449 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
1450 # avoid leaving dev 1 or 2 as the last Probe Request to the AP
1451 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412, force_scan
=True)
1453 dev
[0].dump_monitor()
1454 dev
[0].request("WPS_ER_START ifname=lo")
1456 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1458 raise Exception("AP discovery timed out")
1459 if ap_uuid
not in ev
:
1460 raise Exception("Expected AP UUID not found")
1462 # verify BSSID selection of the AP instead of UUID
1463 if "FAIL" in dev
[0].request("WPS_ER_SET_CONFIG " + apdev
[0]['bssid'] + " 0"):
1464 raise Exception("Could not select AP based on BSSID")
1466 dev
[0].dump_monitor()
1467 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
1468 dev
[2].request("WPS_PBC " + apdev
[0]['bssid'])
1469 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1471 raise Exception("PBC scan failed")
1472 ev
= dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
1474 raise Exception("PBC scan failed")
1477 addr1
= dev
[1].own_addr()
1478 addr2
= dev
[2].own_addr()
1480 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
1482 raise Exception("Enrollee discovery timed out")
1491 if dev
[0].request("WPS_ER_PBC " + ap_uuid
) != "FAIL-PBC-OVERLAP\n":
1492 raise Exception("PBC overlap not reported")
1493 dev
[1].request("WPS_CANCEL")
1494 dev
[2].request("WPS_CANCEL")
1495 if dev
[0].request("WPS_ER_PBC foo") != "FAIL\n":
1496 raise Exception("Invalid WPS_ER_PBC accepted")
1498 def test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1499 """WPS v1.0 ER connected to AP and adding a new enrollee using PIN"""
1501 _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
)
1503 dev
[0].request("WPS_ER_STOP")
1505 def _test_ap_wps_er_v10_add_enrollee_pin(dev
, apdev
):
1506 ssid
= "wps-er-add-enrollee-pbc"
1508 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1509 hostapd
.add_ap(apdev
[0],
1510 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1511 "wpa_passphrase": "12345678", "wpa": "2",
1512 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1513 "device_name": "Wireless AP", "manufacturer": "Company",
1514 "model_name": "WAP", "model_number": "123",
1515 "serial_number": "12345", "device_type": "6-0050F204-1",
1516 "os_version": "01020300",
1517 "config_methods": "label push_button",
1518 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1519 logger
.info("Learn AP configuration")
1520 dev
[0].request("SET wps_version_number 0x10")
1521 dev
[0].flush_scan_cache()
1522 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1523 dev
[0].dump_monitor()
1524 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1525 status
= dev
[0].get_status()
1526 if status
['wpa_state'] != 'COMPLETED' or status
['bssid'] != apdev
[0]['bssid']:
1527 raise Exception("Not fully connected")
1529 logger
.info("Start ER")
1530 dev
[0].request("WPS_ER_START ifname=lo")
1531 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1533 raise Exception("AP discovery timed out")
1534 if ap_uuid
not in ev
:
1535 raise Exception("Expected AP UUID not found")
1537 logger
.info("Use learned network configuration on ER")
1538 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " 0")
1540 logger
.info("Add Enrollee using ER and PIN")
1541 enrollee
= dev
[1].p2p_interface_addr()
1542 pin
= dev
[1].wps_read_pin()
1543 dev
[0].dump_monitor()
1544 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + enrollee
)
1545 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1546 dev
[1].dump_monitor()
1547 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1548 dev
[1].wait_connected(timeout
=30)
1549 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1551 raise Exception("WPS ER did not report success")
1554 def test_ap_wps_er_config_ap(dev
, apdev
):
1555 """WPS ER configuring AP over UPnP"""
1557 _test_ap_wps_er_config_ap(dev
, apdev
)
1559 dev
[0].request("WPS_ER_STOP")
1561 def _test_ap_wps_er_config_ap(dev
, apdev
):
1562 ssid
= "wps-er-ap-config"
1564 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1565 hostapd
.add_ap(apdev
[0],
1566 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1567 "wpa_passphrase": "12345678", "wpa": "2",
1568 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1569 "device_name": "Wireless AP", "manufacturer": "Company",
1570 "model_name": "WAP", "model_number": "123",
1571 "serial_number": "12345", "device_type": "6-0050F204-1",
1572 "os_version": "01020300",
1573 "config_methods": "label push_button",
1574 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
1576 logger
.info("Connect ER to the AP")
1577 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
1579 logger
.info("WPS configuration step")
1580 dev
[0].request("WPS_ER_START ifname=lo")
1581 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1583 raise Exception("AP discovery timed out")
1584 if ap_uuid
not in ev
:
1585 raise Exception("Expected AP UUID not found")
1586 new_passphrase
= "1234567890"
1587 dev
[0].request("WPS_ER_CONFIG " + apdev
[0]['bssid'] + " " + ap_pin
+ " " +
1588 binascii
.hexlify(ssid
.encode()).decode() + " WPA2PSK CCMP " +
1589 binascii
.hexlify(new_passphrase
.encode()).decode())
1590 ev
= dev
[0].wait_event(["WPS-SUCCESS"])
1592 raise Exception("WPS ER configuration operation timed out")
1593 dev
[0].wait_disconnected(timeout
=10)
1594 dev
[0].connect(ssid
, psk
="1234567890", scan_freq
="2412")
1596 logger
.info("WPS ER restart")
1597 dev
[0].request("WPS_ER_START")
1598 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1600 raise Exception("AP discovery timed out on ER restart")
1601 if ap_uuid
not in ev
:
1602 raise Exception("Expected AP UUID not found on ER restart")
1603 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1604 raise Exception("WPS_ER_STOP failed")
1605 if "OK" not in dev
[0].request("WPS_ER_STOP"):
1606 raise Exception("WPS_ER_STOP failed")
1609 def test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1610 """WPS ER caching AP settings"""
1612 _test_ap_wps_er_cache_ap_settings(dev
, apdev
)
1614 dev
[0].request("WPS_ER_STOP")
1616 def _test_ap_wps_er_cache_ap_settings(dev
, apdev
):
1617 ssid
= "wps-er-add-enrollee"
1619 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1620 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1621 "wpa_passphrase": "12345678", "wpa": "2",
1622 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1623 "device_name": "Wireless AP", "manufacturer": "Company",
1624 "model_name": "WAP", "model_number": "123",
1625 "serial_number": "12345", "device_type": "6-0050F204-1",
1626 "os_version": "01020300",
1627 "config_methods": "label push_button",
1628 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1629 hapd
= hostapd
.add_ap(apdev
[0], params
)
1630 dev
[0].flush_scan_cache()
1631 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1632 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1633 id = int(dev
[0].list_networks()[0]['id'])
1634 dev
[0].set_network(id, "scan_freq", "2412")
1636 dev
[0].request("WPS_ER_START ifname=lo")
1637 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1639 raise Exception("AP discovery timed out")
1640 if ap_uuid
not in ev
:
1641 raise Exception("Expected AP UUID not found")
1643 dev
[0].dump_monitor()
1644 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1645 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1647 raise Exception("AP learn timed out")
1648 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1650 raise Exception("WPS-FAIL after AP learn timed out")
1656 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE", "CTRL-EVENT-DISCONNECTED"],
1659 raise Exception("AP removal or disconnection timed out")
1661 hapd
= hostapd
.add_ap(apdev
[0], params
)
1663 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1666 raise Exception("AP discovery or connection timed out")
1668 pin
= dev
[1].wps_read_pin()
1669 dev
[0].dump_monitor()
1670 dev
[0].request("WPS_ER_PIN any " + pin
+ " " + dev
[1].p2p_interface_addr())
1674 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1675 dev
[1].dump_monitor()
1676 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1677 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
1679 raise Exception("Enrollee did not report success")
1680 dev
[1].wait_connected(timeout
=15)
1681 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
1683 raise Exception("WPS ER did not report success")
1685 dev
[0].dump_monitor()
1686 dev
[0].request("WPS_ER_STOP")
1688 def test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1689 """WPS ER caching AP settings (OOM)"""
1691 _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
)
1693 dev
[0].request("WPS_ER_STOP")
1695 def _test_ap_wps_er_cache_ap_settings_oom(dev
, apdev
):
1696 ssid
= "wps-er-add-enrollee"
1698 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1699 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1700 "wpa_passphrase": "12345678", "wpa": "2",
1701 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1702 "device_name": "Wireless AP", "manufacturer": "Company",
1703 "model_name": "WAP", "model_number": "123",
1704 "serial_number": "12345", "device_type": "6-0050F204-1",
1705 "os_version": "01020300",
1706 "config_methods": "label push_button",
1707 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1708 hapd
= hostapd
.add_ap(apdev
[0], params
)
1709 dev
[0].flush_scan_cache()
1710 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1711 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1712 id = int(dev
[0].list_networks()[0]['id'])
1713 dev
[0].set_network(id, "scan_freq", "2412")
1715 dev
[0].request("WPS_ER_START ifname=lo")
1716 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1718 raise Exception("AP discovery timed out")
1719 if ap_uuid
not in ev
:
1720 raise Exception("Expected AP UUID not found")
1722 dev
[0].dump_monitor()
1723 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1724 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1726 raise Exception("AP learn timed out")
1727 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1729 raise Exception("WPS-FAIL after AP learn timed out")
1732 with
alloc_fail(dev
[0], 1, "=wps_er_ap_use_cached_settings"):
1736 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1737 "CTRL-EVENT-DISCONNECTED"],
1740 raise Exception("AP removal or disconnection timed out")
1742 hapd
= hostapd
.add_ap(apdev
[0], params
)
1744 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1747 raise Exception("AP discovery or connection timed out")
1749 dev
[0].request("WPS_ER_STOP")
1751 def test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1752 """WPS ER caching AP settings (OOM 2)"""
1754 _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
)
1756 dev
[0].request("WPS_ER_STOP")
1758 def _test_ap_wps_er_cache_ap_settings_oom2(dev
, apdev
):
1759 ssid
= "wps-er-add-enrollee"
1761 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1762 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1763 "wpa_passphrase": "12345678", "wpa": "2",
1764 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1765 "device_name": "Wireless AP", "manufacturer": "Company",
1766 "model_name": "WAP", "model_number": "123",
1767 "serial_number": "12345", "device_type": "6-0050F204-1",
1768 "os_version": "01020300",
1769 "config_methods": "label push_button",
1770 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1771 hapd
= hostapd
.add_ap(apdev
[0], params
)
1772 dev
[0].flush_scan_cache()
1773 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1774 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1775 id = int(dev
[0].list_networks()[0]['id'])
1776 dev
[0].set_network(id, "scan_freq", "2412")
1778 dev
[0].request("WPS_ER_START ifname=lo")
1779 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
1781 raise Exception("AP discovery timed out")
1782 if ap_uuid
not in ev
:
1783 raise Exception("Expected AP UUID not found")
1785 dev
[0].dump_monitor()
1786 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1787 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1789 raise Exception("AP learn timed out")
1790 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1792 raise Exception("WPS-FAIL after AP learn timed out")
1795 with
alloc_fail(dev
[0], 1, "=wps_er_ap_cache_settings"):
1799 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE",
1800 "CTRL-EVENT-DISCONNECTED"],
1803 raise Exception("AP removal or disconnection timed out")
1805 hapd
= hostapd
.add_ap(apdev
[0], params
)
1807 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD", "CTRL-EVENT-CONNECTED"],
1810 raise Exception("AP discovery or connection timed out")
1812 dev
[0].request("WPS_ER_STOP")
1814 def test_ap_wps_er_subscribe_oom(dev
, apdev
):
1815 """WPS ER subscribe OOM"""
1817 _test_ap_wps_er_subscribe_oom(dev
, apdev
)
1819 dev
[0].request("WPS_ER_STOP")
1821 def _test_ap_wps_er_subscribe_oom(dev
, apdev
):
1822 ssid
= "wps-er-add-enrollee"
1824 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1825 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1826 "wpa_passphrase": "12345678", "wpa": "2",
1827 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1828 "device_name": "Wireless AP", "manufacturer": "Company",
1829 "model_name": "WAP", "model_number": "123",
1830 "serial_number": "12345", "device_type": "6-0050F204-1",
1831 "os_version": "01020300",
1832 "config_methods": "label push_button",
1833 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1834 hapd
= hostapd
.add_ap(apdev
[0], params
)
1835 dev
[0].flush_scan_cache()
1836 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1837 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1838 id = int(dev
[0].list_networks()[0]['id'])
1839 dev
[0].set_network(id, "scan_freq", "2412")
1841 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_subscribe"):
1842 dev
[0].request("WPS_ER_START ifname=lo")
1844 res
= dev
[0].request("GET_ALLOC_FAIL")
1845 if res
.startswith("0:"):
1848 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=0)
1850 raise Exception("Unexpected AP discovery during OOM")
1852 dev
[0].request("WPS_ER_STOP")
1854 def test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1855 """WPS ER SetSelectedRegistrar OOM"""
1857 _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
)
1859 dev
[0].request("WPS_ER_STOP")
1861 def _test_ap_wps_er_set_sel_reg_oom(dev
, apdev
):
1862 ssid
= "wps-er-add-enrollee"
1864 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1865 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1866 "wpa_passphrase": "12345678", "wpa": "2",
1867 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1868 "device_name": "Wireless AP", "manufacturer": "Company",
1869 "model_name": "WAP", "model_number": "123",
1870 "serial_number": "12345", "device_type": "6-0050F204-1",
1871 "os_version": "01020300",
1872 "config_methods": "label push_button",
1873 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1874 hapd
= hostapd
.add_ap(apdev
[0], params
)
1875 dev
[0].flush_scan_cache()
1876 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1877 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1879 dev
[0].request("WPS_ER_START ifname=lo")
1880 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1882 raise Exception("AP not discovered")
1884 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1885 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
1887 raise Exception("AP learn timed out")
1888 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
1890 raise Exception("WPS-FAIL timed out")
1893 for func
in ["http_client_url_parse;wps_er_send_set_sel_reg",
1894 "wps_er_soap_hdr;wps_er_send_set_sel_reg",
1895 "http_client_addr;wps_er_send_set_sel_reg",
1896 "wpabuf_alloc;wps_er_set_sel_reg"]:
1897 with
alloc_fail(dev
[0], 1, func
):
1898 if "OK" not in dev
[0].request("WPS_ER_PBC " + ap_uuid
):
1899 raise Exception("WPS_ER_PBC failed")
1900 ev
= dev
[0].wait_event(["WPS-PBC-ACTIVE"], timeout
=3)
1902 raise Exception("WPS-PBC-ACTIVE not seen")
1904 dev
[0].request("WPS_ER_STOP")
1907 def test_ap_wps_er_learn_oom(dev
, apdev
):
1908 """WPS ER learn OOM"""
1910 _test_ap_wps_er_learn_oom(dev
, apdev
)
1912 dev
[0].request("WPS_ER_STOP")
1914 def _test_ap_wps_er_learn_oom(dev
, apdev
):
1915 ssid
= "wps-er-add-enrollee"
1917 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
1918 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1919 "wpa_passphrase": "12345678", "wpa": "2",
1920 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1921 "device_name": "Wireless AP", "manufacturer": "Company",
1922 "model_name": "WAP", "model_number": "123",
1923 "serial_number": "12345", "device_type": "6-0050F204-1",
1924 "os_version": "01020300",
1925 "config_methods": "label push_button",
1926 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
1927 hapd
= hostapd
.add_ap(apdev
[0], params
)
1928 dev
[0].flush_scan_cache()
1929 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1930 dev
[0].wps_reg(apdev
[0]['bssid'], ap_pin
)
1932 dev
[0].request("WPS_ER_START ifname=lo")
1933 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
1935 raise Exception("AP not discovered")
1937 for func
in ["wps_er_http_put_message_cb",
1938 "xml_get_base64_item;wps_er_http_put_message_cb",
1939 "http_client_url_parse;wps_er_ap_put_message",
1940 "wps_er_soap_hdr;wps_er_ap_put_message",
1941 "http_client_addr;wps_er_ap_put_message"]:
1942 with
alloc_fail(dev
[0], 1, func
):
1943 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1944 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=1)
1946 raise Exception("AP learn succeeded during OOM")
1948 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
1949 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=10)
1951 raise Exception("AP learn did not succeed")
1953 if "FAIL" not in dev
[0].request("WPS_ER_LEARN 00000000-9e5c-4e73-bd82-f89cbcd10d7e " + ap_pin
):
1954 raise Exception("WPS_ER_LEARN for unknown AP accepted")
1956 dev
[0].request("WPS_ER_STOP")
1958 def test_ap_wps_fragmentation(dev
, apdev
):
1959 """WPS with fragmentation in EAP-WSC and mixed mode WPA+WPA2"""
1960 ssid
= "test-wps-fragmentation"
1962 hapd
= hostapd
.add_ap(apdev
[0],
1963 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
1964 "wpa_passphrase": "12345678", "wpa": "3",
1965 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
1966 "wpa_pairwise": "TKIP", "ap_pin": appin
,
1967 "fragment_size": "50"})
1968 logger
.info("WPS provisioning step (PBC)")
1969 hapd
.request("WPS_PBC")
1970 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1971 dev
[0].dump_monitor()
1972 dev
[0].request("SET wps_fragment_size 50")
1973 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
1974 dev
[0].wait_connected(timeout
=30)
1975 status
= dev
[0].get_status()
1976 if status
['wpa_state'] != 'COMPLETED':
1977 raise Exception("Not fully connected")
1978 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1979 raise Exception("Unexpected encryption configuration")
1980 if status
['key_mgmt'] != 'WPA2-PSK':
1981 raise Exception("Unexpected key_mgmt")
1983 logger
.info("WPS provisioning step (PIN)")
1984 pin
= dev
[1].wps_read_pin()
1985 hapd
.request("WPS_PIN any " + pin
)
1986 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
1987 dev
[1].request("SET wps_fragment_size 50")
1988 dev
[1].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
1989 dev
[1].wait_connected(timeout
=30)
1990 status
= dev
[1].get_status()
1991 if status
['wpa_state'] != 'COMPLETED':
1992 raise Exception("Not fully connected")
1993 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
1994 raise Exception("Unexpected encryption configuration")
1995 if status
['key_mgmt'] != 'WPA2-PSK':
1996 raise Exception("Unexpected key_mgmt")
1998 logger
.info("WPS connection as registrar")
1999 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2000 dev
[2].request("SET wps_fragment_size 50")
2001 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2002 status
= dev
[2].get_status()
2003 if status
['wpa_state'] != 'COMPLETED':
2004 raise Exception("Not fully connected")
2005 if status
['pairwise_cipher'] != 'CCMP' or status
['group_cipher'] != 'TKIP':
2006 raise Exception("Unexpected encryption configuration")
2007 if status
['key_mgmt'] != 'WPA2-PSK':
2008 raise Exception("Unexpected key_mgmt")
2011 def test_ap_wps_new_version_sta(dev
, apdev
):
2012 """WPS compatibility with new version number on the station"""
2013 ssid
= "test-wps-ver"
2014 hapd
= hostapd
.add_ap(apdev
[0],
2015 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2016 "wpa_passphrase": "12345678", "wpa": "2",
2017 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2018 logger
.info("WPS provisioning step")
2019 hapd
.request("WPS_PBC")
2020 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2021 dev
[0].dump_monitor()
2022 dev
[0].request("SET wps_version_number 0x43")
2023 dev
[0].request("SET wps_vendor_ext_m1 000137100100020001")
2024 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2025 dev
[0].wait_connected(timeout
=30)
2028 def test_ap_wps_new_version_ap(dev
, apdev
):
2029 """WPS compatibility with new version number on the AP"""
2030 ssid
= "test-wps-ver"
2031 hapd
= hostapd
.add_ap(apdev
[0],
2032 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2033 "wpa_passphrase": "12345678", "wpa": "2",
2034 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2035 logger
.info("WPS provisioning step")
2036 if "FAIL" in hapd
.request("SET wps_version_number 0x43"):
2037 raise Exception("Failed to enable test functionality")
2038 hapd
.request("WPS_PBC")
2039 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2040 dev
[0].dump_monitor()
2041 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2042 dev
[0].wait_connected(timeout
=30)
2043 hapd
.request("SET wps_version_number 0x20")
2046 def test_ap_wps_check_pin(dev
, apdev
):
2047 """Verify PIN checking through control interface"""
2048 hapd
= hostapd
.add_ap(apdev
[0],
2049 {"ssid": "wps", "eap_server": "1", "wps_state": "2",
2050 "wpa_passphrase": "12345678", "wpa": "2",
2051 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2052 for t
in [("12345670", "12345670"),
2053 ("12345678", "FAIL-CHECKSUM"),
2055 ("123456789", "FAIL"),
2056 ("1234-5670", "12345670"),
2057 ("1234 5670", "12345670"),
2058 ("1-2.3:4 5670", "12345670")]:
2059 res
= hapd
.request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2060 res2
= dev
[0].request("WPS_CHECK_PIN " + t
[0]).rstrip('\n')
2062 raise Exception("Unexpected difference in WPS_CHECK_PIN responses")
2064 raise Exception("Incorrect WPS_CHECK_PIN response {} (expected {})".format(res
, t
[1]))
2066 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 12345"):
2067 raise Exception("Unexpected WPS_CHECK_PIN success")
2068 if "FAIL" not in hapd
.request("WPS_CHECK_PIN 123456789"):
2069 raise Exception("Unexpected WPS_CHECK_PIN success")
2071 for i
in range(0, 10):
2072 pin
= dev
[0].request("WPS_PIN get")
2073 rpin
= dev
[0].request("WPS_CHECK_PIN " + pin
).rstrip('\n')
2075 raise Exception("Random PIN validation failed for " + pin
)
2077 def test_ap_wps_pin_get_failure(dev
, apdev
):
2078 """PIN generation failure"""
2079 with
fail_test(dev
[0], 1,
2080 "os_get_random;wpa_supplicant_ctrl_iface_wps_pin"):
2081 if "FAIL" not in dev
[0].request("WPS_PIN get"):
2082 raise Exception("WPS_PIN did not report failure")
2084 def test_ap_wps_wep_config(dev
, apdev
):
2085 """WPS 2.0 AP rejecting WEP configuration"""
2086 ssid
= "test-wps-config"
2088 hapd
= hostapd
.add_ap(apdev
[0],
2089 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2091 dev
[0].flush_scan_cache()
2092 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2093 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, "wps-new-ssid-wep", "OPEN", "WEP",
2094 "hello", no_wait
=True)
2095 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=15)
2097 raise Exception("WPS-FAIL timed out")
2098 if "reason=2" not in ev
:
2099 raise Exception("Unexpected reason code in WPS-FAIL")
2100 status
= hapd
.request("WPS_GET_STATUS")
2101 if "Last WPS result: Failed" not in status
:
2102 raise Exception("WPS failure result not shown correctly")
2103 if "Failure Reason: WEP Prohibited" not in status
:
2104 raise Exception("Failure reason not reported correctly")
2105 if "Peer Address: " + dev
[0].p2p_interface_addr() not in status
:
2106 raise Exception("Peer address not shown correctly")
2108 def test_ap_wps_wep_enroll(dev
, apdev
):
2109 """WPS 2.0 STA rejecting WEP configuration"""
2110 ssid
= "test-wps-wep"
2111 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2112 "skip_cred_build": "1", "extra_cred": "wps-wep-cred"}
2113 hapd
= hostapd
.add_ap(apdev
[0], params
)
2114 hapd
.request("WPS_PBC")
2115 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2116 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2117 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
2119 raise Exception("WPS-FAIL event timed out")
2120 if "msg=12" not in ev
or "reason=2 (WEP Prohibited)" not in ev
:
2121 raise Exception("Unexpected WPS-FAIL event: " + ev
)
2124 def test_ap_wps_ie_fragmentation(dev
, apdev
):
2125 """WPS AP using fragmented WPS IE"""
2126 ssid
= "test-wps-ie-fragmentation"
2127 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2128 "wpa_passphrase": "12345678", "wpa": "2",
2129 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2130 "device_name": "1234567890abcdef1234567890abcdef",
2131 "manufacturer": "1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef",
2132 "model_name": "1234567890abcdef1234567890abcdef",
2133 "model_number": "1234567890abcdef1234567890abcdef",
2134 "serial_number": "1234567890abcdef1234567890abcdef"}
2135 hapd
= hostapd
.add_ap(apdev
[0], params
)
2136 hapd
.request("WPS_PBC")
2137 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2138 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2139 dev
[0].wait_connected(timeout
=30)
2140 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2141 if "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2142 logger
.info("Device Name not received correctly")
2144 # This can fail if Probe Response frame is missed and Beacon frame was
2145 # used to fill in the BSS entry. This can happen, e.g., during heavy
2146 # load every now and then and is not really an error, so try to
2147 # workaround by runnign another scan.
2148 dev
[0].scan(freq
="2412", only_new
=True)
2149 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
2150 if not bss
or "wps_device_name" not in bss
or bss
['wps_device_name'] != "1234567890abcdef1234567890abcdef":
2152 raise Exception("Device Name not received correctly")
2153 if len(re
.findall("dd..0050f204", bss
['ie'])) != 2:
2154 raise Exception("Unexpected number of WPS IEs")
2156 def get_psk(pskfile
):
2158 with
open(pskfile
, "r") as f
:
2159 lines
= f
.read().splitlines()
2161 if l
== "# WPA PSKs":
2163 (addr
, psk
) = l
.split(' ')
2167 def test_ap_wps_per_station_psk(dev
, apdev
):
2168 """WPS PBC provisioning with per-station PSK"""
2169 addr0
= dev
[0].own_addr()
2170 addr1
= dev
[1].own_addr()
2171 addr2
= dev
[2].own_addr()
2174 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2182 with
open(pskfile
, "w") as f
:
2183 f
.write("# WPA PSKs\n")
2185 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2186 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2187 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2188 "wpa_psk_file": pskfile
}
2189 hapd
= hostapd
.add_ap(apdev
[0], params
)
2191 logger
.info("First enrollee")
2192 hapd
.request("WPS_PBC")
2193 dev
[0].flush_scan_cache()
2194 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2195 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2196 dev
[0].wait_connected(timeout
=30)
2198 logger
.info("Second enrollee")
2199 hapd
.request("WPS_PBC")
2200 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2201 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2202 dev
[1].wait_connected(timeout
=30)
2204 logger
.info("External registrar")
2205 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2206 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2208 logger
.info("Verifying PSK results")
2209 psks
= get_psk(pskfile
)
2210 if addr0
not in psks
:
2211 raise Exception("No PSK recorded for sta0")
2212 if addr1
not in psks
:
2213 raise Exception("No PSK recorded for sta1")
2214 if addr2
not in psks
:
2215 raise Exception("No PSK recorded for sta2")
2216 if psks
[addr0
] == psks
[addr1
]:
2217 raise Exception("Same PSK recorded for sta0 and sta1")
2218 if psks
[addr0
] == psks
[addr2
]:
2219 raise Exception("Same PSK recorded for sta0 and sta2")
2220 if psks
[addr1
] == psks
[addr2
]:
2221 raise Exception("Same PSK recorded for sta1 and sta2")
2223 dev
[0].request("REMOVE_NETWORK all")
2224 logger
.info("Second external registrar")
2225 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2226 dev
[0].wps_reg(apdev
[0]['bssid'], appin
)
2227 psks2
= get_psk(pskfile
)
2228 if addr0
not in psks2
:
2229 raise Exception("No PSK recorded for sta0(reg)")
2230 if psks
[addr0
] == psks2
[addr0
]:
2231 raise Exception("Same PSK recorded for sta0(enrollee) and sta0(reg)")
2235 dev
[0].request("DISCONNECT")
2236 dev
[1].request("DISCONNECT")
2237 dev
[2].request("DISCONNECT")
2239 dev
[0].flush_scan_cache()
2240 dev
[1].flush_scan_cache()
2241 dev
[2].flush_scan_cache()
2243 def test_ap_wps_per_station_psk_failure(dev
, apdev
):
2244 """WPS PBC provisioning with per-station PSK (file not writable)"""
2245 addr0
= dev
[0].p2p_dev_addr()
2246 addr1
= dev
[1].p2p_dev_addr()
2247 addr2
= dev
[2].p2p_dev_addr()
2250 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
2258 with
open(pskfile
, "w") as f
:
2259 f
.write("# WPA PSKs\n")
2261 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2262 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
2263 "rsn_pairwise": "CCMP", "ap_pin": appin
,
2264 "wpa_psk_file": pskfile
}
2265 hapd
= hostapd
.add_ap(apdev
[0], params
)
2266 if "FAIL" in hapd
.request("SET wpa_psk_file /tmp/does/not/exists/ap_wps_per_enrollee_psk_failure.psk_file"):
2267 raise Exception("Failed to set wpa_psk_file")
2269 logger
.info("First enrollee")
2270 hapd
.request("WPS_PBC")
2271 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2272 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2273 dev
[0].wait_connected(timeout
=30)
2275 logger
.info("Second enrollee")
2276 hapd
.request("WPS_PBC")
2277 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2278 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
2279 dev
[1].wait_connected(timeout
=30)
2281 logger
.info("External registrar")
2282 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
2283 dev
[2].wps_reg(apdev
[0]['bssid'], appin
)
2285 logger
.info("Verifying PSK results")
2286 psks
= get_psk(pskfile
)
2288 raise Exception("PSK recorded unexpectedly")
2292 dev
[i
].request("DISCONNECT")
2295 dev
[i
].flush_scan_cache()
2298 def test_ap_wps_pin_request_file(dev
, apdev
):
2299 """WPS PIN provisioning with configured AP"""
2301 pinfile
= "/tmp/ap_wps_pin_request_file.log"
2302 if os
.path
.exists(pinfile
):
2304 hapd
= hostapd
.add_ap(apdev
[0],
2305 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2306 "wps_pin_requests": pinfile
,
2307 "wpa_passphrase": "12345678", "wpa": "2",
2308 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
2309 uuid
= dev
[0].get_status_field("uuid")
2310 pin
= dev
[0].wps_read_pin()
2312 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2313 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
2314 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=15)
2316 raise Exception("PIN needed event not shown")
2318 raise Exception("UUID mismatch")
2319 dev
[0].request("WPS_CANCEL")
2321 with
open(pinfile
, "r") as f
:
2322 lines
= f
.readlines()
2328 raise Exception("PIN request entry not in the log file")
2335 def test_ap_wps_auto_setup_with_config_file(dev
, apdev
):
2336 """WPS auto-setup with configuration file"""
2337 conffile
= "/tmp/ap_wps_auto_setup_with_config_file.conf"
2338 ifname
= apdev
[0]['ifname']
2340 with
open(conffile
, "w") as f
:
2341 f
.write("driver=nl80211\n")
2342 f
.write("hw_mode=g\n")
2343 f
.write("channel=1\n")
2344 f
.write("ieee80211n=1\n")
2345 f
.write("interface=%s\n" % ifname
)
2346 f
.write("ctrl_interface=/var/run/hostapd\n")
2347 f
.write("ssid=wps\n")
2348 f
.write("eap_server=1\n")
2349 f
.write("wps_state=1\n")
2350 hapd
= hostapd
.add_bss(apdev
[0], ifname
, conffile
)
2351 hapd
.request("WPS_PBC")
2352 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
2353 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
2354 dev
[0].wait_connected(timeout
=30)
2355 with
open(conffile
, "r") as f
:
2356 lines
= f
.read().splitlines()
2360 [name
, value
] = l
.split('=', 1)
2362 except ValueError as e
:
2363 if "# WPS configuration" in l
:
2366 raise Exception("Unexpected configuration line: " + l
)
2367 if vals
['ieee80211n'] != '1' or vals
['wps_state'] != '2' or "WPA-PSK" not in vals
['wpa_key_mgmt']:
2368 raise Exception("Incorrect configuration: " + str(vals
))
2375 def test_ap_wps_pbc_timeout(dev
, apdev
, params
):
2376 """wpa_supplicant PBC walk time and WPS ER SelReg timeout [long]"""
2377 if not params
['long']:
2378 raise HwsimSkip("Skip test case with long duration due to --long not specified")
2379 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2380 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2382 location
= ssdp_get_location(ap_uuid
)
2383 urls
= upnp_get_urls(location
)
2384 eventurl
= urlparse(urls
['event_sub_url'])
2385 ctrlurl
= urlparse(urls
['control_url'])
2387 url
= urlparse(location
)
2388 conn
= HTTPConnection(url
.netloc
)
2390 class WPSERHTTPServer(StreamRequestHandler
):
2392 data
= self
.rfile
.readline().strip()
2394 self
.wfile
.write(gen_wps_event())
2396 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
2399 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2401 "timeout": "Second-1234"}
2402 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2403 resp
= conn
.getresponse()
2404 if resp
.status
!= 200:
2405 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2406 sid
= resp
.getheader("sid")
2407 logger
.debug("Subscription SID " + sid
)
2409 msg
= '''<?xml version="1.0"?>
2410 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
2412 <u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
2413 <NewMessage>EEoAARAQQQABARASAAIAABBTAAIxSBBJAA4ANyoAASABBv///////xBIABA2LbR7pTpRkYj7
2416 </u:SetSelectedRegistrar>
2419 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2420 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
2421 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
2422 resp
= conn
.getresponse()
2423 if resp
.status
!= 200:
2424 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2426 server
.handle_request()
2428 logger
.info("Start WPS_PBC and wait for PBC walk time expiration")
2429 if "OK" not in dev
[0].request("WPS_PBC"):
2430 raise Exception("WPS_PBC failed")
2432 start
= os
.times()[4]
2434 server
.handle_request()
2435 dev
[1].request("BSS_FLUSH 0")
2436 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2438 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2439 logger
.debug("BSS: " + str(bss
))
2440 if '[WPS-AUTH]' not in bss
['flags']:
2441 raise Exception("WPS not indicated authorized")
2443 server
.handle_request()
2445 wps_timeout_seen
= False
2449 dev
[1].dump_monitor()
2450 if not wps_timeout_seen
:
2451 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=0)
2453 logger
.info("PBC timeout seen")
2454 wps_timeout_seen
= True
2456 dev
[0].dump_monitor()
2458 if now
- start
> 130:
2459 raise Exception("Selected registration information not removed")
2460 dev
[1].request("BSS_FLUSH 0")
2461 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True,
2463 bss
= dev
[1].get_bss(apdev
[0]['bssid'])
2464 logger
.debug("BSS: " + str(bss
))
2465 if '[WPS-AUTH]' not in bss
['flags']:
2467 server
.handle_request()
2469 server
.server_close()
2471 if wps_timeout_seen
:
2475 if now
< start
+ 150:
2476 dur
= start
+ 150 - now
2479 logger
.info("Continue waiting for PBC timeout (%d sec)" % dur
)
2480 ev
= dev
[0].wait_event(["WPS-TIMEOUT"], timeout
=dur
)
2482 raise Exception("WPS-TIMEOUT not reported")
2484 def add_ssdp_ap(ap
, ap_uuid
):
2487 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
2488 "wpa_passphrase": "12345678", "wpa": "2",
2489 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
2490 "device_name": "Wireless AP", "manufacturer": "Company",
2491 "model_name": "WAP", "model_number": "123",
2492 "serial_number": "12345", "device_type": "6-0050F204-1",
2493 "os_version": "01020300",
2494 "config_methods": "label push_button",
2495 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo",
2496 "friendly_name": "WPS Access Point",
2497 "manufacturer_url": "http://www.example.com/",
2498 "model_description": "Wireless Access Point",
2499 "model_url": "http://www.example.com/model/",
2500 "upc": "123456789012"}
2501 return hostapd
.add_ap(ap
, params
)
2503 def ssdp_send(msg
, no_recv
=False):
2504 socket
.setdefaulttimeout(1)
2505 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2506 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2507 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2508 sock
.bind(("127.0.0.1", 0))
2509 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2512 return sock
.recv(1000).decode()
2514 def ssdp_send_msearch(st
, no_recv
=False):
2516 'M-SEARCH * HTTP/1.1',
2517 'HOST: 239.255.255.250:1900',
2519 'MAN: "ssdp:discover"',
2522 return ssdp_send(msg
, no_recv
=no_recv
)
2524 def test_ap_wps_ssdp_msearch(dev
, apdev
):
2525 """WPS AP and SSDP M-SEARCH messages"""
2526 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2527 add_ssdp_ap(apdev
[0], ap_uuid
)
2530 'M-SEARCH * HTTP/1.1',
2531 'Host: 239.255.255.250:1900',
2533 'Man: "ssdp:discover"',
2534 'St: urn:schemas-wifialliance-org:device:WFADevice:1',
2539 'M-SEARCH * HTTP/1.1',
2540 'host:\t239.255.255.250:1900\t\t\t\t \t\t',
2542 'man: \t \t "ssdp:discover" ',
2543 'st: urn:schemas-wifialliance-org:device:WFADevice:1\t\t',
2547 ssdp_send_msearch("ssdp:all")
2548 ssdp_send_msearch("upnp:rootdevice")
2549 ssdp_send_msearch("uuid:" + ap_uuid
)
2550 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1")
2551 ssdp_send_msearch("urn:schemas-wifialliance-org:device:WFADevice:1")
2554 'M-SEARCH * HTTP/1.1',
2555 'HOST:\t239.255.255.250:1900',
2556 'MAN: "ssdp:discover"',
2558 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2560 ssdp_send(msg
, no_recv
=True)
2562 def test_ap_wps_ssdp_invalid_msearch(dev
, apdev
):
2563 """WPS AP and invalid SSDP M-SEARCH messages"""
2564 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2565 add_ssdp_ap(apdev
[0], ap_uuid
)
2567 socket
.setdefaulttimeout(1)
2568 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2569 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2570 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2571 sock
.bind(("127.0.0.1", 0))
2573 logger
.debug("Missing MX")
2575 'M-SEARCH * HTTP/1.1',
2576 'HOST: 239.255.255.250:1900',
2577 'MAN: "ssdp:discover"',
2578 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2580 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2582 logger
.debug("Negative MX")
2584 'M-SEARCH * HTTP/1.1',
2585 'HOST: 239.255.255.250:1900',
2587 'MAN: "ssdp:discover"',
2588 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2590 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2592 logger
.debug("Invalid MX")
2594 'M-SEARCH * HTTP/1.1',
2595 'HOST: 239.255.255.250:1900',
2597 'MAN: "ssdp:discover"',
2598 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2600 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2602 logger
.debug("Missing MAN")
2604 'M-SEARCH * HTTP/1.1',
2605 'HOST: 239.255.255.250:1900',
2607 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2609 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2611 logger
.debug("Invalid MAN")
2613 'M-SEARCH * HTTP/1.1',
2614 'HOST: 239.255.255.250:1900',
2617 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2619 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2621 'M-SEARCH * HTTP/1.1',
2622 'HOST: 239.255.255.250:1900',
2624 'MAN; "ssdp:discover"',
2625 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2627 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2629 logger
.debug("Missing HOST")
2631 'M-SEARCH * HTTP/1.1',
2632 'MAN: "ssdp:discover"',
2634 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2636 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2638 logger
.debug("Missing ST")
2640 'M-SEARCH * HTTP/1.1',
2641 'HOST: 239.255.255.250:1900',
2642 'MAN: "ssdp:discover"',
2645 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2647 logger
.debug("Mismatching ST")
2649 'M-SEARCH * HTTP/1.1',
2650 'HOST: 239.255.255.250:1900',
2651 'MAN: "ssdp:discover"',
2653 'ST: uuid:16d5f8a9-4ee4-4f5e-81f9-cc6e2f47f42d',
2655 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2657 'M-SEARCH * HTTP/1.1',
2658 'HOST: 239.255.255.250:1900',
2659 'MAN: "ssdp:discover"',
2663 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2665 'M-SEARCH * HTTP/1.1',
2666 'HOST: 239.255.255.250:1900',
2667 'MAN: "ssdp:discover"',
2671 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2673 logger
.debug("Invalid ST")
2675 'M-SEARCH * HTTP/1.1',
2676 'HOST: 239.255.255.250:1900',
2677 'MAN: "ssdp:discover"',
2679 'ST; urn:schemas-wifialliance-org:device:WFADevice:1',
2681 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2683 logger
.debug("Invalid M-SEARCH")
2685 'M+SEARCH * HTTP/1.1',
2686 'HOST: 239.255.255.250:1900',
2687 'MAN: "ssdp:discover"',
2689 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2691 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2693 'M-SEARCH-* HTTP/1.1',
2694 'HOST: 239.255.255.250:1900',
2695 'MAN: "ssdp:discover"',
2697 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2699 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2701 logger
.debug("Invalid message format")
2702 sock
.sendto(b
"NOTIFY * HTTP/1.1", ("239.255.255.250", 1900))
2704 'M-SEARCH * HTTP/1.1',
2705 'HOST: 239.255.255.250:1900',
2706 'MAN: "ssdp:discover"',
2708 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2710 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2714 raise Exception("Unexpected M-SEARCH response: " + r
)
2715 except socket
.timeout
:
2718 logger
.debug("Valid M-SEARCH")
2720 'M-SEARCH * HTTP/1.1',
2721 'HOST: 239.255.255.250:1900',
2722 'MAN: "ssdp:discover"',
2724 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2726 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2731 except socket
.timeout
:
2732 raise Exception("No SSDP response")
2734 def test_ap_wps_ssdp_burst(dev
, apdev
):
2735 """WPS AP and SSDP burst"""
2736 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2737 add_ssdp_ap(apdev
[0], ap_uuid
)
2740 'M-SEARCH * HTTP/1.1',
2741 'HOST: 239.255.255.250:1900',
2742 'MAN: "ssdp:discover"',
2744 'ST: urn:schemas-wifialliance-org:device:WFADevice:1',
2746 socket
.setdefaulttimeout(1)
2747 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2748 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2749 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2750 sock
.bind(("127.0.0.1", 0))
2751 for i
in range(0, 25):
2752 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2756 r
= sock
.recv(1000).decode()
2757 if not r
.startswith("HTTP/1.1 200 OK\r\n"):
2758 raise Exception("Unexpected message: " + r
)
2760 except socket
.timeout
:
2763 raise Exception("Too few SSDP responses")
2765 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
2766 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
2767 sock
.setsockopt(socket
.IPPROTO_IP
, socket
.IP_MULTICAST_TTL
, 2)
2768 sock
.bind(("127.0.0.1", 0))
2769 for i
in range(0, 25):
2770 sock
.sendto(msg
.encode(), ("239.255.255.250", 1900))
2773 r
= sock
.recv(1000).decode()
2776 except socket
.timeout
:
2777 raise Exception("No SSDP response")
2779 def ssdp_get_location(uuid
):
2780 res
= ssdp_send_msearch("uuid:" + uuid
)
2782 for l
in res
.splitlines():
2783 if l
.lower().startswith("location:"):
2784 location
= l
.split(':', 1)[1].strip()
2786 if location
is None:
2787 raise Exception("No UPnP location found")
2790 def upnp_get_urls(location
):
2791 if sys
.version_info
[0] > 2:
2792 conn
= urlopen(location
)
2794 conn
= urlopen(location
, proxies
={})
2795 tree
= ET
.parse(conn
)
2796 root
= tree
.getroot()
2797 urn
= '{urn:schemas-upnp-org:device-1-0}'
2798 service
= root
.find("./" + urn
+ "device/" + urn
+ "serviceList/" + urn
+ "service")
2800 res
['scpd_url'] = urljoin(location
, service
.find(urn
+ 'SCPDURL').text
)
2801 res
['control_url'] = urljoin(location
,
2802 service
.find(urn
+ 'controlURL').text
)
2803 res
['event_sub_url'] = urljoin(location
,
2804 service
.find(urn
+ 'eventSubURL').text
)
2807 def upnp_soap_action(conn
, path
, action
, include_soap_action
=True,
2808 soap_action_override
=None, newmsg
=None, neweventtype
=None,
2810 soapns
= 'http://schemas.xmlsoap.org/soap/envelope/'
2811 wpsns
= 'urn:schemas-wifialliance-org:service:WFAWLANConfig:1'
2812 ET
.register_namespace('soapenv', soapns
)
2813 ET
.register_namespace('wfa', wpsns
)
2815 attrib
['{%s}encodingStyle' % soapns
] = 'http://schemas.xmlsoap.org/soap/encoding/'
2816 root
= ET
.Element("{%s}Envelope" % soapns
, attrib
=attrib
)
2817 body
= ET
.SubElement(root
, "{%s}Body" % soapns
)
2818 act
= ET
.SubElement(body
, "{%s}%s" % (wpsns
, action
))
2820 msg
= ET
.SubElement(act
, "NewMessage")
2821 msg
.text
= base64
.b64encode(newmsg
.encode()).decode()
2823 msg
= ET
.SubElement(act
, "NewWLANEventType")
2824 msg
.text
= neweventtype
2826 msg
= ET
.SubElement(act
, "NewWLANEventMAC")
2827 msg
.text
= neweventmac
2829 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
2830 if include_soap_action
:
2831 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % action
2832 elif soap_action_override
:
2833 headers
["SOAPAction"] = soap_action_override
2834 decl
= b
'<?xml version=\'1.0\' encoding=\'utf8\'?>\n'
2835 conn
.request("POST", path
, decl
+ ET
.tostring(root
), headers
)
2836 return conn
.getresponse()
2838 def test_ap_wps_upnp(dev
, apdev
):
2839 """WPS AP and UPnP operations"""
2840 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2841 add_ssdp_ap(apdev
[0], ap_uuid
)
2843 location
= ssdp_get_location(ap_uuid
)
2844 urls
= upnp_get_urls(location
)
2846 if sys
.version_info
[0] > 2:
2847 conn
= urlopen(urls
['scpd_url'])
2849 conn
= urlopen(urls
['scpd_url'], proxies
={})
2852 if sys
.version_info
[0] > 2:
2854 conn
= urlopen(urljoin(location
, "unknown.html"))
2855 raise Exception("Unexpected HTTP response to GET unknown URL")
2856 except HTTPError
as e
:
2858 raise Exception("Unexpected HTTP response to GET unknown URL")
2860 conn
= urlopen(urljoin(location
, "unknown.html"), proxies
={})
2861 if conn
.getcode() != 404:
2862 raise Exception("Unexpected HTTP response to GET unknown URL")
2864 url
= urlparse(location
)
2865 conn
= HTTPConnection(url
.netloc
)
2866 #conn.set_debuglevel(1)
2867 headers
= {"Content-type": 'text/xml; charset="utf-8"',
2868 "SOAPAction": '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo"'}
2869 conn
.request("POST", "hello", "\r\n\r\n", headers
)
2870 resp
= conn
.getresponse()
2871 if resp
.status
!= 404:
2872 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2874 conn
.request("UNKNOWN", "hello", "\r\n\r\n", headers
)
2875 resp
= conn
.getresponse()
2876 if resp
.status
!= 501:
2877 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2879 headers
= {"Content-type": 'text/xml; charset="utf-8"',
2880 "SOAPAction": '"urn:some-unknown-action#GetDeviceInfo"'}
2881 ctrlurl
= urlparse(urls
['control_url'])
2882 conn
.request("POST", ctrlurl
.path
, "\r\n\r\n", headers
)
2883 resp
= conn
.getresponse()
2884 if resp
.status
!= 401:
2885 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2887 logger
.debug("GetDeviceInfo without SOAPAction header")
2888 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2889 include_soap_action
=False)
2890 if resp
.status
!= 401:
2891 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2893 logger
.debug("GetDeviceInfo with invalid SOAPAction header")
2895 "urn:schemas-wifialliance-org:service:WFAWLANConfig:1#GetDeviceInfo",
2896 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1"',
2897 '"urn:schemas-wifialliance-org:service:WFAWLANConfig:123#GetDevice']:
2898 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo",
2899 include_soap_action
=False,
2900 soap_action_override
=act
)
2901 if resp
.status
!= 401:
2902 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2904 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
2905 if resp
.status
!= 200:
2906 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2907 dev
= resp
.read().decode()
2908 if "NewDeviceInfo" not in dev
:
2909 raise Exception("Unexpected GetDeviceInfo response")
2911 logger
.debug("PutMessage without required parameters")
2912 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutMessage")
2913 if resp
.status
!= 600:
2914 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2916 logger
.debug("PutWLANResponse without required parameters")
2917 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse")
2918 if resp
.status
!= 600:
2919 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2921 logger
.debug("SetSelectedRegistrar from unregistered ER")
2922 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "SetSelectedRegistrar")
2923 if resp
.status
!= 501:
2924 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2926 logger
.debug("Unknown action")
2927 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "Unknown")
2928 if resp
.status
!= 401:
2929 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2931 def test_ap_wps_upnp_subscribe(dev
, apdev
):
2932 """WPS AP and UPnP event subscription"""
2933 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
2934 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
2936 location
= ssdp_get_location(ap_uuid
)
2937 urls
= upnp_get_urls(location
)
2938 eventurl
= urlparse(urls
['event_sub_url'])
2940 url
= urlparse(location
)
2941 conn
= HTTPConnection(url
.netloc
)
2942 #conn.set_debuglevel(1)
2943 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2944 "timeout": "Second-1234"}
2945 conn
.request("SUBSCRIBE", "hello", "\r\n\r\n", headers
)
2946 resp
= conn
.getresponse()
2947 if resp
.status
!= 412:
2948 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2950 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2951 resp
= conn
.getresponse()
2952 if resp
.status
!= 412:
2953 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2955 headers
= {"NT": "upnp:event",
2956 "timeout": "Second-1234"}
2957 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2958 resp
= conn
.getresponse()
2959 if resp
.status
!= 412:
2960 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2962 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2963 "NT": "upnp:foobar",
2964 "timeout": "Second-1234"}
2965 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2966 resp
= conn
.getresponse()
2967 if resp
.status
!= 400:
2968 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2970 logger
.debug("Valid subscription")
2971 headers
= {"callback": '<http://127.0.0.1:12345/event>',
2973 "timeout": "Second-1234"}
2974 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2975 resp
= conn
.getresponse()
2976 if resp
.status
!= 200:
2977 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2978 sid
= resp
.getheader("sid")
2979 logger
.debug("Subscription SID " + sid
)
2981 logger
.debug("Invalid re-subscription")
2982 headers
= {"NT": "upnp:event",
2983 "sid": "123456734567854",
2984 "timeout": "Second-1234"}
2985 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2986 resp
= conn
.getresponse()
2987 if resp
.status
!= 400:
2988 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2990 logger
.debug("Invalid re-subscription")
2991 headers
= {"NT": "upnp:event",
2992 "sid": "uuid:123456734567854",
2993 "timeout": "Second-1234"}
2994 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
2995 resp
= conn
.getresponse()
2996 if resp
.status
!= 400:
2997 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
2999 logger
.debug("Invalid re-subscription")
3000 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3003 "timeout": "Second-1234"}
3004 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3005 resp
= conn
.getresponse()
3006 if resp
.status
!= 400:
3007 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3009 logger
.debug("SID mismatch in re-subscription")
3010 headers
= {"NT": "upnp:event",
3011 "sid": "uuid:4c2bca79-1ff4-4e43-85d4-952a2b8a51fb",
3012 "timeout": "Second-1234"}
3013 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3014 resp
= conn
.getresponse()
3015 if resp
.status
!= 412:
3016 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3018 logger
.debug("Valid re-subscription")
3019 headers
= {"NT": "upnp:event",
3021 "timeout": "Second-1234"}
3022 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3023 resp
= conn
.getresponse()
3024 if resp
.status
!= 200:
3025 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3026 sid2
= resp
.getheader("sid")
3027 logger
.debug("Subscription SID " + sid2
)
3030 raise Exception("Unexpected SID change")
3032 logger
.debug("Valid re-subscription")
3033 headers
= {"NT": "upnp:event",
3034 "sid": "uuid: \t \t" + sid
.split(':')[1],
3035 "timeout": "Second-1234"}
3036 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3037 resp
= conn
.getresponse()
3038 if resp
.status
!= 200:
3039 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3041 logger
.debug("Invalid unsubscription")
3042 headers
= {"sid": sid
}
3043 conn
.request("UNSUBSCRIBE", "/hello", "\r\n\r\n", headers
)
3044 resp
= conn
.getresponse()
3045 if resp
.status
!= 412:
3046 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3047 headers
= {"foo": "bar"}
3048 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3049 resp
= conn
.getresponse()
3050 if resp
.status
!= 412:
3051 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3053 logger
.debug("Valid unsubscription")
3054 headers
= {"sid": sid
}
3055 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3056 resp
= conn
.getresponse()
3057 if resp
.status
!= 200:
3058 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3060 logger
.debug("Unsubscription for not existing SID")
3061 headers
= {"sid": sid
}
3062 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3063 resp
= conn
.getresponse()
3064 if resp
.status
!= 412:
3065 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3067 logger
.debug("Invalid unsubscription")
3068 headers
= {"sid": " \t \tfoo"}
3069 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3070 resp
= conn
.getresponse()
3071 if resp
.status
!= 400:
3072 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3074 logger
.debug("Invalid unsubscription")
3075 headers
= {"sid": "uuid:\t \tfoo"}
3076 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3077 resp
= conn
.getresponse()
3078 if resp
.status
!= 400:
3079 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3081 logger
.debug("Invalid unsubscription")
3082 headers
= {"NT": "upnp:event",
3084 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3085 resp
= conn
.getresponse()
3086 if resp
.status
!= 400:
3087 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3088 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3090 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3091 resp
= conn
.getresponse()
3092 if resp
.status
!= 400:
3093 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3095 logger
.debug("Valid subscription with multiple callbacks")
3096 headers
= {"callback": '<http://127.0.0.1:12345/event> <http://127.0.0.1:12345/event>\t<http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event><http://127.0.0.1:12345/event>',
3098 "timeout": "Second-1234"}
3099 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3100 resp
= conn
.getresponse()
3101 if resp
.status
!= 200:
3102 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3103 sid
= resp
.getheader("sid")
3104 logger
.debug("Subscription SID " + sid
)
3106 # Force subscription to be deleted due to errors
3107 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3108 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3109 with
alloc_fail(hapd
, 1, "event_build_message"):
3111 dev
[1].dump_monitor()
3112 dev
[2].dump_monitor()
3113 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3114 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3115 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3116 dev
[1].request("WPS_CANCEL")
3117 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3118 dev
[2].request("WPS_CANCEL")
3125 headers
= {"sid": sid
}
3126 conn
.request("UNSUBSCRIBE", eventurl
.path
, "", headers
)
3127 resp
= conn
.getresponse()
3128 if resp
.status
!= 200 and resp
.status
!= 412:
3129 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3131 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3133 "timeout": "Second-1234"}
3134 with
alloc_fail(hapd
, 1, "http_client_addr;event_send_start"):
3135 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3136 resp
= conn
.getresponse()
3137 if resp
.status
!= 200:
3138 raise Exception("Unexpected HTTP response for SUBSCRIBE: %d" % resp
.status
)
3139 sid
= resp
.getheader("sid")
3140 logger
.debug("Subscription SID " + sid
)
3142 headers
= {"sid": sid
}
3143 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3144 resp
= conn
.getresponse()
3145 if resp
.status
!= 200:
3146 raise Exception("Unexpected HTTP response for UNSUBSCRIBE: %d" % resp
.status
)
3148 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3150 "timeout": "Second-1234"}
3151 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3152 resp
= conn
.getresponse()
3153 if resp
.status
!= 200:
3154 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3155 sid
= resp
.getheader("sid")
3156 logger
.debug("Subscription SID " + sid
)
3158 with
alloc_fail(hapd
, 1, "=wps_upnp_event_add"):
3160 dev
[1].dump_monitor()
3161 dev
[2].dump_monitor()
3162 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3163 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3164 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3165 dev
[1].request("WPS_CANCEL")
3166 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3167 dev
[2].request("WPS_CANCEL")
3173 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3174 resp
= conn
.getresponse()
3175 if resp
.status
!= 200:
3176 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3178 with
alloc_fail(hapd
, 1, "wpabuf_dup;wps_upnp_event_add"):
3179 dev
[1].dump_monitor()
3180 dev
[2].dump_monitor()
3181 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3182 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3183 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3184 dev
[1].request("WPS_CANCEL")
3185 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3186 dev
[2].request("WPS_CANCEL")
3189 with
fail_test(hapd
, 1, "os_get_random;uuid_make;subscription_start"):
3190 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3191 resp
= conn
.getresponse()
3192 if resp
.status
!= 500:
3193 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3195 with
alloc_fail(hapd
, 1, "=subscription_start"):
3196 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3197 resp
= conn
.getresponse()
3198 if resp
.status
!= 500:
3199 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3201 headers
= {"callback": '',
3203 "timeout": "Second-1234"}
3204 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3205 resp
= conn
.getresponse()
3206 if resp
.status
!= 500:
3207 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3209 headers
= {"callback": ' <',
3211 "timeout": "Second-1234"}
3212 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3213 resp
= conn
.getresponse()
3214 if resp
.status
!= 500:
3215 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3217 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3219 "timeout": "Second-1234"}
3220 with
alloc_fail(hapd
, 1, "wpabuf_alloc;subscription_first_event"):
3221 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3222 resp
= conn
.getresponse()
3223 if resp
.status
!= 500:
3224 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3226 with
alloc_fail(hapd
, 1, "wps_upnp_event_add;subscription_first_event"):
3227 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3228 resp
= conn
.getresponse()
3229 if resp
.status
!= 500:
3230 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3232 with
alloc_fail(hapd
, 1, "subscr_addr_add_url"):
3233 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3234 resp
= conn
.getresponse()
3235 if resp
.status
!= 500:
3236 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3238 with
alloc_fail(hapd
, 2, "subscr_addr_add_url"):
3239 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3240 resp
= conn
.getresponse()
3241 if resp
.status
!= 500:
3242 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3245 headers
= {"callback": '<http://127.0.0.1:%d/event>' % (12345 + i
),
3247 "timeout": "Second-1234"}
3248 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3249 resp
= conn
.getresponse()
3250 if resp
.status
!= 200:
3251 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3253 with
alloc_fail(hapd
, 1, "=upnp_wps_device_send_wlan_event"):
3254 dev
[1].dump_monitor()
3255 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3256 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3257 dev
[1].request("WPS_CANCEL")
3260 with
alloc_fail(hapd
, 1, "wpabuf_alloc;upnp_wps_device_send_event"):
3261 dev
[1].dump_monitor()
3262 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3263 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3264 dev
[1].request("WPS_CANCEL")
3267 with
alloc_fail(hapd
, 1,
3268 "base64_gen_encode;?base64_encode;upnp_wps_device_send_wlan_event"):
3269 dev
[1].dump_monitor()
3270 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3271 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3272 dev
[1].request("WPS_CANCEL")
3276 with
alloc_fail(hapd
, 1, "get_netif_info"):
3277 if "FAIL" not in hapd
.request("ENABLE"):
3278 raise Exception("ENABLE succeeded during OOM")
3280 def test_ap_wps_upnp_subscribe_events(dev
, apdev
):
3281 """WPS AP and UPnP event subscription and many events"""
3282 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3283 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
3285 location
= ssdp_get_location(ap_uuid
)
3286 urls
= upnp_get_urls(location
)
3287 eventurl
= urlparse(urls
['event_sub_url'])
3289 class WPSERHTTPServer(StreamRequestHandler
):
3291 data
= self
.rfile
.readline().strip()
3293 self
.wfile
.write(gen_wps_event())
3295 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
3298 url
= urlparse(location
)
3299 conn
= HTTPConnection(url
.netloc
)
3301 headers
= {"callback": '<http://127.0.0.1:12345/event>',
3303 "timeout": "Second-1234"}
3304 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
3305 resp
= conn
.getresponse()
3306 if resp
.status
!= 200:
3307 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3308 sid
= resp
.getheader("sid")
3309 logger
.debug("Subscription SID " + sid
)
3311 # Fetch the first event message
3312 server
.handle_request()
3314 # Force subscription event queue to reach the maximum length by generating
3315 # new proxied events without the ER fetching any of the pending events.
3316 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3317 dev
[2].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3319 dev
[1].dump_monitor()
3320 dev
[2].dump_monitor()
3321 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3322 dev
[2].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3323 dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3324 dev
[1].request("WPS_CANCEL")
3325 dev
[2].wait_event(["CTRL-EVENT-SCAN-RESULTS"], 5)
3326 dev
[2].request("WPS_CANCEL")
3332 hapd
.request("WPS_PIN any 12345670")
3333 dev
[1].dump_monitor()
3334 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3335 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=10)
3337 raise Exception("WPS success not reported")
3339 # Close the WPS ER HTTP server without fetching all the pending events.
3340 # This tests hostapd code path that clears subscription and the remaining
3341 # event queue when the interface is deinitialized.
3342 server
.handle_request()
3343 server
.server_close()
3345 dev
[1].wait_connected()
3347 def test_ap_wps_upnp_http_proto(dev
, apdev
):
3348 """WPS AP and UPnP/HTTP protocol testing"""
3349 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3350 add_ssdp_ap(apdev
[0], ap_uuid
)
3352 location
= ssdp_get_location(ap_uuid
)
3354 url
= urlparse(location
)
3355 conn
= HTTPConnection(url
.netloc
, timeout
=0.2)
3356 #conn.set_debuglevel(1)
3358 conn
.request("HEAD", "hello")
3359 resp
= conn
.getresponse()
3360 if resp
.status
!= 501:
3361 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3364 for cmd
in ["PUT", "DELETE", "TRACE", "CONNECT", "M-SEARCH", "M-POST"]:
3366 conn
.request(cmd
, "hello")
3367 resp
= conn
.getresponse()
3368 except Exception as e
:
3372 headers
= {"Content-Length": 'abc'}
3373 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3375 resp
= conn
.getresponse()
3376 except Exception as e
:
3380 headers
= {"Content-Length": '-10'}
3381 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3383 resp
= conn
.getresponse()
3384 except Exception as e
:
3388 headers
= {"Content-Length": '10000000000000'}
3389 conn
.request("HEAD", "hello", "\r\n\r\nhello", headers
)
3391 resp
= conn
.getresponse()
3392 except Exception as e
:
3396 headers
= {"Transfer-Encoding": 'abc'}
3397 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3398 resp
= conn
.getresponse()
3399 if resp
.status
!= 501:
3400 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3403 headers
= {"Transfer-Encoding": 'chunked'}
3404 conn
.request("HEAD", "hello", "\r\n\r\n", headers
)
3405 resp
= conn
.getresponse()
3406 if resp
.status
!= 501:
3407 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3411 conn
.request("HEAD", 5000 * 'A')
3413 resp
= conn
.getresponse()
3414 except Exception as e
:
3418 # Long URL but within header length limits
3419 conn
.request("HEAD", 3000 * 'A')
3420 resp
= conn
.getresponse()
3421 if resp
.status
!= 501:
3422 raise Exception("Unexpected response to HEAD: " + str(resp
.status
))
3425 headers
= {"Content-Length": '20'}
3426 conn
.request("POST", "hello", 10 * 'A' + "\r\n\r\n", headers
)
3428 resp
= conn
.getresponse()
3429 except Exception as e
:
3433 conn
.request("POST", "hello", 5000 * 'A' + "\r\n\r\n")
3434 resp
= conn
.getresponse()
3435 if resp
.status
!= 404:
3436 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3439 conn
.request("POST", "hello", 60000 * 'A' + "\r\n\r\n")
3441 resp
= conn
.getresponse()
3442 except Exception as e
:
3446 def test_ap_wps_upnp_http_proto_chunked(dev
, apdev
):
3447 """WPS AP and UPnP/HTTP protocol testing for chunked encoding"""
3448 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3449 add_ssdp_ap(apdev
[0], ap_uuid
)
3451 location
= ssdp_get_location(ap_uuid
)
3453 url
= urlparse(location
)
3454 conn
= HTTPConnection(url
.netloc
)
3455 #conn.set_debuglevel(1)
3457 headers
= {"Transfer-Encoding": 'chunked'}
3458 conn
.request("POST", "hello",
3459 "a\r\nabcdefghij\r\n" + "2\r\nkl\r\n" + "0\r\n\r\n",
3461 resp
= conn
.getresponse()
3462 if resp
.status
!= 404:
3463 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3466 conn
.putrequest("POST", "hello")
3467 conn
.putheader('Transfer-Encoding', 'chunked')
3469 conn
.send(b
"a\r\nabcdefghij\r\n")
3471 conn
.send(b
"2\r\nkl\r\n")
3472 conn
.send(b
"0\r\n\r\n")
3473 resp
= conn
.getresponse()
3474 if resp
.status
!= 404:
3475 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
3478 conn
.putrequest("POST", "hello")
3479 conn
.putheader('Transfer-Encoding', 'chunked')
3483 for i
in range(20000):
3484 conn
.send(b
"1\r\nZ\r\n")
3485 conn
.send(b
"0\r\n\r\n")
3486 resp
= conn
.getresponse()
3488 except Exception as e
:
3492 raise Exception("Too long chunked request did not result in connection reset")
3494 headers
= {"Transfer-Encoding": 'chunked'}
3495 conn
.request("POST", "hello", "80000000\r\na", headers
)
3497 resp
= conn
.getresponse()
3498 except Exception as e
:
3502 conn
.request("POST", "hello", "10000000\r\na", headers
)
3504 resp
= conn
.getresponse()
3505 except Exception as e
:
3510 def test_ap_wps_disabled(dev
, apdev
):
3511 """WPS operations while WPS is disabled"""
3512 ssid
= "test-wps-disabled"
3513 hapd
= hostapd
.add_ap(apdev
[0], {"ssid": ssid
})
3514 if "FAIL" not in hapd
.request("WPS_PBC"):
3515 raise Exception("WPS_PBC succeeded unexpectedly")
3516 if "FAIL" not in hapd
.request("WPS_CANCEL"):
3517 raise Exception("WPS_CANCEL succeeded unexpectedly")
3519 def test_ap_wps_mixed_cred(dev
, apdev
):
3520 """WPS 2.0 STA merging mixed mode WPA/WPA2 credentials"""
3521 ssid
= "test-wps-wep"
3522 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3523 "skip_cred_build": "1", "extra_cred": "wps-mixed-cred"}
3524 hapd
= hostapd
.add_ap(apdev
[0], params
)
3525 hapd
.request("WPS_PBC")
3526 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3527 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3528 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=30)
3530 raise Exception("WPS-SUCCESS event timed out")
3531 nets
= dev
[0].list_networks()
3533 raise Exception("Unexpected number of network blocks")
3535 proto
= dev
[0].get_network(id, "proto")
3536 if proto
!= "WPA RSN":
3537 raise Exception("Unexpected merged proto field value: " + proto
)
3538 pairwise
= dev
[0].get_network(id, "pairwise")
3539 p
= pairwise
.split()
3540 if "CCMP" not in p
or "TKIP" not in p
:
3541 raise Exception("Unexpected merged pairwise field value: " + pairwise
)
3544 def test_ap_wps_while_connected(dev
, apdev
):
3545 """WPS PBC provisioning while connected to another AP"""
3546 ssid
= "test-wps-conf"
3547 hapd
= hostapd
.add_ap(apdev
[0],
3548 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3549 "wpa_passphrase": "12345678", "wpa": "2",
3550 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3552 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3553 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3555 logger
.info("WPS provisioning step")
3556 hapd
.request("WPS_PBC")
3557 dev
[0].dump_monitor()
3558 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3559 dev
[0].wait_connected(timeout
=30)
3560 status
= dev
[0].get_status()
3561 if status
['bssid'] != apdev
[0]['bssid']:
3562 raise Exception("Unexpected BSSID")
3565 def test_ap_wps_while_connected_no_autoconnect(dev
, apdev
):
3566 """WPS PBC provisioning while connected to another AP and STA_AUTOCONNECT disabled"""
3567 ssid
= "test-wps-conf"
3568 hapd
= hostapd
.add_ap(apdev
[0],
3569 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3570 "wpa_passphrase": "12345678", "wpa": "2",
3571 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3573 hostapd
.add_ap(apdev
[1], {"ssid": "open"})
3576 dev
[0].request("STA_AUTOCONNECT 0")
3577 dev
[0].connect("open", key_mgmt
="NONE", scan_freq
="2412")
3579 logger
.info("WPS provisioning step")
3580 hapd
.request("WPS_PBC")
3581 dev
[0].dump_monitor()
3582 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3583 dev
[0].wait_connected(timeout
=30)
3584 status
= dev
[0].get_status()
3585 if status
['bssid'] != apdev
[0]['bssid']:
3586 raise Exception("Unexpected BSSID")
3588 dev
[0].request("STA_AUTOCONNECT 1")
3591 def test_ap_wps_from_event(dev
, apdev
):
3592 """WPS PBC event on AP to enable PBC"""
3593 ssid
= "test-wps-conf"
3594 hapd
= hostapd
.add_ap(apdev
[0],
3595 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3596 "wpa_passphrase": "12345678", "wpa": "2",
3597 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3598 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3599 dev
[0].dump_monitor()
3601 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
3603 ev
= hapd
.wait_event(['WPS-ENROLLEE-SEEN'], timeout
=15)
3605 raise Exception("No WPS-ENROLLEE-SEEN event on AP")
3606 vals
= ev
.split(' ')
3607 if vals
[1] != dev
[0].p2p_interface_addr():
3608 raise Exception("Unexpected enrollee address: " + vals
[1])
3610 raise Exception("Unexpected Device Password Id: " + vals
[5])
3611 hapd
.request("WPS_PBC")
3612 dev
[0].wait_connected(timeout
=30)
3614 def test_ap_wps_ap_scan_2(dev
, apdev
):
3615 """AP_SCAN 2 for WPS"""
3616 ssid
= "test-wps-conf"
3617 hapd
= hostapd
.add_ap(apdev
[0],
3618 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3619 "wpa_passphrase": "12345678", "wpa": "2",
3620 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3621 hapd
.request("WPS_PBC")
3623 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
3624 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
3627 if "OK" not in wpas
.request("AP_SCAN 2"):
3628 raise Exception("Failed to set AP_SCAN 2")
3630 wpas
.flush_scan_cache()
3631 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3633 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
3634 ev
= wpas
.wait_event(["WPS-SUCCESS"], timeout
=15)
3636 raise Exception("WPS-SUCCESS event timed out")
3637 wpas
.wait_connected(timeout
=30)
3639 wpas
.request("DISCONNECT")
3640 wpas
.wait_disconnected()
3641 id = wpas
.list_networks()[0]['id']
3642 pairwise
= wpas
.get_network(id, "pairwise")
3643 if "CCMP" not in pairwise
.split():
3644 raise Exception("Unexpected pairwise parameter value: " + pairwise
)
3645 group
= wpas
.get_network(id, "group")
3646 if "CCMP" not in group
.split():
3647 raise Exception("Unexpected group parameter value: " + group
)
3648 # Need to select a single cipher for ap_scan=2 testing
3649 wpas
.set_network(id, "pairwise", "CCMP")
3650 wpas
.set_network(id, "group", "CCMP")
3651 wpas
.request("BSS_FLUSH 0")
3653 wpas
.request("REASSOCIATE")
3654 wpas
.wait_connected(timeout
=30)
3656 wpas
.request("DISCONNECT")
3657 wpas
.wait_disconnected()
3658 wpas
.flush_scan_cache()
3661 def test_ap_wps_eapol_workaround(dev
, apdev
):
3662 """EAPOL workaround code path for 802.1X header length mismatch"""
3664 hapd
= hostapd
.add_ap(apdev
[0],
3665 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
3666 bssid
= apdev
[0]['bssid']
3667 hapd
.request("SET ext_eapol_frame_io 1")
3668 dev
[0].request("SET ext_eapol_frame_io 1")
3669 hapd
.request("WPS_PBC")
3670 dev
[0].request("WPS_PBC")
3672 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3674 raise Exception("Timeout on EAPOL-TX from hostapd")
3676 res
= dev
[0].request("EAPOL_RX " + bssid
+ " 020000040193000501FFFF")
3678 raise Exception("EAPOL_RX to wpa_supplicant failed")
3680 def test_ap_wps_iteration(dev
, apdev
):
3681 """WPS PIN and iterate through APs without selected registrar"""
3682 ssid
= "test-wps-conf"
3683 hapd
= hostapd
.add_ap(apdev
[0],
3684 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3685 "wpa_passphrase": "12345678", "wpa": "2",
3686 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3688 ssid2
= "test-wps-conf2"
3689 hapd2
= hostapd
.add_ap(apdev
[1],
3690 {"ssid": ssid2
, "eap_server": "1", "wps_state": "2",
3691 "wpa_passphrase": "12345678", "wpa": "2",
3692 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3694 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3695 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
3696 dev
[0].dump_monitor()
3697 pin
= dev
[0].request("WPS_PIN any")
3699 # Wait for iteration through all WPS APs to happen before enabling any
3702 ev
= dev
[0].wait_event(["Associated with"], timeout
=30)
3704 raise Exception("No association seen")
3705 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=10)
3707 raise Exception("No M2D from AP")
3708 dev
[0].wait_disconnected()
3710 # Verify that each AP requested PIN
3711 ev
= hapd
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3713 raise Exception("No WPS-PIN-NEEDED event from AP")
3714 ev
= hapd2
.wait_event(["WPS-PIN-NEEDED"], timeout
=1)
3716 raise Exception("No WPS-PIN-NEEDED event from AP2")
3718 # Provide PIN to one of the APs and verify that connection gets formed
3719 hapd
.request("WPS_PIN any " + pin
)
3720 dev
[0].wait_connected(timeout
=30)
3722 def test_ap_wps_iteration_error(dev
, apdev
):
3723 """WPS AP iteration on no Selected Registrar and error case with an AP"""
3724 ssid
= "test-wps-conf-pin"
3725 hapd
= hostapd
.add_ap(apdev
[0],
3726 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3727 "wpa_passphrase": "12345678", "wpa": "2",
3728 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3729 "wps_independent": "1"})
3730 hapd
.request("SET ext_eapol_frame_io 1")
3731 bssid
= apdev
[0]['bssid']
3732 pin
= dev
[0].wps_read_pin()
3733 dev
[0].request("WPS_PIN any " + pin
)
3735 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3737 raise Exception("No EAPOL-TX (EAP-Request/Identity) from hostapd")
3738 dev
[0].request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
3740 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=15)
3742 raise Exception("No EAPOL-TX (EAP-WSC/Start) from hostapd")
3743 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=5)
3745 raise Exception("No CTRL-EVENT-EAP-STARTED")
3747 # Do not forward any more EAPOL frames to test wpa_supplicant behavior for
3748 # a case with an incorrectly behaving WPS AP.
3750 # Start the real target AP and activate registrar on it.
3751 hapd2
= hostapd
.add_ap(apdev
[1],
3752 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3753 "wpa_passphrase": "12345678", "wpa": "2",
3754 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3755 "wps_independent": "1"})
3756 hapd2
.request("WPS_PIN any " + pin
)
3758 dev
[0].wait_disconnected(timeout
=15)
3759 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-STARTED"], timeout
=15)
3761 raise Exception("No CTRL-EVENT-EAP-STARTED for the second AP")
3762 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
3764 raise Exception("No WPS-CRED-RECEIVED for the second AP")
3765 dev
[0].wait_connected(timeout
=15)
3768 def test_ap_wps_priority(dev
, apdev
):
3769 """WPS PIN provisioning with configured AP and wps_priority"""
3770 ssid
= "test-wps-conf-pin"
3771 hapd
= hostapd
.add_ap(apdev
[0],
3772 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3773 "wpa_passphrase": "12345678", "wpa": "2",
3774 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3775 logger
.info("WPS provisioning step")
3776 pin
= dev
[0].wps_read_pin()
3777 hapd
.request("WPS_PIN any " + pin
)
3778 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3779 dev
[0].dump_monitor()
3781 dev
[0].request("SET wps_priority 6")
3782 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3783 dev
[0].wait_connected(timeout
=30)
3784 netw
= dev
[0].list_networks()
3785 prio
= dev
[0].get_network(netw
[0]['id'], 'priority')
3787 raise Exception("Unexpected network priority: " + prio
)
3789 dev
[0].request("SET wps_priority 0")
3792 def test_ap_wps_and_non_wps(dev
, apdev
):
3793 """WPS and non-WPS AP in single hostapd process"""
3794 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "1"}
3795 hapd
= hostapd
.add_ap(apdev
[0], params
)
3797 params
= {"ssid": "no wps"}
3798 hapd2
= hostapd
.add_ap(apdev
[1], params
)
3800 appin
= hapd
.request("WPS_AP_PIN random")
3802 raise Exception("Could not generate random AP PIN")
3803 if appin
not in hapd
.request("WPS_AP_PIN get"):
3804 raise Exception("Could not fetch current AP PIN")
3806 if "FAIL" in hapd
.request("WPS_PBC"):
3807 raise Exception("WPS_PBC failed")
3808 if "FAIL" in hapd
.request("WPS_CANCEL"):
3809 raise Exception("WPS_CANCEL failed")
3811 def test_ap_wps_init_oom(dev
, apdev
):
3812 """Initial AP configuration and OOM during PSK generation"""
3814 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "1"}
3815 hapd
= hostapd
.add_ap(apdev
[0], params
)
3817 with
alloc_fail(hapd
, 1, "base64_gen_encode;?base64_encode;wps_build_cred"):
3818 pin
= dev
[0].wps_read_pin()
3819 hapd
.request("WPS_PIN any " + pin
)
3820 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3821 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
3822 dev
[0].wait_disconnected()
3824 hapd
.request("WPS_PIN any " + pin
)
3825 dev
[0].wait_connected(timeout
=30)
3828 def test_ap_wps_er_oom(dev
, apdev
):
3829 """WPS ER OOM in XML processing"""
3831 _test_ap_wps_er_oom(dev
, apdev
)
3833 dev
[0].request("WPS_ER_STOP")
3834 dev
[1].request("WPS_CANCEL")
3835 dev
[0].request("DISCONNECT")
3837 def _test_ap_wps_er_oom(dev
, apdev
):
3838 ssid
= "wps-er-ap-config"
3840 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
3841 hostapd
.add_ap(apdev
[0],
3842 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3843 "wpa_passphrase": "12345678", "wpa": "2",
3844 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
3845 "device_name": "Wireless AP", "manufacturer": "Company",
3846 "model_name": "WAP", "model_number": "123",
3847 "serial_number": "12345", "device_type": "6-0050F204-1",
3848 "os_version": "01020300",
3849 "config_methods": "label push_button",
3850 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"})
3852 dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
3854 with
alloc_fail(dev
[0], 1,
3855 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3856 dev
[0].request("WPS_ER_START ifname=lo")
3857 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=3)
3859 raise Exception("Unexpected AP discovery")
3861 dev
[0].request("WPS_ER_STOP")
3862 dev
[0].request("WPS_ER_START ifname=lo")
3863 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
3865 raise Exception("AP discovery timed out")
3867 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
3868 with
alloc_fail(dev
[0], 1,
3869 "base64_gen_decode;?base64_decode;xml_get_base64_item"):
3870 dev
[1].request("WPS_PBC " + apdev
[0]['bssid'])
3871 ev
= dev
[1].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
3873 raise Exception("PBC scan failed")
3874 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=15)
3876 raise Exception("Enrollee discovery timed out")
3879 def test_ap_wps_er_init_oom(dev
, apdev
):
3880 """WPS ER and OOM during init"""
3882 _test_ap_wps_er_init_oom(dev
, apdev
)
3884 dev
[0].request("WPS_ER_STOP")
3886 def _test_ap_wps_er_init_oom(dev
, apdev
):
3887 with
alloc_fail(dev
[0], 1, "wps_er_init"):
3888 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3889 raise Exception("WPS_ER_START succeeded during OOM")
3890 with
alloc_fail(dev
[0], 1, "http_server_init"):
3891 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3892 raise Exception("WPS_ER_START succeeded during OOM")
3893 with
alloc_fail(dev
[0], 2, "http_server_init"):
3894 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3895 raise Exception("WPS_ER_START succeeded during OOM")
3896 with
alloc_fail(dev
[0], 1, "eloop_sock_table_add_sock;?eloop_register_sock;wps_er_ssdp_init"):
3897 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3898 raise Exception("WPS_ER_START succeeded during OOM")
3899 with
fail_test(dev
[0], 1, "os_get_random;wps_er_init"):
3900 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo"):
3901 raise Exception("WPS_ER_START succeeded during os_get_random failure")
3904 def test_ap_wps_er_init_fail(dev
, apdev
):
3905 """WPS ER init failure"""
3906 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=does-not-exist"):
3907 dev
[0].request("WPS_ER_STOP")
3908 raise Exception("WPS_ER_START with non-existing ifname succeeded")
3910 def test_ap_wps_wpa_cli_action(dev
, apdev
, test_params
):
3911 """WPS events and wpa_cli action script"""
3912 logdir
= os
.path
.abspath(test_params
['logdir'])
3913 pidfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.pid')
3914 logfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.res')
3915 actionfile
= os
.path
.join(logdir
, 'ap_wps_wpa_cli_action.wpa_cli.action.sh')
3917 with
open(actionfile
, 'w') as f
:
3918 f
.write('#!/bin/sh\n')
3919 f
.write('echo $* >> %s\n' % logfile
)
3920 # Kill the process and wait some time before returning to allow all the
3921 # pending events to be processed with some of this happening after the
3922 # eloop SIGALRM signal has been scheduled.
3923 f
.write('if [ $2 = "WPS-SUCCESS" -a -r %s ]; then kill `cat %s`; sleep 1; fi\n' % (pidfile
, pidfile
))
3925 os
.chmod(actionfile
, stat
.S_IREAD | stat
.S_IWRITE | stat
.S_IEXEC |
3926 stat
.S_IRGRP | stat
.S_IXGRP | stat
.S_IROTH | stat
.S_IXOTH
)
3928 ssid
= "test-wps-conf"
3929 hapd
= hostapd
.add_ap(apdev
[0],
3930 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
3931 "wpa_passphrase": "12345678", "wpa": "2",
3932 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
3934 prg
= os
.path
.join(test_params
['logdir'],
3935 'alt-wpa_supplicant/wpa_supplicant/wpa_cli')
3936 if not os
.path
.exists(prg
):
3937 prg
= '../../wpa_supplicant/wpa_cli'
3938 arg
= [prg
, '-P', pidfile
, '-B', '-i', dev
[0].ifname
, '-a', actionfile
]
3939 subprocess
.call(arg
)
3942 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3943 out
= cmd
.communicate()[0].decode()
3945 logger
.debug("Processes:\n" + out
)
3946 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) not in out
:
3947 raise Exception("Did not see wpa_cli running")
3949 hapd
.request("WPS_PIN any 12345670")
3950 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
3951 dev
[0].dump_monitor()
3952 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
3953 dev
[0].wait_connected(timeout
=30)
3956 if not os
.path
.exists(pidfile
):
3960 if not os
.path
.exists(logfile
):
3961 raise Exception("wpa_cli action results file not found")
3962 with
open(logfile
, 'r') as f
:
3964 if "WPS-SUCCESS" not in res
:
3965 raise Exception("WPS-SUCCESS event not seen in action file")
3968 cmd
= subprocess
.Popen(arg
, stdout
=subprocess
.PIPE
)
3969 out
= cmd
.communicate()[0].decode()
3971 logger
.debug("Remaining processes:\n" + out
)
3972 if "wpa_cli -P %s -B -i %s" % (pidfile
, dev
[0].ifname
) in out
:
3973 raise Exception("wpa_cli still running")
3975 if os
.path
.exists(pidfile
):
3976 raise Exception("PID file not removed")
3978 def test_ap_wps_er_ssdp_proto(dev
, apdev
):
3979 """WPS ER SSDP protocol testing"""
3981 _test_ap_wps_er_ssdp_proto(dev
, apdev
)
3983 dev
[0].request("WPS_ER_STOP")
3985 def _test_ap_wps_er_ssdp_proto(dev
, apdev
):
3986 socket
.setdefaulttimeout(1)
3987 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
3988 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
3989 sock
.bind(("239.255.255.250", 1900))
3990 if "FAIL" not in dev
[0].request("WPS_ER_START ifname=lo foo"):
3991 raise Exception("Invalid filter accepted")
3992 if "OK" not in dev
[0].request("WPS_ER_START ifname=lo 1.2.3.4"):
3993 raise Exception("WPS_ER_START with filter failed")
3994 (msg
, addr
) = sock
.recvfrom(1000)
3996 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
3997 if "M-SEARCH" not in msg
:
3998 raise Exception("Not an M-SEARCH")
3999 sock
.sendto(b
"FOO", addr
)
4001 dev
[0].request("WPS_ER_STOP")
4003 dev
[0].request("WPS_ER_START ifname=lo")
4004 (msg
, addr
) = sock
.recvfrom(1000)
4006 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4007 if "M-SEARCH" not in msg
:
4008 raise Exception("Not an M-SEARCH")
4009 sock
.sendto(b
"FOO", addr
)
4010 sock
.sendto(b
"HTTP/1.1 200 OK\r\nFOO\r\n\r\n", addr
)
4011 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:foo\r\n\r\n", addr
)
4012 sock
.sendto(b
"HTTP/1.1 200 OK\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
4013 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: foo=1\r\n\r\n", addr
)
4014 sock
.sendto(b
"HTTP/1.1 200 OK\r\ncache-control: max-age=1\r\n\r\n", addr
)
4015 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:\r\n\r\n", addr
)
4016 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn:foo\r\n\r\n", addr
)
4017 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid:\r\n\r\n", addr
)
4018 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: \r\n\r\n", addr
)
4019 sock
.sendto(b
"HTTP/1.1 200 OK\r\nusn: uuid: foo\r\n\r\n", addr
)
4020 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\n\r\n", addr
)
4021 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nNTS:ssdp:byebye\r\n\r\n", addr
)
4022 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\n\r\n", addr
)
4023 with
alloc_fail(dev
[0], 1, "wps_er_ap_add"):
4024 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4026 with
alloc_fail(dev
[0], 2, "wps_er_ap_add"):
4027 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4030 # Add an AP with bogus URL
4031 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4032 # Update timeout on AP without updating URL
4033 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4034 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4036 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4038 # Add an AP with a valid URL (but no server listing to it)
4039 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1:12345/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4040 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4042 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4046 wps_event_url
= None
4048 def gen_upnp_info(eventSubURL
='wps_event', controlURL
='wps_control',
4049 udn
='uuid:27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'):
4050 payload
= '''<?xml version="1.0"?>
4051 <root xmlns="urn:schemas-upnp-org:device-1-0">
4057 <deviceType>urn:schemas-wifialliance-org:device:WFADevice:1</deviceType>
4058 <friendlyName>WPS Access Point</friendlyName>
4059 <manufacturer>Company</manufacturer>
4060 <modelName>WAP</modelName>
4061 <modelNumber>123</modelNumber>
4062 <serialNumber>12345</serialNumber>
4065 payload
+= '<UDN>' + udn
+ '</UDN>'
4066 payload
+= '''<serviceList>
4068 <serviceType>urn:schemas-wifialliance-org:service:WFAWLANConfig:1</serviceType>
4069 <serviceId>urn:wifialliance-org:serviceId:WFAWLANConfig1</serviceId>
4070 <SCPDURL>wps_scpd.xml</SCPDURL>
4073 payload
+= '<controlURL>' + controlURL
+ '</controlURL>\n'
4075 payload
+= '<eventSubURL>' + eventSubURL
+ '</eventSubURL>\n'
4076 payload
+= '''</service>
4081 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4082 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4083 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4084 'Connection: close\r\n' + \
4085 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4086 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4087 return (hdr
+ payload
).encode()
4089 def gen_wps_control(payload_override
=None):
4090 payload
= '''<?xml version="1.0"?>
4091 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4093 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4094 <NewDeviceInfo>EEoAARAQIgABBBBHABAn6oAanlxOc72C+Jy80Q1+ECAABgIAAAADABAaABCJZ7DPtbU3Ust9
4095 Z3wJF07WEDIAwH45D3i1OqB7eJGwTzqeapS71h3KyXncK2xJZ+xqScrlorNEg6LijBJzG2Ca
4096 +FZli0iliDJd397yAx/jk4nFXco3q5ylBSvSw9dhJ5u1xBKSnTilKGlUHPhLP75PUqM3fot9
4097 7zwtFZ4bx6x1sBA6oEe2d0aUJmLumQGCiKEIWlnxs44zego/2tAe81bDzdPBM7o5HH/FUhD+
4098 KoGzFXp51atP+1n9Vta6AkI0Vye99JKLcC6Md9dMJltSVBgd4Xc4lRAEAAIAIxAQAAIADRAN
4099 AAEBEAgAAgAEEEQAAQIQIQAHQ29tcGFueRAjAANXQVAQJAADMTIzEEIABTEyMzQ1EFQACAAG
4100 AFDyBAABEBEAC1dpcmVsZXNzIEFQEDwAAQEQAgACAAAQEgACAAAQCQACAAAQLQAEgQIDABBJ
4103 </u:GetDeviceInfoResponse>
4107 if payload_override
:
4108 payload
= payload_override
4109 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4110 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4111 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4112 'Connection: close\r\n' + \
4113 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4114 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4115 return (hdr
+ payload
).encode()
4117 def gen_wps_event(sid
='uuid:7eb3342a-8a5f-47fe-a585-0785bfec6d8a'):
4119 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4120 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4121 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4122 'Connection: close\r\n' + \
4123 'Content-Length: ' + str(len(payload
)) + '\r\n'
4125 hdr
+= 'SID: ' + sid
+ '\r\n'
4126 hdr
+= 'Timeout: Second-1801\r\n' + \
4127 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4128 return (hdr
+ payload
).encode()
4130 class WPSAPHTTPServer(StreamRequestHandler
):
4132 data
= self
.rfile
.readline().decode().strip()
4133 logger
.info("HTTP server received: " + data
)
4135 hdr
= self
.rfile
.readline().decode().strip()
4138 logger
.info("HTTP header: " + hdr
)
4139 if "CALLBACK:" in hdr
:
4140 global wps_event_url
4141 wps_event_url
= hdr
.split(' ')[1].strip('<>')
4143 if "GET /foo.xml" in data
:
4144 self
.handle_upnp_info()
4145 elif "POST /wps_control" in data
:
4146 self
.handle_wps_control()
4147 elif "SUBSCRIBE /wps_event" in data
:
4148 self
.handle_wps_event()
4150 self
.handle_others(data
)
4152 def handle_upnp_info(self
):
4153 self
.wfile
.write(gen_upnp_info())
4155 def handle_wps_control(self
):
4156 self
.wfile
.write(gen_wps_control())
4158 def handle_wps_event(self
):
4159 self
.wfile
.write(gen_wps_event())
4161 def handle_others(self
, data
):
4162 logger
.info("Ignore HTTP request: " + data
)
4164 class MyTCPServer(TCPServer
):
4165 def __init__(self
, addr
, handler
):
4166 self
.allow_reuse_address
= True
4167 TCPServer
.__init
__(self
, addr
, handler
)
4169 def wps_er_start(dev
, http_server
, max_age
=1, wait_m_search
=False,
4171 socket
.setdefaulttimeout(1)
4172 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4173 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4174 sock
.bind(("239.255.255.250", 1900))
4175 dev
.request("WPS_ER_START ifname=lo")
4176 for i
in range(100):
4177 (msg
, addr
) = sock
.recvfrom(1000)
4179 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4180 if "M-SEARCH" in msg
:
4182 if not wait_m_search
:
4183 raise Exception("Not an M-SEARCH")
4185 raise Exception("No M-SEARCH seen")
4187 # Add an AP with a valid URL and server listing to it
4188 server
= MyTCPServer(("127.0.0.1", 12345), http_server
)
4189 if not location_url
:
4190 location_url
= 'http://127.0.0.1:12345/foo.xml'
4191 sock
.sendto(("HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:%s\r\ncache-control:max-age=%d\r\n\r\n" % (location_url
, max_age
)).encode(), addr
)
4195 def wps_er_stop(dev
, sock
, server
, on_alloc_fail
=False):
4197 server
.server_close()
4202 res
= dev
.request("GET_ALLOC_FAIL")
4203 if res
.startswith("0:"):
4208 raise Exception("No allocation failure reported")
4210 ev
= dev
.wait_event(["WPS-ER-AP-REMOVE"], timeout
=5)
4212 raise Exception("No WPS-ER-AP-REMOVE event on max-age timeout")
4213 dev
.request("WPS_ER_STOP")
4215 def run_wps_er_proto_test(dev
, handler
, no_event_url
=False, location_url
=None):
4217 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4218 server
, sock
= wps_er_start(dev
, handler
, location_url
=location_url
)
4219 global wps_event_url
4220 wps_event_url
= None
4221 server
.handle_request()
4222 server
.handle_request()
4223 server
.handle_request()
4224 server
.server_close()
4227 raise Exception("Received event URL unexpectedly")
4229 if wps_event_url
is None:
4230 raise Exception("Did not get event URL")
4231 logger
.info("Event URL: " + wps_event_url
)
4233 dev
.request("WPS_ER_STOP")
4235 def send_wlanevent(url
, uuid
, data
, no_response
=False):
4236 conn
= HTTPConnection(url
.netloc
)
4237 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4238 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4239 <e:property><STAStatus>1</STAStatus></e:property>
4240 <e:property><APStatus>1</APStatus></e:property>
4241 <e:property><WLANEvent>'''
4242 payload
+= base64
.b64encode(data
).decode()
4243 payload
+= '</WLANEvent></e:property></e:propertyset>'
4244 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4245 "Server": "Unspecified, UPnP/1.0, Unspecified",
4248 "SID": "uuid:" + uuid
,
4250 "Content-Length": str(len(payload
))}
4251 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4255 except Exception as e
:
4258 resp
= conn
.getresponse()
4259 if resp
.status
!= 200:
4260 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4262 def test_ap_wps_er_http_proto(dev
, apdev
):
4263 """WPS ER HTTP protocol testing"""
4265 _test_ap_wps_er_http_proto(dev
, apdev
)
4267 dev
[0].request("WPS_ER_STOP")
4269 def _test_ap_wps_er_http_proto(dev
, apdev
):
4270 uuid
= '27ea801a-9e5c-4e73-bd82-f89cbcd10d7e'
4271 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
, max_age
=15)
4272 global wps_event_url
4273 wps_event_url
= None
4274 server
.handle_request()
4275 server
.handle_request()
4276 server
.handle_request()
4277 server
.server_close()
4278 if wps_event_url
is None:
4279 raise Exception("Did not get event URL")
4280 logger
.info("Event URL: " + wps_event_url
)
4282 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=10)
4284 raise Exception("No WPS-ER-AP-ADD event")
4286 raise Exception("UUID mismatch")
4290 logger
.info("Valid Probe Request notification")
4291 url
= urlparse(wps_event_url
)
4292 conn
= HTTPConnection(url
.netloc
)
4293 payload
= '''<?xml version="1.0" encoding="utf-8"?>
4294 <e:propertyset xmlns:e="urn:schemas-upnp-org:event-1-0">
4295 <e:property><STAStatus>1</STAStatus></e:property>
4296 <e:property><APStatus>1</APStatus></e:property>
4297 <e:property><WLANEvent>ATAyOjAwOjAwOjAwOjAwOjAwEEoAARAQOgABAhAIAAIxSBBHABA2LbR7pTpRkYj7VFi5hrLk
4298 EFQACAAAAAAAAAAAEDwAAQMQAgACAAAQCQACAAAQEgACAAAQIQABIBAjAAEgECQAASAQEQAI
4299 RGV2aWNlIEEQSQAGADcqAAEg
4300 </WLANEvent></e:property>
4303 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4304 "Server": "Unspecified, UPnP/1.0, Unspecified",
4307 "SID": "uuid:" + uuid
,
4309 "Content-Length": str(len(payload
))}
4310 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4311 resp
= conn
.getresponse()
4312 if resp
.status
!= 200:
4313 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4315 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=5)
4317 raise Exception("No WPS-ER-ENROLLEE-ADD event")
4318 if "362db47b-a53a-5191-88fb-5458b986b2e4" not in ev
:
4319 raise Exception("No Enrollee UUID match")
4321 logger
.info("Incorrect event URL AP id")
4322 conn
= HTTPConnection(url
.netloc
)
4323 conn
.request("NOTIFY", url
.path
+ '123', payload
, headers
)
4324 resp
= conn
.getresponse()
4325 if resp
.status
!= 404:
4326 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4328 logger
.info("Missing AP id")
4329 conn
= HTTPConnection(url
.netloc
)
4330 conn
.request("NOTIFY", '/event/' + url
.path
.split('/')[2],
4334 logger
.info("Incorrect event URL event id")
4335 conn
= HTTPConnection(url
.netloc
)
4336 conn
.request("NOTIFY", '/event/123456789/123', payload
, headers
)
4339 logger
.info("Incorrect event URL prefix")
4340 conn
= HTTPConnection(url
.netloc
)
4341 conn
.request("NOTIFY", '/foobar/123456789/123', payload
, headers
)
4342 resp
= conn
.getresponse()
4343 if resp
.status
!= 404:
4344 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4346 logger
.info("Unsupported request")
4347 conn
= HTTPConnection(url
.netloc
)
4348 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4349 resp
= conn
.getresponse()
4350 if resp
.status
!= 501:
4351 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4353 logger
.info("Unsupported request and OOM")
4354 with
alloc_fail(dev
[0], 1, "wps_er_http_req"):
4355 conn
= HTTPConnection(url
.netloc
)
4356 conn
.request("FOOBAR", '/foobar/123456789/123', payload
, headers
)
4359 logger
.info("Too short WLANEvent")
4361 send_wlanevent(url
, uuid
, data
)
4363 logger
.info("Invalid WLANEventMAC")
4364 data
= b
'\x00qwertyuiopasdfghjklzxcvbnm'
4365 send_wlanevent(url
, uuid
, data
)
4367 logger
.info("Unknown WLANEventType")
4368 data
= b
'\xff02:00:00:00:00:00'
4369 send_wlanevent(url
, uuid
, data
)
4371 logger
.info("Probe Request notification without any attributes")
4372 data
= b
'\x0102:00:00:00:00:00'
4373 send_wlanevent(url
, uuid
, data
)
4375 logger
.info("Probe Request notification with invalid attribute")
4376 data
= b
'\x0102:00:00:00:00:00\xff'
4377 send_wlanevent(url
, uuid
, data
)
4379 logger
.info("EAP message without any attributes")
4380 data
= b
'\x0202:00:00:00:00:00'
4381 send_wlanevent(url
, uuid
, data
)
4383 logger
.info("EAP message with invalid attribute")
4384 data
= b
'\x0202:00:00:00:00:00\xff'
4385 send_wlanevent(url
, uuid
, data
)
4387 logger
.info("EAP message from new STA and not M1")
4388 data
= b
'\x0202:ff:ff:ff:ff:ff' + b
'\x10\x22\x00\x01\x05'
4389 send_wlanevent(url
, uuid
, data
)
4391 logger
.info("EAP message: M1")
4392 data
= b
'\x0202:00:00:00:00:00'
4393 data
+= b
'\x10\x22\x00\x01\x04'
4394 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4395 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4396 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4397 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4398 data
+= b
'\x10\x04\x00\x02\x00\x00'
4399 data
+= b
'\x10\x10\x00\x02\x00\x00'
4400 data
+= b
'\x10\x0d\x00\x01\x00'
4401 data
+= b
'\x10\x08\x00\x02\x00\x00'
4402 data
+= b
'\x10\x44\x00\x01\x00'
4403 data
+= b
'\x10\x21\x00\x00'
4404 data
+= b
'\x10\x23\x00\x00'
4405 data
+= b
'\x10\x24\x00\x00'
4406 data
+= b
'\x10\x42\x00\x00'
4407 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4408 data
+= b
'\x10\x11\x00\x00'
4409 data
+= b
'\x10\x3c\x00\x01\x00'
4410 data
+= b
'\x10\x02\x00\x02\x00\x00'
4411 data
+= b
'\x10\x12\x00\x02\x00\x00'
4412 data
+= b
'\x10\x09\x00\x02\x00\x00'
4413 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4415 send_wlanevent(url
, uuid
, data
)
4417 logger
.info("EAP message: WSC_ACK")
4418 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0d'
4419 send_wlanevent(url
, uuid
, data
)
4421 logger
.info("EAP message: M1")
4422 send_wlanevent(url
, uuid
, m1
)
4424 logger
.info("EAP message: WSC_NACK")
4425 data
= b
'\x0202:00:00:00:00:00' + b
'\x10\x22\x00\x01\x0e'
4426 send_wlanevent(url
, uuid
, data
)
4428 logger
.info("EAP message: M1 - Too long attribute values")
4429 data
= b
'\x0202:00:00:00:00:00'
4430 data
+= b
'\x10\x11\x00\x21' + 33 * b
'\x00'
4431 data
+= b
'\x10\x45\x00\x21' + 33 * b
'\x00'
4432 data
+= b
'\x10\x42\x00\x21' + 33 * b
'\x00'
4433 data
+= b
'\x10\x24\x00\x21' + 33 * b
'\x00'
4434 data
+= b
'\x10\x23\x00\x21' + 33 * b
'\x00'
4435 data
+= b
'\x10\x21\x00\x41' + 65 * b
'\x00'
4436 data
+= b
'\x10\x49\x00\x09\x00\x37\x2a\x05\x02\x00\x00\x05\x00'
4437 send_wlanevent(url
, uuid
, data
)
4439 logger
.info("EAP message: M1 missing UUID-E")
4440 data
= b
'\x0202:00:00:00:00:00'
4441 data
+= b
'\x10\x22\x00\x01\x04'
4442 send_wlanevent(url
, uuid
, data
)
4444 logger
.info("EAP message: M1 missing MAC Address")
4445 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4446 send_wlanevent(url
, uuid
, data
)
4448 logger
.info("EAP message: M1 missing Enrollee Nonce")
4449 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4450 send_wlanevent(url
, uuid
, data
)
4452 logger
.info("EAP message: M1 missing Public Key")
4453 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4454 send_wlanevent(url
, uuid
, data
)
4456 logger
.info("EAP message: M1 missing Authentication Type flags")
4457 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4458 send_wlanevent(url
, uuid
, data
)
4460 logger
.info("EAP message: M1 missing Encryption Type Flags")
4461 data
+= b
'\x10\x04\x00\x02\x00\x00'
4462 send_wlanevent(url
, uuid
, data
)
4464 logger
.info("EAP message: M1 missing Connection Type flags")
4465 data
+= b
'\x10\x10\x00\x02\x00\x00'
4466 send_wlanevent(url
, uuid
, data
)
4468 logger
.info("EAP message: M1 missing Config Methods")
4469 data
+= b
'\x10\x0d\x00\x01\x00'
4470 send_wlanevent(url
, uuid
, data
)
4472 logger
.info("EAP message: M1 missing Wi-Fi Protected Setup State")
4473 data
+= b
'\x10\x08\x00\x02\x00\x00'
4474 send_wlanevent(url
, uuid
, data
)
4476 logger
.info("EAP message: M1 missing Manufacturer")
4477 data
+= b
'\x10\x44\x00\x01\x00'
4478 send_wlanevent(url
, uuid
, data
)
4480 logger
.info("EAP message: M1 missing Model Name")
4481 data
+= b
'\x10\x21\x00\x00'
4482 send_wlanevent(url
, uuid
, data
)
4484 logger
.info("EAP message: M1 missing Model Number")
4485 data
+= b
'\x10\x23\x00\x00'
4486 send_wlanevent(url
, uuid
, data
)
4488 logger
.info("EAP message: M1 missing Serial Number")
4489 data
+= b
'\x10\x24\x00\x00'
4490 send_wlanevent(url
, uuid
, data
)
4492 logger
.info("EAP message: M1 missing Primary Device Type")
4493 data
+= b
'\x10\x42\x00\x00'
4494 send_wlanevent(url
, uuid
, data
)
4496 logger
.info("EAP message: M1 missing Device Name")
4497 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4498 send_wlanevent(url
, uuid
, data
)
4500 logger
.info("EAP message: M1 missing RF Bands")
4501 data
+= b
'\x10\x11\x00\x00'
4502 send_wlanevent(url
, uuid
, data
)
4504 logger
.info("EAP message: M1 missing Association State")
4505 data
+= b
'\x10\x3c\x00\x01\x00'
4506 send_wlanevent(url
, uuid
, data
)
4508 logger
.info("EAP message: M1 missing Device Password ID")
4509 data
+= b
'\x10\x02\x00\x02\x00\x00'
4510 send_wlanevent(url
, uuid
, data
)
4512 logger
.info("EAP message: M1 missing Configuration Error")
4513 data
+= b
'\x10\x12\x00\x02\x00\x00'
4514 send_wlanevent(url
, uuid
, data
)
4516 logger
.info("EAP message: M1 missing OS Version")
4517 data
+= b
'\x10\x09\x00\x02\x00\x00'
4518 send_wlanevent(url
, uuid
, data
)
4520 logger
.info("Check max concurrent requests")
4521 addr
= (url
.hostname
, url
.port
)
4524 socks
[i
] = socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4526 socks
[i
].settimeout(10)
4527 socks
[i
].connect(addr
)
4529 socks
[i
].send(b
"GET / HTTP/1.1\r\n\r\n")
4533 res
= socks
[i
].recv(100).decode()
4537 logger
.info("recv[%d]: len=%d" % (i
, len(res
)))
4541 logger
.info("%d concurrent HTTP GET operations returned response" % count
)
4543 raise Exception("Too few concurrent HTTP connections accepted")
4545 logger
.info("OOM in HTTP server")
4546 for func
in ["http_request_init", "httpread_create",
4547 "eloop_register_timeout;httpread_create",
4548 "eloop_sock_table_add_sock;?eloop_register_sock;httpread_create",
4549 "httpread_hdr_analyze"]:
4550 with
alloc_fail(dev
[0], 1, func
):
4551 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4554 sock
.send(b
"GET / HTTP/1.1\r\n\r\n")
4561 logger
.info("Invalid HTTP header")
4562 for req
in [" GET / HTTP/1.1\r\n\r\n",
4563 "HTTP/1.1 200 OK\r\n\r\n",
4565 "GET %%a%aa% HTTP/1.1\r\n\r\n",
4566 "GET / HTTP/1.1\r\n FOO\r\n\r\n",
4567 "NOTIFY / HTTP/1.1\r\n" + 4097*'a' + '\r\n\r\n',
4568 "NOTIFY / HTTP/1.1\r\n\r\n" + 8193*'a',
4569 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n foo\r\n",
4570 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n1\r\nfoo\r\n",
4571 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\n",
4572 "POST / HTTP/1.1\r\nTransfer-Encoding: CHUNKED\r\n\r\n0\r\naa\ra\r\n\ra"]:
4573 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4575 sock
.settimeout(0.1)
4577 sock
.send(req
.encode())
4584 with
alloc_fail(dev
[0], 2, "httpread_read_handler"):
4585 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4588 sock
.send(b
"NOTIFY / HTTP/1.1\r\n\r\n" + 4500 * b
'a')
4595 conn
= HTTPConnection(url
.netloc
)
4597 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4598 "Server": "Unspecified, UPnP/1.0, Unspecified",
4601 "SID": "uuid:" + uuid
,
4603 "Content-Length": str(len(payload
))}
4604 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4605 resp
= conn
.getresponse()
4606 if resp
.status
!= 200:
4607 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4609 conn
= HTTPConnection(url
.netloc
)
4610 payload
= '<WLANEvent foo></WLANEvent>'
4611 headers
= {"Content-type": 'text/xml; charset="utf-8"',
4612 "Server": "Unspecified, UPnP/1.0, Unspecified",
4615 "SID": "uuid:" + uuid
,
4617 "Content-Length": str(len(payload
))}
4618 conn
.request("NOTIFY", url
.path
, payload
, headers
)
4619 resp
= conn
.getresponse()
4620 if resp
.status
!= 200:
4621 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
4623 with
alloc_fail(dev
[0], 1, "xml_get_first_item"):
4624 send_wlanevent(url
, uuid
, b
'')
4626 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_ext_data;xml_get_base64_item"):
4627 send_wlanevent(url
, uuid
, b
'foo')
4629 for func
in ["wps_init",
4630 "wps_process_manufacturer",
4631 "wps_process_model_name",
4632 "wps_process_model_number",
4633 "wps_process_serial_number",
4634 "wps_process_dev_name"]:
4635 with
alloc_fail(dev
[0], 1, func
):
4636 send_wlanevent(url
, uuid
, m1
)
4638 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_ok"):
4639 send_wlanevent(url
, uuid
, m1
, no_response
=True)
4641 with
alloc_fail(dev
[0], 1, "wps_er_http_resp_not_found"):
4642 url2
= urlparse(wps_event_url
.replace('/event/', '/notfound/'))
4643 send_wlanevent(url2
, uuid
, m1
, no_response
=True)
4645 logger
.info("EAP message: M1")
4646 data
= b
'\x0202:11:22:00:00:00'
4647 data
+= b
'\x10\x22\x00\x01\x04'
4648 data
+= b
'\x10\x47\x00\x10' + 16 * b
'\x00'
4649 data
+= b
'\x10\x20\x00\x06\x02\x00\x00\x00\x00\x00'
4650 data
+= b
'\x10\x1a\x00\x10' + 16 * b
'\x00'
4651 data
+= b
'\x10\x32\x00\xc0' + 192 * b
'\x00'
4652 data
+= b
'\x10\x04\x00\x02\x00\x00'
4653 data
+= b
'\x10\x10\x00\x02\x00\x00'
4654 data
+= b
'\x10\x0d\x00\x01\x00'
4655 data
+= b
'\x10\x08\x00\x02\x00\x00'
4656 data
+= b
'\x10\x44\x00\x01\x00'
4657 data
+= b
'\x10\x21\x00\x00'
4658 data
+= b
'\x10\x23\x00\x00'
4659 data
+= b
'\x10\x24\x00\x00'
4660 data
+= b
'\x10\x42\x00\x00'
4661 data
+= b
'\x10\x54\x00\x08' + 8 * b
'\x00'
4662 data
+= b
'\x10\x11\x00\x00'
4663 data
+= b
'\x10\x3c\x00\x01\x00'
4664 data
+= b
'\x10\x02\x00\x02\x00\x00'
4665 data
+= b
'\x10\x12\x00\x02\x00\x00'
4666 data
+= b
'\x10\x09\x00\x02\x00\x00'
4667 data
+= b
'\x10\x2d\x00\x04\x00\x00\x00\x00'
4668 dev
[0].dump_monitor()
4669 with
alloc_fail(dev
[0], 1, "wps_er_add_sta_data"):
4670 send_wlanevent(url
, uuid
, data
)
4671 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=0.1)
4673 raise Exception("Unexpected enrollee add event")
4674 send_wlanevent(url
, uuid
, data
)
4675 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=2)
4677 raise Exception("Enrollee add event not seen")
4679 with
alloc_fail(dev
[0], 1,
4680 "base64_gen_encode;?base64_encode;wps_er_soap_hdr"):
4681 send_wlanevent(url
, uuid
, data
)
4683 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;wps_er_soap_hdr"):
4684 send_wlanevent(url
, uuid
, data
)
4686 with
alloc_fail(dev
[0], 1, "http_client_url_parse;wps_er_sta_send_msg"):
4687 send_wlanevent(url
, uuid
, data
)
4689 with
alloc_fail(dev
[0], 1, "http_client_addr;wps_er_sta_send_msg"):
4690 send_wlanevent(url
, uuid
, data
)
4692 def test_ap_wps_er_http_proto_no_event_sub_url(dev
, apdev
):
4693 """WPS ER HTTP protocol testing - no eventSubURL"""
4694 class WPSAPHTTPServer_no_event_sub_url(WPSAPHTTPServer
):
4695 def handle_upnp_info(self
):
4696 self
.wfile
.write(gen_upnp_info(eventSubURL
=None))
4697 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_event_sub_url
,
4700 def test_ap_wps_er_http_proto_event_sub_url_dns(dev
, apdev
):
4701 """WPS ER HTTP protocol testing - DNS name in eventSubURL"""
4702 class WPSAPHTTPServer_event_sub_url_dns(WPSAPHTTPServer
):
4703 def handle_upnp_info(self
):
4704 self
.wfile
.write(gen_upnp_info(eventSubURL
='http://example.com/wps_event'))
4705 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_event_sub_url_dns
,
4708 def test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4709 """WPS ER HTTP protocol testing - subscribe OOM"""
4711 _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
)
4713 dev
[0].request("WPS_ER_STOP")
4715 def _test_ap_wps_er_http_proto_subscribe_oom(dev
, apdev
):
4716 tests
= [(1, "http_client_url_parse"),
4717 (1, "wpabuf_alloc;wps_er_subscribe"),
4718 (1, "http_client_addr"),
4719 (1, "eloop_sock_table_add_sock;?eloop_register_sock;http_client_addr"),
4720 (1, "eloop_register_timeout;http_client_addr")]
4721 for count
, func
in tests
:
4722 with
alloc_fail(dev
[0], count
, func
):
4723 server
, sock
= wps_er_start(dev
[0], WPSAPHTTPServer
)
4724 server
.handle_request()
4725 server
.handle_request()
4726 wps_er_stop(dev
[0], sock
, server
, on_alloc_fail
=True)
4728 def test_ap_wps_er_http_proto_no_sid(dev
, apdev
):
4729 """WPS ER HTTP protocol testing - no SID"""
4730 class WPSAPHTTPServer_no_sid(WPSAPHTTPServer
):
4731 def handle_wps_event(self
):
4732 self
.wfile
.write(gen_wps_event(sid
=None))
4733 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_sid
)
4735 def test_ap_wps_er_http_proto_invalid_sid_no_uuid(dev
, apdev
):
4736 """WPS ER HTTP protocol testing - invalid SID - no UUID"""
4737 class WPSAPHTTPServer_invalid_sid_no_uuid(WPSAPHTTPServer
):
4738 def handle_wps_event(self
):
4739 self
.wfile
.write(gen_wps_event(sid
='FOO'))
4740 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_no_uuid
)
4742 def test_ap_wps_er_http_proto_invalid_sid_uuid(dev
, apdev
):
4743 """WPS ER HTTP protocol testing - invalid SID UUID"""
4744 class WPSAPHTTPServer_invalid_sid_uuid(WPSAPHTTPServer
):
4745 def handle_wps_event(self
):
4746 self
.wfile
.write(gen_wps_event(sid
='uuid:FOO'))
4747 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_sid_uuid
)
4749 def test_ap_wps_er_http_proto_subscribe_failing(dev
, apdev
):
4750 """WPS ER HTTP protocol testing - SUBSCRIBE failing"""
4751 class WPSAPHTTPServer_fail_subscribe(WPSAPHTTPServer
):
4752 def handle_wps_event(self
):
4754 hdr
= 'HTTP/1.1 404 Not Found\r\n' + \
4755 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4756 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4757 'Connection: close\r\n' + \
4758 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4759 'Timeout: Second-1801\r\n' + \
4760 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4761 self
.wfile
.write((hdr
+ payload
).encode())
4762 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_fail_subscribe
)
4764 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4765 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4766 class WPSAPHTTPServer_subscribe_invalid_response(WPSAPHTTPServer
):
4767 def handle_wps_event(self
):
4769 hdr
= 'HTTP/1.1 FOO\r\n' + \
4770 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4771 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4772 'Connection: close\r\n' + \
4773 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4774 'Timeout: Second-1801\r\n' + \
4775 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4776 self
.wfile
.write((hdr
+ payload
).encode())
4777 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_subscribe_invalid_response
)
4779 def test_ap_wps_er_http_proto_subscribe_invalid_response(dev
, apdev
):
4780 """WPS ER HTTP protocol testing - SUBSCRIBE and invalid response"""
4781 class WPSAPHTTPServer_invalid_m1(WPSAPHTTPServer
):
4782 def handle_wps_control(self
):
4783 payload
= '''<?xml version="1.0"?>
4784 <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
4786 <u:GetDeviceInfoResponse xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">
4787 <NewDeviceInfo>Rk9P</NewDeviceInfo>
4788 </u:GetDeviceInfoResponse>
4792 self
.wfile
.write(gen_wps_control(payload_override
=payload
))
4793 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_m1
, no_event_url
=True)
4795 def test_ap_wps_er_http_proto_upnp_info_no_device(dev
, apdev
):
4796 """WPS ER HTTP protocol testing - No device in UPnP info"""
4797 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4798 def handle_upnp_info(self
):
4799 payload
= '''<?xml version="1.0"?>
4800 <root xmlns="urn:schemas-upnp-org:device-1-0">
4807 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4808 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4809 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4810 'Connection: close\r\n' + \
4811 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4812 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4813 self
.wfile
.write((hdr
+ payload
).encode())
4814 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4816 def test_ap_wps_er_http_proto_upnp_info_no_device_type(dev
, apdev
):
4817 """WPS ER HTTP protocol testing - No deviceType in UPnP info"""
4818 class WPSAPHTTPServer_no_device(WPSAPHTTPServer
):
4819 def handle_upnp_info(self
):
4820 payload
= '''<?xml version="1.0"?>
4821 <root xmlns="urn:schemas-upnp-org:device-1-0">
4830 hdr
= 'HTTP/1.1 200 OK\r\n' + \
4831 'Content-Type: text/xml; charset="utf-8"\r\n' + \
4832 'Server: Unspecified, UPnP/1.0, Unspecified\r\n' + \
4833 'Connection: close\r\n' + \
4834 'Content-Length: ' + str(len(payload
)) + '\r\n' + \
4835 'Date: Sat, 15 Aug 2015 18:55:08 GMT\r\n\r\n'
4836 self
.wfile
.write((hdr
+ payload
).encode())
4837 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_device
, no_event_url
=True)
4839 def test_ap_wps_er_http_proto_upnp_info_invalid_udn_uuid(dev
, apdev
):
4840 """WPS ER HTTP protocol testing - Invalid UDN UUID"""
4841 class WPSAPHTTPServer_invalid_udn_uuid(WPSAPHTTPServer
):
4842 def handle_upnp_info(self
):
4843 self
.wfile
.write(gen_upnp_info(udn
='uuid:foo'))
4844 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_invalid_udn_uuid
)
4846 def test_ap_wps_er_http_proto_no_control_url(dev
, apdev
):
4847 """WPS ER HTTP protocol testing - no controlURL"""
4848 class WPSAPHTTPServer_no_control_url(WPSAPHTTPServer
):
4849 def handle_upnp_info(self
):
4850 self
.wfile
.write(gen_upnp_info(controlURL
=None))
4851 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_no_control_url
,
4854 def test_ap_wps_er_http_proto_control_url_dns(dev
, apdev
):
4855 """WPS ER HTTP protocol testing - DNS name in controlURL"""
4856 class WPSAPHTTPServer_control_url_dns(WPSAPHTTPServer
):
4857 def handle_upnp_info(self
):
4858 self
.wfile
.write(gen_upnp_info(controlURL
='http://example.com/wps_control'))
4859 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_control_url_dns
,
4862 def test_ap_wps_http_timeout(dev
, apdev
):
4863 """WPS AP/ER and HTTP timeout"""
4865 _test_ap_wps_http_timeout(dev
, apdev
)
4867 dev
[0].request("WPS_ER_STOP")
4869 def _test_ap_wps_http_timeout(dev
, apdev
):
4870 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
4871 add_ssdp_ap(apdev
[0], ap_uuid
)
4873 location
= ssdp_get_location(ap_uuid
)
4874 url
= urlparse(location
)
4875 addr
= (url
.hostname
, url
.port
)
4876 logger
.debug("Open HTTP connection to hostapd, but do not complete request")
4877 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_STREAM
,
4882 class DummyServer(StreamRequestHandler
):
4884 logger
.debug("DummyServer - start 31 sec wait")
4886 logger
.debug("DummyServer - wait done")
4888 logger
.debug("Start WPS ER")
4889 server
, sock2
= wps_er_start(dev
[0], DummyServer
, max_age
=40,
4892 logger
.debug("Start server to accept, but not complete, HTTP connection from WPS ER")
4893 # This will wait for 31 seconds..
4894 server
.handle_request()
4896 logger
.debug("Complete HTTP connection with hostapd (that should have already closed the connection)")
4898 sock
.send("ET / HTTP/1.1\r\n\r\n")
4899 res
= sock
.recv(100)
4904 def test_ap_wps_er_url_parse(dev
, apdev
):
4905 """WPS ER and URL parsing special cases"""
4907 _test_ap_wps_er_url_parse(dev
, apdev
)
4909 dev
[0].request("WPS_ER_STOP")
4911 def _test_ap_wps_er_url_parse(dev
, apdev
):
4912 sock
= socket
.socket(socket
.AF_INET
, socket
.SOCK_DGRAM
, socket
.IPPROTO_UDP
)
4914 sock
.setsockopt(socket
.SOL_SOCKET
, socket
.SO_REUSEADDR
, 1)
4915 sock
.bind(("239.255.255.250", 1900))
4916 dev
[0].request("WPS_ER_START ifname=lo")
4917 (msg
, addr
) = sock
.recvfrom(1000)
4919 logger
.debug("Received SSDP message from %s: %s" % (str(addr
), msg
))
4920 if "M-SEARCH" not in msg
:
4921 raise Exception("Not an M-SEARCH")
4922 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1\r\ncache-control:max-age=1\r\n\r\n", addr
)
4923 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4924 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://127.0.0.1/:foo\r\ncache-control:max-age=1\r\n\r\n", addr
)
4925 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4926 sock
.sendto(b
"HTTP/1.1 200 OK\r\nST: urn:schemas-wifialliance-org:device:WFADevice:1\r\nlocation:http://255.255.255.255:0/foo.xml\r\ncache-control:max-age=1\r\n\r\n", addr
)
4927 ev
= dev
[0].wait_event(["WPS-ER-AP-REMOVE"], timeout
=2)
4931 def test_ap_wps_er_link_update(dev
, apdev
):
4932 """WPS ER and link update special cases"""
4933 class WPSAPHTTPServer_link_update(WPSAPHTTPServer
):
4934 def handle_upnp_info(self
):
4935 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4936 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update
)
4938 class WPSAPHTTPServer_link_update2(WPSAPHTTPServer
):
4939 def handle_others(self
, data
):
4940 if "GET / " in data
:
4941 self
.wfile
.write(gen_upnp_info(controlURL
='/wps_control'))
4942 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_link_update2
,
4943 location_url
='http://127.0.0.1:12345')
4945 def test_ap_wps_er_http_client(dev
, apdev
):
4946 """WPS ER and HTTP client special cases"""
4947 with
alloc_fail(dev
[0], 1, "http_link_update"):
4948 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
)
4950 with
alloc_fail(dev
[0], 1, "wpabuf_alloc;http_client_url"):
4951 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4953 with
alloc_fail(dev
[0], 1, "httpread_create;http_client_tx_ready"):
4954 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer
, no_event_url
=True)
4956 class WPSAPHTTPServer_req_as_resp(WPSAPHTTPServer
):
4957 def handle_upnp_info(self
):
4958 self
.wfile
.write(b
"GET / HTTP/1.1\r\n\r\n")
4959 run_wps_er_proto_test(dev
[0], WPSAPHTTPServer_req_as_resp
,
4962 def test_ap_wps_init_oom(dev
, apdev
):
4963 """wps_init OOM cases"""
4966 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
4968 hapd
= hostapd
.add_ap(apdev
[0], params
)
4969 pin
= dev
[0].wps_read_pin()
4971 with
alloc_fail(hapd
, 1, "wps_init"):
4972 hapd
.request("WPS_PIN any " + pin
)
4973 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4974 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4975 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4977 raise Exception("No EAP failure reported")
4978 dev
[0].request("WPS_CANCEL")
4980 with
alloc_fail(dev
[0], 2, "wps_init"):
4981 hapd
.request("WPS_PIN any " + pin
)
4982 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4983 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
4984 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4986 raise Exception("No EAP failure reported")
4987 dev
[0].request("WPS_CANCEL")
4989 with
alloc_fail(dev
[0], 2, "wps_init"):
4990 hapd
.request("WPS_PBC")
4991 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
4992 dev
[0].request("WPS_PBC %s" % (apdev
[0]['bssid']))
4993 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
4995 raise Exception("No EAP failure reported")
4996 dev
[0].request("WPS_CANCEL")
4998 dev
[0].dump_monitor()
4999 new_ssid
= "wps-new-ssid"
5000 new_passphrase
= "1234567890"
5001 with
alloc_fail(dev
[0], 3, "wps_init"):
5002 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
5003 new_passphrase
, no_wait
=True)
5004 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5006 raise Exception("No EAP failure reported")
5008 dev
[0].flush_scan_cache()
5011 def test_ap_wps_invalid_assoc_req_elem(dev
, apdev
):
5012 """WPS and invalid IE in Association Request frame"""
5014 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5015 hapd
= hostapd
.add_ap(apdev
[0], params
)
5017 hapd
.request("WPS_PIN any " + pin
)
5018 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5020 dev
[0].request("VENDOR_ELEM_ADD 13 dd050050f20410")
5021 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5023 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=10)
5024 if ev
and "vendor=14122" in ev
:
5026 if ev
is None or "vendor=14122" not in ev
:
5027 raise Exception("EAP-WSC not started")
5028 dev
[0].request("WPS_CANCEL")
5030 dev
[0].request("VENDOR_ELEM_REMOVE 13 *")
5032 def test_ap_wps_pbc_pin_mismatch(dev
, apdev
):
5033 """WPS PBC/PIN mismatch"""
5035 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5036 hapd
= hostapd
.add_ap(apdev
[0], params
)
5037 hapd
.request("SET wps_version_number 0x10")
5038 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5039 hapd
.request("WPS_PBC")
5040 pin
= dev
[0].wps_read_pin()
5041 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5042 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5044 raise Exception("Scan did not complete")
5045 dev
[0].request("WPS_CANCEL")
5047 hapd
.request("WPS_CANCEL")
5048 dev
[0].flush_scan_cache()
5051 def test_ap_wps_ie_invalid(dev
, apdev
):
5052 """WPS PIN attempt with AP that has invalid WSC IE"""
5054 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5055 "vendor_elements": "dd050050f20410"}
5056 hapd
= hostapd
.add_ap(apdev
[0], params
)
5057 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5058 hostapd
.add_ap(apdev
[1], params
)
5059 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5060 pin
= dev
[0].wps_read_pin()
5061 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5062 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5064 raise Exception("Scan did not complete")
5065 dev
[0].request("WPS_CANCEL")
5068 def test_ap_wps_scan_prio_order(dev
, apdev
):
5069 """WPS scan priority ordering"""
5071 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5072 hapd
= hostapd
.add_ap(apdev
[0], params
)
5073 params
= {'ssid': "another", "vendor_elements": "dd050050f20410"}
5074 hostapd
.add_ap(apdev
[1], params
)
5075 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5076 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5077 pin
= dev
[0].wps_read_pin()
5078 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5079 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"])
5081 raise Exception("Scan did not complete")
5082 dev
[0].request("WPS_CANCEL")
5084 def test_ap_wps_probe_req_ie_oom(dev
, apdev
):
5085 """WPS ProbeReq IE OOM"""
5087 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5088 hapd
= hostapd
.add_ap(apdev
[0], params
)
5089 pin
= dev
[0].wps_read_pin()
5090 hapd
.request("WPS_PIN any " + pin
)
5091 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5092 with
alloc_fail(dev
[0], 1, "wps_build_probe_req_ie"):
5093 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5094 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5096 raise Exception("Association not seen")
5097 dev
[0].request("WPS_CANCEL")
5098 dev
[0].wait_disconnected()
5100 with
alloc_fail(dev
[0], 1, "wps_ie_encapsulate"):
5101 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5102 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5104 raise Exception("Association not seen")
5105 dev
[0].request("WPS_CANCEL")
5107 dev
[0].request("REMOVE_NETWORK all")
5108 dev
[0].wait_disconnected()
5110 dev
[0].flush_scan_cache()
5112 def test_ap_wps_assoc_req_ie_oom(dev
, apdev
):
5113 """WPS AssocReq IE OOM"""
5115 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5116 hapd
= hostapd
.add_ap(apdev
[0], params
)
5117 pin
= dev
[0].wps_read_pin()
5118 hapd
.request("WPS_PIN any " + pin
)
5119 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5120 with
alloc_fail(dev
[0], 1, "wps_build_assoc_req_ie"):
5121 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5122 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5124 raise Exception("Association not seen")
5125 dev
[0].request("WPS_CANCEL")
5127 def test_ap_wps_assoc_resp_ie_oom(dev
, apdev
):
5128 """WPS AssocResp IE OOM"""
5130 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2"}
5131 hapd
= hostapd
.add_ap(apdev
[0], params
)
5132 pin
= dev
[0].wps_read_pin()
5133 hapd
.request("WPS_PIN any " + pin
)
5134 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5135 with
alloc_fail(hapd
, 1, "wps_build_assoc_resp_ie"):
5136 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
5137 ev
= hapd
.wait_event(["AP-STA-CONNECTED"], timeout
=10)
5139 raise Exception("Association not seen")
5140 dev
[0].request("WPS_CANCEL")
5143 def test_ap_wps_bss_info_errors(dev
, apdev
):
5144 """WPS BSS info errors"""
5145 params
= {"ssid": "1",
5146 "vendor_elements": "dd0e0050f20410440001ff101100010a"}
5147 hostapd
.add_ap(apdev
[0], params
)
5148 params
= {'ssid': "2", "vendor_elements": "dd050050f20410"}
5149 hostapd
.add_ap(apdev
[1], params
)
5150 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5151 dev
[0].scan_for_bss(apdev
[1]['bssid'], freq
="2412")
5152 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5153 logger
.info("BSS: " + str(bss
))
5154 if "wps_state" in bss
:
5155 raise Exception("Unexpected wps_state in BSS info")
5156 if 'wps_device_name' not in bss
:
5157 raise Exception("No wps_device_name in BSS info")
5158 if bss
['wps_device_name'] != '_':
5159 raise Exception("Unexpected wps_device_name value")
5160 bss
= dev
[0].get_bss(apdev
[1]['bssid'])
5161 logger
.info("BSS: " + str(bss
))
5163 with
alloc_fail(dev
[0], 1, "=wps_attr_text"):
5164 bss
= dev
[0].get_bss(apdev
[0]['bssid'])
5165 logger
.info("BSS(OOM): " + str(bss
))
5167 def wps_run_pbc_fail_ap(apdev
, dev
, hapd
):
5168 hapd
.request("WPS_PBC")
5169 dev
.scan_for_bss(apdev
['bssid'], freq
="2412")
5170 dev
.request("WPS_PBC " + apdev
['bssid'])
5171 ev
= dev
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5173 raise Exception("No EAP failure reported")
5174 dev
.request("WPS_CANCEL")
5175 dev
.wait_disconnected()
5178 dev
.flush_scan_cache()
5180 except Exception as e
:
5181 if str(e
).startswith("Failed to trigger scan"):
5187 def wps_run_pbc_fail(apdev
, dev
):
5188 hapd
= wps_start_ap(apdev
)
5189 wps_run_pbc_fail_ap(apdev
, dev
, hapd
)
5192 def test_ap_wps_pk_oom(dev
, apdev
):
5193 """WPS and public key OOM"""
5194 with
alloc_fail(dev
[0], 1, "wps_build_public_key"):
5195 wps_run_pbc_fail(apdev
[0], dev
[0])
5198 def test_ap_wps_pk_oom_ap(dev
, apdev
):
5199 """WPS and public key OOM on AP"""
5200 hapd
= wps_start_ap(apdev
[0])
5201 with
alloc_fail(hapd
, 1, "wps_build_public_key"):
5202 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5205 def test_ap_wps_encr_oom_ap(dev
, apdev
):
5206 """WPS and encrypted settings decryption OOM on AP"""
5207 hapd
= wps_start_ap(apdev
[0])
5208 pin
= dev
[0].wps_read_pin()
5209 hapd
.request("WPS_PIN any " + pin
)
5210 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5211 with
alloc_fail(hapd
, 1, "wps_decrypt_encr_settings"):
5212 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
5213 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=10)
5215 raise Exception("No WPS-FAIL reported")
5216 dev
[0].request("WPS_CANCEL")
5217 dev
[0].wait_disconnected()
5220 def test_ap_wps_encr_no_random_ap(dev
, apdev
):
5221 """WPS and no random data available for encryption on AP"""
5222 hapd
= wps_start_ap(apdev
[0])
5223 with
fail_test(hapd
, 1, "os_get_random;wps_build_encr_settings"):
5224 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5227 def test_ap_wps_e_hash_no_random_sta(dev
, apdev
):
5228 """WPS and no random data available for e-hash on STA"""
5229 with
fail_test(dev
[0], 1, "os_get_random;wps_build_e_hash"):
5230 wps_run_pbc_fail(apdev
[0], dev
[0])
5233 def test_ap_wps_m1_no_random(dev
, apdev
):
5234 """WPS and no random for M1 on STA"""
5235 with
fail_test(dev
[0], 1, "os_get_random;wps_build_m1"):
5236 wps_run_pbc_fail(apdev
[0], dev
[0])
5239 def test_ap_wps_m1_oom(dev
, apdev
):
5240 """WPS and OOM for M1 on STA"""
5241 with
alloc_fail(dev
[0], 1, "wps_build_m1"):
5242 wps_run_pbc_fail(apdev
[0], dev
[0])
5245 def test_ap_wps_m3_oom(dev
, apdev
):
5246 """WPS and OOM for M3 on STA"""
5247 with
alloc_fail(dev
[0], 1, "wps_build_m3"):
5248 wps_run_pbc_fail(apdev
[0], dev
[0])
5251 def test_ap_wps_m5_oom(dev
, apdev
):
5252 """WPS and OOM for M5 on STA"""
5253 hapd
= wps_start_ap(apdev
[0])
5254 hapd
.request("WPS_PBC")
5255 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5256 for i
in range(1, 3):
5257 with
alloc_fail(dev
[0], i
, "wps_build_m5"):
5258 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5259 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5261 raise Exception("No EAP failure reported")
5262 dev
[0].request("WPS_CANCEL")
5263 dev
[0].wait_disconnected()
5264 dev
[0].flush_scan_cache()
5267 def test_ap_wps_m5_no_random(dev
, apdev
):
5268 """WPS and no random for M5 on STA"""
5269 with
fail_test(dev
[0], 1,
5270 "os_get_random;wps_build_encr_settings;wps_build_m5"):
5271 wps_run_pbc_fail(apdev
[0], dev
[0])
5274 def test_ap_wps_m7_oom(dev
, apdev
):
5275 """WPS and OOM for M7 on STA"""
5276 hapd
= wps_start_ap(apdev
[0])
5277 hapd
.request("WPS_PBC")
5278 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5279 for i
in range(1, 3):
5280 with
alloc_fail(dev
[0], i
, "wps_build_m7"):
5281 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
5282 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5284 raise Exception("No EAP failure reported")
5285 dev
[0].request("WPS_CANCEL")
5286 dev
[0].wait_disconnected()
5287 dev
[0].flush_scan_cache()
5290 def test_ap_wps_m7_no_random(dev
, apdev
):
5291 """WPS and no random for M7 on STA"""
5292 with
fail_test(dev
[0], 1,
5293 "os_get_random;wps_build_encr_settings;wps_build_m7"):
5294 wps_run_pbc_fail(apdev
[0], dev
[0])
5297 def test_ap_wps_wsc_done_oom(dev
, apdev
):
5298 """WPS and OOM for WSC_Done on STA"""
5299 with
alloc_fail(dev
[0], 1, "wps_build_wsc_done"):
5300 wps_run_pbc_fail(apdev
[0], dev
[0])
5302 def test_ap_wps_random_psk_fail(dev
, apdev
):
5303 """WPS and no random for PSK on AP"""
5305 pskfile
= "/tmp/ap_wps_per_enrollee_psk.psk_file"
5313 with
open(pskfile
, "w") as f
:
5314 f
.write("# WPA PSKs\n")
5316 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5317 "wpa": "2", "wpa_key_mgmt": "WPA-PSK",
5318 "rsn_pairwise": "CCMP", "ap_pin": appin
,
5319 "wpa_psk_file": pskfile
}
5320 hapd
= hostapd
.add_ap(apdev
[0], params
)
5322 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
5323 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred_network_key"):
5324 dev
[0].request("WPS_REG " + apdev
[0]['bssid'] + " " + appin
)
5325 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=10)
5327 raise Exception("No EAP failure reported")
5328 dev
[0].request("WPS_CANCEL")
5329 dev
[0].wait_disconnected()
5331 with
fail_test(hapd
, 1, "os_get_random;wps_build_cred"):
5332 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5334 with
alloc_fail(hapd
, 1, "wps_build_cred"):
5335 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5337 with
alloc_fail(hapd
, 2, "wps_build_cred"):
5338 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
5342 def wps_ext_eap_identity_req(dev
, hapd
, bssid
):
5343 logger
.debug("EAP-Identity/Request")
5344 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5346 raise Exception("Timeout on EAPOL-TX from hostapd")
5347 res
= dev
.request("EAPOL_RX " + bssid
+ " " + ev
.split(' ')[2])
5349 raise Exception("EAPOL_RX to wpa_supplicant failed")
5351 def wps_ext_eap_identity_resp(hapd
, dev
, addr
):
5352 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
5354 raise Exception("Timeout on EAPOL-TX from wpa_supplicant")
5355 res
= hapd
.request("EAPOL_RX " + addr
+ " " + ev
.split(' ')[2])
5357 raise Exception("EAPOL_RX to hostapd failed")
5359 def wps_ext_eap_wsc(dst
, src
, src_addr
, msg
):
5361 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5363 raise Exception("Timeout on EAPOL-TX")
5364 res
= dst
.request("EAPOL_RX " + src_addr
+ " " + ev
.split(' ')[2])
5366 raise Exception("EAPOL_RX failed")
5368 def wps_start_ext(apdev
, dev
, pbc
=False, pin
=None):
5369 addr
= dev
.own_addr()
5370 bssid
= apdev
['bssid']
5371 ssid
= "test-wps-conf"
5372 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5373 "wpa_passphrase": "12345678", "wpa": "2",
5374 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
5375 hapd
= hostapd
.add_ap(apdev
, params
)
5378 hapd
.request("WPS_PBC")
5381 pin
= dev
.wps_read_pin()
5382 hapd
.request("WPS_PIN any " + pin
)
5383 dev
.scan_for_bss(bssid
, freq
="2412")
5384 hapd
.request("SET ext_eapol_frame_io 1")
5385 dev
.request("SET ext_eapol_frame_io 1")
5388 dev
.request("WPS_PBC " + bssid
)
5390 dev
.request("WPS_PIN " + bssid
+ " " + pin
)
5391 return addr
, bssid
, hapd
5393 def wps_auth_corrupt(dst
, src
, addr
):
5394 ev
= src
.wait_event(["EAPOL-TX"], timeout
=10)
5396 raise Exception("Timeout on EAPOL-TX")
5397 src
.request("SET ext_eapol_frame_io 0")
5398 dst
.request("SET ext_eapol_frame_io 0")
5399 msg
= ev
.split(' ')[2]
5400 if msg
[-24:-16] != '10050008':
5401 raise Exception("Could not find Authenticator attribute")
5402 # Corrupt Authenticator value
5403 msg
= msg
[:-1] + '%x' % ((int(msg
[-1], 16) + 1) % 16)
5404 res
= dst
.request("EAPOL_RX " + addr
+ " " + msg
)
5406 raise Exception("EAPOL_RX failed")
5408 def wps_fail_finish(hapd
, dev
, fail_str
):
5409 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5411 raise Exception("WPS-FAIL not indicated")
5412 if fail_str
not in ev
:
5413 raise Exception("Unexpected WPS-FAIL value: " + ev
)
5414 dev
.request("WPS_CANCEL")
5415 dev
.wait_disconnected()
5417 def wps_auth_corrupt_from_ap(dev
, hapd
, bssid
, fail_str
):
5418 wps_auth_corrupt(dev
, hapd
, bssid
)
5419 wps_fail_finish(hapd
, dev
, fail_str
)
5421 def wps_auth_corrupt_to_ap(dev
, hapd
, addr
, fail_str
):
5422 wps_auth_corrupt(hapd
, dev
, addr
)
5423 wps_fail_finish(hapd
, dev
, fail_str
)
5425 def test_ap_wps_authenticator_mismatch_m2(dev
, apdev
):
5426 """WPS and Authenticator attribute mismatch in M2"""
5427 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5428 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5429 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5430 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5431 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5433 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=5")
5435 def test_ap_wps_authenticator_mismatch_m3(dev
, apdev
):
5436 """WPS and Authenticator attribute mismatch in M3"""
5437 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5438 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5439 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5440 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5441 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5442 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5444 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=7")
5446 def test_ap_wps_authenticator_mismatch_m4(dev
, apdev
):
5447 """WPS and Authenticator attribute mismatch in M4"""
5448 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5449 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5450 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5451 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5452 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5453 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5454 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5456 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=8")
5458 def test_ap_wps_authenticator_mismatch_m5(dev
, apdev
):
5459 """WPS and Authenticator attribute mismatch in M5"""
5460 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5461 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5462 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5463 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5464 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5465 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5466 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5467 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5469 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=9")
5471 def test_ap_wps_authenticator_mismatch_m6(dev
, apdev
):
5472 """WPS and Authenticator attribute mismatch in M6"""
5473 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5474 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5475 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5476 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5477 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5478 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5479 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5480 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5481 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5483 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=10")
5485 def test_ap_wps_authenticator_mismatch_m7(dev
, apdev
):
5486 """WPS and Authenticator attribute mismatch in M7"""
5487 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5488 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5489 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5490 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5491 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5492 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5493 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5494 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5495 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5496 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5498 wps_auth_corrupt_to_ap(dev
[0], hapd
, addr
, "msg=11")
5500 def test_ap_wps_authenticator_mismatch_m8(dev
, apdev
):
5501 """WPS and Authenticator attribute mismatch in M8"""
5502 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5503 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5504 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5505 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5506 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5507 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M2")
5508 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M3")
5509 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M4")
5510 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M5")
5511 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "M6")
5512 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M7")
5514 wps_auth_corrupt_from_ap(dev
[0], hapd
, bssid
, "msg=12")
5516 def test_ap_wps_authenticator_missing_m2(dev
, apdev
):
5517 """WPS and Authenticator attribute missing from M2"""
5518 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5519 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5520 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5521 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5522 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5524 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5526 raise Exception("Timeout on EAPOL-TX")
5527 hapd
.request("SET ext_eapol_frame_io 0")
5528 dev
[0].request("SET ext_eapol_frame_io 0")
5529 msg
= ev
.split(' ')[2]
5530 if msg
[-24:-16] != '10050008':
5531 raise Exception("Could not find Authenticator attribute")
5532 # Remove Authenticator value
5534 mlen
= "%04x" % (int(msg
[4:8], 16) - 12)
5535 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:]
5536 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5538 raise Exception("EAPOL_RX failed")
5539 wps_fail_finish(hapd
, dev
[0], "msg=5")
5541 def test_ap_wps_m2_dev_passwd_id_p2p(dev
, apdev
):
5542 """WPS and M2 with different Device Password ID (P2P)"""
5543 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5544 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5545 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5546 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5547 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5549 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5551 raise Exception("Timeout on EAPOL-TX")
5552 hapd
.request("SET ext_eapol_frame_io 0")
5553 dev
[0].request("SET ext_eapol_frame_io 0")
5554 msg
= ev
.split(' ')[2]
5555 if msg
[722:730] != '10120002':
5556 raise Exception("Could not find Device Password ID attribute")
5557 # Replace Device Password ID value. This will fail Authenticator check, but
5558 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5560 msg
= msg
[0:730] + "0005" + msg
[734:]
5561 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5563 raise Exception("EAPOL_RX failed")
5564 wps_fail_finish(hapd
, dev
[0], "msg=5")
5566 def test_ap_wps_m2_dev_passwd_id_change_pin_to_pbc(dev
, apdev
):
5567 """WPS and M2 with different Device Password ID (PIN to PBC)"""
5568 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5569 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5570 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5571 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5572 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5574 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5576 raise Exception("Timeout on EAPOL-TX")
5577 hapd
.request("SET ext_eapol_frame_io 0")
5578 dev
[0].request("SET ext_eapol_frame_io 0")
5579 msg
= ev
.split(' ')[2]
5580 if msg
[722:730] != '10120002':
5581 raise Exception("Could not find Device Password ID attribute")
5582 # Replace Device Password ID value (PIN --> PBC). This will be rejected.
5583 msg
= msg
[0:730] + "0004" + msg
[734:]
5584 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5586 raise Exception("EAPOL_RX failed")
5587 wps_fail_finish(hapd
, dev
[0], "msg=5")
5589 def test_ap_wps_m2_dev_passwd_id_change_pbc_to_pin(dev
, apdev
):
5590 """WPS and M2 with different Device Password ID (PBC to PIN)"""
5591 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5592 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5593 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5594 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5595 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5597 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5599 raise Exception("Timeout on EAPOL-TX")
5600 hapd
.request("SET ext_eapol_frame_io 0")
5601 dev
[0].request("SET ext_eapol_frame_io 0")
5602 msg
= ev
.split(' ')[2]
5603 if msg
[722:730] != '10120002':
5604 raise Exception("Could not find Device Password ID attribute")
5605 # Replace Device Password ID value. This will fail Authenticator check, but
5606 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5608 msg
= msg
[0:730] + "0000" + msg
[734:]
5609 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5611 raise Exception("EAPOL_RX failed")
5612 wps_fail_finish(hapd
, dev
[0], "msg=5")
5613 dev
[0].flush_scan_cache()
5615 def test_ap_wps_m2_missing_dev_passwd_id(dev
, apdev
):
5616 """WPS and M2 without Device Password ID"""
5617 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0])
5618 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5619 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5620 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5621 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5623 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5625 raise Exception("Timeout on EAPOL-TX")
5626 hapd
.request("SET ext_eapol_frame_io 0")
5627 dev
[0].request("SET ext_eapol_frame_io 0")
5628 msg
= ev
.split(' ')[2]
5629 if msg
[722:730] != '10120002':
5630 raise Exception("Could not find Device Password ID attribute")
5631 # Remove Device Password ID value. This will fail Authenticator check, but
5632 # allows the code path in wps_process_dev_pw_id() to be checked from debug
5634 mlen
= "%04x" % (int(msg
[4:8], 16) - 6)
5635 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:722] + msg
[734:]
5636 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5638 raise Exception("EAPOL_RX failed")
5639 wps_fail_finish(hapd
, dev
[0], "msg=5")
5641 def test_ap_wps_m2_missing_registrar_nonce(dev
, apdev
):
5642 """WPS and M2 without Registrar Nonce"""
5643 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5644 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5645 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5646 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5647 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5649 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5651 raise Exception("Timeout on EAPOL-TX")
5652 hapd
.request("SET ext_eapol_frame_io 0")
5653 dev
[0].request("SET ext_eapol_frame_io 0")
5654 msg
= ev
.split(' ')[2]
5655 if msg
[96:104] != '10390010':
5656 raise Exception("Could not find Registrar Nonce attribute")
5657 # Remove Registrar Nonce. This will fail Authenticator check, but
5658 # allows the code path in wps_process_registrar_nonce() to be checked from
5660 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5661 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:96] + msg
[136:]
5662 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5664 raise Exception("EAPOL_RX failed")
5665 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5667 raise Exception("Disconnect event not seen")
5668 dev
[0].request("WPS_CANCEL")
5669 dev
[0].flush_scan_cache()
5671 def test_ap_wps_m2_missing_enrollee_nonce(dev
, apdev
):
5672 """WPS and M2 without Enrollee Nonce"""
5673 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5674 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5675 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5676 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5677 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5679 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5681 raise Exception("Timeout on EAPOL-TX")
5682 hapd
.request("SET ext_eapol_frame_io 0")
5683 dev
[0].request("SET ext_eapol_frame_io 0")
5684 msg
= ev
.split(' ')[2]
5685 if msg
[56:64] != '101a0010':
5686 raise Exception("Could not find enrollee Nonce attribute")
5687 # Remove Enrollee Nonce. This will fail Authenticator check, but
5688 # allows the code path in wps_process_enrollee_nonce() to be checked from
5690 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5691 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:56] + msg
[96:]
5692 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5694 raise Exception("EAPOL_RX failed")
5695 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5697 raise Exception("Disconnect event not seen")
5698 dev
[0].request("WPS_CANCEL")
5699 dev
[0].flush_scan_cache()
5701 def test_ap_wps_m2_missing_uuid_r(dev
, apdev
):
5702 """WPS and M2 without UUID-R"""
5703 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5704 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5705 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5706 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5707 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5709 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5711 raise Exception("Timeout on EAPOL-TX")
5712 hapd
.request("SET ext_eapol_frame_io 0")
5713 dev
[0].request("SET ext_eapol_frame_io 0")
5714 msg
= ev
.split(' ')[2]
5715 if msg
[136:144] != '10480010':
5716 raise Exception("Could not find enrollee Nonce attribute")
5717 # Remove UUID-R. This will fail Authenticator check, but allows the code
5718 # path in wps_process_uuid_r() to be checked from the debug log.
5719 mlen
= "%04x" % (int(msg
[4:8], 16) - 20)
5720 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:136] + msg
[176:]
5721 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5723 raise Exception("EAPOL_RX failed")
5724 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5726 raise Exception("Disconnect event not seen")
5727 dev
[0].request("WPS_CANCEL")
5728 dev
[0].flush_scan_cache()
5730 def test_ap_wps_m2_invalid(dev
, apdev
):
5731 """WPS and M2 parsing failure"""
5732 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5733 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5734 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5735 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5736 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5738 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5740 raise Exception("Timeout on EAPOL-TX")
5741 hapd
.request("SET ext_eapol_frame_io 0")
5742 dev
[0].request("SET ext_eapol_frame_io 0")
5743 msg
= ev
.split(' ')[2]
5744 if msg
[136:144] != '10480010':
5745 raise Exception("Could not find enrollee Nonce attribute")
5746 # Remove UUID-R. This will fail Authenticator check, but allows the code
5747 # path in wps_process_uuid_r() to be checked from the debug log.
5748 mlen
= "%04x" % (int(msg
[4:8], 16) - 1)
5749 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:-2]
5750 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5752 raise Exception("EAPOL_RX failed")
5753 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5755 raise Exception("Disconnect event not seen")
5756 dev
[0].request("WPS_CANCEL")
5757 dev
[0].flush_scan_cache()
5759 def test_ap_wps_m2_missing_msg_type(dev
, apdev
):
5760 """WPS and M2 without Message Type"""
5761 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5762 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5763 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5764 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5765 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5767 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5769 raise Exception("Timeout on EAPOL-TX")
5770 hapd
.request("SET ext_eapol_frame_io 0")
5771 dev
[0].request("SET ext_eapol_frame_io 0")
5772 msg
= ev
.split(' ')[2]
5773 if msg
[46:54] != '10220001':
5774 raise Exception("Could not find Message Type attribute")
5775 # Remove Message Type. This will fail Authenticator check, but allows the
5776 # code path in wps_process_wsc_msg() to be checked from the debug log.
5777 mlen
= "%04x" % (int(msg
[4:8], 16) - 5)
5778 msg
= msg
[0:4] + mlen
+ msg
[8:12] + mlen
+ msg
[16:46] + msg
[56:]
5779 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5781 raise Exception("EAPOL_RX failed")
5782 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5784 raise Exception("Disconnect event not seen")
5785 dev
[0].request("WPS_CANCEL")
5786 dev
[0].flush_scan_cache()
5788 def test_ap_wps_m2_unknown_msg_type(dev
, apdev
):
5789 """WPS and M2 but unknown Message Type"""
5790 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5791 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5792 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5793 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5794 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5796 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5798 raise Exception("Timeout on EAPOL-TX")
5799 hapd
.request("SET ext_eapol_frame_io 0")
5800 dev
[0].request("SET ext_eapol_frame_io 0")
5801 msg
= ev
.split(' ')[2]
5802 if msg
[46:54] != '10220001':
5803 raise Exception("Could not find Message Type attribute")
5804 # Replace Message Type value. This will be rejected.
5805 msg
= msg
[0:54] + "00" + msg
[56:]
5806 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5808 raise Exception("EAPOL_RX failed")
5809 ev
= dev
[0].wait_event(["CTRL-EVENT-DISCONNECT"], timeout
=5)
5811 raise Exception("Disconnect event not seen")
5812 dev
[0].request("WPS_CANCEL")
5813 dev
[0].flush_scan_cache()
5815 def test_ap_wps_m2_unknown_opcode(dev
, apdev
):
5816 """WPS and M2 but unknown opcode"""
5817 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5818 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5819 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5820 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5821 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5823 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5825 raise Exception("Timeout on EAPOL-TX")
5826 hapd
.request("SET ext_eapol_frame_io 0")
5827 dev
[0].request("SET ext_eapol_frame_io 0")
5828 msg
= ev
.split(' ')[2]
5829 # Replace opcode. This will be discarded in EAP-WSC processing.
5830 msg
= msg
[0:32] + "00" + msg
[34:]
5831 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5833 raise Exception("EAPOL_RX failed")
5834 dev
[0].request("WPS_CANCEL")
5835 dev
[0].wait_disconnected()
5836 dev
[0].flush_scan_cache()
5838 def test_ap_wps_m2_unknown_opcode2(dev
, apdev
):
5839 """WPS and M2 but unknown opcode (WSC_Start)"""
5840 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5841 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5842 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5843 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5844 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5846 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5848 raise Exception("Timeout on EAPOL-TX")
5849 hapd
.request("SET ext_eapol_frame_io 0")
5850 dev
[0].request("SET ext_eapol_frame_io 0")
5851 msg
= ev
.split(' ')[2]
5852 # Replace opcode. This will be discarded in EAP-WSC processing.
5853 msg
= msg
[0:32] + "01" + msg
[34:]
5854 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5856 raise Exception("EAPOL_RX failed")
5857 dev
[0].request("WPS_CANCEL")
5858 dev
[0].wait_disconnected()
5859 dev
[0].flush_scan_cache()
5861 def test_ap_wps_m2_unknown_opcode3(dev
, apdev
):
5862 """WPS and M2 but unknown opcode (WSC_Done)"""
5863 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
5864 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
5865 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
5866 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
5867 wps_ext_eap_wsc(hapd
, dev
[0], addr
, "M1")
5869 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5871 raise Exception("Timeout on EAPOL-TX")
5872 hapd
.request("SET ext_eapol_frame_io 0")
5873 dev
[0].request("SET ext_eapol_frame_io 0")
5874 msg
= ev
.split(' ')[2]
5875 # Replace opcode. This will be discarded in WPS Enrollee processing.
5876 msg
= msg
[0:32] + "05" + msg
[34:]
5877 res
= dev
[0].request("EAPOL_RX " + bssid
+ " " + msg
)
5879 raise Exception("EAPOL_RX failed")
5880 dev
[0].request("WPS_CANCEL")
5881 dev
[0].wait_disconnected()
5882 dev
[0].flush_scan_cache()
5884 def wps_m2_but_other(dev
, apdev
, title
, msgtype
):
5885 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
5886 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5887 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5888 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5889 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5891 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5893 raise Exception("Timeout on EAPOL-TX")
5894 hapd
.request("SET ext_eapol_frame_io 0")
5895 dev
.request("SET ext_eapol_frame_io 0")
5896 msg
= ev
.split(' ')[2]
5897 if msg
[46:54] != '10220001':
5898 raise Exception("Could not find Message Type attribute")
5899 # Replace Message Type value. This will be rejected.
5900 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5901 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5903 raise Exception("EAPOL_RX failed")
5904 ev
= dev
.wait_event(["WPS-FAIL"], timeout
=5)
5906 raise Exception("WPS-FAIL event not seen")
5907 dev
.request("WPS_CANCEL")
5908 dev
.wait_disconnected()
5910 def wps_m4_but_other(dev
, apdev
, title
, msgtype
):
5911 addr
, bssid
, hapd
= wps_start_ext(apdev
, dev
)
5912 wps_ext_eap_identity_req(dev
, hapd
, bssid
)
5913 wps_ext_eap_identity_resp(hapd
, dev
, addr
)
5914 wps_ext_eap_wsc(dev
, hapd
, bssid
, "EAP-WSC/Start")
5915 wps_ext_eap_wsc(hapd
, dev
, addr
, "M1")
5916 wps_ext_eap_wsc(dev
, hapd
, bssid
, "M2")
5917 wps_ext_eap_wsc(hapd
, dev
, addr
, "M3")
5919 ev
= hapd
.wait_event(["EAPOL-TX"], timeout
=10)
5921 raise Exception("Timeout on EAPOL-TX")
5922 hapd
.request("SET ext_eapol_frame_io 0")
5923 dev
.request("SET ext_eapol_frame_io 0")
5924 msg
= ev
.split(' ')[2]
5925 if msg
[46:54] != '10220001':
5926 raise Exception("Could not find Message Type attribute")
5927 # Replace Message Type value. This will be rejected.
5928 msg
= msg
[0:54] + msgtype
+ msg
[56:]
5929 res
= dev
.request("EAPOL_RX " + bssid
+ " " + msg
)
5931 raise Exception("EAPOL_RX failed")
5932 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
5934 raise Exception("WPS-FAIL event not seen")
5935 dev
.request("WPS_CANCEL")
5936 dev
.wait_disconnected()
5938 def test_ap_wps_m2_msg_type_m4(dev
, apdev
):
5939 """WPS and M2 but Message Type M4"""
5940 wps_m2_but_other(dev
[0], apdev
[0], "M2/M4", "08")
5942 def test_ap_wps_m2_msg_type_m6(dev
, apdev
):
5943 """WPS and M2 but Message Type M6"""
5944 wps_m2_but_other(dev
[0], apdev
[0], "M2/M6", "0a")
5946 def test_ap_wps_m2_msg_type_m8(dev
, apdev
):
5947 """WPS and M2 but Message Type M8"""
5948 wps_m2_but_other(dev
[0], apdev
[0], "M2/M8", "0c")
5950 def test_ap_wps_m4_msg_type_m2(dev
, apdev
):
5951 """WPS and M4 but Message Type M2"""
5952 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2", "05")
5954 def test_ap_wps_m4_msg_type_m2d(dev
, apdev
):
5955 """WPS and M4 but Message Type M2D"""
5956 wps_m4_but_other(dev
[0], apdev
[0], "M4/M2D", "06")
5959 def test_ap_wps_config_methods(dev
, apdev
):
5960 """WPS configuration method parsing"""
5961 ssid
= "test-wps-conf"
5962 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5963 "wpa_passphrase": "12345678", "wpa": "2",
5964 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5965 "config_methods": "ethernet display ext_nfc_token int_nfc_token physical_display physical_push_button"}
5966 hapd
= hostapd
.add_ap(apdev
[0], params
)
5967 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
5968 "wpa_passphrase": "12345678", "wpa": "2",
5969 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
5970 "config_methods": "display push_button"}
5971 hapd2
= hostapd
.add_ap(apdev
[1], params
)
5973 def test_ap_wps_set_selected_registrar_proto(dev
, apdev
):
5974 """WPS UPnP SetSelectedRegistrar protocol testing"""
5975 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
5976 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
5978 location
= ssdp_get_location(ap_uuid
)
5979 urls
= upnp_get_urls(location
)
5980 eventurl
= urlparse(urls
['event_sub_url'])
5981 ctrlurl
= urlparse(urls
['control_url'])
5982 url
= urlparse(location
)
5983 conn
= HTTPConnection(url
.netloc
)
5985 class WPSERHTTPServer(StreamRequestHandler
):
5987 data
= self
.rfile
.readline().strip()
5989 self
.wfile
.write(gen_wps_event())
5991 server
= MyTCPServer(("127.0.0.1", 12345), WPSERHTTPServer
)
5994 headers
= {"callback": '<http://127.0.0.1:12345/event>',
5996 "timeout": "Second-1234"}
5997 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
5998 resp
= conn
.getresponse()
5999 if resp
.status
!= 200:
6000 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
6001 sid
= resp
.getheader("sid")
6002 logger
.debug("Subscription SID " + sid
)
6003 server
.handle_request()
6005 tests
= [(500, "10"),
6006 (200, "104a000110" + "1041000101" + "101200020000" +
6008 "1049002c00372a0001200124111111111111222222222222333333333333444444444444555555555555666666666666" +
6009 "10480010362db47ba53a519188fb5458b986b2e4"),
6010 (200, "104a000110" + "1041000100" + "101200020000" +
6012 (200, "104a000110" + "1041000100"),
6013 (200, "104a000110")]
6014 for status
, test
in tests
:
6015 tlvs
= binascii
.unhexlify(test
)
6016 newmsg
= base64
.b64encode(tlvs
).decode()
6017 msg
= '<?xml version="1.0"?>\n'
6018 msg
+= '<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'
6020 msg
+= '<u:SetSelectedRegistrar xmlns:u="urn:schemas-wifialliance-org:service:WFAWLANConfig:1">'
6021 msg
+= '<NewMessage>'
6023 msg
+= "</NewMessage></u:SetSelectedRegistrar></s:Body></s:Envelope>"
6024 headers
= {"Content-type": 'text/xml; charset="utf-8"'}
6025 headers
["SOAPAction"] = '"urn:schemas-wifialliance-org:service:WFAWLANConfig:1#%s"' % "SetSelectedRegistrar"
6026 conn
.request("POST", ctrlurl
.path
, msg
, headers
)
6027 resp
= conn
.getresponse()
6028 if resp
.status
!= status
:
6029 raise Exception("Unexpected HTTP response: %d (expected %d)" % (resp
.status
, status
))
6031 def test_ap_wps_adv_oom(dev
, apdev
):
6032 """WPS AP and advertisement OOM"""
6033 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
6034 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
6036 with
alloc_fail(hapd
, 1, "=msearchreply_state_machine_start"):
6037 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6041 with
alloc_fail(hapd
, 1, "eloop_register_timeout;msearchreply_state_machine_start"):
6042 ssdp_send_msearch("urn:schemas-wifialliance-org:service:WFAWLANConfig:1",
6046 with
alloc_fail(hapd
, 1,
6047 "next_advertisement;advertisement_state_machine_stop"):
6050 with
alloc_fail(hapd
, 1, "ssdp_listener_start"):
6051 if "FAIL" not in hapd
.request("ENABLE"):
6052 raise Exception("ENABLE succeeded during OOM")
6054 def test_wps_config_methods(dev
):
6055 """WPS config method update"""
6056 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
6057 wpas
.interface_add("wlan5")
6058 if "OK" not in wpas
.request("SET config_methods display label"):
6059 raise Exception("Failed to set config_methods")
6060 if wpas
.request("GET config_methods").strip() != "display label":
6061 raise Exception("config_methods were not updated")
6062 if "OK" not in wpas
.request("SET config_methods "):
6063 raise Exception("Failed to clear config_methods")
6064 if wpas
.request("GET config_methods").strip() != "":
6065 raise Exception("config_methods were not cleared")
6067 WPS_VENDOR_ID_WFA
= 14122
6070 # EAP-WSC Op-Code values
6078 ATTR_AP_CHANNEL
= 0x1001
6079 ATTR_ASSOC_STATE
= 0x1002
6080 ATTR_AUTH_TYPE
= 0x1003
6081 ATTR_AUTH_TYPE_FLAGS
= 0x1004
6082 ATTR_AUTHENTICATOR
= 0x1005
6083 ATTR_CONFIG_METHODS
= 0x1008
6084 ATTR_CONFIG_ERROR
= 0x1009
6085 ATTR_CONFIRM_URL4
= 0x100a
6086 ATTR_CONFIRM_URL6
= 0x100b
6087 ATTR_CONN_TYPE
= 0x100c
6088 ATTR_CONN_TYPE_FLAGS
= 0x100d
6090 ATTR_ENCR_TYPE
= 0x100f
6091 ATTR_ENCR_TYPE_FLAGS
= 0x1010
6092 ATTR_DEV_NAME
= 0x1011
6093 ATTR_DEV_PASSWORD_ID
= 0x1012
6094 ATTR_E_HASH1
= 0x1014
6095 ATTR_E_HASH2
= 0x1015
6096 ATTR_E_SNONCE1
= 0x1016
6097 ATTR_E_SNONCE2
= 0x1017
6098 ATTR_ENCR_SETTINGS
= 0x1018
6099 ATTR_ENROLLEE_NONCE
= 0x101a
6100 ATTR_FEATURE_ID
= 0x101b
6101 ATTR_IDENTITY
= 0x101c
6102 ATTR_IDENTITY_PROOF
= 0x101d
6103 ATTR_KEY_WRAP_AUTH
= 0x101e
6104 ATTR_KEY_ID
= 0x101f
6105 ATTR_MAC_ADDR
= 0x1020
6106 ATTR_MANUFACTURER
= 0x1021
6107 ATTR_MSG_TYPE
= 0x1022
6108 ATTR_MODEL_NAME
= 0x1023
6109 ATTR_MODEL_NUMBER
= 0x1024
6110 ATTR_NETWORK_INDEX
= 0x1026
6111 ATTR_NETWORK_KEY
= 0x1027
6112 ATTR_NETWORK_KEY_INDEX
= 0x1028
6113 ATTR_NEW_DEVICE_NAME
= 0x1029
6114 ATTR_NEW_PASSWORD
= 0x102a
6115 ATTR_OOB_DEVICE_PASSWORD
= 0x102c
6116 ATTR_OS_VERSION
= 0x102d
6117 ATTR_POWER_LEVEL
= 0x102f
6118 ATTR_PSK_CURRENT
= 0x1030
6119 ATTR_PSK_MAX
= 0x1031
6120 ATTR_PUBLIC_KEY
= 0x1032
6121 ATTR_RADIO_ENABLE
= 0x1033
6122 ATTR_REBOOT
= 0x1034
6123 ATTR_REGISTRAR_CURRENT
= 0x1035
6124 ATTR_REGISTRAR_ESTABLISHED
= 0x1036
6125 ATTR_REGISTRAR_LIST
= 0x1037
6126 ATTR_REGISTRAR_MAX
= 0x1038
6127 ATTR_REGISTRAR_NONCE
= 0x1039
6128 ATTR_REQUEST_TYPE
= 0x103a
6129 ATTR_RESPONSE_TYPE
= 0x103b
6130 ATTR_RF_BANDS
= 0x103c
6131 ATTR_R_HASH1
= 0x103d
6132 ATTR_R_HASH2
= 0x103e
6133 ATTR_R_SNONCE1
= 0x103f
6134 ATTR_R_SNONCE2
= 0x1040
6135 ATTR_SELECTED_REGISTRAR
= 0x1041
6136 ATTR_SERIAL_NUMBER
= 0x1042
6137 ATTR_WPS_STATE
= 0x1044
6139 ATTR_TOTAL_NETWORKS
= 0x1046
6140 ATTR_UUID_E
= 0x1047
6141 ATTR_UUID_R
= 0x1048
6142 ATTR_VENDOR_EXT
= 0x1049
6143 ATTR_VERSION
= 0x104a
6144 ATTR_X509_CERT_REQ
= 0x104b
6145 ATTR_X509_CERT
= 0x104c
6146 ATTR_EAP_IDENTITY
= 0x104d
6147 ATTR_MSG_COUNTER
= 0x104e
6148 ATTR_PUBKEY_HASH
= 0x104f
6149 ATTR_REKEY_KEY
= 0x1050
6150 ATTR_KEY_LIFETIME
= 0x1051
6151 ATTR_PERMITTED_CFG_METHODS
= 0x1052
6152 ATTR_SELECTED_REGISTRAR_CONFIG_METHODS
= 0x1053
6153 ATTR_PRIMARY_DEV_TYPE
= 0x1054
6154 ATTR_SECONDARY_DEV_TYPE_LIST
= 0x1055
6155 ATTR_PORTABLE_DEV
= 0x1056
6156 ATTR_AP_SETUP_LOCKED
= 0x1057
6157 ATTR_APPLICATION_EXT
= 0x1058
6158 ATTR_EAP_TYPE
= 0x1059
6160 ATTR_KEY_PROVIDED_AUTO
= 0x1061
6161 ATTR_802_1X_ENABLED
= 0x1062
6162 ATTR_APPSESSIONKEY
= 0x1063
6163 ATTR_WEPTRANSMITKEY
= 0x1064
6164 ATTR_REQUESTED_DEV_TYPE
= 0x106a
6168 WPS_ProbeRequest
= 0x02
6169 WPS_ProbeResponse
= 0x03
6183 def get_wsc_msg(dev
):
6184 ev
= dev
.wait_event(["EAPOL-TX"], timeout
=10)
6186 raise Exception("Timeout on EAPOL-TX")
6187 data
= binascii
.unhexlify(ev
.split(' ')[2])
6190 # Parse EAPOL header
6192 raise Exception("No room for EAPOL header")
6193 version
, type, length
= struct
.unpack('>BBH', data
[0:4])
6194 msg
['eapol_version'] = version
6195 msg
['eapol_type'] = type
6196 msg
['eapol_length'] = length
6198 if length
!= len(data
):
6199 raise Exception("EAPOL header length mismatch (%d != %d)" % (length
, len(data
)))
6201 raise Exception("Unexpected EAPOL header type: %d" % type)
6205 raise Exception("No room for EAP header")
6206 code
, identifier
, length
= struct
.unpack('>BBH', data
[0:4])
6207 msg
['eap_code'] = code
6208 msg
['eap_identifier'] = identifier
6209 msg
['eap_length'] = length
6211 if msg
['eapol_length'] != msg
['eap_length']:
6212 raise Exception("EAP header length mismatch (%d != %d)" % (msg
['eapol_length'], length
))
6214 # Parse EAP expanded header
6216 raise Exception("No EAP type included")
6217 msg
['eap_type'], = struct
.unpack('B', data
[0:1])
6220 if msg
['eap_type'] == 254:
6221 if len(data
) < 3 + 4:
6222 raise Exception("Truncated EAP expanded header")
6223 msg
['eap_vendor_id'], msg
['eap_vendor_type'] = struct
.unpack('>LL', b
'\x00' + data
[0:7])
6226 raise Exception("Unexpected EAP type")
6228 if msg
['eap_vendor_id'] != WPS_VENDOR_ID_WFA
:
6229 raise Exception("Unexpected Vendor-Id")
6230 if msg
['eap_vendor_type'] != WPS_VENDOR_TYPE
:
6231 raise Exception("Unexpected Vendor-Type")
6233 # Parse EAP-WSC header
6235 raise Exception("Truncated EAP-WSC header")
6236 msg
['wsc_opcode'], msg
['wsc_flags'] = struct
.unpack('BB', data
[0:2])
6239 # Parse WSC attributes
6240 msg
['raw_attrs'] = data
6242 while len(data
) > 0:
6244 raise Exception("Truncated attribute header")
6245 attr
, length
= struct
.unpack('>HH', data
[0:4])
6247 if length
> len(data
):
6248 raise Exception("Truncated attribute 0x%04x" % attr
)
6249 attrs
[attr
] = data
[0:length
]
6250 data
= data
[length
:]
6251 msg
['wsc_attrs'] = attrs
6253 if ATTR_MSG_TYPE
in attrs
:
6254 msg
['wsc_msg_type'], = struct
.unpack('B', attrs
[ATTR_MSG_TYPE
])
6258 def recv_wsc_msg(dev
, opcode
, msg_type
):
6259 msg
= get_wsc_msg(dev
)
6260 if msg
['wsc_opcode'] != opcode
or msg
['wsc_msg_type'] != msg_type
:
6261 raise Exception("Unexpected Op-Code/MsgType")
6262 return msg
, msg
['wsc_attrs'], msg
['raw_attrs']
6264 def build_wsc_attr(attr
, payload
):
6265 _payload
= payload
if type(payload
) == bytes
else payload
.encode()
6266 return struct
.pack('>HH', attr
, len(_payload
)) + _payload
6268 def build_attr_msg_type(msg_type
):
6269 return build_wsc_attr(ATTR_MSG_TYPE
, struct
.pack('B', msg_type
))
6271 def build_eap_wsc(eap_code
, eap_id
, payload
, opcode
=WSC_MSG
):
6272 length
= 4 + 8 + 2 + len(payload
)
6274 msg
= struct
.pack('>BBH', 2, 0, length
)
6276 msg
+= struct
.pack('>BBH', eap_code
, eap_id
, length
)
6277 # EAP expanded header for EAP-WSC
6278 msg
+= struct
.pack('B', 254)
6279 msg
+= struct
.pack('>L', WPS_VENDOR_ID_WFA
)[1:4]
6280 msg
+= struct
.pack('>L', WPS_VENDOR_TYPE
)
6282 msg
+= struct
.pack('BB', opcode
, 0)
6287 def build_eap_success(eap_id
):
6290 msg
= struct
.pack('>BBH', 2, 0, length
)
6292 msg
+= struct
.pack('>BBH', 3, eap_id
, length
)
6295 def build_eap_failure(eap_id
):
6298 msg
= struct
.pack('>BBH', 2, 0, length
)
6300 msg
+= struct
.pack('>BBH', 4, eap_id
, length
)
6303 def send_wsc_msg(dev
, src
, msg
):
6304 res
= dev
.request("EAPOL_RX " + src
+ " " + binascii
.hexlify(msg
).decode())
6306 raise Exception("EAPOL_RX failed")
6308 group_5_prime
= 0xFFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E088A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF
6309 group_5_generator
= 2
6311 def wsc_kdf(key
, label
, bits
):
6314 while len(result
) * 8 < bits
:
6315 data
= struct
.pack('>L', i
) + label
.encode() + struct
.pack('>L', bits
)
6316 m
= hmac
.new(key
, data
, hashlib
.sha256
)
6317 result
+= m
.digest()
6319 return result
[0:bits
// 8]
6322 keys
= wsc_kdf(kdk
, "Wi-Fi Easy and Secure Key Derivation", 640)
6323 authkey
= keys
[0:32]
6324 keywrapkey
= keys
[32:48]
6326 return authkey
, keywrapkey
, emsk
6328 def wsc_dev_pw_half_psk(authkey
, dev_pw
):
6329 m
= hmac
.new(authkey
, dev_pw
.encode(), hashlib
.sha256
)
6330 return m
.digest()[0:16]
6332 def wsc_dev_pw_psk(authkey
, dev_pw
):
6333 dev_pw_1
= dev_pw
[0:len(dev_pw
) // 2]
6334 dev_pw_2
= dev_pw
[len(dev_pw
) // 2:]
6335 psk1
= wsc_dev_pw_half_psk(authkey
, dev_pw_1
)
6336 psk2
= wsc_dev_pw_half_psk(authkey
, dev_pw_2
)
6339 def build_attr_authenticator(authkey
, prev_msg
, curr_msg
):
6340 m
= hmac
.new(authkey
, prev_msg
+ curr_msg
, hashlib
.sha256
)
6341 auth
= m
.digest()[0:8]
6342 return build_wsc_attr(ATTR_AUTHENTICATOR
, auth
)
6344 def build_attr_encr_settings(authkey
, keywrapkey
, data
):
6345 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6346 kwa
= m
.digest()[0:8]
6347 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6349 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6350 pad_len
= 16 - len(data
) % 16
6351 ps
= pad_len
* struct
.pack('B', pad_len
)
6353 wrapped
= aes
.encrypt(data
)
6354 return build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6356 def decrypt_attr_encr_settings(authkey
, keywrapkey
, data
):
6357 if len(data
) < 32 or len(data
) % 16 != 0:
6358 raise Exception("Unexpected Encrypted Settings length: %d" % len(data
))
6361 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6362 decrypted
= aes
.decrypt(encr
)
6363 pad_len
, = struct
.unpack('B', decrypted
[-1:])
6364 if pad_len
> len(decrypted
):
6365 raise Exception("Invalid padding in Encrypted Settings")
6366 for i
in range(-pad_len
, -1):
6367 if decrypted
[i
] != decrypted
[-1]:
6368 raise Exception("Invalid PS value in Encrypted Settings")
6370 decrypted
= decrypted
[0:len(decrypted
) - pad_len
]
6371 if len(decrypted
) < 12:
6372 raise Exception("Truncated Encrypted Settings plaintext")
6373 kwa
= decrypted
[-12:]
6374 attr
, length
= struct
.unpack(">HH", kwa
[0:4])
6375 if attr
!= ATTR_KEY_WRAP_AUTH
or length
!= 8:
6376 raise Exception("Invalid KWA header")
6378 decrypted
= decrypted
[0:len(decrypted
) - 12]
6380 m
= hmac
.new(authkey
, decrypted
, hashlib
.sha256
)
6381 calc_kwa
= m
.digest()[0:8]
6383 raise Exception("KWA mismatch")
6387 def zeropad_str(val
, pad_len
):
6388 while len(val
) < pad_len
* 2:
6393 # For now, use a hardcoded private key. In theory, this is supposed to be
6394 # randomly selected.
6395 own_private
= 0x123456789
6396 own_public
= pow(group_5_generator
, own_private
, group_5_prime
)
6397 pk
= binascii
.unhexlify(zeropad_str(format(own_public
, '02x'), 192))
6398 return own_private
, pk
6400 def wsc_dh_kdf(peer_pk
, own_private
, mac_addr
, e_nonce
, r_nonce
):
6401 peer_public
= int(binascii
.hexlify(peer_pk
), 16)
6402 if peer_public
< 2 or peer_public
>= group_5_prime
:
6403 raise Exception("Invalid peer public key")
6404 if pow(peer_public
, (group_5_prime
- 1) // 2, group_5_prime
) != 1:
6405 raise Exception("Unexpected Legendre symbol for peer public key")
6407 shared_secret
= pow(peer_public
, own_private
, group_5_prime
)
6408 ss
= zeropad_str(format(shared_secret
, "02x"), 192)
6409 logger
.debug("DH shared secret: " + ss
)
6411 dhkey
= hashlib
.sha256(binascii
.unhexlify(ss
)).digest()
6412 logger
.debug("DHKey: " + binascii
.hexlify(dhkey
).decode())
6414 m
= hmac
.new(dhkey
, e_nonce
+ mac_addr
+ r_nonce
, hashlib
.sha256
)
6416 logger
.debug("KDK: " + binascii
.hexlify(kdk
).decode())
6417 authkey
, keywrapkey
, emsk
= wsc_keys(kdk
)
6418 logger
.debug("AuthKey: " + binascii
.hexlify(authkey
).decode())
6419 logger
.debug("KeyWrapKey: " + binascii
.hexlify(keywrapkey
).decode())
6420 logger
.debug("EMSK: " + binascii
.hexlify(emsk
).decode())
6421 return authkey
, keywrapkey
6423 def wsc_dev_pw_hash(authkey
, dev_pw
, e_pk
, r_pk
):
6424 psk1
, psk2
= wsc_dev_pw_psk(authkey
, dev_pw
)
6425 logger
.debug("PSK1: " + binascii
.hexlify(psk1
).decode())
6426 logger
.debug("PSK2: " + binascii
.hexlify(psk2
).decode())
6428 # Note: Secret values are supposed to be random, but hardcoded values are
6431 m
= hmac
.new(authkey
, s1
+ psk1
+ e_pk
+ r_pk
, hashlib
.sha256
)
6433 logger
.debug("Hash1: " + binascii
.hexlify(hash1
).decode())
6436 m
= hmac
.new(authkey
, s2
+ psk2
+ e_pk
+ r_pk
, hashlib
.sha256
)
6438 logger
.debug("Hash2: " + binascii
.hexlify(hash2
).decode())
6439 return s1
, s2
, hash1
, hash2
6441 def build_m1(eap_id
, uuid_e
, mac_addr
, e_nonce
, e_pk
,
6442 manufacturer
='', model_name
='', config_methods
='\x00\x00'):
6443 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6444 attrs
+= build_attr_msg_type(WPS_M1
)
6445 attrs
+= build_wsc_attr(ATTR_UUID_E
, uuid_e
)
6446 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6447 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6448 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, e_pk
)
6449 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6450 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6451 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6452 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, config_methods
)
6453 attrs
+= build_wsc_attr(ATTR_WPS_STATE
, '\x00')
6454 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, manufacturer
)
6455 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, model_name
)
6456 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6457 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6458 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6459 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6460 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6461 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6462 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, '\x00\x00')
6463 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6464 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6465 m1
= build_eap_wsc(2, eap_id
, attrs
)
6468 def build_m2(authkey
, m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, r_pk
,
6469 dev_pw_id
='\x00\x00', eap_code
=1):
6470 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6471 attrs
+= build_attr_msg_type(WPS_M2
)
6473 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6475 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6476 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6478 attrs
+= build_wsc_attr(ATTR_PUBLIC_KEY
, r_pk
)
6479 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6480 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6481 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6482 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6483 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6484 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6485 attrs
+= build_wsc_attr(ATTR_MODEL_NUMBER
, '')
6486 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6487 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6488 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6489 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6490 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6491 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6492 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6493 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6494 attrs
+= build_attr_authenticator(authkey
, m1
, attrs
)
6495 m2
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6498 def build_m2d(m1
, eap_id
, e_nonce
, r_nonce
, uuid_r
, dev_pw_id
=None, eap_code
=1):
6499 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6500 attrs
+= build_attr_msg_type(WPS_M2D
)
6501 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6502 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6503 attrs
+= build_wsc_attr(ATTR_UUID_R
, uuid_r
)
6504 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE_FLAGS
, '\x00\x00')
6505 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE_FLAGS
, '\x00\x00')
6506 attrs
+= build_wsc_attr(ATTR_CONN_TYPE_FLAGS
, '\x00')
6507 attrs
+= build_wsc_attr(ATTR_CONFIG_METHODS
, '\x00\x00')
6508 attrs
+= build_wsc_attr(ATTR_MANUFACTURER
, '')
6509 attrs
+= build_wsc_attr(ATTR_MODEL_NAME
, '')
6510 #attrs += build_wsc_attr(ATTR_MODEL_NUMBER, '')
6511 attrs
+= build_wsc_attr(ATTR_SERIAL_NUMBER
, '')
6512 attrs
+= build_wsc_attr(ATTR_PRIMARY_DEV_TYPE
, 8*'\x00')
6513 attrs
+= build_wsc_attr(ATTR_DEV_NAME
, '')
6514 attrs
+= build_wsc_attr(ATTR_RF_BANDS
, '\x00')
6515 attrs
+= build_wsc_attr(ATTR_ASSOC_STATE
, '\x00\x00')
6516 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, '\x00\x00')
6517 attrs
+= build_wsc_attr(ATTR_OS_VERSION
, '\x00\x00\x00\x00')
6519 attrs
+= build_wsc_attr(ATTR_DEV_PASSWORD_ID
, dev_pw_id
)
6520 m2d
= build_eap_wsc(eap_code
, eap_id
, attrs
)
6523 def build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=WPS_WSC_ACK
, eap_code
=1):
6524 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6525 if msg_type
is not None:
6526 attrs
+= build_attr_msg_type(msg_type
)
6528 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6530 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6531 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_ACK
)
6534 def build_nack(eap_id
, e_nonce
, r_nonce
, config_error
='\x00\x00',
6535 msg_type
=WPS_WSC_NACK
, eap_code
=1):
6536 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6537 if msg_type
is not None:
6538 attrs
+= build_attr_msg_type(msg_type
)
6540 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6542 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
6544 attrs
+= build_wsc_attr(ATTR_CONFIG_ERROR
, config_error
)
6545 msg
= build_eap_wsc(eap_code
, eap_id
, attrs
, opcode
=WSC_NACK
)
6548 def test_wps_ext(dev
, apdev
):
6549 """WPS against external implementation"""
6551 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6552 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6553 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6555 logger
.debug("Receive WSC/Start from AP")
6556 msg
= get_wsc_msg(hapd
)
6557 if msg
['wsc_opcode'] != WSC_Start
:
6558 raise Exception("Unexpected Op-Code for WSC/Start")
6559 wsc_start_id
= msg
['eap_identifier']
6561 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6563 e_nonce
= 16*b
'\x22'
6564 own_private
, e_pk
= wsc_dh_init()
6566 logger
.debug("Send M1 to AP")
6567 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
6569 send_wsc_msg(hapd
, addr
, m1
)
6571 logger
.debug("Receive M2 from AP")
6572 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
6574 authkey
, keywrapkey
= wsc_dh_kdf(m2_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6576 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6577 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
,
6578 m2_attrs
[ATTR_PUBLIC_KEY
])
6580 logger
.debug("Send M3 to AP")
6581 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6582 attrs
+= build_attr_msg_type(WPS_M3
)
6583 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6584 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6585 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
6586 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
6587 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
6588 raw_m3_attrs
= attrs
6589 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6590 send_wsc_msg(hapd
, addr
, m3
)
6592 logger
.debug("Receive M4 from AP")
6593 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
6595 logger
.debug("Send M5 to AP")
6596 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6597 attrs
+= build_attr_msg_type(WPS_M5
)
6598 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6599 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6600 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
6601 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6602 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
6603 raw_m5_attrs
= attrs
6604 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6605 send_wsc_msg(hapd
, addr
, m5
)
6607 logger
.debug("Receive M6 from AP")
6608 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
6610 logger
.debug("Send M7 to AP")
6611 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6612 attrs
+= build_attr_msg_type(WPS_M7
)
6613 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6614 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6615 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
6616 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6617 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
6618 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
6619 raw_m7_attrs
= attrs
6620 send_wsc_msg(hapd
, addr
, m7
)
6622 logger
.debug("Receive M8 from AP")
6623 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
6624 m8_cred
= decrypt_attr_encr_settings(authkey
, keywrapkey
,
6625 m8_attrs
[ATTR_ENCR_SETTINGS
])
6626 logger
.debug("M8 Credential: " + binascii
.hexlify(m8_cred
).decode())
6628 logger
.debug("Prepare WSC_Done")
6629 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6630 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
6631 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
6632 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
,
6633 m2_attrs
[ATTR_REGISTRAR_NONCE
])
6634 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
6635 # Do not send WSC_Done yet to allow exchangw with STA complete before the
6639 r_nonce
= 16*b
'\x44'
6641 eap_id
= wsc_start_id
6642 logger
.debug("Send WSC/Start to STA")
6643 wsc_start
= build_eap_wsc(1, eap_id
, b
'', opcode
=WSC_Start
)
6644 send_wsc_msg(dev
[0], bssid
, wsc_start
)
6645 eap_id
= (eap_id
+ 1) % 256
6647 logger
.debug("Receive M1 from STA")
6648 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6650 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6651 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6653 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6654 m1_attrs
[ATTR_PUBLIC_KEY
],
6657 logger
.debug("Send M2 to STA")
6658 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6659 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6660 r_nonce
, uuid_r
, e_pk
)
6661 send_wsc_msg(dev
[0], bssid
, m2
)
6662 eap_id
= (eap_id
+ 1) % 256
6664 logger
.debug("Receive M3 from STA")
6665 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6667 logger
.debug("Send M4 to STA")
6668 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6669 attrs
+= build_attr_msg_type(WPS_M4
)
6670 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6671 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6672 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6673 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6674 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6675 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6676 raw_m4_attrs
= attrs
6677 m4
= build_eap_wsc(1, eap_id
, attrs
)
6678 send_wsc_msg(dev
[0], bssid
, m4
)
6679 eap_id
= (eap_id
+ 1) % 256
6681 logger
.debug("Receive M5 from STA")
6682 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6684 logger
.debug("Send M6 to STA")
6685 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6686 attrs
+= build_attr_msg_type(WPS_M6
)
6687 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6688 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6689 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6690 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6691 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6692 raw_m6_attrs
= attrs
6693 m6
= build_eap_wsc(1, eap_id
, attrs
)
6694 send_wsc_msg(dev
[0], bssid
, m6
)
6695 eap_id
= (eap_id
+ 1) % 256
6697 logger
.debug("Receive M7 from STA")
6698 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6700 logger
.debug("Send M8 to STA")
6701 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6702 attrs
+= build_attr_msg_type(WPS_M8
)
6703 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6704 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6705 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6706 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6707 raw_m8_attrs
= attrs
6708 m8
= build_eap_wsc(1, eap_id
, attrs
)
6709 send_wsc_msg(dev
[0], bssid
, m8
)
6710 eap_id
= (eap_id
+ 1) % 256
6712 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=5)
6714 raise Exception("wpa_supplicant did not report credential")
6716 logger
.debug("Receive WSC_Done from STA")
6717 msg
= get_wsc_msg(dev
[0])
6718 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6719 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6721 logger
.debug("Send WSC_Done to AP")
6722 hapd
.request("SET ext_eapol_frame_io 0")
6723 dev
[0].request("SET ext_eapol_frame_io 0")
6724 send_wsc_msg(hapd
, addr
, wsc_done
)
6726 ev
= hapd
.wait_event(["WPS-REG-SUCCESS"], timeout
=5)
6728 raise Exception("hostapd did not report WPS success")
6730 dev
[0].wait_connected()
6732 def wps_start_kwa(dev
, apdev
):
6734 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6735 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6736 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6737 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6739 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6741 r_nonce
= 16*b
'\x44'
6742 own_private
, e_pk
= wsc_dh_init()
6744 logger
.debug("Receive M1 from STA")
6745 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6746 eap_id
= (msg
['eap_identifier'] + 1) % 256
6748 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6749 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6751 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6752 m1_attrs
[ATTR_PUBLIC_KEY
],
6755 logger
.debug("Send M2 to STA")
6756 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6757 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6758 r_nonce
, uuid_r
, e_pk
)
6759 send_wsc_msg(dev
[0], bssid
, m2
)
6760 eap_id
= (eap_id
+ 1) % 256
6762 logger
.debug("Receive M3 from STA")
6763 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6765 logger
.debug("Send M4 to STA")
6766 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6767 attrs
+= build_attr_msg_type(WPS_M4
)
6768 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6769 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6770 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6772 return r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
6774 def wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
):
6775 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6776 m4
= build_eap_wsc(1, eap_id
, attrs
)
6777 send_wsc_msg(dev
[0], bssid
, m4
)
6778 eap_id
= (eap_id
+ 1) % 256
6780 logger
.debug("Receive M5 from STA")
6781 msg
= get_wsc_msg(dev
[0])
6782 if msg
['wsc_opcode'] != WSC_NACK
:
6783 raise Exception("Unexpected message - expected WSC_Nack")
6785 dev
[0].request("WPS_CANCEL")
6786 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6787 dev
[0].wait_disconnected()
6789 def test_wps_ext_kwa_proto_no_kwa(dev
, apdev
):
6790 """WPS and KWA error: No KWA attribute"""
6791 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6792 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6793 # Encrypted Settings without KWA
6795 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6796 pad_len
= 16 - len(data
) % 16
6797 ps
= pad_len
* struct
.pack('B', pad_len
)
6799 wrapped
= aes
.encrypt(data
)
6800 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6801 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6803 def test_wps_ext_kwa_proto_data_after_kwa(dev
, apdev
):
6804 """WPS and KWA error: Data after KWA"""
6805 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6806 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6807 # Encrypted Settings and data after KWA
6808 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
6809 kwa
= m
.digest()[0:8]
6810 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
6811 data
+= build_wsc_attr(ATTR_VENDOR_EXT
, "1234567890")
6813 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6814 pad_len
= 16 - len(data
) % 16
6815 ps
= pad_len
* struct
.pack('B', pad_len
)
6817 wrapped
= aes
.encrypt(data
)
6818 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6819 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6821 def test_wps_ext_kwa_proto_kwa_mismatch(dev
, apdev
):
6822 """WPS and KWA error: KWA mismatch"""
6823 r_s1
, keywrapkey
, authkey
, raw_m3_attrs
, eap_id
, bssid
, attrs
= wps_start_kwa(dev
, apdev
)
6824 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6825 # Encrypted Settings and KWA with incorrect value
6826 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, 8*'\x00')
6828 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
6829 pad_len
= 16 - len(data
) % 16
6830 ps
= pad_len
* struct
.pack('B', pad_len
)
6832 wrapped
= aes
.encrypt(data
)
6833 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
6834 wps_stop_kwa(dev
, bssid
, attrs
, authkey
, raw_m3_attrs
, eap_id
)
6836 def wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=False, no_connect
=False):
6838 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
6839 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
6840 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
6841 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
6843 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6845 r_nonce
= 16*b
'\x44'
6846 own_private
, e_pk
= wsc_dh_init()
6848 logger
.debug("Receive M1 from STA")
6849 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
6850 eap_id
= (msg
['eap_identifier'] + 1) % 256
6852 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
6853 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
6855 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
6856 m1_attrs
[ATTR_PUBLIC_KEY
],
6859 logger
.debug("Send M2 to STA")
6860 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
6861 m1_attrs
[ATTR_ENROLLEE_NONCE
],
6862 r_nonce
, uuid_r
, e_pk
)
6863 send_wsc_msg(dev
[0], bssid
, m2
)
6864 eap_id
= (eap_id
+ 1) % 256
6866 logger
.debug("Receive M3 from STA")
6867 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
6869 logger
.debug("Send M4 to STA")
6870 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6871 attrs
+= build_attr_msg_type(WPS_M4
)
6872 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
6873 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
6874 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
6875 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
6876 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6877 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
6878 raw_m4_attrs
= attrs
6879 m4
= build_eap_wsc(1, eap_id
, attrs
)
6880 send_wsc_msg(dev
[0], bssid
, m4
)
6881 eap_id
= (eap_id
+ 1) % 256
6883 logger
.debug("Receive M5 from STA")
6884 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
6886 logger
.debug("Send M6 to STA")
6887 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6888 attrs
+= build_attr_msg_type(WPS_M6
)
6889 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6890 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6891 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
6892 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
6893 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
6894 raw_m6_attrs
= attrs
6895 m6
= build_eap_wsc(1, eap_id
, attrs
)
6896 send_wsc_msg(dev
[0], bssid
, m6
)
6897 eap_id
= (eap_id
+ 1) % 256
6899 logger
.debug("Receive M7 from STA")
6900 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
6902 logger
.debug("Send M8 to STA")
6903 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
6904 attrs
+= build_attr_msg_type(WPS_M8
)
6905 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
,
6906 m1_attrs
[ATTR_ENROLLEE_NONCE
])
6907 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, m8_cred
)
6908 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
6909 raw_m8_attrs
= attrs
6910 m8
= build_eap_wsc(1, eap_id
, attrs
)
6911 send_wsc_msg(dev
[0], bssid
, m8
)
6912 eap_id
= (eap_id
+ 1) % 256
6915 logger
.debug("Receive WSC_Done from STA")
6916 msg
= get_wsc_msg(dev
[0])
6917 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6918 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6920 hapd
.request("SET ext_eapol_frame_io 0")
6921 dev
[0].request("SET ext_eapol_frame_io 0")
6923 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6925 dev
[0].wait_disconnected()
6926 dev
[0].request("REMOVE_NETWORK all")
6928 logger
.debug("Receive WSC_Done from STA")
6929 msg
= get_wsc_msg(dev
[0])
6930 if msg
['wsc_opcode'] != WSC_Done
or msg
['wsc_msg_type'] != WPS_WSC_DONE
:
6931 raise Exception("Unexpected Op-Code/MsgType for WSC_Done")
6933 hapd
.request("SET ext_eapol_frame_io 0")
6934 dev
[0].request("SET ext_eapol_frame_io 0")
6936 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6938 dev
[0].wait_connected()
6940 # Verify STA NACK's the credential
6941 msg
= get_wsc_msg(dev
[0])
6942 if msg
['wsc_opcode'] != WSC_NACK
:
6943 raise Exception("Unexpected message - expected WSC_Nack")
6944 dev
[0].request("WPS_CANCEL")
6945 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
6946 dev
[0].wait_disconnected()
6948 def build_cred(nw_idx
='\x01', ssid
='test-wps-conf', auth_type
='\x00\x20',
6949 encr_type
='\x00\x08', nw_key
="12345678",
6950 mac_addr
='\x00\x00\x00\x00\x00\x00'):
6952 if nw_idx
is not None:
6953 attrs
+= build_wsc_attr(ATTR_NETWORK_INDEX
, nw_idx
)
6954 if ssid
is not None:
6955 attrs
+= build_wsc_attr(ATTR_SSID
, ssid
)
6956 if auth_type
is not None:
6957 attrs
+= build_wsc_attr(ATTR_AUTH_TYPE
, auth_type
)
6958 if encr_type
is not None:
6959 attrs
+= build_wsc_attr(ATTR_ENCR_TYPE
, encr_type
)
6960 if nw_key
is not None:
6961 attrs
+= build_wsc_attr(ATTR_NETWORK_KEY
, nw_key
)
6962 if mac_addr
is not None:
6963 attrs
+= build_wsc_attr(ATTR_MAC_ADDR
, mac_addr
)
6964 return build_wsc_attr(ATTR_CRED
, attrs
)
6966 def test_wps_ext_cred_proto_success(dev
, apdev
):
6967 """WPS and Credential: success"""
6968 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6969 m8_cred
= build_cred(mac_addr
=mac_addr
)
6970 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6972 def test_wps_ext_cred_proto_mac_addr_mismatch(dev
, apdev
):
6973 """WPS and Credential: MAC Address mismatch"""
6974 m8_cred
= build_cred()
6975 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6977 def test_wps_ext_cred_proto_zero_padding(dev
, apdev
):
6978 """WPS and Credential: zeropadded attributes"""
6979 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6980 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
='test-wps-conf\x00',
6981 nw_key
="12345678\x00")
6982 wps_run_cred_proto(dev
, apdev
, m8_cred
, connect
=True)
6984 def test_wps_ext_cred_proto_ssid_missing(dev
, apdev
):
6985 """WPS and Credential: SSID missing"""
6986 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6987 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
=None)
6988 wps_run_cred_proto(dev
, apdev
, m8_cred
)
6990 def test_wps_ext_cred_proto_ssid_zero_len(dev
, apdev
):
6991 """WPS and Credential: Zero-length SSID"""
6992 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6993 m8_cred
= build_cred(mac_addr
=mac_addr
, ssid
="")
6994 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
6996 def test_wps_ext_cred_proto_auth_type_missing(dev
, apdev
):
6997 """WPS and Credential: Auth Type missing"""
6998 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
6999 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
=None)
7000 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7002 def test_wps_ext_cred_proto_encr_type_missing(dev
, apdev
):
7003 """WPS and Credential: Encr Type missing"""
7004 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7005 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
=None)
7006 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7008 def test_wps_ext_cred_proto_network_key_missing(dev
, apdev
):
7009 """WPS and Credential: Network Key missing"""
7010 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7011 m8_cred
= build_cred(mac_addr
=mac_addr
, nw_key
=None)
7012 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7014 def test_wps_ext_cred_proto_network_key_missing_open(dev
, apdev
):
7015 """WPS and Credential: Network Key missing (open)"""
7016 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7017 m8_cred
= build_cred(mac_addr
=mac_addr
, auth_type
='\x00\x01',
7018 encr_type
='\x00\x01', nw_key
=None, ssid
="foo")
7019 wps_run_cred_proto(dev
, apdev
, m8_cred
, no_connect
=True)
7021 def test_wps_ext_cred_proto_mac_addr_missing(dev
, apdev
):
7022 """WPS and Credential: MAC Address missing"""
7023 m8_cred
= build_cred(mac_addr
=None)
7024 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7026 def test_wps_ext_cred_proto_invalid_encr_type(dev
, apdev
):
7027 """WPS and Credential: Invalid Encr Type"""
7028 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7029 m8_cred
= build_cred(mac_addr
=mac_addr
, encr_type
='\x00\x00')
7030 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7032 def test_wps_ext_cred_proto_missing_cred(dev
, apdev
):
7033 """WPS and Credential: Missing Credential"""
7034 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7036 wps_run_cred_proto(dev
, apdev
, m8_cred
)
7038 def test_wps_ext_proto_m2_no_public_key(dev
, apdev
):
7039 """WPS and no Public Key in M2"""
7041 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7042 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7043 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7044 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7046 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7048 r_nonce
= 16*b
'\x44'
7049 own_private
, e_pk
= wsc_dh_init()
7051 logger
.debug("Receive M1 from STA")
7052 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7053 eap_id
= (msg
['eap_identifier'] + 1) % 256
7055 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7056 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7058 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7059 m1_attrs
[ATTR_PUBLIC_KEY
],
7062 logger
.debug("Send M2 to STA")
7063 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7064 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7065 r_nonce
, uuid_r
, None)
7066 send_wsc_msg(dev
[0], bssid
, m2
)
7067 eap_id
= (eap_id
+ 1) % 256
7069 # Verify STA NACK's the credential
7070 msg
= get_wsc_msg(dev
[0])
7071 if msg
['wsc_opcode'] != WSC_NACK
:
7072 raise Exception("Unexpected message - expected WSC_Nack")
7073 dev
[0].request("WPS_CANCEL")
7074 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7075 dev
[0].wait_disconnected()
7077 def test_wps_ext_proto_m2_invalid_public_key(dev
, apdev
):
7078 """WPS and invalid Public Key in M2"""
7080 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7081 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7082 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7083 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7085 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7087 r_nonce
= 16*b
'\x44'
7088 own_private
, e_pk
= wsc_dh_init()
7090 logger
.debug("Receive M1 from STA")
7091 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7092 eap_id
= (msg
['eap_identifier'] + 1) % 256
7094 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7095 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7097 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7098 m1_attrs
[ATTR_PUBLIC_KEY
],
7101 logger
.debug("Send M2 to STA")
7102 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7103 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7104 r_nonce
, uuid_r
, 192*b
'\xff')
7105 send_wsc_msg(dev
[0], bssid
, m2
)
7106 eap_id
= (eap_id
+ 1) % 256
7108 # Verify STA NACK's the credential
7109 msg
= get_wsc_msg(dev
[0])
7110 if msg
['wsc_opcode'] != WSC_NACK
:
7111 raise Exception("Unexpected message - expected WSC_Nack")
7112 dev
[0].request("WPS_CANCEL")
7113 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7114 dev
[0].wait_disconnected()
7116 def test_wps_ext_proto_m2_public_key_oom(dev
, apdev
):
7117 """WPS and Public Key OOM in M2"""
7119 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7120 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7121 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7122 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7124 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7126 r_nonce
= 16*b
'\x44'
7127 own_private
, e_pk
= wsc_dh_init()
7129 logger
.debug("Receive M1 from STA")
7130 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7131 eap_id
= (msg
['eap_identifier'] + 1) % 256
7133 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7134 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7136 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7137 m1_attrs
[ATTR_PUBLIC_KEY
],
7140 logger
.debug("Send M2 to STA")
7141 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7142 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7143 r_nonce
, uuid_r
, e_pk
)
7144 with
alloc_fail(dev
[0], 1, "wpabuf_alloc_copy;wps_process_pubkey"):
7145 send_wsc_msg(dev
[0], bssid
, m2
)
7146 eap_id
= (eap_id
+ 1) % 256
7148 # Verify STA NACK's the credential
7149 msg
= get_wsc_msg(dev
[0])
7150 if msg
['wsc_opcode'] != WSC_NACK
:
7151 raise Exception("Unexpected message - expected WSC_Nack")
7152 dev
[0].request("WPS_CANCEL")
7153 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7154 dev
[0].wait_disconnected()
7156 def test_wps_ext_proto_nack_m3(dev
, apdev
):
7157 """WPS and NACK M3"""
7159 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7160 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7161 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7162 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7164 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7166 r_nonce
= 16*b
'\x44'
7167 own_private
, e_pk
= wsc_dh_init()
7169 logger
.debug("Receive M1 from STA")
7170 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7171 eap_id
= (msg
['eap_identifier'] + 1) % 256
7173 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7174 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7176 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7177 m1_attrs
[ATTR_PUBLIC_KEY
],
7180 logger
.debug("Send M2 to STA")
7181 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7182 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7183 r_nonce
, uuid_r
, e_pk
)
7184 send_wsc_msg(dev
[0], bssid
, m2
)
7185 eap_id
= (eap_id
+ 1) % 256
7187 logger
.debug("Receive M3 from STA")
7188 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7190 logger
.debug("Send NACK to STA")
7191 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7192 r_nonce
, config_error
='\x01\x23')
7193 send_wsc_msg(dev
[0], bssid
, msg
)
7194 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7196 raise Exception("Failure not reported")
7197 if "msg=7 config_error=291" not in ev
:
7198 raise Exception("Unexpected failure reason: " + ev
)
7200 def test_wps_ext_proto_nack_m5(dev
, apdev
):
7201 """WPS and NACK M5"""
7203 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7204 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7205 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7206 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7208 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7210 r_nonce
= 16*b
'\x44'
7211 own_private
, e_pk
= wsc_dh_init()
7213 logger
.debug("Receive M1 from STA")
7214 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7215 eap_id
= (msg
['eap_identifier'] + 1) % 256
7217 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7218 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7220 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7221 m1_attrs
[ATTR_PUBLIC_KEY
],
7224 logger
.debug("Send M2 to STA")
7225 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7226 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7227 r_nonce
, uuid_r
, e_pk
)
7228 send_wsc_msg(dev
[0], bssid
, m2
)
7229 eap_id
= (eap_id
+ 1) % 256
7231 logger
.debug("Receive M3 from STA")
7232 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7234 logger
.debug("Send M4 to STA")
7235 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7236 attrs
+= build_attr_msg_type(WPS_M4
)
7237 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7238 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7239 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7240 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7241 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7242 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7243 raw_m4_attrs
= attrs
7244 m4
= build_eap_wsc(1, eap_id
, attrs
)
7245 send_wsc_msg(dev
[0], bssid
, m4
)
7246 eap_id
= (eap_id
+ 1) % 256
7248 logger
.debug("Receive M5 from STA")
7249 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7251 logger
.debug("Send NACK to STA")
7252 msg
, attrs
= build_nack(eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7253 r_nonce
, config_error
='\x01\x24')
7254 send_wsc_msg(dev
[0], bssid
, msg
)
7255 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=5)
7257 raise Exception("Failure not reported")
7258 if "msg=9 config_error=292" not in ev
:
7259 raise Exception("Unexpected failure reason: " + ev
)
7261 def wps_nack_m3(dev
, apdev
):
7263 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pbc
=True)
7264 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7265 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7266 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7268 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7270 r_nonce
= 16*b
'\x44'
7271 own_private
, e_pk
= wsc_dh_init()
7273 logger
.debug("Receive M1 from STA")
7274 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7275 eap_id
= (msg
['eap_identifier'] + 1) % 256
7277 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7278 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7280 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7281 m1_attrs
[ATTR_PUBLIC_KEY
],
7284 logger
.debug("Send M2 to STA")
7285 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7286 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7287 r_nonce
, uuid_r
, e_pk
, dev_pw_id
='\x00\x04')
7288 send_wsc_msg(dev
[0], bssid
, m2
)
7289 eap_id
= (eap_id
+ 1) % 256
7291 logger
.debug("Receive M3 from STA")
7292 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7293 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
7295 def test_wps_ext_proto_nack_m3_no_config_error(dev
, apdev
):
7296 """WPS and NACK M3 missing Config Error"""
7297 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7298 logger
.debug("Send NACK to STA")
7299 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, config_error
=None)
7300 send_wsc_msg(dev
[0], bssid
, msg
)
7301 dev
[0].request("WPS_CANCEL")
7302 dev
[0].wait_disconnected()
7303 dev
[0].flush_scan_cache()
7305 def test_wps_ext_proto_nack_m3_no_e_nonce(dev
, apdev
):
7306 """WPS and NACK M3 missing E-Nonce"""
7307 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7308 logger
.debug("Send NACK to STA")
7309 msg
, attrs
= build_nack(eap_id
, None, r_nonce
)
7310 send_wsc_msg(dev
[0], bssid
, msg
)
7311 dev
[0].request("WPS_CANCEL")
7312 dev
[0].wait_disconnected()
7313 dev
[0].flush_scan_cache()
7315 def test_wps_ext_proto_nack_m3_e_nonce_mismatch(dev
, apdev
):
7316 """WPS and NACK M3 E-Nonce mismatch"""
7317 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7318 logger
.debug("Send NACK to STA")
7319 msg
, attrs
= build_nack(eap_id
, 16*'\x00', r_nonce
)
7320 send_wsc_msg(dev
[0], bssid
, msg
)
7321 dev
[0].request("WPS_CANCEL")
7322 dev
[0].wait_disconnected()
7323 dev
[0].flush_scan_cache()
7325 def test_wps_ext_proto_nack_m3_no_r_nonce(dev
, apdev
):
7326 """WPS and NACK M3 missing R-Nonce"""
7327 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7328 logger
.debug("Send NACK to STA")
7329 msg
, attrs
= build_nack(eap_id
, e_nonce
, None)
7330 send_wsc_msg(dev
[0], bssid
, msg
)
7331 dev
[0].request("WPS_CANCEL")
7332 dev
[0].wait_disconnected()
7333 dev
[0].flush_scan_cache()
7335 def test_wps_ext_proto_nack_m3_r_nonce_mismatch(dev
, apdev
):
7336 """WPS and NACK M3 R-Nonce mismatch"""
7337 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7338 logger
.debug("Send NACK to STA")
7339 msg
, attrs
= build_nack(eap_id
, e_nonce
, 16*'\x00')
7340 send_wsc_msg(dev
[0], bssid
, msg
)
7341 dev
[0].request("WPS_CANCEL")
7342 dev
[0].wait_disconnected()
7343 dev
[0].flush_scan_cache()
7345 def test_wps_ext_proto_nack_m3_no_msg_type(dev
, apdev
):
7346 """WPS and NACK M3 no Message Type"""
7347 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7348 logger
.debug("Send NACK to STA")
7349 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7350 send_wsc_msg(dev
[0], bssid
, msg
)
7351 dev
[0].request("WPS_CANCEL")
7352 dev
[0].wait_disconnected()
7353 dev
[0].flush_scan_cache()
7355 def test_wps_ext_proto_nack_m3_invalid_msg_type(dev
, apdev
):
7356 """WPS and NACK M3 invalid Message Type"""
7357 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7358 logger
.debug("Send NACK to STA")
7359 msg
, attrs
= build_nack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7360 send_wsc_msg(dev
[0], bssid
, msg
)
7361 dev
[0].request("WPS_CANCEL")
7362 dev
[0].wait_disconnected()
7363 dev
[0].flush_scan_cache()
7365 def test_wps_ext_proto_nack_m3_invalid_attr(dev
, apdev
):
7366 """WPS and NACK M3 invalid attribute"""
7367 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7368 logger
.debug("Send NACK to STA")
7369 attrs
= b
'\x10\x10\x00'
7370 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_NACK
)
7371 send_wsc_msg(dev
[0], bssid
, msg
)
7372 dev
[0].request("WPS_CANCEL")
7373 dev
[0].wait_disconnected()
7374 dev
[0].flush_scan_cache()
7376 def test_wps_ext_proto_ack_m3_no_e_nonce(dev
, apdev
):
7377 """WPS and ACK M3 missing E-Nonce"""
7378 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7379 logger
.debug("Send NACK to STA")
7380 msg
, attrs
= build_ack(eap_id
, None, r_nonce
)
7381 send_wsc_msg(dev
[0], bssid
, msg
)
7382 dev
[0].request("WPS_CANCEL")
7383 dev
[0].wait_disconnected()
7384 dev
[0].flush_scan_cache()
7386 def test_wps_ext_proto_ack_m3_e_nonce_mismatch(dev
, apdev
):
7387 """WPS and ACK M3 E-Nonce mismatch"""
7388 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7389 logger
.debug("Send NACK to STA")
7390 msg
, attrs
= build_ack(eap_id
, 16*'\x00', r_nonce
)
7391 send_wsc_msg(dev
[0], bssid
, msg
)
7392 dev
[0].request("WPS_CANCEL")
7393 dev
[0].wait_disconnected()
7394 dev
[0].flush_scan_cache()
7396 def test_wps_ext_proto_ack_m3_no_r_nonce(dev
, apdev
):
7397 """WPS and ACK M3 missing R-Nonce"""
7398 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7399 logger
.debug("Send NACK to STA")
7400 msg
, attrs
= build_ack(eap_id
, e_nonce
, None)
7401 send_wsc_msg(dev
[0], bssid
, msg
)
7402 dev
[0].request("WPS_CANCEL")
7403 dev
[0].wait_disconnected()
7404 dev
[0].flush_scan_cache()
7406 def test_wps_ext_proto_ack_m3_r_nonce_mismatch(dev
, apdev
):
7407 """WPS and ACK M3 R-Nonce mismatch"""
7408 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7409 logger
.debug("Send NACK to STA")
7410 msg
, attrs
= build_ack(eap_id
, e_nonce
, 16*'\x00')
7411 send_wsc_msg(dev
[0], bssid
, msg
)
7412 dev
[0].request("WPS_CANCEL")
7413 dev
[0].wait_disconnected()
7414 dev
[0].flush_scan_cache()
7416 def test_wps_ext_proto_ack_m3_no_msg_type(dev
, apdev
):
7417 """WPS and ACK M3 no Message Type"""
7418 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7419 logger
.debug("Send NACK to STA")
7420 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=None)
7421 send_wsc_msg(dev
[0], bssid
, msg
)
7422 dev
[0].request("WPS_CANCEL")
7423 dev
[0].wait_disconnected()
7424 dev
[0].flush_scan_cache()
7426 def test_wps_ext_proto_ack_m3_invalid_msg_type(dev
, apdev
):
7427 """WPS and ACK M3 invalid Message Type"""
7428 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7429 logger
.debug("Send NACK to STA")
7430 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
, msg_type
=123)
7431 send_wsc_msg(dev
[0], bssid
, msg
)
7432 dev
[0].request("WPS_CANCEL")
7433 dev
[0].wait_disconnected()
7434 dev
[0].flush_scan_cache()
7436 def test_wps_ext_proto_ack_m3_invalid_attr(dev
, apdev
):
7437 """WPS and ACK M3 invalid attribute"""
7438 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7439 logger
.debug("Send ACK to STA")
7440 attrs
= b
'\x10\x10\x00'
7441 msg
= build_eap_wsc(1, eap_id
, attrs
, opcode
=WSC_ACK
)
7442 send_wsc_msg(dev
[0], bssid
, msg
)
7443 dev
[0].request("WPS_CANCEL")
7444 dev
[0].wait_disconnected()
7445 dev
[0].flush_scan_cache()
7447 def test_wps_ext_proto_ack_m3(dev
, apdev
):
7448 """WPS and ACK M3"""
7449 eap_id
, e_nonce
, r_nonce
, bssid
= wps_nack_m3(dev
, apdev
)
7450 logger
.debug("Send ACK to STA")
7451 msg
, attrs
= build_ack(eap_id
, e_nonce
, r_nonce
)
7452 send_wsc_msg(dev
[0], bssid
, msg
)
7453 dev
[0].request("WPS_CANCEL")
7454 dev
[0].wait_disconnected()
7455 dev
[0].flush_scan_cache()
7457 def wps_to_m3_helper(dev
, apdev
):
7459 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7460 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7461 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7462 wps_ext_eap_wsc(dev
[0], hapd
, bssid
, "EAP-WSC/Start")
7464 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7466 r_nonce
= 16*b
'\x44'
7467 own_private
, e_pk
= wsc_dh_init()
7469 logger
.debug("Receive M1 from STA")
7470 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M1
)
7471 eap_id
= (msg
['eap_identifier'] + 1) % 256
7473 authkey
, keywrapkey
= wsc_dh_kdf(m1_attrs
[ATTR_PUBLIC_KEY
], own_private
,
7474 mac_addr
, m1_attrs
[ATTR_ENROLLEE_NONCE
],
7476 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, pin
,
7477 m1_attrs
[ATTR_PUBLIC_KEY
],
7480 logger
.debug("Send M2 to STA")
7481 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, eap_id
,
7482 m1_attrs
[ATTR_ENROLLEE_NONCE
],
7483 r_nonce
, uuid_r
, e_pk
)
7484 send_wsc_msg(dev
[0], bssid
, m2
)
7485 eap_id
= (eap_id
+ 1) % 256
7487 logger
.debug("Receive M3 from STA")
7488 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M3
)
7489 return eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
7491 def wps_to_m3(dev
, apdev
):
7492 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7493 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, raw_m3_attrs
, authkey
, keywrapkey
7495 def wps_to_m5(dev
, apdev
):
7496 eap_id
, m1_attrs
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, r_s2
, raw_m3_attrs
, authkey
, keywrapkey
= wps_to_m3_helper(dev
, apdev
)
7498 logger
.debug("Send M4 to STA")
7499 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7500 attrs
+= build_attr_msg_type(WPS_M4
)
7501 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, m1_attrs
[ATTR_ENROLLEE_NONCE
])
7502 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7503 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7504 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7505 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7506 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7507 raw_m4_attrs
= attrs
7508 m4
= build_eap_wsc(1, eap_id
, attrs
)
7509 send_wsc_msg(dev
[0], bssid
, m4
)
7510 eap_id
= (eap_id
+ 1) % 256
7512 logger
.debug("Receive M5 from STA")
7513 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M5
)
7515 return eap_id
, m1_attrs
[ATTR_ENROLLEE_NONCE
], r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, raw_m5_attrs
, authkey
, keywrapkey
7517 def test_wps_ext_proto_m4_missing_r_hash1(dev
, apdev
):
7518 """WPS and no R-Hash1 in M4"""
7519 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7521 logger
.debug("Send M4 to STA")
7522 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7523 attrs
+= build_attr_msg_type(WPS_M4
)
7524 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7525 #attrs += build_wsc_attr(ATTR_R_HASH1, r_hash1)
7526 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7527 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7528 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7529 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7530 m4
= build_eap_wsc(1, eap_id
, attrs
)
7531 send_wsc_msg(dev
[0], bssid
, m4
)
7532 eap_id
= (eap_id
+ 1) % 256
7534 logger
.debug("Receive M5 (NACK) from STA")
7535 msg
= get_wsc_msg(dev
[0])
7536 if msg
['wsc_opcode'] != WSC_NACK
:
7537 raise Exception("Unexpected message - expected WSC_Nack")
7539 dev
[0].request("WPS_CANCEL")
7540 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7541 dev
[0].wait_disconnected()
7543 def test_wps_ext_proto_m4_missing_r_hash2(dev
, apdev
):
7544 """WPS and no R-Hash2 in M4"""
7545 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7547 logger
.debug("Send M4 to STA")
7548 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7549 attrs
+= build_attr_msg_type(WPS_M4
)
7550 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7551 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7552 #attrs += build_wsc_attr(ATTR_R_HASH2, r_hash2)
7553 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7554 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7555 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7556 m4
= build_eap_wsc(1, eap_id
, attrs
)
7557 send_wsc_msg(dev
[0], bssid
, m4
)
7558 eap_id
= (eap_id
+ 1) % 256
7560 logger
.debug("Receive M5 (NACK) from STA")
7561 msg
= get_wsc_msg(dev
[0])
7562 if msg
['wsc_opcode'] != WSC_NACK
:
7563 raise Exception("Unexpected message - expected WSC_Nack")
7565 dev
[0].request("WPS_CANCEL")
7566 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7567 dev
[0].wait_disconnected()
7569 def test_wps_ext_proto_m4_missing_r_snonce1(dev
, apdev
):
7570 """WPS and no R-SNonce1 in M4"""
7571 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7573 logger
.debug("Send M4 to STA")
7574 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7575 attrs
+= build_attr_msg_type(WPS_M4
)
7576 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7577 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7578 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7579 #data = build_wsc_attr(ATTR_R_SNONCE1, r_s1)
7581 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7582 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7583 m4
= build_eap_wsc(1, eap_id
, attrs
)
7584 send_wsc_msg(dev
[0], bssid
, m4
)
7585 eap_id
= (eap_id
+ 1) % 256
7587 logger
.debug("Receive M5 (NACK) from STA")
7588 msg
= get_wsc_msg(dev
[0])
7589 if msg
['wsc_opcode'] != WSC_NACK
:
7590 raise Exception("Unexpected message - expected WSC_Nack")
7592 dev
[0].request("WPS_CANCEL")
7593 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7594 dev
[0].wait_disconnected()
7596 def test_wps_ext_proto_m4_invalid_pad_string(dev
, apdev
):
7597 """WPS and invalid pad string in M4"""
7598 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7600 logger
.debug("Send M4 to STA")
7601 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7602 attrs
+= build_attr_msg_type(WPS_M4
)
7603 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7604 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7605 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7606 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7608 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7609 kwa
= m
.digest()[0:8]
7610 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7612 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7613 pad_len
= 16 - len(data
) % 16
7614 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', pad_len
- 1)
7616 wrapped
= aes
.encrypt(data
)
7617 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7619 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7620 m4
= build_eap_wsc(1, eap_id
, attrs
)
7621 send_wsc_msg(dev
[0], bssid
, m4
)
7622 eap_id
= (eap_id
+ 1) % 256
7624 logger
.debug("Receive M5 (NACK) from STA")
7625 msg
= get_wsc_msg(dev
[0])
7626 if msg
['wsc_opcode'] != WSC_NACK
:
7627 raise Exception("Unexpected message - expected WSC_Nack")
7629 dev
[0].request("WPS_CANCEL")
7630 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7631 dev
[0].wait_disconnected()
7633 def test_wps_ext_proto_m4_invalid_pad_value(dev
, apdev
):
7634 """WPS and invalid pad value in M4"""
7635 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7637 logger
.debug("Send M4 to STA")
7638 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7639 attrs
+= build_attr_msg_type(WPS_M4
)
7640 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7641 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7642 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7643 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7645 m
= hmac
.new(authkey
, data
, hashlib
.sha256
)
7646 kwa
= m
.digest()[0:8]
7647 data
+= build_wsc_attr(ATTR_KEY_WRAP_AUTH
, kwa
)
7649 aes
= AES
.new(keywrapkey
, AES
.MODE_CBC
, iv
)
7650 pad_len
= 16 - len(data
) % 16
7651 ps
= (pad_len
- 1) * struct
.pack('B', pad_len
) + struct
.pack('B', 255)
7653 wrapped
= aes
.encrypt(data
)
7654 attrs
+= build_wsc_attr(ATTR_ENCR_SETTINGS
, iv
+ wrapped
)
7656 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7657 m4
= build_eap_wsc(1, eap_id
, attrs
)
7658 send_wsc_msg(dev
[0], bssid
, m4
)
7659 eap_id
= (eap_id
+ 1) % 256
7661 logger
.debug("Receive M5 (NACK) from STA")
7662 msg
= get_wsc_msg(dev
[0])
7663 if msg
['wsc_opcode'] != WSC_NACK
:
7664 raise Exception("Unexpected message - expected WSC_Nack")
7666 dev
[0].request("WPS_CANCEL")
7667 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7668 dev
[0].wait_disconnected()
7670 def test_wps_ext_proto_m4_no_encr_settings(dev
, apdev
):
7671 """WPS and no Encr Settings in M4"""
7672 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s1
, m3
, authkey
, keywrapkey
= wps_to_m3(dev
, apdev
)
7674 logger
.debug("Send M4 to STA")
7675 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7676 attrs
+= build_attr_msg_type(WPS_M4
)
7677 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7678 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7679 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7680 attrs
+= build_attr_authenticator(authkey
, m3
, attrs
)
7681 m4
= build_eap_wsc(1, eap_id
, attrs
)
7682 send_wsc_msg(dev
[0], bssid
, m4
)
7683 eap_id
= (eap_id
+ 1) % 256
7685 logger
.debug("Receive M5 (NACK) from STA")
7686 msg
= get_wsc_msg(dev
[0])
7687 if msg
['wsc_opcode'] != WSC_NACK
:
7688 raise Exception("Unexpected message - expected WSC_Nack")
7690 dev
[0].request("WPS_CANCEL")
7691 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7692 dev
[0].wait_disconnected()
7694 def test_wps_ext_proto_m6_missing_r_snonce2(dev
, apdev
):
7695 """WPS and no R-SNonce2 in M6"""
7696 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7698 logger
.debug("Send M6 to STA")
7699 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7700 attrs
+= build_attr_msg_type(WPS_M6
)
7701 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7702 #data = build_wsc_attr(ATTR_R_SNONCE2, r_s2)
7704 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7705 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7706 m6
= build_eap_wsc(1, eap_id
, attrs
)
7707 send_wsc_msg(dev
[0], bssid
, m6
)
7708 eap_id
= (eap_id
+ 1) % 256
7710 logger
.debug("Receive M7 (NACK) from STA")
7711 msg
= get_wsc_msg(dev
[0])
7712 if msg
['wsc_opcode'] != WSC_NACK
:
7713 raise Exception("Unexpected message - expected WSC_Nack")
7715 dev
[0].request("WPS_CANCEL")
7716 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7717 dev
[0].wait_disconnected()
7719 def test_wps_ext_proto_m6_no_encr_settings(dev
, apdev
):
7720 """WPS and no Encr Settings in M6"""
7721 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7723 logger
.debug("Send M6 to STA")
7724 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7725 attrs
+= build_attr_msg_type(WPS_M6
)
7726 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7727 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7728 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
7729 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7730 m6
= build_eap_wsc(1, eap_id
, attrs
)
7731 send_wsc_msg(dev
[0], bssid
, m6
)
7732 eap_id
= (eap_id
+ 1) % 256
7734 logger
.debug("Receive M7 (NACK) from STA")
7735 msg
= get_wsc_msg(dev
[0])
7736 if msg
['wsc_opcode'] != WSC_NACK
:
7737 raise Exception("Unexpected message - expected WSC_Nack")
7739 dev
[0].request("WPS_CANCEL")
7740 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7741 dev
[0].wait_disconnected()
7743 def test_wps_ext_proto_m8_no_encr_settings(dev
, apdev
):
7744 """WPS and no Encr Settings in M6"""
7745 eap_id
, e_nonce
, r_nonce
, bssid
, r_hash1
, r_hash2
, r_s2
, m5
, authkey
, keywrapkey
= wps_to_m5(dev
, apdev
)
7747 logger
.debug("Send M6 to STA")
7748 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7749 attrs
+= build_attr_msg_type(WPS_M6
)
7750 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7751 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7752 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7753 attrs
+= build_attr_authenticator(authkey
, m5
, attrs
)
7754 raw_m6_attrs
= attrs
7755 m6
= build_eap_wsc(1, eap_id
, attrs
)
7756 send_wsc_msg(dev
[0], bssid
, m6
)
7757 eap_id
= (eap_id
+ 1) % 256
7759 logger
.debug("Receive M7 from STA")
7760 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(dev
[0], WSC_MSG
, WPS_M7
)
7762 logger
.debug("Send M8 to STA")
7763 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7764 attrs
+= build_attr_msg_type(WPS_M8
)
7765 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7766 #attrs += build_attr_encr_settings(authkey, keywrapkey, m8_cred)
7767 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7768 raw_m8_attrs
= attrs
7769 m8
= build_eap_wsc(1, eap_id
, attrs
)
7770 send_wsc_msg(dev
[0], bssid
, m8
)
7772 logger
.debug("Receive WSC_Done (NACK) from STA")
7773 msg
= get_wsc_msg(dev
[0])
7774 if msg
['wsc_opcode'] != WSC_NACK
:
7775 raise Exception("Unexpected message - expected WSC_Nack")
7777 dev
[0].request("WPS_CANCEL")
7778 send_wsc_msg(dev
[0], bssid
, build_eap_failure(eap_id
))
7779 dev
[0].wait_disconnected()
7781 def wps_start_ext_reg(apdev
, dev
):
7782 addr
= dev
.own_addr()
7783 bssid
= apdev
['bssid']
7784 ssid
= "test-wps-conf"
7786 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
7787 "wpa_passphrase": "12345678", "wpa": "2",
7788 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
7790 hapd
= hostapd
.add_ap(apdev
, params
)
7792 dev
.scan_for_bss(bssid
, freq
="2412")
7793 hapd
.request("SET ext_eapol_frame_io 1")
7794 dev
.request("SET ext_eapol_frame_io 1")
7796 dev
.request("WPS_REG " + bssid
+ " " + appin
)
7798 return addr
, bssid
, hapd
7800 def wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, success
):
7801 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7802 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7803 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7805 logger
.debug("Receive M1 from AP")
7806 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7807 mac_addr
= m1_attrs
[ATTR_MAC_ADDR
]
7808 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7809 e_pk
= m1_attrs
[ATTR_PUBLIC_KEY
]
7813 r_nonce
= 16*b
'\x44'
7814 own_private
, r_pk
= wsc_dh_init()
7815 authkey
, keywrapkey
= wsc_dh_kdf(e_pk
, own_private
, mac_addr
, e_nonce
,
7817 r_s1
, r_s2
, r_hash1
, r_hash2
= wsc_dev_pw_hash(authkey
, appin
, e_pk
, r_pk
)
7819 logger
.debug("Send M2 to AP")
7820 m2
, raw_m2_attrs
= build_m2(authkey
, raw_m1_attrs
, msg
['eap_identifier'],
7821 e_nonce
, r_nonce
, uuid_r
, r_pk
, eap_code
=2)
7822 send_wsc_msg(hapd
, addr
, m2
)
7824 logger
.debug("Receive M3 from AP")
7825 msg
, m3_attrs
, raw_m3_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M3
)
7827 logger
.debug("Send M4 to AP")
7828 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7829 attrs
+= build_attr_msg_type(WPS_M4
)
7830 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7831 attrs
+= build_wsc_attr(ATTR_R_HASH1
, r_hash1
)
7832 attrs
+= build_wsc_attr(ATTR_R_HASH2
, r_hash2
)
7833 data
= build_wsc_attr(ATTR_R_SNONCE1
, r_s1
)
7834 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7835 attrs
+= build_attr_authenticator(authkey
, raw_m3_attrs
, attrs
)
7836 raw_m4_attrs
= attrs
7837 m4
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7838 send_wsc_msg(hapd
, addr
, m4
)
7840 logger
.debug("Receive M5 from AP")
7841 msg
, m5_attrs
, raw_m5_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M5
)
7843 logger
.debug("Send M6 to STA")
7844 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7845 attrs
+= build_attr_msg_type(WPS_M6
)
7846 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7847 data
= build_wsc_attr(ATTR_R_SNONCE2
, r_s2
)
7848 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
7849 attrs
+= build_attr_authenticator(authkey
, raw_m5_attrs
, attrs
)
7850 raw_m6_attrs
= attrs
7851 m6
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7852 send_wsc_msg(hapd
, addr
, m6
)
7854 logger
.debug("Receive M7 from AP")
7855 msg
, m7_attrs
, raw_m7_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M7
)
7857 logger
.debug("Send M8 to STA")
7858 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
7859 attrs
+= build_attr_msg_type(WPS_M8
)
7860 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
7862 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, ap_settings
)
7863 attrs
+= build_attr_authenticator(authkey
, raw_m7_attrs
, attrs
)
7864 raw_m8_attrs
= attrs
7865 m8
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
7866 send_wsc_msg(hapd
, addr
, m8
)
7869 ev
= hapd
.wait_event(["WPS-NEW-AP-SETTINGS"], timeout
=5)
7871 raise Exception("New AP settings not reported")
7872 logger
.debug("Receive WSC_Done from AP")
7873 msg
= get_wsc_msg(hapd
)
7874 if msg
['wsc_opcode'] != WSC_Done
:
7875 raise Exception("Unexpected message - expected WSC_Done")
7877 logger
.debug("Send WSC_ACK to AP")
7878 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7880 send_wsc_msg(hapd
, addr
, ack
)
7881 dev
[0].wait_disconnected()
7883 ev
= hapd
.wait_event(["WPS-FAIL"], timeout
=5)
7885 raise Exception("WPS failure not reported")
7886 logger
.debug("Receive WSC_NACK from AP")
7887 msg
= get_wsc_msg(hapd
)
7888 if msg
['wsc_opcode'] != WSC_NACK
:
7889 raise Exception("Unexpected message - expected WSC_NACK")
7891 logger
.debug("Send WSC_NACK to AP")
7892 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7894 send_wsc_msg(hapd
, addr
, nack
)
7895 dev
[0].wait_disconnected()
7897 def test_wps_ext_ap_settings_success(dev
, apdev
):
7898 """WPS and AP Settings: success"""
7899 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7900 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7901 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7902 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7903 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7904 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7905 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7908 def test_wps_ext_ap_settings_missing(dev
, apdev
):
7909 """WPS and AP Settings: missing"""
7910 wps_run_ap_settings_proto(dev
, apdev
, None, False)
7913 def test_wps_ext_ap_settings_mac_addr_mismatch(dev
, apdev
):
7914 """WPS and AP Settings: MAC Address mismatch"""
7915 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7916 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7917 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7918 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7919 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7920 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, '\x00\x00\x00\x00\x00\x00')
7921 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, True)
7924 def test_wps_ext_ap_settings_mac_addr_missing(dev
, apdev
):
7925 """WPS and AP Settings: missing MAC Address"""
7926 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7927 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7928 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7929 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x01')
7930 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7931 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7934 def test_wps_ext_ap_settings_reject_encr_type(dev
, apdev
):
7935 """WPS and AP Settings: reject Encr Type"""
7936 ap_settings
= build_wsc_attr(ATTR_NETWORK_INDEX
, '\x01')
7937 ap_settings
+= build_wsc_attr(ATTR_SSID
, "test")
7938 ap_settings
+= build_wsc_attr(ATTR_AUTH_TYPE
, '\x00\x01')
7939 ap_settings
+= build_wsc_attr(ATTR_ENCR_TYPE
, '\x00\x00')
7940 ap_settings
+= build_wsc_attr(ATTR_NETWORK_KEY
, '')
7941 ap_settings
+= build_wsc_attr(ATTR_MAC_ADDR
, binascii
.unhexlify(apdev
[0]['bssid'].replace(':', '')))
7942 wps_run_ap_settings_proto(dev
, apdev
, ap_settings
, False)
7945 def test_wps_ext_ap_settings_m2d(dev
, apdev
):
7946 """WPS and AP Settings: M2D"""
7947 addr
, bssid
, hapd
= wps_start_ext_reg(apdev
[0], dev
[0])
7948 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7949 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7951 logger
.debug("Receive M1 from AP")
7952 msg
, m1_attrs
, raw_m1_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M1
)
7953 e_nonce
= m1_attrs
[ATTR_ENROLLEE_NONCE
]
7958 logger
.debug("Send M2D to AP")
7959 m2d
, raw_m2d_attrs
= build_m2d(raw_m1_attrs
, msg
['eap_identifier'],
7960 e_nonce
, r_nonce
, uuid_r
,
7961 dev_pw_id
='\x00\x00', eap_code
=2)
7962 send_wsc_msg(hapd
, addr
, m2d
)
7964 ev
= hapd
.wait_event(["WPS-M2D"], timeout
=5)
7966 raise Exception("M2D not reported")
7968 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
7970 def wps_wait_ap_nack(hapd
, dev
, e_nonce
, r_nonce
):
7971 logger
.debug("Receive WSC_NACK from AP")
7972 msg
= get_wsc_msg(hapd
)
7973 if msg
['wsc_opcode'] != WSC_NACK
:
7974 raise Exception("Unexpected message - expected WSC_NACK")
7976 logger
.debug("Send WSC_NACK to AP")
7977 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
7979 send_wsc_msg(hapd
, dev
.own_addr(), nack
)
7980 dev
.wait_disconnected()
7983 def test_wps_ext_m3_missing_e_hash1(dev
, apdev
):
7984 """WPS proto: M3 missing E-Hash1"""
7986 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
7987 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
7988 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
7990 logger
.debug("Receive WSC/Start from AP")
7991 msg
= get_wsc_msg(hapd
)
7992 if msg
['wsc_opcode'] != WSC_Start
:
7993 raise Exception("Unexpected Op-Code for WSC/Start")
7995 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
7997 e_nonce
= 16*b
'\x22'
7998 own_private
, e_pk
= wsc_dh_init()
8000 logger
.debug("Send M1 to AP")
8001 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8003 send_wsc_msg(hapd
, addr
, m1
)
8005 logger
.debug("Receive M2 from AP")
8006 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8007 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8008 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8010 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8012 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8014 logger
.debug("Send M3 to AP")
8015 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8016 attrs
+= build_attr_msg_type(WPS_M3
)
8017 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8018 #attrs += build_wsc_attr(ATTR_E_HASH1, e_hash1)
8019 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8020 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8021 raw_m3_attrs
= attrs
8022 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8023 send_wsc_msg(hapd
, addr
, m3
)
8025 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8028 def test_wps_ext_m3_missing_e_hash2(dev
, apdev
):
8029 """WPS proto: M3 missing E-Hash2"""
8031 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8032 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8033 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8035 logger
.debug("Receive WSC/Start from AP")
8036 msg
= get_wsc_msg(hapd
)
8037 if msg
['wsc_opcode'] != WSC_Start
:
8038 raise Exception("Unexpected Op-Code for WSC/Start")
8040 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8042 e_nonce
= 16*b
'\x22'
8043 own_private
, e_pk
= wsc_dh_init()
8045 logger
.debug("Send M1 to AP")
8046 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8048 send_wsc_msg(hapd
, addr
, m1
)
8050 logger
.debug("Receive M2 from AP")
8051 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8052 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8053 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8055 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8057 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8059 logger
.debug("Send M3 to AP")
8060 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8061 attrs
+= build_attr_msg_type(WPS_M3
)
8062 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8063 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8064 #attrs += build_wsc_attr(ATTR_E_HASH2, e_hash2)
8065 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8066 raw_m3_attrs
= attrs
8067 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8068 send_wsc_msg(hapd
, addr
, m3
)
8070 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8073 def test_wps_ext_m5_missing_e_snonce1(dev
, apdev
):
8074 """WPS proto: M5 missing E-SNonce1"""
8076 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8077 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8078 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8080 logger
.debug("Receive WSC/Start from AP")
8081 msg
= get_wsc_msg(hapd
)
8082 if msg
['wsc_opcode'] != WSC_Start
:
8083 raise Exception("Unexpected Op-Code for WSC/Start")
8085 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8087 e_nonce
= 16*b
'\x22'
8088 own_private
, e_pk
= wsc_dh_init()
8090 logger
.debug("Send M1 to AP")
8091 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8093 send_wsc_msg(hapd
, addr
, m1
)
8095 logger
.debug("Receive M2 from AP")
8096 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8097 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8098 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8100 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8102 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8104 logger
.debug("Send M3 to AP")
8105 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8106 attrs
+= build_attr_msg_type(WPS_M3
)
8107 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8108 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8109 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8110 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8111 raw_m3_attrs
= attrs
8112 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8113 send_wsc_msg(hapd
, addr
, m3
)
8115 logger
.debug("Receive M4 from AP")
8116 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8118 logger
.debug("Send M5 to AP")
8119 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8120 attrs
+= build_attr_msg_type(WPS_M5
)
8121 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8122 #data = build_wsc_attr(ATTR_E_SNONCE1, e_s1)
8124 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8125 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8126 raw_m5_attrs
= attrs
8127 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8128 send_wsc_msg(hapd
, addr
, m5
)
8130 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8133 def test_wps_ext_m5_e_snonce1_mismatch(dev
, apdev
):
8134 """WPS proto: M5 E-SNonce1 mismatch"""
8136 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8137 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8138 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8140 logger
.debug("Receive WSC/Start from AP")
8141 msg
= get_wsc_msg(hapd
)
8142 if msg
['wsc_opcode'] != WSC_Start
:
8143 raise Exception("Unexpected Op-Code for WSC/Start")
8145 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8147 e_nonce
= 16*b
'\x22'
8148 own_private
, e_pk
= wsc_dh_init()
8150 logger
.debug("Send M1 to AP")
8151 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8153 send_wsc_msg(hapd
, addr
, m1
)
8155 logger
.debug("Receive M2 from AP")
8156 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8157 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8158 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8160 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8162 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8164 logger
.debug("Send M3 to AP")
8165 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8166 attrs
+= build_attr_msg_type(WPS_M3
)
8167 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8168 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8169 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8170 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8171 raw_m3_attrs
= attrs
8172 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8173 send_wsc_msg(hapd
, addr
, m3
)
8175 logger
.debug("Receive M4 from AP")
8176 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8178 logger
.debug("Send M5 to AP")
8179 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8180 attrs
+= build_attr_msg_type(WPS_M5
)
8181 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8182 data
= build_wsc_attr(ATTR_E_SNONCE1
, 16*'\x00')
8183 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8184 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8185 raw_m5_attrs
= attrs
8186 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8187 send_wsc_msg(hapd
, addr
, m5
)
8189 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8191 def test_wps_ext_m7_missing_e_snonce2(dev
, apdev
):
8192 """WPS proto: M7 missing E-SNonce2"""
8194 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8195 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8196 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8198 logger
.debug("Receive WSC/Start from AP")
8199 msg
= get_wsc_msg(hapd
)
8200 if msg
['wsc_opcode'] != WSC_Start
:
8201 raise Exception("Unexpected Op-Code for WSC/Start")
8203 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8205 e_nonce
= 16*b
'\x22'
8206 own_private
, e_pk
= wsc_dh_init()
8208 logger
.debug("Send M1 to AP")
8209 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8211 send_wsc_msg(hapd
, addr
, m1
)
8213 logger
.debug("Receive M2 from AP")
8214 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8215 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8216 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8218 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8220 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8222 logger
.debug("Send M3 to AP")
8223 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8224 attrs
+= build_attr_msg_type(WPS_M3
)
8225 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8226 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8227 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8228 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8229 raw_m3_attrs
= attrs
8230 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8231 send_wsc_msg(hapd
, addr
, m3
)
8233 logger
.debug("Receive M4 from AP")
8234 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8236 logger
.debug("Send M5 to AP")
8237 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8238 attrs
+= build_attr_msg_type(WPS_M5
)
8239 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8240 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8241 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8242 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8243 raw_m5_attrs
= attrs
8244 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8245 send_wsc_msg(hapd
, addr
, m5
)
8247 logger
.debug("Receive M6 from AP")
8248 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8250 logger
.debug("Send M7 to AP")
8251 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8252 attrs
+= build_attr_msg_type(WPS_M7
)
8253 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8254 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
8256 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8257 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8258 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8259 raw_m7_attrs
= attrs
8260 send_wsc_msg(hapd
, addr
, m7
)
8262 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8265 def test_wps_ext_m7_e_snonce2_mismatch(dev
, apdev
):
8266 """WPS proto: M7 E-SNonce2 mismatch"""
8268 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8269 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8270 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8272 logger
.debug("Receive WSC/Start from AP")
8273 msg
= get_wsc_msg(hapd
)
8274 if msg
['wsc_opcode'] != WSC_Start
:
8275 raise Exception("Unexpected Op-Code for WSC/Start")
8277 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8279 e_nonce
= 16*b
'\x22'
8280 own_private
, e_pk
= wsc_dh_init()
8282 logger
.debug("Send M1 to AP")
8283 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8285 send_wsc_msg(hapd
, addr
, m1
)
8287 logger
.debug("Receive M2 from AP")
8288 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8289 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8290 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8292 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8294 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8296 logger
.debug("Send M3 to AP")
8297 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8298 attrs
+= build_attr_msg_type(WPS_M3
)
8299 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8300 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8301 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8302 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8303 raw_m3_attrs
= attrs
8304 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8305 send_wsc_msg(hapd
, addr
, m3
)
8307 logger
.debug("Receive M4 from AP")
8308 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8310 logger
.debug("Send M5 to AP")
8311 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8312 attrs
+= build_attr_msg_type(WPS_M5
)
8313 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8314 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8315 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8316 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8317 raw_m5_attrs
= attrs
8318 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8319 send_wsc_msg(hapd
, addr
, m5
)
8321 logger
.debug("Receive M6 from AP")
8322 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
8324 logger
.debug("Send M7 to AP")
8325 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8326 attrs
+= build_attr_msg_type(WPS_M7
)
8327 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8328 data
= build_wsc_attr(ATTR_E_SNONCE2
, 16*'\x00')
8329 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8330 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
8331 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8332 raw_m7_attrs
= attrs
8333 send_wsc_msg(hapd
, addr
, m7
)
8335 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8338 def test_wps_ext_m1_pubkey_oom(dev
, apdev
):
8339 """WPS proto: M1 PubKey OOM"""
8341 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8342 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8343 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8345 logger
.debug("Receive WSC/Start from AP")
8346 msg
= get_wsc_msg(hapd
)
8347 if msg
['wsc_opcode'] != WSC_Start
:
8348 raise Exception("Unexpected Op-Code for WSC/Start")
8350 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8353 own_private
, e_pk
= wsc_dh_init()
8355 logger
.debug("Send M1 to AP")
8356 with
alloc_fail(hapd
, 1, "wpabuf_alloc_copy;wps_process_pubkey"):
8357 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8359 send_wsc_msg(hapd
, addr
, m1
)
8360 wps_wait_eap_failure(hapd
, dev
[0])
8362 def wps_wait_eap_failure(hapd
, dev
):
8363 ev
= hapd
.wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
8365 raise Exception("EAP-Failure not reported")
8366 dev
.wait_disconnected()
8369 def test_wps_ext_m3_m1(dev
, apdev
):
8370 """WPS proto: M3 replaced with M1"""
8372 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8373 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8374 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8376 logger
.debug("Receive WSC/Start from AP")
8377 msg
= get_wsc_msg(hapd
)
8378 if msg
['wsc_opcode'] != WSC_Start
:
8379 raise Exception("Unexpected Op-Code for WSC/Start")
8381 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8383 e_nonce
= 16*b
'\x22'
8384 own_private
, e_pk
= wsc_dh_init()
8386 logger
.debug("Send M1 to AP")
8387 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8389 send_wsc_msg(hapd
, addr
, m1
)
8391 logger
.debug("Receive M2 from AP")
8392 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8393 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8394 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8396 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8398 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8400 logger
.debug("Send M3(M1) to AP")
8401 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8402 attrs
+= build_attr_msg_type(WPS_M1
)
8403 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8404 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8405 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8406 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8407 raw_m3_attrs
= attrs
8408 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8409 send_wsc_msg(hapd
, addr
, m3
)
8411 wps_wait_eap_failure(hapd
, dev
[0])
8414 def test_wps_ext_m5_m3(dev
, apdev
):
8415 """WPS proto: M5 replaced with M3"""
8417 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8418 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8419 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8421 logger
.debug("Receive WSC/Start from AP")
8422 msg
= get_wsc_msg(hapd
)
8423 if msg
['wsc_opcode'] != WSC_Start
:
8424 raise Exception("Unexpected Op-Code for WSC/Start")
8426 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8428 e_nonce
= 16*b
'\x22'
8429 own_private
, e_pk
= wsc_dh_init()
8431 logger
.debug("Send M1 to AP")
8432 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8434 send_wsc_msg(hapd
, addr
, m1
)
8436 logger
.debug("Receive M2 from AP")
8437 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8438 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8439 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8441 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8443 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8445 logger
.debug("Send M3 to AP")
8446 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8447 attrs
+= build_attr_msg_type(WPS_M3
)
8448 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8449 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8450 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8451 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8452 raw_m3_attrs
= attrs
8453 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8454 send_wsc_msg(hapd
, addr
, m3
)
8456 logger
.debug("Receive M4 from AP")
8457 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
8459 logger
.debug("Send M5(M3) to AP")
8460 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8461 attrs
+= build_attr_msg_type(WPS_M3
)
8462 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8463 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
8464 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
8465 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
8466 raw_m5_attrs
= attrs
8467 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8468 send_wsc_msg(hapd
, addr
, m5
)
8470 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8473 def test_wps_ext_m3_m2(dev
, apdev
):
8474 """WPS proto: M3 replaced with M2"""
8476 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8477 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8478 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8480 logger
.debug("Receive WSC/Start from AP")
8481 msg
= get_wsc_msg(hapd
)
8482 if msg
['wsc_opcode'] != WSC_Start
:
8483 raise Exception("Unexpected Op-Code for WSC/Start")
8485 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8487 e_nonce
= 16*b
'\x22'
8488 own_private
, e_pk
= wsc_dh_init()
8490 logger
.debug("Send M1 to AP")
8491 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8493 send_wsc_msg(hapd
, addr
, m1
)
8495 logger
.debug("Receive M2 from AP")
8496 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8497 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8498 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8500 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8502 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8504 logger
.debug("Send M3(M2) to AP")
8505 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8506 attrs
+= build_attr_msg_type(WPS_M2
)
8507 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8508 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8509 raw_m3_attrs
= attrs
8510 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8511 send_wsc_msg(hapd
, addr
, m3
)
8513 wps_wait_eap_failure(hapd
, dev
[0])
8516 def test_wps_ext_m3_m5(dev
, apdev
):
8517 """WPS proto: M3 replaced with M5"""
8519 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8520 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8521 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8523 logger
.debug("Receive WSC/Start from AP")
8524 msg
= get_wsc_msg(hapd
)
8525 if msg
['wsc_opcode'] != WSC_Start
:
8526 raise Exception("Unexpected Op-Code for WSC/Start")
8528 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8530 e_nonce
= 16*b
'\x22'
8531 own_private
, e_pk
= wsc_dh_init()
8533 logger
.debug("Send M1 to AP")
8534 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8536 send_wsc_msg(hapd
, addr
, m1
)
8538 logger
.debug("Receive M2 from AP")
8539 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8540 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8541 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8543 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8545 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8547 logger
.debug("Send M3(M5) to AP")
8548 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8549 attrs
+= build_attr_msg_type(WPS_M5
)
8550 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8551 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8552 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8553 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8554 raw_m3_attrs
= attrs
8555 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8556 send_wsc_msg(hapd
, addr
, m3
)
8558 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8561 def test_wps_ext_m3_m7(dev
, apdev
):
8562 """WPS proto: M3 replaced with M7"""
8564 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8565 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8566 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8568 logger
.debug("Receive WSC/Start from AP")
8569 msg
= get_wsc_msg(hapd
)
8570 if msg
['wsc_opcode'] != WSC_Start
:
8571 raise Exception("Unexpected Op-Code for WSC/Start")
8573 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8575 e_nonce
= 16*b
'\x22'
8576 own_private
, e_pk
= wsc_dh_init()
8578 logger
.debug("Send M1 to AP")
8579 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8581 send_wsc_msg(hapd
, addr
, m1
)
8583 logger
.debug("Receive M2 from AP")
8584 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8585 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8586 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8588 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8590 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8592 logger
.debug("Send M3(M7) to AP")
8593 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8594 attrs
+= build_attr_msg_type(WPS_M7
)
8595 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
8596 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
8597 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
8598 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8599 raw_m3_attrs
= attrs
8600 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
8601 send_wsc_msg(hapd
, addr
, m3
)
8603 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
8606 def test_wps_ext_m3_done(dev
, apdev
):
8607 """WPS proto: M3 replaced with WSC_Done"""
8609 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8610 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8611 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8613 logger
.debug("Receive WSC/Start from AP")
8614 msg
= get_wsc_msg(hapd
)
8615 if msg
['wsc_opcode'] != WSC_Start
:
8616 raise Exception("Unexpected Op-Code for WSC/Start")
8618 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8620 e_nonce
= 16*b
'\x22'
8621 own_private
, e_pk
= wsc_dh_init()
8623 logger
.debug("Send M1 to AP")
8624 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8626 send_wsc_msg(hapd
, addr
, m1
)
8628 logger
.debug("Receive M2 from AP")
8629 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8630 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8631 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8633 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8635 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8637 logger
.debug("Send M3(WSC_Done) to AP")
8638 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
8639 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
8640 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
8641 raw_m3_attrs
= attrs
8642 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
8643 send_wsc_msg(hapd
, addr
, m3
)
8645 wps_wait_eap_failure(hapd
, dev
[0])
8648 def test_wps_ext_m2_nack_invalid(dev
, apdev
):
8649 """WPS proto: M2 followed by invalid NACK"""
8651 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8652 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8653 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8655 logger
.debug("Receive WSC/Start from AP")
8656 msg
= get_wsc_msg(hapd
)
8657 if msg
['wsc_opcode'] != WSC_Start
:
8658 raise Exception("Unexpected Op-Code for WSC/Start")
8660 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8662 e_nonce
= 16*b
'\x22'
8663 own_private
, e_pk
= wsc_dh_init()
8665 logger
.debug("Send M1 to AP")
8666 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8668 send_wsc_msg(hapd
, addr
, m1
)
8670 logger
.debug("Receive M2 from AP")
8671 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8672 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8673 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8675 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8677 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8679 logger
.debug("Send WSC_NACK to AP")
8680 attrs
= b
'\x10\x00\x00'
8681 nack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_NACK
)
8682 send_wsc_msg(hapd
, addr
, nack
)
8684 wps_wait_eap_failure(hapd
, dev
[0])
8687 def test_wps_ext_m2_nack_no_msg_type(dev
, apdev
):
8688 """WPS proto: M2 followed by NACK without Msg Type"""
8690 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8691 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8692 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8694 logger
.debug("Receive WSC/Start from AP")
8695 msg
= get_wsc_msg(hapd
)
8696 if msg
['wsc_opcode'] != WSC_Start
:
8697 raise Exception("Unexpected Op-Code for WSC/Start")
8699 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8701 e_nonce
= 16*b
'\x22'
8702 own_private
, e_pk
= wsc_dh_init()
8704 logger
.debug("Send M1 to AP")
8705 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8707 send_wsc_msg(hapd
, addr
, m1
)
8709 logger
.debug("Receive M2 from AP")
8710 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8711 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8712 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8714 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8716 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8718 logger
.debug("Send WSC_NACK to AP")
8719 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8720 msg_type
=None, eap_code
=2)
8721 send_wsc_msg(hapd
, addr
, nack
)
8723 wps_wait_eap_failure(hapd
, dev
[0])
8726 def test_wps_ext_m2_nack_invalid_msg_type(dev
, apdev
):
8727 """WPS proto: M2 followed by NACK with invalid Msg Type"""
8729 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8730 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8731 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8733 logger
.debug("Receive WSC/Start from AP")
8734 msg
= get_wsc_msg(hapd
)
8735 if msg
['wsc_opcode'] != WSC_Start
:
8736 raise Exception("Unexpected Op-Code for WSC/Start")
8738 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8740 e_nonce
= 16*b
'\x22'
8741 own_private
, e_pk
= wsc_dh_init()
8743 logger
.debug("Send M1 to AP")
8744 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8746 send_wsc_msg(hapd
, addr
, m1
)
8748 logger
.debug("Receive M2 from AP")
8749 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8750 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8751 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8753 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8755 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8757 logger
.debug("Send WSC_NACK to AP")
8758 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8759 msg_type
=WPS_WSC_ACK
, eap_code
=2)
8760 send_wsc_msg(hapd
, addr
, nack
)
8762 wps_wait_eap_failure(hapd
, dev
[0])
8765 def test_wps_ext_m2_nack_e_nonce_mismatch(dev
, apdev
):
8766 """WPS proto: M2 followed by NACK with e-nonce mismatch"""
8768 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8769 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8770 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8772 logger
.debug("Receive WSC/Start from AP")
8773 msg
= get_wsc_msg(hapd
)
8774 if msg
['wsc_opcode'] != WSC_Start
:
8775 raise Exception("Unexpected Op-Code for WSC/Start")
8777 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8779 e_nonce
= 16*b
'\x22'
8780 own_private
, e_pk
= wsc_dh_init()
8782 logger
.debug("Send M1 to AP")
8783 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8785 send_wsc_msg(hapd
, addr
, m1
)
8787 logger
.debug("Receive M2 from AP")
8788 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8789 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8790 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8792 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8794 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8796 logger
.debug("Send WSC_NACK to AP")
8797 nack
, attrs
= build_nack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
8799 send_wsc_msg(hapd
, addr
, nack
)
8801 wps_wait_eap_failure(hapd
, dev
[0])
8804 def test_wps_ext_m2_nack_no_config_error(dev
, apdev
):
8805 """WPS proto: M2 followed by NACK without Config Error"""
8807 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8808 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8809 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8811 logger
.debug("Receive WSC/Start from AP")
8812 msg
= get_wsc_msg(hapd
)
8813 if msg
['wsc_opcode'] != WSC_Start
:
8814 raise Exception("Unexpected Op-Code for WSC/Start")
8816 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8818 e_nonce
= 16*b
'\x22'
8819 own_private
, e_pk
= wsc_dh_init()
8821 logger
.debug("Send M1 to AP")
8822 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8824 send_wsc_msg(hapd
, addr
, m1
)
8826 logger
.debug("Receive M2 from AP")
8827 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8828 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8829 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8831 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8833 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8835 logger
.debug("Send WSC_NACK to AP")
8836 nack
, attrs
= build_nack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8837 config_error
=None, eap_code
=2)
8838 send_wsc_msg(hapd
, addr
, nack
)
8840 wps_wait_eap_failure(hapd
, dev
[0])
8843 def test_wps_ext_m2_ack_invalid(dev
, apdev
):
8844 """WPS proto: M2 followed by invalid ACK"""
8846 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8847 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8848 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8850 logger
.debug("Receive WSC/Start from AP")
8851 msg
= get_wsc_msg(hapd
)
8852 if msg
['wsc_opcode'] != WSC_Start
:
8853 raise Exception("Unexpected Op-Code for WSC/Start")
8855 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8857 e_nonce
= 16*b
'\x22'
8858 own_private
, e_pk
= wsc_dh_init()
8860 logger
.debug("Send M1 to AP")
8861 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8863 send_wsc_msg(hapd
, addr
, m1
)
8865 logger
.debug("Receive M2 from AP")
8866 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8867 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8868 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8870 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8872 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8874 logger
.debug("Send WSC_ACK to AP")
8875 attrs
= b
'\x10\x00\x00'
8876 ack
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_ACK
)
8877 send_wsc_msg(hapd
, addr
, ack
)
8879 wps_wait_eap_failure(hapd
, dev
[0])
8882 def test_wps_ext_m2_ack(dev
, apdev
):
8883 """WPS proto: M2 followed by ACK"""
8885 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8886 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8887 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8889 logger
.debug("Receive WSC/Start from AP")
8890 msg
= get_wsc_msg(hapd
)
8891 if msg
['wsc_opcode'] != WSC_Start
:
8892 raise Exception("Unexpected Op-Code for WSC/Start")
8894 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8896 e_nonce
= 16*b
'\x22'
8897 own_private
, e_pk
= wsc_dh_init()
8899 logger
.debug("Send M1 to AP")
8900 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8902 send_wsc_msg(hapd
, addr
, m1
)
8904 logger
.debug("Receive M2 from AP")
8905 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8906 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8907 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8909 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8911 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8913 logger
.debug("Send WSC_ACK to AP")
8914 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
, eap_code
=2)
8915 send_wsc_msg(hapd
, addr
, ack
)
8917 wps_wait_eap_failure(hapd
, dev
[0])
8920 def test_wps_ext_m2_ack_no_msg_type(dev
, apdev
):
8921 """WPS proto: M2 followed by ACK missing Msg Type"""
8923 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8924 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8925 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8927 logger
.debug("Receive WSC/Start from AP")
8928 msg
= get_wsc_msg(hapd
)
8929 if msg
['wsc_opcode'] != WSC_Start
:
8930 raise Exception("Unexpected Op-Code for WSC/Start")
8932 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8934 e_nonce
= 16*b
'\x22'
8935 own_private
, e_pk
= wsc_dh_init()
8937 logger
.debug("Send M1 to AP")
8938 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8940 send_wsc_msg(hapd
, addr
, m1
)
8942 logger
.debug("Receive M2 from AP")
8943 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8944 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8945 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8947 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8949 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8951 logger
.debug("Send WSC_ACK to AP")
8952 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8953 msg_type
=None, eap_code
=2)
8954 send_wsc_msg(hapd
, addr
, ack
)
8956 wps_wait_eap_failure(hapd
, dev
[0])
8959 def test_wps_ext_m2_ack_invalid_msg_type(dev
, apdev
):
8960 """WPS proto: M2 followed by ACK with invalid Msg Type"""
8962 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
8963 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
8964 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
8966 logger
.debug("Receive WSC/Start from AP")
8967 msg
= get_wsc_msg(hapd
)
8968 if msg
['wsc_opcode'] != WSC_Start
:
8969 raise Exception("Unexpected Op-Code for WSC/Start")
8971 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
8973 e_nonce
= 16*b
'\x22'
8974 own_private
, e_pk
= wsc_dh_init()
8976 logger
.debug("Send M1 to AP")
8977 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
8979 send_wsc_msg(hapd
, addr
, m1
)
8981 logger
.debug("Receive M2 from AP")
8982 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
8983 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
8984 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
8986 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
8988 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
8990 logger
.debug("Send WSC_ACK to AP")
8991 ack
, attrs
= build_ack(msg
['eap_identifier'], e_nonce
, r_nonce
,
8992 msg_type
=WPS_WSC_NACK
, eap_code
=2)
8993 send_wsc_msg(hapd
, addr
, ack
)
8995 wps_wait_eap_failure(hapd
, dev
[0])
8998 def test_wps_ext_m2_ack_e_nonce_mismatch(dev
, apdev
):
8999 """WPS proto: M2 followed by ACK with e-nonce mismatch"""
9001 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9002 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9003 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9005 logger
.debug("Receive WSC/Start from AP")
9006 msg
= get_wsc_msg(hapd
)
9007 if msg
['wsc_opcode'] != WSC_Start
:
9008 raise Exception("Unexpected Op-Code for WSC/Start")
9010 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9012 e_nonce
= 16*b
'\x22'
9013 own_private
, e_pk
= wsc_dh_init()
9015 logger
.debug("Send M1 to AP")
9016 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9018 send_wsc_msg(hapd
, addr
, m1
)
9020 logger
.debug("Receive M2 from AP")
9021 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9022 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9023 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9025 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9027 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9029 logger
.debug("Send WSC_ACK to AP")
9030 ack
, attrs
= build_ack(msg
['eap_identifier'], 16*b
'\x00', r_nonce
,
9032 send_wsc_msg(hapd
, addr
, ack
)
9034 wps_wait_eap_failure(hapd
, dev
[0])
9037 def test_wps_ext_m1_invalid(dev
, apdev
):
9038 """WPS proto: M1 failing parsing"""
9040 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9041 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9042 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9044 logger
.debug("Receive WSC/Start from AP")
9045 msg
= get_wsc_msg(hapd
)
9046 if msg
['wsc_opcode'] != WSC_Start
:
9047 raise Exception("Unexpected Op-Code for WSC/Start")
9049 logger
.debug("Send M1 to AP")
9050 attrs
= b
'\x10\x00\x00'
9051 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9052 send_wsc_msg(hapd
, addr
, m1
)
9054 wps_wait_eap_failure(hapd
, dev
[0])
9056 def test_wps_ext_m1_missing_msg_type(dev
, apdev
):
9057 """WPS proto: M1 missing Msg Type"""
9059 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9060 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9061 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9063 logger
.debug("Receive WSC/Start from AP")
9064 msg
= get_wsc_msg(hapd
)
9065 if msg
['wsc_opcode'] != WSC_Start
:
9066 raise Exception("Unexpected Op-Code for WSC/Start")
9068 logger
.debug("Send M1 to AP")
9069 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9070 m1
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9071 send_wsc_msg(hapd
, addr
, m1
)
9073 wps_wait_ap_nack(hapd
, dev
[0], 16*b
'\x00', 16*b
'\x00')
9075 def wps_ext_wsc_done(dev
, apdev
):
9077 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9078 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9079 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9081 logger
.debug("Receive WSC/Start from AP")
9082 msg
= get_wsc_msg(hapd
)
9083 if msg
['wsc_opcode'] != WSC_Start
:
9084 raise Exception("Unexpected Op-Code for WSC/Start")
9086 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9088 e_nonce
= 16*b
'\x22'
9089 own_private
, e_pk
= wsc_dh_init()
9091 logger
.debug("Send M1 to AP")
9092 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9094 send_wsc_msg(hapd
, addr
, m1
)
9096 logger
.debug("Receive M2 from AP")
9097 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9098 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9099 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9101 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9103 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9105 logger
.debug("Send M3 to AP")
9106 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9107 attrs
+= build_attr_msg_type(WPS_M3
)
9108 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9109 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9110 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9111 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9112 raw_m3_attrs
= attrs
9113 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9114 send_wsc_msg(hapd
, addr
, m3
)
9116 logger
.debug("Receive M4 from AP")
9117 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9119 logger
.debug("Send M5 to AP")
9120 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9121 attrs
+= build_attr_msg_type(WPS_M5
)
9122 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9123 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9124 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9125 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9126 raw_m5_attrs
= attrs
9127 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9128 send_wsc_msg(hapd
, addr
, m5
)
9130 logger
.debug("Receive M6 from AP")
9131 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9133 logger
.debug("Send M7 to AP")
9134 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9135 attrs
+= build_attr_msg_type(WPS_M7
)
9136 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9137 data
= build_wsc_attr(ATTR_E_SNONCE2
, e_s2
)
9138 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9139 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9140 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9141 raw_m7_attrs
= attrs
9142 send_wsc_msg(hapd
, addr
, m7
)
9144 logger
.debug("Receive M8 from AP")
9145 msg
, m8_attrs
, raw_m8_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M8
)
9146 return hapd
, msg
, e_nonce
, r_nonce
9149 def test_wps_ext_wsc_done_invalid(dev
, apdev
):
9150 """WPS proto: invalid WSC_Done"""
9151 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9153 logger
.debug("Send WSC_Done to AP")
9154 attrs
= b
'\x10\x00\x00'
9155 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9156 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9158 wps_wait_eap_failure(hapd
, dev
[0])
9161 def test_wps_ext_wsc_done_no_msg_type(dev
, apdev
):
9162 """WPS proto: invalid WSC_Done"""
9163 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9165 logger
.debug("Send WSC_Done to AP")
9166 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9167 #attrs += build_attr_msg_type(WPS_WSC_DONE)
9168 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9169 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9170 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9171 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9173 wps_wait_eap_failure(hapd
, dev
[0])
9176 def test_wps_ext_wsc_done_wrong_msg_type(dev
, apdev
):
9177 """WPS proto: WSC_Done with wrong Msg Type"""
9178 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9180 logger
.debug("Send WSC_Done to AP")
9181 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9182 attrs
+= build_attr_msg_type(WPS_WSC_ACK
)
9183 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9184 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9185 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9186 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9188 wps_wait_eap_failure(hapd
, dev
[0])
9191 def test_wps_ext_wsc_done_no_e_nonce(dev
, apdev
):
9192 """WPS proto: WSC_Done without e_nonce"""
9193 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9195 logger
.debug("Send WSC_Done to AP")
9196 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9197 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9198 #attrs += build_wsc_attr(ATTR_ENROLLEE_NONCE, e_nonce)
9199 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9200 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9201 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9203 wps_wait_eap_failure(hapd
, dev
[0])
9205 def test_wps_ext_wsc_done_no_r_nonce(dev
, apdev
):
9206 """WPS proto: WSC_Done without r_nonce"""
9207 hapd
, msg
, e_nonce
, r_nonce
= wps_ext_wsc_done(dev
, apdev
)
9209 logger
.debug("Send WSC_Done to AP")
9210 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9211 attrs
+= build_attr_msg_type(WPS_WSC_DONE
)
9212 attrs
+= build_wsc_attr(ATTR_ENROLLEE_NONCE
, e_nonce
)
9213 #attrs += build_wsc_attr(ATTR_REGISTRAR_NONCE, r_nonce)
9214 wsc_done
= build_eap_wsc(2, msg
['eap_identifier'], attrs
, opcode
=WSC_Done
)
9215 send_wsc_msg(hapd
, dev
[0].own_addr(), wsc_done
)
9217 wps_wait_eap_failure(hapd
, dev
[0])
9220 def test_wps_ext_m7_no_encr_settings(dev
, apdev
):
9221 """WPS proto: M7 without Encr Settings"""
9223 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9224 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9225 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9227 logger
.debug("Receive WSC/Start from AP")
9228 msg
= get_wsc_msg(hapd
)
9229 if msg
['wsc_opcode'] != WSC_Start
:
9230 raise Exception("Unexpected Op-Code for WSC/Start")
9232 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9234 e_nonce
= 16*b
'\x22'
9235 own_private
, e_pk
= wsc_dh_init()
9237 logger
.debug("Send M1 to AP")
9238 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9240 send_wsc_msg(hapd
, addr
, m1
)
9242 logger
.debug("Receive M2 from AP")
9243 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9244 r_nonce
= m2_attrs
[ATTR_REGISTRAR_NONCE
]
9245 r_pk
= m2_attrs
[ATTR_PUBLIC_KEY
]
9247 authkey
, keywrapkey
= wsc_dh_kdf(r_pk
, own_private
, mac_addr
, e_nonce
,
9249 e_s1
, e_s2
, e_hash1
, e_hash2
= wsc_dev_pw_hash(authkey
, pin
, e_pk
, r_pk
)
9251 logger
.debug("Send M3 to AP")
9252 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9253 attrs
+= build_attr_msg_type(WPS_M3
)
9254 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9255 attrs
+= build_wsc_attr(ATTR_E_HASH1
, e_hash1
)
9256 attrs
+= build_wsc_attr(ATTR_E_HASH2
, e_hash2
)
9257 attrs
+= build_attr_authenticator(authkey
, raw_m2_attrs
, attrs
)
9258 raw_m3_attrs
= attrs
9259 m3
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9260 send_wsc_msg(hapd
, addr
, m3
)
9262 logger
.debug("Receive M4 from AP")
9263 msg
, m4_attrs
, raw_m4_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M4
)
9265 logger
.debug("Send M5 to AP")
9266 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9267 attrs
+= build_attr_msg_type(WPS_M5
)
9268 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9269 data
= build_wsc_attr(ATTR_E_SNONCE1
, e_s1
)
9270 attrs
+= build_attr_encr_settings(authkey
, keywrapkey
, data
)
9271 attrs
+= build_attr_authenticator(authkey
, raw_m4_attrs
, attrs
)
9272 raw_m5_attrs
= attrs
9273 m5
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9274 send_wsc_msg(hapd
, addr
, m5
)
9276 logger
.debug("Receive M6 from AP")
9277 msg
, m6_attrs
, raw_m6_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M6
)
9279 logger
.debug("Send M7 to AP")
9280 attrs
= build_wsc_attr(ATTR_VERSION
, '\x10')
9281 attrs
+= build_attr_msg_type(WPS_M7
)
9282 attrs
+= build_wsc_attr(ATTR_REGISTRAR_NONCE
, r_nonce
)
9283 #data = build_wsc_attr(ATTR_E_SNONCE2, e_s2)
9284 #attrs += build_attr_encr_settings(authkey, keywrapkey, data)
9285 attrs
+= build_attr_authenticator(authkey
, raw_m6_attrs
, attrs
)
9286 m7
= build_eap_wsc(2, msg
['eap_identifier'], attrs
)
9287 raw_m7_attrs
= attrs
9288 send_wsc_msg(hapd
, addr
, m7
)
9290 wps_wait_ap_nack(hapd
, dev
[0], e_nonce
, r_nonce
)
9293 def test_wps_ext_m1_workaround(dev
, apdev
):
9294 """WPS proto: M1 Manufacturer/Model workaround"""
9296 addr
, bssid
, hapd
= wps_start_ext(apdev
[0], dev
[0], pin
=pin
)
9297 wps_ext_eap_identity_req(dev
[0], hapd
, bssid
)
9298 wps_ext_eap_identity_resp(hapd
, dev
[0], addr
)
9300 logger
.debug("Receive WSC/Start from AP")
9301 msg
= get_wsc_msg(hapd
)
9302 if msg
['wsc_opcode'] != WSC_Start
:
9303 raise Exception("Unexpected Op-Code for WSC/Start")
9305 mac_addr
= binascii
.unhexlify(dev
[0].own_addr().replace(':', ''))
9307 e_nonce
= 16*b
'\x22'
9308 own_private
, e_pk
= wsc_dh_init()
9310 logger
.debug("Send M1 to AP")
9311 m1
, raw_m1_attrs
= build_m1(msg
['eap_identifier'], uuid_e
, mac_addr
,
9312 e_nonce
, e_pk
, manufacturer
='Apple TEST',
9313 model_name
='AirPort', config_methods
=b
'\xff\xff')
9314 send_wsc_msg(hapd
, addr
, m1
)
9316 logger
.debug("Receive M2 from AP")
9317 msg
, m2_attrs
, raw_m2_attrs
= recv_wsc_msg(hapd
, WSC_MSG
, WPS_M2
)
9320 def test_ap_wps_disable_enable(dev
, apdev
):
9321 """WPS and DISABLE/ENABLE AP"""
9322 hapd
= wps_start_ap(apdev
[0])
9325 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9327 def test_ap_wps_upnp_web_oom(dev
, apdev
, params
):
9328 """hostapd WPS UPnP web OOM"""
9329 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9330 hapd
= add_ssdp_ap(apdev
[0], ap_uuid
)
9332 location
= ssdp_get_location(ap_uuid
)
9333 url
= urlparse(location
)
9334 urls
= upnp_get_urls(location
)
9335 eventurl
= urlparse(urls
['event_sub_url'])
9336 ctrlurl
= urlparse(urls
['control_url'])
9338 conn
= HTTPConnection(url
.netloc
)
9339 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9340 conn
.request("GET", "/wps_device.xml")
9342 resp
= conn
.getresponse()
9346 conn
= HTTPConnection(url
.netloc
)
9347 conn
.request("GET", "/unknown")
9348 resp
= conn
.getresponse()
9349 if resp
.status
!= 404:
9350 raise Exception("Unexpected HTTP result for unknown URL: %d" + resp
.status
)
9352 with
alloc_fail(hapd
, 1, "web_connection_parse_get"):
9353 conn
.request("GET", "/unknown")
9355 resp
= conn
.getresponse()
9360 conn
= HTTPConnection(url
.netloc
)
9361 conn
.request("GET", "/wps_device.xml")
9362 resp
= conn
.getresponse()
9363 if resp
.status
!= 200:
9364 raise Exception("GET /wps_device.xml failed")
9366 conn
= HTTPConnection(url
.netloc
)
9367 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9368 if resp
.status
!= 200:
9369 raise Exception("GetDeviceInfo failed")
9371 with
alloc_fail(hapd
, 1, "web_process_get_device_info"):
9372 conn
= HTTPConnection(url
.netloc
)
9373 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9374 if resp
.status
!= 500:
9375 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9377 with
alloc_fail(hapd
, 1, "wps_build_m1;web_process_get_device_info"):
9378 conn
= HTTPConnection(url
.netloc
)
9379 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9380 if resp
.status
!= 500:
9381 raise Exception("Internal error not reported from GetDeviceInfo OOM")
9383 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_send_reply"):
9384 conn
= HTTPConnection(url
.netloc
)
9386 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9390 conn
= HTTPConnection(url
.netloc
)
9391 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "GetDeviceInfo")
9392 if resp
.status
!= 200:
9393 raise Exception("GetDeviceInfo failed")
9395 # No NewWLANEventType in PutWLANResponse NewMessage
9396 conn
= HTTPConnection(url
.netloc
)
9397 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse", newmsg
="foo")
9398 if resp
.status
!= 600:
9399 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9401 # No NewWLANEventMAC in PutWLANResponse NewMessage
9402 conn
= HTTPConnection(url
.netloc
)
9403 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9404 newmsg
="foo", neweventtype
="1")
9405 if resp
.status
!= 600:
9406 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9408 # Invalid NewWLANEventMAC in PutWLANResponse NewMessage
9409 conn
= HTTPConnection(url
.netloc
)
9410 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9411 newmsg
="foo", neweventtype
="1",
9413 if resp
.status
!= 600:
9414 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9416 # Workaround for NewWLANEventMAC in PutWLANResponse NewMessage
9417 # Ignored unexpected PutWLANResponse WLANEventType 1
9418 conn
= HTTPConnection(url
.netloc
)
9419 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9420 newmsg
="foo", neweventtype
="1",
9421 neweventmac
="00.11.22.33.44.55")
9422 if resp
.status
!= 500:
9423 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9425 # PutWLANResponse NewMessage with invalid EAP message
9426 conn
= HTTPConnection(url
.netloc
)
9427 resp
= upnp_soap_action(conn
, ctrlurl
.path
, "PutWLANResponse",
9428 newmsg
="foo", neweventtype
="2",
9429 neweventmac
="00:11:22:33:44:55")
9430 if resp
.status
!= 200:
9431 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9433 with
alloc_fail(hapd
, 1, "web_connection_parse_subscribe"):
9434 conn
= HTTPConnection(url
.netloc
)
9435 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9437 "timeout": "Second-1234"}
9438 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9440 resp
= conn
.getresponse()
9444 with
alloc_fail(hapd
, 1, "dup_binstr;web_connection_parse_subscribe"):
9445 conn
= HTTPConnection(url
.netloc
)
9446 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9448 "timeout": "Second-1234"}
9449 conn
.request("SUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9450 resp
= conn
.getresponse()
9451 if resp
.status
!= 500:
9452 raise Exception("Unexpected HTTP response: %d" % resp
.status
)
9454 with
alloc_fail(hapd
, 1, "wpabuf_alloc;web_connection_parse_unsubscribe"):
9455 conn
= HTTPConnection(url
.netloc
)
9456 headers
= {"callback": '<http://127.0.0.1:12345/event>',
9458 "timeout": "Second-1234"}
9459 conn
.request("UNSUBSCRIBE", eventurl
.path
, "\r\n\r\n", headers
)
9461 resp
= conn
.getresponse()
9465 with
alloc_fail(hapd
, 1, "web_connection_unimplemented"):
9466 conn
= HTTPConnection(url
.netloc
)
9467 conn
.request("HEAD", "/wps_device.xml")
9469 resp
= conn
.getresponse()
9473 def test_ap_wps_frag_ack_oom(dev
, apdev
):
9474 """WPS and fragment ack OOM"""
9475 dev
[0].request("SET wps_fragment_size 50")
9476 hapd
= wps_start_ap(apdev
[0])
9477 with
alloc_fail(hapd
, 1, "eap_wsc_build_frag_ack"):
9478 wps_run_pbc_fail_ap(apdev
[0], dev
[0], hapd
)
9480 def wait_scan_stopped(dev
):
9481 dev
.request("ABORT_SCAN")
9483 res
= dev
.get_driver_status_field("scan_state")
9484 if "SCAN_STARTED" not in res
and "SCAN_REQUESTED" not in res
:
9486 logger
.debug("Waiting for scan to complete")
9490 def test_ap_wps_eap_wsc_errors(dev
, apdev
):
9491 """WPS and EAP-WSC error cases"""
9492 ssid
= "test-wps-conf-pin"
9494 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9495 "wpa_passphrase": "12345678", "wpa": "2",
9496 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9497 "fragment_size": "300", "ap_pin": appin
}
9498 hapd
= hostapd
.add_ap(apdev
[0], params
)
9499 bssid
= apdev
[0]['bssid']
9501 pin
= dev
[0].wps_read_pin()
9502 hapd
.request("WPS_PIN any " + pin
)
9503 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9504 dev
[0].dump_monitor()
9506 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK", "CCMP",
9507 "new passphrase", no_wait
=True)
9508 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9510 raise Exception("WPS-FAIL not reported")
9511 dev
[0].request("WPS_CANCEL")
9512 dev
[0].wait_disconnected()
9513 wait_scan_stopped(dev
[0])
9514 dev
[0].dump_monitor()
9516 dev
[0].wps_reg(bssid
, appin
, "new ssid", "FOO", "CCMP",
9517 "new passphrase", no_wait
=True)
9518 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9520 raise Exception("WPS-FAIL not reported")
9521 dev
[0].request("WPS_CANCEL")
9522 dev
[0].wait_disconnected()
9523 wait_scan_stopped(dev
[0])
9524 dev
[0].dump_monitor()
9526 dev
[0].wps_reg(bssid
, appin
, "new ssid", "WPA2PSK", "FOO",
9527 "new passphrase", no_wait
=True)
9528 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9530 raise Exception("WPS-FAIL not reported")
9531 dev
[0].request("WPS_CANCEL")
9532 dev
[0].wait_disconnected()
9533 wait_scan_stopped(dev
[0])
9534 dev
[0].dump_monitor()
9536 dev
[0].wps_reg(bssid
, appin
+ "new_key=a", "new ssid", "WPA2PSK", "CCMP",
9537 "new passphrase", no_wait
=True)
9538 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=10)
9540 raise Exception("WPS-FAIL not reported")
9541 dev
[0].request("WPS_CANCEL")
9542 dev
[0].wait_disconnected()
9543 wait_scan_stopped(dev
[0])
9544 dev
[0].dump_monitor()
9546 tests
= ["eap_wsc_init",
9547 "eap_msg_alloc;eap_wsc_build_msg",
9548 "wpabuf_alloc;eap_wsc_process_fragment"]
9550 with
alloc_fail(dev
[0], 1, func
):
9551 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9552 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9553 dev
[0].request("WPS_CANCEL")
9554 dev
[0].wait_disconnected()
9555 wait_scan_stopped(dev
[0])
9556 dev
[0].dump_monitor()
9558 tests
= [(1, "wps_decrypt_encr_settings"),
9559 (2, "hmac_sha256;wps_derive_psk")]
9560 for count
, func
in tests
:
9561 hapd
.request("WPS_PIN any " + pin
)
9562 with
fail_test(dev
[0], count
, func
):
9563 dev
[0].request("WPS_PIN %s %s" % (bssid
, pin
))
9564 wait_fail_trigger(dev
[0], "GET_FAIL")
9565 dev
[0].request("WPS_CANCEL")
9566 dev
[0].wait_disconnected()
9567 wait_scan_stopped(dev
[0])
9568 dev
[0].dump_monitor()
9570 with
alloc_fail(dev
[0], 1, "eap_msg_alloc;eap_sm_build_expanded_nak"):
9571 dev
[0].wps_reg(bssid
, appin
+ " new_ssid=a", "new ssid", "WPA2PSK",
9572 "CCMP", "new passphrase", no_wait
=True)
9573 wait_fail_trigger(dev
[0], "GET_ALLOC_FAIL")
9574 dev
[0].request("WPS_CANCEL")
9575 dev
[0].wait_disconnected()
9576 wait_scan_stopped(dev
[0])
9577 dev
[0].dump_monitor()
9579 def test_ap_wps_eap_wsc(dev
, apdev
):
9580 """WPS and EAP-WSC in network profile"""
9581 params
= int_eap_server_params()
9582 params
["wps_state"] = "2"
9583 hapd
= hostapd
.add_ap(apdev
[0], params
)
9584 bssid
= apdev
[0]['bssid']
9586 logger
.info("Unexpected identity")
9587 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9588 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-unexpected",
9590 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9592 raise Exception("No EAP-Failure seen")
9593 dev
[0].request("REMOVE_NETWORK all")
9594 dev
[0].wait_disconnected()
9596 logger
.info("No phase1 parameter")
9597 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9598 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9600 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9602 raise Exception("Timeout on EAP method start")
9603 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9605 raise Exception("No EAP-Failure seen")
9606 dev
[0].request("REMOVE_NETWORK all")
9607 dev
[0].wait_disconnected()
9609 logger
.info("No PIN/PBC in phase1")
9610 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9611 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9612 phase1
="foo", wait_connect
=False)
9613 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9615 raise Exception("Timeout on EAP method start")
9616 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9618 raise Exception("No EAP-Failure seen")
9619 dev
[0].request("REMOVE_NETWORK all")
9620 dev
[0].wait_disconnected()
9622 logger
.info("Invalid pkhash in phase1")
9623 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9624 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9625 phase1
="foo pkhash=q pbc=1", wait_connect
=False)
9626 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9628 raise Exception("Timeout on EAP method start")
9629 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9631 raise Exception("No EAP-Failure seen")
9632 dev
[0].request("REMOVE_NETWORK all")
9633 dev
[0].wait_disconnected()
9635 logger
.info("Zero fragment_size")
9636 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9637 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9638 fragment_size
="0", phase1
="pin=12345670", wait_connect
=False)
9639 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9641 raise Exception("Timeout on EAP method start")
9642 ev
= dev
[0].wait_event(["WPS-M2D"], timeout
=5)
9644 raise Exception("No M2D seen")
9645 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9647 raise Exception("No EAP-Failure seen")
9648 dev
[0].request("REMOVE_NETWORK all")
9649 dev
[0].wait_disconnected()
9651 logger
.info("Missing new_auth")
9652 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9653 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9654 phase1
="pin=12345670 new_ssid=aa", wait_connect
=False)
9655 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9657 raise Exception("Timeout on EAP method start")
9658 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9660 raise Exception("No EAP-Failure seen")
9661 dev
[0].request("REMOVE_NETWORK all")
9662 dev
[0].wait_disconnected()
9664 logger
.info("Missing new_encr")
9665 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9666 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9667 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa", wait_connect
=False)
9668 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9670 raise Exception("Timeout on EAP method start")
9671 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9673 raise Exception("No EAP-Failure seen")
9674 dev
[0].request("REMOVE_NETWORK all")
9675 dev
[0].wait_disconnected()
9677 logger
.info("Missing new_key")
9678 dev
[0].connect("test-wpa2-eap", key_mgmt
="WPA-EAP", scan_freq
="2412",
9679 eap
="WSC", identity
="WFA-SimpleConfig-Enrollee-1-0",
9680 phase1
="pin=12345670 new_auth=WPA2PSK new_ssid=aa new_encr=CCMP",
9682 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-PROPOSED-METHOD"], timeout
=5)
9684 raise Exception("Timeout on EAP method start")
9685 ev
= dev
[0].wait_event(["CTRL-EVENT-EAP-FAILURE"], timeout
=5)
9687 raise Exception("No EAP-Failure seen")
9688 dev
[0].request("REMOVE_NETWORK all")
9689 dev
[0].wait_disconnected()
9691 def test_ap_wps_and_bss_limit(dev
, apdev
):
9692 """WPS and wpa_supplicant BSS entry limit"""
9694 _test_ap_wps_and_bss_limit(dev
, apdev
)
9696 dev
[0].request("SET bss_max_count 200")
9699 def _test_ap_wps_and_bss_limit(dev
, apdev
):
9700 params
= {"ssid": "test-wps", "eap_server": "1", "wps_state": "2",
9701 "wpa_passphrase": "12345678", "wpa": "2",
9702 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9703 hapd
= hostapd
.add_ap(apdev
[0], params
)
9705 params
= {"ssid": "test-wps-2", "eap_server": "1", "wps_state": "2",
9706 "wpa_passphrase": "1234567890", "wpa": "2",
9707 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"}
9708 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9710 id = dev
[1].add_network()
9711 dev
[1].set_network(id, "mode", "2")
9712 dev
[1].set_network_quoted(id, "ssid", "wpas-ap-no-wps")
9713 dev
[1].set_network_quoted(id, "psk", "12345678")
9714 dev
[1].set_network(id, "frequency", "2462")
9715 dev
[1].set_network(id, "scan_freq", "2462")
9716 dev
[1].set_network(id, "wps_disabled", "1")
9717 dev
[1].select_network(id)
9719 id = dev
[2].add_network()
9720 dev
[2].set_network(id, "mode", "2")
9721 dev
[2].set_network_quoted(id, "ssid", "wpas-ap")
9722 dev
[2].set_network_quoted(id, "psk", "12345678")
9723 dev
[2].set_network(id, "frequency", "2437")
9724 dev
[2].set_network(id, "scan_freq", "2437")
9725 dev
[2].select_network(id)
9727 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9728 wpas
.interface_add("wlan5")
9729 id = wpas
.add_network()
9730 wpas
.set_network(id, "mode", "2")
9731 wpas
.set_network_quoted(id, "ssid", "wpas-ap")
9732 wpas
.set_network_quoted(id, "psk", "12345678")
9733 wpas
.set_network(id, "frequency", "2437")
9734 wpas
.set_network(id, "scan_freq", "2437")
9735 wpas
.select_network(id)
9737 dev
[1].wait_connected()
9738 dev
[2].wait_connected()
9739 wpas
.wait_connected()
9740 wpas
.request("WPS_PIN any 12345670")
9742 hapd
.request("WPS_PBC")
9743 hapd2
.request("WPS_PBC")
9745 dev
[0].request("SET bss_max_count 1")
9747 id = dev
[0].add_network()
9748 dev
[0].set_network_quoted(id, "ssid", "testing")
9750 id = dev
[0].add_network()
9751 dev
[0].set_network_quoted(id, "ssid", "testing")
9752 dev
[0].set_network(id, "key_mgmt", "WPS")
9754 dev
[0].request("WPS_PBC")
9755 ev
= dev
[0].wait_event(["CTRL-EVENT-SCAN-RESULTS"], timeout
=10)
9756 dev
[0].request("WPS_CANCEL")
9758 id = dev
[0].add_network()
9759 dev
[0].set_network_quoted(id, "ssid", "testing")
9760 dev
[0].set_network(id, "key_mgmt", "WPS")
9762 dev
[0].scan(freq
="2412")
9764 def test_ap_wps_pbc_2ap(dev
, apdev
):
9765 """WPS PBC with two APs advertising same SSID"""
9766 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9767 "wpa_passphrase": "12345678", "wpa": "2",
9768 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9769 "wps_independent": "1"}
9770 hapd
= hostapd
.add_ap(apdev
[0], params
)
9771 params
= {"ssid": "wps", "eap_server": "1", "wps_state": "2",
9772 "wpa_passphrase": "123456789", "wpa": "2",
9773 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9774 "wps_independent": "1"}
9775 hapd2
= hostapd
.add_ap(apdev
[1], params
)
9776 hapd
.request("WPS_PBC")
9778 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
9779 wpas
.interface_add("wlan5", drv_params
="force_connect_cmd=1")
9781 wpas
.flush_scan_cache()
9783 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
9784 wpas
.scan_for_bss(apdev
[1]['bssid'], freq
="2412")
9785 wpas
.request("WPS_PBC")
9786 wpas
.wait_connected()
9787 wpas
.request("DISCONNECT")
9788 hapd
.request("DISABLE")
9789 hapd2
.request("DISABLE")
9790 wpas
.flush_scan_cache()
9792 def test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9793 """WPS ER enrolling a new device to a configured AP"""
9795 _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
)
9797 dev
[0].request("WPS_ER_STOP")
9799 def _test_ap_wps_er_enrollee_to_conf_ap(dev
, apdev
):
9800 ssid
= "wps-er-enrollee-to-conf-ap"
9802 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9803 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9804 "wpa_passphrase": "12345678", "wpa": "2",
9805 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9806 "device_name": "Wireless AP", "manufacturer": "Company",
9807 "model_name": "WAP", "model_number": "123",
9808 "serial_number": "12345", "device_type": "6-0050F204-1",
9809 "os_version": "01020300",
9810 "config_methods": "label push_button",
9811 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9812 hapd
= hostapd
.add_ap(apdev
[0], params
)
9813 bssid
= hapd
.own_addr()
9815 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9816 dev
[0].dump_monitor()
9818 dev
[0].request("WPS_ER_START ifname=lo")
9819 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9821 raise Exception("AP discovery timed out")
9822 if ap_uuid
not in ev
:
9823 raise Exception("Expected AP UUID not found")
9825 pin
= dev
[2].wps_read_pin()
9826 addr2
= dev
[2].own_addr()
9827 dev
[0].dump_monitor()
9828 dev
[2].scan_for_bss(bssid
, freq
=2412)
9829 dev
[2].dump_monitor()
9830 dev
[2].request("WPS_PIN %s %s" % (bssid
, pin
))
9833 ev
= dev
[0].wait_event(["WPS-ER-ENROLLEE-ADD"], timeout
=10)
9835 raise Exception("Enrollee not seen")
9839 raise Exception("Unexpected Enrollee MAC address")
9840 dev
[0].dump_monitor()
9842 dev
[0].request("WPS_ER_SET_CONFIG " + ap_uuid
+ " " + str(id))
9843 dev
[0].request("WPS_ER_PIN " + addr2
+ " " + pin
+ " " + addr2
)
9844 dev
[2].wait_connected(timeout
=30)
9845 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9847 raise Exception("WPS ER did not report success")
9849 def test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9850 """WPS ER enrolling a new device to a configured AP (2)"""
9852 _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
)
9854 dev
[0].request("WPS_ER_STOP")
9856 def _test_ap_wps_er_enrollee_to_conf_ap2(dev
, apdev
):
9857 ssid
= "wps-er-enrollee-to-conf-ap"
9859 ap_uuid
= "27ea801a-9e5c-4e73-bd82-f89cbcd10d7e"
9860 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9861 "wpa_passphrase": "12345678", "wpa": "2",
9862 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9863 "device_name": "Wireless AP", "manufacturer": "Company",
9864 "model_name": "WAP", "model_number": "123",
9865 "serial_number": "12345", "device_type": "6-0050F204-1",
9866 "os_version": "01020300",
9867 "config_methods": "label push_button",
9868 "ap_pin": ap_pin
, "uuid": ap_uuid
, "upnp_iface": "lo"}
9869 hapd
= hostapd
.add_ap(apdev
[0], params
)
9870 bssid
= hapd
.own_addr()
9872 id = dev
[0].connect(ssid
, psk
="12345678", scan_freq
="2412")
9873 dev
[0].dump_monitor()
9875 dev
[0].request("WPS_ER_START ifname=lo")
9876 ev
= dev
[0].wait_event(["WPS-ER-AP-ADD"], timeout
=15)
9878 raise Exception("AP discovery timed out")
9879 if ap_uuid
not in ev
:
9880 raise Exception("Expected AP UUID not found")
9882 dev
[0].request("WPS_ER_LEARN " + ap_uuid
+ " " + ap_pin
)
9883 ev
= dev
[0].wait_event(["WPS-ER-AP-SETTINGS"], timeout
=15)
9885 raise Exception("AP learn timed out")
9886 if ap_uuid
not in ev
:
9887 raise Exception("Expected AP UUID not in settings")
9888 ev
= dev
[0].wait_event(["WPS-FAIL"], timeout
=15)
9890 raise Exception("WPS-FAIL after AP learn timed out")
9893 pin
= dev
[1].wps_read_pin()
9894 addr1
= dev
[1].own_addr()
9895 dev
[0].dump_monitor()
9896 dev
[0].request("WPS_ER_PIN any " + pin
)
9898 dev
[1].scan_for_bss(bssid
, freq
=2412)
9899 dev
[1].request("WPS_PIN any %s" % pin
)
9900 ev
= dev
[1].wait_event(["WPS-SUCCESS"], timeout
=30)
9902 raise Exception("Enrollee did not report success")
9903 dev
[1].wait_connected(timeout
=15)
9904 ev
= dev
[0].wait_event(["WPS-SUCCESS"], timeout
=15)
9906 raise Exception("WPS ER did not report success")
9908 def test_ap_wps_ignore_broadcast_ssid(dev
, apdev
):
9909 """WPS AP trying to ignore broadcast SSID"""
9911 hapd
= hostapd
.add_ap(apdev
[0],
9912 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9913 "ignore_broadcast_ssid": "1"})
9914 if "FAIL" not in hapd
.request("WPS_PBC"):
9915 raise Exception("WPS unexpectedly enabled")
9917 def test_ap_wps_wep(dev
, apdev
):
9918 """WPS AP trying to enable WEP"""
9920 hapd
= hostapd
.add_ap(apdev
[0],
9921 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9922 "ieee80211n": "0", "wep_key0": '"hello"'})
9923 if "FAIL" not in hapd
.request("WPS_PBC"):
9924 raise Exception("WPS unexpectedly enabled")
9926 def test_ap_wps_tkip(dev
, apdev
):
9927 """WPS AP trying to enable TKIP"""
9929 hapd
= hostapd
.add_ap(apdev
[0],
9930 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
9931 "ieee80211n": "0", "wpa": '1',
9932 "wpa_key_mgmt": "WPA-PSK",
9933 "wpa_passphrase": "12345678"})
9934 if "FAIL" not in hapd
.request("WPS_PBC"):
9935 raise Exception("WPS unexpectedly enabled")
9937 def test_ap_wps_conf_dummy_cred(dev
, apdev
):
9938 """WPS PIN provisioning with configured AP using dummy cred"""
9939 ssid
= "test-wps-conf"
9940 hapd
= hostapd
.add_ap(apdev
[0],
9941 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9942 "wpa_passphrase": "12345678", "wpa": "2",
9943 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
9944 hapd
.request("WPS_PIN any 12345670")
9945 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
9946 dev
[0].dump_monitor()
9948 hapd
.set("wps_testing_dummy_cred", "1")
9949 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " 12345670")
9950 for i
in range(1, 3):
9951 ev
= dev
[0].wait_event(["WPS-CRED-RECEIVED"], timeout
=15)
9953 raise Exception("WPS credential %d not received" % i
)
9954 dev
[0].wait_connected(timeout
=30)
9956 hapd
.set("wps_testing_dummy_cred", "0")
9958 def test_ap_wps_rf_bands(dev
, apdev
):
9959 """WPS and wps_rf_bands configuration"""
9960 ssid
= "test-wps-conf"
9961 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9962 "wpa_passphrase": "12345678", "wpa": "2",
9963 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9964 "wps_rf_bands": "ag"}
9966 hapd
= hostapd
.add_ap(apdev
[0], params
)
9967 bssid
= hapd
.own_addr()
9968 hapd
.request("WPS_PBC")
9969 dev
[0].scan_for_bss(bssid
, freq
="2412")
9970 dev
[0].dump_monitor()
9971 dev
[0].request("WPS_PBC " + bssid
)
9972 dev
[0].wait_connected(timeout
=30)
9973 bss
= dev
[0].get_bss(bssid
)
9974 logger
.info("BSS: " + str(bss
))
9975 if "103c000103" not in bss
['ie']:
9976 raise Exception("RF Bands attribute with expected values not found")
9977 dev
[0].request("DISCONNECT")
9978 dev
[0].wait_disconnected()
9979 hapd
.set("wps_rf_bands", "ad")
9980 hapd
.set("wps_rf_bands", "a")
9981 hapd
.set("wps_rf_bands", "g")
9982 hapd
.set("wps_rf_bands", "b")
9983 hapd
.set("wps_rf_bands", "ga")
9985 dev
[0].dump_monitor()
9986 dev
[0].flush_scan_cache()
9988 def test_ap_wps_pbc_in_m1(dev
, apdev
):
9989 """WPS and pbc_in_m1"""
9990 ssid
= "test-wps-conf"
9991 params
= {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
9992 "wpa_passphrase": "12345678", "wpa": "2",
9993 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP",
9994 "config_methods": "virtual_push_button virtual_display",
9997 hapd
= hostapd
.add_ap(apdev
[0], params
)
9998 bssid
= hapd
.own_addr()
9999 hapd
.request("WPS_PBC")
10000 dev
[0].scan_for_bss(bssid
, freq
="2412")
10001 dev
[0].dump_monitor()
10002 dev
[0].request("WPS_PBC " + bssid
)
10003 dev
[0].wait_connected(timeout
=30)
10004 dev
[0].request("DISCONNECT")
10005 dev
[0].wait_disconnected()
10007 dev
[0].dump_monitor()
10008 dev
[0].flush_scan_cache()
10010 def test_ap_wps_pbc_mac_addr_change(dev
, apdev
, params
):
10011 """WPS M1 with MAC address change"""
10012 ssid
= "test-wps-mac-addr-change"
10013 hapd
= hostapd
.add_ap(apdev
[0],
10014 {"ssid": ssid
, "eap_server": "1", "wps_state": "1"})
10015 hapd
.request("WPS_PBC")
10016 if "PBC Status: Active" not in hapd
.request("WPS_GET_STATUS"):
10017 raise Exception("PBC status not shown correctly")
10018 dev
[0].flush_scan_cache()
10020 test_addr
= '02:11:22:33:44:55'
10021 addr
= dev
[0].get_status_field("address")
10022 if addr
== test_addr
:
10023 raise Exception("Unexpected initial MAC address")
10026 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'down'])
10027 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'address',
10029 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'up'])
10030 addr1
= dev
[0].get_status_field("address")
10031 if addr1
!= test_addr
:
10032 raise Exception("Failed to change MAC address")
10034 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10035 dev
[0].request("WPS_PBC " + apdev
[0]['bssid'])
10036 dev
[0].wait_connected(timeout
=30)
10037 status
= dev
[0].get_status()
10038 if status
['wpa_state'] != 'COMPLETED' or \
10039 status
['bssid'] != apdev
[0]['bssid']:
10040 raise Exception("Not fully connected")
10042 out
= run_tshark(os
.path
.join(params
['logdir'], "hwsim0.pcapng"),
10043 "wps.message_type == 0x04",
10044 display
=["wps.mac_address"])
10045 res
= out
.splitlines()
10048 raise Exception("No M1 message with MAC address found")
10049 if res
[0] != addr1
:
10050 raise Exception("Wrong M1 MAC address")
10051 dev
[0].request("DISCONNECT")
10052 dev
[0].wait_disconnected()
10054 dev
[0].dump_monitor()
10055 dev
[0].flush_scan_cache()
10057 # Restore MAC address
10058 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'down'])
10059 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'address',
10061 subprocess
.call(['ip', 'link', 'set', 'dev', dev
[0].ifname
, 'up'])
10063 def test_ap_wps_pin_start_failure(dev
, apdev
):
10064 """WPS_PIN start failure"""
10065 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
10066 if "FAIL" not in dev
[0].request("WPS_PIN any 12345670"):
10067 raise Exception("WPS_PIN not rejected during OOM")
10068 with
alloc_fail(dev
[0], 1, "wpas_wps_start_dev_pw"):
10069 if "FAIL" not in dev
[0].request("WPS_PIN any"):
10070 raise Exception("WPS_PIN not rejected during OOM")
10072 def test_ap_wps_ap_pin_failure(dev
, apdev
):
10073 """WPS_AP_PIN failure"""
10074 id = dev
[0].add_network()
10075 dev
[0].set_network(id, "mode", "2")
10076 dev
[0].set_network_quoted(id, "ssid", "wpas-ap-wps")
10077 dev
[0].set_network_quoted(id, "psk", "1234567890")
10078 dev
[0].set_network(id, "frequency", "2412")
10079 dev
[0].set_network(id, "scan_freq", "2412")
10080 dev
[0].select_network(id)
10081 dev
[0].wait_connected()
10083 with
fail_test(dev
[0], 1,
10084 "os_get_random;wpa_supplicant_ctrl_iface_wps_ap_pin"):
10085 if "FAIL" not in dev
[0].request("WPS_AP_PIN random"):
10086 raise Exception("WPS_AP_PIN random accepted")
10087 with
alloc_fail(dev
[0], 1, "wpas_wps_ap_pin_set"):
10088 if "FAIL" not in dev
[0].request("WPS_AP_PIN set 12345670"):
10089 raise Exception("WPS_AP_PIN set accepted")
10091 dev
[0].request("DISCONNECT")
10092 dev
[0].wait_disconnected()
10094 def test_ap_wps_random_uuid(dev
, apdev
, params
):
10095 """WPS and random UUID on Enrollee"""
10096 ssid
= "test-wps-conf"
10097 hapd
= hostapd
.add_ap(apdev
[0],
10098 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10099 "wpa_passphrase": "12345678", "wpa": "2",
10100 "wpa_key_mgmt": "WPA-PSK", "rsn_pairwise": "CCMP"})
10102 config
= os
.path
.join(params
['logdir'], 'ap_wps_random_uuid.conf')
10103 with
open(config
, "w") as f
:
10104 f
.write("auto_uuid=1\n")
10106 wpas
= WpaSupplicant(global_iface
='/tmp/wpas-wlan5')
10110 wpas
.interface_add("wlan5", config
=config
)
10112 wpas
.scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10113 wpas
.dump_monitor()
10114 wpas
.request("WPS_PBC " + apdev
[0]['bssid'])
10116 ev
= hapd
.wait_event(["WPS-ENROLLEE-SEEN"], timeout
=10)
10118 raise Exception("Enrollee not seen")
10119 uuid
.append(ev
.split(' ')[2])
10120 wpas
.request("WPS_CANCEL")
10121 wpas
.dump_monitor()
10123 wpas
.interface_remove("wlan5")
10125 hapd
.dump_monitor()
10127 logger
.info("Seen UUIDs: " + str(uuid
))
10128 if uuid
[0] == uuid
[1] or uuid
[0] == uuid
[2] or uuid
[1] == uuid
[2]:
10129 raise Exception("Same UUID used multiple times")
10131 def test_ap_wps_conf_pin_gcmp_128(dev
, apdev
):
10132 """WPS PIN provisioning with configured AP using GCMP-128"""
10133 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP")
10135 def test_ap_wps_conf_pin_gcmp_256(dev
, apdev
):
10136 """WPS PIN provisioning with configured AP using GCMP-256"""
10137 run_ap_wps_conf_pin_cipher(dev
, apdev
, "GCMP-256")
10139 def test_ap_wps_conf_pin_ccmp_256(dev
, apdev
):
10140 """WPS PIN provisioning with configured AP using CCMP-256"""
10141 run_ap_wps_conf_pin_cipher(dev
, apdev
, "CCMP-256")
10143 def run_ap_wps_conf_pin_cipher(dev
, apdev
, cipher
):
10144 if cipher
not in dev
[0].get_capability("pairwise"):
10145 raise HwsimSkip("Cipher %s not supported" % cipher
)
10146 ssid
= "test-wps-conf-pin"
10147 hapd
= hostapd
.add_ap(apdev
[0],
10148 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10149 "wpa_passphrase": "12345678", "wpa": "2",
10150 "wpa_key_mgmt": "WPA-PSK",
10151 "rsn_pairwise": cipher
})
10152 logger
.info("WPS provisioning step")
10153 pin
= dev
[0].wps_read_pin()
10154 hapd
.request("WPS_PIN any " + pin
)
10155 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10156 dev
[0].request("WPS_PIN %s %s" % (apdev
[0]['bssid'], pin
))
10157 dev
[0].wait_connected(timeout
=15)
10159 def test_ap_wps_and_sae(dev
, apdev
):
10160 """Initial AP configuration with first WPS Enrollee and adding SAE"""
10162 run_ap_wps_and_sae(dev
, apdev
)
10164 dev
[0].set("wps_cred_add_sae", "0")
10166 def run_ap_wps_and_sae(dev
, apdev
):
10167 ssid
= "test-wps-sae"
10168 hapd
= hostapd
.add_ap(apdev
[0],
10169 {"ssid": ssid
, "eap_server": "1", "wps_state": "1",
10170 "wps_cred_add_sae": "1"})
10171 logger
.info("WPS provisioning step")
10172 pin
= dev
[0].wps_read_pin()
10173 hapd
.request("WPS_PIN any " + pin
)
10175 dev
[0].set("wps_cred_add_sae", "1")
10176 dev
[0].request("SET sae_groups ")
10177 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10178 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10179 dev
[0].wait_connected(timeout
=30)
10180 status
= dev
[0].get_status()
10181 if status
['key_mgmt'] != "SAE":
10182 raise Exception("SAE not used")
10183 if 'pmf' not in status
or status
['pmf'] != "1":
10184 raise Exception("PMF not enabled")
10186 pin
= dev
[1].wps_read_pin()
10187 hapd
.request("WPS_PIN any " + pin
)
10188 dev
[1].scan_for_bss(apdev
[0]['bssid'], freq
="2412", force_scan
=True)
10189 dev
[1].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10190 dev
[1].wait_connected(timeout
=30)
10191 status
= dev
[1].get_status()
10192 if status
['key_mgmt'] != "WPA2-PSK":
10193 raise Exception("WPA2-PSK not used")
10194 if 'pmf' in status
:
10195 raise Exception("PMF enabled")
10197 def test_ap_wps_conf_and_sae(dev
, apdev
):
10198 """WPS PBC provisioning with configured AP using PSK+SAE"""
10200 run_ap_wps_conf_and_sae(dev
, apdev
)
10202 dev
[0].set("wps_cred_add_sae", "0")
10204 def run_ap_wps_conf_and_sae(dev
, apdev
):
10205 ssid
= "test-wps-conf-sae"
10206 hapd
= hostapd
.add_ap(apdev
[0],
10207 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10208 "wpa_passphrase": "12345678", "wpa": "2",
10209 "ieee80211w": "1", "sae_require_mfp": "1",
10210 "wpa_key_mgmt": "WPA-PSK SAE",
10211 "rsn_pairwise": "CCMP"})
10213 dev
[0].set("wps_cred_add_sae", "1")
10214 dev
[0].request("SET sae_groups ")
10215 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
="2412")
10216 pin
= dev
[0].wps_read_pin()
10217 hapd
.request("WPS_PIN any " + pin
)
10218 dev
[0].request("WPS_PIN " + apdev
[0]['bssid'] + " " + pin
)
10219 dev
[0].wait_connected(timeout
=30)
10220 status
= dev
[0].get_status()
10221 if status
['key_mgmt'] != "SAE":
10222 raise Exception("SAE not used")
10223 if 'pmf' not in status
or status
['pmf'] != "1":
10224 raise Exception("PMF not enabled")
10226 dev
[1].connect(ssid
, psk
="12345678", scan_freq
="2412", proto
="WPA2",
10227 key_mgmt
="WPA-PSK", ieee80211w
="0")
10229 def test_ap_wps_reg_config_and_sae(dev
, apdev
):
10230 """WPS registrar configuring an AP using AP PIN and using PSK+SAE"""
10232 run_ap_wps_reg_config_and_sae(dev
, apdev
)
10234 dev
[0].set("wps_cred_add_sae", "0")
10236 def run_ap_wps_reg_config_and_sae(dev
, apdev
):
10237 ssid
= "test-wps-init-ap-pin-sae"
10239 hostapd
.add_ap(apdev
[0],
10240 {"ssid": ssid
, "eap_server": "1", "wps_state": "2",
10241 "ap_pin": appin
, "wps_cred_add_sae": "1"})
10242 logger
.info("WPS configuration step")
10243 dev
[0].flush_scan_cache()
10244 dev
[0].set("wps_cred_add_sae", "1")
10245 dev
[0].request("SET sae_groups ")
10246 dev
[0].scan_for_bss(apdev
[0]['bssid'], freq
=2412)
10247 dev
[0].dump_monitor()
10248 new_ssid
= "wps-new-ssid"
10249 new_passphrase
= "1234567890"
10250 dev
[0].wps_reg(apdev
[0]['bssid'], appin
, new_ssid
, "WPA2PSK", "CCMP",
10252 status
= dev
[0].get_status()
10253 if status
['key_mgmt'] != "SAE":
10254 raise Exception("SAE not used")
10255 if 'pmf' not in status
or status
['pmf'] != "1":
10256 raise Exception("PMF not enabled")
10258 dev
[1].connect(new_ssid
, psk
=new_passphrase
, scan_freq
="2412", proto
="WPA2",
10259 key_mgmt
="WPA-PSK", ieee80211w
="0")